Merge pull request #1441 from evgenyz/test_offline_remediations

Add test that ensures there is no remediation attempt in the "offline" mode

Author: jan-cerny

tests/API/XCCDF/unittests/CMakeLists.txt

@@ -69,6 +69,7 @@ add_oscap_test("test_xccdf_transformation.sh")
 add_oscap_test("test_single_rule.sh")
 add_oscap_test("test_single_rule_stigw.sh")
 add_oscap_test("test_remediation_simple.sh")
+add_oscap_test("test_remediation_offline.sh")
 add_oscap_test("test_remediation_metadata.sh")
 add_oscap_test("test_remediation_bad_fix.sh")
 add_oscap_test("test_remediation_subs_plain_text.sh")

tests/API/XCCDF/unittests/test_remediation_offline.sh

@@ -0,0 +1,21 @@
+#!/bin/bash
+. $builddir/tests/test_common.sh
+
+set -e -o pipefail
+
+name=$(basename $0 .sh)
+result=$(mktemp -t ${name}.res.XXXXXX)
+stderr=$(mktemp -t ${name}.err.XXXXXX)
+stdout=$(mktemp -t ${name}.out.XXXXXX)
+root=$(mktemp -d -t ${name}.root.XXXXXX)
+
+set_chroot_offline_test_mode "$root"
+
+$OSCAP xccdf eval --remediate --results $result $srcdir/${name}.xccdf.xml 2> $stderr 1> $stdout || echo "Scanner returned non-zero code (OK)"
+rm $result
+
+grep "remediation in offline mode: not implemented" $stderr > /dev/null
+
+rm -rf $stderr $stdout $root
+
+unset_chroot_offline_test_mode

tests/API/XCCDF/unittests/test_remediation_offline.xccdf.xml

@@ -0,0 +1,15 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Benchmark xmlns="http://checklists.nist.gov/xccdf/1.2" id="xccdf_moc.elpmaxe.www_benchmark_test">
+  <status>accepted</status>
+  <version>1.0</version>
+  <Rule selected="true" id="xccdf_moc.elpmaxe.www_rule_1">
+    <title>Ensure that file exists and it is not executable</title>
+    <fix system="urn:xccdf:fix:script:sh">
+      touch test_file
+      chmod a-x test_file
+    </fix>
+    <check system="http://oval.mitre.org/XMLSchema/oval-definitions-5">
+      <check-content-ref href="test_remediation_simple.oval.xml" name="oval:moc.elpmaxe.www:def:1"/>
+    </check>
+  </Rule>
+</Benchmark>