def testUserInfoRoleCommandArg2(self): res, code = utils.sr_cmd("-i -r info0 -c command") utils.multipleAssertCommand( res, code, code == 0, utils.assertCount(res, "you can execute \"command\" with command", 1), utils.assertCount(res, "sr -r \"info0\" -c \"command\"", 1))
def testUserInfoRoleCommandArg(self): res, code = utils.sr_cmd("-i -r info2 -c command1") utils.multipleAssertCommand( res, code, code == 0, utils.assertCount(res, "simplified", 1), utils.assertCount(res, "sr -c \"command1\"", 1), utils.assertCount(res, "-r info2", 0), utils.assertCount(res, "full privileges", 1))
def testCapableSyntaxError(self): res, code = utils.capable_cmd("-foobar") utils.multipleAssertCommand( res, code, code != 0, res.count("capable: invalid option -- 'f'") == 1, res.count("Bad parameter.") == 1, res.count("Usage") == 1)
def testUserInfoCommandArg(self): res, code = utils.sr_cmd("-i -c command1") utils.multipleAssertCommand( res, code, code == 0, utils.assertCount(res, "info2", 0), utils.assertCount(res, "cap_net_raw", 0), utils.assertCount(res, "this command", 1), utils.assertCount(res, "sr -c \"command1\"", 1))
def testCapableCommandTcpdumpResult(self): res, code = utils.capable_cmd("-c tcpdump") self.assertEqual(code, 0, "Assert Code == 0") utils.multipleAssertCommand(res, code, code == 0, res.count("cap_dac_override") == 1, res.count("cap_dac_read_search") == 1, res.count("cap_net_admin") == 1, res.count("cap_net_raw") == 1, res.count("cap_sys_admin") == 1)
def testScenario1(self): port = "79" utils.before("scenario1", [utils.getuser(), constants.SC1_FILE_SERVERPY, port]) res, code = utils.sr_cmd( "-r role1 -c 'python %s -p %s'" % (constants.SC1_FILE_SERVERPY, port), 1) utils.multipleAssertCommand(res, code, code == 0, res.count("OK") == 1) utils.after()
def testUserInfoCommandArgNoRole(self): utils.before("testInfo/infousernorole") res, code = utils.sr_cmd("-i -c null") utils.multipleAssertCommand( res, code, code == 0, utils.assertCount(res, r"you can\\'t execute this command", 1), utils.assertCount(res, "sr -c", 0), utils.assertCount(res, "roles", 0), utils.assertCount(res, "null", 0)) utils.after()
def testCapableCommandApache(self): res, code = utils.capable_cmd("-c '/usr/sbin/apache2ctl start'", 5) self.assertEqual(code, 0, "Assert Code == 0") try: utils.multipleAssertCommand(res, code, res.count("cap_sys_ptrace") == 1, res.count("cap_net_bind_service") == 1, res.count("cap_sys_admin") == 1) except AssertionError as e: e.args += ("Have-you installed apache2?", 0)
def testCapableCommandPingResult(self): res, code = utils.capable_cmd("-c 'ping 8.8.8.8 -c 1'") self.assertEqual(code, 0, "Assert Code == 0") utils.multipleAssertCommand( res, code, res.count("cap_setuid") == 1, res.count("cap_setpcap") == 1, # ping downgrade his capabilities res.count("cap_net_raw") == 1, res.count("cap_sys_admin") == 1)
def testCapableCommandSSHD(self): res, code = utils.capable_cmd("-c '/usr/sbin/sshd'", 5) self.assertEqual(code, 0, "Assert Code == 0") try: utils.multipleAssertCommand(res, code, res.count("cap_dac_override") == 1, res.count("cap_dac_read_search") == 1, res.count("cap_setgid") == 1, res.count("cap_net_bind_service") == 1, res.count("cap_sys_resource") == 1, res.count("cap_sys_admin") == 1) except AssertionError as e: e.args += ("Have-you installed sshd?", 0)
