diff options
Diffstat (limited to '')
-rw-r--r-- | tests/su/01/config.txt | 3 | ||||
-rw-r--r-- | tests/su/01/config/etc/group | 42 | ||||
-rw-r--r-- | tests/su/01/config/etc/gshadow | 42 | ||||
-rw-r--r-- | tests/su/01/config/etc/passwd | 21 | ||||
-rw-r--r-- | tests/su/01/config/etc/shadow | 20 | ||||
-rwxr-xr-x | tests/su/01/run_su.exp | 73 | ||||
-rwxr-xr-x | tests/su/01/su_root.test | 25 | ||||
-rwxr-xr-x | tests/su/01/su_user.test | 25 |
8 files changed, 251 insertions, 0 deletions
diff --git a/tests/su/01/config.txt b/tests/su/01/config.txt new file mode 100644 index 0000000..aecff4a --- /dev/null +++ b/tests/su/01/config.txt @@ -0,0 +1,3 @@ +# no testsuite password +# root password: rootF00barbaz +# myuser password: myuserF00barbaz diff --git a/tests/su/01/config/etc/group b/tests/su/01/config/etc/group new file mode 100644 index 0000000..245cc9c --- /dev/null +++ b/tests/su/01/config/etc/group @@ -0,0 +1,42 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +man:x:12: +proxy:x:13: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +www-data:x:33: +backup:x:34: +operator:x:37: +list:x:38: +irc:x:39: +src:x:40: +gnats:x:41: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +crontab:x:101: +Debian-exim:x:102: +myuser:x:424242: diff --git a/tests/su/01/config/etc/gshadow b/tests/su/01/config/etc/gshadow new file mode 100644 index 0000000..25bd55b --- /dev/null +++ b/tests/su/01/config/etc/gshadow @@ -0,0 +1,42 @@ +root:*:: +daemon:*:: +bin:*:: +sys:*:: +adm:*:: +tty:*:: +disk:*:: +lp:*:: +mail:*:: +news:*:: +uucp:*:: +man:*:: +proxy:*:: +kmem:*:: +dialout:*:: +fax:*:: +voice:*:: +cdrom:*:: +floppy:*:: +tape:*:: +sudo:*:: +audio:*:: +dip:*:: +www-data:*:: +backup:*:: +operator:*:: +list:*:: +irc:*:: +src:*:: +gnats:*:: +shadow:*:: +utmp:*:: +video:*:: +sasl:*:: +plugdev:*:: +staff:*:: +games:*:: +users:*:: +nogroup:*:: +crontab:x:: +Debian-exim:x:: +myuser:x:: diff --git a/tests/su/01/config/etc/passwd b/tests/su/01/config/etc/passwd new file mode 100644 index 0000000..6eefe5a --- /dev/null +++ b/tests/su/01/config/etc/passwd @@ -0,0 +1,21 @@ +root:x:0:0:root:/root:/bin/bash +daemon:x:1:1:daemon:/usr/sbin:/bin/sh +bin:x:2:2:bin:/bin:/bin/sh +sys:x:3:3:sys:/dev:/bin/sh +sync:x:4:65534:sync:/bin:/bin/sync +games:x:5:60:games:/usr/games:/bin/sh +man:x:6:12:man:/var/cache/man:/bin/sh +lp:x:7:7:lp:/var/spool/lpd:/bin/sh +mail:x:8:8:mail:/var/mail:/bin/sh +news:x:9:9:news:/var/spool/news:/bin/sh +uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh +proxy:x:13:13:proxy:/bin:/bin/sh +www-data:x:33:33:www-data:/var/www:/bin/sh +backup:x:34:34:backup:/var/backups:/bin/sh +list:x:38:38:Mailing List Manager:/var/list:/bin/sh +irc:x:39:39:ircd:/var/run/ircd:/bin/sh +gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh +nobody:x:65534:65534:nobody:/nonexistent:/bin/sh +Debian-exim:x:102:102::/var/spool/exim4:/bin/false +myuser:x:424242:424242::/home:/bin/bash +testsuite::424243:424243::/home:/bin/bash diff --git a/tests/su/01/config/etc/shadow b/tests/su/01/config/etc/shadow new file mode 100644 index 0000000..038d5cf --- /dev/null +++ b/tests/su/01/config/etc/shadow @@ -0,0 +1,20 @@ +root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: +daemon:*:12977:0:99999:7::: +bin:*:12977:0:99999:7::: +sys:*:12977:0:99999:7::: +sync:*:12977:0:99999:7::: +games:*:12977:0:99999:7::: +man:*:12977:0:99999:7::: +lp:*:12977:0:99999:7::: +mail:*:12977:0:99999:7::: +news:*:12977:0:99999:7::: +uucp:*:12977:0:99999:7::: +proxy:*:12977:0:99999:7::: +www-data:*:12977:0:99999:7::: +backup:*:12977:0:99999:7::: +list:*:12977:0:99999:7::: +irc:*:12977:0:99999:7::: +gnats:*:12977:0:99999:7::: +nobody:*:12977:0:99999:7::: +Debian-exim:!:12977:0:99999:7::: +myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::: diff --git a/tests/su/01/run_su.exp b/tests/su/01/run_su.exp new file mode 100755 index 0000000..2610363 --- /dev/null +++ b/tests/su/01/run_su.exp @@ -0,0 +1,73 @@ +#!/usr/bin/expect + +set timeout 2 +expect_after default {puts "\nFAIL"; exit 1} + +if {$argc != 3} { + puts "usage: run_su.exp <user> <password> <prompt>" + exit 1 +} + +set user [lindex $argv 0] +set password [lindex $argv 1] +set prompt [lindex $argv 2] + +# First, switch to the testsuite user +# (otherwise, no password will be asked) +send_user "# switch to the passwordless 'testsuite' user\n" +send_user "# and expect a '$ ' prompt\n" +spawn /bin/su testsuite + +expect "$ " ;# Wait for the prompt + +send_user "\n# make sure we are now 'testsuite'" +send_user "\n# id should return 'uid=424243(testsuite) gid=424243 groups=424243'" +send "\r" ;# restore the prompt for the logs +send "id\r" ;# Verify we are really testsuite + +expect { + timeout { + puts "\ntimeout...FAIL" + exit 1 + } + "uid=424243(testsuite) gid=424243 groups=424243" +} + +expect "$ " ;# Wait for the prompt + +send_user "\n\n" +send_user "# now switch to user '$user'\n" +send_user "# and expect a password prompt" +send "\r" ;# restore the prompt for the logs +send "su $user\r" ;# Switch to the user +expect "Password: " ;# Wait for the Password: prompt +# Wait a little bit more (su is not ready to receive the password) +sleep 0.1 + +send "$password\r" ;# Send the password + +send_user "\n# password '$password' sent\n\n" +send_user "# expect prompt '$prompt'" + +expect { + # Wait for the new prompt + "$prompt" { + send_user "\n\n# make sure we are '$user'\n" + send_user "# id should return '($user).*($user).*($user)" + send "\r" ;# restore the prompt for the logs + send "id\r" ;# Verify the id + + expect { + -re "\\($user\\).*\\($user\\).*\\($user\\)" { + expect "$prompt" + send "exit\r" + expect "$ " + puts "\nPASS" + exit 0 + } + } + } +} + +puts "\ntimeout...FAIL" +exit 1 diff --git a/tests/su/01/su_root.test b/tests/su/01/su_root.test new file mode 100755 index 0000000..1bc2268 --- /dev/null +++ b/tests/su/01/su_root.test @@ -0,0 +1,25 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "su can be used to switch to root" + + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./run_su.exp root rootF00barbaz '# ' + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + diff --git a/tests/su/01/su_user.test b/tests/su/01/su_user.test new file mode 100755 index 0000000..7fd1f57 --- /dev/null +++ b/tests/su/01/su_user.test @@ -0,0 +1,25 @@ +#!/bin/sh + +set -e + +cd $(dirname $0) + +. ../../common/config.sh +. ../../common/log.sh + +log_start "$0" "su can be used to switch to a non-root user" + + +save_config + +# restore the files on exit +trap 'log_status "$0" "FAILURE"; restore_config' 0 + +change_config + +./run_su.exp myuser myuserF00barbaz '$ ' + +log_status "$0" "SUCCESS" +restore_config +trap '' 0 + |