HEX

File: //lib/python3/dist-packages/samba/tests/__pycache__/gpo.cpython-310.pyc
o

�/a!A�@snddlZddlZddlZddlZddlmZmZddlmZm	Z	m
Z
mZddlm
Z
ddlmZmZmZmZmZmZddlmZmZddlmZmZddlmZmZdd	lmZdd
lm Z ddl!m"Z"ddl#m$Z$dd
lm%Z%ddl&m'Z'ddl(m)Z)ddl*m+Z+ddl,m-Z-ddl.m/Z/ddl0m1Z1ddl2m3Z3ddl4m5Z5ddl6Z6ddl7m8Z8ddl9m:Z:ddl;m<Z<ddl=m>Z>ddl?m@Z@ddlAZAddlBmCZCddlDmEmFZEddlGZGddlHmIZIddlJmJZJddlKmLZLejM�Nd�ZOeOd ZPeO�Q�ZOd!�ReO�aSd"�ReO�Td#�d�ZUd$eUaVd%aWd&ZXd'd(�ZYd)d*�ZZd+d,�Z[d-d.�Z\d/d0�Z]d1d2�Z^d3d4�Z_Gd5d6�d6ej`�ZadS)7�N)�gpo�tests)�register_gp_extension�list_gp_extensions�unregister_gp_extension�
GPOStorage)�LoadParm)�check_refresh_gpo_list�check_safe_path�
check_guid�parse_gpext_conf�atomic_write_conf�get_deleted_gpos_list)�Popen�PIPE)�NamedTemporaryFile�TemporaryDirectory)�
gp_krb_ext�
gp_access_ext)�gp_scripts_ext)�gp_sudoers_ext)�vgp_sudoers_ext)�vgp_symlink_ext)�
gp_inf_ext)�gp_smb_conf_ext)�
vgp_files_ext)�vgp_openssh_ext)�vgp_startup_scripts_ext)�vgp_motd_ext)�
vgp_issue_ext)�vgp_access_ext)�gp_gnome_settings_ext)�Credentials)�gp_msgs_ext)�	get_bytes)�preg)�ndr_pack)�copyfile)�GPPolParser)�glob)�ConfigParser�REALMz	/POLICIESz\\{0}\sysvol\{0}\Policiesz!DC={0},DC=samba,DC=example,DC=com�.zCN=Policies,CN=System,z[General]
Version=%ds�
<?xml version="1.0" encoding="utf-8"?>
<PolFile num_entries="26" signature="PReg" version="1">
    <Entry type="4" type_name="REG_DWORD">
        <Key>GNOME Settings\Lock Down Settings</Key>
        <ValueName>Lock Down Enabled Extensions</ValueName>
        <Value>1</Value>
    </Entry>
    <Entry type="4" type_name="REG_DWORD">
        <Key>GNOME Settings\Lock Down Settings</Key>
        <ValueName>Lock Down Specific Settings</ValueName>
        <Value>1</Value>
    </Entry>
    <Entry type="4" type_name="REG_DWORD">
        <Key>GNOME Settings\Lock Down Settings</Key>
        <ValueName>Disable Printing</ValueName>
        <Value>1</Value>
    </Entry>
    <Entry type="4" type_name="REG_DWORD">
        <Key>GNOME Settings\Lock Down Settings</Key>
        <ValueName>Disable File Saving</ValueName>
        <Value>1</Value>
    </Entry>
    <Entry type="4" type_name="REG_DWORD">
        <Key>GNOME Settings\Lock Down Settings</Key>
        <ValueName>Disable Command-Line Access</ValueName>
        <Value>1</Value>
    </Entry>
    <Entry type="4" type_name="REG_DWORD">
        <Key>GNOME Settings\Lock Down Settings</Key>
        <ValueName>Disallow Login Using a Fingerprint</ValueName>
        <Value>1</Value>
    </Entry>
    <Entry type="4" type_name="REG_DWORD">
        <Key>GNOME Settings\Lock Down Settings</Key>
        <ValueName>Disable User Logout</ValueName>
        <Value>1</Value>
    </Entry>
    <Entry type="4" type_name="REG_DWORD">
        <Key>GNOME Settings\Lock Down Settings</Key>
        <ValueName>Disable User Switching</ValueName>
        <Value>1</Value>
    </Entry>
    <Entry type="4" type_name="REG_DWORD">
        <Key>GNOME Settings\Lock Down Settings</Key>
        <ValueName>Disable Repartitioning</ValueName>
        <Value>1</Value>
    </Entry>
    <Entry type="4" type_name="REG_DWORD">
        <Key>GNOME Settings\Lock Down Settings</Key>
        <ValueName>Whitelisted Online Accounts</ValueName>
        <Value>1</Value>
    </Entry>
    <Entry type="4" type_name="REG_DWORD">
        <Key>GNOME Settings\Lock Down Settings</Key>
        <ValueName>Compose Key</ValueName>
        <Value>1</Value>
    </Entry>
    <Entry type="4" type_name="REG_DWORD">
        <Key>GNOME Settings\Lock Down Settings</Key>
        <ValueName>Dim Screen when User is Idle</ValueName>
        <Value>1</Value>
    </Entry>
    <Entry type="4" type_name="REG_DWORD">
        <Key>GNOME Settings\Lock Down Settings</Key>
        <ValueName>Enabled Extensions</ValueName>
        <Value>1</Value>
    </Entry>
    <Entry type="1" type_name="REG_SZ">
        <Key>GNOME Settings\Lock Down Settings\Compose Key</Key>
        <ValueName>Key Name</ValueName>
        <Value>Right Alt</Value>
    </Entry>
    <Entry type="4" type_name="REG_DWORD">
        <Key>GNOME Settings\Lock Down Settings\Dim Screen when User is Idle</Key>
        <ValueName>Delay</ValueName>
        <Value>300</Value>
    </Entry>
    <Entry type="4" type_name="REG_DWORD">
        <Key>GNOME Settings\Lock Down Settings\Dim Screen when User is Idle</Key>
        <ValueName>Dim Idle Brightness</ValueName>
        <Value>30</Value>
    </Entry>
    <Entry type="1" type_name="REG_SZ">
        <Key>GNOME Settings\Lock Down Settings\Enabled Extensions</Key>
        <ValueName>**delvals.</ValueName>
        <Value> </Value>
    </Entry>
    <Entry type="1" type_name="REG_SZ">
        <Key>GNOME Settings\Lock Down Settings\Enabled Extensions</Key>
        <ValueName>myextension1@myname.example.com</ValueName>
        <Value>myextension1@myname.example.com</Value>
    </Entry>
    <Entry type="1" type_name="REG_SZ">
        <Key>GNOME Settings\Lock Down Settings\Enabled Extensions</Key>
        <ValueName>myextension2@myname.example.com</ValueName>
        <Value>myextension2@myname.example.com</Value>
    </Entry>
    <Entry type="1" type_name="REG_SZ">
        <Key>GNOME Settings\Lock Down Settings\Lock Down Specific Settings</Key>
        <ValueName>**delvals.</ValueName>
        <Value> </Value>
    </Entry>
    <Entry type="1" type_name="REG_SZ">
        <Key>GNOME Settings\Lock Down Settings\Lock Down Specific Settings</Key>
        <ValueName>/org/gnome/desktop/background/picture-uri</ValueName>
        <Value>/org/gnome/desktop/background/picture-uri</Value>
    </Entry>
    <Entry type="1" type_name="REG_SZ">
        <Key>GNOME Settings\Lock Down Settings\Lock Down Specific Settings</Key>
        <ValueName>/org/gnome/desktop/background/picture-options</ValueName>
        <Value>/org/gnome/desktop/background/picture-options</Value>
    </Entry>
    <Entry type="1" type_name="REG_SZ">
        <Key>GNOME Settings\Lock Down Settings\Lock Down Specific Settings</Key>
        <ValueName>/org/gnome/desktop/background/primary-color</ValueName>
        <Value>/org/gnome/desktop/background/primary-color</Value>
    </Entry>
    <Entry type="1" type_name="REG_SZ">
        <Key>GNOME Settings\Lock Down Settings\Lock Down Specific Settings</Key>
        <ValueName>/org/gnome/desktop/background/secondary-color</ValueName>
        <Value>/org/gnome/desktop/background/secondary-color</Value>
    </Entry>
    <Entry type="1" type_name="REG_SZ">
        <Key>GNOME Settings\Lock Down Settings\Whitelisted Online Accounts</Key>
        <ValueName>**delvals.</ValueName>
        <Value> </Value>
    </Entry>
    <Entry type="1" type_name="REG_SZ">
        <Key>GNOME Settings\Lock Down Settings\Whitelisted Online Accounts</Key>
        <ValueName>google</ValueName>
        <Value>google</Value>
    </Entry>
</PolFile>
cCs&d}d}d}d}|||||S)N�<�i����)�val�seconds�minutes�hours�sam_addr/r/�1/usr/lib/python3/dist-packages/samba/tests/gpo.py�days2rel_nttime�s
r6cCs4|�d�}|�|�t|ttd�}|��\}}|jS)Nzgpo update command)�stdout�stderr)�get�appendrr�communicate�
returncode)�lp�arg�gpupdate�p�
stdoutdata�
stderrdatar/r/r5r?�s


