use server_forge::config::Config;
use server_forge::rollback::RollbackManager;
use server_forge::security;
use std::fs;
#[test]
fn test_configure_fail2ban() {
assert!(security::configure_fail2ban().is_ok());
let fail2ban_config = fs::read_to_string("/etc/fail2ban/jail.local").unwrap();
assert!(fail2ban_config.contains("[sshd]"));
assert!(fail2ban_config.contains("maxretry = 3"));
let status = std::process::Command::new("systemctl")
.args(&["is-active", "fail2ban"])
.status()
.unwrap();
assert!(status.success());
}
#[test]
fn test_setup_advanced_security() {
let config = Config {
linux_distro: String::from("ubuntu"),
security_level: String::from("advanced"),
..Default::default()
};
assert!(security::setup_advanced_security(&config).is_ok());
if config.linux_distro == "ubuntu" {
let status = std::process::Command::new("aa-status").status().unwrap();
assert!(status.success());
}
}
#[test]
fn test_setup_rootkit_detection() {
let config = Config::default();
assert!(security::setup_rootkit_detection(&config).is_ok());
let rkhunter_status = std::process::Command::new("which")
.arg("rkhunter")
.status()
.unwrap();
assert!(rkhunter_status.success());
let chkrootkit_status = std::process::Command::new("which")
.arg("chkrootkit")
.status()
.unwrap();
assert!(chkrootkit_status.success());
}
#[test]
fn test_setup_security_scans() {
assert!(security::setup_security_scans().is_ok());
assert!(fs::metadata("/usr/local/bin/security_scan.sh").is_ok());
let cron_config = fs::read_to_string("/etc/cron.d/security_scan").unwrap();
assert!(cron_config.contains("security_scan.sh"));
}
#[test]
fn test_implement_security_measures() {
let config = Config {
linux_distro: String::from("ubuntu"),
security_level: String::from("advanced"),
..Default::default()
};
let rollback_manager = RollbackManager::new();
assert!(security::implement_security_measures(&config, &rollback_manager).is_ok());
}