Hello community, here is the log from the commit of package yast2-users for openSUSE:Factory checked in at 2017-11-10 14:43:43 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/yast2-users (Old) and /work/SRC/openSUSE:Factory/.yast2-users.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "yast2-users" Fri Nov 10 14:43:43 2017 rev:205 rq:540133 version:4.0.0 Changes: -------- --- /work/SRC/openSUSE:Factory/yast2-users/yast2-users.changes 2017-09-09 20:22:22.981202354 +0200 +++ /work/SRC/openSUSE:Factory/.yast2-users.new/yast2-users.changes 2017-11-10 14:43:45.413673144 +0100 @@ -1,0 +2,6 @@ +Wed Nov 8 12:16:47 UTC 2017 - [email protected] + +- Remove the support for encrypting home directory (fate#323541) +- 4.0.0 + +------------------------------------------------------------------- Old: ---- yast2-users-3.2.12.tar.bz2 New: ---- yast2-users-4.0.0.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ yast2-users.spec ++++++ --- /var/tmp/diff_new_pack.jslJnF/_old 2017-11-10 14:43:46.201644658 +0100 +++ /var/tmp/diff_new_pack.jslJnF/_new 2017-11-10 14:43:46.205644514 +0100 @@ -17,7 +17,7 @@ Name: yast2-users -Version: 3.2.12 +Version: 4.0.0 Release: 0 BuildRoot: %{_tmppath}/%{name}-%{version}-build ++++++ yast2-users-3.2.12.tar.bz2 -> yast2-users-4.0.0.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-users-3.2.12/package/yast2-users.changes new/yast2-users-4.0.0/package/yast2-users.changes --- old/yast2-users-3.2.12/package/yast2-users.changes 2017-09-06 10:04:56.166656082 +0200 +++ new/yast2-users-4.0.0/package/yast2-users.changes 2017-11-09 09:13:15.525434386 +0100 @@ -1,4 +1,10 @@ ------------------------------------------------------------------- +Wed Nov 8 12:16:47 UTC 2017 - [email protected] + +- Remove the support for encrypting home directory (fate#323541) +- 4.0.0 + +------------------------------------------------------------------- Tue Sep 5 14:47:25 UTC 2017 - [email protected] - Do not freeze while parsing authorized_keys (bsc#1053564) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-users-3.2.12/package/yast2-users.spec new/yast2-users-4.0.0/package/yast2-users.spec --- old/yast2-users-3.2.12/package/yast2-users.spec 2017-09-06 10:04:56.166656082 +0200 +++ new/yast2-users-4.0.0/package/yast2-users.spec 2017-11-09 09:13:15.525434386 +0100 @@ -17,7 +17,7 @@ Name: yast2-users -Version: 3.2.12 +Version: 4.0.0 Release: 0 BuildRoot: %{_tmppath}/%{name}-%{version}-build diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-users-3.2.12/src/include/users/dialogs.rb new/yast2-users-4.0.0/src/include/users/dialogs.rb --- old/yast2-users-3.2.12/src/include/users/dialogs.rb 2017-09-06 10:04:56.166656082 +0200 +++ new/yast2-users-4.0.0/src/include/users/dialogs.rb 2017-11-09 09:13:15.537434386 +0100 @@ -202,11 +202,6 @@ ) mode = Ops.get_string(user, "home_mode", default_mode) default_crypted_size = 100 - crypted_home_size = GetInt(Ops.get(user, "crypted_home_size"), 0) - org_crypted_home_size = GetInt( - Ops.get(user, ["org_user", "crypted_home_size"]), - 0 - ) password = Ops.get_string(user, "userPassword") org_username = Ops.get_string(user, "org_uid", username) uid = GetInt(Ops.get(user, "uidNumber"), nil) @@ -252,9 +247,6 @@ chown_home = Ops.get_boolean(user, "chown_home", true) no_skel = Ops.get_boolean(user, "no_skeleton", false) do_not_edit = user_type == "nis" - crypted_home_enabled = UsersRoutines.CryptedHomesEnabled && - (user_type == "ldap" && Ldap.file_server || - user_type == "local" || user_type == "system") complex_layout = installation && Users.StartDialog("user_add") groups = Ops.get_map(user, "grouplist", {}) @@ -295,7 +287,6 @@ end home = Ops.get_string(user, "homeDirectory", home) org_home = Ops.get_string(user, "org_homeDirectory", org_home) - crypted_home_size = GetInt(Ops.get(user, "crypted_home_size"), 0) mode = Ops.get_string(user, "home_mode", default_mode) password = Ops.get_string(user, "userPassword", password) org_username = Ops.get_string(user, "org_uid", org_username) @@ -684,33 +675,6 @@ Left(CheckBox(Id(:skel), _("E&mpty Home"), no_skel)) ) ) - crypted_home_term = crypted_home_enabled ? - HBox( - VBox( - Label(""), - HBox( - HSpacing(), - Left( - CheckBox( - Id(:crypted_home), - Opt(:notify), - # check box label - _("&Use Encrypted Home Directory"), - Ops.greater_than(crypted_home_size, 0) - ) - ) - ) - ), # for max value, see bug 244631 :-) - # IntField label - IntField( - Id(:dirsize), - _("&Directory Size in MB"), - 10, - 2147483647, - crypted_home_size - ) - ) : - HBox() HBox( HSpacing(1), @@ -740,7 +704,7 @@ ) ), Top( - VBox(HBox(home_w, browse), new_user_term, crypted_home_term) + VBox(HBox(home_w, browse), new_user_term) ), additional_data, Top(edit_shell), @@ -1420,28 +1384,6 @@ UI.ChangeWidget(Id(:home), :Value, dir) end end - if current == :details && ret == :crypted_home - checked = Convert.to_boolean( - UI.QueryWidget(Id(:crypted_home), :Value) - ) - if !checked && UserLogged(org_username) - # error popup - Report.Error( - _( - "The home directory for this user cannot be decrypted,\n" + - "because the user is currently logged in.\n" + - "Log the user out first." - ) - ) - UI.ChangeWidget(Id(:crypted_home), :Value, true) - next - end - if checked && - Convert.to_integer(UI.QueryWidget(Id(:dirsize), :Value)) == 10 - UI.ChangeWidget(Id(:dirsize), :Value, default_crypted_size) - end - UI.ChangeWidget(Id(:dirsize), :Enabled, checked) - end # going from Details dialog if current == :details && (ret == :next || tab) @@ -1569,29 +1511,6 @@ end end - if crypted_home_enabled - home_size = Convert.to_integer(UI.QueryWidget(Id(:dirsize), :Value)) - if Convert.to_boolean(UI.QueryWidget(Id(:crypted_home), :Value)) - if home_size == 0 - # error popup - Popup.Error(_("Enter the size for the home directory.")) - focus_tab.call(current, :dirsize) - next - end - if !Package.Install("cryptconfig") - # error popup - Popup.Error(Message.FailedToInstallPackages + _(" -Directory cannot be encrypted.")) - UI.ChangeWidget(Id(:crypted_home), :Value, false) - next - end - crypted_home_size = home_size - else - crypted_home_size = 0 - end - end - - error_map = Users.CheckShellUI(new_shell, ui_map) if error_map != {} if !Popup.YesNo(Ops.get_string(error_map, "question", "")) @@ -1660,7 +1579,6 @@ Ops.set(user, "addit_data", addit_data) Ops.set(user, "no_skeleton", no_skel) Ops.set(user, "home_mode", mode) - Ops.set(user, "crypted_home_size", crypted_home_size) end if current == :passwordsettings && (ret == :next || tab) @@ -1898,14 +1816,6 @@ end