def testReadStockJailConf(self):
		jails = JailsReader(basedir='config') # we are running tests from root project dir atm
		self.assertTrue(jails.read())		  # opens fine
		self.assertTrue(jails.getOptions())	  # reads fine
		comm_commands = jails.convert()
		# by default None of the jails is enabled and we get no
		# commands to communicate to the server
		self.assertEqual(comm_commands, [])
Example #2
0
 def testReadStockJailConf(self):
     jails = JailsReader(
         basedir='config')  # we are running tests from root project dir atm
     self.assertTrue(jails.read())  # opens fine
     self.assertTrue(jails.getOptions())  # reads fine
     comm_commands = jails.convert()
     # by default None of the jails is enabled and we get no
     # commands to communicate to the server
     self.assertEqual(comm_commands, [])
	def testReadTestJailConf(self):
		jails = JailsReader(basedir=os.path.join('testcases','config'))
		self.assertTrue(jails.read())
		self.assertFalse(jails.getOptions())
		self.assertRaises(ValueError, jails.convert)
		comm_commands = jails.convert(allow_no_files=True)
		self.maxDiff = None
		self.assertEqual(sorted(comm_commands),
			sorted([['add', 'emptyaction', 'auto'],
			 ['set', 'emptyaction', 'usedns', 'warn'],
			 ['set', 'emptyaction', 'maxretry', 3],
			 ['set', 'emptyaction', 'findtime', 600],
			 ['set', 'emptyaction', 'bantime', 600],
			 ['add', 'special', 'auto'],
			 ['set', 'special', 'usedns', 'warn'],
			 ['set', 'special', 'maxretry', 3],
			 ['set', 'special', 'addfailregex', '<IP>'],
			 ['set', 'special', 'findtime', 600],
			 ['set', 'special', 'bantime', 600],
			 ['add', 'missinglogfiles', 'auto'],
			 ['set', 'missinglogfiles', 'usedns', 'warn'],
			 ['set', 'missinglogfiles', 'maxretry', 3],
			 ['set', 'missinglogfiles', 'findtime', 600],
			 ['set', 'missinglogfiles', 'bantime', 600],
			 ['set', 'missinglogfiles', 'addfailregex', '<IP>'],
			 ['add', 'brokenaction', 'auto'],
			 ['set', 'brokenaction', 'usedns', 'warn'],
			 ['set', 'brokenaction', 'maxretry', 3],
			 ['set', 'brokenaction', 'findtime', 600],
			 ['set', 'brokenaction', 'bantime', 600],
			 ['set', 'brokenaction', 'addfailregex', '<IP>'],
			 ['set', 'brokenaction', 'addaction', 'brokenaction'],
			 ['set',
			  'brokenaction',
			  'actionban',
			  'brokenaction',
			  'hit with big stick <ip>'],
			 ['set', 'brokenaction', 'actionstop', 'brokenaction', ''],
			 ['set', 'brokenaction', 'actionstart', 'brokenaction', ''],
			 ['set', 'brokenaction', 'actionunban', 'brokenaction', ''],
			 ['set', 'brokenaction', 'actioncheck', 'brokenaction', ''],
			 ['add', 'parse_to_end_of_jail.conf', 'auto'],
			 ['set', 'parse_to_end_of_jail.conf', 'usedns', 'warn'],
			 ['set', 'parse_to_end_of_jail.conf', 'maxretry', 3],
			 ['set', 'parse_to_end_of_jail.conf', 'findtime', 600],
			 ['set', 'parse_to_end_of_jail.conf', 'bantime', 600],
			 ['set', 'parse_to_end_of_jail.conf', 'addfailregex', '<IP>'],
			 ['start', 'emptyaction'],
			 ['start', 'special'],
			 ['start', 'missinglogfiles'],
			 ['start', 'brokenaction'],
			 ['start', 'parse_to_end_of_jail.conf'],]))
		self.assertTrue(self._is_logged("Errors in jail 'missingbitsjail'. Skipping..."))
		self.assertTrue(self._is_logged("No file(s) found for glob /weapons/of/mass/destruction"))
Example #4
0
    def testReadStockJailConfForceEnabled(self):
        # more of a smoke test to make sure that no obvious surprises
        # on users' systems when enabling shipped jails
        jails = JailsReader(basedir='config', force_enable=True
                            )  # we are running tests from root project dir atm
        self.assertTrue(jails.read())  # opens fine
        self.assertTrue(jails.getOptions())  # reads fine
        comm_commands = jails.convert(allow_no_files=True)

        # by default we have lots of jails ;)
        self.assertTrue(len(comm_commands))

        # and we know even some of them by heart
        for j in ['ssh-iptables', 'recidive']:
            # by default we have 'auto' backend ATM
            self.assertTrue(['add', j, 'auto'] in comm_commands)
            # and warn on useDNS
            self.assertTrue(['set', j, 'usedns', 'warn'] in comm_commands)
            self.assertTrue(['start', j] in comm_commands)

        # last commands should be the 'start' commands
        self.assertEqual(comm_commands[-1][0], 'start')

        for j in jails._JailsReader__jails:
            actions = j._JailReader__actions
            jail_name = j.getName()
            # make sure that all of the jails have actions assigned,
            # otherwise it makes little to no sense
            self.assertTrue(len(actions),
                            msg="No actions found for jail %s" % jail_name)

            # Test for presence of blocktype (in relation to gh-232)
            for action in actions:
                commands = action.convert()
                file_ = action.getFile()
                if '<blocktype>' in str(commands):
                    # Verify that it is among cInfo
                    self.assertTrue('blocktype' in action._ActionReader__cInfo)
                    # Verify that we have a call to set it up
                    blocktype_present = False
                    target_command = [
                        'set', jail_name, 'setcinfo', file_, 'blocktype'
                    ]
                    for command in commands:
                        if (len(command) > 5
                                and command[:5] == target_command):
                            blocktype_present = True
                            continue
                    self.assertTrue(blocktype_present,
                                    msg="Found no %s command among %s" %
                                    (target_command, str(commands)))
	def testReadSockJailConfComplete(self):
		jails = JailsReader(basedir='config', force_enable=True)
		self.assertTrue(jails.read())		  # opens fine
		self.assertTrue(jails.getOptions())	  # reads fine
		# grab all filter names
		filters = set(os.path.splitext(os.path.split(a)[1])[0]
			for a in glob.glob(os.path.join('config', 'filter.d', '*.conf'))
				if not a.endswith('common.conf'))
		filters_jail = set(jail.getRawOptions()['filter'] for jail in jails.getJails())
		self.maxDiff = None
		self.assertTrue(filters.issubset(filters_jail),
			"More filters exists than are referenced in stock jail.conf %r" % filters.difference(filters_jail))
		self.assertTrue(filters_jail.issubset(filters),
			"Stock jail.conf references non-existent filters %r" % filters_jail.difference(filters))
Example #6
0
	def testReadStockJailConfForceEnabled(self):
		# more of a smoke test to make sure that no obvious surprises
		# on users' systems when enabling shipped jails
		jails = JailsReader(basedir='config', force_enable=True) # we are running tests from root project dir atm
		self.assertTrue(jails.read())		  # opens fine
		self.assertTrue(jails.getOptions())	  # reads fine
		comm_commands = jails.convert(allow_no_files=True)

		# by default we have lots of jails ;)
		self.assertTrue(len(comm_commands))

		# and we know even some of them by heart
		for j in ['ssh-iptables', 'recidive']:
			# by default we have 'auto' backend ATM
			self.assertTrue(['add', j, 'auto'] in comm_commands)
			# and warn on useDNS
			self.assertTrue(['set', j, 'usedns', 'warn'] in comm_commands)
			self.assertTrue(['start', j] in comm_commands)

		# last commands should be the 'start' commands
		self.assertEqual(comm_commands[-1][0], 'start')

		for j in  jails._JailsReader__jails:
			actions = j._JailReader__actions
			jail_name = j.getName()
			# make sure that all of the jails have actions assigned,
			# otherwise it makes little to no sense
			self.assertTrue(len(actions),
							msg="No actions found for jail %s" % jail_name)

