Context Navigation

source: trunk/test/testrun_1.sh@ 26

Last change on this file since 26 was 25, checked in by rainer, 19 years ago
More tests; fix for update+schedule issue.
File size: 25.5 KB

Line
1	#! /bin/sh
2
3	RCFILE="$PW_DIR/testrc_1.dyn"; export RCFILE
4	LOGFILE="$PW_DIR/.samhain_log"; export LOGFILE
5
6	# --enable-login-watch --enable-xml-log
7	# --enable-debug --enable-suidcheck --with-prelude
8
9	BUILDOPTS="--quiet $TRUST --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$RCFILE --with-log-file=$LOGFILE --with-pid-file=$PW_DIR/.samhain_lock --with-data-file=$PW_DIR/.samhain_file --enable-debug"
10	export BUILDOPTS
11
12	BASE="${PW_DIR}/testrun_testdata"; export BASE
13	TDIRS="a b c a/a a/b a/c a/a/a a/a/b a/a/c a/a/a/a a/a/a/b a/a/a/c"; export TDIRS
14	TFILES="x y z"; export TFILES
15
16	###########################################################
17	#
18	# ---- [Define tests here] ----
19	#
20
21	# 1 for testing new tests
22	testrun1_setup=0
23
24	MAXTEST=11; export MAXTEST
25
26	test_dirs () {
27	for ff in $CDIRS; do
28	#
29	egrep "Checking.*${BASE}/${ff}(>\|\")" $LOGFILE >/dev/null 2>&1
30	if [ $? -ne 0 ]; then
31	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff} (checking)";
32	return 1
33	fi
34	tmp=`egrep "Checking.*${BASE}/${ff}(>\|\")" $LOGFILE 2>/dev/null \| wc -l`
35	if [ $tmp -ne 1 ]; then
36	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff} (multiple)";
37	fi
38	#
39	done
40	for ff in $NDIRS; do
41	#
42	egrep "Checking.*${BASE}/${ff}(>\|\")" $LOGFILE >/dev/null 2>&1
43	if [ $? -eq 0 ]; then
44	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff} (checking)";
45	return 1
46	fi
47	done
48	}
49
50	#
51	# combine file check schedule with one-shot mode
52	#
53	TESTPOLICY_11="
54	[ReadOnly]
55	dir=99${BASE}
56	"
57
58	mod_testdata_11 () {
59	sleep 1
60	echo "foobar" >"${BASE}/c/x"; # bad
61	chmod 0555 "${BASE}/a/y"; # bad
62	ORIGINAL='SetFilecheckTime=60'
63	REPLACEMENT='FileCheckScheduleOne = 6 12 * * *'
64	ex $RCFILE <<EOF
65	:%s/${ORIGINAL}/${REPLACEMENT}/g
66	:wq
67	EOF
68	}
69
70	chk_testdata_11 () {
71	# CDIRS="a b c a/a a/b a/c a/a/a a/a/b a/a/c a/a/a/a a/a/a/b a/a/a/c";
72	tmp=`grep CRIT $LOGFILE \| wc -l`
73	if [ $tmp -ne 2 ]; then
74	[ -z "$verbose" ] \|\| log_msg_fail "policy count";
75	return 1
76	fi
77	egrep "CRIT.POLICY \[ReadOnly\] C-------TS.${BASE}/c/x" $LOGFILE >/dev/null 2>&1
78	if [ $? -ne 0 ]; then
79	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/c/x";
80	return 1
81	fi
82	egrep "CRIT.POLICY \[ReadOnly\] -----M--T-.${BASE}/a/y" $LOGFILE >/dev/null 2>&1
83	if [ $? -ne 0 ]; then
84	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/y";
85	return 1
86	fi
87	CDIRS="a a/a a/b a/c c b a/a/a a/a/b a/a/c a/a/a/a a/a/a/b a/a/a/c";
88	NDIRS="";
89	test_dirs;
90	return $?
91	}
92
93	TESTPOLICY_10="
94	[ReadOnly]
95	dir=99${BASE}
96	[IgnoreAll]
97	dir=-1${BASE}/b
98	[Attributes]
99	dir=1${BASE}/a
100	"
101
102	mod_testdata_10 () {
103	sleep 1
104	echo "foobar" >"${BASE}/b/x"; # ok
105	echo "foobar" >"${BASE}/c/x"; # bad
106	echo "foobar" >"${BASE}/a/x"; # ok
107	chmod 0555 "${BASE}/a/a/x"; # bad
108	chmod 0555 "${BASE}/a/a/a/x";# ok
109	chmod 0555 "${BASE}/a/y"; # bad
110	}
111
112	chk_testdata_10 () {
113	# CDIRS="a b c a/a a/b a/c a/a/a a/a/b a/a/c a/a/a/a a/a/a/b a/a/a/c";
114	tmp=`grep CRIT $LOGFILE \| wc -l`
115	if [ $tmp -ne 3 ]; then
116	[ -z "$verbose" ] \|\| log_msg_fail "policy count";
117	return 1
118	fi
119	egrep "CRIT.POLICY \[ReadOnly\] C-------TS.${BASE}/c/x" $LOGFILE >/dev/null 2>&1
120	if [ $? -ne 0 ]; then
121	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/c/x";
122	return 1
123	fi
124	egrep "CRIT.POLICY \[Attributes\] -----M----.${BASE}/a/a/x" $LOGFILE >/dev/null 2>&1
125	if [ $? -ne 0 ]; then
126	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/x";
127	return 1
128	fi
129	egrep "CRIT.POLICY \[Attributes\] -----M----.${BASE}/a/y" $LOGFILE >/dev/null 2>&1
130	if [ $? -ne 0 ]; then
131	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/y";
132	return 1
133	fi
134	CDIRS="a a/a a/b a/c c";
135	NDIRS="b a/a/a a/a/b a/a/c a/a/a/a a/a/a/b a/a/a/c";
136	test_dirs;
137	return $?
138	}
139
140	TESTPOLICY_9="
141	[ReadOnly]
142	dir=0${BASE}/b
143	[Attributes]
144	dir=2${BASE}/a/a
145	"
146
147	mod_testdata_9 () {
148	echo "foobar" >"${BASE}/b/x";
149	echo "foobar" >"${BASE}/a/x";
150	echo "foobar" >"${BASE}/x";
151	}
152
153	chk_testdata_9 () {
154	# CDIRS="a b c a/a a/b a/c a/a/a a/a/b a/a/c a/a/a/a a/a/a/b a/a/a/c";
155	tmp=`grep CRIT $LOGFILE \| wc -l`
156	if [ $tmp -ne 1 ]; then
157	[ -z "$verbose" ] \|\| log_msg_fail "policy count";
158	return 1
159	fi
160	CDIRS="b a/a a/a/a a/a/b a/a/c a/a/a/a a/a/a/b a/a/a/c";
161	NDIRS="a c a/b a/c";
162	test_dirs;
163	return $?
164	}
165
166	TESTPOLICY_8="
167	[ReadOnly]
168	dir=1${BASE}
169	[Attributes]
170	dir=1${BASE}/a/a
171	"
172
173	mod_testdata_8 () {
174	echo "foobar" >"${BASE}/a/x";
175	chmod 0555 "${BASE}/a/a/a/b/x";
176	}
177
178	chk_testdata_8 () {
179	# CDIRS="a b c a/a a/b a/c a/a/a a/a/b a/a/c a/a/a/a a/a/a/b a/a/a/c";
180	tmp=`grep CRIT $LOGFILE \| wc -l`
181	if [ $tmp -ne 1 ]; then
182	[ -z "$verbose" ] \|\| log_msg_fail "policy count";
183	return 1
184	fi
185	CDIRS="a b c a/a a/a/a a/a/b a/a/c";
186	NDIRS="a/b a/c a/a/a/a a/a/a/b a/a/a/c";
187	test_dirs;
188	return $?
189	}
190
191
192	TESTPOLICY_7="
193	[ReadOnly]
194	dir=${BASE}
195	[Attributes]
196	dir=${BASE}/a/a
197	[GrowingLogFiles]
198	dir=${BASE}/a/a/a
199	[IgnoreAll]
200	file=${BASE}/a/a/a/z
201	dir=${BASE}/b
202	"
203
204	mod_testdata_7 () {
205	sleep 1
206	echo "foobar" >"${BASE}/a/a/a/z" # ok
207	echo "foobar" >"${BASE}/a/a/a/x" # bad
208	echo "foobar" >"${BASE}/a/a/x" # ok
209	echo "foobar" >"${BASE}/a/x" # bad
210	chmod 0555 "${BASE}/a" # bad
211	chmod 0555 "${BASE}/b" # ok
212	}
213
214
215	chk_testdata_7 () {
216	tmp=`grep CRIT $LOGFILE \| wc -l`
217	if [ $tmp -ne 3 ]; then
218	[ -z "$verbose" ] \|\| log_msg_fail "policy count";
219	return 1
220	fi
221	egrep "CRIT.POLICY \[GrowingLogs\] C--------S.${BASE}/a/a/a/x" $LOGFILE >/dev/null 2>&1
222	if [ $? -ne 0 ]; then
223	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/a/x";
224	return 1
225	fi
226	egrep "CRIT.POLICY \[ReadOnly\] -----M--T-.${BASE}/a" $LOGFILE >/dev/null 2>&1
227	if [ $? -ne 0 ]; then
228	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a";
229	return 1
230	fi
231	egrep "CRIT.POLICY \[ReadOnly\] C-------TS.${BASE}/a/x" $LOGFILE >/dev/null 2>&1
232	if [ $? -ne 0 ]; then
233	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/x";
234	return 1
235	fi
236	}
237
238
239	TESTPOLICY_6="
240	[ReadOnly]
241	dir=${BASE}
242	[Attributes]
243	file=${BASE}/a/y
244	file=${BASE}/b/y
245	file=${BASE}/c/y
246	file=${BASE}/a/a/y
247	file=${BASE}/a/b/y
248	file=${BASE}/a/c/y
249	file=${BASE}/a/a/a/y
250	file=${BASE}/a/a/b/y
251	file=${BASE}/a/a/c/y
252	file=${BASE}/a/a/a/a/y
253	file=${BASE}/a/a/a/b/y
254	file=${BASE}/a/a/a/c/y
255	"
256
257	mod_testdata_6 () {
258	sleep 1
259	for ff in $TDIRS; do
260	echo "foobar" >"${BASE}/${ff}/x"
261	chmod 0555 "${BASE}/${ff}/y"
262	echo "foobar" >"${BASE}/${ff}/z"
263	done
264	}
265
266	chk_testdata_6 () {
267	count6=0
268	for ff in $TDIRS; do
269	#
270	egrep "Checking.*${BASE}/${ff}(>\|\")" $LOGFILE >/dev/null 2>&1
271	if [ $? -ne 0 ]; then
272	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff} (checking)";
273	return 1
274	fi
275	tmp=`egrep "Checking.*${BASE}/${ff}(>\|\")" $LOGFILE 2>/dev/null \| wc -l`
276	if [ $tmp -ne 1 ]; then
277	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff} (multiple)";
278	fi
279	#
280	for gg in $TFILES; do
281	egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE >/dev/null 2>&1
282	if [ $? -ne 0 ]; then
283	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff}/${gg} (checking)";
284	fi
285	tmp=`egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE 2>/dev/null \| wc -l`
286	if [ $tmp -ne 1 ]; then
287	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff}/${gg} (multiple)";
288	fi
289	done
290	egrep "CRIT.POLICY \[ReadOnly\] C-------TS.${BASE}/${ff}/x" $LOGFILE >/dev/null 2>&1
291	if [ $? -ne 0 ]; then
292	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff}/x";
293	return 1
294	fi
295	let "count6 = count6 + 1" >/dev/null
296	egrep "CRIT.POLICY \[ReadOnly\] C-------TS.${BASE}/${ff}/z" $LOGFILE >/dev/null 2>&1
297	if [ $? -ne 0 ]; then
298	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff}/z";
299	return 1
300	fi
301	let "count6 = count6 + 1" >/dev/null
302	egrep "CRIT.POLICY \[Attributes\] -----M----.${BASE}/${ff}/y" $LOGFILE >/dev/null 2>&1
303	if [ $? -ne 0 ]; then
304	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff}/y";
305	return 1
306	fi
307	let "count6 = count6 + 1" >/dev/null
308	done
309	tmp=`grep CRIT $LOGFILE \| wc -l`
310	if [ $tmp -ne $count6 ]; then
311	[ -z "$verbose" ] \|\| log_msg_fail "policy count";
312	return 1
313	fi
314	}
315
316	TESTPOLICY_5="
317	[Attributes]
318	dir=${BASE}
319	file=${BASE}/a/a/c/x
320	[ReadOnly]
321	file=${BASE}/a/a/c/y
322	[GrowingLogFiles]
323	dir=${BASE}/a/a/c
324	dir=${BASE}/a/a/b
325	dir=${BASE}/a/b
326	"
327
328	mod_testdata_5 () {
329	mod_testdata_4
330	echo "This is a xxxx file" > "${BASE}/a/a/b/x" # GrowingLogFiles
331	echo "This is a test file" > "${BASE}/a/a/b/y" # GrowingLogFiles
332	echo "This is a xxxx file bad" > "${BASE}/a/a/b/z" # GrowingLogFiles
333	}
334
335	chk_testdata_5 () {
336	for ff in $TDIRS; do
337	#
338	egrep "Checking.*${BASE}/${ff}(>\|\")" $LOGFILE >/dev/null 2>&1
339	if [ $? -ne 0 ]; then
340	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff} (checking)";
341	return 1
342	fi
343	tmp=`egrep "Checking.*${BASE}/${ff}(>\|\")" $LOGFILE 2>/dev/null \| wc -l`
344	if [ $tmp -ne 1 ]; then
345	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff} (multiple)";
346	fi
347	#
348	for gg in $TFILES; do
349	egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE >/dev/null 2>&1
350	if [ $? -ne 0 ]; then
351	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff}/${gg} (checking)";
352	fi
353	tmp=`egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE 2>/dev/null \| wc -l`
354	if [ $tmp -ne 1 ]; then
355	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff}/${gg} (multiple)";
356	fi
357	done
358	done
359	egrep "CRIT.POLICY \[GrowingLogs\] C---------.${BASE}/a/a/b/x" $LOGFILE >/dev/null 2>&1
360	if [ $? -ne 0 ]; then
361	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/b/x";
362	return 1
363	fi
364	egrep "CRIT.POLICY \[GrowingLogs\] C---------.${BASE}/a/a/b/z" $LOGFILE >/dev/null 2>&1
365	if [ $? -ne 0 ]; then
366	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/b/z";
367	return 1
368	fi
369	egrep "CRIT.POLICY \[GrowingLogs\] -----M----.${BASE}/a/b/z" $LOGFILE >/dev/null 2>&1
370	if [ $? -ne 0 ]; then
371	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/b/z";
372	return 1
373	fi
374	egrep "CRIT.POLICY \[GrowingLogs\] -----M----.${BASE}/a/a/c/z" $LOGFILE >/dev/null 2>&1
375	if [ $? -ne 0 ]; then
376	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/c/z";
377	return 1
378	fi
379	egrep "CRIT.POLICY \[GrowingLogs\] C--------S.${BASE}/a/b/y" $LOGFILE >/dev/null 2>&1
380	if [ $? -ne 0 ]; then
381	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/b/y";
382	return 1
383	fi
384	egrep "CRIT.POLICY \[Attributes\] -----M----.${BASE}/a/a/c/x" $LOGFILE >/dev/null 2>&1
385	if [ $? -ne 0 ]; then
386	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/c/x";
387	return 1
388	fi
389	egrep "CRIT.POLICY ADDED.${BASE}/a/a/c/foo" $LOGFILE >/dev/null 2>&1
390	if [ $? -ne 0 ]; then
391	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/c/foo";
392	return 1
393	fi
394	egrep "CRIT.POLICY ADDED.033\[1;30m" $LOGFILE >/dev/null 2>&1
395	if [ $? -ne 0 ]; then
396	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/\033[1;30m";
397	return 1
398	fi
399	egrep "WARN.Weird filename.033\[1;30m" $LOGFILE >/dev/null 2>&1
400	if [ $? -ne 0 ]; then
401	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/\033[1;30m";
402	return 1
403	fi
404	egrep "CRIT.POLICY \[ReadOnly\] C-------TS.${BASE}/a/a/c/y" $LOGFILE >/dev/null 2>&1
405	if [ $? -ne 0 ]; then
406	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/c/y";
407	return 1
408	fi
409	tmp=`grep CRIT $LOGFILE \| wc -l`
410	if [ $tmp -ne 9 ]; then
411	[ -z "$verbose" ] \|\| log_msg_fail "policy count";
412	return 1
413	fi
414	}
415
416
417	TESTPOLICY_4="
418	[Attributes]
419	dir=${BASE}
420	file=${BASE}/a/a/c/x
421	[ReadOnly]
422	file=${BASE}/a/a/c/y
423	[LogFiles]
424	dir=${BASE}/a/a/c
425	dir=${BASE}/a/b
426	"
427
428	mod_testdata_4 () {
429	sleep 1
430	echo "foobar" >> "${BASE}/a/a/x" # Attributes
431	echo "foobar" > "${BASE}/a/a/c/foo" # new within LogFiles
432	echo "foobar" >> "${BASE}/a/a/c/y" # ReadOnly
433	echo "foobar" >> "${BASE}/a/a/c/x" # Attributes
434	chmod 0555 "${BASE}/a/a/c/x" # Attributes
435	chmod 0555 "${BASE}/a/a/c/z" # LogFiles
436	echo "foobar" >> "${BASE}/a/b/x" # LogFiles
437	echo "" > "${BASE}/a/b/y" # LogFiles
438	chmod 0555 "${BASE}/a/b/z" # LogFiles
439	touch "${BASE}/a/a/[1;30m" # non-printable character in filename
440	}
441
442	chk_testdata_4 () {
443	for ff in $TDIRS; do
444	#
445	egrep "Checking.*${BASE}/${ff}(>\|\")" $LOGFILE >/dev/null 2>&1
446	if [ $? -ne 0 ]; then
447	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff} (checking)";
448	return 1
449	fi
450	tmp=`egrep "Checking.*${BASE}/${ff}(>\|\")" $LOGFILE 2>/dev/null \| wc -l`
451	if [ $tmp -ne 1 ]; then
452	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff} (multiple)";
453	fi
454	#
455	for gg in $TFILES; do
456	egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE >/dev/null 2>&1
457	if [ $? -ne 0 ]; then
458	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff}/${gg} (checking)";
459	fi
460	tmp=`egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE 2>/dev/null \| wc -l`
461	if [ $tmp -ne 1 ]; then
462	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff}/${gg} (multiple)";
463	fi
464	done
465	done
466	egrep "CRIT.POLICY \[Attributes\] -----M----.${BASE}/a/a/c/x" $LOGFILE >/dev/null 2>&1
467	if [ $? -ne 0 ]; then
468	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/c/x";
469	return 1
470	fi
471	egrep "CRIT.POLICY \[LogFiles\] -----M----.${BASE}/a/b/z" $LOGFILE >/dev/null 2>&1
472	if [ $? -ne 0 ]; then
473	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/b/z";
474	return 1
475	fi
476	egrep "CRIT.POLICY \[LogFiles\] -----M----.${BASE}/a/a/c/z" $LOGFILE >/dev/null 2>&1
477	if [ $? -ne 0 ]; then
478	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/c/z";
479	return 1
480	fi
481	egrep "CRIT.POLICY ADDED.${BASE}/a/a/c/foo" $LOGFILE >/dev/null 2>&1
482	if [ $? -ne 0 ]; then
483	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/c/foo";
484	return 1
485	fi
486	egrep "CRIT.POLICY ADDED.033\[1;30m" $LOGFILE >/dev/null 2>&1
487	if [ $? -ne 0 ]; then
488	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/\033[1;30m";
489	return 1
490	fi
491	egrep "WARN.Weird filename.033\[1;30m" $LOGFILE >/dev/null 2>&1
492	if [ $? -ne 0 ]; then
493	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/\033[1;30m";
494	return 1
495	fi
496	egrep "CRIT.POLICY \[ReadOnly\] C-------TS.${BASE}/a/a/c/y" $LOGFILE >/dev/null 2>&1
497	if [ $? -ne 0 ]; then
498	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/c/y";
499	return 1
500	fi
501	tmp=`grep CRIT $LOGFILE \| wc -l`
502	if [ $tmp -ne 6 ]; then
503	[ -z "$verbose" ] \|\| log_msg_fail "policy count";
504	return 1
505	fi
506	}
507
508	TESTPOLICY_3="
509	[Attributes]
510	dir=${BASE}
511	file=${BASE}/a/a/c/x
512	[ReadOnly]
513	file=${BASE}/a/a/c/y
514	[IgnoreAll]
515	dir=${BASE}/a/a/c
516	"
517	mod_testdata_3 () {
518	sleep 1
519	echo "foobar" > "${BASE}/a/b/foo" # new within Attributes
520	chmod 0555 "${BASE}/a/b"
521	echo "foobar" > "${BASE}/a/a/c/foo" # new within IgnoreAll
522	echo "foobar" > "${BASE}/a/a/c/y" # ReadOnly
523	chmod 0555 "${BASE}/a/a/c/x" # Attributes
524	chmod 0555 "${BASE}/a/a/c/z" # IgnoreAll
525	}
526
527	chk_testdata_3 () {
528	for ff in $TDIRS; do
529	#
530	egrep "Checking.*${BASE}/${ff}(>\|\")" $LOGFILE >/dev/null 2>&1
531	if [ $? -ne 0 ]; then
532	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff} (checking)";
533	return 1
534	fi
535	tmp=`egrep "Checking.*${BASE}/${ff}(>\|\")" $LOGFILE 2>/dev/null \| wc -l`
536	if [ $tmp -ne 1 ]; then
537	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff} (multiple)";
538	fi
539	#
540	for gg in $TFILES; do
541	egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE >/dev/null 2>&1
542	if [ $? -ne 0 ]; then
543	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff}/${gg} (checking)";
544	fi
545	tmp=`egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE 2>/dev/null \| wc -l`
546	if [ $tmp -ne 1 ]; then
547	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff}/${gg} (multiple)";
548	fi
549	done
550	done
551	egrep "CRIT.POLICY ADDED.${BASE}/a/b/foo" $LOGFILE >/dev/null 2>&1
552	if [ $? -ne 0 ]; then
553	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/b/foo";
554	return 1
555	fi
556	egrep "CRIT.POLICY ADDED.${BASE}/a/a/c/foo" $LOGFILE >/dev/null 2>&1
557	if [ $? -ne 0 ]; then
558	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/c/foo";
559	return 1
560	fi
561	egrep "CRIT.POLICY \[Attributes\] -----M----.${BASE}/a/b" $LOGFILE >/dev/null 2>&1
562	if [ $? -ne 0 ]; then
563	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/b";
564	return 1
565	fi
566	egrep "CRIT.POLICY \[Attributes\] -----M----.${BASE}/a/a/c/x" $LOGFILE >/dev/null 2>&1
567	if [ $? -ne 0 ]; then
568	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/c/x";
569	return 1
570	fi
571	egrep "CRIT.POLICY \[ReadOnly\] C-------TS.${BASE}/a/a/c/y" $LOGFILE >/dev/null 2>&1
572	if [ $? -ne 0 ]; then
573	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/c/y";
574	return 1
575	fi
576	tmp=`grep CRIT $LOGFILE \| wc -l`
577	if [ $tmp -ne 5 ]; then
578	[ -z "$verbose" ] \|\| log_msg_fail "policy count";
579	return 1
580	fi
581	}
582
583	TESTPOLICY_2="
584	[ReadOnly]
585	dir=${BASE}
586	file=${BASE}/a/a/c/x
587	[IgnoreAll]
588	dir=${BASE}/a/a/c
589	"
590	mod_testdata_2 () {
591	mod_testdata_1;
592	rm "${BASE}/a/a/c/y"
593	echo "foobar" > "${BASE}/a/a/c/foo"
594	chmod 0555 "${BASE}/a/a/c/x"
595	chmod 0555 "${BASE}/a/a/c/z"
596	}
597
598	chk_testdata_2 () {
599	for ff in $TDIRS; do
600	#
601	egrep "Checking.*${BASE}/${ff}(>\|\")" $LOGFILE >/dev/null 2>&1
602	if [ $? -ne 0 ]; then
603	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff} (checking)";
604	return 1
605	fi
606	tmp=`egrep "Checking.*${BASE}/${ff}(>\|\")" $LOGFILE 2>/dev/null \| wc -l`
607	if [ $tmp -ne 1 ]; then
608	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff} (multiple)";
609	fi
610	#
611	for gg in $TFILES; do
612	egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE >/dev/null 2>&1
613	if [ $? -ne 0 ]; then
614	if [ x"${ff}/${gg}" = x"a/a/c/y" ]; then :; else
615	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff}/${gg} (checking)";
616	return 1
617	fi
618	fi
619	done
620	done
621	egrep "CRIT.POLICY ADDED.${BASE}/a/a/c/foo" $LOGFILE >/dev/null 2>&1
622	if [ $? -ne 0 ]; then
623	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/c/foo";
624	return 1
625	fi
626	egrep "CRIT.POLICY MISSING.${BASE}/a/a/c/y" $LOGFILE >/dev/null 2>&1
627	if [ $? -ne 0 ]; then
628	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/c/y";
629	return 1
630	fi
631	egrep "CRIT.POLICY \[ReadOnly\] -----M--T-.${BASE}/a/a/c/x" $LOGFILE >/dev/null 2>&1
632	if [ $? -ne 0 ]; then
633	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/c/x";
634	return 1
635	fi
636	tmp=`grep CRIT $LOGFILE \| wc -l`
637	if [ $tmp -ne 8 ]; then
638	[ -z "$verbose" ] \|\| log_msg_fail "policy count";
639	return 1
640	fi
641	}
642
643	TESTPOLICY_1="
644	[ReadOnly]
645	dir=${BASE}
646	"
647
648	mod_testdata_1 () {
649	sleep 1
650	touch "${BASE}/a/a/x"
651	chmod 0555 "${BASE}/a/a/y"
652	mv "${BASE}/a/b/y" "${BASE}/a/b/yy"; echo "This is a test file" > "${BASE}/a/b/y"; rm "${BASE}/a/b/yy"
653	echo "foobar" > "${BASE}/a/c/y"
654	}
655
656	chk_testdata_1 () {
657	for ff in $TDIRS; do
658	#
659	egrep "Checking.*${BASE}/${ff}(>\|\")" $LOGFILE >/dev/null 2>&1
660	if [ $? -ne 0 ]; then
661	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff} (checking)";
662	return 1
663	fi
664	tmp=`egrep "Checking.*${BASE}/${ff}(>\|\")" $LOGFILE 2>/dev/null \| wc -l`
665	if [ $tmp -ne 1 ]; then
666	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff} (multiple)";
667	fi
668	#
669	for gg in $TFILES; do
670	egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE >/dev/null 2>&1
671	if [ $? -ne 0 ]; then
672	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff}/${gg} (checking)";
673	return 1
674	fi
675	tmp=`egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE 2>/dev/null \| wc -l`
676	if [ $tmp -ne 1 ]; then
677	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff}/${gg} (multiple)";
678	fi
679	done
680	done
681	egrep "CRIT.POLICY \[ReadOnly\] --------T-.${BASE}/a/a/x" $LOGFILE >/dev/null 2>&1
682	if [ $? -ne 0 ]; then
683	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/x";
684	return 1
685	fi
686	egrep "CRIT.POLICY \[ReadOnly\] -----M--T-.${BASE}/a/a/y" $LOGFILE >/dev/null 2>&1
687	if [ $? -ne 0 ]; then
688	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/y";
689	return 1
690	fi
691	egrep "CRIT.POLICY \[ReadOnly\] ---I----T-.${BASE}/a/b/y" $LOGFILE >/dev/null 2>&1
692	if [ $? -ne 0 ]; then
693	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/b/y";
694	return 1
695	fi
696	egrep "CRIT.POLICY \[ReadOnly\] --------T-.${BASE}/a/b" $LOGFILE >/dev/null 2>&1
697	if [ $? -ne 0 ]; then
698	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/b";
699	return 1
700	fi
701	egrep "CRIT.POLICY \[ReadOnly\] C-------TS.${BASE}/a/c/y" $LOGFILE >/dev/null 2>&1
702	if [ $? -ne 0 ]; then
703	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/c/y";
704	return 1
705	fi
706	tmp=`grep CRIT $LOGFILE \| wc -l`
707	if [ $tmp -ne 5 ]; then
708	[ -z "$verbose" ] \|\| log_msg_fail "policy count";
709	return 1
710	fi
711	return 0
712	}
713
714
715	##############################################################
716	#
717	# Common subroutines
718	#
719
720	mkconfig_misc ()
721	{
722	test -f "${RCFILE}" \|\| touch "${RCFILE}"
723	cat >> "${RCFILE}" <<End-of-data
724	[Misc]
725	Daemon=no
726	SetFilecheckTime=60
727	TrustedUser=uucp,fax,fnet
728	SetRecursionLevel=10
729	SetLoopTime=30
730	ReportFullDetail = no
731	ChecksumTest=check
732
733	End-of-data
734	}
735
736	mkconfig_log ()
737	{
738	test -f "${RCFILE}" \|\| touch "${RCFILE}"
739	cat >> "${RCFILE}" <<End-of-data
740	[Log]
741	MailSeverity=none
742	LogSeverity=warn
743	SyslogSeverity=none
744	PrintSeverity=info
745	MailSeverity=none
746	#Restrict to certain classes of messages
747	#LogClass=RUN
748	#PreludeSeverity=err
749	#ExportSeverity=none
750
751	End-of-data
752	}
753
754	mkconfig_sev ()
755	{
756	test -f "${RCFILE}" \|\| touch "${RCFILE}"
757	cat >> "${RCFILE}" <<End-of-data
758	[EventSeverity]
759	SeverityUser0=crit
760	SeverityUser1=crit
761	SeverityReadOnly=crit
762	SeverityLogFiles=crit
763	SeverityGrowingLogs=crit
764	SeverityIgnoreNone=crit
765	SeverityAttributes=crit
766	SeverityIgnoreAll=crit
767	SeverityFiles=err
768	SeverityDirs=err
769	SeverityNames=warn
770
771	End-of-data
772	}
773
774	prep_testpolicy ()
775	{
776	test -f "${RCFILE}" \|\| touch "${RCFILE}"
777	eval echo '"$'"TESTPOLICY_$1"'"' >>"${RCFILE}"
778	}
779
780	prep_init ()
781	{
782	rm -f ./.samhain_file
783	rm -f "${LOGFILE}"
784	rm -f ./.samhain_lock
785
786	rm -f "${RCFILE}"
787	mkconfig_sev
788	mkconfig_log
789	mkconfig_misc
790	}
791
792	run_init ()
793	{
794	rm -f test_log_valgrind
795
796	${VALGRIND} ./samhain -t init -p none 2>>test_log_valgrind
797
798	if test x$? = x0; then
799	[ -z "$verbose" ] \|\| log_msg_ok "init...";
800	else
801	[ -z "$quiet" ] && log_msg_fail "init...";
802	return 1
803	fi
804	}
805
806	run_check ()
807	{
808	${VALGRIND} ./samhain -t check -p none -l debug 2>>test_log_valgrind
809
810	if test x$? = x0; then
811	./samhain -j -L $LOGFILE >"${LOGFILE}.tmp" && mv "${LOGFILE}.tmp" "${LOGFILE}"
812	if [ $? -ne 0 ]; then
813	[ -z "$quiet" ] && log_msg_fail "mv logfile...";
814	return 1
815	fi
816	[ -z "$verbose" ] \|\| log_msg_ok "check...";
817	else
818	[ -z "$quiet" ] && log_msg_fail "check...";
819	return 1
820	fi
821	}
822
823	run_update ()
824	{
825	${VALGRIND} ./samhain -t update -p none -l debug 2>>test_log_valgrind
826
827	if test x$? = x0; then
828	[ -z "$verbose" ] \|\| log_msg_ok "update...";
829	else
830	[ -z "$quiet" ] && log_msg_fail "update...";
831	return 1
832	fi
833	}
834
835	run_check_after_update ()
836	{
837	rm -rf $LOGFILE
838
839	${VALGRIND} ./samhain -t check -p none -l debug 2>>test_log_valgrind
840
841	if test x$? = x0; then
842	#
843	tmp=`./samhain -j -L $LOGFILE \| grep CRIT \| wc -l`
844	if [ $tmp -ne 0 ]; then
845	[ -z "$verbose" ] \|\| log_msg_fail "update not successful(?)";
846	return 1
847	fi
848	tmp=`./samhain -j -L $LOGFILE \| grep ERR \| wc -l`
849	if [ $tmp -ne 0 ]; then
850	[ -z "$verbose" ] \|\| log_msg_fail "update not successful(?)";
851	return 1
852	fi
853	#
854	[ -z "$VALGRIND" ] \|\| {
855	tmp=`cat test_log_valgrind 2>/dev/null \| wc -l`;
856	if [ $tmp -ne 0 ]; then
857	[ -z "$verbose" ] \|\| log_msg_fail "valgrind reports errors";
858	cat test_log_valgrind
859	return 1;
860	fi;
861	}
862	#
863	[ -z "$verbose" ] \|\| log_msg_ok "check(2)...";
864	else
865	[ -z "$quiet" ] && log_msg_fail "check(2)...";
866	return 1
867	fi
868	}
869
870	prep_testdata ()
871	{
872	if [ -d "${BASE}" ]; then
873	chmod -R 0700 "${BASE}" \|\| {
874	[ -z "$quiet" ] && log_msg_fail "chmod -R 0700 ${BASE}";
875	return 1;
876	}
877	fi
878
879	rm -rf "${BASE}" \|\| {
880	[ -z "$quiet" ] && log_msg_fail "rm -rf ${BASE}";
881	return 1;
882	}
883
884	mkdir "${BASE}" \|\| {
885	[ -z "$quiet" ] && log_msg_fail "mkdir ${BASE}";
886	return 1;
887	}
888
889	for ff in $TDIRS; do
890	mkdir "${BASE}/${ff}" \|\| {
891	[ -z "$quiet" ] && log_msg_fail "mkdir ${BASE}/${ff}";
892	return 1;
893	}
894	chmod 0755 "${BASE}/${ff}"
895	for gg in $TFILES; do
896	echo "This is a test file" > "${BASE}/${ff}/${gg}"
897	chmod 0644 "${BASE}/${ff}/${gg}"
898	done
899	done
900	}
901
902	check_err ()
903	{
904	if [ $1 -ne 0 ]; then
905	[ -z "$quiet" ] && log_fail ${2} ${MAXTEST};
906	return 1
907	fi
908	return 0
909	}
910
911	testrun_internal ()
912	{
913	[ -z "$verbose" ] \|\| echo Working directory: $PW_DIR
914	[ -z "$verbose" ] \|\| { echo MAKE is $MAKE; echo; }
915
916	#
917	# test standalone compilation
918	#
919	[ -z "$verbose" ] \|\| { echo; echo "${S}Building standalone agent${E}"; echo; }
920
921	if test -r "Makefile"; then
922	$MAKE distclean >/dev/null
923	fi
924
925	${TOP_SRCDIR}/configure ${BUILDOPTS}
926
927	#
928	if test x$? = x0; then
929	[ -z "$verbose" ] \|\| log_msg_ok "configure...";
930	$MAKE > /dev/null
931	if test x$? = x0; then
932	[ -z "$verbose" ] \|\| log_msg_ok "make...";
933	else
934	[ -z "$quiet" ] && log_msg_fail "make...";
935	return 1
936	fi
937
938	else
939	[ -z "$quiet" ] && log_msg_fail "configure...";
940	return 1
941	fi
942
943	[ -z "$verbose" ] \|\| { echo; echo "${S}Running test suite${E}"; echo; }
944
945	tcount=1
946	POLICY=`eval echo '"$'"TESTPOLICY_$tcount"'"'`
947
948	until [ -z "$POLICY" ]
949	do
950	prep_init
951	check_err $? ${tcount}; errval=$?
952	if [ $errval -eq 0 ]; then
953	prep_testdata
954	check_err $? ${tcount}; errval=$?
955	fi
956	if [ $errval -eq 0 ]; then
957	prep_testpolicy ${tcount}
958	check_err $? ${tcount}; errval=$?
959	fi
960	if [ $errval -eq 0 ]; then
961	run_init
962	check_err $? ${tcount}; errval=$?
963	fi
964	if [ $errval -eq 0 ]; then
965	eval mod_testdata_${tcount}
966	check_err $? ${tcount}; errval=$?
967	fi
968	if [ $errval -eq 0 ]; then
969	run_check
970	check_err $? ${tcount}; errval=$?
971	fi
972	if [ $errval -eq 0 ]; then
973	eval chk_testdata_${tcount}
974	check_err $? ${tcount}; errval=$?
975	fi
976	if [ $testrun1_setup -eq 0 ]; then
977	if [ $errval -eq 0 ]; then
978	run_update
979	check_err $? ${tcount}; errval=$?
980	fi
981	if [ $errval -eq 0 ]; then
982	run_check_after_update
983	check_err $? ${tcount}; errval=$?
984	fi
985	fi
986	#
987	if [ $errval -eq 0 ]; then
988	[ -z "$quiet" ] && log_ok ${tcount} ${MAXTEST};
989	fi
990	let "tcount = tcount + 1" >/dev/null
991	POLICY=`eval echo '"$'"TESTPOLICY_$tcount"'"'`
992	done
993
994	return 0
995	}
996
997	testrun1 ()
998	{
999	log_start "RUN STANDALONE"
1000	testrun_internal
1001	log_end "RUN STANDALONE"
1002	return 0
1003	}
1004
1005
1006

Note: See TracBrowser for help on using the repository browser.

Download in other formats: