From: <mva...@re...> - 2012-05-10 08:07:29
|
From: Miroslav Vadkerti <mva...@re...> Changes for audit in RHEL6.3 has caused max_log_file tests to fail. This was because changes to how audit detects the audit.log file size (doesn't use fstat now). Signed-off-by: Miroslav Vadkerti <mva...@re...> --- audit/fail-safe/tests/test_max_log_file.bash | 7 +++++-- 1 files changed, 5 insertions(+), 2 deletions(-) diff --git a/audit/fail-safe/tests/test_max_log_file.bash b/audit/fail-safe/tests/test_max_log_file.bash index b1081af..9233b0a 100755 --- a/audit/fail-safe/tests/test_max_log_file.bash +++ b/audit/fail-safe/tests/test_max_log_file.bash @@ -30,14 +30,17 @@ write_config -s "$auditd_conf" \ max_log_file=$max_log_file \ max_log_file_action=$action || exit 2 -restart_auditd || exit 2 - # Prepopulate log with max_log_file minus 5k write_file "$audit_log" $((max_log_file * 1024 - 5)) || exit 2 +restart_auditd || exit 2 + +echo "audit.log size before: $(stat -c %s $audit_log)" + # each record is at least 80 bytes (based on empirical evidence), so writing # 200 records should always take us over (200 * 80 =~ 15k) write_records 200 || exit 2 +echo "audit.log size after: $(stat -c %s $audit_log)" case $action in email) -- 1.7.6.5 |
From: <mva...@re...> - 2012-05-10 08:07:25
|
From: Miroslav Vadkerti <mva...@re...> Signed-off-by: Miroslav Vadkerti <mva...@re...> --- audit/trustedprograms/tests/test_hwclock.bash | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/audit/trustedprograms/tests/test_hwclock.bash b/audit/trustedprograms/tests/test_hwclock.bash index c104946..1c68979 100755 --- a/audit/trustedprograms/tests/test_hwclock.bash +++ b/audit/trustedprograms/tests/test_hwclock.bash @@ -48,7 +48,7 @@ echo "$(hwclock) -- restored hardware clock" # Check for the records count=$(augrok --count --seek $AUDIT_SEEK type==USYS_CONFIG \ - msg_1=~"changing system time: exe=./sbin/hwclock.*res=success.*") + msg_1=~"changing system time.*exe=./sbin/hwclock.*res=success.*") if [[ $count == 2 ]]; then echo "pass: augrok found 2 hwclock records" exit 0 -- 1.7.6.5 |
From: <mva...@re...> - 2012-05-10 08:07:31
|
From: Miroslav Vadkerti <mva...@re...> Signed-off-by: Miroslav Vadkerti <mva...@re...> --- audit/libpam/tests/test_mls_default_login.bash | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/audit/libpam/tests/test_mls_default_login.bash b/audit/libpam/tests/test_mls_default_login.bash index 50956a4..d964446 100755 --- a/audit/libpam/tests/test_mls_default_login.bash +++ b/audit/libpam/tests/test_mls_default_login.bash @@ -68,6 +68,6 @@ augrok -q type=USER_START msg_1=~"PAM:session_open $msg_1" auid=$auid \ # Check for ROLE_ASSIGN event for testuser augrok -q type=ROLE_ASSIGN msg_1=~"op=login-sename,role,range acct=\"$TEST_USER\" old-seuser=user_u old-role=user_r old-range=s0 new-seuser=staff_u new-role=auditadm_r,staff_r,lspp_test_r,secadm_r,sysadm_r new-range=$def_range" || exit_fail "ROLE_ASSIGN event does not match" # Check for USER_ROLE_CHANGE for login command -augrok -q type=USER_ROLE_CHANGE msg_1=~"pam: default-context=$def_context selected-context=$def_context: exe=./bin/login.* terminal=pts/$pts res=success.*" auid=$auid || exit_fail "USER_ROLE_CHANGE does not match" +augrok -q type=USER_ROLE_CHANGE msg_1=~"pam: default-context=$def_context selected-context=$def_context.*exe=./bin/login.* terminal=pts/$pts res=success.*" auid=$auid || exit_fail "USER_ROLE_CHANGE does not match" exit_pass -- 1.7.6.5 |
