Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

DO-NOT-MERGE: Debug moduletests #828

Draft
wants to merge 4 commits into
base: dev
Choose a base branch
from
Draft

DO-NOT-MERGE: Debug moduletests #828

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
52a4b0f
TMP: Enable command logging for tests that sometimes fail on Azure
jepio Dec 5, 2024
e854448
EnableAndStartDaemon: Return false if daemon is not started
jepio Dec 5, 2024
58d1e4b
Enable commandrunner/samples build on anything newer than ubuntu 14.04
jepio Dec 6, 2024
9534025
TMP: more debug output
jepio Dec 6, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
26 changes: 21 additions & 5 deletions src/common/asb/Asb.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2872,8 +2872,15 @@ static int RemediateEnsureDovecotCoreNotInstalled(char* value, void* log)
static int RemediateEnsureAuditdInstalled(char* value, void* log)
{
UNUSED(value);
return ((0 == InstallPackage(g_audit, log)) || (0 == InstallPackage(g_auditd, log)) ||
(0 == InstallPackage(g_auditLibs, log)) || (0 == InstallPackage(g_auditLibsDevel, log))) ? 0 : ENOENT;
int ret = 0;
bool state;
command_log_enable_save(state);
ret = ((0 == InstallPackage(g_audit, log)) || (0 == InstallPackage(g_auditd, log)) || (0 == InstallPackage(g_auditLibs, log)) ||
(0 == InstallPackage(g_auditLibsDevel, log))) ?
0 :
ENOENT;
command_log_disable_restore(state);
return ret;
}

static int RemediateEnsurePrelinkIsDisabled(char* value, void* log)
Expand All @@ -2891,15 +2898,23 @@ static int RemediateEnsureTalkClientIsNotInstalled(char* value, void* log)
static int RemediateEnsureCronServiceIsEnabled(char* value, void* log)
{
UNUSED(value);

return (((0 == InstallPackage(g_cron, log)) && EnableAndStartDaemon(g_cron, log)) ||
(((0 == InstallPackage(g_cronie, log)) && EnableAndStartDaemon(g_crond, log)))) ? 0 : ENOENT;
int ret = 0;
bool state;
command_log_enable_save(state);
ret = (((0 == InstallPackage(g_cron, log)) && EnableAndStartDaemon(g_cron, log)) ||
(((0 == InstallPackage(g_cronie, log)) && EnableAndStartDaemon(g_crond, log)))) ?
0 :
ENOENT;
command_log_disable_restore(state);
return ret;
}

static int RemediateEnsureAuditdServiceIsRunning(char* value, void* log)
{
int status = 0;
bool state;
UNUSED(value);
command_log_enable_save(state);
if ((0 != InstallPackage(g_audit, log)) && (0 != InstallPackage(g_auditd, log)) &&
(0 != InstallPackage(g_auditLibs, log)) && (0 != InstallPackage(g_auditLibsDevel, log)))
{
Expand All @@ -2911,6 +2926,7 @@ static int RemediateEnsureAuditdServiceIsRunning(char* value, void* log)
EnableAndStartDaemon(g_auditd, log);
status = CheckDaemonActive(g_auditd, NULL, log) ? 0 : ENOENT;
}
command_log_disable_restore(state);
return status;
}

Expand Down
15 changes: 13 additions & 2 deletions src/common/commonutils/CommonUtils.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -53,8 +53,19 @@ int RenameFile(const char* original, const char* target, void* log);

void SetCommandLogging(bool commandLogging);
bool IsCommandLoggingEnabled(void);

typedef int(*CommandCallback)(void* context);
#define command_log_enable_save(state) \
do \
{ \
state = IsCommandLoggingEnabled(); \
SetCommandLogging(true); \
} while (0)
#define command_log_disable_restore(state) \
do \
{ \
SetCommandLogging(state); \
} while (0)

typedef int (*CommandCallback)(void* context);

// If called from the main process thread the timeoutSeconds and callback arguments are ignored
int ExecuteCommand(void* context, const char* command, bool replaceEol, bool forJson, unsigned int maxTextResultBytes, unsigned int timeoutSeconds, char** textResult, CommandCallback callback, void* log);
Expand Down
5 changes: 4 additions & 1 deletion src/common/commonutils/DaemonUtils.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,7 @@ bool IsValidDaemonName(const char *name)
static int ExecuteSystemctlCommand(const char* command, const char* daemonName, void* log)
{
const char* commandTemplate = "systemctl %s %s";
char* textResult = NULL;
char* formattedCommand = NULL;
int result = 0;

