plugins/sudoers/regress/cvtsudoers/test24.sh
plugins/sudoers/regress/cvtsudoers/test25.out.ok
plugins/sudoers/regress/cvtsudoers/test25.sh
+plugins/sudoers/regress/cvtsudoers/test26.err.ok
plugins/sudoers/regress/cvtsudoers/test26.out.ok
plugins/sudoers/regress/cvtsudoers/test26.sh
plugins/sudoers/regress/cvtsudoers/test27.out.ok
plugins/sudoers/regress/cvtsudoers/test31.conf
plugins/sudoers/regress/cvtsudoers/test31.out.ok
plugins/sudoers/regress/cvtsudoers/test31.sh
+plugins/sudoers/regress/cvtsudoers/test32.err.ok
plugins/sudoers/regress/cvtsudoers/test32.out.ok
plugins/sudoers/regress/cvtsudoers/test32.sh
plugins/sudoers/regress/cvtsudoers/test33.out.ok
# Test user and host filters
#
-exec 2>&1
./cvtsudoers -c "" -f sudoers -m user=millert,host=hercules $TESTDIR/sudoers
exit 0
# Test command defaults filtering
#
-exec 2>&1
./cvtsudoers -c "" -f sudoers -s aliases,privileges -d command $TESTDIR/sudoers
exit 0
# Test that Aliases are removed when filtering by defaults type
#
-exec 2>&1
./cvtsudoers -c "" -f sudoers -d command $TESTDIR/sudoers.defs
# Test that Aliases are removed when filtering by defaults type
#
-exec 2>&1
./cvtsudoers -c "" -f sudoers -d user $TESTDIR/sudoers.defs
# Test that Aliases are removed when filtering by defaults type
#
-exec 2>&1
./cvtsudoers -c "" -f sudoers -d host $TESTDIR/sudoers.defs
# Test that Aliases are removed when filtering by defaults type
#
-exec 2>&1
./cvtsudoers -c "" -f sudoers -d runas $TESTDIR/sudoers.defs
# Test filters and pruning
#
-exec 2>&1
./cvtsudoers -c "" -f sudoers -p -m user=user1 <<EOF
user1, user2, user3, %group1 host1, host2, host3 = ALL
EOF
# Test filters and pruning
#
-exec 2>&1
./cvtsudoers -c "" -f sudoers -p -m user=user2,host=host2 <<EOF
user1, user2, user3, %group1 host1, host2, host3 = ALL
EOF
# Test filters and pruning
#
-exec 2>&1
./cvtsudoers -c "" -f sudoers -p -m group=group1,host=host1 <<EOF
user1, user2, user3, %group1 host1, host2, host3 = ALL
EOF
# Test filters and pruning
#
-exec 2>&1
./cvtsudoers -c "" -f sudoers -p -m group=group1,host=somehost <<EOF
user1, user2, user3, %group1 ALL = ALL
EOF
# Test filters and pruning; alias contents don't get pruned
#
-exec 2>&1
./cvtsudoers -c "" -f sudoers -p -m user=FULLTIMERS,host=SERVERS $TESTDIR/sudoers