r?cC�
t|d�S)Nz--force�r?�r=r/r/r5�gpupdate_force��
rFcCrC)Nz	--unapplyrDrEr/r/r5�gpupdate_unapply�rGrHcCrC)Nz--rsoprDrEr/r/r5�rsop�rGrIc
Cs�tj�|�}tj�|�s9zt�|�Wn%ty8}z|jtjkr'tj�|�s.WYd}~dSWYd}~nd}~wwtj�|�rGt�	|d|�t
dtj�|�d��}|�t|��t�	|j
|�t�|d�Wd�dS1sqwYdS)NF�%s.bak)�delete�diri�T)�os�path�dirname�exists�makedirs�OSError�errno�EEXIST�isdir�renamer�writer$�name�chmod)rN�datarO�e�fr/r/r5�
stage_file�s(���
��r]cCsBd|}tj�|�rt�||�dStj�|�rt�|�dSdS)NrJ)rMrNrPrV�remove)rN�backupr/r/r5�unstage_file�s�r`cs�eZdZ�fdd�Z�fdd�Zdd�Zdd�Zd	d
�Zdd�Zd
d�Z	dd�Z
dd�Zdd�Zdd�Z
dd�Zdd�Zdd�Zdd�Zdd �Zd!d"�Zd#d$�Zd%d&�Zd'd(�Zd)d*�Zd+d,�Zd-d.�Zd/d0�Zd1d2�Zd3d4�Zd5d6�Z�ZS)7�GPOTestscsRtt|���tjd|_|j��d|_t�|_	|j	�
�|j|��d�|_
dS)N�SERVER�$)�template)�superra�setUprM�environ�server�upper�
dc_accountrr=�load_default�insta_creds�get_credentials�creds��self��	__class__r/r5rf�s
zGPOTests.setUpcstt|���dS)N)rera�tearDownrorqr/r5rsszGPOTests.tearDowncCs�t�|j|j|j�}|��r|�|j���}d}d|g}ddt|fg}dd|t	fg}t
dt|��D]5}|�||j
||d||j
�|�||j||d||j�|�||j||d||j�q3dS)	N�&{31B2F340-016D-11D2-945F-00C04FB984F9}zLocal Policyz%s\%szCN=%s,%srz+The gpo name did not match expected name %sz'file_sys_path did not match expected %sz!ds_path did not match expected %s)r�
ADS_STRUCTrhr=rn�connect�get_gpo_list�get_username�poldir�dspath�range�len�assertEqualrX�
file_sys_path�ds_path)rp�ads�gpos�guid�names�file_sys_paths�ds_paths�ir/r/r5�
test_gpo_lists$����zGPOTests.test_gpo_listcCs&zt�|jd|j�}WdSYdS)N�*)rrurhrn)rpr�r/r/r5�test_gpo_ads_does_not_segfaultsz'GPOTests.test_gpo_ads_does_not_segfaultcCs�|j�d�}d}tj�|t|�}t�|�d}ttj�|d�d��}|�	t
d�Wd�n1s3wY|�t�|�ddd�ttj�|d�d��}|�	t
|�Wd�n1s`wY|�t�|�d|d�dS)N�	gpo_cachert��GPT.INI�wr�z@gpo_get_sysvol_gpt_version() did not return the expected version)r=�
cache_pathrMrN�join�policiesr�gpo_get_sysvol_gpt_version�openrW�gpt_datar})rp�
local_pathr��gpo_path�old_vers�gptr/r/r5�test_gpt_versions ����zGPOTests.test_gpt_versioncCs�|j�d�}t�|j|j|j�}|��r|�|j���}t	|j|j|j|�|�
tj�
|�d|�d}tj�|t|d�}|�
tj�
|�d|�dS)Nr�zGPO cache %s was not createdrtr�zGPT.INI was not cached for %s)r=r�rrurhrnrvrwrxr	�
assertTruerMrNrPr�r�)rp�cacher�r�r��gpt_inir/r/r5�test_check_refresh_gpo_list,s�
��z$GPOTests.test_check_refresh_gpo_listcCs`d}|�tt|�|�td�d�|�td�d�dtd}td}t|�}|�||d�dS)	Nz9/usr/local/samba/var/locks/sysvol/../../../../../../root/z/etc/passwdz
etc/passwdz
\\etc/\passwdzsysvol/z8\Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}\GPT.INIz8/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/GPT.INIz1check_safe_path() didn't correctly convert \ to /)�assertRaisesrRr
r}�realm)rprN�before�after�resultr/r/r5�+test_check_refresh_gpo_list_malicious_paths<sz4GPOTests.test_check_refresh_gpo_list_malicious_pathscCs"d}d}t|�}|�||d�dS)Nz\\\toady.suse.de\SysVol\toady.suse.de\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\GPT.INIzEtoady.suse.de/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/GPT.INIz@check_safe_path unable to detect variable case sysvol components)r
r})rprN�
expected_pathr�r/r/r5�"test_check_safe_path_typesafe_nameMs�z+GPOTests.test_check_safe_path_typesafe_namec	Csrtj�tj�t��}tj�tj�|d��}tj�|d�}d}t|d||jjddd�}|�	|d�t
|jj�}|�	||��vd	�|�||d
|d	�t
|�t
|jj�}|�	||��vd�|�	t|�d�|�td
�d�t|jj�\}}|�	|o||d�|�d�|�dd|�t||�t|jj�\}}|�	d|��vd�|�|�dd�|d�|�d�t||�dS)Nz	../../../zpython/samba/gp_sec_ext.pyz&{827D319E-6EAC-11D2-A4EA-00C04F79F83A}rTF)�smb_conf�machine�userzFailed to register a gp extzFailed to list gp exts�DllNamezFailed to unregister gp extszFailed to parse valid guid�AAAAAABBBBBBBCCCzParsed invalid guidz!parse_gpext_conf() invalid return�test_section�test_varz$test_section not found in gpext.confz*Failed to find test variable in gpext.conf)rMrNrO�realpath�__file__r�rr=�
configfiler�r�keysr}rr�assertFalser�add_section�setr
�sectionsr9�remove_section)	rp�	this_path�
samba_path�ext_path�ext_guid�ret�gp_extsr=�parserr/r/r5�test_gpt_ext_registerWsJ����

