diff options
author | Jacob Helwig <jacob@puppetlabs.com> | 2011-07-22 11:38:14 -0700 |
---|---|---|
committer | Jacob Helwig <jacob@puppetlabs.com> | 2011-07-22 13:20:02 -0700 |
commit | e6398680e673e69240bacdf2f0262524bf9e964e (patch) | |
tree | 8b20e2c3c30e57bb28b378d130922bb3db092071 /acceptance | |
parent | a87ef54385cbf325d6b085200606562b0d4d7876 (diff) | |
download | puppet-e6398680e673e69240bacdf2f0262524bf9e964e.tar.gz puppet-e6398680e673e69240bacdf2f0262524bf9e964e.tar.xz puppet-e6398680e673e69240bacdf2f0262524bf9e964e.zip |
Confine password disclosure acceptance test to hosts with required libraries
The useradd provider has the requirement that ruby-shadow[1] be
installed to be able to manage passwords.
On systems where we would use the useradd provider and this library
has not been installed we don't bother running the test, since we will
never be able to see the output we are testing.
[1] http://ttsky.net/ruby/
Signed-off-by: Jacob Helwig <jacob@puppetlabs.com>
Reviewed-by: Dominic Maraglia <dominic@puppetlabs.com>
Reviewed-by: Nick Lewis <nick@puppetlabs.com>
Diffstat (limited to 'acceptance')
-rw-r--r-- | acceptance/tests/ticket_6857_password-disclosure-when-changing-a-users-password.rb | 16 |
1 files changed, 13 insertions, 3 deletions
diff --git a/acceptance/tests/ticket_6857_password-disclosure-when-changing-a-users-password.rb b/acceptance/tests/ticket_6857_password-disclosure-when-changing-a-users-password.rb index f1e100c2e..d3b415691 100644 --- a/acceptance/tests/ticket_6857_password-disclosure-when-changing-a-users-password.rb +++ b/acceptance/tests/ticket_6857_password-disclosure-when-changing-a-users-password.rb @@ -1,5 +1,15 @@ test_name "#6857: redact password hashes when applying in noop mode" +hosts_to_test = agents.reject do |agent| + if agent['platform'].match /(?:ubuntu|centos|debian|rhel)/ + result = on(agent, %q{ruby -e 'require "shadow" or raise'}, :silent => true) + result.exit_code != 0 + else + false + end +end +skip_test "No suitable hosts found" if hosts_to_test.empty? + adduser_manifest = <<MANIFEST user { 'passwordtestuser': ensure => 'present', @@ -15,9 +25,9 @@ user { 'passwordtestuser': } MANIFEST -apply_manifest_on(agents, adduser_manifest ) -results = apply_manifest_on(agents, changepass_manifest ) +apply_manifest_on(hosts_to_test, adduser_manifest ) +results = apply_manifest_on(hosts_to_test, changepass_manifest ) results.each do |result| - assert_match( /current_value \[old password hash redacted\], should be \[new password hash redacted\]/ , "#{result.stdout}" ) + assert_match( /current_value \[old password hash redacted\], should be \[new password hash redacted\]/ , "#{result.host}: #{result.stdout}" ) end |