baco/born2beroot
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Add more tests and add ssh sudo script

Browse Source
This commit is contained in:
gbaconni
2021-11-08 17:58:25 +01:00
parent b0efcdc5a3
commit 7b898eb0a7
3 changed files with 85 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
Makefile
View File

@@ -6,7 +6,7 @@
# By: gbaconni@student.42lausanne.ch +#+ +:+ +#+ #
# +#+#+#+#+#+ +#+ #
# Created: 2021/11/02 17:47:57 by gbaconni #+# #+# #
# Updated: 2021/11/08 06:09:29 by gbaconni ### lausanne.ch #
# Updated: 2021/11/08 15:13:14 by gbaconni ### ########.fr #
# #
# **************************************************************************** #
@@ -29,6 +29,14 @@ virtualbox:
@test -L ~/VirtualBox\ VMs || ln -snf ~/goinfre/VirtualBox\ VMs ~/VirtualBox\ VMs
@echo /Applications/VirtualBox.app/Contents/MacOS/VBoxManage createmedium disk --filename ~/goinfre/VirtualBox\\ VMs/$$(basename ~)42/$$(basename ~)42.vdi --size $$(($(SSD)*1024)) --format VDI
signature:
ifeq ($(KERNEL),Darwin)
@shasum ~/goinfre/VirtualBox\ VMs/$$(basename ~)42/$$(basename ~)42.vdi | cut -d' ' -f1
endif
ifeq ($(KERNEL),Linux)
@sha1sum ~/goinfre/VirtualBox\ VMs/$$(basename ~)42/$$(basename ~)42.vdi | cut -d' ' -f1
endif
data:
ifeq ($(FT),yes)
@test -d ~/goinfre/born2beroot || install -d ~/goinfre/born2beroot

11
ssh_sudo.exp Executable file
View File

@@ -0,0 +1,11 @@
#!/usr/bin/expect --
set timeout -1
set send_human {.05 0.1 1 .07 1.5}
eval spawn ssh -t -o StrictHostKeyChecking=no -o PreferredAuthentications=password -o PubkeyAuthentication=no $argv
match_max 100000
expect "*?assword:*"
send -- "$env(SSHPASS)\r"
send -- "\r"
expect "*?assword for*"
send -- "$env(SSHPASS)\r"
interact

66
test.sh
View File

@@ -18,6 +18,19 @@ ssh_exec ()
| grep -v -i -e '^Warning: Permanently added' -e ' password:' -e '^spawn ssh'
}
ssh_sudo ()
{
port=${1-4242}
shift
login=${1-marvin}
shift
pass=${1-Born2beRoot}
shift
export SSHPASS="${pass}"
./ssh_sudo.exp -p ${port} ${login}@127.0.0.1 sudo $@ 2>&1 \
| grep -v -i -e '^Warning: Permanently added' -e 'password' -e '^spawn ssh' -e 'Connection to'
}
main ()
{
port=${1-4242}
@@ -33,16 +46,32 @@ main ()
then
pass="Born2beRoot"
fi
echo ""
ssh_clean
if ssh_exec ${port} ${login} ${pass} hostname -s | grep -q "^${login}42"
then
echo "OK: hostname is ${login}42"
echo "OK: Hostname is ${login}42"
else
echo "KO: Unexpected hostname (should be ${login}42)"
fi
if ssh_exec ${port} ${login} ${pass} cat /etc/os-release | grep -q -i -E "(CentOS|Debian)"
then
echo "OK: Debian or CentOS installed"
else
echo "KO: Unknown Linux distribution"
fi
if ssh_exec ${port} ${login} ${pass} /usr/sbin/aa-status | grep -q -i -E "apparmor module is loaded" \
|| ssh_exec ${port} ${login} ${pass} sestatus | grep -q -i -E "SELinux status:[^e]*enabled"
then
echo "OK: AppArmor or SELinux is active"
else
echo "KO: No AppArmor or SELinux is active"
fi
if ssh_exec ${port} ${login} ${pass} lspci | grep -q -i -E "(VirtualBox|QEMU)"
then
echo "OK: VirtualBox or UTM QEMU"
@@ -50,6 +79,41 @@ main ()
echo "KO: Unexpected Virtual Machine"
fi
if ssh_exec ${port} ${login} ${pass} dpkg -l | grep -q -i -E "(xserver|xorg)" \
|| ssh_exec ${port} ${login} ${pass} rpm -qa | grep -q -i -E "(xserver|xorg)"
then
echo "KO: X server is present"
else
echo "OK: No X server"
fi
if ssh_exec ${port} ${login} ${pass} lsblk | grep -q -i -E "_crypt"
then
echo "OK: Disk crypted"
else
echo "KO: Not disk crypted"
fi
if ssh_exec ${port} ${login} ${pass} ss -tunlpe | grep -q -E "LISTEN.*:4242.*ssh"
then
echo "OK: ssh running on 4242"
else
echo "KO: ssh not running on 4242"
fi
if ssh_sudo ${port} ${login} ${pass} /usr/sbin/ufw status | grep -q -E "Status: active"
then
echo "OK: Firewall ufw is active"
else
echo "KO: No firewall ufw is active"
fi
if ssh_sudo ${port} ${login} ${pass} /usr/sbin/ufw status | grep -q -E "4242.*ALLOW.*Anywhere"
then
echo "OK: Firewall allow port 4242 from anywhere"
else
echo "KO: Firewall does not allow port 4242 from anywhere"
fi
}
main $@