File: 21_pam.py

package info (click to toggle)

selinux-basics 0.5.0

links: PTS, VCS
area: main
in suites: wheezy
size: 140 kB
sloc: python: 279; sh: 217; perl: 43; makefile: 26

file content (39 lines) | stat: -rw-r--r-- 967 bytes

parent folder | download | duplicates (4)

class TestPAMConfig(TestBase):
	"""
	Verify that pam is setup for SELinux
	"""
	class ErrorPAMSSH(ErrorBase):
		def __str__(self):
			return "/etc/pam.d/ssh is not SELinux enabled"

	class ErrorPAMLogin(ErrorBase):
		def __str__(self):
			return "/etc/pam.d/login is not SELinux enabled"

	@staticmethod
	def test():
		import os, re
		r = re.compile(r'^\s*session\s*required\s*pam_selinux.so')
		result = []

		if os.access("/etc/pam.d/ssh", os.F_OK):
			selinuxon = False
			f = open("/etc/pam.d/ssh","r")
			for line in f.readlines():
				if r.match(line):
					selinuxon = True
			f.close()
			if not selinuxon:
				result.append(TestPAMConfig.ErrorPAMSSH())

		if os.access("/etc/pam.d/login", os.F_OK):
			selinuxon = False
			f = open("/etc/pam.d/login","r")
			for line in f.readlines():
				if r.match(line):
					selinuxon = True
			f.close()
			if not selinuxon:
				result.append(TestPAMConfig.ErrorPAMLogin())
		return result
register_test(TestPAMConfig)