From 58277716c70a8c6ffeb3fff537ea167bc4af6bf8 Mon Sep 17 00:00:00 2001
From: Thibault Ayanides <thibault.ayanides@ovhcloud.com>
Date: Tue, 27 Oct 2020 11:04:33 +0100
Subject: [PATCH] IMP(6.2.11,6.2.14): add purposely failing tests

---
 .../6.2.11_find_user_forward_files.sh         | 13 +++++++++++-
 .../6.2.14_find_user_rhosts_files.sh          | 21 +++++++++++++++++++
 2 files changed, 33 insertions(+), 1 deletion(-)
 create mode 100755 tests/hardening/6.2.14_find_user_rhosts_files.sh

diff --git a/tests/hardening/6.2.11_find_user_forward_files.sh b/tests/hardening/6.2.11_find_user_forward_files.sh
index b333419..50f03a2 100644
--- a/tests/hardening/6.2.11_find_user_forward_files.sh
+++ b/tests/hardening/6.2.11_find_user_forward_files.sh
@@ -5,6 +5,17 @@ test_audit() {
     dismiss_count_for_test
     # shellcheck disable=2154
     run blank /opt/debian-cis/bin/hardening/"${script}".sh --audit-all
+    
+    local test_user="testforwarduser"
+    local test_file=".forward"
 
-    # TODO fill comprehensive tests
+    describe Tests purposely failing 
+    useradd --create-home $test_user
+    touch /home/$test_user/$test_file
+    register_test retvalshouldbe 1
+    register_test contain "$test_file present"
+    run noncompliant /opt/debian-cis/bin/hardening/"${script}".sh --audit-all
+
+    # cleanup
+    userdel -r $test_user
 }
diff --git a/tests/hardening/6.2.14_find_user_rhosts_files.sh b/tests/hardening/6.2.14_find_user_rhosts_files.sh
new file mode 100755
index 0000000..34539c6
--- /dev/null
+++ b/tests/hardening/6.2.14_find_user_rhosts_files.sh
@@ -0,0 +1,21 @@
+# run-shellcheck
+test_audit() {
+    describe Running on blank host
+    register_test retvalshouldbe 0
+    dismiss_count_for_test
+    # shellcheck disable=2154
+    run blank /opt/debian-cis/bin/hardening/"${script}".sh --audit-all
+
+    local test_user="testrhostsuser"
+    local test_file=".rhosts"
+
+    describe Tests purposely failing 
+    useradd --create-home $test_user
+    touch /home/$test_user/$test_file
+    register_test retvalshouldbe 1
+    register_test contain "$test_file present"
+    run noncompliant /opt/debian-cis/bin/hardening/"${script}".sh --audit-all
+
+    # cleanup
+    userdel -r $test_user
+}
\ No newline at end of file