Context Navigation

source: trunk/test/testrun_1.sh@ 22

Last change on this file since 22 was 22, checked in by rainer, 19 years ago
Minor code revisions.
File size: 24.5 KB

Rev	Line
[1]	1	#! /bin/sh
	2
[19]	3	RCFILE="$PW_DIR/testrc_1.dyn"; export RCFILE
	4	LOGFILE="$PW_DIR/.samhain_log"; export LOGFILE
[1]	5
[19]	6	# --enable-login-watch --enable-xml-log
	7	# --enable-debug --enable-suidcheck --with-prelude
[1]	8
[19]	9	BUILDOPTS="--quiet $TRUST --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$RCFILE --with-log-file=$LOGFILE --with-pid-file=$PW_DIR/.samhain_lock --with-data-file=$PW_DIR/.samhain_file --enable-debug"
	10	export BUILDOPTS
[1]	11
[19]	12	BASE="${PW_DIR}/testrun_testdata"; export BASE
	13	TDIRS="a b c a/a a/b a/c a/a/a a/a/b a/a/c a/a/a/a a/a/a/b a/a/a/c"; export TDIRS
	14	TFILES="x y z"; export TFILES
[1]	15
[19]	16	###########################################################
	17	#
	18	# ---- [Define tests here] ----
	19	#
[1]	20
[19]	21	# 1 for testing new tests
	22	testrun1_setup=0
	23
	24	MAXTEST=10; export MAXTEST
	25
	26	test_dirs () {
	27	for ff in $CDIRS; do
	28	#
	29	egrep "Checking.*${BASE}/${ff}(>\|\")" $LOGFILE >/dev/null 2>&1
	30	if [ $? -ne 0 ]; then
	31	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff} (checking)";
	32	return 1
[1]	33	fi
[19]	34	tmp=`egrep "Checking.*${BASE}/${ff}(>\|\")" $LOGFILE 2>/dev/null \| wc -l`
	35	if [ $tmp -ne 1 ]; then
	36	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff} (multiple)";
	37	fi
	38	#
	39	done
	40	for ff in $NDIRS; do
	41	#
	42	egrep "Checking.*${BASE}/${ff}(>\|\")" $LOGFILE >/dev/null 2>&1
	43	if [ $? -eq 0 ]; then
	44	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff} (checking)";
	45	return 1
	46	fi
	47	done
	48	}
	49
	50	TESTPOLICY_10="
	51	[ReadOnly]
	52	dir=99${BASE}
	53	[IgnoreAll]
	54	dir=-1${BASE}/b
	55	[Attributes]
	56	dir=1${BASE}/a
	57	"
	58
	59	mod_testdata_10 () {
	60	sleep 1
	61	echo "foobar" >"${BASE}/b/x"; # ok
	62	echo "foobar" >"${BASE}/c/x"; # bad
	63	echo "foobar" >"${BASE}/a/x"; # ok
	64	chmod 0555 "${BASE}/a/a/x"; # bad
	65	chmod 0555 "${BASE}/a/a/a/x";# ok
	66	chmod 0555 "${BASE}/a/y"; # bad
	67	}
	68
	69	chk_testdata_10 () {
	70	# CDIRS="a b c a/a a/b a/c a/a/a a/a/b a/a/c a/a/a/a a/a/a/b a/a/a/c";
	71	tmp=`grep CRIT $LOGFILE \| wc -l`
	72	if [ $tmp -ne 3 ]; then
	73	[ -z "$verbose" ] \|\| log_msg_fail "policy count";
	74	return 1
[1]	75	fi
[19]	76	egrep "CRIT.POLICY \[ReadOnly\] C-------TS.${BASE}/c/x" $LOGFILE >/dev/null 2>&1
	77	if [ $? -ne 0 ]; then
	78	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/c/x";
	79	return 1
	80	fi
	81	egrep "CRIT.POLICY \[Attributes\] -----M----.${BASE}/a/a/x" $LOGFILE >/dev/null 2>&1
	82	if [ $? -ne 0 ]; then
	83	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/x";
	84	return 1
	85	fi
	86	egrep "CRIT.POLICY \[Attributes\] -----M----.${BASE}/a/y" $LOGFILE >/dev/null 2>&1
	87	if [ $? -ne 0 ]; then
	88	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/y";
	89	return 1
	90	fi
	91	CDIRS="a a/a a/b a/c c";
	92	NDIRS="b a/a/a a/a/b a/a/c a/a/a/a a/a/a/b a/a/a/c";
	93	test_dirs;
	94	return $?
