def test_update_rule_remove_module_args(self):
self.assertTrue(
self.pamd.update_rule('auth',
'sufficient',
'pam_unix.so',
new_args=''))
test_rule = PamdRule('auth', 'sufficient', 'pam_unix.so', '')
self.assertIn(str(test_rule), str(self.pamd))
test_rule = PamdRule('auth', 'sufficient', 'pam_unix.so',
'nullok try_first_pass')
self.assertNotIn(str(test_rule), str(self.pamd))
def test_update_all_four(self):
self.assertTrue(
self.pamd.update_rule('auth',
'sufficient',
'pam_unix.so',
new_type='one',
new_control='two',
new_path='three',
new_args='four five'))
test_rule = PamdRule('one', 'two', 'three', 'four five')
self.assertIn(str(test_rule), str(self.pamd))
test_rule = PamdRule('auth', 'sufficient', 'pam_unix.so',
'nullok try_first_pass')
self.assertNotIn(str(test_rule), str(self.pamd))
def test_remove_rule(self):
self.assertTrue(self.pamd.remove('account', 'required', 'pam_unix.so'))
# Second run should not change anything
self.assertFalse(self.pamd.remove('account', 'required',
'pam_unix.so'))
test_rule = PamdRule('account', 'required', 'pam_unix.so')
self.assertNotIn(str(test_rule), str(self.pamd))
def setUp(self):
self.bad_type = PamdRule('foobar', 'optional', 'pam_keyinit.so',
'revoke')
self.bad_control_simple = PamdRule('account', 'foobar',
'pam_keyinit.so', 'revoke')
self.bad_control_value = PamdRule('account',
'[foobar=1 default=ignore]',
'pam_keyinit.so', 'revoke')
self.bad_control_action = PamdRule('account',
'[success=1 default=foobar]',
'pam_keyinit.so', 'revoke')
def test_update_rule_with_slash(self):
self.assertTrue(
self.pamd.update_rule('account',
'[success=1 default=ignore]',
'pam_succeed_if.so',
new_type='session',
new_path='pam_access.so'))
test_rule = PamdRule('session', '[success=1 default=ignore]',
'pam_access.so')
self.assertIn(str(test_rule), str(self.pamd))
def test_update_rule_control_simple(self):
self.assertTrue(
self.pamd.update_rule('session',
'optional',
'pam_keyinit.so',
new_control='required'))
self.assertTrue(
self.pamd.has_rule('session', 'required', 'pam_keyinit.so'))
test_rule = PamdRule('session', 'required', 'pam_keyinit.so')
self.assertIn(str(test_rule), str(self.pamd))
def test_update_rule_type(self):
self.assertTrue(
self.pamd.update_rule('session',
'optional',
'pam_keyinit.so',
new_type='account'))
self.assertTrue(
self.pamd.has_rule('account', 'optional', 'pam_keyinit.so'))
test_rule = PamdRule('account', 'optional', 'pam_keyinit.so', 'revoke')
self.assertIn(str(test_rule), str(self.pamd))
def test_update_first_three_with_module_args(self):
self.assertTrue(
self.pamd.update_rule('auth',
'sufficient',
'pam_unix.so',
new_type='one',
new_control='two',
new_path='three'))
self.assertTrue(self.pamd.has_rule('one', 'two', 'three'))
test_rule = PamdRule('one', 'two', 'three')
self.assertIn(str(test_rule), str(self.pamd))
self.assertIn(str(test_rule), str(self.pamd))
def test_update_rule_type_two(self):
self.assertTrue(
self.pamd.update_rule('session',
'[success=1 default=ignore]',
'pam_succeed_if.so',
new_type='account'))
self.assertTrue(
self.pamd.has_rule('account', '[success=1 default=ignore]',
'pam_succeed_if.so'))
test_rule = PamdRule('account', '[success=1 default=ignore]',
'pam_succeed_if.so')
self.assertIn(str(test_rule), str(self.pamd))
def test_update_rule_control_complex(self):
self.assertTrue(
self.pamd.update_rule(
'session',
'[success=1 default=ignore]',
'pam_succeed_if.so',
new_control='[success=2 test=me default=ignore]'))
self.assertTrue(
self.pamd.has_rule('session', '[success=2 test=me default=ignore]',
'pam_succeed_if.so'))
test_rule = PamdRule('session', '[success=2 test=me default=ignore]',
'pam_succeed_if.so')
self.assertIn(str(test_rule), str(self.pamd))
class PamdRuleBadValidationTestCase(unittest.TestCase):
def setUp(self):
self.bad_type = PamdRule('foobar', 'optional', 'pam_keyinit.so',
'revoke')
self.bad_control_simple = PamdRule('account', 'foobar',
'pam_keyinit.so', 'revoke')
self.bad_control_value = PamdRule('account',
'[foobar=1 default=ignore]',
'pam_keyinit.so', 'revoke')
self.bad_control_action = PamdRule('account',
'[success=1 default=foobar]',
'pam_keyinit.so', 'revoke')
def test_validate_bad_type(self):
self.assertFalse(self.bad_type.validate()[0])
def test_validate_bad_control_simple(self):
self.assertFalse(self.bad_control_simple.validate()[0])
def test_validate_bad_control_value(self):
self.assertFalse(self.bad_control_value.validate()[0])
def test_validate_bad_control_action(self):
self.assertFalse(self.bad_control_action.validate()[0])
class PamdRuleTestCase(unittest.TestCase):
def setUp(self):
self.rule = PamdRule('account', 'optional', 'pam_keyinit.so', 'revoke')
def test_type(self):
self.assertEqual(self.rule.rule_type, 'account')
def test_control(self):
self.assertEqual(self.rule.rule_control, 'optional')
self.assertEqual(self.rule._control, 'optional')
def test_path(self):
self.assertEqual(self.rule.rule_path, 'pam_keyinit.so')
def test_args(self):
self.assertEqual(self.rule.rule_args, ['revoke'])
def test_valid(self):
self.assertTrue(self.rule.validate()[0])
def setUp(self):
self.rule = PamdRule('account', 'optional', 'pam_keyinit.so', 'revoke')
def test_remove_last_rule(self):
self.assertTrue(self.pamd.remove('session', 'required', 'pam_unix.so'))
test_rule = PamdRule('session', 'required', 'pam_unix.so')
self.assertNotIn(str(test_rule), str(self.pamd))
def test_remove_first_rule(self):
no_header_service = PamdService(self.no_header_system_auth_string)
self.assertTrue(
no_header_service.remove('auth', 'required', 'pam_env.so'))
test_rule = PamdRule('auth', 'required', 'pam_env.so')
self.assertNotIn(str(test_rule), str(no_header_service))
def test_update_rule_that_doesnt_exist(self):
self.assertFalse(
self.pamd.update_rule('blah', 'blah', 'blah', new_type='account'))
self.assertFalse(self.pamd.has_rule('blah', 'blah', 'blah'))
test_rule = PamdRule('blah', 'blah', 'blah', 'account')
self.assertNotIn(str(test_rule), str(self.pamd))