def RunXinetdCheck(self, chk_id, svc, disabled, sym, found, xinetd=False, should_detect=True): host_data = self.SetKnowledgeBase() cfgs = linux_service_parser_test.GenXinetd(svc, disabled) stats, files = linux_service_parser_test.GenTestData( cfgs, cfgs.values()) data = list(self.parser(stats, files, None)) # create entries on whether xinetd itself is setup to start or not if xinetd: cfgs = linux_service_parser_test.GenInit( "xinetd", "the extended Internet services daemon") stats, files = linux_service_parser_test.GenTestData( cfgs, cfgs.values()) lsb_parser = linux_service_parser.LinuxLSBInitParser() data.extend(list(lsb_parser.ParseMultiple(stats, files, None))) host_data["LinuxServices"] = self.SetArtifactData(parsed=data) results = self.RunChecks(host_data) if should_detect: self.assertCheckDetectedAnom(chk_id, results, sym, found) else: self.assertCheckUndetected(chk_id, results)
def testSkipBadLSBInit(self): """Bad Init entries fail gracefully.""" empty = "" snippet = r"""# Provides: sshd""" unfinished = """ ### BEGIN INIT INFO what are you thinking? """ paths = ["/tmp/empty", "/tmp/snippet", "/tmp/unfinished"] vals = [empty, snippet, unfinished] stats, files = GenTestData(paths, vals) parser = linux_service_parser.LinuxLSBInitParser() results = list(parser.ParseMultiple(stats, files, None)) self.assertFalse(results)
def testParseLSBInit(self): """Init entries return accurate LinuxServiceInformation values.""" configs = GenInit("sshd", "OpenBSD Secure Shell server") stats, files = GenTestData(configs, configs.values()) parser = linux_service_parser.LinuxLSBInitParser() results = list(parser.ParseMultiple(stats, files, None)) self.assertIsInstance(results[0], rdf_client.LinuxServiceInformation) result = results[0] self.assertEqual("sshd", result.name) self.assertEqual("OpenBSD Secure Shell server", result.description) self.assertEqual("INIT", result.start_mode) self.assertItemsEqual([2, 3, 4, 5], result.start_on) self.assertItemsEqual([1], result.stop_on) self.assertItemsEqual(["umountfs", "umountnfs", "sendsigs", "rsyslog", "sysklogd", "syslog-ng", "dsyslog", "inetutils-syslogd"], result.start_after) self.assertItemsEqual(["rsyslog", "sysklogd", "syslog-ng", "dsyslog", "inetutils-syslogd"], result.stop_after)
def testParseLSBInit(self): """Init entries return accurate LinuxServiceInformation values.""" sshd_init = r""" ### BEGIN INIT INFO # Provides: sshd # Required-Start: $remote_fs $syslog # Required-Stop: $syslog # Default-Start: 2 3 4 5 # Default-Stop: 1 # Short-Description: OpenBSD Secure Shell server ### END INIT INFO""" insserv_conf = r""" $local_fs +umountfs $network +networking $remote_fs $local_fs +umountnfs +sendsigs $syslog +rsyslog +sysklogd +syslog-ng +dsyslog +inetutils-syslogd""" paths = ["/etc/init.d/sshd", "/etc/insserv.conf"] vals = [sshd_init, insserv_conf] stats, files = GenTestData(paths, vals) parser = linux_service_parser.LinuxLSBInitParser() results = list(parser.ParseMultiple(stats, files, None)) self.assertIsInstance(results[0], rdfvalue.LinuxServiceInformation) result = results[0] self.assertEqual("sshd", result.name) self.assertEqual("OpenBSD Secure Shell server", result.description) self.assertEqual("INIT", result.start_mode) self.assertItemsEqual([2, 3, 4, 5], result.start_on) self.assertItemsEqual([1], result.stop_on) self.assertItemsEqual([ "umountfs", "umountnfs", "sendsigs", "rsyslog", "sysklogd", "syslog-ng", "dsyslog", "inetutils-syslogd" ], result.start_after) self.assertItemsEqual([ "rsyslog", "sysklogd", "syslog-ng", "dsyslog", "inetutils-syslogd" ], result.stop_after)