nuageinit: add adddoas tests
This commit is contained in:
@@ -20,5 +20,6 @@ ${PACKAGE}FILES+= warn.lua
|
||||
${PACKAGE}FILES+= addfile.lua
|
||||
${PACKAGE}FILES+= decode_base64.lua
|
||||
${PACKAGE}FILES+= addsudo.lua
|
||||
${PACKAGE}FILES+= adddoas.lua
|
||||
|
||||
.include <bsd.test.mk>
|
||||
|
||||
@@ -0,0 +1,64 @@
|
||||
#!/usr/libexec/flua
|
||||
---
|
||||
-- SPDX-License-Identifier: BSD-2-Clause
|
||||
--
|
||||
-- Copyright (c) 2026 Baptiste Daroussin <bapt@FreeBSD.org>
|
||||
|
||||
local n = require("nuage")
|
||||
|
||||
local root = os.getenv("NUAGE_FAKE_ROOTDIR")
|
||||
if not root then
|
||||
root = ""
|
||||
end
|
||||
|
||||
local function get_localbase()
|
||||
local f = io.popen("sysctl -in user.localbase 2> /dev/null")
|
||||
local lb = f:read("*l")
|
||||
f:close()
|
||||
if lb == nil or lb:len() == 0 then
|
||||
lb = "/usr/local"
|
||||
end
|
||||
return lb
|
||||
end
|
||||
|
||||
local function read_doasconf()
|
||||
local path = root .. get_localbase() .. "/etc/doas.conf"
|
||||
local f = io.open(path, "r")
|
||||
if not f then
|
||||
return nil
|
||||
end
|
||||
local content = f:read("*a")
|
||||
f:close()
|
||||
return content
|
||||
end
|
||||
|
||||
-- test with a single string rule with %u substitution
|
||||
n.adddoas({ name = "testuser", doas = "permit persist %u as root" })
|
||||
local content = read_doasconf()
|
||||
if not content then
|
||||
n.err("doas.conf not created")
|
||||
end
|
||||
if content ~= "permit persist testuser as root\n" then
|
||||
n.err("unexpected doas.conf content with %u: '" .. content .. "'")
|
||||
end
|
||||
|
||||
-- remove file for next test
|
||||
os.remove(root .. get_localbase() .. "/etc/doas.conf")
|
||||
|
||||
-- test with a table of rules
|
||||
n.adddoas({
|
||||
name = "testuser",
|
||||
doas = {
|
||||
"deny %u as foobar",
|
||||
"permit persist %u as root cmd whoami"
|
||||
}
|
||||
})
|
||||
content = read_doasconf()
|
||||
if not content then
|
||||
n.err("doas.conf not created for table")
|
||||
end
|
||||
if content ~= "deny testuser as foobar\npermit persist testuser as root cmd whoami\n" then
|
||||
n.err("unexpected doas.conf content for table: '" .. content .. "'")
|
||||
end
|
||||
|
||||
os.exit(0)
|
||||
@@ -16,6 +16,7 @@ atf_test_case addgroup
|
||||
atf_test_case addfile
|
||||
atf_test_case decode_base64
|
||||
atf_test_case addsudo
|
||||
atf_test_case adddoas
|
||||
|
||||
settimezone_body()
|
||||
{
|
||||
@@ -103,6 +104,11 @@ addsudo_body()
|
||||
atf_check /usr/libexec/flua $(atf_get_srcdir)/addsudo.lua
|
||||
}
|
||||
|
||||
adddoas_body()
|
||||
{
|
||||
atf_check /usr/libexec/flua $(atf_get_srcdir)/adddoas.lua
|
||||
}
|
||||
|
||||
atf_init_test_cases()
|
||||
{
|
||||
atf_add_test_case sethostname
|
||||
@@ -113,4 +119,5 @@ atf_init_test_cases()
|
||||
atf_add_test_case addfile
|
||||
atf_add_test_case decode_base64
|
||||
atf_add_test_case addsudo
|
||||
atf_add_test_case adddoas
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user