def test_stack_consumption_CVE_2010_4352(self): '''Test stack consumption (CVE-2010-4352)''' source_dist = './dbus/CVE-2010-4352.c' source = os.path.join(self.tempdir, "CVE-2010-4352.c") binary = os.path.join(self.tempdir, "CVE-2010-4352") shutil.copy(source_dist, source) rc, report = testlib.cmd(['gcc', '-o', binary, '-std=gnu99', source]) expected = 0 result = 'Got exit code %d, expected %d\n' % (rc, expected) self.assertEquals(expected, rc, result + report) pidfile = "/var/run/dbus/pid" exe = "dbus-daemon" rc, report = testlib.cmd([binary]) expected = 0 result = 'Got exit code %d, expected %d\n' % (rc, expected) if self.lsb_release['Release'] < 15.10 and not testlib.check_pidfile( exe, pidfile): # Let's try to leave the system in a usable state os.unlink(pidfile) testlib.cmd(['stop', 'dbus']) testlib.cmd(['start', 'dbus']) time.sleep(2) if not testlib.check_pidfile(exe, pidfile): print >> sys.stderr, "\nWARNING: could not restart dbus" self.assertEquals(expected, rc, result + report)
def test_aa_xfs_daemon(self): '''Test xfs daemon''' self._stop_daemon() time.sleep(1) self.assertFalse( testlib.check_pidfile(os.path.basename(self.exe), self.pidfile)) self._start_daemon() time.sleep(1) self.assertTrue( testlib.check_pidfile(os.path.basename(self.exe), self.pidfile)) self._restart_daemon() time.sleep(1) self.assertTrue( testlib.check_pidfile(os.path.basename(self.exe), self.pidfile))
def test_daemon(self): '''Test iscsid''' self.assertTrue(self.daemon.stop()) time.sleep(2) self.assertFalse(testlib.check_pidfile(self.exe, self.pidfile)) self.assertTrue(self.daemon.start()) time.sleep(2) self.assertTrue( testlib.check_pidfile(os.path.basename(self.exe), self.pidfile)) self.assertTrue(self.daemon.restart()) time.sleep(2) self.assertTrue( testlib.check_pidfile(os.path.basename(self.exe), self.pidfile))
def test_daemon(self): '''Test dhcpd''' contents = ''' ddns-update-style none; default-lease-time 60; max-lease-time 720; allow bootp; authoritative; log-facility local7; subnet 192.168.122.0 netmask 255.255.255.0 { range 192.168.122.50 192.168.122.60; } ''' testlib.create_fill(self.server_config, contents) self.start_daemon() time.sleep(2) self.assertTrue( testlib.check_pidfile(os.path.basename(self.server_binary), self.server_pidfile)) rc, report = testlib.check_apparmor(self.server_binary, 9.04, is_running=True) if rc < 0: return self._skipped(report) expected = 0 result = 'Got exit code %d, expected %d\n' % (rc, expected) self.assertEquals(expected, rc, result + report)
def test_apache_daemon(self): '''Test Apache daemon''' if self.lsb_release['Release'] >= 13.10: pidfile = "/var/run/apache2/apache2.pid" else: pidfile = "/var/run/apache2.pid" self.assertTrue(testlib.check_pidfile("apache2", pidfile))
def test_CVE_2012_2944(self): '''Test CVE-2012-2944''' self.tmpdir = tempfile.mkdtemp(dir='/tmp', prefix="testlib-") # First send bad input. We need to do this in a script because python # functions don't like our embedded NULs script = os.path.join(self.tmpdir, 'script.sh') contents = '''#!/bin/sh printf '\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\n' | nc -q 1 127.0.0.1 3493 sleep 1 dd if=/dev/urandom count=64 | nc -q 1 127.0.0.1 3493 ''' testlib.create_fill(script, contents, mode=0755) rc, report = testlib.cmd([script]) # It should not have crashed. Let's see if it did self._testDaemons(['upsd']) self.assertTrue( 'ERR UNKNOWN-COMMAND' in report, "Could not find 'ERR UNKNOWN-COMMAND' in:\n%s" % report) # This CVE may also result in a hung upsd. Try to kill it, if it is # still around, it is hung testlib.cmd(['killall', 'upsd']) pidfile = os.path.join(self.rundir, 'upsd.pid') self.assertFalse(os.path.exists(pidfile), "Found %s" % pidfile) self.assertFalse(testlib.check_pidfile('upsd', pidfile), 'upsd is hung')
