From: Miroslav V. <mva...@re...> - 2011-11-29 14:55:42
|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Thanks for the patch Ondrej, it is now upstream. On 11/29/2011 01:47 PM, om...@re... wrote: > From: Ondrej Moris <om...@re...> > > * now upstream audit-test contains audit and ltp at the same level, > * ltp Makefile now contains dist target similar to the one in audit > * a new Makefile was created in audit-test with the following targets: > > + dist = call dist in audit and ltp, extract tarballs and tar.gz them > together with Makefile and rules.mk (i.e. create the archive with > Makefile, rules.mk, audit-test and ltp). One is supposed to > extract this tarball in /usr/local/eal4_testing/. > + run = call run and report targets in audit-test and ltp > + summary = harvest all rollup (or run if rollup is not available) logs into > final test suite run.log > + report = call summary and systeminfo targets and tar.gz all possible logs > stored withing test suite (together with overall run.log and > systeminfo log). > > You may still use dist target in audit and ltp directories if you want to > work with those parts separately. > > Signed-off-by: Ondrej Moris <om...@re...> > --- > Makefile | 90 ++++++++++++ > audit/Makefile | 3 +- > audit/README.ltp | 24 --- > audit/audit-test.spec | 2 +- > audit/ltp/Makefile | 103 -------------- > audit/ltp/patch/cc_commands | 5 - > audit/ltp/patch/cc_ospp.sh | 168 ---------------------- > audit/ltp/patch/ssh03 | 91 ------------ > audit/ltp/patch/su01 | 193 ------------------------- > ltp/Makefile | 119 ++++++++++++++++ > ltp/README.ltp | 24 +++ > ltp/patch/cc_commands | 5 + > ltp/patch/cc_ospp.sh | 168 ++++++++++++++++++++++ > ltp/patch/ssh03 | 91 ++++++++++++ > ltp/patch/su01 | 193 +++++++++++++++++++++++++ > rules.mk | 330 +++++++++++++++++++++++++++++++++++++++++++ > 16 files changed, 1022 insertions(+), 587 deletions(-) > create mode 100644 Makefile > delete mode 100644 audit/README.ltp > delete mode 100644 audit/ltp/Makefile > delete mode 100644 audit/ltp/patch/cc_commands > delete mode 100755 audit/ltp/patch/cc_ospp.sh > delete mode 100755 audit/ltp/patch/ssh03 > delete mode 100755 audit/ltp/patch/su01 > create mode 100644 ltp/Makefile > create mode 100644 ltp/README.ltp > create mode 100644 ltp/patch/cc_commands > create mode 100755 ltp/patch/cc_ospp.sh > create mode 100755 ltp/patch/ssh03 > create mode 100755 ltp/patch/su01 > create mode 100644 rules.mk > > diff --git a/Makefile b/Makefile > new file mode 100644 > index 0000000..a500814 > --- /dev/null > +++ b/Makefile > @@ -0,0 +1,90 @@ > +########################################################################## > +# Copyright (C) International Business Machines Corp., 2003 > +# > +# This program is free software; you can redistribute it and/or modify > +# it under the terms of the GNU General Public License as published by > +# the Free Software Foundation; either version 2 of the License, or > +# (at your option) any later version. > +# > +# This program is distributed in the hope that it will be useful, > +# but WITHOUT ANY WARRANTY; without even the implied warranty of > +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See > +# the GNU General Public License for more details. > +# > +# You should have received a copy of the GNU General Public License > +# along with this program; if not, write to the Free Software > +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA > +# > +# > +# > +# FILE : Makefile > +# > +# PURPOSE: This makefile facilitates the compiling and linking of the > +# entire test suite. > +# > +# HISTORY: > +# 11/03 originated by Dustin Kirkland (k1r...@us...) > +# 08/04 updated by Dustin Kirkland (k1r...@us...) > +# 04/07 updated by Lisa Smith (lis...@hp...) > +# 11/11 updated by Ondrej Moris (om...@re...) > +# > +########################################################################## > + > +TOPDIR = . > + > +include $(TOPDIR)/rules.mk > + > +DIRS = audit ltp > + > +SUB_DIRS = audit-test ltp > + > +LOG = run.log > + > +run: > + for DIR in $(SUB_DIRS); do \ > + make -C $$DIR run; \ > + done > + make report > + > +.PHONE: report > +report: systeminfo summary > + @tarball="logs-$$(date +'%m%d%Y_%H%M').tar.gz"; \ > + tar zcvf logs-$$(date +"%m%d%Y_%H%M").tar.gz $$(find . -name "*.log"); \ > + ls -l $$tarball > + > +.PHONY: summary > +summary: > + @echo "Test Report Summary ($$(date))" > $(LOG) > + @echo "" >> $(LOG) > + @for dir_iter in $(SUB_DIRS); do \ > + if ls $$dir_iter/*rollup.log > /dev/null 2>&1; then \ > + log_iter=$$(ls $$dir_iter/*rollup.log); \ > + elif ls $$dir_iter/run.log > /dev/null 2>&1; then \ > + log_iter=$$(ls $$dir_iter/run.log); \ > + else \ > + continue; \ > + fi; \ > + echo " looking at report: $$log_iter"; \ > + echo "####### Log File: $$log_iter" >> $(LOG); \ > + cat $$log_iter >> $(LOG); \ > + echo "####### Log End" >> $(LOG); \ > + echo "" >> $(LOG); \ > + done > + > +.PHONY: dist > +dist: > + rev=$$(git log | head -n 1| awk '/^commit/{print $$2}' | cut -b 1-6 ) && \ > + tmpdir=$$(mktemp -d) && \ > + into=$${PWD%/*} && \ > + for DIR in $(DIRS); do make -C "$$DIR" dist; done && \ > + mv "ltp-$$rev.tar.gz" "audit-test-$$rev.tar.gz" "$$tmpdir" && \ > + cp "Makefile" "rules.mk" "$$tmpdir" && \ > + cd "$$tmpdir" && \ > + tar xzvf "ltp-$$rev.tar.gz" && \ > + tar xzvf "audit-test-$$rev.tar.gz" && \ > + tar czf "$$into/audit-$$rev.tar.gz" "Makefile" "rules.mk" "ltp" "audit-test" && \ > + echo "$$into" && \ > + cd "$$into" && \ > + rm -rf "$$tmpdir" && \ > + echo && \ > + ls -l audit-$$rev.tar.gz > diff --git a/audit/Makefile b/audit/Makefile > index 693fdb9..4825cc5 100644 > --- a/audit/Makefile > +++ b/audit/Makefile > @@ -36,8 +36,7 @@ RUN_DIRS += trustedprograms \ > kvm-cgroups \ > kvm-iommu \ > audit-remote \ > - misc \ > - ltp > + misc > endif > endif > > diff --git a/audit/README.ltp b/audit/README.ltp > deleted file mode 100644 > index 62b87bb..0000000 > --- a/audit/README.ltp > +++ /dev/null > @@ -1,24 +0,0 @@ > -| Running LTP tests for RHEL6.2 certification > -+--------------------------------------------- > - > -Requirements > ------------- > -Be sure to have properly configured system according to README.run > -file. > - > -Running > -------- > -Running required LTP tests is fully automatized and they are run as > -part of the audit-test test suite. > - > -The LTP suite is built and installed during the make phase. The tests > -are executed during the make run phase. > - > -Logs from the runs are harvested and will be available in the > -audit.run.log and audit.rollup.log files. > - > -To run only the LTP tests use the commands below. These expect you > -already did run make in the audit-test root directory > - > -# cd ltp > -# make run > diff --git a/audit/audit-test.spec b/audit/audit-test.spec > index c83ac98..c469312 100644 > --- a/audit/audit-test.spec > +++ b/audit/audit-test.spec > @@ -1,5 +1,5 @@ > Name: audit-test > -Version: 