	95	}
[1]	96
[19]	97	TESTPOLICY_9="
	98	[ReadOnly]
	99	dir=0${BASE}/b
	100	[Attributes]
	101	dir=2${BASE}/a/a
	102	"
[1]	103
[19]	104	mod_testdata_9 () {
	105	echo "foobar" >"${BASE}/b/x";
	106	echo "foobar" >"${BASE}/a/x";
	107	echo "foobar" >"${BASE}/x";
	108	}
	109
	110	chk_testdata_9 () {
	111	# CDIRS="a b c a/a a/b a/c a/a/a a/a/b a/a/c a/a/a/a a/a/a/b a/a/a/c";
	112	tmp=`grep CRIT $LOGFILE \| wc -l`
	113	if [ $tmp -ne 1 ]; then
	114	[ -z "$verbose" ] \|\| log_msg_fail "policy count";
	115	return 1
	116	fi
	117	CDIRS="b a/a a/a/a a/a/b a/a/c a/a/a/a a/a/a/b a/a/a/c";
	118	NDIRS="a c a/b a/c";
	119	test_dirs;
	120	return $?
	121	}
	122
	123	TESTPOLICY_8="
	124	[ReadOnly]
	125	dir=1${BASE}
	126	[Attributes]
	127	dir=1${BASE}/a/a
	128	"
	129
	130	mod_testdata_8 () {
	131	echo "foobar" >"${BASE}/a/x";
	132	chmod 0555 "${BASE}/a/a/a/b/x";
	133	}
	134
	135	chk_testdata_8 () {
	136	# CDIRS="a b c a/a a/b a/c a/a/a a/a/b a/a/c a/a/a/a a/a/a/b a/a/a/c";
	137	tmp=`grep CRIT $LOGFILE \| wc -l`
	138	if [ $tmp -ne 1 ]; then
	139	[ -z "$verbose" ] \|\| log_msg_fail "policy count";
	140	return 1
	141	fi
	142	CDIRS="a b c a/a a/a/a a/a/b a/a/c";
	143	NDIRS="a/b a/c a/a/a/a a/a/a/b a/a/a/c";
	144	test_dirs;
	145	return $?
	146	}
	147
	148
	149	TESTPOLICY_7="
	150	[ReadOnly]
	151	dir=${BASE}
	152	[Attributes]
	153	dir=${BASE}/a/a
	154	[GrowingLogFiles]
	155	dir=${BASE}/a/a/a
	156	[IgnoreAll]
	157	file=${BASE}/a/a/a/z
	158	dir=${BASE}/b
	159	"
	160
	161	mod_testdata_7 () {
	162	sleep 1
	163	echo "foobar" >"${BASE}/a/a/a/z" # ok
	164	echo "foobar" >"${BASE}/a/a/a/x" # bad
	165	echo "foobar" >"${BASE}/a/a/x" # ok
	166	echo "foobar" >"${BASE}/a/x" # bad
	167	chmod 0555 "${BASE}/a" # bad
	168	chmod 0555 "${BASE}/b" # ok
	169	}
	170
	171
	172	chk_testdata_7 () {
	173	tmp=`grep CRIT $LOGFILE \| wc -l`
	174	if [ $tmp -ne 3 ]; then
	175	[ -z "$verbose" ] \|\| log_msg_fail "policy count";
	176	return 1
	177	fi
	178	egrep "CRIT.POLICY \[GrowingLogs\] C--------S.${BASE}/a/a/a/x" $LOGFILE >/dev/null 2>&1
	179	if [ $? -ne 0 ]; then
	180	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/a/x";
	181	return 1
	182	fi
	183	egrep "CRIT.POLICY \[ReadOnly\] -----M--T-.${BASE}/a" $LOGFILE >/dev/null 2>&1
	184	if [ $? -ne 0 ]; then
	185	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a";
	186	return 1
	187	fi
	188	egrep "CRIT.POLICY \[ReadOnly\] C-------TS.${BASE}/a/x" $LOGFILE >/dev/null 2>&1
	189	if [ $? -ne 0 ]; then
	190	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/x";
	191	return 1
	192	fi
	193	}
	194
	195
	196	TESTPOLICY_6="
	197	[ReadOnly]
	198	dir=${BASE}
	199	[Attributes]
	200	file=${BASE}/a/y
	201	file=${BASE}/b/y
	202	file=${BASE}/c/y
	203	file=${BASE}/a/a/y
	204	file=${BASE}/a/b/y
	205	file=${BASE}/a/c/y
	206	file=${BASE}/a/a/a/y
	207	file=${BASE}/a/a/b/y
	208	file=${BASE}/a/a/c/y
	209	file=${BASE}/a/a/a/a/y
	210	file=${BASE}/a/a/a/b/y
	211	file=${BASE}/a/a/a/c/y
	212	"
	213
	214	mod_testdata_6 () {
	215	sleep 1
	216	for ff in $TDIRS; do
	217	echo "foobar" >"${BASE}/${ff}/x"
	218	chmod 0555 "${BASE}/${ff}/y"
	219	echo "foobar" >"${BASE}/${ff}/z"
	220	done
	221	}
	222
	223	chk_testdata_6 () {
	224	count6=0
	225	for ff in $TDIRS; do
[1]	226	#
[19]	227	egrep "Checking.*${BASE}/${ff}(>\|\")" $LOGFILE >/dev/null 2>&1
	228	if [ $? -ne 0 ]; then
	229	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff} (checking)";
	230	return 1
	231	fi
	232	tmp=`egrep "Checking.*${BASE}/${ff}(>\|\")" $LOGFILE 2>/dev/null \| wc -l`
	233	if [ $tmp -ne 1 ]; then
	234	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff} (multiple)";
	235	fi
[1]	236	#
[19]	237	for gg in $TFILES; do
