test: sudo stores an uid instead of a username since 1.9.15

This fixed a security issue where a username could contain a path separator so now it uses an uid instead.
cockpit-project · Nov 13, 2023 · e36f0e2 · e36f0e2
1 parent 9c73749
commit e36f0e2
Showing 1 changed file with 6 additions and 0 deletions.
diff --git a/test/verify/check-superuser b/test/verify/check-superuser
@@ -69,6 +69,12 @@ class TestSuperuser(testlib.MachineCase):
         self.restore_file("/var/lib/sudo/lectured/admin")
         m.execute("rm -rf /var/{db,lib}/sudo/lectured/admin")
 
+        # Sudo since 1.9.15 uses a UID not a username https://www.sudo.ws/releases/stable/#1.9.15
+        uid = m.execute("id -u admin").strip()
+        self.restore_file(f"/var/db/sudo/lectured/{uid}")
+        self.restore_file(f"/var/lib/sudo/lectured/{uid}")
+        m.execute(f"rm -rf /var/{{db,lib}}/sudo/lectured/{uid}")
+
         # Get the privileges back, this time in the mobile layout
         b.set_layout("mobile")
         b.open_superuser_dialog()