Skip to content
Snippets Groups Projects

Compare revisions

Changes are shown as if the source revision was being merged into the target revision. Learn more about comparing revisions.

Source

Select target project
No results found

Target

Select target project
  • mika/sssd
  • guillem/debian-pkg-sssd
  • john.veitch/sssd
  • jgullberg/sssd
  • gioele/sssd
  • oktay454/sssd
  • sergiodj/sssd
  • 3v1n0/sssd
  • jfalk-guest/sssd
  • sathieu/sssd
  • dpward/sssd
  • sssd-team/sssd
  • ahasenack/sssd
  • jbicha/sssd
  • yrro-guest/sssd
15 results
Show changes
Commits on Source (2)
  • Sergio Durigan Junior's avatar
    Improve certificate/smartcard dep8 tests. · a41e9387
    Sergio Durigan Junior authored
    - d/t/control: Don't depend on "needs-sudo" restriction, since the
      tests don't really use "sudo" selectively but rather rely on a normal
      user being setup as a side effect of "needs-sudo".  Instead, we can
      use "needs-root".
    
    - d/t/sssd-smart-card-pam-auth-configs-tester.sh,
      d/t/sssd-softhism2-certificates-tests.sh: Use
      "${AUTOPKGTEST_NORMAL_USER}" instead of "$SUDO_USER".
    a41e9387
  • Sergio Durigan Junior's avatar
    changelog for 2.9.2-2 · ceec671e
    Sergio Durigan Junior authored
    ceec671e
sssd (2.9.2-2) UNRELEASED; urgency=medium
* Improve certificate/smartcard dep8 tests.
- d/t/control: Don't depend on "needs-sudo" restriction, since the
tests don't really use "sudo" selectively but rather rely on a normal
user being setup as a side effect of "needs-sudo". Instead, we can
use "needs-root".
- d/t/sssd-smart-card-pam-auth-configs-tester.sh,
d/t/sssd-softhism2-certificates-tests.sh: Use
"${AUTOPKGTEST_NORMAL_USER}" instead of "$SUDO_USER".
-- Sergio Durigan Junior <sergiodj@debian.org> Wed, 17 Jan 2024 20:23:32 -0500
sssd (2.9.2-1) unstable; urgency=medium
[ Timo Aaltonen ]
......
......@@ -6,9 +6,7 @@ Tests: ldap-user-group-krb5-auth
Depends: @, slapd, ldap-utils, openssl, expect, lsb-release, krb5-user, krb5-admin-server, krb5-kdc
Restrictions: isolation-container, needs-root, allow-stderr
Test-Command: sudo
bash debian/tests/sssd-softhism2-certificates-tests.sh
Features: test-name=sssd-softhism2-certificates-tests
Tests: sssd-softhism2-certificates-tests.sh
Depends: bash,
gnutls-bin,
openssl,
......@@ -16,10 +14,10 @@ Depends: bash,
softhsm2,
sssd,
util-linux
Restrictions: needs-sudo,
Restrictions: needs-root,
allow-stderr
Test-Command: sudo env
Test-Command: env
OFFLINE_MODE=1
bash debian/tests/sssd-smart-card-pam-auth-configs-tester.sh
Features: test-name=sssd-smart-card-pam-auth-configs
......@@ -34,6 +32,6 @@ Depends: bash,
util-linux
Restrictions: breaks-testbed,
isolation-container,
needs-sudo,
needs-root,
allow-stderr
......@@ -11,6 +11,11 @@
set -xe
if [ -z "${AUTOPKGTEST_NORMAL_USER}" ]; then
adduser --quiet --disable-password _sssduser
AUTOPKGTEST_NORMAL_USER="_sssduser"
fi
export DEBIAN_FRONTEND=noninteractive
required_tools=(
......@@ -25,11 +30,6 @@ if [[ ! -v OFFLINE_MODE ]]; then
)
fi
if [ "$(id -u)" != 0 ] || [ -z "$SUDO_USER" ]; then
echo "This tool requires sudo!"
exit 2
fi
for cmd in "${required_tools[@]}"; do
if ! command -v "$cmd" > /dev/null; then
echo "Tool $cmd missing"
......@@ -138,15 +138,15 @@ find "$tmpdir" -type f -exec chmod 666 {} \;
backup_file /etc/sssd/sssd.conf
rm -f /etc/sssd/sssd.conf
user_home="$(runuser -u "$SUDO_USER" -- sh -c 'echo ~')"
user_home="$(runuser -u "${AUTOPKGTEST_NORMAL_USER}" -- sh -c 'echo ~')"
mkdir -p "$user_home"
chown "$SUDO_USER:$SUDO_USER" "$user_home"
chown "${AUTOPKGTEST_NORMAL_USER}:${AUTOPKGTEST_NORMAL_USER}" "$user_home"
user_config="$(runuser -u "$SUDO_USER" -- sh -c 'echo ${XDG_CONFIG_HOME:-~/.config}')"
user_config="$(runuser -u "${AUTOPKGTEST_NORMAL_USER}" -- sh -c 'echo ${XDG_CONFIG_HOME:-~/.config}')"
system_config="/etc"
softhsm2_conf_paths=(
"$SUDO_USER:$user_config/softhsm2/softhsm2.conf"
"${AUTOPKGTEST_NORMAL_USER}:$user_config/softhsm2/softhsm2.conf"
"root:$system_config/softhsm/softhsm2.conf"
)
......@@ -173,7 +173,7 @@ enable_files_domain = True
services = pam
#certificate_verification = $verification_options
[certmap/implicit_files/$SUDO_USER]
[certmap/implicit_files/${AUTOPKGTEST_NORMAL_USER}]
matchrule = <SUBJECT>.*Test Organization.*
[pam]
......@@ -205,18 +205,18 @@ EOF
pam-auth-update --enable "$alternative" || return 2
cat /etc/pam.d/common-auth
echo -n -e "$PIN" | runuser -u "$SUDO_USER" -- \
pamtester -v "$pam_service" "$SUDO_USER" authenticate || return 2
echo -n -e "$PIN" | runuser -u "$SUDO_USER" -- \
echo -n -e "$PIN" | runuser -u "${AUTOPKGTEST_NORMAL_USER}" -- \
pamtester -v "$pam_service" "${AUTOPKGTEST_NORMAL_USER}" authenticate || return 2
echo -n -e "$PIN" | runuser -u "${AUTOPKGTEST_NORMAL_USER}" -- \
pamtester -v "$pam_service" "" authenticate || return 2
if echo -n -e "wrong${PIN}" | runuser -u "$SUDO_USER" -- \
pamtester -v "$pam_service" "$SUDO_USER" authenticate; then
if echo -n -e "wrong${PIN}" | runuser -u "${AUTOPKGTEST_NORMAL_USER}" -- \
pamtester -v "$pam_service" "${AUTOPKGTEST_NORMAL_USER}" authenticate; then
echo "Unexpected pass!"
return 2
fi
if echo -n -e "wrong${PIN}" | runuser -u "$SUDO_USER" -- \
if echo -n -e "wrong${PIN}" | runuser -u "${AUTOPKGTEST_NORMAL_USER}" -- \
pamtester -v "$pam_service" "" authenticate; then
echo "Unexpected pass!"
return 2
......
......@@ -7,6 +7,11 @@
# Used to verify p11_child usage in SSSD.
set -xe
if [ -z "${AUTOPKGTEST_NORMAL_USER}" ]; then
adduser --quiet --disable-password _sssduser
AUTOPKGTEST_NORMAL_USER="_sssduser"
fi
required_tools=(
p11tool # debian package: gnutls-bin
openssl # debian package: openssl
......