def test_ssh_config_render_and_check_gte_trusty(self, mock_log, mock_write,
mock_ensure_permissions):
audits = ssh_config_check.get_audits()
contentcheckers = self.get_contentcheckers(audits)
renderers = self.get_renderers(audits)
def write(path, data):
with tempfile.NamedTemporaryFile(delete=False) as ftmp:
if path in self.pathindex:
raise Exception("File already rendered '%s'" % path)
self.pathindex[path] = ftmp.name
with open(ftmp.name, 'wb') as fd:
fd.write(data)
mock_write.side_effect = write
self.render(renderers)
self.checkcontents(contentcheckers)
self.assertTrue(mock_write.called)
args_list = mock_write.call_args_list
self.assertEqual('/etc/ssh/ssh_config', args_list[0][0][0])
self.assertEqual('/etc/ssh/sshd_config', args_list[1][0][0])
self.assertEqual(mock_write.call_count, 2)
mock_log.assert_has_calls([call('Checked 9 cases and 9 passed',
level='DEBUG')])
def run_ssh_checks():
log("Starting SSH hardening checks.", level=DEBUG)
checks = config.get_audits()
for check in checks:
log("Running '%s' check" % (check.__class__.__name__), level=DEBUG)
check.ensure_compliance()
log("SSH hardening checks complete.", level=DEBUG)
def test_dont_clean_packages(self):
audits = config.get_audits()
self.assertEqual(4, len(audits))