Expand All @@ -56,7 +57,8 @@ static int ExecuteSystemctlCommand(const char* command, const char* daemonName,
return ENOMEM;
}

result = ExecuteCommand(NULL, formattedCommand, false, false, 0, 0, NULL, NULL, log);
result = ExecuteCommand(NULL, formattedCommand, false, false, 0, 0, &textResult, NULL, log);
FREE_MEMORY(textResult);
FREE_MEMORY(formattedCommand);
return result;
}
Expand Down Expand Up @@ -150,6 +152,7 @@ bool EnableAndStartDaemon(const char* daemonName, void* log)

if (false == IsDaemonActive(daemonName, log))
{
status = false;
if (EnableDaemon(daemonName, log) && StartDaemon(daemonName, log))
{
status = true;
Expand Down
23 changes: 18 additions & 5 deletions src/common/commonutils/PackageUtils.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -68,6 +68,7 @@ static void CheckPackageManagersPresence(void* log)
static int CheckOrInstallPackage(const char* commandTemplate, const char* packageManager, const char* packageName, void* log)
{
char* command = NULL;
char* textResult = NULL;
int status = ENOENT;

if ((NULL == commandTemplate) || (NULL == packageManager) || (NULL == packageName) || ((0 == strlen(packageName))))
Expand All @@ -82,10 +83,18 @@ static int CheckOrInstallPackage(const char* commandTemplate, const char* packag
return ENOMEM;
}

status = ExecuteCommand(NULL, command, false, false, 0, 0, NULL, NULL, log);
status = ExecuteCommand(NULL, command, false, false, 0, 0, &textResult, NULL, log);

OsConfigLogInfo(log, "Package manager '%s' command '%s' complete with %d (errno: %d)", packageManager, command, status, errno);

const char *pattern = "Could not get lock /var/lib/dpkg/lock-frontend";
if (textResult && strstr(textResult, pattern))
{
char *tmp = NULL;
ExecuteCommand(NULL, "ps faux", false, false, 0, 0, &tmp, NULL, log);
FREE_MEMORY(tmp);
}
FREE_MEMORY(textResult);
FREE_MEMORY(command);

return status;
Expand Down Expand Up @@ -183,7 +192,9 @@ int CheckPackageNotInstalled(const char* packageName, char** reason, void* log)

static int ExecuteSimplePackageCommand(const char* command, bool* executed, void* log)
{
char *textResult = NULL;
int status = 0;
bool state;

if ((NULL == command) || (NULL == executed))
{
Expand All @@ -195,8 +206,8 @@ static int ExecuteSimplePackageCommand(const char* command, bool* executed, void
{
return status;
}

if (0 == (status = ExecuteCommand(NULL, command, false, false, 0, 0, NULL, NULL, log)))
command_log_enable_save(state);
if (0 == (status = ExecuteCommand(NULL, command, false, false, 0, 0, &textResult, NULL, log)))
{
OsConfigLogInfo(log, "ExecuteSimplePackageCommand: '%s' was successful", command);
*executed = true;
Expand All @@ -206,6 +217,8 @@ static int ExecuteSimplePackageCommand(const char* command, bool* executed, void
OsConfigLogError(log, "ExecuteSimplePackageCommand: '%s' failed with %d (errno: %d)", command, status, errno);
*executed = false;
}
FREE_MEMORY(textResult);
command_log_disable_restore(state);

return status;
}
Expand Down Expand Up @@ -347,4 +360,4 @@ int UninstallPackage(const char* packageName, void* log)
}

return status;
}
}
11 changes: 5 additions & 6 deletions src/modules/CMakeLists.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -54,20 +54,19 @@ function(add_module directory)
)
endfunction()

# Special Ubuntu 14/GNU 4.8 C compiler build configuration for the Security Baseline module
if (CMAKE_C_COMPILER_ID STREQUAL "GNU" AND CMAKE_C_COMPILER_VERSION VERSION_GREATER "4.9")
# CommandRunner cannot be built with gcc 4.8.5 default on RHEL 7, CentOS 7
# and Oracle Linux 7, because of rapidjson (we need to switch to parson)
if (CMAKE_C_COMPILER_ID STREQUAL "GNU" AND CMAKE_C_COMPILER_VERSION VERSION_GREATER "4.8.4")
# these require rapidjson which we don't include in ubuntu 14.04 build container
add_module(commandrunner)
# Same for the C++ sample module
if (BUILD_SAMPLES)
add_subdirectory(samples/cpp)
add_subdirectory(samples/cpp)
endif()
endif()

add_module(securitybaseline)
add_module(configuration)
add_module(deviceinfo)

if (BUILD_MODULETEST)
add_subdirectory(test)
endif()
endif()
Loading