From 3a9b6c44c37d87ab0b9502b8e5c2ca62a3eb3a6a Mon Sep 17 00:00:00 2001 From: Vojtech Polasek Date: Tue, 3 Sep 2024 11:57:09 +0200 Subject: [PATCH] modify template of audit_login_events --- .../shared/audit_rules_login_events/auditctl_correct.pass.sh | 4 +++- .../auditctl_correct_extra_permission.pass.sh | 4 +++- .../auditctl_correct_without_key.pass.sh | 4 +++- .../auditctl_remove_all_rules.fail.sh | 4 +++- .../audit_rules_login_events/auditctl_wrong_rule.fail.sh | 4 +++- .../auditctl_wrong_rule_without_key.fail.sh | 4 +++- 6 files changed, 18 insertions(+), 6 deletions(-) diff --git a/tests/shared/audit_rules_login_events/auditctl_correct.pass.sh b/tests/shared/audit_rules_login_events/auditctl_correct.pass.sh index f160683014eb..c1a76f0bdbaa 100644 --- a/tests/shared/audit_rules_login_events/auditctl_correct.pass.sh +++ b/tests/shared/audit_rules_login_events/auditctl_correct.pass.sh @@ -1,5 +1,7 @@ #!/bin/bash # packages = audit +. $SHARED/auditd_utils.sh + echo "-w $path -p wa -k logins" >> /etc/audit/audit.rules -sed -i "s%^ExecStartPost=.*%ExecStartPost=-/sbin/auditctl%" /usr/lib/systemd/system/auditd.service +setup_auditctl_environment diff --git a/tests/shared/audit_rules_login_events/auditctl_correct_extra_permission.pass.sh b/tests/shared/audit_rules_login_events/auditctl_correct_extra_permission.pass.sh index 7491cad1c0ac..23a699b9a81e 100644 --- a/tests/shared/audit_rules_login_events/auditctl_correct_extra_permission.pass.sh +++ b/tests/shared/audit_rules_login_events/auditctl_correct_extra_permission.pass.sh @@ -1,5 +1,7 @@ #!/bin/bash # packages = audit +. $SHARED/auditd_utils.sh + echo "-w $path -p wra -k logins" >> /etc/audit/audit.rules -sed -i "s%^ExecStartPost=.*%ExecStartPost=-/sbin/auditctl%" /usr/lib/systemd/system/auditd.service +setup_auditctl_environment diff --git a/tests/shared/audit_rules_login_events/auditctl_correct_without_key.pass.sh b/tests/shared/audit_rules_login_events/auditctl_correct_without_key.pass.sh index aa2849694ebb..91e241ea97cf 100644 --- a/tests/shared/audit_rules_login_events/auditctl_correct_without_key.pass.sh +++ b/tests/shared/audit_rules_login_events/auditctl_correct_without_key.pass.sh @@ -1,5 +1,7 @@ #!/bin/bash # packages = audit +. $SHARED/auditd_utils.sh + echo "-w $path -p wa" >> /etc/audit/audit.rules -sed -i "s%^ExecStartPost=.*%ExecStartPost=-/sbin/auditctl%" /usr/lib/systemd/system/auditd.service +setup_auditctl_environment diff --git a/tests/shared/audit_rules_login_events/auditctl_remove_all_rules.fail.sh b/tests/shared/audit_rules_login_events/auditctl_remove_all_rules.fail.sh index 9e56056a5291..cfa5638bf119 100644 --- a/tests/shared/audit_rules_login_events/auditctl_remove_all_rules.fail.sh +++ b/tests/shared/audit_rules_login_events/auditctl_remove_all_rules.fail.sh @@ -1,5 +1,7 @@ #!/bin/bash # packages = audit +. $SHARED/auditd_utils.sh + rm -f /etc/audit/audit.rules -sed -i "s%^ExecStartPost=.*%ExecStartPost=-/sbin/auditctl%" /usr/lib/systemd/system/auditd.service +setup_auditctl_environment diff --git a/tests/shared/audit_rules_login_events/auditctl_wrong_rule.fail.sh b/tests/shared/audit_rules_login_events/auditctl_wrong_rule.fail.sh index f083a596aa1d..16f127992fa0 100644 --- a/tests/shared/audit_rules_login_events/auditctl_wrong_rule.fail.sh +++ b/tests/shared/audit_rules_login_events/auditctl_wrong_rule.fail.sh @@ -1,5 +1,7 @@ #!/bin/bash # packages = audit +. $SHARED/auditd_utils.sh + echo "-w $path -p w -k logins" >> /etc/audit/audit.rules -sed -i "s%^ExecStartPost=.*%ExecStartPost=-/sbin/auditctl%" /usr/lib/systemd/system/auditd.service +setup_auditctl_environment diff --git a/tests/shared/audit_rules_login_events/auditctl_wrong_rule_without_key.fail.sh b/tests/shared/audit_rules_login_events/auditctl_wrong_rule_without_key.fail.sh index f431370558cd..2492b2cc7749 100644 --- a/tests/shared/audit_rules_login_events/auditctl_wrong_rule_without_key.fail.sh +++ b/tests/shared/audit_rules_login_events/auditctl_wrong_rule_without_key.fail.sh @@ -1,5 +1,7 @@ #!/bin/bash # packages = audit +. $SHARED/auditd_utils.sh + echo "-w $path -p w" >> /etc/audit/audit.rules -sed -i "s%^ExecStartPost=.*%ExecStartPost=-/sbin/auditctl%" /usr/lib/systemd/system/auditd.service +setup_auditctl_environment