def setUp(self): self.binary = os.path.join(test_base.ARGS.build, "osquery", "osqueryi") ext = "dylib" if sys.platform == "darwin" else "so" self.modules_loader = test_base.Autoloader( [test_base.ARGS.build + "/osquery/libmodexample.%s" % ext]) self.osqueryi = test_base.OsqueryWrapper(self.binary, {"modules_autoload": self.modules_loader.path})
def test_4_module_prevent_initialize(self): '''Test a failed module initialize (we interrupt the registry call). ''' self.osqueryi = test_base.OsqueryWrapper(self.binary, {"modules_autoload": self.modules_loader.path}, {"TESTFAIL2": "1"}) # The environment variable should have prevented the module load. self.assertRaises(test_base.OsqueryException, self.osqueryi.run_query, 'SELECT * from example;')
def setUp(self): self.binary = test_base.getLatestOsqueryBinary('osqueryi') self.osqueryi = test_base.OsqueryWrapper(command=self.binary) self.client = None self.container = None try: self.client = docker.from_env() self.container = self.client.containers.run( "ubuntu:18.04", command="tail -f /dev/null", detach=True) self.container.exec_run("touch xxx") except exceptions as e: print(f"Failed in creating test container: {e}")
def test_foreign_tables(self): '''Requires the --enable_foreign flag to add at least one table.''' self.osqueryi.run_command(' ') query = 'SELECT count(1) c FROM osquery_registry;' result = self.osqueryi.run_query(query) before = int(result[0]['c']) osqueryi2 = test_base.OsqueryWrapper(self.binary, args={"enable_foreign": True}) osqueryi2.run_command(' ') result = osqueryi2.run_query(query) after = int(result[0]['c']) self.assertGreater(after, before)
def test_3_module_prevent_create(self): '''Test a failed module create (we interrupt the static construction). This test uses a special environment variable checked in the example module built as part of the default SDK build. ''' self.osqueryi = test_base.OsqueryWrapper(self.binary, {"modules_autoload": self.modules_loader.path}, {"TESTFAIL1": "1"}) result = self.osqueryi.run_query( 'SELECT * from time;') # Make sure the environment variable did not introduce any unexpected # crashes with the unit or integration tests. self.assertEqual(len(result), 1) # The environment variable should have prevented the module load. self.assertRaises(test_base.OsqueryException, self.osqueryi.run_query, 'SELECT * from example;')
def setUp(self): self.binary = test_base.getLatestOsqueryBinary('osqueryi') self.osqueryi = test_base.OsqueryWrapper(command=self.binary) self.dbpath = "%s%s" % (test_base.CONFIG["options"]["database_path"], str(random.randint(1000, 9999)))
def test_atc(self): local_osquery_instance = test_base.OsqueryWrapper( self.binary, args={"config_path": "test.config"}) result = local_osquery_instance.run_query( 'SELECT a_number FROM test_atc') self.assertEqual(result, [{'a_number': '314159'}])
def test_config_bad_json(self): self.osqueryi = test_base.OsqueryWrapper(self.binary, args={"config_path": "/"}) result = self.osqueryi.run_query('SELECT * FROM time;') self.assertEqual(len(result), 1)
def setUp(self): self.binary = test_base.getLatestOsqueryBinary('osqueryi') self.osqueryi = test_base.OsqueryWrapper(command=self.binary)
def setUp(self): self.binary = os.path.join(test_base.ARGS.build, "osquery", "osqueryi") self.osqueryi = test_base.OsqueryWrapper(self.binary) self.dbpath = "%s%s" % (test_base.CONFIG["options"]["database_path"], str(random.randint(1000, 9999)))
def setUp(self): binary = os.path.join(test_base.ARGS.build, "osquery", "osqueryi") self.osqueryi = test_base.OsqueryWrapper(binary)