commit 915c6fac82547757cb85dd50f401690dd2c6622d (HEAD)
Author: Scott Moser <smoser@brickies.net>
Date: Thu Mar 16 16:42:08 2017 -0400
some additional tests
diff --git a/tests/cloud_tests/configs/modules/set_password_list_string.yaml b/tests/cloud_tests/configs/modules/set_password_list_string.yaml
index 2d57e5a..cbb71be 100644
--- a/tests/cloud_tests/configs/modules/set_password_list_string.yaml
+++ b/tests/cloud_tests/configs/modules/set_password_list_string.yaml
@@ -6,21 +6,25 @@ cloud_config: |
ssh_pwauth: yes
users:
- name: tom
- password: $1$xyz$sPMsLNmf66Ohl.ol6JvzE.
+ # md5 gotomgo
+ passwd: "$1$S7$tT1BEDIYrczeryDQJfdPe0"
lock_passwd: false
- name: dick
- password: $1$xyz$sPMsLNmf66Ohl.ol6JvzE.
+ # md5 gocubsgo
+ passwd: "$1$ssisyfpf$YqvuJLfrrW6Cg/l53Pi1n1"
lock_passwd: false
- name: harry
- password: $1$xyz$sPMsLNmf66Ohl.ol6JvzE.
+ # sha512 goharrygo
+ passwd: "$6$LF$9Z2p6rWK6TNC1DC6393ec0As.18KRAvKDbfsGJEdWN3sRQRwpdfoh37EQ3yUh69tP4GSrGW5XKHxMLiKowJgm/"
lock_passwd: false
- name: jane
- password: $1$xyz$sPMsLNmf66Ohl.ol6JvzE.
+ # sha256 gojanego
+ passwd: "$5$iW$XsxmWCdpwIW8Yhv.Jn/R3uk6A4UaicfW5Xp7C9p9pg."
lock_passwd: false
chpasswd:
list: |
tom:mypassword123!
- dick:R
+ dick:RANDOM
harry:RANDOM
collect_scripts:
shadow: |
diff --git a/tests/cloud_tests/testcases/modules/set_password_list_string.py b/tests/cloud_tests/testcases/modules/set_password_list_string.py
index 3787af0..d15377e 100644
--- a/tests/cloud_tests/testcases/modules/set_password_list_string.py
+++ b/tests/cloud_tests/testcases/modules/set_password_list_string.py
@@ -2,20 +2,52 @@
"""cloud-init Integration Test Verify Script"""
from tests.cloud_tests.testcases import base
+import crypt
class TestPasswordListString(base.CloudTestCase):
"""Test password module"""
- # TODO: Verify dick and harry passwords are random
- # TODO: Verify tom's password was changed
+ def test_shadow_passwords(self):
+ shadow = self.get_data_file('shadow')
+ users = {}
+ dupes = []
+ for line in shadow.splitlines():
+ user, encpw = line.split(":")[0:2]
+ if user in users:
+ dupes.append(user)
+ users[user] = encpw
- def test_shadow(self):
+ jane_enc = "$5$iW$XsxmWCdpwIW8Yhv.Jn/R3uk6A4UaicfW5Xp7C9p9pg."
+ self.assertEqual([], dupes)
+ self.assertEqual(jane_enc, users['jane'])
+
+ # shadow entry is $N$salt$, so we encrypt with the same format
+ # and salt and expect the result.
+ tom = "mypassword123!"
+ fmtsalt = users['tom'][0:users['tom'].rfind("$") + 1]
+ tom_enc = crypt.crypt(tom, fmtsalt)
+ self.assertEqual(tom_enc, users['tom'])
+
+ harry_enc = ("$6$LF$9Z2p6rWK6TNC1DC6393ec0As.18KRAvKDbfsG"
+ "JEdWN3sRQRwpdfoh37EQ3yUh69tP4GSrGW5XKHxMLiKowJgm/")
+ dick_enc = "$1$ssisyfpf$YqvuJLfrrW6Cg/l53Pi1n1"
+
+ # these should have been changed to random values.
+ self.assertNotEqual(harry_enc, users['harry'])
+ self.assertTrue(users['harry'].startswith("$"))
+ self.assertNotEqual(dick_enc, users['dick'])
+ self.assertTrue(users['dick'].startswith("$"))
+
+ self.assertNotEqual(users['harry'], users['dick'])
+
+ def test_shadow_expected_users(self):
"""Test every tom, dick, and harry user in shadow"""
out = self.get_data_file('shadow')
self.assertIn('tom:', out)
self.assertIn('dick:', out)
self.assertIn('harry:', out)
+ self.assertIn('jane:', out)
def test_sshd_config(self):
"""Test sshd config allows passwords"""