Add tests from the old svn tree
We're losing the svn history (which we could probably keep if we tried hard enough) but don't consider that worthwhile. Note these tests are destructive, so run them only in a throwaway environment like a chroot, container, or vm. The tests/run.all script should be the one which launches all the tests. Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
This commit is contained in:
Serge Hallyn
20
tests/chroot/chsh/01_chsh--root/config_chroot/etc/pam.d/chsh
Normal file
20
tests/chroot/chsh/01_chsh--root/config_chroot/etc/pam.d/chsh
Normal file
@@ -0,0 +1,20 @@
|
||||
#
|
||||
# The PAM configuration file for the Shadow `chsh' service
|
||||
#
|
||||
|
||||
# This will not allow a user to change their shell unless
|
||||
# their current one is listed in /etc/shells. This keeps
|
||||
# accounts with special shells from changing them.
|
||||
auth required pam_shells.so
|
||||
|
||||
# This allows root to change user shell without being
|
||||
# prompted for a password
|
||||
auth sufficient pam_rootok.so
|
||||
|
||||
# The standard Unix authentication modules, used with
|
||||
# NIS (man nsswitch) as well as normal /etc/passwd and
|
||||
# /etc/shadow entries.
|
||||
@include common-auth
|
||||
@include common-account
|
||||
@include common-session
|
||||
|
||||
@@ -0,0 +1,25 @@
|
||||
#
|
||||
# /etc/pam.d/common-account - authorization settings common to all services
|
||||
#
|
||||
# This file is included from other service-specific PAM config files,
|
||||
# and should contain a list of the authorization modules that define
|
||||
# the central access policy for use on the system. The default is to
|
||||
# only deny service to users whose accounts are expired in /etc/shadow.
|
||||
#
|
||||
# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
|
||||
# To take advantage of this, it is recommended that you configure any
|
||||
# local modules either before or after the default block, and use
|
||||
# pam-auth-update to manage selection of other modules. See
|
||||
# pam-auth-update(8) for details.
|
||||
#
|
||||
|
||||
# here are the per-package modules (the "Primary" block)
|
||||
account [success=1 new_authtok_reqd=done default=ignore] pam_unix.so
|
||||
# here's the fallback if no module succeeds
|
||||
account requisite pam_deny.so
|
||||
# prime the stack with a positive return value if there isn't one already;
|
||||
# this avoids us returning an error just because nothing sets a success code
|
||||
# since the modules above will each just jump around
|
||||
account required pam_permit.so
|
||||
# and here are more per-package modules (the "Additional" block)
|
||||
# end of pam-auth-update config
|
||||
@@ -0,0 +1,25 @@
|
||||
#
|
||||
# /etc/pam.d/common-auth - authentication settings common to all services
|
||||
#
|
||||
# This file is included from other service-specific PAM config files,
|
||||
# and should contain a list of the authentication modules that define
|
||||
# the central authentication scheme for use on the system
|
||||
# (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the
|
||||
# traditional Unix authentication mechanisms.
|
||||
#
|
||||
# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
|
||||
# To take advantage of this, it is recommended that you configure any
|
||||
# local modules either before or after the default block, and use
|
||||
# pam-auth-update to manage selection of other modules. See
|
||||
# pam-auth-update(8) for details.
|
||||
|
||||
# here are the per-package modules (the "Primary" block)
|
||||
auth [success=1 default=ignore] pam_unix.so nullok_secure
|
||||
# here's the fallback if no module succeeds
|
||||
auth requisite pam_deny.so
|
||||
# prime the stack with a positive return value if there isn't one already;
|
||||
# this avoids us returning an error just because nothing sets a success code
|
||||
# since the modules above will each just jump around
|
||||
auth required pam_permit.so
|
||||
# and here are more per-package modules (the "Additional" block)
|
||||
# end of pam-auth-update config
|
||||
@@ -0,0 +1,25 @@
|
||||
#
|
||||
# /etc/pam.d/common-session - session-related modules common to all services
|
||||
#
|
||||
# This file is included from other service-specific PAM config files,
|
||||
# and should contain a list of modules that define tasks to be performed
|
||||
# at the start and end of sessions of *any* kind (both interactive and
|
||||
# non-interactive).
|
||||
#
|
||||
# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
|
||||
# To take advantage of this, it is recommended that you configure any
|
||||
# local modules either before or after the default block, and use
|
||||
# pam-auth-update to manage selection of other modules. See
|
||||
# pam-auth-update(8) for details.
|
||||
|
||||
# here are the per-package modules (the "Primary" block)
|
||||
session [default=1] pam_permit.so
|
||||
# here's the fallback if no module succeeds
|
||||
session requisite pam_deny.so
|
||||
# prime the stack with a positive return value if there isn't one already;
|
||||
# this avoids us returning an error just because nothing sets a success code
|
||||
# since the modules above will each just jump around
|
||||
session required pam_permit.so
|
||||
# and here are more per-package modules (the "Additional" block)
|
||||
session required pam_unix.so
|
||||
# end of pam-auth-update config
|
||||
Reference in New Issue
Block a user