4b7984 > +Version: 5e00ff > Release: 1 > Summary: Audit testsuite for RHEL5 CAPP/LSPP evaluation > Vendor: Hewlett-Packard > diff --git a/audit/ltp/Makefile b/audit/ltp/Makefile > deleted file mode 100644 > index d055d0e..0000000 > --- a/audit/ltp/Makefile > +++ /dev/null > @@ -1,103 +0,0 @@ > -########################################################################## > -# Copyright (c) 2011 Red Hat, Inc. All rights reserved. > -# > -# This program is free software: you can redistribute it and/or modify > -# it under the terms of version 2 the GNU General Public License as > -# published by the Free Software Foundation. > -# > -# This program is distributed in the hope that it will be useful, > -# but WITHOUT ANY WARRANTY; without even the implied warranty of > -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the > -# GNU General Public License for more details. > -# > -# You should have received a copy of the GNU General Public License > -# along with this program. If not, see <http://www.gnu.org/licenses/>. > -# > -# > -# > -# FILE : Makefile > -# > -# PURPOSE: Downloads and runs syscalls and cc_ospp tests from LTP suite > -# > -# REQUIRENTS: Exported RHOST and PASSWD env variables > -# > -# HISTORY: > -# 11/11 originated by Miroslav Vadkerti <mva...@re...> > -# > -########################################################################## > - > -RUN_LOG = run.log > -ROLLUP_LOG = rollup.log > - > -LTP_BASE = ltp-full > -LTP_BASE_PATH = $(CURDIR)/$(LTP_BASE) > -PATCH_DIR = $(CURDIR)/patch > -MDIR = $(CURDIR) > - > -LTP_ROLLUP_LOG = .rollup.log > -LTP_RUN_LOG = .run.log > - > -LTP_FULL = ltp-full.tar.bz2 > - > -all:: download extract patch build > - > -run:: runtests report > - > -build:: > - echo "Makefile: build" > - export TOP_SRCDIR=$(LTP_BASE_PATH) > - @$(MAKE) -C $(LTP_BASE_PATH) autotools > - cd $(LTP_BASE_PATH) && ./configure && cd - > - @$(MAKE) -C $(LTP_BASE_PATH) all > - @$(MAKE) -C $(LTP_BASE_PATH) install > - > -extract:: > - echo "Makefile: extract" > - tar xvf $(LTP_FULL) > - mv -f ltp-full-* $(LTP_BASE) > - > -patch:: > - echo "Makefile: patch" > - cp -fv $(PATCH_DIR)/cc_commands $(LTP_BASE_PATH)/runtest/cc_commands > - cp -fv $(PATCH_DIR)/cc_ospp.sh $(LTP_BASE_PATH)/testscripts/cc_ospp.sh > - cp -fv $(PATCH_DIR)/ssh03 $(LTP_BASE_PATH)/testcases/network/tcp_cmds/ssh/ssh03 > - cp -fv $(PATCH_DIR)/su01 $(LTP_BASE_PATH)/testcases/commands/su/su01 > - > -clean:: > - echo "Makefile: clean" > - # remove installed ltp > - rm -rf /opt/ltp > - # remove all logs, downloaded and created files/dirs > - rm -f cc_ospp$(LTP_ROLLUP_LOG) cc_ospp$(LTP_RUN_LOG) > - rm -f syscalls$(LTP_ROLLUP_LOG) syscalls$(LTP_RUN_LOG) > - rm -f $(LTP_FULL) $(RUN_LOG) $(ROLLUP_LOG) > - rm -rf $(LTP_BASE) > - > -download:: > - echo "Makefile: download" > - # download latest LTP source > - wget -O $(LTP_FULL) http://sourceforge.net/projects/ltp/files/latest/download > - > -runtests:: > - echo "Makefile: runtests" > - # needed for sendfile tests > - setsebool allow_execmem=on > - # run tests > - echo "Running syscalls tests" > - /opt/ltp/testscripts/syscalls.sh -p -l $(MDIR)/syscalls$(LTP_ROLLUP_LOG) 2>&1 | tee syscalls$(LTP_RUN_LOG) > - echo "Running cc_ospp tests" > - /opt/ltp/testscripts/cc_ospp.sh -p -l $(MDIR)/cc_ospp$(LTP_ROLLUP_LOG) 2>&1 | tee cc_ospp$(LTP_RUN_LOG) > - > -report:: > - echo "Makefile: report" > - # create rollup.log > - echo "TESTS PASSED = "$$(grep PASS cc_ospp$(LTP_ROLLUP_LOG) syscalls$(LTP_ROLLUP_LOG) 2>&1 | wc -l) > $(ROLLUP_LOG) > - echo " FAILED =" $$(grep FAIL cc_ospp$(LTP_ROLLUP_LOG) syscalls$(LTP_ROLLUP_LOG) 2>&1 | wc -l) >> $(ROLLUP_LOG) > - echo >> $(ROLLUP_LOG) > - if [ "x$$(grep FAIL cc_ospp$(LTP_ROLLUP_LOG) syscalls$(LTP_ROLLUP_LOG) 2>&1 | wc -l)" != "x0" ]; then \ > - echo "Failed tests:" >> $(ROLLUP_LOG); \ > - echo "-------------" >> $(ROLLUP_LOG); \ > - grep -H "\WFAIL\W" cc_ospp$(LTP_ROLLUP_LOG) syscalls$(LTP_ROLLUP_LOG) >> $(ROLLUP_LOG); \ > - fi > - # create run.log > - cat cc_ospp$(LTP_RUN_LOG) syscalls$(LTP_RUN_LOG) > $(RUN_LOG) > diff --git a/audit/ltp/patch/cc_commands b/audit/ltp/patch/cc_commands > deleted file mode 100644 > index 2ba85c7..0000000 > --- a/audit/ltp/patch/cc_commands > +++ /dev/null > @@ -1,5 +0,0 @@ > -ping export LTPROOT; ping01 > -ssh01 ssh01 > -ssh02 ssh02 > -ssh03 ssh03 > -su01 export TCbin=$LTPROOT/../testcases/bin;su01 > diff --git a/audit/ltp/patch/cc_ospp.sh b/audit/ltp/patch/cc_ospp.sh > deleted file mode 100755 > index c3c0738..0000000 > --- a/audit/ltp/patch/cc_ospp.sh > +++ /dev/null > @@ -1,168 +0,0 @@ > -#!/bin/sh > - > - > -# > -# 08/17/11 - Jim Czyzak - This script is based upon runEALtests.sh script. > -# It has been modified to use the command file > -# cc_commands and only include arguments that might > -# be useful for the common criteria testing against > -# the ospp in conjunction with the audit-test suite. > -# Also includes code to turn off screen in > -# /etc/profile for the test run as screen interferes > -# with the su tests (screen is turned on in the > -# in some evaluated configurations for purposes of > -# securing display devices) > - > -cd `dirname $0` > -export LTPROOT=${PWD} > -export TMPBASE="/tmp" > -export TMP="${TMPBASE}/runalltests-$$" > -export PATH="${PATH}:${LTPROOT}/../testcases/bin" > -cmdfile="${LTPROOT}/../runtest/cc_commands" > -pretty_prt=" " > -alt_dir=0 > -quiet_mode=" " > - > -usage() > -{ > - cat <<-END >&2 > - usage: ./${0##*/} -c [-d tmpdir] [-f cmdfile ] [ -l logfile ] > - -q [ -r ltproot ] [ -t duration ] [ -x instances ] > - > - -c Run LTP under additional background CPU load. > - -d tmpdir Directory where temporary files will be created. > - -f cmdfile Execute user defined list of testcases. > - -h Help. Prints all available options. > - -l logfile Log results of test in a logfile. > - -p Human readable format logfiles. > - -q Print less verbose output to screen. > - -r ltproot Fully qualified path where testsuite is installed. > - -t duration Execute the testsuite for given duration in hours. > - -x instances Run multiple instances of this testsuite. > - > - example: ./${0##*/} -i 1024 -m 128 -p -q -l /tmp/resultlog.