def test_ssh_config_render_and_check_gte_trusty(self, mock_log, mock_write, mock_ensure_permissions): audits = ssh_config_check.get_audits() contentcheckers = self.get_contentcheckers(audits) renderers = self.get_renderers(audits) def write(path, data): with tempfile.NamedTemporaryFile(delete=False) as ftmp: if path in self.pathindex: raise Exception("File already rendered '%s'" % path) self.pathindex[path] = ftmp.name with open(ftmp.name, 'wb') as fd: fd.write(data) mock_write.side_effect = write self.render(renderers) self.checkcontents(contentcheckers) self.assertTrue(mock_write.called) args_list = mock_write.call_args_list self.assertEqual('/etc/ssh/ssh_config', args_list[0][0][0]) self.assertEqual('/etc/ssh/sshd_config', args_list[1][0][0]) self.assertEqual(mock_write.call_count, 2) mock_log.assert_has_calls([call('Checked 9 cases and 9 passed', level='DEBUG')])
def run_ssh_checks(): log("Starting SSH hardening checks.", level=DEBUG) checks = config.get_audits() for check in checks: log("Running '%s' check" % (check.__class__.__name__), level=DEBUG) check.ensure_compliance() log("SSH hardening checks complete.", level=DEBUG)
def test_dont_clean_packages(self): audits = config.get_audits() self.assertEqual(4, len(audits))