Added specific class and tests for CtrlAltDel interpretation.

yast · Feb 29, 2016 · 6680d97 · 6680d97
1 parent caea7af
commit 6680d97
Show file tree

Hide file tree

Showing 7 changed files with 369 additions and 44 deletions.
diff --git a/package/yast2-security.changes b/package/yast2-security.changes
@@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Fri Feb 26 12:40:29 UTC 2016 - knut.anderssen@suse.com
+
+- Removed "Boot permissions - Interpretation"  of Ctrl + Alt + Del
+  for s390. (fate#319711)
+- 3.2.1
+
 -------------------------------------------------------------------
 Thu Sep 24 14:50:20 UTC 2015 - ancor@suse.com
 

diff --git a/package/yast2-security.spec b/package/yast2-security.spec
@@ -17,7 +17,7 @@
 
 
 Name:           yast2-security
-Version:        3.2.0
+Version:        3.2.1
 Release:        0
 
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
@@ -78,4 +78,5 @@ fi
 %{yast_scrconfdir}/*.scr
 %{yast_schemadir}/autoyast/rnc/security.rnc
 %{yast_ydatadir}/security
+%{yast_libdir}/security
 %doc %{yast_docdir}
diff --git a/src/lib/security/ctrl_alt_del_config.rb b/src/lib/security/ctrl_alt_del_config.rb
@@ -0,0 +1,93 @@
+# encoding: utf-8
+
+# ------------------------------------------------------------------------------
+# Copyright (c) 2015 SUSE LLC, All Rights Reserved.
+#
+# This program is free software; you can redistribute it and/or modify it under
+# the terms of version 2 of the GNU General Public License as
+# published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+# FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
+# details.
+#
+# You should have received a copy of the GNU General Public License along with
+# this program; if not, contact SUSE LLC.
+#
+# To contact SUSE about this file by physical or electronic mail, you may find
+# current contact information at www.suse.com.
+# ------------------------------------------------------------------------------
+#
+
+require "yast"
+
+module Security
+  module CtrlAltDelConfig
+    include Yast::Logger
+    Yast.import "SCR"
+    Yast.import "Arch"
+    Yast.import "Package"
+
+    SYSTEMD_FILE = "/etc/systemd/system/ctrl-alt-del.target"
+
+    class << self
+      def systemd?
+        Yast::Package.Installed("systemd")
+      end
+
+      def inittab?
+        File.exist?("/etc/inittab")
+      end
+
+      def default
+        Yast::Arch.s390 ? "halt" : "reboot"
+      end
+
+      def current
+        return current_systemd if systemd?
+        return current_inittab if inittab?
+        nil
+      end
+
+      def current_systemd
+        if !File.exist?(SYSTEMD_FILE)
+          ret = nil
+        else
+          link = Yast::SCR.Read(Yast::Path.new(".target.symlink"), SYSTEMD_FILE).to_s
+          ret = case link
+                when "/usr/lib/systemd/system/poweroff.target"
+                  "halt"
+                when "/usr/lib/systemd/system/reboot.target"
+                  "reboot"
+                when "/usr/lib/systemd/system/ctrl-alt-del.target"
+                  default
+                else
+                  log.error "Not known link #{link}"
+                  "ignore"
+                end
+        end
+        ret
+      end
+
+      def current_inittab
+        ca = Yast::SCR.Read(Yast::Path.new(".etc.inittab.ca"))
+        ret = case ca
+              when /\/bin\/true/, /\/bin\/false/
+                "ignore"
+              when /reboot/, / -r/
+                "reboot"
+              when /halt/, / -h/
+                "halt"
+              when nil
+                log.error("No ca entry")
+                nil
+              else
+                log.error "Unknown ca status: #{ca}"
+                "ignore"
+              end
+        ret
+      end
+    end
+  end
+end
diff --git a/src/modules/Security.rb b/src/modules/Security.rb
@@ -27,11 +27,13 @@
 # $Id$
 require "yast"
 require "yaml"
+require "security/ctrl_alt_del_config"
 
 module Yast
   class SecurityClass < Module
 
     include Yast::Logger
+    include ::Security::CtrlAltDelConfig
 
     def main
       Yast.import "UI"
@@ -71,7 +73,7 @@ def main
 
       # All security settings
       @Settings = {
-        "CONSOLE_SHUTDOWN"                          => Arch.s390 ? "halt" : "reboot",
+        "CONSOLE_SHUTDOWN"                          => ::Security::CtrlAltDelConfig.default,
         "CRACKLIB_DICT_PATH"                        => "/usr/lib/cracklib_dict",
         "DISPLAYMANAGER_REMOTE_ACCESS"              => "no",
         "kernel.sysrq"                              => "0",
@@ -291,47 +293,19 @@ def ReadServiceSettings
       nil
     end
 
+    def inittab_shutdown_configured?
+      inittab = SCR.Dir(path(".etc.inittab"))
+      inittab.include? "ca"
+    end
+
     # Read the information about ctrl+alt+del behavior
     # See bug 742783 for description
     def ReadConsoleShutdown
-      if Package.Installed("systemd")
-        if !FileUtils.Exists(@ctrl_alt_del_file)
-          ret = Arch.s390 ? "halt" : "reboot"
-        else
-          link = SCR.Read(path(".target.symlink"), @ctrl_alt_del_file).to_s
-          ret = case link
-                when "/usr/lib/systemd/system/poweroff.target"
-                  "halt"
-                when "/usr/lib/systemd/system/reboot.target"
-                  "reboot"
-                when "/usr/lib/systemd/system/ctrl-alt-del.target"
-                  Arch.s390 ? "halt" : "reboot"
-                else
-                  "ignore"
-                end
-        end
-        return ret
-      end
+      ret = ::Security::CtrlAltDelConfig.current || ::Security::CtrlAltDelConfig.default
 
