226 lines
8.1 KiB
Perl
226 lines
8.1 KiB
Perl
|
#!/usr/bin/perl -w
|
||
|
# vim: se ft=perl:
|
||
|
|
||
|
use strict;
|
||
|
|
||
|
use Test::More 'no_plan';
|
||
|
use User::pwent;
|
||
|
use User::grent;
|
||
|
use File::stat;
|
||
|
use esmith::AccountsDB;
|
||
|
my $adb = esmith::AccountsDB->open;
|
||
|
|
||
|
|
||
|
### Check the admin account is in order.
|
||
|
my $admin = getpwnam('admin');
|
||
|
ok( $admin, 'admin user exists' );
|
||
|
is( $admin->shell, '/sbin/e-smith/console', 'shell' );
|
||
|
|
||
|
# Check for the existence of these groups.
|
||
|
my @groups = qw(shared www slocate ntp);
|
||
|
foreach my $group_name (@groups)
|
||
|
{
|
||
|
ok( getgrnam($group_name), "$group_name group exists" );
|
||
|
}
|
||
|
|
||
|
# Check the groups that the admin user should be a member of.
|
||
|
foreach my $group_name (qw(root shared www)) {
|
||
|
my $group = getgrnam($group_name);
|
||
|
ok( grep($_ eq 'admin', @{ $group->members }),
|
||
|
"admin is in group $group_name" );
|
||
|
}
|
||
|
|
||
|
# Check that all users in the AccountsDB are in the passwd file.
|
||
|
foreach my $user ($adb->users)
|
||
|
{
|
||
|
my $name = $user->{key};
|
||
|
ok( getpwnam($name), "$name from accounts db exists in passwd file" );
|
||
|
}
|
||
|
|
||
|
# Check that all groups in the AccountsDB are in the group file.
|
||
|
foreach my $group ($adb->groups)
|
||
|
{
|
||
|
my $name = $group->{key};
|
||
|
ok( getgrnam($name), "$name from accounts db exists in group file" );
|
||
|
}
|
||
|
|
||
|
# Check for the existence of these users.
|
||
|
my @users = qw(public www root admin public);
|
||
|
foreach my $user_name (@users)
|
||
|
{
|
||
|
ok( getpwnam($user_name), "$user_name user exists" );
|
||
|
}
|
||
|
|
||
|
# Make sure that user www belongs to admin and shared groups.
|
||
|
foreach my $group_name (qw(admin shared))
|
||
|
{
|
||
|
my $group = getgrnam($group_name);
|
||
|
ok( grep($_ eq 'www', @{ $group->members }),
|
||
|
"www is in group $group_name" );
|
||
|
}
|
||
|
|
||
|
# Check that unwanted accounts don't exist.
|
||
|
foreach my $user (qw(halt shutdown sync)) {
|
||
|
ok( !getpwnam($user), "unwanted $user account" );
|
||
|
}
|
||
|
|
||
|
# Check the shells of the root and admin users.
|
||
|
ok( (getpwnam('admin')->shell eq '/sbin/e-smith/console'), 'admin shell is /sbin/e-smith/console' );
|
||
|
ok( (getpwnam('root')->shell eq '/bin/bash'), 'root shell is /bin/bash' );
