Metadata-Version: 1.1
Name: agamotto
Version: 0.5.0
Summary: Agamotto is a module that provides helper functions for testing the configuration of a running server
Home-page: http://github.com/groksolutions/agamotto
Author: Joe Block
Author-email: jpb@numenta.com
License: Apache
Download-URL: https://github.com/GrokSolutions/agamotto/archive/0.5.0.tar.gz
Description: Agamotto
        ========
        
        Agamotto is a helper module to make it easier to test a running system with
        Python.
        
        Why not use serverspec? I work in a Python shop and want our devs to be able
        to easily write their own tests. Making the test suite use the same language
        they use daily removes a potential friction point.
        
        Installation
        ============
        ```bash
        python setup.py install
        ```
        TODO: Make this pip installable
        
        Usage
        =====
        ```python
        
        import agamotto
        import unittest2 as unittest
        
        class TestKnownSecurityIssues(unittest.TestCase):
        
          def testBashHasCVE_2014_6271Fix(self):
            """Confirm that fix has been installed for CVE-2014-6271 Bash Code
            Injection Vulnerability via Specially Crafted Environment Variables
            """
            self.assertFalse(agamotto.process.stdoutContains("(env x='() { :;}; echo vulnerable'  bash -c \"echo this is a test\") 2>&1",
                             'vulnerable'), 'Bash is vulnerable to CVE-2014-6271')
        
        
          def testBashHasCVE_2014_7169Fix(self):
            """Confirm that fix has been installed for CVE-2014-7169 Bash Code
            Injection Vulnerability via Specially Crafted Environment Variables
            """
            self.assertFalse(agamotto.process.stdoutContains("env X='() { (a)=>\' bash -c \"echo echo vuln\"; [[ \"$(cat echo)\" == \"vuln\" ]] && echo \"still vulnerable :(\" 2>&1",
                             'still vulnerable'), 'Bash is vulnerable to CVE-2014-7169')
        
        
          def testNoAccountsHaveEmptyPasswords(self):
            """/etc/shadow has : separated fields. Check the password field ($2) and
               make sure no accounts have a blank password.
            """
            self.assertEquals(agamotto.process.execute(
              'sudo awk -F: \'($2 == "") {print}\' /etc/shadow | wc -l').strip(), '0',
              "found accounts with blank password")
        
        
          def testRootIsTheOnlyUidZeroAccount(self):
            """/etc/passwd stores the UID in field 3. Make sure only one account entry
            has uid 0.
            """
            self.assertEquals(agamotto.process.execute(
                              'awk -F: \'($3 == "0") {print}\' /etc/passwd').strip(),
                              'root:x:0:0:root:/root:/bin/bash')
        
        
        
        if __name__ == '__main__':
          unittest.main()
        ```
        
        Then run py.test.
        
        Caveats
        =======
        We're a CentOS shop. This hasn't even been tested on stock RHEL, let alone
        Debian or Ubuntu. Pull requests adding that functionality are welcome, of course.
        
Keywords: server testing
Platform: UNKNOWN
Classifier: Development Status :: 5 - Production/Stable
Classifier: Intended Audience :: Developers
Classifier: License :: OSI Approved :: Apache Software License
Classifier: Natural Language :: English
Classifier: Operating System :: OS Independent
Classifier: Programming Language :: Python