��
zGPOTests.test_gpt_ext_registercCsZ|j�dd�}ddg}dtd}d}|j�d�}ttj�|d	��}|D]}|||f}t||�}	|�|	d
|�q$t	|j�}	|�
|	dd�|�|j�}
|
�
�}|�
t|�d
d�|�|d|d|d�|�|d|d|d�|
�|�}|D]I}
|�d|
dd�|�d|
ddd�|
d|dkr�|�
t|
ddd�td�d�qz|
d|dkr�|�
t|
ddd�td�d�qzt�|j|j|j�}|��r�|�|j�}t|
|dd��}|�
t|�dd�|�
|d|ddd�|�d|ddd�|�d|dddd�|D]
}|||f}t|��qt|j�}	|�
|	dd�dS)NrN�sysvolrt�&{6AC1786C-016F-11D2-945F-00C04FB984F9}�%s/z=/Policies/%s/MACHINE/Microsoft/Windows NT/SecEdit/GptTmpl.infz)[System Access]
MinimumPasswordAge = 998
�cache directory�gpo.tdb�Could not create the target %srzgpupdate force failed�zThe guids were not foundz%s not in applied guidsr�z
System AccesszSystem Access policies not set�	minPwdAgezminPwdAge policy not seti����z!Returned delete gpos is incorrectz GUID for delete gpo is incorrectz*System Access policies not set for removalz$minPwdAge policy not set for removalzgpupdate unapply failed)r=r9r�rrMrNr�r]r�rFr}�	get_gplogrj�get_applied_guidsr|�assertIn�get_applied_settings�intr6rrurhrnrvrwrr`rH)rpr��guids�gpofile�stage�	cache_dir�storer��gpttmplr��gp_db�
applied_guids�applied_settings�policyr�r��del_gposr/r/r5�test_gp_log_get_applied|sz�


�
�
��������
z GPOTests.test_gp_log_get_appliedcCs�|j�d�}ddg}dtd}t�d�}|j�d�}ttj�	|d��}t
�}|�|j�|��t
||j||�}t�|j|j|�}	|	��rM|	�|���}
d	}d
dg}tdd
�D]}
||||
f}t||||
�}|�|d|�qX|�g|
�|�d�}|�||dd�|�|���}t|g�}|�|g�|�d�}|�|dd�|�g|
dd��|�d�}|�||dd�|�|g�|D]}|||f}t|�q�dS)Nr�rtr�r�z4/%s/MACHINE/MICROSOFT/WINDOWS NT/SECEDIT/GPTTMPL.INF�	gpo_testsr�r�z$[Kerberos Policy]
MaxTicketAge = %d
�d��rr�r��kdc:user_ticket_lifetimer�z"Higher priority policy was not setz$MaxTicketAge should not have appliedr�z!Lower priority policy was not set)r=r�r��logging�	getLoggerr9rrMrNr�r"�guess�set_machine_accountrrrurhrvrwrxr{r]r��process_group_policy�get_intr}r�rr`)rpr�r�r��loggerr�r��
machine_creds�extr�r�r��optsr�r�r�r�r�r�r/r/r5�test_process_group_policy�sJ�





�z"GPOTests.test_process_group_policyc	Cs|j�d�}d}tj�|t|d�}t�d�}|j�d�}t	tj�|d��}t
�}|�|j�|��t
||j||�}t�|j|j|�}	|	��rN|	�|���}
d}d|d	d
|dd|d
d|di}|��D]�}
t��}t��}|
|_d|_d|_d|_d|_|g|_t|t|��}|� |d|�t!||
��\}|�"g|
|�t�#|�}|�$t%|�dd|
�&��t'tj�||d�gt(d��)�\}}|�*d|d|
�&��|�+|���}t,|g�}|�"|g�|�$t%t�#|��dd�Wd�n1s�wYt-|�qfdS)Nr�rt�MACHINE/REGISTRY.POLr�r�r��%Software\Policies\Samba\Unix Settingss%s\Daily Scriptsz.cron.dailys%s\Monthly Scriptsz
.cron.monthlys%s\Weekly Scriptsz.cron.weeklys%s\Hourly Scriptsz.cron.hourlyr��echo hello worldr�zThe %s script was not createdr)r7shello worldz%s script execution failed�!Unapply failed to cleanup scripts).r=r�rMrNr�r�r�r�r9rr"r�r�rrrurhrvrwrxr�r%�file�entry�keyname�	valuename�typerZ�num_entries�entriesr]r&r�rr��listdir�assertEqualsr|�decoderrr;r�r�rr`)rpr�r��reg_polr�r�r�r�r�r�r��reg_keyr�r�r�r[r��dname�scripts�out�_r�r�r/r/r5�test_gp_scripts�sf�
�

