class zzzTestRuleConfigureLinuxFirewall(RuleTest):
def setUp(self):
RuleTest.setUp(self)
self.rule = ConfigureLinuxFirewall(self.config, self.environ,
self.logdispatch,
self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.logger = self.logdispatch
self.ch = CommandHelper(self.logger)
self.servicehelper = ServiceHelper(self.environ, self.logger)
self.checkUndo = True
self.isfirewalld = False
self.isufw = False
if os.path.exists('/bin/firewall-cmd'):
self.isfirewalld = True
if os.path.exists('/usr/sbin/ufw'):
self.isufw = True
# mostly pertains to RHEL6, Centos6
self.iptables = "/usr/sbin/iptables"
if not os.path.exists(self.iptables):
self.iptables = '/sbin/iptables'
self.ip6tables = "/usr/sbin/ip6tables"
if not os.path.exists(self.ip6tables):
self.ip6tables = '/sbin/ip6tables'
if os.path.exists("/usr/sbin/iptables-restore"):
self.iprestore = "/usr/sbin/iptables-restore"
elif os.path.exists("/sbin/iptables-restore"):
self.iprestore = "/sbin/iptables-restore"
if os.path.exists("/usr/sbin/ip6tables-restore"):
self.ip6restore = "/usr/sbin/ip6tables-restore"
elif os.path.exists("/sbin/ip6tables-restore"):
self.ip6restore = "/sbin/ip6tables-restore"
self.scriptType = ""
def tearDown(self):
pass
def runTest(self):
self.simpleRuleTest()
def setConditionsForRule(self):
'''Configure system for the unit test
:param self: essential if you override this definition
:returns: boolean - If successful True; If failure False
@author: ekkehard j. koch
'''
success = True
self.detailedresults = ""
self.iptScriptPath = ""
scriptExists = ""
debug = ""
if self.isfirewalld:
if self.servicehelper.auditService('firewalld.service'):
if not self.servicehelper.disableService('firewalld.service'):
success = False
if self.isufw:
cmdufw = '/usr/sbin/ufw status'
if not self.ch.executeCommand(cmdufw):
debug = "Unable to run ufw status command in unit test\n"
self.logger.log(LogPriority.DEBUG, debug)
success = False
else:
outputufw = self.ch.getOutputString()
if re.search('Status: active', outputufw):
ufwcmd = '/usr/sbin/ufw --force disable'
if not self.ch.executeCommand(ufwcmd):
debug = "Unable to disable firewall for unit test\n"
self.logger.log(LogPriority.DEBUG, debug)
success = False
else:
cmdufw = "/usr/sbin/ufw status verbose"
if not self.ch.executeCommand(cmdufw):
debug = "Unable to get verbose status for unit test\n"
self.logger.log(LogPriority.DEBUG, debug)
success = False
else:
outputfw = self.cmdhelper.getOutputString()
if re.search("Default\:\ deny\ \(incoming\)",
outputfw):
ufwcmd = "/usr/sbin/ufw default allow incoming"
if not self.ch.executeCommand(ufwcmd):
debug = "Unable to set allow status for unit test\n"
self.logger.log(LogPriority.DEBUG, debug)
success = False
elif os.path.exists('/usr/bin/system-config-firewall') or \
os.path.exists('/usr/bin/system-config-firewall-tui'):
print("system-config-firewall commands exist\n")
fwpath = '/etc/sysconfig/system-config-firewall'
iptpath = '/etc/sysconfig/iptables'
ip6tpath = '/etc/sysconfig/ip6tables'
if os.path.exists(fwpath):
os.remove(fwpath)
if os.path.exists(iptpath):
os.remove(iptpath)
if os.path.exists(ip6tpath):
os.remove(ip6tpath)
if not self.servicehelper.disableService('iptables'):
print("unable to disable iptables\n")
success = False
debug = "Could not disable iptables in unit test\n"
self.logger.log(LogPriority.DEBUG, debug)
if not self.servicehelper.disableService('ip6tables'):
print("unable to disable ip6tables\n")
success = False
debug = "Could not disable ip6tables in unit test\n"
self.logger.log(LogPriority.DEBUG, debug)
cmd = "/sbin/service iptables stop"
if not self.ch.executeCommand(cmd):
success = False
debug = "Unable to stop iptables in unit test\n"
print("unable to stop iptables in unit test\n")
self.logger.log(LogPriority.DEBUG, debug)
cmd = "/sbin/service ip6tables stop"
if not self.ch.executeCommand(cmd):
success = False
debug = "Unable to stop ip6tables in unit test\n"
print("unable to stop iop6tables in unit test\n")
self.logger.log(LogPriority.DEBUG, debug)
elif os.path.exists(self.iprestore) and \
os.path.exists(self.ip6restore):
if os.path.exists(self.iptScriptPath):
if not os.remove(self.iptScriptPath):
debug = "Unable to remove " + self.iptScriptPath + " for setConditionsForRule\n"
self.logger.log(LogPriority.DEBUG, debug)
success = False
return success
def checkReportForRule(self, pCompliance, pRuleSuccess):
'''check on whether report was correct
:param self: essential if you override this definition
:param pCompliance: the self.iscompliant value of rule
:param pRuleSuccess: did report run successfully
:returns: boolean - If successful True; If failure False
@author: ekkehard j. koch
'''
self.logdispatch.log(LogPriority.DEBUG, "pCompliance = " + \
str(pCompliance) + ".")
self.logdispatch.log(LogPriority.DEBUG, "pRuleSuccess = " + \
str(pRuleSuccess) + ".")
success = True
return success
def checkFixForRule(self, pRuleSuccess):
'''check on whether fix was correct
:param self: essential if you override this definition
:param pRuleSuccess: did report run successfully
:returns: boolean - If successful True; If failure False
@author: ekkehard j. koch
'''
self.logdispatch.log(LogPriority.DEBUG, "pRuleSuccess = " + \
str(pRuleSuccess) + ".")
success = True
return success
def checkUndoForRule(self, pRuleSuccess):
'''check on whether undo was correct
:param self: essential if you override this definition
:param pRuleSuccess: did report run successfully
:returns: boolean - If successful True; If failure False
@author: ekkehard j. koch
'''
self.logdispatch.log(LogPriority.DEBUG, "pRuleSuccess = " + \
str(pRuleSuccess) + ".")
success = True
return success
def getScriptValues(self, scriptname):
if scriptname == "iptscript":
iptScript = '''fw_custom_after_chain_creation() {
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
-A INPUT -p ipv6-icmp -j ACCEPT
-A INPUT -m state --state NEW -m udp -p udp --dport 546 -d fe80::/64 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp6-adm-prohibited
-A FORWARD -j REJECT --reject-with icmp6-adm-prohibited
true
}
fw_custom_before_port_handling() {
true
}
fw_custom_before_masq() {
true
}
fw_custom_before_denyall() {
true
}
fw_custom_after_finished() {
true
}
'''
return iptScript
elif scriptname == "iptables":
iptables = '''*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
'''
return iptables
elif scriptname == "ip6tables":
ip6tables = '''*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p ipv6-icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m udp -p udp --dport 546 -d fe80::/64 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp6-adm-prohibited
-A FORWARD -j REJECT --reject-with icmp6-adm-prohibited
COMMIT
'''
return ip6tables
elif scriptname == "systemconfigurefirewall":
systemconfigfirewall = '''# Configuration file for system-config-firewall
--enabled
--service=ssh
'''
return systemconfigfirewall
elif scriptname == "sysconfigiptables":
sysconfigiptables = '''# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
'''
return sysconfigiptables
elif scriptname == "sysconfigip6tables":
sysconfigip6tables = '''# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p ipv6-icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m udp -p udp --dport 546 -d fe80::/64 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp6-adm-prohibited
-A FORWARD -j REJECT --reject-with icmp6-adm-prohibited
COMMIT
'''
return sysconfigip6tables
class zzzTestRuleConfigureLinuxFirewall(RuleTest):
def setUp(self):
RuleTest.setUp(self)
self.rule = ConfigureLinuxFirewall(self.config,
self.environ,
self.logdispatch,
self.statechglogger)
self.rulename = self.rule.rulename
self.rulenumber = self.rule.rulenumber
self.logger = self.logdispatch
self.ch = CommandHelper(self.logger)
self.servicehelper = ServiceHelper(self.environ, self.logger)
self.checkUndo = True
self.isfirewalld = False
self.isufw = False
if os.path.exists('/bin/firewall-cmd'):
self.isfirewalld = True
if os.path.exists('/usr/sbin/ufw'):
self.isufw = True
# mostly pertains to RHEL6, Centos6
self.iptables = "/usr/sbin/iptables"
if not os.path.exists(self.iptables):
self.iptables = '/sbin/iptables'
self.ip6tables = "/usr/sbin/ip6tables"
if not os.path.exists(self.ip6tables):
self.ip6tables = '/sbin/ip6tables'
if os.path.exists("/usr/sbin/iptables-restore"):
self.iprestore = "/usr/sbin/iptables-restore"
elif os.path.exists("/sbin/iptables-restore"):
self.iprestore = "/sbin/iptables-restore"
if os.path.exists("/usr/sbin/ip6tables-restore"):
self.ip6restore = "/usr/sbin/ip6tables-restore"
elif os.path.exists("/sbin/ip6tables-restore"):
self.ip6restore = "/sbin/ip6tables-restore"
self.scriptType = ""
def tearDown(self):
pass
def runTest(self):
self.simpleRuleTest()
def setConditionsForRule(self):
'''
Configure system for the unit test
@param self: essential if you override this definition
@return: boolean - If successful True; If failure False
@author: ekkehard j. koch
'''
success = True
self.detailedresults = ""
self.iptScriptPath = ""
scriptExists = ""
debug = ""
if self.isfirewalld:
if self.servicehelper.auditService('firewalld.service'):
if not self.servicehelper.disableService('firewalld.service'):
success = False
if self.isufw:
cmdufw = '/usr/sbin/ufw status'
if not self.ch.executeCommand(cmdufw):
debug = "Unable to run ufw status command in unit test\n"
self.logger.log(LogPriority.DEBUG, debug)
success = False
else:
outputufw = self.ch.getOutputString()
if re.search('Status: active', outputufw):
ufwcmd = '/usr/sbin/ufw --force disable'
if not self.ch.executeCommand(ufwcmd):
debug = "Unable to disable firewall for unit test\n"
self.logger.log(LogPriority.DEBUG, debug)
success = False
else:
cmdufw = "/usr/sbin/ufw status verbose"
if not self.ch.executeCommand(cmdufw):
debug = "Unable to get verbose status for unit test\n"
self.logger.log(LogPriority.DEBUG, debug)
success = False
else:
outputfw = self.cmdhelper.getOutputString()
if re.search("Default\:\ deny\ \(incoming\)", outputfw):
ufwcmd = "/usr/sbin/ufw default allow incoming"
if not self.ch.executeCommand(ufwcmd):
debug = "Unable to set allow status for unit test\n"
self.logger.log(LogPriority.DEBUG, debug)
success = False
elif os.path.exists('/usr/bin/system-config-firewall') or \
os.path.exists('/usr/bin/system-config-firewall-tui'):
print "system-config-firewall commands exist\n"
fwpath = '/etc/sysconfig/system-config-firewall'
iptpath = '/etc/sysconfig/iptables'
ip6tpath = '/etc/sysconfig/ip6tables'
if os.path.exists(fwpath):
os.remove(fwpath)
if os.path.exists(iptpath):
os.remove(iptpath)
if os.path.exists(ip6tpath):
os.remove(ip6tpath)
if not self.servicehelper.disableService('iptables'):
print "unable to disable iptables\n"
success = False
debug = "Could not disable iptables in unit test\n"
self.logger.log(LogPriority.DEBUG, debug)
if not self.servicehelper.disableService('ip6tables'):
print "unable to disable ip6tables\n"
success = False
debug = "Could not disable ip6tables in unit test\n"
self.logger.log(LogPriority.DEBUG, debug)
cmd = "/sbin/service iptables stop"
if not self.ch.executeCommand(cmd):
success = False
debug = "Unable to stop iptables in unit test\n"
print "unable to stop iptables in unit test\n"
self.logger.log(LogPriority.DEBUG, debug)
cmd = "/sbin/service ip6tables stop"
if not self.ch.executeCommand(cmd):
success = False
debug = "Unable to stop ip6tables in unit test\n"
print "unable to stop iop6tables in unit test\n"
self.logger.log(LogPriority.DEBUG, debug)
elif os.path.exists(self.iprestore) and \
os.path.exists(self.ip6restore):
if os.path.exists(self.iptScriptPath):
if not os.remove(self.iptScriptPath):
debug = "Unable to remove " + self.iptScriptPath + " for setConditionsForRule\n"
self.logger.log(LogPriority.DEBUG, debug)
success = False
return success
def checkReportForRule(self, pCompliance, pRuleSuccess):
'''
check on whether report was correct
@param self: essential if you override this definition
@param pCompliance: the self.iscompliant value of rule
@param pRuleSuccess: did report run successfully
@return: boolean - If successful True; If failure False
@author: ekkehard j. koch
'''
self.logdispatch.log(LogPriority.DEBUG, "pCompliance = " + \
str(pCompliance) + ".")
self.logdispatch.log(LogPriority.DEBUG, "pRuleSuccess = " + \
str(pRuleSuccess) + ".")
success = True
return success
def checkFixForRule(self, pRuleSuccess):
'''
check on whether fix was correct
@param self: essential if you override this definition
@param pRuleSuccess: did report run successfully
@return: boolean - If successful True; If failure False
@author: ekkehard j. koch
'''
self.logdispatch.log(LogPriority.DEBUG, "pRuleSuccess = " + \
str(pRuleSuccess) + ".")
success = True
return success
def checkUndoForRule(self, pRuleSuccess):
'''
check on whether undo was correct
@param self: essential if you override this definition
@param pRuleSuccess: did report run successfully
@return: boolean - If successful True; If failure False
@author: ekkehard j. koch
'''
self.logdispatch.log(LogPriority.DEBUG, "pRuleSuccess = " + \
str(pRuleSuccess) + ".")
success = True
return success
def getScriptValues(self, scriptname):
if scriptname == "iptscript":
iptScript = '''fw_custom_after_chain_creation() {
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
-A INPUT -p ipv6-icmp -j ACCEPT
-A INPUT -m state --state NEW -m udp -p udp --dport 546 -d fe80::/64 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp6-adm-prohibited
-A FORWARD -j REJECT --reject-with icmp6-adm-prohibited
true
}
fw_custom_before_port_handling() {
true
}
fw_custom_before_masq() {
true
}
fw_custom_before_denyall() {
true
}
fw_custom_after_finished() {
true
}
'''
return iptScript
elif scriptname == "iptables":
iptables = '''*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
'''
return iptables
elif scriptname == "ip6tables":
ip6tables = '''*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p ipv6-icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m udp -p udp --dport 546 -d fe80::/64 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp6-adm-prohibited
-A FORWARD -j REJECT --reject-with icmp6-adm-prohibited
COMMIT
'''
return ip6tables
elif scriptname == "systemconfigurefirewall":
systemconfigfirewall = '''# Configuration file for system-config-firewall
--enabled
--service=ssh
'''
return systemconfigfirewall
elif scriptname == "sysconfigiptables":
sysconfigiptables = '''# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
'''
return sysconfigiptables
elif scriptname == "sysconfigip6tables":
sysconfigip6tables = '''# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p ipv6-icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m udp -p udp --dport 546 -d fe80::/64 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp6-adm-prohibited
-A FORWARD -j REJECT --reject-with icmp6-adm-prohibited
COMMIT
'''
return sysconfigip6tables
class zzzTestFrameworkServiceHelper(unittest.TestCase):
"""
Class docs
"""
def setUp(self):
"""
initialize and set class variables and objects
"""
self.environ = Environment()
self.environ.setdebugmode(True)
self.logger = LogDispatcher(self.environ)
self.mysh = ServiceHelper(self.environ, self.logger)
# set service name
self.myservice = 'crond'
self.myservicename = ""
if self.environ.getosfamily() == 'darwin':
self.myservice = "/Library/LaunchDaemons/gov.lanl.stonix.report.plist"
self.myservicename = "gov.lanl.stonix.report"
elif self.environ.getosfamily() == 'solaris':
self.myservice = 'svc:/system/cron:default'
elif self.environ.getosfamily() == 'freebsd':
self.myservice = 'cron'
elif os.path.exists('/usr/lib/systemd/system/cron.service'):
self.myservice = 'cron.service'
elif os.path.exists('/usr/lib/systemd/system/crond.service'):
self.myservice = 'crond.service'
elif os.path.exists('/etc/init.d/vixie-cron'):
self.myservice = 'vixie-cron'
elif os.path.exists('/etc/init.d/cron'):
self.myservice = 'cron'
if self.environ.getosfamily() == "darwin":
self.service = self.myservice, self.myservicename
else:
self.service = [self.myservice]
# store system initial state
self.orig_enabled = self.mysh.auditService(*self.service)
def tearDown(self):
"""
restore system initial state
"""
if self.orig_enabled:
self.mysh.enableService(*self.service)
else:
self.mysh.disableService(*self.service)
def testListServices(self):
"""
test listing of services
"""
services = self.mysh.listServices()
self.assertGreater(len(services), 0)
self.assertIsInstance(services, list)
def testDisable(self):
"""
test disabling a service from initial state:
enabled
"""
# make sure service is started, so stopping it will be a valid test of the function
if not self.mysh.auditService(*self.service):
self.mysh.enableService(*self.service)
disabled = self.mysh.disableService(*self.service)
self.assertTrue(disabled)
def testEnable(self):
"""
test enabling a service from initial state:
disabled
"""
# make sure service is stopped, so starting it will be a valid test of the function
if self.mysh.auditService(*self.service):
self.mysh.disableService(*self.service)
enabled = self.mysh.enableService(*self.service)
self.assertTrue(enabled)
def testReloadService(self):
"""
test reloading a service from both initial states:
enabled
disabled
"""
self.mysh.disableService(*self.service)
reloaded1 = self.mysh.reloadService(*self.service)
self.assertTrue(reloaded1)
self.mysh.enableService(*self.service)
reloaded2 = self.mysh.reloadService(*self.service)
self.assertTrue(reloaded2)
def testIsRunning(self):
"""
test status checking to see if a service
is running
(start and stop not implemented in all helpers)
"""
if self.mysh.startService(*self.service):
self.assertTrue(self.mysh.isRunning(*self.service))
if self.mysh.stopService(*self.service):
self.assertFalse(self.mysh.isRunning(*self.service))
class zzzTestFrameworkServiceHelper(unittest.TestCase):
'''Class docs'''
def setUp(self):
'''initialize and set class variables and objects'''
self.environ = Environment()
self.environ.setdebugmode(True)
self.logger = LogDispatcher(self.environ)
self.mysh = ServiceHelper(self.environ, self.logger)
# set service name
self.myservice = 'crond'
self.myservicename = ""
if self.environ.getosfamily() == 'darwin':
self.myservice = "/Library/LaunchDaemons/gov.lanl.stonix.report.plist"
self.myservicename = "gov.lanl.stonix.report"
elif self.environ.getosfamily() == 'solaris':
self.myservice = 'svc:/system/cron:default'
elif self.environ.getosfamily() == 'freebsd':
self.myservice = 'cron'
elif os.path.exists('/usr/lib/systemd/system/cron.service'):
self.myservice = 'cron.service'
elif os.path.exists('/usr/lib/systemd/system/crond.service'):
self.myservice = 'crond.service'
elif os.path.exists('/etc/init.d/vixie-cron'):
self.myservice = 'vixie-cron'
elif os.path.exists('/etc/init.d/cron'):
self.myservice = 'cron'
if self.environ.getosfamily() == "darwin":
self.service = self.myservice, self.myservicename
else:
self.service = [self.myservice]
# store system initial state
self.orig_enabled = self.mysh.auditService(*self.service)
def tearDown(self):
'''restore system initial state'''
if self.orig_enabled:
self.mysh.enableService(*self.service)
else:
self.mysh.disableService(*self.service)
def testListServices(self):
'''test listing of services'''
services = self.mysh.listServices()
self.assertGreater(len(services), 0)
self.assertIsInstance(services, list)
def testDisable(self):
'''test disabling a service from initial state:
enabled
'''
# make sure service is started, so stopping it will be a valid test of the function
if not self.mysh.auditService(*self.service):
self.mysh.enableService(*self.service)
disabled = self.mysh.disableService(*self.service)
self.assertTrue(disabled)
def testEnable(self):
'''test enabling a service from initial state:
disabled
'''
# make sure service is stopped, so starting it will be a valid test of the function
if self.mysh.auditService(*self.service):
self.mysh.disableService(*self.service)
enabled = self.mysh.enableService(*self.service)
self.assertTrue(enabled)
def testReloadService(self):
'''test reloading a service from both initial states:
enabled
disabled
'''
self.mysh.disableService(*self.service)
reloaded1 = self.mysh.reloadService(*self.service)
self.assertTrue(reloaded1)
self.mysh.enableService(*self.service)
reloaded2 = self.mysh.reloadService(*self.service)
self.assertTrue(reloaded2)
def testIsRunning(self):
'''test status checking to see if a service
is running
(start and stop not implemented in all helpers)
'''
if self.mysh.startService(*self.service):
self.assertTrue(self.mysh.isRunning(*self.service))
if self.mysh.stopService(*self.service):
self.assertFalse(self.mysh.isRunning(*self.service))
