def test_add_user(user_setup) -> None:
binary_manager = BinaryManager()
user_helper = UserHelper(binary_manager.binary(Binaries.USERADD),
binary_manager.binary(Binaries.USERMOD))
user_helper.useradd(
"addeduser",
comment="freshly added user",
uid=1200,
gid=33,
home="/var/lib/addeduser",
shell="/usr/bin/nologin",
root_directory=user_setup,
)
result = UserHelper.user_data("addeduser", root_directory=user_setup)
assert result
assert result._asdict() == {
"name": "addeduser",
"password": "******",
"uid": 1200,
"gid": 33,
"comment": "freshly added user",
"home": "/var/lib/addeduser",
"shell": "/usr/bin/nologin",
}
def test_mod_user(user_setup) -> None:
binary_manager = BinaryManager()
user_helper = UserHelper(binary_manager.binary(Binaries.USERADD),
binary_manager.binary(Binaries.USERMOD))
user_helper.usermod('test', comment='freshly added user',
shell='/usr/bin/nologin', root_directory=user_setup)
result = UserHelper.user_data('test', root_directory=user_setup)
assert result
assert result._asdict() == {'name': 'test', 'password': '******',
'uid': 10001, 'gid': 10001, 'comment': 'freshly added user',
'home': '/home/test', 'shell': '/usr/bin/nologin'}
def test_add_user(user_setup) -> None:
binary_manager = BinaryManager()
user_helper = UserHelper(binary_manager.binary(Binaries.USERADD),
binary_manager.binary(Binaries.USERMOD))
user_helper.useradd('addeduser', comment='freshly added user',
uid=1200, gid=33, home='/var/lib/addeduser',
shell='/usr/bin/nologin', root_directory=user_setup)
result = UserHelper.user_data('addeduser', root_directory=user_setup)
assert result
assert result._asdict() == {'name': 'addeduser', 'password': '******',
'uid': 1200, 'gid': 33, 'comment': 'freshly added user',
'home': '/var/lib/addeduser', 'shell': '/usr/bin/nologin'}
def __call__(
self,
location: Location,
system_context: SystemContext,
*args: typing.Any,
**kwargs: typing.Any,
) -> None:
"""Execute command."""
user = args[0]
keyfile = args[1]
info(f"Adding ssh key to {user}'s authorized_keys file.")
data = UserHelper.user_data(user, root_directory=system_context.fs_directory)
if data is None:
raise GenerateError(
f'"{self.name}" could not find user "{user}".', location=location,
)
trace(f"{user} mapping: UID {data.uid}, GID {data.gid}, home: {data.home}.")
self._check_or_create_directory(
location,
system_context,
data.home,
mode=0o750,
user=data.uid,
group=data.gid,
)
ssh_directory = os.path.join(data.home, ".ssh")
self._check_or_create_directory(
location,
system_context,
ssh_directory,
mode=0o700,
user=data.uid,
group=data.gid,
)
key = read_file(system_context, keyfile, outside=True).decode("utf-8")
authorized_file = os.path.join(ssh_directory, "authorized_keys")
line = ""
options = kwargs.get("options", "")
if options:
line = options + " " + key + "\n"
else:
line += key + "\n"
self._execute(
location.next_line(),
system_context,
"append",
authorized_file,
line,
force=True,
)
chown(system_context, data.uid, data.gid, authorized_file)
chmod(system_context, 0o600, authorized_file)
def test_missing_user_data(user_setup) -> None:
"""Test reading a unknown user name from /etc/passwd-like file."""
result = UserHelper.user_data('unknownUser', root_directory=user_setup)
assert result
assert result._asdict() == {'name': 'nobody', 'password': '******',
'uid': 65534, 'gid': 65534,
'comment': 'Nobody', 'home': '/',
'shell': '/sbin/nologin'}
def test_missing_user_data(user_setup) -> None:
"""Test reading a unknown user name from /etc/passwd-like file."""
