aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGravatar Victor Huesca <victor.huesca@bootlin.com>2019-08-13 09:33:20 +0200
committerGravatar Thomas Petazzoni <thomas.petazzoni@bootlin.com>2019-08-13 22:30:41 +0200
commit152776b4207bd7f369f8ff7d4e3b1dff7063111f (patch)
tree40a80fe30cf17d298fbd760a5098444eefd112fb
parent0213feb8231daceb88d09a47ad915066447a9f95 (diff)
downloadbuildroot-152776b4207bd7f369f8ff7d4e3b1dff7063111f.tar.gz
buildroot-152776b4207bd7f369f8ff7d4e3b1dff7063111f.tar.bz2
support/testing: new test for root password
Add support to test that the root passowrd is working as expected. - Buildtime test: Check the hash present in the generated '/etc/shadow'. - Runtime test: Build an armv7 image and try to login with a password. Signed-off-by: Victor Huesca <victor.huesca@bootlin.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
-rw-r--r--.gitlab-ci.yml1
-rw-r--r--DEVELOPERS3
-rw-r--r--support/testing/tests/core/test_root_password.py36
3 files changed, 40 insertions, 0 deletions
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 7ee6e248b1..99940640a5 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -341,6 +341,7 @@ tests.core.test_hardening.TestRelroPartial: { extends: .runtime_test }
tests.core.test_hardening.TestSspNone: { extends: .runtime_test }
tests.core.test_hardening.TestSspStrong: { extends: .runtime_test }
tests.core.test_post_scripts.TestPostScripts: { extends: .runtime_test }
+tests.core.test_root_password.TestRootPassword: { extends: .runtime_test }
tests.core.test_rootfs_overlay.TestRootfsOverlay: { extends: .runtime_test }
tests.core.test_timezone.TestGlibcAllTimezone: { extends: .runtime_test }
tests.core.test_timezone.TestGlibcNonDefaultLimitedTimezone: { extends: .runtime_test }
diff --git a/DEVELOPERS b/DEVELOPERS
index 27a98db256..5fe244a570 100644
--- a/DEVELOPERS
+++ b/DEVELOPERS
@@ -2308,6 +2308,9 @@ F: package/llvm/
N: Vanya Sergeev <vsergeev@gmail.com>
F: package/lua-periphery/
+N: Victor Huesca <victor.huesca@bootlin.com>
+F: support/testing/tests/core/test_root_password.py
+
N: Vincent Prince <vincent.prince.fr@gmail.com>
F: package/nss-myhostname/
F: package/utp_com/
diff --git a/support/testing/tests/core/test_root_password.py b/support/testing/tests/core/test_root_password.py
new file mode 100644
index 0000000000..aefcd3605c
--- /dev/null
+++ b/support/testing/tests/core/test_root_password.py
@@ -0,0 +1,36 @@
+import os
+import infra.basetest
+from crypt import crypt
+
+
+class TestRootPassword(infra.basetest.BRTest):
+ password = "foo"
+ config = infra.basetest.BASIC_TOOLCHAIN_CONFIG + \
+ """
+ BR2_TARGET_ROOTFS_CPIO=y
+ BR2_TARGET_ENABLE_ROOT_LOGIN=y
+ BR2_TARGET_GENERIC_ROOT_PASSWD="{}"
+ """.format(password)
+
+ def test_run(self):
+ # 1. Test by looking hash in the /etc/shadow
+ shadow = os.path.join(self.builddir, "target", "etc", "shadow")
+ with open(shadow, "r") as f:
+ users = f.readlines()
+ for user in users:
+ s = user.split(":")
+ n, h = s[0], s[1]
+ if n == "root":
+ # Fail if the account is disabled or no password is required
+ self.assertTrue(h not in ["", "*"])
+ # Fail if the hash isn't right
+ self.assertEqual(crypt(self.password, h), h)
+
+ # 2. Test by attempting to login
+ cpio_file = os.path.join(self.builddir, "images", "rootfs.cpio")
+ try:
+ self.emulator.boot(arch="armv7", kernel="builtin",
+ options=["-initrd", cpio_file])
+ self.emulator.login(self.password)
+ except SystemError:
+ self.fail("Unable to login with the password")