def setUp(self):
     RuleTest.setUp(self)
     self.rule = RestrictMounting(self.config, self.environ,
                                  self.logdispatch, self.statechglogger)
     self.rulename = self.rule.rulename
     self.rulenumber = self.rule.rulenumber
     self.ch = CommandHelper(self.logdispatch)
     self.ph = Pkghelper(self.logdispatch, self.environ)
     self.sh = ServiceHelper(self.environ, self.logdispatch)
 def setUp(self):
     RuleTest.setUp(self)
     self.rule = RestrictMounting(self.config, self.environ,
                                  self.logdispatch, self.statechglogger)
     self.rulename = self.rule.rulename
     self.rulenumber = self.rule.rulenumber
     self.ch = CommandHelper(self.logdispatch)
     self.ph = Pkghelper(self.logdispatch, self.environ)
     self.sh = ServiceHelper(self.environ, self.logdispatch)
class zzzTestRuleRestrictMounting(RuleTest):

    def setUp(self):
        RuleTest.setUp(self)
        self.rule = RestrictMounting(self.config, self.environ,
                                     self.logdispatch, self.statechglogger)
        self.rulename = self.rule.rulename
        self.rulenumber = self.rule.rulenumber
        self.ch = CommandHelper(self.logdispatch)
        self.ph = Pkghelper(self.logdispatch, self.environ)
        self.sh = ServiceHelper(self.environ, self.logdispatch)

    def tearDown(self):
        pass

    def runTest(self):
        self.simpleRuleTest()

    def setConditionsForRule(self):
        '''
        Configure system for the unit test
        @param self: essential if you override this definition
        @return: boolean - If successful True; If failure False
        @author: Eric Ball
        '''
        success = True
        # Enable CIs
        datatype = "bool"
        key = "RESTRICTCONSOLEACCESS"
        instructions = "Unit test"
        default = True
        self.rule.consoleCi = self.rule.initCi(datatype, key, instructions,
                                               default)
        key = "DISABLEAUTOFS"
        self.rule.autofsCi = self.rule.initCi(datatype, key, instructions,
                                              default)
        key = "DISABLEGNOMEAUTOMOUNT"
        self.rule.gnomeCi = self.rule.initCi(datatype, key, instructions,
                                             default)

        self.path1 = "/etc/security/console.perms.d/50-default.perms"
        self.path2 = "/etc/security/console.perms"
        self.data1 = ["<floppy>=/dev/fd[0-1]* \\",
                      "<scanner>=/dev/scanner* /dev/usb/scanner*",
                      "<flash>=/mnt/flash* /dev/flash*",
                      "# permission definitions",
                      "<console>  0660 <floppy>     0660 root.floppy",
                      "<console>  0600 <scanner>    0600 root",
                      "<console>  0600 <flash>      0600 root.disk"]
        self.data2 = ["<console>=tty[0-9][0-9]* vc/[0-9][0-9]* :[0-9]+\.[0-9]+ :[0-9]+",
                      "<xconsole>=:[0-9]+\.[0-9]+ :[0-9]+"]
        if os.path.exists(self.path1):
            self.tmpfile1 = self.path1 + ".tmp"
            os.rename(self.path1, self.tmpfile1)
            try:
                defaultPermsFile = open(self.path1, "w")
            except IOError:
                debug = "Could not open file " + self.path1 + "\n"
                self.logger.log(LogPriority.DEBUG, debug)
                success = False
            try:
                defaultPermsFile.writelines(self.data1)
            except IOError:
                debug = "Could not write to file " + self.path1 + "\n"
                self.logger.log(LogPriority.DEBUG, debug)
                success = False
        if os.path.exists(self.path2):
            self.tmpfile2 = self.path2 + ".tmp"
            os.rename(self.path2, self.tmpfile2)
            try:
                permsFile = open(self.path2, "w")
            except IOError:
                debug = "Could not open file " + self.path2 + "\n"
                self.logger.log(LogPriority.DEBUG, debug)
                success = False
            try:
                permsFile.writelines(self.data2)
            except IOError:
                debug = "Could not write to file " + self.path2 + "\n"
                self.logger.log(LogPriority.DEBUG, debug)
                success = False

