Package: logwatch Version: 7.5.2-1ubuntu1.3 Severity: normal Tags: patch Dear Maintainer,
The patch attached adds support for autopkgtest and enables to run the testsuite automatically. It has been proposed and accepted on Ubuntu [1], and you might be interested in doing the same in Debian. Thanks in advance for considering this. [1] https://bugs.launchpad.net/ubuntu/+source/logwatch/+bug/1679329 -- Miriam
diff --git a/debian/changelog b/debian/changelog index a12a239..e4e47be 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,23 @@ +logwatch (7.5.5-1ubuntu3) impish; urgency=medium + + * d/tests: Add autopkgtest DEP8 tests (LP: #1679329): + - d/t/control: New file. + - d/t/basic-checks: Test basic configuration and version. + - d/t/syntax-check: Perl syntax checking for the logwatch's scripts. + - d/t/detail: Check the amount of output when using low, med and + high values with the detail flag. + - d/t/su-l-check: Check if properly report when a user become root. + + d/t/data/su-l: Log portion used in this test. + - d/t/apparmor-unmatched-entries : Test for not logging as unmatched + some lines for apparmor audit in kern.log. + + d/t/data/unmatched-entries-apparmor_kern.log: Log portion + used in the test (LP #1577948). + - d/t/packages-and-report: Check if the corresponding section + is present into logwatch report for a list of packages/services + (now only for sshd). + + -- Miriam EspaƱa Acebal <miriam.esp...@canonical.com> Thu, 29 Jul 2021 16:53:01 +0200 + logwatch (7.5.5-1ubuntu2) hirsute; urgency=medium * d/p/0010-zz-zfs-detect-zfs-location.patch: Use explicit paths for diff --git a/debian/tests/apparmor-unmatched-entries b/debian/tests/apparmor-unmatched-entries new file mode 100644 index 0000000..4bfd784 --- /dev/null +++ b/debian/tests/apparmor-unmatched-entries @@ -0,0 +1,41 @@ +#!/bin/bash + +###################################################### +### no apparmor STATUS entries marked as unmatched ### +###################################################### + +set -eo pipefail + +LOGWATCH_CONF_FILE="/etc/logwatch/conf/logwatch.conf" +NEED_ERASING=1 + +clear_logwatch_conf_file(){ + if [ "${NEED_ERASING}" -eq "0" ]; then + if [ -e "${LOGWATCH_CONF_FILE}".test.bak ]; then + cp "${LOGWATCH_CONF_FILE}".test.bak "${LOGWATCH_CONF_FILE}" + rm "${LOGWATCH_CONF_FILE}".test.bak + else + rm "${LOGWATCH_CONF_FILE}" + fi + fi +} + +trap ' clear_logwatch_conf_file ' 0 INT QUIT ABRT PIPE TERM + +cp "$(dirname "${0}")"/data/unmatched-entries-apparmor_kern.log "${AUTOPKGTEST_TMP}"/kern.log + +if ! [ -f "${LOGWATCH_CONF_FILE}" ] ; then + echo "AppendVarLogToLogDirs = 0" >> "${LOGWATCH_CONF_FILE}" +elif ! grep -q "^AppendVarLogToLogDirs" "${LOGWATCH_CONF_FILE}" ; then + cp "${LOGWATCH_CONF_FILE}" "${LOGWATCH_CONF_FILE}".test.bak + echo "AppendVarLogToLogDirs = 0" >> "${LOGWATCH_CONF_FILE}" +else + sed -i.test.bak 's/^\(AppendVarLogToLogDirs = \).*/\10/' "${LOGWATCH_CONF_FILE}" +fi +NEED_ERASING=0 + +if logwatch --detail High --range all --service kernel --logdir "${AUTOPKGTEST_TMP}" --output stdout | grep -qF "**Unmatched Entries**"; then + exit 1 +else + exit 0 +fi diff --git a/debian/tests/basic-checks b/debian/tests/basic-checks new file mode 100755 index 0000000..dcec7b9 --- /dev/null +++ b/debian/tests/basic-checks @@ -0,0 +1,34 @@ +#!/bin/bash + +############################################ +### Check main installation requirements ### +############################################ + +set -e + +SHAREDIR="/usr/share/logwatch" + +# Config file +echo "Checking config file present" +test -e "${SHAREDIR}"/dist.conf/logwatch.conf + +# Services +echo "Checking service configs are installed" +test -d "${SHAREDIR}"/dist.conf/services +services_conf_files=("${SHAREDIR}"/dist.conf/services/*.conf) +num_scf=${#services_conf_files[@]} +echo "Service files are = ${num_scf}" +test "${num_scf}" -gt "0" + +# Logfiles +echo "Checking logs configs are installed" +test -d "$SHAREDIR/dist.conf/logfiles" +logfiles_conf_files=("${SHAREDIR}"/dist.conf/logfiles/*.conf) +num_lcf=${#logfiles_conf_files[@]} +echo "Logfiles are = ${num_lcf}" +test "${num_lcf}" -gt "0" + +# Script +echo "Checking binary is present and its usefulness" +test -e /usr/sbin/logwatch +logwatch --version diff --git a/debian/tests/control b/debian/tests/control new file mode 100644 index 0000000..feefe91 --- /dev/null +++ b/debian/tests/control @@ -0,0 +1,15 @@ +Tests: basic-checks +Depends: @ +Restrictions: superficial + +Tests: syntax-check +Depends: @, liburi-perl +Restrictions: allow-stderr + +Tests: detail su-l-check apparmor-unmatched-entries +Depends: @ +Restrictions: needs-root + +Tests: packages-and-report +Depends: @ +Restrictions:needs-root isolation-container diff --git a/debian/tests/data/su-l b/debian/tests/data/su-l new file mode 100644 index 0000000..4687e20 --- /dev/null +++ b/debian/tests/data/su-l @@ -0,0 +1,2 @@ +Jul 27 15:29:50 test-logwatch su: pam_unix(su-l:session): session opened for user root by ubuntu(uid=0) +Jul 27 23:22:22 test-logwatch su: pam_unix(su-l:session): session closed for user root diff --git a/debian/tests/data/unmatched-entries-apparmor_kern.log b/debian/tests/data/unmatched-entries-apparmor_kern.log new file mode 100644 index 0000000..57a535d --- /dev/null +++ b/debian/tests/data/unmatched-entries-apparmor_kern.log @@ -0,0 +1,14 @@ +Aug 17 11:59:06 stirling kernel: [2731097.177750] audit: type=1400 audit(1462209116.753:18): apparmor="STATUS" operation="profile_replace" profile="unconfined" name="/usr/sbin/named" pid=22094 comm="apparmor_parser" +Aug 17 11:59:06 stirling kernel: [2731097.177750] audit: type=1400 audit(1462209262.641:2): apparmor="STATUS" operation="profile_load" profile="unconfined" name="/usr/bin/freshclam" pid=1760 comm="apparmor_parser" +Aug 17 11:59:06 stirling kernel: [2731097.177750] audit: type=1400 audit(1462209262.657:3): apparmor="STATUS" operation="profile_load" profile="unconfined" name="/sbin/dhclient" pid=1759 comm="apparmor_parser" +Aug 17 11:59:06 stirling kernel: [2731097.177750] audit: type=1400 audit(1462209262.657:4): apparmor="STATUS" operation="profile_load" profile="unconfined" name="/usr/lib/NetworkManager/nm-dhcp-client.action" pid=1759 comm="apparmor_parser" +Aug 17 11:59:06 stirling kernel: [2731097.177750] audit: type=1400 audit(1462209262.657:5): apparmor="STATUS" operation="profile_load" profile="unconfined" name="/usr/lib/NetworkManager/nm-dhcp-helper" pid=1759 comm="apparmor_parser" +Aug 17 11:59:06 stirling kernel: [2731097.177750] audit: type=1400 audit(1462209262.657:6): apparmor="STATUS" operation="profile_load" profile="unconfined" name="/usr/lib/connman/scripts/dhclient-script" pid=1759 comm="apparmor_parser" +Aug 17 11:59:06 stirling kernel: [2731097.177750] audit: type=1400 audit(1462209262.657:7): apparmor="STATUS" operation="profile_load" profile="unconfined" name="/usr/sbin/clamd" pid=1765 comm="apparmor_parser" +Aug 17 11:59:06 stirling kernel: [2731097.177750] audit: type=1400 audit(1462209262.673:8): apparmor="STATUS" operation="profile_load" profile="unconfined" name="/usr/sbin/cups-browsed" pid=1767 comm="apparmor_parser" +Aug 17 11:59:06 stirling kernel: [2731097.177750] audit: type=1400 audit(1462209262.677:9): apparmor="STATUS" operation="profile_load" profile="unconfined" name="/usr/lib/cups/backend/cups-pdf" pid=1768 comm="apparmor_parser" +Aug 17 11:59:06 stirling kernel: [2731097.177750] audit: type=1400 audit(1462209262.677:10): apparmor="STATUS" operation="profile_load" profile="unconfined" name="/usr/sbin/cupsd" pid=1768 comm="apparmor_parser" +Aug 17 11:59:06 stirling kernel: [2731097.177750] audit: type=1400 audit(1462209262.677:11): apparmor="STATUS" operation="profile_load" profile="unconfined" name="/usr/sbin/cupsd//third_party" pid=1768 comm="apparmor_parser" +Aug 17 11:59:06 stirling kernel: [2731097.177750] audit: type=1400 audit(1597690746.037:8074): apparmor="STATUS" operation="profile_remove" profile="unconfined" name="lxd-open-iscsi-review-mp389234-groovy_</var/snap/lxd/common/lxd>" pid=1695060 comm="apparmor_parser" +Aug 17 15:23:04 stirling kernel: [2743335.144325] audit: type=1400 audit(1597702984.306:8075): apparmor="STATUS" operation="profile_load" profile="snap.multipass.multipassd" name="multipass.qemu-img" pid=1712259 comm="apparmor_parser" +Aug 17 15:23:04 stirling kernel: [2743335.189665] audit: type=1400 audit(1597702984.350:8076): apparmor="STATUS" operation="profile_remove" profile="snap.multipass.multipassd" name="multipass.qemu-img" pid=1712263 comm="apparmor_parser" diff --git a/debian/tests/detail b/debian/tests/detail new file mode 100644 index 0000000..c690f4a --- /dev/null +++ b/debian/tests/detail @@ -0,0 +1,16 @@ +#!/bin/bash + +################################## +### Check detail option output ### +################################## + +set -eo pipefail + +low="$(logwatch --detail Low --range all --service all --output stdout | wc -l)" +high="$(logwatch --detail High --range all --service all --output stdout | wc -l)" +med="$(logwatch --detail Med --range all --service all --output stdout | wc -l)" + +echo "Checking that Low detail is less than Med detail" +test "${low}" -lt "${med}" +echo "Checking that Med detail is less High detail" +test "${med}" -lt "${high}" diff --git a/debian/tests/packages-and-report b/debian/tests/packages-and-report new file mode 100644 index 0000000..f367e68 --- /dev/null +++ b/debian/tests/packages-and-report @@ -0,0 +1,36 @@ +#!/bin/bash + +############################# +### Check services output ### +############################# + +set -eo pipefail + +check_package_report_present(){ + + local package="${1}" + local key="${2}" + local service="${3}" + + if ! dpkg-query -s "${package}" >/dev/null 2>&1; then + apt install -y "${package}" >/dev/null 2>&1 + fi + + PATTERN="- ${key}" + section_exists="$(logwatch --detail High --range all --service "${service}" --output stdout | awk -v var="${PATTERN}" '$0 ~ var && position{print NR-position-1} $0 ~ var {position=NR}')" + + echo "Number of lines for the report: ${section_exists}" + if [ -z "${section_exists}" ]; then + exit 1 + fi + +} + +packages=("openssh-server") +keys=("SSHD") +service=("sshd") + +for((i=0;i<"${#packages[@]}";i++)); do + echo "Checking section ${keys[${i}]} exists in logwatch report for package ${packages[${i}]}" + check_package_report_present "${packages[${i}]}" "${keys[${i}]}" "${service[${i}]}" +done diff --git a/debian/tests/su-l-check b/debian/tests/su-l-check new file mode 100755 index 0000000..f9cdc56 --- /dev/null +++ b/debian/tests/su-l-check @@ -0,0 +1,37 @@ +#!/bin/bash + +################################## +### Check detection su -l ### +################################## + +set -eo pipefail + +LOGWATCH_CONF_FILE="/etc/logwatch/conf/logwatch.conf" +NEED_ERASING=1 + +clear_logwatch_conf_file(){ + if [ "${NEED_ERASING}" -eq "0" ]; then + if [ -e "${LOGWATCH_CONF_FILE}".test.bak ]; then + cp "${LOGWATCH_CONF_FILE}".test.bak "${LOGWATCH_CONF_FILE}" + rm "${LOGWATCH_CONF_FILE}".test.bak + else + rm "${LOGWATCH_CONF_FILE}" + fi + fi +} + +trap 'clear_logwatch_conf_file' 0 INT QUIT ABRT PIPE TERM + +cp "$(dirname "${0}")"/data/su-l "${AUTOPKGTEST_TMP}"/auth.log + +if ! [ -e "${LOGWATCH_CONF_FILE}" ] ; then + echo "AppendVarLogToLogDirs = 0" >> "${LOGWATCH_CONF_FILE}" +elif ! grep -q "^AppendVarLogToLogDirs" "${LOGWATCH_CONF_FILE}" ; then + cp "${LOGWATCH_CONF_FILE}" "${LOGWATCH_CONF_FILE}".test.bak + echo "AppendVarLogToLogDirs = 0" >> "${LOGWATCH_CONF_FILE}" +else + sed -i.test.bak 's/^\(AppendVarLogToLogDirs = \).*/\10/' "${LOGWATCH_CONF_FILE}" +fi +NEED_ERASING=0 + +logwatch --detail High --range all --service pam_unix --logdir "${AUTOPKGTEST_TMP}" --output stdout | grep -qF "ubuntu -> root" diff --git a/debian/tests/syntax-check b/debian/tests/syntax-check new file mode 100755 index 0000000..b90af37 --- /dev/null +++ b/debian/tests/syntax-check @@ -0,0 +1,16 @@ +#!/bin/bash + +################################ +### Check perl syntax status ### +################################ + +set -e + +SHAREDIR="/usr/share/logwatch" + +echo "Checking script's perl syntax" + +while IFS= read -r f +do + PERL5LIB="${SHAREDIR}"/lib perl -c "${f}" +done < <(grep -Erl "\#\!.*perl" "${SHAREDIR}"/scripts/)