From a31891c7424f22a970c91611e7beb1fa6ee75c49 Mon Sep 17 00:00:00 2001 From: David Mulder Date: Fri, 8 Nov 2019 20:06:53 +0000 Subject: [PATCH] Test password removal via python proctitle Signed-off-by: David Mulder Reviewed-by: Andrew Bartlett --- .gitlab-ci.yml | 2 +- bootstrap/config.py | 2 + .../generated-dists/centos7/bootstrap.sh | 1 + .../generated-dists/centos7/packages.yml | 1 + .../generated-dists/centos8/bootstrap.sh | 1 + .../generated-dists/centos8/packages.yml | 1 + .../generated-dists/debian10/bootstrap.sh | 1 + .../generated-dists/debian10/packages.yml | 1 + .../generated-dists/fedora32/bootstrap.sh | 1 + .../generated-dists/fedora32/packages.yml | 1 + .../generated-dists/fedora33/bootstrap.sh | 1 + .../generated-dists/fedora33/packages.yml | 1 + .../generated-dists/opensuse151/bootstrap.sh | 1 + .../generated-dists/opensuse151/packages.yml | 1 + .../generated-dists/opensuse152/bootstrap.sh | 1 + .../generated-dists/opensuse152/packages.yml | 1 + .../generated-dists/ubuntu1604/bootstrap.sh | 1 + .../generated-dists/ubuntu1604/packages.yml | 1 + .../generated-dists/ubuntu1804/bootstrap.sh | 1 + .../generated-dists/ubuntu1804/packages.yml | 1 + .../generated-dists/ubuntu2004/bootstrap.sh | 1 + .../generated-dists/ubuntu2004/packages.yml | 1 + bootstrap/sha1sum.txt | 2 +- python/samba/tests/cred_opt.py | 50 +++++++++++++++++++ selftest/tests.py | 1 + 25 files changed, 75 insertions(+), 2 deletions(-) create mode 100644 python/samba/tests/cred_opt.py diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index d65f4d2b769..accaced66a0 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -32,7 +32,7 @@ variables: # Set this to the contents of bootstrap/sha1sum.txt # which is generated by bootstrap/template.py --render # - SAMBA_CI_CONTAINER_TAG: d4867986881a9601c4620baf9a3bf28f5d1d1343 + SAMBA_CI_CONTAINER_TAG: 42ecbfbf716fa85ce251a955de72a92af26fc7b2 # # We use the ubuntu1804 image as default as # it matches what we have on sn-devel-184. diff --git a/bootstrap/config.py b/bootstrap/config.py index ecbc614f056..982ebae1cd1 100644 --- a/bootstrap/config.py +++ b/bootstrap/config.py @@ -141,6 +141,7 @@ PKGS = [ ('python3-dnspython', 'python3-dns'), ('python3-pexpect', ''), # for wintest only ('python3-pyasn1', 'python3-pyasn1'), # for krb5 tests + ('python3-setproctitle', 'python3-setproctitle'), ('', 'libsemanage-python'), ('', 'policycoreutils-python'), @@ -451,6 +452,7 @@ RPM_DISTS = { 'libcephfs-devel': '', 'gnutls-devel': 'compat-gnutls34-devel', 'liburing-devel': '', # not available + 'python3-setproctitle': 'python36-setproctitle', } }, 'centos8': { diff --git a/bootstrap/generated-dists/centos7/bootstrap.sh b/bootstrap/generated-dists/centos7/bootstrap.sh index 63746e248bc..7a6659d8e9a 100755 --- a/bootstrap/generated-dists/centos7/bootstrap.sh +++ b/bootstrap/generated-dists/centos7/bootstrap.sh @@ -91,6 +91,7 @@ yum install -y \ python36-iso8601 \ python36-markdown \ python36-pyasn1 \ + python36-setproctitle \ quota-devel \ readline-devel \ redhat-lsb \ diff --git a/bootstrap/generated-dists/centos7/packages.yml b/bootstrap/generated-dists/centos7/packages.yml index 7fb9b811397..ef6bbf82670 100644 --- a/bootstrap/generated-dists/centos7/packages.yml +++ b/bootstrap/generated-dists/centos7/packages.yml @@ -77,6 +77,7 @@ packages: - python36-iso8601 - python36-markdown - python36-pyasn1 + - python36-setproctitle - quota-devel - readline-devel - redhat-lsb diff --git a/bootstrap/generated-dists/centos8/bootstrap.sh b/bootstrap/generated-dists/centos8/bootstrap.sh index 342188e7fe5..e5167a2b561 100755 --- a/bootstrap/generated-dists/centos8/bootstrap.sh +++ b/bootstrap/generated-dists/centos8/bootstrap.sh @@ -98,6 +98,7 @@ yum install -y \ python3-markdown \ python3-policycoreutils \ python3-pyasn1 \ + python3-setproctitle \ quota-devel \ readline-devel \ redhat-lsb \ diff --git a/bootstrap/generated-dists/centos8/packages.yml b/bootstrap/generated-dists/centos8/packages.yml index d82a80e6957..4e45f1c15e1 100644 --- a/bootstrap/generated-dists/centos8/packages.yml +++ b/bootstrap/generated-dists/centos8/packages.yml @@ -80,6 +80,7 @@ packages: - python3-markdown - python3-policycoreutils - python3-pyasn1 + - python3-setproctitle - quota-devel - readline-devel - redhat-lsb diff --git a/bootstrap/generated-dists/debian10/bootstrap.sh b/bootstrap/generated-dists/debian10/bootstrap.sh index 94f85473811..0bf5f6b50d2 100755 --- a/bootstrap/generated-dists/debian10/bootstrap.sh +++ b/bootstrap/generated-dists/debian10/bootstrap.sh @@ -92,6 +92,7 @@ apt-get -y install \ python3-matplotlib \ python3-pexpect \ python3-pyasn1 \ + python3-setproctitle \ rng-tools \ rsync \ sed \ diff --git a/bootstrap/generated-dists/debian10/packages.yml b/bootstrap/generated-dists/debian10/packages.yml index ff45afedf93..f302831ee9a 100644 --- a/bootstrap/generated-dists/debian10/packages.yml +++ b/bootstrap/generated-dists/debian10/packages.yml @@ -81,6 +81,7 @@ packages: - python3-matplotlib - python3-pexpect - python3-pyasn1 + - python3-setproctitle - rng-tools - rsync - sed diff --git a/bootstrap/generated-dists/fedora32/bootstrap.sh b/bootstrap/generated-dists/fedora32/bootstrap.sh index 18fbfefedbc..1a585d2f133 100755 --- a/bootstrap/generated-dists/fedora32/bootstrap.sh +++ b/bootstrap/generated-dists/fedora32/bootstrap.sh @@ -94,6 +94,7 @@ dnf install -y \ python3-markdown \ python3-policycoreutils \ python3-pyasn1 \ + python3-setproctitle \ quota-devel \ readline-devel \ redhat-lsb \ diff --git a/bootstrap/generated-dists/fedora32/packages.yml b/bootstrap/generated-dists/fedora32/packages.yml index 6cb2ce3841f..ee3a0a6d2ff 100644 --- a/bootstrap/generated-dists/fedora32/packages.yml +++ b/bootstrap/generated-dists/fedora32/packages.yml @@ -83,6 +83,7 @@ packages: - python3-markdown - python3-policycoreutils - python3-pyasn1 + - python3-setproctitle - quota-devel - readline-devel - redhat-lsb diff --git a/bootstrap/generated-dists/fedora33/bootstrap.sh b/bootstrap/generated-dists/fedora33/bootstrap.sh index d7e77eab255..fce2626eaee 100755 --- a/bootstrap/generated-dists/fedora33/bootstrap.sh +++ b/bootstrap/generated-dists/fedora33/bootstrap.sh @@ -95,6 +95,7 @@ dnf install -y \ python3-markdown \ python3-policycoreutils \ python3-pyasn1 \ + python3-setproctitle \ quota-devel \ readline-devel \ redhat-lsb \ diff --git a/bootstrap/generated-dists/fedora33/packages.yml b/bootstrap/generated-dists/fedora33/packages.yml index 98c362181d9..9fb68c1c539 100644 --- a/bootstrap/generated-dists/fedora33/packages.yml +++ b/bootstrap/generated-dists/fedora33/packages.yml @@ -84,6 +84,7 @@ packages: - python3-markdown - python3-policycoreutils - python3-pyasn1 + - python3-setproctitle - quota-devel - readline-devel - redhat-lsb diff --git a/bootstrap/generated-dists/opensuse151/bootstrap.sh b/bootstrap/generated-dists/opensuse151/bootstrap.sh index 33c8aeb4021..df136a64ae8 100755 --- a/bootstrap/generated-dists/opensuse151/bootstrap.sh +++ b/bootstrap/generated-dists/opensuse151/bootstrap.sh @@ -88,6 +88,7 @@ zypper --non-interactive install \ python3-gpg \ python3-iso8601 \ python3-pyasn1 \ + python3-setproctitle \ readline-devel \ rng-tools \ rpcgen \ diff --git a/bootstrap/generated-dists/opensuse151/packages.yml b/bootstrap/generated-dists/opensuse151/packages.yml index 5e7b1a11d7a..9f224e86c36 100644 --- a/bootstrap/generated-dists/opensuse151/packages.yml +++ b/bootstrap/generated-dists/opensuse151/packages.yml @@ -76,6 +76,7 @@ packages: - python3-gpg - python3-iso8601 - python3-pyasn1 + - python3-setproctitle - readline-devel - rng-tools - rpcgen diff --git a/bootstrap/generated-dists/opensuse152/bootstrap.sh b/bootstrap/generated-dists/opensuse152/bootstrap.sh index e2d23c7b216..ab9b2e52370 100755 --- a/bootstrap/generated-dists/opensuse152/bootstrap.sh +++ b/bootstrap/generated-dists/opensuse152/bootstrap.sh @@ -90,6 +90,7 @@ zypper --non-interactive install \ python3-gpg \ python3-iso8601 \ python3-pyasn1 \ + python3-setproctitle \ readline-devel \ rng-tools \ rpcgen \ diff --git a/bootstrap/generated-dists/opensuse152/packages.yml b/bootstrap/generated-dists/opensuse152/packages.yml index f68b06394a9..8a65ed8c688 100644 --- a/bootstrap/generated-dists/opensuse152/packages.yml +++ b/bootstrap/generated-dists/opensuse152/packages.yml @@ -78,6 +78,7 @@ packages: - python3-gpg - python3-iso8601 - python3-pyasn1 + - python3-setproctitle - readline-devel - rng-tools - rpcgen diff --git a/bootstrap/generated-dists/ubuntu1604/bootstrap.sh b/bootstrap/generated-dists/ubuntu1604/bootstrap.sh index ab66f088448..acb9d4a427c 100755 --- a/bootstrap/generated-dists/ubuntu1604/bootstrap.sh +++ b/bootstrap/generated-dists/ubuntu1604/bootstrap.sh @@ -91,6 +91,7 @@ apt-get -y install \ python3-matplotlib \ python3-pexpect \ python3-pyasn1 \ + python3-setproctitle \ rng-tools \ rsync \ sed \ diff --git a/bootstrap/generated-dists/ubuntu1604/packages.yml b/bootstrap/generated-dists/ubuntu1604/packages.yml index d0a773558b4..33302f64a4b 100644 --- a/bootstrap/generated-dists/ubuntu1604/packages.yml +++ b/bootstrap/generated-dists/ubuntu1604/packages.yml @@ -80,6 +80,7 @@ packages: - python3-matplotlib - python3-pexpect - python3-pyasn1 + - python3-setproctitle - rng-tools - rsync - sed diff --git a/bootstrap/generated-dists/ubuntu1804/bootstrap.sh b/bootstrap/generated-dists/ubuntu1804/bootstrap.sh index 013f289d880..7f42512c2b8 100755 --- a/bootstrap/generated-dists/ubuntu1804/bootstrap.sh +++ b/bootstrap/generated-dists/ubuntu1804/bootstrap.sh @@ -93,6 +93,7 @@ apt-get -y install \ python3-matplotlib \ python3-pexpect \ python3-pyasn1 \ + python3-setproctitle \ rng-tools \ rsync \ sed \ diff --git a/bootstrap/generated-dists/ubuntu1804/packages.yml b/bootstrap/generated-dists/ubuntu1804/packages.yml