result = UserHelper.user_data("unknownUser", root_directory=user_setup)
assert result
assert result._asdict() == {
"name": "nobody",
"password": "******",
"uid": 65534,
"gid": 65534,
"comment": "Nobody",
"home": "/",
"shell": "/sbin/nologin",
}
def test_mod_user(user_setup) -> None:
binary_manager = BinaryManager()
user_helper = UserHelper(binary_manager.binary(Binaries.USERADD),
binary_manager.binary(Binaries.USERMOD))
user_helper.usermod(
"test",
comment="freshly added user",
shell="/usr/bin/nologin",
root_directory=user_setup,
)
result = UserHelper.user_data("test", root_directory=user_setup)
assert result
assert result._asdict() == {
"name": "test",
"password": "******",
"uid": 10001,
"gid": 10001,
"comment": "freshly added user",
"home": "/home/test",
"shell": "/usr/bin/nologin",
}
def __call__(self, location: Location, system_context: SystemContext,
*args: typing.Any, **kwargs: typing.Any) -> None:
"""Execute command."""
user_name = args[0]
key_file = args[1]
user = UserHelper.user_data(user_name,
root_directory=system_context.fs_directory)
if user is None:
raise GenerateError(
'"{}" could not find user "{}".'.format(self.name, user_name),
location=location,
)
debug('Installing "{}" to user "{}" ({}).'.format(
key_file, user_name, user.home))
self._check_or_create_directory(
location,
system_context,
user.home,
mode=0o750,
user=user.uid,
group=user.gid,
)
ssh_directory = os.path.join(user.home, ".ssh")
self._check_or_create_directory(
location,
system_context,
ssh_directory,
mode=0o600,
user=user.uid,
group=user.gid,
)
installed_key_file = os.path.join(ssh_directory,
os.path.basename(key_file))
self._execute(
location.next_line(),
system_context,
"copy",
key_file,
installed_key_file,
from_outside=True,
)
trace("Copied key.")
chown(system_context, user.uid, user.gid, installed_key_file)
trace("Ownership adjusted.")
chmod(system_context, 0o600, installed_key_file)
trace("Mode adjusted.")
def __call__(self, location: Location, system_context: SystemContext,
*args: typing.Any, **kwargs: typing.Any) -> None:
"""Execute command."""
user = args[0]
keyfile = args[1]
info('Adding ssh key to {}\'s authorized_keys file.'.format(user))
data = UserHelper.user_data(user,
root_directory=system_context.fs_directory)
if data is None:
raise GenerateError('"{}" could not find user "{}".'.format(
self.name, user),
location=location)
trace('{} mapping: UID {}, GID {}, home: {}.'.format(
user, data.uid, data.gid, data.home))
self._check_or_create_directory(location,
system_context,
data.home,
mode=0o750,
user=data.uid,
group=data.gid)
ssh_directory = os.path.join(data.home, '.ssh')
self._check_or_create_directory(location,
system_context,
ssh_directory,
mode=0o700,
user=data.uid,
group=data.gid)
key = read_file(system_context, keyfile, outside=True).decode('utf-8')
authorized_file = os.path.join(ssh_directory, 'authorized_keys')
line = ''
options = kwargs.get('options', '')
if options:
line = options + ' ' + key + '\n'
else:
line += key + '\n'
self._execute(location.next_line(),
system_context,
'append',
authorized_file,
line,
force=True)
chown(system_context, data.uid, data.gid, authorized_file)
chmod(system_context, 0o600, authorized_file)
def test_missing_user_data_file(user_setup) -> None:
"""Test reading a unknown user name from /etc/passwd-like file."""
result = UserHelper.user_data("root",
root_directory=os.path.join(
user_setup, "etc"))
assert result is None
def test_user_data(user_setup, user_name: str,
expected_data: typing.Dict[str, typing.Any]) -> None:
"""Test reading of valid data from /etc/passwd-like file."""
result = UserHelper.user_data(user_name, root_directory=user_setup)
assert result
assert result._asdict() == expected_data