Fixed unit test error on test_from inside auditevent, fixed Wix hardc…

…oded path in Windows MSI builder
Achiefs · Apr 18, 2024 · e879a3b · e879a3b
1 parent 3d247d7
commit e879a3b
Show file tree

Hide file tree

Showing 3 changed files with 35 additions and 7 deletions.
diff --git a/pkg/msi/builder.ps1 b/pkg/msi/builder.ps1
@@ -7,7 +7,7 @@ cd pkg\msi
 cp ..\..\target\release\fim.exe .\
 cp ..\..\config\windows\config.yml .\
 
-Invoke-Expression "& `"C:\Program Files (x86)\WiX Toolset v3.11\bin\candle.exe`" .\fim.wxs -o .\fim.wixobj"
+Invoke-Expression "& `"C:\Program Files (x86)\WiX Toolset v3.*\bin\candle.exe`" .\fim.wxs -o .\fim.wixobj"
 
-Invoke-Expression "& `"C:\Program Files (x86)\WiX Toolset v3.11\bin\light.exe`" -ext WixUIExtension .\fim.wixobj -o fim-$version-1-x64.msi"
+Invoke-Expression "& `"C:\Program Files (x86)\WiX Toolset v3.*\bin\light.exe`" -ext WixUIExtension .\fim.wixobj -o fim-$version-1-x64.msi"
 
diff --git a/src/auditevent.rs b/src/auditevent.rs
@@ -592,7 +592,8 @@ mod tests {
     #[test]
     fn test_from() {
         if utils::get_os() == "linux" {
-            let config = Config::new(&utils::get_os(), None);
+            let config = Config::new(&utils::get_os(),
+                Some("test/unit/config/linux/audit_from_test.yml"));
             let syscall = HashMap::<String, String>::from([
                 (String::from("syscall"), String::from("syscall")),
                 (String::from("ppid"), String::from("ppid")),
@@ -630,12 +631,12 @@ mod tests {
             ]);*/
             let paths = Vec::from([
                 HashMap::<String, String>::from([
-                    (String::from("name"), String::from("/tmp")),
+                    (String::from("name"), String::from("/etc")),
                     (String::from("nametype"), String::from("PARENT"))
                 ]),
                 HashMap::<String, String>::from([
                     (String::from("nametype"), String::from("nametype")),
-                    (String::from("name"), String::from("/tmp")),
+                    (String::from("name"), String::from("/etc")),
                     (String::from("ogid"), String::from("ogid")),
                     (String::from("rdev"), String::from("rdev")),
                     (String::from("cap_fver"), String::from("cap_fver")),
@@ -679,8 +680,8 @@ mod tests {
             assert_eq!(utils::get_hostname(), event.hostname);
             assert_eq!(String::from("FIM"), event.node);
             assert_eq!(String::from(config::VERSION), event.version);
-            assert_eq!(String::from("/tmp"), event.path);
-            assert_eq!(String::from("tmp"), event.file);
+            assert_eq!(String::from("/etc"), event.path);
+            assert_eq!(String::from("etc"), event.file);
             assert_eq!(4096, event.size);
             //assert_eq!(..., event.labels);
             //assert_eq!(..., event.parent);

diff --git a/test/unit/config/linux/audit_from_test.yml b/test/unit/config/linux/audit_from_test.yml
@@ -0,0 +1,27 @@
+node: "FIM"
+
+# Events configuration, where to store produced events
+events:
+  destination: file
+  file: /var/lib/fim/events.json
+
+# Audit extended files and folders information
+audit:
+  - path: /etc
+    labels: ["tmp", "linux"]
+    ignore: [".swp"]
+    allowed: [".txt", ".rs"]
+
+# Simple files and folders information
+monitor:
+  - path: /bin/
+  - path: /usr/bin/
+    labels: ["usr/bin", "linux"]
+  - path: /etc
+    labels: ["etc", "linux"]
+
+# App procedure and errors logging
+log:
+  file: /var/log/fim/fim.log
+  # Available levels [debug, info, error, warning]
+  level: info