def setUp(self):
super(RootwrapTestCase, self).setUp()
self.filters = [
filters.RegExpFilter("/bin/ls", "root", 'ls', '/[a-z]+'),
filters.CommandFilter("/usr/bin/foo_bar_not_exist", "root"),
filters.RegExpFilter("/bin/cat", "root", 'cat', '/[a-z]+'),
filters.CommandFilter("/nonexistent/cat", "root"),
filters.CommandFilter("/bin/cat", "root") # Keep this one last
]
def test_CommandFilter(self):
f = filters.CommandFilter("sleep", 'root', '10')
self.assertFalse(f.match(["sleep2"]))
# verify that any arguments are accepted
self.assertTrue(f.match(["sleep"]))
self.assertTrue(f.match(["sleep", "anything"]))
self.assertTrue(f.match(["sleep", "10"]))
f = filters.CommandFilter("sleep", 'root')
self.assertTrue(f.match(["sleep", "10"]))
def test_exec_dirs_search(self):
# This test supposes you have /bin/cat or /usr/bin/cat locally
f = filters.CommandFilter("cat", "root")
usercmd = ['cat', '/f']
self.assertTrue(f.match(usercmd))
self.assertTrue(
f.get_command(usercmd, exec_dirs=['/bin', '/usr/bin']) in (
['/bin/cat', '/f'], ['/usr/bin/cat', '/f']))
def test_ChainingRegExpFilter_match(self):
filter_list = [
filters.ChainingRegExpFilter('nice', 'root', 'nice', '-?\d+'),
filters.CommandFilter('cat', 'root')
]
args = ['nice', '5', 'cat', '/a']
dirs = ['/bin', '/usr/bin']
self.assertIsNotNone(wrapper.match_filter(filter_list, args, dirs))
def test_ChainingRegExpFilter_multiple(self):
filter_list = [
filters.ChainingRegExpFilter('ionice', 'root', 'ionice',
'-c[0-3]'),
filters.ChainingRegExpFilter('ionice', 'root', 'ionice', '-c[0-3]',
'-n[0-7]'),
filters.CommandFilter('cat', 'root')
]
# both filters match to ['ionice', '-c2'], but only the second accepts
args = ['ionice', '-c2', '-n7', 'cat', '/a']
dirs = ['/bin', '/usr/bin']
self.assertIsNotNone(wrapper.match_filter(filter_list, args, dirs))
def test_ChainingRegExpFilter_not_match(self):
filter_list = [
filters.ChainingRegExpFilter('nice', 'root', 'nice', '-?\d+'),
filters.CommandFilter('cat', 'root')
]
args_invalid = (['nice', '5', 'ls',
'/a'], ['nice', '--5', 'cat',
'/a'], ['nice2', '5', 'cat',
'/a'], ['nice', 'cat',
'/a'], ['nice', '5'])
dirs = ['/bin', '/usr/bin']
for args in args_invalid:
self.assertRaises(wrapper.NoFilterMatched, wrapper.match_filter,
filter_list, args, dirs)
def test_empty_commandfilter(self):
f = filters.CommandFilter("sleep", "root")
self.assertFalse(f.match([]))
self.assertFalse(f.match(None))