summaryrefslogtreecommitdiffstats
path: root/tools/teststepstools.py
blob: d39f7f40e140fe393b8f5206411a0c210ccf1838 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90

# Copyright 2016 Intel Corporation.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#   http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

"""Various helper functions for step driven testcases
"""

import re
import logging
import subprocess
import locale

class TestStepsTools(object):
    """ Various tools and functions used by step driven testcases
    """
    # Functions use nonstandard names to avoid conflicts with
    # standard python keywords.
    # pylint: disable=invalid-name
    def __init__(self):
        """ TestStepsTools initialization
        """
        self._logger = logging.getLogger(__name__)

    def Assert(self, condition):
        """ Evaluate given `condition' and raise AssertionError
            in case, that evaluation fails
        """
        try:
            assert self.Eval(condition)
        except AssertionError:
            self._logger.error('Condition %s is not True', condition)
            raise

        return True

    @staticmethod
    def validate_Assert(result, dummy_condition):
        """ Validate evaluation of given `condition'
        """
        return result

    @staticmethod
    def Eval(expression):
        """ Evaluate python `expression' and return its result
        """
        # pylint: disable=eval-used
        return eval(expression)

    @staticmethod
    def validate_Eval(result, dummy_expression):
        """ Validate result of python `expression' evaluation
        """
        return result is not None

    @staticmethod
    def Exec(command, regex=None):
        """ Execute a shell `command' and return its output filtered
            out by optional `regex' expression.
        """
        try:
            output = subprocess.check_output(command, shell=True)
        except OSError:
            return None

        output = output.decode(locale.getdefaultlocale()[1])

        if regex:
            for line in output.split('\n'):
                result = re.findall(regex, line)
                if result:
                    return result
            return []

        return output

    @staticmethod
    def validate_Exec(result, dummy_command, dummy_regex=None):
        """ validate result of shell `command' execution
        """
        return result is not None
content: '-a always,exit -F arch=b64 -S fchmod -F auid>=1000 -F auid!=4294967295 -k perm_mod' order : 7 'Record Events that Modify the Systems Discretionary Access Controls - fchmodat': content: '-a always,exit -F arch=b64 -S fchmodat -F auid>=1000 -F auid!=4294967295 -k perm_mod' order : 8 'Record Events that Modify the Systems Discretionary Access Controls - fchown': content: '-a always,exit -F arch=b64 -S fchown -F auid>=1000 -F auid!=4294967295 -k perm_mod' order : 9 'Record Events that Modify the Systems Discretionary Access Controls - fchownat': content: '-a always,exit -F arch=b64 -S fchownat -F auid>=1000 -F auid!=4294967295 -k perm_mod' order : 10 'Record Events that Modify the Systems Discretionary Access Controls - fremovexattr': content: '-a always,exit -F arch=b64 -S fremovexattr -F auid>=1000 -F auid!=4294967295 -k perm_mod' order : 11 'Record Events that Modify the Systems Discretionary Access Controls - fsetxattr': content: '-a always,exit -F arch=b64 -S fsetxattr -F auid>=1000 -F auid!=4294967295 -k perm_mod' order : 12 'Record Events that Modify the Systems Discretionary Access Controls - lchown': content: '-a always,exit -F arch=b64 -S lchown -F auid>=1000 -F auid!=4294967295 -k perm_mod' order : 13 'Record Events that Modify the Systems Discretionary Access Controls - lremovexattr': content: '-a always,exit -F arch=b64 -S lremovexattr -F auid>=1000 -F auid!=4294967295 -k perm_mod' order : 14 'Record Events that Modify the Systems Discretionary Access Controls - lsetxattr': content: '-a always,exit -F arch=b64 -S lsetxattr -F auid>=1000 -F auid!=4294967295 -k perm_mod' order : 15 'Record Events that Modify the Systems Discretionary Access Controls - removexattr': content: '-a always,exit -F arch=b64 -S removexattr -F auid>=1000 -F auid!=4294967295 -k perm_mod' order : 16 'Record Events that Modify the Systems Discretionary Access Controls - setxattr': content: '-a always,exit -F arch=b64 -S setxattr -F auid>=1000 -F auid!=4294967295 -k perm_mod' order : 17 'Record Events that Modify User/Group Information - /etc/group': content: '-w /etc/group -p wa -k audit_rules_usergroup_modification' order : 18 'Record Events that Modify User/Group Information - /etc/passwd': content: '-w /etc/passwd -p wa -k audit_rules_usergroup_modification' order : 19 'Record Events that Modify User/Group Information - /etc/gshadow': content: '-w /etc/gshadow -p wa -k audit_rules_usergroup_modification' order : 20 'Record Events that Modify User/Group Information - /etc/shadow': content: '-w /etc/shadow -p wa -k audit_rules_usergroup_modification' order : 21 'Record Events that Modify User/Group Information - /etc/opasswd': content: '-w /etc/opasswd -p wa -k audit_rules_usergroup_modification' order : 22 'Record Events that Modify the Systems Network Environment - sethostname / setdomainname': content: '-a always,exit -F arch=b64 -S sethostname -S setdomainname -k audit_rules_networkconfig_modification' order : 23 'Record Events that Modify the Systems Network Environment - /etc/issue': content: '-w /etc/issue -p wa -k audit_rules_networkconfig_modification' order : 24 'Record Events that Modify the Systems Network Environment - /etc/issue.net': content: '-w /etc/issue.net -p wa -k audit_rules_networkconfig_modification' order : 25 'Record Events that Modify the Systems Network Environment - /etc/hosts': content: '-w /etc/hosts -p wa -k audit_rules_networkconfig_modification' order : 26 'Record Events that Modify the Systems Network Environment - /etc/sysconfig/network': content: '-w /etc/sysconfig/network -p wa -k audit_rules_networkconfig_modification' order : 27 'Record Events that Modify the Systems Mandatory Access Controls': content: '-w /etc/selinux/ -p wa -k MAC-policy' order : 28 'Ensure auditd Collects Unauthorized Access Attempts to Files (unsuccessful / EACCES)': content: '-a always,exit -F arch=b64 -S creat -S open -S openat -S open_by_handle_at -S truncate -S ftruncate -F exit=-EACCES -F auid>=1000 -F auid!=4294967295 -k access' order : 29 'Ensure auditd Collects Unauthorized Access Attempts to Files (unsuccessful / EPERM)': content: '-a always,exit -F arch=b64 -S creat -S open -S openat -S open_by_handle_at -S truncate -S ftruncate -F exit=-EPERM -F auid>=1000 -F auid!=4294967295 -k access' order : 30 'Ensure auditd Collects Information on the Use of Privileged Commands': content: '-a always,exit -F path=SETUID_PROG_PATH -F perm=x -F auid>=1000 -F auid!=4294967295 -k privileged' order : 31 'Ensure auditd Collects Information on Exporting to Media (successful)': content: '-a always,exit -F arch=b64 -S mount -F auid>=1000 -F auid!=4294967295 -k export' order : 32 'Ensure auditd Collects File Deletion Events by User': content: '-a always,exit -F arch=b64 -S rmdir -S unlink -S unlinkat -S rename -S renameat -F auid>=1000 -F auid!=4294967295 -k delete' order : 33 'Ensure auditd Collects System Administrator Actions': content: '-w /etc/sudoers -p wa -k actions' order : 34 'Ensure auditd Collects Information on Kernel Module Loading and Unloading (insmod)': content: '-w /usr/sbin/insmod -p x -k modules' order : 35 'Ensure auditd Collects Information on Kernel Module Loading and Unloading (rmmod)': content: '-w /usr/sbin/rmmod -p x -k modules' order : 36 'Ensure auditd Collects Information on Kernel Module Loading and Unloading (modprobe)': content: '-w /usr/sbin/modprobe -p x -k modules' order : 37