def test_datastream_content_paths(): data = PolicyData() data.content_type = "datastream" data.content_url = "https://example.com/hardening.xml" data.datastream_id = "id_datastream_1" data.xccdf_id = "id_xccdf_new" data.content_path = "/usr/share/oscap/testing_ds.xml" data.cpe_path = "/usr/share/oscap/cpe.xml" data.tailoring_path = "/usr/share/oscap/tailoring.xml" data.profile_id = "Web Server" assert common.get_content_name(data) == "hardening.xml" expected_path = "/tmp/openscap_data/hardening.xml" assert common.get_raw_preinst_content_path(data) == expected_path expected_path = "/tmp/openscap_data/hardening.xml" assert common.get_preinst_content_path(data) == expected_path expected_path = "/root/openscap_data/hardening.xml" assert common.get_postinst_content_path(data) == expected_path expected_path = "/tmp/openscap_data/usr/share/oscap/tailoring.xml" assert common.get_preinst_tailoring_path(data) == expected_path expected_path = "/root/openscap_data/usr/share/oscap/tailoring.xml" assert common.get_postinst_tailoring_path(data) == expected_path
def test_archive_content_paths(): data = PolicyData() data.content_type = "archive" data.content_url = "http://example.com/oscap_content.tar" data.content_path = "oscap/xccdf.xml" data.profile_id = "Web Server" data.content_path = "oscap/xccdf.xml" data.tailoring_path = "oscap/tailoring.xml" assert common.get_content_name(data) == "oscap_content.tar" expected_path = "/tmp/openscap_data/oscap_content.tar" assert common.get_raw_preinst_content_path(data) == expected_path expected_path = "/tmp/openscap_data/oscap/xccdf.xml" assert common.get_preinst_content_path(data) == expected_path expected_path = "/root/openscap_data/oscap/xccdf.xml" assert common.get_postinst_content_path(data) == expected_path expected_path = "/tmp/openscap_data/oscap/tailoring.xml" assert common.get_preinst_tailoring_path(data) == expected_path expected_path = "/root/openscap_data/oscap/tailoring.xml" assert common.get_postinst_tailoring_path(data) == expected_path
def configure_with_tasks(self): """Return configuration tasks. :return: a list of tasks """ if not self.installation_enabled: log.debug( "OSCAP Addon: The installation is disabled. Skip the configuration." ) return [] tasks = [ PrepareValidContent( policy_data=self.policy_data, file_path=common.get_raw_preinst_content_path( self.policy_data), content_path=common.get_preinst_content_path(self.policy_data), ), EvaluateRulesTask( policy_data=self.policy_data, content_path=common.get_preinst_content_path(self.policy_data), tailoring_path=common.get_preinst_tailoring_path( self.policy_data), ), ] self._cancel_tasks_on_error(tasks) return tasks
def install_with_tasks(self): """Return installation tasks. :return: a list of tasks """ if not self.installation_enabled: log.debug( "OSCAP Addon: The installation is disabled. Skip the installation." ) return [] tasks = [] tasks.append( InstallContentTask( sysroot=conf.target.system_root, policy_data=self.policy_data, file_path=common.get_raw_preinst_content_path( self.policy_data), content_path=common.get_preinst_content_path(self.policy_data), tailoring_path=common.get_preinst_tailoring_path( self.policy_data), target_directory=common.TARGET_CONTENT_DIR)) if self.policy_data.remediate in ("", "post", "both"): tasks.append( RemediateSystemTask( sysroot=conf.target.system_root, policy_data=self.policy_data, target_content_path=common.get_postinst_content_path( self.policy_data), target_tailoring_path=common.get_postinst_tailoring_path( self.policy_data))) if self.policy_data.remediate in ("firstboot", "both"): tasks.append( ScheduleFirstbootRemediationTask( sysroot=conf.target.system_root, policy_data=self.policy_data, target_content_path=common.get_postinst_content_path( self.policy_data), target_tailoring_path=common.get_postinst_tailoring_path( self.policy_data))) self._cancel_tasks_on_error(tasks) return tasks
def test_scap_security_guide_paths(): data = PolicyData() data.content_type = "scap-security-guide" data.profile_id = "Web Server" data.content_path = "/usr/share/xml/scap/ssg/content.xml" expected_msg = "Using scap-security-guide, no single content file" with pytest.raises(ValueError, match=expected_msg): common.get_content_name(data) expected_path = None assert common.get_raw_preinst_content_path(data) == expected_path expected_path = "/usr/share/xml/scap/ssg/content.xml" assert common.get_preinst_content_path(data) == expected_path expected_path = "/usr/share/xml/scap/ssg/content.xml" assert common.get_postinst_content_path(data) == expected_path expected_path = "" assert common.get_preinst_tailoring_path(data) == expected_path expected_path = "" assert common.get_postinst_tailoring_path(data) == expected_path
def _init_after_data_fetch(self, wait_for): """ Waits for data fetching to be finished, extracts it (if needed), populates the stores and evaluates pre-installation fixes from the content and marks the spoke as ready in the end. :param wait_for: name of the thread to wait for (if any) :type wait_for: str or None """ def update_progress_label(msg): fire_gtk_action(self._progress_label.set_text(msg)) content_path = None actually_fetched_content = wait_for is not None if actually_fetched_content: content_path = common.get_raw_preinst_content_path(self._policy_data) content = self.content_bringer.finish_content_fetch( wait_for, self._policy_data.fingerprint, update_progress_label, content_path, self._handle_error) if not content: with self._fetch_flag_lock: self._fetching = False return fire_gtk_action(self._progress_spinner.stop) fire_gtk_action( self._progress_label.set_text, _("Fetch complete, analyzing data.")) try: if actually_fetched_content: self.content_bringer.use_downloaded_content(content) preinst_content_path = common.get_preinst_content_path(self._policy_data) preinst_tailoring_path = common.get_preinst_tailoring_path(self._policy_data) msg = f"Opening SCAP content at {preinst_content_path}" if self._policy_data.tailoring_path: msg += f" with tailoring {preinst_tailoring_path}" else: msg += " without considering tailoring" log.info("OSCAP Addon: " + msg) self._content_handler = scap_content_handler.SCAPContentHandler( preinst_content_path, preinst_tailoring_path) except Exception as e: log.error(str(e)) self._invalid_content() # fetching done with self._fetch_flag_lock: self._fetching = False return log.info("OSCAP Addon: Done with analysis") self._ds_checklists = self._content_handler.get_data_streams_checklists() if self._using_ds: # populate the stores from items from the content add_ds_ids = GtkActionList() add_ds_ids.add_action(self._ds_store.clear) for dstream in self._ds_checklists.keys(): add_ds_ids.add_action(self._add_ds_id, dstream) add_ds_ids.fire() self._update_ids_visibility() # refresh UI elements self._refresh_ui() # let all initialization and configuration happen before we evaluate # the setup if not self._anaconda_spokes_initialized.is_set(): # only wait (and log the messages) if the event is not set yet log.debug("OSCAP addon: waiting for all Anaconda spokes to be initialized") self._anaconda_spokes_initialized.wait() log.debug("OSCAP addon: all Anaconda spokes have been initialized - continuing") # try to switch to the chosen profile (if any) selected = self._switch_profile() if self._policy_data.profile_id and not selected: # profile ID given, but it was impossible to select it -> invalid # profile ID given self._invalid_profile_id() return # update the message store with the messages self._update_message_store() # all initialized, we can now let user set parameters fire_gtk_action(self._main_notebook.set_current_page, SET_PARAMS_PAGE) # and use control buttons fire_gtk_action(really_show, self._control_buttons) # fetching done with self._fetch_flag_lock: self._fetching = False # no error self._set_error(None)
def raw_preinst_content_path(self) -> str: return common.get_raw_preinst_content_path(self.policy_data)