index 2ba03c496af..4711b7ce996 100644 --- a/bootstrap/generated-dists/ubuntu1804/packages.yml +++ b/bootstrap/generated-dists/ubuntu1804/packages.yml @@ -82,6 +82,7 @@ packages: - python3-matplotlib - python3-pexpect - python3-pyasn1 + - python3-setproctitle - rng-tools - rsync - sed diff --git a/bootstrap/generated-dists/ubuntu2004/bootstrap.sh b/bootstrap/generated-dists/ubuntu2004/bootstrap.sh index 013f289d880..7f42512c2b8 100755 --- a/bootstrap/generated-dists/ubuntu2004/bootstrap.sh +++ b/bootstrap/generated-dists/ubuntu2004/bootstrap.sh @@ -93,6 +93,7 @@ apt-get -y install \ python3-matplotlib \ python3-pexpect \ python3-pyasn1 \ + python3-setproctitle \ rng-tools \ rsync \ sed \ diff --git a/bootstrap/generated-dists/ubuntu2004/packages.yml b/bootstrap/generated-dists/ubuntu2004/packages.yml index 2ba03c496af..4711b7ce996 100644 --- a/bootstrap/generated-dists/ubuntu2004/packages.yml +++ b/bootstrap/generated-dists/ubuntu2004/packages.yml @@ -82,6 +82,7 @@ packages: - python3-matplotlib - python3-pexpect - python3-pyasn1 + - python3-setproctitle - rng-tools - rsync - sed diff --git a/bootstrap/sha1sum.txt b/bootstrap/sha1sum.txt index 816528d3b0e..46493c16eb0 100644 --- a/bootstrap/sha1sum.txt +++ b/bootstrap/sha1sum.txt @@ -1 +1 @@ -d4867986881a9601c4620baf9a3bf28f5d1d1343 +42ecbfbf716fa85ce251a955de72a92af26fc7b2 diff --git a/python/samba/tests/cred_opt.py b/python/samba/tests/cred_opt.py new file mode 100644 index 00000000000..91ca68085b7 --- /dev/null +++ b/python/samba/tests/cred_opt.py @@ -0,0 +1,50 @@ +# Unix SMB/CIFS implementation. +# Copyright (C) David Mulder 2019 +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . +# + +"""Tests for cred option parsing. + +""" + +import optparse +from samba.getopt import CredentialsOptions +import samba.tests +import setproctitle +import sys + +password_opt = '--password=super_secret_password' +clear_password_opt = '--password=xxx' + +class CredentialsOptionsTests(samba.tests.TestCase): + + def setUp(self): + super(samba.tests.TestCase, self).setUp() + self.old_proctitle = setproctitle.getproctitle() + setproctitle.setproctitle('%s %s' % (self.old_proctitle, password_opt)) + sys.argv.append(password_opt) + + def test_clear_proctitle_password(self): + parser = optparse.OptionParser() + credopts = CredentialsOptions(parser) + parser.add_option_group(credopts) + (opts, args) = parser.parse_args() + self.assertNotIn(password_opt, setproctitle.getproctitle()) + self.assertIn(clear_password_opt, setproctitle.getproctitle()) + + def tearDown(self): + super(samba.tests.TestCase, self).tearDown() + setproctitle.setproctitle(self.old_proctitle) + sys.argv.pop() diff --git a/selftest/tests.py b/selftest/tests.py index 9772fe8f8f1..381586eb868 100644 --- a/selftest/tests.py +++ b/selftest/tests.py @@ -65,6 +65,7 @@ planpythontestsuite("none", "samba.tests.credentials") planpythontestsuite("none", "samba.tests.registry") planpythontestsuite("ad_dc_ntvfs:local", "samba.tests.auth") planpythontestsuite("none", "samba.tests.get_opt") +planpythontestsuite("none", "samba.tests.cred_opt") planpythontestsuite("none", "samba.tests.security") planpythontestsuite("none", "samba.tests.dcerpc.misc") planpythontestsuite("none", "samba.tests.dcerpc.integer")