|
new file 100644
|
|
|
import testinfra.utils.ansible_runner
|
|
|
|
|
|
|
|
|
testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
|
|
|
'.molecule/ansible_inventory.yml').get_hosts(['parameters-mandatory', 'parameters-optional', 'parameters-no-incoming'])
|
|
|
|
|
|
|
|
|
def test_installed_packages(host):
|
|
|
"""
|
|
|
Tests if the necessary packages have been installed.
|
|
|
"""
|
|
|
|
|
|
assert host.package('postfix').is_installed
|
|
|
assert host.package('procmail').is_installed
|
|
|
assert host.package('swaks').is_installed
|
|
|
|
|
|
|
|
|
def test_removed_packages(host):
|
|
|
"""
|
|
|
Tests if certain packages have been removed from the system.
|
|
|
"""
|
|
|
|
|
|
assert not host.package('exim4').is_installed
|
|
|
|
|
|
|
|
|
def test_smtp_relay_truststore_file(host):
|
|
|
"""
|
|
|
Tests if SMTP relay truststore has correct permissions
|
|
|
"""
|
|
|
|
|
|
truststore = host.file('/etc/ssl/certs/smtp_relay_truststore.pem')
|
|
|
|
|
|
assert truststore.is_file
|
|
|
assert truststore.user == 'root'
|
|
|
assert truststore.group == 'root'
|
|
|
assert truststore.mode == 0o644
|
|
|
|
|
|
|
|
|
def test_smtp_mailname(host):
|
|
|
"""
|
|
|
Tests if SMTP mailname configuration file has correct permissions.
|
|
|
"""
|
|
|
|
|
|
mailname = host.file('/etc/mailname')
|
|
|
|
|
|
assert mailname.is_file
|
|
|
assert mailname.user == 'root'
|
|
|
assert mailname.group == 'root'
|
|
|
assert mailname.mode == 0o644
|
|
|
|
|
|
|
|
|
def test_postfix_main_cf_file(host):
|
|
|
"""
|
|
|
Tests Postfix main configuration file permissions.
|
|
|
"""
|
|
|
|
|
|
config = host.file('/etc/postfix/main.cf')
|
|
|
assert config.is_file
|
|
|
assert config.user == 'root'
|
|
|
assert config.group == 'root'
|
|
|
assert config.mode == 0o644
|
|
|
|
|
|
|
|
|
def test_services(host):
|
|
|
"""
|
|
|
Tests if all the necessary services are enabled and running.
|
|
|
"""
|
|
|
|
|
|
service = host.service('postfix')
|
|
|
assert service.is_running
|
|
|
assert service.is_enabled
|
|
|
|
|
|
|
|
|
def test_firewall_configuration_file(host):
|
|
|
"""
|
|
|
Tests if firewall configuration file has correct permissions.
|
|
|
"""
|
|
|
|
|
|
with host.sudo():
|
|
|
config = host.file('/etc/ferm/conf.d/20-mail.conf')
|
|
|
assert config.is_file
|
|
|
assert config.user == 'root'
|
|
|
assert config.group == 'root'
|
|
|
assert config.mode == 0o640
|