-
Notifications
You must be signed in to change notification settings - Fork 686
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add tests for rule_rsyslog_files_permissions
Signed-off-by: Ilya Okomin <ilya.okomin@oracle.com>
- Loading branch information
Showing
9 changed files
with
451 additions
and
0 deletions.
There are no files selected for viewing
50 changes: 50 additions & 0 deletions
50
...og_log_file_configuration/rule_rsyslog_files_permissions/IncludeConfig_perms_0600.pass.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,50 @@ | ||
#!/bin/bash | ||
# | ||
# profiles = xccdf_org.ssgproject.content_profile_pci-dss | ||
# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_fedora,multi_platform_ol | ||
|
||
# Check rsyslog.conf with log file permissions 0600 from rules and | ||
# log file permissions 0600 from $IncludeConfig passes. | ||
|
||
RSYSLOG_CONF='/etc/rsyslog.conf' | ||
|
||
PERMS=0600 | ||
|
||
test_file=test1.log | ||
test_file_2=test2.log | ||
test_conf=test_conf.conf | ||
test_dir=/tmp/${0%.*} | ||
|
||
# setup test log files and permissions | ||
mkdir ${test_dir} | ||
|
||
touch ${test_dir}/${test_file} | ||
chmod $PERMS ${test_dir}/${test_file} | ||
|
||
touch ${test_dir}/${test_file_2} | ||
chmod $PERMS ${test_dir}/${test_file_2} | ||
|
||
# backup default RSYSLOG_CONF file | ||
mv ${RSYSLOG_CONF} ${RSYSLOG_CONF}.bak | ||
|
||
# create test configuration file | ||
cat << EOF > ${test_dir}/${test_conf} | ||
# rsyslog configuration file | ||
#### RULES #### | ||
*.* ${test_dir}/${test_file_2} | ||
EOF | ||
|
||
# create rsyslog.conf configuration file | ||
cat << EOF > $RSYSLOG_CONF | ||
# rsyslog configuration file | ||
#### RULES #### | ||
*.* ${test_dir}/${test_file} | ||
#### MODULES #### | ||
\$IncludeConfig ${test_dir}/${test_conf} | ||
EOF |
52 changes: 52 additions & 0 deletions
52
...og_log_file_configuration/rule_rsyslog_files_permissions/IncludeConfig_perms_0601.fail.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,52 @@ | ||
#!/bin/bash | ||
# | ||
# profiles = xccdf_org.ssgproject.content_profile_pci-dss | ||
# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_fedora,multi_platform_ol | ||
|
||
# Check rsyslog.conf with log file permissions 0600 from rules and | ||
# log file permissions 0601 from $IncludeConfig fails. | ||
|
||
RSYSLOG_CONF='/etc/rsyslog.conf' | ||
|
||
PERMS_PASS=0600 | ||
|
||
PERMS_FAIL=0601 | ||
|
||
test_file=test1.log | ||
test_file_2=test2.log | ||
test_conf=test_conf.conf | ||
test_dir=/tmp/${0%.*} | ||
|
||
# setup test log files and permissions | ||
mkdir ${test_dir} | ||
|
||
touch ${test_dir}/${test_file} | ||
chmod $PERMS_PASS ${test_dir}/${test_file} | ||
|
||
touch ${test_dir}/${test_file_2} | ||
chmod $PERMS_FAIL ${test_dir}/${test_file_2} | ||
|
||
# backup default RSYSLOG_CONF file | ||
mv ${RSYSLOG_CONF} ${RSYSLOG_CONF}.bak | ||
|
||
# create test configuration file | ||
cat << EOF > ${test_dir}/${test_conf} | ||
# rsyslog configuration file | ||
#### RULES #### | ||
*.* ${test_dir}/${test_file_2} | ||
EOF | ||
|
||
# create rsyslog.conf configuration file | ||
cat << EOF > $RSYSLOG_CONF | ||
# rsyslog configuration file | ||
#### RULES #### | ||
*.* ${test_dir}/${test_file} | ||
#### MODULES #### | ||
\$IncludeConfig ${test_dir}/${test_conf} | ||
EOF |
52 changes: 52 additions & 0 deletions
52
...og_file_configuration/rule_rsyslog_files_permissions/include_multiline_perms_0600.pass.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,52 @@ | ||
#!/bin/bash | ||
# | ||
# profiles = xccdf_org.ssgproject.content_profile_pci-dss | ||
# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,Oracle Linux 8 | ||
|
||
# Check rsyslog.conf with log file permissions 0600 from rules and | ||
# log file permissions 0600 from multiline include() passes. | ||
|
||
RSYSLOG_CONF='/etc/rsyslog.conf' | ||
|
||
PERMS=0600 | ||
|
||
test_file=test1.log | ||
test_file_2=test2.log | ||
test_conf=test_conf.conf | ||
test_dir=/tmp/${0%.*} | ||
|
||
# setup test log files and permissions | ||
mkdir ${test_dir} | ||
|
||
touch ${test_dir}/${test_file} | ||
chmod $PERMS ${test_dir}/${test_file} | ||
|
||
touch ${test_dir}/${test_file_2} | ||
chmod $PERMS ${test_dir}/${test_file_2} | ||
|
||
# backup default RSYSLOG_CONF file | ||
mv ${RSYSLOG_CONF} ${RSYSLOG_CONF}.bak | ||
|
||
# create test configuration file | ||
cat << EOF > ${test_dir}/${test_conf} | ||
# rsyslog configuration file | ||
#### RULES #### | ||
*.* ${test_dir}/${test_file_2} | ||
EOF | ||
|
||
# create rsyslog.conf configuration file | ||
cat << EOF > $RSYSLOG_CONF | ||
# rsyslog configuration file | ||
#### RULES #### | ||
*.* ${test_dir}/${test_file} | ||
#### MODULES #### | ||
include( | ||
file="${test_dir}/${test_conf}" | ||
) | ||
EOF |
50 changes: 50 additions & 0 deletions
50
..._rsyslog_log_file_configuration/rule_rsyslog_files_permissions/include_perms_0600.pass.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,50 @@ | ||
#!/bin/bash | ||
# | ||
# profiles = xccdf_org.ssgproject.content_profile_pci-dss | ||
# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,Oracle Linux 8 | ||
|
||
# Check rsyslog.conf with log file permissions 0600 from rules and | ||
# log file permissions 0600 from include() passes. | ||
|
||
RSYSLOG_CONF='/etc/rsyslog.conf' | ||
|
||
PERMS=0600 | ||
|
||
test_file=test1.log | ||
test_file_2=test2.log | ||
test_conf=test_conf.conf | ||
test_dir=/tmp/${0%.*} | ||
|
||
# setup test log files and permissions | ||
mkdir ${test_dir} | ||
|
||
touch ${test_dir}/${test_file} | ||
chmod $PERMS ${test_dir}/${test_file} | ||
|
||
touch ${test_dir}/${test_file_2} | ||
chmod $PERMS ${test_dir}/${test_file_2} | ||
|
||
# backup default RSYSLOG_CONF file | ||
mv ${RSYSLOG_CONF} ${RSYSLOG_CONF}.bak | ||
|
||
# create test configuration file | ||
cat << EOF > ${test_dir}/${test_conf} | ||
# rsyslog configuration file | ||
#### RULES #### | ||
*.* ${test_dir}/${test_file_2} | ||
EOF | ||
|
||
# create rsyslog.conf configuration file | ||
cat << EOF > $RSYSLOG_CONF | ||
# rsyslog configuration file | ||
#### RULES #### | ||
*.* ${test_dir}/${test_file} | ||
#### MODULES #### | ||
include(file="${test_dir}/${test_conf}") | ||
EOF |
66 changes: 66 additions & 0 deletions
66
...ration/rule_rsyslog_files_permissions/include_perms_0600_IncludeConfig_perms_0600.pass.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,66 @@ | ||
#!/bin/bash | ||
# | ||
# profiles = xccdf_org.ssgproject.content_profile_pci-dss | ||
# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,Oracle Linux 8 | ||
|
||
# Check rsyslog.conf with log file permisssions 0600 from rules and | ||
# log file permissions 0600 from include() passes. | ||
|
||
RSYSLOG_CONF='/etc/rsyslog.conf' | ||
|
||
PERMS_PASS=0600 | ||
|
||
test_file=test1.log | ||
test_file_2=test2.log | ||
test_file_3=test3.log | ||
test_conf=test_conf.conf | ||
test_conf_2=test_conf2.conf | ||
test_dir=/tmp/${0%.*} | ||
|
||
# setup test log files and permissions | ||
mkdir ${test_dir} | ||
|
||
touch ${test_dir}/${test_file} | ||
chmod $PERMS_PASS ${test_dir}/${test_file} | ||
|
||
touch ${test_dir}/${test_file_2} | ||
chmod $PERMS_PASS ${test_dir}/${test_file_2} | ||
|
||
touch ${test_dir}/${test_file_3} | ||
chmod $PERMS_PASS ${test_dir}/${test_file_3} | ||
|
||
# backup default RSYSLOG_CONF file | ||
mv ${RSYSLOG_CONF} ${RSYSLOG_CONF}.bak | ||
|
||
# create test configuration file | ||
cat << EOF > ${test_dir}/${test_conf} | ||
# rsyslog configuration file | ||
#### RULES #### | ||
*.* ${test_dir}/${test_file_2} | ||
EOF | ||
|
||
# create test2 configuration file | ||
cat << EOF > ${test_dir}/${test_conf_2} | ||
# rsyslog configuration file | ||
#### RULES #### | ||
*.* ${test_dir}/${test_file_3} | ||
EOF | ||
|
||
# create rsyslog.conf configuration file | ||
cat << EOF > $RSYSLOG_CONF | ||
# rsyslog configuration file | ||
#### RULES #### | ||
*.* ${test_dir}/${test_file} | ||
#### MODULES #### | ||
include(file="${test_dir}/${test_conf}") | ||
\$IncludeConfig ${test_dir}/${test_conf_2} | ||
EOF |
68 changes: 68 additions & 0 deletions
68
...ration/rule_rsyslog_files_permissions/include_perms_0600_IncludeConfig_perms_0601.fail.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,68 @@ | ||
#!/bin/bash | ||
# | ||
# profiles = xccdf_org.ssgproject.content_profile_pci-dss | ||
# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,Oracle Linux 8 | ||
|
||
# Check rsyslog.conf with log file permisssions 0600 from rules and | ||
# log file permissions 0601 from include() fails. | ||
|
||
RSYSLOG_CONF='/etc/rsyslog.conf' | ||
|
||
PERMS_PASS=0600 | ||
|
||
PERMS_FAIL=0601 | ||
|
||
test_file=test1.log | ||
test_file_2=test2.log | ||
test_file_3=test3.log | ||
test_conf=test_conf.conf | ||
test_conf_2=test_conf2.conf | ||
test_dir=/tmp/${0%.*} | ||
|
||
# setup test log files and permissions | ||
mkdir ${test_dir} | ||
|
||
touch ${test_dir}/${test_file} | ||
chmod $PERMS_PASS ${test_dir}/${test_file} | ||
|
||
touch ${test_dir}/${test_file_2} | ||
chmod $PERMS_PASS ${test_dir}/${test_file_2} | ||
|
||
touch ${test_dir}/${test_file_3} | ||
chmod $PERMS_FAIL ${test_dir}/${test_file_3} | ||
|
||
# backup default RSYSLOG_CONF file | ||
mv ${RSYSLOG_CONF} ${RSYSLOG_CONF}.bak | ||
|
||
# create test configuration file | ||
cat << EOF > ${test_dir}/${test_conf} | ||
# rsyslog configuration file | ||
#### RULES #### | ||
*.* ${test_dir}/${test_file_2} | ||
EOF | ||
|
||
# create test2 configuration file | ||
cat << EOF > ${test_dir}/${test_conf_2} | ||
# rsyslog configuration file | ||
#### RULES #### | ||
*.* ${test_dir}/${test_file_3} | ||
EOF | ||
|
||
# create rsyslog.conf configuration file | ||
cat << EOF > $RSYSLOG_CONF | ||
# rsyslog configuration file | ||
#### RULES #### | ||
*.* ${test_dir}/${test_file} | ||
#### MODULES #### | ||
include(file="${test_dir}/${test_conf}") | ||
\$IncludeConfig ${test_dir}/${test_conf_2} | ||
EOF |
52 changes: 52 additions & 0 deletions
52
..._rsyslog_log_file_configuration/rule_rsyslog_files_permissions/include_perms_0601.fail.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,52 @@ | ||
#!/bin/bash | ||
# | ||
# profiles = xccdf_org.ssgproject.content_profile_pci-dss | ||
# platform = Red Hat Enterprise Linux 8,multi_platform_fedora,Oracle Linux 8 | ||
|
||
# Check rsyslog.conf with log file permissions 0600 from rules and | ||
# log file permissions 0601 from include() fails. | ||
|
||
RSYSLOG_CONF='/etc/rsyslog.conf' | ||
|
||
PERMS_FAIL=0601 | ||
|
||
PERMS_PASS=0600 | ||
|
||
test_file=test1.log | ||
test_file_2=test2.log | ||
test_conf=test_conf.conf | ||
test_dir=/tmp/${0%.*} | ||
|
||
# setup test log files and permissions | ||
mkdir ${test_dir} | ||
|
||
touch ${test_dir}/${test_file} | ||
chmod $PERMS_PASS ${test_dir}/${test_file} | ||
|
||
touch ${test_dir}/${test_file_2} | ||
chmod $PERMS_FAIL ${test_dir}/${test_file_2} | ||
|
||
# backup default RSYSLOG_CONF file | ||
mv ${RSYSLOG_CONF} ${RSYSLOG_CONF}.bak | ||
|
||
# create test configuration file | ||
cat << EOF > ${test_dir}/${test_conf} | ||
# rsyslog configuration file | ||
#### RULES #### | ||
*.* ${test_dir}/${test_file_2} | ||
EOF | ||
|
||
# create rsyslog.conf configuration file | ||
cat << EOF > $RSYSLOG_CONF | ||
# rsyslog configuration file | ||
#### RULES #### | ||
*.* ${test_dir}/${test_file} | ||
#### MODULES #### | ||
include(file="${test_dir}/${test_conf}") | ||
EOF |
Oops, something went wrong.