Added tests for chpasswd (PAM variant)
This commit is contained in:
@@ -0,0 +1,48 @@
|
||||
#!/bin/sh
|
||||
|
||||
set -e
|
||||
|
||||
cd $(dirname $0)
|
||||
|
||||
. ../../../common/config.sh
|
||||
. ../../../common/log.sh
|
||||
|
||||
log_start "$0" "chpasswd can display its usage message"
|
||||
|
||||
save_config
|
||||
|
||||
# restore the files on exit
|
||||
trap 'log_status "$0" "FAILURE"; restore_config' 0
|
||||
|
||||
change_config
|
||||
|
||||
echo -n "Get chpasswd usage (chpasswd -h)..."
|
||||
chpasswd -h >tmp/usage.out
|
||||
echo "OK"
|
||||
|
||||
echo "chpasswd reported:"
|
||||
echo "======================================================================="
|
||||
cat tmp/usage.out
|
||||
echo "======================================================================="
|
||||
echo -n "Check the usage message..."
|
||||
diff -au data/usage.out tmp/usage.out
|
||||
echo "usage message OK."
|
||||
rm -f tmp/usage.out
|
||||
|
||||
echo -n "Check the passwd file..."
|
||||
../../../common/compare_file.pl config/etc/passwd /etc/passwd
|
||||
echo "OK"
|
||||
echo -n "Check the group file..."
|
||||
../../../common/compare_file.pl config/etc/group /etc/group
|
||||
echo "OK"
|
||||
echo -n "Check the shadow file..."
|
||||
../../../common/compare_file.pl config/etc/shadow /etc/shadow
|
||||
echo "OK"
|
||||
echo -n "Check the gshadow file..."
|
||||
../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
|
||||
echo "OK"
|
||||
|
||||
log_status "$0" "SUCCESS"
|
||||
restore_config
|
||||
trap '' 0
|
||||
|
||||
@@ -0,0 +1,10 @@
|
||||
# no testsuite password
|
||||
# root password: rootF00barbaz
|
||||
# myuser password: myuserF00barbaz
|
||||
|
||||
user foo, in group users (only in /etc/group)
|
||||
user foo, in group tty (only in /etc/gshadow)
|
||||
user foo, in group floppy
|
||||
user foo, admin of group disk
|
||||
user foo, admin and member of group fax
|
||||
user foo, admin and member of group cdrom (only in /etc/gshadow)
|
||||
@@ -0,0 +1,36 @@
|
||||
# Default values for useradd(8)
|
||||
#
|
||||
# The SHELL variable specifies the default login shell on your
|
||||
# system.
|
||||
# Similar to DHSELL in adduser. However, we use "sh" here because
|
||||
# useradd is a low level utility and should be as general
|
||||
# as possible
|
||||
SHELL=/bin/foobar
|
||||
#
|
||||
# The default group for users
|
||||
# 100=users on Debian systems
|
||||
# Same as USERS_GID in adduser
|
||||
# This argument is used when the -n flag is specified.
|
||||
# The default behavior (when -n and -g are not specified) is to create a
|
||||
# primary user group with the same name as the user being added to the
|
||||
# system.
|
||||
GROUP=10
|
||||
#
|
||||
# The default home directory. Same as DHOME for adduser
|
||||
HOME=/tmp
|
||||
#
|
||||
# The number of days after a password expires until the account
|
||||
# is permanently disabled
|
||||
INACTIVE=12
|
||||
#
|
||||
# The default expire date
|
||||
EXPIRE=2007-12-02
|
||||
#
|
||||
# The SKEL variable specifies the directory containing "skeletal" user
|
||||
# files; in other words, files such as a sample .profile that will be
|
||||
# copied to the new user's home directory when it is created.
|
||||
# SKEL=/etc/skel
|
||||
#
|
||||
# Defines whether the mail spool should be created while
|
||||
# creating the account
|
||||
# CREATE_MAIL_SPOOL=yes
|
||||
@@ -0,0 +1,41 @@
|
||||
root:x:0:
|
||||
daemon:x:1:
|
||||
bin:x:2:
|
||||
sys:x:3:
|
||||
adm:x:4:
|
||||
tty:x:5:
|
||||
disk:x:6:
|
||||
lp:x:7:
|
||||
mail:x:8:
|
||||
news:x:9:
|
||||
uucp:x:10:
|
||||
man:x:12:
|
||||
proxy:x:13:
|
||||
kmem:x:15:
|
||||
dialout:x:20:
|
||||
fax:x:21:
|
||||
voice:x:22:
|
||||
cdrom:x:24:
|
||||
floppy:x:25:
|
||||
tape:x:26:
|
||||
sudo:x:27:
|
||||
audio:x:29:
|
||||
dip:x:30:
|
||||
www-data:x:33:
|
||||
backup:x:34:
|
||||
operator:x:37:
|
||||
list:x:38:
|
||||
irc:x:39:
|
||||
src:x:40:
|
||||
gnats:x:41:
|
||||
shadow:x:42:
|
||||
utmp:x:43:
|
||||
video:x:44:
|
||||
sasl:x:45:
|
||||
plugdev:x:46:
|
||||
staff:x:50:
|
||||
games:x:60:
|
||||
users:x:100:
|
||||
nogroup:x:65534:
|
||||
crontab:x:101:
|
||||
Debian-exim:x:102:
|
||||
@@ -0,0 +1,41 @@
|
||||
root:*::
|
||||
daemon:*::
|
||||
bin:*::
|
||||
sys:*::
|
||||
adm:*::
|
||||
tty:*::
|
||||
disk:*::
|
||||
lp:*::
|
||||
mail:*::
|
||||
news:*::
|
||||
uucp:*::
|
||||
man:*::
|
||||
proxy:*::
|
||||
kmem:*::
|
||||
dialout:*::
|
||||
fax:*::
|
||||
voice:*::
|
||||
cdrom:*::
|
||||
floppy:*::
|
||||
tape:*::
|
||||
sudo:*::
|
||||
audio:*::
|
||||
dip:*::
|
||||
www-data:*::
|
||||
backup:*::
|
||||
operator:*::
|
||||
list:*::
|
||||
irc:*::
|
||||
src:*::
|
||||
gnats:*::
|
||||
shadow:*::
|
||||
utmp:*::
|
||||
video:*::
|
||||
sasl:*::
|
||||
plugdev:*::
|
||||
staff:*::
|
||||
games:*::
|
||||
users:*::
|
||||
nogroup:*::
|
||||
crontab:x::
|
||||
Debian-exim:x::
|
||||
@@ -0,0 +1,19 @@
|
||||
root:x:0:0:root:/root:/bin/bash
|
||||
daemon:x:1:1:daemon:/usr/sbin:/bin/sh
|
||||
bin:x:2:2:bin:/bin:/bin/sh
|
||||
sys:x:3:3:sys:/dev:/bin/sh
|
||||
sync:x:4:65534:sync:/bin:/bin/sync
|
||||
games:x:5:60:games:/usr/games:/bin/sh
|
||||
man:x:6:12:man:/var/cache/man:/bin/sh
|
||||
lp:x:7:7:lp:/var/spool/lpd:/bin/sh
|
||||
mail:x:8:8:mail:/var/mail:/bin/sh
|
||||
news:x:9:9:news:/var/spool/news:/bin/sh
|
||||
uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
|
||||
proxy:x:13:13:proxy:/bin:/bin/sh
|
||||
www-data:x:33:33:www-data:/var/www:/bin/sh
|
||||
backup:x:34:34:backup:/var/backups:/bin/sh
|
||||
list:x:38:38:Mailing List Manager:/var/list:/bin/sh
|
||||
irc:x:39:39:ircd:/var/run/ircd:/bin/sh
|
||||
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
|
||||
nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
|
||||
Debian-exim:x:102:102::/var/spool/exim4:/bin/false
|
||||
@@ -0,0 +1,19 @@
|
||||
root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
|
||||
daemon:*:12977:0:99999:7:::
|
||||
bin:*:12977:0:99999:7:::
|
||||
sys:*:12977:0:99999:7:::
|
||||
sync:*:12977:0:99999:7:::
|
||||
games:*:12977:0:99999:7:::
|
||||
man:*:12977:0:99999:7:::
|
||||
lp:*:12977:0:99999:7:::
|
||||
mail:*:12977:0:99999:7:::
|
||||
news:*:12977:0:99999:7:::
|
||||
uucp:*:12977:0:99999:7:::
|
||||
proxy:*:12977:0:99999:7:::
|
||||
www-data:*:12977:0:99999:7:::
|
||||
backup:*:12977:0:99999:7:::
|
||||
list:*:12977:0:99999:7:::
|
||||
irc:*:12977:0:99999:7:::
|
||||
gnats:*:12977:0:99999:7:::
|
||||
nobody:*:12977:0:99999:7:::
|
||||
Debian-exim:!:12977:0:99999:7:::
|
||||
@@ -0,0 +1,11 @@
|
||||
Usage: chpasswd [options]
|
||||
|
||||
Options:
|
||||
-c, --crypt-method <METHOD> the crypt method (one of NONE DES MD5 SHA256 SHA512)
|
||||
-e, --encrypted supplied passwords are encrypted
|
||||
-h, --help display this help message and exit
|
||||
-m, --md5 encrypt the clear text password using
|
||||
the MD5 algorithm
|
||||
-s, --sha-rounds number of SHA rounds for the SHA*
|
||||
crypt algorithms
|
||||
|
||||
@@ -0,0 +1,54 @@
|
||||
#!/bin/sh
|
||||
|
||||
set -e
|
||||
|
||||
cd $(dirname $0)
|
||||
|
||||
. ../../../common/config.sh
|
||||
. ../../../common/log.sh
|
||||
|
||||
log_start "$0" "chpasswd displays its usage message in case on non recognized option"
|
||||
|
||||
save_config
|
||||
|
||||
# restore the files on exit
|
||||
trap 'log_status "$0" "FAILURE"; restore_config' 0
|
||||
|
||||
change_config
|
||||
|
||||
echo -n "Get chpasswd usage (chpasswd --foo)..."
|
||||
chpasswd --foo 2>tmp/usage.out && exit 1 || {
|
||||
status=$?
|
||||
}
|
||||
echo "OK"
|
||||
|
||||
echo -n "Check returned status ($status)..."
|
||||
test "$status" = "2"
|
||||
echo "OK"
|
||||
|
||||
echo "chpasswd reported:"
|
||||
echo "======================================================================="
|
||||
cat tmp/usage.out
|
||||
echo "======================================================================="
|
||||
echo -n "Check the usage message..."
|
||||
diff -au data/usage.out tmp/usage.out
|
||||
echo "usage message OK."
|
||||
rm -f tmp/usage.out
|
||||
|
||||
echo -n "Check the passwd file..."
|
||||
../../../common/compare_file.pl config/etc/passwd /etc/passwd
|
||||
echo "OK"
|
||||
echo -n "Check the group file..."
|
||||
../../../common/compare_file.pl config/etc/group /etc/group
|
||||
echo "OK"
|
||||
echo -n "Check the shadow file..."
|
||||
../../../common/compare_file.pl config/etc/shadow /etc/shadow
|
||||
echo "OK"
|
||||
echo -n "Check the gshadow file..."
|
||||
../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
|
||||
echo "OK"
|
||||
|
||||
log_status "$0" "SUCCESS"
|
||||
restore_config
|
||||
trap '' 0
|
||||
|
||||
@@ -0,0 +1,10 @@
|
||||
# no testsuite password
|
||||
# root password: rootF00barbaz
|
||||
# myuser password: myuserF00barbaz
|
||||
|
||||
user foo, in group users (only in /etc/group)
|
||||
user foo, in group tty (only in /etc/gshadow)
|
||||
user foo, in group floppy
|
||||
user foo, admin of group disk
|
||||
user foo, admin and member of group fax
|
||||
user foo, admin and member of group cdrom (only in /etc/gshadow)
