def LoadChecks(self): """Load the checks, returning the names of the checks that were loaded.""" config_lib.CONFIG.Set("Checks.max_results", 5) check_configs = ("sshd.yaml", "sw.yaml") cfg_dir = os.path.join(config_lib.CONFIG["Test.data_dir"], "checks") chk_files = [os.path.join(cfg_dir, f) for f in check_configs] checks.LoadChecksFromFiles(chk_files) return checks.CheckRegistry.checks.keys()
def LoadChecks(self): """Load the checks, returning the names of the checks that were loaded.""" checks.CheckRegistry.Clear() check_configs = ("sshd.yaml", "sw.yaml", "unix_login.yaml") cfg_dir = os.path.join(config.CONFIG["Test.data_dir"], "checks") chk_files = [os.path.join(cfg_dir, f) for f in check_configs] checks.LoadChecksFromFiles(chk_files) return checks.CheckRegistry.checks.keys()
def LoadCheck(self, cfg_file, *check_ids): cfg = os.path.join(config_lib.CONFIG["Test.srcdir"], "grr", "checks", cfg_file) if check_ids: for chk_id in check_ids: checks.LoadCheckFromFile(cfg, chk_id) else: checks.LoadChecksFromFiles([cfg])
def LoadCheck(self, cfg_file, *check_ids): cfg = os.path.join(config_lib.CONFIG["Test.srcdir"], "grr", "checks", cfg_file) if check_ids: loaded = [] for chk_id in check_ids: loaded.append(checks.LoadCheckFromFile(cfg, chk_id)) return loaded else: return checks.LoadChecksFromFiles([cfg])
def setUp(self): super(ProcessHostDataTests, self).setUp() registered = checks.CheckRegistry.checks.keys() if "SW-CHECK" not in registered: checks.LoadChecksFromFiles([os.path.join(CHECKS_DIR, "sw.yaml")]) if "SSHD-CHECK" not in registered: checks.LoadChecksFromFiles([os.path.join(CHECKS_DIR, "sshd.yaml")]) self.netcat = checks.CheckResult( check_id="SW-CHECK", anomaly=[ rdf_anomaly.Anomaly( finding=["netcat-traditional 1.10-40 is installed"], symptom="Found: l337 software installed", type="ANALYSIS_ANOMALY") ]) self.sshd = checks.CheckResult( check_id="SSHD-CHECK", anomaly=[ rdf_anomaly.Anomaly( finding=["Configured protocols: 2,1"], symptom="Found: Sshd allows protocol 1.", type="ANALYSIS_ANOMALY") ]) self.windows = checks.CheckResult( check_id="SW-CHECK", anomaly=[ rdf_anomaly.Anomaly( finding=["Java 6.0.240 is installed"], symptom="Found: Old Java installation.", type="ANALYSIS_ANOMALY"), rdf_anomaly.Anomaly( finding=["Adware 2.1.1 is installed"], symptom="Found: Malicious software.", type="ANALYSIS_ANOMALY") ]) self.data = { "WMIInstalledSoftware": self.SetArtifactData(parsed=GetWMIData()), "DebianPackagesStatus": self.SetArtifactData(parsed=GetDPKGData()), "SshdConfigFile": self.SetArtifactData(parsed=GetSSHDConfig()) }
def setUp(self): super(ProcessHostDataTests, self).setUp() registered = checks.CheckRegistry.checks.keys() if "SW-CHECK" not in registered: checks.LoadChecksFromFiles([os.path.join(CHECKS_DIR, "sw.yaml")]) if "SSHD-CHECK" not in registered: checks.LoadChecksFromFiles([os.path.join(CHECKS_DIR, "sshd.yaml")]) self.netcat = rdfvalue.CheckResult( check_id="SW-CHECK", anomaly=[ anomaly_rdf.Anomaly( finding=["netcat-traditional 1.10-40 is installed"], explanation="Found: l337 software installed", type="ANALYSIS_ANOMALY") ]) self.sshd = rdfvalue.CheckResult( check_id="SSHD-CHECK", anomaly=[ anomaly_rdf.Anomaly( finding=["Configured protocols: 2,1"], explanation="Found: Sshd allows protocol 1.", type="ANALYSIS_ANOMALY") ]) self.windows = rdfvalue.CheckResult( check_id="SW-CHECK", anomaly=[ anomaly_rdf.Anomaly( finding=["Java 6.0.240 is installed"], explanation="Found: Old Java installation.", type="ANALYSIS_ANOMALY"), anomaly_rdf.Anomaly(finding=["Adware 2.1.1 is installed"], explanation="Found: Malicious software.", type="ANALYSIS_ANOMALY") ]) self.host_data = { "WMIInstalledSoftware": WMI_SW, "DebianPackagesStatus": DPKG_SW, "SshdConfigFile": SSHD_CFG }
def LoadCheck(cls, cfg_file, *check_ids): """Loads checks from a file once per Test class. LoadCheck will read a file containing a check configuration and instantiate the checks from it. Specific checks can be selected by providing the check ids that should be loaded from the file. Checks are stored as a class attribute to prevent re-loading as each test method is set up. Args: cfg_file: A path to the file that should be read. *check_ids: A list of check ids that should be loaded from the file. Returns: The loaded check objects. """ if HostCheckTest.loaded_checks is None: HostCheckTest.loaded_checks = {} cfg = os.path.join(config.CONFIG["Test.srcdir"], "grr", "checks", cfg_file) if check_ids: key = "%s:%s" % (cfg, ",".join(check_ids)) if key in HostCheckTest.loaded_checks: return HostCheckTest.loaded_checks[key] loaded = [] for chk_id in check_ids: loaded.append(checks.LoadCheckFromFile(cfg, chk_id)) HostCheckTest.loaded_checks[key] = loaded return loaded else: key = "%s:*" % cfg_file if key in HostCheckTest.loaded_checks: return HostCheckTest.loaded_checks[key] else: result = checks.LoadChecksFromFiles([cfg]) HostCheckTest.loaded_checks[key] = result return result
def LoadCheck(cls, cfg_file, *check_ids): if HostCheckTest.loaded_checks is None: HostCheckTest.loaded_checks = {} cfg = os.path.join(config_lib.CONFIG["Test.srcdir"], "grr", "checks", cfg_file) if check_ids: key = "%s:%s" % (cfg, ",".join(check_ids)) if key in HostCheckTest.loaded_checks: return HostCheckTest.loaded_checks[key] loaded = [] for chk_id in check_ids: loaded.append(checks.LoadCheckFromFile(cfg, chk_id)) HostCheckTest.loaded_checks[key] = loaded return loaded else: key = "%s:*" % cfg_file if key in HostCheckTest.loaded_checks: return HostCheckTest.loaded_checks[key] else: result = checks.LoadChecksFromFiles([cfg]) HostCheckTest.loaded_checks[key] = result return result
def testLoadFromFiles(self): check_defs = [os.path.join(CHECKS_DIR, "sshd.yaml")] checks.LoadChecksFromFiles(check_defs) self.assertTrue(checks.CheckRegistry.checks.get("SSHD-CHECK"))