From: Victor Huesca Date: Tue, 13 Aug 2019 07:33:20 +0000 (+0200) Subject: support/testing: new test for root password X-Git-Url: https://git.libre-soc.org/?a=commitdiff_plain;h=152776b4207bd7f369f8ff7d4e3b1dff7063111f;p=buildroot.git support/testing: new test for root password Add support to test that the root passowrd is working as expected. - Buildtime test: Check the hash present in the generated '/etc/shadow'. - Runtime test: Build an armv7 image and try to login with a password. Signed-off-by: Victor Huesca Signed-off-by: Thomas Petazzoni --- diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 7ee6e248b1..99940640a5 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -341,6 +341,7 @@ tests.core.test_hardening.TestRelroPartial: { extends: .runtime_test } tests.core.test_hardening.TestSspNone: { extends: .runtime_test } tests.core.test_hardening.TestSspStrong: { extends: .runtime_test } tests.core.test_post_scripts.TestPostScripts: { extends: .runtime_test } +tests.core.test_root_password.TestRootPassword: { extends: .runtime_test } tests.core.test_rootfs_overlay.TestRootfsOverlay: { extends: .runtime_test } tests.core.test_timezone.TestGlibcAllTimezone: { extends: .runtime_test } tests.core.test_timezone.TestGlibcNonDefaultLimitedTimezone: { extends: .runtime_test } diff --git a/DEVELOPERS b/DEVELOPERS index 27a98db256..5fe244a570 100644 --- a/DEVELOPERS +++ b/DEVELOPERS @@ -2308,6 +2308,9 @@ F: package/llvm/ N: Vanya Sergeev F: package/lua-periphery/ +N: Victor Huesca +F: support/testing/tests/core/test_root_password.py + N: Vincent Prince F: package/nss-myhostname/ F: package/utp_com/ diff --git a/support/testing/tests/core/test_root_password.py b/support/testing/tests/core/test_root_password.py new file mode 100644 index 0000000000..aefcd3605c --- /dev/null +++ b/support/testing/tests/core/test_root_password.py @@ -0,0 +1,36 @@ +import os +import infra.basetest +from crypt import crypt + + +class TestRootPassword(infra.basetest.BRTest): + password = "foo" + config = infra.basetest.BASIC_TOOLCHAIN_CONFIG + \ + """ + BR2_TARGET_ROOTFS_CPIO=y + BR2_TARGET_ENABLE_ROOT_LOGIN=y + BR2_TARGET_GENERIC_ROOT_PASSWD="{}" + """.format(password) + + def test_run(self): + # 1. Test by looking hash in the /etc/shadow + shadow = os.path.join(self.builddir, "target", "etc", "shadow") + with open(shadow, "r") as f: + users = f.readlines() + for user in users: + s = user.split(":") + n, h = s[0], s[1] + if n == "root": + # Fail if the account is disabled or no password is required + self.assertTrue(h not in ["", "*"]) + # Fail if the hash isn't right + self.assertEqual(crypt(self.password, h), h) + + # 2. Test by attempting to login + cpio_file = os.path.join(self.builddir, "images", "rootfs.cpio") + try: + self.emulator.boot(arch="armv7", kernel="builtin", + options=["-initrd", cpio_file]) + self.emulator.login(self.password) + except SystemError: + self.fail("Unable to login with the password")