|
||||
@@ -0,0 +1,36 @@
|
||||
# Default values for useradd(8)
|
||||
#
|
||||
# The SHELL variable specifies the default login shell on your
|
||||
# system.
|
||||
# Similar to DHSELL in adduser. However, we use "sh" here because
|
||||
# useradd is a low level utility and should be as general
|
||||
# as possible
|
||||
SHELL=/bin/foobar
|
||||
#
|
||||
# The default group for users
|
||||
# 100=users on Debian systems
|
||||
# Same as USERS_GID in adduser
|
||||
# This argument is used when the -n flag is specified.
|
||||
# The default behavior (when -n and -g are not specified) is to create a
|
||||
# primary user group with the same name as the user being added to the
|
||||
# system.
|
||||
GROUP=10
|
||||
#
|
||||
# The default home directory. Same as DHOME for adduser
|
||||
HOME=/tmp
|
||||
#
|
||||
# The number of days after a password expires until the account
|
||||
# is permanently disabled
|
||||
INACTIVE=12
|
||||
#
|
||||
# The default expire date
|
||||
EXPIRE=2007-12-02
|
||||
#
|
||||
# The SKEL variable specifies the directory containing "skeletal" user
|
||||
# files; in other words, files such as a sample .profile that will be
|
||||
# copied to the new user's home directory when it is created.
|
||||
# SKEL=/etc/skel
|
||||
#
|
||||
# Defines whether the mail spool should be created while
|
||||
# creating the account
|
||||
# CREATE_MAIL_SPOOL=yes
|
||||
@@ -0,0 +1,41 @@
|
||||
root:x:0:
|
||||
daemon:x:1:
|
||||
bin:x:2:
|
||||
sys:x:3:
|
||||
adm:x:4:
|
||||
tty:x:5:
|
||||
disk:x:6:
|
||||
lp:x:7:
|
||||
mail:x:8:
|
||||
news:x:9:
|
||||
uucp:x:10:
|
||||
man:x:12:
|
||||
proxy:x:13:
|
||||
kmem:x:15:
|
||||
dialout:x:20:
|
||||
fax:x:21:
|
||||
voice:x:22:
|
||||
cdrom:x:24:
|
||||
floppy:x:25:
|
||||
tape:x:26:
|
||||
sudo:x:27:
|
||||
audio:x:29:
|
||||
dip:x:30:
|
||||
www-data:x:33:
|
||||
backup:x:34:
|
||||
operator:x:37:
|
||||
list:x:38:
|
||||
irc:x:39:
|
||||
src:x:40:
|
||||
gnats:x:41:
|
||||
shadow:x:42:
|
||||
utmp:x:43:
|
||||
video:x:44:
|
||||
sasl:x:45:
|
||||
plugdev:x:46:
|
||||
staff:x:50:
|
||||
games:x:60:
|
||||
users:x:100:
|
||||
nogroup:x:65534:
|
||||
crontab:x:101:
|
||||
Debian-exim:x:102:
|
||||
@@ -0,0 +1,41 @@
|
||||
root:*::
|
||||
daemon:*::
|
||||
bin:*::
|
||||
sys:*::
|
||||
adm:*::
|
||||
tty:*::
|
||||
disk:*::
|
||||
lp:*::
|
||||
mail:*::
|
||||
news:*::
|
||||
uucp:*::
|
||||
man:*::
|
||||
proxy:*::
|
||||
kmem:*::
|
||||
dialout:*::
|
||||
fax:*::
|
||||
voice:*::
|
||||
cdrom:*::
|
||||
floppy:*::
|
||||
tape:*::
|
||||
sudo:*::
|
||||
audio:*::
|
||||
dip:*::
|
||||
www-data:*::
|
||||
backup:*::
|
||||
operator:*::
|
||||
list:*::
|
||||
irc:*::
|
||||
src:*::
|
||||
gnats:*::
|
||||
shadow:*::
|
||||
utmp:*::
|
||||
video:*::
|
||||
sasl:*::
|
||||
plugdev:*::
|
||||
staff:*::
|
||||
games:*::
|
||||
users:*::
|
||||
nogroup:*::
|
||||
crontab:x::
|
||||
Debian-exim:x::
|
||||
@@ -0,0 +1,19 @@
|
||||
root:x:0:0:root:/root:/bin/bash
|
||||
daemon:x:1:1:daemon:/usr/sbin:/bin/sh
|
||||
bin:x:2:2:bin:/bin:/bin/sh
|
||||
sys:x:3:3:sys:/dev:/bin/sh
|
||||
sync:x:4:65534:sync:/bin:/bin/sync
|
||||
games:x:5:60:games:/usr/games:/bin/sh
|
||||
man:x:6:12:man:/var/cache/man:/bin/sh
|
||||
lp:x:7:7:lp:/var/spool/lpd:/bin/sh
|
||||
mail:x:8:8:mail:/var/mail:/bin/sh
|
||||
news:x:9:9:news:/var/spool/news:/bin/sh
|
||||
uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
|
||||
proxy:x:13:13:proxy:/bin:/bin/sh
|
||||
www-data:x:33:33:www-data:/var/www:/bin/sh
|
||||
backup:x:34:34:backup:/var/backups:/bin/sh
|
||||
list:x:38:38:Mailing List Manager:/var/list:/bin/sh
|
||||
irc:x:39:39:ircd:/var/run/ircd:/bin/sh
|
||||
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
|
||||
nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
|
||||
Debian-exim:x:102:102::/var/spool/exim4:/bin/false
|
||||
@@ -0,0 +1,19 @@
|
||||
root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
|
||||
daemon:*:12977:0:99999:7:::
|
||||
bin:*:12977:0:99999:7:::
|
||||
sys:*:12977:0:99999:7:::
|
||||
sync:*:12977:0:99999:7:::
|
||||
games:*:12977:0:99999:7:::
|
||||
man:*:12977:0:99999:7:::
|
||||
lp:*:12977:0:99999:7:::
|
||||
mail:*:12977:0:99999:7:::
|
||||
news:*:12977:0:99999:7:::
|
||||
uucp:*:12977:0:99999:7:::
|
||||
proxy:*:12977:0:99999:7:::
|
||||
www-data:*:12977:0:99999:7:::
|
||||
backup:*:12977:0:99999:7:::
|
||||
list:*:12977:0:99999:7:::
|
||||
irc:*:12977:0:99999:7:::
|
||||
gnats:*:12977:0:99999:7:::
|
||||
nobody:*:12977:0:99999:7:::
|
||||
Debian-exim:!:12977:0:99999:7:::
|
||||
@@ -0,0 +1,12 @@
|
||||
chpasswd: unrecognized option '--foo'
|
||||
Usage: chpasswd [options]
|
||||
|
||||
Options:
|
||||
-c, --crypt-method <METHOD> the crypt method (one of NONE DES MD5 SHA256 SHA512)
|
||||
-e, --encrypted supplied passwords are encrypted
|
||||
-h, --help display this help message and exit
|
||||
-m, --md5 encrypt the clear text password using
|
||||
the MD5 algorithm
|
||||
-s, --sha-rounds number of SHA rounds for the SHA*
|
||||
crypt algorithms
|
||||
|
||||
@@ -0,0 +1,54 @@
|
||||
#!/bin/sh
|
||||
|
||||
set -e
|
||||
|
||||
cd $(dirname $0)
|
||||
|
||||
. ../../../common/config.sh
|
||||
. ../../../common/log.sh
|
||||
|
||||
log_start "$0" "chpasswd checks that -e and -m are not provided at the same time"
|
||||
|
||||
save_config
|
||||
|
||||
# restore the files on exit
|
||||
trap 'log_status "$0" "FAILURE"; restore_config' 0
|
||||
|
||||
change_config
|
||||
|
||||
echo -n "Password are encrypted and must use md5 (chpasswd -m -e)..."
|
||||
echo 'nobody:test' | chpasswd -m -e 2>tmp/usage.out && exit 1 || {
|
||||
status=$?
|
||||
}
|
||||
echo "OK"
|
||||
|
||||
echo -n "Check returned status ($status)..."
|
||||
test "$status" = "2"
|
||||
echo "OK"
|
||||
|
||||
echo "chpasswd reported:"
|
||||
echo "======================================================================="
|
||||
cat tmp/usage.out
|
||||
echo "======================================================================="
|
||||
echo -n "Check the usage message..."
|
||||
diff -au data/usage.out tmp/usage.out
|
||||
echo "usage message OK."
|
||||
rm -f tmp/usage.out
|
||||
|
||||
echo -n "Check the passwd file..."
|
||||
../../../common/compare_file.pl config/etc/passwd /etc/passwd
|
||||
echo "OK"
|
||||
echo -n "Check the group file..."
|
||||
../../../common/compare_file.pl config/etc/group /etc/group
|
||||
echo "OK"
|
||||
echo -n "Check the shadow file..."
|
||||
../../../common/compare_file.pl config/etc/shadow /etc/shadow
|
||||
echo "OK"
|
||||
echo -n "Check the gshadow file..."
|
||||
../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
|
||||
echo "OK"
|
||||
|
||||
log_status "$0" "SUCCESS"
|
||||
restore_config
|
||||
trap '' 0
|
||||
|
||||
@@ -0,0 +1,10 @@
|
||||
# no testsuite password
|
||||
# root password: rootF00barbaz
|
||||
# myuser password: myuserF00barbaz
|
||||
|
||||
user foo, in group users (only in /etc/group)
|
||||
user foo, in group tty (only in /etc/gshadow)
|
||||
user foo, in group floppy
|
||||
user foo, admin of group disk
|
||||
user foo, admin and member of group fax
|
||||
user foo, admin and member of group cdrom (only in /etc/gshadow)
|
||||
+36
@@ -0,0 +1,36 @@
|
||||
# Default values for useradd(8)
|
||||
#
|
||||
# The SHELL variable specifies the default login shell on your
|
||||
# system.
|
||||
# Similar to DHSELL in adduser. However, we use "sh" here because
|
||||
# useradd is a low level utility and should be as general
|
||||
# as possible
|
||||
SHELL=/bin/foobar
|
||||
#
|
||||
# The default group for users
|
||||
# 100=users on Debian systems
|
||||
# Same as USERS_GID in adduser
|
||||
# This argument is used when the -n flag is specified.
|
||||
# The default behavior (when -n and -g are not specified) is to create a
|
||||
# primary user group with the same name as the user being added to the
|
||||
# system.
|
||||
GROUP=10
|
||||
#
|
||||
# The default home directory. Same as DHOME for adduser
|
||||
HOME=/tmp
|
||||
#
|
||||
# The number of days after a password expires until the account
|
||||
# is permanently disabled
|
||||
INACTIVE=12
|
||||
#
|
||||
# The default expire date
|
||||
EXPIRE=2007-12-02
|
||||
#
|
||||
# The SKEL variable specifies the directory containing "skeletal" user
|
||||
# files; in other words, files such as a sample .profile that will be
|
||||
# copied to the new user's home directory when it is created.
|
||||
# SKEL=/etc/skel
|
||||
#
|
||||
# Defines whether the mail spool should be created while
|
||||
# creating the account
|
||||
# CREATE_MAIL_SPOOL=yes
|
||||
@@ -0,0 +1,41 @@
|
||||
root:x:0:
|
||||
daemon:x:1:
|
||||
bin:x:2:
|
||||
sys:x:3:
|
||||
adm:x:4:
|
||||
tty:x:5:
|
||||
disk:x:6:
|
||||
lp:x:7:
|
||||
mail:x:8:
|
||||
news:x:9:
|
||||
uucp:x:10:
|
||||
man:x:12:
|
||||
proxy:x:13:
|
||||
kmem:x:15:
|
||||
dialout:x:20:
|
||||
fax:x:21:
|
||||
voice:x:22:
|
||||
cdrom:x:24:
|
||||
floppy:x:25:
|
||||
tape:x:26:
|
||||
sudo:x:27:
|
||||
audio:x:29:
|
||||
dip:x:30:
|
||||
www-data:x:33:
|
||||
backup:x:34:
|
||||
operator:x:37:
|
||||
list:x:38:
|
||||
irc:x:39:
|
||||
src:x:40:
|
||||
gnats:x:41:
|
||||
shadow:x:42:
|
||||
utmp:x:43:
|
||||
video:x:44:
|
||||
sasl:x:45:
|
||||
plugdev:x:46:
|
||||
staff:x:50:
|
||||
games:x:60:
|
||||
users:x:100:
|
||||
nogroup:x:65534:
|
||||
crontab:x:101:
|
||||
Debian-exim:x:102:
|
||||
@@ -0,0 +1,41 @@
|
||||
root:*::
|
||||
daemon:*::
|
||||
bin:*::
|
||||
sys:*::
|
||||
adm:*::
|
||||
tty:*::
|
||||
disk:*::
|
||||
lp:*::
|
||||
mail:*::
|
||||
news:*::
|
||||
uucp:*::
|
||||
man:*::
|
||||
proxy:*::
|
||||
kmem:*::
|
||||
dialout:*::
|
||||
fax:*::
|
||||
voice:*::
|
||||
cdrom:*::
|
||||
floppy:*::
|
||||
tape:*::
|
||||
sudo:*::
|
||||
audio:*::
|
||||
dip:*::
|
||||
www-data:*::
|
||||
backup:*::
|
||||
operator:*::
|
||||
list:*::
|
||||
irc:*::
|
||||
src:*::
|
||||
gnats:*::
|
||||
shadow:*::
|
||||
utmp:*::
|
||||
video:*::
|
||||
sasl:*::
|
||||
plugdev:*::
|
||||
staff:*::
|
||||
games:*::
|
||||
users:*::
|
||||
nogroup:*::
|
||||
crontab:x::
|
||||
Debian-exim:x::
|
||||
@@ -0,0 +1,20 @@
|
||||
root:x:0:0:root:/root:/bin/bash
|
||||
daemon:x:1:1:daemon:/usr/sbin:/bin/sh
|
||||
bin:x:2:2:bin:/bin:/bin/sh
|
||||
sys:x:3:3:sys:/dev:/bin/sh
|
||||
sync:x:4:65534:sync:/bin:/bin/sync
|
||||
games:x:5:60:games:/usr/games:/bin/sh
|
||||
man:x:6:12:man:/var/cache/man:/bin/sh
|
||||
lp:x:7:7:lp:/var/spool/lpd:/bin/sh
|
||||
mail:x:8:8:mail:/var/mail:/bin/sh
|
||||
news:x:9:9:news:/var/spool/news:/bin/sh
|
||||
uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
|
||||
proxy:x:13:13:proxy:/bin:/bin/sh
|
||||
www-data:x:33:33:www-data:/var/www:/bin/sh
|
||||
backup:x:34:34:backup:/var/backups:/bin/sh
|
||||
list:x:38:38:Mailing List Manager:/var/list:/bin/sh
|
||||
irc:x:39:39:ircd:/var/run/ircd:/bin/sh
|
||||
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
|
||||
nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
|
||||
Debian-exim:x:102:102::/var/spool/exim4:/bin/false
|
||||
foo:x:1000:1000::/nonexistent:/bin/sh
|
||||
@@ -0,0 +1,19 @@
|
||||
root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
|
||||
daemon:*:12977:0:99999:7:::
|
||||
bin:*:12977:0:99999:7:::
|
||||
sys:*:12977:0:99999:7:::
|
||||
sync:*:12977:0:99999:7:::
|
||||
games:*:12977:0:99999:7:::
|
||||
man:*:12977:0:99999:7:::
|
||||
lp:*:12977:0:99999:7:::
|
||||
mail:*:12977:0:99999:7:::
|
||||
news:*:12977:0:99999:7:::
|
||||
uucp:*:12977:0:99999:7:::
|
||||
proxy:*:12977:0:99999:7:::
|
||||
www-data:*:12977:0:99999:7:::
|
||||
backup:*:12977:0:99999:7:::
|
||||
list:*:12977:0:99999:7:::
|
||||
irc:*:12977:0:99999:7:::
|
||||
gnats:*:12977:0:99999:7:::
|
||||
nobody:*:12977:0:99999:7:::
|
||||
Debian-exim:!:12977:0:99999:7:::
|
||||
@@ -0,0 +1,12 @@
|
||||
chpasswd: the -c, -e, and -m flags are exclusive
|
||||
Usage: chpasswd [options]
|
||||
|
||||
Options:
|
||||
-c, --crypt-method <METHOD> the crypt method (one of NONE DES MD5 SHA256 SHA512)
|
||||
-e, --encrypted supplied passwords are encrypted
|
||||
-h, --help display this help message and exit
|
||||
-m, --md5 encrypt the clear text password using
|
||||
the MD5 algorithm
|
||||
-s, --sha-rounds number of SHA rounds for the SHA*
|
||||
crypt algorithms
|
||||
|
||||
@@ -0,0 +1,54 @@
|
||||
#!/bin/sh
|
||||
|
||||
set -e
|
||||
|
||||
cd $(dirname $0)
|
||||
|
||||
. ../../../common/config.sh
|
||||
. ../../../common/log.sh
|
||||
|
||||
log_start "$0" "chpasswd checks that -e and -c are not provided at the same time"
|
||||
|
||||
save_config
|
||||
|
||||
# restore the files on exit
|
||||
trap 'log_status "$0" "FAILURE"; restore_config' 0
|
||||
|
||||
change_config
|
||||
|
||||
echo -n "Password are encrypted and must use another method (chpasswd -c SHA512 -e)..."
|
||||
echo 'nobody:test' | chpasswd -c SHA512 -e 2>tmp/usage.out && exit 1 || {
|
||||
status=$?
|
||||
}
|
||||
echo "OK"
|
||||
|
||||
echo -n "Check returned status ($status)..."
