Ejemplo n.º 1
0
  def testParseMultiple(self):
    """Tests for the ParseMultiple() method."""
    parser = linux_pam_parser.PAMParser()

    # Parse the simplest 'normal' config we can.
    # e.g. a single entry for 'telnet' with no includes etc.
    pathspecs, file_objs = artifact_test_lib.GenPathspecFileData(
        TELNET_ONLY_CONFIG)
    out = list(parser.ParseFiles(self.kb, pathspecs, file_objs))
    self.assertLen(out, 1)
    self.assertIsInstance(out[0], rdf_config_file.PamConfig)
    self.assertCountEqual(TELNET_ONLY_CONFIG_EXPECTED,
                          self._EntriesToTuples(out[0].entries))
    self.assertEqual([], out[0].external_config)

    # Parse the simplest 'normal' config we can but with an effectively
    # empty /etc/pam.conf file.
    # e.g. a single entry for 'telnet' with no includes etc.
    pathspecs, file_objs = artifact_test_lib.GenPathspecFileData(
        TELNET_WITH_PAMCONF)
    out = list(parser.ParseFiles(self.kb, pathspecs, file_objs))
    self.assertLen(out, 1)
    self.assertIsInstance(out[0], rdf_config_file.PamConfig)
    entry = out[0].entries[0]
    self.assertEqual(
        ('telnet', 'auth',
         '[success=ok new_authtok_reqd=ok ignore=ignore default=bad]',
         'testing.so', 'module arguments'), self._EntryToTuple(entry))
    self.assertCountEqual(TELNET_WITH_PAMCONF_EXPECTED,
                          self._EntriesToTuples(out[0].entries))
    self.assertEqual([], out[0].external_config)

    # Parse a simple old-style pam config. i.e. Just /etc/pam.conf.
    pathspecs, file_objs = artifact_test_lib.GenPathspecFileData(
        PAM_CONF_SIMPLE)
    out = list(parser.ParseFiles(self.kb, pathspecs, file_objs))
    self.assertLen(out, 1)
    self.assertIsInstance(out[0], rdf_config_file.PamConfig)
    self.assertCountEqual(PAM_CONF_SIMPLE_EXPECTED,
                          self._EntriesToTuples(out[0].entries))
    self.assertEqual([], out[0].external_config)

    # Parse a simple old-style pam config overriding a 'new' style config.
    # i.e. Configs in /etc/pam.conf override everything else.
    pathspecs, file_objs = artifact_test_lib.GenPathspecFileData(
        PAM_CONF_OVERRIDE)
    out = list(parser.ParseFiles(self.kb, pathspecs, file_objs))
    self.assertLen(out, 1)
    self.assertIsInstance(out[0], rdf_config_file.PamConfig)
    self.assertCountEqual(PAM_CONF_OVERRIDE_EXPECTED,
                          self._EntriesToTuples(out[0].entries))
    self.assertEqual([], out[0].external_config)

    # Parse a complex old-style pam config overriding a 'new' style config but
    # the /etc/pam.conf includes parts from the /etc/pam.d dir.
    # i.e. Configs in /etc/pam.conf override everything else but imports stuff.
    pathspecs, file_objs = artifact_test_lib.GenPathspecFileData(
        PAM_CONF_OVERRIDE_COMPLEX)
    out = list(parser.ParseFiles(self.kb, pathspecs, file_objs))
    self.assertLen(out, 1)
    self.assertIsInstance(out[0], rdf_config_file.PamConfig)
    self.assertCountEqual(PAM_CONF_OVERRIDE_COMPLEX_EXPECTED,
                          self._EntriesToTuples(out[0].entries))
    self.assertEqual([], out[0].external_config)

    # Parse a normal-looking pam configuration.
    # i.e. A no-op of a /etc/pam.conf with multiple files under /etc/pam.d
    #      that have includes etc.
    pathspecs, file_objs = artifact_test_lib.GenPathspecFileData(
        PAM_CONF_TYPICAL)
    out = list(parser.ParseFiles(self.kb, pathspecs, file_objs))
    self.assertLen(out, 1)
    self.assertIsInstance(out[0], rdf_config_file.PamConfig)
    self.assertCountEqual(PAM_CONF_TYPICAL_EXPECTED,
                          self._EntriesToTuples(out[0].entries))
    self.assertEqual([], out[0].external_config)

    # Parse a config which has references to external or missing files.
    pathspecs, file_objs = artifact_test_lib.GenPathspecFileData(
        PAM_CONF_EXTERNAL_REF)
    out = list(parser.ParseFiles(self.kb, pathspecs, file_objs))
    self.assertLen(out, 1)
    self.assertIsInstance(out[0], rdf_config_file.PamConfig)
    self.assertCountEqual(PAM_CONF_EXTERNAL_REF_EXPECTED,
                          self._EntriesToTuples(out[0].entries))
    self.assertCountEqual(PAM_CONF_EXTERNAL_REF_ERRORS,
                          list(out[0].external_config))
Ejemplo n.º 2
0
    def setUpClass(cls):
        super(PamConfigTests, cls).setUpClass()

        cls.LoadCheck("pam.yaml")
        cls.parser = linux_pam_parser.PAMParser()