From 41950e902f5dd6cb3118280d3d27409812702e41 Mon Sep 17 00:00:00 2001
From: Joshua Powers <josh.powers@canonical.com>
Date: Tue, 14 Mar 2017 15:28:08 -0600
Subject: test: Adding integratiron test for password as list

This adds an integration test for setting passwords when given
as a list rather than a string. This also updates the docs and
tests so that Random is now RANDOM as is correct.
---
 tests/cloud_tests/testcases/base.py                | 52 ++++++++++++++++++++++
 .../testcases/modules/set_password_list.py         | 20 ++-------
 .../testcases/modules/set_password_list_string.py  | 11 +++++
 3 files changed, 66 insertions(+), 17 deletions(-)
 create mode 100644 tests/cloud_tests/testcases/modules/set_password_list_string.py

(limited to 'tests/cloud_tests/testcases')

diff --git a/tests/cloud_tests/testcases/base.py b/tests/cloud_tests/testcases/base.py
index 5395b9a3..51ce2b41 100644
--- a/tests/cloud_tests/testcases/base.py
+++ b/tests/cloud_tests/testcases/base.py
@@ -2,6 +2,7 @@
 
 from cloudinit import util as c_util
 
+import crypt
 import json
 import unittest
 
@@ -14,6 +15,9 @@ class CloudTestCase(unittest.TestCase):
     conf = None
     _cloud_config = None
 
+    def shortDescription(self):
+        return None
+
     @property
     def cloud_config(self):
         """
@@ -78,4 +82,52 @@ class CloudTestCase(unittest.TestCase):
         result = self.get_status_data(self.get_data_file('result.json'))
         self.assertEqual(len(result['errors']), 0)
 
+
+class PasswordListTest(CloudTestCase):
+    def test_shadow_passwords(self):
+        shadow = self.get_data_file('shadow')
+        users = {}
+        dupes = []
+        for line in shadow.splitlines():
+            user, encpw = line.split(":")[0:2]
+            if user in users:
+                dupes.append(user)
+            users[user] = encpw
+
+        jane_enc = "$5$iW$XsxmWCdpwIW8Yhv.Jn/R3uk6A4UaicfW5Xp7C9p9pg."
+        self.assertEqual([], dupes)
+        self.assertEqual(jane_enc, users['jane'])
+
+        # shadow entry is $N$salt$, so we encrypt with the same format
+        # and salt and expect the result.
+        tom = "mypassword123!"
+        fmtsalt = users['tom'][0:users['tom'].rfind("$") + 1]
+        tom_enc = crypt.crypt(tom, fmtsalt)
+        self.assertEqual(tom_enc, users['tom'])
+
+        harry_enc = ("$6$LF$9Z2p6rWK6TNC1DC6393ec0As.18KRAvKDbfsG"
+                     "JEdWN3sRQRwpdfoh37EQ3yUh69tP4GSrGW5XKHxMLiKowJgm/")
+        dick_enc = "$1$ssisyfpf$YqvuJLfrrW6Cg/l53Pi1n1"
+
+        # these should have been changed to random values.
+        self.assertNotEqual(harry_enc, users['harry'])
+        self.assertTrue(users['harry'].startswith("$"))
+        self.assertNotEqual(dick_enc, users['dick'])
+        self.assertTrue(users['dick'].startswith("$"))
+
+        self.assertNotEqual(users['harry'], users['dick'])
+
+    def test_shadow_expected_users(self):
+        """Test every tom, dick, and harry user in shadow"""
+        out = self.get_data_file('shadow')
+        self.assertIn('tom:', out)
+        self.assertIn('dick:', out)
+        self.assertIn('harry:', out)
+        self.assertIn('jane:', out)
+
+    def test_sshd_config(self):
+        """Test sshd config allows passwords"""
+        out = self.get_data_file('sshd_config')
+        self.assertIn('PasswordAuthentication yes', out)
+
 # vi: ts=4 expandtab
diff --git a/tests/cloud_tests/testcases/modules/set_password_list.py b/tests/cloud_tests/testcases/modules/set_password_list.py
index b764362f..6819d259 100644
--- a/tests/cloud_tests/testcases/modules/set_password_list.py
+++ b/tests/cloud_tests/testcases/modules/set_password_list.py
@@ -4,22 +4,8 @@
 from tests.cloud_tests.testcases import base
 
 
-class TestPasswordList(base.CloudTestCase):
-    """Test password module"""
-
-    # TODO: Verify dick and harry passwords are random
-    # TODO: Verify tom's password was changed
-
-    def test_shadow(self):
-        """Test every tom, dick, and harry user in shadow"""
-        out = self.get_data_file('shadow')
-        self.assertIn('tom:', out)
-        self.assertIn('dick:', out)
-        self.assertIn('harry:', out)
-
-    def test_sshd_config(self):
-        """Test sshd config allows passwords"""
-        out = self.get_data_file('sshd_config')
-        self.assertIn('PasswordAuthentication yes', out)
+class TestPasswordList(base.PasswordListTest, base.CloudTestCase):
+    """Test password setting via list in chpasswd/list"""
+    __test__ = True
 
 # vi: ts=4 expandtab
diff --git a/tests/cloud_tests/testcases/modules/set_password_list_string.py b/tests/cloud_tests/testcases/modules/set_password_list_string.py
new file mode 100644
index 00000000..2c34fada
--- /dev/null
+++ b/tests/cloud_tests/testcases/modules/set_password_list_string.py
@@ -0,0 +1,11 @@
+# This file is part of cloud-init. See LICENSE file for license information.
+
+"""cloud-init Integration Test Verify Script"""
+from tests.cloud_tests.testcases import base
+
+
+class TestPasswordListString(base.PasswordListTest, base.CloudTestCase):
+    """Test password setting via string in chpasswd/list"""
+    __test__ = True
+
+# vi: ts=4 expandtab
-- 
cgit v1.2.3