Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

PAM: Proper tests with libpamtest #61

Open
pyllyukko opened this issue Dec 14, 2019 · 1 comment
Open

PAM: Proper tests with libpamtest #61

pyllyukko opened this issue Dec 14, 2019 · 1 comment
Labels
PAM Linux-PAM related

Comments

@pyllyukko
Copy link
Owner

pyllyukko commented Dec 14, 2019
edited
Loading

https://cwrap.org/pam_wrapper.html

Relates to #17

How

Mimic regular services and their PAM stacks by replacing pam_unix with pam_matrix and running tests with libpamtest. This needs to be done in a temporary container, because we modify files such as /etc/pam.d/common-auth and affect whole authentication of the system.

Test cases

Services (at least the following):

  • login
  • sshd
  • su
  • lightdm
  • cron
Service Modifications Group Account Password Expected result
login With pam_unix & pam_securetty disabled auth root Denied by pam_unix
login pam_unix replaced with pam_matrix auth root Denied by pam_securetty
login With pam_matrix & pam_securetty disabled auth root Allowed
@pyllyukko
Copy link
Owner Author

First tests:

asciicast

@pyllyukko pyllyukko mentioned this issue Dec 19, 2019
Closed
@pyllyukko pyllyukko added the PAM Linux-PAM related label Dec 20, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
PAM Linux-PAM related
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@pyllyukko