Beispiel #1
0
    def test_default_password_policies(self):
        """Test the password policies property."""
        policies = PasswordPolicy.from_structure_dict(
            self.interface.PasswordPolicies)

        expected_names = {"root", "user", "luks"}
        assert policies.keys() == expected_names

        for name in expected_names:
            policy = policies[name]
            expected_policy = PasswordPolicy.from_defaults(name)
            assert compare_data(policy, expected_policy)
Beispiel #2
0
    def default_password_policies_test(self):
        """Test the password policies property."""
        policies = PasswordPolicy.from_structure_dict(
            self.interface.PasswordPolicies)

        expected_names = {"root", "user", "luks"}
        self.assertEqual(policies.keys(), expected_names)

        for name in expected_names:
            policy = policies[name]
            expected_policy = PasswordPolicy.from_defaults(name)
            self.assertTrue(compare_data(policy, expected_policy))
    def _get_password_policies(self):
        """Get the password policies from the installer.

        :return: a dictionary of password policies
        """
        proxy = BOSS.get_proxy(USER_INTERFACE)
        policies = PasswordPolicy.from_structure_dict(proxy.PasswordPolicies)

        if PASSWORD_POLICY_ROOT not in policies:
            policy = PasswordPolicy.from_defaults(PASSWORD_POLICY_ROOT)
            policies[PASSWORD_POLICY_ROOT] = policy

        return policies
def get_policy(policy_name) -> PasswordPolicy:
    """Get the password policy data.

    :param policy_name: a name of the policy
    :return: a password policy data
    """
    proxy = BOSS.get_proxy(USER_INTERFACE)
    policies = PasswordPolicy.from_structure_dict(proxy.PasswordPolicies)

    if policy_name in policies:
        return policies[policy_name]

    return PasswordPolicy.from_defaults(policy_name)
Beispiel #5
0
    def get_default_password_policies(self):
        """Get the default password policies.

        :return: a dictionary of policy names and policy data
        """
        return {
            PASSWORD_POLICY_ROOT:
            PasswordPolicy.from_defaults(PASSWORD_POLICY_ROOT),
            PASSWORD_POLICY_USER:
            PasswordPolicy.from_defaults(PASSWORD_POLICY_USER),
            PASSWORD_POLICY_LUKS:
            PasswordPolicy.from_defaults(PASSWORD_POLICY_LUKS),
        }
Beispiel #6
0
 def default_known_policy_test(self):
     """Test the default policy data."""
     policy = PasswordPolicy.from_defaults("root")
     self.assertEqual(policy.min_quality, 1)
     self.assertEqual(policy.min_length, 6)
     self.assertEqual(policy.allow_empty, False)
     self.assertEqual(policy.is_strict, False)
 def test_default_known_policy(self):
     """Test the default policy data."""
     policy = PasswordPolicy.from_defaults("root")
     assert policy.min_quality == 1
     assert policy.min_length == 6
     assert policy.allow_empty is False
     assert policy.is_strict is False
 def test_default_unknown_policy(self):
     """Test the default policy data for unknown policy."""
     policy = PasswordPolicy.from_defaults("test")
     assert policy.min_quality == 0
     assert policy.min_length == 0
     assert policy.allow_empty is True
     assert policy.is_strict is False
Beispiel #9
0
 def default_unknown_policy_test(self):
     """Test the default policy data for unknown policy."""
     policy = PasswordPolicy.from_defaults("test")
     self.assertEqual(policy.min_quality, 0)
     self.assertEqual(policy.min_length, 0)
     self.assertEqual(policy.allow_empty, True)
     self.assertEqual(policy.is_strict, False)
    def _set_password_policies(self, policies):
        """Set the password policies for the installer.

        :param policies: a dictionary of password policies
        """
        proxy = BOSS.get_proxy(USER_INTERFACE)

        proxy.PasswordPolicies = \
            PasswordPolicy.to_structure_dict(policies)
Beispiel #11
0
    def from_structure_dict_test(self):
        """Test the from_structure_dict method."""
        s1 = {"min-quality": get_variant(Int, 1)}
        s2 = {"min-quality": get_variant(Int, 2)}
        s3 = {"min-quality": get_variant(Int, 3)}

        # Test an invalid argument.
        with self.assertRaises(TypeError):
            PasswordPolicy.from_structure_dict([])

        # Test a valid argument.
        objects = PasswordPolicy.from_structure_dict({
            "s1": s1, "s2": s2, "s3": s3
        })

        self.assertEqual(objects.keys(), {"s1", "s2", "s3"})
        self.assertEqual(objects["s1"].min_quality, 1)
        self.assertEqual(objects["s2"].min_quality, 2)
        self.assertEqual(objects["s3"].min_quality, 3)
Beispiel #12
0
    def test_from_structure_dict(self):
        """Test the from_structure_dict method."""
        s1 = {"min-quality": get_variant(Int, 1)}
        s2 = {"min-quality": get_variant(Int, 2)}
        s3 = {"min-quality": get_variant(Int, 3)}

        # Test an invalid argument.
        with pytest.raises(TypeError):
            PasswordPolicy.from_structure_dict([])

        # Test a valid argument.
        objects = PasswordPolicy.from_structure_dict({
            "s1": s1,
            "s2": s2,
            "s3": s3
        })

        assert objects.keys() == {"s1", "s2", "s3"}
        assert objects["s1"].min_quality == 1
        assert objects["s2"].min_quality == 2
        assert objects["s3"].min_quality == 3
def test_evaluation_passwd_minlen_report_only_not_ignored(
        proxy_getter, rule_data, ksdata_mock, storage_mock):
    password_proxy_mock = USERS.get_proxy()
    password_proxy_mock.IsRootPasswordCrypted = False
    password_proxy_mock.RootPassword = "******"

    rule_data.new_rule("passwd --minlen=8")

