def create_user_exists_test(self):
"""Create a user that already exists."""
with open(self.tmpdir + "/etc/passwd", "w") as f:
f.write("test_user:x:1000:1000::/:/bin/sh\n")
with self.assertRaises(ValueError):
users.create_user("test_user", root=self.tmpdir)
def test_create_user_uid_exists(self):
"""Create a user with a UID that already exists."""
with open(self.tmpdir + "/etc/passwd", "w") as f:
f.write("conflict:x:1000:1000::/:/bin/sh\n")
with pytest.raises(ValueError):
users.create_user("test_user", uid=1000, root=self.tmpdir)
def create_user_uid_test(self):
"""Create a user with a specific UID."""
users.create_user("test_user", uid=1047, root=self.tmpdir)
pwd_fields = self._readFields("/etc/passwd", "test_user")
self.assertIsNotNone(pwd_fields)
self.assertEqual(pwd_fields[2], "1047")
def test_create_user_uid(self):
"""Create a user with a specific UID."""
users.create_user("test_user", uid=1047, root=self.tmpdir)
pwd_fields = self._readFields("/etc/passwd", "test_user")
assert pwd_fields is not None
assert pwd_fields[2] == "1047"
def test_create_user_reuse_home(self):
# Create a user, reusing an old home directory
os.makedirs(self.tmpdir + "/home/test_user")
os.chown(self.tmpdir + "/home/test_user", 500, 500)
with patch("pyanaconda.core.util.restorecon") as restorecon_mock:
users.create_user(
"test_user",
homedir="/home/test_user",
uid=1000,
gid=1000,
root=self.tmpdir
)
restorecon_mock.assert_called_once_with(["/home/test_user"], root=self.tmpdir)
passwd_fields = self._readFields("/etc/passwd", "test_user")
assert passwd_fields is not None
assert passwd_fields[2] == "1000"
assert passwd_fields[3] == "1000"
stat_fields = os.stat(self.tmpdir + "/home/test_user")
assert stat_fields.st_uid == 1000
assert stat_fields.st_gid == 1000
def create_user_gid_exists_test(self):
"""Create a user with a GID of an existing group."""
users.create_group("test_group", gid=5000, root=self.tmpdir)
users.create_user("test_user", gid=5000, root=self.tmpdir)
passwd_fields = self._readFields("/etc/passwd", "test_user")
self.assertIsNotNone(passwd_fields)
self.assertEqual(passwd_fields[3], "5000")
def test_create_user_groups_gid_conflict(self):
"""Create a user with a bad list of groups."""
# Create one of the groups
users.create_group("test3", gid=5000, root=self.tmpdir)
# Add test3 to the group list with a different GID.
with pytest.raises(ValueError):
users.create_user("test_user", groups=["test3(5002)"], root=self.tmpdir)
def test_create_user_gid_exists(self):
"""Create a user with a GID of an existing group."""
users.create_group("test_group", gid=5000, root=self.tmpdir)
users.create_user("test_user", gid=5000, root=self.tmpdir)
passwd_fields = self._readFields("/etc/passwd", "test_user")
assert passwd_fields is not None
assert passwd_fields[3] == "5000"
def test_set_user_ssh_key(self):
keydata = "THIS IS TOTALLY A SSH KEY"
users.create_user("test_user", homedir="/home/test_user", root=self.tmpdir)
users.set_user_ssh_key("test_user", keydata, root=self.tmpdir)
keyfile = self.tmpdir + "/home/test_user/.ssh/authorized_keys"
self.assertTrue(os.path.isfile(keyfile))
with open(keyfile) as f:
output_keydata = f.read()
self.assertEqual(keydata, output_keydata.strip())
def test_create_user_gid(self):
"""Create a user with a specific GID."""
users.create_user("test_user", gid=1047, root=self.tmpdir)
pwd_fields = self._readFields("/etc/passwd", "test_user")
self.assertIsNotNone(pwd_fields)
self.assertEqual(pwd_fields[3], "1047")
grp_fields = self._readFields("/etc/group", "test_user")
self.assertIsNotNone(grp_fields)
self.assertEqual(grp_fields[2], "1047")
def test_create_user_text_options(self):
"""Create a user with the text fields set."""
