def testNetgroupParser(self):
"""Ensure we can extract users from a netgroup file."""
parser = linux_file_parser.NetgroupParser()
dat = """group1 (-,user1,) (-,user2,) (-,user3,)
#group1 comment
group2 (-,user4,) (-,user2,)
super_group (-,user5,) (-,user6,) (-,文德文,) group1 group2
super_group2 (-,user7,) super_group
super_group3 (-,user5,) (-,user6,) group1 group2
"""
dat_fd = io.BytesIO(dat.encode("utf-8"))
with test_lib.ConfigOverrider(
{"Artifacts.netgroup_user_blacklist": ["user2", "user3"]}):
out = list(parser.Parse(None, dat_fd, None))
users = []
for result in out:
if isinstance(result, rdf_anomaly.Anomaly):
self.assertIn("文德文", result.symptom)
else:
users.append(result)
self.assertCountEqual(
[x.username for x in users],
[u"user1", u"user4", u"user5", u"user6", u"user7"])
dat_fd.seek(0)
with test_lib.ConfigOverrider(
{"Artifacts.netgroup_filter_regexes": [r"^super_group3$"]}):
out = list(parser.Parse(None, dat_fd, None))
self.assertCountEqual([x.username for x in out],
[u"user5", u"user6"])
def testNetgroupParserBadInput(self):
parser = linux_file_parser.NetgroupParser()
dat = b"""group1 (-,user1,) (-,user2,) (-,user3,)
#group1 comment
group2 user4 (-user2,)
super_group (-,,user5,) (-user6,) group1 group2
super_group2 (-,user7,) super_group
"""
self.assertRaises(lib_parser.ParseError, list,
parser.Parse(None, io.BytesIO(dat), None))
def testNetgroupParser(self):
"""Ensure we can extract users from a netgroup file."""
parser = linux_file_parser.NetgroupParser()
dat = b"""group1 (-,user1,) (-,user2,) (-,user3,)
