def test_10_disappeared_user_stays(self):
'''Users are actually being cached in db'''
user = testlib.TestUser()
login = user.login
uid = user.uid
gid = user.gid
# Verify user disappears from "files" as expected...
expected = 'uid=%d(%s) gid=%d(%s) groups=%d(%s)\n' % (
uid, login, gid, login, gid, login)
self.assertShellOutputEquals(expected, ['id', login])
user = None
self.assertShellOutputEquals('id: %s: No such user\n' % (login),
['id', login])
user = testlib.TestUser()
login = user.login
uid = user.uid
os.chdir('/var/lib/misc')
self.assertShellExitEquals(0, ['make'])
# Verify user stays in db until we rebuild
expected = 'uid=%d(%s) gid=%d(%s) groups=%d(%s)\n' % (
uid, login, gid, login, gid, login)
self.assertShellOutputEquals(expected, ['id', login])
user = None
self.assertShellOutputEquals(expected, ['id', login])
def setUp(self):
'''Set up prior to each test_* function'''
self.pam_su = "/etc/pam.d/su"
self.pam_login = "******"
self.user = testlib.TestUser(shell="/bin/bash")
self.userB = testlib.TestUser(shell="/bin/bash")
self.tmpdir = tempfile.mkdtemp(prefix='testlib', dir='/tmp')
self.cronfile = "/etc/cron.d/testlib-crontest"
if os.path.exists(self.cronfile):
os.unlink(self.cronfile)
def setUp(self):
'''Set up prior to each test_* function'''
self.sshd_config = '/etc/ssh/sshd_config'
self.sshd_rsa_private_keyfile = '/etc/ssh/ssh_host_rsa_key'
self.sshd_rsa_private_key = \
'''-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEAs7PQMZkt6/s3ibdNW6C4ZUr6k1uSE0XZ5RK2cfdh0Ug1+DkJ
Rp8WTdsIKOVY69No1k3zKGm7EFvx5JhmSXxFcPqMj1/+NYw+JeT8q18JzPrhvEmI
KhP3+ydW+B+6w8PP2uEIpOS9OX7ISQgsgJ2J2M48aP2aAkdAjtO61JepJ6d+UHtD
cFyRS7P/17/o1QfWalAgbdLpZuq0eguRedVO6OTugTLu96g3w7Tk7watLO0GRStG
PlXRNRyZW4ER6xnUrG5lbEYICTYISA5yLSYBb3TTPyfQv6flD9SD64Xa8kgktGkD
AbMx7wa6BiRMeshNM+uFRJ/ZimcAKdUJMyYf4QIDAQABAoIBAQCt+W+eFQZ4aAYk
temWw8rBhg2BjC2nqwCA3dT0EOQKkTZu0glA7dPSHDOSJDgqV8ovb9fxUCticyGE
hmbAzicMcgSS6gRaIyQn28EiyCfc4yaX+zhwRFTYOgXgwhc2X+Rjq2mK+kiX2T5e
NiOfgOVrmH6zxpHLkt/VZvaByzJgyA2deH3KT9W/O+Mm52dDaer3ZKNKy/orpxbo
Ip4SbNIEdTylX9DoBZQzn6AKBkc/S8Qok3xGT/uM/mbj2IruwHwrkFURYQyzbcmQ
jDX1T3AJz92+LbiW8kKw8uODfoVdxv91ooTmST4z6izU6shpNGsHOHtV/rsOfvGs
H/fNYqSBAoGBAO9ULRjWeWcyMO/M+dLc4z4+LQ4QWPMVChuxjNVKIX4HycrXbIo4
uEZYhIDYDW7tIJp7Jp4YPzpbAGQldR//3EW3Pr9t4e7Y7TT2EDutNpFn+2a+cr2J
Qn+k0aO458V0vNXofpThIPyZppCF6y2ass/LG/RrIx+4XeIhprFzFlmtAoGBAMA4
Wc5GCaPbh+URejTptbE/WCBolUgt6gMDuEMvwVrdRJSP/7HTy5SdCzEExn8S86AY
S3TBGq5c5Pa+S8vuGXWaVidsVr4tf50yNTBkmyMazzi8cM+q0BHWFqT5L5+wbfpW
ahS+vidFhoF+1jK14Gg4WMVfZubDX4aiRYC44s2FAoGAfgU3/eUpZhKCvDKVtdfD
/Mlmlgo7nDwO54g1XTY8ro1RT3Lh32KAfeIsW1/oqulICrAgJI0l9gdnDFTA+MmU
Zk1YSBqHJmqpdQLAh3vsyOIU+gP8jRsSnf3eubQqrsmKiaRzytdEtF3/3Af4Tzov
P8V2gdxMUW6WWPVZPgUY1r0CgYBoerilnAAFZn/5DITmWdn+W7Xk97Ocpgg6Vz1C
l6R7ZSWvso2C9OIFB09b94KE86IkdNAeyA9ekvOJAmpkkCiaeac2inajrEtfADlU
8no4nIviBNs0pV2vNDTeuusd22IL3giO+haVdf7kSDLZIW62d1oY/gAKkktL/MvW
aagtmQKBgFQJ8FhBmSU/pkl5cRLEySwFWv/SvK7/VPBB1KDnbqAFC3YV1J2EIghL
7Rq/s93NCBweb97e5SgH/IBPpWnlXzRGL5ApmwXuoPzp7PZokgw7Tv4X8SSjaOmP
ITfOx9KgntLukRe860E+CbkBxEhPD+2+GhtXL0d21o4JoS/YQb80
-----END RSA PRIVATE KEY-----
'''
self.sshd_rsa_public_key = \