	238	egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE >/dev/null 2>&1
	239	if [ $? -ne 0 ]; then
	240	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff}/${gg} (checking)";
	241	fi
	242	tmp=`egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE 2>/dev/null \| wc -l`
	243	if [ $tmp -ne 1 ]; then
	244	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff}/${gg} (multiple)";
	245	fi
	246	done
	247	egrep "CRIT.POLICY \[ReadOnly\] C-------TS.${BASE}/${ff}/x" $LOGFILE >/dev/null 2>&1
	248	if [ $? -ne 0 ]; then
	249	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff}/x";
	250	return 1
	251	fi
	252	let "count6 = count6 + 1" >/dev/null
	253	egrep "CRIT.POLICY \[ReadOnly\] C-------TS.${BASE}/${ff}/z" $LOGFILE >/dev/null 2>&1
	254	if [ $? -ne 0 ]; then
	255	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff}/z";
	256	return 1
	257	fi
	258	let "count6 = count6 + 1" >/dev/null
	259	egrep "CRIT.POLICY \[Attributes\] -----M----.${BASE}/${ff}/y" $LOGFILE >/dev/null 2>&1
	260	if [ $? -ne 0 ]; then
	261	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff}/y";
	262	return 1
	263	fi
	264	let "count6 = count6 + 1" >/dev/null
	265	done
	266	tmp=`grep CRIT $LOGFILE \| wc -l`
	267	if [ $tmp -ne $count6 ]; then
	268	[ -z "$verbose" ] \|\| log_msg_fail "policy count";
	269	return 1
	270	fi
	271	}
	272
	273	TESTPOLICY_5="
	274	[Attributes]
	275	dir=${BASE}
	276	file=${BASE}/a/a/c/x
	277	[ReadOnly]
	278	file=${BASE}/a/a/c/y
	279	[GrowingLogFiles]
	280	dir=${BASE}/a/a/c
	281	dir=${BASE}/a/a/b
	282	dir=${BASE}/a/b
	283	"
	284
	285	mod_testdata_5 () {
	286	mod_testdata_4
	287	echo "This is a xxxx file" > "${BASE}/a/a/b/x" # GrowingLogFiles
	288	echo "This is a test file" > "${BASE}/a/a/b/y" # GrowingLogFiles
	289	echo "This is a xxxx file bad" > "${BASE}/a/a/b/z" # GrowingLogFiles
	290	}
	291
	292	chk_testdata_5 () {
	293	for ff in $TDIRS; do
[1]	294	#
[19]	295	egrep "Checking.*${BASE}/${ff}(>\|\")" $LOGFILE >/dev/null 2>&1
	296	if [ $? -ne 0 ]; then
	297	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff} (checking)";
	298	return 1
[1]	299	fi
[19]	300	tmp=`egrep "Checking.*${BASE}/${ff}(>\|\")" $LOGFILE 2>/dev/null \| wc -l`
	301	if [ $tmp -ne 1 ]; then
	302	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff} (multiple)";
	303	fi
[1]	304	#
[19]	305	for gg in $TFILES; do
	306	egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE >/dev/null 2>&1
	307	if [ $? -ne 0 ]; then
	308	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff}/${gg} (checking)";
	309	fi
	310	tmp=`egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE 2>/dev/null \| wc -l`
	311	if [ $tmp -ne 1 ]; then
	312	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff}/${gg} (multiple)";
	313	fi
	314	done
	315	done
	316	egrep "CRIT.POLICY \[GrowingLogs\] C---------.${BASE}/a/a/b/x" $LOGFILE >/dev/null 2>&1
	317	if [ $? -ne 0 ]; then
	318	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/b/x";
	319	return 1
	320	fi
	321	egrep "CRIT.POLICY \[GrowingLogs\] C---------.${BASE}/a/a/b/z" $LOGFILE >/dev/null 2>&1
	322	if [ $? -ne 0 ]; then
	323	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/b/z";
	324	return 1
	325	fi
	326	egrep "CRIT.POLICY \[GrowingLogs\] -----M----.${BASE}/a/b/z" $LOGFILE >/dev/null 2>&1
	327	if [ $? -ne 0 ]; then
	328	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/b/z";
	329	return 1
	330	fi
	331	egrep "CRIT.POLICY \[GrowingLogs\] -----M----.${BASE}/a/a/c/z" $LOGFILE >/dev/null 2>&1
	332	if [ $? -ne 0 ]; then
	333	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/c/z";
	334	return 1
	335	fi
	336	egrep "CRIT.POLICY \[GrowingLogs\] C--------S.${BASE}/a/b/y" $LOGFILE >/dev/null 2>&1
	337	if [ $? -ne 0 ]; then
