commit yast2-users for openSUSE:Factory

16 Apr 2016

Hello community,

here is the log from the commit of package yast2-users for openSUSE:Factory checked in at 2016-04-16 22:07:31
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/yast2-users (Old)
 and      /work/SRC/openSUSE:Factory/.yast2-users.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "yast2-users"

Changes:
--------

--- /work/SRC/openSUSE:Factory/yast2-users/yast2-users.changes	2016-03-20 11:48:12.000000000 +0100
+++ /work/SRC/openSUSE:Factory/.yast2-users.new/yast2-users.changes	2016-04-16 22:07:33.000000000 +0200
@@ -1,0 +2,9 @@
+Thu Apr  7 08:49:13 UTC 2016 - igonzalezsosa@suse.com
+
+- Does not set empty passwords fields in /etc/shadow during
+  installation (CVE-2016-1601, bnc#973639, bnc#974220)
+- Set root password correctly when using a minimal profile
+  (bnc#971804)
+- 3.1.47
+
+-------------------------------------------------------------------

Old:
----
  yast2-users-3.1.46.tar.bz2

New:
----
  yast2-users-3.1.47.tar.bz2

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ yast2-users.spec ++++++
--- /var/tmp/diff_new_pack.OUASOL/_old	2016-04-16 22:07:34.000000000 +0200
+++ /var/tmp/diff_new_pack.OUASOL/_new	2016-04-16 22:07:34.000000000 +0200
@@ -17,7 +17,7 @@
 
 
 Name:           yast2-users
-Version:        3.1.46
+Version:        3.1.47
 Release:        0
 
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
@@ -37,7 +37,7 @@
 BuildRequires:  yast2-perl-bindings
 BuildRequires:  yast2-security
 BuildRequires:  yast2-testsuite
-BuildRequires:  rubygem(rspec)
+BuildRequires:  rubygem(%rb_default_ruby_abi:rspec)
 
 Requires:       cracklib
 Requires:       perl-Digest-SHA1
@@ -105,6 +105,10 @@
 %dir %{yast_yncludedir}/users
 %dir %{yast_moduledir}/YaPI
 %{yast_clientdir}/*.rb
+%dir %{yast_libdir}/users
+%dir %{yast_libdir}/users/clients
+%{yast_libdir}/users/*
+%{yast_libdir}/users/clients/*
 %{yast_desktopdir}/*.desktop
 %{yast_moduledir}/*.pm
 %{yast_moduledir}/UsersUI.rb

++++++ yast2-users-3.1.46.tar.bz2 -> yast2-users-3.1.47.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-users-3.1.46/.travis.yml new/yast2-users-3.1.47/.travis.yml
--- old/yast2-users-3.1.46/.travis.yml	2016-03-15 15:26:26.000000000 +0100
+++ new/yast2-users-3.1.47/.travis.yml	2016-04-12 14:01:29.000000000 +0200
@@ -5,7 +5,7 @@
     # disable rvm, use system Ruby
     - rvm reset
     - wget https://raw.githubusercontent.com/yast/yast-devtools/master/travis-tools/tra...
-    - sh ./travis_setup.sh -p "rake yast2-devtools yast2-testsuite yast2 yast2-perl-bindings yast2-core-dev yast2-ldap yast2-perl-bindings yast2-security libcrack2-dev doxygen libdigest-sha1-perl" -g "yast-rake gettext"
+    - sh ./travis_setup.sh -p "rake yast2-devtools yast2-testsuite yast2 yast2-perl-bindings yast2-core-dev yast2-ldap yast2-perl-bindings yast2-security libcrack2-dev doxygen libdigest-sha1-perl" -g "rspec:3.3.0 yast-rake gettext"
 script:
     - rake check:syntax
     - rake check:pot
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-users-3.1.46/package/yast2-users.changes new/yast2-users-3.1.47/package/yast2-users.changes
--- old/yast2-users-3.1.46/package/yast2-users.changes	2016-03-15 15:26:26.000000000 +0100
+++ new/yast2-users-3.1.47/package/yast2-users.changes	2016-04-12 14:01:29.000000000 +0200
@@ -1,4 +1,13 @@
 -------------------------------------------------------------------
+Thu Apr  7 08:49:13 UTC 2016 - igonzalezsosa@suse.com
+
+- Does not set empty passwords fields in /etc/shadow during
+  installation (CVE-2016-1601, bnc#973639, bnc#974220)
+- Set root password correctly when using a minimal profile
+  (bnc#971804)
+- 3.1.47
+
+-------------------------------------------------------------------
 Sat Mar  5 11:04:17 UTC 2016 - igonzalezsosa@suse.com
 