|
||||
test "$status" = "2"
|
||||
echo "OK"
|
||||
|
||||
echo "chpasswd reported:"
|
||||
echo "======================================================================="
|
||||
cat tmp/usage.out
|
||||
echo "======================================================================="
|
||||
echo -n "Check the usage message..."
|
||||
diff -au data/usage.out tmp/usage.out
|
||||
echo "usage message OK."
|
||||
rm -f tmp/usage.out
|
||||
|
||||
echo -n "Check the passwd file..."
|
||||
../../../common/compare_file.pl config/etc/passwd /etc/passwd
|
||||
echo "OK"
|
||||
echo -n "Check the group file..."
|
||||
../../../common/compare_file.pl config/etc/group /etc/group
|
||||
echo "OK"
|
||||
echo -n "Check the shadow file..."
|
||||
../../../common/compare_file.pl config/etc/shadow /etc/shadow
|
||||
echo "OK"
|
||||
echo -n "Check the gshadow file..."
|
||||
../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
|
||||
echo "OK"
|
||||
|
||||
log_status "$0" "SUCCESS"
|
||||
restore_config
|
||||
trap '' 0
|
||||
|
||||
@@ -0,0 +1,10 @@
|
||||
# no testsuite password
|
||||
# root password: rootF00barbaz
|
||||
# myuser password: myuserF00barbaz
|
||||
|
||||
user foo, in group users (only in /etc/group)
|
||||
user foo, in group tty (only in /etc/gshadow)
|
||||
user foo, in group floppy
|
||||
user foo, admin of group disk
|
||||
user foo, admin and member of group fax
|
||||
user foo, admin and member of group cdrom (only in /etc/gshadow)
|
||||
+36
@@ -0,0 +1,36 @@
|
||||
# Default values for useradd(8)
|
||||
#
|
||||
# The SHELL variable specifies the default login shell on your
|
||||
# system.
|
||||
# Similar to DHSELL in adduser. However, we use "sh" here because
|
||||
# useradd is a low level utility and should be as general
|
||||
# as possible
|
||||
SHELL=/bin/foobar
|
||||
#
|
||||
# The default group for users
|
||||
# 100=users on Debian systems
|
||||
# Same as USERS_GID in adduser
|
||||
# This argument is used when the -n flag is specified.
|
||||
# The default behavior (when -n and -g are not specified) is to create a
|
||||
# primary user group with the same name as the user being added to the
|
||||
# system.
|
||||
GROUP=10
|
||||
#
|
||||
# The default home directory. Same as DHOME for adduser
|
||||
HOME=/tmp
|
||||
#
|
||||
# The number of days after a password expires until the account
|
||||
# is permanently disabled
|
||||
INACTIVE=12
|
||||
#
|
||||
# The default expire date
|
||||
EXPIRE=2007-12-02
|
||||
#
|
||||
# The SKEL variable specifies the directory containing "skeletal" user
|
||||
# files; in other words, files such as a sample .profile that will be
|
||||
# copied to the new user's home directory when it is created.
|
||||
# SKEL=/etc/skel
|
||||
#
|
||||
# Defines whether the mail spool should be created while
|
||||
# creating the account
|
||||
# CREATE_MAIL_SPOOL=yes
|
||||
@@ -0,0 +1,41 @@
|
||||
root:x:0:
|
||||
daemon:x:1:
|
||||
bin:x:2:
|
||||
sys:x:3:
|
||||
adm:x:4:
|
||||
tty:x:5:
|
||||
disk:x:6:
|
||||
lp:x:7:
|
||||
mail:x:8:
|
||||
news:x:9:
|
||||
uucp:x:10:
|
||||
man:x:12:
|
||||
proxy:x:13:
|
||||
kmem:x:15:
|
||||
dialout:x:20:
|
||||
fax:x:21:
|
||||
voice:x:22:
|
||||
cdrom:x:24:
|
||||
floppy:x:25:
|
||||
tape:x:26:
|
||||
sudo:x:27:
|
||||
audio:x:29:
|
||||
dip:x:30:
|
||||
www-data:x:33:
|
||||
backup:x:34:
|
||||
operator:x:37:
|
||||
list:x:38:
|
||||
irc:x:39:
|
||||
src:x:40:
|
||||
gnats:x:41:
|
||||
shadow:x:42:
|
||||
utmp:x:43:
|
||||
video:x:44:
|
||||
sasl:x:45:
|
||||
plugdev:x:46:
|
||||
staff:x:50:
|
||||
games:x:60:
|
||||
users:x:100:
|
||||
nogroup:x:65534:
|
||||
crontab:x:101:
|
||||
Debian-exim:x:102:
|
||||
@@ -0,0 +1,41 @@
|
||||
root:*::
|
||||
daemon:*::
|
||||
bin:*::
|
||||
sys:*::
|
||||
adm:*::
|
||||
tty:*::
|
||||
disk:*::
|
||||
lp:*::
|
||||
mail:*::
|
||||
news:*::
|
||||
uucp:*::
|
||||
man:*::
|
||||
proxy:*::
|
||||
kmem:*::
|
||||
dialout:*::
|
||||
fax:*::
|
||||
voice:*::
|
||||
cdrom:*::
|
||||
floppy:*::
|
||||
tape:*::
|
||||
sudo:*::
|
||||
audio:*::
|
||||
dip:*::
|
||||
www-data:*::
|
||||
backup:*::
|
||||
operator:*::
|
||||
list:*::
|
||||
irc:*::
|
||||
src:*::
|
||||
gnats:*::
|
||||
shadow:*::
|
||||
utmp:*::
|
||||
video:*::
|
||||
sasl:*::
|
||||
plugdev:*::
|
||||
staff:*::
|
||||
games:*::
|
||||
users:*::
|
||||
nogroup:*::
|
||||
crontab:x::
|
||||
Debian-exim:x::
|
||||
@@ -0,0 +1,20 @@
|
||||
root:x:0:0:root:/root:/bin/bash
|
||||
daemon:x:1:1:daemon:/usr/sbin:/bin/sh
|
||||
bin:x:2:2:bin:/bin:/bin/sh
|
||||
sys:x:3:3:sys:/dev:/bin/sh
|
||||
sync:x:4:65534:sync:/bin:/bin/sync
|
||||
games:x:5:60:games:/usr/games:/bin/sh
|
||||
man:x:6:12:man:/var/cache/man:/bin/sh
|
||||
lp:x:7:7:lp:/var/spool/lpd:/bin/sh
|
||||
mail:x:8:8:mail:/var/mail:/bin/sh
|
||||
news:x:9:9:news:/var/spool/news:/bin/sh
|
||||
uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
|
||||
proxy:x:13:13:proxy:/bin:/bin/sh
|
||||
www-data:x:33:33:www-data:/var/www:/bin/sh
|
||||
backup:x:34:34:backup:/var/backups:/bin/sh
|
||||
list:x:38:38:Mailing List Manager:/var/list:/bin/sh
|
||||
irc:x:39:39:ircd:/var/run/ircd:/bin/sh
|
||||
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
|
||||
nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
|
||||
Debian-exim:x:102:102::/var/spool/exim4:/bin/false
|
||||
foo:x:1000:1000::/nonexistent:/bin/sh
|
||||
@@ -0,0 +1,19 @@
|
||||
root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
|
||||
daemon:*:12977:0:99999:7:::
|
||||
bin:*:12977:0:99999:7:::
|
||||
sys:*:12977:0:99999:7:::
|
||||
sync:*:12977:0:99999:7:::
|
||||
games:*:12977:0:99999:7:::
|
||||
man:*:12977:0:99999:7:::
|
||||
lp:*:12977:0:99999:7:::
|
||||
mail:*:12977:0:99999:7:::
|
||||
news:*:12977:0:99999:7:::
|
||||
uucp:*:12977:0:99999:7:::
|
||||
proxy:*:12977:0:99999:7:::
|
||||
www-data:*:12977:0:99999:7:::
|
||||
backup:*:12977:0:99999:7:::
|
||||
list:*:12977:0:99999:7:::
|
||||
irc:*:12977:0:99999:7:::
|
||||
gnats:*:12977:0:99999:7:::
|
||||
nobody:*:12977:0:99999:7:::
|
||||
Debian-exim:!:12977:0:99999:7:::
|
||||
@@ -0,0 +1,12 @@
|
||||
chpasswd: the -c, -e, and -m flags are exclusive
|
||||
Usage: chpasswd [options]
|
||||
|
||||
Options:
|
||||
-c, --crypt-method <METHOD> the crypt method (one of NONE DES MD5 SHA256 SHA512)
|
||||
-e, --encrypted supplied passwords are encrypted
|
||||
-h, --help display this help message and exit
|
||||
-m, --md5 encrypt the clear text password using
|
||||
the MD5 algorithm
|
||||
-s, --sha-rounds number of SHA rounds for the SHA*
|
||||
crypt algorithms
|
||||
|
||||
@@ -0,0 +1,54 @@
|
||||
#!/bin/sh
|
||||
|
||||
set -e
|
||||
|
||||
cd $(dirname $0)
|
||||
|
||||
. ../../../common/config.sh
|
||||
. ../../../common/log.sh
|
||||
|
||||
log_start "$0" "chpasswd checks that -c and -m are not provided at the same time"
|
||||
|
||||
save_config
|
||||
|
||||
# restore the files on exit
|
||||
trap 'log_status "$0" "FAILURE"; restore_config' 0
|
||||
|
||||
change_config
|
||||
|
||||
echo -n "Password must use md5 and another method (chpasswd -m -c SHA256)..."
|
||||
echo 'nobody:test' | chpasswd -m -c SHA256 2>tmp/usage.out && exit 1 || {
|
||||
status=$?
|
||||
}
|
||||
echo "OK"
|
||||
|
||||
echo -n "Check returned status ($status)..."
|
||||
test "$status" = "2"
|
||||
echo "OK"
|
||||
|
||||
echo "chpasswd reported:"
|
||||
echo "======================================================================="
|
||||
cat tmp/usage.out
|
||||
echo "======================================================================="
|
||||
echo -n "Check the usage message..."
|
||||
diff -au data/usage.out tmp/usage.out
|
||||
echo "usage message OK."
|
||||
rm -f tmp/usage.out
|
||||
|
||||
echo -n "Check the passwd file..."
|
||||
../../../common/compare_file.pl config/etc/passwd /etc/passwd
|
||||
echo "OK"
|
||||
echo -n "Check the group file..."
|
||||
../../../common/compare_file.pl config/etc/group /etc/group
|
||||
echo "OK"
|
||||
echo -n "Check the shadow file..."
|
||||
../../../common/compare_file.pl config/etc/shadow /etc/shadow
|
||||
echo "OK"
|
||||
echo -n "Check the gshadow file..."
|
||||
../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
|
||||
echo "OK"
|
||||
|
||||
log_status "$0" "SUCCESS"
|
||||
restore_config
|
||||
trap '' 0
|
||||
|
||||
@@ -0,0 +1,10 @@
|
||||
# no testsuite password
|
||||
# root password: rootF00barbaz
|
||||
# myuser password: myuserF00barbaz
|
||||
|
||||
user foo, in group users (only in /etc/group)
|
||||
user foo, in group tty (only in /etc/gshadow)
|
||||
user foo, in group floppy
|
||||
user foo, admin of group disk
|
||||
user foo, admin and member of group fax
|
||||
user foo, admin and member of group cdrom (only in /etc/gshadow)
