Add TOMOYO tests

2025-04-08 17:15:25 +02:00 · 2018-10-18 11:01:30 +02:00 · 2018-10-18 11:01:30 +02:00 · 532c1a9bb6
commit 532c1a9bb6
parent 631853a924
2 changed files with 42 additions and 40 deletions
--- a/db/tests.db
+++ b/db/tests.db
@ -210,6 +210,8 @@ MACF-6204:test:security:mac_frameworks::Check AppArmor presence:
 MACF-6208:test:security:mac_frameworks::Check if AppArmor is enabled:
 MACF-6232:test:security:mac_frameworks::Check SELINUX presence:
 MACF-6234:test:security:mac_frameworks::Check SELINUX status:
+MACF-6240:test:security:mac_frameworks::Detection of TOMOYO binary:
+MACF-6242:test:security:mac_frameworks::Status of TOMOYO MAC framework:
 MACF-6290:test:security:mac_frameworks::Check for implemented MAC framework:
 MAIL-8802:test:security:mail_messaging::Check Exim status:
 MAIL-8804:test:security:mail_messaging::Exim configuration:
--- a/include/tests_mac_frameworks
+++ b/include/tests_mac_frameworks
@ -159,6 +159,46 @@
    fi
 #
 #################################################################################
+#
+    # Test        : MACF-6240
+    # Description : Check if the tomoyo-init binary is available on the system
+    Register --test-no MACF-6240 --weight L --network NO --category security --description "Check TOMOYO Linux presence"
+    if [ ${SKIPTEST} -eq 0 ]; then
+        LogText "Test: checking if we have tomoyo-init binary"
+        if [ -z "${TOMOYOINITBINARY}" ]; then
+            TOMOYOFOUND=0
+            LogText "Result: tomoyo-init binary not found"
+            Display --indent 2 --text "- Checking presence TOMOYO Linux" --result "${STATUS_NOT_FOUND}" --color WHITE
+        else
+            TOMOYOFOUND=1
+            LogText "Result: tomoyo-init binary found"
+            Display --indent 2 --text "- Checking presence TOMOYO Linux" --result "${STATUS_FOUND}" --color GREEN
+        fi
+    fi
+#
+#################################################################################
+#
+    # Test        : MACF-6242
+    # Description : Check TOMOYO Linux status
+    if [ ${TOMOYOFOUND} -eq 1 ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi
+    Register --test-no MACF-6242 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check TOMOYO Linux status"
+    if [ ${SKIPTEST} -eq 0 ]; then
+        FILE="/sys/kernel/security/tomoyo/stat"
+        if [ -f ${FILE} ]; then
+            MAC_FRAMEWORK_ACTIVE=1
+            LogText "Result: TOMOYO Linux is enabled"
+            Display --indent 4 --text "- Checking TOMOYO Linux status" --result "${STATUS_ENABLED}" --color GREEN
+            Report "tomoyo_enabled=1"
+            AddHP 3 3
+        else
+            LogText "Result: TOMOYO Linux is disabled"
+            Display --indent 4 --text "- Checking TOMOYO Linux status" --result "${STATUS_DISABLED}" --color YELLOW
+            Report "tomoyo_enabled=0"
+            AddHP 0 3
+        fi
+    fi
+#
+#################################################################################
 #
    # Test        : RBAC-6272
    # Description : Check if grsecurity is installed
@ -190,46 +230,6 @@
    fi
 #
 #################################################################################
-#
-    # Test        : CUST-0001
-    # Description : Check if TOMOYO Linux is installed
-    Register --test-no CUST-0001 --weight L --network NO --category security --description "Check TOMOYO Linux presence"
-    if [ ${SKIPTEST} -eq 0 ]; then
-        LogText "Test: checking if we have tomoyo-init binary"
-        if [ -z "${TOMOYOINITBINARY}" ]; then
-            TOMOYOFOUND=0
-            LogText "Result: tomoyo-init binary not found"
-            Display --indent 2 --text "- Checking presence TOMOYO Linux" --result "${STATUS_NOT_FOUND}" --color WHITE
-        else
-            TOMOYOFOUND=1
-            LogText "Result: tomoyo-init binary found"
-            Display --indent 2 --text "- Checking presence TOMOYO Linux" --result "${STATUS_FOUND}" --color GREEN
-        fi
-    fi
-#
-#################################################################################
-#
-    # Test        : CUST-0002
-    # Description : Check TOMOYO Linux status
-    if [ ${TOMOYOFOUND} -eq 1 ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi
-    Register --test-no CUST-0002 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check TOMOYO Linux status"
-    if [ ${SKIPTEST} -eq 0 ]; then
-        FILE="/sys/kernel/security/tomoyo/stat"
-        if [ -f ${FILE} ]; then
-            MAC_FRAMEWORK_ACTIVE=1
-            LogText "Result: TOMOYO Linux is enabled"
-            Display --indent 4 --text "- Checking TOMOYO Linux status" --result "${STATUS_ENABLED}" --color GREEN
-            Report "tomoyo_enabled=1"
-            AddHP 3 3
-        else
-            LogText "Result: TOMOYO Linux is disabled"
-            Display --indent 4 --text "- Checking TOMOYO Linux status" --result "${STATUS_DISABLED}" --color YELLOW
-            Report "tomoyo_enabled=0"
-            AddHP 0 3
-        fi
-    fi
-#
-#################################################################################
 #
    # Test        : MACF-6290
    # Description : Check if at least one MAC framework is implemented