class RuleTest(unittest.TestCase): def setUp(self): ''' Setup what we need for the test. @author: ekkehard j. koch @param self:essential if you override this definition ''' self.environ = Environment() self.environ.setverbosemode(True) self.environ.setdebugmode(True) self.config = Configuration(self.environ) self.logdispatch = LogDispatcher(self.environ) self.statechglogger = StateChgLogger(self.logdispatch, self.environ) self.rule = None self.rulename = "" self.rulenumber = "" self.checkUndo = False self.ignoreresults = False ############################################################################### def tearDown(self): ''' Release anything we no longer need what we need for the test. @author: ekkehard j. koch @param self:essential if you override this definition ''' pass ############################################################################### def simpleRuleTest(self): ''' Run a simple Report, Fix, Report Cycle @author: ekkehard j. koch @param self:essential if you override this definition ''' nextstep = True prefixHeadline = "################################################### " prefixRuleInfo = self.rulename + "(" + str(self.rulenumber) + "): " messagestring = "" # Make Rule Is supposed to run in this environment if nextstep: messagestring = "Make sure Rule Is supposed to run in this " + \ "environment" self.logdispatch.log(LogPriority.DEBUG, prefixHeadline + prefixRuleInfo + messagestring) isapplicable = self.rule.isapplicable() messagestring = "rule.isapplicable() = " + str(isapplicable) self.logdispatch.log(LogPriority.DEBUG, prefixRuleInfo + messagestring) valueIsInList = isapplicable in [True, False] messagestring = "Invalid isapplicable Type!" self.assertTrue(valueIsInList, prefixRuleInfo + messagestring) messagestring = "rule.isapplicable() = " + str(isapplicable) + \ " and should be True." self.assertTrue(isapplicable, prefixRuleInfo + messagestring) nextstep = isapplicable # Check to see if we are running in the right context if nextstep: messagestring = "Check to see if we are running in the " + \ "right context" self.logdispatch.log(LogPriority.DEBUG, prefixHeadline + prefixRuleInfo + messagestring) effectiveUserID = self.environ.geteuid() messagestring = "environ.geteuid() = " + str(effectiveUserID) self.logdispatch.log(LogPriority.DEBUG, prefixRuleInfo + messagestring) isRootRequired = self.rule.getisrootrequired() messagestring = "rule.getisrootrequired() = " + str(isRootRequired) self.logdispatch.log(LogPriority.DEBUG, prefixRuleInfo + messagestring) if effectiveUserID == 0 and isRootRequired: nextstep = True elif not isRootRequired: nextstep = True else: nextstep = False messagestring = "Rule requires root and effective uid ='" + \ str(effectiveUserID) + "'" self.assertTrue(nextstep, prefixRuleInfo + messagestring) # Run setConditionsForRule to configure system for test if nextstep: messagestring = "Run setConditionsForRule to configure " + \ "system for test" self.logdispatch.log(LogPriority.DEBUG, prefixHeadline + prefixRuleInfo + messagestring) setTestConditions = self.setConditionsForRule() self.logdispatch.log(LogPriority.DEBUG, "setConditionsForRule()" + " = " + str(setTestConditions)) if setTestConditions: nextstep = True else: nextstep = False messagestring = "setConditionsForRule() = " + \ str(setTestConditions) + "." self.assertTrue(setTestConditions, prefixRuleInfo + messagestring) # Run rule.report() if nextstep: messagestring = "Run rule.report()" self.logdispatch.log(LogPriority.DEBUG, prefixHeadline + prefixRuleInfo + messagestring) report = self.rule.report() self.logdispatch.log(LogPriority.DEBUG, "rule.report() = " + str(report)) rulesuccess = self.rule.getrulesuccess() originalResults = self.rule.getdetailedresults() self.logdispatch.log(LogPriority.DEBUG, "rule.getrulesuccess() = " + str(rulesuccess)) valueIsInList = rulesuccess in [True, False] messagestring = "Invalid rule.getrulesuccess() Value'" + \ str(rulesuccess) + "'!" self.assertTrue(valueIsInList, prefixRuleInfo + messagestring) if not rulesuccess: nextstep = False messagestring = ": rule.getrulesuccess() is '" + \ str(rulesuccess) + "'" self.assertTrue(rulesuccess, prefixRuleInfo + messagestring) rulecompliance = self.rule.iscompliant() self.logdispatch.log(LogPriority.DEBUG, "rule.iscompliant() = " + str(rulecompliance)) valueIsInList = rulecompliance in [True, False] messagestring = "Invalid rule.iscompliant() Value'" + \ str(rulecompliance) + "'!" self.assertTrue(valueIsInList, prefixRuleInfo + messagestring) # Run checkReportForRule() messagestring = "Run checkReportForRule(" + str(rulecompliance) + \ ", " + str(rulesuccess) + ")" self.logdispatch.log(LogPriority.DEBUG, prefixHeadline + prefixRuleInfo + messagestring) checkReportConditions = self.checkReportForRule(rulecompliance, rulesuccess) self.logdispatch.log(LogPriority.DEBUG, "checkReportForRule() = " + str(checkReportConditions)) if checkReportConditions and not rulecompliance: nextstep = True else: nextstep = False messagestring = ": Rule checkReportForRule() = " + \ str(checkReportConditions) + "." self.assertTrue(checkReportConditions, self.rulename + "(" + str(self.rulenumber) + "): Rule