'''ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCzs9AxmS3r+zeJt01boLhlSvqTW5ITRdnlErZx92HRSDX4OQlGnxZN2wgo5Vjr02jWTfMoabsQW/HkmGZJfEVw+oyPX/41jD4l5PyrXwnM+uG8SYgqE/f7J1b4H7rDw8/a4Qik5L05fshJCCyAnYnYzjxo/ZoCR0CO07rUl6knp35Qe0NwXJFLs//Xv+jVB9ZqUCBt0ulm6rR6C5F51U7o5O6BMu73qDfDtOTvBq0s7QZFK0Y+VdE1HJlbgRHrGdSsbmVsRggJNghIDnItJgFvdNM/J9C/p+UP1IPrhdrySCS0aQMBszHvBroGJEx6yE0z64VEn9mKZwAp1QkzJh/h root@localhost
'''
testlib.config_replace(self.sshd_rsa_private_keyfile,
self.sshd_rsa_private_key)
testlib.config_replace(self.sshd_rsa_private_keyfile + ".pub",
self.sshd_rsa_public_key)
self._restart_daemon()
# create a user to log in via ssh
self.user = testlib.TestUser()
self.other_user = testlib.TestUser()
self._create_ssh_dir(self.user)
self._create_ssh_dir(self.other_user)
def setUp(self):
'''Set up prior to each test_* function'''
self.daemon = testlib.TestDaemon("/etc/init.d/cron")
self.daemon.restart()
self.tmpdir = tempfile.mkdtemp(prefix='testlib', dir='/tmp')
self.seconds = 130
self.spooldir = "/var/spool/cron/crontabs"
self.script = os.path.join(self.tmpdir, "test.sh")
self.cronfile = os.path.join(self.tmpdir, "test.cron")
self.works = os.path.join(self.tmpdir, "it_works")
contents = '''#!/bin/sh
set -e
touch %s
''' % (self.works)
testlib.create_fill(self.script, contents, mode=0755)
contents = "*/1 * * * * %s\n" % (self.script)
testlib.create_fill(self.cronfile, contents)
self.user = testlib.TestUser() #group='users',uidmin=2000,lower=True)
os.chown(os.path.dirname(self.works), self.user.uid, self.user.gid)
def setUp(self):
'''Set up prior to each test_* function'''
self.update_exim4_conf = "/etc/exim4/update-exim4.conf.conf"
self.exim4_conf_template = "/etc/exim4/exim4.conf.template"
self.exim4_passwd = "/etc/exim4/passwd"
self.exim4_trusted = "/etc/exim4/trusted_configs"
self.exim4_spool = "/var/spool/exim4"
self.exim4_hack_conf = "/var/spool/exim4/e.conf"
self.exim4_hack_setuid = "/var/spool/exim4/setuid"
self.exim4_panic_log = "/var/log/exim4/paniclog"
self.had_system_exim4_passwd = False
self.port = 25 # TODO: different port (2525?)
self.domain = "example.com"
testlib.config_replace(self.exim4_trusted, "", append=True)
self.user = testlib.TestUser(lower=True)
self.s = None
# Silently allow for this connection to fail, to handle the
# initial setup of the exim4 server.
try:
self.s = smtplib.SMTP('localhost', port=self.port)
except:
pass
def test_zz_CVE_2010_0442(self):
'''Test CVE-2010-0442'''
self.user = testlib.TestUser()
self.testuser = self.user.login
self.testdb = "%s_db" % (self.testuser)
self._create_user(self.testuser, self.user.password)
self._create_db(self.testdb, self.testuser)
import pg
self.pgcnx = pg.connect(dbname=self.testdb,
host='127.0.0.1',
user=self.testuser,
passwd=self.user.password)
rc, result = self.daemon.status()
try:
q = self.pgcnx.query(
"SELECT substring(B'10101010101010101010101010101010101010101010101',33,-15);"
)
except:
# Natty and older calculate the string length, and return a
# result. Oneiric and newer actually error out if the length
# is specified as negative.
if self.lsb_release['Release'] < 11.10:
self.assertTrue(
False, "SELECT returned with error (likely vulnerable)")
else:
self.assertTrue(True, "SELECT should have returned an error!")
