diff options
-rw-r--r-- | tests/CMakeLists.txt | 8 | ||||
-rw-r--r-- | tests/etc/pam.d/sshd.in | 4 | ||||
-rw-r--r-- | tests/etc/pam_matrix_passdb.in | 2 | ||||
-rw-r--r-- | tests/torture.c | 4 |
4 files changed, 17 insertions, 1 deletions
diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index c0405f9c..36d774e5 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -47,6 +47,7 @@ if (WITH_CLIENT_TESTING) find_package(socket_wrapper 1.1.5 REQUIRED) find_package(nss_wrapper 1.1.2 REQUIRED) find_package(uid_wrapper 1.2.0 REQUIRED) + find_package(pam_wrapper 1.0.0 REQUIRED) find_program(SSHD_EXECUTABLE NAME @@ -76,11 +77,16 @@ if (WITH_CLIENT_TESTING) configure_file(etc/group.in ${CMAKE_CURRENT_BINARY_DIR}/etc/group @ONLY) configure_file(etc/hosts.in ${CMAKE_CURRENT_BINARY_DIR}/etc/hosts @ONLY) - set(TORTURE_ENVIRONMENT "LD_PRELOAD=${SOCKET_WRAPPER_LIBRARY}:${NSS_WRAPPER_LIBRARY}:${UID_WRAPPER_LIBRARY}") + ### Setup pam_wrapper + configure_file(etc/pam_matrix_passdb.in ${CMAKE_CURRENT_BINARY_DIR}/etc/pam_matrix_passdb @ONLY) + configure_file(etc/pam.d/sshd.in ${CMAKE_CURRENT_BINARY_DIR}/etc/pam.d/sshd @ONLY) + + set(TORTURE_ENVIRONMENT "LD_PRELOAD=${SOCKET_WRAPPER_LIBRARY}:${NSS_WRAPPER_LIBRARY}:${UID_WRAPPER_LIBRARY}:${PAM_WRAPPER_LIBRARY}") list(APPEND TORTURE_ENVIRONMENT UID_WRAPPER=1) list(APPEND TORTURE_ENVIRONMENT NSS_WRAPPER_PASSWD=${CMAKE_CURRENT_BINARY_DIR}/etc/passwd) list(APPEND TORTURE_ENVIRONMENT NSS_WRAPPER_SHADOW=${CMAKE_CURRENT_BINARY_DIR}/etc/shadow) list(APPEND TORTURE_ENVIRONMENT NSS_WRAPPER_GROUP=${CMAKE_CURRENT_BINARY_DIR}/etc/group) + list(APPEND TORTURE_ENVIRONMENT PAM_WRAPPER_SERVICE_DIR=${CMAKE_CURRENT_BINARY_DIR}/etc/pam.d) message(STATUS "TORTURE_ENVIRONMENT=${TORTURE_ENVIRONMENT}") diff --git a/tests/etc/pam.d/sshd.in b/tests/etc/pam.d/sshd.in new file mode 100644 index 00000000..57c66f94 --- /dev/null +++ b/tests/etc/pam.d/sshd.in @@ -0,0 +1,4 @@ +auth required @PAM_WRAPPER_MODULE_DIR@/pam_matrix.so passdb=@CMAKE_CURRENT_BINARY_DIR@/etc/pam_matrix_passdb +account required @PAM_WRAPPER_MODULE_DIR@/pam_matrix.so passdb=@CMAKE_CURRENT_BINARY_DIR@/etc/pam_matrix_passdb +password required @PAM_WRAPPER_MODULE_DIR@/pam_matrix.so passdb=@CMAKE_CURRENT_BINARY_DIR@/etc/pam_matrix_passdb +session required @PAM_WRAPPER_MODULE_DIR@/pam_matrix.so passdb=@CMAKE_CURRENT_BINARY_DIR@/etc/pam_matrix_passdb diff --git a/tests/etc/pam_matrix_passdb.in b/tests/etc/pam_matrix_passdb.in new file mode 100644 index 00000000..8891fcfe --- /dev/null +++ b/tests/etc/pam_matrix_passdb.in @@ -0,0 +1,2 @@ +bob:secret:sshd +alice:secret:sshd diff --git a/tests/torture.c b/tests/torture.c index a4f38ad3..f9c9c036 100644 --- a/tests/torture.c +++ b/tests/torture.c @@ -813,6 +813,8 @@ static void torture_setup_create_sshd_config(void **state) "UsePrivilegeSeparation no\n" "StrictModes no\n" "\n" + "UsePAM yes\n" + "\n" #if OPENSSH_VERSION_MAJOR == 6 && OPENSSH_VERSION_MINOR >= 7 "HostKeyAlgorithms +ssh-dss\n" "Ciphers +3des-cbc,aes128-cbc,aes192-cbc,aes256-cbc,blowfish-cbc\n" @@ -856,6 +858,7 @@ void torture_setup_sshd_server(void **state) /* Set the default interface for the server */ setenv("SOCKET_WRAPPER_DEFAULT_IFACE", "10", 1); setenv("UID_WRAPPER_ROOT", "1", 1); + setenv("PAM_WRAPPER", "1", 1); s = *state; @@ -868,6 +871,7 @@ void torture_setup_sshd_server(void **state) setenv("SOCKET_WRAPPER_DEFAULT_IFACE", "21", 1); unsetenv("UID_WRAPPER_ROOT"); + unsetenv("PAM_WRAPPER"); } void torture_teardown_socket_dir(void **state) |