def test_record_as_admin_user(self):
"""
Check tlog-rec preserves sudo activity of admin user in
recordings
"""
logfile = mklogfile(self.tempdir)
cfg = '''
%wheel ALL=(ALL) NOPASSWD: ALL
'''
mkcfgfile('/etc/sudoers.d/01_wheel_nopass', cfg)
shell = ssh_pexpect(self.admin1, 'Secret123', 'localhost')
shell.sendline('tlog-rec -o {}'.format(logfile))
shell.sendline('whoami')
shell.expect(self.admin1)
shell.sendline('sleep 2')
shell.sendline('echo test1223')
shell.expect('test1223')
shell.sendline('sudo ls -ltr /var/log/audit')
shell.expect('audit.log')
shell.sendline('exit')
check_outfile('test1223', logfile)
check_recording(shell, 'test1223', logfile)
shell.close()
shell = ssh_pexpect(self.admin1, 'Secret123', 'localhost')
check_recording(shell, 'audit.log', logfile)
shell.close()
def test_record_as_admin_user(self):
"""
Check tlog-rec preserves sudo activity of admin user in
recordings
"""
logfile = mklogfile(self.tempdir)
cfg = '''
%wheel ALL=(ALL) NOPASSWD: ALL
'''
mkcfgfile('/etc/sudoers.d/01_wheel_nopass', cfg)
shell = ssh_pexpect(self.admin1, 'Secret123', 'localhost')
shell.sendline('tlog-rec -o {}'.format(logfile))
shell.sendline('whoami')
shell.expect(self.admin1)
shell.sendline('sleep 2')
shell.sendline('echo test1223')
shell.expect('test1223')
shell.sendline('sudo ls -ltr /var/log/audit')
shell.expect('audit.log')
shell.sendline('exit')
check_outfile('test1223', logfile)
check_recording(shell, 'test1223', logfile)
shell.close()
shell = ssh_pexpect(self.admin1, 'Secret123', 'localhost')
check_recording(shell, 'audit.log', logfile)
shell.close()
def test_record_command_to_file(self):
"""
Check tlog-rec preserves output when reording to file
"""
logfile = mklogfile(self.tempdir)
shell = ssh_pexpect(self.user1, 'Secret123', 'localhost')
shell.sendline('tlog-rec -o {} whoami'.format(logfile))
check_outfile('out_txt\":\"{}'.format(self.user1), logfile)
check_recording(shell, self.user1, logfile)
shell.close()
def test_record_command_to_file(self):
"""
Check tlog-rec preserves output when reording to file
"""
logfile = mklogfile(self.tempdir)
shell = ssh_pexpect(self.user1, 'Secret123', 'localhost')
shell.sendline('tlog-rec -o {} whoami'.format(logfile))
check_outfile('out_txt\":\"{}'.format(self.user1), logfile)
check_recording(shell, self.user1, logfile)
shell.close()
def test_record_fast_input_with_limit_action_delay(self):
"""
Check tlog-rec delays recording when logging limit reached
"""
logfile = mklogfile(self.tempdir)
shell = ssh_pexpect(self.user1, 'Secret123', 'localhost')
opts = '--limit-rate=10 --limit-action=delay'
shell.sendline('tlog-rec {} ' '-o {} /bin/bash'.format(opts, logfile))
for num in range(0, 200):
shell.sendline('echo test_{}'.format(num))
check_outfile('test_199', logfile, maxchecks=100)
shell.sendline('exit')
check_recording(shell, 'test_199', logfile)
shell.close()
def test_record_fast_input_with_limit_action_delay(self):
"""
Check tlog-rec delays recording when logging limit reached
"""
logfile = mklogfile(self.tempdir)
shell = ssh_pexpect(self.user1, 'Secret123', 'localhost')
opts = '--limit-rate=10 --limit-action=delay'
shell.sendline('tlog-rec {} '
'-o {} /bin/bash'.format(opts, logfile))
for num in range(0, 200):
shell.sendline('echo test_{}'.format(num))
check_outfile('test_199', logfile)
shell.sendline('exit')
check_recording(shell, 'test_199', logfile)
shell.close()
def test_record_interactive_session(self):
"""
Check tlog-rec preserves activity during interactive
session in recordings
"""
logfile = mklogfile(self.tempdir)
shell = ssh_pexpect(self.user1, 'Secret123', 'localhost')
shell.sendline('tlog-rec -o {}'.format(logfile))
shell.sendline('whoami')
shell.expect(self.user1)
shell.sendline('sleep 2')
shell.sendline('echo test123')
shell.expect('test123')
shell.sendline('echo test1123out>/tmp/pexpect.test1123out')
check_outfile('test1123out', logfile)
check_recording(shell, 'test1123out', logfile)
shell.close()
def test_record_interactive_session(self):
"""
Check tlog-rec preserves activity during interactive
session in recordings
"""
logfile = mklogfile(self.tempdir)
shell = ssh_pexpect(self.user1, 'Secret123', 'localhost')
shell.sendline('tlog-rec -o {}'.format(logfile))
shell.sendline('whoami')
shell.expect(self.user1)
shell.sendline('sleep 2')
shell.sendline('echo test123')
shell.expect('test123')
shell.sendline('echo test1123out>/tmp/pexpect.test1123out')
check_outfile('test1123out', logfile)
check_recording(shell, 'test1123out', logfile)
shell.close()
def test_record_diff_char_sets(self):
"""
Check tlog-rec preserves non-English I/O in recordings
"""
logfile = '{}-ru_RU'.format(mklogfile(self.tempdir))
shell = ssh_pexpect(self.user1, 'Secret123', 'localhost')
shell.sendline('tlog-rec -o {} /bin/bash'.format(logfile))
shell.sendline('export LANG=ru_RU.utf8')
shell.sendline('badcommand')
shell.sendline('exit')
check_outfile('найдена', logfile)
check_recording(shell, 'найдена', logfile)
shell.close()
logfile = '{}-el_GR'.format(mklogfile(self.tempdir))
shell = ssh_pexpect(self.user1, 'Secret123', 'localhost')
shell.sendline('tlog-rec -o {} /bin/bash'.format(logfile))
shell.sendline('export LANG=el_GR.utf8')
shell.sendline('badcommand')
shell.sendline('exit')
check_outfile('βρέθηκε', logfile)
check_recording(shell, 'βρέθηκε', logfile)
shell.close()
logfile = '{}-en_US'.format(mklogfile(self.tempdir))
shell = ssh_pexpect(self.user1, 'Secret123', 'localhost')
shell.sendline('tlog-rec -o {} /bin/bash'.format(logfile))
shell.sendline('export LANG=en_US.utf8')
shell.sendline('echo Watérmân')
shell.sendline('exit')
check_outfile('Watérmân', logfile)
check_recording(shell, 'Watérmân', logfile)
shell.expect('Watérmân')
shell.close()
def test_record_diff_char_sets(self):
"""
Check tlog-rec preserves non-English I/O in recordings
"""
logfile = '{}-ru_RU'.format(mklogfile(self.tempdir))
shell = ssh_pexpect(self.user1, 'Secret123', 'localhost')
shell.sendline('tlog-rec -o {} /bin/bash'.format(logfile))
shell.sendline('export LANG=ru_RU.utf8')
shell.sendline('badcommand')
shell.sendline('exit')
check_outfile('найдена', logfile)
check_recording(shell, 'найдена', logfile)
shell.close()
logfile = '{}-el_GR'.format(mklogfile(self.tempdir))
shell = ssh_pexpect(self.user1, 'Secret123', 'localhost')
shell.sendline('tlog-rec -o {} /bin/bash'.format(logfile))
shell.sendline('export LANG=el_GR.utf8')
shell.sendline('badcommand')
shell.sendline('exit')
check_outfile('βρέθηκε', logfile)
check_recording(shell, 'βρέθηκε', logfile)
shell.close()
logfile = '{}-en_US'.format(mklogfile(self.tempdir))
shell = ssh_pexpect(self.user1, 'Secret123', 'localhost')
shell.sendline('tlog-rec -o {} /bin/bash'.format(logfile))
shell.sendline('export LANG=en_US.utf8')
shell.sendline('echo Watérmân')
shell.sendline('exit')
check_outfile('Watérmân', logfile)
check_recording(shell, 'Watérmân', logfile)
shell.expect('Watérmân')
shell.close()
