def setUp(self):
self.binary = os.path.join(test_base.ARGS.build, "osquery", "osqueryi")
ext = "dylib" if sys.platform == "darwin" else "so"
self.modules_loader = test_base.Autoloader(
[test_base.ARGS.build + "/osquery/libmodexample.%s" % ext])
self.osqueryi = test_base.OsqueryWrapper(self.binary,
{"modules_autoload": self.modules_loader.path})
def test_91_extensions_settings(self):
loader = test_base.Autoloader(
[test_base.ARGS.build + "/osquery/example_extension.ext"])
daemon = self._run_daemon({
"disable_watchdog": True,
"extensions_timeout": EXTENSION_TIMEOUT,
"extensions_autoload": loader.path,
})
self.assertTrue(daemon.isAlive())
# Get a python-based thrift client for the manager (core).
client = test_base.EXClient(daemon.options["extensions_socket"])
self.assertTrue(client.open(timeout=EXTENSION_TIMEOUT))
em = client.getEM()
# The waiting extension should have connected to the daemon.
# This expect statement will block with a short timeout.
result = test_base.expect(em.extensions, 1)
self.assertEqual(len(result), 1)
# The 'complex_example' table reports several columns.
# Each is a 'test_type', check each expected value.
result = em.query("select * from complex_example")
if len(result.response) == 0:
# There is a brief race between register and registry broadcast
# That fast external client fight when querying tables.
# Other config/logger plugins have wrappers to retry/wait.
time.sleep(0.5)
result = em.query("select * from complex_example")
self.assertEqual(result.response[0]['flag_test'], 'false')
self.assertEqual(result.response[0]['database_test'], '1')
client.close()
daemon.kill(True)
def test_10_extensions_settings(self):
loader = test_base.Autoloader(
[test_base.ARGS.build + "/osquery/example_extension.ext"])
daemon = self._run_daemon({
"disable_watchdog": True,
"extensions_timeout": EXTENSION_TIMEOUT,
"extensions_autoload": loader.path,
})
self.assertTrue(daemon.isAlive())
# Get a python-based thrift client for the manager (core).
client = test_base.EXClient(daemon.options["extensions_socket"])
self.assertTrue(client.open(timeout=EXTENSION_TIMEOUT))
em = client.getEM()
# The waiting extension should have connected to the daemon.
# This expect statement will block with a short timeout.
result = test_base.expect(em.extensions, 1)
self.assertEqual(len(result), 1)
# The 'complex_example' table reports several columns.
# Each is a 'test_type', check each expected value.
result = em.query("select * from complex_example")
self.assertEqual(result.response[0]['flag_test'], 'false')
self.assertEqual(result.response[0]['database_test'], '1')
client.close()
daemon.kill(True)
def test_7_extensions_autoload_watchdog(self):
loader = test_base.Autoloader("/tmp/osqueryd-temp-ext.load",
[test_base.ARGS.build + "/osquery/example_extension.ext"])
daemon = self._run_daemon({"extensions_autoload": loader.path})
self.assertTrue(daemon.isAlive())
# Get a python-based thrift client
client = EXClient()
expectTrue(client.open)
self.assertTrue(client.open())
em = client.getEM()
# The waiting extension should have connected to the daemon.
result = expect(em.extensions, 1)
self.assertEqual(len(result), 1)
client.close()
daemon.kill(True)
def test_7_extensions_autoload_watchdog(self):
loader = test_base.Autoloader(
[test_base.ARGS.build + "/osquery/example_extension.ext"])
daemon = self._run_daemon({
"extensions_timeout": EXTENSION_TIMEOUT,
"extensions_autoload": loader.path,
})
self.assertTrue(daemon.isAlive())
# Get a python-based thrift client
client = test_base.EXClient(daemon.options["extensions_socket"])
self.assertTrue(client.open(timeout=EXTENSION_TIMEOUT))
em = client.getEM()
# The waiting extension should have connected to the daemon.
result = test_base.expect(em.extensions, 1)
self.assertEqual(len(result), 1)
client.close()
daemon.kill(True)
def test_8_external_config(self):
loader = test_base.Autoloader("/tmp/osqueryd-temp-ext.load",
[test_base.ARGS.build + "/osquery/example_extension.ext"])
daemon = self._run_daemon({
"extensions_autoload": loader.path,
"config_plugin": "example",
})
self.assertTrue(daemon.isAlive())
# Get a python-based thrift client
client = EXClient()
expectTrue(client.open)
self.assertTrue(client.open())
em = client.getEM()
# The waiting extension should have connected to the daemon.
# If there are no extensions the daemon may have exited (in error).
result = expect(em.extensions, 1)
self.assertEqual(len(result), 1)
client.close()
daemon.kill(True)
def test_8_external_config(self):
loader = test_base.Autoloader(
[test_base.ARGS.build + "/osquery/example_extension.ext"])
daemon = self._run_daemon({
"extensions_autoload": loader.path,
"extensions_timeout": EXTENSION_TIMEOUT,
"config_plugin": "example",
"verbose": True,
})
self.assertTrue(daemon.isAlive())
# Get a python-based thrift client
client = test_base.EXClient(daemon.options["extensions_socket"])
self.assertTrue(client.open(timeout=EXTENSION_TIMEOUT))
em = client.getEM()
# The waiting extension should have connected to the daemon.
# If there are no extensions the daemon may have exited (in error).
result = test_base.expect(em.extensions, 1)
self.assertEqual(len(result), 1)
client.close()
daemon.kill(True)
