VesperOS/shadow
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add 12 tests for gpasswd.

Browse Source
This commit is contained in:
nekral-guest
2011-09-23 17:46:57 +00:00
parent 2fcaf22140
commit 85f90d1aa2
90 changed files with 3450 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
tests/grouptools/gpasswd/61_gpasswd_usage/config.txt Normal file
View File

@@ -0,0 +1,10 @@
# no testsuite password
# root password: rootF00barbaz
# myuser password: myuserF00barbaz
user foo, in group users (only in /etc/group)
user foo, in group tty (only in /etc/gshadow)
user foo, in group floppy
user foo, admin of group disk
user foo, admin and member of group fax
user foo, admin and member of group cdrom (only in /etc/gshadow)

41
tests/grouptools/gpasswd/61_gpasswd_usage/config/etc/group Normal file
View File

@@ -0,0 +1,41 @@
root:x:0:
daemon:x:1:
bin:x:2:
sys:x:3:
adm:x:4:
tty:x:5:
disk:x:6:
lp:x:7:
mail:x:8:
news:x:9:
uucp:x:10:
man:x:12:
proxy:x:13:
kmem:x:15:
dialout:x:20:
fax:x:21:
voice:x:22:
cdrom:x:24:
floppy:x:25:
tape:x:26:
sudo:x:27:
audio:x:29:
dip:x:30:
www-data:x:33:
backup:x:34:
operator:x:37:
list:x:38:
irc:x:39:
src:x:40:
gnats:x:41:
shadow:x:42:
utmp:x:43:
video:x:44:
sasl:x:45:
plugdev:x:46:
staff:x:50:
games:x:60:
users:x:100:
nogroup:x:65534:
crontab:x:101:
Debian-exim:x:102:

41
tests/grouptools/gpasswd/61_gpasswd_usage/config/etc/gshadow Normal file
View File

@@ -0,0 +1,41 @@
root:*::
daemon:*::
bin:*::
sys:*::
adm:*::
tty:*::
disk:*::
lp:*::
mail:*::
news:*::
uucp:*::
man:*::
proxy:*::
kmem:*::
dialout:*::
fax:*::
voice:*::
cdrom:*::
floppy:*::
tape:*::
sudo:*::
audio:*::
dip:*::
www-data:*::
backup:*::
operator:*::
list:*::
irc:*::
src:*::
gnats:*::
shadow:*::
utmp:*::
video:*::
sasl:*::
plugdev:*::
staff:*::
games:*::
users:*::
nogroup:*::
crontab:x::
Debian-exim:x::

19
tests/grouptools/gpasswd/61_gpasswd_usage/config/etc/passwd Normal file
View File

@@ -0,0 +1,19 @@
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/bin/sh
bin:x:2:2:bin:/bin:/bin/sh
sys:x:3:3:sys:/dev:/bin/sh
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/bin/sh
man:x:6:12:man:/var/cache/man:/bin/sh
lp:x:7:7:lp:/var/spool/lpd:/bin/sh
mail:x:8:8:mail:/var/mail:/bin/sh
news:x:9:9:news:/var/spool/news:/bin/sh
uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
proxy:x:13:13:proxy:/bin:/bin/sh
www-data:x:33:33:www-data:/var/www:/bin/sh
backup:x:34:34:backup:/var/backups:/bin/sh
list:x:38:38:Mailing List Manager:/var/list:/bin/sh
irc:x:39:39:ircd:/var/run/ircd:/bin/sh
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
Debian-exim:x:102:102::/var/spool/exim4:/bin/false

19
tests/grouptools/gpasswd/61_gpasswd_usage/config/etc/shadow Normal file
View File

@@ -0,0 +1,19 @@
root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
daemon:*:12977:0:99999:7:::
bin:*:12977:0:99999:7:::
sys:*:12977:0:99999:7:::
sync:*:12977:0:99999:7:::
games:*:12977:0:99999:7:::
man:*:12977:0:99999:7:::
lp:*:12977:0:99999:7:::
mail:*:12977:0:99999:7:::
news:*:12977:0:99999:7:::
uucp:*:12977:0:99999:7:::
proxy:*:12977:0:99999:7:::
www-data:*:12977:0:99999:7:::
backup:*:12977:0:99999:7:::
list:*:12977:0:99999:7:::
irc:*:12977:0:99999:7:::
gnats:*:12977:0:99999:7:::
nobody:*:12977:0:99999:7:::
Debian-exim:!:12977:0:99999:7:::

12
tests/grouptools/gpasswd/61_gpasswd_usage/data/usage.out Normal file
View File

@@ -0,0 +1,12 @@
Usage: gpasswd [option] GROUP
Options:
-a, --add USER add USER to GROUP
-d, --delete USER remove USER from GROUP
-h, --help display this help message and exit
-r, --remove-password remove the GROUP's password
-R, --restrict restrict access to GROUP to its members
-M, --members USER,... set the list of members of GROUP
-A, --administrators ADMIN,...
set the list of administrators for GROUP
Except for the -A and -M options, the options cannot be combined.

49
tests/grouptools/gpasswd/61_gpasswd_usage/gpasswd.test Executable file
View File

@@ -0,0 +1,49 @@
#!/bin/sh
set -e
cd $(dirname $0)
. ../../../common/config.sh
. ../../../common/log.sh
log_start "$0" "gpasswd can display its usage message"
save_config
# restore the files on exit
trap 'log_status "$0" "FAILURE"; restore_config' 0
change_config
echo -n "Get gpasswd usage (gpasswd -h)..."
gpasswd -h >tmp/usage.out
echo "OK"
echo "gpasswd reported:"
echo "======================================================================="
cat tmp/usage.out
echo "======================================================================="
echo -n "Check the usage message..."
diff -au data/usage.out tmp/usage.out
echo "usage message OK."
rm -f tmp/usage.out
echo -n "Check the passwd file..."
../../../common/compare_file.pl config/etc/passwd /etc/passwd
echo "OK"
echo -n "Check the group file..."
../../../common/compare_file.pl config/etc/group /etc/group
echo "OK"
echo -n "Check the shadow file..."
../../../common/compare_file.pl config/etc/shadow /etc/shadow
echo "OK"
echo -n "Check the gshadow file..."
../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
echo "OK"
log_status "$0" "SUCCESS"
restore_config
trap '' 0

10
tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config.txt Normal file
View File

@@ -0,0 +1,10 @@
# no testsuite password
# root password: rootF00barbaz
# myuser password: myuserF00barbaz
user foo, in group users (only in /etc/group)
user foo, in group tty (only in /etc/gshadow)
user foo, in group floppy
user foo, admin of group disk
user foo, admin and member of group fax
user foo, admin and member of group cdrom (only in /etc/gshadow)

36
tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config/etc/default/useradd Normal file
View File

@@ -0,0 +1,36 @@
# Default values for useradd(8)
#
# The SHELL variable specifies the default login shell on your
# system.
# Similar to DHSELL in adduser. However, we use "sh" here because
# useradd is a low level utility and should be as general
# as possible
SHELL=/bin/foobar
#
# The default group for users
# 100=users on Debian systems
# Same as USERS_GID in adduser
# This argument is used when the -n flag is specified.
# The default behavior (when -n and -g are not specified) is to create a
# primary user group with the same name as the user being added to the
# system.
GROUP=10
#
# The default home directory. Same as DHOME for adduser
HOME=/tmp
#
# The number of days after a password expires until the account
# is permanently disabled
INACTIVE=12
#
# The default expire date
EXPIRE=2007-12-02
#
# The SKEL variable specifies the directory containing "skeletal" user
# files; in other words, files such as a sample .profile that will be
# copied to the new user's home directory when it is created.
# SKEL=/etc/skel
#
# Defines whether the mail spool should be created while
# creating the account
# CREATE_MAIL_SPOOL=yes

42
tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config/etc/group Normal file
View File

@@ -0,0 +1,42 @@
root:x:0:
daemon:x:1:
bin:x:2:
sys:x:3:root
adm:x:4:root,foo
tty:x:5:
disk:x:6:
lp:x:7:foo,root
mail:x:8:
news:x:9:
uucp:x:10:
man:x:12:
proxy:x:13:
kmem:x:15:
dialout:x:20:
fax:x:21:foo
voice:x:22:
cdrom:x:24:
floppy:x:25:foo
tape:x:26:
sudo:x:27:
audio:x:29:
dip:x:30:
www-data:x:33:
backup:x:34:
operator:x:37:
list:x:38:
irc:x:39:
src:x:40:
gnats:x:41:
shadow:x:42:
utmp:x:43:
video:x:44:
sasl:x:45:
plugdev:x:46:
staff:x:50:
games:x:60:
users:x:100:foo
nogroup:x:65534:
crontab:x:101:
Debian-exim:x:102:
foo:x:1000:

42
tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config/etc/gshadow Normal file
View File

@@ -0,0 +1,42 @@
root:*::
daemon:*::
bin:*::
sys:*::root
adm:*::root,foo
tty:*::foo
disk:*:foo:
lp:*::foo,root
mail:*::
news:*::
uucp:*::
man:*::
proxy:*::
kmem:*::
dialout:*::
fax:*:foo:foo
voice:*::
cdrom:*:foo:foo
floppy:*::foo
tape:*::
sudo:*::
audio:*::
dip:*::
www-data:*::
backup:*::
operator:*::
list:*::
irc:*::
src:*::
gnats:*::
shadow:*::
utmp:*::
video:*::
sasl:*::
plugdev:*::
staff:*::
games:*::
users:*::
nogroup:*::
crontab:x::
Debian-exim:x::
foo:*::

20
tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config/etc/passwd Normal file
View File

@@ -0,0 +1,20 @@
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/bin/sh
bin:x:2:2:bin:/bin:/bin/sh
sys:x:3:3:sys:/dev:/bin/sh
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/bin/sh
man:x:6:12:man:/var/cache/man:/bin/sh
lp:x:7:7:lp:/var/spool/lpd:/bin/sh
mail:x:8:8:mail:/var/mail:/bin/sh
news:x:9:9:news:/var/spool/news:/bin/sh
uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
proxy:x:13:13:proxy:/bin:/bin/sh
www-data:x:33:33:www-data:/var/www:/bin/sh
backup:x:34:34:backup:/var/backups:/bin/sh
list:x:38:38:Mailing List Manager:/var/list:/bin/sh
irc:x:39:39:ircd:/var/run/ircd:/bin/sh
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
Debian-exim:x:102:102::/var/spool/exim4:/bin/false
foo:x:1000:1000::/home/foo:/bin/false

20
tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config/etc/shadow Normal file
View File

@@ -0,0 +1,20 @@
root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
daemon:*:12977:0:99999:7:::
bin:*:12977:0:99999:7:::
sys:*:12977:0:99999:7:::
sync:*:12977:0:99999:7:::
games:*:12977:0:99999:7:::
man:*:12977:0:99999:7:::
lp:*:12977:0:99999:7:::
mail:*:12977:0:99999:7:::
news:*:12977:0:99999:7:::
uucp:*:12977:0:99999:7:::
proxy:*:12977:0:99999:7:::
www-data:*:12977:0:99999:7:::
backup:*:12977:0:99999:7:::
list:*:12977:0:99999:7:::
irc:*:12977:0:99999:7:::
gnats:*:12977:0:99999:7:::
nobody:*:12977:0:99999:7:::
Debian-exim:!:12977:0:99999:7:::
foo:!:12977:0:99999:7:::

1
tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/data/gpasswd.err Normal file
View File

@@ -0,0 +1 @@
gpasswd: user 'foooo' does not exist

54
tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/gpasswd.test Executable file
View File

@@ -0,0 +1,54 @@
#!/bin/sh
set -e
cd $(dirname $0)
. ../../../common/config.sh
. ../../../common/log.sh
log_start "$0" "gpasswd -A fails if an user does not exist"
save_config
# restore the files on exit
trap 'log_status "$0" "FAILURE"; restore_config' 0
change_config
echo -n "Set admins of users to root,foooo,bin (gpasswd -A root,foooo,bin users)..."
gpasswd -A root,foooo,bin users 2>tmp/gpasswd.err && exit 1 || {
status=$?
}
echo "OK"
echo -n "Check returned status ($status)..."
test "$status" = "3" # E_BAD_ARG
echo "OK"
echo "gpasswd reported:"
echo "======================================================================="
cat tmp/gpasswd.err
echo "======================================================================="
echo -n "Check that there were a failure message..."
diff -au data/gpasswd.err tmp/gpasswd.err
echo "error message OK."
rm -f tmp/gpasswd.err
echo -n "Check the passwd file..."
../../../common/compare_file.pl config/etc/passwd /etc/passwd
echo "OK"
echo -n "Check the group file..."
../../../common/compare_file.pl config/etc/group /etc/group
echo "OK"
echo -n "Check the shadow file..."
../../../common/compare_file.pl config/etc/shadow /etc/shadow
echo "OK"
echo -n "Check the gshadow file..."
../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
echo "OK"
log_status "$0" "SUCCESS"
restore_config
trap '' 0

