#!/bin/sh
#**********************************************************************
#  Copyright (C) International Business Machines  Corp., 2004
#
#  This program is free software;  you can redistribute it and/or modify
#  it under the terms of the GNU General Public License as published by
#  the Free Software Foundation; either version 2 of the License, or
#  (at your option) any later version.
#
#  This program is distributed in the hope that it will be useful,
#  but WITHOUT ANY WARRANTY;  without even the implied warranty of
#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See
#  the GNU General Public License for more details.
#
#  You should have received a copy of the GNU General Public License
#  along with this program;  if not, write to the Free Software
#  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#
#  FILE       : test_template 
#
#  PURPOSE    : Sets a template to record results of manual tests.
#  DESCRIPTION: The script accept one argument, based on that the corresponding
#  template file will be created where a user can just go fill in the results.
#
#  HISTORY    :
#    08/2004 Originated by Loulwa Salem <loulwa@us.ibm.com>
#    09/2004 Changed format of created files to make them more detailed
#
# **********************************************************************
FILE="$1"_test.txt

touch $FILE 
echo DATE: `date` >> $FILE

if [ "$1" == "login" ]; then
	cat >> $FILE <<- __END__

	Test performed from the console (not valid for iSeries or zSeries)

        Login as ealuser with invalid password should fail ($1) --->

        Root login with valid password should succeed ($1) --->

        Execute id
        %% paste output here
        verify id=0 ($1) --->

        Execute faillog
        %% paste output here
        faillog recorded invalid login attempts for ealuser ($1) --->

        Execute lastlog 
        %% paste output here
        lastlog shows correct root user login date/time ($1) --->

        Run
          augrep -e TEXT -U AUTH_failure
        %% paste output here
        Verify libpam records for failed login attempts ($1) --->

        Run
          augrep -e TEXT -U AUTH_success
        %% paste output here
        Verify libpam records for successful login attempts ($1) --->

        Run
          augrep -e LOGIN 
        %% paste output here
        Verify pam_laus records for successful login attempts ($1) --->
	__END__
elif [ "$1" == "securetty" ]; then
	cat >> $FILE <<- __END__

	(Not valid for iSeries or zSeries)

        Set up the target of evaluation and the remote machine according to the test plan

        Add to /etc/inittab (Not valid for pSeries)
          S0:2345:respawn:/sbin/agetty -L 9600 ttyS0
        Add to /etc/inittab (pSeries ONLY)
          hvs0:12345:respawn:/sbin/agetty -L 9600 hvsi0

        Invoke serial connection from remote host.
        Verify root is denied login access from serial terminal
        %% paste output here
        root is denied login access from serial terminal ($1) --->

        Add "ttyS0" to /etc/securetty file on target of evaluation (Not valid for pSeries)
        Add "hvsi0" to /etc/securetty file on target of evaluation (pSeries ONLY)

        Invoke serial connection from remote host.
        Verify root is allowed login access from serial terminal
        %% paste output here
        root is allowed login access from serial terminal ($1) --->
	__END__
elif [ "$1" == "inittab" ]; then
	cat >> $FILE <<- __END__

        Add to /etc/inittab
          TEAL:2345:respawn:/bin/sleep 300
        Run
          ps -ef | grep "/bin/sleep 300"
        %% paste output here
        Verify sleep process is running ($1) --->

        Remove line from /etc/inittab
        Run
          ps -ef | grep "/bin/sleep 300"
        %% paste output here
        Verify sleep process is not running ($1) --->
	__END__
elif [ "$1" == "mingetty" ]; then
	cat >> $FILE <<- __END__

	(Not valid for iSeries or zSeries)

        Open one virtual console using Ctrl-Alt-Fn, where n is 1-6

        root login with invalid password should fail ($1) --->
        root login with valid operation should succeed ($1) --->

        Execute "w" command
        Verify TTY is correct (ttyn)
        %% paste output here
        TTY correct ($1) --->

        Verify USER is "root"
        %% paste output here
        USER is "root" ($1) --->

        Verify LOGIN@ time is correct (ie. current time)
        %% paste output here
        Correct LOGIN@ time ($1) --->
	__END__
elif [ "$1" == "mount" ]; then
	cat >> $FILE <<- __END__