checkReportForRule() = " + str(checkReportConditions) + ".") # Run rule.fix() if nextstep: messagestring = "Run rule.fix()" self.logdispatch.log(LogPriority.DEBUG, prefixHeadline + prefixRuleInfo + messagestring) fix = self.rule.fix() self.logdispatch.log(LogPriority.DEBUG, "rule.fix() = " + str(fix)) rulesuccess = self.rule.getrulesuccess() self.logdispatch.log(LogPriority.DEBUG, "rule.getrulesuccess() = " + str(rulesuccess)) valueIsInList = rulesuccess in [True, False] messagestring = "Invalid rule.rulesuccess() Value'" + \ str(rulesuccess) + "'!" self.assertTrue(valueIsInList, prefixRuleInfo + messagestring) messagestring = "rule.getrulesuccess() = '" + \ str(rulesuccess) + "'" self.assertTrue(rulesuccess, prefixRuleInfo + messagestring) # Run checkFixForRule() messagestring = "Run checkFixForRule(" + str(rulesuccess) + ")" self.logdispatch.log(LogPriority.DEBUG, prefixHeadline + prefixRuleInfo + messagestring) checkFixConditions = self.checkFixForRule(rulesuccess) self.logdispatch.log(LogPriority.DEBUG, "checkFixForRule(" + str(rulesuccess) + ")" + " = " + str(checkFixConditions)) if checkFixConditions and rulesuccess: nextstep = True else: nextstep = False messagestring = "Rule checkFixForRule() = " + \ str(checkFixConditions) + "." self.assertTrue(nextstep, prefixRuleInfo + messagestring) # Run rule.report() if nextstep: messagestring = "Run rule.report()" self.logdispatch.log(LogPriority.DEBUG, prefixHeadline + prefixRuleInfo + messagestring) report = self.rule.report() self.logdispatch.log(LogPriority.DEBUG, "rule.report() = " + str(report)) rulesuccess = self.rule.getrulesuccess() self.logdispatch.log(LogPriority.DEBUG, "rule.getrulesuccess() = " + str(rulesuccess)) valueIsInList = rulesuccess in [True, False] messagestring = "Invalid rule.getrulesuccess() Value'" + \ str(rulesuccess) + "'!" self.assertTrue(valueIsInList, prefixRuleInfo + messagestring) if not rulesuccess: nextstep = False self.assertTrue(rulesuccess, self.rulename + "(" + str(self.rulenumber) + "): rule.getrulesuccess() is '" + str(rulesuccess) + "' with reported error '" + str(self.rule.getdetailedresults()) + "'") rulecompliance = self.rule.iscompliant() self.logdispatch.log(LogPriority.DEBUG, "rule.iscompliant() = " + str(rulecompliance)) valueIsInList = rulecompliance in [True, False] messagestring = "Invalid rule.iscompliant() Value'" + \ str(rulecompliance) + "'!" self.assertTrue(valueIsInList, prefixRuleInfo + messagestring) messagestring = "rule.iscompliant() is '" + \ str(rulecompliance) + "' after rule.fix() and " + \ "rule.report() have run." if not self.ignoreresults: self.assertTrue(rulecompliance, prefixRuleInfo + messagestring) # Run checkReportFinalForRule() messagestring = "Run checkReportFinalForRule(" + \ str(rulecompliance) + ", " + str(rulesuccess) + ")" self.logdispatch.log(LogPriority.DEBUG, prefixHeadline + prefixRuleInfo + messagestring) checkReportFinalConditions = self.checkReportFinalForRule(rulecompliance, rulesuccess) self.logdispatch.log(LogPriority.DEBUG, "checkReportFinalForRule() = " + str(checkReportFinalConditions)) if checkReportFinalConditions and rulecompliance: nextstep = True else: nextstep = False self.assertTrue(checkReportFinalConditions, self.rulename + "(" + str(self.rulenumber) + "): Rule checkReportFinalForRule() = " + str(checkReportFinalConditions) + ".") # Run rule.undo() if nextstep and self.checkUndo: messagestring = "Run rule.undo()" self.logdispatch.log(LogPriority.DEBUG, prefixHeadline + prefixRuleInfo + messagestring) undo = self.rule.undo() self.logdispatch.log(LogPriority.DEBUG, "rule.undo() = " + str(undo)) self.rule.report() postUndoResults = self.rule.getdetailedresults() # In order to get detailed, well-formatted error information, this # has been turned into a short procedure to produce the most # helpful information, rather than simply using the assert # statement if originalResults != postUndoResults: orlines = originalResults.splitlines() pulines = postUndoResults.splitlines() orlinestmp = orlines[:] # [:] to copy by value r/t reference for line in orlinestmp: if line in pulines: orlines.remove(line) pulines.remove(line) error = "After undo, the report results were not the same " + \ "as the initial pre-fix report." if orlines: error += "\nOnly in original:\n" + "\n".join(orlines) if pulines: error += "\nOnly in post-undo:\n" + "\n".join(pulines) self.assertTrue(False, error) # Run checkUndoForRule() messagestring = "Run checkUndoForRule(" + str(rulesuccess) + ")" self.logdispatch.log(LogPriority.DEBUG, prefixHeadline + prefixRuleInfo + messagestring) checkUndoConditions = self.checkUndoForRule(rulesuccess) self.logdispatch.log(LogPriority.DEBUG, "checkUndoForRule()" + " = " + str(checkUndoConditions)) if checkUndoConditions and not rulecompliance: nextstep = True else: nextstep = False self.assertTrue(checkUndoConditions, self.rulename + "(" + str(self.rulenumber) + "): Rule checkUndoForRule() = " + str(checkUndoConditions) + ".") return nextstep ############################################################################### def setConditionsForRule(self): return True ############################################################################### def checkReportForRule(self, pCompliance, pRuleSuccess): self.logdispatch.log(LogPriority.DEBUG, "pCompliance = " + str(pCompliance) + ".") self.logdispatch.log(LogPriority.DEBUG, "pRuleSuccess = " + str(pRuleSuccess) + ".") return True ############################################################################### def checkFixForRule(self, pRuleSuccess): self.logdispatch.log(LogPriority.DEBUG, "pRuleSuccess = " + str(pRuleSuccess) + ".") return True ############################################################################### def checkReportFinalForRule(self, pCompliance, pRuleSuccess): self.logdispatch.log(LogPriority.DEBUG, "pCompliance = " + str(pCompliance) + ".") self.logdispatch.log(LogPriority.DEBUG, "pRuleSuccess = " + str(pRuleSuccess) + ".") return True ############################################################################### def checkUndoForRule(self, pRuleSuccess): self.logdispatch.log(LogPriority.DEBUG, "pRuleSuccess = " + str(pRuleSuccess) + ".") return True ############################################################################### def setCheckUndo(self, checkUndo): self.checkUndo = checkUndo ############################################################################### def getCheckUndo(self): return self.checkUndo ############################################################################### def runDestructive(self): return os.path.exists("/etc/stonix-destructive")
class RuleTest(unittest.TestCase): ############################################################################### def setUp(self): ''' Setup what we need for the test. @author: ekkehard j. koch @param self:essential if you override this definition ''' self.environ = Environment() self.environ.setverbosemode(True) self.environ.setdebugmode(True) self.config = Configuration(self.environ) self.logdispatch = LogDispatcher(self.environ) self.statechglogger = StateChgLogger(self.logdispatch, self.environ) self.rule = None self.rulename = "" self.rulenumber = "" ############################################################################### def tearDown(self): ''' Release anything we no longer need what we need for the test. @author: ekkehard j. koch @param self:essential if you override this definition ''' pass ############################################################################### def simpleRuleTest(self): ''' Run a simple Report, Fix, Report Cycle @author: ekkehard j. koch @param self:essential if you override this definition ''' nextstep = True prefixHeadline = "################################################### " prefixRuleInfo = self.rulename + "(" + str(self.rulenumber) + "): " messagestring = "" # Make Rule Is supposed to run in this environment if nextstep: messagestring = "Make sure Rule Is supposed to run in this " + \ "environment" self.logdispatch.log(LogPriority.DEBUG, prefixHeadline + \ prefixRuleInfo + messagestring) isapplicable = self.rule.isapplicable() messagestring = "rule.isapplicable() = " + str(isapplicable) self.logdispatch.log(LogPriority.DEBUG, prefixRuleInfo + \ messagestring) valueIsInList = isapplicable in [True, False] messagestring = "Invalid isapplicable Type!" self.assertTrue(valueIsInList, prefixRuleInfo + \ messagestring) messagestring = "rule.isapplicable() = " + str(isapplicable) + \ " and should be True." self.assertTrue(isapplicable, prefixRuleInfo + \ messagestring) nextstep = isapplicable # Check to see if we are running in the right context if nextstep: messagestring = "Check to see if we are running in the " + \ "right context" self.logdispatch.log(LogPriority.DEBUG, prefixHeadline + \ prefixRuleInfo + messagestring) effectiveUserID = self.environ.geteuid() messagestring = "environ.geteuid() = " + str(effectiveUserID) self.logdispatch.log(LogPriority.DEBUG, prefixRuleInfo + \ messagestring) isRootRequired = self.rule.getisrootrequired() messagestring = "rule.getisrootrequired() = " + str(isRootRequired) self.logdispatch.log(LogPriority.DEBUG, prefixRuleInfo + \ messagestring) if effectiveUserID == 0 and isRootRequired: nextstep = True elif not isRootRequired: nextstep = True else: nextstep = False messagestring = "Rule requires root and effective uid ='" + \ str(effectiveUserID) + "'" self.assertTrue(nextstep, prefixRuleInfo + \ messagestring) # Run setConditionsForRule to configure system for test if nextstep: messagestring = "Run setConditionsForRule to configure " + \ "system for test" self.logdispatch.log(LogPriority.DEBUG, prefixHeadline + \ prefixRuleInfo + messagestring) setTestConditions = self.setConditionsForRule() self.logdispatch.log(LogPriority.DEBUG, "setConditionsForRule()" + \ " = " + \ str(setTestConditions)) if setTestConditions: nextstep = True else: nextstep = False messagestring = "setConditionsForRule() = " + \ str(setTestConditions) + "." self.assertTrue(setTestConditions, prefixRuleInfo + \ messagestring) # Run rule.report() if nextstep: messagestring = "Run rule.report()" self.logdispatch.log(LogPriority.DEBUG, prefixHeadline + \ prefixRuleInfo + messagestring) report = self.rule.report() self.logdispatch.log(LogPriority.DEBUG, "rule.report() = " + \ str(report)) rulesuccess = self.rule.getrulesuccess() self.logdispatch.log(LogPriority.DEBUG, "rule.getrulesuccess() = " + \ str(rulesuccess)) valueIsInList = rulesuccess in [True, False] messagestring = "Invalid rule.getrulesuccess() Value'" + \ str(rulesuccess) + "'!" self.assertTrue(valueIsInList, prefixRuleInfo + messagestring) if not rulesuccess: nextstep = False messagestring = ": rule.getrulesuccess() is '" + \ str(rulesuccess) + "'" self.assertTrue(rulesuccess, prefixRuleInfo + messagestring) rulecompliance = self.rule.iscompliant() self.logdispatch.log(LogPriority.DEBUG, "rule.iscompliant() = " + \ str(rulecompliance)) valueIsInList = rulecompliance in [True, False] messagestring = "Invalid rule.iscompliant() Value'" + \ str(rulecompliance) + "'!" self.assertTrue(valueIsInList, prefixRuleInfo + messagestring) # Run checkReportForRule() messagestring = "Run checkReportForRule(" + str(rulecompliance) + \ ", " + str(rulesuccess) + ")" self.logdispatch.log(LogPriority.DEBUG, prefixHeadline + \ prefixRuleInfo + messagestring) checkReportConditions = self.checkReportForRule( rulecompliance, rulesuccess) self.logdispatch.log(LogPriority.DEBUG, "checkReportForRule()" + \ " = " + \ str(checkReportConditions)) if checkReportConditions and not rulecompliance: nextstep = True else: nextstep = False messagestring = ": Rule checkReportForRule() = " + \ str(checkReportConditions) + "." self.assertTrue(checkReportConditions, prefixRuleInfo + \ messagestring) self.assertTrue(checkReportConditions, self.rulename + "(" + str(self.rulenumber) + ")" + ": Rule " + \ "checkReportForRule() = " + \ str(checkReportConditions) + ".") # Run rule.fix() if nextstep: messagestring = "Run rule.fix()" self.logdispatch.log(LogPriority.DEBUG, prefixHeadline + \ prefixRuleInfo + messagestring) fix = self.rule.fix() self.logdispatch.log(LogPriority.DEBUG, "rule.fix() = " + \ str(fix)) rulesuccess = self.rule.getrulesuccess() self.logdispatch.log(LogPriority.DEBUG, "rule.getrulesuccess() = " + \ str(rulesuccess)) valueIsInList = rulesuccess in [True, False] messagestring = "Invalid rule.rulesuccess() Value'" + \ str(rulesuccess) + "'!" self.assertTrue(valueIsInList, prefixRuleInfo + messagestring) messagestring = "rule.getrulesuccess() = '" + \ str(rulesuccess) + "'" self.assertTrue(rulesuccess, prefixRuleInfo + messagestring) # Run checkFixForRule() messagestring = "Run checkFixForRule(" + str(rulesuccess) + ")" self.logdispatch.log(LogPriority.DEBUG, prefixHeadline + \ prefixRuleInfo + messagestring) checkFixConditions = self.checkFixForRule(rulesuccess) self.logdispatch.log(LogPriority.DEBUG, "checkFixForRule(" + str(rulesuccess) + \ ")" + " = " + \ str(checkFixConditions)) if checkFixConditions and rulesuccess: nextstep = True else: nextstep = False messagestring = "Rule checkFixForRule() = " + \ str(checkFixConditions) + "." self.assertTrue(nextstep, prefixRuleInfo + messagestring) # Run rule.report() if nextstep: messagestring = "Run rule.report()" self.logdispatch.log(LogPriority.DEBUG, prefixHeadline + \ prefixRuleInfo + messagestring) report = self.rule.report() self.logdispatch.log(LogPriority.DEBUG, "rule.report() = " + \ str(report)) rulesuccess = self.rule.getrulesuccess() self.logdispatch.log(LogPriority.DEBUG, "rule.getrulesuccess() = " + \ str(rulesuccess)) valueIsInList = rulesuccess in [True, False] messagestring = "Invalid rule.getrulesuccess() Value'" + \ str(rulesuccess) + "'!" self.assertTrue(valueIsInList, prefixRuleInfo + messagestring) if not rulesuccess: nextstep = False self.assertTrue(rulesuccess, self.rulename + "(" + str(self.rulenumber) + ")" + ": rule.getrulesuccess() is '" + \ str(rulesuccess) + "' with reported error '" + \ str(self.rule.getdetailedresults())) rulecompliance = self.rule.iscompliant() self.logdispatch.log(LogPriority.DEBUG, "rule.iscompliant() = " + \ str(rulecompliance)) valueIsInList = rulecompliance in [True, False] messagestring = "Invalid rule.iscompliant() Value'" + \ str(rulecompliance) + "'!" self.assertTrue(valueIsInList, prefixRuleInfo + messagestring) messagestring = "rule.iscompliant() is '" + \ str(rulecompliance) + "' after rule.fix() and rule.report() " + \ "have run." self.assertTrue(rulecompliance, prefixRuleInfo + messagestring) if rulecompliance: nextstep = False return nextstep ############################################################################### def setConditionsForRule(self): return True ############################################################################### def checkReportForRule(self, pCompliance, pRuleSuccess): self.logdispatch.log(LogPriority.DEBUG, "pCompliance = " + \ str(pCompliance) + ".") self.logdispatch.log(LogPriority.DEBUG, "pRuleSuccess = " + \ str(pRuleSuccess) + ".") return True ############################################################################### def checkFixForRule(self, pRuleSuccess): self.logdispatch.log(LogPriority.DEBUG, "pRuleSuccess = " + \ str(pRuleSuccess) + ".") return True ############################################################################### def checkUndoForRule(self, pRuleSuccess): self.logdispatch.log(LogPriority.DEBUG, "pRuleSuccess = " + \ str(pRuleSuccess) + ".") return True
class RuleTest(unittest.TestCase): ############################################################################### def setUp(self): ''' Setup what we need for the test. @author: ekkehard j. koch @param self:essential if you override this definition ''' self.environ = Environment() self.environ.setverbosemode(True) self.environ.setdebugmode(True) self.config = Configuration(self.environ) self.logdispatch = LogDispatcher(self.environ) self.statechglogger = StateChgLogger(self.logdispatch, self.environ) self.rule = None self.rulename = "" self.rulenumber = "" ############################################################################### def tearDown(self): ''' Release anything we no longer need what we need for the test. @author: ekkehard j. koch @param self:essential if you override this definition ''' pass ############################################################################### def simpleRuleTest(self): ''' Run a simple Report, Fix, Report Cycle @author: ekkehard j. koch @param self:essential if you override this definition ''' nextstep = True prefixHeadline = "################################################### " prefixRuleInfo = self.rulename + "(" + str(self.rulenumber) + "): " messagestring = "" # Make Rule Is supposed to run in this environment if nextstep: messagestring = "Make sure Rule Is supposed to run in this " + \ "environment" self.logdispatch.log(LogPriority.DEBUG, prefixHeadline + \ prefixRuleInfo + messagestring) isapplicable = self.rule.isapplicable() messagestring = "rule.isapplicable() = " + str(isapplicable) self.logdispatch.log(LogPriority.DEBUG, prefixRuleInfo + \ messagestring) valueIsInList = isapplicable in [True, False] messagestring = "Invalid isapplicable Type!" self.assertTrue(valueIsInList, prefixRuleInfo + \ messagestring) messagestring = "rule.isapplicable() = " + str(isapplicable) + \ " and should be True." self.assertTrue(isapplicable, prefixRuleInfo + \ messagestring) nextstep = isapplicable # Check to see if we are running in the right context if nextstep: messagestring = "Check to see if we are running in the " + \ "right context" self.logdispatch.log(LogPriority.DEBUG, prefixHeadline + \ prefixRuleInfo + messagestring) effectiveUserID = self.environ.geteuid() messagestring = "environ.geteuid() = " + str(effectiveUserID) self.logdispatch.log(LogPriority.DEBUG, prefixRuleInfo + \ messagestring) isRootRequired = self.rule.getisrootrequired() messagestring = "rule.getisrootrequired() = " + str(isRootRequired) self.logdispatch.log(LogPriority.DEBUG, prefixRuleInfo + \ messagestring) if effectiveUserID == 0 and isRootRequired: nextstep = True elif not isRootRequired: nextstep = True else: nextstep = False messagestring = "Rule requires root and effective uid ='" + \ str(effectiveUserID) + "'" self.assertTrue(nextstep, prefixRuleInfo + \ messagestring) # Run setConditionsForRule to configure system for test if nextstep: messagestring = "Run setConditionsForRule to configure " + \ "system for test" self.logdispatch.log(LogPriority.DEBUG, prefixHeadline + \ prefixRuleInfo + messagestring) setTestConditions = self.setConditionsForRule() self.logdispatch.log(LogPriority.DEBUG, "setConditionsForRule()" + \ " = " + \ str(setTestConditions)) if setTestConditions: nextstep = True else: nextstep = False messagestring = "setConditionsForRule() = " + \ str(setTestConditions) + "." self.assertTrue(setTestConditions, prefixRuleInfo + \ messagestring) # Run rule.report() if nextstep: messagestring = "Run rule.report()" self.logdispatch.log(LogPriority.DEBUG, prefixHeadline + \ prefixRuleInfo + messagestring) report = self.rule.report() self.logdispatch.log(LogPriority.DEBUG, "rule.report() = " + \ str(report)) rulesuccess = self.rule.getrulesuccess() self.logdispatch.log(LogPriority.DEBUG, "rule.getrulesuccess() = " + \ str(rulesuccess)) valueIsInList = rulesuccess in [True, False] messagestring = "Invalid rule.getrulesuccess() Value'" + \ str(rulesuccess) + "'!" self.assertTrue(valueIsInList, prefixRuleInfo + messagestring) if not rulesuccess: nextstep = False messagestring = ": rule.getrulesuccess() is '" + \ str(rulesuccess) + "'" self.assertTrue(rulesuccess, prefixRuleInfo + messagestring) rulecompliance = self.rule.iscompliant() self.logdispatch.log(LogPriority.DEBUG, "rule.iscompliant() = " + \ str(rulecompliance)) valueIsInList = rulecompliance in [True, False] messagestring = "Invalid rule.iscompliant() Value'" + \ str(rulecompliance) + "'!" self.assertTrue(valueIsInList, prefixRuleInfo + messagestring) # Run checkReportForRule() messagestring = "Run checkReportForRule(" + str(rulecompliance) + \ ", " + str(rulesuccess) + ")" self.logdispatch.log(LogPriority.DEBUG, prefixHeadline + \ prefixRuleInfo + messagestring) checkReportConditions = self.checkReportForRule(rulecompliance, rulesuccess) self.logdispatch.log(LogPriority.DEBUG, "checkReportForRule()" + \ " = " + \ str(checkReportConditions)) if checkReportConditions and not rulecompliance: nextstep = True else: nextstep = False messagestring = ": Rule checkReportForRule() = " + \ str(checkReportConditions) + "." self.assertTrue(checkReportConditions, prefixRuleInfo + \ messagestring) self.assertTrue(checkReportConditions, self.rulename + "(" + str(self.rulenumber) + ")" + ": Rule " + \ "checkReportForRule() = " + \ str(checkReportConditions) + ".") # Run rule.fix() if nextstep: messagestring = "Run rule.fix()" self.logdispatch.log(LogPriority.DEBUG, prefixHeadline + \ prefixRuleInfo + messagestring) fix = self.rule.fix() self.logdispatch.log(LogPriority.DEBUG, "rule.fix() = " + \ str(fix)) rulesuccess = self.rule.getrulesuccess() self.logdispatch.log(LogPriority.DEBUG, "rule.getrulesuccess() = " + \ str(rulesuccess)) valueIsInList = rulesuccess in [True, False] messagestring = "Invalid rule.rulesuccess() Value'" + \ str(rulesuccess) + "'!" self.assertTrue(valueIsInList, prefixRuleInfo + messagestring) messagestring = "rule.getrulesuccess() = '" + \ str(rulesuccess) + "'" self.assertTrue(rulesuccess, prefixRuleInfo + messagestring) # Run checkFixForRule() messagestring = "Run checkFixForRule(" + str(rulesuccess) + ")" self.logdispatch.log(LogPriority.DEBUG, prefixHeadline + \ prefixRuleInfo + messagestring) checkFixConditions = self.checkFixForRule(rulesuccess) self.logdispatch.log(LogPriority.DEBUG, "checkFixForRule(" + str(rulesuccess) + \ ")" + " = " + \ str(checkFixConditions)) if checkFixConditions and rulesuccess: nextstep = True else: nextstep = False messagestring = "Rule checkFixForRule() = " + \ str(checkFixConditions) + "." self.assertTrue(nextstep, prefixRuleInfo + messagestring) # Run rule.report() if nextstep: messagestring = "Run rule.report()" self.logdispatch.log(LogPriority.DEBUG, prefixHeadline + \ prefixRuleInfo + messagestring) report = self.rule.report() self.logdispatch.log(LogPriority.DEBUG, "rule.report() = " + \ str(report)) rulesuccess = self.rule.getrulesuccess() self.logdispatch.log(LogPriority.DEBUG, "rule.getrulesuccess() = " + \ str(rulesuccess)) valueIsInList = rulesuccess in [True, False] messagestring = "Invalid rule.getrulesuccess() Value'" + \ str(rulesuccess) + "'!" self.assertTrue(valueIsInList, prefixRuleInfo + messagestring) if not rulesuccess: nextstep = False self.assertTrue(rulesuccess, self.rulename + "(" + str(self.rulenumber) + ")" + ": rule.getrulesuccess() is '" + \ str(rulesuccess) + "' with reported error '" + \ str(self.rule.getdetailedresults())) rulecompliance = self.rule.iscompliant() self.logdispatch.log(LogPriority.DEBUG, "rule.iscompliant() = " + \ str(rulecompliance)) valueIsInList = rulecompliance in [True, False] messagestring = "Invalid rule.iscompliant() Value'" + \ str(rulecompliance) + "'!" self.assertTrue(valueIsInList, prefixRuleInfo + messagestring) messagestring = "rule.iscompliant() is '" + \ str(rulecompliance) + "' after rule.fix() and rule.report() " + \ "have run." self.assertTrue(rulecompliance, prefixRuleInfo + messagestring) if rulecompliance: nextstep = False return nextstep ############################################################################### def setConditionsForRule(self): return True ############################################################################### def checkReportForRule(self, pCompliance, pRuleSuccess): self.logdispatch.log(LogPriority.DEBUG, "pCompliance = " + \ str(pCompliance) + ".") self.logdispatch.log(LogPriority.DEBUG, "pRuleSuccess = " + \ str(pRuleSuccess) + ".") return True ############################################################################### def checkFixForRule(self, pRuleSuccess): self.logdispatch.log(LogPriority.DEBUG, "pRuleSuccess = " + \ str(pRuleSuccess) + ".") return True ############################################################################### def checkUndoForRule(self, pRuleSuccess): self.logdispatch.log(LogPriority.DEBUG, "pRuleSuccess = " + \ str(pRuleSuccess) + ".") return True
class RuleTest(unittest.TestCase): def setUp(self): '''Setup what we need for the test. @author: ekkehard j. koch :param self: essential if you override this definition ''' self.environ = Environment() self.environ.setverbosemode(True) self.environ.setdebugmode(True) self.config = Configuration(self.environ) self.logdispatch = LogDispatcher(self.environ) self.statechglogger = StateChgLogger(self.logdispatch, self.environ) self.rule = None self.rulename = "" self.rulenumber = "" self.checkUndo = False self.ignoreresults = False ############################################################################### def tearDown(self): '''Release anything we no longer need what we need for the test. @author: ekkehard j. koch :param self: essential if you override this definition ''' pass ############################################################################### def simpleRuleTest(self): '''Run a simple Report, Fix, Report Cycle @author: ekkehard j. koch :param self: essential if you override this definition ''' nextstep = True prefixHeadline = "################################################### " prefixRuleInfo = self.rulename + "(" + str(self.rulenumber) + "): " messagestring = "" # Make Rule Is supposed to run in this environment if nextstep: messagestring = "Make sure Rule Is supposed to run in this " + \ "environment" self.logdispatch.log( LogPriority.DEBUG, prefixHeadline + prefixRuleInfo + messagestring) isapplicable = self.rule.isapplicable() messagestring = "rule.isapplicable() = " + str(isapplicable) self.logdispatch.log(LogPriority.DEBUG, prefixRuleInfo + messagestring) valueIsInList = isapplicable in [True, False] messagestring = "Invalid isapplicable Type!" self.assertTrue(valueIsInList, prefixRuleInfo + messagestring) messagestring = "rule.isapplicable() = " + str(isapplicable) + \ " and should be True." self.assertTrue(isapplicable, prefixRuleInfo + messagestring) nextstep = isapplicable # Check to see if we are running in the right context if nextstep: messagestring = "Check to see if we are running in the " + \ "right context" self.logdispatch.log( LogPriority.DEBUG, prefixHeadline + prefixRuleInfo + messagestring) effectiveUserID = self.environ.geteuid() messagestring = "environ.geteuid() = " + str(effectiveUserID) self.logdispatch.log(LogPriority.DEBUG, prefixRuleInfo + messagestring) isRootRequired = self.rule.getisrootrequired() messagestring = "rule.getisrootrequired() = " + str(isRootRequired) self.logdispatch.log(LogPriority.DEBUG, prefixRuleInfo + messagestring) if effectiveUserID == 0 and isRootRequired: nextstep = True elif not isRootRequired: nextstep = True else: nextstep = False messagestring = "Rule requires root and effective uid ='" + \ str(effectiveUserID) + "'" self.assertTrue(nextstep, prefixRuleInfo + messagestring) # Run setConditionsForRule to configure system for test if nextstep: messagestring = "Run setConditionsForRule to configure " + \ "system for test" self.logdispatch.log( LogPriority.DEBUG, prefixHeadline + prefixRuleInfo + messagestring) setTestConditions = self.setConditionsForRule() self.logdispatch.log( LogPriority.DEBUG, "setConditionsForRule()" + " = " + str(setTestConditions)) if setTestConditions: nextstep = True else: nextstep = False messagestring = "setConditionsForRule() = " + \ str(setTestConditions) + "." self.assertTrue(setTestConditions, prefixRuleInfo + messagestring) # Run rule.report() if nextstep: messagestring = "Run rule.report()" self.logdispatch.log( LogPriority.DEBUG, prefixHeadline + prefixRuleInfo + messagestring) report = self.rule.report() self.logdispatch.log(LogPriority.DEBUG, "rule.report() = " + str(report)) rulesuccess = self.rule.getrulesuccess() originalResults = self.rule.getdetailedresults() self.logdispatch.log(LogPriority.DEBUG, "rule.getrulesuccess() = " + str(rulesuccess)) valueIsInList = rulesuccess in [True, False] messagestring = "Invalid rule.getrulesuccess() Value'" + \ str(rulesuccess) + "'!" self.assertTrue(valueIsInList, prefixRuleInfo + messagestring) if not rulesuccess: nextstep = False messagestring = ": rule.getrulesuccess() is '" + \ str(rulesuccess) + "'" self.assertTrue(rulesuccess, prefixRuleInfo + messagestring) rulecompliance = self.rule.iscompliant() self.logdispatch.log(LogPriority.DEBUG, "rule.iscompliant() = " + str(rulecompliance)) valueIsInList = rulecompliance in [True, False] messagestring = "Invalid rule.iscompliant() Value'" + \ str(rulecompliance) + "'!" self.assertTrue(valueIsInList, prefixRuleInfo + messagestring) # Run checkReportForRule() messagestring = "Run checkReportForRule(" + str(rulecompliance) + \ ", " + str(rulesuccess) + ")" self.logdispatch.log( LogPriority.DEBUG, prefixHeadline + prefixRuleInfo + messagestring) checkReportConditions = self.checkReportForRule( rulecompliance, rulesuccess) self.logdispatch.log( LogPriority.DEBUG, "checkReportForRule() = " + str(checkReportConditions)) if checkReportConditions and not rulecompliance: nextstep = True else: nextstep = False messagestring = ": Rule checkReportForRule() = " + \ str(checkReportConditions) + "." self.assertTrue( checkReportConditions, self.rulename + "(" + str(self.rulenumber) + "): Rule checkReportForRule() = " + str(checkReportConditions) + ".") # Run rule.fix() if nextstep: messagestring = "Run rule.fix()" self.logdispatch.log( LogPriority.DEBUG, prefixHeadline + prefixRuleInfo + messagestring) fix = self.rule.fix() self.logdispatch.log(LogPriority.DEBUG, "rule.fix() = " + str(fix)) rulesuccess = self.rule.getrulesuccess() self.logdispatch.log(LogPriority.DEBUG, "rule.getrulesuccess() = " + str(rulesuccess)) valueIsInList = rulesuccess in [True, False] messagestring = "Invalid rule.rulesuccess() Value'" + \ str(rulesuccess) + "'!" self.assertTrue(valueIsInList, prefixRuleInfo + messagestring) messagestring = "rule.getrulesuccess() = '" + \ str(rulesuccess) + "'" self.assertTrue(rulesuccess, prefixRuleInfo + messagestring) # Run checkFixForRule() messagestring = "Run checkFixForRule(" + str(rulesuccess) + ")" self.logdispatch.log( LogPriority.DEBUG, prefixHeadline + prefixRuleInfo + messagestring) checkFixConditions = self.checkFixForRule(rulesuccess) self.logdispatch.log( LogPriority.DEBUG, "checkFixForRule(" + str(rulesuccess) + ")" + " = " + str(checkFixConditions)) if checkFixConditions and rulesuccess: nextstep = True else: nextstep = False messagestring = "Rule checkFixForRule() = " + \ str(checkFixConditions) + "." self.assertTrue(nextstep, prefixRuleInfo + messagestring) # Run rule.report() if nextstep: messagestring = "Run rule.report()" self.logdispatch.log( LogPriority.DEBUG, prefixHeadline + prefixRuleInfo + messagestring) report = self.rule.report() self.logdispatch.log(LogPriority.DEBUG, "rule.report() = " + str(report)) rulesuccess = self.rule.getrulesuccess() self.logdispatch.log(LogPriority.DEBUG, "rule.getrulesuccess() = " + str(rulesuccess)) valueIsInList = rulesuccess in [True, False] messagestring = "Invalid rule.getrulesuccess() Value'" + \ str(rulesuccess) + "'!" self.assertTrue(valueIsInList, prefixRuleInfo + messagestring) if not rulesuccess: nextstep = False self.assertTrue( rulesuccess, self.rulename + "(" + str(self.rulenumber) + "): rule.getrulesuccess() is '" + str(rulesuccess) + "' with reported error '" + str(self.rule.getdetailedresults()) + "'") rulecompliance = self.rule.iscompliant() self.logdispatch.log(LogPriority.DEBUG, "rule.iscompliant() = " + str(rulecompliance)) valueIsInList = rulecompliance in [True, False] messagestring = "Invalid rule.iscompliant() Value'" + \ str(rulecompliance) + "'!" self.assertTrue(valueIsInList, prefixRuleInfo + messagestring) messagestring = "rule.iscompliant() is '" + \ str(rulecompliance) + "' after rule.fix() and " + \ "rule.report() have run." if not self.ignoreresults: self.assertTrue(rulecompliance, prefixRuleInfo + messagestring) # Run checkReportFinalForRule() messagestring = "Run checkReportFinalForRule(" + \ str(rulecompliance) + ", " + str(rulesuccess) + ")" self.logdispatch.log( LogPriority.DEBUG, prefixHeadline + prefixRuleInfo + messagestring) checkReportFinalConditions = self.checkReportFinalForRule( rulecompliance, rulesuccess) self.logdispatch.log( LogPriority.DEBUG, "checkReportFinalForRule() = " + str(checkReportFinalConditions)) if checkReportFinalConditions and rulecompliance: nextstep = True else: nextstep = False self.assertTrue( checkReportFinalConditions, self.rulename + "(" + str(self.rulenumber) + "): Rule checkReportFinalForRule() = " + str(checkReportFinalConditions) + ".") # Run rule.undo() if nextstep and self.checkUndo: messagestring = "Run rule.undo()" self.logdispatch.log( LogPriority.DEBUG, prefixHeadline + prefixRuleInfo + messagestring) undo = self.rule.undo() self.logdispatch.log(LogPriority.DEBUG, "rule.undo() = " + str(undo)) self.rule.report() postUndoResults = self.rule.getdetailedresults() # In order to get detailed, well-formatted error information, this # has been turned into a short procedure to produce the most # helpful information, rather than simply using the assert # statement if originalResults != postUndoResults: orlines = originalResults.splitlines() pulines = postUndoResults.splitlines() orlinestmp = orlines[:] # [:] to copy by value r/t reference for line in orlinestmp: if line in pulines: orlines.remove(line) pulines.remove(line) error = "After undo, the report results were not the same " + \ "as the initial pre-fix report." if orlines: error += "\nOnly in original:\n" + "\n".join(orlines) if pulines: error += "\nOnly in post-undo:\n" + "\n".join(pulines) self.assertTrue(False, error) # Run checkUndoForRule() messagestring = "Run checkUndoForRule(" + str(rulesuccess) + ")" self.logdispatch.log( LogPriority.DEBUG, prefixHeadline + prefixRuleInfo + messagestring) checkUndoConditions = self.checkUndoForRule(rulesuccess) self.logdispatch.log( LogPriority.DEBUG, "checkUndoForRule()" + " = " + str(checkUndoConditions)) if checkUndoConditions and not rulecompliance: nextstep = True else: nextstep = False self.assertTrue( checkUndoConditions, self.rulename + "(" + str(self.rulenumber) + "): Rule checkUndoForRule() = " + str(checkUndoConditions) + ".") return nextstep ############################################################################### def setConditionsForRule(self): return True ############################################################################### def checkReportForRule(self, pCompliance, pRuleSuccess): self.logdispatch.log(LogPriority.DEBUG, "pCompliance = " + str(pCompliance) + ".") self.logdispatch.log(LogPriority.DEBUG, "pRuleSuccess = " + str(pRuleSuccess) + ".") return True ############################################################################### def checkFixForRule(self, pRuleSuccess): self.logdispatch.log(LogPriority.DEBUG, "pRuleSuccess = " + str(pRuleSuccess) + ".") return True ############################################################################### def checkReportFinalForRule(self, pCompliance, pRuleSuccess): self.logdispatch.log(LogPriority.DEBUG, "pCompliance = " + str(pCompliance) + ".") self.logdispatch.log(LogPriority.DEBUG, "pRuleSuccess = " + str(pRuleSuccess) + ".") return True ############################################################################### def checkUndoForRule(self, pRuleSuccess): self.logdispatch.log(LogPriority.DEBUG, "pRuleSuccess = " + str(pRuleSuccess) + ".") return True ############################################################################### def setCheckUndo(self, checkUndo): self.checkUndo = checkUndo ############################################################################### def getCheckUndo(self): return self.checkUndo ############################################################################### def runDestructive(self): return os.path.exists("/etc/stonix-destructive")