10
tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/config.txt Normal file
View File

@@ -0,0 +1,10 @@
# no testsuite password
# root password: rootF00barbaz
# myuser password: myuserF00barbaz
user foo, in group users (only in /etc/group)
user foo, in group tty (only in /etc/gshadow)
user foo, in group floppy
user foo, admin of group disk
user foo, admin and member of group fax
user foo, admin and member of group cdrom (only in /etc/gshadow)

41
tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/config/etc/group Normal file
View File

@@ -0,0 +1,41 @@
root:x:0:
daemon:x:1:
bin:x:2:
sys:x:3:
adm:x:4:
tty:x:5:
disk:x:6:
lp:x:7:
mail:x:8:
news:x:9:
uucp:x:10:
man:x:12:
proxy:x:13:
kmem:x:15:
dialout:x:20:
fax:x:21:
voice:x:22:
cdrom:x:24:
floppy:x:25:
tape:x:26:
sudo:x:27:
audio:x:29:
dip:x:30:
www-data:x:33:
backup:x:34:
operator:x:37:
list:x:38:
irc:x:39:
src:x:40:
gnats:x:41:
shadow:x:42:
utmp:x:43:
video:x:44:
sasl:x:45:
plugdev:x:46:
staff:x:50:
games:x:60:
users:x:100:
nogroup:x:65534:
crontab:x:101:
Debian-exim:x:102:

41
tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/config/etc/gshadow Normal file
View File

@@ -0,0 +1,41 @@
root:*::
daemon:*::
bin:*::
sys:*::
adm:*::
tty:*::
disk:*::
lp:*::
mail:*::
news:*::
uucp:*::
man:*::
proxy:*::
kmem:*::
dialout:*::
fax:*::
voice:*::
cdrom:*::
floppy:*::
tape:*::
sudo:*::
audio:*::
dip:*::
www-data:*::
backup:*::
operator:*::
list:*::
irc:*::
src:*::
gnats:*::
shadow:*::
utmp:*::
video:*::
sasl:*::
plugdev:*::
staff:*::
games:*::
users:*::
nogroup:*::
crontab:x::
Debian-exim:x::

19
tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/config/etc/passwd Normal file
View File

@@ -0,0 +1,19 @@
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/bin/sh
bin:x:2:2:bin:/bin:/bin/sh
sys:x:3:3:sys:/dev:/bin/sh
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/bin/sh
man:x:6:12:man:/var/cache/man:/bin/sh
lp:x:7:7:lp:/var/spool/lpd:/bin/sh
mail:x:8:8:mail:/var/mail:/bin/sh
news:x:9:9:news:/var/spool/news:/bin/sh
uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
proxy:x:13:13:proxy:/bin:/bin/sh
www-data:x:33:33:www-data:/var/www:/bin/sh
backup:x:34:34:backup:/var/backups:/bin/sh
list:x:38:38:Mailing List Manager:/var/list:/bin/sh
irc:x:39:39:ircd:/var/run/ircd:/bin/sh
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
Debian-exim:x:102:102::/var/spool/exim4:/bin/false

19
tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/config/etc/shadow Normal file
View File

@@ -0,0 +1,19 @@
root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
daemon:*:12977:0:99999:7:::
bin:*:12977:0:99999:7:::
sys:*:12977:0:99999:7:::
sync:*:12977:0:99999:7:::
games:*:12977:0:99999:7:::
man:*:12977:0:99999:7:::
lp:*:12977:0:99999:7:::
mail:*:12977:0:99999:7:::
news:*:12977:0:99999:7:::
uucp:*:12977:0:99999:7:::
proxy:*:12977:0:99999:7:::
www-data:*:12977:0:99999:7:::
backup:*:12977:0:99999:7:::
list:*:12977:0:99999:7:::
irc:*:12977:0:99999:7:::
gnats:*:12977:0:99999:7:::
nobody:*:12977:0:99999:7:::
Debian-exim:!:12977:0:99999:7:::

13
tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/data/usage.out Normal file
View File

@@ -0,0 +1,13 @@
gpasswd: invalid option -- 'Z'
Usage: gpasswd [option] GROUP
Options:
-a, --add USER add USER to GROUP
-d, --delete USER remove USER from GROUP
-h, --help display this help message and exit
-r, --remove-password remove the GROUP's password
-R, --restrict restrict access to GROUP to its members
-M, --members USER,... set the list of members of GROUP
-A, --administrators ADMIN,...
set the list of administrators for GROUP
Except for the -A and -M options, the options cannot be combined.

54
tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/gpasswd.test Executable file
View File

@@ -0,0 +1,54 @@
#!/bin/sh
set -e
cd $(dirname $0)
. ../../../common/config.sh
. ../../../common/log.sh
log_start "$0" "gpasswd displays its usage message in case of bad option"
save_config
# restore the files on exit
trap 'log_status "$0" "FAILURE"; restore_config' 0
change_config
echo -n "Use gpasswd invalid option (gpasswd -Z)..."
gpasswd -Z 2>tmp/usage.out && exit 1 || {
status=$?
}
echo "OK"
echo -n "Check returned status ($status)..."
test "$status" = "2"
echo "OK"
echo "gpasswd reported:"
echo "======================================================================="
cat tmp/usage.out
echo "======================================================================="
echo -n "Check the usage message..."
diff -au data/usage.out tmp/usage.out
echo "usage message OK."
rm -f tmp/usage.out
echo -n "Check the passwd file..."
../../../common/compare_file.pl config/etc/passwd /etc/passwd
echo "OK"
echo -n "Check the group file..."
../../../common/compare_file.pl config/etc/group /etc/group
echo "OK"
echo -n "Check the shadow file..."
../../../common/compare_file.pl config/etc/shadow /etc/shadow
echo "OK"
echo -n "Check the gshadow file..."
../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
echo "OK"
log_status "$0" "SUCCESS"
restore_config
trap '' 0

10
tests/grouptools/gpasswd/64_gpasswd_usage-a-d/config.txt Normal file
View File

@@ -0,0 +1,10 @@
# no testsuite password
# root password: rootF00barbaz
# myuser password: myuserF00barbaz
user foo, in group users (only in /etc/group)
user foo, in group tty (only in /etc/gshadow)
user foo, in group floppy
user foo, admin of group disk
user foo, admin and member of group fax
user foo, admin and member of group cdrom (only in /etc/gshadow)

41
tests/grouptools/gpasswd/64_gpasswd_usage-a-d/config/etc/group Normal file
View File

@@ -0,0 +1,41 @@
root:x:0:
daemon:x:1:
bin:x:2:
sys:x:3:
adm:x:4:
tty:x:5:
disk:x:6:
lp:x:7:
mail:x:8:
news:x:9:
uucp:x:10:
man:x:12:
proxy:x:13:
kmem:x:15:
dialout:x:20:
fax:x:21:
voice:x:22:
cdrom:x:24:
floppy:x:25:
tape:x:26:
sudo:x:27:
audio:x:29:
dip:x:30:
www-data:x:33:
backup:x:34:
operator:x:37:
list:x:38:
irc:x:39:
src:x:40:
gnats:x:41:
shadow:x:42:
utmp:x:43:
video:x:44:
sasl:x:45:
plugdev:x:46:
staff:x:50:
games:x:60:
users:x:100:
nogroup:x:65534:
crontab:x:101:
Debian-exim:x:102:

41
tests/grouptools/gpasswd/64_gpasswd_usage-a-d/config/etc/gshadow Normal file
View File

@@ -0,0 +1,41 @@
root:*::
daemon:*::
bin:*::
sys:*::
adm:*::
tty:*::
disk:*::
lp:*::
mail:*::
news:*::
uucp:*::
man:*::
proxy:*::
kmem:*::
dialout:*::
fax:*::
voice:*::
cdrom:*::
floppy:*::
tape:*::
sudo:*::
audio:*::
dip:*::
www-data:*::
backup:*::
operator:*::
list:*::
irc:*::
src:*::
gnats:*::
shadow:*::
utmp:*::
video:*::
sasl:*::
plugdev:*::
staff:*::
games:*::
users:*::
nogroup:*::
crontab:x::
Debian-exim:x::

19
tests/grouptools/gpasswd/64_gpasswd_usage-a-d/config/etc/passwd Normal file
View File

@@ -0,0 +1,19 @@
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/bin/sh
bin:x:2:2:bin:/bin:/bin/sh
sys:x:3:3:sys:/dev:/bin/sh
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/bin/sh
man:x:6:12:man:/var/cache/man:/bin/sh
lp:x:7:7:lp:/var/spool/lpd:/bin/sh
mail:x:8:8:mail:/var/mail:/bin/sh
news:x:9:9:news:/var/spool/news:/bin/sh
uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
proxy:x:13:13:proxy:/bin:/bin/sh
www-data:x:33:33:www-data:/var/www:/bin/sh
backup:x:34:34:backup:/var/backups:/bin/sh
list:x:38:38:Mailing List Manager:/var/list:/bin/sh
irc:x:39:39:ircd:/var/run/ircd:/bin/sh
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
Debian-exim:x:102:102::/var/spool/exim4:/bin/false

19
tests/grouptools/gpasswd/64_gpasswd_usage-a-d/config/etc/shadow Normal file
View File

@@ -0,0 +1,19 @@
root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
daemon:*:12977:0:99999:7:::
bin:*:12977:0:99999:7:::
sys:*:12977:0:99999:7:::
sync:*:12977:0:99999:7:::
games:*:12977:0:99999:7:::
man:*:12977:0:99999:7:::
lp:*:12977:0:99999:7:::
mail:*:12977:0:99999:7:::
news:*:12977:0:99999:7:::
uucp:*:12977:0:99999:7:::
proxy:*:12977:0:99999:7:::
www-data:*:12977:0:99999:7:::
backup:*:12977:0:99999:7:::
list:*:12977:0:99999:7:::
irc:*:12977:0:99999:7:::
gnats:*:12977:0:99999:7:::
nobody:*:12977:0:99999:7:::
Debian-exim:!:12977:0:99999:7:::

12
tests/grouptools/gpasswd/64_gpasswd_usage-a-d/data/usage.out Normal file
View File

@@ -0,0 +1,12 @@
Usage: gpasswd [option] GROUP
Options:
-a, --add USER add USER to GROUP
-d, --delete USER remove USER from GROUP
-h, --help display this help message and exit
-r, --remove-password remove the GROUP's password
-R, --restrict restrict access to GROUP to its members
-M, --members USER,... set the list of members of GROUP
-A, --administrators ADMIN,...
set the list of administrators for GROUP
Except for the -A and -M options, the options cannot be combined.