UI.ChangeWidget(Id(:shell), :Value, shell) - if UI.WidgetExists(Id(:crypted_home)) - UI.ChangeWidget( - Id(:dirsize), - :Enabled, - Convert.to_boolean(UI.QueryWidget(Id(:crypted_home), :Value)) - ) - end - current = ret end if ret == :passwordsettings @@ -1934,53 +1844,6 @@ ret = :notnext next end - if crypted_home_enabled && action == "edited" && - Ops.get(user, "current_text_userpassword") == nil && - (crypted_home_size != org_crypted_home_size || - Ops.greater_than(crypted_home_size, 0) && - (org_username != username || org_home != home || - Ops.get_boolean( - # only password was changed - user, - "encrypted", - false - ) == false)) - img_file = Builtins.sformat("%1.img", home) - key_file = Builtins.sformat("%1.key", home) - # ask to take existing orphaned image by user - # without current directory encrypted (bnc#425745) - if org_crypted_home_size == 0 && FileUtils.Exists(img_file) && - FileUtils.Exists(key_file) && - UsersRoutines.CryptedImageOwner(img_file) == "" && - UsersRoutines.CryptedImageOwner(key_file) == "" && - ask_take_image.call(img_file, key_file) - Ops.set(user, "take_existing_image", img_file) - end - - - # do not ask when enabling for first time and password was already entered - # do not ask when taking existing image, pw not needed for that FIXME really? - if (Ops.get_boolean(user, "encrypted", false) == false || - Ops.get(user, "text_userpassword") != nil || - Ops.get_string(user, "take_existing_image", "") != "") && - org_crypted_home_size == 0 - Ops.set( - user, - "current_text_userpassword", - Ops.get(user, "text_userpassword") != nil ? - Ops.get(user, "text_userpassword") : - Ops.get_string(user, "userPassword", "") - ) - else - old_pw = AskForOldPassword() - if old_pw != nil - Ops.set(user, "current_text_userpassword", old_pw) - else - ret = :notnext - next - end - end - end # --------------------------------- save the settings if Builtins.haskey(user, "check_error") diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-users-3.2.12/src/include/users/helps.rb new/yast2-users-4.0.0/src/include/users/helps.rb --- old/yast2-users-3.2.12/src/include/users/helps.rb 2017-09-06 10:04:56.170656082 +0200 +++ new/yast2-users-4.0.0/src/include/users/helps.rb 2017-11-09 09:13:15.537434386 +0100 @@ -455,31 +455,6 @@ ) end - if user_type == "system" || user_type == "local" || - user_type == "ldap" && Ldap.file_server - if UsersRoutines.CryptedHomesEnabled - # help text for directory encryption - helptext = Ops.add( - helptext, - _( - "<p>To encrypt the user's home directory, enable <b>Use Encrypted Home\n" + - "Directory</b> and set the directory size. Encrypting a user's home directory\n" + - "does not provide strong security from other users. If this machine is shared\n" + - "among multiple users, it may be possible for a user to compromise system\n" + - "security by obtaining another user's key and gaining access to the encrypted data. If strong security is required, the system should not be physically shared.</p>" - ) - ) - else - # help text for directory encryption - helptext = Ops.add( - helptext, - _( - "<p>Home directories cannot be encrypted if a fingerprint reader device is used. To encrypt the user's home directory, disable fingerprint configuration first.</p>" - ) - ) - end - end - if user_type == "ldap" helptext = Ops.add( helptext, diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-users-3.2.12/src/modules/Users.pm new/yast2-users-4.0.0/src/modules/Users.pm --- old/yast2-users-3.2.12/src/modules/Users.pm 2017-09-06 10:04:56.174656082 +0200 +++ new/yast2-users-4.0.0/src/modules/Users.pm 2017-11-09 09:13:15.545434386 +0100 @@ -2177,13 +2177,6 @@ $user_in_work{"chown_home"} = YaST::YCP::Boolean (1); } - # check if user is using crypted directory - $user_in_work{"crypted_home_size"} = 0; - my $dir = UsersRoutines->CryptedImagePath ($username); - if ($dir && FileUtils->Exists ($dir)) { - $user_in_work{"crypted_home_size"} = UsersRoutines->FileSizeInMB ($dir); - } - # save first map for later checks of modification (in Commit) my %org_user = %user_in_work; $user_in_work{"org_user"} = \%org_user; @@ -3432,39 +3425,9 @@ $ret = 1; } } - # TODO should be caught in the previous tests? - if (!$ret && - defined $org_user{"crypted_home_size"} && - defined $user{"crypted_home_size"}) - { - $ret = ($org_user{"crypted_home_size"} ne $user{"crypted_home_size"}); - } return $ret; } -# take the map of user and check if his crypted directory settings were modified -# return boolean -sub CryptedHomeModified { - - my $self = shift; - my $user = shift; - - my $username = $user->{"uid"} || ""; - my $org_username = $user->{"org_user"}{"uid"} || $username; - my $home = $user->{"homeDirectory"} || ""; - my $org_home = $user->{"org_user"}{"homeDirectory"} || $home; - my $home_size = $user->{"crypted_home_size"} || 0; - my $org_size = $user->{"org_user"}{"crypted_home_size"} || 0; - my $pw = $user->{"current_text_userpassword"}; - my $new_pw = $user->{"text_userpassword"}; - - return 0 if ($home_size == 0 && $org_size == 0); # nothing to do - return 0 if (!defined $pw && !defined $new_pw); # no change without password provided :-( - return 0 if ($home eq $org_home && $username eq $org_username && $home_size == $org_size && - (($pw || "") eq ($new_pw || ""))); - return 1; -} - # Substitute the values of LDAP atributes, predefined in LDAP user configuration BEGIN { $TYPEINFO{SubstituteUserValues} = ["function", "void"] } @@ -4313,9 +4276,6 @@ # Write LDAP users and groups if ($use_gui) { Progress->NextStage (); } - # this hash stores users, for which directory needs to be crypted (feature 301787) - my %users_with_crypted_dir = (); - if ($ldap_modified) { my $error_msg = ""; @@ -4335,9 +4295,6 @@ # only remember for which users we need to call cryptconfig foreach my $username (keys %{$modified_users{"ldap"}}) { my %user = %{$modified_users{"ldap"}{$username}}; - if (defined $user{"crypted_home_size"} && $self->CryptedHomeModified (\%user)) { - $users_with_crypted_dir{$username} = \%user; - } } $error_msg = UsersLDAP->WriteUsers ($modified_users{"ldap"}); if ($error_msg ne "") { @@ -4492,9 +4449,6 @@ my $chown_home = $user{"chown_home"}; $chown_home = 1 if (!defined $chown_home); my $skel = $useradd_defaults{"skel"}; - if (defined $user{"crypted_home_size"} && $self->CryptedHomeModified (\%user)) { - $users_with_crypted_dir{$username} = \%user; - } if ($user_mod eq "imported" || $user_mod eq "added") { y2usernote ("User '$username' created"); @@ -4562,9 +4516,7 @@ UsersRoutines->CreateHome ($skel, $home); } # do not change root's ownership of home directories - if ((!defined $user{"crypted_home_size"} || - $user{"crypted_home_size"} eq 0) && - bool ($chown_home)) + if (bool ($chown_home)) { UsersRoutines->ChownHome ($uid, $gid, $home); } @@ -4576,15 +4528,6 @@ if (Mode->autoinst() || Mode->autoupgrade() || Mode->config()) { WriteAuthorizedKeys(); } - if (%users_with_crypted_dir) { - unless (Package->Install ("cryptconfig")) - { - # error message - Report->Error(Message->FailedToInstallPackages () + __(" -Encryption support is not installed, home directories will NOT be encrypted.")) - } - } - # Write passwords if ($use_gui) { Progress->NextStage (); } @@ -4719,14 +4662,6 @@ } } - if (!FileUtils->Exists (UsersRoutines->CryptconfigPath ())) { - %users_with_crypted_dir = (); - } - foreach my $username (keys %users_with_crypted_dir) { - UsersRoutines->CryptHome ($users_with_crypted_dir{$username}); - } - %users_with_crypted_dir = (); - # complete adding users if ($users_modified && @useradd_postcommands > 0) { foreach my $command (@useradd_postcommands) { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-users-3.2.12/src/modules/UsersLDAP.pm new/yast2-users-4.0.0/src/modules/UsersLDAP.pm --- old/yast2-users-3.2.12/src/modules/UsersLDAP.pm 2017-09-06 10:04:56.174656082 +0200 +++ new/yast2-users-4.0.0/src/modules/UsersLDAP.pm 2017-11-09 09:13:15.545434386 +0100 @@ -1454,9 +1454,7 @@ if ($create_home) { UsersRoutines->MoveHome ($org_home, $home); } - if ($chown_home && - (!defined $user->{"crypted_home_size"} || - $user->{"crypted_home_size"} eq 0)) + if ($chown_home) { UsersRoutines->ChownHome ($uid, $gid, $home); } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-users-3.2.12/src/modules/UsersRoutines.pm new/yast2-users-4.0.0/src/modules/UsersRoutines.pm --- old/yast2-users-3.2.12/src/modules/UsersRoutines.pm 2017-09-06 10:04:56.178656082 +0200 +++ new/yast2-users-4.0.0/src/modules/UsersRoutines.pm 2017-11-09 09:13:15.549434386 +0100 @@ -65,19 +65,6 @@ ##------------------------------------------------------------------------- ##----------------- helper routines --------------------------------------- -# set new path to cryptconfig -BEGIN { $TYPEINFO{SetCryptconfigPath} = ["function", "void", "string"]; } -sub SetCryptconfigPath { - my $self = shift; - $cryptconfig = shift; -} - -# return current path to cryptconfig -BEGIN { $TYPEINFO{CryptconfigPath} = ["function", "string"]; } -sub CryptconfigPath { - return $cryptconfig; -} - ##------------------------------------------------------------------------- ##----------------- directory manipulation routines ----------------------- @@ -321,211 +308,6 @@ } ##------------------------------------ -# Adapt (=create/move/enlarge) the crypting of home directory -# @param user map -# @return success -BEGIN { $TYPEINFO{CryptHome} = ["function", "boolean", ["map", "string", "any"]];} -sub CryptHome { - - my $self = shift; - my $user = shift; - - my $username = $user->{"uid"} || ""; - my $home = $user->{"homeDirectory"} || ""; - my $home_size = $user->{"crypted_home_size"} || 0; - my $org_size = $user->{"org_user"}{"crypted_home_size"} || 0; - my $org_home = $user->{"org_user"}{"homeDirectory"} || $home; - my $org_username = $user->{"org_user"}{"uid"} || $username; - my $pw = $user->{"current_text_userpassword"}; - my $new_pw = $user->{"text_userpassword"}; - my $modified = $user->{"modified"} || "nothing"; - - if ($modified eq "added" && !defined $pw) { - $pw = $new_pw; - } - # now crypt the home directories - my $tmpdir = Directory->tmpdir (); - - my $pw_path = "$tmpdir/pw"; - my $cmd = ""; - - - my $key_file = undef; - my $image_file = undef; - # find the original image and key locations - my $org_img = $self->CryptedImagePath ($org_username); - my $org_key = $self->CryptedKeyPath ($org_username); - - # solve disabling of crypted directory - if ($home_size == 0 && $org_size > 0 && - FileUtils->Exists ($org_key) && FileUtils->Exists ($org_img)) - { - SCR->Write (".target.string", $pw_path, $pw); - my $command = "$cryptconfig open --key-file=$org_key $org_img < $pw_path"; - y2milestone ("cmd: $command"); - my $out = SCR->Execute (".target.bash_output", $command); - SCR->Execute (".target.remove", $pw_path); - if ($out->{"exit"} ne 0) { - y2error ("error calling $command"); - Report->Error ($out->{"stderr"}) if ($out->{"stderr"}); - return 0; - } - my @stdout_l = split (/ /, $out->{"stdout"} || ""); - my $image_path = pop @stdout_l; - chop $image_path; - if (!$image_path) { - y2error ("path to image could not be acquired from ", $out->{"stdout"} || ""); - return 0; - } - my $mnt_dir = "$tmpdir/mnt"; - SCR->Execute (".target.bash", "/bin/rm -rf $mnt_dir") if (FileUtils->Exists ($mnt_dir)); - SCR->Execute (".target.mkdir", $mnt_dir); - $command = "mount -o loop $image_path $mnt_dir"; - y2milestone ("cmd: $command"); - $out = SCR->Execute (".target.bash_output", $command); - if ($out->{"exit"} ne 0 && $out->{"stderr"}) { - y2error ("error calling $command: ", $out->{"stderr"}); - # TODO translated message for mount error - return 0; - } - # copy the directory content to tmp home - $command = "/bin/cp -ar $mnt_dir $tmpdir/$username"; - y2milestone ("cmd: $command"); - $out = SCR->Execute (".target.bash_output", $command); - if ($out->{"exit"} ne 0 && $out->{"stderr"}) { - y2error ("error calling $command: ", $out->{"stderr"}); - return 0; - } - $command = "umount $mnt_dir"; - y2milestone ("cmd: $command"); - $out = SCR->Execute (".target.bash_output", $command); - if ($out->{"exit"} ne 0 && $out->{"stderr"}) { - y2error ("error calling $command: ", $out->{"stderr"}); - return 0; - } - $command = "$cryptconfig pm-disable $username"; - y2milestone ("cmd: $command"); - $out = SCR->Execute (".target.bash_output", $command); - if ($out->{"exit"} ne 0 && $out->{"stderr"}) { - y2error ("error calling $command: ", $out->{"stderr"}); - Report->Error ($out->{"stderr"}); - return 0; - } - $command = "$cryptconfig close $org_img"; - y2milestone ("cmd: $command"); - $out = SCR->Execute (".target.bash_output", $command); - if ($out->{"exit"} ne 0 && $out->{"stderr"}) { - y2error ("error calling $command: ", $out->{"stderr"}); - Report->Error ($out->{"stderr"}); - return 0; - } - # Now, after everything succeeded, remove old home and replace it - # with the data from crypted image: - SCR->Execute (".target.bash", "/bin/rm -rf $home"); - $out = SCR->Execute (".target.bash_output", "/bin/mv $tmpdir/$username $home"); - y2error ("error while mv: ", $out->{"stderr"}) if ($out->{"stderr"}); - # remove image and key files - SCR->Execute (".target.bash", "/bin/rm -rf $org_img"); - SCR->Execute (".target.bash", "/bin/rm -rf $org_key"); - return 1; - } - # check user renaming or directory move - if ($home ne $org_home || $org_username ne $username) { - if (FileUtils->Exists ($org_img)) { - $image_file = "$home.img"; - if ($org_img ne $image_file) { - my $command = "/bin/mv $org_img $image_file"; - my %out = %{SCR->Execute (".target.bash_output", $command)}; - if (($out{"stderr"} || "") ne "") { - y2error ("error calling $command: ", $out{"stderr"} || ""); - return 0; - } - } - } - if (FileUtils->Exists ($org_key)) { - $key_file = "$home.key"; - if ($org_key ne $key_file) { - my $command = "/bin/mv $org_key $key_file"; - my %out = %{SCR->Execute (".target.bash_output", $command)}; - if (($out{"stderr"} || "") ne "") { - y2error ("error calling $command: ", $out{"stderr"} || ""); - return 0; - } - } - } - } - if (defined $user->{"take_existing_image"}) { - $image_file = "$home.img" if FileUtils->Exists ("$home.img"); - $key_file = "$home.key" if FileUtils->Exists ("$home.key"); - y2milestone ("going to yake image $image_file by user $username"); - } - - if (defined $key_file || defined $image_file) { - $cmd = "$cryptconfig pm-enable --replace "; - $cmd = $cmd."--key-file=$key_file " if defined $key_file; - $cmd = $cmd."--image-file=$image_file " if defined $image_file; - $cmd = $cmd."$username"; - y2milestone ("cmd: $cmd"); - my $out = SCR->Execute (".target.bash_output", $cmd); - if ($out->{"exit"} ne 0 && $out->{"stderr"}) { - Report->Error ($out->{"stderr"}); - return 0; - } - } - - SCR->Write (".target.string", $pw_path, $pw); - - # now check if existing image doesn't need resizing - $key_file = $org_key if (!defined $key_file && FileUtils->Exists ($org_key)); - $image_file = $org_img if (!defined $image_file && FileUtils->Exists ($org_img)); - - # now solve user password change - if ($modified eq "edited" && defined $key_file && defined $new_pw && $new_pw ne $pw) { - SCR->Write (".target.string", $pw_path, "$pw\n$new_pw"); - my $command = "$cryptconfig passwd --no-verify $key_file < $pw_path"; - y2milestone ("cmd: $command"); - my $out = SCR->Execute (".target.bash_output", $command); - if ($out->{"exit"} ne 0) { - y2error ("error calling $command"); - SCR->Execute (".target.remove", $pw_path); - Report->Error ($out->{"stderr"}) if ($out->{"stderr"}); - return 0; - } - # from now, new password is active - SCR->Write (".target.string", $pw_path, $new_pw); - } - - my $note = ""; - # resize existing image - if ($org_size < $home_size && defined $key_file && defined $image_file) { - my $add = $home_size - $org_size; - $cmd = "$cryptconfig enlarge-image --key-file=$key_file $image_file $add < $pw_path"; - $note = "Encrypted directory resized: '$cmd'"; - } - # create new image - elsif ($home_size > $org_size) { - $cmd = "$cryptconfig make-ehd --no-verify $username $home_size < $pw_path"; - $note = "Encrypted directory created: '$cmd'"; - } - # ok, only password change was needed - else { - y2milestone ("nothing to do"); - SCR->Execute (".target.remove", $pw_path); - return 1; - } - - y2milestone ("cmd: $cmd"); - my $out = SCR->Execute (".target.bash_output", $cmd); - if ($out->{"exit"} ne 0 && $out->{"stderr"}) { - Report->Error ($out->{"stderr"}); - } - SCR->Execute (".target.remove", $pw_path); - $note =~ s/ [^ ]+$/ (password)/; # hide password in the log - y2usernote ($note); - return 1; -} - -##------------------------------------ # Return size of given file in MB (rounded down) # @param path to file # @return size @@ -642,16 +424,6 @@ return ""; } -# -BEGIN { $TYPEINFO{CryptedHomesEnabled} = ["function", "boolean"];} -sub CryptedHomesEnabled { - - if (!defined $crypted_homes_enabled) { - $crypted_homes_enabled = !Pam->Enabled ("fp"); - } - return $crypted_homes_enabled; -} - 1 # EOF diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-users-3.2.12/testsuite/tests/EditUser.out new/yast2-users-4.0.0/testsuite/tests/EditUser.out --- old/yast2-users-3.2.12/testsuite/tests/EditUser.out 2017-09-06 10:04:56.186656082 +0200 +++ new/yast2-users-4.0.0/testsuite/tests/EditUser.out 2017-11-09 09:13:15.557434386 +0100 @@ -15,10 +15,9 @@ Return nil Dump ---- user 'hh': Dump $["addit_data":"", "cn":"HaHa", "gidNumber":"100", "grouplist":$[], "groupname":"users", "homeDirectory":"/home/hh", "loginShell":"/bin/bash", "shadowExpire":"", "shadowFlag":"", "shadowInactive":"", "shadowLastChange":"13727", "shadowMax":"99999", "shadowMin":"0", "shadowWarning":"7", "type":"local", "uid":"hh", "uidNumber":"500", "userPassword":"heslo"] -Read .anyxml "/etc/security/pam_mount.conf.xml" nil Return Dump ---- user 'hh': -Dump $["addit_data":"", "chown_home":true, "cn":"HaHa", "create_home":true, "crypted_home_size":"0", "encrypted":true, "gidNumber":"100", "grouplist":$[], "groupname":"users", "homeDirectory":"/home/hh", "loginShell":"/bin/bash", "org_uidNumber":"500", "org_user":$["addit_data":"", "chown_home":true, "cn":"HaHa", "create_home":true, "crypted_home_size":"0", "encrypted":true, "gidNumber":"100", "grouplist":$[], "groupname":"users", "homeDirectory":"/home/hh", "loginShell":"/bin/bash", "shadowExpire":"", "shadowFlag":"", "shadowInactive":"", "shadowLastChange":"13727", "shadowMax":"99999", "shadowMin":"0", "shadowWarning":"7", "type":"local", "uid":"hh", "uidNumber":"500", "userPassword":"heslo"], "plugins":[], "shadowExpire":"", "shadowFlag":"", "shadowInactive":"", "shadowLastChange":"13727", "shadowMax":"99999", "shadowMin":"0", "shadowWarning":"7", "type":"local", "uid":"hh", "uidNumber":"501", "userPassword":"heslo", "what":"edit_user"] +Dump $["addit_data":"", "chown_home":true, "cn":"HaHa", "create_home":true, "encrypted":true, "gidNumber":"100", "grouplist":$[], "groupname":"users", "homeDirectory":"/home/hh", "loginShell":"/bin/bash", "org_uidNumber":"500", "org_user":$["addit_data":"", "chown_home":true, "cn":"HaHa", "create_home":true, "encrypted":true, "gidNumber":"100", "grouplist":$[], "groupname":"users", "homeDirectory":"/home/hh", "loginShell":"/bin/bash", "shadowExpire":"", "shadowFlag":"", "shadowInactive":"", "shadowLastChange":"13727", "shadowMax":"99999", "shadowMin":"0", "shadowWarning":"7", "type":"local", "uid":"hh", "uidNumber":"500", "userPassword":"heslo"], "plugins":[], "shadowExpire":"", "shadowFlag":"", "shadowInactive":"", "shadowLastChange":"13727", "shadowMax":"99999", "shadowMin":"0", "shadowWarning":"7", "type":"local", "uid":"hh", "uidNumber":"501", "userPassword":"heslo", "what":"edit_user"] Execute .target.bash_output "echo 'hh' | grep '^[[:alpha:]_][[:alnum:]_.