2019-11-03 23:22:18 +00:00
|
|
|
import os
|
|
|
|
|
|
2024-02-18 12:46:52 +00:00
|
|
|
import pytest
|
2019-11-03 23:22:18 +00:00
|
|
|
import testinfra.utils.ansible_runner
|
|
|
|
|
|
|
|
|
|
testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
|
2021-06-07 20:28:36 +00:00
|
|
|
os.environ["MOLECULE_INVENTORY_FILE"]
|
|
|
|
|
).get_hosts("all")
|
2019-11-03 23:22:18 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
def test_sysctl_file(host):
|
2023-01-29 14:31:08 +00:00
|
|
|
sysctl = host.file("/etc/sysctl.d/99-local.conf")
|
2019-11-03 23:22:18 +00:00
|
|
|
|
|
|
|
|
assert sysctl.exists
|
|
|
|
|
assert sysctl.user == "root"
|
|
|
|
|
assert sysctl.group == "root"
|
|
|
|
|
assert sysctl.mode == 0o644
|
|
|
|
|
|
|
|
|
|
|
2023-01-29 14:31:08 +00:00
|
|
|
@pytest.mark.parametrize(
|
2024-02-18 12:46:52 +00:00
|
|
|
"name,value",
|
|
|
|
|
[
|
2023-01-29 14:31:08 +00:00
|
|
|
("net.ipv4.ip_forward", 0),
|
|
|
|
|
("net.ipv6.conf.all.forwarding", 0),
|
|
|
|
|
("vm.panic_on_oom", 0),
|
|
|
|
|
("vm.overcommit_memory", 1),
|
2024-02-18 12:46:52 +00:00
|
|
|
],
|
2023-01-29 14:31:08 +00:00
|
|
|
)
|
|
|
|
|
def test_sysctl_values(host, name, value):
|
|
|
|
|
assert host.sysctl(name) == value
|
|
|
|
|
|
|
|
|
|
|
2019-11-03 23:22:18 +00:00
|
|
|
def test_modprobe_file(host):
|
|
|
|
|
modprobe = host.file("/etc/modprobe.d/custom.conf")
|
|
|
|
|
|
|
|
|
|
assert modprobe.exists
|
|
|
|
|
assert modprobe.user == "root"
|
|
|
|
|
assert modprobe.group == "root"
|
|
|
|
|
assert modprobe.mode == 0o644
|
|
|
|
|
assert modprobe.contains("install usb-storage /bin/true")
|
|
|
|
|
assert modprobe.contains("blacklist firewire-core")
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def test_coredump_config(host):
|
2023-01-29 14:31:08 +00:00
|
|
|
assert host.file("/etc/sysctl.d/99-dump.conf").exists
|
2019-11-03 23:22:18 +00:00
|
|
|
assert host.file("/etc/security/limits.d/dump.conf").exists
|
|
|
|
|
assert host.file("/etc/profile.d/dump.sh").exists
|
