def setUp(self):
RuleTest.setUp(self)
self.rule = EnableKernelAuditing(self.config, self.environ,
self.logdispatch, self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
def setUp(self):
RuleTest.setUp(self)
self.rule = STIGConfigurePasswordPolicy(self.config,
self.environ,
self.logdispatch,
self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
self.passidentifier = "mil.disa.STIG.passwordpolicy.alacarte"
self.secidentifier = "mil.disa.STIG.Security_Privacy.alacarte"
self.applicable = {'type': 'white',
'os': {'Mac OS X': ['10.10.0', 'r', '10.14.10']},
'fisma': 'high'}
if search("10\.10.*", self.environ.getosver()):
self.rule.pwprofile = "/Users/vagrant/stonix/src/stonix_resources/files/" + \
"U_Apple_OS_X_10-10_Workstation_V1R2_STIG_Passcode_Policy.mobileconfig"
self.rule.secprofile = "/Users/vagrant/stonix/src/stonix_resources/files/" + \
"U_Apple_OS_X_10-10_Workstation_V1R2_STIG_Security_Privacy_Policy.mobileconfig"
elif search("10\.11\.*", self.environ.getosver()):
self.rule.pwprofile = "/Users/vagrant/stonix/src/stonix_resources/files/" + \
"U_Apple_OS_X_10-11_V1R1_STIG_Passcode_Policy.mobileconfig"
self.rule.secprofile = "/Users/vagrant/stonix/src/stonix_resources/files/" + \
"U_Apple_OS_X_10-11_V1R1_STIG_Security_and_Privacy_Policy.mobileconfig"
else:
self.rule.pwprofile = "/Users/vagrant/stonix/src/stonix_resources/files/" + \
"U_Apple_macOS_10-12_V1R1_STIG_Passcode_Policy.mobileconfig"
self.rule.secprofile = "/Users/vagrant/stonix/src/stonix_resources/files/" + \
"U_Apple_macOS_10-12_V1R1_STIG_Security_and_Privacy_Policy.mobileconfig"
self.rule.pwci.updatecurrvalue(True)
def setUp(self):
RuleTest.setUp(self)
self.rule = SecurePOPIMAP(self.config, self.environ, self.logdispatch,
self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
def setUp(self):
RuleTest.setUp(self)
self.rule = SecureMTA(self.config,
self.environ,
self.logdispatch,
self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
if self.environ.operatingsystem == "Mac OS X":
self.isMac = True
else:
self.isMac = False
if not self.isMac:
self.ph = Pkghelper(self.logdispatch, self.environ)
self.origState = [False, False, False, False]
self.smPath = "/etc/mail/sendmail.cf"
self.smTmp = "/tmp/" + os.path.split(self.smPath)[1] + ".utmp"
self.pfPathlist = ['/etc/postfix/main.cf',
'/private/etc/postfix/main.cf',
'/usr/lib/postfix/main.cf']
self.pfPath = ""
for path in self.pfPathlist:
if os.path.exists(path):
self.pfPath = path
if self.pfPath == "":
self.pfPath = "/etc/postfix/main.cf"
self.pfTmp = "/tmp/" + os.path.split(self.pfPath)[1] + ".utmp"
def setUp(self):
RuleTest.setUp(self)
self.rule = DisableSerialLoginPrompts(self.config, self.environ,
self.logdispatch,
self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
def setUp(self):
RuleTest.setUp(self)
self.rule = DisableThumbnailers(self.config, self.environ,
self.logdispatch, self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
def setUp(self):
RuleTest.setUp(self)
self.rule = BlockSystemAccounts(self.config, self.environ,
self.logdispatch, self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
def setUp(self):
RuleTest.setUp(self)
self.rule = AuditSSHKeys(self.config, self.environ, self.logdispatch,
self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ignoreresults = True
def setUp(self):
RuleTest.setUp(self)
self.rule = InstallCasperSuite(self.config, self.environ,
self.logdispatch,
self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
def setUp(self):
RuleTest.setUp(self)
self.rule = ConfigureAIDE(self.config, self.environ, self.logdispatch,
self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.rule.ci.updatecurrvalue(True)
def setUp(self):
RuleTest.setUp(self)
self.rule = DisableAdminLoginOverride(self.config, self.environ,
self.logdispatch,
self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
def setUp(self):
RuleTest.setUp(self)
self.rule = NoCachedFDEKeys(self.config, self.environ,
self.logdispatch, self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
def setUp(self):
RuleTest.setUp(self)
self.rule = AuditNetworkSniffing(self.config, self.environ,
self.logdispatch, self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
def setUp(self):
RuleTest.setUp(self)
self.rule = InstallCasperSuite(self.config, self.environ,
self.logdispatch,
self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
def setUp(self):
RuleTest.setUp(self)
self.rule = DisableAdminLoginOverride(self.config, self.environ,
self.logdispatch,
self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
def setUp(self):
RuleTest.setUp(self)
self.rule = PasswordExpiration(self.config, self.environ,
self.logdispatch, self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
def setUp(self):
RuleTest.setUp(self)
self.rule = SystemIntegrityProtection(self.config, self.environ,
self.logdispatch,
self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
def setUp(self):
RuleTest.setUp(self)
self.rule = DisableBluetooth(self.config,
self.environ,
self.logdispatch,
self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
def setUp(self):
RuleTest.setUp(self)
self.rule = EnablePAEandNX(self.config, self.environ, self.logdispatch,
self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.rule.ci.updatecurrvalue(True)
self.ch = CommandHelper(self.logdispatch)
def setUp(self):
RuleTest.setUp(self)
self.rule = DisableGUILogon(self.config, self.environ,
self.logdispatch, self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
self.sh = ServiceHelper(self.environ, self.logdispatch)
def setUp(self):
RuleTest.setUp(self)
self.rule = VerifySysFilePerms(self.config, self.environ,
self.logdispatch, self.statechglogger)
self.cmdhelper = CommandHelper(self.logdispatch)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
def setUp(self):
RuleTest.setUp(self)
self.rule = CheckRootPath(self.config,
self.environ,
self.logdispatch,
self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
def setUp(self):
RuleTest.setUp(self)
self.rule = ConfigureNetworkTime(self.config, self.environ,
self.logdispatch, self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
self.ss = "/usr/sbin/systemsetup"
def setUp(self):
RuleTest.setUp(self)
self.rule = DisableSIRIandContinuityFeatures(self.config, self.environ,
self.logdispatch,
self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
def setUp(self):
RuleTest.setUp(self)
self.rule = ReqPassSysPref(self.config, self.environ, self.logdispatch,
self.statechglogger)
self.cmdhelper = CommandHelper(self.logdispatch)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
def setUp(self):
RuleTest.setUp(self)
self.rule = SecureDHCPServer(self.config,
self.environ,
self.logdispatch,
self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
def setUp(self):
''' '''
RuleTest.setUp(self)
self.rule = TCPWrappers(self.config, self.environ, self.logdispatch,
self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
def setUp(self):
RuleTest.setUp(self)
self.rule = DisableBluetooth(self.config,
self.environ,
self.logdispatch,
self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
def setUp(self):
RuleTest.setUp(self)
self.rule = DisableGUILogon(self.config, self.environ,
self.logdispatch, self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
self.sh = ServiceHelper(self.environ, self.logdispatch)
def setUp(self):
RuleTest.setUp(self)
self.rule = ConfigureGatekeeper(self.config, self.environ,
self.logdispatch,
self.statechglogger)
self.rulename = self.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
def setUp(self):
RuleTest.setUp(self)
self.rule = SoftwarePatching(self.config,
self.environ,
self.logdispatch,
self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
def setUp(self):
RuleTest.setUp(self)
self.rule = DisableGuestAccess(self.config, self.environ,
self.logdispatch, self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
self.dc = "/usr/bin/defaults"
def setUp(self):
RuleTest.setUp(self)
self.rule = InstalledSoftwareVerification(self.config,
self.environ,
self.logdispatch,
self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
def setUp(self):
RuleTest.setUp(self)
self.rule = FilePermissions(self.config, self.environ,
self.logdispatch, self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
self.ignoreresults = True
def setUp(self):
RuleTest.setUp(self)
self.rule = ConfigureLoginWindow(self.config, self.environ,
self.logdispatch, self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
self.dc = "/usr/bin/defaults"
def setUp(self):
RuleTest.setUp(self)
self.rule = DisableWeakAuthentication(self.config, self.environ,
self.logdispatch,
self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
def setUp(self):
RuleTest.setUp(self)
self.rule = ReqAuthSingleUserMode(self.config, self.environ,
self.logdispatch,
self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
def setUp(self):
RuleTest.setUp(self)
self.rule = ConfigureKerberos(self.config,
self.environ,
self.logdispatch,
self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
self.fh = FileHelper(self.logdispatch, self.statechglogger)
if self.environ.getosfamily() == 'darwin':
self.files = {"kerb5.conf":
{"path": "/etc/krb5.conf",
"remove": True,
"content": None,
"permissions": None,
"owner": None,
"group": None,
"eventid": str(self.rulenumber).zfill(4) +
"kerb5ut"},
"edu.mit.Kerberos":
{"path": "/Library/Preferences/edu.mit.Kerberos",
"remove": False,
"content": "test",
"permissions": None,
"owner": None,
"group": None,
"eventid": str(self.rulenumber).zfill(4) +
"Kerberosut"},
"edu.mit.Kerberos.krb5kdc.launchd":
{"path": "/Library/Preferences/edu.mit.Kerberos.krb5kdc.launchd",
"remove": False,
"content": "test",
"permissions": None,
"owner": None,
"group": None,
"eventid": str(self.rulenumber).zfill(4) +
"krb5kdcut"},
"edu.mit.Kerberos.kadmind.launchd":
{"path": "/Library/Preferences/edu.mit.Kerberos.kadmind.launchd",
"remove": False,
"content": "test",
"permissions": None,
"owner": None,
"group": None,
"eventid": str(self.rulenumber).zfill(4) +
"kadmindut"},
}
else:
self.files = {"kerb5.conf":
{"path": "/etc/krb5.conf",
"remove": True,
"content": None,
"permissions": None,
"owner": None,
"group": None,
"eventid": str(self.rulenumber).zfill(4) +
"kerb5ut"}}
def setUp(self):
RuleTest.setUp(self)
self.rule = SetRootDefaults(self.config,
self.environ,
self.logdispatch,
self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
def setUp(self):
RuleTest.setUp(self)
self.rule = SystemIntegrityProtection(self.config,
self.environ,
self.logdispatch,
self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
def setUp(self):
RuleTest.setUp(self)
self.rule = VerifyAccPerms(self.config,
self.environ,
self.logdispatch,
self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
def setUp(self):
RuleTest.setUp(self)
self.rule = AuditSSHKeys(self.config,
self.environ,
self.logdispatch,
self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ignoreresults = True
def setUp(self):
RuleTest.setUp(self)
self.rule = RemoveBadDotFiles(self.config,
self.environ,
self.logdispatch,
self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
def setUp(self):
RuleTest.setUp(self)
self.rule = RestrictAdminSSH(self.config,
self.environ,
self.logdispatch,
self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
def setUp(self):
RuleTest.setUp(self)
self.rule = DisableSIRIandContinuityFeatures(self.config,
self.environ,
self.logdispatch,
self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
def setUp(self):
RuleTest.setUp(self)
self.rule = RestrictMounting(self.config, self.environ,
self.logdispatch, self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
self.ph = Pkghelper(self.logdispatch, self.environ)
self.sh = ServiceHelper(self.environ, self.logdispatch)
def setUp(self):
RuleTest.setUp(self)
self.rule = MinimizeServices(self.config,
self.environ,
self.logdispatch,
self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
def setUp(self):
RuleTest.setUp(self)
self.rule = SystemAccounting(self.config,
self.environ,
self.logdispatch,
self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
def setUp(self):
RuleTest.setUp(self)
self.rule = DisableWeakAuthentication(self.config,
self.environ,
self.logdispatch,
self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
def setUp(self):
RuleTest.setUp(self)
self.rule = MinimizeServices(self.config,
self.environ,
self.logdispatch,
self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
def setUp(self):
RuleTest.setUp(self)
self.rule = SecureApacheWebserver(self.config,
self.environ,
self.logdispatch,
self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
def setUp(self):
RuleTest.setUp(self)
self.rule = DisableInteractiveStartup(self.config,
self.environ,
self.logdispatch,
self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
def setUp(self):
RuleTest.setUp(self)
self.rule = DisableIPV6(self.config, self.environ, self.logdispatch,
self.statechglogger)
self.logger = self.logdispatch
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
self.checkUndo = True
def setUp(self):
RuleTest.setUp(self)
self.rule = DisableGuestAccess(self.config, self.environ,
self.logdispatch,
self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
self.dc = "/usr/bin/defaults"
def setUp(self):
RuleTest.setUp(self)
self.rule = NoCachedFDEKeys(self.config,
self.environ,
self.logdispatch,
self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
def setUp(self):
RuleTest.setUp(self)
self.rule = EnableKernelAuditing(self.config,
self.environ,
self.logdispatch,
self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
def setUp(self):
RuleTest.setUp(self)
self.rule = RemoveBadDotFiles(self.config,
self.environ,
self.logdispatch,
self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
def setUp(self):
RuleTest.setUp(self)
self.rule = AuditNetworkSniffing(self.config,
self.environ,
self.logdispatch,
self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
def setUp(self):
RuleTest.setUp(self)
self.rule = DisableScreenSavers(self.config,
self.environ,
self.logdispatch,
self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
def setUp(self):
RuleTest.setUp(self)
self.rule = NoLegacyPlusAccts(self.config,
self.environ,
self.logdispatch,
self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)