def test_user_filter_regression(self):
'''Test CVE-2010-4345 user filter regression'''
# See http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=611572
forward_user = testlib.TestUser(lower=True)
self._write_forward(
forward_user, '''# Exim filter
if $header_subject: contains "Ubuntu" or
$header_subject: contains "Rocks"
then
save $home/mail/ubunturocks
endif
''')
rc, report = testlib.cmd([
'sudo', '-u', forward_user.login, '/bin/bash', '-c',
'echo "" | /usr/sbin/exim4 -bf /home/' + forward_user.login +
'/.forward'
])
expected = 0
result = 'Got exit code %d, expected %d\n' % (rc, expected)
self.assertEquals(expected, rc, result + report)
self.assertTrue("Normal delivery will occur" in report,
"Didn't find 'Normal deliver will occur'")
self.assertFalse("Operation not permitted" in report,
"Found 'Operation not permitted'")
def test_pygresql_escape_string(self):
'''Test pygresql (escape strings)'''
self.user = testlib.TestUser()
self.testuser = self.user.login
self.testdb = "pygresql_db"
self._create_user(self.testuser, self.user.password)
self._create_db(self.testdb, self.testuser)
import pg
self.pgcnx = pg.connect(dbname=self.testdb,
host='127.0.0.1',
user=self.testuser,
passwd=self.user.password)
search = "''"
warning = 'Could not find "%s"\n' % search
self.assertTrue(pg.escape_string("'") == search, warning)
# fix for CVE-2009-2940 added this
search = "''"
warning = 'Could not find "%s"\n' % search
try:
self.assertTrue(self.pgcnx.escape_string("'") == search, warning)
except AttributeError:
warning = 'CVE-2009-2940: Could not find required pyobj.escape_string()'
self.assertTrue(False, warning)
def test_basic_install(self):
'''Test basic install'''
# taken from http://testcases.qa.ubuntu.com/Install/ServerWhole
self.user = testlib.TestUser()
self.testuser = self.user.login
self.testdb = "%s_db" % (self.testuser)
print ""
print " List databases"
(rc, report) = testlib.cmd(['sudo', '-u', 'postgres', 'psql', '-l'])
expected = 0
result = 'Got exit code %d, expected %d\n' % (rc, expected)
self.assertEquals(expected, rc, result + report)
for search in ['List of databases', 'template0']:
result = "Could not find '%s' in report\n" % (search)
self.assertTrue(search in report, result + report)
print " Create user"
self._create_user(self.testuser)
print " Create database"
self._create_db(self.testdb, self.testuser)
print " Connect to database as user"
(rc, report) = testlib.cmd([
'sudo', '-u', self.testuser, 'psql', '-d', self.testdb, '-c', '\du'
])
expected = 0
result = 'Got exit code %d, expected %d\n' % (rc, expected)
self.assertEquals(expected, rc, result + report)
for search in ['List of roles', self.testuser]:
result = "Could not find '%s' in report\n" % (search)
self.assertTrue(search in report, result + report)
def setUp(self):
'''Set up prior to each test_* function'''
self.user = testlib.TestUser()
# Lucid fails to verify signatures, not sure why
# skip importing the key so example rpms are still installable
if self.lsb_release['Release'] > 10.04:
self._import_key()
def setUp(self):
'''Set up prior to each test_* function'''
self.topdir = os.getcwd()
self.cached_src = os.path.join(self.topdir, "source")
self.tmpdir = tempfile.mkdtemp(prefix='libjpegturbo', dir='/tmp')
self.builder = testlib.TestUser()
testlib.cmd(['chgrp', self.builder.login, self.tmpdir])
os.chmod(self.tmpdir, 0775)
self.patch_system = "quiltv3"
def setUp(self):
'''Set up prior to each test_* function'''
# Dovecot in quantal+ doesn't like mixed-case usernames
self.user = testlib.TestUser(lower=True)
self.dovecot = testlib_dovecot.Dovecot(self, self.user)
self.rubyscript = tempfile.NamedTemporaryFile(suffix='.rb',
prefix='imap-test-')
os.chmod(self.rubyscript.name, 0700)
self.hostname = self.yank_commonname_from_cert(self.dovecot.get_cert())
self._remove_snakeoil_symlinks()
def test_droppriv(self):
'''Test dropped privs'''
self.user = testlib.TestUser() #group='users',uidmin=2000,lower=True)
rc, report = testlib.cmd(self.common_args + ['-Z', self.user.login])
expected = 0
result = 'Got exit code %d\n' % (rc)
self.assertTrue(rc == expected, result + report)
reg = '^\d\d:\d\d:\d\d\.\d{6} '
self._regex_find(reg, report)
def setUp(self):
'''Set up prior to each test_* function'''
self.mailman_daemon = testlib.TestDaemon("/etc/init.d/mailman")
self.mailman_cfg = '/etc/mailman/mm_cfg.py'
self.mailman_aliases = '/var/lib/mailman/data/aliases'
self.mailman_pid = '/var/run/mailman/mailman.pid'
self.postfix_daemon = testlib.TestDaemon("/etc/init.d/postfix")
self.postfix_mastercf = '/etc/postfix/master.cf'
self.postfix_maincf = '/etc/postfix/main.cf'
self.postfix_transport = '/etc/postfix/transportqrt'
self.postfix_aliases = '/etc/aliases'
self.ports_file = "/etc/apache2/ports.conf"
self.mailman_site = "/etc/apache2/sites-enabled/mailman"
self.tempdir = tempfile.mkdtemp()
if self.lsb_release['Release'] >= 12.10:
self.default_site = "/etc/apache2/sites-available/000-default.conf"
else:
self.default_site = "/etc/apache2/sites-available/default"
if self.lsb_release['Release'] >= 13.10:
self.apache_pid = "/var/run/apache2/apache2.pid"
else:
self.apache_pid = "/var/run/apache2.pid"
self.cj = cookielib.LWPCookieJar()
self.opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(self.cj))
# Make sure daemons are stopped before we begin
self.postfix_daemon.stop()
self.mailman_daemon.stop()
testlib.config_replace(self.mailman_aliases, "", append=True)
testlib.config_set(self.mailman_cfg,'MTA',"'Postfix'")
subprocess.call(['/usr/lib/mailman/bin/genaliases'], stdout=subprocess.PIPE)
subprocess.call(['chown', 'root:list', self.mailman_aliases])
