diff options
| author | zdc <zdc@users.noreply.github.com> | 2022-03-26 15:41:59 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-03-26 15:41:59 +0200 |
| commit | aa60d48c2711cdcd9f88a4e5c77379adb0408231 (patch) | |
| tree | 349631a02467dae0158f6f663cc8aa8537974a97 /tests/integration_tests/test_logging.py | |
| parent | 5c4b3943343a85fbe517e5ec1fc670b3a8566b4b (diff) | |
| parent | 31448cccedd8f841fb3ac7d0f2e3cdefe08a53ba (diff) | |
| download | vyos-cloud-init-aa60d48c2711cdcd9f88a4e5c77379adb0408231.tar.gz vyos-cloud-init-aa60d48c2711cdcd9f88a4e5c77379adb0408231.zip | |
Merge pull request #51 from zdc/T2117-sagitta-22.1
T2117: Cloud-init updated to 22.1
Diffstat (limited to 'tests/integration_tests/test_logging.py')
| -rw-r--r-- | tests/integration_tests/test_logging.py | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/tests/integration_tests/test_logging.py b/tests/integration_tests/test_logging.py new file mode 100644 index 00000000..b31a0434 --- /dev/null +++ b/tests/integration_tests/test_logging.py @@ -0,0 +1,22 @@ +"""Integration tests relating to cloud-init's logging.""" + + +class TestVarLogCloudInitOutput: + """Integration tests relating to /var/log/cloud-init-output.log.""" + + def test_var_log_cloud_init_output_not_world_readable(self, client): + """ + The log can contain sensitive data, it shouldn't be world-readable. + + LP: #1918303 + """ + # Check the file exists + assert client.execute("test -f /var/log/cloud-init-output.log").ok + + # Check its permissions are as we expect + perms, user, group = client.execute( + "stat -c %a:%U:%G /var/log/cloud-init-output.log" + ).split(":") + assert "640" == perms + assert "root" == user + assert "adm" == group |