 - Do not include inst-sys users when cloning the configuration
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-users-3.1.46/package/yast2-users.spec new/yast2-users-3.1.47/package/yast2-users.spec
--- old/yast2-users-3.1.46/package/yast2-users.spec	2016-03-15 15:26:26.000000000 +0100
+++ new/yast2-users-3.1.47/package/yast2-users.spec	2016-04-12 14:01:29.000000000 +0200
@@ -17,7 +17,7 @@
 
 
 Name:           yast2-users
-Version:        3.1.46
+Version:        3.1.47
 Release:        0
 
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
@@ -37,7 +37,7 @@
 BuildRequires:  yast2-perl-bindings
 BuildRequires:  yast2-security
 BuildRequires:  yast2-testsuite
-BuildRequires:  rubygem(rspec)
+BuildRequires:  rubygem(%rb_default_ruby_abi:rspec)
 
 Requires:       cracklib
 Requires:       perl-Digest-SHA1
@@ -105,6 +105,10 @@
 %dir %{yast_yncludedir}/users
 %dir %{yast_moduledir}/YaPI
 %{yast_clientdir}/*.rb
+%dir %{yast_libdir}/users
+%dir %{yast_libdir}/users/clients
+%{yast_libdir}/users/*
+%{yast_libdir}/users/clients/*
 %{yast_desktopdir}/*.desktop
 %{yast_moduledir}/*.pm
 %{yast_moduledir}/UsersUI.rb
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-users-3.1.46/src/Makefile.am new/yast2-users-3.1.47/src/Makefile.am
--- old/yast2-users-3.1.46/src/Makefile.am	2016-03-15 15:26:26.000000000 +0100
+++ new/yast2-users-3.1.47/src/Makefile.am	2016-04-12 14:01:29.000000000 +0200
@@ -35,6 +35,10 @@
   clients/inst_user_first.rb \
   clients/users_encryption_method.rb
 
+ylibclientdir = @ylibdir@/users/clients
+ylibclient_DATA = \
+  lib/users/clients/users_finish.rb
+
 yncludedir = @yncludedir@/users
 ynclude_DATA = \
   include/users/widgets.rb \
@@ -77,6 +81,6 @@
 desktop_DATA = \
   desktop/users.desktop
 
-EXTRA_DIST = $(module_DATA) $(module1_DATA) $(client_DATA) $(ynclude_DATA) $(ylibdialog_DATA) $(ylib_DATA) $(scrconf_DATA) $(agent_SCRIPTS) $(schemafiles_DATA) $(desktop_DATA)
+EXTRA_DIST = $(module_DATA) $(module1_DATA) $(client_DATA) $(ynclude_DATA) $(ylibdialog_DATA) $(ylib_DATA) $(scrconf_DATA) $(agent_SCRIPTS) $(schemafiles_DATA) $(desktop_DATA) $(ylibclient_DATA)
 
 include $(top_srcdir)/Makefile.am.common
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-users-3.1.46/src/clients/users_finish.rb new/yast2-users-3.1.47/src/clients/users_finish.rb
--- old/yast2-users-3.1.46/src/clients/users_finish.rb	2016-03-15 15:26:26.000000000 +0100
+++ new/yast2-users-3.1.47/src/clients/users_finish.rb	2016-04-12 14:01:29.000000000 +0200
@@ -27,75 +27,5 @@
 #
 # $Id$
 