# Is this a packaging mistake?
subprocess.call(['chown', 'list:list', '/var/lib/mailman/archives/private'])
self._zap_lists()
subprocess.call(['/usr/sbin/newlist', '-q', '*****@*****.**', '*****@*****.**' ,'ubuntu'], stdout=subprocess.PIPE)
self._setUp_postfix()
self._setUp_apache()
self.mailman_daemon.restart()
self.user = testlib.TestUser(lower=True)
self.s = None
# Silently allow for this connection to fail, to handle the
# initial setup of the postfix server.
try:
self.s = smtplib.SMTP('localhost', port=25)
except:
pass
def setUp(self):
'''Set up prior to each test_* function'''
self.tmpdir = tempfile.mkdtemp(prefix='testlib', dir='/tmp')
self.topdir = os.getcwd()
self.cached_src = os.path.join(self.topdir, "source")
self.patch_system = None
self.builder = testlib.TestUser(
) #group='users',uidmin=2000,lower=True)
self.tmpdir = tempfile.mkdtemp(prefix='testlib', dir='/tmp')
testlib.cmd(['chgrp', self.builder.login, self.tmpdir])
os.chmod(self.tmpdir, 0775)
def setUp(self):
'''Set up prior to each test_* function'''
# list of files that we update
self.conf_files = [ '/etc/postfix/master.cf', '/etc/postfix/main.cf', '/etc/default/saslauthd', '/etc/postfix/sasl/smtpd.conf', '/etc/sasldb2']
self.user = testlib.TestUser(lower=True)
self.s = None
# Silently allow for this connection to fail, to handle the
# initial setup of the postfix server.
try:
self.s = smtplib.SMTP('localhost', port=2525)
except:
pass
def test_freshclam(self):
'''Test freshclam'''
self.user = testlib.TestUser() #group='users',uidmin=2000,lower=True)
self.tmpdir = tempfile.mkdtemp(prefix='testlib', dir='/var/lib/clamav')
testlib.cmd(['chown', self.user.login, self.tmpdir])
logfile = os.path.join(self.tmpdir, "freshclam.log")
rc, report = testlib.cmd([
'sudo', '-u', self.user.login, 'freshclam',
'--log=%s' % (logfile),
'--datadir=%s' % (self.tmpdir)
])
expected = 0
result = 'Got exit code %d\n' % (rc)
self.assertTrue(rc == expected, result + report)
def setUp(self):
'''Set up prior to each test_* function'''
self.topdir = os.getcwd()
self.cached_src = os.path.join(self.topdir, "source")
self.tmpdir = tempfile.mkdtemp(prefix='testlib', dir='/tmp')
self.builder = testlib.TestUser()
testlib.cmd(['chgrp', self.builder.login, self.tmpdir])
os.chmod(self.tmpdir, 0775)
self.patch_system = "quiltv3"
if self.lsb_release['Release'] < 10.10:
self.patch_system = "quilt"
# Some tests needs tools that are built but not shipped in packages so
# let's keep the build_dir around for them
self.cached_build_topdir = os.path.join(self.topdir, "build")
def test_devices(self):
'''Test devices'''
self.unpriv_user = testlib.TestUser()
client = os.path.abspath('./usbmuxd/usbmux.py')
# TODO: would be nice to plug in a device during this time and check
# for it
rc, report = testlib.cmd(
['su', '-', self.unpriv_user.login, '-c', client])
expected = 0
self.assertEquals(expected, rc,
"Got error code '%d':\n%s" % (rc, report))
for s in ['Waiting for devices', 'Devices:']:
result = "Could not find '%s' in report:\n%s" % (s, report)
self.assertTrue(s in report, result)
def setUp(self):
tmpfd, self.tmppath = tempfile.mkstemp(prefix='fetchmail-test')
self.user = testlib.TestUser()
# use NULL-byte certs
self.certs = tempfile.mkdtemp(prefix='dovecot-certs-')
self.cert_pub = self.certs + '/public.pem'
self.cert_key = self.certs + '/private.pem'
self.assertShellExitEquals(
0, ['fetchmail/null-snakeoil.py', self.cert_pub, self.cert_key])
self.dovecot = testlib_dovecot.Dovecot(self,
self.user,
cert_pub=self.cert_pub,
cert_key=self.cert_key)
self.hostname = self.yank_commonname_from_cert(
self.dovecot.get_cert()).split('\x00')[0]
def test_pygresql_escape_bytea(self):
'''Test pygresql (escape bytea)'''
if self.lsb_release['Release'] == 6.06:
return self._skipped("functions don't exist in Dapper")
self.user = testlib.TestUser()
self.testuser = self.user.login
self.testdb = "pygresql_db"
self._create_user(self.testuser, self.user.password)