# Test user and host filters, expanding aliases
#
-exec 2>&1
./cvtsudoers -c "" -f sudoers -e -m user=millert,host=hercules $TESTDIR/sudoers
exit 0
# Test cvtsudoers.conf
#
-exec 2>&1
./cvtsudoers -c $TESTDIR/test20.conf <<EOF
Defaults:SOMEUSERS authenticate, timestamp_timeout=0
User_Alias SOMEUSERS = user1, user2, user3
# Test cvtsudoers.conf
#
-exec 2>&1
./cvtsudoers -c $TESTDIR/test21.conf <<EOF
Defaults authenticate, timestamp_timeout=0
User_Alias FULLTIMERS = user1, user2, user3
# Test LDAP base filtering.
#
-exec 2>&1
./cvtsudoers -c "" -i ldif -b "ou=SUDOers,dc=sudo,dc=ws" -I 10 -O 10 <<EOF
dn: dc=sudo,dc=ws
objectClass: dcObject
# Test round-tripping of sudoers -> LDIF -> sudoers
#
-exec 2>&1
./cvtsudoers -c "" -b "ou=SUDOers,dc=sudo,dc=ws" $TESTDIR/test23.out.ok | \
./cvtsudoers -c "" -i LDIF -f sudoers | grep -v '^#'
# Test round-tripping of LDIF -> sudoers -> LDIF
#
-exec 2>&1
./cvtsudoers -c "" -i LDIF -f sudoers $TESTDIR/test24.out.ok | \
./cvtsudoers -c "" -b "ou=SUDOers,dc=sudo,dc=ws"
# Test LDIF base64 attribute parsing
#
-exec 2>&1
./cvtsudoers -c "" -i ldif -b "ou=SUDOers,dc=sudo,dc=ws" -I 10 -O 10 <<EOF
# defaults, SUDOers, sudo.ws
dn:: Y249ZGVmYXVsdHMsb3U9U1VET2VycyxkYz1zdWRvLGRjPXdz
--- /dev/null
+cvtsudoers: ignoring invalid attribute value: bG9nX29@1dHB1dA==
+cvtsudoers: ignoring invalid attribute value: Y249cm9vdCxvdT1TVURPZXJzLGRjPXN1ZG8sZGM9_d3M=
+cvtsudoers: ignoring invalid attribute value: Y249JXdoZWVsLG91PVNVRE9lcnMsZGM9c3VkbyxkYz13cw!==
-cvtsudoers: ignoring invalid attribute value: bG9nX29@1dHB1dA==
-cvtsudoers: ignoring invalid attribute value: Y249cm9vdCxvdT1TVURPZXJzLGRjPXN1ZG8sZGM9_d3M=
-cvtsudoers: ignoring invalid attribute value: Y249JXdoZWVsLG91PVNVRE9lcnMsZGM9c3VkbyxkYz13cw!==
# Test LDIF invalid base64 attribute parsing
#
-exec 2>&1
./cvtsudoers -c "" -i ldif -b "ou=SUDOers,dc=sudo,dc=ws" -I 10 -O 10 <<EOF
# defaults, SUDOers, sudo.ws
dn:: Y249ZGVmYXVsdHMsb3U9U1VET2VycyxkYz1zdWRvLGRjPXdz
# Test base64 encoding of non-safe strings
#
-exec 2>&1
./cvtsudoers -c "" -b "ou=SUDOers©,dc=sudo,dc=ws" <<EOF
Defaults badpass_message="Bad password¡"
# Test LDAP sudoOrder when converting to sudoers.
#
-exec 2>&1
./cvtsudoers -c "" -i ldif -f sudoers <<EOF
dn: dc=sudo,dc=ws
objectClass: dcObject
# Test LDAP sudoOrder when converting to sudoers.
#
-exec 2>&1
./cvtsudoers -c "" -i ldif -f sudoers <<EOF
dn: dc=sudo,dc=ws
objectClass: dcObject
# Test group and host filters
#
-exec 2>&1
./cvtsudoers -c "" -f sudoers -m group=wheel,host=blackhole $TESTDIR/sudoers
exit 0
# See https://bugzilla.sudo.ws/show_bug.cgi?id=853
#
-exec 2>&1
./cvtsudoers -c "" -e -f json <<EOF
Cmnd_Alias CMDA=/path/to/cmda
Cmnd_Alias CMDB=/path/to/cmdb
# Test cvtsudoers.conf with padding
#
-exec 2>&1
./cvtsudoers -c $TESTDIR/test31.conf <<EOF
Defaults authenticate, timestamp_timeout=0
User_Alias FULLTIMERS = user1, user2, user3
--- /dev/null
+cvtsudoers: too many sudoers entries, maximum 10
-cvtsudoers: too many sudoers entries, maximum 10
dn: cn=user0,ou=SUDOers,dc=my-domain,dc=com
objectClass: top
objectClass: sudoRole
# Test cvtsudoers.conf with invalid padding
#
-exec 2>&1
./cvtsudoers -c "" -b "ou=SUDOers,dc=my-domain,dc=com" -O 1000 -P 1 <<EOF
user0 ALL = (ALL:ALL) ALL
user1 ALL = (ALL:ALL) ALL
# Test LDAP negated sudoRunAsUser and sudoRunAsGroup converted to sudoers.
#
-exec 2>&1
./cvtsudoers -c "" -i ldif -f sudoers <<EOF
dn: dc=sudo,dc=ws
objectClass: dcObject
# Test group and host filters, expanding aliases
#
-exec 2>&1
./cvtsudoers -c "" -f sudoers -e -m group=wheel,host=blackhole $TESTDIR/sudoers
exit 0
# Test defaults type filtering
#
-exec 2>&1
./cvtsudoers -c "" -f sudoers -s aliases,privileges -d all $TESTDIR/sudoers
exit 0
# Test global defaults filtering
#
-exec 2>&1
./cvtsudoers -c "" -f sudoers -s aliases,privileges -d global $TESTDIR/sudoers
exit 0
# Test user defaults filtering
#
-exec 2>&1
./cvtsudoers -c "" -f sudoers -s aliases,privileges -d user $TESTDIR/sudoers
exit 0
# Test runas defaults filtering
#
-exec 2>&1
./cvtsudoers -c "" -f sudoers -s aliases,privileges -d runas $TESTDIR/sudoers
exit 0
# Test host defaults filtering
#
-exec 2>&1
./cvtsudoers -c "" -f sudoers -s aliases,privileges -d host $TESTDIR/sudoers
exit 0