ansible-collection-hardening
ansible-collection-hardening copied to clipboard
Published
20 hours ago •
dev-sec
dev-sec
Fix pam tests
Description
The pam tests currently fail.
Reproduction steps
run tests
Current Behavior
TASK [include PAM tests] *******************************************************
Friday 04 August 2023 15:00:03 +0000 (0:00:00.083) 0:00:11.905 *********
included: /home/runner/work/ansible-collection-hardening/ansible-collection-hardening/ansible_collections/devsec/hardening/molecule/os_hardening/verify_tasks/pam_1.yml for instance
TASK [install pip] *************************************************************
Friday 04 August 2023 15:00:03 +0000 (0:00:00.041) 0:00:11.947 *********
changed: [instance]
TASK [install pam-tester] ******************************************************
Friday 04 August 2023 15:00:21 +0000 (0:00:18.227) 0:00:30.174 *********
changed: [instance]
TASK [set password for test] ***************************************************
Friday 04 August 2023 15:00:24 +0000 (0:00:03.073) 0:00:33.248 *********
ok: [instance]
TASK [set locale for test] *****************************************************
Friday 04 August 2023 15:00:24 +0000 (0:00:00.073) 0:00:33.322 *********
skipping: [instance]
TASK [create testuser] *********************************************************
Friday 04 August 2023 15:00:24 +0000 (0:00:00.034) 0:00:33.356 *********
[DEPRECATION WARNING]: Encryption using the Python crypt module is deprecated.
The Python crypt module is deprecated and will be removed from Python 3.13.
Install the passlib library for continued encryption functionality. This
feature will be removed in version 2.17. Deprecation warnings can be disabled
by setting deprecation_warnings=False in ansible.cfg.
changed: [instance]
PLAY [Verify] ******************************************************************
TASK [Gathering Facts] *********************************************************
Friday 04 August 2023 15:00:25 +0000 (0:00:01.136) 0:00:34.492 *********
ok: [instance]
TASK [set ansible_python_interpreter to "/usr/bin/python3"] ********************
Friday 04 August 2023 15:00:27 +0000 (0:00:01.319) 0:00:35.811 *********
ok: [instance]
TASK [include PAM tests] *******************************************************
Friday 04 August 2023 15:00:27 +0000 (0:00:00.076) 0:00:35.888 *********
included: /home/runner/work/ansible-collection-hardening/ansible-collection-hardening/ansible_collections/devsec/hardening/molecule/os_hardening/verify_tasks/pam_2.yml for instance
TASK [check successful login with correct password] ****************************
Friday 04 August 2023 15:00:27 +0000 (0:00:00.043) 0:00:35.932 *********
fatal: [instance]: FAILED! => {"changed": true, "cmd": "/usr/local/bin/pam-tester --user testuser -***", "delta": "0:00:00.139822", "end": "2023-08-04 15:00:28.290337", "msg": "non-zero return code", "rc": 1, "start": "2023-08-04 15:00:28.150515", "stderr": "", "stderr_lines": [], "stdout": "authenticating user testuser in PAM stack login, status: PAM code 7, PAM reason Authentication failure", "stdout_lines": ["authenticating user testuser in PAM stack login, status: PAM code 7, PAM reason Authentication failure"]}
PLAY RECAP *********************************************************************
Expected Behavior
working tests
OS / Environment
- centos stream 8
- rocky 8
- rocky 9
- fedora 37
- fedora 38
