Hello community, here is the log from the commit of package yast2-security for openSUSE:Factory checked in at 2016-03-18 21:38:37 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/yast2-security (Old) and /work/SRC/openSUSE:Factory/.yast2-security.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "yast2-security" Changes: -------- --- /work/SRC/openSUSE:Factory/yast2-security/yast2-security.changes 2016-03-07 13:25:50.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.yast2-security.new/yast2-security.changes 2016-03-18 21:38:38.000000000 +0100 @@ -1,0 +2,9 @@ +Mon Mar 7 09:51:41 UTC 2016 - [email protected] + +- Added support for multiple display managers (bnc#946889). +- Replaced testsuite tests by rspec tests. +- Removed autotools. +- Updated yast2 dependency for cfg_mail.scr +- 3.2.2 + +------------------------------------------------------------------- Old: ---- yast2-security-3.2.1.tar.bz2 New: ---- yast2-security-3.2.2.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ yast2-security.spec ++++++ --- /var/tmp/diff_new_pack.VAOcDU/_old 2016-03-18 21:38:38.000000000 +0100 +++ /var/tmp/diff_new_pack.VAOcDU/_new 2016-03-18 21:38:38.000000000 +0100 @@ -17,7 +17,7 @@ Name: yast2-security -Version: 3.2.1 +Version: 3.2.2 Release: 0 BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -29,17 +29,16 @@ BuildRequires: update-desktop-files BuildRequires: yast2-devtools >= 3.1.10 BuildRequires: yast2-pam -BuildRequires: yast2-testsuite -# Directory.find_data_file -BuildRequires: yast2 >= yast2-3.1.131 +BuildRequires: rubygem(rspec) +BuildRequires: rubygem(yast-rake) >= 0.2.5 +# cfg_mail.scr +BuildRequires: yast2 >= 3.1.179 # new Pam.ycp API Requires: yast2-pam >= 2.14.0 -# etc_sysctl_conf.scr -# Wizard::SetDesktopTitleAndIcon -# Directory.find_data_file -Requires: yast2 >= yast2-3.1.131 +# cfg_mail.scr +Requires: yast2 >= 3.1.179 Provides: y2c_sec Provides: yast2-config-security @@ -54,6 +53,13 @@ Requires: yast2-ruby-bindings >= 1.0.0 +# Unfortunately we cannot move this to macros.yast, +# bcond within macros are ignored by osc/OBS. +%bcond_with yast_run_ci_tests +%if %{with yast_run_ci_tests} +BuildRequires: rubygem(yast-rake-ci) +%endif + Summary: YaST2 - Security Configuration License: GPL-2.0 Group: System/YaST @@ -65,7 +71,9 @@ %setup -n %{name}-%{version} %build -%yast_build + +%check +%yast_check %install %yast_install ++++++ yast2-security-3.2.1.tar.bz2 -> yast2-security-3.2.2.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-security-3.2.1/.travis.yml new/yast2-security-3.2.2/.travis.yml --- old/yast2-security-3.2.1/.travis.yml 2016-03-02 13:26:09.000000000 +0100 +++ new/yast2-security-3.2.2/.travis.yml 1970-01-01 01:00:00.000000000 +0100 @@ -1,16 +0,0 @@ -language: cpp -compiler: - - gcc -before_install: - # disable rvm, use system Ruby - - rvm reset - - wget https://raw.githubusercontent.com/yast/yast-devtools/master/travis-tools/travis_setup.sh - - sh ./travis_setup.sh -p "rake yast2-devtools yast2-testsuite yast2 yast2-pam" -g "rspec:3.3.0 yast-rake gettext" -script: - - rake check:syntax - - rake check:pot - - make -f Makefile.cvs - - make - - sudo make install - - make check - diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-security-3.2.1/Makefile.cvs new/yast2-security-3.2.2/Makefile.cvs --- old/yast2-security-3.2.1/Makefile.cvs 2016-03-02 13:26:10.000000000 +0100 +++ new/yast2-security-3.2.2/Makefile.cvs 1970-01-01 01:00:00.000000000 +0100 @@ -1,23 +0,0 @@ -# -# Makefile.cvs -# - -LIB = $(shell y2tool get-lib) - -PREFIX = /usr - -configure: all - ./configure --prefix=$(PREFIX) --libdir=$(PREFIX)/$(LIB) - -all: - y2tool y2autoconf - y2tool y2automake - autoreconf --force --install - -install: configure - make - make install - -reconf: all - ./config.status --recheck - ./config.status diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-security-3.2.1/configure.in.in new/yast2-security-3.2.2/configure.in.in --- old/yast2-security-3.2.1/configure.in.in 2016-03-02 13:26:10.000000000 +0100 +++ new/yast2-security-3.2.2/configure.in.in 1970-01-01 01:00:00.000000000 +0100 @@ -1,12 +0,0 @@ -## YCP module configure.in.in - -## Initialize -@YAST2-INIT-COMMON@ -@YAST2-INIT-YCP@ - -## some common checks -@YAST2-CHECKS-COMMON@ -@YAST2-CHECKS-YCP@ - -## and generate the output... -@YAST2-OUTPUT@ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-security-3.2.1/package/yast2-security.changes new/yast2-security-3.2.2/package/yast2-security.changes --- old/yast2-security-3.2.1/package/yast2-security.changes 2016-03-02 13:26:10.000000000 +0100 +++ new/yast2-security-3.2.2/package/yast2-security.changes 2016-03-17 16:27:54.000000000 +0100 @@ -1,4 +1,13 @@ ------------------------------------------------------------------- +Mon Mar 7 09:51:41 UTC 2016 - [email protected] + +- Added support for multiple display managers (bnc#946889). +- Replaced testsuite tests by rspec tests. +- Removed autotools. +- Updated yast2 dependency for cfg_mail.scr +- 3.2.2 + +------------------------------------------------------------------- Fri Feb 26 12:40:29 UTC 2016 - [email protected] - Removed "Boot permissions - Interpretation of Ctrl + Alt + Del" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-security-3.2.1/package/yast2-security.spec new/yast2-security-3.2.2/package/yast2-security.spec --- old/yast2-security-3.2.1/package/yast2-security.spec 2016-03-02 13:26:10.000000000 +0100 +++ new/yast2-security-3.2.2/package/yast2-security.spec 2016-03-17 16:27:54.000000000 +0100 @@ -17,7 +17,7 @@ Name: yast2-security -Version: 3.2.1 +Version: 3.2.2 Release: 0 BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -25,29 +25,36 @@ Group: System/YaST License: GPL-2.0 -BuildRequires: doxygen pkg-config perl-XML-Writer update-desktop-files yast2-pam yast2-testsuite +BuildRequires: doxygen pkg-config perl-XML-Writer update-desktop-files yast2-pam BuildRequires: yast2-devtools >= 3.1.10 -# Directory.find_data_file -BuildRequires: yast2 >= yast2-3.1.131 +BuildRequires: rubygem(yast-rake) >= 0.2.5 +BuildRequires: rubygem(rspec) +# cfg_mail.scr +BuildRequires: yast2 >= 3.1.179 # new Pam.ycp API -Requires: yast2-pam >= 2.14.0 +Requires: yast2-pam >= 2.14.0 -# etc_sysctl_conf.scr -# Wizard::SetDesktopTitleAndIcon -# Directory.find_data_file -Requires: yast2 >= yast2-3.1.131 - -Provides: y2c_sec yast2-config-security -Obsoletes: y2c_sec yast2-config-security -Provides: yast2-trans-security y2t_sec -Obsoletes: yast2-trans-security y2t_sec +# cfg_mail.scr +Requires: yast2 >= 3.1.179 + +Provides: y2c_sec yast2-config-security +Obsoletes: y2c_sec yast2-config-security +Provides: yast2-trans-security y2t_sec +Obsoletes: yast2-trans-security y2t_sec BuildArchitectures: noarch Requires: yast2-ruby-bindings >= 1.0.0 -Summary: YaST2 - Security Configuration +# Unfortunately we cannot move this to macros.yast, +# bcond within macros are ignored by osc/OBS. +%bcond_with yast_run_ci_tests +%if %{with yast_run_ci_tests} +BuildRequires: rubygem(yast-rake-ci) +%endif + +Summary: YaST2 - Security Configuration %description The YaST2 component for security settings configuration. @@ -56,7 +63,9 @@ %setup -n %{name}-%{version} %build -%yast_build + +%check +%yast_check %install %yast_install diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-security-3.2.1/src/Makefile.am new/yast2-security-3.2.2/src/Makefile.am --- old/yast2-security-3.2.1/src/Makefile.am 2016-03-02 13:26:10.000000000 +0100 +++ new/yast2-security-3.2.2/src/Makefile.am 1970-01-01 01:00:00.000000000 +0100 @@ -1,48 +0,0 @@ -# Sources for security - -module_DATA = \ - modules/Security.rb - -client_DATA = \ - clients/security_summary.rb \ - clients/security.rb \ - clients/security_auto.rb - -yncludedir = @yncludedir@/security -ynclude_DATA = \ - include/security/levels.rb \ - include/security/widgets.rb \ - include/security/wizards.rb \ - include/security/dialogs.rb \ - include/security/complex.rb \ - include/security/users.rb \ - include/security/routines.rb \ - include/security/helps.rb - - -ylibdir = @ylibdir@/security -ylib_DATA = \ - lib/security/ctrl_alt_del_config.rb - -schemafilesdir = $(schemadir)/autoyast/rnc -schemafiles_DATA = \ - autoyast-rnc/security.rnc - -scrconf_DATA = \ - scrconf/cfg_locate.scr \ - scrconf/etc_polkit-default-privs_local.scr \ - scrconf/kde4_kdmrc.scr - -ydatadir = @ydatadir@/security -ydata_DATA = \ - data/security/services.yml \ - data/security/level1.yml \ - data/security/level2.yml \ - data/security/level3.yml - -desktop_DATA = \ - desktop/security.desktop - -EXTRA_DIST = $(module_DATA) $(client_DATA) $(ynclude_DATA) $(schemafiles_DATA) $(scrconf_DATA) $(ydata_DATA) $(desktop_DATA) $(ylib_DATA) - -include $(top_srcdir)/Makefile.am.common diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-security-3.2.1/src/include/security/dialogs.rb new/yast2-security-3.2.2/src/include/security/dialogs.rb --- old/yast2-security-3.2.1/src/include/security/dialogs.rb 2016-03-02 13:26:10.000000000 +0100 +++ new/yast2-security-3.2.2/src/include/security/dialogs.rb 2016-03-17 16:27:54.000000000 +0100 @@ -41,6 +41,8 @@ Yast.include include_target, "security/helps.rb" Yast.include include_target, "security/routines.rb" + @display_manager = Security.display_manager + @tree_dialogs = [ "main", "overview", @@ -360,7 +362,7 @@ # e.g.: "postfix" + " or " + "sendmail" group = Builtins.mergestring(l, _(" or ")) srvs = Ops.add(Ops.add(srvs, group), "<BR>") - end + end # richtext message: %1 = runlevel ("3" or "5"), %2 = list of services @@ -568,6 +570,18 @@ deep_copy(ret) end + def vbox_boot_permissions + VBox( + VSpacing(1), + settings2widget("CONSOLE_SHUTDOWN"), + @display_manager ? VSpacing(1.0) : Empty(), + @display_manager ? settings2widget(@display_manager.shutdown_var_name) : Empty(), + VSpacing(1.0), + settings2widget("HIBERNATE_SYSTEM"), + VSpacing(1) + ) + end + # Boot dialog # @return dialog result def BootDialog @@ -587,15 +601,7 @@ _("Boot Permissions"), HBox( HSpacing(3), - VBox( - VSpacing(1), - settings2widget("CONSOLE_SHUTDOWN"), - VSpacing(1.0), - settings2widget("AllowShutdown"), - VSpacing(1.0), - settings2widget("HIBERNATE_SYSTEM"), - VSpacing(1) - ), + vbox_boot_permissions, HSpacing(3) ) ), @@ -650,7 +656,7 @@ if ret == :next || Builtins.contains(@tree_dialogs, ret) widget2settings("CONSOLE_SHUTDOWN") - widget2settings("AllowShutdown") + widget2settings(@display_manager.shutdown_var_name) if @display_manager widget2settings("HIBERNATE_SYSTEM") end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-security-3.2.1/src/include/security/helps.rb new/yast2-security-3.2.2/src/include/security/helps.rb --- old/yast2-security-3.2.1/src/include/security/helps.rb 2016-03-02 13:26:10.000000000 +0100 +++ new/yast2-security-3.2.2/src/include/security/helps.rb 2016-03-17 16:27:54.000000000 +0100 @@ -33,6 +33,8 @@ def initialize_security_helps(include_target) textdomain "security" + @display_manager = Security.display_manager + # All helps are here @HELPS = { # Read dialog help 1/2 @@ -366,16 +368,18 @@ "combination. %s</p>" ) % details - # Boot dialog help 3/4 - help += _( - "<p><b>Shutdown Behaviour of Login Manager</b>:\nSet who is allowed to shut down the machine from KDM.</p>\n" - ) + - # Boot dialog help 4/4 - _( - "<p><b>Hibernate System</b>:\n" \ - "Set the conditions for allowing users to hibernate the system. By default, user on active console has such right.\n" \ - "Other options are allowing the action to any user or requiring authentication in all cases.</p>\n" - ) + if @display_manager + # Boot dialog help 3/4 + help += _( + "<p><b>Shutdown Behaviour of Login Manager</b>:\nSet who is allowed to shut down the machine from %s.</p>\n" + ) % @display_manager.name.upcase + + # Boot dialog help 4/4 + _( + "<p><b>Hibernate System</b>:\n" \ + "Set the conditions for allowing users to hibernate the system. By default, user on active console has such right.\n" \ + "Other options are allowing the action to any user or requiring authentication in all cases.</p>\n" + ) + end help # EOF diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-security-3.2.1/src/include/security/widgets.rb new/yast2-security-3.2.2/src/include/security/widgets.rb --- old/yast2-security-3.2.1/src/include/security/widgets.rb 2016-03-02 13:26:10.000000000 +0100 +++ new/yast2-security-3.2.2/src/include/security/widgets.rb 2016-03-17 16:27:54.000000000 +0100 @@ -80,9 +80,26 @@ # @return [Hash] all widgets module Yast module SecurityWidgetsInclude + include Yast::I18n + extend Yast::I18n + + BOOT_OPTION_LABELS = { + "ignore" => N_("Ignore"), + "reboot" => N_("Reboot"), + "halt" => N_("Halt") + } + + SHUTDOWN_LABELS = { + "root" => N_("Only root"), + "all" => N_("All Users"), + "none" => N_("Nobody") + } + def initialize_security_widgets(include_target) textdomain "security" + @display_manager = Security.display_manager + # All widgets are here @WIDGETS = # "" : $[ @@ -141,22 +158,6 @@ "Label" => _("M&inimum"), "Value" => "101" }, - "AllowShutdown" => { - "Widget" => "ComboBox", - # ComboBox label - "Label" => _( - "&Shutdown Behaviour of KDM Login Manager:" - ), - "Options" => [ - # ComboBox value - ["Root", _("Only root")], - # ComboBox value - ["All", _("All Users")], - # ComboBox value - ["None", _("Nobody")] - ], - "Value" => "all" - }, "HIBERNATE_SYSTEM" => { "Widget" => "ComboBox", # ComboBox label @@ -261,22 +262,36 @@ "Value" => "100" } } + + @WIDGETS.merge!( + @display_manager.shutdown_var_name => shutdown_login_manager_widget + ) if @display_manager end - def boot_option_labels + def shutdown_login_manager_widget { - "ignore" => _("Ignore"), - "reboot" => _("Reboot"), - "halt" => _("Halt") + "Widget" => "ComboBox", + # ComboBox label + # TRANSLATORS: %s will be the configured display manager usually: GDM or KDM, + # but could be XDM,WDM,ENTRANCE,CONSOLE + "Label" => _( + "&Shutdown Behaviour of %s Login Manager:" + ) % @display_manager.name, + "Options" => shutdown_options, + "Value" => @display_manager.shutdown_default_value } end def console_shutdown_options ::Security::CtrlAltDelConfig.options.map do |opt| - [opt, boot_option_labels[opt]] + [opt, _(BOOT_OPTION_LABELS[opt.downcase])] end end - # EOF + def shutdown_options + @display_manager.shutdown_options.map do |opt| + [opt, _(SHUTDOWN_LABELS[opt.downcase])] + end + end end end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-security-3.2.1/src/lib/security/display_manager.rb new/yast2-security-3.2.2/src/lib/security/display_manager.rb --- old/yast2-security-3.2.1/src/lib/security/display_manager.rb 1970-01-01 