|
1 This bug is fixed upstream as : |
|
2 https://tickets.puppetlabs.com/browse/PUP-229 |
|
3 |
|
4 ---- |
|
5 From 6940de68efcc97a0af946f62ebfbfe53ad410d5d Mon Sep 17 00:00:00 2001 |
|
6 From: Rahul Gopinath <[email protected]> |
|
7 Date: Thu, 14 Aug 2014 18:38:19 -0700 |
|
8 Subject: [PATCH] (PUP 229) Fix /etc/shadow parsing so that max/min_age is |
|
9 reported correctly |
|
10 |
|
11 Before this patch, parsing /etc/shadow, when empty trailing fields were |
|
12 present, they were discarded, and inturn a nil check was used to ensure that |
|
13 the fields did not exist. However, this ran into trouble when a value was |
|
14 appended to the end, causing all the empty fields to be returned as empty |
|
15 strings instead, failing the nil checks. |
|
16 |
|
17 This patch ensures that all empty fields are returned as empty strings, and |
|
18 a check for empty string is used to check whether the field exists or not. |
|
19 --- |
|
20 |
|
21 --- puppet-3.6.2/lib/puppet/provider/user/user_role_add.rb.orig |
|
22 +++ puppet-3.6.2/lib/puppet/provider/user/user_role_add.rb |
|
23 @@ -177,7 +177,8 @@ |
|
24 return @shadow_entry if defined? @shadow_entry |
|
25 @shadow_entry = File.readlines(target_file_path). |
|
26 reject { |r| r =~ /^[^\w]/ }. |
|
27 - collect { |l| l.chomp.split(':') }. |
|
28 + # PUP-229 dont suppress the empty fields |
|
29 + collect { |l| l.chomp.split(':', -1) }. |
|
30 find { |user, _| user == @resource[:name] } |
|
31 end |
|
32 |
|
33 @@ -186,12 +187,12 @@ |
|
34 end |
|
35 |
|
36 def password_min_age |
|
37 - shadow_entry ? shadow_entry[3] : :absent |
|
38 + shadow_entry[3].empty? ? -1 : shadow_entry[3] |
|
39 end |
|
40 |
|
41 def password_max_age |
|
42 return :absent unless shadow_entry |
|
43 - shadow_entry[4] || -1 |
|
44 + shadow_entry[4].empty? ? -1 : shadow_entry[4] |
|
45 end |
|
46 |
|
47 # Read in /etc/shadow, find the line for our used and rewrite it with the |
|
48 |
|
49 --- puppet-3.6.2/spec/unit/provider/user/user_role_add_spec.rb.orig |
|
50 +++ puppet-3.6.2/spec/unit/provider/user/user_role_add_spec.rb |
|
51 @@ -317,7 +317,7 @@ def write_fixture(content) |
|
52 describe "#shadow_entry" do |
|
53 it "should return the line for the right user" do |
|
54 File.stubs(:readlines).returns(["someuser:!:10:5:20:7:1::\n", "fakeval:*:20:10:30:7:2::\n", "testuser:*:30:15:40:7:3::\n"]) |
|
55 - provider.shadow_entry.should == ["fakeval", "*", "20", "10", "30", "7", "2"] |
|
56 + provider.shadow_entry.should == ["fakeval", "*", "20", "10", "30", "7", "2", "", ""] |
|
57 end |
|
58 end |
|
59 |
|
60 @@ -331,5 +331,27 @@ def write_fixture(content) |
|
61 File.stubs(:readlines).returns(["fakeval:NP:12345::::::\n"]) |
|
62 provider.password_max_age.should == -1 |
|
63 end |
|
64 + |
|
65 + it "should return -1 for no maximum when failed attempts are present" do |
|
66 + File.stubs(:readlines).returns(["fakeval:NP:12345::::::3\n"]) |
|
67 + provider.password_max_age.should == -1 |
|
68 + end |
|
69 + end |
|
70 + |
|
71 + describe "#password_min_age" do |
|
72 + it "should return a minimum age number" do |
|
73 + File.stubs(:readlines).returns(["fakeval:NP:12345:10:50::::\n"]) |
|
74 + provider.password_min_age.should == "10" |
|
75 + end |
|
76 + |
|
77 + it "should return -1 for no minimum" do |
|
78 + File.stubs(:readlines).returns(["fakeval:NP:12345::::::\n"]) |
|
79 + provider.password_min_age.should == -1 |
|
80 + end |
|
81 + |
|
82 + it "should return -1 for no minimum when failed attempts are present" do |
|
83 + File.stubs(:readlines).returns(["fakeval:NP:12345::::::3\n"]) |
|
84 + provider.password_min_age.should == -1 |
|
85 + end |
|
86 end |
|
87 end |