diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml new file mode 100644 index 0000000..8e85d3a --- /dev/null +++ b/.github/workflows/tests.yml @@ -0,0 +1,78 @@ +--- +# yamllint disable rule:line-length +name: tests yasat + +on: # yamllint disable-line rule:truthy + push: + pull_request: + +jobs: + test-ubuntu: + runs-on: ubuntu-latest + name: test on ubuntu + steps: + - uses: actions/checkout@v4 + - name: update pkglist + run: sudo apt-get update + - name: install some tested packages + run: sudo apt-get -y install tomcat9 + - name: Run yasat + run: | + ./yasat + ./yasat -1 ntp + ./yasat -1 cups + ./yasat -1 classique + ls -l /home/runner/.yasat//yasat.report + test-bashishms: + runs-on: ubuntu-latest + name: Check bashisms + steps: + - uses: actions/checkout@v4 + - name: update pkglist + run: sudo apt-get update + - name: install checkbashisms + run: sudo apt-get -y install devscripts + - name: Run checkbashisms + run: checkbashisms yasat common plugins/*test + ubuntu-pkg: + runs-on: ubuntu-latest + name: build ubuntu package + steps: + - uses: actions/checkout@v4 + - name: update pkglist + run: sudo apt-get update + - name: Install packages + run: sudo apt-get -y install devscripts gnupg debhelper-compat + - name: create orig targz + run: cd .. && tar czf yasat_0-1.orig.tar.gz yasat + - name: Run debuild + run: debuild -i -us -uc -b --lintian-opts --profile debian + - name: Run debuild help + run: debuild --help + debian-pkg: + runs-on: ubuntu-latest + name: build debian package + steps: + - uses: actions/checkout@v4 + - name: update pkglist + run: sudo apt-get update + - name: Install packages + run: sudo apt-get -y install debootstrap + - name: Create a bookworm + run: sudo debootstrap bookworm /root/bookworm + - name: copy yasat source + run: sudo cp -a ../yasat /root/bookworm/ + - name: Install update pkg in chroot + run: sudo chroot /root/bookworm apt-get update + - name: Install update pkg in chroot + run: sudo chroot /root/bookworm apt-get -y install devscripts gnupg debhelper-compat + - name: Generate wrapper + run: | + echo '#!/bin/sh' >> run.sh + echo 'cd /yasat' >> run.sh + echo 'debuild -i -us -uc -b' >> run.sh + chmod 755 run.sh + sudo cp run.sh /root/bookworm/ + - name: Run debuild + run: sudo chroot /root/bookworm /run.sh + diff --git a/common b/common index 92f64c9..bae1cb3 100644 --- a/common +++ b/common @@ -2455,6 +2455,20 @@ Is_installed_via_package_manager() return 0; fi if [ "$LIST_PKG" = "emerge" ] ;then + if [ -z "$CACHE_EMERGE_OK" ];then + # check if we have can use portage + emerge --info 2>/dev/null >/dev/null + if [ $? -ne 0 ];then + Display --indent 2 --text "Could not work with emerge (cached)" --result EPERM --color RED + CACHE_EMERGE_OK="ko" + return 0 + fi + fi + if [ "$CACHE_EMERGE_OK" = 'ko' ];then + Display --indent 2 --text "Could not work with emerge (cached)" --result EPERM --color RED + return 0 + fi + CACHE_EMERGE_OK="ok" #TODO could be better PKGLIST="`equery -C -q l $1`" if [ -z "$PKGLIST" ] ;then diff --git a/debian/compat b/debian/compat index 7ed6ff8..7f8f011 100644 --- a/debian/compat +++ b/debian/compat @@ -1 +1 @@ -5 +7 diff --git a/plugins/apache_modules.test b/plugins/apache_modules.test index 9e0fb46..b9127d4 100644 --- a/plugins/apache_modules.test +++ b/plugins/apache_modules.test @@ -65,7 +65,15 @@ fi check_file "$APACHE_BIN" 2 BINARY if [ "$LINUX_VERSION" = "Gentoo" ] ;then - . /etc/conf.d/apache2 + if [ ! -r /etc/conf.d/apache2 ];then + TESTNAME='YASAT_TEST_APACHE_MODULES_READ_CONFD_APACHE Check if we can use /etc/conf.d/apache2' + Display --indent 2 --text "Cannot read /etc/conf.d/apache2" --result ERROR --color RED + else + . /etc/conf.d/apache2 + if [ $? -ne 0 ];then + echo "ERROR: could not read /etc/conf.d/apache2" + fi + fi APACHE_BIN="$APACHE_BIN $APACHE2_OPTS" fi diff --git a/plugins/process.data b/plugins/process.data index 573dad8..ca9e5a3 100644 --- a/plugins/process.data +++ b/plugins/process.data @@ -29,6 +29,11 @@ aisexec=CANBEROOT /usr/sbin/atd=CANBEROOT /usr/sbin/monit=CANBEROOT /sbin/rsyslogd=CANBEROOT +/usr/bin/containerd=CANBEROOT +/usr/libexec/packagekitd=CANBEROOT +/usr/libexec/polkitd=CANBEROOT +/sbin/agetty=CANBEROOT +/usr/bin/podman=CANBEROOT #ONLYROOT /sbin/udevd=ONLYROOT diff --git a/plugins/process.test b/plugins/process.test index 145778e..f8f0fdd 100755 --- a/plugins/process.test +++ b/plugins/process.test @@ -26,7 +26,7 @@ Title "Check running process" if [ ! -e "${PLUGINS_REP}/process.data" ] then Display --indent 2 --text "process.data" --result NOTFOUND --color RED - return -1; + return 1; fi #TODO FreeBSD said ps: Process environment requires procfs(5) diff --git a/plugins/tomcat.test b/plugins/tomcat.test index 070322a..c4b7de9 100755 --- a/plugins/tomcat.test +++ b/plugins/tomcat.test @@ -105,7 +105,7 @@ do then Display --indent 2 --text "Tomcat $TOMCAT_VERSION found at $BASE_TOMCAT" --result FOUND --color GREEN - check_directory_others $BASE_TOMCAT $TMP_RESULT2 4 + check_directory_others $BASE_TOMCAT $TMP_RESULT2 4 TODO fi if [ "$TOMCAT_MAJOR_VERSION" != "0" -a "$TOMCAT_MINOR_VERSION" != "0" ] ;then