From: <mva...@re...> - 2012-05-10 08:07:32
|
From: Miroslav Vadkerti <mva...@re...> Signed-off-by: Miroslav Vadkerti <mva...@re...> --- audit/libpam/tests/test_mls_level_login.bash | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/audit/libpam/tests/test_mls_level_login.bash b/audit/libpam/tests/test_mls_level_login.bash index 39f28c0..dfc0fe0 100755 --- a/audit/libpam/tests/test_mls_level_login.bash +++ b/audit/libpam/tests/test_mls_level_login.bash @@ -70,5 +70,5 @@ augrok -q type=USER_AUTH msg_1=~"PAM:authentication $msg_1" || exit_fail augrok -q type=USER_ACCT msg_1=~"PAM:accounting $msg_1" || exit_fail augrok -q type=USER_START msg_1=~"PAM:session_open $msg_1" auid=$auid \ subj=$login_context || exit_fail -augrok -q type=USER_ROLE_CHANGE msg_1=~"pam: default-context=$def_context selected-context=$sel_context: exe=./bin/login.* res=success.*" auid=$auid || exit_fail +augrok -q type=USER_ROLE_CHANGE msg_1=~"pam: default-context=$def_context selected-context=$sel_context.*exe=./bin/login.* res=success.*" auid=$auid || exit_fail exit_pass -- 1.7.6.5 |
From: <mva...@re...> - 2012-05-10 08:07:33
|
From: Miroslav Vadkerti <mva...@re...> Signed-off-by: Miroslav Vadkerti <mva...@re...> --- audit/libpam/tests/test_mls_level_login_fail.bash | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/audit/libpam/tests/test_mls_level_login_fail.bash b/audit/libpam/tests/test_mls_level_login_fail.bash index 8846f93..bad9a54 100755 --- a/audit/libpam/tests/test_mls_level_login_fail.bash +++ b/audit/libpam/tests/test_mls_level_login_fail.bash @@ -58,5 +58,5 @@ backup /var/run/utmp msg_1="acct=\"*$TEST_USER\"* exe=./bin/login.* res=failed.*" augrok -q type=USER_START msg_1=~"PAM:session_open $msg_1" auid=$auid \ subj=$login_context || exit_fail -augrok -q type=USER_ROLE_CHANGE msg_1=~"pam: default-context=$def_context selected-context=$sel_context: exe=./bin/login.* res=failed.*" auid=$auid || exit_fail +augrok -q type=USER_ROLE_CHANGE msg_1=~"pam: default-context=$def_context selected-context=$sel_context.*exe=./bin/login.* res=failed.*" auid=$auid || exit_fail exit_pass -- 1.7.6.5 |
From: <mva...@re...> - 2012-05-10 08:07:34
|
From: Miroslav Vadkerti <mva...@re...> Also include performance enhancements to expect script. This causes the expect script not wait for timeout and saves around 20s of time while running the test. Signed-off-by: Miroslav Vadkerti <mva...@re...> --- audit/libpam/tests/test_pamfaillock_lock.bash | 25 +++++++++++++++++-------- 1 files changed, 17 insertions(+), 8 deletions(-) diff --git a/audit/libpam/tests/test_pamfaillock_lock.bash b/audit/libpam/tests/test_pamfaillock_lock.bash index 8c9ed90..f0bed97 100755 --- a/audit/libpam/tests/test_pamfaillock_lock.bash +++ b/audit/libpam/tests/test_pamfaillock_lock.bash @@ -21,6 +21,9 @@ source pam_functions.bash || exit 2 source tp_ssh_functions.bash || exit 2 +# make sure faillock is reset for TEST_USER +/sbin/faillock --user $TEST_USER --reset > /dev/null || exit_error + # setup tuid=$(id -u $TEST_USER) grep -q pam_faillock /etc/pam.d/sshd || grep -q pam_faillock /etc/pam.d/password-auth || exit_error @@ -33,16 +36,22 @@ disable_ssh_strong_rng expect -c ' spawn ssh $env(TEST_USER)@localhost - expect -nocase {Are you sure you want to continue} {send "yes\r"} - expect -nocase {password: $} {send "badpassword\r"} - expect -nocase {permission denied} - expect -nocase {password: $} {send "badpassword\r"} - expect -nocase {permission denied} - expect -nocase {password: $} {send "badpassword\r"} - expect -nocase {permission denied} {close; wait}' + expect { + {continue} { send "yes\r"; exp_continue } + {assword} { send "badpassword\r" } + } + expect { + {denied} { exp_continue } + {assword} { send "badpassword\r" } + } + expect { + {denied} { exp_continue } + {assword} { send "badpassword\r" } + } + expect -nocase {denied} { close; wait }' # test -msg_1="pam_faillock uid=$tuid : exe=./usr/sbin/sshd.*res=success.*" +msg_1="pam_faillock uid=$tuid.*exe=./usr/sbin/sshd.*res=success.*" augrok -q type=ANOM_LOGIN_FAILURES msg_1=~"$msg_1" || exit_fail augrok -q type=RESP_ACCT_LOCK msg_1=~"$msg_1" || exit_fail -- 1.7.6.5 |
From: <mva...@re...> - 2012-05-10 08:07:35
|
From: Miroslav Vadkerti <mva...@re...> This causes the expect script not wait for timeout and saves around 20s of time while running the test. Signed-off-by: Miroslav Vadkerti <mva...@re...> --- audit/libpam/tests/test_ssh04.bash | 21 ++++++++++++--------- 1 files changed, 12 insertions(+), 9 deletions(-) diff --git a/audit/libpam/tests/test_ssh04.bash b/audit/libpam/tests/test_ssh04.bash index 78396a4..24ed569 100755 --- a/audit/libpam/tests/test_ssh04.bash +++ b/audit/libpam/tests/test_ssh04.bash @@ -32,15 +32,18 @@ disable_ssh_strong_rng RUSER="root" -expect -c ' - spawn ssh root@localhost - expect -nocase {Are you sure you want to continue} {send "yes\r"} - expect -nocase {password: $} { - send "$env(PASSWD)\r" - send "PS1=:\\::\r" - } - - expect {:::$} {close; wait}' +expect -c " + spawn ssh root@localhost + expect { + {continue} {send yes\r; exp_continue} + {assword} { send $PASSWD\r } + } + expect { + eof { exit 0 } + {assword} { exit 1 } + {root} { exit 2 } + } + " msg_1="acct=\"*$RUSER\"*[ :]* exe=./usr/sbin/sshd.*terminal=ssh res=failed.*" augrok -q type=USER_AUTH msg_1=~"PAM:authentication $msg_1" || exit_fail -- 1.7.6.5 |
From: Linda K. <lin...@hp...> - 2012-05-10 16:57:11
|
Hi Miroslav, This all looks fine and I'm all for speeding up the tests but just for my own information, is this faster because there are fewer 'expect' statements, with each statement just doing more? With fewer 'expect' statements, there are fewer timeout? Or is it because if something fails, it bails out of the 'expect' and skips the rest of the checks in that statement, saving another timeout? -- ljk mva...@re... wrote: > From: Miroslav Vadkerti <mva...@re...> > > This causes the expect script not wait > for timeout and saves around 20s of time while > running the test. > > Signed-off-by: Miroslav Vadkerti <mva...@re...> > --- > audit/libpam/tests/test_ssh04.bash | 21 ++++++++++++--------- > 1 files changed, 12 insertions(+), 9 deletions(-) > > diff --git a/audit/libpam/tests/test_ssh04.bash b/audit/libpam/tests/test_ssh04.bash > index 78396a4..24ed569 100755 > --- a/audit/libpam/tests/test_ssh04.bash > +++ b/audit/libpam/tests/test_ssh04.bash > @@ -32,15 +32,18 @@ disable_ssh_strong_rng > > RUSER="root" > > -expect -c ' > - spawn ssh root@localhost > - expect -nocase {Are you sure you want to continue} {send "yes\r"} > - expect -nocase {password: $} { > - send "$env(PASSWD)\r" > - send "PS1=:\\::\r" > - } > - > - expect {:::$} {close; wait}' > +expect -c " > + spawn ssh root@localhost > + expect { > + {continue} {send yes\r; exp_continue} > + {assword} { send $PASSWD\r } > + } > + expect { > + eof { exit 0 } > + {assword} { exit 1 } > + {root} { exit 2 } > + } > + " > > msg_1="acct=\"*$RUSER\"*[ :]* exe=./usr/sbin/sshd.*terminal=ssh res=failed.*" > augrok -q type=USER_AUTH msg_1=~"PAM:authentication $msg_1" || exit_fail |
