Add test-harness test for policy creation; among other things it tries the policy files in src/parser/testfiles, plus some other test cases. Updated one of the test files so user doesn't need to hand edit it before use.
This commit is contained in:
parent
85fcbb1371
commit
72f042644b
|
@ -1,4 +1,4 @@
|
||||||
# replace your_host with the name of your host.
|
# Exercises the ifhost conditional, assuming your host answers to 'localhost'.
|
||||||
# parser will echo YES1 through YES9
|
# parser will echo YES1 through YES9
|
||||||
# there's a problem with the parser if it echoes NO
|
# there's a problem with the parser if it echoes NO
|
||||||
|
|
||||||
|
@ -8,12 +8,12 @@
|
||||||
@@print +YES1
|
@@print +YES1
|
||||||
@@endif
|
@@endif
|
||||||
|
|
||||||
@@ifhost bar || your_host||baz
|
@@ifhost bar || localhost||baz
|
||||||
|
|
||||||
|
|
||||||
@@ifhost foo
|
@@ifhost foo
|
||||||
|
|
||||||
@@ifhost your_host
|
@@ifhost localhost
|
||||||
@@error +NO2;
|
@@error +NO2;
|
||||||
@@else
|
@@else
|
||||||
@@error +NO3;
|
@@error +NO3;
|
||||||
|
@ -35,9 +35,9 @@
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
@@ifhost your_host
|
@@ifhost localhost
|
||||||
|
|
||||||
@@ifhost your_host
|
@@ifhost localhost
|
||||||
@@print +YES4;
|
@@print +YES4;
|
||||||
@@else
|
@@else
|
||||||
@@error +NO6;
|
@@error +NO6;
|
||||||
|
@ -47,7 +47,7 @@
|
||||||
|
|
||||||
@@else
|
@@else
|
||||||
|
|
||||||
@@ifhost your_host
|
@@ifhost localhost
|
||||||
@@error +NO7;
|
@@error +NO7;
|
||||||
@@else
|
@@else
|
||||||
@@error +NO8;
|
@@error +NO8;
|
||||||
|
@ -57,7 +57,7 @@
|
||||||
|
|
||||||
@@endif
|
@@endif
|
||||||
|
|
||||||
@@ifhost your_host
|
@@ifhost localhost
|
||||||
@@print +YES6;
|
@@print +YES6;
|
||||||
@@else
|
@@else
|
||||||
@@error +NO10;
|
@@error +NO10;
|
||||||
|
@ -70,11 +70,11 @@
|
||||||
@@endif
|
@@endif
|
||||||
|
|
||||||
|
|
||||||
@@ifhost your_host || baz
|
@@ifhost localhost || baz
|
||||||
@@print +YES8;
|
@@print +YES8;
|
||||||
@@endif
|
@@endif
|
||||||
|
|
||||||
@@ifhost baz || your_host
|
@@ifhost baz || localhost
|
||||||
@@print +YES9;
|
@@print +YES9;
|
||||||
@@endif
|
@@endif
|
||||||
|
|
||||||
|
@ -87,7 +87,7 @@
|
||||||
|
|
||||||
@@ifhost foo
|
@@ifhost foo
|
||||||
|
|
||||||
@@ifhost your_host
|
@@ifhost localhost
|
||||||
@@error +NO13;
|
@@error +NO13;
|
||||||
@@else
|
@@else
|
||||||
@@error +NO14;
|
@@error +NO14;
|
||||||
|
@ -113,7 +113,7 @@
|
||||||
@@error +NO20;
|
@@error +NO20;
|
||||||
@@endif
|
@@endif
|
||||||
|
|
||||||
@@ifhost your_host
|
@@ifhost localhost
|
||||||
@@error +NO21;
|
@@error +NO21;
|
||||||
@@else
|
@@else
|
||||||
@@error +NO22;
|
@@error +NO22;
|
||||||
|
|
|
@ -0,0 +1,156 @@
|
||||||
|
|
||||||
|
use twtools;
|
||||||
|
|
||||||
|
package createpolicy;
|
||||||
|
|
||||||
|
|
||||||
|
######################################################################
|
||||||
|
# One time module initialization goes in here...
|
||||||
|
#
|
||||||
|
BEGIN
|
||||||
|
{
|
||||||
|
$description = "policy creation test";
|
||||||
|
$testpolicydir = "$twtools::twrootdir/../../parser/testfiles";
|
||||||
|
}
|
||||||
|
|
||||||
|
######################################################################
|
||||||
|
# various policies
|
||||||
|
#
|
||||||
|
sub basic_policy
|
||||||
|
{
|
||||||
|
return <<POLICY_END;
|
||||||
|
|
||||||
|
/foo -> +S;
|
||||||
|
/bar -> \$(IgnoreNone);
|
||||||
|
!/baz;
|
||||||
|
|
||||||
|
POLICY_END
|
||||||
|
}
|
||||||
|
|
||||||
|
sub variable_policy
|
||||||
|
{
|
||||||
|
return <<POLICY_END;
|
||||||
|
\@\@section GLOBAL
|
||||||
|
FOO = /foo ;
|
||||||
|
BAR = +pinug ;
|
||||||
|
|
||||||
|
\@\@section FS
|
||||||
|
\$(FOO) -> \$(BAR);
|
||||||
|
|
||||||
|
POLICY_END
|
||||||
|
}
|
||||||
|
|
||||||
|
sub host_conditional_policy
|
||||||
|
{
|
||||||
|
return <<POLICY_END;
|
||||||
|
\@\@ifhost localhost
|
||||||
|
\@\@print Hello World
|
||||||
|
/foo -> \$(IgnoreNone);
|
||||||
|
\@\@else
|
||||||
|
\@\@error failed
|
||||||
|
\@\@endif
|
||||||
|
|
||||||
|
POLICY_END
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
######################################################################
|
||||||
|
#
|
||||||
|
# Run the test.
|
||||||
|
#
|
||||||
|
sub run
|
||||||
|
{
|
||||||
|
my $twpassed = 1;
|
||||||
|
|
||||||
|
twtools::logStatus("*** Beginning policy creation test\n");
|
||||||
|
printf("%-30s", "-- $description");
|
||||||
|
|
||||||
|
twtools::GeneratePolicyFile( basic_policy() );
|
||||||
|
if ( $? != 0 ) {
|
||||||
|
twtools::logStatus("basic create-polfile failed, error = $?\n");
|
||||||
|
$twpassed = 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
twtools::GeneratePolicyFile( variable_policy() );
|
||||||
|
if ( $? != 0 ) {
|
||||||
|
twtools::logStatus("create-polfile with variables failed, error = $?\n");
|
||||||
|
$twpassed = 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
twtools::GeneratePolicyFile( host_conditional_policy() );
|
||||||
|
if ( $? != 0 ) {
|
||||||
|
twtools::logStatus("create-polfile with ifhost conditional failed, error = $?\n");
|
||||||
|
$twpassed = 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
# Test with existing test case files in the src/policy/testfiles directory.
|
||||||
|
#
|
||||||
|
twtools::CreatePolicy({policy-text => "$testpolicydir/directives.txt"});
|
||||||
|
if ( $? != 0 ) {
|
||||||
|
twtools::logStatus("create-polfile with directives.txt failed, error = $?\n");
|
||||||
|
$twpassed = 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
twtools::CreatePolicy({policy-text => "$testpolicydir/pol.txt"});
|
||||||
|
if ( $? != 0 ) {
|
||||||
|
twtools::logStatus("create-polfile with pol.txt failed, error = $?\n");
|
||||||
|
$twpassed = 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
twtools::CreatePolicy({policy-text => "$testpolicydir/poleasy.txt"});
|
||||||
|
if ( $? != 0 ) {
|
||||||
|
twtools::logStatus("create-polfile with poleasy.txt failed, error = $?\n");
|
||||||
|
$twpassed = 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
twtools::CreatePolicy({policy-text => "$testpolicydir/polhard.txt"});
|
||||||
|
if ( $? != 0 ) {
|
||||||
|
twtools::logStatus("create-polfile with polhard.txt failed, error = $?\n");
|
||||||
|
$twpassed = 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
twtools::CreatePolicy({policy-text => "$testpolicydir/polruleattr.txt"});
|
||||||
|
if ( $? != 0 ) {
|
||||||
|
twtools::logStatus("create-polfile with polruleattr.txt failed, error = $?\n");
|
||||||
|
$twpassed = 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
#########################################################
|
||||||
|
#
|
||||||
|
# See if the tests all succeeded...
|
||||||
|
#
|
||||||
|
if ($twpassed) {
|
||||||
|
++$twtools::twpassedtests;
|
||||||
|
print "PASSED\n";
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
++$twtools::twfailedtests;
|
||||||
|
print "*FAILED*\n";
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
######################################################################
|
||||||
|
#
|
||||||
|
# Initialize the test
|
||||||
|
#
|
||||||
|
|
||||||
|
sub initialize
|
||||||
|
{
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
######################################################################
|
||||||
|
# One time module cleanup goes in here...
|
||||||
|
#
|
||||||
|
END
|
||||||
|
{
|
||||||
|
}
|
||||||
|
|
||||||
|
1;
|
||||||
|
|
|
@ -279,6 +279,24 @@ sub GeneratePolicyFile {
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
######################################################################
|
||||||
|
# Generate and sign the policy file... Note the contents
|
||||||
|
# of the policy file are passed in as '$twstr'.
|
||||||
|
#
|
||||||
|
sub CreatePolicy {
|
||||||
|
|
||||||
|
my (%params) = %{$_[0]};
|
||||||
|
|
||||||
|
$params{policy-text} = "$twrootdir/$twpolicyloc" if( ! defined($params{policy-text}) );
|
||||||
|
|
||||||
|
print "generating policy file...\n" if $verbose;
|
||||||
|
|
||||||
|
logStatus(`$twrootdir/bin/twadmin -m P -c $twrootdir/$twcfgloc -Q $twsitepass -p $twrootdir/$twpolfileloc $params{policy-text}`);
|
||||||
|
|
||||||
|
return ($? == 0);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
######################################################################
|
######################################################################
|
||||||
# Run tripwire to initialize the database...
|
# Run tripwire to initialize the database...
|
||||||
#
|
#
|
||||||
|
|
Loading…
Reference in New Issue