def case_sensitive_sudorule(session_multihost, create_casesensitive_posix_user,
request):
""" Create posix user and groups """
ldap_uri = 'ldap://%s' % (session_multihost.master[0].sys_hostname)
ds_rootdn = 'cn=Directory Manager'
ds_rootpw = 'Secret123'
ldap_inst = LdapOperations(ldap_uri, ds_rootdn, ds_rootpw)
ldap_inst.org_unit('sudoers', 'dc=example,dc=test')
sudo_ou = 'ou=sudoers,dc=example,dc=test'
rule_dn1 = "%s,%s" % ('cn=lessrule', sudo_ou)
rule_dn2 = "%s,%s" % ('cn=morerule', sudo_ou)
sudo_options = ["!requiretty", "!authenticate"]
try:
ldap_inst.add_sudo_rule(rule_dn1, 'ALL', '/usr/bin/less', 'capsuser-1',
sudo_options)
except LdapException:
pytest.fail("Failed to add sudo rule %s" % rule_dn1)
try:
ldap_inst.add_sudo_rule(rule_dn2, 'ALL', '/usr/bin/more', 'CAPSUSER-1',
sudo_options)
except LdapException:
pytest.fail("Failed to add sudo rule %s" % rule_dn2)
def del_sensitive_sudo_rule():
""" Delete sudo rule """
(ret, _) = ldap_inst.del_dn(rule_dn1)
assert ret == 'Success'
(ret, _) = ldap_inst.del_dn(rule_dn2)
assert ret == 'Success'
(ret, _) = ldap_inst.del_dn(sudo_ou)
assert ret == 'Success'
request.addfinalizer(del_sensitive_sudo_rule)
def case_sensitive_sudorule(session_multihost,
create_casesensitive_posix_user,
request):
""" Create posix user and groups """
ldap_uri = 'ldap://%s' % (session_multihost.master[0].sys_hostname)
ds_rootdn = 'cn=Directory Manager'
ds_rootpw = 'Secret123'
ldap_inst = LdapOperations(ldap_uri, ds_rootdn, ds_rootpw)
ldap_inst.org_unit('sudoers', 'dc=example,dc=test')
sudo_ou = 'ou=sudoers,dc=example,dc=test'
rule_dn1 = "%s,%s" % ('cn=lessrule', sudo_ou)
rule_dn2 = "%s,%s" % ('cn=morerule', sudo_ou)
sudo_options = ["!requiretty", "!authenticate"]
try:
ldap_inst.add_sudo_rule(rule_dn1, 'ALL',
'/usr/bin/less', 'capsuser-1',
sudo_options)
except LdapException:
pytest.fail("Failed to add sudo rule %s" % rule_dn1)
try:
ldap_inst.add_sudo_rule(rule_dn2, 'ALL',
'/usr/bin/more', 'CAPSUSER-1',
sudo_options)
except LdapException:
pytest.fail("Failed to add sudo rule %s" % rule_dn2)
def del_sensitive_sudo_rule():
""" Delete sudo rule """
(ret, _) = ldap_inst.del_dn(rule_dn1)
assert ret == 'Success'
(ret, _) = ldap_inst.del_dn(rule_dn2)
assert ret == 'Success'
(ret, _) = ldap_inst.del_dn(sudo_ou)
assert ret == 'Success'
request.addfinalizer(del_sensitive_sudo_rule)
def create_sudorule(session_multihost, create_casesensitive_posix_user):
""" Create posix user and groups """
# pylint: disable=unused-argument
_pytest_fixtures = [create_casesensitive_posix_user]
ldap_uri = 'ldap://%s' % (session_multihost.master[0].sys_hostname)
ds_rootdn = 'cn=Directory Manager'
ds_rootpw = 'Secret123'
ldap_inst = LdapOperations(ldap_uri, ds_rootdn, ds_rootpw)
ldap_inst.org_unit('sudoers', 'dc=example,dc=test')
sudo_ou = 'ou=sudoers,dc=example,dc=test'
rule_dn1 = "%s,%s" % ('cn=lessrule', sudo_ou)
rule_dn2 = "%s,%s" % ('cn=morerule', sudo_ou)
sudo_options = ["!requiretty", "!authenticate"]
try:
ldap_inst.add_sudo_rule(rule_dn1, 'ALL',
'/usr/bin/less', 'capsuser-1',
sudo_options)
except LdapException:
pytest.fail("Failed to add sudo rule %s" % rule_dn1)
try:
ldap_inst.add_sudo_rule(rule_dn2, 'ALL',
'/usr/bin/more', 'CAPSUSER-1',
sudo_options)
except LdapException:
pytest.fail("Failed to add sudo rule %s" % rule_dn2)
def generic_sudorule(session_multihost, request):
""" Create a generic sudo rule """
ldap_uri = 'ldap://%s' % (session_multihost.master[0].sys_hostname)
ds_rootdn = 'cn=Directory Manager'
ds_rootpw = 'Secret123'
ldap_inst = LdapOperations(ldap_uri, ds_rootdn, ds_rootpw)
ldap_inst.org_unit('sudoers', 'dc=example,dc=test')
sudo_ou = 'ou=sudoers,dc=example,dc=test'
rule_dn1 = "%s,%s" % ('cn=lessrule', sudo_ou)
sudo_options = ["!requiretty", "!authenticate"]
try:
ldap_inst.add_sudo_rule(rule_dn1, 'ALL', '/usr/bin/less', 'foo1',
sudo_options)
except LdapException:
pytest.fail("Failed to add sudo rule %s" % rule_dn1)
def del_sudo_rule():
""" Delete sudo rule """
(ret, _) = ldap_inst.del_dn(rule_dn1)
assert ret == 'Success'
(ret, _) = ldap_inst.del_dn(sudo_ou)
assert ret == 'Success'
request.addfinalizer(del_sudo_rule)
def generic_sudorule(session_multihost, request):
""" Create a generic sudo rule """
ldap_uri = 'ldap://%s' % (session_multihost.master[0].sys_hostname)
ds_rootdn = 'cn=Directory Manager'
ds_rootpw = 'Secret123'
ldap_inst = LdapOperations(ldap_uri, ds_rootdn, ds_rootpw)
ldap_inst.org_unit('sudoers', 'dc=example,dc=test')
sudo_ou = 'ou=sudoers,dc=example,dc=test'
rule_dn1 = "%s,%s" % ('cn=lessrule', sudo_ou)
sudo_options = ["!requiretty", "!authenticate"]
try:
ldap_inst.add_sudo_rule(rule_dn1, 'ALL',
'/usr/bin/less', 'foo1',
sudo_options)
except LdapException:
pytest.fail("Failed to add sudo rule %s" % rule_dn1)
def del_sudo_rule():
""" Delete sudo rule """
(ret, _) = ldap_inst.del_dn(rule_dn1)
assert ret == 'Success'
(ret, _) = ldap_inst.del_dn(sudo_ou)
assert ret == 'Success'
request.addfinalizer(del_sudo_rule)