-module Yast
-  class UsersFinishClient < Client
-    def main
-      textdomain "users"
-
-      Yast.import "Autologin"
-      Yast.import "Users"
-      Yast.import "UsersSimple"
-
-      # create_users()
-      Yast.include self, "users/routines.rb"
-
-      @func = ""
-      @param = {}
-
-      # Check arguments
-      if Ops.greater_than(Builtins.size(WFM.Args), 0) &&
-          Ops.is_string?(WFM.Args(0))
-        @func = Convert.to_string(WFM.Args(0))
-        if Ops.greater_than(Builtins.size(WFM.Args), 1) &&
-            Ops.is_map?(WFM.Args(1))
-          @param = Convert.to_map(WFM.Args(1))
-        end
-      end
-
-      Builtins.y2milestone("starting users_finish")
-      Builtins.y2debug("func=%1", @func)
-      Builtins.y2debug("param=%1", @param)
-
-      if @func == "Info"
-        return {
-          "steps" => 1,
-          # progress step title
-          "title" => _("Writing Users Configuration..."),
-          "when"  => [:installation, :live_installation, :autoinst]
-        }
-      elsif @func == "Write"
-        # Creating all users and their environment
-
-        if Mode.autoinst
-          # Write imported users (during autoupgrade no changes are done)
-
-          # During installation, some package could add a new user, so we
-          # need to read them again before writing.
-          Users.SetExportAll(true)
-          saved = Users.Export
-          Users.ReadLocal
-          Users.Import(saved)
-
-          # Write users
-          Users.SetWriteOnly(true)
-          @progress_orig = Progress.set(false)
-          @ret = Users.Write == ""
-          Progress.set(@progress_orig)
-        else
-          # write the root password
-          UsersSimple.Write
-
-          other_users = setup_all_users
-          Users.Write if other_users
-        end
-      else
-        Builtins.y2error("unknown function: %1", @func)
-      end
-
-      Builtins.y2milestone("users_finish finished")
-      nil
-    end
-  end
-end
-
-Yast::UsersFinishClient.new.main
+require "users/clients/users_finish"
+Yast::UsersFinishClient.new.run
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-users-3.1.46/src/include/users/routines.rb new/yast2-users-3.1.47/src/include/users/routines.rb
--- old/yast2-users-3.1.46/src/include/users/routines.rb	2016-03-15 15:26:26.000000000 +0100
+++ new/yast2-users-3.1.47/src/include/users/routines.rb	2016-04-12 14:01:29.000000000 +0200
@@ -30,6 +30,7 @@
   module UsersRoutinesInclude
     def initialize_users_routines(include_target)
       Yast.import "Mode"
+      Yast.import "Autologin"
 
