diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-15 13:14:46 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-15 13:14:46 +0000 |
| commit | 025c439e829e0db9ac511cd9c1b8d5fd53475ead (patch) | |
| tree | fa6986b4690f991613ffb97cea1f6942427baf5d /plugins/sudoers/regress/testsudoers/test28.sh | |
| parent | Initial commit. (diff) | |
| download | sudo-05ae7ad340f23eb918a40c175f781eff7823df3f.tar.xz sudo-05ae7ad340f23eb918a40c175f781eff7823df3f.zip | |
Adding upstream version 1.9.15p5.upstream/1.9.15p5upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'plugins/sudoers/regress/testsudoers/test28.sh')
| -rwxr-xr-x | plugins/sudoers/regress/testsudoers/test28.sh | 99 |
1 files changed, 99 insertions, 0 deletions
diff --git a/plugins/sudoers/regress/testsudoers/test28.sh b/plugins/sudoers/regress/testsudoers/test28.sh new file mode 100755 index 0000000..0465531 --- /dev/null +++ b/plugins/sudoers/regress/testsudoers/test28.sh @@ -0,0 +1,99 @@ +#!/bin/sh +# +# Verify that a rule with an empty Runas user matches correctly. +# + +: ${TESTSUDOERS=testsudoers} + +exec 2>&1 + +status=0 + +echo "This should match the 'ALL=ALL' rule." +$TESTSUDOERS -p ${TESTDIR}/passwd -P ${TESTDIR}/group \ + admin /bin/ls <<'EOF' +admin ALL = ALL +ALL ALL=(:staff) NOPASSWD: ALL +EOF +if [ $? -ne 0 ]; then + status=1 +fi + +echo "" +echo "This should match the 'ALL=ALL' rule." +$TESTSUDOERS -p ${TESTDIR}/passwd -P ${TESTDIR}/group \ + admin /bin/ls <<'EOF' +ALL ALL=(:staff) NOPASSWD: ALL +admin ALL = ALL +EOF +if [ $? -ne 0 ]; then + status=1 +fi + +echo "" +echo "This should match the 'ALL=(:staff) NOPASSWD: ALL' rule." +$TESTSUDOERS -p ${TESTDIR}/passwd -P ${TESTDIR}/group -g staff \ + admin /bin/ls <<'EOF' +admin ALL = ALL +ALL ALL=(:staff) NOPASSWD: ALL +EOF +if [ $? -ne 0 ]; then + status=1 +fi + +echo "" +echo "This should match the 'ALL=(:staff) NOPASSWD: ALL' rule." +$TESTSUDOERS -p ${TESTDIR}/passwd -P ${TESTDIR}/group -g staff \ + admin /bin/ls <<'EOF' +ALL ALL=(:staff) NOPASSWD: ALL +admin ALL = ALL +EOF +if [ $? -ne 0 ]; then + status=1 +fi + +echo "" +echo "This should match the 'ALL=(:staff) NOPASSWD: ALL' rule." +$TESTSUDOERS -p ${TESTDIR}/passwd -P ${TESTDIR}/group -u admin \ + admin /bin/ls <<'EOF' +ALL ALL=(:staff) NOPASSWD: ALL +admin ALL = ALL +EOF +if [ $? -ne 0 ]; then + status=1 +fi + +echo "" +echo "This should match the 'ALL=(:staff) NOPASSWD: ALL' rule." +$TESTSUDOERS -p ${TESTDIR}/passwd -P ${TESTDIR}/group -u admin -g staff \ + admin /bin/ls <<'EOF' +ALL ALL=(:staff) NOPASSWD: ALL +admin ALL = ALL +EOF +if [ $? -ne 0 ]; then + status=1 +fi + +echo "" +echo "This should not match any rules." +$TESTSUDOERS -p ${TESTDIR}/passwd -P ${TESTDIR}/group -g guest \ + admin /bin/ls <<'EOF' +ALL ALL=(:staff) NOPASSWD: ALL +admin ALL = ALL +EOF +if [ $? -eq 0 ]; then + status=1 +fi + +echo "" +echo "This should not match any rules." +$TESTSUDOERS -p ${TESTDIR}/passwd -P ${TESTDIR}/group -u root -g users \ + admin /bin/ls <<'EOF' +ALL ALL=(:users) NOPASSWD: ALL +admin ALL = ALL +EOF +if [ $? -eq 0 ]; then + status=1 +fi + +exit $status |