Integrate 'Permission settings' of atsec into openQA

Related: https://progress.opensuse.org/issues/111518
os-autoinst · May 25, 2022 · 97568e9 · 97568e9
1 parent ce7c10e
commit 97568e9
Show file tree

Hide file tree

Showing 2 changed files with 36 additions and 0 deletions.
diff --git a/schedule/security/atsec_tests.yaml b/schedule/security/atsec_tests.yaml
@@ -11,6 +11,7 @@ schedule:
     - security/atsec/dbus_fuzzer
     - security/atsec/syscall_thrasher
     - security/atsec/netlink_message
+    - security/atsec/permission_settings
 conditional_schedule:
     bootloader_zkvm:
         ARCH:

diff --git a/tests/security/atsec/permission_settings.pm b/tests/security/atsec/permission_settings.pm
@@ -0,0 +1,35 @@
+# SUSE's openQA tests
+#
+# Copyright 2022 SUSE LLC
+# SPDX-License-Identifier: FSFAP
+#
+# Summary: Run 'Permission settings of relevant configuration files' test case of ATSec test suite
+# Maintainer: xiaojing.liu <xiaojing.liu@suse.com>
+# Tags: poo#111518
+
+use base 'consoletest';
+use strict;
+use warnings;
+use testapi;
+use utils;
+
+sub run {
+    my ($self) = shift;
+
+    select_console 'root-console';
+
+    my $output = script_output('find -L /etc -perm -g+w,o+w');
+
+    # The expected result is all files found should be a softlink to /dev/null or /dev/random
+    foreach my $file (split('\n', $output)) {
+        my $file_detail = script_output("ll $file");
+        if ($file_detail !~ /$file\s+->\s+(\/dev\/null|\/dev\/random)/) {
+
+            # The file is not a softlink or doesn't link to expected device
+            record_info($file, $file_detail, result => 'fail');
+            $self->result('fail');
+        }
+    }
+}
+
+1;