Re: [Audit-test-developer] [PATCH 1/1] Adding topmost Makefile and moving ltp back to audit level.

[Miroslav V. <mva...@re...>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Thanks for the patch Ondrej, it is now upstream.

On 11/29/2011 01:47 PM, om...@re... wrote:
> From: Ondrej Moris <om...@re...>
>
> * now upstream audit-test contains audit and ltp at the same level,
> * ltp Makefile now contains dist target similar to the one in audit
> * a new Makefile was created in audit-test with the following targets:
>
> + dist = call dist in audit and ltp, extract tarballs and tar.gz them
> together with Makefile and rules.mk (i.e. create the archive with
> Makefile, rules.mk, audit-test and ltp). One is supposed to
> extract this tarball in /usr/local/eal4_testing/.
> + run = call run and report targets in audit-test and ltp
> + summary = harvest all rollup (or run if rollup is not available) logs
into
> final test suite run.log
> + report = call summary and systeminfo targets and tar.gz all possible logs
> stored withing test suite (together with overall run.log and
> systeminfo log).
>
> You may still use dist target in audit and ltp directories if you want to
> work with those parts separately.
>
> Signed-off-by: Ondrej Moris <om...@re...>
> ---
> Makefile | 90 ++++++++++++
> audit/Makefile | 3 +-
> audit/README.ltp | 24 ---
> audit/audit-test.spec | 2 +-
> audit/ltp/Makefile | 103 --------------
> audit/ltp/patch/cc_commands | 5 -
> audit/ltp/patch/cc_ospp.sh | 168 ----------------------
> audit/ltp/patch/ssh03 | 91 ------------
> audit/ltp/patch/su01 | 193 -------------------------
> ltp/Makefile | 119 ++++++++++++++++
> ltp/README.ltp | 24 +++
> ltp/patch/cc_commands | 5 +
> ltp/patch/cc_ospp.sh | 168 ++++++++++++++++++++++
> ltp/patch/ssh03 | 91 ++++++++++++
> ltp/patch/su01 | 193 +++++++++++++++++++++++++
> rules.mk | 330 +++++++++++++++++++++++++++++++++++++++++++
> 16 files changed, 1022 insertions(+), 587 deletions(-)
> create mode 100644 Makefile
> delete mode 100644 audit/README.ltp
> delete mode 100644 audit/ltp/Makefile
> delete mode 100644 audit/ltp/patch/cc_commands
> delete mode 100755 audit/ltp/patch/cc_ospp.sh
> delete mode 100755 audit/ltp/patch/ssh03
> delete mode 100755 audit/ltp/patch/su01
> create mode 100644 ltp/Makefile
> create mode 100644 ltp/README.ltp
> create mode 100644 ltp/patch/cc_commands
> create mode 100755 ltp/patch/cc_ospp.sh
> create mode 100755 ltp/patch/ssh03
> create mode 100755 ltp/patch/su01
> create mode 100644 rules.mk
>
> diff --git a/Makefile b/Makefile
> new file mode 100644
> index 0000000..a500814
> --- /dev/null
> +++ b/Makefile
> @@ -0,0 +1,90 @@
> +##########################################################################
> +# Copyright (C) International Business Machines Corp., 2003
> +#
> +# This program is free software; you can redistribute it and/or modify
> +# it under the terms of the GNU General Public License as published by
> +# the Free Software Foundation; either version 2 of the License, or
> +# (at your option) any later version.
> +#
> +# This program is distributed in the hope that it will be useful,
> +# but WITHOUT ANY WARRANTY; without even the implied warranty of
> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
> +# the GNU General Public License for more details.
> +#
> +# You should have received a copy of the GNU General Public License
> +# along with this program; if not, write to the Free Software
> +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
> +#
> +#
> +#
> +# FILE : Makefile
> +#
> +# PURPOSE: This makefile facilitates the compiling and linking of the
> +# entire test suite.
> +#
> +# HISTORY:
> +# 11/03 originated by Dustin Kirkland (k1r...@us...)
> +# 08/04 updated by Dustin Kirkland (k1r...@us...)
> +# 04/07 updated by Lisa Smith (lis...@hp...)
> +# 11/11 updated by Ondrej Moris (om...@re...)
> +#
> +##########################################################################
> +
> +TOPDIR = .
> +
> +include $(TOPDIR)/rules.mk
> +
> +DIRS = audit ltp
> +
> +SUB_DIRS = audit-test ltp
> +
> +LOG = run.log
> +
> +run:
> + for DIR in $(SUB_DIRS); do \
> + make -C $$DIR run; \
> + done
> + make report
> +
> +.PHONE: report
> +report: systeminfo summary
> + @tarball="logs-$$(date +'%m%d%Y_%H%M').tar.gz"; \
> + tar zcvf logs-$$(date +"%m%d%Y_%H%M").tar.gz $$(find . -name "*.log"); \
> + ls -l $$tarball
> +
> +.PHONY: summary
> +summary:
> + @echo "Test Report Summary ($$(date))" > $(LOG)
> + @echo "" >> $(LOG)
> + @for dir_iter in $(SUB_DIRS); do \
> + if ls $$dir_iter/*rollup.log > /dev/null 2>&1; then \
> + log_iter=$$(ls $$dir_iter/*rollup.log); \
> + elif ls $$dir_iter/run.log > /dev/null 2>&1; then \
> + log_iter=$$(ls $$dir_iter/run.log); \
> + else \
> + continue; \
> + fi; \
> + echo " looking at report: $$log_iter"; \
> + echo "####### Log File: $$log_iter" >> $(LOG); \
> + cat $$log_iter >> $(LOG); \
> + echo "####### Log End" >> $(LOG); \
> + echo "" >> $(LOG); \
> + done
> +
> +.PHONY: dist
> +dist:
> + rev=$$(git log | head -n 1| awk '/^commit/{print $$2}' | cut -b 1-6 )
&& \
> + tmpdir=$$(mktemp -d) && \
> + into=$${PWD%/*} && \
> + for DIR in $(DIRS); do make -C "$$DIR" dist; done && \
> + mv "ltp-$$rev.tar.gz" "audit-test-$$rev.tar.gz" "$$tmpdir" && \
> + cp "Makefile" "rules.mk" "$$tmpdir" && \
> + cd "$$tmpdir" && \
> + tar xzvf "ltp-$$rev.tar.gz" && \
> + tar xzvf "audit-test-$$rev.tar.gz" && \
> + tar czf "$$into/audit-$$rev.tar.gz" "Makefile" "rules.mk" "ltp"
"audit-test" && \
> + echo "$$into" && \
> + cd "$$into" && \
> + rm -rf "$$tmpdir" && \
> + echo && \
> + ls -l audit-$$rev.tar.gz
> diff --git a/audit/Makefile b/audit/Makefile
> index 693fdb9..4825cc5 100644
> --- a/audit/Makefile
> +++ b/audit/Makefile
> @@ -36,8 +36,7 @@ RUN_DIRS += trustedprograms \
> kvm-cgroups \
> kvm-iommu \
> audit-remote \
> - misc \
> - ltp
> + misc
> endif
> endif
>
> diff --git a/audit/README.ltp b/audit/README.ltp
> deleted file mode 100644
> index 62b87bb..0000000
> --- a/audit/README.ltp
> +++ /dev/null
> @@ -1,24 +0,0 @@
> -| Running LTP tests for RHEL6.2 certification
> -+---------------------------------------------
> -
> -Requirements
> -------------
> -Be sure to have properly configured system according to README.run
> -file.
> -
> -Running
> --------
> -Running required LTP tests is fully automatized and they are run as
> -part of the audit-test test suite.
> -
> -The LTP suite is built and installed during the make phase. The tests
> -are executed during the make run phase.
> -
> -Logs from the runs are harvested and will be available in the
> -audit.run.log and audit.rollup.log files.
> -
> -To run only the LTP tests use the commands below. These expect you
> -already did run make in the audit-test root directory
> -
> -# cd ltp
> -# make run
> diff --git a/audit/audit-test.spec b/audit/audit-test.spec
> index c83ac98..c469312 100644
> --- a/audit/audit-test.spec
> +++ b/audit/audit-test.spec
> @@ -1,5 +1,5 @@
> Name: audit-test
> -Version: 4b7984
> +Version: 5e00ff
> Release: 1
> Summary: Audit testsuite for RHEL5 CAPP/LSPP evaluation
> Vendor: Hewlett-Packard
> diff --git a/audit/ltp/Makefile b/audit/ltp/Makefile
> deleted file mode 100644
> index d055d0e..0000000
> --- a/audit/ltp/Makefile
> +++ /dev/null
> @@ -1,103 +0,0 @@
> -##########################################################################
> -# Copyright (c) 2011 Red Hat, Inc. All rights reserved.
> -#
> -# This program is free software: you can redistribute it and/or modify
> -# it under the terms of version 2 the GNU General Public License as
> -# published by the Free Software Foundation.
> -#
> -# This program is distributed in the hope that it will be useful,
> -# but WITHOUT ANY WARRANTY; without even the implied warranty of
> -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
> -# GNU General Public License for more details.
> -#
> -# You should have received a copy of the GNU General Public License
> -# along with this program. If not, see <http://www.gnu.org/licenses/>.
> -#
> -#
> -#
> -# FILE : Makefile
> -#
> -# PURPOSE: Downloads and runs syscalls and cc_ospp tests from LTP suite
> -#
> -# REQUIRENTS: Exported RHOST and PASSWD env variables
> -#
> -# HISTORY:
> -# 11/11 originated by Miroslav Vadkerti <mva...@re...>
> -#
> -##########################################################################
> -
> -RUN_LOG = run.log
> -ROLLUP_LOG = rollup.log
> -
> -LTP_BASE = ltp-full
> -LTP_BASE_PATH = $(CURDIR)/$(LTP_BASE)
> -PATCH_DIR = $(CURDIR)/patch
> -MDIR = $(CURDIR)
> -
> -LTP_ROLLUP_LOG = .rollup.log
> -LTP_RUN_LOG = .run.log
> -
> -LTP_FULL = ltp-full.tar.bz2
> -
> -all:: download extract patch build
> -
> -run:: runtests report
> -
> -build::
> - echo "Makefile: build"
> - export TOP_SRCDIR=$(LTP_BASE_PATH)
> - @$(MAKE) -C $(LTP_BASE_PATH) autotools
> - cd $(LTP_BASE_PATH) && ./configure && cd -
> - @$(MAKE) -C $(LTP_BASE_PATH) all
> - @$(MAKE) -C $(LTP_BASE_PATH) install
> -
> -extract::
> - echo "Makefile: extract"
> - tar xvf $(LTP_FULL)
> - mv -f ltp-full-* $(LTP_BASE)
> -
> -patch::
> - echo "Makefile: patch"
> - cp -fv $(PATCH_DIR)/cc_commands $(LTP_BASE_PATH)/runtest/cc_commands
> - cp -fv $(PATCH_DIR)/cc_ospp.sh $(LTP_BASE_PATH)/testscripts/cc_ospp.sh
> - cp -fv $(PATCH_DIR)/ssh03
$(LTP_BASE_PATH)/testcases/network/tcp_cmds/ssh/ssh03
> - cp -fv $(PATCH_DIR)/su01 $(LTP_BASE_PATH)/testcases/commands/su/su01
> -
> -clean::
> - echo "Makefile: clean"
> - # remove installed ltp
> - rm -rf /opt/ltp
> - # remove all logs, downloaded and created files/dirs
> - rm -f cc_ospp$(LTP_ROLLUP_LOG) cc_ospp$(LTP_RUN_LOG)
> - rm -f syscalls$(LTP_ROLLUP_LOG) syscalls$(LTP_RUN_LOG)
> - rm -f $(LTP_FULL) $(RUN_LOG) $(ROLLUP_LOG)
> - rm -rf $(LTP_BASE)
> -
> -download::
> - echo "Makefile: download"
> - # download latest LTP source
> - wget -O $(LTP_FULL)
http://sourceforge.net/projects/ltp/files/latest/download
> -
> -runtests::
> - echo "Makefile: runtests"
> - # needed for sendfile tests
> - setsebool allow_execmem=on
> - # run tests
> - echo "Running syscalls tests"
> - /opt/ltp/testscripts/syscalls.sh -p -l
$(MDIR)/syscalls$(LTP_ROLLUP_LOG) 2>&1 | tee syscalls$(LTP_RUN_LOG)
> - echo "Running cc_ospp tests"
> - /opt/ltp/testscripts/cc_ospp.sh -p -l
$(MDIR)/cc_ospp$(LTP_ROLLUP_LOG) 2>&1 | tee cc_ospp$(LTP_RUN_LOG)
> -
> -report::
> - echo "Makefile: report"
> - # create rollup.log
> - echo "TESTS PASSED = "$$(grep PASS cc_ospp$(LTP_ROLLUP_LOG)
syscalls$(LTP_ROLLUP_LOG) 2>&1 | wc -l) > $(ROLLUP_LOG)
> - echo " FAILED =" $$(grep FAIL cc_ospp$(LTP_ROLLUP_LOG)
syscalls$(LTP_ROLLUP_LOG) 2>&1 | wc -l) >> $(ROLLUP_LOG)
> - echo >> $(ROLLUP_LOG)
> - if [ "x$$(grep FAIL cc_ospp$(LTP_ROLLUP_LOG)
syscalls$(LTP_ROLLUP_LOG) 2>&1 | wc -l)" != "x0" ]; then \
> - echo "Failed tests:" >> $(ROLLUP_LOG); \
> - echo "-------------" >> $(ROLLUP_LOG); \
> - grep -H "\WFAIL\W" cc_ospp$(LTP_ROLLUP_LOG) syscalls$(LTP_ROLLUP_LOG)
>> $(ROLLUP_LOG); \
> - fi
> - # create run.log
> - cat cc_ospp$(LTP_RUN_LOG) syscalls$(LTP_RUN_LOG) > $(RUN_LOG)
> diff --git a/audit/ltp/patch/cc_commands b/audit/ltp/patch/cc_commands
> deleted file mode 100644
> index 2ba85c7..0000000
> --- a/audit/ltp/patch/cc_commands
> +++ /dev/null
> @@ -1,5 +0,0 @@
> -ping export LTPROOT; ping01
> -ssh01 ssh01
> -ssh02 ssh02
> -ssh03 ssh03
> -su01 export TCbin=$LTPROOT/../testcases/bin;su01
> diff --git a/audit/ltp/patch/cc_ospp.sh b/audit/ltp/patch/cc_ospp.sh
> deleted file mode 100755
> index c3c0738..0000000
> --- a/audit/ltp/patch/cc_ospp.sh
> +++ /dev/null
> @@ -1,168 +0,0 @@
> -#!/bin/sh
> -
> -
> -#
> -# 08/17/11 - Jim Czyzak - This script is based upon runEALtests.sh script.
> -# It has been modified to use the command file
> -# cc_commands and only include arguments that might
> -# be useful for the common criteria testing against
> -# the ospp in conjunction with the audit-test suite.
> -# Also includes code to turn off screen in
> -# /etc/profile for the test run as screen interferes
> -# with the su tests (screen is turned on in the
> -# in some evaluated configurations for purposes of
> -# securing display devices)
> -
> -cd `dirname $0`
> -export LTPROOT=${PWD}
> -export TMPBASE="/tmp"
> -export TMP="${TMPBASE}/runalltests-$$"
> -export PATH="${PATH}:${LTPROOT}/../testcases/bin"
> -cmdfile="${LTPROOT}/../runtest/cc_commands"
> -pretty_prt=" "
> -alt_dir=0
> -quiet_mode=" "
> -
> -usage()
> -{
> - cat <<-END >&2
> - usage: ./${0##*/} -c [-d tmpdir] [-f cmdfile ] [ -l logfile ]
> - -q [ -r ltproot ] [ -t duration ] [ -x instances ]
> -
> - -c Run LTP under additional background CPU load.
> - -d tmpdir Directory where temporary files will be created.
> - -f cmdfile Execute user defined list of testcases.
> - -h Help. Prints all available options.
> - -l logfile Log results of test in a logfile.
> - -p Human readable format logfiles.
> - -q Print less verbose output to screen.
> - -r ltproot Fully qualified path where testsuite is installed.
> - -t duration Execute the testsuite for given duration in hours.
> - -x instances Run multiple instances of this testsuite.
> -
> - example: ./${0##*/} -i 1024 -m 128 -p -q -l /tmp/resultlog.$$ -d ${PWD}
> - END
> -exit
> -}
> -
> -mkdir -p ${TMP}
> -
> -cd ${TMP}
> -if [ $? -ne 0 ]; then
> - echo "could not cd ${TMP} ... exiting"
> - exit
> -fi
> -
> -while getopts cd:f:h:l:pqr:t:x arg
> -do case $arg in
> - c)
> - $LTPROOT/../testcases/bin/genload --cpu 1 2>&1 1>/dev/null &
> - GenLoad=1 ;;
> -
> - d) # append $$ to TMP, as it is recursively
> - # removed at end of script.
> - TMPBASE=$OPTARG;;
> - f) # Execute user defined set of testcases.
> - cmdfile=$OPTARG;;
> -
> - h) usage;;
> -
> - l)
> - if [ ${OPTARG:0:1} != "/" ]
> - then
> - if [ -d $LTPROOT/results ]
> - then
> - logfile="-l $LTPROOT/results/$OPTARG"
> - else
> - mkdir -p $LTPROOT/results
> - if [ $? -ne 0 ]
> - then
> - echo "ERROR: failed to create $LTPROOT/results"
> - exit 1
> - fi
> - logfile="-l $LTPROOT/results/$OPTARG"
> - fi
> - alt_dir=1
> - else
> - logfile="-l $OPTARG"
> - fi ;;
> -
> - p) pretty_prt=" -p ";;
> -
> - q) quiet_mode=" -q ";;
> -
> - r) LTPROOT=$OPTARG;;
> -
> - t) # In case you want to specify the time
> - # to run from the command line
> - # (2m = two minutes, 2h = two hours, etc)
> - duration="-t $OPTARG" ;;
> -
> - x) # number of ltp's to run
> - instances="-x $OPTARG";;
> -
> - \?) usage;;
> - esac
> -done
> -
> -if [ -z $PASSWD ]
> -then
> - echo " "
> - echo "ERROR:"
> - echo "Please export enviroment variable PASSWD"
> - echo "INFO: export PASSWD = 'root's password'"
> - exit 1
> -fi
> -
> -if [ -n "$instances" ]; then
> - instances="$instances -O ${TMP}"
> -fi
> -
> -
> -# If user does not provide a command file select a default set of
testcases
> -# to execute.
> -if [ -z $cmdfile ]
> -then
> - cat ${LTPROOT}/../runtest/admin_tools > ${TMP}/alltests
> -else
> - cat $cmdfile > ${TMP}/alltests
> -fi
> -
> -# The fsx-linux tests use the SCRATCHDEV environment variable as a
location
> -# that can be reformatted and run on. Set SCRATCHDEV if you want to run
> -# these tests. As a safeguard, this is disabled.
> -unset SCRATCHDEV
> -if [ -n "$SCRATCHDEV" ]; then
> - cat ${LTPROOT}/../runtest/fsx >> ${TMP}/alltests
> -fi
> -
> -# turn off screen in /etc/profile
> -tmpbkup=$(mktemp "/etc/profile.XXXXXX") || exit 1
> -cp -a /etc/profile $tmpbkup || exit 1
> -sed -i 's/\[ -w $(tty) \]/false/' /etc/profile
> -
> -# display versions of installed software
> -${LTPROOT}/../ver_linux
> -
> -${LTPROOT}/../bin/ltp-pan $quiet_mode -e -S $instances $duration -a $$
-n $$ $pretty_prt -f ${TMP}/alltests $logfile
> -
> -if [ $? -eq 0 ]; then
> - echo ltp-pan reported PASS
> -else
> - echo ltp-pan reported FAIL
> -fi
> -
> -if [ $alt_dir -eq 1 ]
> -then
> - echo " "
> - echo "###############################################################"
> - echo " "
> - echo " result log is in the $LTPROOT/results directory"
> - echo " "
> - echo "###############################################################"
> - echo " "
> -fi
> -# restore /etc/profile
> -mv -f $tmpbkup /etc/profile
> -
> -rm -rf ${TMP}
> diff --git a/audit/ltp/patch/ssh03 b/audit/ltp/patch/ssh03
> deleted file mode 100755
> index 30caaba..0000000
> --- a/audit/ltp/patch/ssh03
> +++ /dev/null
> @@ -1,91 +0,0 @@
> -#!/bin/sh
> -#*********************************************************************
> -# Copyright (c) International Business Machines Corp., 2000
> -#
> -# This program is free software; you can redistribute it and/or modify
> -# it under the terms of the GNU General Public License as published by
> -# the Free Software Foundation; either version 2 of the License, or
> -# (at your option) any later version.
> -#
> -# This program is distributed in the hope that it will be useful,
> -# but WITHOUT ANY WARRANTY; without even the implied warranty of
> -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
> -# the GNU General Public License for more details.
> -#
> -# You should have received a copy of the GNU General Public License
> -# along with this program; if not, write to the Free Software
> -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
> -#
> -# FILE : ssh
> -#
> -# PURPOSE: Tests to see that ssh allows a valid username (non-root)
> -#
> -# SETUP: The program `/usr/bin/expect' MUST be installed.
> -#
> -# HISTORY:
> -# 03/03 Jerone Young (je...@us...)
> -#
> -
> -#-----------------------------------------------------------------------
> -# FUNCTION: do_setup
> -#-----------------------------------------------------------------------
> -
> -do_setup()
> -{
> - export RHOST="localhost"
> - export TEST_USER="ssh_usr3"
> - export TEST_USER_PASSWD="eal"
> - export TEST_USER_ENCRYPTED_PASSWD="42VmxaOByKwlA"
> - export TEST_USER_HOMEDIR="/home/$TEST_USER"
> -
> - # erase user if he/she already exists, so we can have a clean env
> -
> - rm -Rf /home/$TEST_USER
> - tst_setup
> -
> - exists expect ssh ssh03_s1 useradd userdel
> -
> - userdel $TEST_USER
> - sleep 1
> -
> - if ! useradd -m -p $TEST_USER_ENCRYPTED_PASSWD $TEST_USER; then
> - end_testcase "Could not add test user $TEST_USER to system $RHOST."
> - fi
> -
> - # create users home diretory (SLES 8 does not do this, even when
specified
> - # in adduser)
> - USER_UID=$(id -u $TEST_USER)
> - USER_GID=$(id -g $TEST_USER)
> - if ! mkdir -p "$TEST_USER_HOMEDIR"; then
> - end_testcase "Failed to create $TEST_USER_HOMEDIR"
> - fi
> - chown -R $USER_UID.$USER_GID "$TEST_USER_HOMEDIR"
> -
> - trap do_cleanup EXIT
> -
> -}
> -
> -#-----------------------------------------------------------------------
> -# FUNCTION: do_cleanup
> -#-----------------------------------------------------------------------
> -
> -do_cleanup()
> -{
> - userdel $TEST_USER
> - tst_cleanup
> -}
> -
> -#-----------------------------------------------------------------------
> -# FUNCTION: MAIN
> -#
> -# DESCRIPTION: Create Test User
> -# Call upon script to make sure an invalid user can not have access
> -# Cleanup Test User from system
> -# Exit with exit code of script called upon
> -#-----------------------------------------------------------------------
> -. net_cmdlib.sh
> -
> -read_opts $*
> -do_setup
> -ssh03_s1 || end_testcase "Testcase failed"
> -do_cleanup
> diff --git a/audit/ltp/patch/su01 b/audit/ltp/patch/su01
> deleted file mode 100755
> index 0ca6b87..0000000
> --- a/audit/ltp/patch/su01
> +++ /dev/null
> @@ -1,193 +0,0 @@
> -#!/bin/sh
> -#*********************************************************************
> -# Copyright (c) International Business Machines Corp., 2003, 2004
> -#
> -# This program is free software; you can redistribute it and/or modify
> -# it under the terms of the GNU General Public License as published by
> -# the Free Software Foundation; either version 2 of the License, or
> -# (at your option) any later version.
> -#
> -# This program is distributed in the hope that it will be useful,
> -# but WITHOUT ANY WARRANTY; without even the implied warranty of
> -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
> -# the GNU General Public License for more details.
> -#
> -# You should have received a copy of the GNU General Public License
> -# along with this program; if not, write to the Free Software
> -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
> -#
> -# FILE : su
> -#
> -# PURPOSE: Tests the basic functionality of `su`.
> -#
> -# SETUP: The program `/usr/bin/expect' MUST be installed.
> -#
> -# HISTORY:
> -# 03/03 Dustin Kirkland (dki...@us...)
> -# 03/03 Jerone Young (je...@us...)
> -# 10/01/04 Kris Wilson Port to Red Hat
> -#
> -#*********************************************************************
> -
> -if [ -z ${TCbin} ]
> -then
> - export TCbin="/opt/ltp/testcases/bin"
> -# $PWD
> -fi
> -
> -export TEST_USER1="su_usr1"
> -
> -tvar=${MACHTYPE%-*}
> -tvar=${tvar#*-}
> -
> -# need to export tvar for su01_s1
> -export tvar
> -printf "Machine type is: $tvar\n\n"
> -
> -if [ "$tvar" = "redhat" -o "$tvar" = "redhat-linux" ]
> -# Need to also set group for TEST_USER2
> -then
> -export TEST_USER1_GROUP="wheel"
> -export TEST_USER2_GROUP="wheel"
> -else
> -export TEST_USER1_GROUP="trusted"
> -export TEST_USER2_GROUP="trusted"
> -fi
> -export TEST_USER1_PASSWD="eal"
> -export TEST_USER1_ENCRYPTED_PASSWD="42VmxaOByKwlA"
> -export TEST_USER1_NEW_PASSWD="a_very_good_and_long_password"
> -export TEST_USER1_HOMEDIR="/home/$TEST_USER1"
> -
> -export TEST_USER2="su_usr2"
> -# Group needs to be trusted for Red Hat.
> -#export TEST_USER2_GROUP="trusted"
> -export TEST_USER2_PASSWD="eal"
> -export TEST_USER2_ENCRYPTED_PASSWD="42VmxaOByKwlA"
> -export TEST_USER2_HOMEDIR="/home/$TEST_USER2"
> -
> -#This is for enviroment test
> -export TEST_LINE="YOU_HAVE_THE_VARIABLE"
> -export TEST_ENV_FILE="/tmp/TEST_ENV_FILE_ROOT"
> -export TEST_ENV_FILE_USER="/tmp/TEST_ENV_FILE_USER"
> -export TEST_ENV_FILE2="/tmp/TEST_ENV_FILE_ROOT2"
> -#-----------------------------------------------------------------------
> -# FUNCTION: do_setup
> -#-----------------------------------------------------------------------
> -
> -do_setup(){
> -
> -#REMOVE ANY TEMPOARY FILES THAT MAY STILL BE AROUND
> -rm -f $TEST_ENV_FILE_USER > /dev/null 2>&1
> -rm -f $TEST_ENV_FILE2 > /dev/null 2>&1
> -rm -f $TEST_ENV_FILE > /dev/null 2>&1
> -
> -
> -#Create 1st test user
> - #erase user if he may exist , so we can have a clean en
> - rm -rf /home/$TEST_USER1
> - userdel $TEST_USER1
> - sleep 1
> -
> - useradd -m -g users $TEST_USER1
> - if [ $? != 0 ]
> - then {
> - echo "Could not add test user $TEST_USER1."
> - exit 1
> - }
> - fi
> -
> - usermod -G users,$TEST_USER1_GROUP $TEST_USER1
> -
> - #create users home directory (SLES 8 does not do this, even when
specified in adduser)
> -# Only do this if not RH; RH creates the directory.
> - if [ "$tvar" != "redhat" -a "$tvar" != "redhat-linux" ]
> - then {
> - USER_UID=`id -u $TEST_USER1`
> - USER_GID=`id -g $TEST_USER1`
> - mkdir $TEST_USER1_HOMEDIR
> - chown -R $USER_UID.$USER_GID $TEST_USER1_HOMEDIR
> - }
> - fi
> -
> - usermod -p $TEST_USER1_ENCRYPTED_PASSWD $TEST_USER1 > /dev/null 2>&1
> - if [ $? != 0 ]
> - then {
> - echo "Could not set password for test user $TEST_USER1"
> - exit 1
> - }
> - fi
> -
> -#Create 2nd test user
> - #erase user if he may exist , so we can have a clean en
> - rm -rf /home/$TEST_USER2
> - userdel $TEST_USER2
> - sleep 1
> -
> - useradd -m -g users $TEST_USER2
> -
> - if [ $? != 0 ]
> - then {
> - echo "Could not add test user $TEST_USER2."
> - exit 1
> - }
> - fi
> -
> - usermod -G users,$TEST_USER2_GROUP $TEST_USER2
> -
> - #create users home diretory (SLES 8 does not do this, even when
specified in adduser)
> -# Only do this if not RH; RH creates the directory.
> - if [ "$tvar" != "redhat" -a "$tvar" != "redhat-linux" ]
> - then {
> - USER_UID=`id -u $TEST_USER2`
> - USER_GID=`id -g $TEST_USER2`
> - mkdir $TEST_USER2_HOMEDIR
> - chown -R $USER_UID.$USER_GID $TEST_USER2_HOMEDIR
> - }
> - fi
> -
> - usermod -p $TEST_USER2_ENCRYPTED_PASSWD $TEST_USER2 > /dev/null 2>&1
> - if [ $? != 0 ]
> - then {
> - echo "Could not set password for test user $TEST_USER2"
> - exit 1
> - }
> - fi
> -}
> -
> -
> -#-----------------------------------------------------------------------
> -# FUNCTION: do_cleanup
> -#-----------------------------------------------------------------------
> -
> -do_cleanup() {
> - rm -rf /home/$TEST_USER1
> - rm -rf /home/$TEST_USER2
> - userdel $TEST_USER1
> - userdel $TEST_USER2
> - #REMOVE ANY TEMPOARY FILES THAT MAY STILL BE AROUND
> - rm -f $TEST_ENV_FILE_USER > /dev/null 2>&1
> - rm -f $TEST_ENV_FILE2 > /dev/null 2>&1
> - rm -f $TEST_ENV_FILE > /dev/null 2>&1
> -}
> -
> -#-----------------------------------------------------------------------
> -# FUNCTION: screenoff
> -#
> -# DESCRIPTION: save off /etc/profile and turn off screen
> -#
> -#-----------------------------------------------------------------------
> -screenoff (){
> - tmpbkup=$(mktemp "/etc/profile.XXXXXX") || exit 1
> - cp -a /etc/profile $tmpbkup || exit 1
> - sed -i 's/\[ -w $(tty) \]/false/' /etc/profile
> -}
> -#-----------------------------------------------------------------------
> -# FUNCTION: MAIN
> -#-----------------------------------------------------------------------
> -do_setup
> -screenoff
> -/bin/su $TEST_USER1 -c ${TCbin}/su01_s1
> -mv -f $tmpbkup /etc/profile
> -EXIT_CODE=$?
> -do_cleanup
> -exit $EXIT_CODE
> diff --git a/ltp/Makefile b/ltp/Makefile
> new file mode 100644
> index 0000000..8ea7ee6
> --- /dev/null
> +++ b/ltp/Makefile
> @@ -0,0 +1,119 @@
> +##########################################################################
> +# Copyright (c) 2011 Red Hat, Inc. All rights reserved.
> +#
> +# This program is free software: you can redistribute it and/or modify
> +# it under the terms of version 2 the GNU General Public License as
> +# published by the Free Software Foundation.
> +#
> +# This program is distributed in the hope that it will be useful,
> +# but WITHOUT ANY WARRANTY; without even the implied warranty of
> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
> +# GNU General Public License for more details.
> +#
> +# You should have received a copy of the GNU General Public License
> +# along with this program. If not, see <http://www.gnu.org/licenses/>.
> +#
> +#
> +#
> +# FILE : Makefile
> +#
> +# PURPOSE: Downloads and runs syscalls and cc_ospp tests from LTP suite
> +#
> +# REQUIRENTS: Exported RHOST and PASSWD env variables
> +#
> +# HISTORY:
> +# 11/11 originated by Miroslav Vadkerti <mva...@re...>
> +#
> +##########################################################################
> +
> +RUN_LOG = run.log
> +ROLLUP_LOG = rollup.log
> +
> +LTP_BASE = ltp-full
> +LTP_BASE_PATH = $(CURDIR)/$(LTP_BASE)
> +PATCH_DIR = $(CURDIR)/patch
> +MDIR = $(CURDIR)
> +
> +LTP_ROLLUP_LOG = .rollup.log
> +LTP_RUN_LOG = .run.log
> +
> +LTP_FULL = ltp-full.tar.bz2
> +
> +all:: download extract patch build
> +
> +run:: runtests report
> +
> +build::
> + echo "Makefile: build"
> + export TOP_SRCDIR=$(LTP_BASE_PATH)
> + @$(MAKE) -C $(LTP_BASE_PATH) autotools
> + cd $(LTP_BASE_PATH) && ./configure && cd -
> + @$(MAKE) -C $(LTP_BASE_PATH) all
> + @$(MAKE) -C $(LTP_BASE_PATH) install
> +
> +extract::
> + echo "Makefile: extract"
> + tar xvf $(LTP_FULL)
> + mv -f ltp-full-* $(LTP_BASE)
> +
> +patch::
> + echo "Makefile: patch"
> + cp -fv $(PATCH_DIR)/cc_commands $(LTP_BASE_PATH)/runtest/cc_commands
> + cp -fv $(PATCH_DIR)/cc_ospp.sh $(LTP_BASE_PATH)/testscripts/cc_ospp.sh
> + cp -fv $(PATCH_DIR)/ssh03
$(LTP_BASE_PATH)/testcases/network/tcp_cmds/ssh/ssh03
> + cp -fv $(PATCH_DIR)/su01 $(LTP_BASE_PATH)/testcases/commands/su/su01
> +
> +clean::
> + echo "Makefile: clean"
> + # remove installed ltp
> + rm -rf /opt/ltp
> + # remove all logs, downloaded and created files/dirs
> + rm -f cc_ospp$(LTP_ROLLUP_LOG) cc_ospp$(LTP_RUN_LOG)
> + rm -f syscalls$(LTP_ROLLUP_LOG) syscalls$(LTP_RUN_LOG)
> + rm -f $(LTP_FULL) $(RUN_LOG) $(ROLLUP_LOG)
> + rm -rf $(LTP_BASE)
> +
> +download::
> + echo "Makefile: download"
> + # download latest LTP source
> + wget -O $(LTP_FULL)
http://sourceforge.net/projects/ltp/files/latest/download
> +
> +runtests::
> + echo "Makefile: runtests"
> + # needed for sendfile tests
> + setsebool allow_execmem=on
> + # run tests
> + echo "Running syscalls tests"
> + /opt/ltp/testscripts/syscalls.sh -p -l
$(MDIR)/syscalls$(LTP_ROLLUP_LOG) 2>&1 | tee syscalls$(LTP_RUN_LOG)
> + echo "Running cc_ospp tests"
> + /opt/ltp/testscripts/cc_ospp.sh -p -l
$(MDIR)/cc_ospp$(LTP_ROLLUP_LOG) 2>&1 | tee cc_ospp$(LTP_RUN_LOG)
> +
> +report::
> + echo "Makefile: report"
> + # create rollup.log
> + echo "TESTS PASSED = "$$(grep PASS cc_ospp$(LTP_ROLLUP_LOG)
syscalls$(LTP_ROLLUP_LOG) 2>&1 | wc -l) > $(ROLLUP_LOG)
> + echo " FAILED =" $$(grep FAIL cc_ospp$(LTP_ROLLUP_LOG)
syscalls$(LTP_ROLLUP_LOG) 2>&1 | wc -l) >> $(ROLLUP_LOG)
> + echo >> $(ROLLUP_LOG)
> + if [ "x$$(grep FAIL cc_ospp$(LTP_ROLLUP_LOG)
syscalls$(LTP_ROLLUP_LOG) 2>&1 | wc -l)" != "x0" ]; then \
> + echo "Failed tests:" >> $(ROLLUP_LOG); \
> + echo "-------------" >> $(ROLLUP_LOG); \
> + grep -H "\WFAIL\W" cc_ospp$(LTP_ROLLUP_LOG) syscalls$(LTP_ROLLUP_LOG)
>> $(ROLLUP_LOG); \
> + fi
> + # create run.log
> + cat cc_ospp$(LTP_RUN_LOG) syscalls$(LTP_RUN_LOG) > $(RUN_LOG)
> +
> +dist:
> + rev=$$(git log | head -n 1| awk '/^commit/{print $$2}' | cut -b 1-6 )
&& \
> + tmpdir=$$(mktemp -d) && \
> + into=$${PWD%/*} && \
> + mkdir "$$tmpdir/ltp" && \
> + rsync -a --exclude=.git . "$$tmpdir/ltp" && \
> + $(MAKE) clean -C "$$tmpdir/ltp" && \
> + cd "$$tmpdir" && \
> + chmod -R a+rX ltp && \
> + tar czf "$$into/ltp-$$rev.tar.gz" ltp && \
> + cd "$$into" && \
> + rm -rf "$$tmpdir" && \
> + echo && \
> + ls -l ltp-$$rev.tar.gz
> +
> diff --git a/ltp/README.ltp b/ltp/README.ltp
> new file mode 100644
> index 0000000..62b87bb
> --- /dev/null
> +++ b/ltp/README.ltp
> @@ -0,0 +1,24 @@
> +| Running LTP tests for RHEL6.2 certification
> ++---------------------------------------------
> +
> +Requirements
> +------------
> +Be sure to have properly configured system according to README.run
> +file.
> +
> +Running
> +-------
> +Running required LTP tests is fully automatized and they are run as
> +part of the audit-test test suite.
> +
> +The LTP suite is built and installed during the make phase. The tests
> +are executed during the make run phase.
> +
> +Logs from the runs are harvested and will be available in the
> +audit.run.log and audit.rollup.log files.
> +
> +To run only the LTP tests use the commands below. These expect you
> +already did run make in the audit-test root directory
> +
> +# cd ltp
> +# make run
> diff --git a/ltp/patch/cc_commands b/ltp/patch/cc_commands
> new file mode 100644
> index 0000000..2ba85c7
> --- /dev/null
> +++ b/ltp/patch/cc_commands
> @@ -0,0 +1,5 @@
> +ping export LTPROOT; ping01
> +ssh01 ssh01
> +ssh02 ssh02
> +ssh03 ssh03
> +su01 export TCbin=$LTPROOT/../testcases/bin;su01
> diff --git a/ltp/patch/cc_ospp.sh b/ltp/patch/cc_ospp.sh
> new file mode 100755
> index 0000000..c3c0738
> --- /dev/null
> +++ b/ltp/patch/cc_ospp.sh
> @@ -0,0 +1,168 @@
> +#!/bin/sh
> +
> +
> +#
> +# 08/17/11 - Jim Czyzak - This script is based upon runEALtests.sh script.
> +# It has been modified to use the command file
> +# cc_commands and only include arguments that might
> +# be useful for the common criteria testing against
> +# the ospp in conjunction with the audit-test suite.
> +# Also includes code to turn off screen in
> +# /etc/profile for the test run as screen interferes
> +# with the su tests (screen is turned on in the
> +# in some evaluated configurations for purposes of
> +# securing display devices)
> +
> +cd `dirname $0`
> +export LTPROOT=${PWD}
> +export TMPBASE="/tmp"
> +export TMP="${TMPBASE}/runalltests-$$"
> +export PATH="${PATH}:${LTPROOT}/../testcases/bin"
> +cmdfile="${LTPROOT}/../runtest/cc_commands"
> +pretty_prt=" "
> +alt_dir=0
> +quiet_mode=" "
> +
> +usage()
> +{
> + cat <<-END >&2
> + usage: ./${0##*/} -c [-d tmpdir] [-f cmdfile ] [ -l logfile ]
> + -q [ -r ltproot ] [ -t duration ] [ -x instances ]
> +
> + -c Run LTP under additional background CPU load.
> + -d tmpdir Directory where temporary files will be created.
> + -f cmdfile Execute user defined list of testcases.
> + -h Help. Prints all available options.
> + -l logfile Log results of test in a logfile.
> + -p Human readable format logfiles.
> + -q Print less verbose output to screen.
> + -r ltproot Fully qualified path where testsuite is installed.
> + -t duration Execute the testsuite for given duration in hours.
> + -x instances Run multiple instances of this testsuite.
> +
> + example: ./${0##*/} -i 1024 -m 128 -p -q -l /tmp/resultlog.$$ -d ${PWD}
> + END
> +exit
> +}
> +
> +mkdir -p ${TMP}
> +
> +cd ${TMP}
> +if [ $? -ne 0 ]; then
> + echo "could not cd ${TMP} ... exiting"
> + exit
> +fi
> +
> +while getopts cd:f:h:l:pqr:t:x arg
> +do case $arg in
> + c)
> + $LTPROOT/../testcases/bin/genload --cpu 1 2>&1 1>/dev/null &
> + GenLoad=1 ;;
> +
> + d) # append $$ to TMP, as it is recursively
> + # removed at end of script.
> + TMPBASE=$OPTARG;;
> + f) # Execute user defined set of testcases.
> + cmdfile=$OPTARG;;
> +
> + h) usage;;
> +
> + l)
> + if [ ${OPTARG:0:1} != "/" ]
> + then
> + if [ -d $LTPROOT/results ]
> + then
> + logfile="-l $LTPROOT/results/$OPTARG"
> + else
> + mkdir -p $LTPROOT/results
> + if [ $? -ne 0 ]
> + then
> + echo "ERROR: failed to create $LTPROOT/results"
> + exit 1
> + fi
> + logfile="-l $LTPROOT/results/$OPTARG"
> + fi
> + alt_dir=1
> + else
> + logfile="-l $OPTARG"
> + fi ;;
> +
> + p) pretty_prt=" -p ";;
> +
> + q) quiet_mode=" -q ";;
> +
> + r) LTPROOT=$OPTARG;;
> +
> + t) # In case you want to specify the time
> + # to run from the command line
> + # (2m = two minutes, 2h = two hours, etc)
> + duration="-t $OPTARG" ;;
> +
> + x) # number of ltp's to run
> + instances="-x $OPTARG";;
> +
> + \?) usage;;
> + esac
> +done
> +
> +if [ -z $PASSWD ]
> +then
> + echo " "
> + echo "ERROR:"
> + echo "Please export enviroment variable PASSWD"
> + echo "INFO: export PASSWD = 'root's password'"
> + exit 1
> +fi
> +
> +if [ -n "$instances" ]; then
> + instances="$instances -O ${TMP}"
> +fi
> +
> +
> +# If user does not provide a command file select a default set of
testcases
> +# to execute.
> +if [ -z $cmdfile ]
> +then
> + cat ${LTPROOT}/../runtest/admin_tools > ${TMP}/alltests
> +else
> + cat $cmdfile > ${TMP}/alltests
> +fi
> +
> +# The fsx-linux tests use the SCRATCHDEV environment variable as a
location
> +# that can be reformatted and run on. Set SCRATCHDEV if you want to run
> +# these tests. As a safeguard, this is disabled.
> +unset SCRATCHDEV
> +if [ -n "$SCRATCHDEV" ]; then
> + cat ${LTPROOT}/../runtest/fsx >> ${TMP}/alltests
> +fi
> +
> +# turn off screen in /etc/profile
> +tmpbkup=$(mktemp "/etc/profile.XXXXXX") || exit 1
> +cp -a /etc/profile $tmpbkup || exit 1
> +sed -i 's/\[ -w $(tty) \]/false/' /etc/profile
> +
> +# display versions of installed software
> +${LTPROOT}/../ver_linux
> +
> +${LTPROOT}/../bin/ltp-pan $quiet_mode -e -S $instances $duration -a $$
-n $$ $pretty_prt -f ${TMP}/alltests $logfile
> +
> +if [ $? -eq 0 ]; then
> + echo ltp-pan reported PASS
> +else
> + echo ltp-pan reported FAIL
> +fi
> +
> +if [ $alt_dir -eq 1 ]
> +then
> + echo " "
> + echo "###############################################################"
> + echo " "
> + echo " result log is in the $LTPROOT/results directory"
> + echo " "
> + echo "###############################################################"
> + echo " "
> +fi
> +# restore /etc/profile
> +mv -f $tmpbkup /etc/profile
> +
> +rm -rf ${TMP}
> diff --git a/ltp/patch/ssh03 b/ltp/patch/ssh03
> new file mode 100755
> index 0000000..30caaba
> --- /dev/null
> +++ b/ltp/patch/ssh03
> @@ -0,0 +1,91 @@
> +#!/bin/sh
> +#*********************************************************************
> +# Copyright (c) International Business Machines Corp., 2000
> +#
> +# This program is free software; you can redistribute it and/or modify
> +# it under the terms of the GNU General Public License as published by
> +# the Free Software Foundation; either version 2 of the License, or
> +# (at your option) any later version.
> +#
> +# This program is distributed in the hope that it will be useful,
> +# but WITHOUT ANY WARRANTY; without even the implied warranty of
> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
> +# the GNU General Public License for more details.
> +#
> +# You should have received a copy of the GNU General Public License
> +# along with this program; if not, write to the Free Software
> +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
> +#
> +# FILE : ssh
> +#
> +# PURPOSE: Tests to see that ssh allows a valid username (non-root)
> +#
> +# SETUP: The program `/usr/bin/expect' MUST be installed.
> +#
> +# HISTORY:
> +# 03/03 Jerone Young (je...@us...)
> +#
> +
> +#-----------------------------------------------------------------------
> +# FUNCTION: do_setup
> +#-----------------------------------------------------------------------
> +
> +do_setup()
> +{
> + export RHOST="localhost"
> + export TEST_USER="ssh_usr3"
> + export TEST_USER_PASSWD="eal"
> + export TEST_USER_ENCRYPTED_PASSWD="42VmxaOByKwlA"
> + export TEST_USER_HOMEDIR="/home/$TEST_USER"
> +
> + # erase user if he/she already exists, so we can have a clean env
> +
> + rm -Rf /home/$TEST_USER
> + tst_setup
> +
> + exists expect ssh ssh03_s1 useradd userdel
> +
> + userdel $TEST_USER
> + sleep 1
> +
> + if ! useradd -m -p $TEST_USER_ENCRYPTED_PASSWD $TEST_USER; then
> + end_testcase "Could not add test user $TEST_USER to system $RHOST."
> + fi
> +
> + # create users home diretory (SLES 8 does not do this, even when
specified
> + # in adduser)
> + USER_UID=$(id -u $TEST_USER)
> + USER_GID=$(id -g $TEST_USER)
> + if ! mkdir -p "$TEST_USER_HOMEDIR"; then
> + end_testcase "Failed to create $TEST_USER_HOMEDIR"
> + fi
> + chown -R $USER_UID.$USER_GID "$TEST_USER_HOMEDIR"
> +
> + trap do_cleanup EXIT
> +
> +}
> +
> +#-----------------------------------------------------------------------
> +# FUNCTION: do_cleanup
> +#-----------------------------------------------------------------------
> +
> +do_cleanup()
> +{
> + userdel $TEST_USER
> + tst_cleanup
> +}
> +
> +#-----------------------------------------------------------------------
> +# FUNCTION: MAIN
> +#
> +# DESCRIPTION: Create Test User
> +# Call upon script to make sure an invalid user can not have access
> +# Cleanup Test User from system
> +# Exit with exit code of script called upon
> +#-----------------------------------------------------------------------
> +. net_cmdlib.sh
> +
> +read_opts $*
> +do_setup
> +ssh03_s1 || end_testcase "Testcase failed"
> +do_cleanup
> diff --git a/ltp/patch/su01 b/ltp/patch/su01
> new file mode 100755
> index 0000000..0ca6b87
> --- /dev/null
> +++ b/ltp/patch/su01
> @@ -0,0 +1,193 @@
> +#!/bin/sh
> +#*********************************************************************
> +# Copyright (c) International Business Machines Corp., 2003, 2004
> +#
> +# This program is free software; you can redistribute it and/or modify
> +# it under the terms of the GNU General Public License as published by
> +# the Free Software Foundation; either version 2 of the License, or
> +# (at your option) any later version.
> +#
> +# This program is distributed in the hope that it will be useful,
> +# but WITHOUT ANY WARRANTY; without even the implied warranty of
> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
> +# the GNU General Public License for more details.
> +#
> +# You should have received a copy of the GNU General Public License
> +# along with this program; if not, write to the Free Software
> +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
> +#
> +# FILE : su
> +#
> +# PURPOSE: Tests the basic functionality of `su`.
> +#
> +# SETUP: The program `/usr/bin/expect' MUST be installed.
> +#
> +# HISTORY:
> +# 03/03 Dustin Kirkland (dki...@us...)
> +# 03/03 Jerone Young (je...@us...)
> +# 10/01/04 Kris Wilson Port to Red Hat
> +#
> +#*********************************************************************
> +
> +if [ -z ${TCbin} ]
> +then
> + export TCbin="/opt/ltp/testcases/bin"
> +# $PWD
> +fi
> +
> +export TEST_USER1="su_usr1"
> +
> +tvar=${MACHTYPE%-*}
> +tvar=${tvar#*-}
> +
> +# need to export tvar for su01_s1
> +export tvar
> +printf "Machine type is: $tvar\n\n"
> +
> +if [ "$tvar" = "redhat" -o "$tvar" = "redhat-linux" ]
> +# Need to also set group for TEST_USER2
> +then
> +export TEST_USER1_GROUP="wheel"
> +export TEST_USER2_GROUP="wheel"
> +else
> +export TEST_USER1_GROUP="trusted"
> +export TEST_USER2_GROUP="trusted"
> +fi
> +export TEST_USER1_PASSWD="eal"
> +export TEST_USER1_ENCRYPTED_PASSWD="42VmxaOByKwlA"
> +export TEST_USER1_NEW_PASSWD="a_very_good_and_long_password"
> +export TEST_USER1_HOMEDIR="/home/$TEST_USER1"
> +
> +export TEST_USER2="su_usr2"
> +# Group needs to be trusted for Red Hat.
> +#export TEST_USER2_GROUP="trusted"
> +export TEST_USER2_PASSWD="eal"
> +export TEST_USER2_ENCRYPTED_PASSWD="42VmxaOByKwlA"
> +export TEST_USER2_HOMEDIR="/home/$TEST_USER2"
> +
> +#This is for enviroment test
> +export TEST_LINE="YOU_HAVE_THE_VARIABLE"
> +export TEST_ENV_FILE="/tmp/TEST_ENV_FILE_ROOT"
> +export TEST_ENV_FILE_USER="/tmp/TEST_ENV_FILE_USER"
> +export TEST_ENV_FILE2="/tmp/TEST_ENV_FILE_ROOT2"
> +#-----------------------------------------------------------------------
> +# FUNCTION: do_setup
> +#-----------------------------------------------------------------------
> +
> +do_setup(){
> +
> +#REMOVE ANY TEMPOARY FILES THAT MAY STILL BE AROUND
> +rm -f $TEST_ENV_FILE_USER > /dev/null 2>&1
> +rm -f $TEST_ENV_FILE2 > /dev/null 2>&1
> +rm -f $TEST_ENV_FILE > /dev/null 2>&1
> +
> +
> +#Create 1st test user
> + #erase user if he may exist , so we can have a clean en
> + rm -rf /home/$TEST_USER1
> + userdel $TEST_USER1
> + sleep 1
> +
> + useradd -m -g users $TEST_USER1
> + if [ $? != 0 ]
> + then {
> + echo "Could not add test user $TEST_USER1."
> + exit 1
> + }
> + fi
> +
> + usermod -G users,$TEST_USER1_GROUP $TEST_USER1
> +
> + #create users home directory (SLES 8 does not do this, even when
specified in adduser)
> +# Only do this if not RH; RH creates the directory.
> + if [ "$tvar" != "redhat" -a "$tvar" != "redhat-linux" ]
> + then {
> + USER_UID=`id -u $TEST_USER1`
> + USER_GID=`id -g $TEST_USER1`
> + mkdir $TEST_USER1_HOMEDIR
> + chown -R $USER_UID.$USER_GID $TEST_USER1_HOMEDIR
> + }
> + fi
> +
> + usermod -p $TEST_USER1_ENCRYPTED_PASSWD $TEST_USER1 > /dev/null 2>&1
> + if [ $? != 0 ]
> + then {
> + echo "Could not set password for test user $TEST_USER1"
> + exit 1
> + }
> + fi
> +
> +#Create 2nd test user
> + #erase user if he may exist , so we can have a clean en
> + rm -rf /home/$TEST_USER2
> + userdel $TEST_USER2
> + sleep 1
> +
> + useradd -m -g users $TEST_USER2
> +
> + if [ $? != 0 ]
> + then {
> + echo "Could not add test user $TEST_USER2."
> + exit 1
> + }
> + fi
> +
> + usermod -G users,$TEST_USER2_GROUP $TEST_USER2
> +
> + #create users home diretory (SLES 8 does not do this, even when
specified in adduser)
> +# Only do this if not RH; RH creates the directory.
> + if [ "$tvar" != "redhat" -a "$tvar" != "redhat-linux" ]
> + then {
> + USER_UID=`id -u $TEST_USER2`
> + USER_GID=`id -g $TEST_USER2`
> + mkdir $TEST_USER2_HOMEDIR
> + chown -R $USER_UID.$USER_GID $TEST_USER2_HOMEDIR
> + }
> + fi
> +
> + usermod -p $TEST_USER2_ENCRYPTED_PASSWD $TEST_USER2 > /dev/null 2>&1
> + if [ $? != 0 ]
> + then {
> + echo "Could not set password for test user $TEST_USER2"
> + exit 1
> + }
> + fi
> +}
> +
> +
> +#-----------------------------------------------------------------------
> +# FUNCTION: do_cleanup
> +#-----------------------------------------------------------------------
> +
> +do_cleanup() {
> + rm -rf /home/$TEST_USER1
> + rm -rf /home/$TEST_USER2
> + userdel $TEST_USER1
> + userdel $TEST_USER2
> + #REMOVE ANY TEMPOARY FILES THAT MAY STILL BE AROUND
> + rm -f $TEST_ENV_FILE_USER > /dev/null 2>&1
> + rm -f $TEST_ENV_FILE2 > /dev/null 2>&1
> + rm -f $TEST_ENV_FILE > /dev/null 2>&1
> +}
> +
> +#-----------------------------------------------------------------------
> +# FUNCTION: screenoff
> +#
> +# DESCRIPTION: save off /etc/profile and turn off screen
> +#
> +#-----------------------------------------------------------------------
> +screenoff (){
> + tmpbkup=$(mktemp "/etc/profile.XXXXXX") || exit 1
> + cp -a /etc/profile $tmpbkup || exit 1
> + sed -i 's/\[ -w $(tty) \]/false/' /etc/profile
> +}
> +#-----------------------------------------------------------------------
> +# FUNCTION: MAIN
> +#-----------------------------------------------------------------------
> +do_setup
> +screenoff
> +/bin/su $TEST_USER1 -c ${TCbin}/su01_s1
> +mv -f $tmpbkup /etc/profile
> +EXIT_CODE=$?
> +do_cleanup
> +exit $EXIT_CODE
> diff --git a/rules.mk b/rules.mk
> new file mode 100644
> index 0000000..51b0d1c
> --- /dev/null
> +++ b/rules.mk
> @@ -0,0 +1,330 @@
> +##########################################################################
> +# Copyright (C) International Business Machines Corp., 2003
> +# (c) Copyright Hewlett-Packard Development Company, L.P., 2005
> +#
> +# This program is free software: you can redistribute it and/or modify
> +# it under the terms of version 2 the GNU General Public License as
> +# published by the Free Software Foundation.
> +#
> +# This program is distributed in the hope that it will be useful,
> +# but WITHOUT ANY WARRANTY; without even the implied warranty of
> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
> +# GNU General Public License for more details.
> +#
> +# You should have received a copy of the GNU General Public License
> +# along with this program. If not, see <http://www.gnu.org/licenses/>.
> +#
> +#
> +#
> +# FILE : rules.mk
> +#
> +# PURPOSE: This rules file facilitates the compiling, linking and running
> +# of the Linux Auditing System test suite.
> +#
> +# Rules are provided for dependency building, compiling, sub
> +# directory traversal and running of the tests.
> +#
> +#
> +# HISTORY:
> +# 08/03 originated by Tom Lendacky (to...@us...)
> +#
> +##########################################################################
> +
> +SHELL := /bin/bash
> +
> +MACHINE = $(strip $(shell uname -m))
> +X = i486 i586 i686 ix86
> +P = ppc powerpc
> +IP = ppc64 powerpc64
> +Z = s390
> +Z64 = s390x
> +X86_64 = x86_64
> +IA = ia64
> +SYSTEMINFO = systeminfo.run.log
> +CFLAGS += -g -O2 -Wall -Werror -D_GNU_SOURCE -fno-strict-aliasing
> +LDFLAGS +=
> +
> +LINK_AR = $(AR) rc $@ $^
> +LINK_EXE = $(CC) $(LDFLAGS) -o $@ $^ $(LOADLIBES) $(LDLIBS)
> +LINK_SO = $(CC) $(LDFLAGS) -shared -o $@ $^ $(LOADLIBES) $(LDLIBS)
> +
> +# If MODE isn't set explicitly, the default for the machine is used
> +export NATIVE = $(strip $(shell file /bin/bash | awk -F'[ -]' '{print
$$3}'))
> +export MODE ?= $(NATIVE)
> +ifneq ($(MODE), $(NATIVE))
> + ifeq ($(MODE), 32)
> + ifneq (,$(findstring $(MACHINE), $(Z64)))
> + CFLAGS += -m31
> + LDFLAGS += -m31
> + else
> + ifneq (,$(findstring $(MACHINE), $(X86_64)))
> + CFLAGS += -m32 -malign-double
> + LDFLAGS += -m32
> + else
> + CFLAGS += -m32
> + LDFLAGS += -m32
> + endif
> + endif
> + endif
> + ifeq ($(MODE), 64)
> + CFLAGS += -m64
> + LDFLAGS += -m64
> + endif
> +endif
> +RELEASE = $(wildcard /etc/*-release)
> +ifeq (SuSE, $(findstring SuSE, $(RELEASE)))
> +CFLAGS +=-DSUSE
> +export DISTRO=SUSE
> +endif
> +ifeq (fedora, $(findstring fedora, $(RELEASE)))
> +CFLAGS +=-DFEDORA
> +export DISTRO=FEDORA
> +else ifeq (redhat, $(findstring redhat, $(RELEASE)))
> +CFLAGS +=-DRHEL
> +export DISTRO=RHEL
> +endif
> +
> +##########################################################################
> +# Common rules
> +##########################################################################
> +
> +.PHONY: all run \
> + clean clobber distclean _clean _clobber _distclean \
> + msgque rmlogs showrpms showrpms2
> +
> +all: deps subdirs $(ALL_AR) $(ALL_EXE) $(ALL_SO)
> +
> +run:
> +
> +# Re-used in toplevel Makefile
> +check_set_PPROFILE = \
> + if [[ ! -x /usr/sbin/getenforce ]]; then \
> + export PPROFILE=capp ; \
> + elif [[ $$PPROFILE != capp && $$PPROFILE != lspp ]]; then \
> + export PPROFILE=capp ; \
> + if [[ "$$(getenforce)" == "Enforcing" ]] && \
> + (/usr/sbin/sestatus | grep -q mls); then \
> + if [[ "$$(secon -r)" != "lspp_test_r" ]]; then \
> + echo "SELinux MLS policy is enabled but you are not in lspp_test_r" ; \
> + exit 1; \
> + else \
> + export PPROFILE=lspp ; \
> + fi \
> + fi \
> + fi
> +
> +check_set_PASSWD = \
> + while [[ -z $$PASSWD ]]; do \
> + trap 'stty echo; exit' 1 2; \
> + read -sp "Login user password: " PASSWD; echo; export PASSWD; \
> + trap - 1 2; \
> + done
> +
> +ifeq (, $(findstring network, $(RUN_DIRS)))
> +check_set_LBLNET_SVR_IPV4 = true
> +else
> +check_set_LBLNET_SVR_IPV4 = \
> + while [[ -z $$LBLNET_SVR_IPV4 ]]; do \
> + trap 'stty echo; exit' 1 2; \
> + read -p "Remote test server IPv4 address: " LBLNET_SVR_IPV4; \
> + echo; export LBLNET_SVR_IPV4; \
> + trap - 1 2; \
> + done
> +endif
> +
> +ifeq (, $(findstring network, $(RUN_DIRS)))
> +check_set_LBLNET_SVR_IPV6 = true
> +else
> +check_set_LBLNET_SVR_IPV6 = \
> + while [[ -z $$LBLNET_SVR_IPV6 ]]; do \
> + trap 'stty echo; exit' 1 2; \
> + read -p "Remote test server IPv6 address: " LBLNET_SVR_IPV6; \
> + echo; export LBLNET_SVR_IPV6; \
> + trap - 1 2; \
> + done
> +endif
> +
> +check_TTY = \
> + if [[ -f /etc/selinux/mls/contexts/securetty_types ]]; then \
> + tty=`/usr/bin/tty`; \
> + tty_type=`ls -lZ $$tty | awk -F: '{print $$3}' | awk '{print $$1}'`; \
> + grep -q $$tty_type /etc/selinux/mls/contexts/securetty_types
/dev/null && { \
> + echo -n "You are connected to the test machine through "; \
> + echo "a device ($$tty) that"; \
> + echo -n "will prevent one or more tests from functioning "; \
> + echo "as intended. Connect to"; \
> + echo -n "the machine remotely through a pty device, such "; \
> + echo "as logging in as the "; \
> + echo "test-user directly using ssh."; \
> + echo ; \
> + exit 1; \
> + } \
> + fi
> +
> +ifneq ($(if $(filter-out .,$(TOPDIR)),$(wildcard run.conf)),)
> +all: run.bash
> +
> +run.bash:
> + [[ -f run.bash ]] || ln -sfn $(TOPDIR)/utils/run.bash run.bash
> +
> +run: all
> + @$(check_set_PPROFILE); \
> + $(check_set_PASSWD); \
> + ./run.bash
> +endif
> +
> +_clean:
> + @if [[ "$(MAKECMDGOALS)" == clean ]]; then \
> + for x in $(SUB_DIRS); do \
> + make -C $$x clean; \
> + done; \
> + fi
> + $(RM) -r .deps
> + $(RM) $(ALL_OBJ)
> + $(RM) $(ALL_EXE) $(ALL_AR) $(ALL_SO)
> +
> +clean: _clean
> +
> +_distclean: clean
> + @if [[ "$(MAKECMDGOALS)" == distclean ]]; then \
> + for x in $(SUB_DIRS); do \
> + make -C $$x distclean; \
> + done; \
> + fi
> + $(RM) run.log
> + if [[ -L run.bash ]]; then $(RM) run.bash; fi
> +
> +distclean: _distclean
> +
> +##########################################################################
> +# RPM dependency checking
> +##########################################################################
> +
> +# These are assumed to be the base requirements for all the tests.
Requirements
> +# can be refined in individual Makefiles by appending (+=) or
overriding (=)
> +# the RPMS variable.
> +RPMS = binutils \
> + cpp \
> + expect \
> + flex \
> + gcc \
> + gcc-c++ \
> + glibc-devel \
> + libattr-devel \
> + libstdc++-devel \
> + libcap-devel \
> + make \
> + audit-libs-devel
> +ifneq ($(findstring $(MACHINE),$(IP)),)
> +RPMS += gcc-64bit
> +endif
> +
> +# This can be augmented per directory to check things other than the
default
> +# list in "verify". (In fact some things should be moved from that
list to the
> +# appropriate directory)
> +verifyme: subdirs
> +
> +verify:
> + $(MAKE) verifyme
> + @if ! mount | grep -q "^$$(df . | head -n2 | tail -n1 | cut -f1 -d\ )
.*(.*user_xattr"; then \
> + echo "please set 'user_xattr' for this filesystem'"; \
> + exit 1; \
> + fi
> + @if ! mount | grep -q "^$$(df . | head -n2 | tail -n1 | cut -f1 -d\ )
.*(.*acl"; then \
> + echo "please set 'acl' for this filesystem'"; \
> + exit 1; \
> + fi
> + @echo "-----------------------"
> + @echo "Checking installed rpms"
> + @echo "-----------------------"
> + @if ! rpm -q $$($(MAKE) --no-print-directory showrpms); then \
> + echo "Please install the missing rpms"; \
> + exit 1; \
> + fi
> + @echo "-----------------------"
> + @echo "Looks good!"
> +
> +showrpms:
> + @$(MAKE) --no-print-directory _showrpms | xargs -n1 echo | sort -u
> +
> +_showrpms: subdirs_quiet
> + @echo "$(RPMS)"
> +
> +##########################################################################
> +# Dependency rules
> +##########################################################################
> +
> +DEP_FILES = $(addprefix .deps/, $(ALL_OBJ:.o=.d))
> +
> +.PHONY: deps
> +
> +deps: $(DEP_FILES)
> +
> +# See http://www.gnu.org/software/make/manual/html_node/make_47.html#SEC51
> +# "4.14 Generating Prerequisites Automatically"
> +.deps/%.d: %.c
> + @mkdir -p .deps
> + @echo Creating dependencies for $<
> + @$(SHELL) -ec '$(CC) $(CFLAGS) $(CPPFLAGS) -MM $< \
> + | sed '\''s@\($*\)\.o[ :]*@\1.o $@: @g'\'' > $@; \
> + [ -s $@ ] || $(RM) $@'
> +
> +ifneq ($(DEP_FILES),)
> +-include $(DEP_FILES)
> +endif
> +
> +# How to build missing things like libraries
> +../%:
> + $(MAKE) -C $(dir $@) $(notdir $@)
> +
> +##########################################################################
> +# Sub-directory processing rules
> +##########################################################################
> +
> +.PHONY: subdirs subdirs_quiet
> +
> +subdirs:
> + @for x in $(SUB_DIRS); do \
> + $(MAKE) -C $$x $(MAKECMDGOALS) || exit $$?; \
> + done
> +
> +subdirs_quiet:
> + @for x in $(SUB_DIRS); do \
> + $(MAKE) --no-print-directory -C $$x $(MAKECMDGOALS) || exit $$?; \
> + done
> +
> +##########################################################################
> +# Command framework execution rules
> +##########################################################################
> +
> +systeminfo::
> + echo "==> date <==" > $(SYSTEMINFO)
> + date >> $(SYSTEMINFO)
> + echo "" >> $(SYSTEMINFO)
> + echo "==> uname -a <==" >> $(SYSTEMINFO)
> + uname -a >> $(SYSTEMINFO)
> + echo "" >> $(SYSTEMINFO)
> + echo "==> uptime <==" >> $(SYSTEMINFO)
> + uptime >> $(SYSTEMINFO)
> + echo "" >> $(SYSTEMINFO)
> + echo "==> cat /proc/cpuinfo <==" >> $(SYSTEMINFO)
> + cat /proc/cpuinfo >> $(SYSTEMINFO)
> + echo "" >> $(SYSTEMINFO)
> + echo "==> rpm -qai <==" >> $(SYSTEMINFO)
> + rpm -qai >> $(SYSTEMINFO)
> +
> +ifneq ($(DEBUG),)
> +DEBUG_ARG = -d $(DEBUG)
> +endif
> +
> +ifneq ($(TEST_USER),)
> +USER_ARG = -u $(TEST_USER)
> +endif
> +
> +ifneq ($(LOGIN_USER),)
> +LOGIN_ARG = -l $(LOGIN_USER)
> +endif
> +
> +ifneq ($(TEST),)
> +TEST_ARG = -t $(TEST)
> +endif


- -- 
Miroslav Vadkerti :: QA Engineer / RHCE :: BaseOS QE - Security
IRC mvadkert at #qe #urt #rpmdiff :: GnuPG ID 0x25881087 at pgp.mit.edu
Phone +420 532 294 129 :: CZ +420 775 039 842 :: SK +421 904 135 440
Red Hat s.r.o, Purky?ova 99/71, 612 45, Brno, Czech Republic
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEcBAEBAgAGBQJO1PJhAAoJEBliWhMliBCHGMgH+gMYLBNaSn40K4QnKPy9ey5O
L7vaxgJbe4Am2i89r4eW4kM+AytmGyFBkEQOyJ2gaWiAmdASxE4HqrG85FrEX5g0
kTmoO3lbTIMDaXZJKDk9r2hch43Wa7ruqyJRpJB0LipDXuTBedxM2Uhi31nAb5ly
334Gpkqiq7bj6Z6ZWkBAmRNYygFfNsGqmIuqpDnHfRw+ODoi9BIBitLDW2w6nyZq
poDx2EZznj8+zTW2MU7CzlkcsaWlnXpzqxFgCS9ZazbTZwFsVitPhpYZ10tlJj1I
m+4E+DhLmbtjYLX7nB7bwanMBFE4oQInG0vMpz2UpQXgYpClacFFcKSiyjNEf1g=
=ZTmA
-----END PGP SIGNATURE-----