1 # Public Domain 2 # Zev Weiss, 2016 3 4 tid="AllowUsers/DenyUsers" 5 6 me="$LOGNAME" 7 if [ "x$me" = "x" ]; then 8 me=`whoami` 9 fi 10 other="nobody" 11 12 test_auth() 13 { 14 deny="$1" 15 allow="$2" 16 should_succeed="$3" 17 failmsg="$4" 18 19 start_sshd -oDenyUsers="$deny" -oAllowUsers="$allow" 20 21 ${SSH} -F $OBJ/ssh_config "$me@somehost" true 22 status=$? 23 24 if (test $status -eq 0 && ! $should_succeed) \ 25 || (test $status -ne 0 && $should_succeed); then 26 fail "$failmsg" 27 fi 28 29 stop_sshd 30 } 31 32 # DenyUsers AllowUsers should_succeed failure_message 33 test_auth "" "" true "user in neither DenyUsers nor AllowUsers denied" 34 test_auth "$other $me" "" false "user in DenyUsers allowed" 35 test_auth "$me $other" "" false "user in DenyUsers allowed" 36 test_auth "" "$other" false "user not in AllowUsers allowed" 37 test_auth "" "$other $me" true "user in AllowUsers denied" 38 test_auth "" "$me $other" true "user in AllowUsers denied" 39 test_auth "$me $other" "$me $other" false "user in both DenyUsers and AllowUsers allowed" 40 test_auth "$other $me" "$other $me" false "user in both DenyUsers and AllowUsers allowed" 41