54
tests/grouptools/gpasswd/64_gpasswd_usage-a-d/gpasswd.test Executable file
View File

@@ -0,0 +1,54 @@
#!/bin/sh
set -e
cd $(dirname $0)
. ../../../common/config.sh
. ../../../common/log.sh
log_start "$0" "gpasswd displays its usage message in case of multiple exclusive options"
save_config
# restore the files on exit
trap 'log_status "$0" "FAILURE"; restore_config' 0
change_config
echo -n "Use gpasswd option (gpasswd -a root -d root users)..."
gpasswd -a root -d root users 2>tmp/usage.out && exit 1 || {
status=$?
}
echo "OK"
echo -n "Check returned status ($status)..."
test "$status" = "2"
echo "OK"
echo "gpasswd reported:"
echo "======================================================================="
cat tmp/usage.out
echo "======================================================================="
echo -n "Check the usage message..."
diff -au data/usage.out tmp/usage.out
echo "usage message OK."
rm -f tmp/usage.out
echo -n "Check the passwd file..."
../../../common/compare_file.pl config/etc/passwd /etc/passwd
echo "OK"
echo -n "Check the group file..."
../../../common/compare_file.pl config/etc/group /etc/group
echo "OK"
echo -n "Check the shadow file..."
../../../common/compare_file.pl config/etc/shadow /etc/shadow
echo "OK"
echo -n "Check the gshadow file..."
../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
echo "OK"
log_status "$0" "SUCCESS"
restore_config
trap '' 0

10
tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/config.txt Normal file
View File

@@ -0,0 +1,10 @@
# no testsuite password
# root password: rootF00barbaz
# myuser password: myuserF00barbaz
user foo, in group users (only in /etc/group)
user foo, in group tty (only in /etc/gshadow)
user foo, in group floppy
user foo, admin of group disk
user foo, admin and member of group fax
user foo, admin and member of group cdrom (only in /etc/gshadow)

41
tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/config/etc/group Normal file
View File

@@ -0,0 +1,41 @@
root:x:0:
daemon:x:1:
bin:x:2:
sys:x:3:
adm:x:4:
tty:x:5:
disk:x:6:
lp:x:7:
mail:x:8:
news:x:9:
uucp:x:10:
man:x:12:
proxy:x:13:
kmem:x:15:
dialout:x:20:
fax:x:21:
voice:x:22:
cdrom:x:24:
floppy:x:25:
tape:x:26:
sudo:x:27:
audio:x:29:
dip:x:30:
www-data:x:33:
backup:x:34:
operator:x:37:
list:x:38:
irc:x:39:
src:x:40:
gnats:x:41:
shadow:x:42:
utmp:x:43:
video:x:44:
sasl:x:45:
plugdev:x:46:
staff:x:50:
games:x:60:
users:x:100:
nogroup:x:65534:
crontab:x:101:
Debian-exim:x:102:

41
tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/config/etc/gshadow Normal file
View File

@@ -0,0 +1,41 @@
root:*::
daemon:*::
bin:*::
sys:*::
adm:*::
tty:*::
disk:*::
lp:*::
mail:*::
news:*::
uucp:*::
man:*::
proxy:*::
kmem:*::
dialout:*::
fax:*::
voice:*::
cdrom:*::
floppy:*::
tape:*::
sudo:*::
audio:*::
dip:*::
www-data:*::
backup:*::
operator:*::
list:*::
irc:*::
src:*::
gnats:*::
shadow:*::
utmp:*::
video:*::
sasl:*::
plugdev:*::
staff:*::
games:*::
users:*::
nogroup:*::
crontab:x::
Debian-exim:x::

19
tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/config/etc/passwd Normal file
View File

@@ -0,0 +1,19 @@
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/bin/sh
bin:x:2:2:bin:/bin:/bin/sh
sys:x:3:3:sys:/dev:/bin/sh
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/bin/sh
man:x:6:12:man:/var/cache/man:/bin/sh
lp:x:7:7:lp:/var/spool/lpd:/bin/sh
mail:x:8:8:mail:/var/mail:/bin/sh
news:x:9:9:news:/var/spool/news:/bin/sh
uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
proxy:x:13:13:proxy:/bin:/bin/sh
www-data:x:33:33:www-data:/var/www:/bin/sh
backup:x:34:34:backup:/var/backups:/bin/sh
list:x:38:38:Mailing List Manager:/var/list:/bin/sh
irc:x:39:39:ircd:/var/run/ircd:/bin/sh
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
Debian-exim:x:102:102::/var/spool/exim4:/bin/false

19
tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/config/etc/shadow Normal file
View File

@@ -0,0 +1,19 @@
root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
daemon:*:12977:0:99999:7:::
bin:*:12977:0:99999:7:::
sys:*:12977:0:99999:7:::
sync:*:12977:0:99999:7:::
games:*:12977:0:99999:7:::
man:*:12977:0:99999:7:::
lp:*:12977:0:99999:7:::
mail:*:12977:0:99999:7:::
news:*:12977:0:99999:7:::
uucp:*:12977:0:99999:7:::
proxy:*:12977:0:99999:7:::
www-data:*:12977:0:99999:7:::
backup:*:12977:0:99999:7:::
list:*:12977:0:99999:7:::
irc:*:12977:0:99999:7:::
gnats:*:12977:0:99999:7:::
nobody:*:12977:0:99999:7:::
Debian-exim:!:12977:0:99999:7:::

12
tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/data/usage.out Normal file
View File

@@ -0,0 +1,12 @@
Usage: gpasswd [option] GROUP
Options:
-a, --add USER add USER to GROUP
-d, --delete USER remove USER from GROUP
-h, --help display this help message and exit
-r, --remove-password remove the GROUP's password
-R, --restrict restrict access to GROUP to its members
-M, --members USER,... set the list of members of GROUP
-A, --administrators ADMIN,...
set the list of administrators for GROUP
Except for the -A and -M options, the options cannot be combined.

54
tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/gpasswd.test Executable file
View File

@@ -0,0 +1,54 @@
#!/bin/sh
set -e
cd $(dirname $0)
. ../../../common/config.sh
. ../../../common/log.sh
log_start "$0" "gpasswd displays its usage message in case the group is not specified"
save_config
# restore the files on exit
trap 'log_status "$0" "FAILURE"; restore_config' 0
change_config
echo -n "Use gpasswd option (gpasswd -a root)..."
gpasswd -a root 2>tmp/usage.out && exit 1 || {
status=$?
}
echo "OK"
echo -n "Check returned status ($status)..."
test "$status" = "2"
echo "OK"
echo "gpasswd reported:"
echo "======================================================================="
cat tmp/usage.out
echo "======================================================================="
echo -n "Check the usage message..."
diff -au data/usage.out tmp/usage.out
echo "usage message OK."
rm -f tmp/usage.out
echo -n "Check the passwd file..."
../../../common/compare_file.pl config/etc/passwd /etc/passwd
echo "OK"
echo -n "Check the group file..."
../../../common/compare_file.pl config/etc/group /etc/group
echo "OK"
echo -n "Check the shadow file..."
../../../common/compare_file.pl config/etc/shadow /etc/shadow
echo "OK"
echo -n "Check the gshadow file..."
../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
echo "OK"
log_status "$0" "SUCCESS"
restore_config
trap '' 0

10
tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/config.txt Normal file
View File

@@ -0,0 +1,10 @@
# no testsuite password
# root password: rootF00barbaz
# myuser password: myuserF00barbaz
user foo, in group users (only in /etc/group)
user foo, in group tty (only in /etc/gshadow)
user foo, in group floppy
user foo, admin of group disk
user foo, admin and member of group fax
user foo, admin and member of group cdrom (only in /etc/gshadow)

41
tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/config/etc/group Normal file
View File

@@ -0,0 +1,41 @@
root:x:0:
daemon:x:1:
bin:x:2:
sys:x:3:
adm:x:4:
tty:x:5:
disk:x:6:
lp:x:7:
mail:x:8:
news:x:9:
uucp:x:10:
man:x:12:
proxy:x:13:
kmem:x:15:
dialout:x:20:
fax:x:21:
voice:x:22:
cdrom:x:24:
floppy:x:25:
tape:x:26:
sudo:x:27:
audio:x:29:
dip:x:30:
www-data:x:33:
backup:x:34:
operator:x:37:
list:x:38:
irc:x:39:
src:x:40:
gnats:x:41:
shadow:x:42:
utmp:x:43:
video:x:44:
sasl:x:45:
plugdev:x:46:
staff:x:50:
games:x:60:
users:x:100:
nogroup:x:65534:
crontab:x:101:
Debian-exim:x:102:

41
tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/config/etc/gshadow Normal file
View File

@@ -0,0 +1,41 @@
root:*::
daemon:*::
bin:*::
sys:*::
adm:*::
tty:*::
disk:*::
lp:*::
mail:*::
news:*::
uucp:*::
man:*::
proxy:*::
kmem:*::
dialout:*::
fax:*::
voice:*::
cdrom:*::
floppy:*::
tape:*::
sudo:*::
audio:*::
dip:*::
www-data:*::
backup:*::
operator:*::
list:*::
irc:*::
src:*::
gnats:*::
shadow:*::
utmp:*::
video:*::
sasl:*::
plugdev:*::
staff:*::
games:*::
users:*::
nogroup:*::
crontab:x::
Debian-exim:x::

19
tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/config/etc/passwd Normal file
View File

@@ -0,0 +1,19 @@
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/bin/sh
bin:x:2:2:bin:/bin:/bin/sh
sys:x:3:3:sys:/dev:/bin/sh
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/bin/sh
man:x:6:12:man:/var/cache/man:/bin/sh
lp:x:7:7:lp:/var/spool/lpd:/bin/sh
mail:x:8:8:mail:/var/mail:/bin/sh
news:x:9:9:news:/var/spool/news:/bin/sh
uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
proxy:x:13:13:proxy:/bin:/bin/sh
www-data:x:33:33:www-data:/var/www:/bin/sh
backup:x:34:34:backup:/var/backups:/bin/sh
list:x:38:38:Mailing List Manager:/var/list:/bin/sh
irc:x:39:39:ircd:/var/run/ircd:/bin/sh
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
Debian-exim:x:102:102::/var/spool/exim4:/bin/false

19
tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/config/etc/shadow Normal file
View File

@@ -0,0 +1,19 @@
root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
daemon:*:12977:0:99999:7:::
bin:*:12977:0:99999:7:::
sys:*:12977:0:99999:7:::
sync:*:12977:0:99999:7:::
games:*:12977:0:99999:7:::
man:*:12977:0:99999:7:::
lp:*:12977:0:99999:7:::
mail:*:12977:0:99999:7:::
news:*:12977:0:99999:7:::
uucp:*:12977:0:99999:7:::
proxy:*:12977:0:99999:7:::
www-data:*:12977:0:99999:7:::
backup:*:12977:0:99999:7:::
list:*:12977:0:99999:7:::
irc:*:12977:0:99999:7:::
gnats:*:12977:0:99999:7:::
nobody:*:12977:0:99999:7:::
Debian-exim:!:12977:0:99999:7:::

12
tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/data/usage.out Normal file
View File

@@ -0,0 +1,12 @@
Usage: gpasswd [option] GROUP
Options:
-a, --add USER add USER to GROUP
-d, --delete USER remove USER from GROUP
-h, --help display this help message and exit
-r, --remove-password remove the GROUP's password
-R, --restrict restrict access to GROUP to its members
-M, --members USER,... set the list of members of GROUP
-A, --administrators ADMIN,...
set the list of administrators for GROUP
Except for the -A and -M options, the options cannot be combined.

54
tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/gpasswd.test Executable file
View File

@@ -0,0 +1,54 @@
#!/bin/sh
set -e
cd $(dirname $0)
. ../../../common/config.sh
. ../../../common/log.sh
log_start "$0" "gpasswd displays its usage message in case multiple groups are specified"
save_config
# restore the files on exit
trap 'log_status "$0" "FAILURE"; restore_config' 0
change_config
echo -n "Use gpasswd option (gpasswd -a root root users)..."
gpasswd -a root root users 2>tmp/usage.out && exit 1 || {
status=$?
}
echo "OK"
echo -n "Check returned status ($status)..."
test "$status" = "2"
echo "OK"
echo "gpasswd reported:"
echo "======================================================================="
cat tmp/usage.out
echo "======================================================================="
echo -n "Check the usage message..."
diff -au data/usage.out tmp/usage.out
echo "usage message OK."
rm -f tmp/usage.out
echo -n "Check the passwd file..."
../../../common/compare_file.pl config/etc/passwd /etc/passwd
echo "OK"
echo -n "Check the group file..."
../../../common/compare_file.pl config/etc/group /etc/group
echo "OK"
echo -n "Check the shadow file..."
../../../common/compare_file.pl config/etc/shadow /etc/shadow
echo "OK"
echo -n "Check the gshadow file..."
../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
echo "OK"
log_status "$0" "SUCCESS"
restore_config
trap '' 0

1
tests/grouptools/gpasswd/67_gpasswd-A_myuser/config.txt Normal file
View File

@@ -0,0 +1 @@
myuser exist and is an admin of group users

42
tests/grouptools/gpasswd/67_gpasswd-A_myuser/config/etc/group Normal file
View File

@@ -0,0 +1,42 @@
root:x:0:
daemon:x:1:
bin:x:2:
sys:x:3:
adm:x:4:
tty:x:5:
disk:x:6:
lp:x:7:
mail:x:8:
news:x:9:
uucp:x:10:
man:x:12:
proxy:x:13:
kmem:x:15:
dialout:x:20:
fax:x:21:
voice:x:22:
cdrom:x:24:
floppy:x:25:
tape:x:26:
sudo:x:27:
audio:x:29:
dip:x:30:
www-data:x:33:
backup:x:34:
operator:x:37:
list:x:38:
irc:x:39:
src:x:40:
gnats:x:41:
shadow:x:42:
utmp:x:43:
video:x:44:
sasl:x:45:
plugdev:x:46:
staff:x:50:
games:x:60:
users:x:100:
nogroup:x:65534:
crontab:x:101:
Debian-exim:x:102:
foo:x:1000:

42
tests/grouptools/gpasswd/67_gpasswd-A_myuser/config/etc/gshadow Normal file
View File

@@ -0,0 +1,42 @@
root:*::
daemon:*::
bin:*::
sys:*::
adm:*::
tty:*::
disk:*::
lp:*::
mail:*::
news:*::
uucp:*::
man:*::
proxy:*::
kmem:*::
dialout:*::
fax:*::
voice:*::
cdrom:*::
floppy:*::
tape:*::
sudo:*::
audio:*::
dip:*::
www-data:*::
backup:*::
operator:*::
list:*::
irc:*::
src:*::
gnats:*::
shadow:*::
utmp:*::
video:*::
sasl:*::
plugdev:*::
staff:*::
games:*::
users:*::
nogroup:*::
crontab:x::
Debian-exim:x::
foo:*::

21
tests/grouptools/gpasswd/67_gpasswd-A_myuser/config/etc/passwd Normal file
View File

@@ -0,0 +1,21 @@
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/bin/sh
bin:x:2:2:bin:/bin:/bin/sh
sys:x:3:3:sys:/dev:/bin/sh
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/bin/sh
man:x:6:12:man:/var/cache/man:/bin/sh
lp:x:7:7:lp:/var/spool/lpd:/bin/sh
mail:x:8:8:mail:/var/mail:/bin/sh
news:x:9:9:news:/var/spool/news:/bin/sh
uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
proxy:x:13:13:proxy:/bin:/bin/sh
www-data:x:33:33:www-data:/var/www:/bin/sh
backup:x:34:34:backup:/var/backups:/bin/sh
list:x:38:38:Mailing List Manager:/var/list:/bin/sh
irc:x:39:39:ircd:/var/run/ircd:/bin/sh
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
Debian-exim:x:102:102::/var/spool/exim4:/bin/false
foo:x:1000:1000:::/bin/false
myuser:x:1001:1000:::/bin/bash

21
tests/grouptools/gpasswd/67_gpasswd-A_myuser/config/etc/shadow Normal file
View File

@@ -0,0 +1,21 @@
root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
daemon:*:12977:0:99999:7:::
bin:*:12977:0:99999:7:::
sys:*:12977:0:99999:7:::
sync:*:12977:0:99999:7:::
games:*:12977:0:99999:7:::
man:*:12977:0:99999:7:::
lp:*:12977:0:99999:7:::
mail:*:12977:0:99999:7:::
news:*:12977:0:99999:7:::
uucp:*:12977:0:99999:7:::
proxy:*:12977:0:99999:7:::
www-data:*:12977:0:99999:7:::
backup:*:12977:0:99999:7:::
list:*:12977:0:99999:7:::
irc:*:12977:0:99999:7:::
gnats:*:12977:0:99999:7:::
nobody:*:12977:0:99999:7:::
Debian-exim:!:12977:0:99999:7:::
foo:!:12977:0:99999:7:::
myuser::12977:0:99999:7:::

59
tests/grouptools/gpasswd/67_gpasswd-A_myuser/gpasswd.exp Executable file
View File

@@ -0,0 +1,59 @@
#!/usr/bin/expect
set timeout 2
expect_after default {puts "\nFAIL"; exit 1}
if {$argc != 3} {
puts "usage: gpasswd.exp <run_user> <group> <user_prompt>"
exit 1
}
set run_user [lindex $argv 0]
set group [lindex $argv 1]
set user_prompt [lindex $argv 3]
# First, switch to the testsuite user
# (otherwise, no password will be asked)
send_user "# switch to user '$run_user'\n"
send_user "# and expect a '$user_prompt' prompt\n"
spawn /bin/su $run_user
expect "$user_prompt" ;# Wait for the prompt
send_user "\n# make sure we are now '$run_user'"
send_user "\n# whoami should return '$run_user'"
send "\r" ;# restore the prompt for the logs
send "whoami\r" ;# Verify we are really testsuite
expect {
timeout {
puts "\ntimeout...FAIL"
exit 1
}
"$run_user"
}
expect "$user_prompt" ;# Wait for the prompt
send_user "\n\n"
send_user "# now change '$group' 's admins to 'root'\n"
send_user "# and expect a permission denied"
send "\r" ;# restore the prompt for the logs
send "gpasswd -A root $group\r" ;# Change the password
expect "gpasswd: Permission denied." ;# Not an admin
send_user "\n"
send_user "# expect prompt '$user_prompt'\n"
expect {
# Wait for the new prompt
"$user_prompt" {
send "exit\r"
expect "$ "
puts "\nPASS"
exit 0
}
}
puts "\ntimeout...FAIL"
exit 1

42
tests/grouptools/gpasswd/67_gpasswd-A_myuser/gpasswd.test Executable file
View File

@@ -0,0 +1,42 @@
#!/bin/sh
set -e
cd $(dirname $0)
. ../../../common/config.sh
. ../../../common/log.sh
log_start "$0" "gpasswd can be used by root to change one group's passwd"
# no testsuite password
# root password: rootF00barbaz
# myuser password: myuserF00barbaz
save_config
# restore the files on exit
trap 'log_status "$0" "FAILURE"; restore_config' 0
change_config
./gpasswd.exp myuser users '$ '
echo -n "Check the passwd file..."
../../../common/compare_file.pl config/etc/passwd /etc/passwd
echo "OK"
echo -n "Check the group file..."
../../../common/compare_file.pl config/etc/group /etc/group
echo "OK"
echo -n "Check the shadow file..."
../../../common/compare_file.pl config/etc/shadow /etc/shadow
echo "OK"
echo -n "Check the gshadow file..."
../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
echo "OK"
log_status "$0" "SUCCESS"
restore_config
trap '' 0

1
tests/grouptools/gpasswd/68_gpasswd-M_myuser/config.txt Normal file
View File

@@ -0,0 +1 @@
myuser exist and is an admin of group users

42
tests/grouptools/gpasswd/68_gpasswd-M_myuser/config/etc/group Normal file
View File

@@ -0,0 +1,42 @@
root:x:0:
daemon:x:1:
bin:x:2:
sys:x:3:
adm:x:4:
tty:x:5:
disk:x:6:
lp:x:7:
mail:x:8:
news:x:9:
uucp:x:10:
man:x:12:
proxy:x:13:
kmem:x:15:
dialout:x:20:
fax:x:21:
voice:x:22:
cdrom:x:24:
floppy:x:25:
tape:x:26:
sudo:x:27:
audio:x:29:
dip:x:30:
www-data:x:33:
backup:x:34:
operator:x:37:
list:x:38:
irc:x:39:
src:x:40:
gnats:x:41:
shadow:x:42:
utmp:x:43:
video:x:44:
sasl:x:45:
plugdev:x:46:
staff:x:50:
games:x:60:
users:x:100:
nogroup:x:65534:
crontab:x:101:
Debian-exim:x:102:
foo:x:1000:

42
tests/grouptools/gpasswd/68_gpasswd-M_myuser/config/etc/gshadow Normal file
View File

@@ -0,0 +1,42 @@
root:*::
daemon:*::
bin:*::
sys:*::
adm:*::
tty:*::
disk:*::
lp:*::
mail:*::
news:*::
uucp:*::
man:*::
proxy:*::
kmem:*::
dialout:*::
fax:*::
voice:*::
cdrom:*::
floppy:*::
tape:*::
sudo:*::
audio:*::
dip:*::
www-data:*::
backup:*::
operator:*::
list:*::
irc:*::
src:*::
gnats:*::
shadow:*::
utmp:*::
video:*::
sasl:*::
plugdev:*::
staff:*::
games:*::
users:*::
nogroup:*::
crontab:x::
Debian-exim:x::
foo:*::

21
tests/grouptools/gpasswd/68_gpasswd-M_myuser/config/etc/passwd Normal file
View File

@@ -0,0 +1,21 @@
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/bin/sh
bin:x:2:2:bin:/bin:/bin/sh
sys:x:3:3:sys:/dev:/bin/sh
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/bin/sh
man:x:6:12:man:/var/cache/man:/bin/sh
lp:x:7:7:lp:/var/spool/lpd:/bin/sh
mail:x:8:8:mail:/var/mail:/bin/sh
news:x:9:9:news:/var/spool/news:/bin/sh
uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
proxy:x:13:13:proxy:/bin:/bin/sh
www-data:x:33:33:www-data:/var/www:/bin/sh
backup:x:34:34:backup:/var/backups:/bin/sh
list:x:38:38:Mailing List Manager:/var/list:/bin/sh
irc:x:39:39:ircd:/var/run/ircd:/bin/sh
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
Debian-exim:x:102:102::/var/spool/exim4:/bin/false
foo:x:1000:1000:::/bin/false
myuser:x:1001:1000:::/bin/bash

21
tests/grouptools/gpasswd/68_gpasswd-M_myuser/config/etc/shadow Normal file
View File

@@ -0,0 +1,21 @@
root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
daemon:*:12977:0:99999:7:::
bin:*:12977:0:99999:7:::
sys:*:12977:0:99999:7:::
sync:*:12977:0:99999:7:::
games:*:12977:0:99999:7:::
man:*:12977:0:99999:7:::
lp:*:12977:0:99999:7:::
mail:*:12977:0:99999:7:::
news:*:12977:0:99999:7:::
uucp:*:12977:0:99999:7:::
proxy:*:12977:0:99999:7:::
www-data:*:12977:0:99999:7:::
backup:*:12977:0:99999:7:::
list:*:12977:0:99999:7:::
irc:*:12977:0:99999:7:::
gnats:*:12977:0:99999:7:::
nobody:*:12977:0:99999:7:::
Debian-exim:!:12977:0:99999:7:::
foo:!:12977:0:99999:7:::
myuser::12977:0:99999:7:::

60
tests/grouptools/gpasswd/68_gpasswd-M_myuser/gpasswd.exp Executable file
View File

@@ -0,0 +1,60 @@
#!/usr/bin/expect
set timeout 2
expect_after default {puts "\nFAIL"; exit 1}
if {$argc != 3} {
puts "usage: gpasswd.exp <run_user> <group> <user_prompt>"
exit 1
}
set run_user [lindex $argv 0]
set group [lindex $argv 1]
set g_password [lindex $argv 2]
set user_prompt [lindex $argv 3]
# First, switch to the testsuite user
# (otherwise, no password will be asked)
send_user "# switch to user '$run_user'\n"
send_user "# and expect a '$user_prompt' prompt\n"
spawn /bin/su $run_user
expect "$user_prompt" ;# Wait for the prompt
send_user "\n# make sure we are now '$run_user'"
send_user "\n# whoami should return '$run_user'"
send "\r" ;# restore the prompt for the logs
send "whoami\r" ;# Verify we are really testsuite
expect {
timeout {
puts "\ntimeout...FAIL"
exit 1
}
"$run_user"
}
expect "$user_prompt" ;# Wait for the prompt
send_user "\n\n"
send_user "# now change '$group' 's members to root\n"
send_user "# and expect a permission denied"
send "\r" ;# restore the prompt for the logs
send "gpasswd -M root $group\r" ;# Change the password
expect "gpasswd: Permission denied." ;# Not an admin
send_user "\n"
send_user "# expect prompt '$user_prompt'\n"
expect {
# Wait for the new prompt
"$user_prompt" {
send "exit\r"
expect "$ "
puts "\nPASS"
exit 0
}
}
puts "\ntimeout...FAIL"
exit 1

42
tests/grouptools/gpasswd/68_gpasswd-M_myuser/gpasswd.test Executable file
View File

@@ -0,0 +1,42 @@
#!/bin/sh
set -e
cd $(dirname $0)
. ../../../common/config.sh
. ../../../common/log.sh
log_start "$0" "gpasswd can be used by root to change one group's passwd"
# no testsuite password
# root password: rootF00barbaz
# myuser password: myuserF00barbaz
save_config
# restore the files on exit
trap 'log_status "$0" "FAILURE"; restore_config' 0
change_config
./gpasswd.exp myuser users '$ '
echo -n "Check the passwd file..."
../../../common/compare_file.pl config/etc/passwd /etc/passwd
echo "OK"
echo -n "Check the group file..."
../../../common/compare_file.pl config/etc/group /etc/group
echo "OK"
echo -n "Check the shadow file..."
../../../common/compare_file.pl config/etc/shadow /etc/shadow
echo "OK"
echo -n "Check the gshadow file..."
../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
echo "OK"
log_status "$0" "SUCCESS"
restore_config
trap '' 0

1
tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config.txt Normal file
View File

@@ -0,0 +1 @@
myuser exist and is an admin of group users

42
tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config/etc/group Normal file
View File

@@ -0,0 +1,42 @@
root:x:0:
daemon:x:1:
bin:x:2:
sys:x:3:
adm:x:4:
tty:x:5:
disk:x:6:
lp:x:7:
mail:x:8:
news:x:9:
uucp:x:10:
man:x:12:
proxy:x:13:
kmem:x:15:
dialout:x:20:
fax:x:21:
voice:x:22:
cdrom:x:24:
floppy:x:25:
tape:x:26:
sudo:x:27:
audio:x:29:
dip:x:30:
www-data:x:33:
backup:x:34:
operator:x:37:
list:x:38:
irc:x:39:
src:x:40:
gnats:x:41:
shadow:x:42:
utmp:x:43:
video:x:44:
sasl:x:45:
plugdev:x:46:
staff:x:50:
games:x:60:
users:x:100:
nogroup:x:65534:
crontab:x:101:
Debian-exim:x:102:
foo:x:1000:

42
tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config/etc/gshadow Normal file
View File

@@ -0,0 +1,42 @@
root:*::
daemon:*::
bin:*::
sys:*::
adm:*::
tty:*::
disk:*::
lp:*::
mail:*::
news:*::
uucp:*::
man:*::
proxy:*::
kmem:*::
dialout:*::
fax:*::
voice:*::
cdrom:*::
floppy:*::
tape:*::
sudo:*::
audio:*::
dip:*::
www-data:*::
backup:*::
operator:*::
list:*::
irc:*::
src:*::
gnats:*::
shadow:*::
utmp:*::
video:*::
sasl:*::
plugdev:*::
staff:*::
games:*::
users:*:myuser:
nogroup:*::
crontab:x::
Debian-exim:x::
foo:*::

21
tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config/etc/passwd Normal file
View File

@@ -0,0 +1,21 @@
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/bin/sh
bin:x:2:2:bin:/bin:/bin/sh
sys:x:3:3:sys:/dev:/bin/sh
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/bin/sh
man:x:6:12:man:/var/cache/man:/bin/sh
lp:x:7:7:lp:/var/spool/lpd:/bin/sh
mail:x:8:8:mail:/var/mail:/bin/sh
news:x:9:9:news:/var/spool/news:/bin/sh
uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
proxy:x:13:13:proxy:/bin:/bin/sh
www-data:x:33:33:www-data:/var/www:/bin/sh
backup:x:34:34:backup:/var/backups:/bin/sh
list:x:38:38:Mailing List Manager:/var/list:/bin/sh
irc:x:39:39:ircd:/var/run/ircd:/bin/sh
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
Debian-exim:x:102:102::/var/spool/exim4:/bin/false
foo:x:1000:1000:::/bin/false
myuser:x:1001:1000:::/bin/bash

21
tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config/etc/shadow Normal file
View File

@@ -0,0 +1,21 @@
root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
daemon:*:12977:0:99999:7:::
bin:*:12977:0:99999:7:::
sys:*:12977:0:99999:7:::
sync:*:12977:0:99999:7:::
games:*:12977:0:99999:7:::
man:*:12977:0:99999:7:::
lp:*:12977:0:99999:7:::
mail:*:12977:0:99999:7:::
news:*:12977:0:99999:7:::
uucp:*:12977:0:99999:7:::
proxy:*:12977:0:99999:7:::
www-data:*:12977:0:99999:7:::
backup:*:12977:0:99999:7:::
list:*:12977:0:99999:7:::
irc:*:12977:0:99999:7:::
gnats:*:12977:0:99999:7:::
nobody:*:12977:0:99999:7:::
Debian-exim:!:12977:0:99999:7:::
foo:!:12977:0:99999:7:::
myuser::12977:0:99999:7:::

42
tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/data/gshadow Normal file
View File

@@ -0,0 +1,42 @@
root:*::
daemon:*::
bin:*::
sys:*::
adm:*::
tty:*::
disk:*::
lp:*::
mail:*::
news:*::
uucp:*::
man:*::
proxy:*::
kmem:*::
dialout:*::
fax:*::
voice:*::
cdrom:*::
floppy:*::
tape:*::
sudo:*::
audio:*::
dip:*::
www-data:*::
backup:*::
operator:*::
list:*::
irc:*::
src:*::
gnats:*::
shadow:*::
utmp:*::
video:*::
sasl:*::
plugdev:*::
staff:*::
games:*::
users:@PASS_DES usersPAS@:myuser:
nogroup:*::
crontab:x::
Debian-exim:x::
foo:*::

87
tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/gpasswd.exp Executable file
View File

@@ -0,0 +1,87 @@
#!/usr/bin/expect
set timeout 2
expect_after default {puts "\nFAIL"; exit 1}
if {$argc != 4} {
puts "usage: gpasswd.exp <run_user> <group> <g_password> <user_prompt>"
exit 1
}
set run_user [lindex $argv 0]
set group [lindex $argv 1]
set g_password [lindex $argv 2]
set user_prompt [lindex $argv 3]
# First, switch to the testsuite user
# (otherwise, no password will be asked)
send_user "# switch to user '$run_user'\n"
send_user "# and expect a '$user_prompt' prompt\n"
spawn /bin/su $run_user
expect "$user_prompt" ;# Wait for the prompt
send_user "\n# make sure we are now '$run_user'"
send_user "\n# whoami should return '$run_user'"
send "\r" ;# restore the prompt for the logs
send "whoami\r" ;# Verify we are really testsuite
expect {
timeout {
puts "\ntimeout...FAIL"
exit 1
}
"$run_user"
}
expect "$user_prompt" ;# Wait for the prompt
send_user "\n\n"
send_user "# now change '$group' 's password to '$g_password'\n"
send_user "# and expect a password prompt"
send "\r" ;# restore the prompt for the logs
send "gpasswd $group\r" ;# Change the password
expect "New Password: " ;# Wait for the Password: prompt
# Wait a little bit more (gpasswd is not ready to receive the password)
sleep 0.1
send "wrong $g_password\r" ;# Send the password
send_user "\n# wrong password 'wrong $g_password' sent\n\n"
send_user "Expect a new password prompt\n"
expect "Re-enter new password: " ;# Wait for the Password: prompt
# Wait a little bit more (gpasswd is not ready to receive the password)
sleep 0.1
send "$g_password\r" ;# Send the password
send_user "# expect failure an retry"
expect "They don't match; try again"
expect "New Password: " ;# Wait for the Password: prompt
# Wait a little bit more (gpasswd is not ready to receive the password)
sleep 0.1
send "$g_password\r" ;# Send the password
send_user "\n# password '$g_password' sent\n\n"
send_user "Expect a new password prompt\n"
expect "Re-enter new password: " ;# Wait for the Password: prompt
# Wait a little bit more (gpasswd is not ready to receive the password)
sleep 0.1
send "$g_password\r" ;# Send the password
send_user "# expect prompt '$user_prompt'"
expect {
# Wait for the new prompt
"$user_prompt" {
send "exit\r"
expect "$ "
puts "\nPASS"
exit 0
}
}
puts "\ntimeout...FAIL"
exit 1

42
tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/gpasswd.test Executable file
View File

@@ -0,0 +1,42 @@
#!/bin/sh
set -e
cd $(dirname $0)
. ../../../common/config.sh
. ../../../common/log.sh
log_start "$0" "gpasswd can be used by root to change one group's passwd"
# no testsuite password
# root password: rootF00barbaz
# myuser password: myuserF00barbaz
save_config
# restore the files on exit
trap 'log_status "$0" "FAILURE"; restore_config' 0
change_config
./gpasswd.exp myuser users usersPAS '$ '
echo -n "Check the passwd file..."
../../../common/compare_file.pl config/etc/passwd /etc/passwd
echo "OK"
echo -n "Check the group file..."
../../../common/compare_file.pl config/etc/group /etc/group
echo "OK"
echo -n "Check the shadow file..."
../../../common/compare_file.pl config/etc/shadow /etc/shadow
echo "OK"
echo -n "Check the gshadow file..."
../../../common/compare_file.pl data/gshadow /etc/gshadow
echo "OK"
log_status "$0" "SUCCESS"
restore_config
trap '' 0

1
tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config.txt Normal file
View File

@@ -0,0 +1 @@
myuser exist and is an admin of group users

42
tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config/etc/group Normal file
View File

@@ -0,0 +1,42 @@
root:x:0:
daemon:x:1:
bin:x:2:
sys:x:3:
adm:x:4:
tty:x:5:
disk:x:6:
lp:x:7:
mail:x:8:
news:x:9:
uucp:x:10:
man:x:12:
proxy:x:13:
kmem:x:15:
dialout:x:20:
fax:x:21:
voice:x:22:
cdrom:x:24:
floppy:x:25:
tape:x:26:
sudo:x:27:
audio:x:29:
dip:x:30:
www-data:x:33:
backup:x:34:
operator:x:37:
list:x:38:
irc:x:39:
src:x:40:
gnats:x:41:
shadow:x:42:
utmp:x:43:
video:x:44:
sasl:x:45:
plugdev:x:46:
staff:x:50:
games:x:60:
users:x:100:
nogroup:x:65534:
crontab:x:101:
Debian-exim:x:102:
foo:x:1000:

42
tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config/etc/gshadow Normal file
View File

@@ -0,0 +1,42 @@
root:*::
daemon:*::
bin:*::
sys:*::
adm:*::
tty:*::
disk:*::
lp:*::
mail:*::
news:*::
uucp:*::
man:*::
proxy:*::
kmem:*::
dialout:*::
fax:*::
voice:*::
cdrom:*::
floppy:*::
tape:*::
sudo:*::
audio:*::
dip:*::
www-data:*::
backup:*::
operator:*::
list:*::
irc:*::
src:*::
gnats:*::
shadow:*::
utmp:*::
video:*::
sasl:*::
plugdev:*::
staff:*::
games:*::
users:*:myuser:
nogroup:*::
crontab:x::
Debian-exim:x::
foo:*::

335
tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config/etc/login.defs Normal file
View File

