3
# test_pamcmds.expect - test script to check output of PAM commands
5
# Copyright (C) 2011 Arthur de Jong
7
# This library is free software; you can redistribute it and/or
8
# modify it under the terms of the GNU Lesser General Public
9
# License as published by the Free Software Foundation; either
10
# version 2.1 of the License, or (at your option) any later version.
12
# This library is distributed in the hope that it will be useful,
13
# but WITHOUT ANY WARRANTY; without even the implied warranty of
14
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15
# Lesser General Public License for more details.
17
# You should have received a copy of the GNU Lesser General Public
18
# License along with this library; if not, write to the Free Software
19
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
24
log_file -a -noappend test_pamcmds.log
27
# basic error handling
30
send_user "\n\ntest_pamcmds.expect: ERROR found:\n"
31
send_user "$expect_out(buffer)\n"
35
# function for resetting the password
36
proc reset_password {} {
38
send_user "test_pamcmds.expect: resetting passwd...\n"
41
"LDAP administrator password" { send "test\r"; exp_continue }
42
-regexp "(New|Retype new) password:" { send "test\r"; exp_continue }
43
"password updated successfully" {}
44
"Invalid credentials" abort
45
"Authentication token manipulation error" abort
51
# find source directory
52
if { ! [info exists ::env(srcdir) ] } {
55
# ensure that we are running as root
56
if { [exec id -u] != "0" } {
57
send_user "test_pamcmds.expect: not running as root\n"
60
# ensure that we are running in the test environment
61
spawn $env(srcdir)/in_testenv.sh
63
"in_testenv.sh: using LDAP server" { expect eof }
65
send_user "test_pamcmds.expect: not running in test environment\n"
70
# ensure that a correct password is set
73
# start a shell as nobody
74
send_user "test_pamcmds.expect: start shell...\n"
75
spawn su - nobody -s /bin/sh
78
# function to do login, expecting OK result
79
proc test_login_ok {uid passwd} {
80
send "su - $uid -s /bin/sh\r"
88
# test whether we are really logged in
91
-regexp "uid=\[0-9\]*\\($uid\\)" {}
98
# function to do login, expecting FAIL result
99
proc test_login_authfail {uid passwd} {
100
send "su - $uid -s /bin/sh\r"
104
"su: Authentication failure" {}
111
# function to do login, expecting FAIL result
112
proc test_login_unknown {uid passwd} {
113
send "su - $uid -s /bin/sh\r"
115
"Password:" { send "$passwd\r"; exp_continue }
123
# test incorrect password
124
send_user "test_pamcmds.expect: testing incorrect password...\n"
125
test_login_authfail arthur wrongpassword
127
# test correct password
128
send_user "test_pamcmds.expect: testing correct password...\n"
129
test_login_ok arthur test
131
# change password using incorrect old password
132
send_user "test_pamcmds.expect: testing password change with incorrect password...\n"
135
-nocase "password:" { send "wrongpassword\r" }
140
-regexp "(New|Retype new) password:" { send "newpassword\r"; exp_continue }
141
"password changed" abort
142
"Invalid credentials" {}
143
"Authentication token manipulation error" {}
148
# change the password using the correct old password
149
send_user "test_pamcmds.expect: testing password change with correct password...\n"
152
-nocase "password:" { send "test\r" }
157
-regexp "(New|Retype new) password:" { send "newpassword\r"; exp_continue }
158
"password updated successfully" {}
159
"Invalid credentials" abort
160
"Authentication token manipulation error" abort
165
# exist shell (back to nobody)
169
# logging in with the old password should fail now
170
send_user "test_pamcmds.expect: testing old password...\n"
171
test_login_authfail arthur test
173
# test correct password
174
send_user "test_pamcmds.expect: testing new password...\n"
175
test_login_ok arthur newpassword
177
# test invalid username
178
send_user "test_pamcmds.expect: testing with unknown username...\n"
179
test_login_unknown foo anypassword
181
# test login as root with incorrect password
182
send_user "test_pamcmds.expect: testing with root...\n"
183
test_login_authfail root anypassword
185
# test login as nobody with incorrect password
186
send_user "test_pamcmds.expect: testing with nobody...\n"
187
test_login_authfail nobody anypassword
189
# close the shell (first log of arthur)
199
# ensure that a correct password is set
202
send_user "test_pamcmds.expect: everyting OK\n"