	338	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/b/y";
	339	return 1
	340	fi
	341	egrep "CRIT.POLICY \[Attributes\] -----M----.${BASE}/a/a/c/x" $LOGFILE >/dev/null 2>&1
	342	if [ $? -ne 0 ]; then
	343	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/c/x";
	344	return 1
	345	fi
	346	egrep "CRIT.POLICY ADDED.${BASE}/a/a/c/foo" $LOGFILE >/dev/null 2>&1
	347	if [ $? -ne 0 ]; then
	348	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/c/foo";
	349	return 1
	350	fi
	351	egrep "CRIT.POLICY ADDED.033\[1;30m" $LOGFILE >/dev/null 2>&1
	352	if [ $? -ne 0 ]; then
	353	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/\033[1;30m";
	354	return 1
	355	fi
	356	egrep "WARN.Weird filename.033\[1;30m" $LOGFILE >/dev/null 2>&1
	357	if [ $? -ne 0 ]; then
	358	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/\033[1;30m";
	359	return 1
	360	fi
	361	egrep "CRIT.POLICY \[ReadOnly\] C-------TS.${BASE}/a/a/c/y" $LOGFILE >/dev/null 2>&1
	362	if [ $? -ne 0 ]; then
	363	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/c/y";
	364	return 1
	365	fi
	366	tmp=`grep CRIT $LOGFILE \| wc -l`
	367	if [ $tmp -ne 9 ]; then
	368	[ -z "$verbose" ] \|\| log_msg_fail "policy count";
	369	return 1
	370	fi
	371	}
[1]	372
	373
[19]	374	TESTPOLICY_4="
	375	[Attributes]
	376	dir=${BASE}
	377	file=${BASE}/a/a/c/x
	378	[ReadOnly]
	379	file=${BASE}/a/a/c/y
	380	[LogFiles]
	381	dir=${BASE}/a/a/c
	382	dir=${BASE}/a/b
	383	"
[1]	384
[19]	385	mod_testdata_4 () {
	386	sleep 1
	387	echo "foobar" >> "${BASE}/a/a/x" # Attributes
	388	echo "foobar" > "${BASE}/a/a/c/foo" # new within LogFiles
	389	echo "foobar" >> "${BASE}/a/a/c/y" # ReadOnly
	390	echo "foobar" >> "${BASE}/a/a/c/x" # Attributes
	391	chmod 0555 "${BASE}/a/a/c/x" # Attributes
	392	chmod 0555 "${BASE}/a/a/c/z" # LogFiles
	393	echo "foobar" >> "${BASE}/a/b/x" # LogFiles
	394	echo "" > "${BASE}/a/b/y" # LogFiles
	395	chmod 0555 "${BASE}/a/b/z" # LogFiles
	396	touch "${BASE}/a/a/[1;30m" # non-printable character in filename
	397	}
[1]	398
[19]	399	chk_testdata_4 () {
	400	for ff in $TDIRS; do
	401	#
	402	egrep "Checking.*${BASE}/${ff}(>\|\")" $LOGFILE >/dev/null 2>&1
	403	if [ $? -ne 0 ]; then
	404	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff} (checking)";
	405	return 1
	406	fi
	407	tmp=`egrep "Checking.*${BASE}/${ff}(>\|\")" $LOGFILE 2>/dev/null \| wc -l`
	408	if [ $tmp -ne 1 ]; then
	409	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff} (multiple)";
	410	fi
	411	#
	412	for gg in $TFILES; do
	413	egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE >/dev/null 2>&1
	414	if [ $? -ne 0 ]; then
	415	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff}/${gg} (checking)";
	416	fi
	417	tmp=`egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE 2>/dev/null \| wc -l`
	418	if [ $tmp -ne 1 ]; then
	419	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff}/${gg} (multiple)";
	420	fi
	421	done
	422	done
	423	egrep "CRIT.POLICY \[Attributes\] -----M----.${BASE}/a/a/c/x" $LOGFILE >/dev/null 2>&1
	424	if [ $? -ne 0 ]; then
	425	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/c/x";
	426	return 1
	427	fi
	428	egrep "CRIT.POLICY \[LogFiles\] -----M----.${BASE}/a/b/z" $LOGFILE >/dev/null 2>&1
	429	if [ $? -ne 0 ]; then
	430	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/b/z";
	431	return 1
	432	fi
	433	egrep "CRIT.POLICY \[LogFiles\] -----M----.${BASE}/a/a/c/z" $LOGFILE >/dev/null 2>&1
	434	if [ $? -ne 0 ]; then
	435	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/c/z";
	436	return 1
	437	fi
	438	egrep "CRIT.POLICY ADDED.${BASE}/a/a/c/foo" $LOGFILE >/dev/null 2>&1
	439	if [ $? -ne 0 ]; then
	440	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/c/foo";
