Context Navigation

source: trunk/test/testrun_1.sh@ 20

Last change on this file since 20 was 19, checked in by rainer, 19 years ago
Rewrite of test suite, checksum for growing logs, fix for minor bug with dead client detection.
File size: 24.0 KB

Line
1	#! /bin/sh
2
3	RCFILE="$PW_DIR/testrc_1.dyn"; export RCFILE
4	LOGFILE="$PW_DIR/.samhain_log"; export LOGFILE
5
6	# --enable-login-watch --enable-xml-log
7	# --enable-debug --enable-suidcheck --with-prelude
8
9	BUILDOPTS="--quiet $TRUST --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$RCFILE --with-log-file=$LOGFILE --with-pid-file=$PW_DIR/.samhain_lock --with-data-file=$PW_DIR/.samhain_file --enable-debug"
10	export BUILDOPTS
11
12	BASE="${PW_DIR}/testrun_testdata"; export BASE
13	TDIRS="a b c a/a a/b a/c a/a/a a/a/b a/a/c a/a/a/a a/a/a/b a/a/a/c"; export TDIRS
14	TFILES="x y z"; export TFILES
15
16	###########################################################
17	#
18	# ---- [Define tests here] ----
19	#
20
21	# 1 for testing new tests
22	testrun1_setup=0
23
24	MAXTEST=10; export MAXTEST
25
26	test_dirs () {
27	for ff in $CDIRS; do
28	#
29	egrep "Checking.*${BASE}/${ff}(>\|\")" $LOGFILE >/dev/null 2>&1
30	if [ $? -ne 0 ]; then
31	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff} (checking)";
32	return 1
33	fi
34	tmp=`egrep "Checking.*${BASE}/${ff}(>\|\")" $LOGFILE 2>/dev/null \| wc -l`
35	if [ $tmp -ne 1 ]; then
36	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff} (multiple)";
37	fi
38	#
39	done
40	for ff in $NDIRS; do
41	#
42	egrep "Checking.*${BASE}/${ff}(>\|\")" $LOGFILE >/dev/null 2>&1
43	if [ $? -eq 0 ]; then
44	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff} (checking)";
45	return 1
46	fi
47	done
48	}
49
50	TESTPOLICY_10="
51	[ReadOnly]
52	dir=99${BASE}
53	[IgnoreAll]
54	dir=-1${BASE}/b
55	[Attributes]
56	dir=1${BASE}/a
57	"
58
59	mod_testdata_10 () {
60	sleep 1
61	echo "foobar" >"${BASE}/b/x"; # ok
62	echo "foobar" >"${BASE}/c/x"; # bad
63	echo "foobar" >"${BASE}/a/x"; # ok
64	chmod 0555 "${BASE}/a/a/x"; # bad
65	chmod 0555 "${BASE}/a/a/a/x";# ok
66	chmod 0555 "${BASE}/a/y"; # bad
67	}
68
69	chk_testdata_10 () {
70	# CDIRS="a b c a/a a/b a/c a/a/a a/a/b a/a/c a/a/a/a a/a/a/b a/a/a/c";
71	tmp=`grep CRIT $LOGFILE \| wc -l`
72	if [ $tmp -ne 3 ]; then
73	[ -z "$verbose" ] \|\| log_msg_fail "policy count";
74	return 1
75	fi
76	egrep "CRIT.POLICY \[ReadOnly\] C-------TS.${BASE}/c/x" $LOGFILE >/dev/null 2>&1
77	if [ $? -ne 0 ]; then
78	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/c/x";
79	return 1
80	fi
81	egrep "CRIT.POLICY \[Attributes\] -----M----.${BASE}/a/a/x" $LOGFILE >/dev/null 2>&1
82	if [ $? -ne 0 ]; then
83	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/x";
84	return 1
85	fi
86	egrep "CRIT.POLICY \[Attributes\] -----M----.${BASE}/a/y" $LOGFILE >/dev/null 2>&1
87	if [ $? -ne 0 ]; then
88	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/y";
89	return 1
90	fi
91	CDIRS="a a/a a/b a/c c";
92	NDIRS="b a/a/a a/a/b a/a/c a/a/a/a a/a/a/b a/a/a/c";
93	test_dirs;
94	return $?