|
||||
+36
@@ -0,0 +1,36 @@
|
||||
# Default values for useradd(8)
|
||||
#
|
||||
# The SHELL variable specifies the default login shell on your
|
||||
# system.
|
||||
# Similar to DHSELL in adduser. However, we use "sh" here because
|
||||
# useradd is a low level utility and should be as general
|
||||
# as possible
|
||||
SHELL=/bin/foobar
|
||||
#
|
||||
# The default group for users
|
||||
# 100=users on Debian systems
|
||||
# Same as USERS_GID in adduser
|
||||
# This argument is used when the -n flag is specified.
|
||||
# The default behavior (when -n and -g are not specified) is to create a
|
||||
# primary user group with the same name as the user being added to the
|
||||
# system.
|
||||
GROUP=10
|
||||
#
|
||||
# The default home directory. Same as DHOME for adduser
|
||||
HOME=/tmp
|
||||
#
|
||||
# The number of days after a password expires until the account
|
||||
# is permanently disabled
|
||||
INACTIVE=12
|
||||
#
|
||||
# The default expire date
|
||||
EXPIRE=2007-12-02
|
||||
#
|
||||
# The SKEL variable specifies the directory containing "skeletal" user
|
||||
# files; in other words, files such as a sample .profile that will be
|
||||
# copied to the new user's home directory when it is created.
|
||||
# SKEL=/etc/skel
|
||||
#
|
||||
# Defines whether the mail spool should be created while
|
||||
# creating the account
|
||||
# CREATE_MAIL_SPOOL=yes
|
||||
@@ -0,0 +1,41 @@
|
||||
root:x:0:
|
||||
daemon:x:1:
|
||||
bin:x:2:
|
||||
sys:x:3:
|
||||
adm:x:4:
|
||||
tty:x:5:
|
||||
disk:x:6:
|
||||
lp:x:7:
|
||||
mail:x:8:
|
||||
news:x:9:
|
||||
uucp:x:10:
|
||||
man:x:12:
|
||||
proxy:x:13:
|
||||
kmem:x:15:
|
||||
dialout:x:20:
|
||||
fax:x:21:
|
||||
voice:x:22:
|
||||
cdrom:x:24:
|
||||
floppy:x:25:
|
||||
tape:x:26:
|
||||
sudo:x:27:
|
||||
audio:x:29:
|
||||
dip:x:30:
|
||||
www-data:x:33:
|
||||
backup:x:34:
|
||||
operator:x:37:
|
||||
list:x:38:
|
||||
irc:x:39:
|
||||
src:x:40:
|
||||
gnats:x:41:
|
||||
shadow:x:42:
|
||||
utmp:x:43:
|
||||
video:x:44:
|
||||
sasl:x:45:
|
||||
plugdev:x:46:
|
||||
staff:x:50:
|
||||
games:x:60:
|
||||
users:x:100:
|
||||
nogroup:x:65534:
|
||||
crontab:x:101:
|
||||
Debian-exim:x:102:
|
||||
@@ -0,0 +1,41 @@
|
||||
root:*::
|
||||
daemon:*::
|
||||
bin:*::
|
||||
sys:*::
|
||||
adm:*::
|
||||
tty:*::
|
||||
disk:*::
|
||||
lp:*::
|
||||
mail:*::
|
||||
news:*::
|
||||
uucp:*::
|
||||
man:*::
|
||||
proxy:*::
|
||||
kmem:*::
|
||||
dialout:*::
|
||||
fax:*::
|
||||
voice:*::
|
||||
cdrom:*::
|
||||
floppy:*::
|
||||
tape:*::
|
||||
sudo:*::
|
||||
audio:*::
|
||||
dip:*::
|
||||
www-data:*::
|
||||
backup:*::
|
||||
operator:*::
|
||||
list:*::
|
||||
irc:*::
|
||||
src:*::
|
||||
gnats:*::
|
||||
shadow:*::
|
||||
utmp:*::
|
||||
video:*::
|
||||
sasl:*::
|
||||
plugdev:*::
|
||||
staff:*::
|
||||
games:*::
|
||||
users:*::
|
||||
nogroup:*::
|
||||
crontab:x::
|
||||
Debian-exim:x::
|
||||
@@ -0,0 +1,20 @@
|
||||
root:x:0:0:root:/root:/bin/bash
|
||||
daemon:x:1:1:daemon:/usr/sbin:/bin/sh
|
||||
bin:x:2:2:bin:/bin:/bin/sh
|
||||
sys:x:3:3:sys:/dev:/bin/sh
|
||||
sync:x:4:65534:sync:/bin:/bin/sync
|
||||
games:x:5:60:games:/usr/games:/bin/sh
|
||||
man:x:6:12:man:/var/cache/man:/bin/sh
|
||||
lp:x:7:7:lp:/var/spool/lpd:/bin/sh
|
||||
mail:x:8:8:mail:/var/mail:/bin/sh
|
||||
news:x:9:9:news:/var/spool/news:/bin/sh
|
||||
uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
|
||||
proxy:x:13:13:proxy:/bin:/bin/sh
|
||||
www-data:x:33:33:www-data:/var/www:/bin/sh
|
||||
backup:x:34:34:backup:/var/backups:/bin/sh
|
||||
list:x:38:38:Mailing List Manager:/var/list:/bin/sh
|
||||
irc:x:39:39:ircd:/var/run/ircd:/bin/sh
|
||||
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
|
||||
nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
|
||||
Debian-exim:x:102:102::/var/spool/exim4:/bin/false
|
||||
foo:x:1000:1000::/nonexistent:/bin/sh
|
||||
@@ -0,0 +1,19 @@
|
||||
root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
|
||||
daemon:*:12977:0:99999:7:::
|
||||
bin:*:12977:0:99999:7:::
|
||||
sys:*:12977:0:99999:7:::
|
||||
sync:*:12977:0:99999:7:::
|
||||
games:*:12977:0:99999:7:::
|
||||
man:*:12977:0:99999:7:::
|
||||
lp:*:12977:0:99999:7:::
|
||||
mail:*:12977:0:99999:7:::
|
||||
news:*:12977:0:99999:7:::
|
||||
uucp:*:12977:0:99999:7:::
|
||||
proxy:*:12977:0:99999:7:::
|
||||
www-data:*:12977:0:99999:7:::
|
||||
backup:*:12977:0:99999:7:::
|
||||
list:*:12977:0:99999:7:::
|
||||
irc:*:12977:0:99999:7:::
|
||||
gnats:*:12977:0:99999:7:::
|
||||
nobody:*:12977:0:99999:7:::
|
||||
Debian-exim:!:12977:0:99999:7:::
|
||||
@@ -0,0 +1,12 @@
|
||||
chpasswd: the -c, -e, and -m flags are exclusive
|
||||
Usage: chpasswd [options]
|
||||
|
||||
Options:
|
||||
-c, --crypt-method <METHOD> the crypt method (one of NONE DES MD5 SHA256 SHA512)
|
||||
-e, --encrypted supplied passwords are encrypted
|
||||
-h, --help display this help message and exit
|
||||
-m, --md5 encrypt the clear text password using
|
||||
the MD5 algorithm
|
||||
-s, --sha-rounds number of SHA rounds for the SHA*
|
||||
crypt algorithms
|
||||
|
||||
@@ -0,0 +1,54 @@
|
||||
#!/bin/sh
|
||||
|
||||
set -e
|
||||
|
||||
cd $(dirname $0)
|
||||
|
||||
. ../../../common/config.sh
|
||||
. ../../../common/log.sh
|
||||
|
||||
log_start "$0" "chpasswd checks that -c is provided if -s is used"
|
||||
|
||||
save_config
|
||||
|
||||
# restore the files on exit
|
||||
trap 'log_status "$0" "FAILURE"; restore_config' 0
|
||||
|
||||
change_config
|
||||
|
||||
echo -n "Password must use md5 and another method (chpasswd --sha-rounds 12)..."
|
||||
echo 'nobody:test' | chpasswd --sha-rounds 12 2>tmp/usage.out && exit 1 || {
|
||||
status=$?
|
||||
}
|
||||
echo "OK"
|
||||
|
||||
echo -n "Check returned status ($status)..."
|
||||
test "$status" = "2"
|
||||
echo "OK"
|
||||
|
||||
echo "chpasswd reported:"
|
||||
echo "======================================================================="
|
||||
cat tmp/usage.out
|
||||
echo "======================================================================="
|
||||
echo -n "Check the usage message..."
|
||||
diff -au data/usage.out tmp/usage.out
|
||||
echo "usage message OK."
|
||||
rm -f tmp/usage.out
|
||||
|
||||
echo -n "Check the passwd file..."
|
||||
../../../common/compare_file.pl config/etc/passwd /etc/passwd
|
||||
echo "OK"
|
||||
echo -n "Check the group file..."
|
||||
../../../common/compare_file.pl config/etc/group /etc/group
|
||||
echo "OK"
|
||||
echo -n "Check the shadow file..."
|
||||
../../../common/compare_file.pl config/etc/shadow /etc/shadow
|
||||
echo "OK"
|
||||
echo -n "Check the gshadow file..."
|
||||
../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
|
||||
echo "OK"
|
||||
|
||||
log_status "$0" "SUCCESS"
|
||||
restore_config
|
||||
trap '' 0
|
||||
|
||||
@@ -0,0 +1,10 @@
|
||||
# no testsuite password
|
||||
# root password: rootF00barbaz
|
||||
# myuser password: myuserF00barbaz
|
||||
|
||||
user foo, in group users (only in /etc/group)
|
||||
user foo, in group tty (only in /etc/gshadow)
|
||||
user foo, in group floppy
|
||||
user foo, admin of group disk
|
||||
user foo, admin and member of group fax
|
||||
user foo, admin and member of group cdrom (only in /etc/gshadow)
|
||||
@@ -0,0 +1,36 @@
|
||||
# Default values for useradd(8)
|
||||
#
|
||||
# The SHELL variable specifies the default login shell on your
|
||||
# system.
|
||||
# Similar to DHSELL in adduser. However, we use "sh" here because
|
||||
# useradd is a low level utility and should be as general
|
||||
# as possible
|
||||
SHELL=/bin/foobar
|
||||
#
|
||||
# The default group for users
|
||||
# 100=users on Debian systems
|
||||
# Same as USERS_GID in adduser
|
||||
# This argument is used when the -n flag is specified.
|
||||
# The default behavior (when -n and -g are not specified) is to create a
|
||||
# primary user group with the same name as the user being added to the
|
||||
# system.
|
||||
GROUP=10
|
||||
#
|
||||
# The default home directory. Same as DHOME for adduser
|
||||
HOME=/tmp
|
||||
#
|
||||
# The number of days after a password expires until the account
|
||||
# is permanently disabled
|
||||
INACTIVE=12
|
||||
#
|
||||
# The default expire date
|
||||
EXPIRE=2007-12-02
|
||||
#
|
||||
# The SKEL variable specifies the directory containing "skeletal" user
|
||||
# files; in other words, files such as a sample .profile that will be
|
||||
# copied to the new user's home directory when it is created.
|
||||
# SKEL=/etc/skel
|
||||
#
|
||||
# Defines whether the mail spool should be created while
|
||||
# creating the account
|
||||
# CREATE_MAIL_SPOOL=yes
|
||||
@@ -0,0 +1,41 @@
|
||||
root:x:0:
|
||||
daemon:x:1:
|
||||
bin:x:2:
|
||||
sys:x:3:
|
||||
adm:x:4:
|
||||
tty:x:5:
|
||||
disk:x:6:
|
||||
lp:x:7:
|
||||
mail:x:8:
|
||||
news:x:9:
|
||||
uucp:x:10:
|
||||
man:x:12:
|
||||
proxy:x:13:
|
||||
kmem:x:15:
|
||||
dialout:x:20:
|
||||
fax:x:21:
|
||||
voice:x:22:
|
||||
cdrom:x:24:
|
||||
floppy:x:25:
|
||||
tape:x:26:
|
||||
sudo:x:27:
|
||||
audio:x:29:
|
||||
dip:x:30:
|
||||
www-data:x:33:
|
||||
backup:x:34:
|
||||
operator:x:37:
|
||||
list:x:38:
|
||||
irc:x:39:
|
||||
src:x:40:
|
||||
gnats:x:41:
|
||||
shadow:x:42:
|
||||
utmp:x:43:
|
||||
video:x:44:
|
||||
sasl:x:45:
|
||||
plugdev:x:46:
|
||||
staff:x:50:
|
||||
games:x:60:
|
||||
users:x:100:
|
||||
nogroup:x:65534:
|
||||
crontab:x:101:
|
||||
Debian-exim:x:102:
|
||||
@@ -0,0 +1,41 @@
|
||||
root:*::
|
||||
daemon:*::
|
||||
bin:*::
|
||||
sys:*::
|
||||
adm:*::
|
||||
tty:*::
|
||||
disk:*::
|
||||
lp:*::
|
||||
mail:*::
|
||||
news:*::
|
||||
uucp:*::
|
||||
man:*::
|
||||
proxy:*::
|
||||
kmem:*::
|
||||
dialout:*::
|
||||
fax:*::
|
||||
voice:*::
|
||||
cdrom:*::
|
||||
floppy:*::
|
||||
tape:*::
|
||||
sudo:*::
|
||||
audio:*::
|
||||
dip:*::
|
||||
www-data:*::
|
||||
backup:*::
|
||||
operator:*::
|
||||
list:*::
|
||||
irc:*::
|
||||
src:*::
|
||||
gnats:*::
|
||||
shadow:*::
|
||||
utmp:*::
|
||||
video:*::
|
||||
sasl:*::
|
||||
plugdev:*::
|
||||
staff:*::
|
||||
games:*::
|
||||
users:*::
|
||||
nogroup:*::
|
||||
crontab:x::
|
||||
Debian-exim:x::
|
||||
@@ -0,0 +1,20 @@
|
||||
root:x:0:0:root:/root:/bin/bash
|
||||
daemon:x:1:1:daemon:/usr/sbin:/bin/sh
|
||||
bin:x:2:2:bin:/bin:/bin/sh
|
||||
sys:x:3:3:sys:/dev:/bin/sh
|
||||
sync:x:4:65534:sync:/bin:/bin/sync
|
||||
games:x:5:60:games:/usr/games:/bin/sh
|
||||
man:x:6:12:man:/var/cache/man:/bin/sh
|
||||
lp:x:7:7:lp:/var/spool/lpd:/bin/sh
|
||||
mail:x:8:8:mail:/var/mail:/bin/sh
|
||||
news:x:9:9:news:/var/spool/news:/bin/sh
|
||||
uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
|
||||
proxy:x:13:13:proxy:/bin:/bin/sh
|
||||
www-data:x:33:33:www-data:/var/www:/bin/sh
|
||||
backup:x:34:34:backup:/var/backups:/bin/sh
|
||||
list:x:38:38:Mailing List Manager:/var/list:/bin/sh
|
||||
irc:x:39:39:ircd:/var/run/ircd:/bin/sh
|
||||
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
|
||||
nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
|
||||
Debian-exim:x:102:102::/var/spool/exim4:/bin/false
|
||||
foo:x:1000:1000::/nonexistent:/bin/sh
|
||||
@@ -0,0 +1,19 @@
|
||||
root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
|
||||
daemon:*:12977:0:99999:7:::
|
||||
bin:*:12977:0:99999:7:::
|
||||
sys:*:12977:0:99999:7:::
|
||||
sync:*:12977:0:99999:7:::
|
||||
games:*:12977:0:99999:7:::
|
||||
man:*:12977:0:99999:7:::
|
||||
lp:*:12977:0:99999:7:::
|
||||
mail:*:12977:0:99999:7:::
|
||||
news:*:12977:0:99999:7:::
|
||||
uucp:*:12977:0:99999:7:::
|
||||
proxy:*:12977:0:99999:7:::
|
||||
www-data:*:12977:0:99999:7:::
|
||||
backup:*:12977:0:99999:7:::
|
||||
list:*:12977:0:99999:7:::
|
||||
irc:*:12977:0:99999:7:::
|
||||
gnats:*:12977:0:99999:7:::
|
||||
nobody:*:12977:0:99999:7:::
|
||||
Debian-exim:!:12977:0:99999:7:::
|
||||
@@ -0,0 +1,12 @@
|
||||
chpasswd: -s flag is only allowed with the -c flag
|
||||
Usage: chpasswd [options]
|
||||
|
||||
Options:
|
||||
-c, --crypt-method <METHOD> the crypt method (one of NONE DES MD5 SHA256 SHA512)
|
||||
-e, --encrypted supplied passwords are encrypted
|
||||
-h, --help display this help message and exit
|
||||
-m, --md5 encrypt the clear text password using
|
||||
the MD5 algorithm
|
||||
-s, --sha-rounds number of SHA rounds for the SHA*
|
||||
crypt algorithms
|
||||
|
||||
@@ -0,0 +1,54 @@
|
||||
#!/bin/sh
|
||||
|
||||
set -e
|
||||
|
||||
cd $(dirname $0)
|
||||
|
||||
. ../../../common/config.sh
|
||||
. ../../../common/log.sh
|
||||
|
||||
log_start "$0" "chpasswd checks the -s argument"
|
||||
|
||||
save_config
|
||||
|
||||
# restore the files on exit
|
||||
trap 'log_status "$0" "FAILURE"; restore_config' 0
|
||||
|
||||
change_config
|
||||
|
||||
echo -n "Password must use md5 and another method (chpasswd --sha-rounds 12foo -c SHA512)..."
|
||||
echo 'nobody:test' | chpasswd --sha-rounds 12foo -c SHA512 2>tmp/usage.out && exit 1 || {
|
||||
status=$?
|
||||
}
|
||||
echo "OK"
|
||||
|
||||
echo -n "Check returned status ($status)..."
|
||||
test "$status" = "2"
|
||||
echo "OK"
|
||||
|
||||
echo "chpasswd reported:"
|
||||
echo "======================================================================="
|
||||
cat tmp/usage.out
|
||||
echo "======================================================================="
|
||||
echo -n "Check the usage message..."
|
||||
diff -au data/usage.out tmp/usage.out
|
||||
echo "usage message OK."
