2014-06-20 19:06:47 +00:00
|
|
|
# -*- coding: utf-8 -*-
|
|
|
|
'''
|
2014-06-24 18:12:17 +00:00
|
|
|
tests.integration.shell.auth
|
|
|
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
2014-06-20 19:06:47 +00:00
|
|
|
'''
|
|
|
|
|
|
|
|
# Import python libs
|
|
|
|
import os
|
2014-07-02 22:28:36 +00:00
|
|
|
import pwd
|
|
|
|
import random
|
2014-06-20 19:06:47 +00:00
|
|
|
|
|
|
|
# Import Salt Testing libs
|
2014-06-24 18:12:17 +00:00
|
|
|
from salttesting.helpers import (
|
|
|
|
ensure_in_syspath,
|
2014-07-01 00:01:38 +00:00
|
|
|
destructiveTest)
|
2014-06-20 19:06:47 +00:00
|
|
|
ensure_in_syspath('../../')
|
|
|
|
|
|
|
|
# Import salt libs
|
|
|
|
import integration
|
|
|
|
|
2014-06-23 21:36:21 +00:00
|
|
|
from salttesting import skipIf
|
|
|
|
|
2014-06-24 18:12:17 +00:00
|
|
|
|
|
|
|
class AuthTest(integration.ShellCase):
|
|
|
|
'''
|
|
|
|
Test auth mechanisms
|
|
|
|
'''
|
2014-06-20 19:06:47 +00:00
|
|
|
|
|
|
|
_call_binary_ = 'salt'
|
|
|
|
|
2014-06-23 21:36:21 +00:00
|
|
|
is_root = os.geteuid() != 0
|
|
|
|
|
2014-06-24 18:12:17 +00:00
|
|
|
@destructiveTest
|
2014-06-23 21:36:21 +00:00
|
|
|
@skipIf(is_root, 'You must be logged in as root to run this test')
|
2014-07-01 22:38:30 +00:00
|
|
|
def setUp(self):
|
|
|
|
# This is a little wasteful but shouldn't be a problem
|
2014-07-01 23:04:16 +00:00
|
|
|
try:
|
|
|
|
pwd.getpwnam('saltdev')
|
|
|
|
except KeyError:
|
|
|
|
self.run_call('user.add saltdev createhome=False')
|
2014-07-01 22:38:30 +00:00
|
|
|
|
2014-06-23 21:36:21 +00:00
|
|
|
def test_pam_auth_valid_user(self):
|
2014-06-20 19:06:47 +00:00
|
|
|
'''
|
2014-06-23 21:36:21 +00:00
|
|
|
test pam auth mechanism is working with a valid user
|
|
|
|
'''
|
2014-06-24 18:12:17 +00:00
|
|
|
alphabet = ('abcdefghijklmnopqrstuvwxyz'
|
|
|
|
'0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ')
|
|
|
|
self.password = ''
|
|
|
|
# generate password
|
|
|
|
for _ in range(20):
|
|
|
|
next_index = random.randrange(len(alphabet))
|
|
|
|
self.password = self.password + alphabet[next_index]
|
|
|
|
|
|
|
|
# hash the password
|
|
|
|
from salt.utils.pycrypto import gen_hash
|
|
|
|
|
|
|
|
pwd = gen_hash('salt', self.password, 'sha512')
|
|
|
|
self.run_call("shadow.set_password saltdev '{0}'".format(pwd))
|
|
|
|
cmd = ('-a pam "*"'
|
|
|
|
' test.ping --username {0}'
|
|
|
|
' --password {1}'.format('saltdev', self.password))
|
|
|
|
|
2014-06-23 21:36:21 +00:00
|
|
|
resp = self.run_salt(cmd)
|
|
|
|
self.assertTrue(
|
|
|
|
'minion:' in resp
|
|
|
|
)
|
|
|
|
|
|
|
|
def test_pam_auth_invalid_user(self):
|
2014-06-20 19:06:47 +00:00
|
|
|
'''
|
2014-06-23 21:36:21 +00:00
|
|
|
test pam auth mechanism errors for an invalid user
|
|
|
|
'''
|
2014-06-24 18:12:17 +00:00
|
|
|
cmd = ('-a pam'
|
|
|
|
' * test.ping --username nouser'
|
|
|
|
' --password {0}'.format('abcd1234'))
|
2014-06-23 21:36:21 +00:00
|
|
|
resp = self.run_salt(cmd)
|
|
|
|
self.assertTrue(
|
|
|
|
'Failed to authenticate' in ''.join(resp)
|
|
|
|
)
|
|
|
|
|
2014-07-01 23:04:16 +00:00
|
|
|
@destructiveTest
|
|
|
|
@skipIf(is_root, 'You must be logged in as root to run this test')
|
|
|
|
def test_zzzz_tearDown(self):
|
|
|
|
if pwd.getpwnam('saltdev'):
|
|
|
|
self.run_call('user.delete saltdev')
|
|
|
|
|
2014-07-02 22:29:40 +00:00
|
|
|
|
2014-06-20 19:06:47 +00:00
|
|
|
if __name__ == '__main__':
|
|
|
|
from integration import run_tests
|
|
|
|
run_tests(AuthTest)
|