testinfra: remove some OSSEC tests duplicating Ansible

freedomofpress · Jan 28, 2018 · 2ab45dc · 2ab45dc
1 parent fdaf7bb
commit 2ab45dc
Showing 1 changed file with 0 additions and 87 deletions.
diff --git a/testinfra/mon/test_ossec.py b/testinfra/mon/test_ossec.py
@@ -5,21 +5,6 @@
 securedrop_test_vars = pytest.securedrop_test_vars
 
 
-@pytest.mark.parametrize('package', [
-    'mailutils',
-    'ossec-server',
-    'postfix',
-    'procmail',
-    'securedrop-ossec-server',
-])
-def test_ossec_package(Package, package):
-    """
-    Ensure required packages for OSSEC are installed.
-    Includes mail utilities and the FPF-maintained metapackage.
-    """
-    assert Package(package).is_installed
-
-
 def test_ossec_connectivity(Command, Sudo):
     """
     Ensure ossec-server machine has active connection to the ossec-agent.
@@ -34,44 +19,6 @@ def test_ossec_connectivity(Command, Sudo):
         assert c == desired_output
 
 
-def test_ossec_gnupg_homedir(File, Sudo):
-    """ ensure ossec gpg homedir exists """
-    with Sudo():
-        f = File("/var/ossec/.gnupg")
-        assert f.is_directory
-        assert f.user == "ossec"
-        assert oct(f.mode) == "0700"
-
-
-# Permissions don't match between Ansible and OSSEC deb packages postinst.
-@pytest.mark.xfail
-def test_ossec_gnupg(File, Sudo):
-    """
-    Ensures the test Admin GPG public key is present as file.
-    Does not check that it's added to the keyring for the ossec user;
-    that's handled by a separate test.
-    """
-    with Sudo():
-        f = File("/var/ossec/test_admin_key.pub")
-        assert f.is_file
-        assert oct(f.mode) == "0644"
-
-
-def test_ossec_pubkey_in_keyring(Command, Sudo):
-    """
-    Ensure the test Admin GPG public key exists in the keyring
-    within the ossec home directory.
-    """
-    ossec_gpg_pubkey_info = """pub   2048R/B5E53711 2018-01-25
-uid                  SecureDrop admin key for tests (do not use in production)
-sub   2048R/EC1DF5D0 2018-01-25"""  # noqa
-    with Sudo("ossec"):
-        c = Command.check_output(
-            "gpg --homedir /var/ossec/.gnupg "
-            "--list-keys 53E1113AC1F25027BA5D475B1141E2BBB5E53711")
-        assert c == ossec_gpg_pubkey_info
-
-
 # Permissions don't match between Ansible and OSSEC deb packages postinst.
 @pytest.mark.xfail
 @pytest.mark.parametrize('keyfile', [
@@ -96,40 +43,6 @@ def test_ossec_keyfiles(File, Sudo, keyfile):
         assert f.group == "ossec"
 
 
-@pytest.mark.parametrize('setting', [
-    'VERBOSE=yes',
-    'MAILDIR=/var/mail/',
-    'DEFAULT=$MAILDIR',
-    'LOGFILE=/var/log/procmail.log',
-    'SUBJECT=`formail -xSubject:`',
-    ':0 c',
-    '*^To:.*root.*',
-    '|/var/ossec/send_encrypted_alarm.sh',
-])
-def test_procmail_settings(File, Sudo, setting):
-    """
-    Ensure procmail settings are correct. These config lines determine
-    how the OSSEC email alerts are encrypted and then passed off for sending.
-    """
-    # Sudo is required to traverse the /var/ossec directory.
-    with Sudo():
-        f = File("/var/ossec/.procmailrc")
-        assert f.contains('^{}$'.format(setting))
-
-
-# Permissions don't match between Ansible and OSSEC deb packages postinst.
-@pytest.mark.xfail
-def test_procmail_attrs(File, Sudo):
-    """
-    Ensure procmail file attributes are specified correctly.
-    """
-    with Sudo():
-        f = File("/var/ossec/.procmailrc")
-        assert f.is_file
-        assert f.user == "ossec"
-        assert oct(f.mode) == "0440"
-
-
 # Permissions don't match between Ansible and OSSEC deb packages postinst.
 @pytest.mark.xfail
 def test_procmail_log(File, Sudo):