def test_AuthselectScannerLibrary_process__features(mock_confirm,
mock_service):
pam = get_config('''
auth required pam_faillock.so preauth silent deny=4 unlock_time=1200
auth sufficient pam_unix.so
auth sufficient pam_sss.so
auth required pam_deny.so
''')
nsswitch = get_config('''
passwd: files sss systemd
group: files sss systemd
sudoers: files sss
''')
obj = AuthselectScannerLibrary(
['pam_unix', 'pam_sss', 'pam_deny', 'pam_faillock'], Authconfig(''),
DConf(''), PAM(pam), nsswitch)
mock_confirm.return_value = True
mock_service.return_value = False
authselect = obj.process()
assert authselect.profile == 'sssd'
assert len(authselect.features) == 2
assert 'with-faillock' in authselect.features
assert 'with-sudo' in authselect.features
assert authselect.confirm
def process(self):
# Load configuration
ac = Authconfig(read_file('/etc/sysconfig/authconfig'))
dconf = DConf(read_file('/etc/dconf/db/distro.d/10-authconfig'))
pam = PAM.from_system_configuration()
nsswitch = read_file("/etc/nsswitch.conf")
scanner = AuthselectScannerLibrary(self.known_modules, ac, dconf, pam,
nsswitch)
self.produce(scanner.process())
def test_AuthselectScannerLibrary_process__simple(mock_confirm, mock_service):
pam = get_config('''
auth sufficient pam_unix.so
auth sufficient pam_sss.so
auth required pam_deny.so
''')
obj = AuthselectScannerLibrary(['pam_unix', 'pam_sss', 'pam_deny'],
Authconfig(''), DConf(''), PAM(pam), '')
mock_confirm.return_value = True
mock_service.return_value = False
authselect = obj.process()
assert authselect.profile == 'sssd'
assert not authselect.features
assert authselect.confirm
def test_AuthselectScannerLibrary_process__unknown_module(
mock_confirm, mock_service):
pam = get_config('''
auth required pam_faillock.so preauth silent deny=4 unlock_time=1200
auth sufficient pam_unix.so
auth sufficient pam_sss.so
auth required pam_deny.so
''')
obj = AuthselectScannerLibrary(['pam_unix', 'pam_sss', 'pam_deny'],
Authconfig(''), DConf(''), PAM(pam), '')
mock_confirm.return_value = True
mock_service.return_value = False
authselect = obj.process()
assert authselect.profile is None
assert not authselect.features
assert authselect.confirm