Python PreconfigureFIPSTask 예제들

예제 #1

    def test_preconfigure_fips_task_error(self):
        """Test the PreconfigureFIPSTask task with a wrong policy."""
        task = PreconfigureFIPSTask(
            sysroot="/mnt/sysroot",
            payload_type=PAYLOAD_TYPE_DNF,
            fips_enabled=True,
        )

        with pytest.raises(SecurityInstallationError) as cm:
            task.run()

        msg = "FIPS is not correctly set up in the installation environment."
        assert str(cm.value) == msg

예제 #2

    def test_preconfigure_fips_task_payload(self):
        """Test the PreconfigureFIPSTask task with a wrong payload."""
        task = PreconfigureFIPSTask(
            sysroot="/mnt/sysroot",
            payload_type=PAYLOAD_TYPE_RPM_OSTREE,
            fips_enabled=True,
        )

        with self.assertLogs(level="DEBUG") as cm:
            task.run()

        msg = "Don't set up FIPS for the RPM_OSTREE payload."
        assert any(map(lambda x: msg in x, cm.output))

예제 #3

    def test_preconfigure_fips_task_disabled(self):
        """Test the PreconfigureFIPSTask task with disabled FIPS."""
        task = PreconfigureFIPSTask(
            sysroot="/mnt/sysroot",
            payload_type=PAYLOAD_TYPE_DNF,
            fips_enabled=False,
        )

        with self.assertLogs(level="DEBUG") as cm:
            task.run()

        msg = "FIPS is not enabled. Skipping."
        assert any(map(lambda x: msg in x, cm.output))

예제 #4

    def preconfigure_fips_task_error_test(self):
        """Test the PreconfigureFIPSTask task with a wrong policy."""
        task = PreconfigureFIPSTask(
            sysroot="/mnt/sysroot",
            payload_type=PAYLOAD_TYPE_DNF,
            fips_enabled=True,
        )

        with self.assertRaises(SecurityInstallationError) as cm:
            task.run()

        msg = "FIPS is not correctly set up in the installation environment."
        self.assertEqual(str(cm.exception), msg)

예제 #5

    def preconfigure_fips_with_task(self, payload_type):
        """Set up FIPS for the payload installation with a task.

        :param payload_type: a string with the payload type
        :return: an installation task
        """
        return PreconfigureFIPSTask(sysroot=conf.target.system_root,
                                    payload_type=payload_type,
                                    fips_enabled=self.fips_enabled)

예제 #6

파일: test_module_security.py 프로젝트: VladimirSlavik/anaconda

    def test_preconfigure_fips_task(self, mock_mkdir, mock_shutil):
        """Test the PreconfigureFIPSTask task."""
        task = PreconfigureFIPSTask(
            sysroot="/mnt/sysroot",
            payload_type=PAYLOAD_TYPE_DNF,
            fips_enabled=True,
        )

        # Skip the checks.
        task._check_fips = lambda *args, **kwargs: True
        task.run()

        mock_mkdir.assert_called_once_with("/mnt/sysroot/etc/crypto-policies/")
        mock_shutil.copyfile.assert_called_once_with(
            "/etc/crypto-policies/config",
            "/mnt/sysroot/etc/crypto-policies/config")
        mock_shutil.copytree.assert_called_once_with(
            "/etc/crypto-policies/back-ends/",
            "/mnt/sysroot/etc/crypto-policies/back-ends/",
            symlinks=True)