source: trunk/test/testrun_1b.sh@ 191

Last change on this file since 191 was 170, checked in by katerina, 17 years ago

Plenty of compiler warnings fixed, SQL query length fixed, doc update.

File size: 14.2 KB
Line 
1#! /bin/sh
2
3#
4# Copyright Rainer Wichmann (2006)
5#
6# License Information:
7# This program is free software; you can redistribute it and/or modify
8# it under the terms of the GNU General Public License as published by
9# the Free Software Foundation; either version 2 of the License, or
10# (at your option) any later version.
11#
12# This program is distributed in the hope that it will be useful,
13# but WITHOUT ANY WARRANTY; without even the implied warranty of
14# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15# GNU General Public License for more details.
16#
17# You should have received a copy of the GNU General Public License
18# along with this program; if not, write to the Free Software
19# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
20#
21
22MAXTEST=7; export MAXTEST
23LOGFILE="$PW_DIR/.samhain_log"; export LOGFILE
24RCFILE="$PW_DIR/testrc_1.dyn"; export RCFILE
25
26testrun1b_modrc ()
27{
28 ORIGINAL="\[EOF\]"
29 REPLACEMENT="\[PortCheck\]"
30 ex -s $RCFILE <<EOF
31%s/$ORIGINAL/$REPLACEMENT/g
32wq
33EOF
34
35 echo "PortCheckActive = yes" >>"$RCFILE"
36 echo "PortCheckInterface = 127.0.0.1" >>"$RCFILE"
37}
38
39testrun1b_internal ()
40{
41 BUILDOPTS="$1"
42 #
43 # test standalone compilation
44 #
45 [ -z "$verbose" ] || { echo; echo "${S}Building standalone agent${E}"; echo; }
46 #
47 if test -r "Makefile"; then
48 $MAKE distclean >/dev/null >&1
49 fi
50 #
51 # Bootstrapping
52 #
53 ${TOP_SRCDIR}/configure >/dev/null 2>/dev/null
54 if test x$? = x0; then
55 [ -z "$verbose" ] || log_msg_ok "configure (bootstrap)...";
56 $MAKE > /dev/null 2>&1
57 if test x$? = x0; then
58 [ -z "$verbose" ] || log_msg_ok "make (bootstrap)...";
59 else
60 [ -z "$quiet" ] && log_msg_fail "make (bootstrap)...";
61 return 1
62 fi
63
64 else
65 [ -z "$quiet" ] && log_msg_fail "configure (bootstrap)...";
66 return 1
67 fi
68 #
69 #
70 ${TOP_SRCDIR}/configure ${BUILDOPTS} 2>/dev/null | \
71 egrep 'use existing [./[:alnum:]]+ for gpg checksum' >/dev/null
72 #
73 #
74 if test x$? = x0; then
75 [ -z "$verbose" ] || log_msg_ok "configure...";
76 $MAKE > /dev/null 2>&1
77 if test x$? = x0; then
78 [ -z "$verbose" ] || log_msg_ok "make...";
79 else
80 [ -z "$quiet" ] && log_msg_fail "make...";
81 return 1
82 fi
83
84 else
85 [ -z "$quiet" ] && log_msg_fail "configure...";
86 return 1
87 fi
88
89 SKIP=`awk '/^__ARCHIVE_FOLLOWS__/ { print NR + 1; exit 0; }' ${SCRIPTDIR}/test.sh`
90
91 tail -n "+$SKIP" ${SCRIPTDIR}/test.sh >/dev/null 2>&1
92 if [ $? -eq 0 ]; then
93 tail -n "+$SKIP" ${SCRIPTDIR}/test.sh | gunzip -c - 2>/dev/null | tar xf - && \
94 mv "./testrc.gpg.asc" "$RCFILE"
95 else
96 tail "+$SKIP" ${SCRIPTDIR}/test.sh | gunzip -c - 2>/dev/null | tar xf - && \
97 mv "./testrc.gpg.asc" "$RCFILE"
98 fi
99 if test x$? = x0; then
100 [ -z "$verbose" ] || log_msg_ok "extract gpg signed files...";
101 else
102 [ -z "$quiet" ] && log_msg_fail "extract gpg signed files...";
103 return 1
104 fi
105
106 if test "x$2" = "x"; then
107 :
108 else
109 CONVERT="$2"
110 if test -f "${TOP_SRCDIR}/stealth_template.jpg"; then
111 [ -z "$verbose" ] || log_msg_ok "convert..."
112 "${CONVERT}" +compress "${TOP_SRCDIR}/stealth_template.jpg" stealth_template.ps >/dev/null
113 else
114 [ -z "$quiet" ] && log_msg_fail "cannot find file stealth_template.jpg"
115 return 1
116 fi
117 if [ $? -ne 0 ]; then
118 [ -z "$quiet" ] && log_msg_fail "${CONVERT} +compress ${TOP_SRCDIR}/stealth_template.jpg stealth_template.ps";
119 return 1
120 fi
121
122 [ -z "$verbose" ] || log_msg_ok "hide..."
123 ./samhain_stealth -s stealth_template.ps "$RCFILE" >/dev/null
124 if [ $? -ne 0 ]; then
125 [ -z "$quiet" ] && log_msg_fail "${CONVERT} +compress ${TOP_SRCDIR}/stealth_template.jpg stealth_template.ps";
126 return 1
127 fi
128
129 mv -f stealth_template.ps "$RCFILE"
130 if [ $? -ne 0 ]; then
131 [ -z "$quiet" ] && log_msg_fail "mv -f stealth_template.ps $RCFILE";
132 return 1
133 fi
134
135 fi
136
137 rm -f ./.samhain_file
138 rm -f ./.samhain_log
139 rm -f ./.samhain_lock
140
141 ./samhain -t init -p none -l info
142
143 if test x$? = x0; then
144 [ -z "$verbose" ] || log_msg_ok "init...";
145 else
146 [ -z "$quiet" ] && log_msg_fail "init...";
147 return 1
148 fi
149
150 mv $PW_DIR/.samhain_file.asc $PW_DIR/.samhain_file
151}
152
153testrun1b_nogpg ()
154{
155 BUILDOPTS="$1"
156 #
157 # test standalone compilation
158 #
159 [ -z "$verbose" ] || { echo; echo "${S}Building standalone agent${E}"; echo; }
160 #
161 if test -r "Makefile"; then
162 $MAKE distclean >/dev/null >&1
163 fi
164
165 ${TOP_SRCDIR}/configure ${BUILDOPTS} 2>/dev/null
166 #
167 #
168 if test x$? = x0; then
169 [ -z "$verbose" ] || log_msg_ok "configure...";
170 $MAKE > /dev/null 2>&1
171 if test x$? = x0; then
172 [ -z "$verbose" ] || log_msg_ok "make...";
173 else
174 [ -z "$quiet" ] && log_msg_fail "make...";
175 return 1
176 fi
177
178 else
179 [ -z "$quiet" ] && log_msg_fail "configure...";
180 return 1
181 fi
182
183 rm -f ./.samhain_file
184 rm -f ./.samhain_log
185 rm -f ./.samhain_lock
186
187 cp "${SCRIPTDIR}/testrc_1" "${RCFILE}"
188
189 if test "x$2" = "xmodrc"; then
190 [ -z "$verbose" ] || log_msg_ok "mod rc...";
191 testrun1b_modrc
192 fi
193
194 ./samhain -t init -p none -l info
195
196 if test x$? = x0; then
197 [ -z "$verbose" ] || log_msg_ok "init...";
198 else
199 [ -z "$quiet" ] && log_msg_fail "init...";
200 return 1
201 fi
202
203}
204
205do_test_1b () {
206
207 ./samhain -t check -p none -l info
208
209 if test x$? = x0; then
210 ./samhain -j -L $LOGFILE >"${LOGFILE}.tmp" && mv "${LOGFILE}.tmp" "${LOGFILE}"
211 if [ $? -ne 0 ]; then
212 [ -z "$quiet" ] && log_msg_fail "mv logfile...";
213 return 1
214 fi
215 [ -z "$verbose" ] || log_msg_ok "check...";
216 else
217 [ -z "$quiet" ] && log_msg_fail "check...";
218 return 1
219 fi
220 #
221 tmp=`egrep "Checking.*/etc(>|\")" $LOGFILE 2>/dev/null | wc -l`
222 if [ $tmp -ne 2 ]; then
223 [ -z "$verbose" ] || log_msg_fail "/etc";
224 return 1
225 fi
226 tmp=`egrep "Checking.*(>|\")" $LOGFILE 2>/dev/null | wc -l`
227 if [ $tmp -ne 8 ]; then
228 [ -z "$verbose" ] || log_msg_fail "checking";
229 return 1
230 fi
231 egrep "ADDED" $LOGFILE >/dev/null 2>&1
232 if [ $? -eq 0 ]; then
233 [ -z "$verbose" ] || log_msg_fail "init was incomplete";
234 return 1
235 fi
236 #
237 return 0
238}
239
240do_test_1b_2 () {
241
242 rm -f $PW_DIR/test_log_prelude
243
244 "$PM" --textmod -l $PW_DIR/test_log_prelude --listen 127.0.0.1:5500 >/dev/null 2>&1 &