	441	return 1
	442	fi
	443	egrep "CRIT.POLICY ADDED.033\[1;30m" $LOGFILE >/dev/null 2>&1
	444	if [ $? -ne 0 ]; then
	445	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/\033[1;30m";
	446	return 1
	447	fi
	448	egrep "WARN.Weird filename.033\[1;30m" $LOGFILE >/dev/null 2>&1
	449	if [ $? -ne 0 ]; then
	450	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/\033[1;30m";
	451	return 1
	452	fi
	453	egrep "CRIT.POLICY \[ReadOnly\] C-------TS.${BASE}/a/a/c/y" $LOGFILE >/dev/null 2>&1
	454	if [ $? -ne 0 ]; then
	455	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/c/y";
	456	return 1
	457	fi
	458	tmp=`grep CRIT $LOGFILE \| wc -l`
	459	if [ $tmp -ne 6 ]; then
	460	[ -z "$verbose" ] \|\| log_msg_fail "policy count";
	461	return 1
	462	fi
	463	}
[1]	464
[19]	465	TESTPOLICY_3="
	466	[Attributes]
	467	dir=${BASE}
	468	file=${BASE}/a/a/c/x
	469	[ReadOnly]
	470	file=${BASE}/a/a/c/y
	471	[IgnoreAll]
	472	dir=${BASE}/a/a/c
	473	"
	474	mod_testdata_3 () {
	475	sleep 1
	476	echo "foobar" > "${BASE}/a/b/foo" # new within Attributes
	477	chmod 0555 "${BASE}/a/b"
	478	echo "foobar" > "${BASE}/a/a/c/foo" # new within IgnoreAll
	479	echo "foobar" > "${BASE}/a/a/c/y" # ReadOnly
	480	chmod 0555 "${BASE}/a/a/c/x" # Attributes
	481	chmod 0555 "${BASE}/a/a/c/z" # IgnoreAll
	482	}
[1]	483
[19]	484	chk_testdata_3 () {
	485	for ff in $TDIRS; do
[1]	486	#
[19]	487	egrep "Checking.*${BASE}/${ff}(>\|\")" $LOGFILE >/dev/null 2>&1
	488	if [ $? -ne 0 ]; then
	489	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff} (checking)";
	490	return 1
	491	fi
	492	tmp=`egrep "Checking.*${BASE}/${ff}(>\|\")" $LOGFILE 2>/dev/null \| wc -l`
	493	if [ $tmp -ne 1 ]; then
	494	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff} (multiple)";
	495	fi
	496	#
	497	for gg in $TFILES; do
	498	egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE >/dev/null 2>&1
	499	if [ $? -ne 0 ]; then
	500	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff}/${gg} (checking)";
	501	fi
	502	tmp=`egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE 2>/dev/null \| wc -l`
	503	if [ $tmp -ne 1 ]; then
	504	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff}/${gg} (multiple)";
	505	fi
	506	done
	507	done
	508	egrep "CRIT.POLICY ADDED.${BASE}/a/b/foo" $LOGFILE >/dev/null 2>&1
	509	if [ $? -ne 0 ]; then
	510	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/b/foo";
	511	return 1
	512	fi
	513	egrep "CRIT.POLICY ADDED.${BASE}/a/a/c/foo" $LOGFILE >/dev/null 2>&1
	514	if [ $? -ne 0 ]; then
	515	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/c/foo";
	516	return 1
	517	fi
	518	egrep "CRIT.POLICY \[Attributes\] -----M----.${BASE}/a/b" $LOGFILE >/dev/null 2>&1
	519	if [ $? -ne 0 ]; then
	520	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/b";
	521	return 1
	522	fi
	523	egrep "CRIT.POLICY \[Attributes\] -----M----.${BASE}/a/a/c/x" $LOGFILE >/dev/null 2>&1
	524	if [ $? -ne 0 ]; then
	525	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/c/x";
	526	return 1
	527	fi
	528	egrep "CRIT.POLICY \[ReadOnly\] C-------TS.${BASE}/a/a/c/y" $LOGFILE >/dev/null 2>&1
	529	if [ $? -ne 0 ]; then
	530	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/c/y";
	531	return 1
	532	fi
	533	tmp=`grep CRIT $LOGFILE \| wc -l`
	534	if [ $tmp -ne 5 ]; then
	535	[ -z "$verbose" ] \|\| log_msg_fail "policy count";
	536	return 1
	537	fi
	538	}
	539
	540	TESTPOLICY_2="
	541	[ReadOnly]
	542	dir=${BASE}
	543	file=${BASE}/a/a/c/x
	544	[IgnoreAll]
	545	dir=${BASE}/a/a/c
	546	"
	547	mod_testdata_2 () {
	548	mod_testdata_1;
	549	rm "${BASE}/a/a/c/y"
	550	echo "foobar" > "${BASE}/a/a/c/foo"
	551	chmod 0555 "${BASE}/a/a/c/x"