        # If autofs is installed, enable and start it. If it is not
        # installed, it will not be tested.
        if self.ph.check("autofs"):
            if not self.sh.enableservice("autofs"):
                debug = "Could not enable autofs\n"
                self.logger.log(LogPriority.DEBUG, debug)
                success = False

        cmd = ["gconftool-2", "--direct", "--config-source",
               "xml:readwrite:/etc/gconf/gconf.xml.mandatory",
               "--type", "bool", "--set",
               "/desktop/gnome/volume_manager/automount_media",
               "true"]
        cmdSuccess = self.ch.executeCommand(cmd)
        cmd = ["gconftool-2", "--direct", "--config-source",
               "xml:readwrite:/etc/gconf/gconf.xml.mandatory",
               "--type", "bool", "--set",
               "/desktop/gnome/volume_manager/automount_drives",
               "true"]
        cmdSuccess &= self.ch.executeCommand(cmd)
        if not cmdSuccess:
            success = False
        return success

    def checkReportForRule(self, pCompliance, pRuleSuccess):
        '''
        check on whether report was correct
        @param self: essential if you override this definition
        @param pCompliance: the self.iscompliant value of rule
        @param pRuleSuccess: did report run successfully
        @return: boolean - If successful True; If failure False
        @author: ekkehard j. koch
        '''
        self.logdispatch.log(LogPriority.DEBUG, "pCompliance = " +
                             str(pCompliance) + ".")
        self.logdispatch.log(LogPriority.DEBUG, "pRuleSuccess = " +
                             str(pRuleSuccess) + ".")
        success = True
        return success

    def checkFixForRule(self, pRuleSuccess):
        '''
        check on whether fix was correct
        @param self: essential if you override this definition
        @param pRuleSuccess: did report run successfully
        @return: boolean - If successful True; If failure False
        @author: ekkehard j. koch
        '''
        # Cleanup: put original perms files back
        if os.path.exists(self.path1) and os.path.exists(self.tmpfile1):
            os.remove(self.path1)
            os.rename(self.tmpfile1, self.path1)
        if os.path.exists(self.path2) and os.path.exists(self.tmpfile2):
            os.remove(self.path2)
            os.rename(self.tmpfile2, self.path2)
        self.logdispatch.log(LogPriority.DEBUG, "pRuleSuccess = " +
                             str(pRuleSuccess) + ".")
        success = True
        return success

    def checkUndoForRule(self, pRuleSuccess):
        '''
        check on whether undo was correct
        @param self: essential if you override this definition
        @param pRuleSuccess: did report run successfully
        @return: boolean - If successful True; If failure False
        @author: ekkehard j. koch
        '''
        self.logdispatch.log(LogPriority.DEBUG, "pRuleSuccess = " +
                             str(pRuleSuccess) + ".")
        success = True
        return success
class zzzTestRuleRestrictMounting(RuleTest):
    def setUp(self):
        RuleTest.setUp(self)
        self.rule = RestrictMounting(self.config, self.environ,
                                     self.logdispatch, self.statechglogger)
        self.rulename = self.rule.rulename
        self.rulenumber = self.rule.rulenumber
        self.ch = CommandHelper(self.logdispatch)
        self.ph = Pkghelper(self.logdispatch, self.environ)
        self.sh = ServiceHelper(self.environ, self.logdispatch)

    def tearDown(self):
        pass

    def runTest(self):
        self.simpleRuleTest()

    def setConditionsForRule(self):
        '''
        Configure system for the unit test
        @param self: essential if you override this definition
        @return: boolean - If successful True; If failure False
        @author: Eric Ball
        '''
        success = True
        # Enable CIs
        datatype = "bool"
        key = "RESTRICTCONSOLEACCESS"
        instructions = "Unit test"
        default = True
        self.rule.consoleCi = self.rule.initCi(datatype, key, instructions,
                                               default)
        key = "DISABLEAUTOFS"
        self.rule.autofsCi = self.rule.initCi(datatype, key, instructions,
                                              default)
        key = "DISABLEGNOMEAUTOMOUNT"
        self.rule.gnomeCi = self.rule.initCi(datatype, key, instructions,
                                             default)

