From 3713bac4003ffc787dbb512aaa743a5a6d80ad41 Mon Sep 17 00:00:00 2001
From: Dan Lavu <dlavu@redhat.com>
Date: Thu, 10 Aug 2023 08:04:35 -0400
Subject: [PATCH] API: pam_access and pam_faillock

---
 sssd_test_framework/utils/pam.py | 122 +++++++++++++++++++++++++++++++
 1 file changed, 122 insertions(+)
 create mode 100644 sssd_test_framework/utils/pam.py

diff --git a/sssd_test_framework/utils/pam.py b/sssd_test_framework/utils/pam.py
new file mode 100644
index 00000000..8d0f5a91
--- /dev/null
+++ b/sssd_test_framework/utils/pam.py
@@ -0,0 +1,122 @@
+""""PAM Tools."""
+
+from __future__ import annotations
+
+import textwrap
+
+from pytest_mh import MultihostHost, MultihostUtility
+from pytest_mh.utils.fs import LinuxFileSystem
+
+__all__ = [
+    "PAMUtils",
+    "PAMAccess",
+    "PAMFaillock",
+]
+
+
+class PAMUtils(MultihostUtility[MultihostHost]):
+    """
+    Management of PAM modules
+    """
+
+    def __init__(self, host: MultihostHost) -> None:
+        """
+        :param host: Remote host instance.
+        :type host: MultihostHost
+        """
+        super().__init__(host)
+
+    def access(self) -> PAMAccess:
+        """
+        :return: PAM Access object.
+        :rtype: PAMAccess
+        """
+        return PAMAccess(self)
+
+    def faillock(self) -> PAMFaillock:
+        """
+        :return: PAM Faillock object.
+        :rtype: PAMFaillock
+        """
+        return PAMFaillock(self)
+
+
+class PAMAccess:
+    """
+    Management of PAM Access on the client host.
+
+    .. code-block:: python
+        :caption: Example usage
+
+        @pytest.mark.topology(KnownTopologyGroup.AnyProvider)
+        def test_example(client: Client,
+    """
+    def __init__(self,
+                 util: PAMUtils,
+                 fs: LinuxFileSystem,
+                 file: str | None = "/etc/security/access.conf"
+                 ) -> None:
+        """
+        :rtype: object
+        :param util: PAMUtils object.
+        :type util: PAMUtils
+        :param file: File name of access file.
+        :type file: str, optional
+        """
+        self.util: PAMUtils = util
+        self.fs: LinuxFileSystem = fs
+        self.file: str = file
+
+        fs.backup(self.file)
+
+    def add(self,
+            *,
+            permission: str | None = "+",
+            name: str,
+            origin: str | None = "ALL"
+            ) -> PAMAccess:
+        """
+        :param name: Name of the user or group
+        :type name: str | None, required
+        :param permission: Permission flag, defaults to None
+        :type permission: str | None, optional
+        :param origin: Origination of access, defaults to None
+        :type origin: str | None, optional
+        :return: Self.
+        :rtype: PAMAccess
+        """
+        content = f"{permission}:{name}:{origin}"
+
+        self.util.logger.info(f"{content} written to {self.file} on {self.util.host.hostname}")
+        self.fs.write(self.file, content, dedent=True)
+
+        return self
+
+    def delete(self):
+        """
+
+        :return:
+        """
+    def get(self):
+        """
+
+        :return:
+        """
+
+
+class PAMFaillock:
+    """
+    Management of PAM Faillock on the client host.
+
+    .. code-block:: python
+        :caption: Example usage
+
+        @pytest.mark.topology(KnownTopologyGroup.AnyProvider)
+        def test_example(client: Client,
+    """
+    def __init__(self, util: PAMUtils) -> None:
+        """
+        :param util: PAMUtils object.
+        :type util: PAMUtils
+        """
+        self.util: PAMUtils = util
\ No newline at end of file