[PATCH] Added remediate verbose mode. Moved some previous output strings into verbose-only output.
by Francisco Slavin
---
src/bin/secstate | 4 +++-
src/secstate/main.py | 13 +++++--------
src/secstate/util.py | 1 -
3 files changed, 8 insertions(+), 10 deletions(-)
diff --git a/src/bin/secstate b/src/bin/secstate
index 377d69b..13828a9 100644
--- a/src/bin/secstate
+++ b/src/bin/secstate
@@ -185,12 +185,14 @@ def remediate(arguments):
help='Run puppet in noop mode')
parser.add_option('-p', '--profile', action='store', type='string', dest='profile',
default=None, help="Specifies the profile to use when auditing the system")
+ parser.add_option('-v', '--verbose', action='store_false', dest='verbose', help="Prints out extra information during the remediate process")
options, args = parser.parse_args(arguments)
kwargs = {}
kwargs['args'] = args
-
+ kwargs['verbose'] = options.verbose
+
if not options.puppet_lib:
sys.stderr.write('Error: You must specify a puppet library to use.\n')
return -1
diff --git a/src/secstate/main.py b/src/secstate/main.py
index afbda10..7944367 100644
--- a/src/secstate/main.py
+++ b/src/secstate/main.py
@@ -841,7 +841,7 @@ class Secstate:
return passing_ids
- def remediate_puppet(self, args, puppet_lib=None, xccdf_results=None, log_dest=None, noop=False):
+ def remediate_puppet(self, args, puppet_lib=None, xccdf_results=None, log_dest=None, noop=False, verbose=False):
if puppet_lib == None:
self.log.error('Error: Puppet Library: %s' % puppet_lib)
return False
@@ -861,9 +861,7 @@ class Secstate:
for key in benchmark.selections:
if benchmark.selections[key] == False:
ignore_ids.append(key)
- print "ignore ids pre addition: %s" % ignore_ids
ignore_ids += passing_ids
- print "ignore ids post addition: %s" % ignore_ids
puppet_content = parse_puppet_fixes(benchmark, ignore_ids)
except SecstateException, se:
sys.stderr.write('Error: %s\n' % str(se))
@@ -871,12 +869,10 @@ class Secstate:
if (puppet_content["classes"] == []) and (puppet_content["parameters"] == {}):
sys.stderr.write("No remediation to be done.\n")
-# if verbose:
- # sys.stderr.write("Either results XCCDF did not report any failurse, or failures reported did not have a well formed <fix> element in the corresponding XCCDF benchmark.\n")
+ if verbose:
+ sys.stderr.write("Either results XCCDF did not report any failurse, or failures reported did not have a well formed <fix> element in the corresponding XCCDF benchmark.\n")
else:
- print "PUPPET CONTENT: %s" % dir(puppet_content)
-
handle, fname = tempfile.mkstemp(suffix='.yaml')
os.write(handle, template % dict_to_external(puppet_content))
os.close(handle)
@@ -885,7 +881,8 @@ class Secstate:
puppet_args.append('--noop')
if log_dest:
puppet_args.extend(['-l', log_dest])
+ if verbose:
+ puppet_args.append('--verbose')
subprocess.call(puppet_args)
- print "post-puppet: %s" % puppet_args
os.unlink(fname)
diff --git a/src/secstate/util.py b/src/secstate/util.py
index c1795c4..eb3ca7d 100644
--- a/src/secstate/util.py
+++ b/src/secstate/util.py
@@ -447,7 +447,6 @@ def parse_puppet_fixes(benchmark, ignore_ids=[]):
return all_puppet
def dict_to_external(puppet_dict):
- print "puppet dict: %s" % puppet_dict
content = ['---','classes:']
for item in puppet_dict['classes']:
content.append(' - %s' % item)
--
1.7.2
13 years, 9 months
[PATCH] Make remediation honor profile. Selections/deselections in profile are reflected in which content gets remediated.
