Add comprehensive test for the groupmod -U option when provided with a
list of users to set group membership. This test verifies:
- Setting initial group membership with multiple users
- Proper membership verification in both group and gshadow entries
- Updating group membership by modifying the user list
- Correct handling of membership changes in group databases
Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
GShadowEntry administrators and members represent a list of usernames,
not a single string. Thus, set them to `list[str]`. This fixes type
safety and clarifies the expected data structure.
Fixes: 458700b5d670 (2025-09-10; "tests/system/framework/: fix Python linter issues")
Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
This is the transformation to Python of the test located in
`tests/grouptools/groupmems/01_groupmems_root_add_user/groupmems.test`,
which checks that `groupmems` is able to add a user to a group running
as the root user.
Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
This is the transformation to Python of the test located in
`tests/newusers/20_multiple_users/newusers.test`, which checks that
`newusers` is able to create new users from file.
Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
This is the transformation to Python of the test located in
`tests/newusers/35_read_from_stdin/newusers.test`, which checks that
`newusers` is able to create new users from stdin.
Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
The test framework PoC only provided basic checks. I've added additional
functionality to the framework by checking shadow and gshadow entries
and I've extended the basic useradd test to check those too.
Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
Reviewed-by: Dan Lavu <dlavu@redhat.com>
Alpine Linux versions also contain the revision, and this needs to be
taken into account when detecting it.
Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
Reviewed-by: Dan Lavu <dlavu@redhat.com>
openSUSE includes comment lines in `/etc/os-release` file and this can
cause some issues during the distribution detection. Ignore those lines
as they don't cause any effect on the system.
Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
Reviewed-by: Dan Lavu <dlavu@redhat.com>
Implement a general function to detect features in shadow host.
Apparently, musl doesn't provide `getent gshadow`, but shadow still needs
it to check for several group attributes. Thus, check whether it exists
in the host, and if it does run it. If not, let's just skip that part of
the test.
Link: <https://gitlab.alpinelinux.org/alpine/aports/-/issues/16979>
Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
Reviewed-by: Dan Lavu <dlavu@redhat.com>
Provide a way for the system framework to run `getent gshadow $name` and
check its output in a meaningful way.
Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
Reviewed-by: Dan Lavu <dlavu@redhat.com>
Provide a way for the system framework to run `getent shadow $name` and
check its output in a meaningful way.
Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
Reviewed-by: Dan Lavu <dlavu@redhat.com>
I suspect this is not a big deal, and most distributions just ship their own
version verbatim like debian/login.defs. But if there is a distro - or even a
person - using this as is from upstream, then we dont' want to break them. So
let's undo this and use an etc/login.defs.test for the testing if needed.
Changelog: 01/13: move etc/login.defs.test to tests/system/etc/login.defs per
suggestion.
Signed-off-by: Serge Hallyn <serge@hallyn.com>
This is the transformation to Python of the test located in
`tests/grouptools/groupdel/01_groupdel_delete_group/groupdel.test`,
which checks that `groupdel` is able to delete a group.
Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
This is the transformation to Python of the test located in
`tests/grouptools/groupmod/01_groupmod_change_gid/groupmod.test`, which
checks that `groupmod` is able to change the GID of a group.
Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
This is the transformation to Python of the test located in
`tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/groupadd.test`,
which checks that `groupadd` is able to create a new group.
Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
This is the transformation to Python of the test located in
`tests/usertools/01/18_userdel_remove_homedir.test`, which checks that
`userdel` is able to delete a user and its homedir. The test checks that
the user, the group and the home folder don't exist.
Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
This is the transformation to Python of the test located in
`tests/usertools/01/10_usermod_rename_user.test`, which checks that
`usermod` is able to rename a user. The test checks that the new user,
the group and home folder exists.
Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
This is the transformation to Python of the test located in
`tests/usertools/01/02_useradd_recreate_deleted_user.test`, which checks
that `useradd` is able to create again a removed user.
Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
This is the transformation to Python of the test located in
`tests/usertools/01/01_useradd_add_user.test`, which checks that
`useradd` is able to create a new user and its corresponding group and
home folder.
Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
As discussed at length, this is the implementation of the new system
tests framework for shadow. This is a proof of concept that contains the
key elements to be able to run basic user (i.e. useradd, usermod) and
group (i.e. usermod) tests. If you like the framework the rest of the
functionality will be added in the future.
Some useful facts:
* It is implemented in python
* It is based on pytest and pytest-mh
* It works on all the distributions that are part of our CI
* It can be run in the cloud (VM or container) as well as on-premises
* After the execution of each test the environment is cleaned up
* Logs and other artifacts for failed tests are collected
* It has a rich API that can be extended and extended to cover new
functionalities
Closes: https://github.com/shadow-maint/shadow/issues/835
Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