$$ -d ${PWD} > - END > -exit > -} > - > -mkdir -p ${TMP} > - > -cd ${TMP} > -if [ $? -ne 0 ]; then > - echo "could not cd ${TMP} ... exiting" > - exit > -fi > - > -while getopts cd:f:h:l:pqr:t:x arg > -do case $arg in > - c) > - $LTPROOT/../testcases/bin/genload --cpu 1 2>&1 1>/dev/null & > - GenLoad=1 ;; > - > - d) # append $$ to TMP, as it is recursively > - # removed at end of script. > - TMPBASE=$OPTARG;; > - f) # Execute user defined set of testcases. > - cmdfile=$OPTARG;; > - > - h) usage;; > - > - l) > - if [ ${OPTARG:0:1} != "/" ] > - then > - if [ -d $LTPROOT/results ] > - then > - logfile="-l $LTPROOT/results/$OPTARG" > - else > - mkdir -p $LTPROOT/results > - if [ $? -ne 0 ] > - then > - echo "ERROR: failed to create $LTPROOT/results" > - exit 1 > - fi > - logfile="-l $LTPROOT/results/$OPTARG" > - fi > - alt_dir=1 > - else > - logfile="-l $OPTARG" > - fi ;; > - > - p) pretty_prt=" -p ";; > - > - q) quiet_mode=" -q ";; > - > - r) LTPROOT=$OPTARG;; > - > - t) # In case you want to specify the time > - # to run from the command line > - # (2m = two minutes, 2h = two hours, etc) > - duration="-t $OPTARG" ;; > - > - x) # number of ltp's to run > - instances="-x $OPTARG";; > - > - \?) usage;; > - esac > -done > - > -if [ -z $PASSWD ] > -then > - echo " " > - echo "ERROR:" > - echo "Please export enviroment variable PASSWD" > - echo "INFO: export PASSWD = 'root's password'" > - exit 1 > -fi > - > -if [ -n "$instances" ]; then > - instances="$instances -O ${TMP}" > -fi > - > - > -# If user does not provide a command file select a default set of testcases > -# to execute. > -if [ -z $cmdfile ] > -then > - cat ${LTPROOT}/../runtest/admin_tools > ${TMP}/alltests > -else > - cat $cmdfile > ${TMP}/alltests > -fi > - > -# The fsx-linux tests use the SCRATCHDEV environment variable as a location > -# that can be reformatted and run on. Set SCRATCHDEV if you want to run > -# these tests. As a safeguard, this is disabled. > -unset SCRATCHDEV > -if [ -n "$SCRATCHDEV" ]; then > - cat ${LTPROOT}/../runtest/fsx >> ${TMP}/alltests > -fi > - > -# turn off screen in /etc/profile > -tmpbkup=$(mktemp "/etc/profile.XXXXXX") || exit 1 > -cp -a /etc/profile $tmpbkup || exit 1 > -sed -i 's/\[ -w $(tty) \]/false/' /etc/profile > - > -# display versions of installed software > -${LTPROOT}/../ver_linux > - > -${LTPROOT}/../bin/ltp-pan $quiet_mode -e -S $instances $duration -a $$ -n $$ $pretty_prt -f ${TMP}/alltests $logfile > - > -if [ $? -eq 0 ]; then > - echo ltp-pan reported PASS > -else > - echo ltp-pan reported FAIL > -fi > - > -if [ $alt_dir -eq 1 ] > -then > - echo " " > - echo "###############################################################" > - echo " " > - echo " result log is in the $LTPROOT/results directory" > - echo " " > - echo "###############################################################" > - echo " " > -fi > -# restore /etc/profile > -mv -f $tmpbkup /etc/profile > - > -rm -rf ${TMP} > diff --git a/audit/ltp/patch/ssh03 b/audit/ltp/patch/ssh03 > deleted file mode 100755 > index 30caaba..0000000 > --- a/audit/ltp/patch/ssh03 > +++ /dev/null > @@ -1,91 +0,0 @@ > -#!/bin/sh > -#********************************************************************* > -# Copyright (c) International Business Machines Corp., 2000 > -# > -# This program is free software; you can redistribute it and/or modify > -# it under the terms of the GNU General Public License as published by > -# the Free Software Foundation; either version 2 of the License, or > -# (at your option) any later version. > -# > -# This program is distributed in the hope that it will be useful, > -# but WITHOUT ANY WARRANTY; without even the implied warranty of > -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See > -# the GNU General Public License for more details. > -# > -# You should have received a copy of the GNU General Public License > -# along with this program; if not, write to the Free Software > -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA > -# > -# FILE : ssh > -# > -# PURPOSE: Tests to see that ssh allows a valid username (non-root) > -# > -# SETUP: The program `/usr/bin/expect' MUST be installed. > -# > -# HISTORY: > -# 03/03 Jerone Young (je...@us...) > -# > - > -#----------------------------------------------------------------------- > -# FUNCTION: do_setup > -#----------------------------------------------------------------------- > - > -do_setup() > -{ > - export RHOST="localhost" > - export TEST_USER="ssh_usr3" > - export TEST_USER_PASSWD="eal" > - export TEST_USER_ENCRYPTED_PASSWD="42VmxaOByKwlA" > - export TEST_USER_HOMEDIR="/home/$TEST_USER" > - > - # erase user if he/she already exists, so we can have a clean env > - > - rm -Rf /home/$TEST_USER > - tst_setup > - > - exists expect ssh ssh03_s1 useradd userdel > - > - userdel $TEST_USER > - sleep 1 > - > - if ! useradd -m -p $TEST_USER_ENCRYPTED_PASSWD $TEST_USER; then > - end_testcase "Could not add test user $TEST_USER to system $RHOST." > - fi > - > - # create users home diretory (SLES 8 does not do this, even when specified > - # in adduser) > - USER_UID=$(id -u $TEST_USER) > - USER_GID=$(id -g $TEST_USER) > - if ! mkdir -p "$TEST_USER_HOMEDIR"; then > - end_testcase "Failed to create $TEST_USER_HOMEDIR" > - fi > - chown -R $USER_UID.$USER_GID "$TEST_USER_HOMEDIR" > - > - trap do_cleanup EXIT > - > -} > - > -#----------------------------------------------------------------------- > -# FUNCTION: do_cleanup > -#----------------------------------------------------------------------- > - > -do_cleanup() > -{ > - userdel $TEST_USER > - tst_cleanup > -} > - > -#----------------------------------------------------------------------- > -# FUNCTION: MAIN > -# > -# DESCRIPTION: Create Test User > -# Call upon script to make sure an invalid user can not have access > -# Cleanup Test User from system > -# Exit with exit code of script called upon > -#----------------------------------------------------------------------- > -. net_cmdlib.sh > - > -read_opts $* > -do_setup > -ssh03_s1 || end_testcase "Testcase failed" > -do_cleanup > diff --git a/audit/ltp/patch/su01 b/audit/ltp/patch/su01 > deleted file mode 100755 > index 0ca6b87..0000000 > --- a/audit/ltp/patch/su01 > +++ /dev/null > @@ -1,193 +0,0 @@ > -#!/bin/sh > -#********************************************************************* > -# Copyright (c) International Business Machines Corp., 2003, 2004 > -# > -# This program is free software; you can redistribute it and/or modify > -# it under the terms of the GNU General Public License as published by > -# the Free Software Foundation; either version 2 of the License, or > -# (at your option) any later version. > -# > -# This program is distributed in the hope that it will be useful, > -# but WITHOUT ANY WARRANTY; without even the implied warranty of > -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See > -# the GNU General Public License for more details. > -# > -# You should have received a copy of the GNU General Public License > -# along with this program; if not, write to the Free Software > -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA > -# > -# FILE : su > -# > -# PURPOSE: Tests the basic functionality of `su`. > -# > -# SETUP: The program `/usr/bin/expect' MUST be installed. > -# > -# HISTORY: > -# 03/03 Dustin Kirkland (dki...@us...) > -# 03/03 Jerone Young (je...@us...) > -# 10/01/04 Kris Wilson Port to Red Hat > -# > -#********************************************************************* > - > -if [ -z ${TCbin} ] > -then > - export TCbin="/opt/ltp/testcases/bin" > -# $PWD > -fi > - > -export TEST_USER1="su_usr1" > - > -tvar=${MACHTYPE%-*} > -tvar=${tvar#*-} > - > -# need to export tvar for su01_s1 > -export tvar > -printf "Machine type is: $tvar\n\n" > - > -if [ "$tvar" = "redhat" -o "$tvar" = "redhat-linux" ] > -# Need to also set group for TEST_USER2 > -then > -export TEST_USER1_GROUP="wheel" > -export TEST_USER2_GROUP="wheel" > -else > -export TEST_USER1_GROUP="trusted" > -export TEST_USER2_GROUP="trusted" > -fi > -export TEST_USER1_PASSWD="eal" > -export TEST_USER1_ENCRYPTED_PASSWD="42VmxaOByKwlA" > -export TEST_USER1_NEW_PASSWD="a_very_good_and_long_password" > -export TEST_USER1_HOMEDIR="/home/$TEST_USER1" > - > -export TEST_USER2="su_usr2" > -# Group needs to be trusted for Red Hat. > -#export TEST_USER2_GROUP="trusted" > -export TEST_USER2_PASSWD="eal" > -export TEST_USER2_ENCRYPTED_PASSWD="42VmxaOByKwlA" > -export TEST_USER2_HOMEDIR="/home/$TEST_USER2" > - > -#This is for enviroment test > -export TEST_LINE="YOU_HAVE_THE_VARIABLE" > -export TEST_ENV_FILE="/tmp/TEST_ENV_FILE_ROOT" > -export TEST_ENV_FILE_USER="/tmp/TEST_ENV_FILE_USER" > -export TEST_ENV_FILE2="/tmp/TEST_ENV_FILE_ROOT2" > -#----------------------------------------------------------------------- > -# FUNCTION: do_setup > -#----------------------------------------------------------------------- > - > -do_setup(){ > - > -#REMOVE ANY TEMPOARY FILES THAT MAY STILL BE AROUND > -rm -f $TEST_ENV_FILE_USER > /dev/null 2>&1 > -rm -f $TEST_ENV_FILE2 > /dev/null 2>&1 > -rm -f $TEST_ENV_FILE > /dev/null 2>&1 > - > - > -#Create 1st test user > - #erase user if he may exist , so we can have a clean en > - rm -rf /home/$TEST_USER1 > - userdel $TEST_USER1 > - sleep 1 > - > - useradd -m -g users $TEST_USER1 > - if [ $? != 0 ] > - then { > - echo "Could not add test user $TEST_USER1." > - exit 1 > - } > - fi > - > - usermod -G users,$TEST_USER1_GROUP $TEST_USER1 > - > - #create users home directory (SLES 8 does not do this, even when specified in adduser) > -# Only do this if not RH; RH creates the directory. > - if [ "$tvar" != "redhat" -a "$tvar" != "redhat-linux" ] > - then { > - USER_UID=`id -u $TEST_USER1` > - USER_GID=`id -g $TEST_USER1` > - mkdir $TEST_USER1_HOMEDIR > - chown -R $USER_UID.$USER_GID $TEST_USER1_HOMEDIR > - } > - fi > - > - usermod -p $TEST_USER1_ENCRYPTED_PASSWD $TEST_USER1 > /dev/null 2>&1 > - if [ $? != 0 ] > - then { > - echo "Could not set password for test user $TEST_USER1" > - exit 1 > - } > - fi > - > -#Create 2nd test user > - #erase user if he may exist , so we can have a clean en > - rm -rf /home/$TEST_USER2 > - userdel $TEST_USER2 > - sleep 1 > - > - useradd -m -g users $TEST_USER2 > - > - if [ $? != 0 ] > - then { > - echo "Could not add test user $TEST_USER2." > - exit 1 > - } > - fi > - > - usermod -G users,$TEST_USER2_GROUP $TEST_USER2 > - > - #create users home diretory (SLES 8 does not do this, even when specified in adduser) > -# Only do this if not RH; RH creates the directory. > - if [ "$tvar" != "redhat" -a "$tvar" != "redhat-linux" ] > - then { > - USER_UID=`id -u $TEST_USER2` > - USER_GID=`id -g $TEST_USER2` > - mkdir $TEST_USER2_HOMEDIR > - chown -R $USER_UID.$USER_GID $TEST_USER2_HOMEDIR > - } > - fi > - > - usermod -p $TEST_USER2_ENCRYPTED_PASSWD $TEST_USER2 > /dev/null 2>&1 > - if [ $? != 0 ] > - then { > - echo "Could not set password for test user $TEST_USER2" > - exit 1 > - } > - fi > -} > - > - > -#----------------------------------------------------------------------- > -# FUNCTION: do_cleanup > -#----------------------------------------------------------------------- > - > -do_cleanup() { > - rm -rf /home/$TEST_USER1 > - rm -rf /home/$TEST_USER2 > - userdel $TEST_USER1 > - userdel $TEST_USER2 > - #REMOVE ANY TEMPOARY FILES THAT MAY STILL BE AROUND > - rm -f $TEST_ENV_FILE_USER > /dev/null 2>&1 > - rm -f $TEST_ENV_FILE2 > /dev/null 2>&1 > - rm -f $TEST_ENV_FILE > /dev/null 2>&1 > -} > - > -#----------------------------------------------------------------------- > -# FUNCTION: screenoff > -# > -# DESCRIPTION: save off /etc/profile and turn off screen > -# > -#----------------------------------------------------------------------- > -screenoff (){ > - tmpbkup=$(mktemp "/etc/profile.XXXXXX") || exit 1 > - cp -a /etc/profile $tmpbkup || exit 1 > - sed -i 's/\[ -w $(tty) \]/false/' /etc/profile > -} > -#----------------------------------------------------------------------- > -# FUNCTION: MAIN > -#----------------------------------------------------------------------- > -do_setup > -screenoff > -/bin/su $TEST_USER1 -c ${TCbin}/su01_s1 > -mv -f $tmpbkup /etc/profile > -EXIT_CODE=$? > -do_cleanup > -exit $EXIT_CODE > diff --git a/ltp/Makefile b/ltp/Makefile > new file mode 100644 > index 0000000..8ea7ee6 > --- /dev/null > +++ b/ltp/Makefile > @@ -0,0 +1,119 @@ > +########################################################################## > +# Copyright (c) 2011 Red Hat, Inc. All rights reserved. > +# > +# This program is free software: you can redistribute it and/or modify > +# it under the terms of version 2 the GNU General Public License as > +# published by the Free Software Foundation. > +# > +# This program is distributed in the hope that it will be useful, > +# but WITHOUT ANY WARRANTY; without even the implied warranty of > +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the > +# GNU General Public License for more details. > +# > +# You should have received a copy of the GNU General Public License > +# along with this program. If not, see <http://www.gnu.org/licenses/>. > +# > +# > +# > +# FILE : Makefile > +# > +# PURPOSE: Downloads and runs syscalls and cc_ospp tests from LTP suite > +# > +# REQUIRENTS: Exported RHOST and PASSWD env variables > +# > +# HISTORY: > +# 11/11 originated by Miroslav Vadkerti <mva...@re...> > +# > +########################################################################## > + > +RUN_LOG = run.log > +ROLLUP_LOG = rollup.log > + > +LTP_BASE = ltp-full > +LTP_BASE_PATH = $(CURDIR)/$(LTP_BASE) > +PATCH_DIR = $(CURDIR)/patch > +MDIR = $(CURDIR) > + > +LTP_ROLLUP_LOG = .rollup.log > +LTP_RUN_LOG = .run.log > + > +LTP_FULL = ltp-full.tar.bz2 > + > +all:: download extract patch build > + > +run:: runtests report > + > +build:: > + echo "Makefile: build" > + export TOP_SRCDIR=$(LTP_BASE_PATH) > + @$(MAKE) -C $(LTP_BASE_PATH) autotools > + cd $(LTP_BASE_PATH) && ./configure && cd - > + @$(MAKE) -C $(LTP_BASE_PATH) all > + @$(MAKE) -C $(LTP_BASE_PATH) install > + > +extract:: > + echo "Makefile: extract" > + tar xvf $(LTP_FULL) > + mv -f ltp-full-* $(LTP_BASE) > + > +patch:: > + echo "Makefile: patch" > + cp -fv $(PATCH_DIR)/cc_commands $(LTP_BASE_PATH)/runtest/cc_commands > + cp -fv $(PATCH_DIR)/cc_ospp.sh $(LTP_BASE_PATH)/testscripts/cc_ospp.sh > + cp -fv $(PATCH_DIR)/ssh03 $(LTP_BASE_PATH)/testcases/network/tcp_cmds/ssh/ssh03 > + cp -fv $(PATCH_DIR)/su01 $(LTP_BASE_PATH)/testcases/commands/su/su01 > + > +clean:: > + echo "Makefile: clean" > + # remove installed ltp > + rm -rf /opt/ltp > + # remove all logs, downloaded and created files/dirs > + rm -f cc_ospp$(LTP_ROLLUP_LOG) cc_ospp$(LTP_RUN_LOG) > + rm -f syscalls$(LTP_ROLLUP_LOG) syscalls$(LTP_RUN_LOG) > + rm -f $(LTP_FULL) $(RUN_LOG) $(ROLLUP_LOG) > + rm -rf $(LTP_BASE) > + > +download:: > + echo "Makefile: download" > + # download latest LTP source > + wget -O $(LTP_FULL) http://sourceforge.net/projects/ltp/files/latest/download > + > +runtests:: > + echo "Makefile: runtests" > + # needed for sendfile tests > + setsebool allow_execmem=on > + # run tests > + echo "Running syscalls tests" > + /opt/ltp/testscripts/syscalls.sh -p -l $(MDIR)/syscalls$(LTP_ROLLUP_LOG) 2>&1 | tee syscalls$(LTP_RUN_LOG) > + echo "Running cc_ospp tests" > + /opt/ltp/testscripts/cc_ospp.sh -p -l $(MDIR)/cc_ospp$(LTP_ROLLUP_LOG) 2>&1 | tee cc_ospp$(LTP_RUN_LOG) > + > +report:: > + echo "Makefile: report" > + # create rollup.log > + echo "TESTS PASSED = "$$(grep PASS cc_ospp$(LTP_ROLLUP_LOG) syscalls$(LTP_ROLLUP_LOG) 2>&1 | wc -l) > $(ROLLUP_LOG) > + echo " FAILED =" $$(grep FAIL cc_ospp$(LTP_ROLLUP_LOG) syscalls$(LTP_ROLLUP_LOG) 2>&1 | wc -l) >> $(ROLLUP_LOG) > + echo >> $(ROLLUP_LOG) > + if [ "x$$(grep FAIL cc_ospp$(LTP_ROLLUP_LOG) syscalls$(LTP_ROLLUP_LOG) 2>&1 | wc -l)" != "x0" ]; then \ > + echo "Failed tests:" >> $(ROLLUP_LOG); \ > + echo "-------------" >> $(ROLLUP_LOG); \ > + grep -H "\WFAIL\W" cc_ospp$(LTP_ROLLUP_LOG) syscalls$(LTP_ROLLUP_LOG) >> $(ROLLUP_LOG); \ > + fi > + # create run.log > + cat cc_ospp$(LTP_RUN_LOG) syscalls$(LTP_RUN_LOG) > $(RUN_LOG) > + > +dist: > + rev=$$(git log | head -n 1| awk '/^commit/{print $$2}' | cut -b 1-6 ) && \ > + tmpdir=$$(mktemp -d) && \ > + into=$${PWD%/*} && \ > + mkdir "$$tmpdir/ltp" && \ > + rsync -a --exclude=.git . "$$tmpdir/ltp" && \ > + $(MAKE) clean -C "$$tmpdir/ltp" && \ > + cd "$$tmpdir" && \ > + chmod -R a+rX ltp && \ > + tar czf "$$into/ltp-$$rev.tar.gz" ltp && \ > + cd "$$into" && \ > + rm -rf "$$tmpdir" && \ > + echo && \ > + ls -l ltp-$$rev.tar.gz > + > diff --git a/ltp/README.ltp b/ltp/README.ltp > new file mode 100644 > index 0000000..62b87bb > --- /dev/null > +++ b/ltp/README.ltp > @@ -0,0 +1,24 @@ > +| Running LTP tests for RHEL6.2 certification > ++--------------------------------------------- > + > +Requirements > +------------ > +Be sure to have properly configured system according to README.run > +file. > + > +Running > +------- > +Running required LTP tests is fully automatized and they are run as > +part of the audit-test test suite. > + > +The LTP suite is built and installed during the make phase. The tests > +are executed during the make run phase. > + > +Logs from the runs are harvested and will be available in the > +audit.run.log and audit.rollup.log files. > + > +To run only the LTP tests use the commands below. These expect you > +already did run make in the audit-test root directory > + > +# cd ltp > +# make run > diff --git a/ltp/patch/cc_commands b/ltp/patch/cc_commands > new file mode 100644 > index 0000000..2ba85c7 > --- /dev/null > +++ b/ltp/patch/cc_commands > @@ -0,0 +1,5 @@ > +ping export LTPROOT; ping01 > +ssh01 ssh01 > +ssh02 ssh02 > +ssh03 ssh03 > +su01 export TCbin=$LTPROOT/../testcases/bin;su01 > diff --git a/ltp/patch/cc_ospp.sh b/ltp/patch/cc_ospp.sh > new file mode 100755 > index 0000000..c3c0738 > --- /dev/null > +++ b/ltp/patch/cc_ospp.sh > @@ -0,0 +1,168 @@ > +#!/bin/sh > + > + > +# > +# 08/17/11 - Jim Czyzak - This script is based upon runEALtests.sh script. > +# It has been modified to use the command file > +# cc_commands and only include arguments that might > +# be useful for the common criteria testing against > +# the ospp in conjunction with the audit-test suite. > +# Also includes code to turn off screen in > +# /etc/profile for the test run as screen interferes > +# with the su tests (screen is turned on in the > +# in some evaluated configurations for purposes of > +# securing display devices) > + > +cd `dirname $0` > +export LTPROOT=${PWD} > +export TMPBASE="/tmp" > +export TMP="${TMPBASE}/runalltests-$$" > +export PATH="${PATH}:${LTPROOT}/../testcases/bin" > +cmdfile="${LTPROOT}/../runtest/cc_commands" > +pretty_prt=" " > +alt_dir=0 > +quiet_mode=" " > + > +usage() > +{ > + cat <<-END >&2 > + usage: ./${0##*/} -c [-d tmpdir] [-f cmdfile ] [ -l logfile ] > + -q [ -r ltproot ] [ -t duration ] [ -x instances ] > + > + -c Run LTP under additional background CPU load. > + -d tmpdir Directory where temporary files will be created. > + -f cmdfile Execute user defined list of testcases. > + -h Help. Prints all available options. > + -l logfile Log results of test in a logfile. > + -p Human readable format logfiles. > + -q Print less verbose output to screen. > + -r ltproot Fully qualified path where testsuite is installed. > + -t duration Execute the testsuite for given duration in hours. > + -x instances Run multiple instances of this testsuite. > + > + example: ./${0##*/} -i 1024 -m 128 -p -q -l /tmp/resultlog.$$ -d ${PWD} > + END > +exit > +} > + > +mkdir -p ${TMP} > + > +cd ${TMP} > +if [ $? -ne 0 ]; then > + echo "could not cd ${TMP} ... exiting" > + exit > +fi > + > +while getopts cd:f:h:l:pqr:t:x arg > +do case $arg in > + c) > + $LTPROOT/../testcases/bin/genload --cpu 1 2>&1 1>/dev/null & > + GenLoad=1 ;; > + > + d) # append $$ to TMP, as it is recursively > + # removed at end of script. > + TMPBASE=$OPTARG;; > + f) # Execute user defined set of testcases. > + cmdfile=$OPTARG;; > + > + h) usage;; > + > + l) > + if [ ${OPTARG:0:1} != "/" ] > + then > + if [ -d $LTPROOT/results ] > + then > + logfile="-l $LTPROOT/results/$OPTARG" > + else > + mkdir -p $LTPROOT/results > + if [ $? -ne 0 ] > + then > + echo "ERROR: failed to create $LTPROOT/results" > + exit 1 > + fi > + logfile="-l $LTPROOT/results/$OPTARG" > + fi > + alt_dir=1 > + else > + logfile="-l $OPTARG" > + fi ;; > + > + p) pretty_prt=" -p ";; > + > + q) quiet_mode=" -q ";; > + > + r) LTPROOT=$OPTARG;; > + > + t) # In case you want to specify the time > + # to run from the command line > + # (2m = two minutes, 2h = two hours, etc) > + duration="-t $OPTARG" ;; > + > + x) # number of ltp's to run > + instances="-x $OPTARG";; > + > + \?) usage;; > + esac > +done > + > +if [ -z $PASSWD ] > +then > + echo " " > + echo "ERROR:" > + echo "Please export enviroment variable PASSWD" > + echo "INFO: export PASSWD = 'root's password'" > + exit 1 > +fi > + > +if [ -n "$instances" ]; then > + instances="$instances -O ${TMP}" > +fi > + > + > +# If user does not provide a command file select a default set of testcases > +# to execute. > +if [ -z $cmdfile ] > +then > + cat ${LTPROOT}/../runtest/admin_tools > ${TMP}/alltests > +else > + cat $cmdfile > ${TMP}/alltests > +fi > + > +# The fsx-linux tests use the SCRATCHDEV environment variable as a location > +# that can be reformatted and run on. Set SCRATCHDEV if you want to run > +# these tests. As a safeguard, this is disabled. > +unset SCRATCHDEV > +if [ -n "$SCRATCHDEV" ]; then > + cat ${LTPROOT}/../runtest/fsx >> ${TMP}/alltests > +fi > + > +# turn off screen in /etc/profile > +tmpbkup=$(mktemp "/etc/profile.XXXXXX") || exit 1 > +cp -a /etc/profile $tmpbkup || exit 1 > +sed -i 's/\[ -w $(tty) \]/false/' /etc/profile > + > +# display versions of installed software > +${LTPROOT}/../ver_linux > + > +${LTPROOT}/../bin/ltp-pan $quiet_mode -e -S $instances $duration -a $$ -n $$ $pretty_prt -f ${TMP}/alltests $logfile > + > +if [ $? -eq 0 ]; then > + echo ltp-pan reported PASS > +else > + echo ltp-pan reported FAIL > +fi > + > +if [ $alt_dir -eq 1 ] > +then > + echo " " > + echo "###############################################################" > + echo " " > + echo " result log is in the $LTPROOT/results directory" > + echo " " > + echo "###############################################################" > + echo " " > +fi > +# restore /etc/profile > +mv -f $tmpbkup /etc/profile > + > +rm -rf ${TMP} > diff --git a/ltp/patch/ssh03 b/ltp/patch/ssh03 > new file mode 100755 > index 0000000..30caaba > --- /dev/null > +++ b/ltp/patch/ssh03 > @@ -0,0 +1,91 @@ > +#!/bin/sh > +#********************************************************************* > +# Copyright (c) International Business Machines Corp., 2000 > +# > +# This program is free software; you can redistribute it and/or modify > +# it under the terms of the GNU General Public License as published by > +# the Free Software Foundation; either version 2 of the License, or > +# (at your option) any later version. > +# > +# This program is distributed in the hope that it will be useful, > +# but WITHOUT ANY WARRANTY; without even the implied warranty of > +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See > +# the GNU General Public License for more details. > +# > +# You should have received a copy of the GNU General Public License > +# along with this program; if not, write to the Free Software > +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA > +# > +# FILE : ssh > +# > +# PURPOSE: Tests to see that ssh allows a valid username (non-root) > +# > +# SETUP: The program `/usr/bin/expect' MUST be installed. > +# > +# HISTORY: > +# 03/03 Jerone Young (je...@us...) > +# > + > +#----------------------------------------------------------------------- > +# FUNCTION: do_setup > +#----------------------------------------------------------------------- > + > +do_setup() > +{ > + export RHOST="localhost" > + export TEST_USER="ssh_usr3" > + export TEST_USER_PASSWD="eal" > + export TEST_USER_ENCRYPTED_PASSWD="42VmxaOByKwlA" > + export TEST_USER_HOMEDIR="/home/$TEST_USER" > + > + # erase user if he/she already exists, so we can have a clean env > + > + rm -Rf /home/$TEST_USER > + tst_setup > + > + exists expect ssh ssh03_s1 useradd userdel > + > + userdel $TEST_USER > + sleep 1 > + > + if ! useradd -m -p $TEST_USER_ENCRYPTED_PASSWD $TEST_USER; then > + end_testcase "Could not add test user $TEST_USER to system $RHOST." > + fi > + > + # create users home diretory (SLES 8 does not do this, even when specified > + # in adduser) > + USER_UID=$(id -u $TEST_USER) > + USER_GID=$(id -g $TEST_USER) > + if ! mkdir -p "$TEST_USER_HOMEDIR"; then > + end_testcase "Failed to create $TEST_USER_HOMEDIR" > + fi > + chown -R $USER_UID.$USER_GID "$TEST_USER_HOMEDIR" > + > + trap do_cleanup EXIT > + > +} > + > +#----------------------------------------------------------------------- > +# FUNCTION: do_cleanup > +#----------------------------------------------------------------------- > + > +do_cleanup() > +{ > + userdel $TEST_USER > + tst_cleanup > +} > + > +#----------------------------------------------------------------------- > +# FUNCTION: MAIN > +# > +# DESCRIPTION: Create Test User > +# Call upon script to make sure an invalid user can not have access > +# Cleanup Test User from system > +# Exit with exit code of script called upon > +#----------------------------------------------------------------------- > +. net_cmdlib.sh > + > +read_opts $* > +do_setup > +ssh03_s1 || end_testcase "Testcase failed" > +do_cleanup > diff --git a/ltp/patch/su01 b/ltp/patch/su01 > new file mode 100755 > index 0000000..0ca6b87 > --- /dev/null > +++ b/ltp/patch/su01 > @@ -0,0 +1,193 @@ > +#!/bin/sh > +#********************************************************************* > +# Copyright (c) International Business Machines Corp., 2003, 2004 > +# > +# This program is free software; you can redistribute it and/or modify > +# it under the terms of the GNU General Public License as published by > +# the Free Software Foundation; either version 2 of the License, or > +# (at your option) any later version. > +# > +# This program is distributed in the hope that it will be useful, > +# but WITHOUT ANY WARRANTY; without even the implied warranty of > +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See > +# the GNU General Public License for more details. > +# > +# You should have received a copy of the GNU General Public License > +# along with this program; if not, write to the Free Software > +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA > +# > +# FILE : su > +# > +# PURPOSE: Tests the basic functionality of `su`. > +# > +# SETUP: The program `/usr/bin/expect' MUST be installed. > +# > +# HISTORY: > +# 03/03 Dustin Kirkland (dki...@us...) > +# 03/03 Jerone Young (je...@us...) > +# 10/01/04 Kris Wilson Port to Red Hat > +# > +#********************************************************************* > + > +if [ -z ${TCbin} ] > +then > + export TCbin="/opt/ltp/testcases/bin" > +# $PWD > +fi > + > +export TEST_USER1="su_usr1" > + > +tvar=${MACHTYPE%-*} > +tvar=${tvar#*-} > + > +# need to export tvar for su01_s1 > +export tvar > +printf "Machine type is: $tvar\n\n" > + > +if [ "$tvar" = "redhat" -o "$tvar" = "redhat-linux" ] > +# Need to also set group for TEST_USER2 > +then > +export TEST_USER1_GROUP="wheel" > +export TEST_USER2_GROUP="wheel" > +else > +export TEST_USER1_GROUP="trusted" > +export TEST_USER2_GROUP="trusted" > +fi > +export TEST_USER1_PASSWD="eal" > +export TEST_USER1_ENCRYPTED_PASSWD="42VmxaOByKwlA" > +export TEST_USER1_NEW_PASSWD="a_very_good_and_long_password" > +export TEST_USER1_HOMEDIR="/home/$TEST_USER1" > + > +export TEST_USER2="su_usr2" > +# Group needs to be trusted for Red Hat. > +#export TEST_USER2_GROUP="trusted" > +export TEST_USER2_PASSWD="eal" > +export TEST_USER2_ENCRYPTED_PASSWD="42VmxaOByKwlA" > +export TEST_USER2_HOMEDIR="/home/$TEST_USER2" > + > +#This is for enviroment test > +export TEST_LINE="YOU_HAVE_THE_VARIABLE" > +export TEST_ENV_FILE="/tmp/TEST_ENV_FILE_ROOT" > +export TEST_ENV_FILE_USER="/tmp/TEST_ENV_FILE_USER" > +export TEST_ENV_FILE2="/tmp/TEST_ENV_FILE_ROOT2" > +#----------------------------------------------------------------------- > +# FUNCTION: do_setup > +#----------------------------------------------------------------------- > + > +do_setup(){ > + > +#REMOVE ANY TEMPOARY FILES THAT MAY STILL BE AROUND > +rm -f $TEST_ENV_FILE_USER > /dev/null 2>&1 > +rm -f $TEST_ENV_FILE2 > /dev/null 2>&1 > +rm -f $TEST_ENV_FILE > /dev/null 2>&1 > + > + > +#Create 1st test user > + #erase user if he may exist , so we can have a clean en > + rm -rf /home/$TEST_USER1 > + userdel $TEST_USER1 > + sleep 1 > + > + useradd -m -g users $TEST_USER1 > + if [ $? != 0 ] > + then { > + echo "Could not add test user $TEST_USER1." > + exit 1 > + } > + fi > + > + usermod -G users,$TEST_USER1_GROUP $TEST_USER1 > + > + #create users home directory (SLES 8 does not do this, even when specified in adduser) > +# Only do this if not RH; RH creates the directory. > + if [ "$tvar" != "redhat" -a "$tvar" != "redhat-linux" ] > + then { > + USER_UID=`id -u $TEST_USER1` > + USER_GID=`id -g $TEST_USER1` > + mkdir $TEST_USER1_HOMEDIR > + chown -R $USER_UID.$USER_GID $TEST_USER1_HOMEDIR > + } > + fi > + > + usermod -p $TEST_USER1_ENCRYPTED_PASSWD $TEST_USER1 > /dev/null 2>&1 > + if [ $? != 0 ] > + then { > + echo "Could not set password for test user $TEST_USER1" > + exit 1 > + } > + fi > + > +#Create 2nd test user > + #erase user if he may exist , so we can have a clean en > + rm -rf /home/$TEST_USER2 > + userdel $TEST_USER2 > + sleep 1 > + > + useradd -m -g users $TEST_USER2 > + > + if [ $? != 0 ] > + then { > + echo "Could not add test user $TEST_USER2." > + exit 1 > + } > + fi > + > + usermod -G users,$TEST_USER2_GROUP $TEST_USER2 > + > + #create users home diretory (SLES 8 does not do this, even when specified in adduser) > +# Only do this if not RH; RH creates the directory. > + if [ "$tvar" != "redhat" -a "$tvar" != "redhat-linux" ] > + then { > + USER_UID=`id -u $TEST_USER2` > + USER_GID=`id -g $TEST_USER2` > + mkdir $TEST_USER2_HOMEDIR > + chown -R $USER_UID.$USER_GID $TEST_USER2_HOMEDIR > + } > + fi > + > + usermod -p $TEST_USER2_ENCRYPTED_PASSWD $TEST_USER2 > /dev/null 2>&1 > + if [ $? != 0 ] > + then { > + echo "Could not set password for test user $TEST_USER2" > + exit 1 > + } > + fi > +} > + > + > +#----------------------------------------------------------------------- > +# FUNCTION: do_cleanup > +#----------------------------------------------------------------------- > + > +do_cleanup() { > + rm -rf /home/$TEST_USER1 > + rm -rf /home/$TEST_USER2 > + userdel $TEST_USER1 > + userdel $TEST_USER2 > + #REMOVE ANY TEMPOARY FILES THAT MAY STILL BE AROUND > + rm -f $TEST_ENV_FILE_USER > /dev/null 2>&1 > + rm -f $TEST_ENV_FILE2 > /dev/null 2>&1 > + rm -f $TEST_ENV_FILE > /dev/null 2>&1 > +} > + > +#----------------------------------------------------------------------- > +# FUNCTION: screenoff > +# > +# DESCRIPTION: save off /etc/profile and turn off screen > +# > +#----------------------------------------------------------------------- > +screenoff (){ > + tmpbkup=$(mktemp "/etc/profile.XXXXXX") || exit 1 > + cp -a /etc/profile $tmpbkup || exit 1 > + sed -i 's/\[ -w $(tty) \]/false/' /etc/profile > +} > +#----------------------------------------------------------------------- > +# FUNCTION: MAIN > +#----------------------------------------------------------------------- > +do_setup > +screenoff > +/bin/su $TEST_USER1 -c ${TCbin}/su01_s1 > +mv -f $tmpbkup /etc/profile > +EXIT_CODE=$? > +do_cleanup > +exit $EXIT_CODE > diff --git a/rules.mk b/rules.mk > new file mode 100644 > index 0000000..51b0d1c > --- /dev/null > +++ b/rules.mk > @@ -0,0 +1,330 @@ > +########################################################################## > +# Copyright (C) International Business Machines Corp., 2003 > +# (c) Copyright Hewlett-Packard Development Company, L.P., 2005 > +# > +# This program is free software: you can redistribute it and/or modify > +# it under the terms of version 2 the GNU General Public License as > +# published by the Free Software Foundation. > +# > +# This program is distributed in the hope that it will be useful, > +# but WITHOUT ANY WARRANTY; without even the implied warranty of > +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the > +# GNU General Public License for more details. > +# > +# You should have received a copy of the GNU General Public License > +# along with this program. If not, see <http://www.gnu.org/licenses/>. > +# > +# > +# > +# FILE : rules.mk > +# > +# PURPOSE: This rules file facilitates the compiling, linking and running > +# of the Linux Auditing System test suite. > +# > +# Rules are provided for dependency building, compiling, sub > +# directory traversal and running of the tests. > +# > +# > +# HISTORY: > +# 08/03 originated by Tom Lendacky (to...@us...) > +# > +########################################################################## > + > +SHELL := /bin/bash > + > +MACHINE = $(strip $(shell uname -m)) > +X = i486 i586 i686 ix86 > +P = ppc powerpc > +IP = ppc64 powerpc64 > +Z = s390 > +Z64 = s390x > +X86_64 = x86_64 > +IA = ia64 > +SYSTEMINFO = systeminfo.run.log > +CFLAGS += -g -O2 -Wall -Werror -D_GNU_SOURCE -fno-strict-aliasing > +LDFLAGS += > + > +LINK_AR = $(AR) rc $@ $^ > +LINK_EXE = $(CC) $(LDFLAGS) -o $@ $^ $(LOADLIBES) $(LDLIBS) > +LINK_SO = $(CC) $(LDFLAGS) -shared -o $@ $^ $(LOADLIBES) $(LDLIBS) > + > +# If MODE isn't set explicitly, the default for the machine is used > +export NATIVE = $(strip $(shell file /bin/bash | awk -F'[ -]' '{print $$3}')) > +export MODE ?= $(NATIVE) > +ifneq ($(MODE), $(NATIVE)) > + ifeq ($(MODE), 32) > + ifneq (,$(findstring $(MACHINE), $(Z64))) > + CFLAGS += -m31 > + LDFLAGS += -m31 > + else > + ifneq (,$(findstring $(MACHINE), $(X86_64))) > + CFLAGS += -m32 -malign-double > + LDFLAGS += -m32 > + else > + CFLAGS += -m32 > + LDFLAGS += -m32 > + endif > + endif > + endif > + ifeq ($(MODE), 64) > + CFLAGS += -m64 > + LDFLAGS += -m64 > + endif > +endif > +RELEASE = $(wildcard /etc/*-release) > +ifeq (SuSE, $(findstring SuSE, $(RELEASE))) > +CFLAGS +=-DSUSE > +export DISTRO=SUSE > +endif > +ifeq (fedora, $(findstring fedora, $(RELEASE))) > +CFLAGS +=-DFEDORA > +export DISTRO=FEDORA > +else ifeq (redhat, $(findstring redhat, $(RELEASE))) > +CFLAGS +=-DRHEL > +export DISTRO=RHEL > +endif > + > +########################################################################## > +# Common rules > +########################################################################## > + > +.PHONY: all run \ > + clean clobber distclean _clean _clobber _distclean \ > + msgque rmlogs showrpms showrpms2 > + > +all: deps subdirs $(ALL_AR) $(ALL_EXE) $(ALL_SO) > + > +run: > + > +# Re-used in toplevel Makefile > +check_set_PPROFILE = \ > + if [[ ! -x /usr/sbin/getenforce ]]; then \ > + export PPROFILE=capp ; \ > + elif [[ $$PPROFILE != capp && $$PPROFILE != lspp ]]; then \ > + export PPROFILE=capp ; \ > + if [[ "$$(getenforce)" == "Enforcing" ]] && \ > + (/usr/sbin/sestatus | grep -q mls); then \ > + if [[ "$$(secon -r)" != "lspp_test_r" ]]; then \ > + echo "SELinux MLS policy is enabled but you are not in lspp_test_r" ; \ > + exit 1; \ > + else \ > + export PPROFILE=lspp ; \ > + fi \ > + fi \ > + fi > + > +check_set_PASSWD = \ > + while [[ -z $$PASSWD ]]; do \ > + trap 'stty echo; exit' 1 2; \ > + read -sp "Login user password: " PASSWD; echo; export PASSWD; \ > + trap - 1 2; \ > + done > + > +ifeq (, $(findstring network, $(RUN_DIRS))) > +check_set_LBLNET_SVR_IPV4 = true > +else > +check_set_LBLNET_SVR_IPV4 = \ > + while [[ -z $$LBLNET_SVR_IPV4 ]]; do \ > + trap 'stty echo; exit' 1 2; \ > + read -p "Remote test server IPv4 address: " LBLNET_SVR_IPV4; \ > + echo; export LBLNET_SVR_IPV4; \ > + trap - 1 2; \ > + done > +endif > + > +ifeq (, $(findstring network, $(RUN_DIRS))) > +check_set_LBLNET_SVR_IPV6 = true > +else > +check_set_LBLNET_SVR_IPV6 = \ > + while [[ -z $$LBLNET_SVR_IPV6 ]]; do \ > + trap 'stty echo; exit' 1 2; \ > + read -p "Remote test server IPv6 address: " LBLNET_SVR_IPV6; \ > + echo; export LBLNET_SVR_IPV6; \ > + trap - 1 2; \ > + done > +endif > + > +check_TTY = \ > + if [[ -f /etc/selinux/mls/contexts/securetty_types ]]; then \ > + tty=`/usr/bin/tty`; \ > + tty_type=`ls -lZ $$tty | awk -F: '{print $$3}' | awk '{print $$1}'`; \ > + grep -q $$tty_type /etc/selinux/mls/contexts/securetty_types /dev/null && { \ > + echo -n "You are connected to the test machine through "; \ > + echo "a device ($$tty) that"; \ > + echo -n "will prevent one or more tests from functioning "; \ > + echo "as intended. Connect to"; \ > + echo -n "the machine remotely through a pty device, such "; \ > + echo "as logging in as the "; \ > + echo "test-user directly using ssh."; \ > + echo ; \ > + exit 1; \ > + } \ > + fi > + > +ifneq ($(if $(filter-out .,$(TOPDIR)),$(wildcard run.conf)),) > +all: run.bash > + > +run.bash: > + [[ -f run.bash ]] || ln -sfn $(TOPDIR)/utils/run.bash run.bash > + > +run: all > + @$(check_set_PPROFILE); \ > + $(check_set_PASSWD); \ > + ./run.bash > +endif > + > +_clean: > + @if [[ "$(MAKECMDGOALS)" == clean ]]; then \ > + for x in $(SUB_DIRS); do \ > + make -C $$x clean; \ > + done; \ > + fi > + $(RM) -r .deps > + $(RM) $(ALL_OBJ) > + $(RM) $(ALL_EXE) $(ALL_AR) $(ALL_SO) > + > +clean: _clean > + > +_distclean: clean > + @if [[ "$(MAKECMDGOALS)" == distclean ]]; then \ > + for x in $(SUB_DIRS); do \ > + make -C $$x distclean; \ > + done; \ > + fi > + $(RM) run.log > + if [[ -L run.bash ]]; then $(RM) run.bash; fi > + > +distclean: _distclean > + > +########################################################################## > +# RPM dependency checking > +########################################################################## > + > +# These are assumed to be the base requirements for all the tests. Requirements > +# can be refined in individual Makefiles by appending (+=) or overriding (=) > +# the RPMS variable. > +RPMS = binutils \ > + cpp \ > + expect \ > + flex \ > + gcc \ > + gcc-c++ \ > + glibc-devel \ > + libattr-devel \ > + libstdc++-devel \ > + libcap-devel \ > + make \ > + audit-libs-devel > +ifneq ($(findstring $(MACHINE),$(IP)),) > +RPMS += gcc-64bit > +endif > + > +# This can be augmented per directory to check things other than the default > +# list in "verify". (In fact some things should be moved from that list to the > +# appropriate directory) > +verifyme: subdirs > + > +verify: > + $(MAKE) verifyme > + @if ! mount | grep -q "^$$(df . | head -n2 | tail -n1 | cut -f1 -d\ ) .*(.*user_xattr"; then \ > + echo "please set 'user_xattr' for this filesystem'"; \ > + exit 1; \ > + fi > + @if ! mount | grep -q "^$$(df . | head -n2 | tail -n1 | cut -f1 -d\ ) .*(.*acl"; then \ > + echo "please set 'acl' for this filesystem'"; \ > + exit 1; \ > + fi > + @echo "-----------------------" > + @echo "Checking installed rpms" > + @echo "-----------------------" > + @if ! rpm -q $$($(MAKE) --no-print-directory showrpms); then \ > + echo "Please install the missing rpms"; \ > + exit 1; \ > + fi > + @echo "-----------------------" > + @echo "Looks good!" > + > +showrpms: > + @$(MAKE) --no-print-directory _showrpms | xargs -n1 echo | sort -u > + > +_showrpms: subdirs_quiet > + @echo "$(RPMS)" > + > +########################################################################## > +# Dependency rules > +########################################################################## > + > +DEP_FILES = $(addprefix .deps/, $(ALL_OBJ:.o=.d)) > + > +.PHONY: deps > + > +deps: $(DEP_FILES) > + > +# See http://www.gnu.org/software/make/manual/html_node/make_47.html#SEC51 > +# "4.14 Generating Prerequisites Automatically" > +.deps/%.d: %.c > + @mkdir -p .deps > + @echo Creating dependencies for $< > + @$(SHELL) -ec '$(CC) $(CFLAGS) $(CPPFLAGS) -MM $< \ > + | sed '\''s@\($*\)\.o[ :]*@\1.o $@: @g'\'' > $@; \ > + [ -s $@ ] || $(RM) $@' > + > +ifneq ($(DEP_FILES),) > +-include $(DEP_FILES) > +endif > + > +# How to build missing things like libraries > +../%: > + $(MAKE) -C $(dir $@) $(notdir $@) > + > +########################################################################## > +# Sub-directory processing rules > +########################################################################## > + > +.PHONY: subdirs subdirs_quiet > + > +subdirs: > + @for x in $(SUB_DIRS); do \ > + $(MAKE) -C $$x $(MAKECMDGOALS) || exit $$?; \ > + done > + > +subdirs_quiet: > + @for x in $(SUB_DIRS); do \ > + $(MAKE) --no-print-directory -C $$x $(MAKECMDGOALS) || exit $$?; \ > + done > + > +########################################################################## > +# Command framework execution rules > +########################################################################## > + > +systeminfo:: > + echo "==> date <==" > $(SYSTEMINFO) > + date >> $(SYSTEMINFO) > + echo "" >> $(SYSTEMINFO) > + echo "==> uname -a <==" >> $(SYSTEMINFO) > + uname -a >> $(SYSTEMINFO) > + echo "" >> $(SYSTEMINFO) > + echo "==> uptime <==" >> $(SYSTEMINFO) > + uptime >> $(SYSTEMINFO) > + echo "" >> $(SYSTEMINFO) > + echo "==> cat /proc/cpuinfo <==" >> $(SYSTEMINFO) > + cat /proc/cpuinfo >> $(SYSTEMINFO) > + echo "" >> $(SYSTEMINFO) > + echo "==> rpm -qai <==" >> $(SYSTEMINFO) > + rpm -qai >> $(SYSTEMINFO) > + > +ifneq ($(DEBUG),) > +DEBUG_ARG = -d $(DEBUG) > +endif > + > +ifneq ($(TEST_USER),) > +USER_ARG = -u $(TEST_USER) > +endif > + > +ifneq ($(LOGIN_USER),) > +LOGIN_ARG = -l $(LOGIN_USER) > +endif > + > +ifneq ($(TEST),) > +TEST_ARG = -t $(TEST) > +endif - -- Miroslav Vadkerti :: QA Engineer / RHCE :: BaseOS QE - Security IRC mvadkert at #qe #urt #rpmdiff :: GnuPG ID 0x25881087 at pgp.mit.edu Phone +420 532 294 129 :: CZ +420 775 039 842 :: SK +421 904 135 440 Red Hat s.r.o, Purky?ova 99/71, 612 45, Brno, Czech Republic -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJO1PJhAAoJEBliWhMliBCHGMgH+gMYLBNaSn40K4QnKPy9ey5O L7vaxgJbe4Am2i89r4eW4kM+AytmGyFBkEQOyJ2gaWiAmdASxE4HqrG85FrEX5g0 kTmoO3lbTIMDaXZJKDk9r2hch43Wa7ruqyJRpJB0LipDXuTBedxM2Uhi31nAb5ly 334Gpkqiq7bj6Z6ZWkBAmRNYygFfNsGqmIuqpDnHfRw+ODoi9BIBitLDW2w6nyZq poDx2EZznj8+zTW2MU7CzlkcsaWlnXpzqxFgCS9ZazbTZwFsVitPhpYZ10tlJj1I m+4E+DhLmbtjYLX7nB7bwanMBFE4oQInG0vMpz2UpQXgYpClacFFcKSiyjNEf1g= =ZTmA -----END PGP SIGNATURE----- |