01:00:00.000000000 +0100 +++ new/yast2-security-3.2.2/src/lib/security/display_manager.rb 2016-03-17 16:27:54.000000000 +0100 @@ -0,0 +1,81 @@ +# encoding: utf-8 + +# ------------------------------------------------------------------------------ +# Copyright (c) 2016 SUSE LLC, All Rights Reserved. +# +# This program is free software; you can redistribute it and/or modify it under +# the terms of version 2 of the GNU General Public License as +# published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, but WITHOUT +# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS +# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more +# details. +# +# You should have received a copy of the GNU General Public License along with +# this program; if not, contact SUSE LLC. +# +# To contact SUSE about this file by physical or electronic mail, you may find +# current contact information at www.suse.com. +# ------------------------------------------------------------------------------ +# + +require "yast" + +module Security + class DisplayManager + Yast.import "SCR" + + CONFIG_PATH = ".sysconfig.displaymanager.DISPLAYMANAGER" + + SYSCONFIG_COMMON_LOCATIONS = [ + "DISPLAYMANAGER_REMOTE_ACCESS", + "DISPLAYMANAGER_ROOT_LOGIN_REMOTE", + "DISPLAYMANAGER_XSERVER_TCP_PORT_6000_OPEN" + ] + + private_class_method :new + attr_reader :name + + + def self.current + configured_dm = Yast::SCR.Read(Yast::Path.new(CONFIG_PATH)).to_s + configured_dm.empty? ? nil : new(configured_dm) + end + + def initialize(name) + @name = name + end + + def kdm? + @name == "kdm" + end + + def default_settings + { shutdown_var_name => shutdown_default_value } + end + + def shutdown_var_name + @shutdown_var_name ||= kdm? ? "AllowShutdown" : "DISPLAYMANAGER_SHUTDOWN" + end + + def shutdown_default_value + @shutdown_default_value ||= kdm? ? "All" : "all" + end + + def shutdown_options + @shutdown_options ||= kdm? ? ["Root", "All", "None"] : ["root", "all", "none"] + end + + def default_locations + sysconfig_locations = SYSCONFIG_COMMON_LOCATIONS + sysconfig_locations << shutdown_var_name if !kdm? + + locations = { ".sysconfig.displaymanager" => sysconfig_locations } + + locations[".kde4.kdmrc"] = ["AllowShutdown"] if kdm? + + locations + end + end +end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-security-3.2.1/src/modules/Security.rb new/yast2-security-3.2.2/src/modules/Security.rb --- old/yast2-security-3.2.1/src/modules/Security.rb 2016-03-02 13:26:10.000000000 +0100 +++ new/yast2-security-3.2.2/src/modules/Security.rb 2016-03-17 16:27:54.000000000 +0100 @@ -28,6 +28,7 @@ require "yast" require "yaml" require "security/ctrl_alt_del_config" +require "security/display_manager" module Yast class SecurityClass < Module @@ -35,10 +36,23 @@ include Yast::Logger include ::Security::CtrlAltDelConfig + SYSCTL_VALUES = { + "yes" => "1", + "no" => "0" + } + + attr_reader :display_manager + def main - Yast.import "UI" + import_modules + textdomain "security" + init_settings + end + + def import_modules + Yast.import "UI" Yast.import "FileUtils" Yast.import "Package" Yast.import "Pam" @@ -46,9 +60,10 @@ Yast.import "Service" Yast.import "SystemdService" Yast.import "Directory" - Yast.include self, "security/levels.rb" + end + def init_settings # Services to check srv_file = Directory.find_data_file("security/services.yml") @@ -57,6 +72,7 @@ else srv_lists = {} end + # These must be running @mandatory_services = srv_lists["mandatory_services"] || [] # It must be an array of arrays (meaning [ [ || ] && && ]) @@ -65,8 +81,10 @@ @optional_services = srv_lists["optional_services"] || [] # All other services should be turned off + @display_manager = ::Security::DisplayManager.current + # systemd target, defining ctrl-alt-del behavior - @ctrl_alt_del_file = "/etc/systemd/system/ctrl-alt-del.target" + @ctrl_alt_del_file = ::Security::CtrlAltDelConfig::SYSTEMD_FILE # encryption methods supported by pam_unix (bnc#802006) @encryption_methods = ["des", "md5", "sha256", "sha512"] @@ -83,7 +101,6 @@ "FAIL_DELAY" => "3", "GID_MAX" => "60000", "GID_MIN" => "1000", - "AllowShutdown" => "all", "HIBERNATE_SYSTEM" => "active_console", "PASSWD_ENCRYPTION" => "sha512", "PASSWD_USE_CRACKLIB" => "yes", @@ -114,6 +131,8 @@ "EXTRA_SERVICES" => "no" } + @Settings.merge!(@display_manager.default_settings) if @display_manager + # List of missing mandatory services @missing_mandatory_services = [] # List of enabled services not included in mandatory or optional lists @@ -148,14 +167,6 @@ "USERDEL_PRECMD", "USERDEL_POSTCMD" ], - ".kde4.kdmrc" => [ - "AllowShutdown" - ], - ".sysconfig.displaymanager" => [ - "DISPLAYMANAGER_REMOTE_ACCESS", - "DISPLAYMANAGER_ROOT_LOGIN_REMOTE", - "DISPLAYMANAGER_XSERVER_TCP_PORT_6000_OPEN" - ], ".sysconfig.security" => ["PERMISSION_SECURITY"], ".sysconfig.services" => [ "DISABLE_RESTART_ON_UPDATE", @@ -167,6 +178,8 @@ ".sysconfig.mail" => ["SMTPD_LISTEN_REMOTE"] } + @Locations.merge!