diff options
Diffstat (limited to 'plugins/sudoers/regress/visudo')
23 files changed, 204 insertions, 0 deletions
diff --git a/plugins/sudoers/regress/visudo/test1.out.ok b/plugins/sudoers/regress/visudo/test1.out.ok new file mode 100644 index 0000000..e5c355c --- /dev/null +++ b/plugins/sudoers/regress/visudo/test1.out.ok @@ -0,0 +1 @@ +stdin: parsed OK diff --git a/plugins/sudoers/regress/visudo/test1.sh b/plugins/sudoers/regress/visudo/test1.sh new file mode 100755 index 0000000..c922e35 --- /dev/null +++ b/plugins/sudoers/regress/visudo/test1.sh @@ -0,0 +1,12 @@ +#!/bin/sh +# +# Sudo Bug 519: +# Visudo in strict mode reports "parse error" even if there is no error +# + +./visudo -csf - <<EOF +User_Alias FOO = nobody +FOO ALL=(ALL) NOPASSWD: ALL +EOF + +exit 0 diff --git a/plugins/sudoers/regress/visudo/test10.out.ok b/plugins/sudoers/regress/visudo/test10.out.ok new file mode 100644 index 0000000..e5c355c --- /dev/null +++ b/plugins/sudoers/regress/visudo/test10.out.ok @@ -0,0 +1 @@ +stdin: parsed OK diff --git a/plugins/sudoers/regress/visudo/test10.sh b/plugins/sudoers/regress/visudo/test10.sh new file mode 100755 index 0000000..ea0ca41 --- /dev/null +++ b/plugins/sudoers/regress/visudo/test10.sh @@ -0,0 +1,11 @@ +#!/bin/sh +# +# Test parsing of NOTBEFORE/NOTAFTER using local time zone +# + +./visudo -cf - <<-EOF + user1 ALL = NOTBEFORE=20151201235900 /usr/bin/id + user2 ALL = NOTBEFORE=20151201235900.2 /usr/bin/id + user3 ALL = NOTBEFORE=20151201235900\,2 /usr/bin/id + user4 ALL = NOTBEFORE=2015120123 /usr/bin/id + EOF diff --git a/plugins/sudoers/regress/visudo/test2.err.ok b/plugins/sudoers/regress/visudo/test2.err.ok new file mode 100644 index 0000000..38189df --- /dev/null +++ b/plugins/sudoers/regress/visudo/test2.err.ok @@ -0,0 +1 @@ +Error: stdin:1 cycle in User_Alias "FOO" diff --git a/plugins/sudoers/regress/visudo/test2.out.ok b/plugins/sudoers/regress/visudo/test2.out.ok new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/plugins/sudoers/regress/visudo/test2.out.ok diff --git a/plugins/sudoers/regress/visudo/test2.sh b/plugins/sudoers/regress/visudo/test2.sh new file mode 100755 index 0000000..41d3711 --- /dev/null +++ b/plugins/sudoers/regress/visudo/test2.sh @@ -0,0 +1,15 @@ +#!/bin/sh +# +# Test cycle detection +# Prior to sudo 1.8.6p5 this resulted in a core dump (stack smash) +# The names of the aliases (or rather their lexical order) is important. +# + +./visudo -csf - <<EOF +User_Alias YYY = FOO +User_Alias XXX = nobody +User_Alias FOO = XXX, YYY +FOO ALL = ALL +EOF + +exit 0 diff --git a/plugins/sudoers/regress/visudo/test3.err.ok b/plugins/sudoers/regress/visudo/test3.err.ok new file mode 100644 index 0000000..8390f86 --- /dev/null +++ b/plugins/sudoers/regress/visudo/test3.err.ok @@ -0,0 +1,2 @@ +Warning: stdin:1 unused User_Alias "A" +Warning: stdin:2 unused User_Alias "B" diff --git a/plugins/sudoers/regress/visudo/test3.out.ok b/plugins/sudoers/regress/visudo/test3.out.ok new file mode 100644 index 0000000..e5c355c --- /dev/null +++ b/plugins/sudoers/regress/visudo/test3.out.ok @@ -0,0 +1 @@ +stdin: parsed OK diff --git a/plugins/sudoers/regress/visudo/test3.sh b/plugins/sudoers/regress/visudo/test3.sh new file mode 100755 index 0000000..b316e9f --- /dev/null +++ b/plugins/sudoers/regress/visudo/test3.sh @@ -0,0 +1,35 @@ +#!