make -j $(getconf _NPROCESSORS_ONLN) 2>&1 | tee ../build-log.txt && \
make install 2>&1 | tee ../install-log.txt
RUN tar czvf /opt/akraino/ltp.tar.gz /opt/ltp
+WORKDIR /root/src
+RUN git clone https://github.com/CISOfy/lynis && tar czvf /opt/akraino/lynis-remote.tar.gz ./lynis
# Copy binaries into the final container and install robot framework
FROM ubuntu:18.04
COPY --from=build /wheels /wheels
COPY --from=build /opt/akraino/validation /opt/akraino/validation
COPY --from=build /opt/akraino/ltp.tar.gz /opt/akraino/ltp.tar.gz
+COPY --from=build /opt/akraino/lynis-remote.tar.gz /opt/akraino/lynis-remote.tar.gz
+
RUN apt-get update && apt-get -y install \
python3-pip python3.6 && \
--- /dev/null
+##############################################################################
+# Copyright (c) 2019 AT&T Intellectual Property. #
+# Copyright (c) 2019 Nokia. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); #
+# you maynot use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+*** Settings ***
+Documentation Validation, Auditing Hardening Compliance
+Library SSHLibrary
+Library OperatingSystem
+Library BuiltIn
+Library Process
+Suite Setup Run Keywords
+... Open Connection And Log In
+... Install Lynis
+Test Teardown Download Logs
+Suite Teardown Run Keywords
+... Uninstall Lynis
+... Close All Connections
+
+*** Variables ***
+${FULL_SUITE} ${SUITE_NAME.replace(' ','_')}
+
+*** Test Cases ***
+Run Lynis Audit System
+ [Documentation] Run Lynis
+ ${log} = Set Variable ${OUTPUT DIR}${/}${FULL_SUITE}.${TEST NAME.replace(' ','_')}.log
+ ${stdout} ${rc} = Execute Command cd lynis && sudo ./lynis audit system --quick return_rc=True
+ Append To File ${log} ${stdout}${\n}
+ Should Be Equal As Integers ${rc} 0
+
+
+*** Keywords ***
+Open Connection And Log In
+ Open Connection ${HOST}
+ Login With Public Key ${USERNAME} ${SSH_KEYFILE}
+
+Install Lynis
+ [Documentation] Install Lynis
+ Put File /opt/akraino/lynis-remote.tar.gz
+ Execute Command tar xzf lynis-remote.tar.gz && sudo chown -R 0:0 lynis
+
+Uninstall Lynis
+ [Documentation] Uninstall Lynis
+ Execute Command rm lynis-remote.tar.gz
+ Execute Command rm -rf ~/lynis /var/log/lynis.log /var/log/lynis-report.dat sudo=True
+
+Download Logs
+ [Documentation] Downloading logs and removing them
+ SSHLibrary.Get File /var/log/lynis.log ${OUTPUT DIR}/lynis.log
+ Execute Command rm /var/log/lynis.log sudo=True
+ SSHLibrary.Get File /var/log/lynis-report.dat ${OUTPUT DIR}/lynis-report.dat
+ Execute Command rm /var/log/lynis-report.dat sudo=True
\ No newline at end of file