Add test for 'sudo passes SHELL twice'

Author: jakub-vavra-cz

pytest/tests/test_misc_issues.py

@@ -0,0 +1,43 @@
+"""
+SUDO Responder Tests.
+
+:requirement: sudo
+"""
+
+from __future__ import annotations
+from sssd_test_framework.roles.client import Client
+from sssd_test_framework.roles.generic import GenericProvider
+from sssd_test_framework.topology import KnownTopology
+
+import pytest
+
+
+@pytest.mark.importance("critical")
+@pytest.mark.topology(KnownTopology.BareAD)
+@pytest.mark.topology(KnownTopology.BareIPA)
+@pytest.mark.topology(KnownTopology.BareLDAP)
+@pytest.mark.ticket(jira=["RHEL-59136", "RHEL-127359", "RHEL-127360"])
+def test__env_shell_once(client: Client, provider: GenericProvider):
+    """
+    :title: Environment variable SHELL is not duplicated
+    :setup:
+        1. Create user "user-1" with shell /bin/zsh
+        2. Create sudorule to allow "user-1" run "/usr/bin/env on all hosts
+        3. Enable SSSD sudo responder and start SSSD
+    :steps:
+        1. Run "sudo /usr/bin/env" as user-1
+        2. Check if variable SHELL is present only once
+    :expectedresults:
+        1. Command is executed successfully
+        2. Variable SHELL is present only once
+    :customerscenario: True
+    """
+    client.host.ssh.run("dnf install zsh -y")
+    u = provider.user("user-1").add(uid=10001, gid=10001, shell="/bin/zsh")
+    provider.sudorule("test").add(user=u, host="ALL", command="/bin/env")
+
+    client.sssd.common.sudo()
+    client.sssd.start()
+    result = client.auth.sudo.run("user-1", "Secret123", command="/usr/bin/env")
+    assert result.returncode == 0, "Sudo command failed!"
+    assert result.stdout.count("SHELL") == 1, "Variable SHELL is duplicated!"