by Francisco Slavin
---
src/secstate/main.py | 17 ++++++++++++++++-
1 files changed, 16 insertions(+), 1 deletions(-)
diff --git a/src/secstate/main.py b/src/secstate/main.py
index 6281724..afbda10 100644
--- a/src/secstate/main.py
+++ b/src/secstate/main.py
@@ -857,11 +857,26 @@ class Secstate:
self.log.error("Error importing content: %s" % arg)
return False
try:
- puppet_content = parse_puppet_fixes(benchmark, passing_ids)
+ ignore_ids = []
+ for key in benchmark.selections:
+ if benchmark.selections[key] == False:
+ ignore_ids.append(key)
+ print "ignore ids pre addition: %s" % ignore_ids
+ ignore_ids += passing_ids
+ print "ignore ids post addition: %s" % ignore_ids
+ puppet_content = parse_puppet_fixes(benchmark, ignore_ids)
except SecstateException, se:
sys.stderr.write('Error: %s\n' % str(se))
return False
+
+ if (puppet_content["classes"] == []) and (puppet_content["parameters"] == {}):
+ sys.stderr.write("No remediation to be done.\n")
+# if verbose:
+ # sys.stderr.write("Either results XCCDF did not report any failurse, or failures reported did not have a well formed <fix> element in the corresponding XCCDF benchmark.\n")
+
else:
+ print "PUPPET CONTENT: %s" % dir(puppet_content)
+
handle, fname = tempfile.mkstemp(suffix='.yaml')
os.write(handle, template % dict_to_external(puppet_content))
os.close(handle)
--
1.7.2
13 years, 9 months
[PATCH] Added the ability to remediate without a previous import. Changed the puppet manifest flag from -p to -r. Updated some error reporting.
by Francisco Slavin
---
src/bin/secstate | 29 +++++++++++++----------------
src/secstate/main.py | 22 ++++++++++++----------
src/secstate/util.py | 1 +
3 files changed, 26 insertions(+), 26 deletions(-)
diff --git a/src/bin/secstate b/src/bin/secstate
index 7e82901..377d69b 100644
--- a/src/bin/secstate
+++ b/src/bin/secstate
@@ -155,7 +155,7 @@ def select(arguments, value):
return -1
def audit(arguments):
- parser = OptionParser(usage="secstate audit [options] <benchmark>")
+ parser = OptionParser(usage="secstate audit [options] [benchmark]")
parser.add_option('-i', '--interpreter', action='store', type='string', dest='interpreter',
default=sec_instance.config.get('secstate', 'oval_interpreter'),
help="Specifies the interpreter to use when auditing the system")
@@ -174,8 +174,8 @@ def audit(arguments):
return -1
def remediate(arguments):
- parser = OptionParser(usage="secstate remediate [options] <benchmark>")
- parser.add_option('-p', '--puppet-library', action='store', type='string', dest='puppet_lib', metavar='FILE',
+ parser = OptionParser(usage="secstate remediate [options] [benchmark]")
+ parser.add_option('-r', '--remediation-puppet', action='store', type='string', dest='puppet_lib', metavar='FILE',
help='Specifies a single puppet file to import for using with the xccdf puppet fixes')
parser.add_option('-x', '--xccdf-results', action='store', type='string', dest='xccdf_results', metavar='FILE',
help='XCCDF results file to provide for selective remediation')
@@ -183,37 +183,34 @@ def remediate(arguments):
help='Output logs to FILE instead of stdout')
parser.add_option('-n', '--noop', action='store_true', dest='noop', default=False,
help='Run puppet in noop mode')
+ parser.add_option('-p', '--profile', action='store', type='string', dest='profile',
+ default=None, help="Specifies the profile to use when auditing the system")