(@display_manager.default_locations) if @display_manager + # Default values for /etc/sysctl.conf keys @sysctl = { "kernel.sysrq" => "0", @@ -698,40 +711,19 @@ @modified = true tmpSettings = {} - Builtins.foreach(@Settings) do |k, v| - if !Builtins.haskey(settings, k) - if Builtins.haskey(@sysctl, k) && - Builtins.haskey(settings, Ops.get(@sysctl2sysconfig, k, "")) - val = Ops.get_string( - settings, - Ops.get(@sysctl2sysconfig, k, ""), - "" - ) - if val == "yes" - Ops.set(tmpSettings, k, "1") - elsif val == "no" - Ops.set(tmpSettings, k, "0") - else - Ops.set(tmpSettings, k, val) - end - elsif Builtins.haskey(settings, Ops.get(@obsolete_login_defs, k, "")) - Ops.set( - tmpSettings, - k, - Ops.get_string(settings, Ops.get(@obsolete_login_defs, k, ""), "") - ) + @Settings.each do |k, v| + if settings.key?(k) + tmpSettings[k] = settings[k] + else + if @sysctl.key?(k) && settings.key?(@sysctl2sysconfig[k]) + val = settings[@sysctl2sysconfig[k]].to_s + tmpSettings[k] = SYSCTL_VALUES[val] || val else - Ops.set(tmpSettings, k, v) + tmpSettings[k] = settings[@obsolete_login_defs[k]] || v end - else - Ops.set(tmpSettings, k, Ops.get_string(settings, k, "")) end end - @Settings = Convert.convert( - Builtins.eval(tmpSettings), - :from => "map", - :to => "map <string, string>" - ) + @Settings = tmpSettings true end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-security-3.2.1/test/security_test.rb new/yast2-security-3.2.2/test/security_test.rb --- old/yast2-security-3.2.1/test/security_test.rb 2016-03-02 13:26:10.000000000 +0100 +++ new/yast2-security-3.2.2/test/security_test.rb 2016-03-17 16:27:54.000000000 +0100 @@ -2,6 +2,7 @@ require_relative "test_helper" require "security/ctrl_alt_del_config" +require "security/display_manager" def services_for(names, aliases = {}) names.map do |n| @@ -111,6 +112,7 @@ describe "#write_to_locations" do before do change_scr_root(File.join(DATA_PATH, "system")) + Security.init_settings Security.read_from_locations stub_scr_write end @@ -218,6 +220,9 @@ let(:target_link) { "/usr/lib/systemd/system/poweroff.target" } context "when systemd is installed" do + before do + allow(Package).to receive(:Installed).with("systemd") { true } + end context "on a non s390 architecture" do before do @@ -551,33 +556,74 @@ end describe "#read_from_locations" do - before do - change_scr_root(File.join(DATA_PATH, "system")) - allow(SCR).to receive(:Read).with(path(".kde4.kdmrc.AllowShutdown")) - .and_return("All") - Security.read_from_locations - end - after do reset_scr_root end - it "sets login definitions based on /etc/login.defs" do - expect(Security.Settings["FAIL_DELAY"]).to eql("3") + before do + change_scr_root(File.join(DATA_PATH, "system")) + allow(SCR).to receive(:Read) + .with(path(".sysconfig.displaymanager.DISPLAYMANAGER")) + .and_return(display_manager) end - it "sets kde4 allow shutdown based on kdmrc" do - expect(Security.Settings["AllowShutdown"]).to eql("All") - end + context "when display manager is gdm" do + let(:display_manager) { "gdm" } - it "sets different settings based on /etc/sysconfig/*" do - expect(Security.Settings["DISPLAYMANAGER_REMOTE_ACCESS"]).to eql("yes") - expect(Security.Settings["DISPLAYMANAGER_ROOT_LOGIN_REMOTE"]).to eql("yes") - expect(Security.Settings["DISPLAYMANAGER_XSERVER_TCP_PORT_6000_OPEN"]).to eql("no") - expect(Security.Settings["PERMISSION_SECURITY"]).to eql("easy local") - expect(Security.Settings["DISABLE_RESTART_ON_UPDATE"]).to eql("no") + before do + Security.init_settings + end + + it "allows everybody to shutdown by default" do + expect(Security.Settings["DISPLAYMANAGER_SHUTDOWN"]).to eql("all") + end + + it "sets login definitions based on /etc/login.defs" do + Security.read_from_locations + expect(Security.Settings["FAIL_DELAY"]).to eql("3") + end + + it "sets different settings based on /etc/sysconfig/*" do + Security.read_from_locations + expect(Security.Settings["DISPLAYMANAGER_REMOTE_ACCESS"]).to eql("yes") + expect(Security.Settings["DISPLAYMANAGER_ROOT_LOGIN_REMOTE"]).to eql("yes") + expect(Security.Settings["DISPLAYMANAGER_XSERVER_TCP_PORT_6000_OPEN"]).to eql("no") + expect(Security.Settings["DISPLAYMANAGER_SHUTDOWN"]).to eql("all") + expect(Security.Settings["PERMISSION_SECURITY"]).to eql("easy local") + expect(Security.Settings["DISABLE_RESTART_ON_UPDATE"]).to eql("no") + end end + context "when display manager is kdm" do + let(:display_manager) { "kdm" } + + before do + allow(SCR).to receive(:Read).with(path(".kde4.kdmrc.AllowShutdown")) + .and_return("All") + Security.init_settings + Security.read_from_locations + end + + it "sets login definitions based on /etc/login.defs" do + expect(Security.Settings["FAIL_DELAY"]).to eql("3") + end + + it "sets login definitions