summaryrefslogtreecommitdiffstats
path: root/plugins/sudoers/regress/visudo
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-06 02:23:56 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-06 02:23:56 +0000
commit9620f76a210d9d8c1aaff25e99d6dc513f87e6e9 (patch)
treeceecc90fb95780872c35da764c5163f38e4727c4 /plugins/sudoers/regress/visudo
parentInitial commit. (diff)
downloadsudo-upstream.tar.xz
sudo-upstream.zip
Adding upstream version 1.8.27.upstream/1.8.27upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'plugins/sudoers/regress/visudo')
-rw-r--r--plugins/sudoers/regress/visudo/test1.out.ok1
-rwxr-xr-xplugins/sudoers/regress/visudo/test1.sh12
-rw-r--r--plugins/sudoers/regress/visudo/test10.out.ok1
-rwxr-xr-xplugins/sudoers/regress/visudo/test10.sh11
-rw-r--r--plugins/sudoers/regress/visudo/test2.err.ok1
-rw-r--r--plugins/sudoers/regress/visudo/test2.out.ok0
-rwxr-xr-xplugins/sudoers/regress/visudo/test2.sh15
-rw-r--r--plugins/sudoers/regress/visudo/test3.err.ok2
-rw-r--r--plugins/sudoers/regress/visudo/test3.out.ok1
-rwxr-xr-xplugins/sudoers/regress/visudo/test3.sh35
-rw-r--r--plugins/sudoers/regress/visudo/test4.out.ok1
-rwxr-xr-xplugins/sudoers/regress/visudo/test4.sh14
-rw-r--r--plugins/sudoers/regress/visudo/test5.out.ok1
-rwxr-xr-xplugins/sudoers/regress/visudo/test5.sh8
-rw-r--r--plugins/sudoers/regress/visudo/test6.out.ok1
-rwxr-xr-xplugins/sudoers/regress/visudo/test6.sh25
-rw-r--r--plugins/sudoers/regress/visudo/test7.out.ok1
-rwxr-xr-xplugins/sudoers/regress/visudo/test7.sh29
-rw-r--r--plugins/sudoers/regress/visudo/test8.err.ok1
-rw-r--r--plugins/sudoers/regress/visudo/test8.out.ok1
-rwxr-xr-xplugins/sudoers/regress/visudo/test8.sh30
-rw-r--r--plugins/sudoers/regress/visudo/test9.out.ok1
-rwxr-xr-xplugins/sudoers/regress/visudo/test9.sh12
23 files changed, 204 insertions, 0 deletions
diff --git a/plugins/sudoers/regress/visudo/test1.out.ok b/plugins/sudoers/regress/visudo/test1.out.ok
new file mode 100644
index 0000000..e5c355c
--- /dev/null
+++ b/plugins/sudoers/regress/visudo/test1.out.ok
@@ -0,0 +1 @@
+stdin: parsed OK
diff --git a/plugins/sudoers/regress/visudo/test1.sh b/plugins/sudoers/regress/visudo/test1.sh
new file mode 100755
index 0000000..c922e35
--- /dev/null
+++ b/plugins/sudoers/regress/visudo/test1.sh
@@ -0,0 +1,12 @@
+#!/bin/sh
+#
+# Sudo Bug 519:
+# Visudo in strict mode reports "parse error" even if there is no error
+#
+
+./visudo -csf - <<EOF
+User_Alias FOO = nobody
+FOO ALL=(ALL) NOPASSWD: ALL
+EOF
+
+exit 0
diff --git a/plugins/sudoers/regress/visudo/test10.out.ok b/plugins/sudoers/regress/visudo/test10.out.ok
new file mode 100644
index 0000000..e5c355c
--- /dev/null
+++ b/plugins/sudoers/regress/visudo/test10.out.ok
@@ -0,0 +1 @@
+stdin: parsed OK
diff --git a/plugins/sudoers/regress/visudo/test10.sh b/plugins/sudoers/regress/visudo/test10.sh
new file mode 100755
index 0000000..ea0ca41
--- /dev/null
+++ b/plugins/sudoers/regress/visudo/test10.sh
@@ -0,0 +1,11 @@
+#!/bin/sh
+#
+# Test parsing of NOTBEFORE/NOTAFTER using local time zone
+#
+
+./visudo -cf - <<-EOF
+ user1 ALL = NOTBEFORE=20151201235900 /usr/bin/id
+ user2 ALL = NOTBEFORE=20151201235900.2 /usr/bin/id
+ user3 ALL = NOTBEFORE=20151201235900\,2 /usr/bin/id
+ user4 ALL = NOTBEFORE=2015120123 /usr/bin/id
+ EOF
diff --git a/plugins/sudoers/regress/visudo/test2.err.ok b/plugins/sudoers/regress/visudo/test2.err.ok
new file mode 100644
index 0000000..38189df
--- /dev/null
+++ b/plugins/sudoers/regress/visudo/test2.err.ok
@@ -0,0 +1 @@
+Error: stdin:1 cycle in User_Alias "FOO"
diff --git a/plugins/sudoers/regress/visudo/test2.out.ok b/plugins/sudoers/regress/visudo/test2.out.ok
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/plugins/sudoers/regress/visudo/test2.out.ok
diff --git a/plugins/sudoers/regress/visudo/test2.sh b/plugins/sudoers/regress/visudo/test2.sh
new file mode 100755
index 0000000..41d3711
--- /dev/null
+++ b/plugins/sudoers/regress/visudo/test2.sh
@@ -0,0 +1,15 @@
+#!/bin/sh
+#
+# Test cycle detection
+# Prior to sudo 1.8.6p5 this resulted in a core dump (stack smash)
+# The names of the aliases (or rather their lexical order) is important.
+#
+
+./visudo -csf - <<EOF
+User_Alias YYY = FOO
+User_Alias XXX = nobody
+User_Alias FOO = XXX, YYY
+FOO ALL = ALL
+EOF
+
+exit 0
diff --git a/plugins/sudoers/regress/visudo/test3.err.ok b/plugins/sudoers/regress/visudo/test3.err.ok
new file mode 100644
index 0000000..8390f86
--- /dev/null
+++ b/plugins/sudoers/regress/visudo/test3.err.ok
@@ -0,0 +1,2 @@
+Warning: stdin:1 unused User_Alias "A"
+Warning: stdin:2 unused User_Alias "B"
diff --git a/plugins/sudoers/regress/visudo/test3.out.ok b/plugins/sudoers/regress/visudo/test3.out.ok
new file mode 100644
index 0000000..e5c355c
--- /dev/null
+++ b/plugins/sudoers/regress/visudo/test3.out.ok
@@ -0,0 +1 @@
+stdin: parsed OK
diff --git a/plugins/sudoers/regress/visudo/test3.sh b/plugins/sudoers/regress/visudo/test3.sh
new file mode 100755
index 0000000..b316e9f
--- /dev/null
+++ b/plugins/sudoers/regress/visudo/test3.sh
@@ -0,0 +1,35 @@
+#!/bin/sh
+#
+# Sudo Bug 361:
+# Excerises a bug in the redblack tree code.
+#
+
+./visudo -cf - <<EOF
+User_Alias A=a
+User_Alias B=a
+User_Alias C=a
+User_Alias D=a
+User_Alias E=a
+User_Alias F=a
+User_Alias G=a
+User_Alias H=a
+User_Alias I=a
+User_Alias J=a
+User_Alias K=a
+User_Alias L=a
+User_Alias M=a
+
+C ALL=(ALL) ALL
+E ALL=(ALL) ALL
+J ALL=(ALL) ALL
+D ALL=(ALL) ALL
+L ALL=(ALL) ALL
+H ALL=(ALL) ALL
+F ALL=(ALL) ALL
+G ALL=(ALL) ALL
+M ALL=(ALL) ALL
+K ALL=(ALL) ALL
+I ALL=(ALL) ALL
+EOF
+
+exit 0
diff --git a/plugins/sudoers/regress/visudo/test4.out.ok b/plugins/sudoers/regress/visudo/test4.out.ok
new file mode 100644
index 0000000..e5c355c
--- /dev/null
+++ b/plugins/sudoers/regress/visudo/test4.out.ok
@@ -0,0 +1 @@
+stdin: parsed OK
diff --git a/plugins/sudoers/regress/visudo/test4.sh b/plugins/sudoers/regress/visudo/test4.sh
new file mode 100755
index 0000000..6f66b66
--- /dev/null
+++ b/plugins/sudoers/regress/visudo/test4.sh
@@ -0,0 +1,14 @@
+#!/bin/sh
+#
+# Test cycle detection and duplicate entries.
+# Prior to sudo 1.8.7 this resulted in a false positive.
+#
+
+./visudo -csf - <<EOF
+Host_Alias H1 = host1
+Host_Alias H2 = H1, host2
+Host_Alias H3 = H1, H2
+root H3 = ALL
+EOF
+
+exit 0
diff --git a/plugins/sudoers/regress/visudo/test5.out.ok b/plugins/sudoers/regress/visudo/test5.out.ok
new file mode 100644
index 0000000..e5c355c
--- /dev/null
+++ b/plugins/sudoers/regress/visudo/test5.out.ok
@@ -0,0 +1 @@
+stdin: parsed OK
diff --git a/plugins/sudoers/regress/visudo/test5.sh b/plugins/sudoers/regress/visudo/test5.sh
new file mode 100755
index 0000000..29364ea
--- /dev/null
+++ b/plugins/sudoers/regress/visudo/test5.sh
@@ -0,0 +1,8 @@
+#!/bin/sh
+#
+# Test comment on the last line with no newline
+#
+
+printf "# one comment\n#two comments" | ./visudo -csf -
+
+exit 0
diff --git a/plugins/sudoers/regress/visudo/test6.out.ok b/plugins/sudoers/regress/visudo/test6.out.ok
new file mode 100644
index 0000000..e5c355c
--- /dev/null
+++ b/plugins/sudoers/regress/visudo/test6.out.ok
@@ -0,0 +1 @@
+stdin: parsed OK
diff --git a/plugins/sudoers/regress/visudo/test6.sh b/plugins/sudoers/regress/visudo/test6.sh
new file mode 100755
index 0000000..596f5a1
--- /dev/null
+++ b/plugins/sudoers/regress/visudo/test6.sh
@@ -0,0 +1,25 @@
+#!/bin/sh
+#
+# Verify parsing of Defaults syntax
+#
+
+./visudo -csf - <<EOF
+Defaults syslog=auth
+Defaults>root !set_logname
+Defaults:FULLTIMERS !lecture
+Defaults:millert !authenticate
+Defaults@SERVERS log_year, logfile=/var/log/sudo.log
+Defaults!PAGERS noexec
+
+Defaults env_keep -= "HOME"
+Defaults env_keep = "COLORS DISPLAY HOSTNAME HISTSIZE KDEDIR LS_COLORS"
+Defaults env_keep += "MAIL PS1 PS2 QTDIR LANG LC_ADDRESS LC_CTYPE"
+
+User_Alias FULLTIMERS = millert, mikef, dowdy
+
+Cmnd_Alias PAGERS = /usr/bin/more, /usr/bin/pg, /usr/bin/less
+
+Host_Alias SERVERS = master, mail, www, ns
+EOF
+
+exit 0
diff --git a/plugins/sudoers/regress/visudo/test7.out.ok b/plugins/sudoers/regress/visudo/test7.out.ok
new file mode 100644
index 0000000..e5c355c
--- /dev/null
+++ b/plugins/sudoers/regress/visudo/test7.out.ok
@@ -0,0 +1 @@
+stdin: parsed OK
diff --git a/plugins/sudoers/regress/visudo/test7.sh b/plugins/sudoers/regress/visudo/test7.sh
new file mode 100755
index 0000000..9f30923
--- /dev/null
+++ b/plugins/sudoers/regress/visudo/test7.sh
@@ -0,0 +1,29 @@
+#!/bin/sh
+#
+# Test sudoers_locale early Defaults
+#
+
+LANG=C; export LANG
+LC_NUMERIC=fr_FR.UTF-8; export LC_NUMERIC
+
+# First check that visudo supports non-C locales
+# Note that older versions of sudo did not set the locale
+# until sudoers was read so this check will fail on them.
+./visudo -csf - >/dev/null 2>&1 <<-EOF
+ Defaults sudoers_locale = fr_FR.UTF-8
+ Defaults passwd_timeout = "2,5"
+ EOF
+
+# Now make sure we can set passwd_timeout to a floating point value
+# using a non-C locale.
+if [ $? -eq 0 ]; then
+ ./visudo -csf - <<-EOF
+ Defaults passwd_timeout = "2,5"
+ Defaults sudoers_locale = fr_FR.UTF-8
+ EOF
+else
+ # No support for LC_NUMERIC?
+ echo "stdin: parsed OK"
+fi
+
+exit 0
diff --git a/plugins/sudoers/regress/visudo/test8.err.ok b/plugins/sudoers/regress/visudo/test8.err.ok
new file mode 100644
index 0000000..e8a2b18
--- /dev/null
+++ b/plugins/sudoers/regress/visudo/test8.err.ok
@@ -0,0 +1 @@
+visudo: stdin:1 value "2.5" is invalid for option "passwd_timeout"
diff --git a/plugins/sudoers/regress/visudo/test8.out.ok b/plugins/sudoers/regress/visudo/test8.out.ok
new file mode 100644
index 0000000..16ebc45
--- /dev/null
+++ b/plugins/sudoers/regress/visudo/test8.out.ok
@@ -0,0 +1 @@
+parse error in stdin near line 1
diff --git a/plugins/sudoers/regress/visudo/test8.sh b/plugins/sudoers/regress/visudo/test8.sh
new file mode 100755
index 0000000..6674a55
--- /dev/null
+++ b/plugins/sudoers/regress/visudo/test8.sh
@@ -0,0 +1,30 @@
+#!/bin/sh
+#
+# Test sudoers_locale early Defaults
+#
+
+LANG=C; export LANG
+LC_NUMERIC=fr_FR.UTF-8; export LC_NUMERIC
+
+# First check that visudo supports non-C locales
+# Note that older versions of sudo did not set the locale
+# until sudoers was read so this check will fail on them.
+./visudo -csf - >/dev/null 2>&1 <<-EOF
+ Defaults sudoers_locale = fr_FR.UTF-8
+ Defaults passwd_timeout = "2,5"
+ EOF
+
+# Now make sure we can set passwd_timeout to a floating point value
+# using a non-C locale.
+if [ $? -eq 0 ]; then
+ ./visudo -csf - <<-EOF
+ Defaults passwd_timeout = "2.5"
+ Defaults sudoers_locale = fr_FR.UTF-8
+ EOF
+else
+ # No support for LC_NUMERIC?
+ echo "parse error in stdin near line 1"
+ echo 'visudo: stdin:1 value "2.5" is invalid for option "passwd_timeout"' 1>&2
+fi
+
+exit 0
diff --git a/plugins/sudoers/regress/visudo/test9.out.ok b/plugins/sudoers/regress/visudo/test9.out.ok
new file mode 100644
index 0000000..e5c355c
--- /dev/null
+++ b/plugins/sudoers/regress/visudo/test9.out.ok
@@ -0,0 +1 @@
+stdin: parsed OK
diff --git a/plugins/sudoers/regress/visudo/test9.sh b/plugins/sudoers/regress/visudo/test9.sh
new file mode 100755
index 0000000..d62fb88
--- /dev/null
+++ b/plugins/sudoers/regress/visudo/test9.sh
@@ -0,0 +1,12 @@
+#!/bin/sh
+#
+# Test IP and network address in host-based Defaults statements
+# Bugzilla #766
+#
+
+./visudo -cf - <<-EOF
+ Defaults@127.0.0.1 !authenticate
+ Defaults@10.0.0.0/8 !always_set_home
+ EOF
+
+exit 0