self._create_db(self.testdb, self.testuser)
import pg
self.pgcnx = pg.connect(dbname=self.testdb,
host='127.0.0.1',
user=self.testuser,
passwd=self.user.password)
binary = file('/bin/ls', 'rb').read()
escaped = pg.escape_bytea(binary)
search = "Usage: "
warning = 'Could not find "%s"\n' % search
self.assertTrue(search in escaped, warning)
search = "\\\\000"
warning = 'Could not find "%s"\n' % search
self.assertTrue(search in escaped, warning)
# The following extra tests don't work on Oneiric+
if self.lsb_release['Release'] >= 11.10:
return
# fix for CVE-2009-2940 added this
try:
escaped = self.pgcnx.escape_bytea(binary)
except AttributeError:
warning = 'CVE-2009-2940: Could not find required pyobj.escape_bytea()'
self.assertTrue(False, warning)
search = "Usage: "
warning = 'Could not find "%s"\n' % search
self.assertTrue(search in escaped, warning)
search = "\\\\000"
warning = 'Could not find "%s"\n' % search
self.assertTrue(search in escaped, warning)
def setUp(self):
'''Set up prior to each test_* function'''
self.user = testlib.TestUser()
self.user_testfile = os.path.join(self.user.home, "testfile")
self.user_teststring = "Ubuntu rocks!"
testlib.create_fill(self.user_testfile, self.user_teststring)
self.vsftpd_conf = "/etc/vsftpd.conf"
testlib.config_set(self.vsftpd_conf,'write_enable','YES', spaces=False)
testlib.config_set(self.vsftpd_conf,'local_enable','YES', spaces=False)
self.tempdir = tempfile.mkdtemp(dir='/tmp',prefix="vsftpd-")
self.daemon = testlib.TestDaemon("/etc/init.d/vsftpd")
self.daemon.restart()
self.current_dir = os.getcwd()
def setUp(self):
'''Set up prior to each test_* function'''
self.daemon = testlib.TestDaemon("/etc/init.d/apport")
self.defaults = "/etc/default/apport"
self.core_pattern = "/proc/sys/kernel/core_pattern"
self.tmpdir = tempfile.mkdtemp(dir='/tmp')
self.crashdir = "/var/crash"
self.user = testlib.TestUser() #group='users',uidmin=2000,lower=True)
testlib.cmd(['adduser', self.user.login, 'adm'])
testlib.cmd(['adduser', self.user.login,
'admin']) # needed by some tests
self.test_dir = os.path.join(self.crashdir, "testlib-dir")
self.test_empty = os.path.join(self.crashdir, "testlib.empty")
self.test_old = os.path.join(self.crashdir, "testlib.old")
# we need a program that is in a package here, for apport to generate
# a report
self.test_exec = "/usr/bin/free"
self.test_exec_bak = "/usr/bin/free.testlib"
self.test_exec_report = os.path.join(self.crashdir, "_usr_bin_free")
# name this, but don't create it
self.test_file = os.path.join(self.crashdir, "testlib-file")
testlib.create_fill(self.test_empty, '')
os.chown(self.test_empty, self.user.uid, self.user.gid)
testlib.create_fill(self.test_old, 'stuff')
subprocess.call(['touch', '-t', '200601010000', self.test_old])
os.chown(self.test_old, self.user.uid, self.user.gid)
os.mkdir(self.test_dir)
os.chown(self.test_dir, self.user.uid, self.user.gid)
# The location of the test-runner changed in karmic(?)
if os.path.exists("/usr/share/apport/testsuite/run-tests"):
self.testsuite = "/usr/share/apport/testsuite/run-tests"
else:
self.testsuite = "/usr/share/apport/testsuite/run"
# Vivid no longer ships the test suite
if self.lsb_release['Release'] >= 15.04:
self.testsuite = None
self.apt_sources = "/etc/apt/sources.list"
def test_20_environment_leak(self):
'''Does not leak DB_CONFIG contents (CVE-2010-0826)'''
user = testlib.TestUser()
try:
line1 = file('/etc/shadow').read().splitlines()[0].split(":")[0]
tmpdir = tempfile.mkdtemp(prefix='dbleak-')
os.chdir(tmpdir)
os.chown(tmpdir, user.uid, user.gid)
self.assertShellExitEquals(0, [
'sudo', '-u', user.login, "ln", "-s", "/etc/shadow",
'DB_CONFIG'
])
rc, output = testlib.cmd(['sudo', '-u', user.login, "sudo"])
self.assertTrue('incorrect name-value pair' not in output, output)
self.assertTrue(line1 not in output, output)
finally:
os.chdir('/')
shutil.rmtree(tmpdir)
def setUp(self):
'''Set up prior to each test_* function'''
self.secret = "UbuntuRocks!"
