-
Notifications
You must be signed in to change notification settings - Fork 10
/
fixtures.py
57 lines (45 loc) · 1.81 KB
/
fixtures.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
import pexpect
import pytest
import sys
import logging
from SCAutolib import run
from SCAutolib.models.file import SSSDConf
from SCAutolib.utils import load_user
@pytest.fixture(scope="function")
def user_shell():
"""Creates shell with some local user as a starting point for test."""
shell = pexpect.spawn("/usr/bin/sh -c 'su base-user'", encoding="utf-8")
shell.logfile = sys.stdout
return shell
@pytest.fixture(scope="function")
def root_shell():
"""Creates shell with root user as a starting point for test."""
shell = pexpect.spawn("/usr/bin/sh -c 'su'", encoding="utf-8")
shell.logfile = sys.stdout
return shell
@pytest.fixture(scope="function")
def allow_sudo_commands(ipa_user):
"""
Modifying the IPA server's sudo rules to allow the test user to
run sudo commands and restore the original state afterward.
"""
logger = logging.getLogger()
run('ipa sudorule-add allow_sudo --hostcat=all --runasusercat=all --runasgroupcat=all --cmdcat=all'.split())
run(f'ipa sudorule-add-user allow_sudo --user {ipa_user.username}'.split())
run("systemctl restart sssd".split(), sleep = 5)
logger.debug("Checking that the sudo rule has been added (following command should succeed)")
run('ipa sudorule-show allow_sudo'.split())
yield # running the test's code
run('ipa sudorule-del allow_sudo'.split())
run("systemctl restart sssd".split(), sleep = 5)
logger.debug("Checking that the sudo rule has been removed (following command should exit with status 2)")
run('ipa sudorule-show allow_sudo'.split(), return_code = [2])
@pytest.fixture(scope="session")
def root_user():
return load_user("root")
@pytest.fixture(scope="session")
def base_user():
return load_user("base-user")
@pytest.fixture(scope="session")
def sssd():
return SSSDConf()