-]*[[:alnum:]_.$-]\\?$'" $["LANG":"C"] $["stdout":"hh"] Return Dump ---- check user after edit: @@ -44,11 +43,10 @@ Dump $[] Return nil Dump ---- user 501: -Dump $["addit_data":"", "chown_home":true, "cn":"HaHa", "create_home":true, "crypted_home_size":"0", "encrypted":true, "gidNumber":"100", "grouplist":$[], "groupname":"users", "homeDirectory":"/home/hh", "loginShell":"/bin/bash", "org_homeDirectory":"/home/hh", "org_uid":"hh", "org_uidNumber":"501", "plugins":[], "shadowExpire":"", "shadowFlag":"", "shadowInactive":"", "shadowLastChange":"13727", "shadowMax":"99999", "shadowMin":"0", "shadowWarning":"7", "type":"local", "uid":"hh", "uidNumber":"501", "userPassword":"heslo", "what":"edit_user"] -Read .anyxml "/etc/security/pam_mount.conf.xml" nil +Dump $["addit_data":"", "chown_home":true, "cn":"HaHa", "create_home":true, "encrypted":true, "gidNumber":"100", "grouplist":$[], "groupname":"users", "homeDirectory":"/home/hh", "loginShell":"/bin/bash", "org_homeDirectory":"/home/hh", "org_uid":"hh", "org_uidNumber":"501", "plugins":[], "shadowExpire":"", "shadowFlag":"", "shadowInactive":"", "shadowLastChange":"13727", "shadowMax":"99999", "shadowMin":"0", "shadowWarning":"7", "type":"local", "uid":"hh", "uidNumber":"501", "userPassword":"heslo", "what":"edit_user"] Return Dump ---- user 'hh': -Dump $["addit_data":"", "chown_home":true, "cn":"HaHa", "create_home":true, "crypted_home_size":"0", "encrypted":true, "gidNumber":"100", "grouplist":$[], "groupname":"users", "homeDirectory":"/new/home/hh", "loginShell":"/bin/bash", "org_homeDirectory":"/home/hh", "org_uid":"hh", "org_uidNumber":"501", "org_user":$["addit_data":"", "chown_home":true, "cn":"HaHa", "create_home":true, "crypted_home_size":"0", "encrypted":true, "gidNumber":"100", "grouplist":$[], "groupname":"users", "homeDirectory":"/home/hh", "loginShell":"/bin/bash", "org_homeDirectory":"/home/hh", "org_uid":"hh", "org_uidNumber":"501", "plugins":[], "shadowExpire":"", "shadowFlag":"", "shadowInactive":"", "shadowLastChange":"13727", "shadowMax":"99999", "shadowMin":"0", "shadowWarning":"7", "type":"local", "uid":"hh", "uidNumber":"501", "userPassword":"heslo", "what":"edit_user"], "plugins":[], "shadowExpire":"", "shadowFlag":"", "shadowInactive":"", "shadowLastChange":"13727", "shadowMax":"99999", "shadowMin":"0", "shadowWarning":"7", "type":"local", "uid":"hh", "uidNumber":"501", "userPassword":"heslo", "what":"edit_user"] +Dump $["addit_data":"", "chown_home":true, "cn":"HaHa", "create_home":true, "encrypted":true, "gidNumber":"100", "grouplist":$[], "groupname":"users", "homeDirectory":"/new/home/hh", "loginShell":"/bin/bash", "org_homeDirectory":"/home/hh", "org_uid":"hh", "org_uidNumber":"501", "org_user":$["addit_data":"", "chown_home":true, "cn":"HaHa", "create_home":true, "encrypted":true, "gidNumber":"100", "grouplist":$[], "groupname":"users", "homeDirectory":"/home/hh", "loginShell":"/bin/bash", "org_homeDirectory":"/home/hh", "org_uid":"hh", "org_uidNumber":"501", "plugins":[], "shadowExpire":"", "shadowFlag":"", "shadowInactive":"", "shadowLastChange":"13727", "shadowMax":"99999", "shadowMin":"0", "shadowWarning":"7", "type":"local", "uid":"hh", "uidNumber":"501", "userPassword":"heslo", "what":"edit_user"], "plugins":[], "shadowExpire":"", "shadowFlag":"", "shadowInactive":"", "shadowLastChange":"13727", "shadowMax":"99999", "shadowMin":"0", "shadowWarning":"7", "type":"local", "uid":"hh", "uidNumber":"501", "userPassword":"heslo", "what":"edit_user"] Execute .target.bash_output "echo 'hh' | grep '^[[:alpha:]_][[:alnum:]_.-]*[[:alnum:]_.$-]\\?$'" $["LANG":"C"] $["stdout":"hh"] Return Dump ---- check user after edit: diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-users-3.2.12/testsuite/tests/EditUserCryptedDirCreate.out new/yast2-users-4.0.0/testsuite/tests/EditUserCryptedDirCreate.out --- old/yast2-users-3.2.12/testsuite/tests/EditUserCryptedDirCreate.out 2017-09-06 10:04:56.186656082 +0200 +++ new/yast2-users-4.0.0/testsuite/tests/EditUserCryptedDirCreate.out 1970-01-01 01:00:00.000000000 +0100 @@ -1,34 +0,0 @@ -Dump ========================================================== -Read .etc.default.useradd."expire" 0 -Read .etc.default.useradd."group" 100 -Read .etc.default.useradd."groups" "audio,video" -Read .etc.default.useradd."home" "/home" -Read .etc.default.useradd."inactive" 0 -Read .etc.default.useradd."shell" 0 -Read .etc.default.useradd."skel" 0 -Read .etc.default.useradd."umask" 0 -Read .target.string "/etc/shells" 0 -Read .etc.nsswitch_conf.passwd 0 -Read .ldap_conf.v.binddn 0 -Write .target.ycp "/var/lib/YaST2/users.ycp" $[] true -Return -Return nil -Read .anyxml "/etc/security/pam_mount.conf.xml" $["pam_mount":[$["volume":[$["fskeypath":"/home/hh.key", "path":"/home/hh.img", "user":"not-hh"]]]]] -Return -Dump ---- user 'hh': -Dump $["addit_data":"", "chown_home":true, "cn":"HaHa", "create_home":true, "crypted_home_size":"100", "current_text_userpassword":"password", "encrypted":true, "gidNumber":"100", "grouplist":$[], "groupname":"users", "homeDirectory":"/home/hh", "loginShell":"/bin/bash", "org_user":$["addit_data":"", "chown_home":true, "cn":"HaHa", "create_home":true, "crypted_home_size":"0", "encrypted":true, "gidNumber":"100", "grouplist":$[], "groupname":"users", "homeDirectory":"/home/hh", "loginShell":"/bin/bash", "shadowExpire":"", "shadowFlag":"", "shadowInactive":"", "shadowLastChange":"13727", "shadowMax":"99999", "shadowMin":"0", "shadowWarning":"7", "type":"local", "uid":"hh", "uidNumber":"500", "userPassword":"heslo"], "plugins":[], "shadowExpire":"", "shadowFlag":"", "shadowInactive":"", "shadowLastChange":"13727", "shadowMax":"99999", "shadowMin":"0", "shadowWarning":"7", "type":"local", "uid":"hh", "uidNumber":"500", "userPassword":"heslo", "what":"edit_user"] -Return true -Return nil -Return nil -Return nil -Execute .target.bash "/bin/cp /etc/passwd /etc/passwd.YaST2save" 0 -Write .target.string "/etc/passwd" "at:x:25:25:Batch jobs daemon:/var/spool/atjobs:/bin/bash\nbin:x:1:1:bin:/bin:/bin/bash\ndaemon:x:2:2:Daemon:/sbin:/bin/bash\nmail:x:8:12:Mailer daemon:/var/spool/clientmqueue:/bin/false\nnobody:x:65534:65533:nobody:/var/lib/nobody:/bin/bash\nroot:x:0:0:root:/root:/bin/bash\nuucp:x:10:14:Unix-to-Unix CoPy system:/etc/uucp:/bin/bash\nhh:x:500:100:HaHa:/home/hh:/bin/bash\nii:x:555:100:Test user:/home/ii:/bin/bash\n+::::::\n" true -Execute .target.bash_output "diff -U 1 /etc/passwd.YaST2save /etc/passwd" $["exit":0] -Execute .target.bash "/bin/cp /etc/shadow /etc/shadow.YaST2save" 0 -Write .target.string "/etc/shadow" "at:!:13636:0:99999:7:::\nbin:*:13636::::::\ndaemon:*:13636::::::\nmail:*:13636::::::\nnobody:*:13636::::::\nroot:password:13636::::::\nuucp:*:13636::::::\nhh:heslo:13727:0:99999:7:::\n+::0:0:0::::\n" true -Execute .target.bash "/usr/sbin/nscd -i passwd" 0 -Write .target.string "/tmp/YaST/pw" "password" true -Execute .target.bash_output "/usr/sbin/cryptconfig enlarge-image --key-file= 100 < /tmp/YaST/pw" $["exit":0] -Execute .target.remove "/tmp/YaST/pw" 0 -Write .target.ycp "/var/lib/YaST2/users.ycp" $["custom_groups":["local"], "custom_users":["local"], "dont_warn_when_nisserver_notdes":false, "dont_warn_when_uppercase":false] true -Return diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-users-3.2.12/testsuite/tests/EditUserCryptedDirCreate.rb new/yast2-users-4.0.0/testsuite/tests/EditUserCryptedDirCreate.rb --- old/yast2-users-3.2.12/testsuite/tests/EditUserCryptedDirCreate.rb 2017-09-06 10:04:56.186656082 +0200 +++ new/yast2-users-4.0.0/testsuite/tests/EditUserCryptedDirCreate.rb 1970-01-01 01:00:00.000000000 +0100 @@ -1,124 +0,0 @@ -# encoding: utf-8 - -# File : EditUserCryptedDir.ycp -# Module : Users configurator -# Summary : Test of Users::EditUser function -# Author : Jiri Suchomel <[email protected]> -# -# $Id$ -module Yast - class EditUserCryptedDirCreateClient < Client - def main - # testedfiles: Users.pm UsersPasswd.pm UsersLDAP.pm UsersRoutines.pm - - Yast.import "Directory" - Yast.import "Mode" - Yast.import "Users" - Yast.import "UsersPasswd" - Yast.import "UsersRoutines" - - @tmpdir = Directory.tmpdir - Builtins.foreach(["passwd", "group", "shadow"]) do |file| - cmd = Builtins.sformat("/bin/cp ./%1 %2/", file, @tmpdir) - SCR.Execute(path(".target.bash_output"), cmd) - end - Users.SetBaseDirectory(@tmpdir) - Users.ReadLocal - - @READ = { - "etc" => { - "fstab" => [], - "cryptotab" => [], - "default" => { - "useradd" => { - "home" => "/home", - "groups" => "audio,video", - "group" => 100 - } - } - }, - "target" => { "stat" => {}, "size" => -1, "tmpdir" => "/tmp/YaST" }, - "product" => { - "features" => { - "USE_DESKTOP_SCHEDULER" => "no", - "IO_SCHEDULER" => "", - "ENABLE_AUTOLOGIN" => "false", - "UI_MODE" => "simple", - "EVMS_CONFIG" => "no", - "INCOMPLETE_TRANSLATION_TRESHOLD" => "99" - } - }, - "anyxml" => { - "pam_mount" => [ - { - "volume" => [ - { - "user" => "not-hh", - "path" => "/home/hh.img", - "fskeypath" => "/home/hh.key" - } - ] - } - ] - } - } - @WRITE = {} - @EXEC = { - "passwd" => { "init" => true }, - "target" => { "bash" => 0, "bash_output" => { "exit" => 0 } } - } - @RW = { - "target" => { - # this is wrong. key_file and img_file from CryptHome should _not_ exist, but cryptconfig binary has to - "stat" => { - "a" => "b" - }, - "size" => -1, - "tmpdir" => "/tmp/YaST" - } - } - - Yast.import "Testsuite" - - Testsuite.Dump( - "==========================================================" - ) - - Mode.SetTest("test") - - Testsuite.Test(lambda { Users.Read }, [@READ, @WRITE, @EXEC], 0) - - # for home directory checks - Ops.set(@READ, ["target", "stat", "isdir"], true) - - Testsuite.Test(lambda { Users.SelectUserByName("hh") }, [], 0) - - @changes = { - "crypted_home_size" => 100, - "current_text_userpassword" => "password" - } # needed for cryptconfig - - - Testsuite.Test(lambda { Users.EditUser(@changes) }, [@READ, @WRITE, @EXEC], 0) - - Testsuite.Dump( - Builtins.sformat("---- user 'hh':\n %1", Users.GetCurrentUser) - ) - - Testsuite.Test(lambda { Users.CommitUser }, [@READ, @WRITE, @EXEC], 0) - - Testsuite.Test(lambda { Users.SetBaseDirectory("/etc") }, [], 0) - Testsuite.Test(lambda { UsersPasswd.SetBaseDirectory("/etc") }, [], 0) - - Testsuite.Test(lambda { Directory.ResetTmpDir }, [@RW, @WRITE, @EXEC], 0) - - # this incorrectly calles 'cryptconfig enlarge-image' instead of - # 'cryptconfig make-ehd' because of the mess in FileUtils->Exists - Testsuite.Test(lambda { Users.Write }, [@RW, @WRITE, @EXEC], 0) - - nil - end - end -end - -Yast::EditUserCryptedDirCreateClient.new.main diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-users-3.2.12/testsuite/tests/EditUserCryptedDirEnlarge.out new/yast2-users-4.0.0/testsuite/tests/EditUserCryptedDirEnlarge.out --- old/yast2-users-3.2.12/testsuite/tests/EditUserCryptedDirEnlarge.out 2017-09-06 10:04:56.186656082 +0200 +++ new/yast2-users-4.0.0/testsuite/tests/EditUserCryptedDirEnlarge.out 1970-01-01 01:00:00.000000000 +0100 @@ -1,36 +0,0 @@ -Dump ========================================================== -Read .etc.default.useradd."expire" 0 -Read .etc.default.useradd."group" 100 -Read .etc.default.useradd."groups" "audio,video" -Read .etc.default.useradd."home" "/home" -Read .etc.default.useradd."inactive" 0 -Read .etc.default.useradd."shell" 0 -Read .etc.default.useradd."skel" 0 -Read .etc.default.useradd."umask" 0 -Read .target.string "/etc/shells" 0 -Read .etc.nsswitch_conf.passwd 0 -Read .ldap_conf.v.binddn 0 -Write .target.ycp "/var/lib/YaST2/users.ycp" $[] true -Return -Return nil -Read .anyxml "/etc/security/pam_mount.conf.xml" $["pam_mount":[$["volume":[$["fskeypath":"/home/hh.key", "path":"/home/hh.img", "user":"hh"]]]]] -Read .target.stat "/home/hh.img" $["isdir":true, "size":104857600] -Return -Dump ---- user 'hh': -Dump $["addit_data":"", "chown_home":true, "cn":"HaHa", "create_home":true, "crypted_home_size":"200", "current_text_userpassword":"password", "encrypted":true, "gidNumber":"100", "grouplist":$[], "groupname":"users", "homeDirectory":"/home/hh", "loginShell":"/bin/bash", "org_user":$["addit_data":"", "chown_home":true, "cn":"HaHa", "create_home":true, "crypted_home_size":"100", "encrypted":true, "gidNumber":"100", "grouplist":$[], "groupname":"users", "homeDirectory":"/home/hh", "loginShell":"/bin/bash", "shadowExpire":"", "shadowFlag":"", "shadowInactive":"", "shadowLastChange":"13727", "shadowMax":"99999", "shadowMin":"0", "shadowWarning":"7", "type":"local", "uid":"hh", "uidNumber":"500", "userPassword":"heslo"], "plugins":[], "shadowExpire":"", "shadowFlag":"", "shadowInactive":"", "shadowLastChange":"13727", "shadowMax":"99999", "shadowMin":"0", "shadowWarning":"7", "type":"local", "uid":"hh", "uidNumber":"500", "userPassword":"heslo", "what":"edit_user"] -Dump ---- commit user: -Return true -Return nil -Return nil -Return nil -Execute .target.bash "/bin/cp /etc/passwd /etc/passwd.YaST2save" 0 -Write .target.string "/etc/passwd" "at:x:25:25:Batch jobs daemon:/var/spool/atjobs:/bin/bash\nbin:x:1:1:bin:/bin:/bin/bash\ndaemon:x:2:2:Daemon:/sbin:/bin/bash\nmail:x:8:12:Mailer daemon:/var/spool/clientmqueue:/bin/false\nnobody:x:65534:65533:nobody:/var/lib/nobody:/bin/bash\nroot:x:0:0:root:/root:/bin/bash\nuucp:x:10:14:Unix-to-Unix CoPy system:/etc/uucp:/bin/bash\nhh:x:500:100:HaHa:/home/hh:/bin/bash\nii:x:555:100:Test user:/home/ii:/bin/bash\n+::::::\n" true -Execute .target.bash_output "diff -U 1 /etc/passwd.YaST2save /etc/passwd" $[] -Execute .target.bash "/bin/cp /etc/shadow /etc/shadow.YaST2save" 0 -Write .target.string "/etc/shadow" "at:!:13636:0:99999:7:::\nbin:*:13636::::::\ndaemon:*:13636::::::\nmail:*:13636::::::\nnobody:*:13636::::::\nroot:password:13636::::::\nuucp:*:13636::::::\nhh:heslo:13727:0:99999:7:::\n+::0:0:0::::\n" true -Execute .target.bash "/usr/sbin/nscd -i passwd" 0 -Write .target.string "/tmp/YaST/pw" "password" true -Execute .target.bash_output "/usr/sbin/cryptconfig enlarge-image --key-file=/home/hh.key /home/hh.img 100 < /tmp/YaST/pw" $[] -Execute .target.remove "/tmp/YaST/pw" 0 -Write .target.ycp "/var/lib/YaST2/users.ycp" $["custom_groups":["local"], "custom_users":["local"], "dont_warn_when_nisserver_notdes":false, "dont_warn_when_uppercase":false] true -Return diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-users-3.2.12/testsuite/tests/EditUserCryptedDirEnlarge.rb new/yast2-users-4.0.0/testsuite/tests/EditUserCryptedDirEnlarge.rb --- old/yast2-users-3.2.12/testsuite/tests/EditUserCryptedDirEnlarge.rb 2017-09-06 10:04:56.186656082 +0200 +++ new/yast2-users-4.0.0/testsuite/tests/EditUserCryptedDirEnlarge.rb 1970-01-01 01:00:00.000000000 +0100 @@ -1,122 +0,0 @@ -# encoding: utf-8 - -# File : EditUserCryptedDir.ycp -# Module : Users configurator -# Summary : Test of Users::EditUser function -# Author : Jiri Suchomel <[email protected]> -# -# $Id$ -module Yast - class EditUserCryptedDirEnlargeClient < Client - def main - # testedfiles: Users.pm UsersPasswd.pm UsersLDAP.pm UsersRoutines.pm - - Yast.import "Directory" - Yast.import "Mode" - Yast.import "Users" - Yast.import "UsersPasswd" - Yast.import "UsersRoutines" - - @tmpdir = Directory.tmpdir - Builtins.foreach(["passwd", "group", "shadow"]) do |file| - cmd = Builtins.sformat("/bin/cp ./%1 %2/", file, @tmpdir) - SCR.Execute(path(".target.bash_output"), cmd) - end - Users.SetBaseDirectory(@tmpdir) - Users.ReadLocal - - @READ = { - "etc" => { - "fstab" => [], - "cryptotab" => [], - "default" => { - "useradd" => { - "home" => "/home", - "groups" => "audio,video", - "group" => 100 - } - } - }, - "target" => { "stat" => {}, "size" => -1, "tmpdir" => "/tmp/YaST" }, - "product" => { - "features" => { - "USE_DESKTOP_SCHEDULER" => "no", - "IO_SCHEDULER" => "", - "ENABLE_AUTOLOGIN" => "false", - "UI_MODE" => "simple", - "EVMS_CONFIG" => "no", - "INCOMPLETE_TRANSLATION_TRESHOLD" => "99" - } - }, - "anyxml" => { - "pam_mount" => [ - { - "volume" => [ - { - "user" => "hh", - "path" => "/home/hh.img", - "fskeypath" => "/home/hh.key" - } - ] - } - ] - } - } - @WRITE = {} - @EXEC = { - "passwd" => { "init" => true }, - "target" => { "bash" => 0, "bash_output" => {} } - } - @RW = { - "target" => { - "stat" => { "isdir" => true }, - "size" => -1, - "tmpdir" => "/tmp/YaST" - } - } - - Yast.import "Testsuite" - - Testsuite.Dump( - "==========================================================" - ) - - Mode.SetTest("test") - - Testsuite.Test(lambda { Users.Read }, [@READ, @WRITE, @EXEC], 0) - - # for home directory checks - Ops.set(@READ, ["target", "stat", "isdir"], true) - - Testsuite.Test(lambda { Users.SelectUserByName("hh") }, [], 0) - - @changes = { - "crypted_home_size" => 200, - "current_text_userpassword" => "password" - } # needed for cryptconfig - - # img.file size - Ops.set(@READ, ["target", "stat", "size"], 100 * 1024 * 1024) - - - Testsuite.Test(lambda { Users.EditUser(@changes) }, [@READ, @WRITE, @EXEC], 0) - - Testsuite.Dump( - Builtins.sformat("---- user 'hh':\n %1", Users.GetCurrentUser) - ) - - Testsuite.Dump("---- commit user:") - Testsuite.Test(lambda { Users.CommitUser }, [@READ, @WRITE, @EXEC], 0) - - Testsuite.Test(lambda { Users.SetBaseDirectory("/etc") }, [], 0) - Testsuite.Test(lambda { UsersPasswd.SetBaseDirectory("/etc") }, [], 0) - - Testsuite.Test(lambda { Directory.ResetTmpDir }, [@RW, @WRITE, @EXEC], 0) - Testsuite.Test(lambda { Users.Write }, [@RW, @WRITE, @EXEC], 0) - - nil - end - end -end - -Yast::EditUserCryptedDirEnlargeClient.new.main diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-users-3.2.12/testsuite/tests/EditUserCryptedDirRemove.out new/yast2-users-4.0.0/testsuite/tests/EditUserCryptedDirRemove.out --- old/yast2-users-3.2.12/testsuite/tests/EditUserCryptedDirRemove.out 2017-09-06 10:04:56.186656082 +0200 +++ new/yast2-users-4.0.0/testsuite/tests/EditUserCryptedDirRemove.out 1970-01-01 01:00:00.000000000 +0100 @@ -1,46 +0,0 @@ -Dump ========================================================== -Read .etc.default.useradd."expire" 0 -Read .etc.default.useradd."group" 100 -Read .etc.default.useradd."groups" "audio,video" -Read .etc.default.useradd."home" "/home" -Read .etc.default.useradd."inactive" 0 -Read .etc.default.useradd."shell" 0 -Read .etc.default.useradd."skel" 0 -Read .etc.default.useradd."umask" 0 -Read .target.string "/etc/shells" 0 -Read .etc.nsswitch_conf.passwd 0 -Read .ldap_conf.v.binddn 0 -Write .target.ycp "/var/lib/YaST2/users.ycp" $[] true -Return -Return nil -Read .anyxml "/etc/security/pam_mount.conf.xml" $["pam_mount":[$["volume":[$["fskeypath":"/home/hh.key", "path":"/home/hh.img", "user":"hh"]]]]] -Read .target.stat "/home/hh.img" $["isdir":true, "size":104857600] -Return -Dump ---- user 'hh': -Dump $["addit_data":"", "chown_home":true, "cn":"HaHa", "create_home":true, "crypted_home_size":"0", "current_text_userpassword":"password", "encrypted":true, "gidNumber":"100", "grouplist":$[], "groupname":"users", "homeDirectory":"/home/hh", "loginShell":"/bin/bash", "org_user":$["addit_data":"", "chown_home":true, "cn":"HaHa", "create_home":true, "crypted_home_size":"100", "encrypted":true, "gidNumber":"100", "grouplist":$[], "groupname":"users", "homeDirectory":"/home/hh", "loginShell":"/bin/bash", "shadowExpire":"", "shadowFlag":"", "shadowInactive":"", "shadowLastChange":"13727", "shadowMax":"99999", "shadowMin":"0", "shadowWarning":"7", "type":"local", "uid":"hh", "uidNumber":"500", "userPassword":"heslo"], "plugins":[], "shadowExpire":"", "shadowFlag":"", "shadowInactive":"", "shadowLastChange":"13727", "shadowMax":"99999", "shadowMin":"0", "shadowWarning":"7", "type":"local", "uid":"hh", "uidNumber":"500", "userPassword":"heslo", "what":"edit_user"] -Return