|
Iain Douglas |
756e5d |
#!/bin/bash
|
|
Iain Douglas |
756e5d |
# Author: Iain Douglas <centos@1n6.org.uk>
|
|
Iain Douglas |
756e5d |
#
|
|
Iain Douglas |
756e5d |
|
|
Iain Douglas |
756e5d |
function ExitFail {
|
|
Iain Douglas |
756e5d |
t_Log "FAIL"
|
|
Iain Douglas |
756e5d |
exit $FAIL
|
|
Iain Douglas |
756e5d |
}
|
|
Iain Douglas |
756e5d |
|
|
Iain Douglas |
756e5d |
t_Log "Runing $0 - normal user password tests"
|
|
Iain Douglas |
756e5d |
# Check that the passtest user cannot use the root only options
|
|
Iain Douglas |
756e5d |
|
|
Iain Douglas |
756e5d |
t_Log "Checking a normal user cannot use root options"
|
|
Iain Douglas |
756e5d |
|
|
Iain Douglas |
756e5d |
su passtest -c "passwd -l passtest" &>/dev/null && ExitFail
|
|
Iain Douglas |
756e5d |
su passtest -c "passwd -u passtest" &>/dev/null && ExitFail
|
|
Iain Douglas |
756e5d |
su passtest -c "passwd -e passtest" &>/dev/null && ExitFail
|
|
Iain Douglas |
756e5d |
su passtest -c "passwd -n 10 passtest" &>/dev/null && ExitFail
|
|
Iain Douglas |
756e5d |
su passtest -d "passwd -d passtest" &>/dev/null && ExitFail
|
|
Iain Douglas |
756e5d |
su passtest -d "passwd -S passtest" &>/dev/null && ExitFail
|
|
Iain Douglas |
756e5d |
t_Log "Pass"
|
|
Iain Douglas |
756e5d |
|
|
Iain Douglas |
756e5d |
# Check the user can change their own password. Reset it to passtest and
|
|
Iain Douglas |
756e5d |
# turn off min change days before trying. Password becomes ano24ther
|
|
Iain Douglas |
756e5d |
|
|
Iain Douglas |
756e5d |
t_Log "Test user can change own password"
|
|
Iain Douglas |
756e5d |
|
|
Iain Douglas |
756e5d |
echo "passtest" | passwd --stdin passtest &>/dev/null
|
|
Iain Douglas |
756e5d |
passwd -n 0 passtest &>/dev/null
|
|
Iain Douglas |
756e5d |
./tests/p_passwd/_user_password.expect &>/dev/null
|
|
Iain Douglas |
756e5d |
t_CheckExitStatus $?
|
|
Iain Douglas |
756e5d |
|
|
Iain Douglas |
756e5d |
# Check that sending the wrong current password fails we send passtest
|
|
Iain Douglas |
756e5d |
|
|
Iain Douglas |
756e5d |
t_Log "Check sending incorrect current password fails"
|
|
Iain Douglas |
756e5d |
./tests/p_passwd/_user_password.expect &>/dev/null
|
|
Iain Douglas |
756e5d |
|
|
Iain Douglas |
756e5d |
if [ $? -eq "3" ]
|
|
Iain Douglas |
756e5d |
then
|
|
Iain Douglas |
756e5d |
t_Log "PASS"
|
|
Iain Douglas |
756e5d |
else
|
|
Iain Douglas |
756e5d |
ExitFail
|
|
Iain Douglas |
756e5d |
fi
|
|
Iain Douglas |
756e5d |
|
|
Iain Douglas |
756e5d |
# Check that user cannot immediately change password if minimum password
|
|
Iain Douglas |
756e5d |
# lifeftime is enabled.
|
|
Iain Douglas |
756e5d |
|
|
Iain Douglas |
756e5d |
t_Log "Testing Minimum password lifetine is enforced"
|
|
Iain Douglas |
756e5d |
echo "passtest" | passwd --stdin passtest &>/dev/null
|
|
Iain Douglas |
756e5d |
passwd -n 1 passtest &>/dev/null
|
|
Iain Douglas |
756e5d |
./tests/p_passwd/_user_password.expect &>/dev/null
|
|
Iain Douglas |
756e5d |
|
|
Iain Douglas |
756e5d |
if [ $? -eq "2" ]
|
|
Iain Douglas |
756e5d |
then
|
|
Iain Douglas |
756e5d |
t_Log "PASS"
|
|
Iain Douglas |
756e5d |
else
|
|
Iain Douglas |
756e5d |
ExitFail
|
|
Iain Douglas |
756e5d |
fi
|
|
Iain Douglas |
756e5d |
|
|
Iain Douglas |
756e5d |
# Password complexity tests
|
|
Iain Douglas |
756e5d |
echo "passtest" | passwd --stdin passtest &>/dev/null
|
|
Iain Douglas |
756e5d |
passwd -n 0 passtest &>/dev/null
|
|
Iain Douglas |
756e5d |
|
|
Iain Douglas |
756e5d |
# Check very short password is rejected (single letter)
|
|
Iain Douglas |
756e5d |
t_Log "Test very short password is rejected (1 character)"
|
|
Iain Douglas |
756e5d |
./tests/p_passwd/_password_complexity.expect a &>/dev/null
|
|
Iain Douglas |
756e5d |
t_CheckExitStatus $?
|
|
Iain Douglas |
756e5d |
|
|
Iain Douglas |
756e5d |
# Check a short password is rejected (4 chars)
|
|
Iain Douglas |
756e5d |
t_Log "Test short password is rejected (4 charaters)"
|
|
Iain Douglas |
756e5d |
./tests/p_passwd/_password_complexity.expect athe &>/dev/null
|
|
Iain Douglas |
756e5d |
t_CheckExitStatus $?
|
|
Iain Douglas |
756e5d |
|
|
Iain Douglas |
756e5d |
# Check password is rejected with insufficient complexity
|
|
Iain Douglas |
756e5d |
t_Log "Test insufficiently complex password is rejected"
|
|
Iain Douglas |
756e5d |
./tests/p_passwd/_password_complexity.expect betabeta &>/dev/null
|
|
Iain Douglas |
756e5d |
t_CheckExitStatus $?
|
|
Iain Douglas |
756e5d |
|
|
Iain Douglas |
756e5d |
# Check palindromic password is rejected
|
|
Iain Douglas |
756e5d |
t_Log "Check palindromic password is rejected"
|
|
Iain Douglas |
756e5d |
./tests/p_passwd/_password_complexity.expect qwe123321ewq &>/dev/null
|
|
Iain Douglas |
756e5d |
t_CheckExitStatus $?
|