	552	chmod 0555 "${BASE}/a/a/c/z"
	553	}
	554
	555	chk_testdata_2 () {
	556	for ff in $TDIRS; do
	557	#
	558	egrep "Checking.*${BASE}/${ff}(>\|\")" $LOGFILE >/dev/null 2>&1
	559	if [ $? -ne 0 ]; then
	560	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff} (checking)";
	561	return 1
	562	fi
	563	tmp=`egrep "Checking.*${BASE}/${ff}(>\|\")" $LOGFILE 2>/dev/null \| wc -l`
	564	if [ $tmp -ne 1 ]; then
	565	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff} (multiple)";
	566	fi
	567	#
	568	for gg in $TFILES; do
	569	egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE >/dev/null 2>&1
	570	if [ $? -ne 0 ]; then
	571	if [ x"${ff}/${gg}" = x"a/a/c/y" ]; then :; else
	572	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff}/${gg} (checking)";
	573	return 1
[1]	574	fi
[19]	575	fi
	576	done
	577	done
	578	egrep "CRIT.POLICY ADDED.${BASE}/a/a/c/foo" $LOGFILE >/dev/null 2>&1
	579	if [ $? -ne 0 ]; then
	580	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/c/foo";
	581	return 1
	582	fi
	583	egrep "CRIT.POLICY MISSING.${BASE}/a/a/c/y" $LOGFILE >/dev/null 2>&1
	584	if [ $? -ne 0 ]; then
	585	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/c/y";
	586	return 1
	587	fi
	588	egrep "CRIT.POLICY \[ReadOnly\] -----M--T-.${BASE}/a/a/c/x" $LOGFILE >/dev/null 2>&1
	589	if [ $? -ne 0 ]; then
	590	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/c/x";
	591	return 1
	592	fi
	593	tmp=`grep CRIT $LOGFILE \| wc -l`
	594	if [ $tmp -ne 8 ]; then
	595	[ -z "$verbose" ] \|\| log_msg_fail "policy count";
	596	return 1
	597	fi
	598	}
[1]	599
[19]	600	TESTPOLICY_1="
	601	[ReadOnly]
	602	dir=${BASE}
	603	"
	604
	605	mod_testdata_1 () {
	606	sleep 1
	607	touch "${BASE}/a/a/x"
	608	chmod 0555 "${BASE}/a/a/y"
	609	mv "${BASE}/a/b/y" "${BASE}/a/b/yy"; echo "This is a test file" > "${BASE}/a/b/y"; rm "${BASE}/a/b/yy"
	610	echo "foobar" > "${BASE}/a/c/y"
	611	}
	612
	613	chk_testdata_1 () {
	614	for ff in $TDIRS; do
	615	#
	616	egrep "Checking.*${BASE}/${ff}(>\|\")" $LOGFILE >/dev/null 2>&1
	617	if [ $? -ne 0 ]; then
	618	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff} (checking)";
	619	return 1
[1]	620	fi
[19]	621	tmp=`egrep "Checking.*${BASE}/${ff}(>\|\")" $LOGFILE 2>/dev/null \| wc -l`
	622	if [ $tmp -ne 1 ]; then
	623	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff} (multiple)";
	624	fi
	625	#
	626	for gg in $TFILES; do
	627	egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE >/dev/null 2>&1
	628	if [ $? -ne 0 ]; then
	629	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff}/${gg} (checking)";
	630	return 1
	631	fi
	632	tmp=`egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE 2>/dev/null \| wc -l`
	633	if [ $tmp -ne 1 ]; then
	634	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff}/${gg} (multiple)";
	635	fi
	636	done
	637	done
	638	egrep "CRIT.POLICY \[ReadOnly\] --------T-.${BASE}/a/a/x" $LOGFILE >/dev/null 2>&1
	639	if [ $? -ne 0 ]; then
	640	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/x";
	641	return 1
	642	fi
	643	egrep "CRIT.POLICY \[ReadOnly\] -----M--T-.${BASE}/a/a/y" $LOGFILE >/dev/null 2>&1
	644	if [ $? -ne 0 ]; then
	645	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/y";
	646	return 1
	647	fi
	648	egrep "CRIT.POLICY \[ReadOnly\] ---I----T-.${BASE}/a/b/y" $LOGFILE >/dev/null 2>&1
	649	if [ $? -ne 0 ]; then
	650	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/b/y";
	651	return 1
	652	fi
	653	egrep "CRIT.POLICY \[ReadOnly\] --------T-.${BASE}/a/b" $LOGFILE >/dev/null 2>&1
	654	if [ $? -ne 0 ]; then
	655	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/b";
	656	return 1
	657	fi
	658	egrep "CRIT.POLICY \[ReadOnly\] C-------TS.${BASE}/a/c/y" $LOGFILE >/dev/null 2>&1