def testUserInfoArg(self): res, code = utils.sr_cmd("-i") utils.multipleAssertCommand( res, code, code == 0, utils.assertCount(res, "null", 0), utils.assertCount(res, "info0", 1), utils.assertCount(res, "info1", 1), utils.assertCount(res, "info2", 1), utils.assertCount(res, "info3", 1), utils.assertCount(res, "info4", 1), utils.assertCount(res, "cap_net_raw", 2), utils.assertCount(res, "with any commands", 2), utils.assertCount(res, "without any commands", 1), utils.assertCount(res, "command1", 2), utils.assertCount(res, "command2", 1), utils.assertCount(res, "full privileges", 3))
def testUserInfoCommandArg1(self): res, code = utils.sr_cmd("-i -c null") utils.multipleAssertCommand(res, code, code == 0, utils.assertCount(res, "info0", 1), utils.assertCount(res, "info1", 1))
def testCapableCommandCatResult(self): res, code = utils.capable_cmd("-c 'cat /proc/kallsyms>/dev/null'") self.assertEqual(code, 0, "Assert Code == 0") utils.multipleAssertCommand(res, code, res.count("cap_syslog") == 1, res.count("cap_sys_admin") == 1)
def testFindRoleWithUserWrongCommand(self): echo = "wrong-command" res, code = utils.sr_echo_cmd(echo) utils.multipleAssertCommand(res, code, code != 0, res.count(echo) == 0)
def testFindFirstRoleWithUser(self): echo = "role1-user-cmd" res, code = utils.sr_echo_cmd(echo) utils.multipleAssertCommand(res, code, code == 0, res.count("r0le1") == 1)
def testFindRoleWithGroupWithCommandArrayConfiguration(self): echo = "role3-group-cmd2" res, code = utils.sr_echo_cmd(echo) utils.multipleAssertCommand(res, code, code == 0, res.count(echo) == 1)
def testCapableSleepIncorrect(self): res, code = utils.capable_cmd("-s D") utils.multipleAssertCommand(res, code, code != 0, res.count("Bad parameter.") == 1, res.count("Usage : ") == 1)
def testFindRoleWithGroupWrongCommand(self): echo = "role2-gfoo-cmd" res, code = utils.sr_echo_cmd(echo) utils.multipleAssertCommand(res, code, code != 0, res.count(echo) == 0)
def testFindFirstRoleWithGroup(self): echo = "role1-group-cmd" res, code = utils.sr_echo_cmd(echo) utils.multipleAssertCommand(res, code, code == 0, res.count(echo) == 1)
def testFindUserRoleNoCommandInConfiguration(self): echo = "role1-user-cmd" res, code = utils.sr_echo_cmd(echo) utils.multipleAssertCommand(res, code, code != 0, res.count(echo) == 0)
def testUserInfoRoleCommandArg1(self): res, code = utils.sr_cmd("-i -r null -c null") utils.multipleAssertCommand( res, code, code == 0, utils.assertCount(res, r"you can\\'t execute this command", 1))
def testUserInfoCommandArg2(self): res, code = utils.sr_cmd("-i -c command3") utils.multipleAssertCommand(res, code, code == 0, utils.assertCount(res, "cap_net_raw", 1))
def testFindRoleWithUserInCommandArrayConfig(self): echo = "role3-user-cmd2" res, code = utils.sr_echo_cmd(echo) utils.multipleAssertCommand(res, code, code == 0, res.count(echo) == 1)
def testUserInfoRoleArg(self): res, code = utils.sr_cmd("-i -r info1") utils.multipleAssertCommand(res, code, code == 0, utils.assertCount(res, "info1", 1), utils.assertCount(res, "cap_net_raw", 1), utils.assertCount(res, "any commands", 1))
def testUserInfoRoleArg2(self): res, code = utils.sr_cmd("-i -r info3") utils.multipleAssertCommand( res, code, code == 0, utils.assertCount(res, "without any commands", 1))
def testUserInfoRoleArg1(self): res, code = utils.sr_cmd("-i -r null") utils.multipleAssertCommand( res, code, code == 0, utils.assertCount(res, "null", 1), utils.assertCount(res, r"You can\\+'t use the role", 1))