options, args = parser.parse_args(arguments)
kwargs = {}
+
+ kwargs['args'] = args
if not options.puppet_lib:
sys.stderr.write('Error: You must specify a puppet library to use.\n')
return -1
elif not os.path.exists(options.puppet_lib):
- sys.stderr.write('Error: No such file or directory : %s\n' % options.puppet_lib)
+ sys.stderr.write('Error: Specified puppet library does not exist : %s\n' % options.puppet_lib)
return -1
else:
kwargs['puppet_lib'] = options.puppet_lib
- if options.log_dest and not os.path.exists(os.path.split(options.log_dest)[0]):
- sys.stderr.write('Error: No such file or directory : %s\n' % os.path.split(options.log_dest)[0])
- return -1
- elif options.log_dest:
- kwargs['log_dest'] = os.path.abspath(options.log_dest)
+ if options.log_dest and not os.path.exists(options.log_dest):
+ LOG_FILE = open(options.log_dest, "w")
+ LOG_FILE.close()
+ kwargs['log_dest'] = os.path.abspath(options.log_dest)
if options.xccdf_results and not os.path.exists(options.xccdf_results):
- sys.stderr.write('Error: No such file or directory : %s\n' % xccdf_results)
+ sys.stderr.write('Error: XCCDF results file does not exist : %s\n' % options.xccdf_results)
return -1
elif options.xccdf_results:
kwargs['xccdf_results'] = options.xccdf_results
- if len(args) < 1:
- sys.stderr.write('Error: Must provide a benchmark id\n')
- return -1
- else:
- kwargs['bench_id'] = args[0]
-
kwargs['noop'] = options.noop
if not sec_instance.remediate_puppet(**kwargs):
diff --git a/src/secstate/main.py b/src/secstate/main.py
index ce3c3fe..6281724 100644
--- a/src/secstate/main.py
+++ b/src/secstate/main.py
@@ -841,16 +841,20 @@ class Secstate:
return passing_ids
- def remediate_puppet(self, bench_id=None, puppet_lib=None, xccdf_results=None, log_dest=None, noop=False):
- if bench_id == None or puppet_lib == None:
- self.log.error('Error: Invalid Benchmark ID or Puppet Library')
+ def remediate_puppet(self, args, puppet_lib=None, xccdf_results=None, log_dest=None, noop=False):
+ if puppet_lib == None:
+ self.log.error('Error: Puppet Library: %s' % puppet_lib)
return False
passing_ids = self.get_passed_result_ids(xccdf_results)
template = '%s\n'
- if self.content.has_key(bench_id):
- (benchmark, tmp_model) = self.import_content(bench_id)
+
+ if args == []:
+ args = self.content.keys()
+
+ for arg in args:
+ (benchmark, tmp_model) = self.import_content(arg)
if not benchmark:
- self.log.error("Benchmark was None")
+ self.log.error("Error importing content: %s" % arg)
return False
try:
puppet_content = parse_puppet_fixes(benchmark, passing_ids)
@@ -867,8 +871,6 @@ class Secstate:
if log_dest:
puppet_args.extend(['-l', log_dest])
subprocess.call(puppet_args)
+ print "post-puppet: %s" % puppet_args
os.unlink(fname)
- else:
- self.log.error("Could not find %(benchmark)s in database" % {'benchmark':bench_id})
- return False
-
+
diff --git a/src/secstate/util.py b/src/secstate/util.py
index eb3ca7d..c1795c4 100644
--- a/src/secstate/util.py
+++ b/src/secstate/util.py
@@ -447,6 +447,7 @@ def parse_puppet_fixes(benchmark, ignore_ids=[]):
return all_puppet
def dict_to_external(puppet_dict):
+ print "puppet dict: %s" % puppet_dict
content = ['---','classes:']
for item in puppet_dict['classes']:
content.append(' - %s' % item)
--
1.7.2
13 years, 9 months