users.create_user("test_user", gecos="Test User", homedir="/home/users/testuser", shell="/bin/test", root=self.tmpdir)
pwd_fields = self._readFields("/etc/passwd", "test_user")
assert pwd_fields is not None
assert pwd_fields[0] == "test_user"
assert pwd_fields[4] == "Test User"
assert pwd_fields[5] == "/home/users/testuser"
assert pwd_fields[6] == "/bin/test"
# Check that the home directory was created
assert os.path.isdir(self.tmpdir + "/home/users/testuser")
def test_create_user_text_options(self):
"""Create a user with the text fields set."""
users.create_user("test_user", gecos="Test User", homedir="/home/users/testuser", shell="/bin/test", root=self.tmpdir)
pwd_fields = self._readFields("/etc/passwd", "test_user")
self.assertIsNotNone(pwd_fields)
self.assertEqual(pwd_fields[0], "test_user")
self.assertEqual(pwd_fields[4], "Test User")
self.assertEqual(pwd_fields[5], "/home/users/testuser")
self.assertEqual(pwd_fields[6], "/bin/test")
# Check that the home directory was created
self.assertTrue(os.path.isdir(self.tmpdir + "/home/users/testuser"))
def test_create_user_gid_in_group_list(self):
"""Create a user with a GID equal to that of one of the requested groups"""
users.create_user("test_user", gid=1047, groups=["test_group(1047)"], root=self.tmpdir)
# Ensure that the user's GID is equal to the GID requested
pwd_fields = self._readFields("/etc/passwd", "test_user")
assert pwd_fields is not None
assert pwd_fields[3] == "1047"
# and that the requested group has the right GID
grp_fields = self._readFields("/etc/group", "test_group")
assert grp_fields is not None
assert grp_fields[2] == "1047"
def test_create_user_lock(self):
"""Create a locked user account."""
# Create an empty, locked password
users.create_user("test_user1", lock=True, password="", root=self.tmpdir)
shadow_fields = self._readFields("/etc/shadow", "test_user1")
assert shadow_fields is not None
assert "!" == shadow_fields[1]
# Create a locked password and ensure it can be unlocked (by removing the ! at the front)
users.create_user("test_user2", lock=True, password="******", root=self.tmpdir)
shadow_fields = self._readFields("/etc/shadow", "test_user2")
assert shadow_fields is not None
assert shadow_fields[1].startswith("!")
assert crypt.crypt("password", shadow_fields[1][1:]) == shadow_fields[1][1:]
def test_create_user_reuse_home(self):
# Create a user, reusing an old home directory
os.makedirs(self.tmpdir + "/home/test_user")
os.chown(self.tmpdir + "/home/test_user", 500, 500)
users.create_user("test_user", homedir="/home/test_user", uid=1000, gid=1000, root=self.tmpdir)
passwd_fields = self._readFields("/etc/passwd", "test_user")
self.assertIsNotNone(passwd_fields)
self.assertEqual(passwd_fields[2], "1000")
self.assertEqual(passwd_fields[3], "1000")
stat_fields = os.stat(self.tmpdir + "/home/test_user")
self.assertEqual(stat_fields.st_uid, 1000)
self.assertEqual(stat_fields.st_gid, 1000)
def test_set_user_ssh_key(self):
keydata = "THIS IS TOTALLY A SSH KEY"
users.create_user("test_user", homedir="/home/test_user", root=self.tmpdir)
with patch("pyanaconda.core.users.util.restorecon") as restorecon_mock:
users.set_user_ssh_key("test_user", keydata, root=self.tmpdir)
restorecon_mock.assert_called_once_with(
["/home/test_user/.ssh"],
root=self.tmpdir
)
keyfile = self.tmpdir + "/home/test_user/.ssh/authorized_keys"
assert os.path.isfile(keyfile)
with open(keyfile) as f:
output_keydata = f.read()
assert keydata == output_keydata.strip()
def test_create_user_groups(self):
"""Create a user with a list of groups."""