|
||
|
|
||
|
# Check ownership and permissions of important files.
|
||
|
# These files may not exist, thanks to the breakup of the base. Make the tests
|
||
|
# conditional on their existence.
|
||
|
my %dirs = (
|
||
|
'/home/e-smith' => { user => 'admin',
|
||
|
group => 'admin',
|
||
|
mode => 040755
|
||
|
},
|
||
|
'/home/e-smith/files' => {
|
||
|
user => 'root',
|
||
|
group => 'root',
|
||
|
mode => 040755,
|
||
|
},
|
||
|
'/home/e-smith/files/users/admin' => {
|
||
|
user => 'admin',
|
||
|
group => 'admin',
|
||
|
mode => 040500,
|
||
|
},
|
||
|
'/home/e-smith/Maildir' => {
|
||
|
user => 'admin',
|
||
|
group => 'admin',
|
||
|
mode => 040700,
|
||
|
},
|
||
|
'/etc/e-smith/web' => {
|
||
|
user => 'root',
|
||
|
group => 'root',
|
||
|
mode => 0755,
|
||
|
},
|
||
|
'/etc/e-smith/web/functions' => {
|
||
|
user => 'root',
|
||
|
group => 'admin',
|
||
|
mode => 0550,
|
||
|
},
|
||
|
'/etc/e-smith/web/panels' => {
|
||
|
user => 'root',
|
||
|
group => 'admin',
|
||
|
mode => 0550,
|
||
|
},
|
||
|
'/etc/e-smith/web/common' => {
|
||
|
user => 'www',
|
||
|
group => 'admin',
|
||
|
mode => 0550,
|
||
|
},
|
||
|
'/etc/e-smith/web/panels/password/cgi-bin/userpassword' =>
|
||
|
{
|
||
|
user => 'root',
|
||
|
group => 'admin',
|
||
|
mode => 06550,
|
||
|
},
|
||
|
'/usr/bin/pwauth' => {
|
||
|
user => 'root',
|
||
|
group => 'www',
|
||
|
mode => 04750,
|
||
|
},
|
||
|
);
|
||
|
|
||
|
while(my($dir, $setup) = each %dirs) {
|
||
|
my $stat = stat($dir);
|
||
|
SKIP: {
|
||
|
skip "$dir does not exist", 3 unless defined $stat;
|
||
|
is( $stat->uid, getpwnam($setup->{user})->uid, "owner of $dir" );
|
||
|
is( $stat->gid, getgrnam($setup->{group})->gid, "group of $dir" );
|
||
|
SKIP: {
|
||
|
skip "No mode expectations for $dir", 1 unless $setup->{mode};
|
||
|
cmp_ok( $stat->mode & $setup->{mode}, '==', $setup->{mode},
|
||
|
"perms for $dir" );
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
|
||
|
my %files = (
|
||
|
'/home/e-smith/files/' => {
|
||
|
user => 'root',
|
||
|
group => 'root',
|
||
|
mode => 0755
|
||
|
},
|
||
|
'/home/e-smith/files/ibays/Primary' => {
|
||
|
user => 'admin',
|
||
|
group => 'shared',
|
||
|
mode => 02750,
|
||
|
},
|
||
|
'/etc/e-smith/web/functions' => {
|
||
|
user => 'root',
|
||
|
group => 'admin',
|
||
|
mode => 04750,
|
||
|
},
|
||
|
'/etc/e-smith/web/panels' => {
|
||
|
user => 'root',
|
||
|
group => 'root',
|
||
|
mode => 0755,
|
||
|
},
|
||
|
);
|
||
|
|
||
|
while( my($dir, $setup) = each %files ) {
|
||
|
opendir DIR, $dir || die $!;
|
||
|
foreach my $file (readdir DIR) {
|
||
|
next if $file =~ /^\.{1,2}$/;
|
||
|
$file = "$dir/$file";
|
||
|
next if -l $file;
|
||
|
my $stat = stat($file);
|
||
|
is( $stat->uid, getpwnam($setup->{user})->uid, "owner of $file" );
|
||
|
is( $stat->gid, getgrnam($setup->{group})->gid, "group of $file" );
|
||
|
cmp_ok( $stat->mode & $setup->{mode}, '==', $setup->{mode},
|
||
|
"perms for $file" );
|
||
|
}
|
||
|
close DIR;
|
||
|
}
|
||
|
|
||
|
my %name2type =
|
||
|
(
|
||
|
admin => 'system',
|
||
|
mysql => 'system',
|
||
|
shared => 'system',
|
||
|
everyone => 'pseudonym',
|
||
|
'mailer-daemon' => 'pseudonym',
|
||
|
postmaster => 'pseudonym',
|
||
|
|
||
|
'cgi-bin' => 'url',
|
||
|
'e-smith-manager' => 'url',
|
||
|
'e-smith-password' => 'url',
|
||
|
'server-manager' => 'url',
|
||
|
'server-manual' => 'url',
|
||
|
'user-password' => 'url',
|
||
|
'common' => 'url',
|
||
|
'files' => 'url',
|
||
|
'icons' => 'url',
|
||
|
webmail => 'url',
|
||
|
'Primary' => 'ibay',
|
||
|
);
|
||
|
|
||
|
my $account;
|
||
|
while( my($name, $type) = each %name2type ) {
|
||
|
SKIP: {
|
||
|
skip "$name is not defined", 2 unless $adb->get($name);
|
||
|
isa_ok( $account = $adb->get($name), 'esmith::DB::Record', "$name" );
|
||
|
is( $account->prop('type'), $type, ' type' );
|
||
|
}
|
||
|
}
|
||
|
|
||
|
my %Expected_Props =
|
||
|
(
|
||
|
shared => { Visible => 'internal' },
|
||
|
everyone => { Account => 'shared',
|
||
|
Visible => 'internal'
|
||
|
},
|
||
|
'mailer-daemon' => { Account => 'admin' },
|
||
|
postmaster => { Account => 'admin' }
|
||
|
);
|
||
|
|
||
|
while( my($name, $exp_props) = each %Expected_Props ) {
|
||
|
my $account = $adb->get($name);
|
||
|
my %props = $account->props;
|
||
|
is_deeply( [@props{keys %$exp_props}], [@{$exp_props}{keys %$exp_props}],
|
||
|
"$name props");
|
||
|
}
|