[Open-scap] [PATCH 03/17] Porting runlevel probe test to Solaris

Marshall Miller mmiller at tresys.com
Wed Jul 13 20:41:41 UTC 2011 

From: Ryan Hagerty <rhagerty at tresys.com>

Solaris does not have chkconfig. This patch adds functions which
provide compatible functionality for use in the runlevel probe test
scripts.
---
 tests/probes/runlevel/runlevel_helper.sh           |   50 ++++++++++++++++++++
 tests/probes/runlevel/test_probes_runlevel.sh      |   30 ++++--------
 .../probes/runlevel/test_probes_runlevel_A.xml.sh  |   12 +++--
 3 files changed, 68 insertions(+), 24 deletions(-)
 create mode 100644 tests/probes/runlevel/runlevel_helper.sh

diff --git a/tests/probes/runlevel/runlevel_helper.sh b/tests/probes/runlevel/runlevel_helper.sh
new file mode 100644
index 0000000..5926783
--- /dev/null
+++ b/tests/probes/runlevel/runlevel_helper.sh
@@ -0,0 +1,50 @@
+
+if [  -x "`which chkconfig`" ] ; then
+	HAVE_CHKCONFIG=y
+else
+	HAVE_CHKCONFIG=n
+fi
+
+# Gets the chkconfig list with chkconfig direclty if HAVE_CHKCONFIG
+# Otherwise produces the same information in another way
+get_services_list() {
+	if [ "$HAVE_CHKCONFIG" = "y" ] ; then
+		chkconfig --list | awk '{print $1}' | sort | uniq
+	else
+		ls /etc/init.d/ | egrep -v "(README|PRESERVE)" | xargs
+	fi
+}
+
+# Gets the chkconfig level with chkconfig direclty if HAVE_CHKCONFIG
+# Otherwise produces the same information in another way
+get_service_runlevels() {
+
+	local SRV=$1
+
+	if [ "$HAVE_CHKCONFIG" = "y" ] ; then
+		chkconfig $SRV --list | awk '{print $2 " " $3 " " $4 " " $5 " " $6 " " $7 " " $8}'
+	else
+		for RC in 0 1 2 3 4 5 6; do
+			RCDIR=/etc/rc$RC.d
+			if [ -d $RCDIR ]; then
+				if [ -f $RCDIR/S[0-9][0-9]$SRV ] ; then
+					STATE="on"
+				else
+					STATE="off"
+				fi
+				echo "$RC:$STATE"
+			fi
+		done
+	fi
+}
+
+# Gets a list of services matching the given state at the given runlevel
+get_services_matching() {
+	local RUNLEVEL=$1
+	local STATE=$2
+	for S in `get_services_list`; do
+		if get_service_runlevels $S | grep $RUNLEVEL:$STATE >/dev/null; then
+			echo $S
+		fi
+	done
+}
diff --git a/tests/probes/runlevel/test_probes_runlevel.sh b/tests/probes/runlevel/test_probes_runlevel.sh
index 5cc0f20..e179928 100755
--- a/tests/probes/runlevel/test_probes_runlevel.sh
+++ b/tests/probes/runlevel/test_probes_runlevel.sh
@@ -14,6 +14,8 @@
 
 . ${srcdir}/../../test_common.sh
 
+. runlevel_helper.sh
+
 # Test Cases.
 
 function test_probes_runlevel_A {
@@ -29,25 +31,19 @@ function test_probes_runlevel_A {
    
     [ -f $RESFILE ] && rm -f $RESFILE
 
-    eval "which chkconfig > /dev/null 2>&1"    
-    if [ ! $? -eq 0 ]; then	
-	echo -e "No chkconfig found in path!\n" 
-	return 255; # Test is not applicable.
-    fi
-
     bash ${srcdir}/test_probes_runlevel_A.xml.sh > $DEFFILE
     ../../../utils/.libs/oscap oval eval --results $RESFILE $DEFFILE
         
     if [ -f $RESFILE ]; then
 
-	for S in `chkconfig --list | awk '{print $1}'`; do
-	    for L in `chkconfig $S --list | awk '{print $2 " " $3 " " $4 " " $5 " " $6 " " $7 " " $8}'`; do
+	for S in `get_services_list`; do
+	    for L in `get_service_runlevels ${S}`; do
 		LEVEL=`echo $L | awk -F : '{print $1}'`
 		STATE=`echo $L | awk -F : '{print $2}'`
 	    
-		for SUFFIX in "T F"; do
-		    TEST_DEF=`cat "$DEFFILE" | grep "id=\"test:${S}-${LEVEL}-${STATE}-${SUFFIX}"`
-		    TEST_RES=`cat "$RESFILE" | grep "test_id=\"test:${S}-${LEVEL}-${STATE}-${SUFFIX}\""`
+		for SUFFIX in T F; do
+		    TEST_DEF=`grep "id=\"oval:${S}-${LEVEL}-${STATE}-${SUFFIX}:tst:1\"" $DEFFILE`
+		    TEST_RES=`grep "test_id=\"oval:${S}-${LEVEL}-${STATE}-${SUFFIX}:tst:1\"" $RESFILE`
 
 		    if (echo $TEST_RES | grep -q "result=\"true\""); then
 			RES="TRUE"
@@ -66,7 +62,7 @@ function test_probes_runlevel_A {
 		    fi
 		    
 		    if [ ! $RES = $CMT ]; then
-			echo "Result of test:${S}-${LEVEL}-${STATE}-${SUFFIX} should be ${CMT}!" 
+			echo "Result of oval:${S}-${LEVEL}-${STATE}-${SUFFIX}:tst:1 should be ${CMT}!" 
 			ret_val=$[$ret_val + 1]
 		    fi
 		    
@@ -95,14 +91,8 @@ function test_probes_runlevel_B {
     local DEFFILE="test_probes_runlevel_B.xml"
     local RESFILE="results_B.xml"
     
-    eval "which chkconfig > /dev/null 2>&1"    
-    if [ ! $? -eq 0 ]; then	
-	echo -e "No chkconfig found in $PATH!\n" 
-	return 255; # Test is not applicable.
-    fi
-
-    local SERVICE_A=`chkconfig --list | grep "3:on" | head -1 | awk '{print $1}'`
-    local SERVICE_B=`chkconfig --list | grep "3:off" | head -1 | awk '{print $1}'`
+    local SERVICE_A=`get_services_matching 3 on | head -1`
+    local SERVICE_B=`get_services_matching 3 off | head -1`
 
     bash ${srcdir}/test_probes_runlevel_B.xml.sh $SERVICE_A $SERVICE_B > $DEFFILE
     ../../../utils/.libs/oscap oval eval --results $RESFILE $DEFFILE
diff --git a/tests/probes/runlevel/test_probes_runlevel_A.xml.sh b/tests/probes/runlevel/test_probes_runlevel_A.xml.sh
index eff8579..0dd040b 100644
--- a/tests/probes/runlevel/test_probes_runlevel_A.xml.sh
+++ b/tests/probes/runlevel/test_probes_runlevel_A.xml.sh
@@ -1,5 +1,7 @@
 #!/usr/bin/env bash
 
+. runlevel_helper.sh
+
 cat <<EOF
 <?xml version="1.0"?>
 <oval_definitions xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:ind-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" xmlns:unix-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" xmlns:lin-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" xsi:schemaLocation="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix unix-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5#independent independent-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5#linux linux-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5 oval-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-common-5 oval-common-schema.xsd">
@@ -14,9 +16,11 @@ cat <<EOF
   <definitions>
 EOF
 
-SERVICES_LIST=`chkconfig --list | awk '{print $1}' | sort | uniq`
+SERVICES_LIST=`get_services_list`
+echo SERVICES_LIST=$SERVICES_LIST >&2
 for S in $SERVICES_LIST; do
-    for L in `chkconfig $S --list | awk '{print $2 " " $3 " " $4 " " $5 " " $6 " " $7 " " $8}'`; do
+    echo looking at service $S >&2
+    for L in `get_service_runlevels $S`; do
 	LEVEL=`echo $L | awk -F : '{print $1}'`
 	STATE=`echo $L | awk -F : '{print $2}'`
 	cat<<EOF	
@@ -55,7 +59,7 @@ cat<<EOF
 EOF
 
 for S in $SERVICES_LIST; do
-    for L in `chkconfig $S --list | awk '{print $2 " " $3 " " $4 " " $5 " " $6 " " $7 " " $8}'`; do
+    for L in `get_service_runlevels $S`; do
 	LEVEL=`echo $L | awk -F : '{print $1}'`
 	STATE=`echo $L | awk -F : '{print $2}'`
 	
@@ -90,7 +94,7 @@ cat <<EOF
 EOF
 
 for S in $SERVICES_LIST; do
-    for L in `chkconfig $S --list | awk '{print $2 " " $3 " " $4 " " $5 " " $6 " " $7 " " $8}'`; do
+    for L in `get_service_runlevels $S`; do
 	LEVEL=`echo $L | awk -F : '{print $1}'`
 	STATE=`echo $L | awk -F : '{print $2}'`
 	echo "     <runlevel_object version=\"1\" id=\"oval:${S}-${LEVEL}-${STATE}:obj:1\" xmlns=\"http://oval.mitre.org/XMLSchema/oval-definitions-5#unix\">"
-- 
1.6.2.5

More information about the Open-scap-list mailing list