245 PID=$!
246
247 five_sec_sleep
248
249 ./samhain -t check -p none -l info --set-prelude-severity=info --prelude --server-addr 127.0.0.1:5500 >/dev/null
250
251 if test x$? = x0; then
252 ./samhain -j -L $LOGFILE >"${LOGFILE}.tmp" && mv "${LOGFILE}.tmp" "${LOGFILE}"
253 if [ $? -ne 0 ]; then
254 [ -z "$quiet" ] && log_msg_fail "mv logfile...";
255 kill $PID
256 return 1
257 fi
258 [ -z "$verbose" ] || log_msg_ok "check...";
259 else
260 [ -z "$quiet" ] && log_msg_fail "check...";
261 kill $PID
262 return 1
263 fi
264 #
265 tmp=`egrep 'File original:.*name=etc.*path=/etc' test_log_prelude 2>/dev/null | wc -l`
266 if [ $tmp -lt 1 ]; then
267 [ -z "$verbose" ] || log_msg_fail "/etc";
268 fi
269 tmp=`egrep 'Classification text: Checking' test_log_prelude 2>/dev/null | wc -l`
270 if [ $tmp -lt 1 ]; then
271 [ -z "$verbose" ] || log_msg_fail "checking";
272 fi
273 #
274 if test "x$2" = "xmodrc"; then
275 tmp=`egrep 'Classification text: Service opened' test_log_prelude 2>/dev/null | wc -l`
276 if [ $tmp -lt 1 ]; then
277 [ -z "$verbose" ] || log_msg_fail "service";
278 fi
279 tmp=`egrep 'Service: port=5500' test_log_prelude 2>/dev/null | wc -l`
280 if [ $tmp -lt 1 ]; then
281 [ -z "$verbose" ] || log_msg_fail "port 5500";
282 fi
283 fi
284 #
285 kill $PID
286 return 0
287}
288
289testrun1b ()
290{
291 log_start "RUN STANDALONE W/STEALTH W/GPG"
292 GPG=`find_path gpg`
293 if [ -z "$GPG" ]; then
294 log_skip 1 $MAXTEST 'gpg not found in $PATH'
295 log_skip 2 $MAXTEST 'gpg not found in $PATH'
296 log_skip 3 $MAXTEST 'gpg not found in $PATH'
297 log_skip 4 $MAXTEST 'gpg not found in $PATH'
298 log_skip 5 $MAXTEST 'gpg not found in $PATH'
299 log_skip 6 $MAXTEST 'gpg not found in $PATH'
300 log_skip 7 $MAXTEST 'gpg not found in $PATH'
301 else
302 eval "$GPG" --list-keys 0F571F6C >/dev/null 2>/dev/null
303 if [ $? -ne 0 ]; then
304 log_skip 1 $MAXTEST 'public PGP key 0x0F571F6C not present'
305 log_skip 2 $MAXTEST 'public PGP key 0x0F571F6C not present'
306 log_skip 3 $MAXTEST 'public PGP key 0x0F571F6C not present'
307 log_skip 4 $MAXTEST 'public PGP key 0x0F571F6C not present'
308 log_skip 5 $MAXTEST 'public PGP key 0x0F571F6C not present'
309 log_skip 6 $MAXTEST 'public PGP key 0x0F571F6C not present'
310 log_skip 7 $MAXTEST 'public PGP key 0x0F571F6C not present'
311 else
312 #
313 # ------------- first test -------------
314 #
315 BUILDOPTS="--quiet $TRUST --enable-debug --with-gpg=${GPG} --enable-micro-stealth=137 --enable-login-watch --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$RCFILE --with-log-file=$PW_DIR/.samhain_log --with-pid-file=$PW_DIR/.samhain_lock --with-data-file=$PW_DIR/.samhain_file"
316 testrun1b_internal "${BUILDOPTS}"
317 do_test_1b
318 if [ $? -eq 0 ]; then
319 log_ok 1 $MAXTEST 'gpg signed config/database files'
320 else
