def setUp(self):
self.binary = os.path.join(test_base.ARGS.build, "osquery", "osqueryi")
ext = "dylib" if sys.platform == "darwin" else "so"
self.modules_loader = test_base.Autoloader(
[test_base.ARGS.build + "/osquery/libmodexample.%s" % ext])
self.osqueryi = test_base.OsqueryWrapper(self.binary,
{"modules_autoload": self.modules_loader.path})
def test_4_module_prevent_initialize(self):
'''Test a failed module initialize (we interrupt the registry call).
'''
self.osqueryi = test_base.OsqueryWrapper(self.binary,
{"modules_autoload": self.modules_loader.path}, {"TESTFAIL2": "1"})
# The environment variable should have prevented the module load.
self.assertRaises(test_base.OsqueryException,
self.osqueryi.run_query, 'SELECT * from example;')
def setUp(self):
self.binary = test_base.getLatestOsqueryBinary('osqueryi')
self.osqueryi = test_base.OsqueryWrapper(command=self.binary)
self.client = None
self.container = None
try:
self.client = docker.from_env()
self.container = self.client.containers.run(
"ubuntu:18.04", command="tail -f /dev/null", detach=True)
self.container.exec_run("touch xxx")
except exceptions as e:
print(f"Failed in creating test container: {e}")
def test_foreign_tables(self):
'''Requires the --enable_foreign flag to add at least one table.'''
self.osqueryi.run_command(' ')
query = 'SELECT count(1) c FROM osquery_registry;'
result = self.osqueryi.run_query(query)
before = int(result[0]['c'])
osqueryi2 = test_base.OsqueryWrapper(self.binary,
args={"enable_foreign": True})
osqueryi2.run_command(' ')
result = osqueryi2.run_query(query)
after = int(result[0]['c'])
self.assertGreater(after, before)
def test_3_module_prevent_create(self):
'''Test a failed module create (we interrupt the static construction).
This test uses a special environment variable checked in the example
module built as part of the default SDK build.
'''
self.osqueryi = test_base.OsqueryWrapper(self.binary,
{"modules_autoload": self.modules_loader.path}, {"TESTFAIL1": "1"})
result = self.osqueryi.run_query(
'SELECT * from time;')
# Make sure the environment variable did not introduce any unexpected
# crashes with the unit or integration tests.
self.assertEqual(len(result), 1)
# The environment variable should have prevented the module load.
self.assertRaises(test_base.OsqueryException,
self.osqueryi.run_query, 'SELECT * from example;')
def setUp(self):
self.binary = test_base.getLatestOsqueryBinary('osqueryi')
self.osqueryi = test_base.OsqueryWrapper(command=self.binary)
self.dbpath = "%s%s" % (test_base.CONFIG["options"]["database_path"],
str(random.randint(1000, 9999)))
def test_atc(self):
local_osquery_instance = test_base.OsqueryWrapper(
self.binary, args={"config_path": "test.config"})
result = local_osquery_instance.run_query(
'SELECT a_number FROM test_atc')
self.assertEqual(result, [{'a_number': '314159'}])
def test_config_bad_json(self):
self.osqueryi = test_base.OsqueryWrapper(self.binary,
args={"config_path": "/"})
result = self.osqueryi.run_query('SELECT * FROM time;')
self.assertEqual(len(result), 1)
def setUp(self):
self.binary = test_base.getLatestOsqueryBinary('osqueryi')
self.osqueryi = test_base.OsqueryWrapper(command=self.binary)
def setUp(self):
self.binary = os.path.join(test_base.ARGS.build, "osquery", "osqueryi")
self.osqueryi = test_base.OsqueryWrapper(self.binary)
self.dbpath = "%s%s" % (test_base.CONFIG["options"]["database_path"],
str(random.randint(1000, 9999)))
def setUp(self):
binary = os.path.join(test_base.ARGS.build, "osquery", "osqueryi")
self.osqueryi = test_base.OsqueryWrapper(binary)