true -Return nil -Return nil -Return nil -Execute .target.bash "/bin/cp /etc/passwd /etc/passwd.YaST2save" 0 -Write .target.string "/etc/passwd" "at:x:25:25:Batch jobs daemon:/var/spool/atjobs:/bin/bash\nbin:x:1:1:bin:/bin:/bin/bash\ndaemon:x:2:2:Daemon:/sbin:/bin/bash\nmail:x:8:12:Mailer daemon:/var/spool/clientmqueue:/bin/false\nnobody:x:65534:65533:nobody:/var/lib/nobody:/bin/bash\nroot:x:0:0:root:/root:/bin/bash\nuucp:x:10:14:Unix-to-Unix CoPy system:/etc/uucp:/bin/bash\nhh:x:500:100:HaHa:/home/hh:/bin/bash\nii:x:555:100:Test user:/home/ii:/bin/bash\n+::::::\n" true -Execute .target.bash_output "diff -U 1 /etc/passwd.YaST2save /etc/passwd" $["exit":0, "stdout":"/home/hh.img"] -Execute .target.bash "/bin/cp /etc/shadow /etc/shadow.YaST2save" 0 -Write .target.string "/etc/shadow" "at:!:13636:0:99999:7:::\nbin:*:13636::::::\ndaemon:*:13636::::::\nmail:*:13636::::::\nnobody:*:13636::::::\nroot:password:13636::::::\nuucp:*:13636::::::\nhh:heslo:13727:0:99999:7:::\n+::0:0:0::::\n" true -Execute .target.bash "/usr/sbin/nscd -i passwd" 0 -Write .target.string "/tmp/YaST/pw" "password" true -Execute .target.bash_output "/usr/sbin/cryptconfig open --key-file=/home/hh.key /home/hh.img < /tmp/YaST/pw" $["exit":0, "stdout":"/home/hh.img"] -Execute .target.remove "/tmp/YaST/pw" 0 -Execute .target.bash "/bin/rm -rf /tmp/YaST/mnt" 0 -Execute .target.mkdir "/tmp/YaST/mnt" 0 -Execute .target.bash_output "mount -o loop /home/hh.im /tmp/YaST/mnt" $["exit":0, "stdout":"/home/hh.img"] -Execute .target.bash_output "/bin/cp -ar /tmp/YaST/mnt /tmp/YaST/hh" $["exit":0, "stdout":"/home/hh.img"] -Execute .target.bash_output "umount /tmp/YaST/mnt" $["exit":0, "stdout":"/home/hh.img"] -Execute .target.bash_output "/usr/sbin/cryptconfig pm-disable hh" $["exit":0, "stdout":"/home/hh.img"] -Execute .target.bash_output "/usr/sbin/cryptconfig close /home/hh.img" $["exit":0, "stdout":"/home/hh.img"] -Execute .target.bash "/bin/rm -rf /home/hh" 0 -Execute .target.bash_output "/bin/mv /tmp/YaST/hh /home/hh" $["exit":0, "stdout":"/home/hh.img"] -Execute .target.bash "/bin/rm -rf /home/hh.img" 0 -Execute .target.bash "/bin/rm -rf /home/hh.key" 0 -Write .target.ycp "/var/lib/YaST2/users.ycp" $["custom_groups":["local"], "custom_users":["local"], "dont_warn_when_nisserver_notdes":false, "dont_warn_when_uppercase":false] true -Return diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-users-3.2.12/testsuite/tests/EditUserCryptedDirRemove.rb new/yast2-users-4.0.0/testsuite/tests/EditUserCryptedDirRemove.rb --- old/yast2-users-3.2.12/testsuite/tests/EditUserCryptedDirRemove.rb 2017-09-06 10:04:56.186656082 +0200 +++ new/yast2-users-4.0.0/testsuite/tests/EditUserCryptedDirRemove.rb 1970-01-01 01:00:00.000000000 +0100 @@ -1,128 +0,0 @@ -# encoding: utf-8 - -# File : EditUserCryptedDir.ycp -# Module : Users configurator -# Summary : Test of Users::EditUser function -# Author : Jiri Suchomel <[email protected]> -# -# $Id$ -module Yast - class EditUserCryptedDirRemoveClient < Client - def main - # testedfiles: Users.pm UsersPasswd.pm UsersLDAP.pm UsersRoutines.pm - - Yast.import "Directory" - Yast.import "Mode" - Yast.import "Users" - Yast.import "UsersPasswd" - Yast.import "UsersRoutines" - - @tmpdir = Directory.tmpdir - Builtins.foreach(["passwd", "group", "shadow"]) do |file| - cmd = Builtins.sformat("/bin/cp ./%1 %2/", file, @tmpdir) - SCR.Execute(path(".target.bash_output"), cmd) - end - Users.SetBaseDirectory(@tmpdir) - Users.ReadLocal - - @READ = { - "etc" => { - "fstab" => [], - "cryptotab" => [], - "default" => { - "useradd" => { - "home" => "/home", - "groups" => "audio,video", - "group" => 100 - } - } - }, - "target" => { "stat" => {}, "size" => -1, "tmpdir" => "/tmp/YaST" }, - "product" => { - "features" => { - "USE_DESKTOP_SCHEDULER" => "no", - "IO_SCHEDULER" => "", - "ENABLE_AUTOLOGIN" => "false", - "UI_MODE" => "simple", - "EVMS_CONFIG" => "no", - "INCOMPLETE_TRANSLATION_TRESHOLD" => "99" - } - }, - "anyxml" => { - "pam_mount" => [ - { - "volume" => [ - { - "user" => "hh", - "path" => "/home/hh.img", - "fskeypath" => "/home/hh.key" - } - ] - } - ] - } - } - @WRITE = {} - @EXEC = { - "passwd" => { "init" => true }, - "target" => { - "bash" => 0, - "bash_output" => { - "exit" => 0, - # cryptconfig open prints img path - "stdout" => "/home/hh.img" - } - } - } - @RW = { - "target" => { - "stat" => { "isdir" => true }, - "size" => -1, - "tmpdir" => "/tmp/YaST" - } - } - - Yast.import "Testsuite" - - Testsuite.Dump( - "==========================================================" - ) - - Mode.SetTest("test") - - Testsuite.Test(lambda { Users.Read }, [@READ, @WRITE, @EXEC], 0) - - # for home directory checks - Ops.set(@READ, ["target", "stat", "isdir"], true) - - Testsuite.Test(lambda { Users.SelectUserByName("hh") }, [], 0) - - @changes = { - "crypted_home_size" => 0, - "current_text_userpassword" => "password" - } # needed for cryptconfig - - # img.file size - Ops.set(@READ, ["target", "stat", "size"], 100 * 1024 * 1024) - - - Testsuite.Test(lambda { Users.EditUser(@changes) }, [@READ, @WRITE, @EXEC], 0) - - Testsuite.Dump( - Builtins.sformat("---- user 'hh':\n %1", Users.GetCurrentUser) - ) - - Testsuite.Test(lambda { Users.CommitUser }, [@READ, @WRITE, @EXEC], 0) - - Testsuite.Test(lambda { Users.SetBaseDirectory("/etc") }, [], 0) - Testsuite.Test(lambda { UsersPasswd.SetBaseDirectory("/etc") }, [], 0) - - Testsuite.Test(lambda { Directory.ResetTmpDir }, [@RW, @WRITE, @EXEC], 0) - Testsuite.Test(lambda { Users.Write }, [@RW, @WRITE, @EXEC], 0) - - nil - end - end -end - -Yast::EditUserCryptedDirRemoveClient.new.main diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-users-3.2.12/testsuite/tests/EditUsersGroups.out new/yast2-users-4.0.0/testsuite/tests/EditUsersGroups.out --- old/yast2-users-3.2.12/testsuite/tests/EditUsersGroups.out 2017-09-06 10:04:56.186656082 +0200 +++ new/yast2-users-4.0.0/testsuite/tests/EditUsersGroups.out 2017-11-09 09:13:15.557434386 +0100 @@ -15,7 +15,6 @@ Execute .target.bash_output "echo 'ggl' | grep '^[[:alpha:]_][[:alnum:]_.-]*[[:alnum:]_.$-]\\?$'" $["LANG":"C"] $["stdout":"ggl"] Return Return true -Read .anyxml "/etc/security/pam_mount.conf.xml" nil Return Execute .target.bash_output "echo 'hh' | grep '^[[:alpha:]_][[:alnum:]_.-]*[[:alnum:]_.$-]\\?$'" $["LANG":"C"] $["stdout":"hh"] Return
