source: trunk/test/testrun_1b.sh@ 194

Last change on this file since 194 was 170, checked in by katerina, 17 years ago

Plenty of compiler warnings fixed, SQL query length fixed, doc update.

File size: 14.2 KB
RevLine 
[1]1#! /bin/sh
2
[27]3#
4# Copyright Rainer Wichmann (2006)
5#
6# License Information:
7# This program is free software; you can redistribute it and/or modify
8# it under the terms of the GNU General Public License as published by
9# the Free Software Foundation; either version 2 of the License, or
10# (at your option) any later version.
11#
12# This program is distributed in the hope that it will be useful,
13# but WITHOUT ANY WARRANTY; without even the implied warranty of
14# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15# GNU General Public License for more details.
16#
17# You should have received a copy of the GNU General Public License
18# along with this program; if not, write to the Free Software
19# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
20#
[1]21
[170]22MAXTEST=7; export MAXTEST
[19]23LOGFILE="$PW_DIR/.samhain_log"; export LOGFILE
24RCFILE="$PW_DIR/testrc_1.dyn"; export RCFILE
[1]25
[170]26testrun1b_modrc ()
27{
28 ORIGINAL="\[EOF\]"
29 REPLACEMENT="\[PortCheck\]"
30 ex -s $RCFILE <<EOF
31%s/$ORIGINAL/$REPLACEMENT/g
32wq
33EOF
34
35 echo "PortCheckActive = yes" >>"$RCFILE"
36 echo "PortCheckInterface = 127.0.0.1" >>"$RCFILE"
37}
38
[19]39testrun1b_internal ()
[1]40{
[19]41 BUILDOPTS="$1"
[1]42 #
43 # test standalone compilation
44 #
[19]45 [ -z "$verbose" ] || { echo; echo "${S}Building standalone agent${E}"; echo; }
[1]46 #
47 if test -r "Makefile"; then
[22]48 $MAKE distclean >/dev/null >&1
[1]49 fi
50 #
[159]51 # Bootstrapping
[1]52 #
[159]53 ${TOP_SRCDIR}/configure >/dev/null 2>/dev/null
54 if test x$? = x0; then
55 [ -z "$verbose" ] || log_msg_ok "configure (bootstrap)...";
56 $MAKE > /dev/null 2>&1
57 if test x$? = x0; then
58 [ -z "$verbose" ] || log_msg_ok "make (bootstrap)...";
59 else
60 [ -z "$quiet" ] && log_msg_fail "make (bootstrap)...";
61 return 1
62 fi
63
64 else
65 [ -z "$quiet" ] && log_msg_fail "configure (bootstrap)...";
66 return 1
67 fi
[1]68 #
69 #
[159]70 ${TOP_SRCDIR}/configure ${BUILDOPTS} 2>/dev/null | \
71 egrep 'use existing [./[:alnum:]]+ for gpg checksum' >/dev/null
72 #
73 #
[1]74 if test x$? = x0; then
[19]75 [ -z "$verbose" ] || log_msg_ok "configure...";
[22]76 $MAKE > /dev/null 2>&1
[1]77 if test x$? = x0; then
[19]78 [ -z "$verbose" ] || log_msg_ok "make...";
[1]79 else
[19]80 [ -z "$quiet" ] && log_msg_fail "make...";
81 return 1
[1]82 fi
83
84 else
[19]85 [ -z "$quiet" ] && log_msg_fail "configure...";
86 return 1
[1]87 fi
88
[19]89 SKIP=`awk '/^__ARCHIVE_FOLLOWS__/ { print NR + 1; exit 0; }' ${SCRIPTDIR}/test.sh`
[1]90
[19]91 tail -n "+$SKIP" ${SCRIPTDIR}/test.sh >/dev/null 2>&1
92 if [ $? -eq 0 ]; then
[159]93 tail -n "+$SKIP" ${SCRIPTDIR}/test.sh | gunzip -c - 2>/dev/null | tar xf - && \
[19]94 mv "./testrc.gpg.asc" "$RCFILE"
95 else
[159]96 tail "+$SKIP" ${SCRIPTDIR}/test.sh | gunzip -c - 2>/dev/null | tar xf - && \
[19]97 mv "./testrc.gpg.asc" "$RCFILE"
98 fi
99 if test x$? = x0; then
100 [ -z "$verbose" ] || log_msg_ok "extract gpg signed files...";
101 else
102 [ -z "$quiet" ] && log_msg_fail "extract gpg signed files...";
103 return 1
104 fi
105
[52]106 if test "x$2" = "x"; then
107 :
108 else
109 CONVERT="$2"
110 if test -f "${TOP_SRCDIR}/stealth_template.jpg"; then
111 [ -z "$verbose" ] || log_msg_ok "convert..."
112 "${CONVERT}" +compress "${TOP_SRCDIR}/stealth_template.jpg" stealth_template.ps >/dev/null
113 else
114 [ -z "$quiet" ] && log_msg_fail "cannot find file stealth_template.jpg"
115 return 1
116 fi
117 if [ $? -ne 0 ]; then
118 [ -z "$quiet" ] && log_msg_fail "${CONVERT} +compress ${TOP_SRCDIR}/stealth_template.jpg stealth_template.ps";
119 return 1
120 fi
121
122 [ -z "$verbose" ] || log_msg_ok "hide..."
123 ./samhain_stealth -s stealth_template.ps "$RCFILE" >/dev/null
124 if [ $? -ne 0 ]; then
125 [ -z "$quiet" ] && log_msg_fail "${CONVERT} +compress ${TOP_SRCDIR}/stealth_template.jpg stealth_template.ps";
126 return 1
127 fi
128
129 mv -f stealth_template.ps "$RCFILE"
130 if [ $? -ne 0 ]; then
131 [ -z "$quiet" ] && log_msg_fail "mv -f stealth_template.ps $RCFILE";
132 return 1
133 fi
134
135 fi
136
[1]137 rm -f ./.samhain_file
138 rm -f ./.samhain_log
139 rm -f ./.samhain_lock
140
[19]141 ./samhain -t init -p none -l info
[1]142
143 if test x$? = x0; then
[19]144 [ -z "$verbose" ] || log_msg_ok "init...";
145 else
146 [ -z "$quiet" ] && log_msg_fail "init...";
147 return 1
148 fi
[1]149
[19]150 mv $PW_DIR/.samhain_file.asc $PW_DIR/.samhain_file
151}
[1]152
[169]153testrun1b_nogpg ()
154{
155 BUILDOPTS="$1"
156 #
157 # test standalone compilation
158 #
159 [ -z "$verbose" ] || { echo; echo "${S}Building standalone agent${E}"; echo; }
160 #
161 if test -r "Makefile"; then
162 $MAKE distclean >/dev/null >&1
163 fi
164
165 ${TOP_SRCDIR}/configure ${BUILDOPTS} 2>/dev/null
166 #
167 #
168 if test x$? = x0; then
169 [ -z "$verbose" ] || log_msg_ok "configure...";
170 $MAKE > /dev/null 2>&1
171 if test x$? = x0; then
172 [ -z "$verbose" ] || log_msg_ok "make...";
173 else
174 [ -z "$quiet" ] && log_msg_fail "make...";
175 return 1
176 fi
177
178 else
179 [ -z "$quiet" ] && log_msg_fail "configure...";
180 return 1
181 fi
182
183 rm -f ./.samhain_file
184 rm -f ./.samhain_log
185 rm -f ./.samhain_lock
186
187 cp "${SCRIPTDIR}/testrc_1" "${RCFILE}"
188
[170]189 if test "x$2" = "xmodrc"; then
190 [ -z "$verbose" ] || log_msg_ok "mod rc...";
191 testrun1b_modrc
192 fi
193
[169]194 ./samhain -t init -p none -l info
195
196 if test x$? = x0; then
197 [ -z "$verbose" ] || log_msg_ok "init...";
198 else
199 [ -z "$quiet" ] && log_msg_fail "init...";
200 return 1
201 fi
202
203}
204
[19]205do_test_1b () {
206
207 ./samhain -t check -p none -l info
208
209 if test x$? = x0; then
210 ./samhain -j -L $LOGFILE >"${LOGFILE}.tmp" && mv "${LOGFILE}.tmp" "${LOGFILE}"
211 if [ $? -ne 0 ]; then
212 [ -z "$quiet" ] && log_msg_fail "mv logfile...";
213 return 1
[1]214 fi
[19]215 [ -z "$verbose" ] || log_msg_ok "check...";
216 else
217 [ -z "$quiet" ] && log_msg_fail "check...";
218 return 1
219 fi
220 #
221 tmp=`egrep "Checking.*/etc(>|\")" $LOGFILE 2>/dev/null | wc -l`
222 if [ $tmp -ne 2 ]; then
223 [ -z "$verbose" ] || log_msg_fail "/etc";
[60]224 return 1
[19]225 fi
226 tmp=`egrep "Checking.*(>|\")" $LOGFILE 2>/dev/null | wc -l`
[60]227 if [ $tmp -ne 8 ]; then
[19]228 [ -z "$verbose" ] || log_msg_fail "checking";
[60]229 return 1
[19]230 fi
[60]231 egrep "ADDED" $LOGFILE >/dev/null 2>&1
232 if [ $? -eq 0 ]; then
233 [ -z "$verbose" ] || log_msg_fail "init was incomplete";
234 return 1
235 fi
[19]236 #
237 return 0
[1]238}
239
[19]240do_test_1b_2 () {
[1]241
[19]242 rm -f $PW_DIR/test_log_prelude
[1]243
[20]244 "$PM" --textmod -l $PW_DIR/test_log_prelude --listen 127.0.0.1:5500 >/dev/null 2>&1 &
[19]245 PID=$!
[1]246
[51]247 five_sec_sleep
[20]248
249 ./samhain -t check -p none -l info --set-prelude-severity=info --prelude --server-addr 127.0.0.1:5500 >/dev/null
[19]250
251 if test x$? = x0; then
252 ./samhain -j -L $LOGFILE >"${LOGFILE}.tmp" && mv "${LOGFILE}.tmp" "${LOGFILE}"
253 if [ $? -ne 0 ]; then
254 [ -z "$quiet" ] && log_msg_fail "mv logfile...";
255 kill $PID
256 return 1
257 fi
258 [ -z "$verbose" ] || log_msg_ok "check...";
259 else
260 [ -z "$quiet" ] && log_msg_fail "check...";
261 kill $PID
262 return 1
263 fi
264 #
265 tmp=`egrep 'File original:.*name=etc.*path=/etc' test_log_prelude 2>/dev/null | wc -l`
[81]266 if [ $tmp -lt 1 ]; then
[19]267 [ -z "$verbose" ] || log_msg_fail "/etc";
268 fi
269 tmp=`egrep 'Classification text: Checking' test_log_prelude 2>/dev/null | wc -l`
[81]270 if [ $tmp -lt 1 ]; then
[19]271 [ -z "$verbose" ] || log_msg_fail "checking";
272 fi
[170]273 #
274 if test "x$2" = "xmodrc"; then
275 tmp=`egrep 'Classification text: Service opened' test_log_prelude 2>/dev/null | wc -l`
276 if [ $tmp -lt 1 ]; then
277 [ -z "$verbose" ] || log_msg_fail "service";
278 fi
279 tmp=`egrep 'Service: port=5500' test_log_prelude 2>/dev/null | wc -l`
280 if [ $tmp -lt 1 ]; then
281 [ -z "$verbose" ] || log_msg_fail "port 5500";
282 fi
[19]283 fi
284 #
285 kill $PID
286 return 0
287}
[1]288
[19]289testrun1b ()
290{
291 log_start "RUN STANDALONE W/STEALTH W/GPG"
292 GPG=`find_path gpg`
293 if [ -z "$GPG" ]; then
294 log_skip 1 $MAXTEST 'gpg not found in $PATH'
295 log_skip 2 $MAXTEST 'gpg not found in $PATH'
[100]296 log_skip 3 $MAXTEST 'gpg not found in $PATH'
[170]297 log_skip 4 $MAXTEST 'gpg not found in $PATH'
298 log_skip 5 $MAXTEST 'gpg not found in $PATH'
299 log_skip 6 $MAXTEST 'gpg not found in $PATH'
300 log_skip 7 $MAXTEST 'gpg not found in $PATH'
[19]301 else
302 eval "$GPG" --list-keys 0F571F6C >/dev/null 2>/dev/null
303 if [ $? -ne 0 ]; then
304 log_skip 1 $MAXTEST 'public PGP key 0x0F571F6C not present'
305 log_skip 2 $MAXTEST 'public PGP key 0x0F571F6C not present'
[100]306 log_skip 3 $MAXTEST 'public PGP key 0x0F571F6C not present'
[163]307 log_skip 4 $MAXTEST 'public PGP key 0x0F571F6C not present'
308 log_skip 5 $MAXTEST 'public PGP key 0x0F571F6C not present'
[170]309 log_skip 6 $MAXTEST 'public PGP key 0x0F571F6C not present'
310 log_skip 7 $MAXTEST 'public PGP key 0x0F571F6C not present'
[19]311 else
[52]312 #
313 # ------------- first test -------------
314 #
[163]315 BUILDOPTS="--quiet $TRUST --enable-debug --with-gpg=${GPG} --enable-micro-stealth=137 --enable-login-watch --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$RCFILE --with-log-file=$PW_DIR/.samhain_log --with-pid-file=$PW_DIR/.samhain_lock --with-data-file=$PW_DIR/.samhain_file"
[52]316 testrun1b_internal "${BUILDOPTS}"
[19]317 do_test_1b
318 if [ $? -eq 0 ]; then
319 log_ok 1 $MAXTEST 'gpg signed config/database files'
320 else
321 log_fail 1 $MAXTEST 'gpg signed config/database files'
322 fi
[52]323
324
325 #
326 # ------------- second test -------------
327 #
[163]328 BUILDOPTS="--quiet $TRUST --enable-debug --with-gpg=${GPG} --with-checksum --enable-micro-stealth=137 --enable-login-watch --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$RCFILE --with-log-file=$PW_DIR/.samhain_log --with-pid-file=$PW_DIR/.samhain_lock --with-data-file=$PW_DIR/.samhain_file"
329 testrun1b_internal "${BUILDOPTS}"
330 do_test_1b
331 if [ $? -eq 0 ]; then
332 log_ok 2 $MAXTEST 'gpg signed config/database files'
333 else
334 log_fail 2 $MAXTEST 'gpg signed config/database files'
335 fi
336
337
338 #
339 # ------------- third test -------------
340 #
341 BUILDOPTS="--quiet $TRUST --enable-debug --with-gpg=${GPG} --with-checksum --with-fp=EF6CEF54701A0AFDB86AF4C31AAD26C80F571F6C --enable-micro-stealth=137 --enable-login-watch --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$RCFILE --with-log-file=$PW_DIR/.samhain_log --with-pid-file=$PW_DIR/.samhain_lock --with-data-file=$PW_DIR/.samhain_file"
342 testrun1b_internal "${BUILDOPTS}"
343 do_test_1b
344 if [ $? -eq 0 ]; then
345 log_ok 3 $MAXTEST 'gpg signed config/database files'
346 else
347 log_fail 3 $MAXTEST 'gpg signed config/database files'
348 fi
349
350
351 #
352 # ------------- fourth test -------------
353 #
[52]354 PRECONV=`find_path convert`
355 "${PRECONV}" --help | grep ImageMagick >/dev/null 2>&1 && \
356 CONVERT="${PRECONV}"
357
358 if [ -z "$CONVERT" ]; then
359 log_skip 2 $MAXTEST 'ImageMagick convert not found in $PATH'
360 else
[159]361 BUILDOPTS="--quiet $TRUST --enable-debug --with-gpg=${GPG} --with-checksum --enable-stealth=137 --enable-login-watch --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$RCFILE --with-log-file=$PW_DIR/.samhain_log --with-pid-file=$PW_DIR/.samhain_lock --with-data-file=$PW_DIR/.samhain_file"
[52]362 testrun1b_internal "${BUILDOPTS}" "$CONVERT"
363 do_test_1b
364 if [ $? -eq 0 ]; then
[163]365 log_ok 4 $MAXTEST 'gpg signed config/database files'
[52]366 else
[163]367 log_fail 4 $MAXTEST 'gpg signed config/database files'
[52]368 fi
369 fi
370
371
372 #
[163]373 # ------------- fifth test -------------
[52]374 #
[170]375 if ! test -d /var/run/prelude-manager
[96]376 then
[170]377 [ -z "$verbose" ] || log_msg_ok "create /var/run/prelude-manager...";
378 sudo mkdir /var/run/prelude-manager
379 sudo chown prelude:rainer /var/run/prelude-manager
380 sudo chmod 770 /var/run/prelude-manager
[96]381 fi
382 #
[19]383 PM=`find_path prelude-manager`
384 if [ -z "$PM" ]; then
[163]385 log_skip 5 $MAXTEST 'prelude-manager not found in $PATH'
[19]386 elif [ -z "$doall" ]; then
[163]387 log_skip 5 $MAXTEST 'logging to prelude (or use --really-all)'
[19]388 else
[159]389 BUILDOPTS="--quiet $TRUST --enable-debug --with-prelude --with-gpg=${GPG} --with-checksum --enable-micro-stealth=137 --enable-login-watch --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$RCFILE --with-log-file=$PW_DIR/.samhain_log --with-pid-file=$PW_DIR/.samhain_lock --with-data-file=$PW_DIR/.samhain_file"
[20]390 testrun1b_internal "${BUILDOPTS} CFLAGS=-DSH_NOFAILOVER=1"
[19]391 do_test_1b_2
392 if [ $? -eq 0 ]; then
[163]393 log_ok 5 $MAXTEST 'logging to prelude'
[19]394 else
[163]395 log_fail 5 $MAXTEST 'logging to prelude'
[19]396 fi
397 fi
[169]398
399 #
400 # ------------- sixth test -------------
401 #
[170]402 if ! test -d /var/run/prelude-manager
[169]403 then
[170]404 [ -z "$verbose" ] || log_msg_ok "create /var/run/prelude-manager...";
405 sudo mkdir /var/run/prelude-manager
406 sudo chown prelude:rainer /var/run/prelude-manager
407 sudo chmod 770 /var/run/prelude-manager
[169]408 fi
409 #
410 PM=`find_path prelude-manager`
411 if [ -z "$PM" ]; then
412 log_skip 6 $MAXTEST 'prelude-manager not found in $PATH'
413 elif [ -z "$doall" ]; then
414 log_skip 6 $MAXTEST 'logging to prelude (or use --really-all)'
415 else
416 BUILDOPTS="--quiet $TRUST --with-prelude --enable-login-watch --enable-mounts-check --enable-process-check --enable-port-check --enable-suidcheck --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$RCFILE --with-log-file=$PW_DIR/.samhain_log --with-pid-file=$PW_DIR/.samhain_lock --with-data-file=$PW_DIR/.samhain_file"
417 testrun1b_nogpg "${BUILDOPTS} CFLAGS=-DSH_NOFAILOVER=1"
418 do_test_1b_2
419 if [ $? -eq 0 ]; then
420 log_ok 6 $MAXTEST 'logging to prelude'
421 else
422 log_fail 6 $MAXTEST 'logging to prelude'
423 fi
424 fi
425
[170]426 #
427 # ------------- seventh test -----------
428 #
429 if ! test -d /var/run/prelude-manager
430 then
431 [ -z "$verbose" ] || log_msg_ok "create /var/run/prelude-manager...";
432 sudo mkdir /var/run/prelude-manager
433 sudo chown prelude:rainer /var/run/prelude-manager
434 sudo chmod 770 /var/run/prelude-manager
435 fi
436 #
437 PM=`find_path prelude-manager`
438 if [ -z "$PM" ]; then
439 log_skip 7 $MAXTEST 'prelude-manager not found in $PATH'
440 elif [ -z "$doall" ]; then
441 log_skip 7 $MAXTEST 'logging to prelude (or use --really-all)'
442 else
443 BUILDOPTS="--quiet $TRUST --with-prelude --enable-login-watch --enable-mounts-check --enable-process-check --enable-port-check --enable-suidcheck --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$RCFILE --with-log-file=$PW_DIR/.samhain_log --with-pid-file=$PW_DIR/.samhain_lock --with-data-file=$PW_DIR/.samhain_file"
444 testrun1b_nogpg "${BUILDOPTS} CFLAGS=-DSH_NOFAILOVER=1" "modrc"
445 do_test_1b_2
446 if [ $? -eq 0 ]; then
447 log_ok 7 $MAXTEST 'logging to prelude'
448 else
449 log_fail 7 $MAXTEST 'logging to prelude'
450 fi
451 fi
452
[19]453 fi
454 fi
455 log_end "RUN STANDALONE W/STEALTH W/GPG"
456 return 0
457}
[1]458
Note: See TracBrowser for help on using the repository browser.