|
||||
rm -f tmp/usage.out
|
||||
|
||||
echo -n "Check the passwd file..."
|
||||
../../../common/compare_file.pl config/etc/passwd /etc/passwd
|
||||
echo "OK"
|
||||
echo -n "Check the group file..."
|
||||
../../../common/compare_file.pl config/etc/group /etc/group
|
||||
echo "OK"
|
||||
echo -n "Check the shadow file..."
|
||||
../../../common/compare_file.pl config/etc/shadow /etc/shadow
|
||||
echo "OK"
|
||||
echo -n "Check the gshadow file..."
|
||||
../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
|
||||
echo "OK"
|
||||
|
||||
log_status "$0" "SUCCESS"
|
||||
restore_config
|
||||
trap '' 0
|
||||
|
||||
@@ -0,0 +1,10 @@
|
||||
# no testsuite password
|
||||
# root password: rootF00barbaz
|
||||
# myuser password: myuserF00barbaz
|
||||
|
||||
user foo, in group users (only in /etc/group)
|
||||
user foo, in group tty (only in /etc/gshadow)
|
||||
user foo, in group floppy
|
||||
user foo, admin of group disk
|
||||
user foo, admin and member of group fax
|
||||
user foo, admin and member of group cdrom (only in /etc/gshadow)
|
||||
@@ -0,0 +1,36 @@
|
||||
# Default values for useradd(8)
|
||||
#
|
||||
# The SHELL variable specifies the default login shell on your
|
||||
# system.
|
||||
# Similar to DHSELL in adduser. However, we use "sh" here because
|
||||
# useradd is a low level utility and should be as general
|
||||
# as possible
|
||||
SHELL=/bin/foobar
|
||||
#
|
||||
# The default group for users
|
||||
# 100=users on Debian systems
|
||||
# Same as USERS_GID in adduser
|
||||
# This argument is used when the -n flag is specified.
|
||||
# The default behavior (when -n and -g are not specified) is to create a
|
||||
# primary user group with the same name as the user being added to the
|
||||
# system.
|
||||
GROUP=10
|
||||
#
|
||||
# The default home directory. Same as DHOME for adduser
|
||||
HOME=/tmp
|
||||
#
|
||||
# The number of days after a password expires until the account
|
||||
# is permanently disabled
|
||||
INACTIVE=12
|
||||
#
|
||||
# The default expire date
|
||||
EXPIRE=2007-12-02
|
||||
#
|
||||
# The SKEL variable specifies the directory containing "skeletal" user
|
||||
# files; in other words, files such as a sample .profile that will be
|
||||
# copied to the new user's home directory when it is created.
|
||||
# SKEL=/etc/skel
|
||||
#
|
||||
# Defines whether the mail spool should be created while
|
||||
# creating the account
|
||||
# CREATE_MAIL_SPOOL=yes
|
||||
@@ -0,0 +1,41 @@
|
||||
root:x:0:
|
||||
daemon:x:1:
|
||||
bin:x:2:
|
||||
sys:x:3:
|
||||
adm:x:4:
|
||||
tty:x:5:
|
||||
disk:x:6:
|
||||
lp:x:7:
|
||||
mail:x:8:
|
||||
news:x:9:
|
||||
uucp:x:10:
|
||||
man:x:12:
|
||||
proxy:x:13:
|
||||
kmem:x:15:
|
||||
dialout:x:20:
|
||||
fax:x:21:
|
||||
voice:x:22:
|
||||
cdrom:x:24:
|
||||
floppy:x:25:
|
||||
tape:x:26:
|
||||
sudo:x:27:
|
||||
audio:x:29:
|
||||
dip:x:30:
|
||||
www-data:x:33:
|
||||
backup:x:34:
|
||||
operator:x:37:
|
||||
list:x:38:
|
||||
irc:x:39:
|
||||
src:x:40:
|
||||
gnats:x:41:
|
||||
shadow:x:42:
|
||||
utmp:x:43:
|
||||
video:x:44:
|
||||
sasl:x:45:
|
||||
plugdev:x:46:
|
||||
staff:x:50:
|
||||
games:x:60:
|
||||
users:x:100:
|
||||
nogroup:x:65534:
|
||||
crontab:x:101:
|
||||
Debian-exim:x:102:
|
||||
@@ -0,0 +1,41 @@
|
||||
root:*::
|
||||
daemon:*::
|
||||
bin:*::
|
||||
sys:*::
|
||||
adm:*::
|
||||
tty:*::
|
||||
disk:*::
|
||||
lp:*::
|
||||
mail:*::
|
||||
news:*::
|
||||
uucp:*::
|
||||
man:*::
|
||||
proxy:*::
|
||||
kmem:*::
|
||||
dialout:*::
|
||||
fax:*::
|
||||
voice:*::
|
||||
cdrom:*::
|
||||
floppy:*::
|
||||
tape:*::
|
||||
sudo:*::
|
||||
audio:*::
|
||||
dip:*::
|
||||
www-data:*::
|
||||
backup:*::
|
||||
operator:*::
|
||||
list:*::
|
||||
irc:*::
|
||||
src:*::
|
||||
gnats:*::
|
||||
shadow:*::
|
||||
utmp:*::
|
||||
video:*::
|
||||
sasl:*::
|
||||
plugdev:*::
|
||||
staff:*::
|
||||
games:*::
|
||||
users:*::
|
||||
nogroup:*::
|
||||
crontab:x::
|
||||
Debian-exim:x::
|
||||
@@ -0,0 +1,20 @@
|
||||
root:x:0:0:root:/root:/bin/bash
|
||||
daemon:x:1:1:daemon:/usr/sbin:/bin/sh
|
||||
bin:x:2:2:bin:/bin:/bin/sh
|
||||
sys:x:3:3:sys:/dev:/bin/sh
|
||||
sync:x:4:65534:sync:/bin:/bin/sync
|
||||
games:x:5:60:games:/usr/games:/bin/sh
|
||||
man:x:6:12:man:/var/cache/man:/bin/sh
|
||||
lp:x:7:7:lp:/var/spool/lpd:/bin/sh
|
||||
mail:x:8:8:mail:/var/mail:/bin/sh
|
||||
news:x:9:9:news:/var/spool/news:/bin/sh
|
||||
uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
|
||||
proxy:x:13:13:proxy:/bin:/bin/sh
|
||||
www-data:x:33:33:www-data:/var/www:/bin/sh
|
||||
backup:x:34:34:backup:/var/backups:/bin/sh
|
||||
list:x:38:38:Mailing List Manager:/var/list:/bin/sh
|
||||
irc:x:39:39:ircd:/var/run/ircd:/bin/sh
|
||||
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
|
||||
nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
|
||||
Debian-exim:x:102:102::/var/spool/exim4:/bin/false
|
||||
foo:x:1000:1000::/nonexistent:/bin/sh
|
||||
@@ -0,0 +1,19 @@
|
||||
root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
|
||||
daemon:*:12977:0:99999:7:::
|
||||
bin:*:12977:0:99999:7:::
|
||||
sys:*:12977:0:99999:7:::
|
||||
sync:*:12977:0:99999:7:::
|
||||
games:*:12977:0:99999:7:::
|
||||
man:*:12977:0:99999:7:::
|
||||
lp:*:12977:0:99999:7:::
|
||||
mail:*:12977:0:99999:7:::
|
||||
news:*:12977:0:99999:7:::
|
||||
uucp:*:12977:0:99999:7:::
|
||||
proxy:*:12977:0:99999:7:::
|
||||
www-data:*:12977:0:99999:7:::
|
||||
backup:*:12977:0:99999:7:::
|
||||
list:*:12977:0:99999:7:::
|
||||
irc:*:12977:0:99999:7:::
|
||||
gnats:*:12977:0:99999:7:::
|
||||
nobody:*:12977:0:99999:7:::
|
||||
Debian-exim:!:12977:0:99999:7:::
|
||||
@@ -0,0 +1,12 @@
|
||||
chpasswd: invalid numeric argument '12foo'
|
||||
Usage: chpasswd [options]
|
||||
|
||||
Options:
|
||||
-c, --crypt-method <METHOD> the crypt method (one of NONE DES MD5 SHA256 SHA512)
|
||||
-e, --encrypted supplied passwords are encrypted
|
||||
-h, --help display this help message and exit
|
||||
-m, --md5 encrypt the clear text password using
|
||||
the MD5 algorithm
|
||||
-s, --sha-rounds number of SHA rounds for the SHA*
|
||||
crypt algorithms
|
||||
|
||||
@@ -0,0 +1,54 @@
|
||||
#!/bin/sh
|
||||
|
||||
set -e
|
||||
|
||||
cd $(dirname $0)
|
||||
|
||||
. ../../../common/config.sh
|
||||
. ../../../common/log.sh
|
||||
|
||||
log_start "$0" "chpasswd checks the -c argument"
|
||||
|
||||
save_config
|
||||
|
||||
# restore the files on exit
|
||||
trap 'log_status "$0" "FAILURE"; restore_config' 0
|
||||
|
||||
change_config
|
||||
|
||||
echo -n "Password must use md5 and another method (chpasswd --crypt-method SHA513)..."
|
||||
echo 'nobody:test' | chpasswd --crypt-method SHA513 2>tmp/usage.out && exit 1 || {
|
||||
status=$?
|
||||
}
|
||||
echo "OK"
|
||||
|
||||
echo -n "Check returned status ($status)..."
|
||||
test "$status" = "2"
|
||||
echo "OK"
|
||||
|
||||
echo "chpasswd reported:"
|
||||
echo "======================================================================="
|
||||
cat tmp/usage.out
|
||||
echo "======================================================================="
|
||||
echo -n "Check the usage message..."
|
||||
diff -au data/usage.out tmp/usage.out
|
||||
echo "usage message OK."
|
||||
rm -f tmp/usage.out
|
||||
|
||||
echo -n "Check the passwd file..."
|
||||
../../../common/compare_file.pl config/etc/passwd /etc/passwd
|
||||
echo "OK"
|
||||
echo -n "Check the group file..."
|
||||
../../../common/compare_file.pl config/etc/group /etc/group
|
||||
echo "OK"
|
||||
echo -n "Check the shadow file..."
|
||||
../../../common/compare_file.pl config/etc/shadow /etc/shadow
|
||||
echo "OK"
|
||||
echo -n "Check the gshadow file..."
|
||||
../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
|
||||
echo "OK"
|
||||
|
||||
log_status "$0" "SUCCESS"
|
||||
restore_config
|
||||
trap '' 0
|
||||
|
||||
@@ -0,0 +1,10 @@
|
||||
# no testsuite password
|
||||
# root password: rootF00barbaz
|
||||
# myuser password: myuserF00barbaz
|
||||
|
||||
user foo, in group users (only in /etc/group)
|
||||
user foo, in group tty (only in /etc/gshadow)
|
||||
user foo, in group floppy
|
||||
user foo, admin of group disk
|
||||
user foo, admin and member of group fax
|
||||
user foo, admin and member of group cdrom (only in /etc/gshadow)
|
||||
@@ -0,0 +1,36 @@
|
||||
# Default values for useradd(8)
|
||||
#
|
||||
# The SHELL variable specifies the default login shell on your
|
||||
# system.
|
||||
# Similar to DHSELL in adduser. However, we use "sh" here because
|
||||
# useradd is a low level utility and should be as general
|
||||
# as possible
|
||||
SHELL=/bin/foobar
|
||||
#
|
||||
# The default group for users
|
||||
# 100=users on Debian systems
|
||||
# Same as USERS_GID in adduser
|
||||
# This argument is used when the -n flag is specified.
|
||||
# The default behavior (when -n and -g are not specified) is to create a
|
||||
# primary user group with the same name as the user being added to the
|
||||
# system.
|
||||
GROUP=10
|
||||
#
|
||||
# The default home directory. Same as DHOME for adduser
|
||||
HOME=/tmp
|
||||
#
|
||||
# The number of days after a password expires until the account
|
||||
# is permanently disabled
|
||||
INACTIVE=12
|
||||
#
|
||||
# The default expire date
|
||||
EXPIRE=2007-12-02
|
||||
#
|
||||
# The SKEL variable specifies the directory containing "skeletal" user
|
||||
# files; in other words, files such as a sample .profile that will be
|
||||
# copied to the new user's home directory when it is created.
|
||||
# SKEL=/etc/skel
|
||||
#
|
||||
# Defines whether the mail spool should be created while
|
||||
# creating the account
|
||||
# CREATE_MAIL_SPOOL=yes
|
||||
@@ -0,0 +1,41 @@
|
||||
root:x:0:
|
||||
daemon:x:1:
|
||||
bin:x:2:
|
||||
sys:x:3:
|
||||
adm:x:4:
|
||||
tty:x:5:
|
||||
disk:x:6:
|
||||
lp:x:7:
|
||||
mail:x:8:
|
||||
news:x:9:
|
||||
uucp:x:10:
|
||||
man:x:12:
|
||||
proxy:x:13:
|
||||
kmem:x:15:
|
||||
dialout:x:20:
|
||||
fax:x:21:
|
||||
voice:x:22:
|
||||
cdrom:x:24:
|
||||
floppy:x:25:
|
||||
tape:x:26:
|
||||
sudo:x:27:
|
||||
audio:x:29:
|
||||
dip:x:30:
|
||||
www-data:x:33:
|
||||
backup:x:34:
|
||||
operator:x:37:
|
||||
list:x:38:
|
||||
irc:x:39:
|
||||
src:x:40:
|
||||
gnats:x:41:
|
||||
shadow:x:42:
|
||||
utmp:x:43:
|
||||
video:x:44:
|
||||
sasl:x:45:
|
||||
plugdev:x:46:
|
||||
staff:x:50:
|
||||
games:x:60:
|
||||
users:x:100:
|
||||
nogroup:x:65534:
|
||||
crontab:x:101:
|
||||
Debian-exim:x:102:
|
||||
@@ -0,0 +1,41 @@
|
||||
root:*::
|
||||
daemon:*::
|
||||
bin:*::
|
||||
sys:*::
|
||||
adm:*::
|
||||
tty:*::
|
||||
disk:*::
|
||||
lp:*::
|
||||
mail:*::
|
||||
news:*::
|
||||
uucp:*::
|
||||
man:*::
|
||||
proxy:*::
|
||||
kmem:*::
|
||||
dialout:*::
|
||||
fax:*::
|
||||
voice:*::
|
||||
cdrom:*::
|
||||
floppy:*::
|
||||
tape:*::
|
||||
sudo:*::
|
||||
audio:*::
|
||||
dip:*::
|
||||
www-data:*::
|
||||
backup:*::
|
||||
operator:*::
|
||||
list:*::
|
||||
irc:*::
|
||||
src:*::
|
||||
gnats:*::
|
||||
shadow:*::
|
||||
utmp:*::
|
||||
video:*::
|
||||
sasl:*::
|
||||
plugdev:*::
|
||||
staff:*::
|
||||
games:*::
|
||||
users:*::
|
||||
nogroup:*::
|
||||
crontab:x::
|
||||
Debian-exim:x::
|
||||
@@ -0,0 +1,20 @@
|
||||
root:x:0:0:root:/root:/bin/bash
|
||||
daemon:x:1:1:daemon:/usr/sbin:/bin/sh
|
||||
bin:x:2:2:bin:/bin:/bin/sh
|
||||
sys:x:3:3:sys:/dev:/bin/sh
|
||||
sync:x:4:65534:sync:/bin:/bin/sync
|
||||
games:x:5:60:games:/usr/games:/bin/sh
|
||||
man:x:6:12:man:/var/cache/man:/bin/sh
|
||||
lp:x:7:7:lp:/var/spool/lpd:/bin/sh
|
||||
mail:x:8:8:mail:/var/mail:/bin/sh
|
||||
news:x:9:9:news:/var/spool/news:/bin/sh
|
||||
uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
|
||||
proxy:x:13:13:proxy:/bin:/bin/sh
|
||||
www-data:x:33:33:www-data:/var/www:/bin/sh
|
||||
backup:x:34:34:backup:/var/backups:/bin/sh
|
||||
list:x:38:38:Mailing List Manager:/var/list:/bin/sh
|
||||
irc:x:39:39:ircd:/var/run/ircd:/bin/sh
|
||||
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
|
||||
nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
|
||||
Debian-exim:x:102:102::/var/spool/exim4:/bin/false
|
||||
foo:x:1000:1000::/nonexistent:/bin/sh
|
||||
@@ -0,0 +1,19 @@
|
||||
root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
|
||||
daemon:*:12977:0:99999:7:::
|
||||
bin:*:12977:0:99999:7:::
|
||||
sys:*:12977:0:99999:7:::
|
||||
sync:*:12977:0:99999:7:::
|
||||
games:*:12977:0:99999:7:::
|
||||
man:*:12977:0:99999:7:::
|
||||
lp:*:12977:0:99999:7:::
|
||||
mail:*:12977:0:99999:7:::
|
||||
news:*:12977:0:99999:7:::
|
||||
uucp:*:12977:0:99999:7:::
|
||||
proxy:*:12977:0:99999:7:::
|
||||
www-data:*:12977:0:99999:7:::
|
||||
backup:*:12977:0:99999:7:::
|
||||
list:*:12977:0:99999:7:::
|
||||
irc:*:12977:0:99999:7:::
|
||||
gnats:*:12977:0:99999:7:::
|
||||
nobody:*:12977:0:99999:7:::
|
||||
Debian-exim:!:12977:0:99999:7:::
|
||||
@@ -0,0 +1,12 @@
|
||||
chpasswd: unsupported crypt method: SHA513
|
||||
Usage: chpasswd [options]
|
||||
|
||||
Options:
|
||||
-c, --crypt-method <METHOD> the crypt method (one of NONE DES MD5 SHA256 SHA512)
|
||||
-e, --encrypted supplied passwords are encrypted
|
||||
-h, --help display this help message and exit
|
||||
-m, --md5 encrypt the clear text password using
|
||||
the MD5 algorithm
|
||||
-s, --sha-rounds number of SHA rounds for the SHA*
|
||||
crypt algorithms
|
||||
|
||||
@@ -0,0 +1,40 @@
|
||||
#!/bin/sh
|
||||
|
||||
set -e
|
||||
|
||||
cd $(dirname $0)
|
||||
|
||||
. ../../../common/config.sh
|
||||
. ../../../common/log.sh
|
||||
|
||||
log_start "$0" "chpasswd can use encrypted password"
|
||||
|
||||
save_config
|
||||
|
||||
# restore the files on exit
|
||||
trap 'log_status "$0" "FAILURE"; restore_config' 0
|
||||
|
||||
change_config
|
||||
|
||||
echo -n "Change nobody and lp's password (chpasswd -e)..."
|
||||
echo 'nobody:test
|
||||
lp:test2' | chpasswd -e
|
||||
echo "OK"
|
||||
|
||||
echo -n "Check the passwd file..."
|
||||
../../../common/compare_file.pl config/etc/passwd /etc/passwd
|
||||
echo "OK"
|
||||
echo -n "Check the group file..."
|
||||
../../../common/compare_file.pl config/etc/group /etc/group
|
||||
echo "OK"
|
||||
echo -n "Check the shadow file..."
|
||||
../../../common/compare_file.pl data/shadow /etc/shadow
|
||||
echo "OK"
|
||||
echo -n "Check the gshadow file..."
|
||||
../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
|
||||
echo "OK"
|
||||
|
||||
log_status "$0" "SUCCESS"
|
||||
restore_config
|
||||
trap '' 0
|
||||
|
||||
@@ -0,0 +1,41 @@
|
||||
root:x:0:
|
||||
daemon:x:1:
|
||||
bin:x:2:
|
||||
sys:x:3:
|
||||
adm:x:4:
|
||||
tty:x:5:
|
||||
disk:x:6:
|
||||
lp:x:7:
|
||||
mail:x:8:
|
||||
news:x:9:
|
||||
uucp:x:10:
|
||||
man:x:12:
|
||||
proxy:x:13:
|
||||
kmem:x:15:
|
||||
dialout:x:20:
|
||||
fax:x:21:
|
||||
voice:x:22:
|
||||
cdrom:x:24:
|
||||
floppy:x:25:
|
||||
tape:x:26:
|
||||
sudo:x:27:
|
||||
audio:x:29:
|
||||
dip:x:30:
|
||||
www-data:x:33:
|
||||
backup:x:34:
|
||||
operator:x:37:
|
||||
list:x:38:
|
||||
irc:x:39:
|
||||
src:x:40:
|
||||
gnats:x:41:
|
||||
shadow:x:42:
|
||||
utmp:x:43:
|
||||
video:x:44:
|
||||
sasl:x:45:
|
||||
plugdev:x:46:
|
||||
staff:x:50:
|
||||
games:x:60:
|
||||
users:x:100:
|
||||
nogroup:x:65534:
|
||||
crontab:x:101:
|
||||
Debian-exim:x:102:
|
||||
@@ -0,0 +1,41 @@
|
||||
root:*::
|
||||
daemon:*::
|
||||
bin:*::
|
||||
sys:*::
|
||||
adm:*::
|
||||
tty:*::
|
||||
disk:*::
|
||||
lp:*::
|
||||
mail:*::
|
||||
news:*::
|
||||
uucp:*::
|
||||
man:*::
|
||||
proxy:*::
|
||||
kmem:*::
|
||||
dialout:*::
|
||||
fax:*::
|
||||
voice:*::
|
||||
cdrom:*::
|
||||
floppy:*::
|
||||
tape:*::
|
||||
sudo:*::
|
||||
audio:*::
|
||||
dip:*::
|
||||
www-data:*::
|
||||
backup:*::
|
||||
operator:*::
|
||||
list:*::
|
||||
irc:*::
|
||||
src:*::
|
||||
gnats:*::
|
||||
shadow:*::
|
||||
utmp:*::
|
||||
video:*::
|
||||
sasl:*::
|
||||
plugdev:*::
|
||||
staff:*::
|
||||
games:*::
|
||||
users:*::
|
||||
nogroup:*::
|
||||
crontab:x::
|
||||
Debian-exim:x::
|
||||
@@ -0,0 +1,6 @@
|
||||
#
|
||||
# The PAM configuration file for the Shadow `chpasswd' service
|
||||
#
|
||||
|
||||
@include common-password
|
||||
|
||||
+33
@@ -0,0 +1,33 @@
|
||||
#
|
||||
# /etc/pam.d/common-password - password-related modules common to all services
|
||||
#
|
||||
# This file is included from other service-specific PAM config files,
|
||||
# and should contain a list of modules that define the services to be
|
||||
# used to change user passwords. The default is pam_unix.
|
||||
|
||||
# Explanation of pam_unix options:
|
||||
#
|
||||
# The "md5" option enables MD5 passwords. Without this option, the
|
||||
# default is Unix crypt.
|
||||
#
|
||||
# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
|
||||
# login.defs.
|
||||
#
|
||||
# See the pam_unix manpage for other options.
|
||||
|
||||
# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
|
||||
# To take advantage of this, it is recommended that you configure any
|
||||
# local modules either before or after the default block, and use
|
||||
# pam-auth-update to manage selection of other modules. See
|
||||
# pam-auth-update(8) for details.
|
||||
|
||||
# here are the per-package modules (the "Primary" block)
|
||||
password [success=1 default=ignore] pam_unix.so obscure
|
||||
# here's the fallback if no module succeeds
|
||||
password requisite pam_deny.so
|
||||
# prime the stack with a positive return value if there isn't one already;
|
||||
# this avoids us returning an error just because nothing sets a success code
|
||||
# since the modules above will each just jump around
|
||||
password required pam_permit.so
|
||||
# and here are more per-package modules (the "Additional" block)
|
||||
# end of pam-auth-update config
|
||||
@@ -0,0 +1,19 @@
|
||||
root:x:0:0:root:/root:/bin/bash
|
||||
daemon:x:1:1:daemon:/usr/sbin:/bin/sh
|
||||
bin:x:2:2:bin:/bin:/bin/sh
|
||||
sys:x:3:3:sys:/dev:/bin/sh
|
||||
sync:x:4:65534:sync:/bin:/bin/sync
|
||||
games:x:5:60:games:/usr/games:/bin/sh
|
||||
man:x:6:12:man:/var/cache/man:/bin/sh
|
||||
lp:x:7:7:lp:/var/spool/lpd:/bin/sh
|
||||
mail:x:8:8:mail:/var/mail:/bin/sh
|
||||
news:x:9:9:news:/var/spool/news:/bin/sh
|
||||
uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
|
||||
proxy:x:13:13:proxy:/bin:/bin/sh
|
||||
www-data:x:33:33:www-data:/var/www:/bin/sh
|
||||
backup:x:34:34:backup:/var/backups:/bin/sh
|
||||
list:x:38:38:Mailing List Manager:/var/list:/bin/sh
|
||||
irc:x:39:39:ircd:/var/run/ircd:/bin/sh
|
||||
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
|
||||
nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
|
||||
Debian-exim:x:102:102::/var/spool/exim4:/bin/false
|
||||
@@ -0,0 +1,19 @@
|
||||
root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
|
||||
daemon:*:12977:0:99999:7:::
|
||||
bin:*:12977:0:99999:7:::
|
||||
sys:*:12977:0:99999:7:::
|
||||
sync:*:12977:0:99999:7:::
|
||||
games:*:12977:0:99999:7:::
|
||||
man:*:12977:0:99999:7:::
|
||||
lp:*:12977:0:99999:7:::
|
||||
mail:*:12977:0:99999:7:::
|
||||
news:*:12977:0:99999:7:::
|
||||
uucp:*:12977:0:99999:7:::
|
||||
proxy:*:12977:0:99999:7:::
|
||||
www-data:*:12977:0:99999:7:::
|
||||
backup:*:12977:0:99999:7:::
|
||||
list:*:12977:0:99999:7:::
|
||||
irc:*:12977:0:99999:7:::
|
||||
gnats:*:12977:0:99999:7:::
|
||||
nobody:*:12977:0:99999:7:::
|
||||
Debian-exim:!:12977:0:99999:7:::
|
||||
@@ -0,0 +1,19 @@
|
||||
root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
|
||||
daemon:*:12977:0:99999:7:::
|
||||
bin:*:12977:0:99999:7:::
|
||||
sys:*:12977:0:99999:7:::
|
||||
sync:*:12977:0:99999:7:::
|
||||
games:*:12977:0:99999:7:::
|
||||
man:*:12977:0:99999:7:::
|
||||
lp:test2:@TODAY@:0:99999:7:::
|
||||
mail:*:12977:0:99999:7:::
|
||||
news:*:12977:0:99999:7:::
|
||||
uucp:*:12977:0:99999:7:::
|
||||
proxy:*:12977:0:99999:7:::
|
||||
www-data:*:12977:0:99999:7:::
|
||||
backup:*:12977:0:99999:7:::
|
||||
list:*:12977:0:99999:7:::
|
||||
irc:*:12977:0:99999:7:::
|
||||
gnats:*:12977:0:99999:7:::
|
||||
nobody:test:@TODAY@:0:99999:7:::
|
||||
Debian-exim:!:12977:0:99999:7:::
|
||||
@@ -0,0 +1,40 @@
|
||||
#!/bin/sh
|
||||
|
||||
set -e
|
||||
|
||||
cd $(dirname $0)
|
||||
|
||||
. ../../../common/config.sh
|
||||
. ../../../common/log.sh
|
||||
|
||||
log_start "$0" "chpasswd can use create md5 passwords"
|
||||
|
||||
save_config
|
||||
|
||||
# restore the files on exit
|
||||
trap 'log_status "$0" "FAILURE"; restore_config' 0
|
||||
|
||||
change_config
|
||||
|
||||
echo -n "Change nobody and lp's password (chpasswd --md5)..."
|
||||
echo 'nobody:test
|
||||
lp:test2' | chpasswd --md5
|
||||
echo "OK"
|
||||
|
||||
echo -n "Check the passwd file..."
|
||||
../../../common/compare_file.pl config/etc/passwd /etc/passwd
|
||||
echo "OK"
|
||||
echo -n "Check the group file..."
|
||||
../../../common/compare_file.pl config/etc/group /etc/group
|
||||
echo "OK"
|
||||
echo -n "Check the shadow file..."
|
||||
../../../common/compare_file.pl data/shadow /etc/shadow
|
||||
echo "OK"
|
||||
echo -n "Check the gshadow file..."
|
||||
../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
|
||||
echo "OK"
|
||||
|
||||
log_status "$0" "SUCCESS"
|
||||
restore_config
|
||||
trap '' 0
|
||||
|
||||
@@ -0,0 +1,41 @@
|
||||
root:x:0:
|
||||
daemon:x:1:
|
||||
bin:x:2:
|
||||
sys:x:3:
|
||||
adm:x:4:
|
||||
tty:x:5:
|
||||
disk:x:6:
|
||||
lp:x:7:
|
||||
mail:x:8:
|
||||
news:x:9:
|
||||
uucp:x:10:
|
||||
man:x:12:
|
||||
proxy:x:13:
|
||||
kmem:x:15:
|
||||
dialout:x:20:
|
||||
fax:x:21:
|
||||
voice:x:22:
|
||||
cdrom:x:24:
|
||||
floppy:x:25:
|
||||
tape:x:26:
|
||||
sudo:x:27:
|
||||
audio:x:29:
|
||||
dip:x:30:
|
||||
www-data:x:33:
|
||||
backup:x:34:
|
||||
operator:x:37:
|
||||
list:x:38:
|
||||
irc:x:39:
|
||||
src:x:40:
|
||||
gnats:x:41:
|
||||
shadow:x:42:
|
||||
utmp:x:43:
|
||||
video:x:44:
|
||||
sasl:x:45:
|
||||
plugdev:x:46:
|
||||
staff:x:50:
|
||||
games:x:60:
|
||||
users:x:100:
|
||||
nogroup:x:65534:
|
||||
crontab:x:101:
|
||||
Debian-exim:x:102:
|
||||
@@ -0,0 +1,41 @@
|
||||
root:*::
|
||||
daemon:*::
|
||||
bin:*::
|
||||
sys:*::
|
||||
adm:*::
|
||||
tty:*::
|
||||
disk:*::
|
||||
lp:*::
|
||||
mail:*::
|
||||
news:*::
|
||||
uucp:*::
|
||||
man:*::
|
||||
proxy:*::
|
||||
kmem:*::
|
||||
dialout:*::
|
||||
fax:*::
|
||||
voice:*::
|
||||
cdrom:*::
|
||||
floppy:*::
|
||||
tape:*::
|
||||
sudo:*::
|
||||
audio:*::
|
||||
dip:*::
|
||||
www-data:*::
|
||||
backup:*::
|
||||
operator:*::
|
||||
list:*::
|
||||
irc:*::
|
||||
src:*::
|
||||
gnats:*::
|
||||
shadow:*::
|
||||
utmp:*::
|
||||
video:*::
|
||||
sasl:*::
|
||||
plugdev:*::
|
||||
staff:*::
|
||||
games:*::
|
||||
users:*::
|
||||
nogroup:*::
|
||||
crontab:x::
|
||||
Debian-exim:x::
|
||||
@@ -0,0 +1,6 @@
|
||||
#
|
||||
# The PAM configuration file for the Shadow `chpasswd' service
|
||||
#
|
||||
|
||||
@include common-password
|
||||
|
||||
+33
@@ -0,0 +1,33 @@
|
||||
#
|
||||
# /etc/pam.d/common-password - password-related modules common to all services
|
||||
#
|
||||
# This file is included from other service-specific PAM config files,
|
||||
# and should contain a list of modules that define the services to be
|
||||
# used to change user passwords. The default is pam_unix.
|
||||
|
||||
# Explanation of pam_unix options:
|
||||
#
|
||||
# The "md5" option enables MD5 passwords. Without this option, the
|
||||
# default is Unix crypt.
|
||||
#
|
||||
# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
|
||||
# login.defs.
|
||||
#
|
||||
# See the pam_unix manpage for other options.
|
||||
|
||||
# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
|
||||
# To take advantage of this, it is recommended that you configure any
|
||||
# local modules either before or after the default block, and use
|
||||
# pam-auth-update to manage selection of other modules. See
|
||||
# pam-auth-update(8) for details.
|
||||
|
||||
# here are the per-package modules (the "Primary" block)
|
||||
password [success=1 default=ignore] pam_unix.so obscure
|
||||
# here's the fallback if no module succeeds
|
||||
password requisite pam_deny.so
|
||||
# prime the stack with a positive return value if there isn't one already;
|
||||
# this avoids us returning an error just because nothing sets a success code
|
||||
# since the modules above will each just jump around
|
||||
password required pam_permit.so
|
||||
# and here are more per-package modules (the "Additional" block)
|
||||
# end of pam-auth-update config
|
||||
@@ -0,0 +1,19 @@
|
||||
root:x:0:0:root:/root:/bin/bash
|
||||
daemon:x:1:1:daemon:/usr/sbin:/bin/sh
|
||||
bin:x:2:2:bin:/bin:/bin/sh
|
||||
sys:x:3:3:sys:/dev:/bin/sh
|
||||
sync:x:4:65534:sync:/bin:/bin/sync
|
||||
games:x:5:60:games:/usr/games:/bin/sh
|
||||
man:x:6:12:man:/var/cache/man:/bin/sh
|
||||
lp:x:7:7:lp:/var/spool/lpd:/bin/sh
|
||||
mail:x:8:8:mail:/var/mail:/bin/sh
|
||||
news:x:9:9:news:/var/spool/news:/bin/sh
|
||||
uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
|
||||
proxy:x:13:13:proxy:/bin:/bin/sh
|
||||
www-data:x:33:33:www-data:/var/www:/bin/sh
|
||||
backup:x:34:34:backup:/var/backups:/bin/sh
|
||||
list:x:38:38:Mailing List Manager:/var/list:/bin/sh
|
||||
irc:x:39:39:ircd:/var/run/ircd:/bin/sh
|
||||
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
|
||||
nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
|
||||
Debian-exim:x:102:102::/var/spool/exim4:/bin/false
|
||||
@@ -0,0 +1,19 @@
|
||||
root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
|
||||
daemon:*:12977:0:99999:7:::
|
||||
bin:*:12977:0:99999:7:::
|
||||
sys:*:12977:0:99999:7:::
|
||||
sync:*:12977:0:99999:7:::
|
||||
games:*:12977:0:99999:7:::
|
||||
man:*:12977:0:99999:7:::
|
||||
lp:*:12977:0:99999:7:::
|
||||
mail:*:12977:0:99999:7:::
|
||||
news:*:12977:0:99999:7:::
|
||||
uucp:*:12977:0:99999:7:::
|
||||
proxy:*:12977:0:99999:7:::
|
||||
www-data:*:12977:0:99999:7:::
|
||||
backup:*:12977:0:99999:7:::
|
||||
list:*:12977:0:99999:7:::
|
||||
irc:*:12977:0:99999:7:::
|
||||
gnats:*:12977:0:99999:7:::
|
||||
nobody:*:12977:0:99999:7:::
|
||||
Debian-exim:!:12977:0:99999:7:::
|
||||
@@ -0,0 +1,19 @@
|
||||
root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
|
||||
daemon:*:12977:0:99999:7:::
|
||||
bin:*:12977:0:99999:7:::
|
||||
sys:*:12977:0:99999:7:::
|
||||
sync:*:12977:0:99999:7:::
|
||||
games:*:12977:0:99999:7:::
|
||||
man:*:12977:0:99999:7:::
|
||||
lp:@PASS_MD5 test2@:@TODAY@:0:99999:7:::
|
||||
mail:*:12977:0:99999:7:::
|
||||
news:*:12977:0:99999:7:::
|
||||
uucp:*:12977:0:99999:7:::
|
||||
proxy:*:12977:0:99999:7:::
|
||||
www-data:*:12977:0:99999:7:::
|
||||
backup:*:12977:0:99999:7:::
|
||||
list:*:12977:0:99999:7:::
|
||||
irc:*:12977:0:99999:7:::
|
||||
gnats:*:12977:0:99999:7:::
|
||||
nobody:@PASS_MD5 test@:@TODAY@:0:99999:7:::
|
||||
Debian-exim:!:12977:0:99999:7:::
|
||||
@@ -0,0 +1,40 @@
|
||||
#!/bin/sh
|
||||
|
||||
set -e
|
||||
|
||||
cd $(dirname $0)
|
||||
|
||||
. ../../../common/config.sh
|
||||
. ../../../common/log.sh
|
||||
|
||||
log_start "$0" "chpasswd can use encrypted passwords"
|
||||
|
||||
save_config
|
||||
|
||||
# restore the files on exit
|
||||
trap 'log_status "$0" "FAILURE"; restore_config' 0
|
||||
|
||||
change_config
|
||||
|
||||
echo -n "Change nobody and lp's password (chpasswd -c NONE)..."
|
||||
echo 'nobody:test
|
||||
lp:test2' | chpasswd -c NONE
|
||||
echo "OK"
|
||||
|
||||
echo -n "Check the passwd file..."
|
||||
../../../common/compare_file.pl config/etc/passwd /etc/passwd
|
||||
echo "OK"
|
||||
echo -n "Check the group file..."
|
||||
../../../common/compare_file.pl config/etc/group /etc/group
|
||||
echo "OK"
|
||||
echo -n "Check the shadow file..."
|
||||
../../../common/compare_file.pl data/shadow /etc/shadow
|
||||
echo "OK"
|
||||
echo -n "Check the gshadow file..."
|
||||
../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
|
||||
echo "OK"
|
||||
|
||||
log_status "$0" "SUCCESS"
|
||||
restore_config
|
||||
trap '' 0
|
||||
|
||||
@@ -0,0 +1,41 @@
|
||||
root:x:0:
|
||||
daemon:x:1:
|
||||
bin:x:2:
|
||||
sys:x:3:
|
||||
adm:x:4:
|
||||
tty:x:5:
|
||||
disk:x:6:
|
||||
lp:x:7:
|
||||
mail:x:8:
|
||||
news:x:9:
|
||||
uucp:x:10:
|
||||
man:x:12:
|
||||
proxy:x:13:
|
||||
kmem:x:15:
|
||||
dialout:x:20:
|
||||
fax:x:21:
|
||||
voice:x:22:
|
||||
cdrom:x:24:
|
||||
floppy:x:25:
|
||||
tape:x:26:
|
||||
sudo:x:27:
|
||||
audio:x:29:
|
||||
dip:x:30:
|
||||
www-data:x:33:
|
||||
backup:x:34:
|
||||
operator:x:37:
|
||||
list:x:38:
|
||||
irc:x:39:
|
||||
src:x:40:
|
||||
gnats:x:41:
|
||||
shadow:x:42:
|
||||
utmp:x:43:
|
||||
video:x:44:
|
||||
sasl:x:45:
|
||||
plugdev:x:46:
|
||||
staff:x:50:
|
||||
games:x:60:
|
||||
users:x:100:
|
||||
nogroup:x:65534:
|
||||
crontab:x:101:
|
||||
Debian-exim:x:102:
|
||||
@@ -0,0 +1,41 @@
|
||||
root:*::
|
||||
daemon:*::
|
||||
bin:*::
|
||||
sys:*::
|
||||
adm:*::
|
||||
tty:*::
|
||||
disk:*::
|
||||
lp:*::
|
||||
mail:*::
|
||||
news:*::
|
||||
uucp:*::
|
||||
man:*::
|
||||
proxy:*::
|
||||
kmem:*::
|
||||
dialout:*::
|
||||
fax:*::
|
||||
voice:*::
|
||||
cdrom:*::
|
||||
floppy:*::
|
||||
tape:*::
|
||||
sudo:*::
|
||||
audio:*::
|
||||
dip:*::
|
||||
www-data:*::
|
||||
backup:*::
|
||||
operator:*::
|
||||
list:*::
|
||||
irc:*::
|
||||
src:*::
|
||||
gnats:*::
|
||||
shadow:*::
|
||||
utmp:*::
|
||||
video:*::
|
||||
sasl:*::
|
||||
plugdev:*::
|
||||
staff:*::
|
||||
games:*::
|
||||
users:*::
|
||||
nogroup:*::
|
||||
crontab:x::
|
||||
Debian-exim:x::
|
||||
@@ -0,0 +1,6 @@
|
||||
#
|
||||
# The PAM configuration file for the Shadow `chpasswd' service
|
||||
#
|
||||
|
||||
@include common-password
|
||||
|
||||
+33
@@ -0,0 +1,33 @@
|
||||
#
|
||||
# /etc/pam.d/common-password - password-related modules common to all services
|
||||
#
|
||||
# This file is included from other service-specific PAM config files,
|
||||
# and should contain a list of modules that define the services to be
|
||||
# used to change user passwords. The default is pam_unix.
|
||||
|
||||
# Explanation of pam_unix options:
|
||||
#
|
||||
# The "md5" option enables MD5 passwords. Without this option, the
|
||||
# default is Unix crypt.
|
||||
#
|
||||
# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
|
||||
# login.defs.
|
||||
#
|
||||
# See the pam_unix manpage for other options.
|
||||
|
||||
# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
|
||||
# To take advantage of this, it is recommended that you configure any
|
||||
# local modules either before or after the default block, and use
|
||||
# pam-auth-update to manage selection of other modules. See
|
||||
# pam-auth-update(8) for details.
|
||||
|
||||
# here are the per-package modules (the "Primary" block)
|
||||
password [success=1 default=ignore] pam_unix.so obscure
|
||||
# here's the fallback if no module succeeds
|
||||
password requisite pam_deny.so
|
||||
# prime the stack with a positive return value if there isn't one already;
|
||||
# this avoids us returning an error just because nothing sets a success code
|
||||
# since the modules above will each just jump around
|
||||
password required pam_permit.so
|
||||
# and here are more per-package modules (the "Additional" block)
|
||||
# end of pam-auth-update config
|
||||
@@ -0,0 +1,19 @@
|
||||
root:x:0:0:root:/root:/bin/bash
|
||||
daemon:x:1:1:daemon:/usr/sbin:/bin/sh
|
||||
bin:x:2:2:bin:/bin:/bin/sh
|
||||
sys:x:3:3:sys:/dev:/bin/sh
|
||||
sync:x:4:65534:sync:/bin:/bin/sync
|
||||
games:x:5:60:games:/usr/games:/bin/sh
|
||||
man:x:6:12:man:/var/cache/man:/bin/sh
|
||||
lp:x:7:7:lp:/var/spool/lpd:/bin/sh
|
||||
mail:x:8:8:mail:/var/mail:/bin/sh
|
||||
news:x:9:9:news:/var/spool/news:/bin/sh
|
||||
uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
|
||||
proxy:x:13:13:proxy:/bin:/bin/sh
|
||||
www-data:x:33:33:www-data:/var/www:/bin/sh
|
||||
backup:x:34:34:backup:/var/backups:/bin/sh
|
||||
list:x:38:38:Mailing List Manager:/var/list:/bin/sh
|
||||
irc:x:39:39:ircd:/var/run/ircd:/bin/sh
|
||||
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
|
||||
nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
|
||||
Debian-exim:x:102:102::/var/spool/exim4:/bin/false
|
||||
@@ -0,0 +1,19 @@
|
||||
root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
|
||||
daemon:*:12977:0:99999:7:::
|
||||
bin:*:12977:0:99999:7:::
|
||||
sys:*:12977:0:99999:7:::
|
||||
sync:*:12977:0:99999:7:::
|
||||
games:*:12977:0:99999:7:::
|
||||
man:*:12977:0:99999:7:::
|
||||
lp:*:12977:0:99999:7:::
|
||||
mail:*:12977:0:99999:7:::
|
||||
news:*:12977:0:99999:7:::
|
||||
uucp:*:12977:0:99999:7:::
|
||||
proxy:*:12977:0:99999:7:::
|
||||
www-data:*:12977:0:99999:7:::
|
||||
backup:*:12977:0:99999:7:::
|
||||
list:*:12977:0:99999:7:::
|
||||
irc:*:12977:0:99999:7:::
|
||||
gnats:*:12977:0:99999:7:::
|
||||
nobody:*:12977:0:99999:7:::
|
||||
Debian-exim:!:12977:0:99999:7:::
|
||||
@@ -0,0 +1,19 @@
|
||||
root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
|
||||
daemon:*:12977:0:99999:7:::
|
||||
bin:*:12977:0:99999:7:::
|
||||
sys:*:12977:0:99999:7:::
|
||||
sync:*:12977:0:99999:7:::
|
||||
games:*:12977:0:99999:7:::
|
||||
man:*:12977:0:99999:7:::
|
||||
lp:test2:@TODAY@:0:99999:7:::
|
||||
mail:*:12977:0:99999:7:::
|
||||
news:*:12977:0:99999:7:::
|
||||
uucp:*:12977:0:99999:7:::
|
||||
proxy:*:12977:0:99999:7:::
|
||||
www-data:*:12977:0:99999:7:::
|
||||
backup:*:12977:0:99999:7:::
|
||||
list:*:12977:0:99999:7:::
|
||||
irc:*:12977:0:99999:7:::
|
||||
gnats:*:12977:0:99999:7:::
|
||||
nobody:test:@TODAY@:0:99999:7:::
|
||||
Debian-exim:!:12977:0:99999:7:::
|
||||
@@ -0,0 +1,40 @@
|
||||
#!/bin/sh
|
||||
|
||||
set -e
|
||||
|
||||
cd $(dirname $0)
|
||||
|
||||
. ../../../common/config.sh
|
||||
. ../../../common/log.sh
|
||||
|
||||
log_start "$0" "chpasswd can use create MD5 passwords"
|
||||
|
||||
save_config
|
||||
|
||||
# restore the files on exit
|
||||
trap 'log_status "$0" "FAILURE"; restore_config' 0
|
||||
|
||||
change_config
|
||||
|
||||
echo -n "Change nobody and lp's password (chpasswd --crypt-method MD5)..."