	659	if [ $? -ne 0 ]; then
	660	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/c/y";
	661	return 1
	662	fi
	663	tmp=`grep CRIT $LOGFILE \| wc -l`
	664	if [ $tmp -ne 5 ]; then
	665	[ -z "$verbose" ] \|\| log_msg_fail "policy count";
	666	return 1
	667	fi
	668	return 0
	669	}
[1]	670
	671
[19]	672	##############################################################
	673	#
	674	# Common subroutines
	675	#
[1]	676
[19]	677	mkconfig_misc ()
	678	{
	679	test -f "${RCFILE}" \|\| touch "${RCFILE}"
	680	cat >> "${RCFILE}" <<End-of-data
	681	[Misc]
	682	Daemon=no
	683	SetFilecheckTime=60
	684	TrustedUser=uucp,fax,fnet
	685	SetRecursionLevel=10
	686	SetLoopTime=30
	687	ReportFullDetail = no
	688	ChecksumTest=check
	689
	690	End-of-data
	691	}
	692
	693	mkconfig_log ()
	694	{
	695	test -f "${RCFILE}" \|\| touch "${RCFILE}"
	696	cat >> "${RCFILE}" <<End-of-data
	697	[Log]
	698	MailSeverity=none
	699	LogSeverity=warn
	700	SyslogSeverity=none
	701	PrintSeverity=info
	702	MailSeverity=none
	703	#Restrict to certain classes of messages
	704	#LogClass=RUN
	705	#PreludeSeverity=err
	706	#ExportSeverity=none
	707
	708	End-of-data
	709	}
	710
	711	mkconfig_sev ()
	712	{
	713	test -f "${RCFILE}" \|\| touch "${RCFILE}"
	714	cat >> "${RCFILE}" <<End-of-data
	715	[EventSeverity]
	716	SeverityUser0=crit
	717	SeverityUser1=crit
	718	SeverityReadOnly=crit
	719	SeverityLogFiles=crit
	720	SeverityGrowingLogs=crit
	721	SeverityIgnoreNone=crit
	722	SeverityAttributes=crit
	723	SeverityIgnoreAll=crit
	724	SeverityFiles=err
	725	SeverityDirs=err
	726	SeverityNames=warn
	727
	728	End-of-data
	729	}
	730
	731	prep_testpolicy ()
	732	{
	733	test -f "${RCFILE}" \|\| touch "${RCFILE}"
	734	eval echo '"$'"TESTPOLICY_$1"'"' >>"${RCFILE}"
	735	}
	736
	737	prep_init ()
	738	{
	739	rm -f ./.samhain_file
	740	rm -f "${LOGFILE}"
	741	rm -f ./.samhain_lock
	742
	743	rm -f "${RCFILE}"
	744	mkconfig_sev
	745	mkconfig_log
	746	mkconfig_misc
	747	}
	748
	749	run_init ()
	750	{
[22]	751	rm -f test_log_valgrind
[19]	752
[22]	753	${VALGRIND} ./samhain -t init -p none 2>>test_log_valgrind
	754
[19]	755	if test x$? = x0; then
	756	[ -z "$verbose" ] \|\| log_msg_ok "init...";
	757	else
	758	[ -z "$quiet" ] && log_msg_fail "init...";
	759	return 1
	760	fi
	761	}
	762
	763	run_check ()
	764	{
[22]	765	${VALGRIND} ./samhain -t check -p none -l debug 2>>test_log_valgrind
[19]	766
	767	if test x$? = x0; then
	768	./samhain -j -L $LOGFILE >"${LOGFILE}.tmp" && mv "${LOGFILE}.tmp" "${LOGFILE}"
	769	if [ $? -ne 0 ]; then
	770	[ -z "$quiet" ] && log_msg_fail "mv logfile...";
	771	return 1
	772	fi
	773	[ -z "$verbose" ] \|\| log_msg_ok "check...";
	774	else
	775	[ -z "$quiet" ] && log_msg_fail "check...";
	776	return 1
	777	fi
	778	}
	779
	780	run_update ()
	781	{
[22]	782	${VALGRIND} ./samhain -t update -p none -l debug 2>>test_log_valgrind
[19]	783
	784	if test x$? = x0; then
	785	[ -z "$verbose" ] \|\| log_msg_ok "update...";
	786	else
	787	[ -z "$quiet" ] && log_msg_fail "update...";
	788	return 1
	789	fi
	790	}
	791
	792	run_check_after_update ()
	793	{
	794	rm -rf $LOGFILE
	795
[22]	796	${VALGRIND} ./samhain -t check -p none -l debug 2>>test_log_valgrind
[19]	797
	798	if test x$? = x0; then
	799	#
	800	tmp=`./samhain -j -L $LOGFILE \| grep CRIT \| wc -l`
	801	if [ $tmp -ne 0 ]; then
	802	[ -z "$verbose" ] \|\| log_msg_fail "update not successful(?)";
	803	return 1
	804	fi
	805	tmp=`./samhain -j -L $LOGFILE \| grep ERR \| wc -l`
	806	if [ $tmp -ne 0 ]; then
	807	[ -z "$verbose" ] \|\| log_msg_fail "update not successful(?)";
	808	return 1
	809	fi
	810	#
[22]	811	[ -z "$VALGRIND" ] \|\| {
	812	tmp=`cat test_log_valgrind 2>/dev/null \| wc -l`;