[PATCH 3/3] tests that have dependencies which in turn have dependecies can run without leaving uncleaned chroots (using lazy umount instead of regular umount)
by Chris Smith
---
testing/harness/secstate_harness/chroot.py | 3 +-
testing/harness/secstate_harness/testcase.py | 135 ++++++++++++++------------
2 files changed, 73 insertions(+), 65 deletions(-)
diff --git a/testing/harness/secstate_harness/chroot.py b/testing/harness/secstate_harness/chroot.py
index 7bcfaf5..103b133 100755
--- a/testing/harness/secstate_harness/chroot.py
+++ b/testing/harness/secstate_harness/chroot.py
@@ -228,7 +228,8 @@ class Chroot:
#if os.path.ismount(mount):
#dont care if we are bind mounting a directory on a filesystem into the Chroot
#which is located on the same filesystem, always do the unmount
- subprocess.call(["/bin/umount",mount])
+ #subprocess.call(["/bin/umount",mount])
+ subprocess.call(["/bin/umount", "-l", mount])
shutil.rmtree(self.chroot_path)
self.chroot_populated = False
diff --git a/testing/harness/secstate_harness/testcase.py b/testing/harness/secstate_harness/testcase.py
index f994622..06ba68f 100644
--- a/testing/harness/secstate_harness/testcase.py
+++ b/testing/harness/secstate_harness/testcase.py
@@ -31,7 +31,7 @@ def join(lst):
return ''.join(lst)
class Command:
- results_template = 'Command %(command_name)s Results:\n%(rc_results)s%(stdout_results)s%(stderr_results)sCommand Completed Successfully: %(success)s\n'
+ results_template = 'Command %(command_name)s Results:\n%(rc_results)s%(stdout_results)s%(stderr_results)s\n\tCommand Completed Successfully: %(success)s'
rc_results = 'Expected RC : %(expected)s, Actual RC : %(actual)s'
stdout_results = 'Expected STDOUT :\n%(expected)s\nActual STDOUT :\n%(actual)s\n'
stderr_results = 'Expected STDERR :\n%(expected)s\nActual STDERR :\n%(actual)s\n'
@@ -53,7 +53,8 @@ class Command:
self.command_path = os.path.join(commands_dir, '%s.cmd' % self.command_name)
if not os.path.exists(self.command_path):
- raise Exception('Error: Command Not Valid: %s.cmd does not exist in %s' % (self.command_name, self.command_path))
+ print 'Error: Command Not Valid: %s.cmd does not exist in %s' % (self.command_name, self.command_path)
+ sys.exit(0)
self.rc_path = os.path.join(commands_dir, '%s.rc' % self.command_name)
self.stdout_path = os.path.join(commands_dir, '%s.stdout' % self.command_name)
@@ -72,24 +73,20 @@ class Command:
def cache_rc(self):
rc_file = open(self.rc_path, 'r')
- self.expected_rc = int(rc_file.readline().strip('\n'))
+ self.expected_rc = rc_file.readline().strip('\n')
rc_file.close()
def cache_stdout(self):
if self.stdout_exists:
stdout = open(self.stdout_path)
- self.expected_stdout = [line.rstrip('\n') for line in stdout.readlines()]
+ self.expected_stdout = stdout.readlines()
stdout.close()
- if not self.expected_stdout:
- self.expected_stdout = ['']
def cache_stderr(self):
if self.stderr_exists:
stderr = open(self.stderr_path)
- self.expected_stderr = [line.rstrip('\n') for line in stderr.readlines()]
+ self.expected_stderr = stderr.readlines()
stderr.close()
- if not self.expected_stderr:
- self.expected_stderr = ['']
def execute(self, chroot):
if not self.cmd_args:
@@ -120,12 +117,12 @@ class Command:
return False
elif not self.expected_stdout:
self.cache_stdout()
-
- return self.stdout != self.expected_stdout
+
+ return self.stdout == self.expected_stdout
def stdout_differ_string(self):
if self.does_stdout_differ():
