def RunXinetdCheck(self,
chk_id,
svc,
disabled,
sym,
found,
xinetd=False,
should_detect=True):
host_data = self.SetKnowledgeBase()
cfgs = linux_service_parser_test.GenXinetd(svc, disabled)
stats, files = linux_service_parser_test.GenTestData(
cfgs, cfgs.values())
data = list(self.parser(stats, files, None))
# create entries on whether xinetd itself is setup to start or not
if xinetd:
cfgs = linux_service_parser_test.GenInit(
"xinetd", "the extended Internet services daemon")
stats, files = linux_service_parser_test.GenTestData(
cfgs, cfgs.values())
lsb_parser = linux_service_parser.LinuxLSBInitParser()
data.extend(list(lsb_parser.ParseMultiple(stats, files, None)))
host_data["LinuxServices"] = self.SetArtifactData(parsed=data)
results = self.RunChecks(host_data)
if should_detect:
self.assertCheckDetectedAnom(chk_id, results, sym, found)
else:
self.assertCheckUndetected(chk_id, results)
def testSkipBadLSBInit(self):
"""Bad Init entries fail gracefully."""
empty = ""
snippet = r"""# Provides: sshd"""
unfinished = """
### BEGIN INIT INFO
what are you thinking?
"""
paths = ["/tmp/empty", "/tmp/snippet", "/tmp/unfinished"]
vals = [empty, snippet, unfinished]
stats, files = GenTestData(paths, vals)
parser = linux_service_parser.LinuxLSBInitParser()
results = list(parser.ParseMultiple(stats, files, None))
self.assertFalse(results)
def testParseLSBInit(self):
"""Init entries return accurate LinuxServiceInformation values."""
configs = GenInit("sshd", "OpenBSD Secure Shell server")
stats, files = GenTestData(configs, configs.values())
parser = linux_service_parser.LinuxLSBInitParser()
results = list(parser.ParseMultiple(stats, files, None))
self.assertIsInstance(results[0], rdf_client.LinuxServiceInformation)
result = results[0]
self.assertEqual("sshd", result.name)
self.assertEqual("OpenBSD Secure Shell server", result.description)
self.assertEqual("INIT", result.start_mode)
self.assertItemsEqual([2, 3, 4, 5], result.start_on)
self.assertItemsEqual([1], result.stop_on)
self.assertItemsEqual(["umountfs", "umountnfs", "sendsigs", "rsyslog",
"sysklogd", "syslog-ng", "dsyslog",
"inetutils-syslogd"], result.start_after)
self.assertItemsEqual(["rsyslog", "sysklogd", "syslog-ng", "dsyslog",
"inetutils-syslogd"], result.stop_after)
def testParseLSBInit(self):
"""Init entries return accurate LinuxServiceInformation values."""
sshd_init = r"""
### BEGIN INIT INFO
# Provides: sshd
# Required-Start: $remote_fs $syslog
# Required-Stop: $syslog
# Default-Start: 2 3 4 5
# Default-Stop: 1
# Short-Description: OpenBSD Secure Shell server
### END INIT INFO"""
insserv_conf = r"""
$local_fs +umountfs
$network +networking
$remote_fs $local_fs +umountnfs +sendsigs
$syslog +rsyslog +sysklogd +syslog-ng +dsyslog +inetutils-syslogd"""
paths = ["/etc/init.d/sshd", "/etc/insserv.conf"]
vals = [sshd_init, insserv_conf]
stats, files = GenTestData(paths, vals)
parser = linux_service_parser.LinuxLSBInitParser()
results = list(parser.ParseMultiple(stats, files, None))
self.assertIsInstance(results[0], rdfvalue.LinuxServiceInformation)
result = results[0]
self.assertEqual("sshd", result.name)
self.assertEqual("OpenBSD Secure Shell server", result.description)
self.assertEqual("INIT", result.start_mode)
self.assertItemsEqual([2, 3, 4, 5], result.start_on)
self.assertItemsEqual([1], result.stop_on)
self.assertItemsEqual([
"umountfs", "umountnfs", "sendsigs", "rsyslog", "sysklogd",
"syslog-ng", "dsyslog", "inetutils-syslogd"
], result.start_after)
self.assertItemsEqual([
"rsyslog", "sysklogd", "syslog-ng", "dsyslog", "inetutils-syslogd"
], result.stop_after)