    # call eval_rules with report_only=False
    # should set password minimal length to 8
    messages = rule_data.eval_rules(ksdata_mock, storage_mock, report_only=False)

    # Password Policy changed --> no warnings
    assert not messages
    assert rule_data._passwd_rules._orig_minlen == 6
    assert not rule_data._passwd_rules._orig_strict
    assert rule_data._passwd_rules._minlen == 8

    policy = PasswordPolicy.from_defaults(PASSWORD_POLICY_ROOT)
    policy.min_length = 8
    policy.is_strict = True

    policies = {PASSWORD_POLICY_ROOT: policy}

    ui_mock = BOSS.get_proxy(USER_INTERFACE)
    assert ui_mock.PasswordPolicies == \
        PasswordPolicy.to_structure_dict(policies)

    # call of eval_rules with report_only=True
    # should not change anything
    messages = rule_data.eval_rules(ksdata_mock, storage_mock, report_only=True)
    # Password Policy stayed the same --> no warnings
    assert not messages

    assert rule_data._passwd_rules._orig_minlen == 6
    assert not rule_data._passwd_rules._orig_strict
    assert rule_data._passwd_rules._minlen == 8

    assert ui_mock.PasswordPolicies == \
        PasswordPolicy.to_structure_dict(policies)
Beispiel #14
0
    def SetPasswordPolicies(self, policies: Dict[Str, Structure]):
        """Set the password policies.

        Default policy names:

            root  The policy for the root password.
            user  The policy for the user password.
            luks  The policy for the LUKS passphrase.

        :param policies: a dictionary of policy names and policy data
        """
        self.implementation.set_password_policies(
            PasswordPolicy.from_structure_dict(policies))
Beispiel #15
0
def apply_password_policy_from_kickstart(data):
    """Apply the password policy specified in the kickstart file.

    FIXME: This is a temporary workaround. Remove the pwpolicy
           kickstart command in the next major release.

    :param data: a kickstart data handler
    """
    if not data.anaconda.pwpolicy.seen:
        log.debug("Using the password policy from the configuration.")
        return

    # Set up the UI DBus module.
    ui_module = BOSS.get_proxy(USER_INTERFACE)
    policies = {}

    for pwdata in data.anaconda.pwpolicy.policyList:
        policy = PasswordPolicy()

        policy_name = pwdata.name
        policy.min_quality = pwdata.minquality
        policy.min_length = pwdata.minlen
        policy.is_strict = pwdata.strict
        policy.allow_empty = pwdata.emptyok

        policies[policy_name] = policy

    ui_module.SetPasswordPolicies(PasswordPolicy.to_structure_dict(policies))

    # Set up the Anaconda configuration. This change will affect only the main
    # process with UI, because the DBus modules are already running.
    pwdata = data.anaconda.pwpolicy.get_policy(PASSWORD_POLICY_ROOT,
                                               fallback_to_default=True)
    conf.ui._set_option("can_change_root", pwdata.changesok)

    pwdata = data.anaconda.pwpolicy.get_policy(PASSWORD_POLICY_USER,
                                               fallback_to_default=True)
    conf.ui._set_option("can_change_users", pwdata.changesok)

    log.debug("Using the password policy from the kickstart file.")
Beispiel #16
0
    def test_to_structure_dict(self):
        """Test the to_structure_dict method."""
        p1 = PasswordPolicy()
        p1.quality = 1

        p2 = PasswordPolicy()
        p2.quality = 2

        p3 = PasswordPolicy()
        p3.quality = 3

        # Test an invalid argument.
        with pytest.raises(TypeError):
            PasswordPolicy.to_structure_dict([])

        # Test a valid argument.
        structures = PasswordPolicy.to_structure_dict({
            "p1": p1,
            "p2": p2,
            "p3": p3
        })

        assert structures == {
            "p1": PasswordPolicy.to_structure(p1),
            "p2": PasswordPolicy.to_structure(p2),
            "p3": PasswordPolicy.to_structure(p3),
        }
Beispiel #17
0
 def PasswordPolicies(self) -> Dict[Str, Structure]:
     """The password policies."""
     return PasswordPolicy.to_structure_dict(
         self.implementation.password_policies)
Beispiel #18
0
    def apply_policies_to_module_test(self, proxy_getter):
        ui_module = Mock()
        proxy_getter.return_value = ui_module

        ks_in = """
        %anaconda
        pwpolicy root --minlen=1 --minquality=10 --notempty --strict
        pwpolicy user --minlen=2 --minquality=20 --emptyok --notstrict
        pwpolicy luks --minlen=3 --minquality=30 --emptyok --strict
        %end
        """

        self.ksparser.readKickstartFromString(dedent(ks_in))
        apply_password_policy_from_kickstart(self.handler)

        root_policy = PasswordPolicy()
        root_policy.min_length = 1
        root_policy.min_quality = 10
        root_policy.is_strict = True
        root_policy.allow_empty = False

        user_policy = PasswordPolicy()
        user_policy.min_length = 2
        user_policy.min_quality = 20
        user_policy.is_strict = False
        user_policy.allow_empty = True

        luks_policy = PasswordPolicy()
        luks_policy.min_length = 3
        luks_policy.min_quality = 30
        luks_policy.is_strict = True
        luks_policy.allow_empty = True

        policies = {
            PASSWORD_POLICY_ROOT: root_policy,
            PASSWORD_POLICY_USER: user_policy,
            PASSWORD_POLICY_LUKS: luks_policy
        }

        ui_module.SetPasswordPolicies.assert_called_once_with(
            PasswordPolicy.to_structure_dict(policies))
def get_policy():
    return PasswordPolicy.from_defaults(PASSWORD_POLICY_USER)