diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 14:37:38 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 14:37:38 +0000 |
| commit | ae581a19fbe896a797450b9d9573fb66f2735227 (patch) | |
| tree | 56c40be8518a29c9351364d13a9676aa83932dc0 /plugins/sudoers/regress/visudo | |
| parent | Initial commit. (diff) | |
| download | sudo-upstream/1.9.13p3.tar.xz sudo-upstream/1.9.13p3.zip | |
Adding upstream version 1.9.13p3.upstream/1.9.13p3upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
23 files changed, 224 insertions, 0 deletions
diff --git a/plugins/sudoers/regress/visudo/test1.out.ok b/plugins/sudoers/regress/visudo/test1.out.ok new file mode 100644 index 0000000..e5c355c --- /dev/null +++ b/plugins/sudoers/regress/visudo/test1.out.ok @@ -0,0 +1 @@ +stdin: parsed OK diff --git a/plugins/sudoers/regress/visudo/test1.sh b/plugins/sudoers/regress/visudo/test1.sh new file mode 100755 index 0000000..5676eea --- /dev/null +++ b/plugins/sudoers/regress/visudo/test1.sh @@ -0,0 +1,14 @@ +#!/bin/sh +# +# Sudo Bug 519: +# Visudo in strict mode reports "parse error" even if there is no error +# + +: ${VISUDO=visudo} + +$VISUDO -csf - <<EOF +User_Alias FOO = nobody +FOO ALL=(ALL) NOPASSWD: ALL +EOF + +exit 0 diff --git a/plugins/sudoers/regress/visudo/test10.out.ok b/plugins/sudoers/regress/visudo/test10.out.ok new file mode 100644 index 0000000..e5c355c --- /dev/null +++ b/plugins/sudoers/regress/visudo/test10.out.ok @@ -0,0 +1 @@ +stdin: parsed OK diff --git a/plugins/sudoers/regress/visudo/test10.sh b/plugins/sudoers/regress/visudo/test10.sh new file mode 100755 index 0000000..38b7f3e --- /dev/null +++ b/plugins/sudoers/regress/visudo/test10.sh @@ -0,0 +1,13 @@ +#!/bin/sh +# +# Test parsing of NOTBEFORE/NOTAFTER using local time zone +# + +: ${VISUDO=visudo} + +$VISUDO -cf - <<-EOF + user1 ALL = NOTBEFORE=20151201235900 /usr/bin/id + user2 ALL = NOTBEFORE=20151201235900.2 /usr/bin/id + user3 ALL = NOTBEFORE=20151201235900\,2 /usr/bin/id + user4 ALL = NOTBEFORE=2015120123 /usr/bin/id + EOF diff --git a/plugins/sudoers/regress/visudo/test2.err.ok b/plugins/sudoers/regress/visudo/test2.err.ok new file mode 100644 index 0000000..d4b356f --- /dev/null +++ b/plugins/sudoers/regress/visudo/test2.err.ok @@ -0,0 +1 @@ +stdin:1:12: cycle in User_Alias "FOO" diff --git a/plugins/sudoers/regress/visudo/test2.out.ok b/plugins/sudoers/regress/visudo/test2.out.ok new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/plugins/sudoers/regress/visudo/test2.out.ok diff --git a/plugins/sudoers/regress/visudo/test2.sh b/plugins/sudoers/regress/visudo/test2.sh new file mode 100755 index 0000000..8ab2382 --- /dev/null +++ b/plugins/sudoers/regress/visudo/test2.sh @@ -0,0 +1,17 @@ +#!/bin/sh +# +# Test cycle detection +# Prior to sudo 1.8.6p5 this resulted in a core dump (stack smash) +# The names of the aliases (or rather their lexical order) is important. +# + +: ${VISUDO=visudo} + +$VISUDO -csf - <<EOF +User_Alias YYY = FOO +User_Alias XXX = nobody +User_Alias FOO = XXX, YYY +FOO ALL = ALL +EOF + +exit 0 diff --git a/plugins/sudoers/regress/visudo/test3.err.ok b/plugins/sudoers/regress/visudo/test3.err.ok new file mode 100644 index 0000000..38fe9b8 --- /dev/null +++ b/plugins/sudoers/regress/visudo/test3.err.ok @@ -0,0 +1,2 @@ +Warning: stdin:1:12: unused User_Alias "A" +Warning: stdin:2:12: unused User_Alias "B" diff --git a/plugins/sudoers/regress/visudo/test3.out.ok b/plugins/sudoers/regress/visudo/test3.out.ok new file mode 100644 index 0000000..e5c355c --- /dev/null +++ b/plugins/sudoers/regress/visudo/test3.out.ok @@ -0,0 +1 @@ +stdin: parsed OK diff --git a/plugins/sudoers/regress/visudo/test3.sh b/plugins/sudoers/regress/visudo/test3.sh new file mode 100755 index 0000000..d219f56 --- /dev/null +++ b/plugins/sudoers/regress/visudo/test3.sh @@ -0,0 +1,37 @@ +#!/bin/sh +# +# Sudo Bug 361: +# Exercises a bug in the redblack tree code. +# + +: ${VISUDO=visudo} + +$VISUDO -cf - <<EOF +User_Alias A=a +User_Alias B=a +User_Alias C=a +User_Alias D=a +User_Alias E=a +User_Alias F=a +User_Alias G=a +User_Alias H=a +User_Alias I=a +User_Alias J=a +User_Alias K=a +User_Alias L=a +User_Alias M=a + +C ALL=(ALL) ALL +E ALL=(ALL) ALL +J ALL=(ALL) ALL +D ALL=(ALL) ALL +L ALL=(ALL) ALL +H ALL=(ALL) ALL +F ALL=(ALL) ALL +G ALL=(ALL) ALL +M ALL=(ALL) ALL +K ALL=(ALL) ALL +I ALL=(ALL) ALL +EOF + +exit 0 diff --git a/plugins/sudoers/regress/visudo/test4.out.ok b/plugins/sudoers/regress/visudo/test4.out.ok new file mode 100644 index 0000000..e5c355c --- /dev/null +++ b/plugins/sudoers/regress/visudo/test4.out.ok @@ -0,0 +1 @@ +stdin: parsed OK diff --git a/plugins/sudoers/regress/visudo/test4.sh b/plugins/sudoers/regress/visudo/test4.sh new file mode 100755 index 0000000..465b91c --- /dev/null +++ b/plugins/sudoers/regress/visudo/test4.sh @@ -0,0 +1,16 @@ +#!/bin/sh +# +# Test cycle detection and duplicate entries. +# Prior to sudo 1.8.7 this resulted in a false positive. +# + +: ${VISUDO=visudo} + +$VISUDO -csf - <<EOF +Host_Alias H1 = host1 +Host_Alias H2 = H1, host2 +Host_Alias H3 = H1, H2 +root H3 = ALL +EOF + +exit 0 diff --git a/plugins/sudoers/regress/visudo/test5.out.ok b/plugins/sudoers/regress/visudo/test5.out.ok new file mode 100644 index 0000000..e5c355c --- /dev/null +++ b/plugins/sudoers/regress/visudo/test5.out.ok @@ -0,0 +1 @@ +stdin: parsed OK diff --git a/plugins/sudoers/regress/visudo/test5.sh b/plugins/sudoers/regress/visudo/test5.sh new file mode 100755 index 0000000..c870df9 --- /dev/null +++ b/plugins/sudoers/regress/visudo/test5.sh @@ -0,0 +1,10 @@ +#!/bin/sh +# +# Test comment on the last line with no newline +# + +: ${VISUDO=visudo} + +printf "# one comment\n#two comments" | $VISUDO -csf - + +exit 0 diff --git a/plugins/sudoers/regress/visudo/test6.out.ok b/plugins/sudoers/regress/visudo/test6.out.ok new file mode 100644 index 0000000..e5c355c --- /dev/null +++ b/plugins/sudoers/regress/visudo/test6.out.ok @@ -0,0 +1 @@ +stdin: parsed OK diff --git a/plugins/sudoers/regress/visudo/test6.sh b/plugins/sudoers/regress/visudo/test6.sh new file mode 100755 index 0000000..5f7adee --- /dev/null +++ b/plugins/sudoers/regress/visudo/test6.sh @@ -0,0 +1,27 @@ +#!/bin/sh +# +# Verify parsing of Defaults syntax +# + +: ${VISUDO=visudo} + +$VISUDO -csf - <<EOF +Defaults syslog=auth +Defaults>root !set_logname +Defaults:FULLTIMERS !lecture +Defaults:millert !authenticate +Defaults@SERVERS log_year, logfile=/var/log/sudo.log +Defaults!PAGERS noexec + +Defaults env_keep -= "HOME" +Defaults env_keep = "COLORS DISPLAY HOSTNAME HISTSIZE KDEDIR LS_COLORS" +Defaults env_keep += "MAIL PS1 PS2 QTDIR LANG LC_ADDRESS LC_CTYPE" + +User_Alias FULLTIMERS = millert, mikef, dowdy + +Cmnd_Alias PAGERS = /usr/bin/more, /usr/bin/pg, /usr/bin/less + +Host_Alias SERVERS = primary, mail, www, ns +EOF + +exit 0 diff --git a/plugins/sudoers/regress/visudo/test7.out.ok b/plugins/sudoers/regress/visudo/test7.out.ok new file mode 100644 index 0000000..e5c355c --- /dev/null +++ b/plugins/sudoers/regress/visudo/test7.out.ok @@ -0,0 +1 @@ +stdin: parsed OK diff --git a/plugins/sudoers/regress/visudo/test7.sh b/plugins/sudoers/regress/visudo/test7.sh new file mode 100755 index 0000000..b993fe7 --- /dev/null +++ b/plugins/sudoers/regress/visudo/test7.sh @@ -0,0 +1,31 @@ +#!/bin/sh +# +# Test sudoers_locale early Defaults +# + +: ${VISUDO=visudo} + +LANG=C; export LANG +LC_NUMERIC=fr_FR.UTF-8; export LC_NUMERIC + +# First check that visudo supports non-C locales +# Note that older versions of sudo did not set the locale +# until sudoers was read so this check will fail on them. +$VISUDO -csf - >/dev/null 2>&1 <<-EOF + Defaults sudoers_locale = fr_FR.UTF-8 + Defaults passwd_timeout = "2,5" + EOF + +# Now make sure we can set passwd_timeout to a floating point value +# using a non-C locale. +if [ $? -eq 0 ]; then + $VISUDO -csf - <<-EOF + Defaults passwd_timeout = "2,5" + Defaults sudoers_locale = fr_FR.UTF-8 + EOF +else + # No support for LC_NUMERIC? + echo "stdin: parsed OK" +fi + +exit 0 diff --git a/plugins/sudoers/regress/visudo/test8.err.ok b/plugins/sudoers/regress/visudo/test8.err.ok new file mode 100644 index 0000000..3e71f62 --- /dev/null +++ b/plugins/sudoers/regress/visudo/test8.err.ok @@ -0,0 +1 @@ +visudo: stdin:1: value "2.5" is invalid for option "passwd_timeout" diff --git a/plugins/sudoers/regress/visudo/test8.out.ok b/plugins/sudoers/regress/visudo/test8.out.ok new file mode 100644 index 0000000..16ebc45 --- /dev/null +++ b/plugins/sudoers/regress/visudo/test8.out.ok @@ -0,0 +1 @@ +parse error in stdin near line 1 diff --git a/plugins/sudoers/regress/visudo/test8.sh b/plugins/sudoers/regress/visudo/test8.sh new file mode 100755 index 0000000..85bdd9f --- /dev/null +++ b/plugins/sudoers/regress/visudo/test8.sh @@ -0,0 +1,32 @@ +#!/bin/sh +# +# Test sudoers_locale early Defaults +# + +: ${VISUDO=visudo} + +LANG=C; export LANG +LC_NUMERIC=fr_FR.UTF-8; export LC_NUMERIC + +# First check that visudo supports non-C locales +# Note that older versions of sudo did not set the locale +# until sudoers was read so this check will fail on them. +$VISUDO -csf - >/dev/null 2>&1 <<-EOF + Defaults sudoers_locale = fr_FR.UTF-8 + Defaults passwd_timeout = "2,5" + EOF + +# Now make sure we can set passwd_timeout to a floating point value +# using a non-C locale. +if [ $? -eq 0 ]; then + $VISUDO -csf - <<-EOF + Defaults passwd_timeout = "2.5" + Defaults sudoers_locale = fr_FR.UTF-8 + EOF +else + # No support for LC_NUMERIC? + echo "parse error in stdin near line 1" + echo 'visudo: stdin:1: value "2.5" is invalid for option "passwd_timeout"' 1>&2 +fi + +exit 0 diff --git a/plugins/sudoers/regress/visudo/test9.out.ok b/plugins/sudoers/regress/visudo/test9.out.ok new file mode 100644 index 0000000..e5c355c --- /dev/null +++ b/plugins/sudoers/regress/visudo/test9.out.ok @@ -0,0 +1 @@ +stdin: parsed OK diff --git a/plugins/sudoers/regress/visudo/test9.sh b/plugins/sudoers/regress/visudo/test9.sh new file mode 100755 index 0000000..175ad6e --- /dev/null +++ b/plugins/sudoers/regress/visudo/test9.sh @@ -0,0 +1,14 @@ +#!/bin/sh +# +# Test IP and network address in host-based Defaults statements +# Bugzilla #766 +# + +: ${VISUDO=visudo} + +$VISUDO -cf - <<-EOF + Defaults@127.0.0.1 !authenticate + Defaults@10.0.0.0/8 !always_set_home + EOF + +exit 0 |