diff options
Diffstat (limited to 'xtests')
-rw-r--r-- | xtests/Makefile.am | 4 | ||||
-rw-r--r-- | xtests/Makefile.in | 41 | ||||
-rwxr-xr-x | xtests/run-xtests.sh | 27 | ||||
-rw-r--r-- | xtests/shells.conf | 3 | ||||
-rw-r--r-- | xtests/tst-pam_shells.c | 68 | ||||
-rw-r--r-- | xtests/tst-pam_shells.pamd | 2 | ||||
-rwxr-xr-x | xtests/tst-pam_shells.sh | 11 |
7 files changed, 141 insertions, 15 deletions
diff --git a/xtests/Makefile.am b/xtests/Makefile.am index 70f8441e..acf97469 100644 --- a/xtests/Makefile.am +++ b/xtests/Makefile.am @@ -25,6 +25,7 @@ EXTRA_DIST = run-xtests.sh tst-pam_dispatch1.pamd tst-pam_dispatch2.pamd \ tst-pam_succeed_if1.pamd tst-pam_succeed_if1.sh \ group.conf tst-pam_group1.pamd tst-pam_group1.sh \ tst-pam_authfail.pamd tst-pam_authsucceed.pamd \ + tst-pam_shells.pamd shells.conf tst-pam_shells.sh \ tst-pam_substack1.pamd tst-pam_substack1a.pamd tst-pam_substack1.sh \ tst-pam_substack2.pamd tst-pam_substack2a.pamd tst-pam_substack2.sh \ tst-pam_substack3.pamd tst-pam_substack3a.pamd tst-pam_substack3.sh \ @@ -43,7 +44,8 @@ XTESTS = tst-pam_dispatch1 tst-pam_dispatch2 tst-pam_dispatch3 \ tst-pam_access1 tst-pam_access2 tst-pam_access3 \ tst-pam_access4 tst-pam_limits1 tst-pam_succeed_if1 \ tst-pam_group1 tst-pam_authfail tst-pam_authsucceed \ - tst-pam_pwhistory1 tst-pam_time1 tst-pam_motd + tst-pam_pwhistory1 tst-pam_time1 tst-pam_motd \ + tst-pam_shells NOSRCTESTS = tst-pam_substack1 tst-pam_substack2 tst-pam_substack3 \ tst-pam_substack4 tst-pam_substack5 tst-pam_assemble_line1 diff --git a/xtests/Makefile.in b/xtests/Makefile.in index 4f69baee..e82d05a9 100644 --- a/xtests/Makefile.in +++ b/xtests/Makefile.in @@ -126,7 +126,7 @@ am__EXEEXT_1 = tst-pam_dispatch1$(EXEEXT) tst-pam_dispatch2$(EXEEXT) \ tst-pam_succeed_if1$(EXEEXT) tst-pam_group1$(EXEEXT) \ tst-pam_authfail$(EXEEXT) tst-pam_authsucceed$(EXEEXT) \ tst-pam_pwhistory1$(EXEEXT) tst-pam_time1$(EXEEXT) \ - tst-pam_motd$(EXEEXT) + tst-pam_motd$(EXEEXT) tst-pam_shells$(EXEEXT) tst_pam_access1_SOURCES = tst-pam_access1.c tst_pam_access1_OBJECTS = tst-pam_access1.$(OBJEXT) tst_pam_access1_LDADD = $(LDADD) @@ -206,6 +206,11 @@ tst_pam_pwhistory1_OBJECTS = tst-pam_pwhistory1.$(OBJEXT) tst_pam_pwhistory1_LDADD = $(LDADD) tst_pam_pwhistory1_DEPENDENCIES = $(top_builddir)/libpam/libpam.la \ $(top_builddir)/libpam_misc/libpam_misc.la +tst_pam_shells_SOURCES = tst-pam_shells.c +tst_pam_shells_OBJECTS = tst-pam_shells.$(OBJEXT) +tst_pam_shells_LDADD = $(LDADD) +tst_pam_shells_DEPENDENCIES = $(top_builddir)/libpam/libpam.la \ + $(top_builddir)/libpam_misc/libpam_misc.la tst_pam_succeed_if1_SOURCES = tst-pam_succeed_if1.c tst_pam_succeed_if1_OBJECTS = tst-pam_succeed_if1.$(OBJEXT) tst_pam_succeed_if1_LDADD = $(LDADD) @@ -262,6 +267,7 @@ am__depfiles_remade = ./$(DEPDIR)/tst-pam_access1.Po \ ./$(DEPDIR)/tst-pam_dispatch5.Po ./$(DEPDIR)/tst-pam_group1.Po \ ./$(DEPDIR)/tst-pam_limits1.Po ./$(DEPDIR)/tst-pam_motd.Po \ ./$(DEPDIR)/tst-pam_pwhistory1.Po \ + ./$(DEPDIR)/tst-pam_shells.Po \ ./$(DEPDIR)/tst-pam_succeed_if1.Po \ ./$(DEPDIR)/tst-pam_time1.Po ./$(DEPDIR)/tst-pam_unix1.Po \ ./$(DEPDIR)/tst-pam_unix2.Po ./$(DEPDIR)/tst-pam_unix3.Po \ @@ -290,15 +296,17 @@ SOURCES = tst-pam_access1.c tst-pam_access2.c tst-pam_access3.c \ tst-pam_dispatch1.c tst-pam_dispatch2.c tst-pam_dispatch3.c \ tst-pam_dispatch4.c tst-pam_dispatch5.c tst-pam_group1.c \ tst-pam_limits1.c tst-pam_motd.c tst-pam_pwhistory1.c \ - tst-pam_succeed_if1.c tst-pam_time1.c tst-pam_unix1.c \ - tst-pam_unix2.c tst-pam_unix3.c tst-pam_unix4.c + tst-pam_shells.c tst-pam_succeed_if1.c tst-pam_time1.c \ + tst-pam_unix1.c tst-pam_unix2.c tst-pam_unix3.c \ + tst-pam_unix4.c DIST_SOURCES = tst-pam_access1.c tst-pam_access2.c tst-pam_access3.c \ tst-pam_access4.c tst-pam_authfail.c tst-pam_authsucceed.c \ tst-pam_dispatch1.c tst-pam_dispatch2.c tst-pam_dispatch3.c \ tst-pam_dispatch4.c tst-pam_dispatch5.c tst-pam_group1.c \ tst-pam_limits1.c tst-pam_motd.c tst-pam_pwhistory1.c \ - tst-pam_succeed_if1.c tst-pam_time1.c tst-pam_unix1.c \ - tst-pam_unix2.c tst-pam_unix3.c tst-pam_unix4.c + tst-pam_shells.c tst-pam_succeed_if1.c tst-pam_time1.c \ + tst-pam_unix1.c tst-pam_unix2.c tst-pam_unix3.c \ + tst-pam_unix4.c am__can_run_installinfo = \ case $$AM_UPDATE_INFO_DIR in \ n|no|NO) false;; \ @@ -351,6 +359,7 @@ CYGPATH_W = @CYGPATH_W@ DEFS = @DEFS@ DEPDIR = @DEPDIR@ DLLTOOL = @DLLTOOL@ +DOCBOOK_RNG = @DOCBOOK_RNG@ DSYMUTIL = @DSYMUTIL@ DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ @@ -363,11 +372,13 @@ EXEEXT = @EXEEXT@ EXE_CFLAGS = @EXE_CFLAGS@ EXE_LDFLAGS = @EXE_LDFLAGS@ FGREP = @FGREP@ +FILECMD = @FILECMD@ FO2PDF = @FO2PDF@ GETTEXT_MACRO_VERSION = @GETTEXT_MACRO_VERSION@ GMSGFMT = @GMSGFMT@ GMSGFMT_015 = @GMSGFMT_015@ GREP = @GREP@ +HTML_STYLESHEET = @HTML_STYLESHEET@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ @@ -399,12 +410,14 @@ LIBSELINUX = @LIBSELINUX@ LIBTOOL = @LIBTOOL@ LIPO = @LIPO@ LN_S = @LN_S@ +LOGIND_CFLAGS = @LOGIND_CFLAGS@ LTLIBICONV = @LTLIBICONV@ LTLIBINTL = @LTLIBINTL@ LTLIBOBJS = @LTLIBOBJS@ LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@ MAKEINFO = @MAKEINFO@ MANIFEST_TOOL = @MANIFEST_TOOL@ +MAN_STYLESHEET = @MAN_STYLESHEET@ MKDIR_P = @MKDIR_P@ MSGFMT = @MSGFMT@ MSGFMT_015 = @MSGFMT_015@ @@ -427,6 +440,7 @@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ +PDF_STYLESHEET = @PDF_STYLESHEET@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ @@ -437,12 +451,16 @@ SECUREDIR = @SECUREDIR@ SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ -STRINGPARAM_HMAC = @STRINGPARAM_HMAC@ +STRINGPARAM_PROFILECONDITIONS = @STRINGPARAM_PROFILECONDITIONS@ STRINGPARAM_VENDORDIR = @STRINGPARAM_VENDORDIR@ STRIP = @STRIP@ +SYSTEMD_CFLAGS = @SYSTEMD_CFLAGS@ +SYSTEMD_LIBS = @SYSTEMD_LIBS@ TIRPC_CFLAGS = @TIRPC_CFLAGS@ TIRPC_LIBS = @TIRPC_LIBS@ +TXT_STYLESHEET = @TXT_STYLESHEET@ USE_NLS = @USE_NLS@ +VENDOR_SCONFIGDIR = @VENDOR_SCONFIGDIR@ VERSION = @VERSION@ WARN_CFLAGS = @WARN_CFLAGS@ XGETTEXT = @XGETTEXT@ @@ -531,6 +549,7 @@ EXTRA_DIST = run-xtests.sh tst-pam_dispatch1.pamd tst-pam_dispatch2.pamd \ tst-pam_succeed_if1.pamd tst-pam_succeed_if1.sh \ group.conf tst-pam_group1.pamd tst-pam_group1.sh \ tst-pam_authfail.pamd tst-pam_authsucceed.pamd \ + tst-pam_shells.pamd shells.conf tst-pam_shells.sh \ tst-pam_substack1.pamd tst-pam_substack1a.pamd tst-pam_substack1.sh \ tst-pam_substack2.pamd tst-pam_substack2a.pamd tst-pam_substack2.sh \ tst-pam_substack3.pamd tst-pam_substack3a.pamd tst-pam_substack3.sh \ @@ -549,7 +568,8 @@ XTESTS = tst-pam_dispatch1 tst-pam_dispatch2 tst-pam_dispatch3 \ tst-pam_access1 tst-pam_access2 tst-pam_access3 \ tst-pam_access4 tst-pam_limits1 tst-pam_succeed_if1 \ tst-pam_group1 tst-pam_authfail tst-pam_authsucceed \ - tst-pam_pwhistory1 tst-pam_time1 tst-pam_motd + tst-pam_pwhistory1 tst-pam_time1 tst-pam_motd \ + tst-pam_shells NOSRCTESTS = tst-pam_substack1 tst-pam_substack2 tst-pam_substack3 \ tst-pam_substack4 tst-pam_substack5 tst-pam_assemble_line1 @@ -648,6 +668,10 @@ tst-pam_pwhistory1$(EXEEXT): $(tst_pam_pwhistory1_OBJECTS) $(tst_pam_pwhistory1_ @rm -f tst-pam_pwhistory1$(EXEEXT) $(AM_V_CCLD)$(LINK) $(tst_pam_pwhistory1_OBJECTS) $(tst_pam_pwhistory1_LDADD) $(LIBS) +tst-pam_shells$(EXEEXT): $(tst_pam_shells_OBJECTS) $(tst_pam_shells_DEPENDENCIES) $(EXTRA_tst_pam_shells_DEPENDENCIES) + @rm -f tst-pam_shells$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(tst_pam_shells_OBJECTS) $(tst_pam_shells_LDADD) $(LIBS) + tst-pam_succeed_if1$(EXEEXT): $(tst_pam_succeed_if1_OBJECTS) $(tst_pam_succeed_if1_DEPENDENCIES) $(EXTRA_tst_pam_succeed_if1_DEPENDENCIES) @rm -f tst-pam_succeed_if1$(EXEEXT) $(AM_V_CCLD)$(LINK) $(tst_pam_succeed_if1_OBJECTS) $(tst_pam_succeed_if1_LDADD) $(LIBS) @@ -693,6 +717,7 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tst-pam_limits1.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tst-pam_motd.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tst-pam_pwhistory1.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tst-pam_shells.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tst-pam_succeed_if1.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tst-pam_time1.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tst-pam_unix1.Po@am__quote@ # am--include-marker @@ -873,6 +898,7 @@ distclean: distclean-am -rm -f ./$(DEPDIR)/tst-pam_limits1.Po -rm -f ./$(DEPDIR)/tst-pam_motd.Po -rm -f ./$(DEPDIR)/tst-pam_pwhistory1.Po + -rm -f ./$(DEPDIR)/tst-pam_shells.Po -rm -f ./$(DEPDIR)/tst-pam_succeed_if1.Po -rm -f ./$(DEPDIR)/tst-pam_time1.Po -rm -f ./$(DEPDIR)/tst-pam_unix1.Po @@ -939,6 +965,7 @@ maintainer-clean: maintainer-clean-am -rm -f ./$(DEPDIR)/tst-pam_limits1.Po -rm -f ./$(DEPDIR)/tst-pam_motd.Po -rm -f ./$(DEPDIR)/tst-pam_pwhistory1.Po + -rm -f ./$(DEPDIR)/tst-pam_shells.Po -rm -f ./$(DEPDIR)/tst-pam_succeed_if1.Po -rm -f ./$(DEPDIR)/tst-pam_time1.Po -rm -f ./$(DEPDIR)/tst-pam_unix1.Po diff --git a/xtests/run-xtests.sh b/xtests/run-xtests.sh index 14f585d9..e580e0ab 100755 --- a/xtests/run-xtests.sh +++ b/xtests/run-xtests.sh @@ -18,10 +18,16 @@ all=0 mkdir -p /etc/security for config in access.conf group.conf time.conf limits.conf ; do - cp /etc/security/$config /etc/security/$config-pam-xtests + [ -f "/etc/security/$config" ] && + mv /etc/security/$config /etc/security/$config-pam-xtests install -m 644 "${SRCDIR}"/$config /etc/security/$config done -mv /etc/security/opasswd /etc/security/opasswd-pam-xtests +[ -f /etc/shells ] && + mv /etc/shells /etc/shells-pam-xtests +install -m 644 "${SRCDIR}"/shells.conf /etc/shells + +[ -f /etc/security/opasswd ] && + mv /etc/security/opasswd /etc/security/opasswd-pam-xtests for testname in $XTESTS ; do for cfg in "${SRCDIR}"/$testname*.pamd ; do @@ -47,11 +53,18 @@ for testname in $XTESTS ; do all=`expr $all + 1` rm -f /etc/pam.d/$testname* done -mv /etc/security/access.conf-pam-xtests /etc/security/access.conf -mv /etc/security/group.conf-pam-xtests /etc/security/group.conf -mv /etc/security/time.conf-pam-xtests /etc/security/time.conf -mv /etc/security/limits.conf-pam-xtests /etc/security/limits.conf -mv /etc/security/opasswd-pam-xtests /etc/security/opasswd + +for config in access.conf group.conf time.conf limits.conf opasswd ; do + if [ -f "/etc/security/$config-pam-xtests" ]; then + mv /etc/security/$config-pam-xtests /etc/security/$config + else + rm -f /etc/security/$config + fi +done + +[ -f "/etc/shells-pam-xtests" ] && + mv /etc/shells-pam-xtests /etc/shells + if test "$failed" -ne 0; then echo "===================" echo "$failed of $all tests failed" diff --git a/xtests/shells.conf b/xtests/shells.conf new file mode 100644 index 00000000..74776e68 --- /dev/null +++ b/xtests/shells.conf @@ -0,0 +1,3 @@ +/bin/ash +/bin/testbash +/bin/csh diff --git a/xtests/tst-pam_shells.c b/xtests/tst-pam_shells.c new file mode 100644 index 00000000..b6ba938e --- /dev/null +++ b/xtests/tst-pam_shells.c @@ -0,0 +1,68 @@ +/* + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, and the entire permission notice in its entirety, + * including the disclaimer of warranties. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote + * products derived from this software without specific prior + * written permission. + * + * ALTERNATIVELY, this product may be distributed under the terms of + * the GNU Public License, in which case the provisions of the GPL are + * required INSTEAD OF the above restrictions. (This clause is + * necessary due to a potential bad interaction between the GPL and + * the restrictions contained in a BSD-style copyright.) + * + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED + * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +/* + test case: + + shells.conf: + /bin/testbash + +*/ + +#include "test_assert.h" + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <security/pam_appl.h> + +static struct pam_conv conv; + +int +main(void) +{ + pam_handle_t *pamh = NULL; + int retval; + + // /bin/testbash is defined in shell definition file(s) + ASSERT_EQ(PAM_SUCCESS, pam_start("tst-pam_shells", "tstpamshells", &conv, &pamh)); + ASSERT_EQ(PAM_SUCCESS, retval=pam_authenticate (pamh, 0)); + ASSERT_EQ(PAM_SUCCESS, pam_end (pamh,retval)); + + // /bin/testnoshell is not defined in shell definition file(s) + ASSERT_EQ(PAM_SUCCESS, pam_start("tst-pam_shells", "tstnoshell", &conv, &pamh)); + ASSERT_EQ(PAM_AUTH_ERR, retval=pam_authenticate (pamh, 0)); + ASSERT_EQ(PAM_SUCCESS, pam_end (pamh,retval)); + + return 0; +} diff --git a/xtests/tst-pam_shells.pamd b/xtests/tst-pam_shells.pamd new file mode 100644 index 00000000..6ad4f319 --- /dev/null +++ b/xtests/tst-pam_shells.pamd @@ -0,0 +1,2 @@ +#%PAM-1.0 +auth required pam_shells.so diff --git a/xtests/tst-pam_shells.sh b/xtests/tst-pam_shells.sh new file mode 100755 index 00000000..5093f689 --- /dev/null +++ b/xtests/tst-pam_shells.sh @@ -0,0 +1,11 @@ +#!/bin/sh + +/usr/sbin/groupadd tstpamshells1 +/usr/sbin/useradd -s /bin/testbash -G tstpamshells1 -p '!!' tstpamshells +/usr/sbin/useradd -s /bin/testnoshell -G tstpamshells1 -p '!!' tstnoshell +./tst-pam_shells +RET=$? +/usr/sbin/userdel -r tstpamshells 2> /dev/null +/usr/sbin/userdel -r tstnoshell 2> /dev/null +/usr/sbin/groupdel tstpamshells1 2> /dev/null +exit $RET |