def setUp(self):
RuleTest.setUp(self)
self.rule = EnableKernelAuditing(self.config, self.environ,
self.logdispatch, self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
def setUp(self):
RuleTest.setUp(self)
self.rule = RestrictAccessToKernelMessageBuffer(
self.config, self.environ, self.logdispatch, self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
def setUp(self):
RuleTest.setUp(self)
self.rule = DisableTouchID(self.config, self.environ, self.logdispatch,
self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
def setUp(self):
RuleTest.setUp(self)
self.rule = BlockSystemAccounts(self.config, self.environ,
self.logdispatch, self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
def setUp(self):
RuleTest.setUp(self)
self.rule = STIGConfigurePasswordPolicy(self.config,
self.environ,
self.logdispatch,
self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
self.passidentifier = "mil.disa.STIG.passwordpolicy.alacarte"
self.secidentifier = "mil.disa.STIG.Security_Privacy.alacarte"
self.applicable = {'type': 'white',
'os': {'Mac OS X': ['10.10.0', 'r', '10.14.10']},
'fisma': 'high'}
if search("10\.10.*", self.environ.getosver()):
self.rule.pwprofile = "/Users/vagrant/stonix/src/stonix_resources/files/" + \
"U_Apple_OS_X_10-10_Workstation_V1R2_STIG_Passcode_Policy.mobileconfig"
self.rule.secprofile = "/Users/vagrant/stonix/src/stonix_resources/files/" + \
"U_Apple_OS_X_10-10_Workstation_V1R2_STIG_Security_Privacy_Policy.mobileconfig"
elif search("10\.11\.*", self.environ.getosver()):
self.rule.pwprofile = "/Users/vagrant/stonix/src/stonix_resources/files/" + \
"U_Apple_OS_X_10-11_V1R1_STIG_Passcode_Policy.mobileconfig"
self.rule.secprofile = "/Users/vagrant/stonix/src/stonix_resources/files/" + \
"U_Apple_OS_X_10-11_V1R1_STIG_Security_and_Privacy_Policy.mobileconfig"
else:
self.rule.pwprofile = "/Users/vagrant/stonix/src/stonix_resources/files/" + \
"U_Apple_macOS_10-12_V1R1_STIG_Passcode_Policy.mobileconfig"
self.rule.secprofile = "/Users/vagrant/stonix/src/stonix_resources/files/" + \
"U_Apple_macOS_10-12_V1R1_STIG_Security_and_Privacy_Policy.mobileconfig"
self.rule.pwci.updatecurrvalue(True)
def setUp(self):
RuleTest.setUp(self)
self.rule = SecureHomeDir(self.config, self.environ, self.logdispatch,
self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
def setUp(self):
RuleTest.setUp(self)
self.rule = NoLegacyPlusAccts(self.config, self.environ,
self.logdispatch, self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
def setUp(self):
''' '''
self.enviro = Environment()
self.enviro.setdebugmode(True)
self.logger = LogDispatcher(self.enviro)
self.commandhelper = CommandHelper(self.logger)
def setUp(self):
RuleTest.setUp(self)
self.rule = AuditNetworkSniffing(self.config, self.environ,
self.logdispatch, self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
def setUp(self):
RuleTest.setUp(self)
self.rule = MinimizeServices(self.config, self.environ,
self.logdispatch, self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
def setUp(self):
RuleTest.setUp(self)
self.rule = ConfigureLinuxFirewall(self.config, self.environ,
self.logdispatch,
self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.logger = self.logdispatch
self.ch = CommandHelper(self.logger)
self.servicehelper = ServiceHelper(self.environ, self.logger)
self.checkUndo = True
self.isfirewalld = False
self.isufw = False
if os.path.exists('/bin/firewall-cmd'):
self.isfirewalld = True
if os.path.exists('/usr/sbin/ufw'):
self.isufw = True
# mostly pertains to RHEL6, Centos6
self.iptables = "/usr/sbin/iptables"
if not os.path.exists(self.iptables):
self.iptables = '/sbin/iptables'
self.ip6tables = "/usr/sbin/ip6tables"
if not os.path.exists(self.ip6tables):
self.ip6tables = '/sbin/ip6tables'
if os.path.exists("/usr/sbin/iptables-restore"):
self.iprestore = "/usr/sbin/iptables-restore"
elif os.path.exists("/sbin/iptables-restore"):
self.iprestore = "/sbin/iptables-restore"
if os.path.exists("/usr/sbin/ip6tables-restore"):
self.ip6restore = "/usr/sbin/ip6tables-restore"
elif os.path.exists("/sbin/ip6tables-restore"):
self.ip6restore = "/sbin/ip6tables-restore"
self.scriptType = ""
def setUp(self):
RuleTest.setUp(self)
self.rule = SymlinkDangerFiles(self.config, self.environ,
self.logdispatch, self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
def setUp(self):
RuleTest.setUp(self)
self.rule = XinetdAccessControl(self.config, self.environ,
self.logdispatch, self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
def setUp(self):
RuleTest.setUp(self)
self.rule = RestrictAdminSSH(self.config, self.environ,
self.logdispatch, self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
def setUp(self):
RuleTest.setUp(self)
self.rule = FilePermissions(self.config, self.environ,
self.logdispatch, self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
def setUp(self):
RuleTest.setUp(self)
self.rule = SecureMTA(self.config, self.environ, self.logdispatch,
self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
if self.environ.operatingsystem == "Mac OS X":
self.isMac = True
else:
self.isMac = False
if not self.isMac:
self.ph = Pkghelper(self.logdispatch, self.environ)
self.origState = [False, False, False, False]
self.smPath = "/etc/mail/sendmail.cf"
self.smTmp = "/tmp/" + os.path.split(self.smPath)[1] + ".utmp"
self.pfPathlist = [
'/etc/postfix/main.cf', '/private/etc/postfix/main.cf',
'/usr/lib/postfix/main.cf'
]
self.pfPath = ""
for path in self.pfPathlist:
if os.path.exists(path):
self.pfPath = path
if self.pfPath == "":
self.pfPath = "/etc/postfix/main.cf"
self.pfTmp = "/tmp/" + os.path.split(self.pfPath)[1] + ".utmp"
def setUp(self):
RuleTest.setUp(self)
self.rule = NoCachedFDEKeys(self.config, self.environ,
self.logdispatch, self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
def setUp(self):
RuleTest.setUp(self)
self.rule = ConsoleRootOnly(self.config, self.environ,
self.logdispatch, self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
def setUp(self):
RuleTest.setUp(self)
self.rule = PreventXListen(self.config, self.environ, self.logdispatch,
self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
def setUp(self):
RuleTest.setUp(self)
self.rule = SetDefaultUserUmask(self.config, self.environ,
self.logdispatch, self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
def setUp(self):
RuleTest.setUp(self)
self.rule = CheckPartitioning(self.config, self.environ,
self.logdispatch, self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
def setUp(self):
RuleTest.setUp(self)
self.rule = PasswordExpiration(self.config, self.environ,
self.logdispatch, self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
def setUp(self):
RuleTest.setUp(self)
self.rule = DisableGuestAccess(self.config, self.environ,
self.logdispatch, self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
self.dc = "/usr/bin/defaults"
def setUp(self):
RuleTest.setUp(self)
self.rule = ConfigureLoginWindow(self.config, self.environ,
self.logdispatch, self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
self.dc = "/usr/bin/defaults"
def setUp(self):
RuleTest.setUp(self)
self.rule = ReqAuthSingleUserMode(self.config, self.environ,
self.logdispatch,
self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
def setUp(self):
RuleTest.setUp(self)
self.rule = SystemIntegrityProtection(self.config, self.environ,
self.logdispatch,
self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
def setUp(self):
RuleTest.setUp(self)
self.rule = VerifySysFilePerms(self.config, self.environ,
self.logdispatch, self.statechglogger)
self.cmdhelper = CommandHelper(self.logdispatch)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
def setUp(self):
RuleTest.setUp(self)
self.rule = EnablePAEandNX(self.config, self.environ, self.logdispatch,
self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.rule.ci.updatecurrvalue(True)
self.ch = CommandHelper(self.logdispatch)
def setUp(self):
RuleTest.setUp(self)
self.rule = ConfigureSystemAuthentication(self.config, self.environ,
self.logdispatch,
self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
def setUp(self):
RuleTest.setUp(self)
self.rule = ConfigureNetworkTime(self.config, self.environ,
self.logdispatch, self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.ch = CommandHelper(self.logdispatch)
self.ss = "/usr/sbin/systemsetup"