        self.path1 = "/etc/security/console.perms.d/50-default.perms"
        self.path2 = "/etc/security/console.perms"
        self.data1 = [
            "<floppy>=/dev/fd[0-1]* \\",
            "<scanner>=/dev/scanner* /dev/usb/scanner*",
            "<flash>=/mnt/flash* /dev/flash*", "# permission definitions",
            "<console>  0660 <floppy>     0660 root.floppy",
            "<console>  0600 <scanner>    0600 root",
            "<console>  0600 <flash>      0600 root.disk"
        ]
        self.data2 = [
            "<console>=tty[0-9][0-9]* vc/[0-9][0-9]* :[0-9]+\.[0-9]+ :[0-9]+",
            "<xconsole>=:[0-9]+\.[0-9]+ :[0-9]+"
        ]
        if os.path.exists(self.path1):
            self.tmpfile1 = self.path1 + ".tmp"
            os.rename(self.path1, self.tmpfile1)
            try:
                defaultPermsFile = open(self.path1, "w")
            except IOError:
                debug = "Could not open file " + self.path1 + "\n"
                self.logger.log(LogPriority.DEBUG, debug)
                success = False
            try:
                defaultPermsFile.writelines(self.data1)
            except IOError:
                debug = "Could not write to file " + self.path1 + "\n"
                self.logger.log(LogPriority.DEBUG, debug)
                success = False
        if os.path.exists(self.path2):
            self.tmpfile2 = self.path2 + ".tmp"
            os.rename(self.path2, self.tmpfile2)
            try:
                permsFile = open(self.path2, "w")
            except IOError:
                debug = "Could not open file " + self.path2 + "\n"
                self.logger.log(LogPriority.DEBUG, debug)
                success = False
            try:
                permsFile.writelines(self.data2)
            except IOError:
                debug = "Could not write to file " + self.path2 + "\n"
                self.logger.log(LogPriority.DEBUG, debug)
                success = False

        # If autofs is installed, enable and start it. If it is not
        # installed, it will not be tested.
        if self.ph.check("autofs"):
            if not self.sh.enableservice("autofs"):
                debug = "Could not enable autofs\n"
                self.logger.log(LogPriority.DEBUG, debug)
                success = False

        cmd = [
            "gconftool-2", "--direct", "--config-source",
            "xml:readwrite:/etc/gconf/gconf.xml.mandatory", "--type", "bool",
            "--set", "/desktop/gnome/volume_manager/automount_media", "true"
        ]
        cmdSuccess = self.ch.executeCommand(cmd)
        cmd = [
            "gconftool-2", "--direct", "--config-source",
            "xml:readwrite:/etc/gconf/gconf.xml.mandatory", "--type", "bool",
            "--set", "/desktop/gnome/volume_manager/automount_drives", "true"
        ]
        cmdSuccess &= self.ch.executeCommand(cmd)
        if not cmdSuccess:
            success = False
        return success

    def checkReportForRule(self, pCompliance, pRuleSuccess):
        '''
        check on whether report was correct
        @param self: essential if you override this definition
        @param pCompliance: the self.iscompliant value of rule
        @param pRuleSuccess: did report run successfully
        @return: boolean - If successful True; If failure False
        @author: ekkehard j. koch
        '''
        self.logdispatch.log(LogPriority.DEBUG,
                             "pCompliance = " + str(pCompliance) + ".")
        self.logdispatch.log(LogPriority.DEBUG,
                             "pRuleSuccess = " + str(pRuleSuccess) + ".")
        success = True
        return success

    def checkFixForRule(self, pRuleSuccess):
        '''
        check on whether fix was correct
        @param self: essential if you override this definition
        @param pRuleSuccess: did report run successfully
        @return: boolean - If successful True; If failure False
        @author: ekkehard j. koch
        '''
        # Cleanup: put original perms files back
        if os.path.exists(self.path1) and os.path.exists(self.tmpfile1):
            os.remove(self.path1)
            os.rename(self.tmpfile1, self.path1)
        if os.path.exists(self.path2) and os.path.exists(self.tmpfile2):
            os.remove(self.path2)
            os.rename(self.tmpfile2, self.path2)
        self.logdispatch.log(LogPriority.DEBUG,
                             "pRuleSuccess = " + str(pRuleSuccess) + ".")
        success = True
        return success

    def checkUndoForRule(self, pRuleSuccess):
        '''
        check on whether undo was correct
        @param self: essential if you override this definition
        @param pRuleSuccess: did report run successfully
        @return: boolean - If successful True; If failure False
        @author: ekkehard j. koch
        '''
        self.logdispatch.log(LogPriority.DEBUG,
                             "pRuleSuccess = " + str(pRuleSuccess) + ".")
        success = True
        return success