�$
�
��
�zGPOTests.test_gp_scriptsc
Cs�|j�d�}d}tj�|t|d�}t�d�}|j�d�}t	tj�|d��}t
�}|�|j�|��t
||j||�}t�|j|j|�}	|	��rN|	�|���}
t��}t��}d|_d|_d	|_d
|_d	|_|g|_t|t|��}
|�|
d|�t ��O}|�!g|
|�t�"|�}|�#t$|�d	d�|�%|jt&tj�||d
�d��'�d�|�(|���}t)|g�}|�!|g�|�#t$t�"|��d
d�Wd�n1s�wYt*|�dS)Nr�rtr�r�r�r��1Software\Policies\Samba\Unix Settings\Sudo Rightsr�r��fakeu  ALL=(ALL) NOPASSWD: ALLr��The sudoer file was not createdr�r�!The sudoers entry was not appliedr�)+r=r�rMrNr�r�r�r�r9rr"r�r�rrrurhrvrwrxr%r�r�r�r�r�rZr�r�r]r&r�rr�r�r�r|r�r��readr�rr`)rpr�r�r�r�r�r�r�r�r�r�r�r[r�r��sudoersr�r�r/r/r5�test_gp_sudoers)sR�

�
��zGPOTests.test_gp_sudoerscCs�|j�d�}d}tj�|t|dd�}t�d�}|j�d�}t	tj�|d��}t
�}|�|j�|��t
||j||�}t�|j|j|�}	|	��rO|	�|���}
t�d�}t�d	�}|�|�t�d
�}
d|
_|�|
�t�d�}t�d
�}t�d�}d|_|�|�t�d�}d|_|�|�t�d�}t�d�}d|_d|jd<t�d�}d|_d|jd<|�|�|�|�|�|�|�|�t�|d
�}t�|d�}d|_t�|d�}d|_t�|d
�}t�|d�}d|_t�|d�}d|_t�|d�}t�|d�}d|_d|jd<t�|d�}t�|d�}d|_d|jd<|�|�t|t�|��}|�|d|�d}d}d}t��z}|�g|
|�t�|�}|� t!|�dd�t"tj�||d�d ��#�t"tj�||d!�d ��#�t"tj�||d"�d ��#�}|�$||d#�|�$||d#�|�$||d#�|�%|���}t&|g�}|�|g�|� t!t�|��dd$�Wd�n	1�s�wYt'|�dS)%Nr�rt�MACHINEz/VGP/VTLA/SUDO/SUDOERSCONFIGURATION/MANIFEST.XMLr�r�r��	vgppolicy�
policysetting�version�1rZ�
sudoers_entry�command�ALLr��listelement�	principal�fakeur��fakeg�group�fakeu2�fakeg2r�z$fakeu,fakeg% ALL=(ALL) NOPASSWD: ALLz&fakeu2,fakeg2% ALL=(ALL) NOPASSWD: ALLzALL ALL=(ALL) NOPASSWD: ALL�r�rr�r�r�r�r�)(r=r�rMrNr�r�r�r�r9rr"r�r�rrrurhrvrwrx�etree�Elementr:�text�attrib�
SubElementr]�tostringr�rr�r�r�r|r�rr�r�rr`)rpr�r��manifestr�r�r�r�r�r�r�r�rrrZrr	r��principal_listrrrr��data2�data_no_principalr�r�outputr�r�r/r/r5�test_vgp_sudoers\s��
























�����
��zGPOTests.test_vgp_sudoersc
	Cs�t�d�}|j�d�}ttj�|d��}t�}|�	|j�|�
�t||j||�}d}t��P}t
�|jdd��
}|�|�Wd�n1sGwYz|�|j�}	Wntyb|�d�Ynw|�d|	��d	�|�|	�dd
�dd�Wd�n1s�wYt��@}t
�|jdd
��
}|�|�Wd�n1s�wY|�|j�}	|�d|	��d	�|�|	�dd
�dd�Wd�dS1s�wYdS)Nr�r�r��$[Kerberos Policy]
MaxTicketAge = 99
r�zutf-16zFailed to parse utf-16�Kerberos Policyz*Kerberos Policy was not read from the file�MaxTicketAge�99z'MaxTicketAge was not read from the filezutf-8)r�r�r=r9rrMrNr�r"r�r�rr�codecsr�rXrWr�UnicodeDecodeError�failr�r�r�)
rpr�r�r�r�r��	test_datar\r��inf_confr/r/r5�test_gp_inf_ext_utf�sH
��������"�zGPOTests.test_gp_inf_ext_utfcCstt�d�}|j�d�}|j�d�}ttj�|d��}t	�}|�
|j�|��t�
|j|j|�}|��r;|�|���}g}|�t�|�t�|�t�|�t�|�t�tj�|td�}	t��}
t��}d|_d|_d|_d	|_t��}d
|_d|_d|_d|_t��}
d|
_d
|
_d|
_d|
_t��}d|_d|_d|_d|_d
|
_ |||
|g|
_!tj�|td�}d}dd�|D�D]�}t"||j#|�}|�$|d||j#�t"|	|j#t%|
��}|�$|d|	|j#�|D]�}|||j||�}|�&|�}|�'t(|�)��dd�t|�tk�r(|�*d|�)�d�|�*d|dd�|�'|dddd�q�t|�tk�rB|�*d|�)�d�|�*d |dd!�q�t|�tk�r\|�*d"|�)�d#�|�*d$|d"d%�q�t|�tk�r�|�*d&|�)�d'�|�*|
j|d&d'�|�'|d&|
j|
jd(�q�t|�tk�r�|�*d)|d*�|�'|d)|jd+�q�t+||j#�t+|	|j#�q�t&|j�}|�'|d,d-�dS).Nr�r�r�r��%s/MACHINE/REGISTRY.POL�3Software\Policies\Samba\Unix Settings\Daily Scriptsr�r�r�r�r��5Software\Policies\Samba\smb_conf\apply group policies��apply group policies�.Software\Policies\Samba\Unix Settings\Messages�issue�Welcome to \s \r \l�3%s/MACHINE/MICROSOFT/WINDOWS NT/SECEDIT/GPTTMPL.INFzM[Kerberos Policy]
MaxTicketAge = 99
[System Access]
MinimumPasswordAge = 998
cSsg|]}|jr|�qSr/)r~��.0�gr/r/r5�
<listcomp>sz&GPOTests.test_rsop.<locals>.<listcomp>r�z*A single policy should have been displayedr zKerberos Policy not foundr!zMaxTicketAge setting not foundr"zMaxTicketAge was not set to 99z
Daily ScriptszDaily Scripts not foundzecho hello worldzDaily script was not createdzSudo RightszSudoers not foundzfakeu  ALL=(ALL) NOPASSWD: ALLzSudoers policy not createdzsmb.conf�$apply group policies was not appliedz apply group policies was not setz
/etc/issue� Login Prompt Message not appliedzLogin Prompt Message not setrzgpupdate --rsop failed!),r�r�r=r9r�rrMrNr�r"r�r�rrurhrvrwrxr:rrrrr#r�r%r�r�r�r�r�rZr�r�r]rXr�r&rIr�r|r�r�r`)rpr�r�r�r�r�r�r��
gp_extensionsr��	reg_stager[�e2�e3�e4r��	krb_stager4r�r�r/r/r5�	test_rsop�s�





