Univention Bugzilla – Attachment 2483 Details for
Bug 18750
Sperrung des Benutzerkontos nach X erfolglosen Anmeldeversuchen
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
Test-Skript
47faillog2 (text/plain), 3.14 KB, created by
Philipp Hahn
on 2010-07-02 13:57:50 CEST
(
hide
)
Description:
Test-Skript
Filename:
MIME Type:
Creator:
Philipp Hahn
Created:
2010-07-02 13:57:50 CEST
Size:
3.14 KB
patch
obsolete
>#!/bin/bash > >source "$TESTLIBPATH/user.lib" >source "$TESTLIBPATH/base.lib" > >#if ! current_ucs_version_greater_equal 2.4; then ># exit 132 >#fi > >INFO_LINE="Test faillog via ssh" >TEST_SERVER_ROLE="domaincontroller_master" >TEST_BASIC=true >TEST_PACKAGES="univention-config univention-directory-manager-tools openssh-server" > >RETURNCODE=100 > >NAME=$(getusername) > >eval "$(ucr shell)" > >old_auth_faillog="$auth_faillog" >old_auth_faillog_limit="$auth_faillog_limit" >old_auth_faillog_root="$auth_faillog_root" >old_auth_faillog_unlock_time="$auth_faillog_unlock_time" >old_auth_faillog_lock_global="$auth_faillog_lock_global" >old_sshd_challengeresponse="$sshd_challengeresponse" >old_sshd_passwordauthentication="$sshd_passwordauthentication" > >ucr set \ > auth/faillog=yes \ > auth/faillog/lock_global=yes \ > auth/faillog/limit=6 \ > sshd/challengeresponse=yes \ > sshd/passwordauthentication=no > >/etc/init.d/ssh restart > >fake_passwd=$(mktemp) >echo "foobar1234" >"$fake_passwd" >passwd=$(mktemp) >echo "univention" >"$passwd" > >ssh_login () { > univention-ssh -timeout 10 "$1" -o NumberOfPasswordPrompts=3 "$NAME@$hostname.$domainname" /usr/sbin/ucr get hostname >} > >info "Create user $NAME" >univention-directory-manager users/user create \ > --position "cn=users,$ldap_base" \ > --set username="$NAME" \ > --set lastname="$NAME" \ > --set password="univention" \ > --set locked=none > >info "Lock none" >ssh_hostname="$(ssh_login "$passwd")" >if [ "$ssh_hostname" != "$hostname" ]; then > error "The login wasn't successful" > RETURNCODE=110 >fi > >ssh_login "$fake_passwd" # 3 >ssh_login "$fake_passwd" # 6 >ssh_hostname="$(ssh_login "$passwd")" >if [ "$ssh_hostname" = "$hostname" ]; then > error "The login was successful, but the user should be locked" > RETURNCODE=110 >fi > >info "Lock windows" >univention-directory-manager users/user modify --dn "uid=$NAME,cn=users,$ldap_base" --set locked=windows >sleep 5 #wait for the replication >ssh_hostname="$(ssh_login "$passwd")" >if [ "$ssh_hostname" != "$hostname" ]; then > error "The login wasn't successful" > RETURNCODE=110 >fi > >info "Lock posix" >univention-directory-manager users/user modify --dn "uid=$NAME,cn=users,$ldap_base" --set locked=posix >sleep 5 #wait for the replication >ssh_hostname="$(ssh_login "$passwd")" >if [ "$ssh_hostname" = "$hostname" ]; then > error "The login was successful, but the user should be locked" > RETURNCODE=110 >fi > >info "Lock all" >univention-directory-manager users/user modify --dn "uid=$NAME,cn=users,$ldap_base" --set locked=all >sleep 5 #wait for the replication >ssh_hostname="$(ssh_login "$passwd")" >if [ "$ssh_hostname" = "$hostname" ]; then > error "The login was successful, but the user should be locked" > RETURNCODE=110 >fi > >info "Remove user" >removeuser "$NAME" >function ucr_reset () { > declare -a reset unset > while [ $# -ge 1 ] > do > local var="old_${1//[^a-zA-Z0-9]/_}" > if [ "${!var}" ] > then > reset+=("$1"="${!var}") > else > unset+=("$1") > fi > shift > done > [ -n "${reset}" ] && ucr set "${reset[@]}" > [ -n "${unset}" ] && ucr unset "${unset[@]}" >} >ucr_reset \ > auth/faillog \ > auth/faillog/lock_global \ > auth/faillog/limit \ > sshd/challengeresponse \ > sshd/passwordauthentication > >/etc/init.d/ssh restart > >rm -f "$fake_passwd" "$passwd" > >exit $RETURNCODE
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=2483">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 18750
: 2483