321 log_fail 1 $MAXTEST 'gpg signed config/database files'
322 fi
323
324
325 #
326 # ------------- second test -------------
327 #
328 BUILDOPTS="--quiet $TRUST --enable-debug --with-gpg=${GPG} --with-checksum --enable-micro-stealth=137 --enable-login-watch --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$RCFILE --with-log-file=$PW_DIR/.samhain_log --with-pid-file=$PW_DIR/.samhain_lock --with-data-file=$PW_DIR/.samhain_file"
329 testrun1b_internal "${BUILDOPTS}"
330 do_test_1b
331 if [ $? -eq 0 ]; then
332 log_ok 2 $MAXTEST 'gpg signed config/database files'
333 else
334 log_fail 2 $MAXTEST 'gpg signed config/database files'
335 fi
336
337
338 #
339 # ------------- third test -------------
340 #
341 BUILDOPTS="--quiet $TRUST --enable-debug --with-gpg=${GPG} --with-checksum --with-fp=EF6CEF54701A0AFDB86AF4C31AAD26C80F571F6C --enable-micro-stealth=137 --enable-login-watch --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$RCFILE --with-log-file=$PW_DIR/.samhain_log --with-pid-file=$PW_DIR/.samhain_lock --with-data-file=$PW_DIR/.samhain_file"
342 testrun1b_internal "${BUILDOPTS}"
343 do_test_1b
344 if [ $? -eq 0 ]; then
345 log_ok 3 $MAXTEST 'gpg signed config/database files'
346 else
347 log_fail 3 $MAXTEST 'gpg signed config/database files'
348 fi
349
350
351 #
352 # ------------- fourth test -------------
353 #
354 PRECONV=`find_path convert`
355 "${PRECONV}" --help | grep ImageMagick >/dev/null 2>&1 && \
356 CONVERT="${PRECONV}"
357
358 if [ -z "$CONVERT" ]; then
359 log_skip 2 $MAXTEST 'ImageMagick convert not found in $PATH'
360 else
361 BUILDOPTS="--quiet $TRUST --enable-debug --with-gpg=${GPG} --with-checksum --enable-stealth=137 --enable-login-watch --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$RCFILE --with-log-file=$PW_DIR/.samhain_log --with-pid-file=$PW_DIR/.samhain_lock --with-data-file=$PW_DIR/.samhain_file"
362 testrun1b_internal "${BUILDOPTS}" "$CONVERT"
363 do_test_1b
364 if [ $? -eq 0 ]; then
365 log_ok 4 $MAXTEST 'gpg signed config/database files'
366 else
367 log_fail 4 $MAXTEST 'gpg signed config/database files'
368 fi
369 fi
370
371
372 #
373 # ------------- fifth test -------------
374 #
375 if ! test -d /var/run/prelude-manager
376 then
377 [ -z "$verbose" ] || log_msg_ok "create /var/run/prelude-manager...";
378 sudo mkdir /var/run/prelude-manager
379 sudo chown prelude:rainer /var/run/prelude-manager
380 sudo chmod 770 /var/run/prelude-manager
381 fi
382 #
383 PM=`find_path prelude-manager`
384 if [ -z "$PM" ]; then
385 log_skip 5 $MAXTEST 'prelude-manager not found in $PATH'
386 elif [ -z "$doall" ]; then
387 log_skip 5 $MAXTEST 'logging to prelude (or use --really-all)'
388 else
