test: new test, verifies .conf option secure_mode
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
This commit is contained in:
parent
075815eeb8
commit
477bb40c44
@ -1,6 +1,6 @@
|
||||
EXTRA_DIST = lib.sh opts.sh
|
||||
EXTRA_DIST += api.sh local.sh unicode.sh remote.sh fwd.sh mark.sh \
|
||||
facility.sh notify.sh rotate_all.sh
|
||||
facility.sh notify.sh rotate_all.sh secure.sh
|
||||
CLEANFILES = *~ *.trs *.log
|
||||
TEST_EXTENSIONS = .sh
|
||||
TESTS_ENVIRONMENT= unshare -mrun
|
||||
@ -21,5 +21,6 @@ TESTS += fwd.sh
|
||||
TESTS += mark.sh
|
||||
TESTS += notify.sh
|
||||
TESTS += rotate_all.sh
|
||||
TESTS += secure.sh
|
||||
|
||||
programs: $(check_PROGRAMS)
|
||||
|
70
test/secure.sh
Executable file
70
test/secure.sh
Executable file
@ -0,0 +1,70 @@
|
||||
#!/bin/sh
|
||||
# Verify secure_mode changes at runtime w/o having to restart syslogd.
|
||||
# We want to ensure goint from most secure, to no security, and back,
|
||||
# works as intended.
|
||||
#
|
||||
# shellcheck disable=SC1090
|
||||
if [ x"${srcdir}" = x ]; then
|
||||
srcdir=.
|
||||
fi
|
||||
. ${srcdir}/lib.sh
|
||||
|
||||
MSG="Kilroy was here"
|
||||
|
||||
set_secure_mode()
|
||||
{
|
||||
cat <<-EOF > "${CONF}"
|
||||
*.* @127.0.0.2
|
||||
secure_mode=$1
|
||||
EOF
|
||||
if is_running; then
|
||||
reload
|
||||
else
|
||||
setup -m0
|
||||
fi
|
||||
sleep 1
|
||||
}
|
||||
|
||||
do_port_check()
|
||||
{
|
||||
netstat -atnup | grep "$PORT\|PORT2"
|
||||
}
|
||||
|
||||
check_no_port_open()
|
||||
{
|
||||
do_port_check && FAIL "$@"
|
||||
}
|
||||
|
||||
check_port_open()
|
||||
{
|
||||
do_port_check || FAIL "$@"
|
||||
}
|
||||
|
||||
check_remote_logging()
|
||||
{
|
||||
cap_start
|
||||
logger "$MSG"
|
||||
cap_stop
|
||||
cap_find "$MSG" || FAIL "Cannot find: $MSG"
|
||||
}
|
||||
|
||||
print "Secure mode 2 - no remote no ports"
|
||||
set_secure_mode 2
|
||||
check_no_port_open "Secure mode 2, yet ports are opened!"
|
||||
|
||||
print "Secure mode 1 - remote but no ports"
|
||||
set_secure_mode 1
|
||||
check_no_port_open "Secure mode 1, yet ports are opened!"
|
||||
check_remote_logging
|
||||
|
||||
print "Secure mode 0 - remote and open ports"
|
||||
set_secure_mode 0
|
||||
check_remote_logging "Secure mode 0, but no ports open!"
|
||||
check_port_open
|
||||
|
||||
print "Secure mode 1 - remote but no ports"
|
||||
set_secure_mode 1
|
||||
check_no_port_open "Secure mode 1, yet ports are opened!"
|
||||
check_remote_logging
|
||||
|
||||
OK
|
Loading…
Reference in New Issue
Block a user