def _testDaemons(self, daemons): '''Daemons running''' for d in self.daemons: pidfile = os.path.join(self.rundir, d + ".pid") warning = "Could not find pidfile '" + pidfile + "'" self.assertTrue(os.path.exists(pidfile), warning) self.assertTrue(testlib.check_pidfile(d, pidfile))
def test_daemons(self): '''Test daemon is running''' if self.lsb_release['Release'] <= 9.04: pidfile = "/var/run/bind/run/named.pid" else: pidfile = "/var/run/named/named.pid" warning = "Could not find pidfile '" + pidfile + "'" self.assertTrue(os.path.exists(pidfile), warning) self.assertTrue(testlib.check_pidfile("named", pidfile))
def test_aa_start_daemon(self): '''Start up the daemon''' self.daemon.stop() time.sleep(1) rc, result = self.daemon.start() self.assertTrue(rc, result) self.assertTrue(testlib.check_pidfile('mono', self.xsp2_pid), 'mono-xsp2 is not running')
def test_00_daemons(self): '''Test daemon''' if self.lsb_release['Release'] >= 14.04: pidfile = "/var/run/apache2/apache2.pid" else: pidfile = "/var/run/apache2.pid" self.assertTrue(testlib.check_pidfile("apache2", pidfile))
def test_daemons(self): '''Test daemon''' pidfile = "/run/squid3.pid" exe = "squid3" if self.lsb_release['Release'] < 12.04: pidfile = "/var/run/squid.pid" exe = "squid" self.assertTrue(testlib.check_pidfile(exe, pidfile))
def _start(self): '''Startup with each test''' rc, result = self.nagiosdaemon.start() self.assertTrue(rc, result) rc, result = self.nagiosdaemon.status() self.assertTrue(rc, result) rc, result = self.apachedaemon.start() self.assertTrue(rc, result) self.assertTrue(testlib.check_pidfile('apache2', self.apache_pid), 'Apache is not running')
def test_discovery_with_server(self): '''Test iscsi_discovery to remote server''' global remote_server global username global password global username_in global password_in global initiatorname if remote_server == '': return self._skipped("--remote-server not specified") contents = ''' InitiatorName=%s InitiatorAlias=ubuntu ''' % (initiatorname) testlib.config_replace(self.initiatorname_iscsi, contents, True) contents = ''' node.session.auth.authmethod = CHAP node.session.auth.username = %s node.session.auth.password = %s node.session.auth.username_in = %s node.session.auth.password_in = %s discovery.sendtargets.auth.authmethod = CHAP discovery.sendtargets.auth.username = %s discovery.sendtargets.auth.password = %s discovery.sendtargets.auth.username_in = %s discovery.sendtargets.auth.password_in = %s ''' % (username, password, username_in, password_in, username, password, username_in, password_in) testlib.config_replace(self.iscsid_conf, contents, True) self.assertTrue(self.daemon.restart()) time.sleep(2) self.assertTrue( testlib.check_pidfile(os.path.basename(self.exe), self.pidfile)) rc, report = testlib.cmd(["/sbin/iscsi_discovery", remote_server]) expected = 0 result = 'Got exit code %d, expected %d\n' % (rc, expected) self.assertEquals(expected, rc, result + report) for i in [ 'starting discovery to %s' % remote_server, 'Testing iser-login to target %s portal %s' % (initiatorname, remote_server), 'starting to test tcp-login to target %s portal %s' % (initiatorname, remote_server), 'discovered 1 targets at %s, connected to 1' % remote_server ]: result = "Could not find '%s' in report:\n" % i self.assertTrue(i in report, result + report)
def test_privileges(self): '''Test daemon''' testlib.check_pidfile(self.exe, self.pidfile) fd = open(self.pidfile, 'r') pid = fd.readline().rstrip('\n') fd.close() status = "/proc/%d/status" % int(pid) self.assertTrue(os.path.exists(status), "could not find '%s'" % status) uid = pwd.getpwnam(self.user)[2] lines = open(status).read() dropped = False for line in lines.splitlines(): if re.search(r'^Uid:\s+%d\s+' % uid, line): dropped = True self.assertTrue( dropped, "did not drop privileges to '%s (%d)':\n%s" % (self.user, uid, lines))
