about summary refs log tree commit diff
path: root/nixos/tests/shadow.nix
diff options
context:
space:
mode:
authorLily Foster <lily@lily.flowers>2023-01-07 20:56:11 -0500
committerWinter <winter@winter.cafe>2023-02-25 14:27:35 -0500
commit5508000ddfc5b6b0db7f25272ef09588637e375f (patch)
tree51f1c24f9f49cbdfdcb390c9abff2e865327853b /nixos/tests/shadow.nix
parentbfa0bff64474a528eb06a7f9e0a9f53f1b41af45 (diff)
nixos/tests/shadow: ensure hashedPassword takes precedence over initialHashedPassword
Diffstat (limited to 'nixos/tests/shadow.nix')
-rw-r--r--nixos/tests/shadow.nix23


1 files changed, 23 insertions, 0 deletions
diff --git a/nixos/tests/shadow.nix b/nixos/tests/shadow.nix
index baa2e5945c05d..c9a04088e8709 100644
--- a/nixos/tests/shadow.nix
+++ b/nixos/tests/shadow.nix
@@ -5,6 +5,7 @@ let
   password4 = "asdf123";
   hashed_bcrypt = "$2b$05$8xIEflrk2RxQtcVXbGIxs.Vl0x7dF1/JSv3cyX6JJt0npzkTCWvxK"; # fnord
   hashed_yeshash = "$y$j9T$d8Z4EAf8P1SvM/aDFbxMS0$VnTXMp/Hnc7QdCBEaLTq5ZFOAFo2/PM0/xEAFuOE88."; # fnord
+  hashed_sha512crypt = "$6$ymzs8WINZ5wGwQcV$VC2S0cQiX8NVukOLymysTPn4v1zJoJp3NGyhnqyv/dAf4NWZsBWYveQcj6gEJr4ZUjRBRjM0Pj1L8TCQ8hUUp0"; # meow
 in import ./make-test-python.nix ({ pkgs, ... }: {
   name = "shadow";
   meta = with pkgs.lib.maintainers; { maintainers = [ nequissimus ]; };
@@ -39,6 +40,12 @@ in import ./make-test-python.nix ({ pkgs, ... }: {
         hashedPassword = hashed_yeshash;
         shell = pkgs.bash;
       };
+      users.leo = {
+        isNormalUser = true;
+        initialHashedPassword = "!";
+        hashedPassword = hashed_sha512crypt; # should take precedence over initialHashedPassword
+        shell = pkgs.bash;
+      };
     };
   };
 
@@ -145,5 +152,21 @@ in import ./make-test-python.nix ({ pkgs, ... }: {
             print(shadow.succeed(f"cat /tmp/{u}"))
             assert u in shadow.succeed(f"cat /tmp/{u}")
             shadow.send_chars("logout\n")
+
+    with subtest("Ensure hashedPassword does not get overridden by initialHashedPassword"):
+        shadow.send_key("alt-f6")
+        shadow.wait_until_succeeds("[ $(fgconsole) = 6 ]")
+        shadow.wait_for_unit("getty@tty6.service")
+        shadow.wait_until_succeeds("pgrep -f 'agetty.*tty6'")
+        shadow.wait_until_tty_matches("6", "login: ")
+        shadow.send_chars("leo\n")
+        shadow.wait_until_tty_matches("6", "login: leo")
+        shadow.wait_until_succeeds("pgrep login")
+        shadow.sleep(2)
+        shadow.send_chars("meow\n")
+        shadow.send_chars("whoami > /tmp/leo\n")
+        shadow.wait_for_file("/tmp/leo")
+        assert "leo" in shadow.succeed("cat /tmp/leo")
+        shadow.send_chars("logout\n")
   '';
 })

 

generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-08-07 07:46:57 +0000