@@ -0,0 +1,335 @@
#
# /etc/login.defs - Configuration control definitions for the login package.
#
# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
# If unspecified, some arbitrary (and possibly incorrect) value will
# be assumed. All other items are optional - if not specified then
# the described action or option will be inhibited.
#
# Comment lines (lines beginning with "#") and blank lines are ignored.
#
# Modified for Linux. --marekm
# REQUIRED for useradd/userdel/usermod
# Directory where mailboxes reside, _or_ name of file, relative to the
# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
# MAIL_DIR takes precedence.
#
# Essentially:
# - MAIL_DIR defines the location of users mail spool files
# (for mbox use) by appending the username to MAIL_DIR as defined
# below.
# - MAIL_FILE defines the location of the users mail spool files as the
# fully-qualified filename obtained by prepending the user home
# directory before $MAIL_FILE
#
# NOTE: This is no more used for setting up users MAIL environment variable
# which is, starting from shadow 4.0.12-1 in Debian, entirely the
# job of the pam_mail PAM modules
# See default PAM configuration files provided for
# login, su, etc.
#
# This is a temporary situation: setting these variables will soon
# move to /etc/default/useradd and the variables will then be
# no more supported
MAIL_DIR /var/mail
#MAIL_FILE .mail
#
# Enable logging and display of /var/log/faillog login failure info.
# This option conflicts with the pam_tally PAM module.
#
FAILLOG_ENAB yes
#
# Enable display of unknown usernames when login failures are recorded.
#
# WARNING: Unknown usernames may become world readable.
# See #290803 and #298773 for details about how this could become a security
# concern
LOG_UNKFAIL_ENAB no
#
# Enable logging of successful logins
#
LOG_OK_LOGINS no
#
# Enable "syslog" logging of su activity - in addition to sulog file logging.
# SYSLOG_SG_ENAB does the same for newgrp and sg.
#
SYSLOG_SU_ENAB yes
SYSLOG_SG_ENAB yes
#
# If defined, all su activity is logged to this file.
#
#SULOG_FILE /var/log/sulog
#
# If defined, file which maps tty line to TERM environment parameter.
# Each line of the file is in a format something like "vt100 tty01".
#
#TTYTYPE_FILE /etc/ttytype
#
# If defined, login failures will be logged here in a utmp format
# last, when invoked as lastb, will read /var/log/btmp, so...
#
FTMP_FILE /var/log/btmp
#
# If defined, the command name to display when running "su -". For
# example, if this is defined as "su" then a "ps" will display the
# command is "-su". If not defined, then "ps" would display the
# name of the shell actually being run, e.g. something like "-sh".
#
SU_NAME su
#
# If defined, file which inhibits all the usual chatter during the login
# sequence. If a full pathname, then hushed mode will be enabled if the
# user's name or shell are found in the file. If not a full pathname, then
# hushed mode will be enabled if the file exists in the user's home directory.
#
HUSHLOGIN_FILE .hushlogin
#HUSHLOGIN_FILE /etc/hushlogins
#
# *REQUIRED* The default PATH settings, for superuser and normal users.
#
# (they are minimal, add the rest in the shell startup files)
ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
#
# Terminal permissions
#
# TTYGROUP Login tty will be assigned this group ownership.
# TTYPERM Login tty will be set to this permission.
#
# If you have a "write" program which is "setgid" to a special group
# which owns the terminals, define TTYGROUP to the group number and
# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
# TTYPERM to either 622 or 600.
#
# In Debian /usr/bin/bsd-write or similar programs are setgid tty
# However, the default and recommended value for TTYPERM is still 0600
# to not allow anyone to write to anyone else console or terminal
# Users can still allow other people to write them by issuing
# the "mesg y" command.
TTYGROUP tty
TTYPERM 0600
#
# Login configuration initializations:
#
# ERASECHAR Terminal ERASE character ('\010' = backspace).
# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
# UMASK Default "umask" value.
#
# The ERASECHAR and KILLCHAR are used only on System V machines.
#
# UMASK is the default umask value for pam_umask and is used by
# useradd and newusers to set the mode of the new home directories.
# 022 is the "historical" value in Debian for UMASK
# 027, or even 077, could be considered better for privacy
# There is no One True Answer here : each sysadmin must make up his/her
# mind.
#
# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
#
ERASECHAR 0177
KILLCHAR 025
UMASK 022
#
# Password aging controls:
#
# PASS_MAX_DAYS Maximum number of days a password may be used.
# PASS_MIN_DAYS Minimum number of days allowed between password changes.
# PASS_WARN_AGE Number of days warning given before a password expires.
#
PASS_MAX_DAYS 99999
PASS_MIN_DAYS 0
PASS_WARN_AGE 7
#
# Min/max values for automatic uid selection in useradd
#
UID_MIN 1000
UID_MAX 60000
# System accounts
#SYS_UID_MIN 100
#SYS_UID_MAX 999
#
# Min/max values for automatic gid selection in groupadd
#
GID_MIN 1000
GID_MAX 60000
# System accounts
#SYS_GID_MIN 100
#SYS_GID_MAX 999
#
# Max number of login retries if password is bad. This will most likely be
# overriden by PAM, since the default pam_unix module has it's own built
# in of 3 retries. However, this is a safe fallback in case you are using
# an authentication module that does not enforce PAM_MAXTRIES.
#
LOGIN_RETRIES 4
#
# Max time in seconds for login
#
LOGIN_TIMEOUT 60
#
# Which fields may be changed by regular users using chfn - use
# any combination of letters "frwh" (full name, room number, work
# phone, home phone). If not defined, no changes are allowed.
# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
#
CHFN_RESTRICT rwh
#
# Should login be allowed if we can't cd to the home directory?
# Default in no.
#
DEFAULT_HOME yes
#
# If defined, this command is run when removing a user.
# It should remove any at/cron/print jobs etc. owned by
# the user to be removed (passed as the first argument).
#
#USERDEL_CMD /usr/sbin/userdel_local
#
# If set to yes, userdel will remove the user´s group if it contains no
# more members, and useradd will create by default a group with the name
# of the user.
#
# Other former uses of this variable such as setting the umask when
# user==primary group are not used in PAM environments, such as Debian
#
USERGROUPS_ENAB yes
#
# Instead of the real user shell, the program specified by this parameter
# will be launched, although its visible name (argv[0]) will be the shell's.
# The program may do whatever it wants (logging, additional authentification,
# banner, ...) before running the actual shell.
#
# FAKE_SHELL /bin/fakeshell
#
# If defined, either full pathname of a file containing device names or
# a ":" delimited list of device names. Root logins will be allowed only
# upon these devices.
#
# This variable is used by login and su.
#
#CONSOLE /etc/consoles
#CONSOLE console:tty01:tty02:tty03:tty04
#
# List of groups to add to the user's supplementary group set
# when logging in on the console (as determined by the CONSOLE
# setting). Default is none.
#
# Use with caution - it is possible for users to gain permanent
# access to these groups, even when not logged in on the console.
# How to do it is left as an exercise for the reader...
#
# This variable is used by login and su.
#
#CONSOLE_GROUPS floppy:audio:cdrom
#
# If set to "yes", new passwords will be encrypted using the MD5-based
# algorithm compatible with the one used by recent releases of FreeBSD.
# It supports passwords of unlimited length and longer salt strings.
# Set to "no" if you need to copy encrypted passwords to other systems
# which don't understand the new algorithm. Default is "no".
#
# This variable is deprecated. You should use ENCRYPT_METHOD.
#
#MD5_CRYPT_ENAB no
#
# If set to MD5 , MD5-based algorithm will be used for encrypting password
# If set to SHA256, SHA256-based algorithm will be used for encrypting password
# If set to SHA512, SHA512-based algorithm will be used for encrypting password
# If set to DES, DES-based algorithm will be used for encrypting password (default)
# Overrides the MD5_CRYPT_ENAB option
#
# Note: It is recommended to use a value consistent with
# the PAM modules configuration.
#
#ENCRYPT_METHOD DES
#
# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
#
# Define the number of SHA rounds.
# With a lot of rounds, it is more difficult to brute forcing the password.
# But note also that it more CPU resources will be needed to authenticate
# users.
#
# If not specified, the libc will choose the default number of rounds (5000).
# The values must be inside the 1000-999999999 range.
# If only one of the MIN or MAX values is set, then this value will be used.
# If MIN > MAX, the highest value will be used.
#
# SHA_CRYPT_MIN_ROUNDS 5000
# SHA_CRYPT_MAX_ROUNDS 5000
################# OBSOLETED BY PAM ##############
# #
# These options are now handled by PAM. Please #
# edit the appropriate file in /etc/pam.d/ to #
# enable the equivelants of them.
#
###############
#MOTD_FILE
#DIALUPS_CHECK_ENAB
#LASTLOG_ENAB
#MAIL_CHECK_ENAB
#OBSCURE_CHECKS_ENAB
#PORTTIME_CHECKS_ENAB
#SU_WHEEL_ONLY
#CRACKLIB_DICTPATH
#PASS_CHANGE_TRIES
#PASS_ALWAYS_WARN
#ENVIRON_FILE
#NOLOGINS_FILE
#ISSUE_FILE
#PASS_MIN_LEN
#PASS_MAX_LEN
#ULIMIT
#ENV_HZ
#CHFN_AUTH
#CHSH_AUTH
#FAIL_DELAY
################# OBSOLETED #######################
# #
# These options are no more handled by shadow. #
# #
# Shadow utilities will display a warning if they #
# still appear. #
# #
###################################################
# CLOSE_SESSIONS
# LOGIN_STRING
# NO_PASSWORD_CONSOLE
# QMAIL_DIR

21
tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config/etc/passwd Normal file
View File

@@ -0,0 +1,21 @@
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/bin/sh
bin:x:2:2:bin:/bin:/bin/sh
sys:x:3:3:sys:/dev:/bin/sh
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/bin/sh
man:x:6:12:man:/var/cache/man:/bin/sh
lp:x:7:7:lp:/var/spool/lpd:/bin/sh
mail:x:8:8:mail:/var/mail:/bin/sh
news:x:9:9:news:/var/spool/news:/bin/sh
uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
proxy:x:13:13:proxy:/bin:/bin/sh
www-data:x:33:33:www-data:/var/www:/bin/sh
backup:x:34:34:backup:/var/backups:/bin/sh
list:x:38:38:Mailing List Manager:/var/list:/bin/sh
irc:x:39:39:ircd:/var/run/ircd:/bin/sh
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
Debian-exim:x:102:102::/var/spool/exim4:/bin/false
foo:x:1000:1000:::/bin/false
myuser:x:1001:1000:::/bin/bash

21
tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config/etc/shadow Normal file
View File

@@ -0,0 +1,21 @@
root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
daemon:*:12977:0:99999:7:::
bin:*:12977:0:99999:7:::
sys:*:12977:0:99999:7:::
sync:*:12977:0:99999:7:::
games:*:12977:0:99999:7:::
man:*:12977:0:99999:7:::
lp:*:12977:0:99999:7:::
mail:*:12977:0:99999:7:::
news:*:12977:0:99999:7:::
uucp:*:12977:0:99999:7:::
proxy:*:12977:0:99999:7:::
www-data:*:12977:0:99999:7:::
backup:*:12977:0:99999:7:::
list:*:12977:0:99999:7:::
irc:*:12977:0:99999:7:::
gnats:*:12977:0:99999:7:::
nobody:*:12977:0:99999:7:::
Debian-exim:!:12977:0:99999:7:::
foo:!:12977:0:99999:7:::
myuser::12977:0:99999:7:::

42
tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/data/gshadow Normal file
View File

@@ -0,0 +1,42 @@
root:*::
daemon:*::
bin:*::
sys:*::
adm:*::
tty:*::
disk:*::
lp:*::
mail:*::
news:*::
uucp:*::
man:*::
proxy:*::
kmem:*::
dialout:*::
fax:*::
voice:*::
cdrom:*::
floppy:*::
tape:*::
sudo:*::
audio:*::
dip:*::
www-data:*::
backup:*::
operator:*::
list:*::
irc:*::
src:*::
gnats:*::
shadow:*::
utmp:*::
video:*::
sasl:*::
plugdev:*::
staff:*::
games:*::
users:@PASS_DES usersPAS@:myuser:
nogroup:*::
crontab:x::
Debian-exim:x::
foo:*::

96
tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/gpasswd.exp Executable file
View File

@@ -0,0 +1,96 @@
#!/usr/bin/expect
set timeout 2
expect_after default {puts "\nFAIL"; exit 1}
if {$argc != 4} {
puts "usage: gpasswd.exp <run_user> <group> <g_password> <user_prompt>"
exit 1
}
set run_user [lindex $argv 0]
set group [lindex $argv 1]
set g_password [lindex $argv 2]
set user_prompt [lindex $argv 3]
# First, switch to the testsuite user
# (otherwise, no password will be asked)
send_user "# switch to user '$run_user'\n"
send_user "# and expect a '$user_prompt' prompt\n"
spawn /bin/su $run_user
expect "$user_prompt" ;# Wait for the prompt
send_user "\n# make sure we are now '$run_user'"
send_user "\n# whoami should return '$run_user'"
send "\r" ;# restore the prompt for the logs
send "whoami\r" ;# Verify we are really testsuite
expect {
timeout {
puts "\ntimeout...FAIL"
exit 1
}
"$run_user"
}
expect "$user_prompt" ;# Wait for the prompt
send_user "\n\n"
send_user "# now change '$group' 's password to '$g_password'\n"
send_user "# and expect a password prompt"
send "\r" ;# restore the prompt for the logs
send "gpasswd $group\r" ;# Change the password
expect "New Password: " ;# Wait for the Password: prompt
# Wait a little bit more (gpasswd is not ready to receive the password)
sleep 0.1
send "wrong $g_password\r" ;# Send the password
send_user "\n# wrong password 'wrong $g_password' sent\n\n"
send_user "Expect a new password prompt\n"
expect "Re-enter new password: " ;# Wait for the Password: prompt
# Wait a little bit more (gpasswd is not ready to receive the password)
sleep 0.1
send "$g_password\r" ;# Send the password
send_user "# expect failure 1 and retry"
expect "They don't match; try again"
expect "New Password: " ;# Wait for the Password: prompt
# Wait a little bit more (gpasswd is not ready to receive the password)
sleep 0.1
send "wrong $g_password\r" ;# Send the password
send_user "\n# wrong password 'wrong $g_password' sent\n\n"
send_user "Expect a new password prompt\n"
expect "Re-enter new password: " ;# Wait for the Password: prompt
# Wait a little bit more (gpasswd is not ready to receive the password)
sleep 0.1
send "$g_password\r" ;# Send the password
send_user "# expect failure 2 and retry"
expect "They don't match; try again"
expect "New Password: " ;# Wait for the Password: prompt
# Wait a little bit more (gpasswd is not ready to receive the password)
sleep 0.1
send "$g_password\r" ;# Send the password
send_user "\n# password '$g_password' sent for the last try\n\n"
send_user "Expect a new password prompt\n"
expect "Re-enter new password: " ;# Wait for the Password: prompt
# Wait a little bit more (gpasswd is not ready to receive the password)
sleep 0.1
send "$g_password\r" ;# Send the password
send_user "# expect prompt '$user_prompt'"
expect {
# Wait for the new prompt
"$user_prompt" {
send "exit\r"
expect "$ "
puts "\nPASS"
exit 0
}
}
puts "\ntimeout...FAIL"
exit 1

42
tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/gpasswd.test Executable file
View File