based on /etc/login.defs" do + expect(Security.Settings["FAIL_DELAY"]).to eql("3") + end + + it "sets kde4 allow shutdown based on kdmrc" do + expect(Security.Settings["AllowShutdown"]).to eql("All") + end + + it "sets different settings based on /etc/sysconfig/*" do + expect(Security.Settings["DISPLAYMANAGER_REMOTE_ACCESS"]).to eql("yes") + expect(Security.Settings["DISPLAYMANAGER_ROOT_LOGIN_REMOTE"]).to eql("yes") + expect(Security.Settings["DISPLAYMANAGER_XSERVER_TCP_PORT_6000_OPEN"]).to eql("no") + expect(Security.Settings["PERMISSION_SECURITY"]).to eql("easy local") + expect(Security.Settings["DISABLE_RESTART_ON_UPDATE"]).to eql("no") + end + end end describe "#Read" do @@ -593,5 +639,59 @@ end end + describe "#Import" do + before do + # GENERAL + Security.Settings["FAIL_DELAY"] = "5" + Security.Settings["PASS_MIN_LEN"] = "3" + Security.Settings["MANDATORY_SERVICES"] = "no" + + # SYSCTL + Security.Settings["net.ipv4.ip_forward"] = "1" + + # OBSOLETE LOGIN DEFS + Security.Settings["SYS_UID_MIN"] = 200 + Security.Settings["SYS_GID_MIN"] = 200 + + end + + it "doest not touch current Settings if given settings are empty" do + current = Security.Settings.dup + expect(Security.Import({})).to eql(true) + expect(Security.Settings).to eql(current) + end + + context "when Settings keys exists in given settings" do + it "imports given settings without modify" do + expect(Security.Import("PASS_MIN_LEN" => "8", "MANDATORY_SERVICES" => "yes")).to eql(true) + expect(Security.Settings["PASS_MIN_LEN"]).to eql("8") + expect(Security.Settings["MANDATORY_SERVICES"]).to eql("yes") + end + end + + context "when Settings keys do not exist in given settings" do + it "imports SYSCTL settings modifying key names and adapting values" do + expect(Security.Import("IP_FORWARD" => "no")).to eql(true) + + expect(Security.Settings["net.ipv4.ip_forward"]).to eql("0") + end + + it "imports LOGIN DEFS settings transforming key name" do + expect(Security.Import("SYSTEM_UID_MIN" => "150")).to eql(true) + expect(Security.Import("SYSTEM_GID_MIN" => "150")).to eql(true) + + expect(Security.Settings["SYS_UID_MIN"]).to eql("150") + expect(Security.Settings["SYS_GID_MIN"]).to eql("150") + end + + it "does not modify not given settings" do + expect(Security.Import("EXTRA_SERVICES" => "yes")).to eql(true) + + expect(Security.Settings["FAIL_DELAY"]).to eql("5") + end + + end + + end end end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-security-3.2.1/test/test_helper.rb new/yast2-security-3.2.2/test/test_helper.rb --- old/yast2-security-3.2.1/test/test_helper.rb 2016-03-02 13:26:10.000000000 +0100 +++ new/yast2-security-3.2.2/test/test_helper.rb 2016-03-17 16:27:54.000000000 +0100 @@ -35,6 +35,7 @@ # for coverage we need to load all ruby files Dir["#{SRC_PATH}/modules/**/*.rb"].each { |f| require_relative f } + Dir["#{SRC_PATH}/lib/**/*.rb"].each { |f| require_relative f } # use coveralls for on-line code coverage reporting at Travis CI if ENV["TRAVIS"] diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-security-3.2.1/testsuite/Makefile.am new/yast2-security-3.2.2/testsuite/Makefile.am --- old/yast2-security-3.2.1/testsuite/Makefile.am 2016-03-02 13:26:10.000000000 +0100 +++ new/yast2-security-3.2.2/testsuite/Makefile.am 1970-01-01 01:00:00.000000000 +0100 @@ -1,21 +0,0 @@ -# -# Makefile.am for .../testsuite -# -# Do not edit this file (Makefile.am) as it will be overwritten! -# - -AUTOMAKE_OPTIONS = dejagnu -EXTRA_DIST = $(wildcard tests/*.out) $(wildcard tests/*.err) $(wildcard tests/*.rb) - -testsuite_prepare = @ydatadir@/testsuite/Makefile.testsuite - -all-local: $(testsuite_prepare) - make -f $(testsuite_prepare) RPMNAME=$(RPMNAME) srcdir=$(srcdir) - -clean-local: $(testsuite_prepare) - make -f $(testsuite_prepare) RPMNAME=$(RPMNAME) srcdir=$(srcdir) clean - -check-local: $(testsuite_prepare) - make -f $(testsuite_prepare) RPMNAME=$(RPMNAME) srcdir=$(srcdir) check - -# EOF diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-security-3.2.1/testsuite/tests/Import.out new/yast2-security-3.2.2/testsuite/tests/Import.out --- old/yast2-security-3.2.1/testsuite/tests/Import.out 2016-03-02 13:26:10.000000000 +0100 +++ new/yast2-security-3.2.2/testsuite/tests/Import.out 1970-01-01 01:00:00.000000000 +0100 @@ -1,6 +0,0 @@ -Return true -Dump $["AllowShutdown":"r3", "CONSOLE_SHUTDOWN":"reboot", "CRACKLIB_DICT_PATH":"/usr/lib/cracklib_dict", "DISABLE_RESTART_ON_UPDATE":"r13", "DISABLE_STOP_ON_REMOVAL":"r14", "DISPLAYMANAGER_REMOTE_ACCESS":"r4", "DISPLAYMANAGER_ROOT_LOGIN_REMOTE":"r16", "DISPLAYMANAGER_XSERVER_TCP_PORT_6000_OPEN":"r17", "EXTRA_SERVICES":"no", "FAIL_DELAY":"l2", "GID_MAX":"l3", "GID_MIN":"l4", "HIBERNATE_SYSTEM":"active_console", "MANDATORY_SERVICES":"yes", "PASSWD_ENCRYPTION":"sha512", "PASSWD_REMEMBER_HISTORY":"0", "PASSWD_USE_CRACKLIB":"yes", "PASS_MAX_DAYS":"l7", "PASS_MIN_DAYS":"l9", "PASS_MIN_LEN":"l10", "PASS_WARN_AGE":"l11", "PERMISSION_SECURITY":"r5", "RUN_UPDATEDB_AS":"r7", "SMTPD_LISTEN_REMOTE":"no", "SYSLOG_ON_NO_ERROR":"yes", "SYSTOHC":"yes", "SYS_GID_MAX":"l16", "SYS_GID_MIN":"l17", "SYS_UID_MAX":"l14", "SYS_UID_MIN":"l15", "UID_MAX":"l12", "UID_MIN":"l13", "USERADD_CMD":"l18", "USERDEL_POSTCMD":"l20", "USERDEL_PRECMD":"l19", "kernel.sysrq":"1", "net.ipv4.ip_forward":"0", "net.ipv4.tcp_syncookies":"1", "net.ipv6.conf.all.forwarding":"1"] -Dump