diff --git a/testcases/SOP/sysadm/03-noAllowed-sysadm.sh b/testcases/SOP/sysadm/03-noAllowed-sysadm.sh new file mode 100755 index 0000000000000000000000000000000000000000..ec135a810820387653980a4bae2e04df0b039237 --- /dev/null +++ b/testcases/SOP/sysadm/03-noAllowed-sysadm.sh @@ -0,0 +1,92 @@ +#!/usr/bin/env bash + + +# ---------------------------------------------------------------------- +# Filename : 03-noAllowed-sysadm.sh +# Version : 1.0 +# Date : 2020/05/28 +# Author : Lz +# Email : lz843723683@gmail.com +# History : +# Version 1.0, 2020/05/28 +# Function : 测试三权分立-sysadm不被允许的操作 +# Out : +# 0 => TPASS +# 1 => TFAIL +# other=> TCONF +# ---------------------------------------------------------------------- + +# 测试主题 +Title_Env_LTFLIB="三权分立(sysadm) - sysadm不被允许的操作" + +HeadFile_Source_LTFLIB="${LIB_SSHAUTO}" + + +## TODO : 个性化,初始化 +# Out : 0=>TPASS +# 1=>TFAIL +# 2=>TCONF +TestInit_LTFLIB(){ + return ${TPASS} +} + + +## TODO : 清理函数 +# Out : 0=>TPASS +# 1=>TFAIL +# 2=>TCONF +TestClean_LTFLIB(){ + return ${TPASS} +} + + +## TODO :sysadm不被允许的操作 +testcase_1(){ + local sefile="/etc/sysconfig/selinux" + SshAuto_CmdLocalSys_LTFLIB "sudo cat ${sefile}" "no" "yes" + TestRetParse_LTFLIB "不可查看修改 ${sefile}" "False" +} + + +## TODO :sysadm不被允许的操作 +testcase_2(){ + local cmd="sudo semanage boolean -l" + SshAuto_CmdLocalSys_LTFLIB "$cmd" "no" "yes" + TestRetParse_LTFLIB "sysadm 不可执行 $cmd" "False" +} + + +## TODO :sysadm不被允许的操作 +testcase_3(){ + local cmd="su" + SshAuto_CmdLocalSys_LTFLIB "$cmd" "no" "yes" + TestRetParse_LTFLIB "sysadm 不可执行 $cmd" "False" +} + + +## TODO :sysadm不被允许的操作 +testcase_4(){ + local cmd="sudo ausearch --input-logs -i" + SshAuto_CmdLocalSys_LTFLIB "$cmd" "no" "yes" + TestRetParse_LTFLIB "sysadm 不可执行 $cmd" "False" +} + + +## TODO : 测试用例集 +# Out : 0=>TPASS +# 1=>TFAIL +# 2=>TCONF +Testsuite_LTFLIB(){ + testcase_1 + testcase_2 + testcase_3 + testcase_4 + + return $TPASS +} + + +#----------------------------------------------# + +source "${LIB_LTFLIB}" +Main_LTFLIB $@