1 # Copyright (c) 2012 The Chromium OS Authors. All rights reserved. 2 # Use of this source code is governed by a BSD-style license that can be 3 # found in the LICENSE file. 4 5 import grp 6 import logging 7 import os 8 import pwd 9 import stat 10 11 from autotest_lib.client.bin import test, utils 12 from autotest_lib.client.common_lib import error 13 14 class security_SysLogPermissions(test.test): 15 version = 1 16 17 def run_once(self, baseline='suid'): 18 syslog_uid = pwd.getpwnam('syslog').pw_uid 19 syslog_gid = grp.getgrnam('syslog').gr_gid 20 st = os.stat('/var/log') 21 if not (st.st_mode & stat.S_ISVTX): 22 raise error.TestFail('/var/log is not sticky') 23 if st.st_gid != syslog_gid: 24 raise error.TestFail('/var/log is not group syslog') 25 st = os.stat('/var/log/messages') 26 if st.st_uid != syslog_uid: 27 raise error.TestFail('/var/log/messages is not user syslog') 28
