def setUpClass(cls):
cls.LoadCheck("pam.yaml")
cls.parser = linux_pam_parser.PAMParser()
def testParseMultiple(self):
"""Tests for the ParseMultiple() method."""
parser = linux_pam_parser.PAMParser()
# Parse the simplest 'normal' config we can.
# e.g. a single entry for 'telnet' with no includes etc.
stats, file_objs = checks_test_lib.HostCheckTest.GenStatFileData(
TELNET_ONLY_CONFIG)
out = list(parser.ParseMultiple(stats, file_objs, self.kb))
self.assertEqual(len(out), 1)
self.assertTrue(isinstance(out[0], rdf_config.PamConfig))
self.assertItemsEqual(TELNET_ONLY_CONFIG_EXPECTED,
self._EntriesToTuples(out[0].entries))
self.assertEqual([], out[0].external_config)
# Parse the simplest 'normal' config we can but with an effectively
# empty /etc/pam.conf file.
# e.g. a single entry for 'telnet' with no includes etc.
stats, file_objs = checks_test_lib.HostCheckTest.GenStatFileData(
TELNET_WITH_PAMCONF)
out = list(parser.ParseMultiple(stats, file_objs, self.kb))
self.assertEqual(len(out), 1)
self.assertTrue(isinstance(out[0], rdf_config.PamConfig))
entry = out[0].entries[0]
self.assertEqual(
('telnet', 'auth',
'[success=ok new_authtok_reqd=ok ignore=ignore default=bad]',
'testing.so', 'module arguments'), self._EntryToTuple(entry))
self.assertItemsEqual(TELNET_WITH_PAMCONF_EXPECTED,
self._EntriesToTuples(out[0].entries))
self.assertEqual([], out[0].external_config)
# Parse a simple old-style pam config. i.e. Just /etc/pam.conf.
stats, file_objs = checks_test_lib.HostCheckTest.GenStatFileData(
PAM_CONF_SIMPLE)
out = list(parser.ParseMultiple(stats, file_objs, self.kb))
self.assertEqual(len(out), 1)
self.assertTrue(isinstance(out[0], rdf_config.PamConfig))
self.assertItemsEqual(PAM_CONF_SIMPLE_EXPECTED,
self._EntriesToTuples(out[0].entries))
self.assertEqual([], out[0].external_config)
# Parse a simple old-style pam config overriding a 'new' style config.
# i.e. Configs in /etc/pam.conf override everything else.
stats, file_objs = checks_test_lib.HostCheckTest.GenStatFileData(
PAM_CONF_OVERRIDE)
out = list(parser.ParseMultiple(stats, file_objs, self.kb))
self.assertEqual(len(out), 1)
self.assertTrue(isinstance(out[0], rdf_config.PamConfig))
self.assertItemsEqual(PAM_CONF_OVERRIDE_EXPECTED,
self._EntriesToTuples(out[0].entries))
self.assertEqual([], out[0].external_config)
# Parse a complex old-style pam config overriding a 'new' style config but
# the /etc/pam.conf includes parts from the /etc/pam.d dir.
# i.e. Configs in /etc/pam.conf override everything else but imports stuff.
stats, file_objs = checks_test_lib.HostCheckTest.GenStatFileData(
PAM_CONF_OVERRIDE_COMPLEX)
out = list(parser.ParseMultiple(stats, file_objs, self.kb))
self.assertEqual(len(out), 1)
self.assertTrue(isinstance(out[0], rdf_config.PamConfig))
self.assertItemsEqual(PAM_CONF_OVERRIDE_COMPLEX_EXPECTED,
self._EntriesToTuples(out[0].entries))
self.assertEqual([], out[0].external_config)
# Parse a normal-looking pam configuration.
# i.e. A no-op of a /etc/pam.conf with multiple files under /etc/pam.d
# that have includes etc.
stats, file_objs = checks_test_lib.HostCheckTest.GenStatFileData(
PAM_CONF_TYPICAL)
out = list(parser.ParseMultiple(stats, file_objs, self.kb))
self.assertEqual(len(out), 1)
self.assertTrue(isinstance(out[0], rdf_config.PamConfig))
self.assertItemsEqual(PAM_CONF_TYPICAL_EXPECTED,
self._EntriesToTuples(out[0].entries))
self.assertEqual([], out[0].external_config)
# Parse a config which has references to external or missing files.
stats, file_objs = checks_test_lib.HostCheckTest.GenStatFileData(
PAM_CONF_EXTERNAL_REF)
out = list(parser.ParseMultiple(stats, file_objs, self.kb))
self.assertEqual(len(out), 1)
self.assertTrue(isinstance(out[0], rdf_config.PamConfig))
self.assertItemsEqual(PAM_CONF_EXTERNAL_REF_EXPECTED,
self._EntriesToTuples(out[0].entries))
self.assertItemsEqual(PAM_CONF_EXTERNAL_REF_ERRORS,
list(out[0].external_config))
def setUpClass(cls):
super(PamConfigTests, cls).setUpClass()
cls.LoadCheck("pam.yaml")
cls.parser = linux_pam_parser.PAMParser()