95	}
96
97	TESTPOLICY_9="
98	[ReadOnly]
99	dir=0${BASE}/b
100	[Attributes]
101	dir=2${BASE}/a/a
102	"
103
104	mod_testdata_9 () {
105	echo "foobar" >"${BASE}/b/x";
106	echo "foobar" >"${BASE}/a/x";
107	echo "foobar" >"${BASE}/x";
108	}
109
110	chk_testdata_9 () {
111	# CDIRS="a b c a/a a/b a/c a/a/a a/a/b a/a/c a/a/a/a a/a/a/b a/a/a/c";
112	tmp=`grep CRIT $LOGFILE \| wc -l`
113	if [ $tmp -ne 1 ]; then
114	[ -z "$verbose" ] \|\| log_msg_fail "policy count";
115	return 1
116	fi
117	CDIRS="b a/a a/a/a a/a/b a/a/c a/a/a/a a/a/a/b a/a/a/c";
118	NDIRS="a c a/b a/c";
119	test_dirs;
120	return $?
121	}
122
123	TESTPOLICY_8="
124	[ReadOnly]
125	dir=1${BASE}
126	[Attributes]
127	dir=1${BASE}/a/a
128	"
129
130	mod_testdata_8 () {
131	echo "foobar" >"${BASE}/a/x";
132	chmod 0555 "${BASE}/a/a/a/b/x";
133	}
134
135	chk_testdata_8 () {
136	# CDIRS="a b c a/a a/b a/c a/a/a a/a/b a/a/c a/a/a/a a/a/a/b a/a/a/c";
137	tmp=`grep CRIT $LOGFILE \| wc -l`
138	if [ $tmp -ne 1 ]; then
139	[ -z "$verbose" ] \|\| log_msg_fail "policy count";
140	return 1
141	fi
142	CDIRS="a b c a/a a/a/a a/a/b a/a/c";
143	NDIRS="a/b a/c a/a/a/a a/a/a/b a/a/a/c";
144	test_dirs;
145	return $?
146	}
147
148
149	TESTPOLICY_7="
150	[ReadOnly]
151	dir=${BASE}
152	[Attributes]
153	dir=${BASE}/a/a
154	[GrowingLogFiles]
155	dir=${BASE}/a/a/a
156	[IgnoreAll]
157	file=${BASE}/a/a/a/z
158	dir=${BASE}/b
159	"
160
161	mod_testdata_7 () {
162	sleep 1
163	echo "foobar" >"${BASE}/a/a/a/z" # ok
164	echo "foobar" >"${BASE}/a/a/a/x" # bad
165	echo "foobar" >"${BASE}/a/a/x" # ok
166	echo "foobar" >"${BASE}/a/x" # bad
167	chmod 0555 "${BASE}/a" # bad
168	chmod 0555 "${BASE}/b" # ok
169	}
170
171
172	chk_testdata_7 () {
173	tmp=`grep CRIT $LOGFILE \| wc -l`
174	if [ $tmp -ne 3 ]; then
175	[ -z "$verbose" ] \|\| log_msg_fail "policy count";
176	return 1
177	fi
178	egrep "CRIT.POLICY \[GrowingLogs\] C--------S.${BASE}/a/a/a/x" $LOGFILE >/dev/null 2>&1
179	if [ $? -ne 0 ]; then
180	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/a/x";
181	return 1
182	fi
183	egrep "CRIT.POLICY \[ReadOnly\] -----M--T-.${BASE}/a" $LOGFILE >/dev/null 2>&1
184	if [ $? -ne 0 ]; then
185	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a";
186	return 1
187	fi
188	egrep "CRIT.POLICY \[ReadOnly\] C-------TS.${BASE}/a/x" $LOGFILE >/dev/null 2>&1
189	if [ $? -ne 0 ]; then
190	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/x";
191	return 1
192	fi
193	}
194
195
196	TESTPOLICY_6="
197	[ReadOnly]
198	dir=${BASE}
199	[Attributes]
200	file=${BASE}/a/y
201	file=${BASE}/b/y
202	file=${BASE}/c/y
203	file=${BASE}/a/a/y
204	file=${BASE}/a/b/y
205	file=${BASE}/a/c/y
206	file=${BASE}/a/a/a/y
207	file=${BASE}/a/a/b/y
208	file=${BASE}/a/a/c/y
209	file=${BASE}/a/a/a/a/y
210	file=${BASE}/a/a/a/b/y
211	file=${BASE}/a/a/a/c/y
212	"
213
214	mod_testdata_6 () {
215	sleep 1
216	for ff in $TDIRS; do
217	echo "foobar" >"${BASE}/${ff}/x"
218	chmod 0555 "${BASE}/${ff}/y"
219	echo "foobar" >"${BASE}/${ff}/z"
220	done
221	}
222
223	chk_testdata_6 () {
224	count6=0
225	for ff in $TDIRS; do
226	#
227	egrep "Checking.*${BASE}/${ff}(>\|\")" $LOGFILE >/dev/null 2>&1
228	if [ $? -ne 0 ]; then
229	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff} (checking)";
230	return 1
231	fi
232	tmp=`egrep "Checking.*${BASE}/${ff}(>\|\")" $LOGFILE 2>/dev/null \| wc -l`
233	if [ $tmp -ne 1 ]; then
234	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff} (multiple)";
235	fi
236	#
237	for gg in $TFILES; do
238	egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE >/dev/null 2>&1
239	if [ $? -ne 0 ]; then
240	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff}/${gg} (checking)";
241	fi
242	tmp=`egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE 2>/dev/null \| wc -l`
243	if [ $tmp -ne 1 ]; then
244	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff}/${gg} (multiple)";
245	fi
246	done
247	egrep "CRIT.POLICY \[ReadOnly\] C-------TS.${BASE}/${ff}/x" $LOGFILE >/dev/null 2>&1
248	if [ $? -ne 0 ]; then
249	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff}/x";
250	return 1
251	fi
252	let "count6 = count6 + 1" >/dev/null
253	egrep "CRIT.POLICY \[ReadOnly\] C-------TS.${BASE}/${ff}/z" $LOGFILE >/dev/null 2>&1
254	if [ $? -ne 0 ]; then
255	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff}/z";
256	return 1
257	fi
258	let "count6 = count6 + 1" >/dev/null
259	egrep "CRIT.POLICY \[Attributes\] -----M----.${BASE}/${ff}/y" $LOGFILE >/dev/null 2>&1
260	if [ $? -ne 0 ]; then
261	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff}/y";
262	return 1
263	fi
264	let "count6 = count6 + 1" >/dev/null
265	done
266	tmp=`grep CRIT $LOGFILE \| wc -l`
267	if [ $tmp -ne $count6 ]; then
268	[ -z "$verbose" ] \|\| log_msg_fail "policy count";
269	return 1
270	fi
271	}
272
273	TESTPOLICY_5="
274	[Attributes]
275	dir=${BASE}
276	file=${BASE}/a/a/c/x
277	[ReadOnly]
278	file=${BASE}/a/a/c/y
279	[GrowingLogFiles]
280	dir=${BASE}/a/a/c
281	dir=${BASE}/a/a/b
282	dir=${BASE}/a/b
283	"
284
285	mod_testdata_5 () {
286	mod_testdata_4
287	echo "This is a xxxx file" > "${BASE}/a/a/b/x" # GrowingLogFiles
288	echo "This is a test file" > "${BASE}/a/a/b/y" # GrowingLogFiles
289	echo "This is a xxxx file bad" > "${BASE}/a/a/b/z" # GrowingLogFiles
290	}
291
292	chk_testdata_5 () {
293	for ff in $TDIRS; do
294	#
295	egrep "Checking.*${BASE}/${ff}(>\|\")" $LOGFILE >/dev/null 2>&1
296	if [ $? -ne 0 ]; then
297	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff} (checking)";
298	return 1
299	fi
300	tmp=`egrep "Checking.*${BASE}/${ff}(>\|\")" $LOGFILE 2>/dev/null \| wc -l`
301	if [ $tmp -ne 1 ]; then
302	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff} (multiple)";
303	fi
304	#
305	for gg in $TFILES; do
306	egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE >/dev/null 2>&1
307	if [ $? -ne 0 ]; then
308	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff}/${gg} (checking)";
309	fi
310	tmp=`egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE 2>/dev/null \| wc -l`
311	if [ $tmp -ne 1 ]; then
312	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff}/${gg} (multiple)";
313	fi
314	done
315	done
316	egrep "CRIT.POLICY \[GrowingLogs\] C---------.${BASE}/a/a/b/x" $LOGFILE >/dev/null 2>&1
317	if [ $? -ne 0 ]; then
318	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/b/x";
319	return 1
320	fi
321	egrep "CRIT.POLICY \[GrowingLogs\] C---------.${BASE}/a/a/b/z" $LOGFILE >/dev/null 2>&1
322	if [ $? -ne 0 ]; then
323	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/b/z";
324	return 1
325	fi
326	egrep "CRIT.POLICY \[GrowingLogs\] -----M----.${BASE}/a/b/z" $LOGFILE >/dev/null 2>&1
327	if [ $? -ne 0 ]; then
328	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/b/z";
329	return 1
330	fi
331	egrep "CRIT.POLICY \[GrowingLogs\] -----M----.${BASE}/a/a/c/z" $LOGFILE >/dev/null 2>&1
332	if [ $? -ne 0 ]; then
333	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/c/z";
334	return 1
335	fi
336	egrep "CRIT.POLICY \[GrowingLogs\] C--------S.${BASE}/a/b/y" $LOGFILE >/dev/null 2>&1
337	if [ $? -ne 0 ]; then
338	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/b/y";
339	return 1
340	fi
341	egrep "CRIT.POLICY \[Attributes\] -----M----.${BASE}/a/a/c/x" $LOGFILE >/dev/null 2>&1
342	if [ $? -ne 0 ]; then
343	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/c/x";
344	return 1
345	fi
346	egrep "CRIT.POLICY ADDED.${BASE}/a/a/c/foo" $LOGFILE >/dev/null 2>&1
347	if [ $? -ne 0 ]; then
348	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/c/foo";
349	return 1
350	fi
351	egrep "CRIT.POLICY ADDED.033\[1;30m" $LOGFILE >/dev/null 2>&1
352	if [ $? -ne 0 ]; then
353	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/\033[1;30m";
354	return 1
355	fi
356	egrep "WARN.Weird filename.033\[1;30m" $LOGFILE >/dev/null 2>&1
357	if [ $? -ne 0 ]; then
358	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/\033[1;30m";
359	return 1
360	fi
361	egrep "CRIT.POLICY \[ReadOnly\] C-------TS.${BASE}/a/a/c/y" $LOGFILE >/dev/null 2>&1
362	if [ $? -ne 0 ]; then
363	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/c/y";
364	return 1
365	fi
366	tmp=`grep CRIT $LOGFILE \| wc -l`
367	if [ $tmp -ne 9 ]; then
368	[ -z "$verbose" ] \|\| log_msg_fail "policy count";
369	return 1
370	fi
371	}
372
373
374	TESTPOLICY_4="
375	[Attributes]
376	dir=${BASE}
377	file=${BASE}/a/a/c/x
378	[ReadOnly]
379	file=${BASE}/a/a/c/y
380	[LogFiles]
381	dir=${BASE}/a/a/c
382	dir=${BASE}/a/b
383	"
384
385	mod_testdata_4 () {
386	sleep 1
387	echo "foobar" >> "${BASE}/a/a/x" # Attributes
388	echo "foobar" > "${BASE}/a/a/c/foo" # new within LogFiles
389	echo "foobar" >> "${BASE}/a/a/c/y" # ReadOnly
390	echo "foobar" >> "${BASE}/a/a/c/x" # Attributes
391	chmod 0555 "${BASE}/a/a/c/x" # Attributes
392	chmod 0555 "${BASE}/a/a/c/z" # LogFiles
393	echo "foobar" >> "${BASE}/a/b/x" # LogFiles
394	echo "" > "${BASE}/a/b/y" # LogFiles
395	chmod 0555 "${BASE}/a/b/z" # LogFiles
396	touch "${BASE}/a/a/[1;30m" # non-printable character in filename
397	}
398
399	chk_testdata_4 () {
400	for ff in $TDIRS; do
401	#
402	egrep "Checking.*${BASE}/${ff}(>\|\")" $LOGFILE >/dev/null 2>&1
403	if [ $? -ne 0 ]; then
404	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff} (checking)";
405	return 1
406	fi
407	tmp=`egrep "Checking.*${BASE}/${ff}(>\|\")" $LOGFILE 2>/dev/null \| wc -l`
408	if [ $tmp -ne 1 ]; then
409	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff} (multiple)";
410	fi
411	#
412	for gg in $TFILES; do
413	egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE >/dev/null 2>&1
414	if [ $? -ne 0 ]; then
415	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff}/${gg} (checking)";
416	fi
417	tmp=`egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE 2>/dev/null \| wc -l`
418	if [ $tmp -ne 1 ]; then
419	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff}/${gg} (multiple)";
420	fi
421	done
422	done
423	egrep "CRIT.POLICY \[Attributes\] -----M----.${BASE}/a/a/c/x" $LOGFILE >/dev/null 2>&1
424	if [ $? -ne 0 ]; then
425	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/c/x";
426	return 1
427	fi
428	egrep "CRIT.POLICY \[LogFiles\] -----M----.${BASE}/a/b/z" $LOGFILE >/dev/null 2>&1
429	if [ $? -ne 0 ]; then
430	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/b/z";
431	return 1
432	fi
433	egrep "CRIT.POLICY \[LogFiles\] -----M----.${BASE}/a/a/c/z" $LOGFILE >/dev/null 2>&1
434	if [ $? -ne 0 ]; then
435	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/c/z";
436	return 1
437	fi
438	egrep "CRIT.POLICY ADDED.${BASE}/a/a/c/foo" $LOGFILE >/dev/null 2>&1
439	if [ $? -ne 0 ]; then
440	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/c/foo";
441	return 1
442	fi
443	egrep "CRIT.POLICY ADDED.033\[1;30m" $LOGFILE >/dev/null 2>&1
444	if [ $? -ne 0 ]; then
445	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/\033[1;30m";
446	return 1
447	fi
448	egrep "WARN.Weird filename.033\[1;30m" $LOGFILE >/dev/null 2>&1
449	if [ $? -ne 0 ]; then
450	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/\033[1;30m";
451	return 1
452	fi
453	egrep "CRIT.POLICY \[ReadOnly\] C-------TS.${BASE}/a/a/c/y" $LOGFILE >/dev/null 2>&1
454	if [ $? -ne 0 ]; then
455	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/c/y";
456	return 1
457	fi
458	tmp=`grep CRIT $LOGFILE \| wc -l`
459	if [ $tmp -ne 6 ]; then
460	[ -z "$verbose" ] \|\| log_msg_fail "policy count";
461	return 1
462	fi
463	}
464
465	TESTPOLICY_3="
466	[Attributes]
467	dir=${BASE}
468	file=${BASE}/a/a/c/x
469	[ReadOnly]
470	file=${BASE}/a/a/c/y
471	[IgnoreAll]
472	dir=${BASE}/a/a/c
473	"
474	mod_testdata_3 () {
475	sleep 1
476	echo "foobar" > "${BASE}/a/b/foo" # new within Attributes
477	chmod 0555 "${BASE}/a/b"
478	echo "foobar" > "${BASE}/a/a/c/foo" # new within IgnoreAll
479	echo "foobar" > "${BASE}/a/a/c/y" # ReadOnly
480	chmod 0555 "${BASE}/a/a/c/x" # Attributes
481	chmod 0555 "${BASE}/a/a/c/z" # IgnoreAll
482	}
483
484	chk_testdata_3 () {
485	for ff in $TDIRS; do
486	#
487	egrep "Checking.*${BASE}/${ff}(>\|\")" $LOGFILE >/dev/null 2>&1
488	if [ $? -ne 0 ]; then
489	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff} (checking)";
490	return 1
491	fi
492	tmp=`egrep "Checking.*${BASE}/${ff}(>\|\")" $LOGFILE 2>/dev/null \| wc -l`
493	if [ $tmp -ne 1 ]; then
494	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff} (multiple)";
495	fi
496	#
497	for gg in $TFILES; do
498	egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE >/dev/null 2>&1
499	if [ $? -ne 0 ]; then
500	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff}/${gg} (checking)";
501	fi
502	tmp=`egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE 2>/dev/null \| wc -l`
503	if [ $tmp -ne 1 ]; then
504	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff}/${gg} (multiple)";
505	fi
506	done
507	done
508	egrep "CRIT.POLICY ADDED.${BASE}/a/b/foo" $LOGFILE >/dev/null 2>&1
509	if [ $? -ne 0 ]; then
510	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/b/foo";
511	return 1
512	fi
513	egrep "CRIT.POLICY ADDED.${BASE}/a/a/c/foo" $LOGFILE >/dev/null 2>&1
514	if [ $? -ne 0 ]; then
515	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/c/foo";
516	return 1
517	fi
518	egrep "CRIT.POLICY \[Attributes\] -----M----.${BASE}/a/b" $LOGFILE >/dev/null 2>&1
519	if [ $? -ne 0 ]; then
520	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/b";
521	return 1
522	fi
523	egrep "CRIT.POLICY \[Attributes\] -----M----.${BASE}/a/a/c/x" $LOGFILE >/dev/null 2>&1
524	if [ $? -ne 0 ]; then
525	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/c/x";
526	return 1
527	fi
528	egrep "CRIT.POLICY \[ReadOnly\] C-------TS.${BASE}/a/a/c/y" $LOGFILE >/dev/null 2>&1
529	if [ $? -ne 0 ]; then
530	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/c/y";
531	return 1
532	fi
533	tmp=`grep CRIT $LOGFILE \| wc -l`
534	if [ $tmp -ne 5 ]; then
535	[ -z "$verbose" ] \|\| log_msg_fail "policy count";
536	return 1
537	fi
538	}
539
540	TESTPOLICY_2="
541	[ReadOnly]
542	dir=${BASE}
543	file=${BASE}/a/a/c/x
544	[IgnoreAll]
545	dir=${BASE}/a/a/c
546	"
547	mod_testdata_2 () {
548	mod_testdata_1;
549	rm "${BASE}/a/a/c/y"
550	echo "foobar" > "${BASE}/a/a/c/foo"
551	chmod 0555 "${BASE}/a/a/c/x"
552	chmod 0555 "${BASE}/a/a/c/z"
553	}
554
555	chk_testdata_2 () {
556	for ff in $TDIRS; do
557	#
558	egrep "Checking.*${BASE}/${ff}(>\|\")" $LOGFILE >/dev/null 2>&1
559	if [ $? -ne 0 ]; then
560	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff} (checking)";
561	return 1
562	fi
563	tmp=`egrep "Checking.*${BASE}/${ff}(>\|\")" $LOGFILE 2>/dev/null \| wc -l`
564	if [ $tmp -ne 1 ]; then
565	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff} (multiple)";
566	fi
567	#
568	for gg in $TFILES; do
569	egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE >/dev/null 2>&1
570	if [ $? -ne 0 ]; then
571	if [ x"${ff}/${gg}" = x"a/a/c/y" ]; then :; else
572	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff}/${gg} (checking)";
573	return 1
574	fi
575	fi
576	done
577	done
578	egrep "CRIT.POLICY ADDED.${BASE}/a/a/c/foo" $LOGFILE >/dev/null 2>&1
579	if [ $? -ne 0 ]; then
580	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/c/foo";
581	return 1
582	fi
583	egrep "CRIT.POLICY MISSING.${BASE}/a/a/c/y" $LOGFILE >/dev/null 2>&1
584	if [ $? -ne 0 ]; then
585	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/c/y";
586	return 1
587	fi
588	egrep "CRIT.POLICY \[ReadOnly\] -----M--T-.${BASE}/a/a/c/x" $LOGFILE >/dev/null 2>&1
589	if [ $? -ne 0 ]; then
590	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/c/x";
591	return 1
592	fi
593	tmp=`grep CRIT $LOGFILE \| wc -l`
594	if [ $tmp -ne 8 ]; then
595	[ -z "$verbose" ] \|\| log_msg_fail "policy count";
596	return 1
597	fi
598	}
599
600	TESTPOLICY_1="
601	[ReadOnly]
602	dir=${BASE}
603	"
604
605	mod_testdata_1 () {
606	sleep 1
607	touch "${BASE}/a/a/x"
608	chmod 0555 "${BASE}/a/a/y"
609	mv "${BASE}/a/b/y" "${BASE}/a/b/yy"; echo "This is a test file" > "${BASE}/a/b/y"; rm "${BASE}/a/b/yy"
610	echo "foobar" > "${BASE}/a/c/y"
611	}
612
613	chk_testdata_1 () {
614	for ff in $TDIRS; do
615	#
616	egrep "Checking.*${BASE}/${ff}(>\|\")" $LOGFILE >/dev/null 2>&1
617	if [ $? -ne 0 ]; then
618	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff} (checking)";
619	return 1
620	fi
621	tmp=`egrep "Checking.*${BASE}/${ff}(>\|\")" $LOGFILE 2>/dev/null \| wc -l`
622	if [ $tmp -ne 1 ]; then
623	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff} (multiple)";
624	fi
625	#
626	for gg in $TFILES; do
627	egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE >/dev/null 2>&1
628	if [ $? -ne 0 ]; then
629	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff}/${gg} (checking)";
630	return 1
631	fi
632	tmp=`egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE 2>/dev/null \| wc -l`
633	if [ $tmp -ne 1 ]; then
634	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/${ff}/${gg} (multiple)";
635	fi
636	done
637	done
638	egrep "CRIT.POLICY \[ReadOnly\] --------T-.${BASE}/a/a/x" $LOGFILE >/dev/null 2>&1
639	if [ $? -ne 0 ]; then
640	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/x";
641	return 1
642	fi
643	egrep "CRIT.POLICY \[ReadOnly\] -----M--T-.${BASE}/a/a/y" $LOGFILE >/dev/null 2>&1
644	if [ $? -ne 0 ]; then
645	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/a/y";
646	return 1
647	fi
648	egrep "CRIT.POLICY \[ReadOnly\] ---I----T-.${BASE}/a/b/y" $LOGFILE >/dev/null 2>&1
649	if [ $? -ne 0 ]; then
650	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/b/y";
651	return 1
652	fi
653	egrep "CRIT.POLICY \[ReadOnly\] --------T-.${BASE}/a/b" $LOGFILE >/dev/null 2>&1
654	if [ $? -ne 0 ]; then
655	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/b";
656	return 1
657	fi
658	egrep "CRIT.POLICY \[ReadOnly\] C-------TS.${BASE}/a/c/y" $LOGFILE >/dev/null 2>&1
659	if [ $? -ne 0 ]; then
660	[ -z "$verbose" ] \|\| log_msg_fail "${BASE}/a/c/y";
661	return 1
662	fi
663	tmp=`grep CRIT $LOGFILE \| wc -l`
664	if [ $tmp -ne 5 ]; then
665	[ -z "$verbose" ] \|\| log_msg_fail "policy count";
666	return 1
667	fi
668	return 0
669	}
670
671
672	##############################################################
673	#
674	# Common subroutines
675	#
676
677	mkconfig_misc ()
678	{
679	test -f "${RCFILE}" \|\| touch "${RCFILE}"
680	cat >> "${RCFILE}" <<End-of-data
681	[Misc]
682	Daemon=no
683	SetFilecheckTime=60
684	TrustedUser=uucp,fax,fnet
685	SetRecursionLevel=10
686	SetLoopTime=30
687	ReportFullDetail = no
688	ChecksumTest=check
689
690	End-of-data
691	}
692
693	mkconfig_log ()
694	{
695	test -f "${RCFILE}" \|\| touch "${RCFILE}"
696	cat >> "${RCFILE}" <<End-of-data
697	[Log]
698	MailSeverity=none
699	LogSeverity=warn
700	SyslogSeverity=none
701	PrintSeverity=info
702	MailSeverity=none
703	#Restrict to certain classes of messages
704	#LogClass=RUN
705	#PreludeSeverity=err
706	#ExportSeverity=none
707
708	End-of-data
709	}
710
711	mkconfig_sev ()
712	{
713	test -f "${RCFILE}" \|\| touch "${RCFILE}"
714	cat >> "${RCFILE}" <<End-of-data
715	[EventSeverity]
716	SeverityUser0=crit
717	SeverityUser1=crit
718	SeverityReadOnly=crit
719	SeverityLogFiles=crit
720	SeverityGrowingLogs=crit
721	SeverityIgnoreNone=crit
722	SeverityAttributes=crit
723	SeverityIgnoreAll=crit
724	SeverityFiles=err
725	SeverityDirs=err
726	SeverityNames=warn
727
728	End-of-data
729	}
730
731	prep_testpolicy ()
732	{
733	test -f "${RCFILE}" \|\| touch "${RCFILE}"
734	eval echo '"$'"TESTPOLICY_$1"'"' >>"${RCFILE}"
735	}
736
737	prep_init ()
738	{
739	rm -f ./.samhain_file
740	rm -f "${LOGFILE}"
741	rm -f ./.samhain_lock
742
743	rm -f "${RCFILE}"
744	mkconfig_sev
745	mkconfig_log
746	mkconfig_misc
747	}
748
749	run_init ()
750	{
751	./samhain -t init -p none
752
753	if test x$? = x0; then
754	[ -z "$verbose" ] \|\| log_msg_ok "init...";
755	else
756	[ -z "$quiet" ] && log_msg_fail "init...";
757	return 1
758	fi
759	}
760
761	run_check ()
762	{
763	./samhain -t check -p none -l debug
764
765	if test x$? = x0; then
766	./samhain -j -L $LOGFILE >"${LOGFILE}.tmp" && mv "${LOGFILE}.tmp" "${LOGFILE}"
767	if [ $? -ne 0 ]; then
768	[ -z "$quiet" ] && log_msg_fail "mv logfile...";
769	return 1
770	fi
771	[ -z "$verbose" ] \|\| log_msg_ok "check...";
772	else
773	[ -z "$quiet" ] && log_msg_fail "check...";
774	return 1
775	fi
776	}
777
778	run_update ()
779	{
780	./samhain -t update -p none -l debug
781
782	if test x$? = x0; then
783	[ -z "$verbose" ] \|\| log_msg_ok "update...";
784	else
785	[ -z "$quiet" ] && log_msg_fail "update...";
786	return 1
787	fi
788	}
789
790	run_check_after_update ()
791	{
792	rm -rf $LOGFILE
793
794	./samhain -t check -p none -l debug
795
796	if test x$? = x0; then
797	#
798	tmp=`./samhain -j -L $LOGFILE \| grep CRIT \| wc -l`
799	if [ $tmp -ne 0 ]; then
800	[ -z "$verbose" ] \|\| log_msg_fail "update not successful(?)";
801	return 1
802	fi
803	tmp=`./samhain -j -L $LOGFILE \| grep ERR \| wc -l`
804	if [ $tmp -ne 0 ]; then
805	[ -z "$verbose" ] \|\| log_msg_fail "update not successful(?)";
806	return 1
807	fi
808	#
809	[ -z "$verbose" ] \|\| log_msg_ok "check(2)...";
810	else
811	[ -z "$quiet" ] && log_msg_fail "check(2)...";
812	return 1
813	fi
814	}
815
816	prep_testdata ()
817	{
818	chmod -R 0700 "${BASE}" \|\| {
819	[ -z "$quiet" ] && log_msg_fail "chmod -R 0700 ${BASE}";
820	return 1;
821	}
822
823	rm -rf "${BASE}" \|\| {
824	[ -z "$quiet" ] && log_msg_fail "rm -rf ${BASE}";
825	return 1;
826	}
827
828	mkdir "${BASE}" \|\| {
829	[ -z "$quiet" ] && log_msg_fail "mkdir ${BASE}";
830	return 1;
831	}
832
833	for ff in $TDIRS; do
834	mkdir "${BASE}/${ff}" \|\| {
835	[ -z "$quiet" ] && log_msg_fail "mkdir ${BASE}/${ff}";
836	return 1;
837	}
838	chmod 0755 "${BASE}/${ff}"
839	for gg in $TFILES; do
840	echo "This is a test file" > "${BASE}/${ff}/${gg}"
841	chmod 0644 "${BASE}/${ff}/${gg}"
842	done
843	done
844	}
845
846	check_err ()
847	{
848	if [ $1 -ne 0 ]; then
849	[ -z "$quiet" ] && log_fail ${2} ${MAXTEST};
850	return 1
851	fi
852	return 0
853	}
854
855	testrun_internal ()
856	{
857	[ -z "$verbose" ] \|\| echo Working directory: $PW_DIR
858	[ -z "$verbose" ] \|\| { echo MAKE is $MAKE; echo; }
859
860	#
861	# test standalone compilation
862	#
863	[ -z "$verbose" ] \|\| { echo; echo "${S}Building standalone agent${E}"; echo; }
864
865	if test -r "Makefile"; then
866	$MAKE distclean >/dev/null
867	fi
868
869	${TOP_SRCDIR}/configure ${BUILDOPTS}
870
871	#
872	if test x$? = x0; then
873	[ -z "$verbose" ] \|\| log_msg_ok "configure...";
874	$MAKE > /dev/null
875	if test x$? = x0; then
876	[ -z "$verbose" ] \|\| log_msg_ok "make...";
877	else
878	[ -z "$quiet" ] && log_msg_fail "make...";
879	return 1
880	fi
881
882	else
883	[ -z "$quiet" ] && log_msg_fail "configure...";
884	return 1
885	fi
886
887	[ -z "$verbose" ] \|\| { echo; echo "${S}Running test suite${E}"; echo; }
888
889	tcount=1
890	POLICY=`eval echo '"$'"TESTPOLICY_$tcount"'"'`
891
892	until [ -z "$POLICY" ]
893	do
894	prep_init
895	check_err $? ${tcount}; errval=$?
896	if [ $errval -eq 0 ]; then
897	prep_testdata
898	check_err $? ${tcount}; errval=$?
899	fi
900	if [ $errval -eq 0 ]; then
901	prep_testpolicy ${tcount}
902	check_err $? ${tcount}; errval=$?
903	fi
904	if [ $errval -eq 0 ]; then
905	run_init
906	check_err $? ${tcount}; errval=$?
907	fi
908	if [ $errval -eq 0 ]; then
909	eval mod_testdata_${tcount}
910	check_err $? ${tcount}; errval=$?
911	fi
912	if [ $errval -eq 0 ]; then
913	run_check
914	check_err $? ${tcount}; errval=$?
915	fi
916	if [ $errval -eq 0 ]; then
917	eval chk_testdata_${tcount}
918	check_err $? ${tcount}; errval=$?
919	fi
920	if [ $testrun1_setup -eq 0 ]; then
921	if [ $errval -eq 0 ]; then
922	run_update
923	check_err $? ${tcount}; errval=$?
924	fi
925	if [ $errval -eq 0 ]; then
926	run_check_after_update
927	check_err $? ${tcount}; errval=$?
928	fi
929	fi
930	#
931	if [ $errval -eq 0 ]; then
932	[ -z "$quiet" ] && log_ok ${tcount} ${MAXTEST};
933	fi
934	let "tcount = tcount + 1" >/dev/null
935	POLICY=`eval echo '"$'"TESTPOLICY_$tcount"'"'`
936	done
937
938	return 0
939	}
940
941	testrun1 ()
942	{
943	log_start "RUN STANDALONE"
944	testrun_internal
945	log_end "RUN STANDALONE"
946	return 0
947	}
948
949
950

Note: See TracBrowser for help on using the repository browser.

Download in other formats: