Context Navigation

source: trunk/test/testrun_1b.sh@ 263

Last change on this file since 263 was 262, checked in by katerina, 15 years ago
Fix for ticket #179, and some minor bugfixes.
File size: 14.5 KB

Line
1	#! /bin/sh
2
3	#
4	# Copyright Rainer Wichmann (2006)
5	#
6	# License Information:
7	# This program is free software; you can redistribute it and/or modify
8	# it under the terms of the GNU General Public License as published by
9	# the Free Software Foundation; either version 2 of the License, or
10	# (at your option) any later version.
11	#
12	# This program is distributed in the hope that it will be useful,
13	# but WITHOUT ANY WARRANTY; without even the implied warranty of
14	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15	# GNU General Public License for more details.
16	#
17	# You should have received a copy of the GNU General Public License
18	# along with this program; if not, write to the Free Software
19	# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
20	#
21
22	MAXTEST=7; export MAXTEST
23	LOGFILE="$PW_DIR/.samhain_log"; export LOGFILE
24	RCFILE="$PW_DIR/testrc_1.dyn"; export RCFILE
25
26	testrun1b_modrc ()
27	{
28	ORIGINAL="\[EOF\]"
29	REPLACEMENT="\[PortCheck\]"
30	ex -s $RCFILE <<EOF
31	%s/$ORIGINAL/$REPLACEMENT/g
32	wq
33	EOF
34
35	echo "PortCheckActive = yes" >>"$RCFILE"
36	echo "PortCheckInterface = 127.0.0.1" >>"$RCFILE"
37	}
38
39	testrun1b_internal ()
40	{
41	BUILDOPTS="$1"
42	#
43	# test standalone compilation
44	#
45	[ -z "$verbose" ] \|\| { echo; echo "${S}Building standalone agent${E}"; echo; }
46	#
47	if test -r "Makefile"; then
48	$MAKE distclean >/dev/null >&1
49	fi
50	#
51	# Bootstrapping
52	#
53	${TOP_SRCDIR}/configure >/dev/null 2>/dev/null
54	if test x$? = x0; then
55	[ -z "$verbose" ] \|\| log_msg_ok "configure (bootstrap)...";
56	$MAKE > /dev/null 2>&1
57	if test x$? = x0; then
58	[ -z "$verbose" ] \|\| log_msg_ok "make (bootstrap)...";
59	else
60	[ -z "$quiet" ] && log_msg_fail "make (bootstrap)...";
61	return 1
62	fi
63
64	else
65	[ -z "$quiet" ] && log_msg_fail "configure (bootstrap)...";
66	return 1
67	fi
68	#
69	#
70	${TOP_SRCDIR}/configure ${BUILDOPTS} 2>/dev/null \| \
71	egrep 'use existing [./[:alnum:]]+ for gpg checksum' >/dev/null
72	#
73	#
74	if test x$? = x0; then
75	[ -z "$verbose" ] \|\| log_msg_ok "configure...";
76	$MAKE > /dev/null 2>&1
77	if test x$? = x0; then
78	[ -z "$verbose" ] \|\| log_msg_ok "make...";
79	else
80	[ -z "$quiet" ] && log_msg_fail "make...";
81	return 1
82	fi
83
84	else
85	[ -z "$quiet" ] && log_msg_fail "configure...";
86	return 1
87	fi
88
89	SKIP=`awk '/^__ARCHIVE_FOLLOWS__/ { print NR + 1; exit 0; }' ${SCRIPTDIR}/test.sh`
90
91	tail -n "+$SKIP" ${SCRIPTDIR}/test.sh >/dev/null 2>&1
92	if [ $? -eq 0 ]; then
93	tail -n "+$SKIP" ${SCRIPTDIR}/test.sh \| gunzip -c - 2>/dev/null \| tar xf - && \
94	mv "./testrc.gpg.asc" "$RCFILE"
95	else
96	tail "+$SKIP" ${SCRIPTDIR}/test.sh \| gunzip -c - 2>/dev/null \| tar xf - && \
97	mv "./testrc.gpg.asc" "$RCFILE"
98	fi
99	if test x$? = x0; then
100	[ -z "$verbose" ] \|\| log_msg_ok "extract gpg signed files...";
101	else
102	[ -z "$quiet" ] && log_msg_fail "extract gpg signed files...";
103	return 1
104	fi
105
106	if test "x$2" = "x"; then
107	:
108	else
109	CONVERT="$2"
110	if test -f "${TOP_SRCDIR}/stealth_template.jpg"; then
111	[ -z "$verbose" ] \|\| log_msg_ok "convert..."
112	"${CONVERT}" +compress "${TOP_SRCDIR}/stealth_template.jpg" stealth_template.ps >/dev/null
113	else
114	[ -z "$quiet" ] && log_msg_fail "cannot find file stealth_template.jpg"
115	return 1
116	fi
117	if [ $? -ne 0 ]; then
118	[ -z "$quiet" ] && log_msg_fail "${CONVERT} +compress ${TOP_SRCDIR}/stealth_template.jpg stealth_template.ps";
119	return 1
120	fi
121
122	[ -z "$verbose" ] \|\| log_msg_ok "hide..."
123	./samhain_stealth -s stealth_template.ps "$RCFILE" >/dev/null
124	if [ $? -ne 0 ]; then
125	[ -z "$quiet" ] && log_msg_fail "${CONVERT} +compress ${TOP_SRCDIR}/stealth_template.jpg stealth_template.ps";
126	return 1
127	fi
128
129	mv -f stealth_template.ps "$RCFILE"
130	if [ $? -ne 0 ]; then
131	[ -z "$quiet" ] && log_msg_fail "mv -f stealth_template.ps $RCFILE";
132	return 1
133	fi
134
135	fi
136
137	rm -f ./.samhain_file
138	rm -f ./.samhain_log
139	rm -f ./.samhain_lock
140
141	./samhain -t init -p none -l info
142
143	if test x$? = x0; then
144	[ -z "$verbose" ] \|\| log_msg_ok "init...";
145	else
146	[ -z "$quiet" ] && log_msg_fail "init...";
147	return 1
148	fi
149
150	mv $PW_DIR/.samhain_file.asc $PW_DIR/.samhain_file
151	}
152
153	testrun1b_nogpg ()
154	{
155	BUILDOPTS="$1"
156	#
157	# test standalone compilation
158	#
159	[ -z "$verbose" ] \|\| { echo; echo "${S}Building standalone agent${E}"; echo; }
160	#
161	if test -r "Makefile"; then
162	$MAKE distclean >/dev/null >&1
163	fi
164
165	${TOP_SRCDIR}/configure ${BUILDOPTS} 2>/dev/null
166	#
167	#
168	if test x$? = x0; then
169	[ -z "$verbose" ] \|\| log_msg_ok "configure...";
170	$MAKE > /dev/null 2>&1
171	if test x$? = x0; then
172	[ -z "$verbose" ] \|\| log_msg_ok "make...";
173	else
174	[ -z "$quiet" ] && log_msg_fail "make...";
175	return 1
176	fi
177
178	else
179	[ -z "$quiet" ] && log_msg_fail "configure...";
180	return 1
181	fi
182
183	rm -f ./.samhain_file
184	rm -f ./.samhain_log
185	rm -f ./.samhain_lock
186
187	cp "${SCRIPTDIR}/testrc_1" "${RCFILE}"
188
189	if test "x$2" = "xmodrc"; then
190	[ -z "$verbose" ] \|\| log_msg_ok "mod rc...";
191	testrun1b_modrc
192	fi
193
194	./samhain -t init -p none -l info
195
196	if test x$? = x0; then
197	[ -z "$verbose" ] \|\| log_msg_ok "init...";
198	else
199	[ -z "$quiet" ] && log_msg_fail "init...";
200	return 1
201	fi
202
203	}
204
205	do_test_1b () {
206
207	./samhain -t check -p none -l info
208
209	if test x$? = x0; then
210	./samhain -j -L $LOGFILE >"${LOGFILE}.tmp" && mv "${LOGFILE}.tmp" "${LOGFILE}"
211	if [ $? -ne 0 ]; then
212	[ -z "$quiet" ] && log_msg_fail "mv logfile...";
213	return 1
214	fi
215	[ -z "$verbose" ] \|\| log_msg_ok "check...";
216	else
217	[ -z "$quiet" ] && log_msg_fail "check...";
218	return 1
219	fi
220	#
221	tmp=`egrep "Checking.*/etc(>\|\")" $LOGFILE 2>/dev/null \| wc -l`
222	if [ $tmp -ne 2 ]; then
223	[ -z "$verbose" ] \|\| log_msg_fail "/etc";
224	return 1
225	fi
226	tmp=`egrep "Checking.*(>\|\")" $LOGFILE 2>/dev/null \| wc -l`
227	if [ $tmp -ne 10 ]; then
228	[ -z "$verbose" ] \|\| log_msg_fail "checking";
229	return 1
230	fi
231	egrep "ADDED" $LOGFILE >/dev/null 2>&1
232	if [ $? -eq 0 ]; then
233	[ -z "$verbose" ] \|\| log_msg_fail "init was incomplete";
234	return 1
235	fi
236	#
237	return 0
238	}
239
240	do_test_1b_2 () {
241
242	rm -f $PW_DIR/test_log_prelude
243
244	[ -z "$verbose" ] \|\| { echo " starting prelude-manager.."; echo " ($PM --textmod -l $PW_DIR/test_log_prelude --listen 127.0.0.1:5500 >/dev/null 2>&1 &)"; }
245	"$PM" --textmod -l $PW_DIR/test_log_prelude --listen 127.0.0.1:5500 >/dev/null 2>&1 &
246	PID=$!
247
248	five_sec_sleep
249
250	./samhain -t check -p none -l info --set-prelude-severity=info --prelude --server-addr 127.0.0.1:5500 >/dev/null
251
252	if test x$? = x0; then
253	./samhain -j -L $LOGFILE >"${LOGFILE}.tmp" && mv "${LOGFILE}.tmp" "${LOGFILE}"
254	if [ $? -ne 0 ]; then
255	[ -z "$quiet" ] && log_msg_fail "mv logfile...";
256	kill $PID
257	return 1
258	fi
259	[ -z "$verbose" ] \|\| log_msg_ok "check...";
260	else
261	[ -z "$quiet" ] && log_msg_fail "check...";
262	kill $PID
263	return 1
264	fi
265	#
266	tmp=`egrep 'File original:.name=etc.path=/etc' test_log_prelude 2>/dev/null \| wc -l`
267	if [ $tmp -lt 1 ]; then
268	[ -z "$verbose" ] \|\| log_msg_fail "/etc";
269	kill $PID
270	return 1
271	fi
272	tmp=`egrep 'Classification text: Checking' test_log_prelude 2>/dev/null \| wc -l`
273	if [ $tmp -lt 1 ]; then
274	[ -z "$verbose" ] \|\| log_msg_fail "checking";
275	kill $PID
276	return 1
277	fi
278	#
279	if test "x$2" = "xmodrc"; then
280	tmp=`egrep 'Classification text: Service opened' test_log_prelude 2>/dev/null \| wc -l`
281	if [ $tmp -lt 1 ]; then
282	[ -z "$verbose" ] \|\| log_msg_fail "service";
283	kill $PID
284	return 1
285	fi
286	tmp=`egrep 'Service: port=5500' test_log_prelude 2>/dev/null \| wc -l`
287	if [ $tmp -lt 1 ]; then
288	[ -z "$verbose" ] \|\| log_msg_fail "port 5500";
289	kill $PID
290	return 1
291	fi
292	fi
293	#
294	kill $PID
295	return 0
296	}
297
298	testrun1b ()
299	{
300	log_start "RUN STANDALONE W/STEALTH W/GPG"
301	GPG=`find_path gpg`
302	if [ -z "$GPG" ]; then
303	log_skip 1 $MAXTEST 'gpg not found in $PATH'
304	log_skip 2 $MAXTEST 'gpg not found in $PATH'
305	log_skip 3 $MAXTEST 'gpg not found in $PATH'
306	log_skip 4 $MAXTEST 'gpg not found in $PATH'
307	log_skip 5 $MAXTEST 'gpg not found in $PATH'
308	log_skip 6 $MAXTEST 'gpg not found in $PATH'
309	log_skip 7 $MAXTEST 'gpg not found in $PATH'
310	else
311	eval "$GPG" --list-keys 0F571F6C >/dev/null 2>/dev/null
312	if [ $? -ne 0 ]; then
313	log_skip 1 $MAXTEST 'public PGP key 0x0F571F6C not present'
314	log_skip 2 $MAXTEST 'public PGP key 0x0F571F6C not present'
315	log_skip 3 $MAXTEST 'public PGP key 0x0F571F6C not present'
316	log_skip 4 $MAXTEST 'public PGP key 0x0F571F6C not present'
317	log_skip 5 $MAXTEST 'public PGP key 0x0F571F6C not present'
318	log_skip 6 $MAXTEST 'public PGP key 0x0F571F6C not present'
319	log_skip 7 $MAXTEST 'public PGP key 0x0F571F6C not present'
320	else
321	#
322	# ------------- first test -------------
323	#
324	BUILDOPTS="--quiet $TRUST --enable-debug --with-gpg=${GPG} --enable-micro-stealth=137 --enable-login-watch --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$RCFILE --with-log-file=$PW_DIR/.samhain_log --with-pid-file=$PW_DIR/.samhain_lock --with-data-file=$PW_DIR/.samhain_file"
325	testrun1b_internal "${BUILDOPTS}"
326	do_test_1b
327	if [ $? -eq 0 ]; then
328	log_ok 1 $MAXTEST 'gpg signed config/database files'
329	else
330	log_fail 1 $MAXTEST 'gpg signed config/database files'
331	fi
332
333
334	#
335	# ------------- second test -------------
336	#
337	BUILDOPTS="--quiet $TRUST --enable-debug --with-gpg=${GPG} --with-checksum --enable-micro-stealth=137 --enable-login-watch --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$RCFILE --with-log-file=$PW_DIR/.samhain_log --with-pid-file=$PW_DIR/.samhain_lock --with-data-file=$PW_DIR/.samhain_file"
338	testrun1b_internal "${BUILDOPTS}"
339	do_test_1b
340	if [ $? -eq 0 ]; then
341	log_ok 2 $MAXTEST 'gpg signed config/database files'
342	else
343	log_fail 2 $MAXTEST 'gpg signed config/database files'
344	fi
345
346
347	#
348	# ------------- third test -------------
349	#
350	BUILDOPTS="--quiet $TRUST --enable-debug --with-gpg=${GPG} --with-checksum --with-fp=EF6CEF54701A0AFDB86AF4C31AAD26C80F571F6C --enable-micro-stealth=137 --enable-login-watch --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$RCFILE --with-log-file=$PW_DIR/.samhain_log --with-pid-file=$PW_DIR/.samhain_lock --with-data-file=$PW_DIR/.samhain_file"
351	testrun1b_internal "${BUILDOPTS}"
352	do_test_1b
353	if [ $? -eq 0 ]; then
354	log_ok 3 $MAXTEST 'gpg signed config/database files'
355	else
356	log_fail 3 $MAXTEST 'gpg signed config/database files'
357	fi
358
359
360	#
361	# ------------- fourth test -------------
362	#
363	PRECONV=`find_path convert`
364	"${PRECONV}" --help \| grep ImageMagick >/dev/null 2>&1 && \
365	CONVERT="${PRECONV}"
366
367	if [ -z "$CONVERT" ]; then
368	log_skip 2 $MAXTEST 'ImageMagick convert not found in $PATH'
369	else
370	BUILDOPTS="--quiet $TRUST --enable-debug --with-gpg=${GPG} --with-checksum --enable-stealth=137 --enable-login-watch --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$RCFILE --with-log-file=$PW_DIR/.samhain_log --with-pid-file=$PW_DIR/.samhain_lock --with-data-file=$PW_DIR/.samhain_file"
371	testrun1b_internal "${BUILDOPTS}" "$CONVERT"
372	do_test_1b
373	if [ $? -eq 0 ]; then
374	log_ok 4 $MAXTEST 'gpg signed config/database files'
375	else
376	log_fail 4 $MAXTEST 'gpg signed config/database files'
377	fi
378	fi
379
380
381	#
382	# ------------- fifth test -------------
383	#
384	if ! test -d /var/run/prelude-manager
385	then
386	[ -z "$verbose" ] \|\| log_msg_ok "create /var/run/prelude-manager...";
387	sudo mkdir /var/run/prelude-manager
388	sudo chown prelude:rainer /var/run/prelude-manager
389	sudo chmod 770 /var/run/prelude-manager
390	fi
391	#
392	PM=`find_path prelude-manager`
393	if [ -z "$PM" ]; then
394	log_skip 5 $MAXTEST 'prelude-manager not found in $PATH'
395	elif [ -z "$doall" ]; then
396	log_skip 5 $MAXTEST 'logging to prelude (or use --really-all)'
397	else
398	BUILDOPTS="--quiet $TRUST --enable-debug --with-prelude --with-gpg=${GPG} --with-checksum --enable-micro-stealth=137 --enable-login-watch --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$RCFILE --with-log-file=$PW_DIR/.samhain_log --with-pid-file=$PW_DIR/.samhain_lock --with-data-file=$PW_DIR/.samhain_file"
399	testrun1b_internal "${BUILDOPTS} CFLAGS=-DSH_NOFAILOVER=1"
400	do_test_1b_2
401	if [ $? -eq 0 ]; then
402	log_ok 5 $MAXTEST 'logging to prelude'
403	else
404	log_fail 5 $MAXTEST 'logging to prelude'
405	fi
406	fi
407
408	#
409	# ------------- sixth test -------------
410	#
411	if ! test -d /var/run/prelude-manager
412	then
413	[ -z "$verbose" ] \|\| log_msg_ok "create /var/run/prelude-manager...";
414	sudo mkdir /var/run/prelude-manager
415	sudo chown prelude:rainer /var/run/prelude-manager
416	sudo chmod 770 /var/run/prelude-manager
417	fi
418	#
419	PM=`find_path prelude-manager`
420	if [ -z "$PM" ]; then
421	log_skip 6 $MAXTEST 'prelude-manager not found in $PATH'
422	elif [ -z "$doall" ]; then
423	log_skip 6 $MAXTEST 'logging to prelude (or use --really-all)'
424	else
425	BUILDOPTS="--quiet $TRUST --with-prelude --enable-login-watch --enable-mounts-check --enable-process-check --enable-port-check --enable-suidcheck --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$RCFILE --with-log-file=$PW_DIR/.samhain_log --with-pid-file=$PW_DIR/.samhain_lock --with-data-file=$PW_DIR/.samhain_file"
426	testrun1b_nogpg "${BUILDOPTS} CFLAGS=-DSH_NOFAILOVER=1"
427	do_test_1b_2
428	if [ $? -eq 0 ]; then
429	log_ok 6 $MAXTEST 'logging to prelude'
430	else
431	log_fail 6 $MAXTEST 'logging to prelude'
432	fi
433	fi
434
435	#
436	# ------------- seventh test -----------
437	#
438	if ! test -d /var/run/prelude-manager
439	then
440	[ -z "$verbose" ] \|\| log_msg_ok "create /var/run/prelude-manager...";
441	sudo mkdir /var/run/prelude-manager
442	sudo chown prelude:rainer /var/run/prelude-manager
443	sudo chmod 770 /var/run/prelude-manager
444	fi
445	#
446	PM=`find_path prelude-manager`
447	if [ -z "$PM" ]; then
448	log_skip 7 $MAXTEST 'prelude-manager not found in $PATH'
449	elif [ -z "$doall" ]; then
450	log_skip 7 $MAXTEST 'logging to prelude (or use --really-all)'
451	else
452	BUILDOPTS="--quiet $TRUST --with-prelude --enable-login-watch --enable-mounts-check --enable-process-check --enable-port-check --enable-suidcheck --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$RCFILE --with-log-file=$PW_DIR/.samhain_log --with-pid-file=$PW_DIR/.samhain_lock --with-data-file=$PW_DIR/.samhain_file"
453	testrun1b_nogpg "${BUILDOPTS} CFLAGS=-DSH_NOFAILOVER=1" "modrc"
454	do_test_1b_2
455	if [ $? -eq 0 ]; then
456	log_ok 7 $MAXTEST 'logging to prelude'
457	else
458	log_fail 7 $MAXTEST 'logging to prelude'
459	fi
460	fi
461
462	fi
463	fi
464	log_end "RUN STANDALONE W/STEALTH W/GPG"
465	return 0
466	}
467

Note: See TracBrowser for help on using the repository browser.

Download in other formats: