Menu
▾
▴
audit-test-developer
|
From: Cyril H. <me...@uc...> - 2015-03-25 12:01:15
|
Fixes harmless error messages caused by:
commit 744c093b6f538ac608962a752d8776341cc13174
Author: Jiri Jaburek <jja...@re...>
Date: Mon Dec 10 14:20:04 2012 +0100
utils: make sure testuser/testadmin is not faillocked
Signed-off-by: Cyril Hrubis <me...@uc...>
---
audit-test/utils/run.bash | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/audit-test/utils/run.bash b/audit-test/utils/run.bash
index c3a709f..998040a 100755
--- a/audit-test/utils/run.bash
+++ b/audit-test/utils/run.bash
@@ -271,7 +271,9 @@ function startup {
dmsg "Adding user $TEST_USER"
useradd -g "$TEST_USER" -G wheel -m "$TEST_USER" || die
echo "$TEST_USER_PASSWD" | passwd --stdin $TEST_USER >/dev/null
- faillock --user "$TEST_USER" --reset
+ if command -v faillock > /dev/null; then
+ faillock --user "$TEST_USER" --reset
+ fi
# Add the test user which is in sysadm_r
killall -9 -u "$TEST_ADMIN" &>/dev/null
@@ -286,7 +288,9 @@ function startup {
useradd -g "$TEST_ADMIN" -G wheel -m "$TEST_ADMIN" || die
fi
echo "$TEST_ADMIN_PASSWD" | passwd --stdin $TEST_ADMIN >/dev/null
- faillock --user "$TEST_ADMIN" --reset
+ if command -v faillock > /dev/null; then
+ faillock --user "$TEST_ADMIN" --reset
+ fi
startup_hook
}
--
2.0.5
--
Cyril Hrubis
ch...@su...
|
|
From: Cyril H. <ch...@su...> - 2015-04-02 15:38:08
|
Fixes harmless error messages caused by:
commit 744c093b6f538ac608962a752d8776341cc13174
Author: Jiri Jaburek <jja...@re...>
Date: Mon Dec 10 14:20:04 2012 +0100
utils: make sure testuser/testadmin is not faillocked
Signed-off-by: Cyril Hrubis <ch...@su...>
---
audit-test/utils/run.bash | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/audit-test/utils/run.bash b/audit-test/utils/run.bash
index c3a709f..a1d99ff 100755
--- a/audit-test/utils/run.bash
+++ b/audit-test/utils/run.bash
@@ -271,7 +271,9 @@ function startup {
dmsg "Adding user $TEST_USER"
useradd -g "$TEST_USER" -G wheel -m "$TEST_USER" || die
echo "$TEST_USER_PASSWD" | passwd --stdin $TEST_USER >/dev/null
- faillock --user "$TEST_USER" --reset
+ if which faillock 2>&1 >/dev/null; then
+ faillock --user "$TEST_USER" --reset
+ fi
# Add the test user which is in sysadm_r
killall -9 -u "$TEST_ADMIN" &>/dev/null
@@ -286,7 +288,9 @@ function startup {
useradd -g "$TEST_ADMIN" -G wheel -m "$TEST_ADMIN" || die
fi
echo "$TEST_ADMIN_PASSWD" | passwd --stdin $TEST_ADMIN >/dev/null
- faillock --user "$TEST_ADMIN" --reset
+ if which faillock 2>&1 >/dev/null; then
+ faillock --user "$TEST_ADMIN" --reset
+ fi
startup_hook
}
--
2.0.5
--
Cyril Hrubis
ch...@su...
|
|
From: Linda K. <lin...@hp...> - 2015-04-06 16:37:39
|
This looks ok to me. Miroslav, Jiri, any concern?
-- ljk
On 4/2/2015 11:37 AM, Cyril Hrubis wrote:
> Fixes harmless error messages caused by:
>
> commit 744c093b6f538ac608962a752d8776341cc13174
> Author: Jiri Jaburek <jja...@re...>
> Date: Mon Dec 10 14:20:04 2012 +0100
>
> utils: make sure testuser/testadmin is not faillocked
>
> Signed-off-by: Cyril Hrubis <ch...@su...>
> ---
> audit-test/utils/run.bash | 8 ++++++--
> 1 file changed, 6 insertions(+), 2 deletions(-)
>
> diff --git a/audit-test/utils/run.bash b/audit-test/utils/run.bash
> index c3a709f..a1d99ff 100755
> --- a/audit-test/utils/run.bash
> +++ b/audit-test/utils/run.bash
> @@ -271,7 +271,9 @@ function startup {
> dmsg "Adding user $TEST_USER"
> useradd -g "$TEST_USER" -G wheel -m "$TEST_USER" || die
> echo "$TEST_USER_PASSWD" | passwd --stdin $TEST_USER >/dev/null
> - faillock --user "$TEST_USER" --reset
> + if which faillock 2>&1 >/dev/null; then
> + faillock --user "$TEST_USER" --reset
> + fi
>
> # Add the test user which is in sysadm_r
> killall -9 -u "$TEST_ADMIN" &>/dev/null
> @@ -286,7 +288,9 @@ function startup {
> useradd -g "$TEST_ADMIN" -G wheel -m "$TEST_ADMIN" || die
> fi
> echo "$TEST_ADMIN_PASSWD" | passwd --stdin $TEST_ADMIN >/dev/null
> - faillock --user "$TEST_ADMIN" --reset
> + if which faillock 2>&1 >/dev/null; then
> + faillock --user "$TEST_ADMIN" --reset
> + fi
>
> startup_hook
> }
>
|
|
From: Jiri J. <jja...@re...> - 2015-04-07 12:39:49
|
On 04/06/2015 06:37 PM, Linda Knippers wrote:
> This looks ok to me. Miroslav, Jiri, any concern?
Seems fine to me.
>
> -- ljk
>
> On 4/2/2015 11:37 AM, Cyril Hrubis wrote:
>> Fixes harmless error messages caused by:
>>
>> commit 744c093b6f538ac608962a752d8776341cc13174
>> Author: Jiri Jaburek <jja...@re...>
>> Date: Mon Dec 10 14:20:04 2012 +0100
>>
>> utils: make sure testuser/testadmin is not faillocked
>>
>> Signed-off-by: Cyril Hrubis <ch...@su...>
>> ---
>> audit-test/utils/run.bash | 8 ++++++--
>> 1 file changed, 6 insertions(+), 2 deletions(-)
>>
>> diff --git a/audit-test/utils/run.bash b/audit-test/utils/run.bash
>> index c3a709f..a1d99ff 100755
>> --- a/audit-test/utils/run.bash
>> +++ b/audit-test/utils/run.bash
>> @@ -271,7 +271,9 @@ function startup {
>> dmsg "Adding user $TEST_USER"
>> useradd -g "$TEST_USER" -G wheel -m "$TEST_USER" || die
>> echo "$TEST_USER_PASSWD" | passwd --stdin $TEST_USER >/dev/null
>> - faillock --user "$TEST_USER" --reset
>> + if which faillock 2>&1 >/dev/null; then
>> + faillock --user "$TEST_USER" --reset
>> + fi
>>
>> # Add the test user which is in sysadm_r
>> killall -9 -u "$TEST_ADMIN" &>/dev/null
>> @@ -286,7 +288,9 @@ function startup {
>> useradd -g "$TEST_ADMIN" -G wheel -m "$TEST_ADMIN" || die
>> fi
>> echo "$TEST_ADMIN_PASSWD" | passwd --stdin $TEST_ADMIN >/dev/null
>> - faillock --user "$TEST_ADMIN" --reset
>> + if which faillock 2>&1 >/dev/null; then
>> + faillock --user "$TEST_ADMIN" --reset
>> + fi
>>
>> startup_hook
>> }
>>
>
>
> ------------------------------------------------------------------------------
> BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT
> Develop your own process in accordance with the BPMN 2 standard
> Learn Process modeling best practices with Bonita BPM through live exercises
> http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- event?utm_
> source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF
> _______________________________________________
> Audit-test-developer mailing list
> Aud...@li...
> https://lists.sourceforge.net/lists/listinfo/audit-test-developer
>
|
|
From: Linda K. <lin...@hp...> - 2015-04-07 16:06:51
|
Cyril, thanks for the patch. It has been applied.