- return self.stdout_results % {'expected' : '\n'.join(tab(self.expected_stdout)), 'actual' : '\n'.join(tab(self.stdout))}
+ return self.stdout_results % {'expected' : join(tab(self.expected_stdout)), 'actual' : join(tab(self.stdout))}
else:
return ''
@@ -136,11 +133,12 @@ class Command:
return False
elif not self.expected_stderr:
self.cache_stderr()
- return self.stderr != self.expected_stderr
+ return self.stderr == self.expected_stderr
+
def stderr_differ_string(self):
if self.does_stderr_differ():
- return self.stderr_results % { 'expected' : '\n'.join(tab(self.expected_stderr)), 'actual' : '\n'.join(tab(self.stderr))}
+ return self.stderr_results % { 'expected' : tab(self.expected_stderr), 'actual' : tab(self.stderr)}
else:
return ''
@@ -151,7 +149,7 @@ class Command:
return False
elif not self.expected_rc:
self.cache_rc()
- return self.rc != self.expected_rc
+ return self.rc == self.expected_rc
def rc_differ_string(self):
if self.does_rc_differ():
@@ -161,9 +159,9 @@ class Command:
def get_results_string(self):
rep = { 'command_name' : self.command_name,
- 'rc_results' : (join(tab([self.rc_differ_string()])) + '\n') if self.does_rc_differ() else join(tab(['Expected RC matches Actual RC\n'])),
- 'stdout_results' : ('\n'.join(tab(self.stdout_differ_string().split('\n'))) + '\n') if self.does_stdout_differ() else join(tab(['Expect STDOUT matches Actual STDOUT\n'])),
- 'stderr_results' : ('\n'.join(tab(self.stderr_differ_string().split('\n'))) + '\n') if self.does_stderr_differ() else join(tab(['Expect STDERR matches Actual STDERR\n'])),
+ 'rc_results' : self.rc_differ_string() + '\n' if self.rc_differ_string() else '',
+ 'stdout_results' : join(tab(self.stdout_differ_string().split('\n'))) + '\n' if self.rc_differ_string() else '',
+ 'stderr_results' : '%s\n' % join(tab(self.stderr_differ_string().split('\n'))) + '\n' if self.rc_differ_string() else '',
'success' : not (self.does_rc_differ() or self.does_stdout_differ() or self.does_stderr_differ())}
return self.results_template % rep
@@ -210,7 +208,15 @@ class TestCase:
else:
try:
if line.strip() != '':
- self.manifest[cmd_type].append(Command(self.commands_dir, line))
+ if cmd_type == 0:
+ required_test_dir = line
+ rtc = TestCase(required_test_dir, self.chroot)
+ #rtc = TestCase(required_test_dir)
+ self.manifest[cmd_type].append(rtc)
+ elif cmd_type == 1:
+ self.manifest[cmd_type].append(Command(self.commands_dir, line))
+ else:
+ self.manifest[cmd_type].append(Command(self.commands_dir, line))
except Exception, e:
self.parse_errors = True
sys.stderr.write('%s\n' % str(e))
@@ -236,63 +242,63 @@ class TestCase:
shutil.copy2(fpath, os.path.join(chroot_dir, basename))
def check_output_files(self):
- rc = True
- expected = 'Expected File Contents:\n%s'
- actual = 'Actual File Contents:\n%s'
- fdiffer = 'Output File %(oname)s differs:\n%(expected)s\n%(actual)s\n'
- output_path = os.path.join(self.files_dir, 'output')
- for root,dirs,files in os.walk(output_path):
- for file in files:
- opath = os.path.join(root, file)
- dirname = re.sub(r'^%s(.*)' % re.escape(output_path), r'\1', root).lstrip(os.path.sep)
- cpath = os.path.join(self.chroot, dirname, file)
-
- ofile = open(opath)
- otext = ofile.readlines()
- ofile.close()
-
- cfile = open(cpath)
- ctext = cfile.readlines()
- cfile.close()
-
- if otext != ctext:
- rc = False