��
��������������
zGPOTests.test_rsopcCs�t�d�}|j�d�}|j�d�}d}ttj�|d��}t	�}|�
|j�|��t�
|j|j|�}|��r=|�|���}g}	|	�t�|	�t�|	�t�tj�|td�}
t��}t��}d|_d|_d	|_d
|_t��}
d|
_d|
_d	|
_d|
_d
|_||
g|_tj�|td�}d}t |||�}|�!|d||�t |
|t"|��}|�!|d|
|�g}t#���}|	D]h}|||j||�}t|�tkr�|�$g|�|�%d�}|�&|dd�q�t|�ttfv�r |�$g||�|�'|���}|�(|g�}|ddt)|��*�D]\}}|�+||d�|�!tj�,|�d�|�|��qq�t-|j�|D]
}|�.tj�,|�d��q(|�%d�}|�/|dd�Wd�n	1�sMwYt0||�t0|
|�dS)Nr�r�r�rtr�r)r*r�r�r�r�r�r�r1rr�r��czKerberos policy was not setr�z Test file not created in tmp dirzTest file not createdz Unapply did not remove test filez!Kerberos policy was not unapplied)1r�r�r=r9r�rrMrNr�r"r�r�rrurhrvrwrxr:rrrr�r%r�r�r�r�r�rZr�r�r]r�r&rr�r�r}r�r��str�itemsr�rPrHr��assertNotEqualr`)rpr�r�r�r�r�r�r�r�r8r�r9r[r:r�r=r�r^r�r�r�r�r��fnamer/r/r5�test_gp_unapplyKs�




��
 ���
�
�zGPOTests.test_gp_unapplycCs�|j�d�}d}tj�|t|d�}t�d�}|j�d�}t	tj�|d��}t
�}|�|j�|��t
�|j|j|�}|��rF|�|���}	g}
t��}d|_d|_d	|_d
|_|
�|�t��}d|_d|_d|_d
|_|
�|�t��}d|_d|_d|_d|_|
�|�t��}t|
�|_|
|_t|t|��}
|� |
d�t!dd���}t"|jj#|j$�t%|j$�}t&||||�}|�'g|	�t%|j$�}|�d
�}|�(|d	d�|�d
�}|� |d�|�d�}|�(|dd�|�)|���}t*|g�}|�'|g�t%|j$�}|�d
�}|�(||j�d
�d�|�d
�}|�(||j�d
�d�|�d�}|�(||j�d�d�Wd�n	1�s:wYt+|�dS)Nr�rtr�r�r�r�z1Software\Policies\Samba\smb_conf\template homedirr�z/home/samba/%D/%Uztemplate homedirr+r,r-z-Software\Policies\Samba\smb_conf\ldap timeouti'zldap timeoutz&Failed to create the Registry.pol filez	_smb.conf)�suffixz template homedir was not appliedr6zldap timeout was not appliedz"template homedir was not unappliedz&apply group policies was not unappliedzldap timeout was not unapplied),r=r�rMrNr�r�r�r�r9rr"r�r�rrurhrvrwrxr%r�r�r�rZr�r:r�r|r�r�r]r&r�rr'r�rXrrr�r�r�rr`)rpr�r�r�r�r�r�r�r�r�r�r[r�r�r\r=r��template_homedir�apply_group_policies�ldap_timeoutr�r�r/r/r5�test_smb_conf_ext�s��







�
�



�
�
��$zGPOTests.test_smb_conf_extcCs.|j�d�}d}tj�|t|d�}t�d�}|j�d�}t	tj�|d��}t
�}|�|j�|��t
||j||�}t�|j|j|�}	|	��rN|	�|���}
t��}t��}d|_d|_d	|_d
|_d|_t��}
d|
_d|
_d	|
_d
|
_||
g|_t|t|��}|�|d|�t ��|}|�!g|
|�tj�|d�}|�tj�"|�d�t#|d��$�}|�%||jd�tj�|d�}|�tj�"|�d�t#|d��$�}|�%||
jd�|�&|���}t'|g�}|�!|g|�t#|d��$�}|�(|d�t#|d��$�}|�(|d�Wd�n	1�swYt)|�dS)Nr�rtr�r�r�r�r.smotdr�sHave a lot of fun!r�r/r0r��motdz#Message of the day file not createdr�zMessage of the day not applied�issuez%Login Prompt Message file not createdr7z#Message of the day file not removedz%Login Prompt Message file not removed)*r=r�rMrNr�r�r�r�r9rr"r�r�r#rrurhrvrwrxr%r�r�r�r�r�rZr�r�r]r&r�rr�rPr�rr�r�rr�r`)rpr�r�r�r�r�r�r�r�r�r�r��e1r:r�r��	motd_filerZ�
issue_filer�r�r/r/r5�test_gp_motd�sj�

