def test_groups(self):
bundle = MagicMock()
user = users.User(
bundle,
"bundlewrap",
{
'full_name': "Blöck Wart",
'gid': 2345,
'groups': ["group1", "group2", "group3"],
'home': "/home/bundlewrap",
'password_hash': "secret",
'shell': "/bin/bash",
'uid': 1123,
},
)
status = ItemStatus(correct=False)
status.info = {
'exists': True,
'full_name': "Blöck Wart",
'gid': 2345,
'groups': ["group3", "group2", "group4", "group5"],
'home': "/home/bundlewrap",
'shadow_hash': "secret",
'shell': "/bin/bash",
'uid': 1123,
'needs_fixing': ['groups'],
}
self.assertEqual(
user.ask(status),
"missing groups group1\n" +
"extra groups group4, group5\n"
)
def test_shadow_not_found(self):
bundle = MagicMock()
user = users.User(
bundle,
"bundlewrap",
{
'full_name': "Blöck Wart",
'gid': 2345,
'groups': ["group1", "group2"],
'home': "/home/bundlewrap",
'password_hash': "secret",
'shell': "/bin/bash",
'uid': 1123,
},
)
status = ItemStatus(correct=False)
status.info = {
'exists': True,
'full_name': "Blöck Wart",
'gid': 2345,
'groups': ["group1", "group2"],
'home': "/home/bundlewrap",
'shadow_hash': None,
'shell': "/bin/bash",
'uid': 1123,
'needs_fixing': ['password'],
}
self.assertEqual(
user.ask(status),
"password hash not found in /etc/shadow\n"
)
def test_group(self):
bundle = MagicMock()
group = groups.Group(
bundle,
"bundlewrap",
{ 'gid': 2345 },
)
status = ItemStatus(correct=False)
status.info = {
'exists': True,
'gid': 2357,
}
self.assertEqual(
group.ask(status),
"GID 2357 → 2345\n",
)
def get_status(self):
# verify content of /etc/group
grep_result = self.node.run(
"grep -e '^{}:' /etc/group".format(self.name),
may_fail=True,
)
if grep_result.return_code != 0:
return ItemStatus(correct=self.attributes['delete'], info={'exists': False})
status = ItemStatus(correct=not self.attributes['delete'], info={'exists': True})
status.info.update(_parse_group_line(grep_result.stdout_text))
if self.attributes['gid'] is not None and \
status.info['gid'] != self.attributes['gid']:
status.correct = False
return status
def test_passwd(self):
bundle = MagicMock()
user = users.User(
bundle,
"bundlewrap",
{
'home': "/home/bundlewrap",
'full_name': "Blöck Wart",
'gid': 2345,
'groups': ["group1", "group2"],
'password_hash': "topsecret",
'shell': "/bin/bash",
'uid': 1123,
'use_shadow': False,
},
)
status = ItemStatus(correct=False)
status.info = {
'exists': True,
'full_name': "BundleWrap",
'gid': 2357,
'groups': ["group1", "group2"],
'home': "/home/blkwrt",
'passwd_hash': "secret",
'shell': "/bin/bsh",
'uid': 1113,
'needs_fixing': ['home', 'full_name', 'gid', 'password', 'shell', 'uid'],
}
self.assertEqual(
user.ask(status),
"home dir /home/blkwrt → /home/bundlewrap\n"
"full name BundleWrap → Blöck Wart\n"
"GID 2357 → 2345\n"
"shell /bin/bsh → /bin/bash\n"
"UID 1113 → 1123\n"
"password hash secret\n"
" → topsecret\n"
)
def get_status(self):
# verify content of /etc/passwd
passwd_grep_result = self.node.run(
"grep -e '^{}:' /etc/passwd".format(self.name),
may_fail=True,
)
if passwd_grep_result.return_code != 0:
return ItemStatus(
correct=self.attributes['delete'],
info={'exists': False, 'needs_fixing': sorted(_ATTRIBUTE_OPTIONS.keys())},
)
elif self.attributes['delete']:
return ItemStatus(correct=False, info={
'exists': True,
'needs_fixing': sorted(_ATTRIBUTE_OPTIONS.keys()),
})
status = ItemStatus(correct=True, info={'exists': True})
status.info['needs_fixing'] = []
status.info.update(_parse_passwd_line(passwd_grep_result.stdout_text))
if self.attributes['gid'] is not None:
if self.attributes['gid'].isdigit():
if int(self.attributes['gid']) != status.info['gid']:
status.info['needs_fixing'].append('gid')
elif _group_name_for_gid(self.node, status.info['gid']) != self.attributes['gid']:
status.info['needs_fixing'].append('gid')
for fieldname in ('uid', 'full_name', 'home', 'shell'):
if self.attributes[fieldname] is None:
continue
if status.info[fieldname] != self.attributes[fieldname]:
status.info['needs_fixing'].append(fieldname)
if self.attributes['password_hash'] is not None:
if self.attributes['use_shadow']:
# verify content of /etc/shadow
shadow_grep_result = self.node.run(
"grep -e '^{}:' /etc/shadow".format(self.name),
may_fail=True,
)
if shadow_grep_result.return_code != 0:
status.info['shadow_hash'] = None
status.info['needs_fixing'].append('password')
else:
status.info['shadow_hash'] = shadow_grep_result.stdout_text.split(":")[1]
if status.info['shadow_hash'] != self.attributes['password_hash']:
status.info['needs_fixing'].append('password_hash')
else:
if status.info['passwd_hash'] != self.attributes['password_hash']:
status.info['needs_fixing'].append('password_hash')
# verify content of /etc/group
status.info['groups'] = _groups_for_user(self.node, self.name)
if self.attributes['groups'] is not None and \
set(self.attributes['groups']) != set(status.info['groups']):
status.info['needs_fixing'].append('groups')
if status.info['needs_fixing']:
status.correct = False
return status