        Create a block device:
        Run
          dd if=/dev/zero of=block.img count=2880
          losetup /dev/loop0 block.img
          mke2fs /dev/loop0
        Change to "bin" directory

        Run 
          ./mount01 -D /dev/loop0
        %% paste output here
        mount01 tests ($1) --->

        Run 
          ./mount02 -D /dev/loop0
        %% paste output here
        mount02 tests ($1) --->

        Run 
          ./mount03 -D /dev/loop0
        %% paste output here
        mount03 tests ($1) --->

        Run 
          ./mount04 -D /dev/loop0
        %% paste output here
        mount04 tests ($1) --->
	__END__
elif [ "$1" == "amtu" ]; then
	cat >> $FILE <<- __END__

	This test must be run as root. Auditing of text messages must be enabled.

        Run:
          amtu -m
          augrep -e TEXT -X amtu
        Verify audit record exists
        %% paste output here
        amtu -m test result ($1) ---> 

        Run:
          amtu -s
          augrep -e TEXT -X amtu
        Verify audit record exists
        %% paste output here
        amtu -s test result ($1) --->

        Run:
          amtu -i
          augrep -e TEXT -X amtu
        Verify audit record exists
        %% paste output here
        amtu -i test result ($1) --->

        Run:
          amtu -n
          augrep -e TEXT -X amtu
        Verify audit record exists
        %% paste output here
        amtu -n test result ($1) --->

        Run:
          amtu -p
          augrep -e TEXT -X amtu
        Verify audit record exists
        %% paste output here
        amtu -p test result ($1) --->
	__END__

elif [ "$1" == "audit" ]; then
	cat >> $FILE <<- __END__

        Verify auditd or auditd64 is not running
        Run
          echo 'event user-message =  always;' > /etc/audit/filter.conf
          /etc/init.d/audit start
          augrep -e TEXT
        %% paste output here
        Verify AUDIT_start record ($1) --->

        Run
          /etc/init.d/audit status
        %% paste output here
        Verify running status is displayed ($1) --->

        Run
          /etc/init.d/audit restart
          augrep -e TEXT
        %% paste output here
        Verify AUDIT_stop and AUDIT_start record ($1) --->

        Run
          /etc/init.d/audit try-restart
          augrep -e TEXT
        %% paste output here
        Verify AUDIT_stop and AUDIT_start record ($1) --->

        Run
          echo 2 > /proc/sys/dev/audit/debug
          /etc/init.d/audit reload
          dmesg
        %% paste output here
        Verify "auditf_read:called" is displayed ($1) --->

        Run
          /etc/init.d/audit force-reload
          dmesg
        %% paste output here
        Verify "auditf_read:called" is displayed a second time ($1) --->

        Run
          echo 0 > /proc/sys/dev/audit/debug
          /etc/init.d/audit stop
          augrep -e TEXT
        %% paste output here
        Verify AUDIT_stop record ($1) --->
	__END__
elif [ "$1" == "aurun" ]; then
	cat >> $FILE <<- __END__

        Run
          aurun make run
        Verify aurun attached correctly to laus
        Verify all tests pass ($1) --->
	__END__
elif [ "$1" == "openssl" ]; then
	cat >> $FILE <<- __END__

        "ciphers = RC4-SHA"
        Hello World page is displayed - RC4-SHA ($1) --->

        "ciphers = DES-CBC3-SHA"
        Hello World page is displayed - DES-CBC3-SHA ($1) --->

        "ciphers = AES128-SHA"
        Hello World page is displayed - AES128-SHA ($1) --->
                                                                                
        "ciphers = AES256-SHA"
        Hello World page is displayed - AES256-SHA ($1) --->
	__END__
else
	echo "USE : $0 <argument> "
	echo "Where argument is one of the following: login, securetty, inittab, mingetty, mount, amtu, audit, aurun, or openssl"
	rm -f $FILE
	exit
fi

echo "" >> $FILE
echo "Additional comments :" >> $FILE
echo "Please refer to test plan for more detailed instructions on running the tests"
echo "File $FILE has been created for you."
echo "Please run $1 test now and report PASS or FAIL results in the created file."

