def setConditionsForRule(self): '''Configure system for the unit test :param self: essential if you override this definition :returns: boolean - If successful True; If failure False @author: Eric Ball ''' success = True self.path = "/etc/pam.d/screensaver" self.tmppath = self.path + ".utmp" ssText = '''# screensaver: auth account auth optional pam_krb5.so use_first_pass use_kcminit auth required pam_opendirectory.so use_first_pass nullok account required pam_opendirectory.so account sufficient pam_self.so account required pam_group.so no_warn group=admin,wheel fail_safe account required pam_group.so no_warn deny group=admin,wheel ruser \ fail_safe''' if os.path.exists(self.path): os.rename(self.path, self.tmppath) createFile(self.path, self.logdispatch) writeFile(self.path, ssText, self.logdispatch) return success
def setConditionsForRule(self): ''' Configure system for the unit test @param self: essential if you override this definition @return: boolean - If successful True; If failure False @author: Eric Ball ''' success = True self.path = "/etc/pam.d/screensaver" self.tmppath = self.path + ".utmp" ssText = '''# screensaver: auth account auth optional pam_krb5.so use_first_pass use_kcminit auth required pam_opendirectory.so use_first_pass nullok account required pam_opendirectory.so account sufficient pam_self.so account required pam_group.so no_warn group=admin,wheel fail_safe account required pam_group.so no_warn deny group=admin,wheel ruser \ fail_safe''' if os.path.exists(self.path): os.rename(self.path, self.tmppath) createFile(self.path, self.logdispatch) writeFile(self.path, ssText, self.logdispatch) return success
def setCommonConditions(self, sshfile, directives): '''Common system pre condition setting :param self: essential if you override this definition :param sshfile: ssh file to be fuzzed :param directives: intentionally incorrect directives to fuzz file with :returns: boolean - If successful True; If failure False @author: dwalker ''' # In this method, unlike the methods inside the rule, we don't # need a portion for Ubuntu to make sure directives aren't present # because we can put those directives in the file(s) to fuzz them success = True directives = dict(directives) tpath = sshfile + ".tmp" if not os.path.exists(sshfile): if not createFile(sshfile, self.logger): success = False debug = "Unable to create " + sshfile + " for setting " + \ "pre-conditions" self.logger.log(LogPriority.DEBUG, debug) return False editor = KVEditorStonix(self.statechglogger, self.logger, "conf", sshfile, tpath, directives, "present", "space") if not editor.report(): if not editor.fix(): success = False debug = "Kveditor fix for file " + sshfile + " not successful" self.logger.log(LogPriority.DEBUG, debug) elif not editor.commit(): success = False debug = "Kveditor commit for file " + sshfile + " not successful" self.logger.log(LogPriority.DEBUG, debug) if checkPerms(sshfile, [0, 0, 0o755], self.logger): if not setPerms(sshfile, [0, 0, 0o755], self.logger): success = False debug = "Unable to set incorrect permissions on " + \ sshfile + " for setting pre-conditions" self.logger.log(LogPriority.DEBUG, debug) return success
def setConditionsForRule(self): '''Configure system for the unit test :param self: essential if you override this definition :returns: boolean - If successful True; If failure False @author: Eric Ball ''' success = True self.path = "/etc/securetty" self.tmppath = self.path + ".utmp" sttyText = '''vc/1 vc/2 vc/3 vc/4 vc/5 vc/6 tty1 tty2 tty3 tty4 tty5 tty6 console ttyS0 ttyS1 ''' if os.path.exists(self.path): try: os.rename(self.path, self.tmppath) except Exception: success = False self.logdispatch.log(LogPriority.ERROR, traceback.format_exc()) if not createFile(self.path, self.logdispatch): success = False if not writeFile(self.path, sttyText, self.logdispatch): success = False return success
def setConditionsForRule(self): ''' Configure system for the unit test @param self: essential if you override this definition @return: boolean - If successful True; If failure False @author: Eric Ball ''' success = True self.path = "/etc/securetty" self.tmppath = self.path + ".utmp" sttyText = '''vc/1 vc/2 vc/3 vc/4 vc/5 vc/6 tty1 tty2 tty3 tty4 tty5 tty6 console ttyS0 ttyS1 ''' if os.path.exists(self.path): try: os.rename(self.path, self.tmppath) except Exception: success = False self.logdispatch.log(LogPriority.ERROR, traceback.format_exc()) if not createFile(self.path, self.logdispatch): success = False if not writeFile(self.path, sttyText, self.logdispatch): success = False return success