��
�zGPOTests.test_gp_motdc	s�|j�d�}d�tj�|t�dd�}t�d�}|j�d�}t	tj�|d��}t
�}|�|j�|��t
||j||�}t�|j|j|�}|��rO|�|���}	t���}
tj�|
d�}tj�|
d	�}t�d
�}
t�d�}|
�|�t�d�}d
|_|�|�t�d�}t�d�}t�d�}||_|�|�t�d�}||_|�|�|�|�|�|�t|t�|
��}|�|d|�d}t|d��
}|�|�Wd�n1s�wY|�g|	�|�tj�|�d�|�tj� |�d�|�!|t|d��"�d�|�#|���}t$|g�}|�|g�|�%tj�|�d�|�&�fdd�|	D�d�}|�!d||ft'|�(��d�Wd�n	1�sBwYt)|�dS)Nr�rtrz"VGP/VTLA/UNIX/SYMLINK/MANIFEST.XMLr�r�r�ztest.source�test.targetrrrrrZ�file_properties�source�targetr�zhello world!r�z The test symlink was not createdzThe test file is not a symlinkr�z1Reading from symlink does not produce source datazThe test symlink was not deletec�g|]	}|j�kr|�qSr/�rXr2�r�r/r5r5m�z-GPOTests.test_vgp_symlink.<locals>.<listcomp>rzln -s %s %s)*r=r�rMrNr�r�r�r�r9rr"r�r�rrrurhrvrwrxrrrr:rr]rr�r�rWr�rP�islinkr�rr�rr�rI�list�valuesr`)rpr�rr�r�r�r�r�r�r�r��test_source�test_targetr�rrrZrQrRrSr��test_source_datar�r�r�r/rVr5�test_vgp_symlink+s|�













����
���3zGPOTests.test_vgp_symlinkcs�|j�d�}d�tj�|t�dd�}tj�tj�|�d�}d}t||�}|�|d|�t	�
d�}|j�d	�}ttj�|d
��}t
�}	|	�|j�|	��t||j|	|�}
t�|j|j|	�}|��ri|�|	���}t���D}
t�d�}t�d�}|�|�t�d
�}d|_|�|�t�d�}t�|d�}t�|d�}tj�|���|_t�|d�}tj�|
d�|_t�|d�}t� t�!��j"|_t�|d�}t#�$t�%��j&|_t�|d�}|�'dd�t�|d�t�|d�t�|d�t�|d�}|�'dd�t�|d�t�|d�t�|d�}|�'dd�t�|d�t�|d�|�|�t|t�(|��}|�|d|�|
�)g|�|�tj�*|j�d�|�+t�,|j�j-d@dd�|�+t.|j��/�|d �|�0|	���}t1|g�}|
�)|g�|�2tj�*|j�d!��fd"d#�|D�d$}|
�3|�}|�4|jt5|�6��d$d$d%�|�4d&t5|�6��d$d$d'�Wd�n	1�s�wYt7|�t7|�dS)(Nr�rtrz VGP/VTLA/UNIX/FILES/MANIFEST.XMLzTEST.SOURCEz#!/bin/sh
echo hello worldr�r�r�r�rrrrrZrQrRrSrPr�r�permissionsr�rrW�execute�otherzThe target file does not existi�i�z)The target file permissions are incorrectz&The target file contents are incorrectzThe target file was not removedcrTr/rUr2rVr/r5r5�rWz+GPOTests.test_vgp_files.<locals>.<listcomp>rz&The target file was not listed by rsopz
-rwxr-xr-xz.The target permissions were not listed by rsop)8r=r�rMrNr�r�rOr]r�r�r�r9rr"r�r�rrrurhrvrwrxrrrr:rr�basename�lower�pwd�getpwuid�getuid�pw_name�grp�getgrgid�getgid�gr_namer�rr�rPr��stat�st_moder�rr�rr�rIr�rYrZr`)rpr�r�source_file�source_datar�r�r�r�r�r�r�r�r�r�rrrZrQrRrSr�rr_r�r�r4r/rVr5�test_vgp_filests��









���
�
���<zGPOTests.test_vgp_filescCsT|j�d�}d}tj�|t|dd�}t�d�}|j�d�}t	tj�|d��}t
�}|�|j�|��t
||j||�}t�|j|j|�}	|	��rO|	�|���}
t�d�}t�d	�}|�|�t�d
�}
d|
_|�|
�t�d�}t�d
�}t�d�}t�d�}|�|�t�d�}t�d�}d|_|�|�t�d�}d|_|�|�|�|�|�|�|�|�|�|�t|t�|��}|�|d|�d}t��O}|�g|
|�t�|�}|�t|�dd�tj�||d�}|� |t!|d��"�d�|�#|���}t$|g�}|�|g|�|�%tj�&|�d�Wd�n	1�swYt'|�dS)Nr�rtrz!VGP/VTLA/SSHCFG/SSHD/MANIFEST.XMLr�r�r�rrrrrZr��
configsection�sectionname�keyvaluepair�key�
AddressFamily�value�inet6r�zAddressFamily inet6r��The conf file was not createdrr�z%The sshd_config entry was not applied� Unapply failed to cleanup config)(r=r�rMrNr�r�r�r�r9rr"r�r�rrrurhrvrwrxrrr:rr]rr�rr�r�r�r|r�r�rr�rr�rPr`)rpr�r�rr�r�r�r�r�r�r�r�rrrZr�rqrr�kvpairrtrvr�r��conf�gp_cfgr�r�r/r/r5�test_vgp_openssh�sp�




















�
��zGPOTests.test_vgp_opensshc
sF|j�d�}d�tj�|t�dd�}tj�tj�|�d�}d}t||�}|�|d|�t	�
d�}|j�d	�}ttj�|d
��}t
�}	|	�|j�|	��t||j|	|�}
t�|j|j|	�}|��ri|�|	���}t�d�}
t�|
d�}t�|d
�}d|_t�|d�}t�|d�}t�|d�}tj�|���|_t�|d�}d|_t�|d�}t�t|d�� ���!��"�|_t�|d�}d|_t|t�#|
��}|�|d|�t$��x}|
�%g||�t�&|�}|�'t(|�dd�d|j||jf}|�)|ttj�||d�d�� �d�|�*|	���}t+|g�}|
�%|g�t�&|�}|�'t(|�dd��fdd �|D�d}|
�,|�}|�)|t-|�.��ddd!�Wd�n	1�sNwYt/|�t/|�t�|d"�t0�1t�2��j3|_t|t�#|
��}|�|d|�t$���}d#|}d$|}t||�}|�|d|�|
�%g||�t�&|�}|�'t(|�dd%�|�'|dtj�|�d%�t�4|�|
�%g||�t�&|�}|�'t(|�dd&�|�*|	���}t+|g�}|
�%|g�d'|j||jf}�fd(d �|D�d}|
�,|�}|�)|t-|�.��ddd!�Wd�n	1�swYt/|�t/|�dS))Nr�rtrz*VGP/VTLA/UNIX/SCRIPTS/STARTUP/MANIFEST.XMLzTEST.SHz#!/bin/sh
echo $@ hello worldr�r�r�r�rrrrrZr�script�
parametersz-n�hash�rb�run_as�rootr�z!The target script was not createdz@reboot %s %s %srr�zThe test entry was not foundz!The target script was not removedcrTr/rUr2rVr/r5r5NrWz5GPOTests.test_vgp_startup_scripts.<locals>.<listcomp>z'The target entry was not listed by rsop�run_oncez%s/TESTING.txtz#!/bin/sh
touch %szThe test file was not createdz*The test file should not have been createdzRun once as: %s `%s %s`crTr/rUr2rVr/r5r5}rW)5r=r�rMrNr�r�rOr]r�r�r�r9rr"r�r�rrrurhrvrwrxrrrrrbrc�hashlib�md5r�r�	hexdigestrirrr�r�r�r|r�r�rrIrYrZr`rdrerfrg�unlink)rpr�r�test_scriptr&r�r�r�r�r�r�r�r�r�rrrZrr~rr�r�r��filesr�r�r�r4�	test_filer/rVr5�test_vgp_startup_scriptss��


�
���

�
��

��

�
�
��#z!GPOTests.test_vgp_startup_scriptscC�|j�d�}d}tj�|t|dd�}t�d�}|j�d�}t	tj�|d��}t
�}|�|j�|��t
||j||�}t�|j|j|�}	|	��rO|	�|���}
t�d�}t�|d	�}t�|d
�}
d|
_t�|d�}t�|d
�}d|_t�|d�}d|_t|t�|��}|�|d|�t��@}|�g|
|j�|�t|jd�� �|jd�|�!|���}t"|g�}|�|g|j�|�#t|jd�� �|jd�Wd�n1s�wYt$|�dS)Nr�rtrzVGP/VTLA/UNIX/MOTD/MANIFEST.XMLr�r�r�rrrrrZ�filenamerJrzThis is the message of the dayr�r�zThe motd was not appliedzThe motd was not unapplied)%r=r�rMrNr�r�r�r�r9rr"r�r�rrrurhrvrwrxrrrrr]rr�rr�rXr�r�rr�r�assertNotEqualsr`�rpr�r�rr�r�r�r�r�r�r�r�rrrZr�rr�r\r�r�r/r/r5�
test_vgp_motd��N�

�
��
zGPOTests.test_vgp_motdcCr�)Nr�rtrz VGP/VTLA/UNIX/ISSUE/MANIFEST.XMLr�r�r�rrrrrZr�rKrzWelcome to Samba!r�r�zThe issue was not appliedzThe issue was not unapplied)%r=r�rMrNr�r�r�r�r9rr"r�r�rrrurhrvrwrxrrrrr]rr�rr�rXr�r�rr�rr�r`r�r/r/r5�test_vgp_issue�r�zGPOTests.test_vgp_issuecCs�|j�d�}d}tj�|t|dd�}tj�|t|dd�}t�d�}|j�d�}t	tj�|d��}t
�}|�|j�|��t
||j||�}	t�|j|j|�}
|
��rY|
�|���}t�d	�}t�|d
�}
t�|
d�}d|_t�|
d
�}d|_t�|
d�}t�|d�}t�|d�}d|_t�|d�}dt|_t�|d�}t�|d�}d|_t�|d�}t|_t�|d�}d|_t�|d�}d|_t�|d�}t�|d�}d|_t�|d�}dt|_t�|d�}dt|_t�|d�}t�|d�}d |_t�|d�}t|_t�|d�}d!|_t|t�|��}|�|d"|�t�d	�}t�|d
�}
t�|
d�}d|_t�|
d
�}d|_t�|
d�}t�|d�}t�|d�}d|_t�|d�}d#t|_t�|d�}t�|d�}d$|_t�|d�}t|_t�|d�}d|_t�|d�}d|_t�|d�}t�|d�}d|_t�|d�}d%t|_t�|d�}d&t|_t�|d�}t�|d�}d'|_t�|d�}t|_t�|d�}d!|_t|t�|��}|�|d"|�t��p}|	�g||�t�|�}|� t!|�d(d)�tj�||d*�}t"d+|�t#|d,��$�}|�%d-t|�|�%d.t|�|�%d/t|�|�%d0t|�|�&|���}t'|g�}|	�|g|�|�(tj�)|�d1�Wd�n	1�sJwYt*|�t*|�dS)2Nr�rtrz1VGP/VTLA/VAS/HOSTACCESSCONTROL/ALLOW/MANIFEST.XMLz0VGP/VTLA/VAS/HOSTACCESSCONTROL/DENY/MANIFEST.XMLr�r�r�rrr�2�
apply_mode�mergerZrr��USERr�z
goodguy@%s�adobjectrX�goodguy�domainr��	groupattr�samAccountName�GROUPz%s\goodguys�dnzCN=goodguys,CN=Users,%s�goodguysrr�z	badguy@%s�badguyz
%s\badguyszCN=badguys,CN=Users,%s�badguysr�rxrzConfig file %s foundr�z+:%s\goodguy:ALLz+:%s\goodguys:ALLz-:%s\badguy:ALLz-:%s\badguys:ALLry)+r=r�rMrNr�r�r�r�r9rr"r�r�r rrurhrvrwrxrrrrr��base_dnr]rr�rr�r�r�r|�printr�rr�r�rr�rPr`)rpr�r��allow�denyr�r�r�r�r�r�r�r�rrr�rZr�otyper�r�rXr�r�r�r�r�r{r|r�r�r/r/r5�test_vgp_access�s���










��zGPOTests.test_vgp_accesscsF�j�d�}d�tj�|t�d�}t�d�}�j�d�}t	tj�|d��}t
�}|��j�|��t
|�j||�}t��j�j|�}|��rN|�|���}	t�}
|
�t�t����t|t|
j��}��|d|�t���%}|�g|	|�tj�|d����tj� ��d	�d^��fdd�	}
��fd
d�}tj��d����tj� ��d�d^��fdd�	}��fdd�}tj�|d�}��tj�!|�d�dddii}|
d|�dg}|d|�dddd�i}|
d |�d!d"d#ii}|
d$|�gd%�}|d&|�gd'�}|d(|�d)d*d+d,�i}|
d-|�d.d/g}|d-|�d0d1d+ii}|
d2|�d3g}|d2|�d4ddd5�i}|
d6|d7�d8d9g}|d6|d7�tj�|d:�}t"tj�|d;��}��#t$|�d
d<�t�t%|d=d>��&��}|�'d?�}d@��fdAdB�|D�}��#t$|�d
dC�|d=�(dD�}��|dudE�|�(dF�j)}��#|dGdH�|�(dI�j)}��#|dGdJ�|�(dK�j)}��#|dLdM�d4dNdii}|
dO|�dPg}|dO|�d4dQdii}|
dR|�dSg}|dR|�d4dTdii}|
dU|�dVg}|dU|�dWdXdYii}|
dZ|�d[g}|dZ|�|�*�fd\dB�|	D�d=�|�+|���}t,|g�}|�|g|�|d�|d�|d �|d$�|d&�|d(�|d-�|d-�|d2�|d2�|d6�|d6�tj�|d:�}t"tj�|d;��}��#t$|�d=d]�|dO�|dO�|dR�|dR�|dU�|dU�|dZ�|dZ�Wd�n	1�s�wYt-|�dS)_Nr�rtr�r�r�r�r�zetc/dconf/db/local.dzLocal db dir not createdr�c