- etext = '\n'.join(tab((expected % join(tab(otext))).split('\n')))
- atext = '\n'.join(tab((actual % join(tab(ctext))).split('\n')))
- dtext = fdiffer % {'oname' : os.path.join(dirname,file), 'expected' : etext, 'actual' : atext}
- sys.stdout.write('\n'.join(tab(dtext.rstrip('\n').split('\n'))) + '\n')
- if rc:
- sys.stdout.write('\n'.join(tab(['All Output Files matched expected output'])) + '\n\n')
- return rc
+ rc = True
+ expected = 'Expected File Contents:\n%s'
+ actual = 'Actual File Contents:\n%s'
+ fdiffer = 'Output File %(oname)s differs:\n%(expected)s\n%(actual)s\n'
+ output_path = os.path.join(self.files_dir, 'output')
+ for root,dirs,files in os.walk(output_path):
+ for file in files:
+ opath = os.path.join(root, file)
+ dirname = re.sub(r'^%s(.*)' % re.escape(output_path), r'\1', root).lstrip(os.path.sep)
+ cpath = os.path.join(self.chroot, dirname, file)
+
+ ofile = open(opath)
+ otext = ofile.readlines()
+ ofile.close()
+
+ cfile = open(cpath)
+ ctext = cfile.readlines()
+ cfile.close()
+
+ if otext != ctext:
+ rc = False
+ etext = '\n'.join(tab((expected % join(tab(otext))).split('\n')))
+ atext = '\n'.join(tab((actual % join(tab(ctext))).split('\n')))
+ dtext = fdiffer % {'oname' : os.path.join(dirname,file), 'expected' : etext, 'actual' : atext}
+ sys.stdout.write('\n'.join(tab(dtext.rstrip('\n').split('\n'))) + '\n')
+ if rc:
+ sys.stdout.write('\n'.join(tab(['All Output Files matched expected output'])) + '\n\n')
+ return rc
+ pass
def run_test(self):
- sys.stdout.write('Test %s:\n' % self.test_name)
+ #sys.stdout.write('Test %s:\n' % self.test_name)
+ sys.stdout.write('Test %s:\n' % self.path)
rc = self.__run_requires()
if rc:
rc = self.__run_tests()
if rc:
rc = self.__run_verification()
if rc:
- rc = self.check_output_files()
- if rc:
- sys.stdout.write('Test %s Completed Successfully: True\n' % self.test_name)
- return True
+ sys.stdout.write('Test %s Completed Successfully: True\n\n' % self.test_name)
+ return True
sys.stdout.write('Test %s Completed Successfully: False\n' % self.test_name)
return False
def __run_requires(self):
if not self.manifest[self.REQUIRES_SECTION]:
return True
-
- sys.stdout.write(join(tab(['Requires Section:\n'])))
+
+ testName = self.path[:-1]
+ sys.stdout.write(join(tab(['Requires Section - for test %s:\n' % (testName)])))
cmds_ok = True
- for cmd in self.manifest[self.REQUIRES_SECTION]:
- cmd.execute(self.chroot)
- if cmd.does_rc_differ() or cmd.does_stdout_differ() or cmd.does_stderr_differ():
- cmds_ok = False
+ for required_test_dir in self.manifest[self.REQUIRES_SECTION]:
+ sys.stdout.write(join(tab(['Required test = %s\n\n' % (required_test_dir.path)])))
+ #required_test_dir.__run_tests()
+ required_test_dir.run_test()
+ sys.stdout.write(join(tab(['Requires Section - for test %s:\n' % (testName)])))
- sys.stdout.write('%s\n' % '\n'.join(tab(cmd.get_results_string().split('\n'), num_tabs=2)))
-
if not cmds_ok:
break
@@ -300,14 +306,15 @@ class TestCase:
return cmds_ok
def __run_tests(self):
- sys.stdout.write(join(tab(['Tests Section:\n'])))
+ testName = self.path
+ sys.stdout.write(join(tab(['Tests Section - %s\n' % (testName)])))
cmds_ok = True
for cmd in self.manifest[self.TEST_SECTION]:
cmd.execute(self.chroot)
if cmd.does_rc_differ() or cmd.does_stdout_differ() or cmd.does_stderr_differ():
cmds_ok = False
- sys.stdout.write('%s\n' % '\n'.join(tab(cmd.get_results_string().split('\n'), num_tabs=2)))
