-
Notifications
You must be signed in to change notification settings - Fork 148
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
ScanPamUserDB: implement scan to detect DB location
pam_userdb module changed its backend database technology from lidb to gdbm for RHEL10. This requires a set of leapp actors to perform the database migration automatically when upgrading to RHEL10. This commit in particular takes care of scanning the PAM service folder to detect whether pam_userdb is used and the location of the database in use. This information is stored in a model that will be consumed by another actor later in the upgrade process. It also includes the unit-tests, and the required files to setup a fake testing environment. Signed-off-by: Iker Pedrosa <[email protected]>
- Loading branch information
Showing
7 changed files
with
95 additions
and
0 deletions.
There are no files selected for viewing
18 changes: 18 additions & 0 deletions
18
repos/system_upgrade/el9toel10/actors/scanpamuserdb/actor.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,18 @@ | ||
| from leapp.actors import Actor | ||
| from leapp.tags import FactsPhaseTag, IPUWorkflowTag | ||
| from leapp.models import PamUserDbLocation | ||
| from leapp.libraries.actor import scanpamuserdb | ||
|
|
||
|
|
||
| class ScanPamUserDb(Actor): | ||
| """ | ||
| Scan the PAM service folder for the location of pam_userdb databases | ||
| """ | ||
|
|
||
| name = 'scan_pam_user_db' | ||
| consumes = () | ||
| produces = (PamUserDbLocation,) | ||
| tags = (FactsPhaseTag, IPUWorkflowTag) | ||
|
|
||
| def process(self): | ||
| self.produce(scanpamuserdb.parse_folder('/etc/pam.d/')) |
29 changes: 29 additions & 0 deletions
29
repos/system_upgrade/el9toel10/actors/scanpamuserdb/libraries/scanpamuserdb.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,29 @@ | ||
| import os | ||
| import re | ||
|
|
||
| from leapp.models import PamUserDbLocation | ||
|
|
||
|
|
||
| def parse_file(conf_file): | ||
| with open(conf_file, 'r') as file: | ||
| for line in file: | ||
| if 'pam_userdb' in line: | ||
| match = re.search(r'db=(\S+)', line) | ||
| if match: | ||
| return match.group(1) | ||
|
|
||
| return None | ||
|
|
||
|
|
||
| def parse_folder(conf_folder): | ||
| locations = set() | ||
|
|
||
| for file_name in os.listdir(conf_folder): | ||
| file_path = os.path.join(conf_folder, file_name) | ||
|
|
||
| if os.path.isfile(file_path): | ||
| location = parse_file(file_path) | ||
| if location is not None: | ||
| locations.add(location) | ||
|
|
||
| return PamUserDbLocation(locations=list(locations)) |
1 change: 1 addition & 0 deletions
1
repos/system_upgrade/el9toel10/actors/scanpamuserdb/tests/files/pam_userdb_basic
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| auth required pam_userdb.so db=/tmp/db1 |
9 changes: 9 additions & 0 deletions
9
repos/system_upgrade/el9toel10/actors/scanpamuserdb/tests/files/pam_userdb_complete
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,9 @@ | ||
| auth required pam_env.so | ||
| auth required pam_faildelay.so delay=2000000 | ||
| auth sufficient pam_fprintd.so | ||
| auth [default=1 ignore=ignore success=ok] pam_usertype.so isregular | ||
| auth [default=1 ignore=ignore success=ok] pam_localuser.so | ||
| auth required pam_userdb.so db=/tmp/db2 | ||
| auth [default=1 ignore=ignore success=ok] pam_usertype.so isregular | ||
| auth sufficient pam_sss.so forward_pass | ||
| auth required pam_deny.so |
1 change: 1 addition & 0 deletions
1
repos/system_upgrade/el9toel10/actors/scanpamuserdb/tests/files/pam_userdb_missing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| auth sufficient pam_unix.so nullok |
23 changes: 23 additions & 0 deletions
23
repos/system_upgrade/el9toel10/actors/scanpamuserdb/tests/test_scanpamuserdb.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,23 @@ | ||
| import os | ||
|
|
||
| import pytest | ||
|
|
||
| from leapp.libraries.actor import scanpamuserdb | ||
|
|
||
| CUR_DIR = os.path.dirname(os.path.abspath(__file__)) | ||
|
|
||
|
|
||
| def test_parse_file(): | ||
| file = scanpamuserdb.parse_file(os.path.join(CUR_DIR, 'files/pam_userdb_missing')) | ||
| assert file is None | ||
| file = scanpamuserdb.parse_file(os.path.join(CUR_DIR, 'files/pam_userdb_basic')) | ||
| assert file == '/tmp/db1' | ||
| file = scanpamuserdb.parse_file(os.path.join(CUR_DIR, 'files/pam_userdb_complete')) | ||
| assert file == '/tmp/db2' | ||
|
|
||
|
|
||
| def test_parse_folder(): | ||
| msg = scanpamuserdb.parse_folder(os.path.join(CUR_DIR, 'files/')) | ||
| assert len(msg.locations) == 2 | ||
| assert '/tmp/db1' in msg.locations | ||
| assert '/tmp/db2' in msg.locations |
14 changes: 14 additions & 0 deletions
14
repos/system_upgrade/el9toel10/models/pamuserdblocation.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,14 @@ | ||
| from leapp.models import Model, fields | ||
| from leapp.topics import SystemInfoTopic | ||
|
|
||
|
|
||
| class PamUserDbLocation(Model): | ||
| """ | ||
| Provides a list of all database files for pam_userdb | ||
| """ | ||
| topic = SystemInfoTopic | ||
|
|
||
| locations = fields.List(fields.String(), default=[]) | ||
| """ | ||
| The list with the full path to the database files. | ||
| """ |