# Create one of the groups
users.create_group("test3", root=self.tmpdir)
# Create a user and add it three groups, two of which do not exist,
# and one which specifies a GID.
users.create_user("test_user", groups=["test1", "test2(5001)", "test3"], root=self.tmpdir)
grp_fields1 = self._readFields("/etc/group", "test1")
assert grp_fields1[3] == "test_user"
grp_fields2 = self._readFields("/etc/group", "test2")
assert grp_fields2[3] == "test_user"
assert grp_fields2[2] == "5001"
grp_fields3 = self._readFields("/etc/group", "test3")
assert grp_fields3[3] == "test_user"
def _create_users(self):
for user_data in self._user_data_list:
uid = user_data.get_uid()
gid = user_data.get_gid()
try:
users.create_user(username=user_data.name,
password=user_data.password,
is_crypted=user_data.is_crypted,
lock=user_data.lock,
homedir=user_data.homedir,
uid=uid, gid=gid,
groups=user_data.groups,
shell=user_data.shell,
gecos=user_data.gecos,
root=self._sysroot)
except ValueError as e:
log.warning(str(e))
def test_create_user_reuse_home(self):
# Create a user, reusing an old home directory
os.makedirs(self.tmpdir + "/home/test_user")
os.chown(self.tmpdir + "/home/test_user", 500, 500)
users.create_user("test_user",
homedir="/home/test_user",
uid=1000,
gid=1000,
root=self.tmpdir)
passwd_fields = self._readFields("/etc/passwd", "test_user")
assert passwd_fields is not None
assert passwd_fields[2] == "1000"
assert passwd_fields[3] == "1000"
stat_fields = os.stat(self.tmpdir + "/home/test_user")
assert stat_fields.st_uid == 1000
assert stat_fields.st_gid == 1000
def create_user_test(self):
"""Create a user."""
users.create_user("test_user", root=self.tmpdir)
pwd_fields = self._readFields("/etc/passwd", "test_user")
self.assertIsNotNone(pwd_fields)
self.assertEqual(pwd_fields[0], "test_user")
# Check that the fields got the right default values
# UID + GID set to some sort of int
self.assertTrue(isinstance(int(pwd_fields[2]), int))
self.assertTrue(isinstance(int(pwd_fields[3]), int))
# home is /home/username
self.assertEqual(pwd_fields[5], "/home/test_user")
# shell set to something
self.assertTrue(pwd_fields[6])
shadow_fields = self._readFields("/etc/shadow", "test_user")
self.assertIsNotNone(shadow_fields)
self.assertEqual(shadow_fields[0], "test_user")
# Ensure the password is locked
self.assertTrue(shadow_fields[1].startswith("!"))
# Ensure the date of last password change is empty
self.assertEqual(shadow_fields[2], "")
# Check that the user group was created
grp_fields = self._readFields("/etc/group", "test_user")
self.assertIsNotNone(grp_fields)
self.assertEqual(grp_fields[0], "test_user")
# Check that user group's GID matches the user's GID
self.assertEqual(grp_fields[2], pwd_fields[3])
gshadow_fields = self._readFields("/etc/gshadow", "test_user")
self.assertIsNotNone(gshadow_fields)
self.assertEqual(gshadow_fields[0], "test_user")
def create_user_password_test(self):
"""Create a user with a password."""
users.create_user("test_user1", password="******", root=self.tmpdir)
shadow_fields = self._readFields("/etc/shadow", "test_user1")
self.assertIsNotNone(shadow_fields)
# Make sure the password works
self.assertEqual(crypt.crypt("password", shadow_fields[1]),
shadow_fields[1])
# Set the encrypted password for another user with is_crypted
cryptpw = shadow_fields[1]
users.create_user("test_user2",
password=cryptpw,
is_crypted=True,
root=self.tmpdir)
shadow_fields = self._readFields("/etc/shadow", "test_user2")
self.assertIsNotNone(shadow_fields)
self.assertEqual(cryptpw, shadow_fields[1])
# Set an empty password
users.create_user("test_user3", password="", root=self.tmpdir)
shadow_fields = self._readFields("/etc/shadow", "test_user3")
self.assertIsNotNone(shadow_fields)
self.assertEqual("", shadow_fields[1])
def test_create_user(self):
"""Create a user."""
