def testParseMultiple(self): """Tests for the ParseMultiple() method.""" parser = linux_pam_parser.PAMParser() # Parse the simplest 'normal' config we can. # e.g. a single entry for 'telnet' with no includes etc. pathspecs, file_objs = artifact_test_lib.GenPathspecFileData( TELNET_ONLY_CONFIG) out = list(parser.ParseFiles(self.kb, pathspecs, file_objs)) self.assertLen(out, 1) self.assertIsInstance(out[0], rdf_config_file.PamConfig) self.assertCountEqual(TELNET_ONLY_CONFIG_EXPECTED, self._EntriesToTuples(out[0].entries)) self.assertEqual([], out[0].external_config) # Parse the simplest 'normal' config we can but with an effectively # empty /etc/pam.conf file. # e.g. a single entry for 'telnet' with no includes etc. pathspecs, file_objs = artifact_test_lib.GenPathspecFileData( TELNET_WITH_PAMCONF) out = list(parser.ParseFiles(self.kb, pathspecs, file_objs)) self.assertLen(out, 1) self.assertIsInstance(out[0], rdf_config_file.PamConfig) entry = out[0].entries[0] self.assertEqual( ('telnet', 'auth', '[success=ok new_authtok_reqd=ok ignore=ignore default=bad]', 'testing.so', 'module arguments'), self._EntryToTuple(entry)) self.assertCountEqual(TELNET_WITH_PAMCONF_EXPECTED, self._EntriesToTuples(out[0].entries)) self.assertEqual([], out[0].external_config) # Parse a simple old-style pam config. i.e. Just /etc/pam.conf. pathspecs, file_objs = artifact_test_lib.GenPathspecFileData( PAM_CONF_SIMPLE) out = list(parser.ParseFiles(self.kb, pathspecs, file_objs)) self.assertLen(out, 1) self.assertIsInstance(out[0], rdf_config_file.PamConfig) self.assertCountEqual(PAM_CONF_SIMPLE_EXPECTED, self._EntriesToTuples(out[0].entries)) self.assertEqual([], out[0].external_config) # Parse a simple old-style pam config overriding a 'new' style config. # i.e. Configs in /etc/pam.conf override everything else. pathspecs, file_objs = artifact_test_lib.GenPathspecFileData( PAM_CONF_OVERRIDE) out = list(parser.ParseFiles(self.kb, pathspecs, file_objs)) self.assertLen(out, 1) self.assertIsInstance(out[0], rdf_config_file.PamConfig) self.assertCountEqual(PAM_CONF_OVERRIDE_EXPECTED, self._EntriesToTuples(out[0].entries)) self.assertEqual([], out[0].external_config) # Parse a complex old-style pam config overriding a 'new' style config but # the /etc/pam.conf includes parts from the /etc/pam.d dir. # i.e. Configs in /etc/pam.conf override everything else but imports stuff. pathspecs, file_objs = artifact_test_lib.GenPathspecFileData( PAM_CONF_OVERRIDE_COMPLEX) out = list(parser.ParseFiles(self.kb, pathspecs, file_objs)) self.assertLen(out, 1) self.assertIsInstance(out[0], rdf_config_file.PamConfig) self.assertCountEqual(PAM_CONF_OVERRIDE_COMPLEX_EXPECTED, self._EntriesToTuples(out[0].entries)) self.assertEqual([], out[0].external_config) # Parse a normal-looking pam configuration. # i.e. A no-op of a /etc/pam.conf with multiple files under /etc/pam.d # that have includes etc. pathspecs, file_objs = artifact_test_lib.GenPathspecFileData( PAM_CONF_TYPICAL) out = list(parser.ParseFiles(self.kb, pathspecs, file_objs)) self.assertLen(out, 1) self.assertIsInstance(out[0], rdf_config_file.PamConfig) self.assertCountEqual(PAM_CONF_TYPICAL_EXPECTED, self._EntriesToTuples(out[0].entries)) self.assertEqual([], out[0].external_config) # Parse a config which has references to external or missing files. pathspecs, file_objs = artifact_test_lib.GenPathspecFileData( PAM_CONF_EXTERNAL_REF) out = list(parser.ParseFiles(self.kb, pathspecs, file_objs)) self.assertLen(out, 1) self.assertIsInstance(out[0], rdf_config_file.PamConfig) self.assertCountEqual(PAM_CONF_EXTERNAL_REF_EXPECTED, self._EntriesToTuples(out[0].entries)) self.assertCountEqual(PAM_CONF_EXTERNAL_REF_ERRORS, list(out[0].external_config))
def setUpClass(cls): super(PamConfigTests, cls).setUpClass() cls.LoadCheck("pam.yaml") cls.parser = linux_pam_parser.PAMParser()