|
||||
echo 'nobody:test
|
||||
lp:test2' | chpasswd --crypt-method MD5
|
||||
echo "OK"
|
||||
|
||||
echo -n "Check the passwd file..."
|
||||
../../../common/compare_file.pl config/etc/passwd /etc/passwd
|
||||
echo "OK"
|
||||
echo -n "Check the group file..."
|
||||
../../../common/compare_file.pl config/etc/group /etc/group
|
||||
echo "OK"
|
||||
echo -n "Check the shadow file..."
|
||||
../../../common/compare_file.pl data/shadow /etc/shadow
|
||||
echo "OK"
|
||||
echo -n "Check the gshadow file..."
|
||||
../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
|
||||
echo "OK"
|
||||
|
||||
log_status "$0" "SUCCESS"
|
||||
restore_config
|
||||
trap '' 0
|
||||
|
||||
@@ -0,0 +1,41 @@
|
||||
root:x:0:
|
||||
daemon:x:1:
|
||||
bin:x:2:
|
||||
sys:x:3:
|
||||
adm:x:4:
|
||||
tty:x:5:
|
||||
disk:x:6:
|
||||
lp:x:7:
|
||||
mail:x:8:
|
||||
news:x:9:
|
||||
uucp:x:10:
|
||||
man:x:12:
|
||||
proxy:x:13:
|
||||
kmem:x:15:
|
||||
dialout:x:20:
|
||||
fax:x:21:
|
||||
voice:x:22:
|
||||
cdrom:x:24:
|
||||
floppy:x:25:
|
||||
tape:x:26:
|
||||
sudo:x:27:
|
||||
audio:x:29:
|
||||
dip:x:30:
|
||||
www-data:x:33:
|
||||
backup:x:34:
|
||||
operator:x:37:
|
||||
list:x:38:
|
||||
irc:x:39:
|
||||
src:x:40:
|
||||
gnats:x:41:
|
||||
shadow:x:42:
|
||||
utmp:x:43:
|
||||
video:x:44:
|
||||
sasl:x:45:
|
||||
plugdev:x:46:
|
||||
staff:x:50:
|
||||
games:x:60:
|
||||
users:x:100:
|
||||
nogroup:x:65534:
|
||||
crontab:x:101:
|
||||
Debian-exim:x:102:
|
||||
@@ -0,0 +1,41 @@
|
||||
root:*::
|
||||
daemon:*::
|
||||
bin:*::
|
||||
sys:*::
|
||||
adm:*::
|
||||
tty:*::
|
||||
disk:*::
|
||||
lp:*::
|
||||
mail:*::
|
||||
news:*::
|
||||
uucp:*::
|
||||
man:*::
|
||||
proxy:*::
|
||||
kmem:*::
|
||||
dialout:*::
|
||||
fax:*::
|
||||
voice:*::
|
||||
cdrom:*::
|
||||
floppy:*::
|
||||
tape:*::
|
||||
sudo:*::
|
||||
audio:*::
|
||||
dip:*::
|
||||
www-data:*::
|
||||
backup:*::
|
||||
operator:*::
|
||||
list:*::
|
||||
irc:*::
|
||||
src:*::
|
||||
gnats:*::
|
||||
shadow:*::
|
||||
utmp:*::
|
||||
video:*::
|
||||
sasl:*::
|
||||
plugdev:*::
|
||||
staff:*::
|
||||
games:*::
|
||||
users:*::
|
||||
nogroup:*::
|
||||
crontab:x::
|
||||
Debian-exim:x::
|
||||
@@ -0,0 +1,6 @@
|
||||
#
|
||||
# The PAM configuration file for the Shadow `chpasswd' service
|
||||
#
|
||||
|
||||
@include common-password
|
||||
|
||||
+33
@@ -0,0 +1,33 @@
|
||||
#
|
||||
# /etc/pam.d/common-password - password-related modules common to all services
|
||||
#
|
||||
# This file is included from other service-specific PAM config files,
|
||||
# and should contain a list of modules that define the services to be
|
||||
# used to change user passwords. The default is pam_unix.
|
||||
|
||||
# Explanation of pam_unix options:
|
||||
#
|
||||
# The "md5" option enables MD5 passwords. Without this option, the
|
||||
# default is Unix crypt.
|
||||
#
|
||||
# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
|
||||
# login.defs.
|
||||
#
|
||||
# See the pam_unix manpage for other options.
|
||||
|
||||
# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
|
||||
# To take advantage of this, it is recommended that you configure any
|
||||
# local modules either before or after the default block, and use
|
||||
# pam-auth-update to manage selection of other modules. See
|
||||
# pam-auth-update(8) for details.
|
||||
|
||||
# here are the per-package modules (the "Primary" block)
|
||||
password [success=1 default=ignore] pam_unix.so obscure
|
||||
# here's the fallback if no module succeeds
|
||||
password requisite pam_deny.so
|
||||
# prime the stack with a positive return value if there isn't one already;
|
||||
# this avoids us returning an error just because nothing sets a success code
|
||||
# since the modules above will each just jump around
|
||||
password required pam_permit.so
|
||||
# and here are more per-package modules (the "Additional" block)
|
||||
# end of pam-auth-update config
|
||||
@@ -0,0 +1,19 @@
|
||||
root:x:0:0:root:/root:/bin/bash
|
||||
daemon:x:1:1:daemon:/usr/sbin:/bin/sh
|
||||
bin:x:2:2:bin:/bin:/bin/sh
|
||||
sys:x:3:3:sys:/dev:/bin/sh
|
||||
sync:x:4:65534:sync:/bin:/bin/sync
|
||||
games:x:5:60:games:/usr/games:/bin/sh
|
||||
man:x:6:12:man:/var/cache/man:/bin/sh
|
||||
lp:x:7:7:lp:/var/spool/lpd:/bin/sh
|
||||
mail:x:8:8:mail:/var/mail:/bin/sh
|
||||
news:x:9:9:news:/var/spool/news:/bin/sh
|
||||
uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
|
||||
proxy:x:13:13:proxy:/bin:/bin/sh
|
||||
www-data:x:33:33:www-data:/var/www:/bin/sh
|
||||
backup:x:34:34:backup:/var/backups:/bin/sh
|
||||
list:x:38:38:Mailing List Manager:/var/list:/bin/sh
|
||||
irc:x:39:39:ircd:/var/run/ircd:/bin/sh
|
||||
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
|
||||
nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
|
||||
Debian-exim:x:102:102::/var/spool/exim4:/bin/false
|
||||
@@ -0,0 +1,19 @@
|
||||
root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
|
||||
daemon:*:12977:0:99999:7:::
|
||||
bin:*:12977:0:99999:7:::
|
||||
sys:*:12977:0:99999:7:::
|
||||
sync:*:12977:0:99999:7:::
|
||||
games:*:12977:0:99999:7:::
|
||||
man:*:12977:0:99999:7:::
|
||||
lp:*:12977:0:99999:7:::
|
||||
mail:*:12977:0:99999:7:::
|
||||
news:*:12977:0:99999:7:::
|
||||
uucp:*:12977:0:99999:7:::
|
||||
proxy:*:12977:0:99999:7:::
|
||||
www-data:*:12977:0:99999:7:::
|
||||
backup:*:12977:0:99999:7:::
|
||||
list:*:12977:0:99999:7:::
|
||||
irc:*:12977:0:99999:7:::
|
||||
gnats:*:12977:0:99999:7:::
|
||||
nobody:*:12977:0:99999:7:::
|
||||
Debian-exim:!:12977:0:99999:7:::
|
||||
@@ -0,0 +1,19 @@
|
||||
root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
|
||||
daemon:*:12977:0:99999:7:::
|
||||
bin:*:12977:0:99999:7:::
|
||||
sys:*:12977:0:99999:7:::
|
||||
sync:*:12977:0:99999:7:::
|
||||
games:*:12977:0:99999:7:::
|
||||
man:*:12977:0:99999:7:::
|
||||
lp:@PASS_MD5 test2@:@TODAY@:0:99999:7:::
|
||||
mail:*:12977:0:99999:7:::
|
||||
news:*:12977:0:99999:7:::
|
||||
uucp:*:12977:0:99999:7:::
|
||||
proxy:*:12977:0:99999:7:::
|
||||
www-data:*:12977:0:99999:7:::
|
||||
backup:*:12977:0:99999:7:::
|
||||
list:*:12977:0:99999:7:::
|
||||
irc:*:12977:0:99999:7:::
|
||||
gnats:*:12977:0:99999:7:::
|
||||
nobody:@PASS_MD5 test@:@TODAY@:0:99999:7:::
|
||||
Debian-exim:!:12977:0:99999:7:::
|
||||
@@ -0,0 +1,40 @@
|
||||
#!/bin/sh
|
||||
|
||||
set -e
|
||||
|
||||
cd $(dirname $0)
|
||||
|
||||
. ../../../common/config.sh
|
||||
. ../../../common/log.sh
|
||||
|
||||
log_start "$0" "chpasswd can use create DES passwords"
|
||||
|
||||
save_config
|
||||
|
||||
# restore the files on exit
|
||||
trap 'log_status "$0" "FAILURE"; restore_config' 0
|
||||
|
||||
change_config
|
||||
|
||||
echo -n "Change nobody and lp's password (chpasswd --crypt-method DES)..."
|
||||
echo 'nobody:test
|
||||
lp:test2' | chpasswd --crypt-method DES
|
||||
echo "OK"
|
||||
|
||||
echo -n "Check the passwd file..."
|
||||
../../../common/compare_file.pl config/etc/passwd /etc/passwd
|
||||
echo "OK"
|
||||
echo -n "Check the group file..."
|
||||
../../../common/compare_file.pl config/etc/group /etc/group
|
||||
echo "OK"
|
||||
echo -n "Check the shadow file..."
|
||||
../../../common/compare_file.pl data/shadow /etc/shadow
|
||||
echo "OK"
|
||||
echo -n "Check the gshadow file..."
|
||||
../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
|
||||
echo "OK"
|
||||
|
||||
log_status "$0" "SUCCESS"
|
||||
restore_config
|
||||
trap '' 0
|
||||
|
||||
@@ -0,0 +1,41 @@
|
||||
root:x:0:
|
||||
daemon:x:1:
|
||||
bin:x:2:
|
||||
sys:x:3:
|
||||
adm:x:4:
|
||||
tty:x:5:
|
||||
disk:x:6:
|
||||
lp:x:7:
|
||||
mail:x:8:
|
||||
news:x:9:
|
||||
uucp:x:10:
|
||||
man:x:12:
|
||||
proxy:x:13:
|
||||
kmem:x:15:
|
||||
dialout:x:20:
|
||||
fax:x:21:
|
||||
voice:x:22:
|
||||
cdrom:x:24:
|
||||
floppy:x:25:
|
||||
tape:x:26:
|
||||
sudo:x:27:
|
||||
audio:x:29:
|
||||
dip:x:30:
|
||||
www-data:x:33:
|
||||
backup:x:34:
|
||||
operator:x:37:
|
||||
list:x:38:
|
||||
irc:x:39:
|
||||
src:x:40:
|
||||
gnats:x:41:
|
||||
shadow:x:42:
|
||||
utmp:x:43:
|
||||
video:x:44:
|
||||
sasl:x:45:
|
||||
plugdev:x:46:
|
||||
staff:x:50:
|
||||
games:x:60:
|
||||
users:x:100:
|
||||
nogroup:x:65534:
|
||||
crontab:x:101:
|
||||
Debian-exim:x:102:
|
||||
@@ -0,0 +1,41 @@
|
||||
root:*::
|
||||
daemon:*::
|
||||
bin:*::
|
||||
sys:*::
|
||||
adm:*::
|
||||
tty:*::
|
||||
disk:*::
|
||||
lp:*::
|
||||
mail:*::
|
||||
news:*::
|
||||
uucp:*::
|
||||
man:*::
|
||||
proxy:*::
|
||||
kmem:*::
|
||||
dialout:*::
|
||||
fax:*::
|
||||
voice:*::
|
||||
cdrom:*::
|
||||
floppy:*::
|
||||
tape:*::
|
||||
sudo:*::
|
||||
audio:*::
|
||||
dip:*::
|
||||
www-data:*::
|
||||
backup:*::
|
||||
operator:*::
|
||||
list:*::
|
||||
irc:*::
|
||||
src:*::
|
||||
gnats:*::
|
||||
shadow:*::
|
||||
utmp:*::
|
||||
video:*::
|
||||
sasl:*::
|
||||
plugdev:*::
|
||||
staff:*::
|
||||
games:*::
|
||||
users:*::
|
||||
nogroup:*::
|
||||
crontab:x::
|
||||
Debian-exim:x::
|
||||
@@ -0,0 +1,6 @@
|
||||
#
|
||||
# The PAM configuration file for the Shadow `chpasswd' service
|
||||
#
|
||||
|
||||
@include common-password
|
||||
|
||||
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user