@@ -15,15 +15,14 @@ if [[ $? != 1 ]]; then
1515 exit 1
1616fi
1717
18- if [[ " $OUT " != " status code 405 " ; then
18+ if [[ " $OUT " != " Access is denied Not enough privileges to complete the action " ; then
1919 echo " Unexpected output from set_secure_system_falco_rules.py: $OUT "
2020 exit 1
2121fi
2222set -e
2323
24- # There's a known system falco rules file. Get it and compare it to the expected file
24+ # Get the system falco rules file. Don't validate it, just verify that it can be fetched.
2525$SCRIPTDIR /../examples/get_secure_system_falco_rules.py $PYTHON_SDC_TEST_API_TOKEN > /tmp/falco_rules.yaml
26- diff /tmp/falco_rules.yaml $SCRIPTDIR /sample-falco-rules.yaml
2726
2827NOW=$( date)
2928cat << EOF > /tmp/test_apis_user_rules.yaml
5049# be 1, corresponding to the system falco rule.
5150$SCRIPTDIR /../examples/create_default_policies.py $PYTHON_SDC_TEST_API_TOKEN
5251OUT=` $SCRIPTDIR /../examples/list_policies.py $PYTHON_SDC_TEST_API_TOKEN `
53- if [[ $OUT != * " \" name\" : \" My Rule \" " * ]]; then
52+ if [[ $OUT != * " \" name\" : \" Write below binary dir \" " * ]]; then
5453 echo " Unexpected output after creating default policies"
5554 exit 1
5655fi
5756
5857# Get that policy, change the name, and create a new duplicate policy.
59- OUT=` $SCRIPTDIR /../examples/get_policy.py $PYTHON_SDC_TEST_API_TOKEN " My Rule " `
58+ OUT=` $SCRIPTDIR /../examples/get_policy.py $PYTHON_SDC_TEST_API_TOKEN " Write below binary dir " `
6059MY_POLICY=$OUT
61- if [[ $OUT != * " \" name\" : \" My Rule \" " * ]]; then
62- echo " Could not fetch policy with name \" My Rule \" "
60+ if [[ $OUT != * " \" name\" : \" Write below binary dir \" " * ]]; then
61+ echo " Could not fetch policy with name \" Write below binary dir \" "
6362 exit 1
6463fi
6564
66- NEW_POLICY=` echo $MY_POLICY | sed -e " s/My Rule /Copy Of My Rule /g" | sed -e ' s/"id": [0-9]*,//' | sed -e ' s/"version": [0-9]*/"version": null/' `
65+ NEW_POLICY=` echo $MY_POLICY | sed -e " s/Write below binary dir /Copy Of Write below binary dir /g" | sed -e ' s/"id": [0-9]*,//' | sed -e ' s/"version": [0-9]*/"version": null/' `
6766OUT=` echo $NEW_POLICY | $SCRIPTDIR /../examples/add_policy.py $PYTHON_SDC_TEST_API_TOKEN `
68- if [[ $OUT != * " \" name\" : \" Copy Of My Rule \" " * ]]; then
67+ if [[ $OUT != * " \" name\" : \" Copy Of Write below binary dir \" " * ]]; then
6968 echo " Could not create new policy"
7069 exit 1
7170fi
7271
7372# Change the description of the new policy and update it.
74- MODIFIED_POLICY=` echo $MY_POLICY | sed -e " s/My Description /My New Description/g" `
73+ MODIFIED_POLICY=` echo $MY_POLICY | sed -e " s/an attempt to write to any file below a set of binary directories /My New Description/g" `
7574OUT=` echo $MODIFIED_POLICY | $SCRIPTDIR /../examples/update_policy.py $PYTHON_SDC_TEST_API_TOKEN `
7675if [[ $OUT != * " \" description\" : \" My New Description\" " * ]]; then
77- echo " Could not update policy \" Copy Of My Rule \" "
76+ echo " Could not update policy \" Copy Of Write below binary dir \" "
7877 exit 1
7978fi
8079
8180# Delete the new policy.
82- OUT=` $SCRIPTDIR /../examples/delete_policy.py --name " Copy Of My Rule " $PYTHON_SDC_TEST_API_TOKEN `
83- if [[ $OUT != * " \" name\" : \" Copy Of My Rule \" " * ]]; then
84- echo " Could not delete policy \" Copy Of My Rule \" "
81+ OUT=` $SCRIPTDIR /../examples/delete_policy.py --name " Copy Of Write below binary dir " $PYTHON_SDC_TEST_API_TOKEN `
82+ if [[ $OUT != * " \" name\" : \" Copy Of Write below binary dir \" " * ]]; then
83+ echo " Could not delete policy \" Copy Of Write below binary dir \" "
8584 exit 1
8685fi
8786
8887OUT=` $SCRIPTDIR /../examples/list_policies.py $PYTHON_SDC_TEST_API_TOKEN `
89- if [[ $OUT = * " \" name\" : \" Copy Of My Rule \" " * ]]; then
90- echo " After deleting policy Copy Of My Rule , policy was still present?"
88+ if [[ $OUT = * " \" name\" : \" Copy Of Write below binary dir \" " * ]]; then
89+ echo " After deleting policy Copy Of Write below binary dir , policy was still present?"
9190 exit 1
9291fi
9392
9493# Make a copy again, but this time delete by id
95- NEW_POLICY=` echo $MY_POLICY | sed -e " s/My Rule /Another Copy Of My Rule /g" | sed -e ' s/"id": [0-9]*,//' | sed -e ' s/"version": [0-9]*/"version": null/' `
94+ NEW_POLICY=` echo $MY_POLICY | sed -e " s/Write below binary dir /Another Copy Of Write below binary dir /g" | sed -e ' s/"id": [0-9]*,//' | sed -e ' s/"version": [0-9]*/"version": null/' `
9695OUT=` echo $NEW_POLICY | $SCRIPTDIR /../examples/add_policy.py $PYTHON_SDC_TEST_API_TOKEN `
97- if [[ $OUT != * " \" name\" : \" Another Copy Of My Rule \" " * ]]; then
96+ if [[ $OUT != * " \" name\" : \" Another Copy Of Write below binary dir \" " * ]]; then
9897 echo " Could not create new policy"
9998 exit 1
10099fi
101100
102101ID=` echo $OUT | grep -E -o ' "id": [^,]+,' | awk ' {print $2}' | awk -F, ' {print $1}' `
103102
104103OUT=` $SCRIPTDIR /../examples/delete_policy.py --id $ID $PYTHON_SDC_TEST_API_TOKEN `
105- if [[ $OUT != * " \" name\" : \" Another Copy Of My Rule \" " * ]]; then
106- echo " Could not delete policy \" Copy Of My Rule \" "
104+ if [[ $OUT != * " \" name\" : \" Another Copy Of Write below binary dir \" " * ]]; then
105+ echo " Could not delete policy \" Copy Of Write below binary dir \" "
107106 exit 1
108107fi
109108
110109OUT=` $SCRIPTDIR /../examples/list_policies.py $PYTHON_SDC_TEST_API_TOKEN `
111- if [[ $OUT = * " \" name\" : \" Another Copy Of My Rule \" " * ]]; then
112- echo " After deleting policy Another Copy Of My Rule , policy was still present?"
110+ if [[ $OUT = * " \" name\" : \" Another Copy Of Write below binary dir \" " * ]]; then
111+ echo " After deleting policy Another Copy Of Write below binary dir , policy was still present?"
113112 exit 1
114113fi
115114
@@ -120,7 +119,7 @@ FOUND=0
120119
121120for i in $( seq 10) ; do
122121 sleep 10
123- touch /tmp /some-file.txt
122+ sudo touch /bin /some-file.txt
124123
125124 EVTS=` $SCRIPTDIR /../examples/get_secure_policy_events.py $PYTHON_SDC_TEST_API_TOKEN 60`
126125
0 commit comments