l15 -Dump l14 -Dump l17 -Dump l16 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-security-3.2.1/testsuite/tests/Import.rb new/yast2-security-3.2.2/testsuite/tests/Import.rb --- old/yast2-security-3.2.1/testsuite/tests/Import.rb 2016-03-02 13:26:10.000000000 +0100 +++ new/yast2-security-3.2.2/testsuite/tests/Import.rb 1970-01-01 01:00:00.000000000 +0100 @@ -1,72 +0,0 @@ -# encoding: utf-8 - -# YaST2: Modules testsuite -# -# Description: -# Testsuite for the security module -# -# Authors: -# Michal Svec <[email protected]> -# -# $Id$ -# -# testedfiles: Security.ycp PamSettings.ycp Pam.ycp -module Yast - class ImportClient < Client - def main - Yast.include self, "testsuite.rb" - - Yast.import "Security" - - @import_map = { - "CONSOLE_SHUTDOWN" => "reboot", - "DISPLAYMANAGER_REMOTE_ACCESS" => "r4", - "ENCRYPTION" => "md5", - "ENABLE_SYSRQ" => "yes", - "FAIL_DELAY" => "l2", - "GID_MAX" => "l3", - "GID_MIN" => "l4", - "AllowShutdown" => "r3", - "PASS_MAX_DAYS" => "l7", - "PASS_MIN_DAYS" => "l9", - "PASS_MIN_LEN" => "l10", - "PASS_WARN_AGE" => "l11", - "PERMISSION_SECURITY" => "r5", - "ROOT_LOGIN_REMOTE" => "r6", - "RUN_UPDATEDB_AS" => "r7", - "UID_MAX" => "l12", - "UID_MIN" => "l13", - "SYSTEM_UID_MAX" => "l14", # old syntax - "SYSTEM_UID_MIN" => "l15", - "SYS_GID_MAX" => "l16", - "SYS_GID_MIN" => "l17", - "USERADD_CMD" => "l18", - "USERDEL_PRECMD" => "l19", - "USERDEL_POSTCMD" => "l20", - "DISABLE_RESTART_ON_UPDATE" => "r13", - "DISABLE_STOP_ON_REMOVAL" => "r14", - "DISPLAYMANAGER_ROOT_LOGIN_REMOTE" => "r16", - "DISPLAYMANAGER_XSERVER_TCP_PORT_6000_OPEN" => "r17", - "IP_TCP_SYNCOOKIES" => "yes", - "IP_FORWARD" => "0", - "IPV6_FORWARD" => "yes" - } - - @E = { "target" => { "bash_output" => {} } } - @R = { "sysconfig" => { "displaymanager" => { "DISPLAYMANAGER" => "" } } } - - TEST(lambda { Security.Import(@import_map) }, [@R, {}, @E], nil) - - DUMP(Security.Settings) - - DUMP(Ops.get(Security.Settings, "SYS_UID_MIN", "")) - DUMP(Ops.get(Security.Settings, "SYS_UID_MAX", "")) - DUMP(Ops.get(Security.Settings, "SYS_GID_MIN", "")) - DUMP(Ops.get(Security.Settings, "SYS_GID_MAX", "")) - - nil - end - end -end - -Yast::ImportClient.new.main diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-security-3.2.1/testsuite/tests/Write.out new/yast2-security-3.2.2/testsuite/tests/Write.out --- old/yast2-security-3.2.1/testsuite/tests/Write.out 2016-03-02 13:26:10.000000000 +0100 +++ new/yast2-security-3.2.2/testsuite/tests/Write.out 1970-01-01 01:00:00.000000000 +0100 @@ -1,86 +0,0 @@ -Read .etc.login_defs.FAIL_DELAY nil -Write .etc.login_defs.FAIL_DELAY "l2" true -Read .etc.login_defs.GID_MAX nil -Write .etc.login_defs.GID_MAX "l3" true -Read .etc.login_defs.GID_MIN nil -Write .etc.login_defs.GID_MIN "l4" true -Read .etc.login_defs.PASS_MAX_DAYS nil -Write .etc.login_defs.PASS_MAX_DAYS "l7" true -Read .etc.login_defs.PASS_MIN_DAYS nil -Write .etc.login_defs.PASS_MIN_DAYS "l9" true -Read .etc.login_defs.PASS_WARN_AGE nil -Write .etc.login_defs.PASS_WARN_AGE "l11" true -Read .etc.login_defs.UID_MAX nil -Write .etc.login_defs.UID_MAX "l12" true -Read .etc.login_defs.UID_MIN nil -Write .etc.login_defs.UID_MIN "l13" true -Read .etc.login_defs.SYS_UID_MAX nil -Write .etc.login_defs.SYS_UID_MAX "l14" true -Read .etc.login_defs.SYS_UID_MIN nil -Write .etc.login_defs.SYS_UID_MIN "l15" true -Read .etc.login_defs.SYS_GID_MAX nil -Write .etc.login_defs.SYS_GID_MAX "l16" true -Read .etc.login_defs.SYS_GID_MIN nil -Write .etc.login_defs.SYS_GID_MIN "l17" true -Read .etc.login_defs.USERADD_CMD nil -Write .etc.login_defs.USERADD_CMD "l18" true -Read .etc.login_defs.USERDEL_PRECMD nil -Write .etc.login_defs.USERDEL_PRECMD "l19" true -Read .etc.login_defs.USERDEL_POSTCMD nil -Write .etc.login_defs.USERDEL_POSTCMD "l20" true -Read .kde4.kdmrc.AllowShutdown nil -Write .kde4.kdmrc.AllowShutdown "r3" true -Read .sysconfig.clock.SYSTOHC nil -Write .sysconfig.clock.SYSTOHC "r12" true -Read .sysconfig.cron.SYSLOG_ON_NO_ERROR nil -Write .sysconfig.cron.SYSLOG_ON_NO_ERROR "r15" true -Read .sysconfig.displaymanager.DISPLAYMANAGER_REMOTE_ACCESS nil -Write .sysconfig.displaymanager.DISPLAYMANAGER_REMOTE_ACCESS "r4" true -Read .sysconfig.displaymanager.DISPLAYMANAGER_ROOT_LOGIN_REMOTE nil -Write .sysconfig.displaymanager.DISPLAYMANAGER_ROOT_LOGIN_REMOTE "r16" true -Read .sysconfig.displaymanager.DISPLAYMANAGER_XSERVER_TCP_PORT_6000_OPEN nil -Write .sysconfig.displaymanager.DISPLAYMANAGER_XSERVER_TCP_PORT_6000_OPEN "r17" true -Read .sysconfig.locate.RUN_UPDATEDB_AS nil -Write .sysconfig.locate.RUN_UPDATEDB_AS "r7" true -Read .sysconfig.mail.SMTPD_LISTEN_REMOTE nil -Write .sysconfig.mail.SMTPD_LISTEN_REMOTE "r18" true -Read .sysconfig.security.PERMISSION_SECURITY nil -Write .sysconfig.security.PERMISSION_SECURITY "r5 local" true -Read .sysconfig.services.DISABLE_RESTART_ON_UPDATE nil -Write .sysconfig.services.DISABLE_RESTART_ON_UPDATE "r13" true -Read .sysconfig.services.DISABLE_STOP_ON_REMOVAL nil -Write .sysconfig.services.DISABLE_STOP_ON_REMOVAL "r14" true -Write .etc.login_defs nil true -Write .kde4.kdmrc nil true -Write .sysconfig.clock nil true -Write .sysconfig.cron nil true -Write .sysconfig.displaymanager nil true -Write .sysconfig.locate nil true -Write .sysconfig.mail nil true -Write .sysconfig.security nil true -Write .sysconfig.services nil true -Execute .target.bash "ln -s -f /usr/lib/systemd/system/poweroff.target /etc/systemd/system/ctrl-alt-del.target" 0 -Execute .target.bash_output "/usr/sbin/pam-config -d --cracklib" $[] -Execute .target.bash_output "/usr/sbin/pam-config -d --cracklib-minlen" $[] -Execute .target.bash_output "/usr/sbin/pam-config -d --pwhistory-remember" $[] -Write .etc.polkit-default-privs_local."org.freedesktop.upower.hibernate" "r21" true -Read .etc.sysctl_conf."kernel.sysrq" nil -Write .etc.sysctl_conf."kernel.sysrq" "1" true -Read .etc.sysctl_conf."net.ipv4.ip_forward" nil -Write .etc.sysctl_conf."net.ipv4.ip_forward" "10" true -Read .etc.sysctl_conf."net.ipv4.tcp_syncookies" nil -Write .etc.sysctl_conf."net.ipv4.tcp_syncookies" "9" true -Read .etc.sysctl_conf."net.ipv6.conf.all.forwarding" nil -Write .etc.sysctl_conf."net.ipv6.conf.all.forwarding" "11" true -Write .etc.sysctl_conf nil true -Execute .target.bash "echo 1 > /proc/sys/kernel/sysrq" 0 -Execute .target.bash "/usr/bin/chkstat --system" 0 -Execute .target.bash "/sbin/set_polkit_default_privs" 0 -Execute .target.bash "/etc/init.d/dhcpd restart" 0 -Execute .target.bash "/etc/init.d/dhcpd restart" 0 -Execute .target.bash "(test -e /etc/init.d/sendmail && VERBOSE=false /usr/lib/sendmail.d/update && /etc/init.d/sendmail restart) || (test -e /etc/init.d/postfix && /usr/sbin/SuSEconfig.postfix && /etc/init.d/postfix restart)" 0 -Execute .target.bash "/etc/init.d/boot.clock start" 0 -Execute .target.bash "/etc/init.d/boot.ipconfig start" 0 -Execute .target.bash "/etc/init.d/boot.ipconfig start" 0 -Execute .target.bash "/etc/init.d/boot.ipconfig start" 0 -Return true diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-security-3.2.1/testsuite/tests/Write.rb new/yast2-security-3.2.2/testsuite/tests/Write.rb --- old/yast2-security-3.2.1/testsuite/tests/Write.rb 2016-03-02 13:26:10.000000000 +0100 +++ new/yast2-security-3.2.2/testsuite/tests/Write.rb 1970-01-01 01:00:00.000000000 +0100 @@ -1,79 +0,0 @@ -# encoding: utf-8 - -# YaST2: Modules testsuite -# -# Description: -# Testsuite for the security module -# -# Authors: -# Michal Svec <[email protected]> -# -# $Id$ -# -# testedfiles: Security.ycp PamSettings.ycp Pam.ycp -module Yast - class WriteClient < Client - def main - Yast.include self, "testsuite.rb" - - Yast.import "Security" - - @m = { - "CONSOLE_SHUTDOWN" => "halt", - "DISPLAYMANAGER_REMOTE_ACCESS" => "r4", - "ENCRYPTION" => "md5", - "kernel.sysrq" => "1", - "FAIL_DELAY" => "l2", - "GID_MAX" => "l3", - "GID_MIN" => "l4", - "AllowShutdown" => "r3", - "PASS_MAX_DAYS" => "l7", - "PASS_MIN_DAYS" => "l9", - "PASS_MIN_LEN" => "l10", - "PASS_WARN_AGE" => "l11", - "PERMISSION_SECURITY" => "r5", - "ROOT_LOGIN_REMOTE" => "r6", - "RUN_UPDATEDB_AS" => "r7", - "UID_MAX" => "l12", - "UID_MIN" => "l13", - "SYS_UID_MAX" => "l14", - "SYS_UID_MIN" => "l15", - "SYS_GID_MAX" => "l16", - "SYS_GID_MIN" => "l17", - "USERADD_CMD" => "l18", - "USERDEL_PRECMD" => "l19", - "USERDEL_POSTCMD" => "l20", - "DISABLE_RESTART_ON_UPDATE" => "r13", - "DISABLE_STOP_ON_REMOVAL" => "r14", - "DISPLAYMANAGER_ROOT_LOGIN_REMOTE" => "r16", - "DISPLAYMANAGER_XSERVER_TCP_PORT_6000_OPEN" => "r17", - "net.ipv4.tcp_syncookies" => "9", - "net.ipv4.ip_forward" => "10", - "net.ipv6.conf.all.forwarding" => "11", - "SYSTOHC" => "r12", - "SYSLOG_ON_NO_ERROR" => "r15", - "SMTPD_LISTEN_REMOTE" => "r18", - "DHCPD_RUN_CHROOTED" => "r19", - "DHCPD_RUN_AS" => "r20", - "HIBERNATE_SYSTEM" => "r21" - } - - @E = { "target" => { "bash_output" => {} } } - @R = { - "sysconfig" => { "displaymanager" => { "DISPLAYMANAGER" => "" } }, - "target" => { - # FileUtils::Exists returns true: - "stat" => { 1 => 2 } - } - } - - Security.Settings = deep_copy(@m) - Security.modified = true - TEST(lambda { Security.Write }, [@R, {}, @E], nil) - - nil - end - end -end - -Yast::WriteClient.new.main