+ sys.stdout.write('%s\n\n' % '\n'.join(tab(cmd.get_results_string().split('\n'), num_tabs=2)))
if not cmds_ok:
break
@@ -325,11 +332,11 @@ class TestCase:
if cmd.does_rc_differ() or cmd.does_stdout_differ() or cmd.does_stderr_differ():
cmds_ok = False
- sys.stdout.write('%s\n' % '\n'.join(tab(cmd.get_results_string().split('\n'), num_tabs=2)))
+ sys.stdout.write('%s\n\n' % '\n'.join(tab(cmd.get_results_string().split('\n'), num_tabs=2)))
if not cmds_ok:
break
- sys.stdout.write(join(tab(['Verification Section Completed Successfully: %s\n\n' % str(cmds_ok)])))
+ sys.stdout.write(join(tab(['Verification Section Completed Successfully: %s\n' % str(cmds_ok)])))
return cmds_ok
--
1.7.2
13 years, 9 months
[PATCH] Add usage documentation to test harness ; display usage when run with no arguments instead of barfing
by Francisco Slavin
---
testing/harness/run_tests.py | 6 +++++-
1 files changed, 5 insertions(+), 1 deletions(-)
diff --git a/testing/harness/run_tests.py b/testing/harness/run_tests.py
index d9a261a..70eac74 100755
--- a/testing/harness/run_tests.py
+++ b/testing/harness/run_tests.py
@@ -40,11 +40,15 @@ binary_deps = ['/usr/bin/python', '/usr/bin/ruby', '/usr/lib64/libopenscap.so.0'
file_deps = ['/usr/bin/puppet', '/usr/bin/secstate']
def main():
- parser = optparse.OptionParser()
+ usage = '''%prog [options] TEST_PATH1 [TEST_PATH2 [TEST_PATH3 [...]]]'''
+ parser = optparse.OptionParser(usage=usage)
parser.add_option('-c', '--chroot', dest='chroot', help='Path where to create the chroot (cannot exist yet)')
parser.add_option('-v', '--verbose', dest='verbose', action='store_true', default=False, help='Print extra info such as generated dependencies')
#parser.add_option('-f', '--force', dest='force', action='store_true', default=False, help='Force running of all commands even when one fails')
options, args = parser.parse_args()
+
+ if not args:
+ parser.error("Requires at least one path to a test")
try:
chroot = Chroot(options.chroot, bind_mount_deps, dir_deps, binary_deps, file_deps)
--
1.7.2
13 years, 9 months
[PATCH] Updated usage test expected output to match updated secstate usage message
by Francisco Slavin
---
testing/tests/usage/commands/no_args.stderr | 4 ++++
1 files changed, 4 insertions(+), 0 deletions(-)
diff --git a/testing/tests/usage/commands/no_args.stderr b/testing/tests/usage/commands/no_args.stderr
index c2d5782..d0651b7 100644
--- a/testing/tests/usage/commands/no_args.stderr
+++ b/testing/tests/usage/commands/no_args.stderr
@@ -2,10 +2,14 @@
/usr/bin/secstate <sub-command> [options] <target>
Sub-commands:
import -- Validates and imports a benchmark and its associated oval into the system
+ remove -- Removes content that had been added via the 'import' command
+ export -- Exports imported content along with any changes that have been made
select -- Sets a portion of the benchmark (group/rule) to be selected
deselect -- Sets a portion of the benchmark (group/rule) to be deselected
+ save -- Saves changes made to the current benchmark to a named profile
list -- List the imported benchmarks
show -- Shows the information associated with a group, rule, or definition id
search -- Search through imported content
remediate -- FIXME -- Remediate issues.
audit -- Audit the local system based the specified benchmark
+
--
1.7.2
13 years, 9 months