s�ttj��d|��}��t|�|d|�t�}|�|�|��D],}��	|�
|�d|�||}|��D]\}}|�||�}	��
|	|d||	|f�q7q"dS)N�*-%sz%s not createdzSection %s not foundz%s: %s != %s)r)rMrNr�r�r|r*rr�r��has_sectionrAr9r})
rXrZ�count�db�
file_contentsrt�options�k�v�	v_content��local_dbrpr/r5�db_check�s 
����z.GPOTests.test_gnome_settings.<locals>.db_checkc�0ttj��d|��}��t|�dd|�dS)Nr�rz%s not deleted�r)rMrNr�r�r|)rXr�r�r/r5�del_db_check��z2GPOTests.test_gnome_settings.<locals>.del_db_check�lockszLocks dir not createdcs|ttj��d|��}��t|�|d|�g}t|�D]}|�t||d��	��
d��q|D]}��||d|�q0dS)N�*%sz%s lock not createdr��
)r)rMrNr�r�r|r{�extendr�r�splitr�)rXrAr��lockr�r�rZ�r�rpr/r5�
lock_check�s� ��z0GPOTests.test_gnome_settings.<locals>.lock_checkcr�)Nr�rz%s lock not deletedr�)rXr�r�r/r5�del_lock_check�r�z4GPOTests.test_gnome_settings.<locals>.del_lock_checkzetc/dconf/profile/userzUser profile not createdzorg/gnome/desktop/input-sourceszxkb-optionsz['compose:ralt']z
input-sourcesz,/org/gnome/desktop/input-sources/xkb-optionsz'org/gnome/settings-daemon/plugins/power�true�30)zidle-dimzidle-brightness�powerzorg/gnome/desktop/sessionz
idle-delayz
uint32 300�session)z1/org/gnome/settings-daemon/plugins/power/idle-dimz8/org/gnome/settings-daemon/plugins/power/idle-brightnessz%/org/gnome/desktop/session/idle-delayzpower-saving)z)/org/gnome/desktop/background/picture-uriz-/org/gnome/desktop/background/picture-optionsz+/org/gnome/desktop/background/primary-colorz-/org/gnome/desktop/background/secondary-colorzgroup-policyzorg/gnome/shellzF['myextension1@myname.example.com', 'myextension2@myname.example.com']�false)zenabled-extensionszdevelopment-tools�
extensionsz#/org/gnome/shell/enabled-extensionsz"/org/gnome/shell/development-toolszorg/gnome/login-screenz!enable-fingerprint-authentication�fingerprintreaderz9/org/gnome/login-screen/enable-fingerprint-authenticationzorg/gnome/desktop/lockdown)zdisable-log-outzdisable-user-switching�logoutr�z+/org/gnome/desktop/lockdown/disable-log-outz2/org/gnome/desktop/lockdown/disable-user-switchingzetc/share/polkit-1/actionsz&org.freedesktop.[u|U][d|D]isks2.policyzudisk2 policy not createdrr��actionz%org.freedesktop.udisks2.modify-devicecsg|]}|jd�kr|�qS)�id)r)r3�a)�mdr/r5r5�sz0GPOTests.test_gnome_settings.<locals>.<listcomp>zmodify-device not found�defaultsz modify-device defaults not found�	allow_any�noz%modify-device allow_any not set to no�allow_inactivez*modify-device allow_inactive not set to no�allow_active�yesz)modify-device allow_active not set to yeszdisable-printing�printingz,/org/gnome/desktop/lockdown/disable-printingzdisable-save-to-disk�
filesavingz0/org/gnome/desktop/lockdown/disable-save-to-diskzdisable-command-line�cmdlinez0/org/gnome/desktop/lockdown/disable-command-linezorg/gnome/online-accountszwhitelisted-providersz
['google']�goaz0/org/gnome/online-accounts/whitelisted-providerscrTr/rUr2rVr/r5r5&rWzudisk2 policy not deleted)r�).r=r�rMrNr�r�r�r�r9rr"r�r�r!rrurhrvrwrxr(�load_xmlr�
fromstring�gnome_test_reg_pol�stripr]r&�pol_filer�rr�rUrPr)r�r|r�r�findall�findrrIr�rr`)rpr�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r��user_profilerZrA�bg_locks�actions�udisk2�udisk2_treer�r�r�r�r�r�r�r/)r�r�r�r�rpr5�test_gnome_settingsjsH�

���

��
�


��
�
�

���
�

�����

�

�

�



�
��CzGPOTests.test_gnome_settings)�__name__�
__module__�__qualname__rfrsr�r�r�r�r�r�r�r�r�r�rrr(r>rDrIrOr^rpr}r�r�r�r�r��
__classcell__r/r/rqr5ra�s:
%<7:3b!lPQ?IXBx11ra)brMrhrdrS�sambarr�
samba.gpclassrrrr�samba.paramrr	r
rrr
r�
subprocessrr�tempfilerr�samba.gp_sec_extrr�samba.gp_scripts_extr�samba.gp_sudoers_extr�samba.vgp_sudoers_extr�samba.vgp_symlink_extrr�samba.gp_smb_conf_extr�samba.vgp_files_extr�samba.vgp_openssh_extr�samba.vgp_startup_scripts_extr�samba.vgp_motd_extr�samba.vgp_issue_extr�samba.vgp_access_extr �samba.gp_gnome_settings_extr!r��samba.credentialsr"�samba.gp_msgs_extr#�samba.commonr$�samba.dcerpcr%�	samba.ndrr&r#�shutilr'�xml.etree.ElementTreer�ElementTreer��samba.gp_parse.gp_polr(r)�configparserr*rgr9r�r�rc�formatryr�r�rzr�r�r6r?rFrHrIr]r`�TestCaserar/r/r/r5�<module>sj 
