def testRaw(self):
c = cockpit.Cockpit()
time.sleep(0.5)
self.assertEqual(self.curl_auth_code('/cockpit/login', ''), 401)
self.assertEqual(self.curl_auth_code('/cockpit/login', 'foo:'), 401)
self.assertEqual(self.curl_auth_code('/cockpit/login', 'foo:bar\n'),
401)
self.assertEqual(self.curl_auth_code('/cockpit/login', 'foo:bar:baz'),
401)
self.assertEqual(self.curl_auth_code('/cockpit/login', ':\n\n'), 401)
self.assertEqual(self.curl_auth_code('/cockpit/login', 'admin:bar'),
401)
self.assertEqual(self.curl_auth_code('/cockpit/login', 'foo:bar'), 401)
self.assertEqual(
self.curl_auth_code('/cockpit/login', 'admin:' + 'x' * 4000), 401)
self.assertEqual(
self.curl_auth_code('/cockpit/login', 'x' * 4000 + ':bar'), 401)
self.assertEqual(
self.curl_auth_code('/cockpit/login', 'a' * 4000 + ':'), 401)
self.assertEqual(
self.curl_auth_code('/cockpit/login', 'a' * 4000 + ':b\nc'), 401)
self.assertEqual(
self.curl_auth_code('/cockpit/login', 'a' * 4000 + ':b\nc\n'), 401)
c.allow_journal_messages(
"Returning error-response ... with reason .*",
"pam_unix\(cockpit:auth\): authentication failure; .*",
"pam_unix\(cockpit:auth\): check pass; user unknown",
"pam_succeed_if\(cockpit:auth\): requirement .* not met by user .*",
"couldn't parse login input: Malformed input",
"couldn't parse login input: Authentication failed")
def testLogin(self):
c = cockpit.Cockpit()
b = c.browser
# Setup users and passwords
setup_cmd = "useradd %s -s /bin/bash -c 'Barney Bär'; echo %s:abcdefg | chpasswd" % (
username, username)
cleanup_cmd = "userdel -r %s" % username
c.run_shell_command(setup_cmd, cleanup_cmd)
def deny_non_root(remote_filename):
c.run_shell_command(
"""sed -i '/nologin/a %s' %s || true""" % (admins_only_pam, remote_filename))
deny_non_root("/etc/pam.d/cockpit")
deny_non_root("/etc/pam.d/sshd")
b.open("/system")
b.wait_visible("#login")
def login(user, password):
b.wait_not_present("#login-button:disabled")
b.set_val('#login-user-input', user)
b.set_val('#login-password-input', password)
b.set_checked('#authorized-input', True)
b.click('#login-button')
# Try to login as a non-existing user
login("nonexisting", "blahblah")
b.wait_text_not("#login-error-message", "")
# Try to login as user with a wrong password
login(username, "gfedcba")
b.wait_text_not("#login-error-message", "")
# Try to login as user with correct password
login(username, "abcdefg")
b.wait_text("#login-error-message", "Permission denied")
# Login as admin
b.open("/system")
login("admin", "foobar")
with b.wait_timeout(10):
b.expect_load()
b.wait_present("#content")
b.wait_text('#content-user-name', 'Administrator')
# reload, which should log us in with the cookie
b.reload()
b.wait_present("#content")
b.wait_text('#content-user-name', 'Administrator')
b.click("#content-user-name")
b.wait_visible('#go-account')
b.click('#go-account')
b.enter_page("/users")
b.wait_text("#account-user-name", "admin")
c.allow_journal_messages("Returning error-response ... with reason .*",
"pam_unix\(cockpit:auth\): authentication failure; .*",
"pam_unix\(cockpit:auth\): check pass; user unknown",
"pam_succeed_if\(cockpit:auth\): requirement .* not met by user .*")
c.tearDown()
def test(self):
c = cockpit.Cockpit()
b = c.browser
b.open("/system")
b.wait_visible("#login")
def test(self):
c = cockpit.Cockpit()
b = c.browser