def _testDaemons(self, daemons): '''Daemons running''' for d in daemons: # A note on the driver pid file: its name is # <ups.conf section name>-<driver name>.pid # ex: dummy-dev1-dummy-ups.pid if d == 'dummy-ups': pidfile = os.path.join(self.rundir, 'dummy-ups-dummy-dev1.pid') else: pidfile = os.path.join(self.rundir, d + '.pid') warning = "Could not find pidfile '" + pidfile + "'" self.assertTrue(os.path.exists(pidfile), warning) self.assertTrue(testlib.check_pidfile(d, pidfile), d + ' is not running')
def test_daemons(self): '''Test daemon''' if self.lsb_release['Release'] >= 16.04: pidfile = "/run/squid.pid" else: pidfile = "/run/squid3.pid" if self.lsb_release['Release'] >= 15.10: exe = "(squid-1)" else: exe = "squid3" self.assertTrue(testlib.check_pidfile(exe, pidfile))
def test_dhclient(self): '''Test dhclient (requires reachable dhcpd)''' self.stop_daemon(self.server_pidfile) time.sleep(2) contents = ''' send host-name "%s"; request subnet-mask, broadcast-address, time-offset, routers, domain-name, domain-name-servers, domain-search, host-name, netbios-name-servers, netbios-scope, ntp-servers; ''' % (socket.gethostname()) testlib.create_fill(self.client_config, contents) rc, report = testlib.cmd([os.path.basename(self.client_binary)] + self.client_args) expected = 0 result = 'Got exit code %d, expected %d\n' % (rc, expected) self.assertEquals(expected, rc, result + report) time.sleep(5) if not os.path.exists(self.client_pidfile): time.sleep(25) self.assertTrue( os.path.exists(self.client_lease), "%s does not exist after 30 seconds" % (self.client_lease)) self.assertTrue( testlib.check_pidfile(os.path.basename(self.client_binary), self.client_pidfile)) rc, report = testlib.check_apparmor(self.client_binary, 9.04, is_running=True) if rc < 0: return self._skipped(report) expected = 0 result = 'Got exit code %d, expected %d\n' % (rc, expected) self.assertEquals(expected, rc, result + report)
def test_daemon(self): '''Test Avahi daemon running''' warning = "Could not find pidfile '%s'" % (self.pidfile) self.assertTrue(os.path.exists(self.pidfile), warning) self.assertTrue(testlib.check_pidfile("avahi-daemon", self.pidfile))
def test_aaa_daemons(self): '''Test daemon''' self.assertTrue(testlib.check_pidfile("apache2", self.apache_pid)) self.assertTrue(testlib.check_pidfile("python", self.mailman_pid))
def _check_pid(self): return os.path.exists(self.pidfile) and testlib.check_pidfile("dovecot", self.pidfile)
def test_aaa_daemons(self): '''Test daemon''' self.assertTrue(testlib.check_pidfile("apache2", self.apache_pid)) self.assertTrue(testlib.check_pidfile("python", self.mailman_pid))
def _check_daemons(self): '''Check for pidfile and if running''' pidfile = "/var/run/ntpd.pid" warning = "Could not find pidfile '%s'" % (pidfile) self.assertTrue(os.path.exists(pidfile), warning) self.assertTrue(testlib.check_pidfile("ntpd", pidfile))
def test_daemons(self): '''Test daemon''' self.assertTrue(testlib.check_pidfile("nginx", self.pidfile))
def test_daemon(self): '''Test if slpd daemon is running''' self.assertTrue( testlib.check_pidfile(os.path.basename(self.server_binary), self.server_pidfile))
def test_daemon(self): '''Test daemon''' testlib.check_pidfile(self.exe, self.pidfile)
def test_daemons(self): '''Test daemon''' pidfile = "/var/run/lighttpd.pid" self.assertTrue(testlib.check_pidfile("lighttpd", pidfile))
def test_apache_daemon(self): '''Test Apache daemon''' pidfile = "/var/run/apache2.pid" self.assertTrue(testlib.check_pidfile("apache2", pidfile))