tests/chsh/01/run


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143

#!/bin/sh

set -e

cd $(dirname $0)

# Rational:
# Test chage options

# no testsuite password
# root password: rootF00barbaz
# myuser password: myuserF00barbaz

save()
{
	[ ! -d tmp ] && mkdir tmp
	for i in passwd group shadow gshadow shells
	do
		[ -f /etc/$i  ] && cp /etc/$i  tmp/$i
		[ -f /etc/$i- ] && cp /etc/$i- tmp/$i-
	done

	true
}

restore()
{
	for i in passwd group shadow gshadow shells
	do
		[ -f tmp/$i  ] && cp tmp/$i  /etc/$i  && rm tmp/$i
		[ -f tmp/$i- ] && cp tmp/$i- /etc/$i- && rm tmp/$i-
	done
	rm -f tmp/out
	rm -f tmp/shell tmp/sh:ell
	rmdir tmp
}

save

# restore the files on exit
trap 'if [ "$?" != "0" ]; then echo "FAIL"; fi; restore' 0

for i in passwd group shadow gshadow shells
do
	cp data/$i /etc
done

echo -n "changing to a restricted shell, by root..."
cp /bin/bash tmp/shell
chsh -s $(pwd)/tmp/shell myuser
ent=$(getent passwd myuser)
[ "$ent" = "myuser:x:424242:424242::/home:"$(pwd)"/tmp/shell" ] || exit 1
echo "OK"

echo -n "changing from a restricted shell, by myuser..."
su myuser -c "chsh -s /bin/bash" 2> tmp/out && exit 1
ent=$(getent passwd myuser)
[ "$ent" = "myuser:x:424242:424242::/home:"$(pwd)"/tmp/shell" ] || exit 1
diff -au data/chsh1 tmp/out
echo "OK"

echo -n "changing from a restricted shell, by root..."
chsh -s /bin/bash myuser
ent=$(getent passwd myuser)
[ "$ent" = "myuser:x:424242:424242::/home:/bin/bash" ] || exit 1
echo "OK"

# Need to be done by expect now (chage asks for a passwd if not root)
#echo -n "changing to a restricted shell, by myuser..."
#su myuser -c "chsh -s $(pwd)/tmp/shell" 2> tmp/out && exit 1
#ent=$(getent passwd myuser)
#[ "$ent" = "myuser:x:424242:424242::/home:/bin/bash" ] || exit 1
#grep "/tmp/shell is an invalid shell." tmp/out > /dev/null
#[ $(wc -l tmp/out| cut -d" " -f1) = "1" ] || exit 1
#echo "OK"

#echo -n "changing to a new valid shell, by myuser..."
#echo $(pwd)/tmp/shell >> /tmp/shells
#su myuser -c "chsh -s $(pwd)/tmp/shell" 2> tmp/out && exit 1
#ent=$(getent passwd myuser)
#[ "$ent" = "myuser:x:424242:424242::/home:/bin/bash" ] || exit 1
#grep "/tmp/shell is an invalid shell." tmp/out > /dev/null
#[ $(wc -l tmp/out| cut -d" " -f1) = "1" ] || exit 1
#echo "OK"

echo -n "changing another user's shell..."
su myuser -c "chsh -s /bin/sh myuser2" 2> tmp/out && exit 1
ent=$(getent passwd myuser2)
[ "$ent" = "myuser2:x:424243:424242::/home:/bin/sh" ] || exit 1
diff -au data/chsh2 tmp/out
echo "OK"

#echo -n "changing to a non-executable shell..."
#chmod a-x tmp/shell
#su myuser -c "chsh -s $(pwd)/tmp/shell myuser" 2> tmp/out && exit 1
#ent=$(getent passwd myuser)
#[ "$ent" = "myuser:x:424242:424242::/home:/bin/bash" ] || exit 1
#grep "/tmp/shell is an invalid shell." tmp/out > /dev/null
#[ $(wc -l tmp/out| cut -d" " -f1) = "1" ] || exit 1
#echo "OK"

echo -n "changing to an invalid shell name..."
cp /bin/bash tmp/sh:ell
echo $(pwd)/tmp/sh:ell >> /etc/shells
chsh -s $(pwd)/tmp/sh:ell myuser 2> tmp/out && exit 1
ent=$(getent passwd myuser)
[ "$ent" = "myuser:x:424242:424242::/home:/bin/bash" ] || exit 1
egrep "chsh: Invalid entry: .*/tmp/sh:ell" tmp/out > /dev/null
[ $(wc -l tmp/out| cut -d" " -f1) = "1" ] || exit 1
echo "OK"

echo "testing the interactive mode (1)..."
rm -f tmp/out
./run.exp /bin/bash myuser
[ -f tmp/out ] && exit 1
ent=$(getent passwd myuser)
[ "$ent" = "myuser:x:424242:424242::/home:/bin/bash" ] || exit 1
echo "OK"

#echo "testing the interactive mode (2)..."
#rm -f tmp/out
#su myuser -c "./run.exp /bin/bash"
#[ -f tmp/out ] && exit 1
#ent=$(getent passwd myuser)
#[ "$ent" = "myuser:x:424242:424242::/home:/bin/bash" ] || exit 1
#echo "OK"

echo "testing the interactive mode (3)..."
rm -f tmp/out
./run.exp /bin/sh myuser
[ -f tmp/out ] && exit 1
ent=$(getent passwd myuser)
[ "$ent" = "myuser:x:424242:424242::/home:/bin/sh" ] || exit 1
echo "OK"

echo "testing the interactive mode (4)..."
rm -f tmp/out
./run.exp $(pwd)/tmp/sh:ell myuser && exit 1
egrep "chsh: Invalid entry: .*/tmp/sh:ell" tmp/out > /dev/null
ent=$(getent passwd myuser)
[ "$ent" = "myuser:x:424242:424242::/home:/bin/sh" ] || exit 1
echo "OK"