-- ljk
On 4/2/2015 11:37 AM, Cyril Hrubis wrote:
> Fixes harmless error messages caused by:
>
> commit 744c093b6f538ac608962a752d8776341cc13174
> Author: Jiri Jaburek <jja...@re...>
> Date: Mon Dec 10 14:20:04 2012 +0100
>
> utils: make sure testuser/testadmin is not faillocked
>
> Signed-off-by: Cyril Hrubis <ch...@su...>
> ---
> audit-test/utils/run.bash | 8 ++++++--
> 1 file changed, 6 insertions(+), 2 deletions(-)
>
> diff --git a/audit-test/utils/run.bash b/audit-test/utils/run.bash
> index c3a709f..a1d99ff 100755
> --- a/audit-test/utils/run.bash
> +++ b/audit-test/utils/run.bash
> @@ -271,7 +271,9 @@ function startup {
> dmsg "Adding user $TEST_USER"
> useradd -g "$TEST_USER" -G wheel -m "$TEST_USER" || die
> echo "$TEST_USER_PASSWD" | passwd --stdin $TEST_USER >/dev/null
> - faillock --user "$TEST_USER" --reset
> + if which faillock 2>&1 >/dev/null; then
> + faillock --user "$TEST_USER" --reset
> + fi
>
> # Add the test user which is in sysadm_r
> killall -9 -u "$TEST_ADMIN" &>/dev/null
> @@ -286,7 +288,9 @@ function startup {
> useradd -g "$TEST_ADMIN" -G wheel -m "$TEST_ADMIN" || die
> fi
> echo "$TEST_ADMIN_PASSWD" | passwd --stdin $TEST_ADMIN >/dev/null
> - faillock --user "$TEST_ADMIN" --reset
> + if which faillock 2>&1 >/dev/null; then
> + faillock --user "$TEST_ADMIN" --reset
> + fi
>
> startup_hook
> }
>
|
|
From: Miroslav V. <mva...@re...> - 2015-03-26 09:26:39
|
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi Cyril,
On 03/25/2015 01:00 PM, Cyril Hrubis wrote:
> Fixes harmless error messages caused by:
Thanks for your patch!
>
> commit 744c093b6f538ac608962a752d8776341cc13174 Author: Jiri Jaburek <jja...@re...>
> Date: Mon Dec 10 14:20:04 2012 +0100
>
> utils: make sure testuser/testadmin is not faillocked
>
> Signed-off-by: Cyril Hrubis <me...@uc...> --- audit-test/utils/run.bash | 8 ++++++-- 1 file
> changed, 6 insertions(+), 2 deletions(-)
>
> diff --git a/audit-test/utils/run.bash b/audit-test/utils/run.bash index c3a709f..998040a
> 100755 --- a/audit-test/utils/run.bash +++ b/audit-test/utils/run.bash @@ -271,7 +271,9 @@
> function startup { dmsg "Adding user $TEST_USER" useradd -g "$TEST_USER" -G wheel -m
> "$TEST_USER" || die echo "$TEST_USER_PASSWD" | passwd --stdin $TEST_USER >/dev/null - faillock
> --user "$TEST_USER" --reset + if command -v faillock > /dev/null; then + faillock --user
> "$TEST_USER" --reset + fi
There will be more places in the suite where you will hit faillock [1]. Would it be possible to
follow up with this patch and fix the remaining stuff also please?
Also we prefer sticking to sh compatibility if possible, would you mind replacing command for
which?
Thanks very much!
Looking forward for additional SUSE patches :)
Best regards,
/M
>
> # Add the test user which is in sysadm_r killall -9 -u "$TEST_ADMIN" &>/dev/null @@ -286,7
> +288,9 @@ function startup { useradd -g "$TEST_ADMIN" -G wheel -m "$TEST_ADMIN" || die fi echo
> "$TEST_ADMIN_PASSWD" | passwd --stdin $TEST_ADMIN >/dev/null - faillock --user
> "$TEST_ADMIN" --reset + if command -v faillock > /dev/null; then + faillock --user
> "$TEST_ADMIN" --reset + fi
>
> startup_hook }
>
[1] $ grep -R faillock .
./audit-test/crypto/tests/test_ssh_multi.bash:# clear faillock at cleanup
./audit-test/crypto/tests/test_ssh_multi.bash:prepend_cleanup "faillock --reset --user $TEST_USER"
./audit-test/crypto/tests/test_ssh_multi.bash:prepend_cleanup "faillock --reset --user $TEST_ADMIN"
./audit-test/crypto/tests/test_ssh_multi.bash:# clear faillock for $TEST_USER
./audit-test/crypto/tests/test_ssh_multi.bash:faillock --reset --user $TEST_USER
./audit-test/libpam/run.conf: + pamfaillock_lock
./audit-test/libpam/run.conf: + pamfaillock_unlock
./audit-test/libpam/tests/test_pamfaillock_lock.bash:# Verify pam_faillock will lock an account
./audit-test/libpam/tests/test_pamfaillock_lock.bash:# make sure faillock is reset for TEST_USER
./audit-test/libpam/tests/test_pamfaillock_lock.bash:/sbin/faillock --user $TEST_USER --reset >
/dev/null || exit_error
./audit-test/libpam/tests/test_pamfaillock_lock.bash:grep -q pam_faillock /etc/pam.d/sshd || grep
- -q pam_faillock /etc/pam.d/password-auth || exit_error
./audit-test/libpam/tests/test_pamfaillock_lock.bash:# Unlike pam_tally2, faillock doesn't have a
- --reset=n option that lets us
./audit-test/libpam/tests/test_pamfaillock_lock.bash:msg_1="pam_faillock
uid=$tuid.*exe=./usr/sbin/sshd.*res=success.*"
./audit-test/libpam/tests/test_pamfaillock_lock.bash:/sbin/faillock --user $TEST_USER --reset >
/dev/null || exit_error
./audit-test/libpam/tests/test_pamfaillock_unlock.bash:# Verify pam_faillock will unlock an account
./audit-test/libpam/tests/test_pamfaillock_unlock.bash:grep -q pam_faillock /etc/pam.d/sshd ||
grep -q pam_faillock /etc/pam.d/password-auth || exit_error
./audit-test/libpam/tests/test_pamfaillock_unlock.bash:# Unlike pam_tally2, faillock doesn't have
a --reset=n option that lets us
./audit-test/libpam/tests/test_pamfaillock_unlock.bash:/sbin/faillock --user $TEST_USER --reset >
/dev/null || exit_error
./audit-test/libpam/tests/test_pamfaillock_unlock.bash:msg_1="faillock reset
uid=$tuid.*exe=./sbin/faillock.*res=success.*"
./audit-test/trustedprograms/tests/utils.plib: `faillock --user '$username' --reset`;
./audit-test/trustedprograms/tests/utils.plib: `faillock --user '$username' --reset`;
./audit-test/trustedprograms/tests/utils.plib: `faillock --user '$username' --reset`;
./audit-test/trustedprograms/tests/utils.plib: `faillock --user '$username' --reset`;
./audit-test/trustedprograms/tests/utils.plib: `faillock --user '$username' --reset`;
./audit-test/utils/envcheck: check "[ -z \"$(faillock | grep -v '^\([^ ]*:\|When\)')\" ]" 0 \
./audit-test/utils/run.bash: faillock --user "$TEST_USER" --reset
./audit-test/utils/run.bash: faillock --user "$TEST_ADMIN" --reset
- --
Miroslav Vadkerti :: Senior Quality Assurance Engineer / RHCSS :: BaseOS QE - Security
Phone +420 532 294 129 :: CR cell +420 776 864 252 :: SR cell +421 904 135 440
IRC mvadkert at #qe #urt #brno #rpmdiff :: GnuPG ID 0x25881087 at pgp.mit.edu
Red Hat s.r.o, Purkyňova 99/71, 612 45, Brno, Czech Republic
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEcBAEBAgAGBQJVE9DDAAoJEBliWhMliBCH0soH/3oH24bkEyAPUnQgymfYQVM6
q7SdTLE9QJi7gt1vP6TFL82UUt7MsTOJElCOove6mtCTVEqnDkhzACs6CQ8Ye9LV
EDRohlZlycD2Al0ZdMJndNlrFaXZJedEX2kuSMW+O6g/WynIx+7HtggErSFp6uMU
Ah5GtwCUE+GWdlsNILcuuj+B3wWPt3oSdEZMk4CrtvLAhiatB3uf/NTxHHKkNCWd
lauDhS7wd/qV42/1jkZmcbQt/g+pUOgdvBY9g3cDmwFxroqBn+bVftdSTAqpaNyU
NnUy8L9ysMRNNUaWlpI5PMkrX6r2JWAg+0cPEzzNUeQ+oDdfiunIlohwSRHYilk=
=MIuf
-----END PGP SIGNATURE-----
|
|
From: Jiri J. <jja...@re...> - 2015-03-26 10:12:27
|
On 03/26/2015 10:26 AM, Miroslav Vadkerti wrote:
>
> There will be more places in the suite where you will hit faillock [1]. Would it be possible to
> follow up with this patch and fix the remaining stuff also please?
>
> Also we prefer sticking to sh compatibility if possible, would you mind replacing command for
> which?
Also if the syntax of if/fi seems too stretched out, feel free to use
ie.
which faillock >/dev/null && faillock --user "$TEST_USER" --reset
>
> [1] $ grep -R faillock .
> ./audit-test/crypto/tests/test_ssh_multi.bash:# clear faillock at cleanup
> ./audit-test/crypto/tests/test_ssh_multi.bash:prepend_cleanup "faillock --reset --user $TEST_USER"
> ./audit-test/crypto/tests/test_ssh_multi.bash:prepend_cleanup "faillock --reset --user $TEST_ADMIN"
> ./audit-test/crypto/tests/test_ssh_multi.bash:# clear faillock for $TEST_USER
> ./audit-test/crypto/tests/test_ssh_multi.bash:faillock --reset --user $TEST_USER
> ./audit-test/libpam/run.conf: + pamfaillock_lock
> ./audit-test/libpam/run.conf: + pamfaillock_unlock
> ./audit-test/libpam/tests/test_pamfaillock_lock.bash:# Verify pam_faillock will lock an account
> ./audit-test/libpam/tests/test_pamfaillock_lock.bash:# make sure faillock is reset for TEST_USER
> ./audit-test/libpam/tests/test_pamfaillock_lock.bash:/sbin/faillock --user $TEST_USER --reset >
> /dev/null || exit_error
> ./audit-test/libpam/tests/test_pamfaillock_lock.bash:grep -q pam_faillock /etc/pam.d/sshd || grep
> -q pam_faillock /etc/pam.d/password-auth || exit_error
> ./audit-test/libpam/tests/test_pamfaillock_lock.bash:# Unlike pam_tally2, faillock doesn't have a
> --reset=n option that lets us
> ./audit-test/libpam/tests/test_pamfaillock_lock.bash:msg_1="pam_faillock
> uid=$tuid.*exe=./usr/sbin/sshd.*res=success.*"
> ./audit-test/libpam/tests/test_pamfaillock_lock.bash:/sbin/faillock --user $TEST_USER --reset >
> /dev/null || exit_error
> ./audit-test/libpam/tests/test_pamfaillock_unlock.bash:# Verify pam_faillock will unlock an account
> ./audit-test/libpam/tests/test_pamfaillock_unlock.bash:grep -q pam_faillock /etc/pam.d/sshd ||
> grep -q pam_faillock /etc/pam.d/password-auth || exit_error
> ./audit-test/libpam/tests/test_pamfaillock_unlock.bash:# Unlike pam_tally2, faillock doesn't have
> a --reset=n option that lets us
> ./audit-test/libpam/tests/test_pamfaillock_unlock.bash:/sbin/faillock --user $TEST_USER --reset >
> /dev/null || exit_error
> ./audit-test/libpam/tests/test_pamfaillock_unlock.bash:msg_1="faillock reset
> uid=$tuid.*exe=./sbin/faillock.*res=success.*"
The faillock tests probably don't need command-level disablement, if
the tests are not suitable for SuSE, please exclude them in run.conf
of the given bucket (libpam) based on $DISTRO (see rules.mk).
> ./audit-test/trustedprograms/tests/utils.plib: `faillock --user '$username' --reset`;
> ./audit-test/trustedprograms/tests/utils.plib: `faillock --user '$username' --reset`;
> ./audit-test/trustedprograms/tests/utils.plib: `faillock --user '$username' --reset`;
> ./audit-test/trustedprograms/tests/utils.plib: `faillock --user '$username' --reset`;
> ./audit-test/trustedprograms/tests/utils.plib: `faillock --user '$username' --reset`;
> ./audit-test/utils/envcheck: check "[ -z \"$(faillock | grep -v '^\([^ ]*:\|When\)')\" ]" 0 \
> ./audit-test/utils/run.bash: faillock --user "$TEST_USER" --reset
> ./audit-test/utils/run.bash: faillock --user "$TEST_ADMIN" --reset
>
Thanks,
Jiri
|
|
From: Cyril H. <me...@uc...> - 2015-04-02 14:34:11
|
Hi! > There will be more places in the suite where you will hit faillock [1]. Would it be possible to > follow up with this patch and fix the remaining stuff also please? I will deal with these once I get to them. I've just starte to work on the testsuite... > Also we prefer sticking to sh compatibility if possible, would you mind replacing command for > which? Will send updated patch soon. BTW for some strange reason mutt mixed up my SUSE email with my personal one. I guess that may have been because the patch was signed with my personal mail by mistake. I will send subsequent patches from my SUSE email account. -- Cyril Hrubis ch...@su... |
Thanks for helping keep SourceForge clean.
X