From 0ab5e13072a0b71586f6d5eb8a081674818872c4 Mon Sep 17 00:00:00 2001 From: lz Date: Thu, 13 Nov 2025 16:53:46 +0800 Subject: [PATCH] =?UTF-8?q?=E6=8F=90=E4=BA=A4testcases/SOP/feature/01-role?= =?UTF-8?q?-feature.sh?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- testcases/SOP/feature/01-role-feature.sh | 137 +++++++++++++++++++++++ 1 file changed, 137 insertions(+) create mode 100755 testcases/SOP/feature/01-role-feature.sh diff --git a/testcases/SOP/feature/01-role-feature.sh b/testcases/SOP/feature/01-role-feature.sh new file mode 100755 index 0000000..469f00d --- /dev/null +++ b/testcases/SOP/feature/01-role-feature.sh @@ -0,0 +1,137 @@ +#!/usr/bin/env bash + +# ---------------------------------------------------------------------- +# Filename : 01-role-feature.sh +# Version : 1.0 +# Date : 2020/06/01 +# Author : Lz +# Email : lz843723683@gmail.com +# History : +# Version 1.0, 2020/06/01 +# Function : 测试三权分立 -用户角色 +# Out : +# 0 => TPASS +# 1 => TFAIL +# other=> TCONF +# ---------------------------------------------------------------------- + +# 测试主题 +Title_Env_LTFLIB="三权分立(系统特性) - 用户角色" + +HeadFile_Source_LTFLIB="${LIB_SSHAUTO}" + +testuser1_role="ltfrole" +passwd1_role="olleH717.12.#$" +userip_role="localhost" +AddUserNames_LTFLIB="${testuser1_role}" +AddUserPasswds_LTFLIB="${passwd1_role}" + + +## TODO : 个性化,初始化 +# Out : 0=>TPASS +# 1=>TFAIL +# 2=>TCONF +TestInit_LTFLIB(){ + return ${TPASS} +} + + +## TODO : 清理函数 +# Out : 0=>TPASS +# 1=>TFAIL +# 2=>TCONF +TestClean_LTFLIB(){ + return ${TPASS} +} + + +## TODO :内置有系统管理员、审计管理员、安全管理员 +testcase_1(){ + local ret_role="$TPASS" + local passwdfile="/etc/passwd" + + # 非特定用户数量 + local usernum=$(cat $passwdfile | grep -E "^sysadm|^secadm|^audadm" | wc -l) + + if [ $usernum -ne 3 ];then + ret_role=${TFAIL} + fi + + # 打印日志 + echo "cat $passwdfile | grep -E \"^sysadm|^secadm|^audadm\"" + cat $passwdfile | grep -E "^sysadm|^secadm|^audadm" + + OutputRet_LTFLIB ${ret_role} + TestRetParse_LTFLIB "内置有系统管理员、审计管理员、安全管理员(sysadm ,secadm ,audadm)" "False" +} + + +## TODO :secadm查看 系统管理员、审计管理员、安全管理员 是否分配SE角色 +testcase_2(){ + # 用户名 + local usersarr_role=(sysadm secadm audadm) + local tmpuser_role="" + # SELiunx用户 + local seusersarr_role=(sysadm_u secadm_u auditadm_u) + local tmpseuser_role="" + # 角色 + local rolesarr=(sysadm_r secadm_r auditadm_r) + local tmprole_role="" + + local index_role=0 + for tmpuser_role in ${usersarr_role[@]} + do + tmpseuser_role=${seusersarr_role[$index_role]} + SshAuto_CmdLocalSec_LTFLIB "sudo semanage login -l | grep $tmpuser_role | grep $tmpseuser_role" "no" "no" + TestRetParse_LTFLIB "$tmpuser_role 分配的SELiunx用户为 $tmpseuser_role" "False" + + let index_role=index_role+1 + done + + local index_role=0 + for tmpseuser_role in ${seusersarr_role[@]} + do + tmprole_role=${rolesarr[$index_role]} + SshAuto_CmdLocalSec_LTFLIB "sudo semanage user -l | grep $tmpseuser_role | grep $tmprole_role" "no" "no" + TestRetParse_LTFLIB "$tmpseuser_role SELiunx用户分配的角色为 $tmprole_role" "False" + + let index_role=index_role+1 + done +} + + +## TODO :新建普通用户,查看对应的用户名和组名 +testcase_3(){ + local tmpuser_role="${testuser1_role}" + local tmpgroup_role="${testuser1_role}" + + local passwdfile_role="/etc/passwd" + local groupfile_role="/etc/group" + + echo "cat $passwdfile_role | grep \"^${tmpuser_role}\"" + cat $passwdfile_role | grep "^${tmpuser_role}" + CommRetParse_LTFLIB "${passwdfile_role} 文件中存在新建用户 ${tmpuser_role}" "False" + + echo "cat $groupfile_role | grep \"^${tmpgroup_role}\"" + cat $groupfile_role | grep "^${tmpgroup_role}" + CommRetParse_LTFLIB "${goupfile} 文件中存在新建用户组 ${tmpgroup_role}" "False" +} + + +## TODO : 测试用例集 +# Out : 0=>TPASS +# 1=>TFAIL +# 2=>TCONF +Testsuite_LTFLIB(){ + testcase_1 + testcase_2 + testcase_3 + + return $TPASS +} + + +#----------------------------------------------# + +source "${LIB_LTFLIB}" +Main_LTFLIB $@ -- Gitee