diff options
Diffstat (limited to 'roles/unix_users/subplot.py')
-rw-r--r-- | roles/unix_users/subplot.py | 59 |
1 files changed, 59 insertions, 0 deletions
diff --git a/roles/unix_users/subplot.py b/roles/unix_users/subplot.py new file mode 100644 index 0000000..05330fd --- /dev/null +++ b/roles/unix_users/subplot.py @@ -0,0 +1,59 @@ +import logging + + +def host_does_not_have_user(ctx, username=None): + assert_ne = globals()["assert_ne"] + qemu = ctx["qemu"] + output, exit = qemu.ssh(["getent", "passwd", username]) + assert_ne(exit, 0) + + +def host_has_user(ctx, username=None): + assert_eq = globals()["assert_eq"] + qemu = ctx["qemu"] + output, exit = qemu.ssh(["getent", "passwd", username]) + assert_eq(exit, 0) + output = output.decode("UTF8") + assert f"{username}:" in output + + +def host_user_has_shell(ctx, username=None, shell=None): + assert_eq = globals()["assert_eq"] + qemu = ctx["qemu"] + output, exit = qemu.ssh(["getent", "passwd", username]) + assert_eq(exit, 0) + for line in output.decode("UTF8").splitlines(): + if line.startswith(f"{username}:"): + logging.debug(f"host_user_has_shell: line={line!r}") + assert line.endswith(f":{shell}") + + +def host_user_has_password(ctx, username=None, password=None): + assert_eq = globals()["assert_eq"] + qemu = ctx["qemu"] + output, exit = qemu.ssh(["sudo", "grep", f"^{username}:", "/etc/shadow"]) + assert_eq(exit, 0) + for line in output.decode("UTF8").splitlines(): + if line.startswith(f"{username}:"): + parts = line.split(":") + assert_eq(parts[1], password) + + +def host_user_has_authorized_keys_containing(ctx, username=None, substring=None): + assert_eq = globals()["assert_eq"] + qemu = ctx["qemu"] + output, exit = qemu.ssh(["sudo", "cat", f"/home/{username}/.ssh/authorized_keys"]) + assert_eq(exit, 0) + output = output.decode("UTF8") + assert substring in output + + +def host_user_is_in_group(ctx, username=None, group=None): + assert_eq = globals()["assert_eq"] + qemu = ctx["qemu"] + output, exit = qemu.ssh(["sudo", "-u", username, "groups"]) + assert_eq(exit, 0) + output = output.decode("UTF8") + groups = output.split() + logging.debug(f"host_user_is_in_group: groups={groups}") + assert group in groups |