/bin/sh +# +# Sudo Bug 361: +# Excerises a bug in the redblack tree code. +# + +./visudo -cf - <<EOF +User_Alias A=a +User_Alias B=a +User_Alias C=a +User_Alias D=a +User_Alias E=a +User_Alias F=a +User_Alias G=a +User_Alias H=a +User_Alias I=a +User_Alias J=a +User_Alias K=a +User_Alias L=a +User_Alias M=a + +C ALL=(ALL) ALL +E ALL=(ALL) ALL +J ALL=(ALL) ALL +D ALL=(ALL) ALL +L ALL=(ALL) ALL +H ALL=(ALL) ALL +F ALL=(ALL) ALL +G ALL=(ALL) ALL +M ALL=(ALL) ALL +K ALL=(ALL) ALL +I ALL=(ALL) ALL +EOF + +exit 0 diff --git a/plugins/sudoers/regress/visudo/test4.out.ok b/plugins/sudoers/regress/visudo/test4.out.ok new file mode 100644 index 0000000..e5c355c --- /dev/null +++ b/plugins/sudoers/regress/visudo/test4.out.ok @@ -0,0 +1 @@ +stdin: parsed OK diff --git a/plugins/sudoers/regress/visudo/test4.sh b/plugins/sudoers/regress/visudo/test4.sh new file mode 100755 index 0000000..6f66b66 --- /dev/null +++ b/plugins/sudoers/regress/visudo/test4.sh @@ -0,0 +1,14 @@ +#!/bin/sh +# +# Test cycle detection and duplicate entries. +# Prior to sudo 1.8.7 this resulted in a false positive. +# + +./visudo -csf - <<EOF +Host_Alias H1 = host1 +Host_Alias H2 = H1, host2 +Host_Alias H3 = H1, H2 +root H3 = ALL +EOF + +exit 0 diff --git a/plugins/sudoers/regress/visudo/test5.out.ok b/plugins/sudoers/regress/visudo/test5.out.ok new file mode 100644 index 0000000..e5c355c --- /dev/null +++ b/plugins/sudoers/regress/visudo/test5.out.ok @@ -0,0 +1 @@ +stdin: parsed OK diff --git a/plugins/sudoers/regress/visudo/test5.sh b/plugins/sudoers/regress/visudo/test5.sh new file mode 100755 index 0000000..29364ea --- /dev/null +++ b/plugins/sudoers/regress/visudo/test5.sh @@ -0,0 +1,8 @@ +#!/bin/sh +# +# Test comment on the last line with no newline +# + +printf "# one comment\n#two comments" | ./visudo -csf - + +exit 0 diff --git a/plugins/sudoers/regress/visudo/test6.out.ok b/plugins/sudoers/regress/visudo/test6.out.ok new file mode 100644 index 0000000..e5c355c --- /dev/null +++ b/plugins/sudoers/regress/visudo/test6.out.ok @@ -0,0 +1 @@ +stdin: parsed OK diff --git a/plugins/sudoers/regress/visudo/test6.sh b/plugins/sudoers/regress/visudo/test6.sh new file mode 100755 index 0000000..596f5a1 --- /dev/null +++ b/plugins/sudoers/regress/visudo/test6.sh @@ -0,0 +1,25 @@ +#!/bin/sh +# +# Verify parsing of Defaults syntax +# + +./visudo -csf - <<EOF +Defaults syslog=auth +Defaults>root !set_logname +Defaults:FULLTIMERS !lecture +Defaults:millert !authenticate +Defaults@SERVERS log_year, logfile=/var/log/sudo.log +Defaults!PAGERS noexec + +Defaults env_keep -= "HOME" +Defaults env_keep = "COLORS DISPLAY HOSTNAME HISTSIZE KDEDIR LS_COLORS" +Defaults env_keep += "MAIL PS1 PS2 QTDIR LANG LC_ADDRESS LC_CTYPE" + +User_Alias FULLTIMERS = millert, mikef, dowdy + +Cmnd_Alias PAGERS = /usr/bin/more, /usr/bin/pg, /usr/bin/less + +Host_Alias SERVERS = master, mail, www, ns +EOF + +exit 0 diff --git a/plugins/sudoers/regress/visudo/test7.out.ok b/plugins/sudoers/regress/visudo/test7.out.ok new file mode 100644 index 0000000..e5c355c --- /dev/null +++ b/plugins/sudoers/regress/visudo/test7.out.ok @@ -0,0 +1 @@ +stdin: parsed OK diff --git a/plugins/sudoers/regress/visudo/test7.sh b/plugins/sudoers/regress/visudo/test7.sh new file mode 100755 index 0000000..9f30923 --- /dev/null +++ b/plugins/sudoers/regress/visudo/test7.sh @@ -0,0 +1,29 @@ +#!/bin/sh +# +# Test sudoers_locale early Defaults +# + +LANG=C; export LANG +LC_NUMERIC=fr_FR.UTF-8; export LC_NUMERIC + +# First check that visudo supports non-C locales +# Note that older versions of sudo did not set the locale +# until sudoers was read so this check will fail on them. +./visudo -csf - >/dev/null 2>&1 <<-EOF + Defaults sudoers_locale = fr_FR.UTF-8 + Defaults passwd_timeout = "2,5" + EOF + +# Now make sure we can set passwd_timeout to a floating point value +# using a non-C locale. +if [ $? -eq 0 ]; then + ./visudo -csf - <<-EOF + Defaults passwd_timeout = "2,5" + Defaults sudoers_locale = fr_FR.UTF-8 + EOF +else + # No support for LC_NUMERIC? + echo "stdin: parsed OK" +fi + +exit 0 diff --git a/plugins/sudoers/regress/visudo/test8.err.ok b/plugins/sudoers/regress/visudo/test8.err.ok new file mode 100644 index 0000000..e8a2b18 --- /dev/null +++ b/plugins/sudoers/regress/visudo/test8.err.ok @@ -0,0 +1 @@ +visudo: stdin:1 value "2.5" is invalid for option "passwd_timeout" diff --git a/plugins/sudoers/regress/visudo/test8.out.ok b/plugins/sudoers/regress/visudo/test8.out.ok new file mode 100644 index 0000000..16ebc45 --- /dev/null +++ b/plugins/sudoers/regress/visudo/test8.out.ok @@ -0,0 +1 @@ +parse error in stdin near line 1 diff --git a/plugins/sudoers/regress/visudo/test8.sh b/plugins/sudoers/regress/visudo/test8.sh new file mode 100755 index 0000000..6674a55 --- /dev/null +++ b/plugins/sudoers/regress/visudo/test8.sh @@ -0,0 +1,30 @@ +#!/bin/sh +# +# Test sudoers_locale early Defaults +# + +LANG=C; export LANG +LC_NUMERIC=fr_FR.UTF-8; export LC_NUMERIC + +# First check that visudo supports non-C locales +# Note that older versions of sudo did not set the locale +# until sudoers was read so this check will fail on them. +./visudo -csf - >/dev/null 2>&1 <<-EOF + Defaults sudoers_locale = fr_FR.UTF-8 + Defaults passwd_timeout = "2,5" + EOF + +# Now make sure we can set passwd_timeout to a floating point value +# using a non-C locale. +if [ $? -eq 0 ]; then + ./visudo -csf - <<-EOF + Defaults passwd_timeout = "2.5" + Defaults sudoers_locale = fr_FR.UTF-8 + EOF +else + # No support for LC_NUMERIC? + echo "parse error in stdin near line 1" + echo 'visudo: stdin:1 value "2.5" is invalid for option "passwd_timeout"' 1>&2 +fi + +exit 0 diff --git a/plugins/sudoers/regress/visudo/test9.out.ok b/plugins/sudoers/regress/visudo/test9.out.ok new file mode 100644 index 0000000..e5c355c --- /dev/null +++ b/plugins/sudoers/regress/visudo/test9.out.ok @@ -0,0 +1 @@ +stdin: parsed OK diff --git a/plugins/sudoers/regress/visudo/test9.sh b/plugins/sudoers/regress/visudo/test9.sh new file mode 100755 index 0000000..d62fb88 --- /dev/null +++ b/plugins/sudoers/regress/visudo/test9.sh @@ -0,0 +1,12 @@ +#!/bin/sh +# +# Test IP and network address in host-based Defaults statements +# Bugzilla #766 +# + +./visudo -cf - <<-EOF + Defaults@127.0.0.1 !authenticate + Defaults@10.0.0.0/8 !always_set_home + EOF + +exit 0 |