       textdomain "users"
     end
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-users-3.1.46/src/lib/users/clients/users_finish.rb new/yast2-users-3.1.47/src/lib/users/clients/users_finish.rb
--- old/yast2-users-3.1.46/src/lib/users/clients/users_finish.rb	1970-01-01 01:00:00.000000000 +0100
+++ new/yast2-users-3.1.47/src/lib/users/clients/users_finish.rb	2016-04-12 14:01:29.000000000 +0200
@@ -0,0 +1,94 @@
+# encoding: utf-8
+
+# ------------------------------------------------------------------------------
+# Copyright (c) 2016 SUSE LLC
+#
+# This program is free software; you can redistribute it and/or modify it under
+# the terms of version 2 of the GNU General Public License as published by the
+# Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+#
+# ------------------------------------------------------------------------------
+
+require "installation/finish_client"
+
+module Yast
+  class UsersFinishClient < ::Installation::FinishClient
+    include Logger
+
+    def initialize
+      textdomain "users"
+
+      Yast.import "Users"
+      Yast.import "UsersSimple"
+      # setup_all_users()
+      Yast.include self, "users/routines.rb"
+    end
+
+    # Write users
+    #
+    # It relies in different methods depending if it's running
+    # during autoinst or in a regular installation.
+    #
+    # @see write_autoinst
+    # @see write_install
+    def write
+      if Mode.autoinst
+        write_autoinst
+      else
+        write_install
+      end
+    end
+
+  protected
+
+    # @see Implements ::Installation::FinishClient#modes
+    def modes
+      [:installation, :live_installation, :autoinst]
+    end
+
+    # @see Implements ::Installation::FinishClient#title
+    def title
+      _("Writing Users Configuration...")
+    end
+
+    # Write imported users during autoinstallation
+    #
+    # During installation, some package could add a new user, so we
+    # need to read them again before writing.
+    #
+    # On the other hand, during autoupgrade no changes are performed.
+    def write_autoinst
+      # 1. Export users imported in inst_autosetup (and store them)
+      Users.SetExportAll(false)
+      saved = Users.Export
+      log.info("Users to import: #{saved}")
+
+      # 2. Read users and settings from the installed system
+      # (bsc#965852, bsc#973639, bsc#974220 and bsc#971804)
+      Users.Read
+
+      # 3. Merge users from the system with new users from
+      #    AutoYaST profile (from step 1)
+      Users.Import(saved)
+
+      # 4. Write users
+      Users.SetWriteOnly(true)
+      @progress_orig = Progress.set(false)
+      error = Users.Write
+      log.error(error) unless error.empty?
+      Progress.set(@progress_orig)
+    end
+
+    # Write root password a new users during regular installation
+    def write_install
+      # write the root password
+      UsersSimple.Write
+      # write new users (if any)
+      Users.Write if setup_all_users
+    end
+  end
+end
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-users-3.1.46/src/modules/Users.pm new/yast2-users-3.1.47/src/modules/Users.pm
--- old/yast2-users-3.1.46/src/modules/Users.pm	2016-03-15 15:26:26.000000000 +0100
+++ new/yast2-users-3.1.47/src/modules/Users.pm	2016-04-12 14:01:29.000000000 +0200
@@ -6132,8 +6132,7 @@
     # remove cache entries (#50265)
     UsersCache->ResetCache ();
 
-    # Avoid to read local users during 1st stage (bnc#965852)
-    my $error_msg = (Mode->test() || Stage->initial()) ? "" : $self->ReadLocal ();
+    my $error_msg = Mode->test() ? "" : $self->ReadLocal ();
     if ($error_msg) {
 	return 0;
     }
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-users-3.1.46/test/Makefile.am new/yast2-users-3.1.47/test/Makefile.am
--- old/yast2-users-3.1.46/test/Makefile.am	1970-01-01 01:00:00.000000000 +0100
+++ new/yast2-users-3.1.47/test/Makefile.am	2016-04-12 14:01:29.000000000 +0200
@@ -0,0 +1,8 @@
+# Tests for users
+TESTS = \
+  users_finish_test.rb
+
+TEST_EXTENSIONS = .rb
+RB_LOG_COMPILER = rspec
+VERBOSE = 1
+EXTRA_DIST = $(TESTS)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-users-3.1.46/test/fixtures/root/etc/default/useradd new/yast2-users-3.1.47/test/fixtures/root/etc/default/useradd
--- old/yast2-users-3.1.46/test/fixtures/root/etc/default/useradd	1970-01-01 01:00:00.000000000 +0100
+++ new/yast2-users-3.1.47/test/fixtures/root/etc/default/useradd	2016-04-12 14:01:29.000000000 +0200
@@ -0,0 +1,8 @@
+# useradd defaults file
+GROUP=100
+HOME=/home
+INACTIVE=-1
+EXPIRE=
+SHELL=/bin/bash
+SKEL=/etc/skel
+CREATE_MAIL_SPOOL=yes
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-users-3.1.46/test/fixtures/root/etc/group new/yast2-users-3.1.47/test/fixtures/root/etc/group
--- old/yast2-users-3.1.46/test/fixtures/root/etc/group	1970-01-01 01:00:00.000000000 +0100
+++ new/yast2-users-3.1.47/test/fixtures/root/etc/group	2016-04-12 14:01:29.000000000 +0200
@@ -0,0 +1,37 @@
+root:x:0:
+bin:x:1:daemon
+daemon:x:2:
+sys:x:3:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+www:x:8:
+kmem:x:9:
+wheel:x:10:
+mail:x:12:
+news:x:13:
+uucp:x:14:
+shadow:x:15:
+dialout:x:16:
+audio:x:17:
+floppy:x:19:
+cdrom:x:20:
+console:x:21:
+utmp:x:22:
+public:x:32:
+video:x:33:
+games:x:40:
+xok:x:41:
+trusted:x:42:
+modem:x:43:
+ftp:x:49:
+lock:x:54:
+man:x:62:
+users:x:100:
+nobody:x:65533:
+nogroup:x:65534:nobody
+messagebus:x:499:
+sshd:x:498:
+tape:x:497:
+polkitd:x:496:
+nscd:x:495:
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-users-3.1.46/test/fixtures/root/etc/login.defs new/yast2-users-3.1.47/test/fixtures/root/etc/login.defs
--- old/yast2-users-3.1.46/test/fixtures/root/etc/login.defs	1970-01-01 01:00:00.000000000 +0100
+++ new/yast2-users-3.1.47/test/fixtures/root/etc/login.defs	2016-04-12 14:01:29.000000000 +0200
@@ -0,0 +1,287 @@
+#
+# /etc/login.defs - Configuration control definitions for the shadow package.
+#
+
+#
+# Delay in seconds before being allowed another attempt after a login failure
+# Note: When PAM is used, some modules may enfore a minimal delay (e.g.
+#       pam_unix enforces a 2s delay)
+#
+FAIL_DELAY		3
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+CONSOLE		/etc/securetty
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, ":" delimited list of "message of the day" files to
+# be displayed upon login.
+#
+MOTD_FILE	/etc/motd
+#MOTD_FILE	/etc/motd:/usr/lib/news/news-motd
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+#HUSHLOGIN_FILE	.hushlogin
+HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/sbin:/bin:/usr/sbin:/usr/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin
+
+#
+# The default PATH settings for root (used by login):
+#
+ENV_ROOTPATH            /sbin:/bin:/usr/sbin:/usr/bin
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+TTYGROUP	tty
+TTYPERM		0620
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+
+# Default initial "umask" value used by login on non-PAM enabled systems.
+# Default "umask" value for pam_umask on PAM enabled systems.
+# UMASK is also used by useradd and newusers to set the mode of new home
+# directories.
+# 022 is the default value, but 027, or even 077, could be considered
+# better for privacy. There is no One True Answer here: each sysadmin
+# must make up her mind.
+UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	365
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+# SYS_UID_MIN to SYS_UID_MAX inclusive is the range for
+# UIDs for dynamically allocated administrative and system accounts.
+# UID_MIN to UID_MAX inclusive is the range of UIDs of dynamically
+# allocated user accounts.
+#
+UID_MIN			 1000
+UID_MAX			60000
+# System accounts
+SYS_UID_MIN		  100
+SYS_UID_MAX		  499
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+# SYS_GID_MIN to SYS_GID_MAX inclusive is the range for
+# GIDs for dynamically allocated administrative and system groups.
+# GID_MIN to GID_MAX inclusive is the range of GIDs of dynamically
+# allocated groups.
+#
+GID_MIN			 1000
+GID_MAX			60000
+# System accounts
+SYS_GID_MIN		  100
+SYS_GID_MAX		  499
+
+#
+# Max number of login retries if password is bad
+#
+LOGIN_RETRIES		3
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: If you use PAM, it is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+ENCRYPT_METHOD SHA512
+ENCRYPT_METHOD_NIS DES
+
+#
+# Only works if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+# See USERDEL_PRECMD/POSTCMD below.
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# Enable setting of the umask group bits to be the same as owner bits
+# (examples: 022 -> 002, 077 -> 007) for non-root users, if the uid is
+# the same as gid, and username is the same as the primary group name.
+#
+# This also enables userdel to remove user groups if no members exist.
+#
+USERGROUPS_ENAB no
+
+#
+# If set to a non-nul number, the shadow utilities will make sure that
+# groups never have more than this number of users on one line.
+# This permit to support split groups (groups split into multiple lines,
+# with the same group ID, to avoid limitation of the line length in the
+# group file).
+#
+# 0 is the default value and disables this feature.
+#
+#MAX_MEMBERS_PER_GROUP	0
+
+#
+# If useradd should create home directories for users by default (non
+# system users only)
+# This option is overridden with the -M or -m flags on the useradd command
+# line.
+#
+CREATE_HOME     no
+
+#
+# User/group names must match the following regex expression.
+# The default is [A-Za-z_][A-Za-z0-9_.-]*[A-Za-z0-9_.$-]\?,
+# but be aware that the result could depend on the locale settings.
+#
+#CHARACTER_CLASS                [A-Za-z_][A-Za-z0-9_.-]*[A-Za-z0-9_.$-]\?
+CHARACTER_CLASS         [ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz_][ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_.-]*[ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_.$-]\?
+
+#
+# If defined, this command is run when adding a group.
+# It should rebuild any NIS database etc. to add the
+# new created group.
+#
+GROUPADD_CMD             /usr/sbin/groupadd.local
+
+#
+# If defined, this command is run when adding a user.
+# It should rebuild any NIS database etc. to add the
+# new created account.
+#
+USERADD_CMD             /usr/sbin/useradd.local
+
+#
+# If defined, this command is run before removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed.
+#
+USERDEL_PRECMD          /usr/sbin/userdel-pre.local
+
+#
+# If defined, this command is run after removing a user.
+# It should rebuild any NIS database etc. to remove the
+# account from it.
+#
+USERDEL_POSTCMD         /usr/sbin/userdel-post.local
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-users-3.1.46/test/fixtures/root/etc/passwd new/yast2-users-3.1.47/test/fixtures/root/etc/passwd
--- old/yast2-users-3.1.46/test/fixtures/root/etc/passwd	1970-01-01 01:00:00.000000000 +0100
+++ new/yast2-users-3.1.47/test/fixtures/root/etc/passwd	2016-04-12 14:01:29.000000000 +0200
@@ -0,0 +1,18 @@
+root:x:0:0:root:/root:/bin/bash
+bin:x:1:1:bin:/bin:/bin/bash
+daemon:x:2:2:Daemon:/sbin:/bin/bash
+lp:x:4:7:Printing daemon:/var/spool/lpd:/bin/bash
+mail:x:8:12:Mailer daemon:/var/spool/clientmqueue:/bin/false
+news:x:9:13:News system:/etc/news:/bin/bash
+uucp:x:10:14:Unix-to-Unix CoPy system:/etc/uucp:/bin/bash
+games:x:12:100:Games account:/var/games:/bin/bash
+man:x:13:62:Manual pages viewer:/var/cache/man:/bin/bash
+wwwrun:x:30:8:WWW daemon apache:/var/lib/wwwrun:/bin/false
+ftp:x:40:49:FTP account:/srv/ftp:/bin/bash
+nobody:x:65534:65533:nobody:/var/lib/nobody:/bin/bash
+messagebus:x:499:499:User for D-Bus:/var/run/dbus:/bin/false
+sshd:x:498:498:SSH daemon:/var/lib/sshd:/bin/false
+polkitd:x:497:496:User for polkitd:/var/lib/polkit:/sbin/nologin
+nscd:x:496:495:User for nscd:/run/nscd:/sbin/nologin
+rpc:x:495:65534:user for rpcbind:/var/lib/empty:/sbin/nologin
+openslp:x:494:2:openslp daemon:/var/lib/empty:/sbin/nologin
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-users-3.1.46/test/fixtures/root/etc/shadow new/yast2-users-3.1.47/test/fixtures/root/etc/shadow
--- old/yast2-users-3.1.46/test/fixtures/root/etc/shadow	1970-01-01 01:00:00.000000000 +0100
+++ new/yast2-users-3.1.47/test/fixtures/root/etc/shadow	2016-04-12 14:01:29.000000000 +0200
@@ -0,0 +1,18 @@
+root:$6$pLaWhcXR$gn1LrOlTEV9B.SBn.iITpknL6eg/n63am7rzp2fMsB8ap5cUWl3ZcnT7o5mTcrG85bz/NhaC1D/izwkJeL5gI.:16899::::::
+bin:*:16765::::::
+daemon:*:16765::::::
+lp:*:16765::::::
+mail:*:16765::::::
+news:*:16765::::::
+uucp:*:16765::::::
+games:*:16765::::::
+man:*:16765::::::
+wwwrun:*:16765::::::
+ftp:*:16765::::::
+nobody:*:16765::::::
+messagebus:!:16765::::::
+sshd:!:16765::::::
+polkitd:!:16765::::::
+nscd:!:16765::::::
+rpc:!:16765::::::
+openslp:!:16765::::::
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-users-3.1.46/test/fixtures/root/etc/shells new/yast2-users-3.1.47/test/fixtures/root/etc/shells
--- old/yast2-users-3.1.46/test/fixtures/root/etc/shells	1970-01-01 01:00:00.000000000 +0100
+++ new/yast2-users-3.1.47/test/fixtures/root/etc/shells	2016-04-12 14:01:29.000000000 +0200
@@ -0,0 +1,23 @@
+/bin/ash
+/bin/bash
+/bin/csh
+/bin/dash
+/bin/false
+/bin/ksh
+/bin/ksh93
+/bin/mksh
+/bin/pdksh
+/bin/sh
+/bin/tcsh
+/bin/true
+/bin/zsh
+/usr/bin/csh
+/usr/bin/dash
+/usr/bin/ksh
+/usr/bin/ksh93
+/usr/bin/mksh
+/usr/bin/passwd
+/usr/bin/pdksh
+/usr/bin/bash
+/usr/bin/tcsh
+/usr/bin/zsh
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-users-3.1.46/test/fixtures/users.yml new/yast2-users-3.1.47/test/fixtures/users.yml
--- old/yast2-users-3.1.46/test/fixtures/users.yml	1970-01-01 01:00:00.000000000 +0100
+++ new/yast2-users-3.1.47/test/fixtures/users.yml	2016-04-12 14:01:29.000000000 +0200
@@ -0,0 +1,12 @@
+users:
+  - username: root
+    user_password: yast.password
+    fullname: Superuser
+    encrypted: true
+  - username: yast
+    user_password: suse
+    fullname: YaST team user
+    gid: 100
+    uid: 1000
+    shell: /usr/bin/zsh
+    encrypted: true
\ No newline at end of file
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-users-3.1.46/test/spec_helper.rb new/yast2-users-3.1.47/test/spec_helper.rb
--- old/yast2-users-3.1.46/test/spec_helper.rb	1970-01-01 01:00:00.000000000 +0100
+++ new/yast2-users-3.1.47/test/spec_helper.rb	2016-04-12 14:01:29.000000000 +0200
@@ -0,0 +1,40 @@
+ENV["Y2DIR"] = File.expand_path("../../src", __FILE__)
+
+require "yast"
+require "pathname"
+require "yast/rspec"
+
+if ENV["COVERAGE"]
+  require "simplecov"
+
+  # use coveralls for on-line code coverage reporting at Travis CI
+  if ENV["TRAVIS"]
+    require "coveralls"
+
+    SimpleCov.formatter = SimpleCov::Formatter::MultiFormatter[
+      SimpleCov::Formatter::HTMLFormatter,
+      Coveralls::SimpleCov::Formatter
+    ]
+  end
+
+  SimpleCov.start do
+    add_filter "/test/"
+  end
+end
+
+# configure RSpec
+RSpec.configure do |config|
+  config.mock_with :rspec do |c|
+    # https://relishapp.com/rspec/rspec-mocks/v/3-0/docs/verifying-doubles/partial...
+    c.verify_partial_doubles = true
+  end
+end
+
+libdir = File.expand_path("../../src/lib", __FILE__)
+$LOAD_PATH.unshift(libdir)
+
+# force loading all files to report proper code coverage
+# Dir.chdir(libdir) { Dir["**/*.rb"].each { |f| require f } }
+
+TESTS_PATH = Pathname.new(File.dirname(__FILE__))
+FIXTURES_PATH = TESTS_PATH.join("fixtures")
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-users-3.1.46/test/users_finish_test.rb new/yast2-users-3.1.47/test/users_finish_test.rb
--- old/yast2-users-3.1.46/test/users_finish_test.rb	1970-01-01 01:00:00.000000000 +0100
+++ new/yast2-users-3.1.47/test/users_finish_test.rb	2016-04-12 14:01:29.000000000 +0200
@@ -0,0 +1,103 @@
+#!/usr/bin/env rspec
+
+require_relative "spec_helper"
+require "fileutils"
+require "yaml"
+require "users/clients/users_finish"
+
+describe Yast::UsersFinishClient do
+  Yast.import "WFM"
+  Yast.import "UsersPasswd"
+
+  describe "#run" do
+    before do
+      allow(Yast::WFM).to receive(:Args).with(no_args).and_return(args)
+      allow(Yast::WFM).to receive(:Args) { |n| n.nil? ? args : args[n] }
+    end
+
+    context "Info" do
+      let(:args) { ["Info"] }
+
+      it "returns a hash describing the client" do
+        expect(subject.run).to be_kind_of(Hash)
+      end
+    end
+
+    context "Write" do
+      let(:args) { ["Write"] }
+      let(:users) { YAML.load_file(FIXTURES_PATH.join("users.yml")) }
+
+      before { allow(Yast::Mode).to receive(:autoinst).and_return(autoinst) }
+
+      around do |example|
+        change_scr_root(FIXTURES_PATH.join("root")) { example.run }
+        FileUtils.rm_rf(FIXTURES_PATH.join("root", "var"))
+      end
+
+      context "in autoinst mode" do
+        let(:autoinst) { true }
+
+        before do
+          # Writing users involves executing commands (cp, chmod, etc.) and those
+          # calls can't be mocked (Perl code).
+          allow(Yast::Users).to receive(:Write).and_return("")
+          Yast::Users.Import(users)
+        end
+
+        it "add users specified in the profile" do
+          subject.run
+
+          yast_user = Yast::Users.GetUsers("uid", "local").fetch("yast")
+          expect(yast_user).to_not be_nil
+        end
+
+        it "updates root account" do
+          subject.run
+
+          root_user = Yast::Users.GetUsers("uid", "system").fetch("root")
+          expect(root_user["userPassword"]).to_not be_empty
+        end
+
+        it "preserves system accounts passwords" do
+          subject.run
+
+          shadow = Yast::UsersPasswd.GetShadow("system")
+          passwords = shadow.values.map { |u| u["userPassword"] }
+          expect(passwords).to all(satisfy { |v| !v.empty? })
+        end
+      end
+
+      context "not in autoinst mode" do
+        let(:autoinst) { false }
+
+        before do
+          allow(subject).to receive(:setup_all_users).and_return(user_added)
+        end
+
+        context "when a new user is added" do
+          let(:user_added) { true }
+
+          it "write root password and users" do
+            # write root password
+            expect(Yast::UsersSimple).to receive(:Write)
+            # write users
+            expect(Yast::Users).to receive(:Write)
+            subject.run
+          end
+        end
+
+        context "when no new user is added" do
+          let(:user_added) { false }
+
+          it "write root password" do
+            # write root password
+            expect(Yast::UsersSimple).to receive(:Write)
+            # do not write users
+            expect(Yast::Users).to_not receive(:Write)
+            subject.run
+          end
+        end
+      end
+    end
+  end
+end

    

root＠hilbert.suse.de

tags

participants (1)