1#! /bin/sh
2
3#
4# Copyright Rainer Wichmann (2006)
5#
6# License Information:
7# This program is free software; you can redistribute it and/or modify
8# it under the terms of the GNU General Public License as published by
9# the Free Software Foundation; either version 2 of the License, or
10# (at your option) any later version.
11#
12# This program is distributed in the hope that it will be useful,
13# but WITHOUT ANY WARRANTY; without even the implied warranty of
14# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
15# GNU General Public License for more details.
16#
17# You should have received a copy of the GNU General Public License
18# along with this program; if not, write to the Free Software
19# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
20#
21
22RCFILE="$PW_DIR/testrc_1.dyn";  export RCFILE
23LOGFILE="$PW_DIR/.samhain_log"; export LOGFILE
24
25# --enable-login-watch --enable-xml-log
26# --enable-debug --enable-suidcheck --with-prelude
27
28BUILDOPTS="--quiet $TRUST --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$RCFILE --with-log-file=$LOGFILE --with-pid-file=$PW_DIR/.samhain_lock --with-data-file=$PW_DIR/.samhain_file --enable-debug"
29export BUILDOPTS
30
31BASE="${PW_DIR}/testrun_testdata"; export BASE
32TDIRS="a b c a/a a/b a/c a/a/a a/a/b a/a/c a/a/a/a a/a/a/b a/a/a/c"; export TDIRS
33TFILES="x y z"; export TFILES
34
35###########################################################
36#
37# ---- [Define tests here] ----
38#
39
40# 1 for testing new tests
41testrun1_setup=0
42
43MAXTEST=15; export MAXTEST
44MAXTEST_3=15; export MAXTEST_3
45
46test_dirs () {
47    for ff in $CDIRS; do
48	#
49	egrep "Checking.*${BASE}/${ff}(>|\")" $LOGFILE >/dev/null 2>&1
50	if [ $? -ne 0 ]; then
51	    [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff} (checking)";
52	    return 1
53	fi
54	tmp=`egrep "Checking.*${BASE}/${ff}(>|\")" $LOGFILE 2>/dev/null | wc -l`
55	if [ $tmp -ne 1 ]; then
56	    [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff} (multiple)";
57	fi
58	#
59    done
60    for ff in $NDIRS; do
61	#
62	egrep "Checking.*${BASE}/${ff}(>|\")" $LOGFILE >/dev/null 2>&1
63	if [ $? -eq 0 ]; then
64	    [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff} (checking)";
65	    return 1
66	fi
67    done
68}
69
70
71TESTPOLICY_15="
72[Misc]
73DigestAlgo=SHA1
74RedefReadOnly = +TXT
75[ReadOnly]
76dir=${BASE}
77"
78mod_testdata_15 () {
79    mod_testdata_1
80}
81chk_testdata_15 () {
82    chk_testdata_1
83}
84
85TESTPOLICY_14="
86[Misc]
87DigestAlgo=MD5
88RedefReadOnly = +TXT
89[ReadOnly]
90dir=${BASE}
91"
92mod_testdata_14 () {
93    mod_testdata_1
94}
95chk_testdata_14 () {
96    chk_testdata_1
97}
98
99#
100# combine file check schedule with one-shot mode
101#
102TESTPOLICY_13="
103[ReadOnly]
104dir=99${BASE}
105"
106
107mod_testdata_13 () {
108    one_sec_sleep
109    echo "foobar" >"${BASE}/c/x"; # bad
110    chmod 0555  "${BASE}/a/y";    # bad
111    ORIGINAL='SetFilecheckTime=60'
112    REPLACEMENT='FileCheckScheduleOne = 6 12 * * *'
113    ex -s $RCFILE <<EOF
114%s/${ORIGINAL}/${REPLACEMENT}/g
115wq
116EOF
117}
118
119chk_testdata_13 () {
120    # CDIRS="a b c a/a a/b a/c a/a/a a/a/b a/a/c a/a/a/a a/a/a/b a/a/a/c";
121    tmp=`grep CRIT $LOGFILE | wc -l`
122    if [ $tmp -ne 2 ]; then
123	[ -z "$verbose" ] || log_msg_fail "policy count";
124	return 1
125    fi
126    egrep "CRIT.*POLICY \[ReadOnly\] C-------TS.*${BASE}/c/x" $LOGFILE >/dev/null 2>&1
127    if [ $? -ne 0 ]; then
128	[ -z "$verbose" ] || log_msg_fail "${BASE}/c/x";
129	return 1
130    fi
131    egrep "CRIT.*POLICY \[ReadOnly\] -----M--T-.*${BASE}/a/y" $LOGFILE >/dev/null 2>&1
132    if [ $? -ne 0 ]; then
133	[ -z "$verbose" ] || log_msg_fail "${BASE}/a/y";
134	return 1
135    fi
136    CDIRS="a a/a a/b a/c c b a/a/a a/a/b a/a/c a/a/a/a a/a/a/b a/a/a/c";
137    NDIRS="";
138    test_dirs;
139    return $?
140}
141
142TESTPOLICY_12="
143[ReadOnly]
144dir=99${BASE}
145[IgnoreAll]
146dir=-1${BASE}/b
147[Attributes]
148dir=1${BASE}/a
149"
150
151mod_testdata_12 () {
152    one_sec_sleep
153    echo "foobar" >"${BASE}/b/x"; # ok
154    echo "foobar" >"${BASE}/c/x"; # bad
155    echo "foobar" >"${BASE}/a/x"; # ok
156    chmod 0555  "${BASE}/a/a/x";  # bad
157    chmod 0555  "${BASE}/a/a/a/x";# ok
158    chmod 0555  "${BASE}/a/y";    # bad
159}
160
161chk_testdata_12 () {
162    # CDIRS="a b c a/a a/b a/c a/a/a a/a/b a/a/c a/a/a/a a/a/a/b a/a/a/c";
163    tmp=`grep CRIT $LOGFILE | wc -l`
164    if [ $tmp -ne 3 ]; then
165	[ -z "$verbose" ] || log_msg_fail "policy count";
166	return 1
167    fi
168    egrep "CRIT.*POLICY \[ReadOnly\] C-------TS.*${BASE}/c/x" $LOGFILE >/dev/null 2>&1
169    if [ $? -ne 0 ]; then
170	[ -z "$verbose" ] || log_msg_fail "${BASE}/c/x";
171	return 1
172    fi
173    egrep "CRIT.*POLICY \[Attributes\] -----M----.*${BASE}/a/a/x" $LOGFILE >/dev/null 2>&1
174    if [ $? -ne 0 ]; then
175	[ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/x";
176	return 1
177    fi
178    egrep "CRIT.*POLICY \[Attributes\] -----M----.*${BASE}/a/y" $LOGFILE >/dev/null 2>&1
179    if [ $? -ne 0 ]; then
180	[ -z "$verbose" ] || log_msg_fail "${BASE}/a/y";
181	return 1
182    fi
183    CDIRS="a a/a a/b a/c c";
184    NDIRS="b a/a/a a/a/b a/a/c a/a/a/a a/a/a/b a/a/a/c";
185    test_dirs;
186    return $?
187}
188
189#
190# --- ACL/SELinux test case
191#
192TESTPOLICY_11="
193[Misc]
194UseAclCheck=yes
195UseSelinuxCheck=yes
196[ReadOnly]
197dir=99${BASE}
198[IgnoreAll]
199dir=-1${BASE}/b
200[Attributes]
201dir=1${BASE}/a
202[Misc]
203UseSelinuxCheck = no
204UseAclCheck = no
205"
206
207mod_testdata_11 () {
208    one_sec_sleep
209    setfacl -m 'user:nobody:r--' "${BASE}/b/x"; # ok (ign)
210    setfacl -m 'user:nobody:r--' "${BASE}/c/x"; # bad
211    setfacl -m 'user:nobody:r--' "${BASE}/a/x"; # bad
212    setfattr -n 'security.selinux' -v "system_u:object_r:etc_t\000" "${BASE}/b/y";    # ok (ign)
213    setfattr -n 'security.selinux' -v "system_u:object_r:etc_t\000" "${BASE}/a/a/a/x";# ok (depth)
214    setfattr -n 'security.selinux' -v "system_u:object_r:etc_t\000" "${BASE}/a/x";    # bad
215    setfattr -n 'security.selinux' -v "system_u:object_r:etc_t\000" "${BASE}/a/y";    # bad
216}
217
218chk_testdata_11 () {
219    # CDIRS="a b c a/a a/b a/c a/a/a a/a/b a/a/c a/a/a/a a/a/a/b a/a/a/c";
220    tmp=`grep CRIT $LOGFILE | wc -l`
221    if [ $tmp -ne 1 ]; then
222	[ -z "$verbose" ] || log_msg_fail "policy count";
223	return 1
224    fi
225    egrep "CRIT.*POLICY \[ReadOnly\] --------T-.*${BASE}/c/x" $LOGFILE >/dev/null 2>&1
226    if [ $? -ne 0 ]; then
227	[ -z "$verbose" ] || log_msg_fail "${BASE}/c/x";
228	return 1
229    fi
230    CDIRS="a a/a a/b a/c c";
231    NDIRS="b a/a/a a/a/b a/a/c a/a/a/a a/a/a/b a/a/a/c";
232    test_dirs;
233    return $?
234}
235
236TESTPOLICY_10="
237[Misc]
238UseAclCheck=yes
239UseSelinuxCheck=yes
240[ReadOnly]
241dir=99${BASE}
242[IgnoreAll]
243dir=-1${BASE}/b
244[Attributes]
245dir=1${BASE}/a
246"
247
248mod_testdata_10 () {
249    one_sec_sleep
250    setfacl -m 'user:nobody:r--' "${BASE}/b/x"; # ok (ign)
251    setfacl -m 'user:nobody:r--' "${BASE}/c/x"; # bad
252    setfacl -m 'user:nobody:r--' "${BASE}/a/x"; # bad
253    setfattr -n 'security.selinux' -v "system_u:object_r:etc_t\000" "${BASE}/b/y";    # ok (ign)
254    setfattr -n 'security.selinux' -v "system_u:object_r:etc_t\000" "${BASE}/a/a/a/x";# ok (depth)
255    setfattr -n 'security.selinux' -v "system_u:object_r:etc_t\000" "${BASE}/a/x";    # bad
256    setfattr -n 'security.selinux' -v "system_u:object_r:etc_t\000" "${BASE}/a/y";    # bad
257}
258
259chk_testdata_10 () {
260    # CDIRS="a b c a/a a/b a/c a/a/a a/a/b a/a/c a/a/a/a a/a/a/b a/a/a/c";
261    tmp=`grep CRIT $LOGFILE | wc -l`
262    if [ $tmp -ne 5 ]; then
263	[ -z "$verbose" ] || log_msg_fail "policy count";
264	return 1
265    fi
266    egrep "CRIT.*POLICY \[ReadOnly\] -----M--T-.*${BASE}/c/x" $LOGFILE >/dev/null 2>&1
267    if [ $? -ne 0 ]; then
268	[ -z "$verbose" ] || log_msg_fail "${BASE}/c/x";
269	return 1
270    fi
271    egrep "CRIT.*POLICY \[Attributes\] -----M----.*${BASE}/a/x" $LOGFILE >/dev/null 2>&1
272    if [ $? -ne 0 ]; then
273	[ -z "$verbose" ] || log_msg_fail "${BASE}/a/x";
274	return 1
275    fi
276    egrep "CRIT.*POLICY \[Attributes\] -----M----.*${BASE}/a/y" $LOGFILE >/dev/null 2>&1
277    if [ $? -ne 0 ]; then
278	[ -z "$verbose" ] || log_msg_fail "${BASE}/a/y";
279	return 1
280    fi
281    CDIRS="a a/a a/b a/c c";
282    NDIRS="b a/a/a a/a/b a/a/c a/a/a/a a/a/a/b a/a/a/c";
283    test_dirs;
284    return $?
285}
286
287TESTPOLICY_9="
288[ReadOnly]
289dir=0${BASE}/b
290[Attributes]
291dir=2${BASE}/a/a
292"
293
294mod_testdata_9 () {
295    echo "foobar" >"${BASE}/b/x";
296    echo "foobar" >"${BASE}/a/x";
297    echo "foobar" >"${BASE}/x";
298}
299
300chk_testdata_9 () {
301    # CDIRS="a b c a/a a/b a/c a/a/a a/a/b a/a/c a/a/a/a a/a/a/b a/a/a/c";
302    tmp=`grep CRIT $LOGFILE | wc -l`
303    if [ $tmp -ne 1 ]; then
304	[ -z "$verbose" ] || log_msg_fail "policy count";
305	return 1
306    fi
307    CDIRS="b a/a a/a/a a/a/b a/a/c a/a/a/a a/a/a/b a/a/a/c";
308    NDIRS="a c a/b a/c";
309    test_dirs;
310    return $?
311}
312
313TESTPOLICY_8="
314[ReadOnly]
315dir=1${BASE}
316[Attributes]
317dir=1${BASE}/a/a
318"
319
320mod_testdata_8 () {
321    echo "foobar" >"${BASE}/a/x";
322    chmod 0555 "${BASE}/a/a/a/b/x";
323}
324
325chk_testdata_8 () {
326    # CDIRS="a b c a/a a/b a/c a/a/a a/a/b a/a/c a/a/a/a a/a/a/b a/a/a/c";
327    tmp=`grep CRIT $LOGFILE | wc -l`
328    if [ $tmp -ne 1 ]; then
329	[ -z "$verbose" ] || log_msg_fail "policy count";
330	return 1
331    fi
332    CDIRS="a b c a/a a/a/a a/a/b a/a/c";
333    NDIRS="a/b a/c a/a/a/a a/a/a/b a/a/a/c";
334    test_dirs;
335    return $?
336}
337
338
339TESTPOLICY_7="
340[ReadOnly]
341dir=${BASE}
342[Attributes]
343dir=${BASE}/a/a
344[GrowingLogFiles]
345dir=${BASE}/a/a/a
346[IgnoreAll]
347file=${BASE}/a/a/a/z
348dir=${BASE}/b
349[Misc]
350IgnoreMissing=${BASE}/a/[[:alnum:]]+/[[:alnum:]]+\$
351IgnoreAdded=${BASE}/a/(b|c)/[[:alnum:]]+\$
352"
353
354mod_testdata_7 () {
355    one_sec_sleep
356    echo "foobar" >"${BASE}/a/a/a/z" # ok
357    echo "foobar" >"${BASE}/a/a/a/x" # bad
358    echo "foobar" >"${BASE}/a/a/x"   # ok
359    echo "foobar" >"${BASE}/a/x"     # bad
360    chmod 0555     "${BASE}/a"       # bad
361    chmod 0555     "${BASE}/b"       # ok
362
363    rm    "${BASE}/a/c/z"
364    touch "${BASE}/a/c/zz2"
365}
366
367
368chk_testdata_7 () {
369    tmp=`grep CRIT $LOGFILE | wc -l`
370    if [ $tmp -ne 4 ]; then
371	[ -z "$verbose" ] || log_msg_fail "policy count";
372	return 1
373    fi
374    egrep "ERROR.*POLICY MISSING.*${BASE}/a/c/z" $LOGFILE >/dev/null 2>&1
375    if [ $? -eq 0 ]; then
376	[ -z "$verbose" ] || log_msg_fail "${BASE}/a/c/z";
377	return 1
378    fi
379    egrep "CRIT.*POLICY ADDED.*${BASE}/a/c/zz2" $LOGFILE >/dev/null 2>&1
380    if [ $? -eq 0 ]; then
381	[ -z "$verbose" ] || log_msg_fail "${BASE}/a/c/zz2";
382	return 1
383    fi
384    egrep "CRIT.*POLICY \[GrowingLogs\] C--------S.*${BASE}/a/a/a/x" $LOGFILE >/dev/null 2>&1
385    if [ $? -ne 0 ]; then
386	[ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/a/x";
387	return 1
388    fi
389    egrep "CRIT.*POLICY \[ReadOnly\] -----M--T-.*${BASE}/a" $LOGFILE >/dev/null 2>&1
390    if [ $? -ne 0 ]; then
391	[ -z "$verbose" ] || log_msg_fail "${BASE}/a";
392	return 1
393    fi
394    egrep "CRIT.*POLICY \[ReadOnly\] C-------TS.*${BASE}/a/x" $LOGFILE >/dev/null 2>&1
395    if [ $? -ne 0 ]; then
396	[ -z "$verbose" ] || log_msg_fail "${BASE}/a/x";
397	return 1
398    fi
399}
400
401
402TESTPOLICY_6="
403[ReadOnly]
404dir=${BASE}
405[Attributes]
406file=${BASE}/a/y
407file=${BASE}/b/y
408file=${BASE}/c/y
409file=${BASE}/a/a/y
410file=${BASE}/a/b/y
411file=${BASE}/a/c/y
412file=${BASE}/a/a/a/y
413file=${BASE}/a/a/b/y
414file=${BASE}/a/a/c/y
415file=${BASE}/a/a/a/a/y
416file=${BASE}/a/a/a/b/y
417file=${BASE}/a/a/a/c/y
418"
419
420mod_testdata_6 () {
421    one_sec_sleep
422    for ff in $TDIRS; do
423	echo "foobar" >"${BASE}/${ff}/x"
424	chmod 0555     "${BASE}/${ff}/y"
425	echo "foobar" >"${BASE}/${ff}/z"
426    done
427}
428
429chk_testdata_6 () {
430    count6=0
431    for ff in $TDIRS; do
432	#
433	egrep "Checking.*${BASE}/${ff}(>|\")" $LOGFILE >/dev/null 2>&1
434	if [ $? -ne 0 ]; then
435	    [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff} (checking)";
436	    return 1
437	fi
438	tmp=`egrep "Checking.*${BASE}/${ff}(>|\")" $LOGFILE 2>/dev/null | wc -l`
439	if [ $tmp -ne 1 ]; then
440	    [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff} (multiple)";
441	fi
442	#
443	for gg in $TFILES; do
444	    egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE >/dev/null 2>&1
445	    if [ $? -ne 0 ]; then
446		[ -z "$verbose" ] || log_msg_fail "${BASE}/${ff}/${gg} (checking)";
447	    fi
448	    tmp=`egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE 2>/dev/null | wc -l`
449	    if [ $tmp -ne 1 ]; then
450		[ -z "$verbose" ] || log_msg_fail "${BASE}/${ff}/${gg} (multiple)";
451	    fi
452	done
453	egrep "CRIT.*POLICY \[ReadOnly\] C-------TS.*${BASE}/${ff}/x" $LOGFILE >/dev/null 2>&1
454	if [ $? -ne 0 ]; then
455	    [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff}/x";
456	    return 1
457	fi
458	let "count6 = count6 + 1" >/dev/null
459	egrep "CRIT.*POLICY \[ReadOnly\] C-------TS.*${BASE}/${ff}/z" $LOGFILE >/dev/null 2>&1
460	if [ $? -ne 0 ]; then
461	    [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff}/z";
462	    return 1
463	fi
464	let "count6 = count6 + 1" >/dev/null
465	egrep "CRIT.*POLICY \[Attributes\] -----M----.*${BASE}/${ff}/y" $LOGFILE >/dev/null 2>&1
466	if [ $? -ne 0 ]; then
467	    [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff}/y";
468	    return 1
469	fi
470	let "count6 = count6 + 1" >/dev/null
471    done
472    tmp=`grep CRIT $LOGFILE | wc -l`
473    if [ $tmp -ne $count6 ]; then
474	[ -z "$verbose" ] || log_msg_fail "policy count";
475	return 1
476    fi
477}
478
479TESTPOLICY_5="
480[Attributes]
481dir=${BASE}
482file=${BASE}/a/a/c/x
483[ReadOnly]
484file=${BASE}/a/a/c/y
485[GrowingLogFiles]
486dir=${BASE}/a/a/c
487dir=${BASE}/a/a/b
488dir=${BASE}/a/b
489"
490
491mod_testdata_5 () {
492    mod_testdata_4
493    echo "1 This is a xxxx file" > "${BASE}/a/a/b/x"     # GrowingLogFiles
494    echo "1 This is a test file" > "${BASE}/a/a/b/y"     # GrowingLogFiles
495    echo "2 This is a test file" >> "${BASE}/a/a/b/y"    # GrowingLogFiles
496    echo "1 This is a xxxx file bad" > "${BASE}/a/a/b/z" # GrowingLogFiles
497    echo "2 This is a xxxx file bad" >>"${BASE}/a/a/b/z" # GrowingLogFiles
498    echo "3 This is a xxxx file bad" >>"${BASE}/a/a/b/z" # GrowingLogFiles
499}
500
501chk_testdata_5 () {
502    for ff in $TDIRS; do
503	#
504	egrep "Checking.*${BASE}/${ff}(>|\")" $LOGFILE >/dev/null 2>&1
505	if [ $? -ne 0 ]; then
506	    [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff} (checking)";
507	    return 1
508	fi
509	tmp=`egrep "Checking.*${BASE}/${ff}(>|\")" $LOGFILE 2>/dev/null | wc -l`
510	if [ $tmp -ne 1 ]; then
511	    [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff} (multiple)";
512	fi
513	#
514	for gg in $TFILES; do
515	    egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE >/dev/null 2>&1
516	    if [ $? -ne 0 ]; then
517		[ -z "$verbose" ] || log_msg_fail "${BASE}/${ff}/${gg} (checking)";
518	    fi
519	    tmp=`egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE 2>/dev/null | wc -l`
520	    if [ $tmp -ne 1 ]; then
521		[ -z "$verbose" ] || log_msg_fail "${BASE}/${ff}/${gg} (multiple)";
522	    fi
523	done
524    done
525    egrep "CRIT.*POLICY \[GrowingLogs\] C---------.*${BASE}/a/a/b/x" $LOGFILE >/dev/null 2>&1
526    if [ $? -ne 0 ]; then
527	[ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/b/x";
528	return 1
529    fi
530    egrep "CRIT.*POLICY \[GrowingLogs\] C---------.*${BASE}/a/a/b/z" $LOGFILE >/dev/null 2>&1
531    if [ $? -ne 0 ]; then
532	[ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/b/z";
533	return 1
534    fi
535    egrep "CRIT.*POLICY \[GrowingLogs\] -----M----.*${BASE}/a/b/z" $LOGFILE >/dev/null 2>&1
536    if [ $? -ne 0 ]; then
537	[ -z "$verbose" ] || log_msg_fail "${BASE}/a/b/z";
538	return 1
539    fi
540    egrep "CRIT.*POLICY \[GrowingLogs\] -----M----.*${BASE}/a/a/c/z" $LOGFILE >/dev/null 2>&1
541    if [ $? -ne 0 ]; then
542	[ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/c/z";
543	return 1
544    fi
545    egrep "CRIT.*POLICY \[GrowingLogs\] C--------S.*${BASE}/a/b/y" $LOGFILE >/dev/null 2>&1
546    if [ $? -ne 0 ]; then
547	[ -z "$verbose" ] || log_msg_fail "${BASE}/a/b/y";
548	return 1
549    fi
550    egrep "CRIT.*POLICY \[Attributes\] -----M----.*${BASE}/a/a/c/x" $LOGFILE >/dev/null 2>&1
551    if [ $? -ne 0 ]; then
552	[ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/c/x";
553	return 1
554    fi
555    egrep "CRIT.*POLICY ADDED.*${BASE}/a/a/c/foo" $LOGFILE >/dev/null 2>&1
556    if [ $? -ne 0 ]; then
557	[ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/c/foo";
558	return 1
559    fi
560    egrep "CRIT.*POLICY ADDED.*033\[1;30m" $LOGFILE >/dev/null 2>&1
561    if [ $? -ne 0 ]; then
562	[ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/\033[1;30m";
563	return 1
564    fi
565    egrep "WARN.*Weird filename.*033\[1;30m" $LOGFILE >/dev/null 2>&1
566    if [ $? -ne 0 ]; then
567	[ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/\033[1;30m";
568	return 1
569    fi
570    egrep "CRIT.*POLICY \[ReadOnly\] C-------TS.*${BASE}/a/a/c/y" $LOGFILE >/dev/null 2>&1
571    if [ $? -ne 0 ]; then
572	[ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/c/y";
573	return 1
574    fi
575    tmp=`grep CRIT $LOGFILE | wc -l`
576    if [ $tmp -ne 9 ]; then
577	[ -z "$verbose" ] || log_msg_fail "policy count";
578	return 1
579    fi
580}
581
582
583TESTPOLICY_4="
584[Attributes]
585dir=${BASE}
586file=${BASE}/a/a/c/x
587[ReadOnly]
588file=${BASE}/a/a/c/y
589[LogFiles]
590dir=${BASE}/a/a/c
591dir=${BASE}/a/b
592"
593
594mod_testdata_4 () {
595    one_sec_sleep
596    echo "foobar" >> "${BASE}/a/a/x"    # Attributes
597    echo "foobar" > "${BASE}/a/a/c/foo" # new within LogFiles
598    echo "foobar" >> "${BASE}/a/a/c/y"  # ReadOnly
599    echo "foobar" >> "${BASE}/a/a/c/x"  # Attributes
600    chmod 0555 "${BASE}/a/a/c/x"        # Attributes
601    chmod 0555 "${BASE}/a/a/c/z"        # LogFiles
602    echo "foobar" >> "${BASE}/a/b/x"    # LogFiles
603    echo ""       >  "${BASE}/a/b/y"    # LogFiles
604    chmod 0555 "${BASE}/a/b/z"          # LogFiles
605    touch "${BASE}/a/a/"        # non-printable character in filename
606}
607
608chk_testdata_4 () {
609    for ff in $TDIRS; do
610	#
611	egrep "Checking.*${BASE}/${ff}(>|\")" $LOGFILE >/dev/null 2>&1
612	if [ $? -ne 0 ]; then
613	    [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff} (checking)";
614	    return 1
615	fi
616	tmp=`egrep "Checking.*${BASE}/${ff}(>|\")" $LOGFILE 2>/dev/null | wc -l`
617	if [ $tmp -ne 1 ]; then
618	    [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff} (multiple)";
619	fi
620	#
621	for gg in $TFILES; do
622	    egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE >/dev/null 2>&1
623	    if [ $? -ne 0 ]; then
624		[ -z "$verbose" ] || log_msg_fail "${BASE}/${ff}/${gg} (checking)";
625	    fi
626	    tmp=`egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE 2>/dev/null | wc -l`
627	    if [ $tmp -ne 1 ]; then
628		[ -z "$verbose" ] || log_msg_fail "${BASE}/${ff}/${gg} (multiple)";
629	    fi
630	done
631    done
632    egrep "CRIT.*POLICY \[Attributes\] -----M----.*${BASE}/a/a/c/x" $LOGFILE >/dev/null 2>&1
633    if [ $? -ne 0 ]; then
634	[ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/c/x";
635	return 1
636    fi
637    egrep "CRIT.*POLICY \[LogFiles\] -----M----.*${BASE}/a/b/z" $LOGFILE >/dev/null 2>&1
638    if [ $? -ne 0 ]; then
639	[ -z "$verbose" ] || log_msg_fail "${BASE}/a/b/z";
640	return 1
641    fi
642    egrep "CRIT.*POLICY \[LogFiles\] -----M----.*${BASE}/a/a/c/z" $LOGFILE >/dev/null 2>&1
643    if [ $? -ne 0 ]; then
644	[ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/c/z";
645	return 1
646    fi
647    egrep "CRIT.*POLICY ADDED.*${BASE}/a/a/c/foo" $LOGFILE >/dev/null 2>&1
648    if [ $? -ne 0 ]; then
649	[ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/c/foo";
650	return 1
651    fi
652    egrep "CRIT.*POLICY ADDED.*033\[1;30m" $LOGFILE >/dev/null 2>&1
653    if [ $? -ne 0 ]; then
654	[ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/\033[1;30m";
655	return 1
656    fi
657    egrep "WARN.*Weird filename.*033\[1;30m" $LOGFILE >/dev/null 2>&1
658    if [ $? -ne 0 ]; then
659	[ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/\033[1;30m";
660	return 1
661    fi
662    egrep "CRIT.*POLICY \[ReadOnly\] C-------TS.*${BASE}/a/a/c/y" $LOGFILE >/dev/null 2>&1
663    if [ $? -ne 0 ]; then
664	[ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/c/y";
665	return 1
666    fi
667    tmp=`grep CRIT $LOGFILE | wc -l`
668    if [ $tmp -ne 6 ]; then
669	[ -z "$verbose" ] || log_msg_fail "policy count";
670	return 1
671    fi
672}
673
674TESTPOLICY_3="
675[Attributes]
676dir=${BASE}
677file=${BASE}/a/a/c/x
678[ReadOnly]
679file=${BASE}/a/a/c/y
680[IgnoreAll]
681dir=${BASE}/a/a/c
682"
683mod_testdata_3 () {
684    one_sec_sleep
685    echo "foobar" > "${BASE}/a/b/foo"   # new within Attributes
686    chmod 0555 "${BASE}/a/b"
687    echo "foobar" > "${BASE}/a/a/c/foo" # new within IgnoreAll
688    echo "foobar" > "${BASE}/a/a/c/y"   # ReadOnly
689    chmod 0555 "${BASE}/a/a/c/x"        # Attributes
690    chmod 0555 "${BASE}/a/a/c/z"        # IgnoreAll
691}
692
693chk_testdata_3 () {
694    for ff in $TDIRS; do
695	#
696	egrep "Checking.*${BASE}/${ff}(>|\")" $LOGFILE >/dev/null 2>&1
697	if [ $? -ne 0 ]; then
698	    [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff} (checking)";
699	    return 1
700	fi
701	tmp=`egrep "Checking.*${BASE}/${ff}(>|\")" $LOGFILE 2>/dev/null | wc -l`
702	if [ $tmp -ne 1 ]; then
703	    [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff} (multiple)";
704	fi
705	#
706	for gg in $TFILES; do
707	    egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE >/dev/null 2>&1
708	    if [ $? -ne 0 ]; then
709		[ -z "$verbose" ] || log_msg_fail "${BASE}/${ff}/${gg} (checking)";
710	    fi
711	    tmp=`egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE 2>/dev/null | wc -l`
712	    if [ $tmp -ne 1 ]; then
713		[ -z "$verbose" ] || log_msg_fail "${BASE}/${ff}/${gg} (multiple)";
714	    fi
715	done
716    done
717    egrep "CRIT.*POLICY ADDED.*${BASE}/a/b/foo" $LOGFILE >/dev/null 2>&1
718    if [ $? -ne 0 ]; then
719	[ -z "$verbose" ] || log_msg_fail "${BASE}/a/b/foo";
720	return 1
721    fi
722    egrep "CRIT.*POLICY ADDED.*${BASE}/a/a/c/foo" $LOGFILE >/dev/null 2>&1
723    if [ $? -ne 0 ]; then
724	[ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/c/foo";
725	return 1
726    fi
727    egrep "CRIT.*POLICY \[Attributes\] -----M----.*${BASE}/a/b" $LOGFILE >/dev/null 2>&1
728    if [ $? -ne 0 ]; then
729	[ -z "$verbose" ] || log_msg_fail "${BASE}/a/b";
730	return 1
731    fi
732    egrep "CRIT.*POLICY \[Attributes\] -----M----.*${BASE}/a/a/c/x" $LOGFILE >/dev/null 2>&1
733    if [ $? -ne 0 ]; then
734	[ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/c/x";
735	return 1
736    fi
737    egrep "CRIT.*POLICY \[ReadOnly\] C-------TS.*${BASE}/a/a/c/y" $LOGFILE >/dev/null 2>&1
738    if [ $? -ne 0 ]; then
739	[ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/c/y";
740	return 1
741    fi
742    tmp=`grep CRIT $LOGFILE | wc -l`
743    if [ $tmp -ne 5 ]; then
744	[ -z "$verbose" ] || log_msg_fail "policy count";
745	return 1
746    fi
747}
748
749TESTPOLICY_2="
750[ReadOnly]
751dir=${BASE}
752file=${BASE}/a/a/c/x
753[IgnoreAll]
754dir=${BASE}/a/a/c
755"
756mod_testdata_2 () {
757    # mod_testdata_1;
758    one_sec_sleep
759    touch "${BASE}/a/a/x"
760    chmod 0555 "${BASE}/a/a/y"
761    mv "${BASE}/a/b/y" "${BASE}/a/b/yy";
762    echo "1 This is a test file" >  "${BASE}/a/b/y";
763    echo "2 This is a test file" >> "${BASE}/a/b/y";
764    echo "4 This is a test file" >> "${BASE}/a/b/z";
765    rm "${BASE}/a/b/yy"; # mv/rm to force new inode
766    rm "${BASE}/a/b/l_y";
767    ln -s "${BASE}/a/b/x" "${BASE}/a/b/l_y";
768    echo "foobar" > "${BASE}/a/c/y"
769    rm "${BASE}/a/a/c/y"
770    echo "foobar" > "${BASE}/a/a/c/foo"
771    chmod 0555 "${BASE}/a/a/c/x"
772    chmod 0555 "${BASE}/a/a/c/z"
773}
774
775chk_testdata_2 () {
776    for ff in $TDIRS; do
777	#
778	egrep "Checking.*${BASE}/${ff}(>|\")" $LOGFILE >/dev/null 2>&1
779	if [ $? -ne 0 ]; then
780	    [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff} (checking)";
781	    return 1
782	fi
783	tmp=`egrep "Checking.*${BASE}/${ff}(>|\")" $LOGFILE 2>/dev/null | wc -l`
784	if [ $tmp -ne 1 ]; then
785	    [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff} (multiple)";
786	fi
787	#
788	for gg in $TFILES; do
789	    egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE >/dev/null 2>&1
790	    if [ $? -ne 0 ]; then
791		if [ x"${ff}/${gg}" = x"a/a/c/y" ]; then :; else
792		    [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff}/${gg} (checking)";
793		    return 1
794		fi
795	    fi
796	done
797    done
798    egrep "CRIT.*POLICY ADDED.*${BASE}/a/a/c/foo" $LOGFILE >/dev/null 2>&1
799    if [ $? -ne 0 ]; then
800	[ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/c/foo";
801	return 1
802    fi
803    egrep "CRIT.*POLICY MISSING.*${BASE}/a/a/c/y" $LOGFILE >/dev/null 2>&1
804    if [ $? -ne 0 ]; then
805	[ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/c/y";
806	return 1
807    fi
808    egrep "CRIT.*POLICY \[ReadOnly\] -----M--T-.*${BASE}/a/a/c/x" $LOGFILE >/dev/null 2>&1
809    if [ $? -ne 0 ]; then
810	[ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/c/x";
811	return 1
812    fi
813    tmp=`grep CRIT $LOGFILE | wc -l`
814    if [ $tmp -ne 10 ]; then
815	[ -z "$verbose" ] || log_msg_fail "policy count";
816	return 1
817    fi
818}
819
820TESTPOLICY_1="
821[Misc]
822RedefReadOnly = +TXT
823[ReadOnly]
824dir=${BASE}
825"
826
827mod_testdata_1 () {
828    one_sec_sleep
829    touch "${BASE}/a/a/x"
830    chmod 0555 "${BASE}/a/a/y"
831    mv "${BASE}/a/b/y" "${BASE}/a/b/yy";
832    echo "1 This is a test file" >  "${BASE}/a/b/y";
833    echo "2 This is a test file" >> "${BASE}/a/b/y";
834    echo "4 This is a test file" >> "${BASE}/a/b/z";
835    rm "${BASE}/a/b/yy"; # mv/rm to force new inode
836    rm "${BASE}/a/b/l_y";
837    ln -s "${BASE}/a/b/x" "${BASE}/a/b/l_y";
838    echo "foobar" > "${BASE}/a/c/y"
839    #
840    mv "${BASE}/b/x" "${BASE}/b/xx"; # mv/rm to force new inode
841    mkdir "${BASE}/b/x"
842    rm "${BASE}/b/xx";
843    #
844    mv "${BASE}/b/y" "${BASE}/b/yy"; # mv/rm to force new inode
845    ln -s  "${BASE}/b/z" "${BASE}/b/y"
846    rm "${BASE}/b/yy";
847    #
848    rm "${BASE}/b/l_x";  echo "1 This is a test file" >  "${BASE}/b/l_x";
849}
850
851chk_testdata_1 () {
852    for ff in $TDIRS; do
853	#
854	egrep "Checking.*${BASE}/${ff}(>|\")" $LOGFILE >/dev/null 2>&1
855	if [ $? -ne 0 ]; then
856	    [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff} (checking)";
857	    return 1
858	fi
859	tmp=`egrep "Checking.*${BASE}/${ff}(>|\")" $LOGFILE 2>/dev/null | wc -l`
860	if [ $tmp -ne 1 ]; then
861	    [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff} (multiple)";
862	    return 1
863	fi
864	#
865	for gg in $TFILES; do
866	    egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE >/dev/null 2>&1
867	    if [ $? -ne 0 ]; then
868		if [ "${BASE}/${ff}" != "${BASE}/b" ]; then
869		    [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff}/${gg} (checksum)";
870		    return 1
871		fi
872	    fi
873	    tmp=`egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE 2>/dev/null | wc -l`
874	    if [ $tmp -ne 1 ]; then
875		if [ "${BASE}/${ff}" != "${BASE}/b" ]; then
876		    [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff}/${gg} (multiple)";
877		    return 1
878		fi
879	    fi
880	done
881    done
882    #
883    #
884    #
885    egrep "CRIT.*POLICY \[ReadOnly\] ----H---T-.*${BASE}/b" $LOGFILE >/dev/null 2>&1
886    if [ $? -ne 0 ]; then
887	[ -z "$verbose" ] || log_msg_fail "${BASE}/b";
888	return 1
889    fi
890    egrep "CRIT.*POLICY \[ReadOnly\] CL-I-M--TS.*${BASE}/b/y" $LOGFILE >/dev/null 2>&1
891    if [ $? -ne 0 ]; then
892	[ -z "$verbose" ] || log_msg_fail "${BASE}/b/y";
893	return 1
894    fi
895    egrep "CRIT.*POLICY \[ReadOnly\] CL-.-M--TS.*${BASE}/b/l_x" $LOGFILE >/dev/null 2>&1
896    if [ $? -ne 0 ]; then
897	[ -z "$verbose" ] || log_msg_fail "${BASE}/b/l_x";
898	return 1
899    fi
900    egrep "CRIT.*POLICY \[ReadOnly\] C--IHM--TS.*${BASE}/b/x" $LOGFILE >/dev/null 2>&1
901    if [ $? -ne 0 ]; then
902	[ -z "$verbose" ] || log_msg_fail "${BASE}/b/x";
903	return 1
904    fi
905    #
906    #
907    #
908    egrep "CRIT.*POLICY \[ReadOnly\] --------T-.*${BASE}/a/a/x" $LOGFILE >/dev/null 2>&1
909    if [ $? -ne 0 ]; then
910	[ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/x";
911	return 1
912    fi
913    egrep "CRIT.*POLICY \[ReadOnly\] -----M--T-.*${BASE}/a/a/y" $LOGFILE >/dev/null 2>&1
914    if [ $? -ne 0 ]; then
915	[ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/y";
916	return 1
917    fi
918    egrep "CRIT.*POLICY \[ReadOnly\] ---I----T-.*${BASE}/a/b/y" $LOGFILE >/dev/null 2>&1
919    if [ $? -ne 0 ]; then
920	[ -z "$verbose" ] || log_msg_fail "${BASE}/a/b/y";
921	return 1
922    fi
923    egrep "CRIT.*POLICY \[ReadOnly\] -L-I----T-.*${BASE}/a/b/l_y" $LOGFILE >/dev/null 2>&1
924    if [ $? -ne 0 ]; then
925	[ -z "$verbose" ] || log_msg_fail "${BASE}/a/b/l_y";
926	return 1
927    fi
928    egrep "CRIT.*POLICY \[ReadOnly\] --------T-.*${BASE}/a/b" $LOGFILE >/dev/null 2>&1
929    if [ $? -ne 0 ]; then
930	[ -z "$verbose" ] || log_msg_fail "${BASE}/a/b";
931	return 1
932    fi
933    egrep "CRIT.*POLICY \[ReadOnly\] C-------TS.*${BASE}/a/b/z" $LOGFILE >/dev/null 2>&1
934    if [ $? -ne 0 ]; then
935	[ -z "$verbose" ] || log_msg_fail "${BASE}/a/b/z";
936	return 1
937    fi
938    egrep "CRIT.*POLICY \[ReadOnly\] C-------TS.*${BASE}/a/c/y" $LOGFILE >/dev/null 2>&1
939    if [ $? -ne 0 ]; then
940	[ -z "$verbose" ] || log_msg_fail "${BASE}/a/c/y";
941	return 1
942    fi
943    tmp=`grep CRIT $LOGFILE | wc -l`
944    if [ $tmp -ne 11 ]; then
945	[ -z "$verbose" ] || log_msg_fail "policy count";
946	return 1
947    fi
948    for ff in x y z; do
949	./samhain --list-file "${BASE}/a/a/${ff}" -d "$PW_DIR/.samhain_file" > "$PW_DIR/.samhain_tmp"
950	diff "$PW_DIR/.samhain_tmp" "${BASE}/a/a/${ff}" >/dev/null
951	if [ $? -ne 0 ]; then
952	    [ -z "$verbose" ] || log_msg_fail "diff $PW_DIR/.samhain_tmp ${BASE}/a/a/${ff}"
953	    return 1
954	fi
955    done
956
957    return 0
958}
959
960
961##############################################################
962#
963# Common subroutines
964#
965
966mkconfig_misc ()
967{
968    test -f "${RCFILE}" || touch "${RCFILE}"
969    cat >> "${RCFILE}" <<End-of-data
970[Misc]
971Daemon=no
972SetFilecheckTime=60
973TrustedUser=uucp,fax,fnet
974SetRecursionLevel=10
975SetLoopTime=30
976ReportFullDetail = no
977ChecksumTest=check
978
979End-of-data
980}
981
982mkconfig_log ()
983{
984    test -f "${RCFILE}" || touch "${RCFILE}"
985    cat >> "${RCFILE}" <<End-of-data
986[Log]
987MailSeverity=none
988LogSeverity=warn
989SyslogSeverity=none
990PrintSeverity=info
991MailSeverity=none
992#Restrict to certain classes of messages
993#LogClass=RUN
994#PreludeSeverity=err
995#ExportSeverity=none
996
997End-of-data
998}
999
1000mkconfig_sev ()
1001{
1002    test -f "${RCFILE}" || touch "${RCFILE}"
1003    cat >> "${RCFILE}" <<End-of-data
1004[EventSeverity]
1005SeverityUser0=crit
1006SeverityUser1=crit
1007SeverityReadOnly=crit
1008SeverityLogFiles=crit
1009SeverityGrowingLogs=crit
1010SeverityIgnoreNone=crit
1011SeverityAttributes=crit
1012SeverityIgnoreAll=crit
1013SeverityFiles=err
1014SeverityDirs=err
1015SeverityNames=warn
1016
1017End-of-data
1018}
1019
1020prep_testpolicy ()
1021{
1022    test -f "${RCFILE}" || touch "${RCFILE}"
1023    eval echo '"$'"TESTPOLICY_$1"'"' >>"${RCFILE}"
1024}
1025
1026prep_init ()
1027{
1028    rm -f ./.samhain_file
1029    rm -f "${LOGFILE}"
1030    rm -f ./.samhain_lock
1031
1032    rm -f "${RCFILE}"
1033    mkconfig_sev
1034    mkconfig_log
1035    mkconfig_misc
1036}
1037
1038run_init ()
1039{
1040    rm -f test_log_valgrind
1041
1042    ${VALGRIND} ./samhain -t init -p none 2>>test_log_valgrind
1043
1044    if test x$? = x0; then
1045	[ -z "$verbose" ] || log_msg_ok    "init...";
1046    else
1047	[ -z "$quiet" ]   && log_msg_fail  "init...";
1048	return 1
1049    fi
1050}
1051
1052run_check ()
1053{
1054    if [ "x$1" = "x"  ]; then
1055	logsev=debug
1056    else
1057	logsev=$1
1058    fi
1059    ${VALGRIND} ./samhain -t check -p none -l $logsev 2>>test_log_valgrind
1060 
1061    if test x$? = x0; then
1062
1063	./samhain -j -L $LOGFILE >"${LOGFILE}.tmp" && mv "${LOGFILE}.tmp" "${LOGFILE}"
1064
1065	if [ $? -ne 0 ]; then
1066	    [ -z "$quiet" ]   && log_msg_fail  "mv logfile...";
1067	    return 1
1068	fi
1069	[ -z "$verbose" ] || log_msg_ok    "check...";
1070    else
1071	[ -z "$quiet" ]   && log_msg_fail  "check...";
1072	return 1
1073    fi
1074}
1075
1076run_update ()
1077{
1078    ${VALGRIND} ./samhain -t update -p none -l debug 2>>test_log_valgrind
1079
1080    if test x$? = x0; then
1081	[ -z "$verbose" ] || log_msg_ok    "update...";
1082    else
1083	[ -z "$quiet" ]   && log_msg_fail  "update...";
1084	return 1
1085    fi
1086}
1087
1088run_check_after_update ()
1089{
1090    rm -rf $LOGFILE
1091
1092    ${VALGRIND} ./samhain -t check -p none -l debug 2>>test_log_valgrind
1093
1094    if test x$? = x0; then
1095	#
1096	tmp=`./samhain -j -L $LOGFILE | grep CRIT | wc -l`
1097	if [ $tmp -ne 0 ]; then
1098	    [ -z "$verbose" ] || log_msg_fail "update not successful(?)";
1099	    return 1
1100	fi
1101	#
1102	# wtmp may not be readable
1103	#
1104	tmp=`./samhain -j -L $LOGFILE | grep ERR | grep -v wtmp | wc -l`
1105	if [ $tmp -ne 0 ]; then
1106	    [ -z "$verbose" ] || log_msg_fail "errors during check";
1107	    return 1
1108	fi
1109	#
1110	[ -z "$VALGRIND" ] || {
1111	    tmp=`cat test_log_valgrind 2>/dev/null | wc -l`;
1112	    if [ $tmp -ne 0 ]; then
1113		[ -z "$verbose" ] || log_msg_fail "valgrind reports errors";
1114		cat test_log_valgrind
1115		return 1;
1116	    fi;
1117	}
1118	#
1119	[ -z "$verbose" ] || log_msg_ok    "check(2)...";
1120    else
1121	[ -z "$quiet" ]   && log_msg_fail  "check(2)...";
1122	return 1
1123    fi
1124}
1125
1126prep_testdata ()
1127{
1128    if test -d "$BASE"; then
1129	if [ -d "${BASE}" ]; then
1130	    chmod -f -R 0700 "${BASE}" || {
1131		[ -z "$quiet" ] &&   log_msg_fail "chmod -f -R 0700 ${BASE}"; 
1132		return 1;
1133	    }
1134	fi
1135    fi
1136
1137    rm -rf "${BASE}" || {
1138	[ -z "$quiet" ] &&   log_msg_fail "rm -rf ${BASE}"; 
1139	return 1;
1140    }
1141
1142    mkdir "${BASE}" || {
1143	[ -z "$quiet" ] &&   log_msg_fail "mkdir ${BASE}"; 
1144	return 1;
1145    }
1146
1147    echo "${BASE}" > ./tmp_list_file
1148
1149    for ff in $TDIRS; do
1150	mkdir "${BASE}/${ff}" || { 
1151	    [ -z "$quiet" ] &&   log_msg_fail "mkdir ${BASE}/${ff}"; 
1152	    return 1;
1153	}
1154	echo "${BASE}/${ff}" >> ./tmp_list_file
1155	chmod 0755 "${BASE}/${ff}"
1156	for gg in $TFILES; do
1157	    echo "1 This is a test file" > "${BASE}/${ff}/${gg}"
1158	    chmod 0644 "${BASE}/${ff}/${gg}"
1159	    echo "${BASE}/${ff}/${gg}"  >> ./tmp_list_file
1160	    ln -s "${BASE}/${ff}/${gg}" "${BASE}/${ff}/l_${gg}"
1161	    echo "${BASE}/${ff}/l_${gg}"  >> ./tmp_list_file
1162	done
1163	echo "2 This is a test file" >> "${BASE}/${ff}/y"
1164	echo "2 This is a test file" >> "${BASE}/${ff}/z"
1165	echo "3 This is a test file" >> "${BASE}/${ff}/z"
1166    done
1167}
1168
1169check_err ()
1170{
1171    if [ $1 -ne 0 ]; then
1172	log_fail ${2} ${MAXTEST};
1173	return 1
1174    fi
1175    return 0
1176}
1177 
1178testrun_internal ()
1179{
1180	[ -z "$verbose" ] || echo Working directory: $PW_DIR
1181	[ -z "$verbose" ] || { echo MAKE is $MAKE; echo; }
1182
1183	#
1184	# test standalone compilation
1185	#
1186	[ -z "$verbose" ] || { echo; echo "${S}Building standalone agent${E}"; echo; }
1187
1188	if test -r "Makefile"; then
1189		$MAKE distclean >/dev/null 
1190	fi
1191
1192	${TOP_SRCDIR}/configure ${BUILDOPTS} 
1193
1194	#
1195	if test x$? = x0; then
1196		[ -z "$verbose" ] ||     log_msg_ok "configure..."; 
1197		$MAKE  >/dev/null 2>>test_log
1198		if test x$? = x0; then
1199		    [ -z "$verbose" ] || log_msg_ok "make..."; 
1200		else
1201		    [ -z "$quiet" ] &&   log_msg_fail "make..."; 
1202		    return 1
1203		fi
1204
1205	else
1206		[ -z "$quiet" ] &&       log_msg_fail "configure...";
1207		return 1
1208	fi
1209
1210	[ -z "$verbose" ] || { echo; echo "${S}Running test suite${E}"; echo; }
1211
1212	tcount=1
1213	POLICY=`eval echo '"$'"TESTPOLICY_$tcount"'"'`
1214
1215	until [ ${tcount} -gt ${MAXTEST_3} ]
1216	do
1217	  prep_init
1218	  check_err $? ${tcount}; errval=$?
1219	  if [ $errval -eq 0 ]; then
1220	      prep_testdata
1221	      check_err $? ${tcount}; errval=$?
1222	  fi
1223	  if [ $errval -eq 0 ]; then
1224	      prep_testpolicy   ${tcount}
1225	      check_err $? ${tcount}; errval=$?
1226	  fi
1227	  if [ $errval -eq 0 ]; then
1228	      run_init
1229	      check_err $? ${tcount}; errval=$?
1230	  fi
1231	  if [ $errval -eq 0 ]; then
1232	      eval mod_testdata_${tcount}
1233	      check_err $? ${tcount}; errval=$?
1234	  fi
1235	  if [ $errval -eq 0 ]; then
1236	      run_check
1237	      check_err $? ${tcount}; errval=$?
1238	  fi
1239	  if [ $errval -eq 0 ]; then
1240	      eval chk_testdata_${tcount}
1241	      check_err $? ${tcount}; errval=$?
1242	  fi
1243	  if [ $testrun1_setup -eq 0 ]; then
1244	      if [ $errval -eq 0 ]; then
1245		  run_update
1246		  check_err $? ${tcount}; errval=$?
1247	      fi
1248	      if [ $errval -eq 0 ]; then
1249		  run_check_after_update
1250		  check_err $? ${tcount}; errval=$?
1251	      fi
1252	  fi
1253	  #
1254	  if [ $errval -eq 0 ]; then
1255	      [ -z "$quiet" ] && log_ok ${tcount} ${MAXTEST};
1256	  fi
1257	  #
1258	  let "tcount = tcount + 1" >/dev/null
1259	  #
1260	  if [ $tcount -eq 10 ]; then
1261	      if [ -z "$doall" ]; then
1262		  log_skip 10 $MAXTEST 'ACL/SELinux test (or use --really-all)'
1263		  log_skip 11 $MAXTEST 'ACL/SELinux test (or use --really-all)'
1264		  let "tcount = tcount + 2" >/dev/null
1265	      else
1266		  # 'id -u' is posix
1267		  #
1268		  if test -f /usr/xpg4/bin/id
1269		  then
1270		      my_uid=`/usr/xpg4/bin/id -u`
1271		  else
1272		      my_uid=`id -u`
1273		  fi
1274		  #
1275		  if [ ${my_uid} -ne 0 ]; then
1276		      log_skip 10 $MAXTEST 'ACL/SELinux test (you are not root)'
1277		      log_skip 11 $MAXTEST 'ACL/SELinux test (you are not root)'
1278		      let "tcount = tcount + 2" >/dev/null
1279		  else
1280
1281		      SETFATTR=`find_path setfattr`
1282		      if [ -z "$SETFATTR" ]; then
1283			  log_skip 10 $MAXTEST 'ACL/SELinux test (setfattr not in path)'
1284			  log_skip 11 $MAXTEST 'ACL/SELinux test (setfattr not in path)'
1285			  let "tcount = tcount + 2" >/dev/null
1286		      fi
1287		  fi
1288	      fi
1289	  fi
1290	  #
1291	  POLICY=`eval echo '"$'"TESTPOLICY_$tcount"'"'`
1292	done
1293	    
1294	return 0
1295}
1296
1297testrun1 ()
1298{
1299    log_start "RUN STANDALONE"
1300    testrun_internal
1301    log_end "RUN STANDALONE"
1302    return 0
1303}
1304
1305
1306
1307