			# Test for presence of blocktype (in relation to gh-232)
			for action in actions:
				commands = action.convert()
				file_ = action.getFile()
				if '<blocktype>' in str(commands):
					# Verify that it is among cInfo
					self.assertTrue('blocktype' in action._ActionReader__cInfo)
					# Verify that we have a call to set it up
					blocktype_present = False
					target_command = [ 'set', jail_name, 'setcinfo', file_, 'blocktype' ]
					for command in commands:
						if (len(command) > 5 and
							command[:5] == target_command):
							blocktype_present = True
							continue
					self.assertTrue(
						blocktype_present,
						msg="Found no %s command among %s"
						    % (target_command, str(commands)) )
	def testReadStockJailConfForceEnabled(self):
		# more of a smoke test to make sure that no obvious surprises
		# on users' systems when enabling shipped jails
		jails = JailsReader(basedir='config', force_enable=True) # we are running tests from root project dir atm
		self.assertTrue(jails.read())		  # opens fine
		self.assertTrue(jails.getOptions())	  # reads fine
		comm_commands = jails.convert()

		# by default we have lots of jails ;)
		self.assertTrue(len(comm_commands))

		# and we know even some of them by heart
		for j in ['ssh-iptables', 'recidive']:
			# by default we have 'auto' backend ATM
			self.assertTrue(['add', j, 'auto'] in comm_commands)
			# and warn on useDNS
			self.assertTrue(['set', j, 'usedns', 'warn'] in comm_commands)
			self.assertTrue(['start', j] in comm_commands)
		# last commands should be the 'start' commands
		self.assertEqual(comm_commands[-1][0], 'start')
    def testReadStockJailConfForceEnabled(self):
        # more of a smoke test to make sure that no obvious surprises
        # on users' systems when enabling shipped jails
        jails = JailsReader(basedir='config', force_enable=True
                            )  # we are running tests from root project dir atm
        self.assertTrue(jails.read())  # opens fine
        self.assertTrue(jails.getOptions())  # reads fine
        comm_commands = jails.convert()

        # by default we have lots of jails ;)
        self.assertTrue(len(comm_commands))

        # and we know even some of them by heart
        for j in ['ssh-iptables', 'recidive']:
            # by default we have 'auto' backend ATM
            self.assertTrue(['add', j, 'auto'] in comm_commands)
            # and warn on useDNS
            self.assertTrue(['set', j, 'usedns', 'warn'] in comm_commands)
            self.assertTrue(['start', j] in comm_commands)
        # last commands should be the 'start' commands
        self.assertEqual(comm_commands[-1][0], 'start')
Example #9
0
	def testReadStockJailConf(self):
		jails = JailsReader(basedir='config') # we are running tests from root project dir atm
		self.assertTrue(jails.read())		  # opens fine
		self.assertTrue(jails.getOptions())	  # reads fine
		comm_commands = jails.convert()
		# by default None of the jails is enabled and we get no
		# commands to communicate to the server
		self.assertEqual(comm_commands, [])

		# We should not "read" some bogus jail
		old_comm_commands = comm_commands[:]   # make a copy
		self.assertFalse(jails.getOptions("BOGUS"))
		# and there should be no side-effects
		self.assertEqual(jails.convert(), old_comm_commands)
Example #10
0
	def testReadStockJailConf(self):
		jails = JailsReader(basedir='config') # we are running tests from root project dir atm
		self.assertTrue(jails.read())		  # opens fine
		self.assertTrue(jails.getOptions())	  # reads fine
		comm_commands = jails.convert()
		# by default None of the jails is enabled and we get no
		# commands to communicate to the server
		self.assertEqual(comm_commands, [])

		# We should not "read" some bogus jail
		old_comm_commands = comm_commands[:]   # make a copy
		self.assertFalse(jails.getOptions("BOGUS"))
		# and there should be no side-effects
		self.assertEqual(jails.convert(), old_comm_commands)
Example #11
0
 def testProvidingBadBasedir(self):
     if not os.path.exists('/XXX'):
         reader = JailsReader(basedir='/XXX')
         self.assertRaises(ValueError, reader.read)