#!/bin/bash
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
#   runtest.sh of /CoreOS/audit/Regression/bz1075155-kernel-AUDIT-LOGIN-event-is-missing-subject-label
#   Description: Test for BZ#1075155 (kernel AUDIT_LOGIN event is missing subject label)
#   Author: Ondrej Moris <omoris@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
#   Copyright (c) 2014 Red Hat, Inc.
#
#   This program is free software: you can redistribute it and/or
#   modify it under the terms of the GNU General Public License as
#   published by the Free Software Foundation, either version 2 of
#   the License, or (at your option) any later version.
#
#   This program is distributed in the hope that it will be
#   useful, but WITHOUT ANY WARRANTY; without even the implied
#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
#   PURPOSE.  See the GNU General Public License for more details.
#
#   You should have received a copy of the GNU General Public License
#   along with this program. If not, see http://www.gnu.org/licenses/.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

# Include Beaker environment
. /usr/share/beakerlib/beakerlib.sh || exit 1

PACKAGE="audit"

rlJournalStart
    rlPhaseStartSetup
        rlAssertRpm $PACKAGE
        ! rlIsRHEL 4 5 6 && rlRun "systemctl reset-failed auditd"
        rlServiceStart auditd
        sleep 3
        rlRun "useradd bz1075155"
        rlRun "echo bz1075155 | passwd --stdin bz1075155"
        cat > sshtest.exp <<'_EOF'
set timeout 10
spawn ssh bz1075155@localhost pwd
expect {
    -re ".*(yes/no).*" { send -- "yes\r"; exp_continue }
    -re ".*password:" { send -- "bz1075155\r" }
    timeout { puts "\r"; exit 1 }
    eof { puts "\r"; exit 2 }
}
expect {
    "/home/bz1075155" { exit 0 }
    timeout { puts "\r"; exit 3 }
    eof { puts "\r"; exit 4 }
}
puts "\r"
exit 9
_EOF
        rlAssertExists sshtest.exp
        rlRun "expect -f sshtest.exp"
    rlPhaseEnd

    rlPhaseStartTest "audit.log"
        rlRun -s "grep 'type=LOGIN' /var/log/audit/audit.log" 0
        cat $rlRun_LOG
        subj=$(cat $rlRun_LOG | tail -1 | sed 's/.*subj=\([^ ]\+\) .*/\1/')
        rlRun "! [ -z \"$subj\" ]" 0 "Verifying that subject context audited"
    rlPhaseEnd

    rlPhaseStartTest "ausearch"
        rlRun -s "ausearch --start today -m LOGIN" 0
        cat $rlRun_LOG
        subj=$(cat $rlRun_LOG | tail -1 | sed 's/.*subj=\([^ ]\+\) .*/\1/')
        rlRun "! [ -z \"$subj\" ]" 0 "Verifying that subject context audited"
    rlPhaseEnd

    rlPhaseStartCleanup
        rlRun "userdel -fr bz1075155"
    rlPhaseEnd
rlJournalPrintText
rlJournalEnd