self.opiekeys = "/etc/opiekeys"
self.opie_pam = "/etc/pam.d/opie"
self.long_username = "******"
# If there's no database file, create one so it gets purged
# properly when the test script ends.
if not os.path.exists(self.opiekeys):
subprocess.call(['touch', self.opiekeys])
testlib.config_replace(self.opiekeys, "")
# Create the pam config file
open(self.opie_pam, 'w').write('''auth sufficient pam_unix.so
auth sufficient pam_opie.so
auth required pam_deny.so
''')
# Create a system user with an opie key
self.user = testlib.TestUser()
(self.opie_user, self.opie_seq, self.opie_seed) = self._create_opie()
def setUp(self):
'''Set up prior to each test_* function'''
self.daemon = testlib.TestDaemon("/etc/init.d/freeradius")
self.tmpdir = tempfile.mkdtemp(prefix='freeradius-', dir='/tmp')
self.auth_approved = "code 2"
self.auth_denied = "code 3"
# Add a default user
self.users_file = "/etc/freeradius/users"
self.test_user = "******"
self.test_pass = "******"
config_line = '%s Cleartext-Password := "******"' % (self.test_user, self.test_pass)
testlib.config_replace(self.users_file, config_line, append=True)
# Enable Unix auth
self.default_site = "/etc/freeradius/sites-available/default"
testlib.config_replace(self.default_site, "", append=True)
subprocess.call(['sed', '-i', 's/^#\tunix/\tunix/', self.default_site])
# Create a test user
self.user = testlib.TestUser()
self._restart_daemon()
def test_10_sending_mail_forward_normal(self):
'''Mail delivered via .forward'''
forward_user = testlib.TestUser(lower=True)
self._write_forward(forward_user, self.user.login+'\n')
self._test_roundtrip_mail(forward_user, self.user)
def setUp(self):
'''Set up prior to each test_* function'''
# Create a system user key
self.user = testlib.TestUser()
def _test_zz_testsuite(self):
'''Test testsuite'''
if self.lsb_release['Release'] < 11.04:
return self._skipped("testsuite doesn't work on this release")
self.cached_src = os.path.join(self.topdir, "source")
self.patch_system = None
self.builder = testlib.TestUser(
) #group='users',uidmin=2000,lower=True)
testlib.cmd(['chgrp', self.builder.login, self.tmpdir])
os.chmod(self.tmpdir, 0775)
build_dir = testlib.prepare_source('apt', \
self.builder, \
self.cached_src, \
os.path.join(self.tmpdir, \
os.path.basename(self.cached_src)), \
self.patch_system)
os.chdir(build_dir)
print ""
# print " clean"
# rc, report = testlib.cmd(['sudo', '-u', self.builder.login, 'fakeroot', 'debian/rules', 'clean'])
# expected = 0
# result = 'Got exit code %d, expected %d\n' % (rc, expected)
# self.assertEquals(expected, rc, result + report)
print " build"
rc, report = testlib.cmd([
'sudo', '-u', self.builder.login, 'fakeroot', 'debian/rules',
'build'
])
expected = 0
result = 'Got exit code %d, expected %d\n' % (rc, expected)
self.assertEquals(expected, rc, result + report)
# Only Precise and higher have a usable testsuite
print " tests",
if self.lsb_release['Release'] < 12.04:
print "(skipped in this release)"
else:
print ""
rc, report = testlib.cmd(
['sudo', '-u', self.builder.login, 'make', 'test'])
expected = 0
result = 'Got exit code %d, expected %d\n' % (rc, expected)
self.assertEquals(expected, rc, result + report)
failure_txt = ""
for line in report.splitlines():
if "FAIL" in line:
failure_txt += line + "\n"
self.assertTrue(
failure_txt == "",
"Found failures in report:\n%s\nLines with failures:\n%s" %
(report, failure_txt))
# Only Natty and higher have integration tests
print " integration tests",
if self.lsb_release['Release'] < 11.04:
print "(skipped in this release)"
else:
print ""
testlib.cmd([
'sudo', '-H', '-u', self.builder.login, 'mkdir', '-m', '0700',
os.path.join("/home", self.builder.login, ".gnupg")
])
if self.lsb_release['Release'] >= 12.04:
rc, report = testlib.cmd([
'sudo', '-H', '-u', self.builder.login, 'make', '-C',
'test/integration', 'test'
])
else:
os.chdir(os.path.join(build_dir, 'test', 'integration'))
rc, report = testlib.cmd(
['sudo', '-H', '-u', self.builder.login, './run-tests'])
expected = 0
result = 'Got exit code %d, expected %d\n' % (rc, expected)
self.assertEquals(expected, rc, result + report)
# Attempt to parse test output of the form (as seen by pyunit, not
# terminal output):
# Testcase test-apt-get-autoremove: P P P P P P P P P P P
# Testcase test-apt-get-changelog: P P P P P
# -E: changelog download failed
# +E: changelog for this version is not (yet) available; try https://launchpad.net/ubuntu/+source/apt/+changelog
# ###FAILED###
# ...
efails = ['test-apt-key-net-update:'] # LP: #1013639
efails = []
if self.lsb_release['Release'] >= 12.04:
efails += [
'test-apt-get-changelog:',
'test-bug-593360-modifiers-in-names:',
'test-bug-601016-description-translation:',
'test-bug-612099-multiarch-conflicts:',
'test-bug-64141-install-dependencies-for-on-hold:',
'test-conflicts-loop:',
'test-ubuntu-bug-859188-multiarch-reinstall:',
]
elif self.lsb_release['Release'] == 11.10:
efails += [
'test-apt-get-changelog:',
'test-apt-get-download:',
'test-bug-407511-fail-invalid-default-release:',
'test-bug-470115-new-and-tighten-recommends:',
'test-bug-549968-install-depends-of-not-installed:',
'test-bug-590041-prefer-non-virtual-packages:',
'test-bug-601016-description-translation:',
'test-bug-612099-multiarch-conflicts:',
'test-bug-618288-multiarch-same-lockstep:',
'test-bug-632221-cross-dependency-satisfaction:',
'test-bug-64141-install-dependencies-for-on-hold:',
'test-compressed-indexes:',
'test-disappearing-packages:',
'test-handling-broken-orgroups:',
'test-release-candidate-switching:',
'test-ubuntu-bug-802901-multiarch-early-remove:',
'test-ubuntu-bug-806274-install-suggests:',
'test-ubuntu-bug-835625-multiarch-lockstep-installed-first:',
]
elif self.lsb_release['Release'] == 11.04:
efails += [
'test-bug-590041-prefer-non-virtual-packages:',
'test-bug-595691-empty-and-broken-archive-files:',
'test-bug-601016-description-translation:',
'test-bug-64141-install-dependencies-for-on-hold:',
'test-compressed-indexes:',
'test-disappearing-packages:',
'test-pdiff-usage:',
]
failure_txt = ""
testcase_txt = ""
in_testcase = False
for line in report.splitlines():
testcase_txt += line + "\n"
if line.startswith("Testcase"):
in_testcase = True
testcase_txt = line + "\n"
continue
elif in_testcase and '###FAILED###' in line:
ex_fail = False
for e in efails:
if e in testcase_txt.splitlines()[0]:
ex_fail = True
break
if not ex_fail:
testcase_txt += line + "\n"
failure_txt += testcase_txt + "\n"
self.assertTrue(
failure_txt == "",
"Found failures in report:\n%s\nLines with failures:\n%s" %
(report, failure_txt))
def test_permissions(self):
'''Test permissions/ownership'''
def file_access(path, username, mode, needs_access):
'''Determine if user has read, write or execute access to the
file.
'''
if mode == "read":
rc, report = testlib.cmd(
['su', '-c', 'cat %s' % path, username])
elif mode == "write":
rc, report = testlib.cmd(
['su', '-c',
'echo "# has write" > %s' % path, username])
f = open(path)
report = f.read()
f.close()
elif mode == "execute":
rc, report = testlib.cmd(['su', '-c', path, username])
else:
print "Unsupported mode '%s'" % mode
# debugging
#ls_rc, ls_report = testlib.cmd(['ls', '-l', path])
#print " DEBUG: rc=%d,mode=%s,user=%s,access=%s,report=%s" % (rc, mode, username, needs_access, ls_report.strip())
#print " DEBUG: %s" % (open(path).read())
expected = 0
result = 'Got exit code %d\n' % (rc)
if needs_access:
self.assertTrue(expected == rc, result + report)
else:
self.assertFalse(expected == rc, result + report)
search = "# has %s" % mode
result = "Couldn't find '%s' in report" % search
if needs_access:
self.assertTrue(search in report, result + report)
else:
self.assertFalse(search in report, result + report)
def dir_access(path, username, mode, needs_access):
'''Determine if user has read, write or execute access to the
directory.'''
if mode == "read":
rc, report = testlib.cmd(
['su', '-c', 'ls %s' % path, username])
elif mode == "write":
rc, report = testlib.cmd([
'su', '-c',
'touch %s' % os.path.join(path, "testme"), username
])
testlib.cmd([
'su', '-c',
'rm -f %s' % os.path.join(path, "testme"), username
])
elif mode == "execute":
rc, report = testlib.cmd(
['su', '-c', 'cat %s' % path, username])
else:
print "Unsupported mode '%s'" % mode
# debugging
#ls_path = path
#if not os.path.isdir(path):
# ls_path = os.path.dirname(path)
#ls_rc, ls_report = testlib.cmd(['ls', '-ld', ls_path])
#print " DEBUG: rc=%d,mode=%s,user=%s,access=%s,report=%s" % (rc, mode, username, needs_access, ls_report.strip())
expected = 0
result = 'Got exit code %d\n' % (rc)
if needs_access:
self.assertTrue(expected == rc, result + report)
else:
self.assertFalse(expected == rc, result + report)
if mode == "execute":
search = "# has"
result = "Couldn't find '%s' in report" % search
if needs_access:
self.assertTrue(search in report, result + report)
else:
self.assertFalse(search in report, result + report)
self._create_fs()
self.user = testlib.TestUser()
self.user2 = testlib.TestUser()
dir = os.path.join(self.mnt, "foo")
os.mkdir(dir)
fn = os.path.join(dir, "bar")
rc, report = testlib.cmd(['chmod', '-R', 'a+rX', self.tmpdir])
expected = 0
result = 'Got exit code %d, expected %d\n' % (rc, expected)
self.assertEquals(expected, rc, result + report)
print ""
print " file:"
# The idea here is to have self.user access the file. The file's
# ownership is adjusted to self.user2 accordingly.
for j in ['o', 'g', 'u']:
for i in ['rx', 'w', 'r',
'']: # need 'rx' instead of just 'x' for a script
# reset the file contents, ownership, and permissions each time
f = open(fn, 'w')
f.write(
"#!/bin/sh\n# has read\necho -n '#' ; echo ' has execute'\n"
)
f.close()
rc, report = testlib.cmd([
'chown',
"%s:%s" % (self.user2.login, self.user2.login), fn
])
expected = 0
result = 'Got exit code %d, expected %d\n' % (rc, expected)
self.assertEquals(expected, rc, result + report)
rc, report = testlib.cmd(['chmod', "0000", fn])
expected = 0
result = 'Got exit code %d, expected %d\n' % (rc, expected)
self.assertEquals(expected, rc, result + report)
# set new permissions
p = "%s=%s" % (j, i)
print " %s" % p
rc, report = testlib.cmd(['chmod', p, fn])
expected = 0
result = 'Got exit code %d, expected %d\n' % (rc, expected)
self.assertEquals(expected, rc, result + report)
if j == 'u' or j == 'g':
file_access(fn, self.user.login, 'read', False)
file_access(fn, self.user.login, 'write', False)
file_access(fn, self.user.login, 'execute', False)
if j == 'u':
# set owner
rc, report = testlib.cmd(
['chown', "%s" % (self.user.login), fn])
expected = 0
result = 'Got exit code %d, expected %d\n' % (rc,
expected)
self.assertEquals(expected, rc, result + report)
elif j == 'g':
rc, report = testlib.cmd(
['chgrp', self.user.login, fn])
expected = 0
result = 'Got exit code %d, expected %d\n' % (rc,
expected)
self.assertEquals(expected, rc, result + report)
file_access(fn, self.user.login, 'read', 'r' in i)
file_access(fn, self.user.login, 'execute', 'x' in i)
# 'write' must be last since it overwrites the file
file_access(fn, self.user.login, 'write', 'w' in i)
rc, report = testlib.cmd(['chmod', "0777", fn])
expected = 0
result = 'Got exit code %d, expected %d\n' % (rc, expected)
self.assertEquals(expected, rc, result + report)
f = open(fn, 'w')
f.write("#!/bin/sh\n# has read\necho -n '#' ; echo ' has execute'\n")
f.close()
print " directory:"
for j in ['o', 'g', 'u']:
for i in ['r', 'wx', 'x', '']:
# reset each time
rc, report = testlib.cmd(['chmod', "0000", dir])
expected = 0
result = 'Got exit code %d, expected %d\n' % (rc, expected)
self.assertEquals(expected, rc, result + report)
rc, report = testlib.cmd([
'chown',
"%s:%s" % (self.user2.login, self.user2.login), dir
])
expected = 0
result = 'Got exit code %d, expected %d\n' % (rc, expected)
self.assertEquals(expected, rc, result + report)
# set new permissions
p = "%s=%s" % (j, i)
print " %s" % p
rc, report = testlib.cmd(['chmod', p, dir])
expected = 0
result = 'Got exit code %d, expected %d\n' % (rc, expected)
self.assertEquals(expected, rc, result + report)
if j == 'u' or j == 'g':
dir_access(dir, self.user.login, 'read', False)
dir_access(dir, self.user.login, 'write', False)
dir_access(fn, self.user.login, 'execute', False)
if j == 'u':
# set owner
rc, report = testlib.cmd(
['chown', "%s" % (self.user.login), dir])
expected = 0
result = 'Got exit code %d, expected %d\n' % (rc,
expected)
self.assertEquals(expected, rc, result + report)
elif j == 'g':
rc, report = testlib.cmd(
['chgrp', self.user.login, dir])
expected = 0
result = 'Got exit code %d, expected %d\n' % (rc,
expected)
self.assertEquals(expected, rc, result + report)
dir_access(dir, self.user.login, 'read', 'r' in i)
dir_access(dir, self.user.login, 'write', 'w' in i)
dir_access(fn, self.user.login, 'execute', 'x' in i)