	813	if [ $tmp -ne 0 ]; then
	814	[ -z "$verbose" ] \|\| log_msg_fail "valgrind reports errors";
	815	cat test_log_valgrind
	816	return 1;
	817	fi;
	818	}
	819	#
[19]	820	[ -z "$verbose" ] \|\| log_msg_ok "check(2)...";
	821	else
	822	[ -z "$quiet" ] && log_msg_fail "check(2)...";
	823	return 1
	824	fi
	825	}
	826
	827	prep_testdata ()
	828	{
[22]	829	if [ -d "${BASE}" ]; then
	830	chmod -R 0700 "${BASE}" \|\| {
	831	[ -z "$quiet" ] && log_msg_fail "chmod -R 0700 ${BASE}";
	832	return 1;
	833	}
	834	fi
[19]	835
	836	rm -rf "${BASE}" \|\| {
	837	[ -z "$quiet" ] && log_msg_fail "rm -rf ${BASE}";
	838	return 1;
	839	}
	840
	841	mkdir "${BASE}" \|\| {
	842	[ -z "$quiet" ] && log_msg_fail "mkdir ${BASE}";
	843	return 1;
	844	}
	845
	846	for ff in $TDIRS; do
	847	mkdir "${BASE}/${ff}" \|\| {
	848	[ -z "$quiet" ] && log_msg_fail "mkdir ${BASE}/${ff}";
	849	return 1;
	850	}
	851	chmod 0755 "${BASE}/${ff}"
	852	for gg in $TFILES; do
	853	echo "This is a test file" > "${BASE}/${ff}/${gg}"
	854	chmod 0644 "${BASE}/${ff}/${gg}"
	855	done
	856	done
	857	}
	858
	859	check_err ()
	860	{
	861	if [ $1 -ne 0 ]; then
	862	[ -z "$quiet" ] && log_fail ${2} ${MAXTEST};
	863	return 1
	864	fi
	865	return 0
	866	}
	867
	868	testrun_internal ()
	869	{
	870	[ -z "$verbose" ] \|\| echo Working directory: $PW_DIR
	871	[ -z "$verbose" ] \|\| { echo MAKE is $MAKE; echo; }
	872
	873	#
	874	# test standalone compilation
	875	#
	876	[ -z "$verbose" ] \|\| { echo; echo "${S}Building standalone agent${E}"; echo; }
	877
	878	if test -r "Makefile"; then
	879	$MAKE distclean >/dev/null
	880	fi
	881
	882	${TOP_SRCDIR}/configure ${BUILDOPTS}
	883
	884	#
[1]	885	if test x$? = x0; then
[19]	886	[ -z "$verbose" ] \|\| log_msg_ok "configure...";
	887	$MAKE > /dev/null
[1]	888	if test x$? = x0; then
[19]	889	[ -z "$verbose" ] \|\| log_msg_ok "make...";
[1]	890	else
[19]	891	[ -z "$quiet" ] && log_msg_fail "make...";
	892	return 1
[1]	893	fi
[19]	894
[1]	895	else
[19]	896	[ -z "$quiet" ] && log_msg_fail "configure...";
	897	return 1
[1]	898	fi
	899
[19]	900	[ -z "$verbose" ] \|\| { echo; echo "${S}Running test suite${E}"; echo; }
[1]	901
[19]	902	tcount=1
	903	POLICY=`eval echo '"$'"TESTPOLICY_$tcount"'"'`
[1]	904
[19]	905	until [ -z "$POLICY" ]
	906	do
	907	prep_init
	908	check_err $? ${tcount}; errval=$?
	909	if [ $errval -eq 0 ]; then
	910	prep_testdata
	911	check_err $? ${tcount}; errval=$?
	912	fi
	913	if [ $errval -eq 0 ]; then
	914	prep_testpolicy ${tcount}
	915	check_err $? ${tcount}; errval=$?
	916	fi
	917	if [ $errval -eq 0 ]; then
	918	run_init
	919	check_err $? ${tcount}; errval=$?
	920	fi
	921	if [ $errval -eq 0 ]; then
	922	eval mod_testdata_${tcount}
	923	check_err $? ${tcount}; errval=$?
	924	fi
	925	if [ $errval -eq 0 ]; then
	926	run_check
	927	check_err $? ${tcount}; errval=$?
	928	fi
	929	if [ $errval -eq 0 ]; then
	930	eval chk_testdata_${tcount}
	931	check_err $? ${tcount}; errval=$?
	932	fi
	933	if [ $testrun1_setup -eq 0 ]; then
	934	if [ $errval -eq 0 ]; then
	935	run_update
	936	check_err $? ${tcount}; errval=$?
	937	fi
	938	if [ $errval -eq 0 ]; then
	939	run_check_after_update
	940	check_err $? ${tcount}; errval=$?
	941	fi
	942	fi
	943	#
	944	if [ $errval -eq 0 ]; then
	945	[ -z "$quiet" ] && log_ok ${tcount} ${MAXTEST};
	946	fi
	947	let "tcount = tcount + 1" >/dev/null
	948	POLICY=`eval echo '"$'"TESTPOLICY_$tcount"'"'`
	949	done
	950
	951	return 0
	952	}
[1]	953
[19]	954	testrun1 ()
	955	{
	956	log_start "RUN STANDALONE"
	957	testrun_internal
	958	log_end "RUN STANDALONE"
	959	return 0
	960	}
[1]	961
	962
	963

Note: See TracBrowser for help on using the repository browser.

Download in other formats: