[Fuego] [PATCH] Add test cases of service auditd.

Wang Mingyu wangmy at cn.fujitsu.com
Wed Dec 26 08:58:54 UTC 2018


auditd is the userspace component to the Linux Auditing System.
This test set is used to check if pidfile and process can be generated.

Signed-off-by: Wang Mingyu <wangmy at cn.fujitsu.com>
---
 engine/tests/Functional.auditd/auditd_test.sh      |  4 ++
 engine/tests/Functional.auditd/fuego_test.sh       | 19 ++++++++
 engine/tests/Functional.auditd/parser.py           | 22 ++++++++++
 engine/tests/Functional.auditd/spec.json           |  7 +++
 .../Functional.auditd/tests/auditd_commands.sh     | 51 ++++++++++++++++++++++
 .../Functional.auditd/tests/auditd_logfile.sh      | 47 ++++++++++++++++++++
 engine/tests/Functional.auditd/tests/auditd_ps.sh  | 37 ++++++++++++++++
 7 files changed, 187 insertions(+)
 create mode 100755 engine/tests/Functional.auditd/auditd_test.sh
 create mode 100644 engine/tests/Functional.auditd/fuego_test.sh
 create mode 100644 engine/tests/Functional.auditd/parser.py
 create mode 100644 engine/tests/Functional.auditd/spec.json
 create mode 100644 engine/tests/Functional.auditd/tests/auditd_commands.sh
 create mode 100644 engine/tests/Functional.auditd/tests/auditd_logfile.sh
 create mode 100644 engine/tests/Functional.auditd/tests/auditd_ps.sh

diff --git a/engine/tests/Functional.auditd/auditd_test.sh b/engine/tests/Functional.auditd/auditd_test.sh
new file mode 100755
index 0000000..dd5ce37
--- /dev/null
+++ b/engine/tests/Functional.auditd/auditd_test.sh
@@ -0,0 +1,4 @@
+#!/bin/sh
+for i in tests/*.sh; do
+    sh $i
+done
diff --git a/engine/tests/Functional.auditd/fuego_test.sh b/engine/tests/Functional.auditd/fuego_test.sh
new file mode 100644
index 0000000..99a6f74
--- /dev/null
+++ b/engine/tests/Functional.auditd/fuego_test.sh
@@ -0,0 +1,19 @@
+function test_pre_check {
+    assert_has_program auditd
+    assert_has_program auditctl
+}
+
+function test_deploy {
+    put $TEST_HOME/auditd_test.sh $BOARD_TESTDIR/fuego.$TESTDIR/
+    put $FUEGO_CORE/engine/scripts/fuego_board_function_lib.sh $BOARD_TESTDIR/fuego.$TESTDIR
+    put -r $TEST_HOME/tests $BOARD_TESTDIR/fuego.$TESTDIR/
+}
+
+function test_run {
+    report "cd $BOARD_TESTDIR/fuego.$TESTDIR;\
+    ./auditd_test.sh"
+}
+
+function test_processing {
+    log_compare "$TESTDIR" "0" "TEST-FAIL" "n"
+}
diff --git a/engine/tests/Functional.auditd/parser.py b/engine/tests/Functional.auditd/parser.py
new file mode 100644
index 0000000..d85abd7
--- /dev/null
+++ b/engine/tests/Functional.auditd/parser.py
@@ -0,0 +1,22 @@
+#!/usr/bin/python
+# See common.py for description of command-line arguments
+
+import os, sys, collections
+
+sys.path.insert(0, os.environ['FUEGO_CORE'] + '/engine/scripts/parser')
+import common as plib
+
+measurements = {}
+measurements = collections.OrderedDict()
+
+regex_string = '^ -> (.*): TEST-(.*)$'
+matches = plib.parse_log(regex_string)
+
+if matches:
+    for m in matches:
+        measurements['default.' + m[0]] = 'PASS' if m[1] == 'PASS' else 'FAIL'
+
+# split the output for each testcase
+plib.split_output_per_testcase(regex_string, measurements)
+
+sys.exit(plib.process(measurements))
diff --git a/engine/tests/Functional.auditd/spec.json b/engine/tests/Functional.auditd/spec.json
new file mode 100644
index 0000000..4fd21cf
--- /dev/null
+++ b/engine/tests/Functional.auditd/spec.json
@@ -0,0 +1,7 @@
+{
+    "testName": "Functional.auditd",
+    "specs": {
+        "default": {}
+    }
+}
+
diff --git a/engine/tests/Functional.auditd/tests/auditd_commands.sh b/engine/tests/Functional.auditd/tests/auditd_commands.sh
new file mode 100644
index 0000000..f9d7dc5
--- /dev/null
+++ b/engine/tests/Functional.auditd/tests/auditd_commands.sh
@@ -0,0 +1,51 @@
+#!/bin/sh
+
+#  In the target start auditd, and check the command auditctl.
+
+test="auditctl"
+
+. ./fuego_board_function_lib.sh
+
+set_init_manager
+
+service_status=$(exec_service_on_target auditd is-active)
+
+exec_service_on_target auditd stop
+exec_service_on_target auditd start
+
+restore_target() {
+    if [ $service_status!="active" ]
+    then
+        exec_service_on_target auditd stop
+    fi
+}
+
+if auditctl -w /etc/passwd -p rwxa
+then
+    echo " -> Insert a watch succeeded."
+else
+    echo " -> Insert a watch failed."
+    echo " -> $test: TEST-FAIL"
+    restore_target
+    exit
+fi
+
+if auditctl -l | grep "\-w /etc/passwd -p rwxa"
+then
+    echo " -> List the watch succeeded."
+else
+    echo " -> List the watch failed."
+    echo " -> $test: TEST-FAIL"
+    restore_target
+    exit
+fi
+
+exec_service_on_target auditd restart
+
+if auditctl -l | grep "\-w /etc/passwd -p rwxa"
+then
+    echo " -> $test: TEST-FAIL"
+else
+    echo " -> $test: TEST-PASS"
+fi
+restore_target
diff --git a/engine/tests/Functional.auditd/tests/auditd_logfile.sh b/engine/tests/Functional.auditd/tests/auditd_logfile.sh
new file mode 100644
index 0000000..d3eaa8d
--- /dev/null
+++ b/engine/tests/Functional.auditd/tests/auditd_logfile.sh
@@ -0,0 +1,47 @@
+#!/bin/sh
+
+#  In the target to start auditd auditd, to confirm the acquisition of the log.
+#  check the keyword "auditd".
+
+test="logfile"
+
+. ./fuego_board_function_lib.sh
+
+set_init_manager
+
+service_status=$(exec_service_on_target auditd is-active)
+
+exec_service_on_target auditd stop
+if [ -f /var/log/audit/audit.log ]
+then
+    mv /var/log/audit/audit.log /var/log/audit/audit.log_bak
+fi
+
+if exec_service_on_target auditd start
+then
+    echo " -> start of auditd succeeded."
+else
+    echo " -> start of auditd failed."
+    echo " -> $test: TEST-FAIL"
+    exit
+fi
+
+sleep 5
+
+if [ -f /var/log/audit/audit.log ]
+then
+    echo " -> $test: TEST-PASS"
+else
+    echo " -> $test: TEST-FAIL"
+fi
+
+exec_service_on_target auditd stop
+if [ -f /var/log/audit/audit.log_bak ]
+then
+    mv /var/log/audit/audit.log_bak /var/log/audit/audit.log
+fi
+
+if [ $service_status="active" ]
+then
+    exec_service_on_target auditd start
+fi
diff --git a/engine/tests/Functional.auditd/tests/auditd_ps.sh b/engine/tests/Functional.auditd/tests/auditd_ps.sh
new file mode 100644
index 0000000..67ccf0c
--- /dev/null
+++ b/engine/tests/Functional.auditd/tests/auditd_ps.sh
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+#  In the target start auditd, and confirm the process condition by command ps.
+
+test="ps"
+
+. ./fuego_board_function_lib.sh
+
+set_init_manager
+
+service_status=$(exec_service_on_target auditd is-active)
+exec_service_on_target auditd stop
+
+if exec_service_on_target auditd start
+then
+    echo " -> start of auditd succeeded."
+else
+    echo " -> start of auditd failed."
+    echo " -> $test: TEST-FAIL"
+    exit
+fi
+
+sleep 5
+
+if ps aux | grep "[/]sbin/auditd"
+then
+    echo " -> get the process of auditd."
+    echo " -> $test: TEST-PASS"
+else
+    echo " -> can't get the process of auditd."
+    echo " -> $test: TEST-FAIL"
+fi
+
+if [ $service_status!="active" ]
+then
+    exec_service_on_target auditd stop
+fi
-- 
1.8.3.1





More information about the Fuego mailing list