389 BUILDOPTS="--quiet $TRUST --enable-debug --with-prelude --with-gpg=${GPG} --with-checksum --enable-micro-stealth=137 --enable-login-watch --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$RCFILE --with-log-file=$PW_DIR/.samhain_log --with-pid-file=$PW_DIR/.samhain_lock --with-data-file=$PW_DIR/.samhain_file"
390 testrun1b_internal "${BUILDOPTS} CFLAGS=-DSH_NOFAILOVER=1"
391 do_test_1b_2
392 if [ $? -eq 0 ]; then
393 log_ok 5 $MAXTEST 'logging to prelude'
394 else
395 log_fail 5 $MAXTEST 'logging to prelude'
396 fi
397 fi
398
399 #
400 # ------------- sixth test -------------
401 #
402 if ! test -d /var/run/prelude-manager
403 then
404 [ -z "$verbose" ] || log_msg_ok "create /var/run/prelude-manager...";
405 sudo mkdir /var/run/prelude-manager
406 sudo chown prelude:rainer /var/run/prelude-manager
407 sudo chmod 770 /var/run/prelude-manager
408 fi
409 #
410 PM=`find_path prelude-manager`
411 if [ -z "$PM" ]; then
412 log_skip 6 $MAXTEST 'prelude-manager not found in $PATH'
413 elif [ -z "$doall" ]; then
414 log_skip 6 $MAXTEST 'logging to prelude (or use --really-all)'
415 else
416 BUILDOPTS="--quiet $TRUST --with-prelude --enable-login-watch --enable-mounts-check --enable-process-check --enable-port-check --enable-suidcheck --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$RCFILE --with-log-file=$PW_DIR/.samhain_log --with-pid-file=$PW_DIR/.samhain_lock --with-data-file=$PW_DIR/.samhain_file"
417 testrun1b_nogpg "${BUILDOPTS} CFLAGS=-DSH_NOFAILOVER=1"
418 do_test_1b_2
419 if [ $? -eq 0 ]; then
420 log_ok 6 $MAXTEST 'logging to prelude'
421 else
422 log_fail 6 $MAXTEST 'logging to prelude'
423 fi
424 fi
425
426 #
427 # ------------- seventh test -----------
428 #
429 if ! test -d /var/run/prelude-manager
430 then
431 [ -z "$verbose" ] || log_msg_ok "create /var/run/prelude-manager...";
432 sudo mkdir /var/run/prelude-manager
433 sudo chown prelude:rainer /var/run/prelude-manager
434 sudo chmod 770 /var/run/prelude-manager
435 fi
436 #
437 PM=`find_path prelude-manager`
438 if [ -z "$PM" ]; then
439 log_skip 7 $MAXTEST 'prelude-manager not found in $PATH'
440 elif [ -z "$doall" ]; then
441 log_skip 7 $MAXTEST 'logging to prelude (or use --really-all)'
442 else
443 BUILDOPTS="--quiet $TRUST --with-prelude --enable-login-watch --enable-mounts-check --enable-process-check --enable-port-check --enable-suidcheck --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$RCFILE --with-log-file=$PW_DIR/.samhain_log --with-pid-file=$PW_DIR/.samhain_lock --with-data-file=$PW_DIR/.samhain_file"
444 testrun1b_nogpg "${BUILDOPTS} CFLAGS=-DSH_NOFAILOVER=1" "modrc"
445 do_test_1b_2
446 if [ $? -eq 0 ]; then
447 log_ok 7 $MAXTEST 'logging to prelude'
448 else
449 log_fail 7 $MAXTEST 'logging to prelude'
450 fi
451 fi
452
453 fi
454 fi
455 log_end "RUN STANDALONE W/STEALTH W/GPG"
456 return 0
457}
458
Note: See TracBrowser for help on using the repository browser.