diff options
Diffstat (limited to 'tests/log/faillog/25_faillog-r-u_removed_user')
9 files changed, 0 insertions, 350 deletions
diff --git a/tests/log/faillog/25_faillog-r-u_removed_user/config.txt b/tests/log/faillog/25_faillog-r-u_removed_user/config.txt deleted file mode 100644 index 1a78b6cd..00000000 --- a/tests/log/faillog/25_faillog-r-u_removed_user/config.txt +++ /dev/null @@ -1 +0,0 @@ -user foo exists, UID 1000 diff --git a/tests/log/faillog/25_faillog-r-u_removed_user/config/etc/group b/tests/log/faillog/25_faillog-r-u_removed_user/config/etc/group deleted file mode 100644 index b6fae894..00000000 --- a/tests/log/faillog/25_faillog-r-u_removed_user/config/etc/group +++ /dev/null @@ -1,42 +0,0 @@ -root:x:0: -daemon:x:1: -bin:x:2: -sys:x:3:root -adm:x:4:root,foo -tty:x:5: -disk:x:6: -lp:x:7:foo,root -mail:x:8: -news:x:9: -uucp:x:10: -man:x:12: -proxy:x:13: -kmem:x:15: -dialout:x:20: -fax:x:21:foo -voice:x:22: -cdrom:x:24: -floppy:x:25:foo -tape:x:26: -sudo:x:27: -audio:x:29: -dip:x:30: -www-data:x:33: -backup:x:34: -operator:x:37: -list:x:38: -irc:x:39: -src:x:40: -gnats:x:41: -shadow:x:42: -utmp:x:43: -video:x:44: -sasl:x:45: -plugdev:x:46: -staff:x:50: -games:x:60: -users:x:100:foo -nogroup:x:65534: -crontab:x:101: -Debian-exim:x:102: -foo:x:1000: diff --git a/tests/log/faillog/25_faillog-r-u_removed_user/config/etc/gshadow b/tests/log/faillog/25_faillog-r-u_removed_user/config/etc/gshadow deleted file mode 100644 index 1f2ba8da..00000000 --- a/tests/log/faillog/25_faillog-r-u_removed_user/config/etc/gshadow +++ /dev/null @@ -1,42 +0,0 @@ -root:*:: -daemon:*:: -bin:*:: -sys:*::root -adm:*::root,foo -tty:*::foo -disk:*:foo: -lp:*::foo,root -mail:*:: -news:*:: -uucp:*:: -man:*:: -proxy:*:: -kmem:*:: -dialout:*:: -fax:*:foo:foo -voice:*:: -cdrom:*:foo:foo -floppy:*::foo -tape:*:: -sudo:*:: -audio:*:: -dip:*:: -www-data:*:: -backup:*:: -operator:*:: -list:*:: -irc:*:: -src:*:: -gnats:*:: -shadow:*:: -utmp:*:: -video:*:: -sasl:*:: -plugdev:*:: -staff:*:: -games:*:: -users:*:: -nogroup:*:: -crontab:x:: -Debian-exim:x:: -foo:*:: diff --git a/tests/log/faillog/25_faillog-r-u_removed_user/config/etc/pam.d/login b/tests/log/faillog/25_faillog-r-u_removed_user/config/etc/pam.d/login deleted file mode 100644 index 54f888d5..00000000 --- a/tests/log/faillog/25_faillog-r-u_removed_user/config/etc/pam.d/login +++ /dev/null @@ -1,111 +0,0 @@ -# -# The PAM configuration file for the Shadow `login' service -# - -# Enforce a minimal delay in case of failure (in microseconds). -# (Replaces the `FAIL_DELAY' setting from login.defs) -# Note that other modules may require another minimal delay. (for example, -# to disable any delay, you should add the nodelay option to pam_unix) -auth optional pam_faildelay.so delay=3000000 - -# Outputs an issue file prior to each login prompt (Replaces the -# ISSUE_FILE option from login.defs). Uncomment for use -# auth required pam_issue.so issue=/etc/issue - -# Disallows root logins except on tty's listed in /etc/securetty -# (Replaces the `CONSOLE' setting from login.defs) -# -# With the default control of this module: -# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] -# root will not be prompted for a password on insecure lines. -# if an invalid username is entered, a password is prompted (but login -# will eventually be rejected) -# -# You can change it to a "requisite" module if you think root may mis-type -# her login and should not be prompted for a password in that case. But -# this will leave the system as vulnerable to user enumeration attacks. -# -# You can change it to a "required" module if you think it permits to -# guess valid user names of your system (invalid user names are considered -# as possibly being root on insecure lines), but root passwords may be -# communicated over insecure lines. -auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so - -# Disallows other than root logins when /etc/nologin exists -# (Replaces the `NOLOGINS_FILE' option from login.defs) -auth requisite pam_nologin.so - -# Added to support faillog -auth required pam_tally.so per_user - - -# SELinux needs to be the first session rule. This ensures that any -# lingering context has been cleared. Without out this it is possible -# that a module could execute code in the wrong domain. -# When the module is present, "required" would be sufficient (When SELinux -# is disabled, this returns success.) -session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close - -# This module parses environment configuration file(s) -# and also allows you to use an extended config -# file /etc/security/pam_env.conf. -# -# parsing /etc/environment needs "readenv=1" -session required pam_env.so readenv=1 -# locale variables are also kept into /etc/default/locale in etch -# reading this file *in addition to /etc/environment* does not hurt -session required pam_env.so readenv=1 envfile=/etc/default/locale - -# Standard Un*x authentication. -@include common-auth - -# This allows certain extra groups to be granted to a user -# based on things like time of day, tty, service, and user. -# Please edit /etc/security/group.conf to fit your needs -# (Replaces the `CONSOLE_GROUPS' option in login.defs) -auth optional pam_group.so - -# Uncomment and edit /etc/security/time.conf if you need to set -# time restrainst on logins. -# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs -# as well as /etc/porttime) -# account requisite pam_time.so - -# Uncomment and edit /etc/security/access.conf if you need to -# set access limits. -# (Replaces /etc/login.access file) -# account required pam_access.so - -# Sets up user limits according to /etc/security/limits.conf -# (Replaces the use of /etc/limits in old login) -session required pam_limits.so - -# Prints the last login info upon succesful login -# (Replaces the `LASTLOG_ENAB' option from login.defs) -session optional pam_lastlog.so - -# Prints the motd upon succesful login -# (Replaces the `MOTD_FILE' option in login.defs) -session optional pam_motd.so - -# Prints the status of the user's mailbox upon succesful login -# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). -# -# This also defines the MAIL environment variable -# However, userdel also needs MAIL_DIR and MAIL_FILE variables -# in /etc/login.defs to make sure that removing a user -# also removes the user's mail spool file. -# See comments in /etc/login.defs -session optional pam_mail.so standard - -# Standard Un*x account and session -@include common-account -@include common-session -@include common-password - -# SELinux needs to intervene at login time to ensure that the process -# starts in the proper default security context. Only sessions which are -# intended to run in the user's context should be run after this. -session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open -# When the module is present, "required" would be sufficient (When SELinux -# is disabled, this returns success.) diff --git a/tests/log/faillog/25_faillog-r-u_removed_user/config/etc/passwd b/tests/log/faillog/25_faillog-r-u_removed_user/config/etc/passwd deleted file mode 100644 index 9d34d3af..00000000 --- a/tests/log/faillog/25_faillog-r-u_removed_user/config/etc/passwd +++ /dev/null @@ -1,22 +0,0 @@ -root:x:0:0:root:/root:/bin/bash -daemon:x:1:1:daemon:/usr/sbin:/bin/sh -bin:x:2:2:bin:/bin:/bin/sh -bar:x:1001:1001::/home/bar:/bin/sh -sys:x:3:3:sys:/dev:/bin/sh -sync:x:4:65534:sync:/bin:/bin/sync -games:x:5:60:games:/usr/games:/bin/sh -man:x:6:12:man:/var/cache/man:/bin/sh -lp:x:7:7:lp:/var/spool/lpd:/bin/sh -mail:x:8:8:mail:/var/mail:/bin/sh -news:x:9:9:news:/var/spool/news:/bin/sh -uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh -proxy:x:13:13:proxy:/bin:/bin/sh -www-data:x:33:33:www-data:/var/www:/bin/sh -backup:x:34:34:backup:/var/backups:/bin/sh -list:x:38:38:Mailing List Manager:/var/list:/bin/sh -irc:x:39:39:ircd:/var/run/ircd:/bin/sh -gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh -nobody:x:65534:65534:nobody:/nonexistent:/bin/sh -Debian-exim:x:102:102::/var/spool/exim4:/bin/false -foo:x:1000:1000::/home/foo:/bin/sh -baz:x:1002:1002::/home/baz:/bin/sh diff --git a/tests/log/faillog/25_faillog-r-u_removed_user/config/etc/shadow b/tests/log/faillog/25_faillog-r-u_removed_user/config/etc/shadow deleted file mode 100644 index 52721ac3..00000000 --- a/tests/log/faillog/25_faillog-r-u_removed_user/config/etc/shadow +++ /dev/null @@ -1,22 +0,0 @@ -root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7::: -daemon:*:12977:0:99999:7::: -bin:*:12977:0:99999:7::: -bar:!:12977:0:99999:7::: -sys:*:12977:0:99999:7::: -sync:*:12977:0:99999:7::: -games:*:12977:0:99999:7::: -man:*:12977:0:99999:7::: -lp:*:12977:0:99999:7::: -mail:*:12977:0:99999:7::: -news:*:12977:0:99999:7::: -uucp:*:12977:0:99999:7::: -proxy:*:12977:0:99999:7::: -www-data:*:12977:0:99999:7::: -backup:*:12977:0:99999:7::: -list:*:12977:0:99999:7::: -irc:*:12977:0:99999:7::: -gnats:*:12977:0:99999:7::: -nobody:*:12977:0:99999:7::: -Debian-exim:!:12977:0:99999:7::: -foo:a:12977:0:99999:7::: -baz:b:12977:0:99999:7::: diff --git a/tests/log/faillog/25_faillog-r-u_removed_user/data/faillog.list b/tests/log/faillog/25_faillog-r-u_removed_user/data/faillog.list deleted file mode 100644 index 1ad3edf7..00000000 --- a/tests/log/faillog/25_faillog-r-u_removed_user/data/faillog.list +++ /dev/null @@ -1,24 +0,0 @@ -Login Failures Maximum - -root 0 0 -daemon 0 0 -bin 0 0 -bar 0 0 -sys 0 0 -sync 0 0 -games 0 0 -man 0 0 -lp 0 0 -mail 0 0 -news 0 0 -uucp 0 0 -proxy 0 0 -www-data 0 0 -backup 0 0 -list 0 0 -irc 0 0 -gnats 0 0 -nobody 0 0 -Debian-exim 0 0 -foo 0 0 -baz 0 0 diff --git a/tests/log/faillog/25_faillog-r-u_removed_user/faillog.test b/tests/log/faillog/25_faillog-r-u_removed_user/faillog.test deleted file mode 100755 index f48435af..00000000 --- a/tests/log/faillog/25_faillog-r-u_removed_user/faillog.test +++ /dev/null @@ -1,60 +0,0 @@ -#!/bin/sh - -set -e - -cd $(dirname $0) - -. ../../../common/config.sh -. ../../../common/log.sh - -log_start "$0" "reports all entry from /var/log/faillog" - -save_config - -# restore the files on exit -trap 'log_status "$0" "FAILURE"; restore_config' 0 - -change_config - -echo -n "Create an empty /var/log/faillog (it will not be restored)..." -> /var/log/faillog -echo "OK" - -echo -n "Trigger a connection as foo..." -./login.exp foo -echo "OK" - -echo -n "Remove user bar from passwd and shadow..." -cp -a /etc/passwd /etc/shadow tmp/ -sed -e '/^foo:/d' -i /etc/passwd -sed -e '/^foo:/d' -i /etc/shadow -echo "OK" - -echo -n "faillog -r -u 1000..." -faillog -r -u 1000 -echo "OK." - -echo -n "Restore user foo..." -mv tmp/passwd tmp/shadow /etc -echo "OK" - -echo -n "faillog..." -faillog -a> tmp/faillog.out -echo "OK." - -echo "faillog :" -echo "=======================================================================" -cat tmp/faillog.out -echo "=======================================================================" - -echo -n "Check the list of logged in users..." -cut -c-28 tmp/faillog.out > tmp/faillog.list -diff -au data/faillog.list tmp/faillog.list -echo "OK." - -rm -f tmp/faillog.out tmp/faillog.list - -log_status "$0" "SUCCESS" -restore_config -trap '' 0 - diff --git a/tests/log/faillog/25_faillog-r-u_removed_user/login.exp b/tests/log/faillog/25_faillog-r-u_removed_user/login.exp deleted file mode 100755 index 5df09032..00000000 --- a/tests/log/faillog/25_faillog-r-u_removed_user/login.exp +++ /dev/null @@ -1,26 +0,0 @@ -#!/usr/bin/expect - -if {$argc == 1} { - set user [lindex $argv 0] -} else { - set user "foo" -} - -set timeout 2 -expect_after default {puts "\nFAIL"; exit 1} - -set timeout 5 -expect_after default {puts "\nFAIL"; exit 1} - -spawn /bin/bash -expect "# " - -send "login $user\r" -expect "Password: " -sleep 0.1 -send "badpass\r" -send_user "\n# password 'badpass' sent\n\n" -expect "login: " - -send "exit\r" -exit 0 |