-      inittab = SCR.Dir(path(".etc.inittab"))
-      if Builtins.contains(inittab, "ca")
-        ca = Convert.to_string(SCR.Read(path(".etc.inittab.ca")))
-        if Builtins.issubstring(ca, "/bin/true") ||
-            Builtins.issubstring(ca, "/bin/false")
-          Ops.set(@Settings, "CONSOLE_SHUTDOWN", "ignore")
-        elsif Builtins.issubstring(ca, "reboot") ||
-            Builtins.issubstring(ca, " -r")
-          Ops.set(@Settings, "CONSOLE_SHUTDOWN", "reboot")
-        elsif Builtins.issubstring(ca, "halt") ||
-            Builtins.issubstring(ca, " -h")
-          Ops.set(@Settings, "CONSOLE_SHUTDOWN", "halt")
-        else
-          Builtins.y2error("Unknown ca status: %1", ca)
-          Ops.set(@Settings, "CONSOLE_SHUTDOWN", "ignore")
-        end
-      else
-        Ops.set(@Settings, "CONSOLE_SHUTDOWN", "ignore")
-      end
+      return ret if ::Security::CtrlAltDelConfig.systemd?
+
+      @Settings["CONSOLE_SHUTDOWN"] = ret if ::Security::CtrlAltDelConfig.inittab?
 
       nil
     end

diff --git a/test/ctrl_alt_del_config_test.rb b/test/ctrl_alt_del_config_test.rb
@@ -0,0 +1,133 @@
+#!/usr/bin/env rspec
+
+require_relative "test_helper"
+require "security/ctrl_alt_del_config"
+
+module Security
+
+  describe CtrlAltDelConfig do
+
+    def stub_arch(arch)
+      Yast.import "Arch"
+
+      allow(Yast::Arch).to receive(arch) { true }
+    end
+
+    describe ".default" do
+
+      it "returns 'halt' for a s390 architecture" do
+        stub_arch("s390")
+
+        expect(subject.default).to eql("halt")
+      end
+
+      it "returns 'reboot' for non s390 architecture" do
+        expect(subject.default).to eql("reboot")
+      end
+    end
+
+    describe ".systemd?" do
+
+      it "returns false if not systemd package installed" do
+        allow(Yast::Package).to receive(:Installed).with("systemd") { false }
+
+        expect(subject.systemd?).to eql(false)
+      end
+
+      it "returns true if systemd package installed" do
+        allow(Yast::Package).to receive(:Installed).with("systemd") { true }
+
+        expect(subject.systemd?).to eql(true)
+      end
+
+    end
+
+    describe ".inittab?" do
+
+      it "returns true if inittab file exist" do
+        allow(File).to receive(:exist?).with("/etc/inittab") { true }
+
+        expect(subject.inittab?).to eql(true)
+      end
+
+      it "returns false if not inittab file exist" do
+        allow(File).to receive(:exist?).with("/etc/inittab") { false }
+
+        expect(subject.inittab?).to eql(false)
+      end
+    end
+
+    describe ".current" do
+
+      it "returns nil if not systemd and not innitab config" do
+        allow(subject).to receive(:systemd?) { false }
+        allow(subject).to receive(:inittab?) { false }
+
+        expect(subject.current).to eql(nil)
+      end
+
+    end
+
+    describe ".current_systemd" do
+      let(:target_link) { "/usr/lib/systemd/system/poweroff.target" }
+
+      context "when no config file exists" do
+        it "returns nil if not config tile exists" do
+          allow(File).to receive(:exist?).with(subject::SYSTEMD_FILE) { false }
+
+          expect(subject.current_systemd).to be_nil
+        end
+      end
+
+      context "when config file exists" do
+        before do
+          allow(File).to receive(:exist?).with(subject::SYSTEMD_FILE) { true }
+        end
+
+        it "returns 'halt' if links to poweroff.target" do
+          allow(Yast::SCR).to receive(:Read).with(path(".target.symlink"), subject::SYSTEMD_FILE)
+            .and_return(target_link)
+
+          expect(subject.current_systemd).to eql("halt")
+        end
+
+        it "returns 'reboot' if links to reboot.target" do
+          target_link = "/usr/lib/systemd/system/reboot.target"
+          allow(Yast::SCR).to receive(:Read).with(path(".target.symlink"), subject::SYSTEMD_FILE)
+            .and_return(target_link)
+
+          expect(subject.current_systemd).to eql("reboot")
+        end
+
+        it "returns default value if links to ctrl-alt-del.target" do
+          target_link = "/usr/lib/systemd/system/ctrl-alt-del.target"
+          allow(Yast::SCR).to receive(:Read).with(path(".target.symlink"), subject::SYSTEMD_FILE)
+            .and_return(target_link)
+          allow(subject).to receive(:default) { "reboot or shutdown" }
+
+          expect(subject.current_systemd).to eql("reboot or shutdown")
+        end
+
+        it "returns 'ignore' if links to any other file" do
+          allow(Yast::SCR).to receive(:Read).with(path(".target.symlink"), subject::SYSTEMD_FILE)
+            .and_return("dummy_file")
+
+          expect(subject.current_systemd).to eql("ignore")
+        end
+
+      end
+    end
+
+    describe ".current_inittab" do
+      it "returns nil if not ca entry" do
+        allow(Yast::SCR).to receive(:Read).with(path(".etc.inittab.ca")) { nil }
+        #allow(Yast::SCR).to receive(:Read).with(path(".etc.inittab.ca")) { "12345:/bin/shutdown -h now" }
+
+        expect(subject.current_inittab).to be_nil
+      end
+
+    end
+
+  end
+
+end