1#! /bin/sh 2 3# 4# Copyright Rainer Wichmann (2006) 5# 6# License Information: 7# This program is free software; you can redistribute it and/or modify 8# it under the terms of the GNU General Public License as published by 9# the Free Software Foundation; either version 2 of the License, or 10# (at your option) any later version. 11# 12# This program is distributed in the hope that it will be useful, 13# but WITHOUT ANY WARRANTY; without even the implied warranty of 14# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15# GNU General Public License for more details. 16# 17# You should have received a copy of the GNU General Public License 18# along with this program; if not, write to the Free Software 19# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. 20# 21 22RCFILE="$PW_DIR/testrc_1.dyn"; export RCFILE 23LOGFILE="$PW_DIR/.samhain_log"; export LOGFILE 24 25# --enable-login-watch --enable-xml-log 26# --enable-debug --enable-suidcheck --with-prelude 27 28BUILDOPTS="--quiet $TRUST --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$RCFILE --with-log-file=$LOGFILE --with-pid-file=$PW_DIR/.samhain_lock --with-data-file=$PW_DIR/.samhain_file --enable-debug" 29export BUILDOPTS 30 31BASE="${PW_DIR}/testrun_testdata"; export BASE 32TDIRS="a b c a/a a/b a/c a/a/a a/a/b a/a/c a/a/a/a a/a/a/b a/a/a/c"; export TDIRS 33TFILES="x y z"; export TFILES 34 35########################################################### 36# 37# ---- [Define tests here] ---- 38# 39 40# 1 for testing new tests 41testrun1_setup=0 42 43MAXTEST=15; export MAXTEST 44MAXTEST_3=15; export MAXTEST_3 45 46test_dirs () { 47 for ff in $CDIRS; do 48 # 49 egrep "Checking.*${BASE}/${ff}(>|\")" $LOGFILE >/dev/null 2>&1 50 if [ $? -ne 0 ]; then 51 [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff} (checking)"; 52 return 1 53 fi 54 tmp=`egrep "Checking.*${BASE}/${ff}(>|\")" $LOGFILE 2>/dev/null | wc -l` 55 if [ $tmp -ne 1 ]; then 56 [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff} (multiple)"; 57 fi 58 # 59 done 60 for ff in $NDIRS; do 61 # 62 egrep "Checking.*${BASE}/${ff}(>|\")" $LOGFILE >/dev/null 2>&1 63 if [ $? -eq 0 ]; then 64 [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff} (checking)"; 65 return 1 66 fi 67 done 68} 69 70 71TESTPOLICY_15=" 72[Misc] 73DigestAlgo=SHA1 74RedefReadOnly = +TXT 75[ReadOnly] 76dir=${BASE} 77" 78mod_testdata_15 () { 79 mod_testdata_1 80} 81chk_testdata_15 () { 82 chk_testdata_1 83} 84 85TESTPOLICY_14=" 86[Misc] 87DigestAlgo=MD5 88RedefReadOnly = +TXT 89[ReadOnly] 90dir=${BASE} 91" 92mod_testdata_14 () { 93 mod_testdata_1 94} 95chk_testdata_14 () { 96 chk_testdata_1 97} 98 99# 100# combine file check schedule with one-shot mode 101# 102TESTPOLICY_13=" 103[ReadOnly] 104dir=99${BASE} 105" 106 107mod_testdata_13 () { 108 one_sec_sleep 109 echo "foobar" >"${BASE}/c/x"; # bad 110 chmod 0555 "${BASE}/a/y"; # bad 111 ORIGINAL='SetFilecheckTime=60' 112 REPLACEMENT='FileCheckScheduleOne = 6 12 * * *' 113 ex -s $RCFILE <<EOF 114%s/${ORIGINAL}/${REPLACEMENT}/g 115wq 116EOF 117} 118 119chk_testdata_13 () { 120 # CDIRS="a b c a/a a/b a/c a/a/a a/a/b a/a/c a/a/a/a a/a/a/b a/a/a/c"; 121 tmp=`grep CRIT $LOGFILE | wc -l` 122 if [ $tmp -ne 2 ]; then 123 [ -z "$verbose" ] || log_msg_fail "policy count"; 124 return 1 125 fi 126 egrep "CRIT.*POLICY \[ReadOnly\] C-------TS.*${BASE}/c/x" $LOGFILE >/dev/null 2>&1 127 if [ $? -ne 0 ]; then 128 [ -z "$verbose" ] || log_msg_fail "${BASE}/c/x"; 129 return 1 130 fi 131 egrep "CRIT.*POLICY \[ReadOnly\] -----M--T-.*${BASE}/a/y" $LOGFILE >/dev/null 2>&1 132 if [ $? -ne 0 ]; then 133 [ -z "$verbose" ] || log_msg_fail "${BASE}/a/y"; 134 return 1 135 fi 136 CDIRS="a a/a a/b a/c c b a/a/a a/a/b a/a/c a/a/a/a a/a/a/b a/a/a/c"; 137 NDIRS=""; 138 test_dirs; 139 return $? 140} 141 142TESTPOLICY_12=" 143[ReadOnly] 144dir=99${BASE} 145[IgnoreAll] 146dir=-1${BASE}/b 147[Attributes] 148dir=1${BASE}/a 149" 150 151mod_testdata_12 () { 152 one_sec_sleep 153 echo "foobar" >"${BASE}/b/x"; # ok 154 echo "foobar" >"${BASE}/c/x"; # bad 155 echo "foobar" >"${BASE}/a/x"; # ok 156 chmod 0555 "${BASE}/a/a/x"; # bad 157 chmod 0555 "${BASE}/a/a/a/x";# ok 158 chmod 0555 "${BASE}/a/y"; # bad 159} 160 161chk_testdata_12 () { 162 # CDIRS="a b c a/a a/b a/c a/a/a a/a/b a/a/c a/a/a/a a/a/a/b a/a/a/c"; 163 tmp=`grep CRIT $LOGFILE | wc -l` 164 if [ $tmp -ne 3 ]; then 165 [ -z "$verbose" ] || log_msg_fail "policy count"; 166 return 1 167 fi 168 egrep "CRIT.*POLICY \[ReadOnly\] C-------TS.*${BASE}/c/x" $LOGFILE >/dev/null 2>&1 169 if [ $? -ne 0 ]; then 170 [ -z "$verbose" ] || log_msg_fail "${BASE}/c/x"; 171 return 1 172 fi 173 egrep "CRIT.*POLICY \[Attributes\] -----M----.*${BASE}/a/a/x" $LOGFILE >/dev/null 2>&1 174 if [ $? -ne 0 ]; then 175 [ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/x"; 176 return 1 177 fi 178 egrep "CRIT.*POLICY \[Attributes\] -----M----.*${BASE}/a/y" $LOGFILE >/dev/null 2>&1 179 if [ $? -ne 0 ]; then 180 [ -z "$verbose" ] || log_msg_fail "${BASE}/a/y"; 181 return 1 182 fi 183 CDIRS="a a/a a/b a/c c"; 184 NDIRS="b a/a/a a/a/b a/a/c a/a/a/a a/a/a/b a/a/a/c"; 185 test_dirs; 186 return $? 187} 188 189# 190# --- ACL/SELinux test case 191# 192TESTPOLICY_11=" 193[Misc] 194UseAclCheck=yes 195UseSelinuxCheck=yes 196[ReadOnly] 197dir=99${BASE} 198[IgnoreAll] 199dir=-1${BASE}/b 200[Attributes] 201dir=1${BASE}/a 202[Misc] 203UseSelinuxCheck = no 204UseAclCheck = no 205" 206 207mod_testdata_11 () { 208 one_sec_sleep 209 setfacl -m 'user:nobody:r--' "${BASE}/b/x"; # ok (ign) 210 setfacl -m 'user:nobody:r--' "${BASE}/c/x"; # bad 211 setfacl -m 'user:nobody:r--' "${BASE}/a/x"; # bad 212 setfattr -n 'security.selinux' -v "system_u:object_r:etc_t\000" "${BASE}/b/y"; # ok (ign) 213 setfattr -n 'security.selinux' -v "system_u:object_r:etc_t\000" "${BASE}/a/a/a/x";# ok (depth) 214 setfattr -n 'security.selinux' -v "system_u:object_r:etc_t\000" "${BASE}/a/x"; # bad 215 setfattr -n 'security.selinux' -v "system_u:object_r:etc_t\000" "${BASE}/a/y"; # bad 216} 217 218chk_testdata_11 () { 219 # CDIRS="a b c a/a a/b a/c a/a/a a/a/b a/a/c a/a/a/a a/a/a/b a/a/a/c"; 220 tmp=`grep CRIT $LOGFILE | wc -l` 221 if [ $tmp -ne 1 ]; then 222 [ -z "$verbose" ] || log_msg_fail "policy count"; 223 return 1 224 fi 225 egrep "CRIT.*POLICY \[ReadOnly\] --------T-.*${BASE}/c/x" $LOGFILE >/dev/null 2>&1 226 if [ $? -ne 0 ]; then 227 [ -z "$verbose" ] || log_msg_fail "${BASE}/c/x"; 228 return 1 229 fi 230 CDIRS="a a/a a/b a/c c"; 231 NDIRS="b a/a/a a/a/b a/a/c a/a/a/a a/a/a/b a/a/a/c"; 232 test_dirs; 233 return $? 234} 235 236TESTPOLICY_10=" 237[Misc] 238UseAclCheck=yes 239UseSelinuxCheck=yes 240[ReadOnly] 241dir=99${BASE} 242[IgnoreAll] 243dir=-1${BASE}/b 244[Attributes] 245dir=1${BASE}/a 246" 247 248mod_testdata_10 () { 249 one_sec_sleep 250 setfacl -m 'user:nobody:r--' "${BASE}/b/x"; # ok (ign) 251 setfacl -m 'user:nobody:r--' "${BASE}/c/x"; # bad 252 setfacl -m 'user:nobody:r--' "${BASE}/a/x"; # bad 253 setfattr -n 'security.selinux' -v "system_u:object_r:etc_t\000" "${BASE}/b/y"; # ok (ign) 254 setfattr -n 'security.selinux' -v "system_u:object_r:etc_t\000" "${BASE}/a/a/a/x";# ok (depth) 255 setfattr -n 'security.selinux' -v "system_u:object_r:etc_t\000" "${BASE}/a/x"; # bad 256 setfattr -n 'security.selinux' -v "system_u:object_r:etc_t\000" "${BASE}/a/y"; # bad 257} 258 259chk_testdata_10 () { 260 # CDIRS="a b c a/a a/b a/c a/a/a a/a/b a/a/c a/a/a/a a/a/a/b a/a/a/c"; 261 tmp=`grep CRIT $LOGFILE | wc -l` 262 if [ $tmp -ne 5 ]; then 263 [ -z "$verbose" ] || log_msg_fail "policy count"; 264 return 1 265 fi 266 egrep "CRIT.*POLICY \[ReadOnly\] -----M--T-.*${BASE}/c/x" $LOGFILE >/dev/null 2>&1 267 if [ $? -ne 0 ]; then 268 [ -z "$verbose" ] || log_msg_fail "${BASE}/c/x"; 269 return 1 270 fi 271 egrep "CRIT.*POLICY \[Attributes\] -----M----.*${BASE}/a/x" $LOGFILE >/dev/null 2>&1 272 if [ $? -ne 0 ]; then 273 [ -z "$verbose" ] || log_msg_fail "${BASE}/a/x"; 274 return 1 275 fi 276 egrep "CRIT.*POLICY \[Attributes\] -----M----.*${BASE}/a/y" $LOGFILE >/dev/null 2>&1 277 if [ $? -ne 0 ]; then 278 [ -z "$verbose" ] || log_msg_fail "${BASE}/a/y"; 279 return 1 280 fi 281 CDIRS="a a/a a/b a/c c"; 282 NDIRS="b a/a/a a/a/b a/a/c a/a/a/a a/a/a/b a/a/a/c"; 283 test_dirs; 284 return $? 285} 286 287TESTPOLICY_9=" 288[ReadOnly] 289dir=0${BASE}/b 290[Attributes] 291dir=2${BASE}/a/a 292" 293 294mod_testdata_9 () { 295 echo "foobar" >"${BASE}/b/x"; 296 echo "foobar" >"${BASE}/a/x"; 297 echo "foobar" >"${BASE}/x"; 298} 299 300chk_testdata_9 () { 301 # CDIRS="a b c a/a a/b a/c a/a/a a/a/b a/a/c a/a/a/a a/a/a/b a/a/a/c"; 302 tmp=`grep CRIT $LOGFILE | wc -l` 303 if [ $tmp -ne 1 ]; then 304 [ -z "$verbose" ] || log_msg_fail "policy count"; 305 return 1 306 fi 307 CDIRS="b a/a a/a/a a/a/b a/a/c a/a/a/a a/a/a/b a/a/a/c"; 308 NDIRS="a c a/b a/c"; 309 test_dirs; 310 return $? 311} 312 313TESTPOLICY_8=" 314[ReadOnly] 315dir=1${BASE} 316[Attributes] 317dir=1${BASE}/a/a 318" 319 320mod_testdata_8 () { 321 echo "foobar" >"${BASE}/a/x"; 322 chmod 0555 "${BASE}/a/a/a/b/x"; 323} 324 325chk_testdata_8 () { 326 # CDIRS="a b c a/a a/b a/c a/a/a a/a/b a/a/c a/a/a/a a/a/a/b a/a/a/c"; 327 tmp=`grep CRIT $LOGFILE | wc -l` 328 if [ $tmp -ne 1 ]; then 329 [ -z "$verbose" ] || log_msg_fail "policy count"; 330 return 1 331 fi 332 CDIRS="a b c a/a a/a/a a/a/b a/a/c"; 333 NDIRS="a/b a/c a/a/a/a a/a/a/b a/a/a/c"; 334 test_dirs; 335 return $? 336} 337 338 339TESTPOLICY_7=" 340[ReadOnly] 341dir=${BASE} 342[Attributes] 343dir=${BASE}/a/a 344[GrowingLogFiles] 345dir=${BASE}/a/a/a 346[IgnoreAll] 347file=${BASE}/a/a/a/z 348dir=${BASE}/b 349[Misc] 350IgnoreMissing=${BASE}/a/[[:alnum:]]+/[[:alnum:]]+\$ 351IgnoreAdded=${BASE}/a/(b|c)/[[:alnum:]]+\$ 352" 353 354mod_testdata_7 () { 355 one_sec_sleep 356 echo "foobar" >"${BASE}/a/a/a/z" # ok 357 echo "foobar" >"${BASE}/a/a/a/x" # bad 358 echo "foobar" >"${BASE}/a/a/x" # ok 359 echo "foobar" >"${BASE}/a/x" # bad 360 chmod 0555 "${BASE}/a" # bad 361 chmod 0555 "${BASE}/b" # ok 362 363 rm "${BASE}/a/c/z" 364 touch "${BASE}/a/c/zz2" 365} 366 367 368chk_testdata_7 () { 369 tmp=`grep CRIT $LOGFILE | wc -l` 370 if [ $tmp -ne 4 ]; then 371 [ -z "$verbose" ] || log_msg_fail "policy count"; 372 return 1 373 fi 374 egrep "ERROR.*POLICY MISSING.*${BASE}/a/c/z" $LOGFILE >/dev/null 2>&1 375 if [ $? -eq 0 ]; then 376 [ -z "$verbose" ] || log_msg_fail "${BASE}/a/c/z"; 377 return 1 378 fi 379 egrep "CRIT.*POLICY ADDED.*${BASE}/a/c/zz2" $LOGFILE >/dev/null 2>&1 380 if [ $? -eq 0 ]; then 381 [ -z "$verbose" ] || log_msg_fail "${BASE}/a/c/zz2"; 382 return 1 383 fi 384 egrep "CRIT.*POLICY \[GrowingLogs\] C--------S.*${BASE}/a/a/a/x" $LOGFILE >/dev/null 2>&1 385 if [ $? -ne 0 ]; then 386 [ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/a/x"; 387 return 1 388 fi 389 egrep "CRIT.*POLICY \[ReadOnly\] -----M--T-.*${BASE}/a" $LOGFILE >/dev/null 2>&1 390 if [ $? -ne 0 ]; then 391 [ -z "$verbose" ] || log_msg_fail "${BASE}/a"; 392 return 1 393 fi 394 egrep "CRIT.*POLICY \[ReadOnly\] C-------TS.*${BASE}/a/x" $LOGFILE >/dev/null 2>&1 395 if [ $? -ne 0 ]; then 396 [ -z "$verbose" ] || log_msg_fail "${BASE}/a/x"; 397 return 1 398 fi 399} 400 401 402TESTPOLICY_6=" 403[ReadOnly] 404dir=${BASE} 405[Attributes] 406file=${BASE}/a/y 407file=${BASE}/b/y 408file=${BASE}/c/y 409file=${BASE}/a/a/y 410file=${BASE}/a/b/y 411file=${BASE}/a/c/y 412file=${BASE}/a/a/a/y 413file=${BASE}/a/a/b/y 414file=${BASE}/a/a/c/y 415file=${BASE}/a/a/a/a/y 416file=${BASE}/a/a/a/b/y 417file=${BASE}/a/a/a/c/y 418" 419 420mod_testdata_6 () { 421 one_sec_sleep 422 for ff in $TDIRS; do 423 echo "foobar" >"${BASE}/${ff}/x" 424 chmod 0555 "${BASE}/${ff}/y" 425 echo "foobar" >"${BASE}/${ff}/z" 426 done 427} 428 429chk_testdata_6 () { 430 count6=0 431 for ff in $TDIRS; do 432 # 433 egrep "Checking.*${BASE}/${ff}(>|\")" $LOGFILE >/dev/null 2>&1 434 if [ $? -ne 0 ]; then 435 [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff} (checking)"; 436 return 1 437 fi 438 tmp=`egrep "Checking.*${BASE}/${ff}(>|\")" $LOGFILE 2>/dev/null | wc -l` 439 if [ $tmp -ne 1 ]; then 440 [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff} (multiple)"; 441 fi 442 # 443 for gg in $TFILES; do 444 egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE >/dev/null 2>&1 445 if [ $? -ne 0 ]; then 446 [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff}/${gg} (checking)"; 447 fi 448 tmp=`egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE 2>/dev/null | wc -l` 449 if [ $tmp -ne 1 ]; then 450 [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff}/${gg} (multiple)"; 451 fi 452 done 453 egrep "CRIT.*POLICY \[ReadOnly\] C-------TS.*${BASE}/${ff}/x" $LOGFILE >/dev/null 2>&1 454 if [ $? -ne 0 ]; then 455 [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff}/x"; 456 return 1 457 fi 458 let "count6 = count6 + 1" >/dev/null 459 egrep "CRIT.*POLICY \[ReadOnly\] C-------TS.*${BASE}/${ff}/z" $LOGFILE >/dev/null 2>&1 460 if [ $? -ne 0 ]; then 461 [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff}/z"; 462 return 1 463 fi 464 let "count6 = count6 + 1" >/dev/null 465 egrep "CRIT.*POLICY \[Attributes\] -----M----.*${BASE}/${ff}/y" $LOGFILE >/dev/null 2>&1 466 if [ $? -ne 0 ]; then 467 [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff}/y"; 468 return 1 469 fi 470 let "count6 = count6 + 1" >/dev/null 471 done 472 tmp=`grep CRIT $LOGFILE | wc -l` 473 if [ $tmp -ne $count6 ]; then 474 [ -z "$verbose" ] || log_msg_fail "policy count"; 475 return 1 476 fi 477} 478 479TESTPOLICY_5=" 480[Attributes] 481dir=${BASE} 482file=${BASE}/a/a/c/x 483[ReadOnly] 484file=${BASE}/a/a/c/y 485[GrowingLogFiles] 486dir=${BASE}/a/a/c 487dir=${BASE}/a/a/b 488dir=${BASE}/a/b 489" 490 491mod_testdata_5 () { 492 mod_testdata_4 493 echo "1 This is a xxxx file" > "${BASE}/a/a/b/x" # GrowingLogFiles 494 echo "1 This is a test file" > "${BASE}/a/a/b/y" # GrowingLogFiles 495 echo "2 This is a test file" >> "${BASE}/a/a/b/y" # GrowingLogFiles 496 echo "1 This is a xxxx file bad" > "${BASE}/a/a/b/z" # GrowingLogFiles 497 echo "2 This is a xxxx file bad" >>"${BASE}/a/a/b/z" # GrowingLogFiles 498 echo "3 This is a xxxx file bad" >>"${BASE}/a/a/b/z" # GrowingLogFiles 499} 500 501chk_testdata_5 () { 502 for ff in $TDIRS; do 503 # 504 egrep "Checking.*${BASE}/${ff}(>|\")" $LOGFILE >/dev/null 2>&1 505 if [ $? -ne 0 ]; then 506 [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff} (checking)"; 507 return 1 508 fi 509 tmp=`egrep "Checking.*${BASE}/${ff}(>|\")" $LOGFILE 2>/dev/null | wc -l` 510 if [ $tmp -ne 1 ]; then 511 [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff} (multiple)"; 512 fi 513 # 514 for gg in $TFILES; do 515 egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE >/dev/null 2>&1 516 if [ $? -ne 0 ]; then 517 [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff}/${gg} (checking)"; 518 fi 519 tmp=`egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE 2>/dev/null | wc -l` 520 if [ $tmp -ne 1 ]; then 521 [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff}/${gg} (multiple)"; 522 fi 523 done 524 done 525 egrep "CRIT.*POLICY \[GrowingLogs\] C---------.*${BASE}/a/a/b/x" $LOGFILE >/dev/null 2>&1 526 if [ $? -ne 0 ]; then 527 [ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/b/x"; 528 return 1 529 fi 530 egrep "CRIT.*POLICY \[GrowingLogs\] C---------.*${BASE}/a/a/b/z" $LOGFILE >/dev/null 2>&1 531 if [ $? -ne 0 ]; then 532 [ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/b/z"; 533 return 1 534 fi 535 egrep "CRIT.*POLICY \[GrowingLogs\] -----M----.*${BASE}/a/b/z" $LOGFILE >/dev/null 2>&1 536 if [ $? -ne 0 ]; then 537 [ -z "$verbose" ] || log_msg_fail "${BASE}/a/b/z"; 538 return 1 539 fi 540 egrep "CRIT.*POLICY \[GrowingLogs\] -----M----.*${BASE}/a/a/c/z" $LOGFILE >/dev/null 2>&1 541 if [ $? -ne 0 ]; then 542 [ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/c/z"; 543 return 1 544 fi 545 egrep "CRIT.*POLICY \[GrowingLogs\] C--------S.*${BASE}/a/b/y" $LOGFILE >/dev/null 2>&1 546 if [ $? -ne 0 ]; then 547 [ -z "$verbose" ] || log_msg_fail "${BASE}/a/b/y"; 548 return 1 549 fi 550 egrep "CRIT.*POLICY \[Attributes\] -----M----.*${BASE}/a/a/c/x" $LOGFILE >/dev/null 2>&1 551 if [ $? -ne 0 ]; then 552 [ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/c/x"; 553 return 1 554 fi 555 egrep "CRIT.*POLICY ADDED.*${BASE}/a/a/c/foo" $LOGFILE >/dev/null 2>&1 556 if [ $? -ne 0 ]; then 557 [ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/c/foo"; 558 return 1 559 fi 560 egrep "CRIT.*POLICY ADDED.*033\[1;30m" $LOGFILE >/dev/null 2>&1 561 if [ $? -ne 0 ]; then 562 [ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/\033[1;30m"; 563 return 1 564 fi 565 egrep "WARN.*Weird filename.*033\[1;30m" $LOGFILE >/dev/null 2>&1 566 if [ $? -ne 0 ]; then 567 [ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/\033[1;30m"; 568 return 1 569 fi 570 egrep "CRIT.*POLICY \[ReadOnly\] C-------TS.*${BASE}/a/a/c/y" $LOGFILE >/dev/null 2>&1 571 if [ $? -ne 0 ]; then 572 [ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/c/y"; 573 return 1 574 fi 575 tmp=`grep CRIT $LOGFILE | wc -l` 576 if [ $tmp -ne 9 ]; then 577 [ -z "$verbose" ] || log_msg_fail "policy count"; 578 return 1 579 fi 580} 581 582 583TESTPOLICY_4=" 584[Attributes] 585dir=${BASE} 586file=${BASE}/a/a/c/x 587[ReadOnly] 588file=${BASE}/a/a/c/y 589[LogFiles] 590dir=${BASE}/a/a/c 591dir=${BASE}/a/b 592" 593 594mod_testdata_4 () { 595 one_sec_sleep 596 echo "foobar" >> "${BASE}/a/a/x" # Attributes 597 echo "foobar" > "${BASE}/a/a/c/foo" # new within LogFiles 598 echo "foobar" >> "${BASE}/a/a/c/y" # ReadOnly 599 echo "foobar" >> "${BASE}/a/a/c/x" # Attributes 600 chmod 0555 "${BASE}/a/a/c/x" # Attributes 601 chmod 0555 "${BASE}/a/a/c/z" # LogFiles 602 echo "foobar" >> "${BASE}/a/b/x" # LogFiles 603 echo "" > "${BASE}/a/b/y" # LogFiles 604 chmod 0555 "${BASE}/a/b/z" # LogFiles 605 touch "${BASE}/a/a/[1;30m" # non-printable character in filename 606} 607 608chk_testdata_4 () { 609 for ff in $TDIRS; do 610 # 611 egrep "Checking.*${BASE}/${ff}(>|\")" $LOGFILE >/dev/null 2>&1 612 if [ $? -ne 0 ]; then 613 [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff} (checking)"; 614 return 1 615 fi 616 tmp=`egrep "Checking.*${BASE}/${ff}(>|\")" $LOGFILE 2>/dev/null | wc -l` 617 if [ $tmp -ne 1 ]; then 618 [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff} (multiple)"; 619 fi 620 # 621 for gg in $TFILES; do 622 egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE >/dev/null 2>&1 623 if [ $? -ne 0 ]; then 624 [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff}/${gg} (checking)"; 625 fi 626 tmp=`egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE 2>/dev/null | wc -l` 627 if [ $tmp -ne 1 ]; then 628 [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff}/${gg} (multiple)"; 629 fi 630 done 631 done 632 egrep "CRIT.*POLICY \[Attributes\] -----M----.*${BASE}/a/a/c/x" $LOGFILE >/dev/null 2>&1 633 if [ $? -ne 0 ]; then 634 [ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/c/x"; 635 return 1 636 fi 637 egrep "CRIT.*POLICY \[LogFiles\] -----M----.*${BASE}/a/b/z" $LOGFILE >/dev/null 2>&1 638 if [ $? -ne 0 ]; then 639 [ -z "$verbose" ] || log_msg_fail "${BASE}/a/b/z"; 640 return 1 641 fi 642 egrep "CRIT.*POLICY \[LogFiles\] -----M----.*${BASE}/a/a/c/z" $LOGFILE >/dev/null 2>&1 643 if [ $? -ne 0 ]; then 644 [ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/c/z"; 645 return 1 646 fi 647 egrep "CRIT.*POLICY ADDED.*${BASE}/a/a/c/foo" $LOGFILE >/dev/null 2>&1 648 if [ $? -ne 0 ]; then 649 [ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/c/foo"; 650 return 1 651 fi 652 egrep "CRIT.*POLICY ADDED.*033\[1;30m" $LOGFILE >/dev/null 2>&1 653 if [ $? -ne 0 ]; then 654 [ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/\033[1;30m"; 655 return 1 656 fi 657 egrep "WARN.*Weird filename.*033\[1;30m" $LOGFILE >/dev/null 2>&1 658 if [ $? -ne 0 ]; then 659 [ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/\033[1;30m"; 660 return 1 661 fi 662 egrep "CRIT.*POLICY \[ReadOnly\] C-------TS.*${BASE}/a/a/c/y" $LOGFILE >/dev/null 2>&1 663 if [ $? -ne 0 ]; then 664 [ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/c/y"; 665 return 1 666 fi 667 tmp=`grep CRIT $LOGFILE | wc -l` 668 if [ $tmp -ne 6 ]; then 669 [ -z "$verbose" ] || log_msg_fail "policy count"; 670 return 1 671 fi 672} 673 674TESTPOLICY_3=" 675[Attributes] 676dir=${BASE} 677file=${BASE}/a/a/c/x 678[ReadOnly] 679file=${BASE}/a/a/c/y 680[IgnoreAll] 681dir=${BASE}/a/a/c 682" 683mod_testdata_3 () { 684 one_sec_sleep 685 echo "foobar" > "${BASE}/a/b/foo" # new within Attributes 686 chmod 0555 "${BASE}/a/b" 687 echo "foobar" > "${BASE}/a/a/c/foo" # new within IgnoreAll 688 echo "foobar" > "${BASE}/a/a/c/y" # ReadOnly 689 chmod 0555 "${BASE}/a/a/c/x" # Attributes 690 chmod 0555 "${BASE}/a/a/c/z" # IgnoreAll 691} 692 693chk_testdata_3 () { 694 for ff in $TDIRS; do 695 # 696 egrep "Checking.*${BASE}/${ff}(>|\")" $LOGFILE >/dev/null 2>&1 697 if [ $? -ne 0 ]; then 698 [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff} (checking)"; 699 return 1 700 fi 701 tmp=`egrep "Checking.*${BASE}/${ff}(>|\")" $LOGFILE 2>/dev/null | wc -l` 702 if [ $tmp -ne 1 ]; then 703 [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff} (multiple)"; 704 fi 705 # 706 for gg in $TFILES; do 707 egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE >/dev/null 2>&1 708 if [ $? -ne 0 ]; then 709 [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff}/${gg} (checking)"; 710 fi 711 tmp=`egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE 2>/dev/null | wc -l` 712 if [ $tmp -ne 1 ]; then 713 [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff}/${gg} (multiple)"; 714 fi 715 done 716 done 717 egrep "CRIT.*POLICY ADDED.*${BASE}/a/b/foo" $LOGFILE >/dev/null 2>&1 718 if [ $? -ne 0 ]; then 719 [ -z "$verbose" ] || log_msg_fail "${BASE}/a/b/foo"; 720 return 1 721 fi 722 egrep "CRIT.*POLICY ADDED.*${BASE}/a/a/c/foo" $LOGFILE >/dev/null 2>&1 723 if [ $? -ne 0 ]; then 724 [ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/c/foo"; 725 return 1 726 fi 727 egrep "CRIT.*POLICY \[Attributes\] -----M----.*${BASE}/a/b" $LOGFILE >/dev/null 2>&1 728 if [ $? -ne 0 ]; then 729 [ -z "$verbose" ] || log_msg_fail "${BASE}/a/b"; 730 return 1 731 fi 732 egrep "CRIT.*POLICY \[Attributes\] -----M----.*${BASE}/a/a/c/x" $LOGFILE >/dev/null 2>&1 733 if [ $? -ne 0 ]; then 734 [ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/c/x"; 735 return 1 736 fi 737 egrep "CRIT.*POLICY \[ReadOnly\] C-------TS.*${BASE}/a/a/c/y" $LOGFILE >/dev/null 2>&1 738 if [ $? -ne 0 ]; then 739 [ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/c/y"; 740 return 1 741 fi 742 tmp=`grep CRIT $LOGFILE | wc -l` 743 if [ $tmp -ne 5 ]; then 744 [ -z "$verbose" ] || log_msg_fail "policy count"; 745 return 1 746 fi 747} 748 749TESTPOLICY_2=" 750[ReadOnly] 751dir=${BASE} 752file=${BASE}/a/a/c/x 753[IgnoreAll] 754dir=${BASE}/a/a/c 755" 756mod_testdata_2 () { 757 # mod_testdata_1; 758 one_sec_sleep 759 touch "${BASE}/a/a/x" 760 chmod 0555 "${BASE}/a/a/y" 761 mv "${BASE}/a/b/y" "${BASE}/a/b/yy"; 762 echo "1 This is a test file" > "${BASE}/a/b/y"; 763 echo "2 This is a test file" >> "${BASE}/a/b/y"; 764 echo "4 This is a test file" >> "${BASE}/a/b/z"; 765 rm "${BASE}/a/b/yy"; # mv/rm to force new inode 766 rm "${BASE}/a/b/l_y"; 767 ln -s "${BASE}/a/b/x" "${BASE}/a/b/l_y"; 768 echo "foobar" > "${BASE}/a/c/y" 769 rm "${BASE}/a/a/c/y" 770 echo "foobar" > "${BASE}/a/a/c/foo" 771 chmod 0555 "${BASE}/a/a/c/x" 772 chmod 0555 "${BASE}/a/a/c/z" 773} 774 775chk_testdata_2 () { 776 for ff in $TDIRS; do 777 # 778 egrep "Checking.*${BASE}/${ff}(>|\")" $LOGFILE >/dev/null 2>&1 779 if [ $? -ne 0 ]; then 780 [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff} (checking)"; 781 return 1 782 fi 783 tmp=`egrep "Checking.*${BASE}/${ff}(>|\")" $LOGFILE 2>/dev/null | wc -l` 784 if [ $tmp -ne 1 ]; then 785 [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff} (multiple)"; 786 fi 787 # 788 for gg in $TFILES; do 789 egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE >/dev/null 2>&1 790 if [ $? -ne 0 ]; then 791 if [ x"${ff}/${gg}" = x"a/a/c/y" ]; then :; else 792 [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff}/${gg} (checking)"; 793 return 1 794 fi 795 fi 796 done 797 done 798 egrep "CRIT.*POLICY ADDED.*${BASE}/a/a/c/foo" $LOGFILE >/dev/null 2>&1 799 if [ $? -ne 0 ]; then 800 [ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/c/foo"; 801 return 1 802 fi 803 egrep "CRIT.*POLICY MISSING.*${BASE}/a/a/c/y" $LOGFILE >/dev/null 2>&1 804 if [ $? -ne 0 ]; then 805 [ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/c/y"; 806 return 1 807 fi 808 egrep "CRIT.*POLICY \[ReadOnly\] -----M--T-.*${BASE}/a/a/c/x" $LOGFILE >/dev/null 2>&1 809 if [ $? -ne 0 ]; then 810 [ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/c/x"; 811 return 1 812 fi 813 tmp=`grep CRIT $LOGFILE | wc -l` 814 if [ $tmp -ne 10 ]; then 815 [ -z "$verbose" ] || log_msg_fail "policy count"; 816 return 1 817 fi 818} 819 820TESTPOLICY_1=" 821[Misc] 822RedefReadOnly = +TXT 823[ReadOnly] 824dir=${BASE} 825" 826 827mod_testdata_1 () { 828 one_sec_sleep 829 touch "${BASE}/a/a/x" 830 chmod 0555 "${BASE}/a/a/y" 831 mv "${BASE}/a/b/y" "${BASE}/a/b/yy"; 832 echo "1 This is a test file" > "${BASE}/a/b/y"; 833 echo "2 This is a test file" >> "${BASE}/a/b/y"; 834 echo "4 This is a test file" >> "${BASE}/a/b/z"; 835 rm "${BASE}/a/b/yy"; # mv/rm to force new inode 836 rm "${BASE}/a/b/l_y"; 837 ln -s "${BASE}/a/b/x" "${BASE}/a/b/l_y"; 838 echo "foobar" > "${BASE}/a/c/y" 839 # 840 mv "${BASE}/b/x" "${BASE}/b/xx"; # mv/rm to force new inode 841 mkdir "${BASE}/b/x" 842 rm "${BASE}/b/xx"; 843 # 844 mv "${BASE}/b/y" "${BASE}/b/yy"; # mv/rm to force new inode 845 ln -s "${BASE}/b/z" "${BASE}/b/y" 846 rm "${BASE}/b/yy"; 847 # 848 rm "${BASE}/b/l_x"; echo "1 This is a test file" > "${BASE}/b/l_x"; 849} 850 851chk_testdata_1 () { 852 for ff in $TDIRS; do 853 # 854 egrep "Checking.*${BASE}/${ff}(>|\")" $LOGFILE >/dev/null 2>&1 855 if [ $? -ne 0 ]; then 856 [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff} (checking)"; 857 return 1 858 fi 859 tmp=`egrep "Checking.*${BASE}/${ff}(>|\")" $LOGFILE 2>/dev/null | wc -l` 860 if [ $tmp -ne 1 ]; then 861 [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff} (multiple)"; 862 return 1 863 fi 864 # 865 for gg in $TFILES; do 866 egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE >/dev/null 2>&1 867 if [ $? -ne 0 ]; then 868 if [ "${BASE}/${ff}" != "${BASE}/b" ]; then 869 [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff}/${gg} (checksum)"; 870 return 1 871 fi 872 fi 873 tmp=`egrep "Checksum.*${BASE}/${ff}/${gg}" $LOGFILE 2>/dev/null | wc -l` 874 if [ $tmp -ne 1 ]; then 875 if [ "${BASE}/${ff}" != "${BASE}/b" ]; then 876 [ -z "$verbose" ] || log_msg_fail "${BASE}/${ff}/${gg} (multiple)"; 877 return 1 878 fi 879 fi 880 done 881 done 882 # 883 # 884 # 885 egrep "CRIT.*POLICY \[ReadOnly\] ----H---T-.*${BASE}/b" $LOGFILE >/dev/null 2>&1 886 if [ $? -ne 0 ]; then 887 [ -z "$verbose" ] || log_msg_fail "${BASE}/b"; 888 return 1 889 fi 890 egrep "CRIT.*POLICY \[ReadOnly\] CL-I-M--TS.*${BASE}/b/y" $LOGFILE >/dev/null 2>&1 891 if [ $? -ne 0 ]; then 892 [ -z "$verbose" ] || log_msg_fail "${BASE}/b/y"; 893 return 1 894 fi 895 egrep "CRIT.*POLICY \[ReadOnly\] CL-.-M--TS.*${BASE}/b/l_x" $LOGFILE >/dev/null 2>&1 896 if [ $? -ne 0 ]; then 897 [ -z "$verbose" ] || log_msg_fail "${BASE}/b/l_x"; 898 return 1 899 fi 900 egrep "CRIT.*POLICY \[ReadOnly\] C--IHM--TS.*${BASE}/b/x" $LOGFILE >/dev/null 2>&1 901 if [ $? -ne 0 ]; then 902 [ -z "$verbose" ] || log_msg_fail "${BASE}/b/x"; 903 return 1 904 fi 905 # 906 # 907 # 908 egrep "CRIT.*POLICY \[ReadOnly\] --------T-.*${BASE}/a/a/x" $LOGFILE >/dev/null 2>&1 909 if [ $? -ne 0 ]; then 910 [ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/x"; 911 return 1 912 fi 913 egrep "CRIT.*POLICY \[ReadOnly\] -----M--T-.*${BASE}/a/a/y" $LOGFILE >/dev/null 2>&1 914 if [ $? -ne 0 ]; then 915 [ -z "$verbose" ] || log_msg_fail "${BASE}/a/a/y"; 916 return 1 917 fi 918 egrep "CRIT.*POLICY \[ReadOnly\] ---I----T-.*${BASE}/a/b/y" $LOGFILE >/dev/null 2>&1 919 if [ $? -ne 0 ]; then 920 [ -z "$verbose" ] || log_msg_fail "${BASE}/a/b/y"; 921 return 1 922 fi 923 egrep "CRIT.*POLICY \[ReadOnly\] -L-I----T-.*${BASE}/a/b/l_y" $LOGFILE >/dev/null 2>&1 924 if [ $? -ne 0 ]; then 925 [ -z "$verbose" ] || log_msg_fail "${BASE}/a/b/l_y"; 926 return 1 927 fi 928 egrep "CRIT.*POLICY \[ReadOnly\] --------T-.*${BASE}/a/b" $LOGFILE >/dev/null 2>&1 929 if [ $? -ne 0 ]; then 930 [ -z "$verbose" ] || log_msg_fail "${BASE}/a/b"; 931 return 1 932 fi 933 egrep "CRIT.*POLICY \[ReadOnly\] C-------TS.*${BASE}/a/b/z" $LOGFILE >/dev/null 2>&1 934 if [ $? -ne 0 ]; then 935 [ -z "$verbose" ] || log_msg_fail "${BASE}/a/b/z"; 936 return 1 937 fi 938 egrep "CRIT.*POLICY \[ReadOnly\] C-------TS.*${BASE}/a/c/y" $LOGFILE >/dev/null 2>&1 939 if [ $? -ne 0 ]; then 940 [ -z "$verbose" ] || log_msg_fail "${BASE}/a/c/y"; 941 return 1 942 fi 943 tmp=`grep CRIT $LOGFILE | wc -l` 944 if [ $tmp -ne 11 ]; then 945 [ -z "$verbose" ] || log_msg_fail "policy count"; 946 return 1 947 fi 948 for ff in x y z; do 949 ./samhain --list-file "${BASE}/a/a/${ff}" -d "$PW_DIR/.samhain_file" > "$PW_DIR/.samhain_tmp" 950 diff "$PW_DIR/.samhain_tmp" "${BASE}/a/a/${ff}" >/dev/null 951 if [ $? -ne 0 ]; then 952 [ -z "$verbose" ] || log_msg_fail "diff $PW_DIR/.samhain_tmp ${BASE}/a/a/${ff}" 953 return 1 954 fi 955 done 956 957 return 0 958} 959 960 961############################################################## 962# 963# Common subroutines 964# 965 966mkconfig_misc () 967{ 968 test -f "${RCFILE}" || touch "${RCFILE}" 969 cat >> "${RCFILE}" <<End-of-data 970[Misc] 971Daemon=no 972SetFilecheckTime=60 973TrustedUser=uucp,fax,fnet 974SetRecursionLevel=10 975SetLoopTime=30 976ReportFullDetail = no 977ChecksumTest=check 978 979End-of-data 980} 981 982mkconfig_log () 983{ 984 test -f "${RCFILE}" || touch "${RCFILE}" 985 cat >> "${RCFILE}" <<End-of-data 986[Log] 987MailSeverity=none 988LogSeverity=warn 989SyslogSeverity=none 990PrintSeverity=info 991MailSeverity=none 992#Restrict to certain classes of messages 993#LogClass=RUN 994#PreludeSeverity=err 995#ExportSeverity=none 996 997End-of-data 998} 999 1000mkconfig_sev () 1001{ 1002 test -f "${RCFILE}" || touch "${RCFILE}" 1003 cat >> "${RCFILE}" <<End-of-data 1004[EventSeverity] 1005SeverityUser0=crit 1006SeverityUser1=crit 1007SeverityReadOnly=crit 1008SeverityLogFiles=crit 1009SeverityGrowingLogs=crit 1010SeverityIgnoreNone=crit 1011SeverityAttributes=crit 1012SeverityIgnoreAll=crit 1013SeverityFiles=err 1014SeverityDirs=err 1015SeverityNames=warn 1016 1017End-of-data 1018} 1019 1020prep_testpolicy () 1021{ 1022 test -f "${RCFILE}" || touch "${RCFILE}" 1023 eval echo '"$'"TESTPOLICY_$1"'"' >>"${RCFILE}" 1024} 1025 1026prep_init () 1027{ 1028 rm -f ./.samhain_file 1029 rm -f "${LOGFILE}" 1030 rm -f ./.samhain_lock 1031 1032 rm -f "${RCFILE}" 1033 mkconfig_sev 1034 mkconfig_log 1035 mkconfig_misc 1036} 1037 1038run_init () 1039{ 1040 rm -f test_log_valgrind 1041 1042 ${VALGRIND} ./samhain -t init -p none 2>>test_log_valgrind 1043 1044 if test x$? = x0; then 1045 [ -z "$verbose" ] || log_msg_ok "init..."; 1046 else 1047 [ -z "$quiet" ] && log_msg_fail "init..."; 1048 return 1 1049 fi 1050} 1051 1052run_check () 1053{ 1054 if [ "x$1" = "x" ]; then 1055 logsev=debug 1056 else 1057 logsev=$1 1058 fi 1059 ${VALGRIND} ./samhain -t check -p none -l $logsev 2>>test_log_valgrind 1060 1061 if test x$? = x0; then 1062 1063 ./samhain -j -L $LOGFILE >"${LOGFILE}.tmp" && mv "${LOGFILE}.tmp" "${LOGFILE}" 1064 1065 if [ $? -ne 0 ]; then 1066 [ -z "$quiet" ] && log_msg_fail "mv logfile..."; 1067 return 1 1068 fi 1069 [ -z "$verbose" ] || log_msg_ok "check..."; 1070 else 1071 [ -z "$quiet" ] && log_msg_fail "check..."; 1072 return 1 1073 fi 1074} 1075 1076run_update () 1077{ 1078 ${VALGRIND} ./samhain -t update -p none -l debug 2>>test_log_valgrind 1079 1080 if test x$? = x0; then 1081 [ -z "$verbose" ] || log_msg_ok "update..."; 1082 else 1083 [ -z "$quiet" ] && log_msg_fail "update..."; 1084 return 1 1085 fi 1086} 1087 1088run_check_after_update () 1089{ 1090 rm -rf $LOGFILE 1091 1092 ${VALGRIND} ./samhain -t check -p none -l debug 2>>test_log_valgrind 1093 1094 if test x$? = x0; then 1095 # 1096 tmp=`./samhain -j -L $LOGFILE | grep CRIT | wc -l` 1097 if [ $tmp -ne 0 ]; then 1098 [ -z "$verbose" ] || log_msg_fail "update not successful(?)"; 1099 return 1 1100 fi 1101 # 1102 # wtmp may not be readable 1103 # 1104 tmp=`./samhain -j -L $LOGFILE | grep ERR | grep -v wtmp | wc -l` 1105 if [ $tmp -ne 0 ]; then 1106 [ -z "$verbose" ] || log_msg_fail "errors during check"; 1107 return 1 1108 fi 1109 # 1110 [ -z "$VALGRIND" ] || { 1111 tmp=`cat test_log_valgrind 2>/dev/null | wc -l`; 1112 if [ $tmp -ne 0 ]; then 1113 [ -z "$verbose" ] || log_msg_fail "valgrind reports errors"; 1114 cat test_log_valgrind 1115 return 1; 1116 fi; 1117 } 1118 # 1119 [ -z "$verbose" ] || log_msg_ok "check(2)..."; 1120 else 1121 [ -z "$quiet" ] && log_msg_fail "check(2)..."; 1122 return 1 1123 fi 1124} 1125 1126prep_testdata () 1127{ 1128 if test -d "$BASE"; then 1129 if [ -d "${BASE}" ]; then 1130 chmod -f -R 0700 "${BASE}" || { 1131 [ -z "$quiet" ] && log_msg_fail "chmod -f -R 0700 ${BASE}"; 1132 return 1; 1133 } 1134 fi 1135 fi 1136 1137 rm -rf "${BASE}" || { 1138 [ -z "$quiet" ] && log_msg_fail "rm -rf ${BASE}"; 1139 return 1; 1140 } 1141 1142 mkdir "${BASE}" || { 1143 [ -z "$quiet" ] && log_msg_fail "mkdir ${BASE}"; 1144 return 1; 1145 } 1146 1147 echo "${BASE}" > ./tmp_list_file 1148 1149 for ff in $TDIRS; do 1150 mkdir "${BASE}/${ff}" || { 1151 [ -z "$quiet" ] && log_msg_fail "mkdir ${BASE}/${ff}"; 1152 return 1; 1153 } 1154 echo "${BASE}/${ff}" >> ./tmp_list_file 1155 chmod 0755 "${BASE}/${ff}" 1156 for gg in $TFILES; do 1157 echo "1 This is a test file" > "${BASE}/${ff}/${gg}" 1158 chmod 0644 "${BASE}/${ff}/${gg}" 1159 echo "${BASE}/${ff}/${gg}" >> ./tmp_list_file 1160 ln -s "${BASE}/${ff}/${gg}" "${BASE}/${ff}/l_${gg}" 1161 echo "${BASE}/${ff}/l_${gg}" >> ./tmp_list_file 1162 done 1163 echo "2 This is a test file" >> "${BASE}/${ff}/y" 1164 echo "2 This is a test file" >> "${BASE}/${ff}/z" 1165 echo "3 This is a test file" >> "${BASE}/${ff}/z" 1166 done 1167} 1168 1169check_err () 1170{ 1171 if [ $1 -ne 0 ]; then 1172 log_fail ${2} ${MAXTEST}; 1173 return 1 1174 fi 1175 return 0 1176} 1177 1178testrun_internal () 1179{ 1180 [ -z "$verbose" ] || echo Working directory: $PW_DIR 1181 [ -z "$verbose" ] || { echo MAKE is $MAKE; echo; } 1182 1183 # 1184 # test standalone compilation 1185 # 1186 [ -z "$verbose" ] || { echo; echo "${S}Building standalone agent${E}"; echo; } 1187 1188 if test -r "Makefile"; then 1189 $MAKE distclean >/dev/null 1190 fi 1191 1192 ${TOP_SRCDIR}/configure ${BUILDOPTS} 1193 1194 # 1195 if test x$? = x0; then 1196 [ -z "$verbose" ] || log_msg_ok "configure..."; 1197 $MAKE >/dev/null 2>>test_log 1198 if test x$? = x0; then 1199 [ -z "$verbose" ] || log_msg_ok "make..."; 1200 else 1201 [ -z "$quiet" ] && log_msg_fail "make..."; 1202 return 1 1203 fi 1204 1205 else 1206 [ -z "$quiet" ] && log_msg_fail "configure..."; 1207 return 1 1208 fi 1209 1210 [ -z "$verbose" ] || { echo; echo "${S}Running test suite${E}"; echo; } 1211 1212 tcount=1 1213 POLICY=`eval echo '"$'"TESTPOLICY_$tcount"'"'` 1214 1215 until [ ${tcount} -gt ${MAXTEST_3} ] 1216 do 1217 prep_init 1218 check_err $? ${tcount}; errval=$? 1219 if [ $errval -eq 0 ]; then 1220 prep_testdata 1221 check_err $? ${tcount}; errval=$? 1222 fi 1223 if [ $errval -eq 0 ]; then 1224 prep_testpolicy ${tcount} 1225 check_err $? ${tcount}; errval=$? 1226 fi 1227 if [ $errval -eq 0 ]; then 1228 run_init 1229 check_err $? ${tcount}; errval=$? 1230 fi 1231 if [ $errval -eq 0 ]; then 1232 eval mod_testdata_${tcount} 1233 check_err $? ${tcount}; errval=$? 1234 fi 1235 if [ $errval -eq 0 ]; then 1236 run_check 1237 check_err $? ${tcount}; errval=$? 1238 fi 1239 if [ $errval -eq 0 ]; then 1240 eval chk_testdata_${tcount} 1241 check_err $? ${tcount}; errval=$? 1242 fi 1243 if [ $testrun1_setup -eq 0 ]; then 1244 if [ $errval -eq 0 ]; then 1245 run_update 1246 check_err $? ${tcount}; errval=$? 1247 fi 1248 if [ $errval -eq 0 ]; then 1249 run_check_after_update 1250 check_err $? ${tcount}; errval=$? 1251 fi 1252 fi 1253 # 1254 if [ $errval -eq 0 ]; then 1255 [ -z "$quiet" ] && log_ok ${tcount} ${MAXTEST}; 1256 fi 1257 # 1258 let "tcount = tcount + 1" >/dev/null 1259 # 1260 if [ $tcount -eq 10 ]; then 1261 if [ -z "$doall" ]; then 1262 log_skip 10 $MAXTEST 'ACL/SELinux test (or use --really-all)' 1263 log_skip 11 $MAXTEST 'ACL/SELinux test (or use --really-all)' 1264 let "tcount = tcount + 2" >/dev/null 1265 else 1266 # 'id -u' is posix 1267 # 1268 if test -f /usr/xpg4/bin/id 1269 then 1270 my_uid=`/usr/xpg4/bin/id -u` 1271 else 1272 my_uid=`id -u` 1273 fi 1274 # 1275 if [ ${my_uid} -ne 0 ]; then 1276 log_skip 10 $MAXTEST 'ACL/SELinux test (you are not root)' 1277 log_skip 11 $MAXTEST 'ACL/SELinux test (you are not root)' 1278 let "tcount = tcount + 2" >/dev/null 1279 else 1280 1281 SETFATTR=`find_path setfattr` 1282 if [ -z "$SETFATTR" ]; then 1283 log_skip 10 $MAXTEST 'ACL/SELinux test (setfattr not in path)' 1284 log_skip 11 $MAXTEST 'ACL/SELinux test (setfattr not in path)' 1285 let "tcount = tcount + 2" >/dev/null 1286 fi 1287 fi 1288 fi 1289 fi 1290 # 1291 POLICY=`eval echo '"$'"TESTPOLICY_$tcount"'"'` 1292 done 1293 1294 return 0 1295} 1296 1297testrun1 () 1298{ 1299 log_start "RUN STANDALONE" 1300 testrun_internal 1301 log_end "RUN STANDALONE" 1302 return 0 1303} 1304 1305 1306 1307