users.create_user("test_user", root=self.tmpdir)
pwd_fields = self._readFields("/etc/passwd", "test_user")
assert pwd_fields is not None
assert pwd_fields[0] == "test_user"
# Check that the fields got the right default values
# UID + GID set to some sort of int
assert isinstance(int(pwd_fields[2]), int)
assert isinstance(int(pwd_fields[3]), int)
# home is /home/username
assert pwd_fields[5] == "/home/test_user"
# shell set to something
assert pwd_fields[6]
shadow_fields = self._readFields("/etc/shadow", "test_user")
assert shadow_fields is not None
assert shadow_fields[0] == "test_user"
# Ensure the password is locked
assert shadow_fields[1].startswith("!")
# Ensure the date of last password change is empty
assert shadow_fields[2] == ""
# Check that the user group was created
grp_fields = self._readFields("/etc/group", "test_user")
assert grp_fields is not None
assert grp_fields[0] == "test_user"
# Check that user group's GID matches the user's GID
assert grp_fields[2] == pwd_fields[3]
gshadow_fields = self._readFields("/etc/gshadow", "test_user")
assert gshadow_fields is not None
assert gshadow_fields[0] == "test_user"
def create_user_lock_test(self):
"""Create a locked user account."""
# Create an empty, locked password
users.create_user("test_user1",
lock=True,
password="",
root=self.tmpdir)
shadow_fields = self._readFields("/etc/shadow", "test_user1")
self.assertIsNotNone(shadow_fields)
self.assertEqual("!", shadow_fields[1])
# Create a locked password and ensure it can be unlocked (by removing the ! at the front)
users.create_user("test_user2",
lock=True,
password="******",
root=self.tmpdir)
shadow_fields = self._readFields("/etc/shadow", "test_user2")
self.assertIsNotNone(shadow_fields)
self.assertTrue(shadow_fields[1].startswith("!"))
self.assertEqual(crypt.crypt("password", shadow_fields[1][1:]),
shadow_fields[1][1:])
def _create_users(self):
for user_data in self._user_data_list:
# UserData uses -1 for not-set uid/gid while the function takes None for not-set
uid = None
if user_data.uid != USER_UID_NOT_SET:
uid = user_data.uid
gid = None
if user_data.gid != USER_GID_NOT_SET:
gid = user_data.gid
try:
users.create_user(username=user_data.name,
password=user_data.password,
is_crypted=user_data.is_crypted,
lock=user_data.lock,
homedir=user_data.homedir,
uid=uid, gid=gid,
groups=user_data.groups,
shell=user_data.shell,
gecos=user_data.gecos,
root=self._sysroot)
except ValueError as e:
log.warning(str(e))
def test_create_user_password(self):
"""Create a user with a password."""
users.create_user("test_user1", password="******", root=self.tmpdir)
shadow_fields = self._readFields("/etc/shadow", "test_user1")
assert shadow_fields is not None
# Make sure the password works
assert crypt.crypt("password", shadow_fields[1]) == shadow_fields[1]
# Set the encrypted password for another user with is_crypted
cryptpw = shadow_fields[1]
users.create_user("test_user2", password=cryptpw, is_crypted=True, root=self.tmpdir)
shadow_fields = self._readFields("/etc/shadow", "test_user2")
assert shadow_fields is not None
assert cryptpw == shadow_fields[1]
# Set an empty password
users.create_user("test_user3", password="", root=self.tmpdir)
shadow_fields = self._readFields("/etc/shadow", "test_user3")
assert shadow_fields is not None
assert "" == shadow_fields[1]
