You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
83 lines
2.4 KiB
83 lines
2.4 KiB
12 months ago
|
#!/bin/bash
|
||
|
# Author: Iain Douglas <centos@1n6.org.uk>
|
||
|
#
|
||
|
|
||
|
function ExitFail {
|
||
|
t_Log "FAIL"
|
||
|
exit $FAIL
|
||
|
}
|
||
|
|
||
|
t_Log "Runing $0 - normal user password tests"
|
||
|
# Check that the passtest user cannot use the root only options
|
||
|
|
||
|
t_Log "Checking a normal user cannot use root options"
|
||
|
|
||
|
su passtest -c "passwd -l passtest" &>/dev/null && ExitFail
|
||
|
su passtest -c "passwd -u passtest" &>/dev/null && ExitFail
|
||
|
su passtest -c "passwd -e passtest" &>/dev/null && ExitFail
|
||
|
su passtest -c "passwd -n 10 passtest" &>/dev/null && ExitFail
|
||
|
su passtest -d "passwd -d passtest" &>/dev/null && ExitFail
|
||
|
su passtest -d "passwd -S passtest" &>/dev/null && ExitFail
|
||
|
t_Log "Pass"
|
||
|
|
||
|
# Check the user can change their own password. Reset it to passtest and
|
||
|
# turn off min change days before trying. Password becomes ano24ther
|
||
|
|
||
|
t_Log "Test user can change own password"
|
||
|
|
||
|
echo "passtest" | passwd --stdin passtest &>/dev/null
|
||
|
passwd -n 0 passtest &>/dev/null
|
||
|
./tests/p_passwd/_user_password.expect &>/dev/null
|
||
|
t_CheckExitStatus $?
|
||
|
|
||
|
# Check that sending the wrong current password fails we send passtest
|
||
|
|
||
|
t_Log "Check sending incorrect current password fails"
|
||
|
./tests/p_passwd/_user_password.expect &>/dev/null
|
||
|
|
||
|
if [ $? -eq "3" ]
|
||
|
then
|
||
|
t_Log "PASS"
|
||
|
else
|
||
|
ExitFail
|
||
|
fi
|
||
|
|
||
|
# Check that user cannot immediately change password if minimum password
|
||
|
# lifeftime is enabled.
|
||
|
|
||
|
t_Log "Testing Minimum password lifetine is enforced"
|
||
|
echo "passtest" | passwd --stdin passtest &>/dev/null
|
||
|
passwd -n 1 passtest &>/dev/null
|
||
|
./tests/p_passwd/_user_password.expect &>/dev/null
|
||
|
|
||
|
if [ $? -eq "2" ]
|
||
|
then
|
||
|
t_Log "PASS"
|
||
|
else
|
||
|
ExitFail
|
||
|
fi
|
||
|
|
||
|
# Password complexity tests
|
||
|
echo "passtest" | passwd --stdin passtest &>/dev/null
|
||
|
passwd -n 0 passtest &>/dev/null
|
||
|
|
||
|
# Check very short password is rejected (single letter)
|
||
|
t_Log "Test very short password is rejected (1 character)"
|
||
|
./tests/p_passwd/_password_complexity.expect a &>/dev/null
|
||
|
t_CheckExitStatus $?
|
||
|
|
||
|
# Check a short password is rejected (4 chars)
|
||
|
t_Log "Test short password is rejected (4 charaters)"
|
||
|
./tests/p_passwd/_password_complexity.expect athe &>/dev/null
|
||
|
t_CheckExitStatus $?
|
||
|
|
||
|
# Check password is rejected with insufficient complexity
|
||
|
t_Log "Test insufficiently complex password is rejected"
|
||
|
./tests/p_passwd/_password_complexity.expect betabeta &>/dev/null
|
||
|
t_CheckExitStatus $?
|
||
|
|
||
|
# Check palindromic password is rejected
|
||
|
t_Log "Check palindromic password is rejected"
|
||
|
./tests/p_passwd/_password_complexity.expect qwe123321ewq &>/dev/null
|
||
|
t_CheckExitStatus $?
|