@@ -0,0 +1,42 @@
#!/bin/sh
set -e
cd $(dirname $0)
. ../../../common/config.sh
. ../../../common/log.sh
log_start "$0" "gpasswd can be used by root to change one group's passwd"
# no testsuite password
# root password: rootF00barbaz
# myuser password: myuserF00barbaz
save_config
# restore the files on exit
trap 'log_status "$0" "FAILURE"; restore_config' 0
change_config
./gpasswd.exp myuser users usersPAS '$ '
echo -n "Check the passwd file..."
../../../common/compare_file.pl config/etc/passwd /etc/passwd
echo "OK"
echo -n "Check the group file..."
../../../common/compare_file.pl config/etc/group /etc/group
echo "OK"
echo -n "Check the shadow file..."
../../../common/compare_file.pl config/etc/shadow /etc/shadow
echo "OK"
echo -n "Check the gshadow file..."
../../../common/compare_file.pl data/gshadow /etc/gshadow
echo "OK"
log_status "$0" "SUCCESS"
restore_config
trap '' 0

1
tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config.txt Normal file
View File

@@ -0,0 +1 @@
myuser exist and is an admin of group users

42
tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config/etc/group Normal file
View File

@@ -0,0 +1,42 @@
root:x:0:
daemon:x:1:
bin:x:2:
sys:x:3:
adm:x:4:
tty:x:5:
disk:x:6:
lp:x:7:
mail:x:8:
news:x:9:
uucp:x:10:
man:x:12:
proxy:x:13:
kmem:x:15:
dialout:x:20:
fax:x:21:
voice:x:22:
cdrom:x:24:
floppy:x:25:
tape:x:26:
sudo:x:27:
audio:x:29:
dip:x:30:
www-data:x:33:
backup:x:34:
operator:x:37:
list:x:38:
irc:x:39:
src:x:40:
gnats:x:41:
shadow:x:42:
utmp:x:43:
video:x:44:
sasl:x:45:
plugdev:x:46:
staff:x:50:
games:x:60:
users:x:100:
nogroup:x:65534:
crontab:x:101:
Debian-exim:x:102:
foo:x:1000:

42
tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config/etc/gshadow Normal file
View File

@@ -0,0 +1,42 @@
root:*::
daemon:*::
bin:*::
sys:*::
adm:*::
tty:*::
disk:*::
lp:*::
mail:*::
news:*::
uucp:*::
man:*::
proxy:*::
kmem:*::
dialout:*::
fax:*::
voice:*::
cdrom:*::
floppy:*::
tape:*::
sudo:*::
audio:*::
dip:*::
www-data:*::
backup:*::
operator:*::
list:*::
irc:*::
src:*::
gnats:*::
shadow:*::
utmp:*::
video:*::
sasl:*::
plugdev:*::
staff:*::
games:*::
users:*:myuser:
nogroup:*::
crontab:x::
Debian-exim:x::
foo:*::

335
tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config/etc/login.defs Normal file
View File

@@ -0,0 +1,335 @@
#
# /etc/login.defs - Configuration control definitions for the login package.
#
# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
# If unspecified, some arbitrary (and possibly incorrect) value will
# be assumed. All other items are optional - if not specified then
# the described action or option will be inhibited.
#
# Comment lines (lines beginning with "#") and blank lines are ignored.
#
# Modified for Linux. --marekm
# REQUIRED for useradd/userdel/usermod
# Directory where mailboxes reside, _or_ name of file, relative to the
# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
# MAIL_DIR takes precedence.
#
# Essentially:
# - MAIL_DIR defines the location of users mail spool files
# (for mbox use) by appending the username to MAIL_DIR as defined
# below.
# - MAIL_FILE defines the location of the users mail spool files as the
# fully-qualified filename obtained by prepending the user home
# directory before $MAIL_FILE
#
# NOTE: This is no more used for setting up users MAIL environment variable
# which is, starting from shadow 4.0.12-1 in Debian, entirely the
# job of the pam_mail PAM modules
# See default PAM configuration files provided for
# login, su, etc.
#
# This is a temporary situation: setting these variables will soon
# move to /etc/default/useradd and the variables will then be
# no more supported
MAIL_DIR /var/mail
#MAIL_FILE .mail
#
# Enable logging and display of /var/log/faillog login failure info.
# This option conflicts with the pam_tally PAM module.
#
FAILLOG_ENAB yes
#
# Enable display of unknown usernames when login failures are recorded.
#
# WARNING: Unknown usernames may become world readable.
# See #290803 and #298773 for details about how this could become a security
# concern
LOG_UNKFAIL_ENAB no
#
# Enable logging of successful logins
#
LOG_OK_LOGINS no
#
# Enable "syslog" logging of su activity - in addition to sulog file logging.
# SYSLOG_SG_ENAB does the same for newgrp and sg.
#
SYSLOG_SU_ENAB yes
SYSLOG_SG_ENAB yes
#
# If defined, all su activity is logged to this file.
#
#SULOG_FILE /var/log/sulog
#
# If defined, file which maps tty line to TERM environment parameter.
# Each line of the file is in a format something like "vt100 tty01".
#
#TTYTYPE_FILE /etc/ttytype
#
# If defined, login failures will be logged here in a utmp format
# last, when invoked as lastb, will read /var/log/btmp, so...
#
FTMP_FILE /var/log/btmp
#
# If defined, the command name to display when running "su -". For
# example, if this is defined as "su" then a "ps" will display the
# command is "-su". If not defined, then "ps" would display the
# name of the shell actually being run, e.g. something like "-sh".
#
SU_NAME su
#
# If defined, file which inhibits all the usual chatter during the login
# sequence. If a full pathname, then hushed mode will be enabled if the
# user's name or shell are found in the file. If not a full pathname, then
# hushed mode will be enabled if the file exists in the user's home directory.
#
HUSHLOGIN_FILE .hushlogin
#HUSHLOGIN_FILE /etc/hushlogins
#
# *REQUIRED* The default PATH settings, for superuser and normal users.
#
# (they are minimal, add the rest in the shell startup files)
ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
#
# Terminal permissions
#
# TTYGROUP Login tty will be assigned this group ownership.
# TTYPERM Login tty will be set to this permission.
#
# If you have a "write" program which is "setgid" to a special group
# which owns the terminals, define TTYGROUP to the group number and
# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
# TTYPERM to either 622 or 600.
#
# In Debian /usr/bin/bsd-write or similar programs are setgid tty
# However, the default and recommended value for TTYPERM is still 0600
# to not allow anyone to write to anyone else console or terminal
# Users can still allow other people to write them by issuing
# the "mesg y" command.
TTYGROUP tty
TTYPERM 0600
#
# Login configuration initializations:
#
# ERASECHAR Terminal ERASE character ('\010' = backspace).
# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
# UMASK Default "umask" value.
#
# The ERASECHAR and KILLCHAR are used only on System V machines.
#
# UMASK is the default umask value for pam_umask and is used by
# useradd and newusers to set the mode of the new home directories.
# 022 is the "historical" value in Debian for UMASK
# 027, or even 077, could be considered better for privacy
# There is no One True Answer here : each sysadmin must make up his/her
# mind.
#
# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
#
ERASECHAR 0177
KILLCHAR 025
UMASK 022
#
# Password aging controls:
#
# PASS_MAX_DAYS Maximum number of days a password may be used.
# PASS_MIN_DAYS Minimum number of days allowed between password changes.
# PASS_WARN_AGE Number of days warning given before a password expires.
#
PASS_MAX_DAYS 99999
PASS_MIN_DAYS 0
PASS_WARN_AGE 7
#
# Min/max values for automatic uid selection in useradd
#
UID_MIN 1000
UID_MAX 60000
# System accounts
#SYS_UID_MIN 100
#SYS_UID_MAX 999
#
# Min/max values for automatic gid selection in groupadd
#
GID_MIN 1000
GID_MAX 60000
# System accounts
#SYS_GID_MIN 100
#SYS_GID_MAX 999
#
# Max number of login retries if password is bad. This will most likely be
# overriden by PAM, since the default pam_unix module has it's own built
# in of 3 retries. However, this is a safe fallback in case you are using
# an authentication module that does not enforce PAM_MAXTRIES.
#
LOGIN_RETRIES 4
#
# Max time in seconds for login
#
LOGIN_TIMEOUT 60
#
# Which fields may be changed by regular users using chfn - use
# any combination of letters "frwh" (full name, room number, work
# phone, home phone). If not defined, no changes are allowed.
# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
#
CHFN_RESTRICT rwh
#
# Should login be allowed if we can't cd to the home directory?
# Default in no.
#
DEFAULT_HOME yes
#
# If defined, this command is run when removing a user.
# It should remove any at/cron/print jobs etc. owned by
# the user to be removed (passed as the first argument).
#
#USERDEL_CMD /usr/sbin/userdel_local
#
# If set to yes, userdel will remove the user´s group if it contains no
# more members, and useradd will create by default a group with the name
# of the user.
#
# Other former uses of this variable such as setting the umask when
# user==primary group are not used in PAM environments, such as Debian
#
USERGROUPS_ENAB yes
#
# Instead of the real user shell, the program specified by this parameter
# will be launched, although its visible name (argv[0]) will be the shell's.
# The program may do whatever it wants (logging, additional authentification,
# banner, ...) before running the actual shell.
#
# FAKE_SHELL /bin/fakeshell
#
# If defined, either full pathname of a file containing device names or
# a ":" delimited list of device names. Root logins will be allowed only
# upon these devices.
#
# This variable is used by login and su.
#
#CONSOLE /etc/consoles
#CONSOLE console:tty01:tty02:tty03:tty04
#
# List of groups to add to the user's supplementary group set
# when logging in on the console (as determined by the CONSOLE
# setting). Default is none.
#
# Use with caution - it is possible for users to gain permanent
# access to these groups, even when not logged in on the console.
# How to do it is left as an exercise for the reader...
#
# This variable is used by login and su.
#
#CONSOLE_GROUPS floppy:audio:cdrom
#
# If set to "yes", new passwords will be encrypted using the MD5-based
# algorithm compatible with the one used by recent releases of FreeBSD.
# It supports passwords of unlimited length and longer salt strings.
# Set to "no" if you need to copy encrypted passwords to other systems
# which don't understand the new algorithm. Default is "no".
#
# This variable is deprecated. You should use ENCRYPT_METHOD.
#
#MD5_CRYPT_ENAB no
#
# If set to MD5 , MD5-based algorithm will be used for encrypting password
# If set to SHA256, SHA256-based algorithm will be used for encrypting password
# If set to SHA512, SHA512-based algorithm will be used for encrypting password
# If set to DES, DES-based algorithm will be used for encrypting password (default)
# Overrides the MD5_CRYPT_ENAB option
#
# Note: It is recommended to use a value consistent with
# the PAM modules configuration.
#
#ENCRYPT_METHOD DES
#
# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
#
# Define the number of SHA rounds.
# With a lot of rounds, it is more difficult to brute forcing the password.
# But note also that it more CPU resources will be needed to authenticate
# users.
#
# If not specified, the libc will choose the default number of rounds (5000).
# The values must be inside the 1000-999999999 range.
# If only one of the MIN or MAX values is set, then this value will be used.
# If MIN > MAX, the highest value will be used.
#
# SHA_CRYPT_MIN_ROUNDS 5000
# SHA_CRYPT_MAX_ROUNDS 5000
################# OBSOLETED BY PAM ##############
# #
# These options are now handled by PAM. Please #
# edit the appropriate file in /etc/pam.d/ to #
# enable the equivelants of them.
#
###############
#MOTD_FILE
#DIALUPS_CHECK_ENAB
#LASTLOG_ENAB
#MAIL_CHECK_ENAB
#OBSCURE_CHECKS_ENAB
#PORTTIME_CHECKS_ENAB
#SU_WHEEL_ONLY
#CRACKLIB_DICTPATH
#PASS_CHANGE_TRIES
#PASS_ALWAYS_WARN
#ENVIRON_FILE
#NOLOGINS_FILE
#ISSUE_FILE
#PASS_MIN_LEN
#PASS_MAX_LEN
#ULIMIT
#ENV_HZ
#CHFN_AUTH
#CHSH_AUTH
#FAIL_DELAY
################# OBSOLETED #######################
# #
# These options are no more handled by shadow. #
# #
# Shadow utilities will display a warning if they #
# still appear. #
# #
###################################################
# CLOSE_SESSIONS
# LOGIN_STRING
# NO_PASSWORD_CONSOLE
# QMAIL_DIR

21
tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config/etc/passwd Normal file
View File

@@ -0,0 +1,21 @@
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/bin/sh
bin:x:2:2:bin:/bin:/bin/sh
sys:x:3:3:sys:/dev:/bin/sh
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/bin/sh
man:x:6:12:man:/var/cache/man:/bin/sh
lp:x:7:7:lp:/var/spool/lpd:/bin/sh
mail:x:8:8:mail:/var/mail:/bin/sh
news:x:9:9:news:/var/spool/news:/bin/sh
uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
proxy:x:13:13:proxy:/bin:/bin/sh
www-data:x:33:33:www-data:/var/www:/bin/sh
backup:x:34:34:backup:/var/backups:/bin/sh
list:x:38:38:Mailing List Manager:/var/list:/bin/sh
irc:x:39:39:ircd:/var/run/ircd:/bin/sh
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
Debian-exim:x:102:102::/var/spool/exim4:/bin/false
foo:x:1000:1000:::/bin/false
myuser:x:1001:1000:::/bin/bash

21
tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config/etc/shadow Normal file
View File

@@ -0,0 +1,21 @@
root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
daemon:*:12977:0:99999:7:::
bin:*:12977:0:99999:7:::
sys:*:12977:0:99999:7:::
sync:*:12977:0:99999:7:::
games:*:12977:0:99999:7:::
man:*:12977:0:99999:7:::
lp:*:12977:0:99999:7:::
mail:*:12977:0:99999:7:::
news:*:12977:0:99999:7:::
uucp:*:12977:0:99999:7:::
proxy:*:12977:0:99999:7:::
www-data:*:12977:0:99999:7:::
backup:*:12977:0:99999:7:::
list:*:12977:0:99999:7:::
irc:*:12977:0:99999:7:::
gnats:*:12977:0:99999:7:::
nobody:*:12977:0:99999:7:::
Debian-exim:!:12977:0:99999:7:::
foo:!:12977:0:99999:7:::
myuser::12977:0:99999:7:::

96
tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/gpasswd.exp Executable file
View File

@@ -0,0 +1,96 @@
#!/usr/bin/expect
set timeout 2
expect_after default {puts "\nFAIL"; exit 1}
if {$argc != 4} {
puts "usage: gpasswd.exp <run_user> <group> <g_password> <user_prompt>"
exit 1
}
set run_user [lindex $argv 0]
set group [lindex $argv 1]
set g_password [lindex $argv 2]
set user_prompt [lindex $argv 3]
# First, switch to the testsuite user
# (otherwise, no password will be asked)
send_user "# switch to user '$run_user'\n"
send_user "# and expect a '$user_prompt' prompt\n"
spawn /bin/su $run_user
expect "$user_prompt" ;# Wait for the prompt
send_user "\n# make sure we are now '$run_user'"
send_user "\n# whoami should return '$run_user'"
send "\r" ;# restore the prompt for the logs
send "whoami\r" ;# Verify we are really testsuite
expect {
timeout {
puts "\ntimeout...FAIL"
exit 1
}
"$run_user"
}
expect "$user_prompt" ;# Wait for the prompt
send_user "\n\n"
send_user "# now change '$group' 's password to '$g_password'\n"
send_user "# and expect a password prompt"
send "\r" ;# restore the prompt for the logs
send "gpasswd $group\r" ;# Change the password
expect "New Password: " ;# Wait for the Password: prompt
# Wait a little bit more (gpasswd is not ready to receive the password)
sleep 0.1
send "wrong $g_password\r" ;# Send the password
send_user "\n# wrong password 'wrong $g_password' sent\n\n"
send_user "Expect a new password prompt\n"
expect "Re-enter new password: " ;# Wait for the Password: prompt
# Wait a little bit more (gpasswd is not ready to receive the password)
sleep 0.1
send "$g_password\r" ;# Send the password
send_user "# expect failure 1 and retry"
expect "They don't match; try again"
expect "New Password: " ;# Wait for the Password: prompt
# Wait a little bit more (gpasswd is not ready to receive the password)
sleep 0.1
send "wrong $g_password\r" ;# Send the password
send_user "\n# wrong password 'wrong $g_password' sent\n\n"
send_user "Expect a new password prompt\n"
expect "Re-enter new password: " ;# Wait for the Password: prompt
# Wait a little bit more (gpasswd is not ready to receive the password)
sleep 0.1
send "$g_password\r" ;# Send the password
send_user "# expect failure 2 and retry"
expect "They don't match; try again"
expect "New Password: " ;# Wait for the Password: prompt
# Wait a little bit more (gpasswd is not ready to receive the password)
sleep 0.1
send "wrong $g_password\r" ;# Send the password
send_user "\n# wrong password 'wrong $g_password' sent\n\n"
send_user "Expect a new password prompt\n"
expect "Re-enter new password: " ;# Wait for the Password: prompt
# Wait a little bit more (gpasswd is not ready to receive the password)
sleep 0.1
send "$g_password\r" ;# Send the password
send_user "# expect failure 3 and retry"
expect "gpasswd: Try again later"
send_user "# expect prompt '$user_prompt'"
expect {
# Wait for the new prompt
"$user_prompt" {
send "exit\r"
expect "$ "
puts "\nPASS"
exit 0
}
}
puts "\ntimeout...FAIL"
exit 1

42
tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/gpasswd.test Executable file
View File

@@ -0,0 +1,42 @@
#!/bin/sh
set -e
cd $(dirname $0)
. ../../../common/config.sh
. ../../../common/log.sh
log_start "$0" "gpasswd can be used by root to change one group's passwd"
# no testsuite password
# root password: rootF00barbaz
# myuser password: myuserF00barbaz
save_config
# restore the files on exit
trap 'log_status "$0" "FAILURE"; restore_config' 0
change_config
./gpasswd.exp myuser users usersPAS '$ '
echo -n "Check the passwd file..."
../../../common/compare_file.pl config/etc/passwd /etc/passwd
echo "OK"
echo -n "Check the group file..."
../../../common/compare_file.pl config/etc/group /etc/group
echo "OK"
echo -n "Check the shadow file..."
../../../common/compare_file.pl config/etc/shadow /etc/shadow
echo "OK"
echo -n "Check the gshadow file..."
../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
echo "OK"
log_status "$0" "SUCCESS"
restore_config
trap '' 0

5
tests/grouptools/gpasswd/72_gpasswd-M-A/config.txt Normal file
View File

@@ -0,0 +1,5 @@
# no testsuite password
# root password: rootF00barbaz
# myuser password: myuserF00barbaz
user foo, in group users

42
tests/grouptools/gpasswd/72_gpasswd-M-A/config/etc/group Normal file
View File

@@ -0,0 +1,42 @@
root:x:0:
daemon:x:1:
bin:x:2:
sys:x:3:
adm:x:4:
tty:x:5:
disk:x:6:
lp:x:7:
mail:x:8:
news:x:9:
uucp:x:10:
man:x:12:
proxy:x:13:
kmem:x:15:
dialout:x:20:
fax:x:21:
voice:x:22:
cdrom:x:24:
floppy:x:25:
tape:x:26:
sudo:x:27:
audio:x:29:
dip:x:30:
www-data:x:33:
backup:x:34:
operator:x:37:
list:x:38:
irc:x:39:
src:x:40:
gnats:x:41:
shadow:x:42:
utmp:x:43:
video:x:44:
sasl:x:45:
plugdev:x:46:
staff:x:50:
games:x:60:
users:x:100:foo,bin
nogroup:x:65534:
crontab:x:101:
Debian-exim:x:102:
foo:x:1000:

42
tests/grouptools/gpasswd/72_gpasswd-M-A/config/etc/gshadow Normal file
View File

@@ -0,0 +1,42 @@
root:*::
daemon:*::
bin:*::
sys:*::
adm:*::
tty:*::
disk:*::
lp:*::
mail:*::
news:*::
uucp:*::
man:*::
proxy:*::
kmem:*::
dialout:*::
fax:*::
voice:*::
cdrom:*::
floppy:*::
tape:*::
sudo:*::
audio:*::
dip:*::
www-data:*::
backup:*::
operator:*::
list:*::
irc:*::
src:*::
gnats:*::
shadow:*::
utmp:*::
video:*::
sasl:*::
plugdev:*::
staff:*::
games:*::
users:*::foo,bin
nogroup:*::
crontab:x::
Debian-exim:x::
foo:*::

20
tests/grouptools/gpasswd/72_gpasswd-M-A/config/etc/passwd Normal file
View File

@@ -0,0 +1,20 @@
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/bin/sh
bin:x:2:2:bin:/bin:/bin/sh
sys:x:3:3:sys:/dev:/bin/sh
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/bin/sh
man:x:6:12:man:/var/cache/man:/bin/sh
lp:x:7:7:lp:/var/spool/lpd:/bin/sh
mail:x:8:8:mail:/var/mail:/bin/sh
news:x:9:9:news:/var/spool/news:/bin/sh
uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
proxy:x:13:13:proxy:/bin:/bin/sh
www-data:x:33:33:www-data:/var/www:/bin/sh
backup:x:34:34:backup:/var/backups:/bin/sh
list:x:38:38:Mailing List Manager:/var/list:/bin/sh
irc:x:39:39:ircd:/var/run/ircd:/bin/sh
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
Debian-exim:x:102:102::/var/spool/exim4:/bin/false
foo:x:1000:1000:::/bin/false

20
tests/grouptools/gpasswd/72_gpasswd-M-A/config/etc/shadow Normal file
View File

@@ -0,0 +1,20 @@
root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
daemon:*:12977:0:99999:7:::
bin:*:12977:0:99999:7:::
sys:*:12977:0:99999:7:::
sync:*:12977:0:99999:7:::
games:*:12977:0:99999:7:::
man:*:12977:0:99999:7:::
lp:*:12977:0:99999:7:::
mail:*:12977:0:99999:7:::
news:*:12977:0:99999:7:::
uucp:*:12977:0:99999:7:::
proxy:*:12977:0:99999:7:::
www-data:*:12977:0:99999:7:::
backup:*:12977:0:99999:7:::
list:*:12977:0:99999:7:::
irc:*:12977:0:99999:7:::
gnats:*:12977:0:99999:7:::
nobody:*:12977:0:99999:7:::
Debian-exim:!:12977:0:99999:7:::
foo:!:12977:0:99999:7:::

42
tests/grouptools/gpasswd/72_gpasswd-M-A/data/group Normal file
View File

@@ -0,0 +1,42 @@
root:x:0:
daemon:x:1:
bin:x:2:
sys:x:3:
adm:x:4:
tty:x:5:
disk:x:6:
lp:x:7:
mail:x:8:
news:x:9:
uucp:x:10:
man:x:12:
proxy:x:13:
kmem:x:15:
dialout:x:20:
fax:x:21:
voice:x:22:
cdrom:x:24:
floppy:x:25:
tape:x:26:
sudo:x:27:
audio:x:29:
dip:x:30:
www-data:x:33:
backup:x:34:
operator:x:37:
list:x:38:
irc:x:39:
src:x:40:
gnats:x:41:
shadow:x:42:
utmp:x:43:
video:x:44:
sasl:x:45:
plugdev:x:46:
staff:x:50:
games:x:60:
users:x:100:root,daemon
nogroup:x:65534:
crontab:x:101:
Debian-exim:x:102:
foo:x:1000:

42
tests/grouptools/gpasswd/72_gpasswd-M-A/data/gshadow Normal file
View File

@@ -0,0 +1,42 @@
root:*::
daemon:*::
bin:*::
sys:*::
adm:*::
tty:*::
disk:*::
lp:*::
mail:*::
news:*::
uucp:*::
man:*::
proxy:*::
kmem:*::
dialout:*::
fax:*::
voice:*::
cdrom:*::
floppy:*::
tape:*::
sudo:*::
audio:*::
dip:*::
www-data:*::
backup:*::
operator:*::
list:*::
irc:*::
src:*::
gnats:*::
shadow:*::
utmp:*::
video:*::
sasl:*::
plugdev:*::
staff:*::
games:*::
users:*:root,bin:root,daemon
nogroup:*::
crontab:x::
Debian-exim:x::
foo:*::

39
tests/grouptools/gpasswd/72_gpasswd-M-A/gpasswd.test Executable file
View File

@@ -0,0 +1,39 @@
#!/bin/sh
set -e
cd $(dirname $0)
. ../../../common/config.sh
. ../../../common/log.sh
log_start "$0" "gpasswd can change the list of members and admins"
save_config
# restore the files on exit
trap 'log_status "$0" "FAILURE"; restore_config' 0
change_config
echo -n "set the list of members to root,daemon (gpasswd -M root,daemon -A root,bin users)..."
gpasswd -M root,daemon -A root,bin users
echo "OK"
echo -n "Check the passwd file..."
../../../common/compare_file.pl config/etc/passwd /etc/passwd
echo "OK"
echo -n "Check the group file..."
../../../common/compare_file.pl data/group /etc/group
echo "OK"
echo -n "Check the shadow file..."
../../../common/compare_file.pl config/etc/shadow /etc/shadow
echo "OK"
echo -n "Check the gshadow file..."
../../../common/compare_file.pl data/gshadow /etc/gshadow
echo "OK"
log_status "$0" "SUCCESS"
restore_config
trap '' 0