Add an ACL verifier that checks access against NetDB roles using the

NetDB remctl interface.
author: Russ Allbery <rra@stanford.edu> 2007-11-15 05:42:29 +0000
committer: Russ Allbery <rra@stanford.edu> 2007-11-15 05:42:29 +0000
commit: 2393ffbc3c52c6552e00212d5209d6b870a55d4e (patch)
tree: 2eaca996ede5d9b835db69f6ac143e8cba051d36 /perl/t/data/netdb-fake
parent: b6bb3f3a72ec1dc32991cffeeab4f8b1cc27cc46 (diff)
1 files changed, 58 insertions, 0 deletions
diff --git a/perl/t/data/netdb-fake b/perl/t/data/netdb-fake
new file mode 100755
index 0000000..56744a7
--- /dev/null
+++ b/perl/t/data/netdb-fake
@@ -0,0 +1,58 @@
+#!/bin/sh
+# $Id$
+#
+# netdb-fake -- Fake NetDB remctl interface.
+#
+# This netdb-fake script is meant to be run by remctld during testing of
+# the NetDB ACL verifier.  It returns known roles or errors for different
+# nodes.
+
+set -e
+
+if [ "$1" != "node-roles" ] ; then
+    echo "Invalid command $1" >&2
+    exit 1
+fi
+
+case "$2" in
+test-user)
+    case "$3" in
+    all)
+        echo 'admin'
+        echo 'team'
+        echo 'user'
+        ;;
+    admin)
+        echo 'admin'
+        ;;
+    team)
+        echo 'team'
+        ;;
+    user)
+        echo 'This is just ignored' >&2
+        echo 'user'
+        ;;
+    unknown)
+        echo 'admin' >&2
+        echo 'unknown'
+        ;;
+    none)
+        ;;
+    esac
+    ;;
+error)
+    case "$3" in
+    normal)
+        echo 'some error' >&2
+        exit 1
+        ;;
+    status)
+        exit 1
+        ;;
+    esac
+    ;;
+*)
+    echo "Unknown principal $2" >&2
+    exit 1
+    ;;
+esac
author	Russ Allbery <rra@stanford.edu>	2007-11-15 05:42:29 +0000
committer	Russ Allbery <rra@stanford.edu>	2007-11-15 05:42:29 +0000
commit	2393ffbc3c52c6552e00212d5209d6b870a55d4e (patch)
tree	2eaca996ede5d9b835db69f6ac143e8cba051d36 /perl/t/data/netdb-fake
parent	b6bb3f3a72ec1dc32991cffeeab4f8b1cc27cc46 (diff)