From: Miroslav V. <mva...@re...> - 2012-05-14 07:18:31
|
----- Original Message ----- > Hi Miroslav, > > This all looks fine and I'm all for speeding up the tests but just > for my own information, is this faster because there are fewer > 'expect' > statements, with each statement just doing more? With fewer 'expect' > statements, there are fewer timeout? Hi Linda, No this is not the case, the number of expects remains the same. > > Or is it because if something fails, it bails out of the 'expect' > and skips the rest of the checks in that statement, saving another > timeout? No this is also not a case. The scripts have been rewritten so that in PASS scenario there is no timeout. That means - all outputs along the PASS path are expected with expect statement. If there is a fail - timeout is acceptable. > > -- ljk > > mva...@re... wrote: > > From: Miroslav Vadkerti <mva...@re...> > > > > This causes the expect script not wait > > for timeout and saves around 20s of time while > > running the test. > > > > Signed-off-by: Miroslav Vadkerti <mva...@re...> > > --- > > audit/libpam/tests/test_ssh04.bash | 21 ++++++++++++--------- > > 1 files changed, 12 insertions(+), 9 deletions(-) > > > > diff --git a/audit/libpam/tests/test_ssh04.bash > > b/audit/libpam/tests/test_ssh04.bash > > index 78396a4..24ed569 100755 > > --- a/audit/libpam/tests/test_ssh04.bash > > +++ b/audit/libpam/tests/test_ssh04.bash > > @@ -32,15 +32,18 @@ disable_ssh_strong_rng > > > > RUSER="root" > > > > -expect -c ' > > - spawn ssh root@localhost > > - expect -nocase {Are you sure you want to continue} {send > > "yes\r"} > > - expect -nocase {password: $} { > > - send "$env(PASSWD)\r" > > - send "PS1=:\\::\r" > > - } > > - > > - expect {:::$} {close; wait}' > > +expect -c " > > + spawn ssh root@localhost > > + expect { > > + {continue} {send yes\r; exp_continue} > > + {assword} { send $PASSWD\r } > > + } > > + expect { > > + eof { exit 0 } > > + {assword} { exit 1 } > > + {root} { exit 2 } > > + } > > + " > > > > msg_1="acct=\"*$RUSER\"*[ :]* exe=./usr/sbin/sshd.*terminal=ssh > > res=failed.*" > > augrok -q type=USER_AUTH msg_1=~"PAM:authentication $msg_1" || > > exit_fail > > -- Miroslav Vadkerti :: Quality Assurance Engineer / RHCE :: BaseOS QE - Security Phone +420 532 294 129 :: CR cell +420 775 039 842 :: SR cell +421 904 135 440 IRC mvadkert at #qe #urt #brno #rpmdiff :: GnuPG ID 0x25881087 at pgp.mit.edu Red Hat s.r.o, Purkyňova 99/71, 612 45, Brno, Czech Republic |
From: <mva...@re...> - 2012-05-10 08:07:36
|
From: Miroslav Vadkerti <mva...@re...> Also include performance enhancements to expect script. This causes the expect script not wait for timeout and saves around 20s of time while running the test. Signed-off-by: Miroslav Vadkerti <mva...@re...> --- audit/libpam/tests/test_pamfaillock_unlock.bash | 34 ++++++++++++++--------- 1 files changed, 21 insertions(+), 13 deletions(-) diff --git a/audit/libpam/tests/test_pamfaillock_unlock.bash b/audit/libpam/tests/test_pamfaillock_unlock.bash index 58da99b..2ee1750 100755 --- a/audit/libpam/tests/test_pamfaillock_unlock.bash +++ b/audit/libpam/tests/test_pamfaillock_unlock.bash @@ -33,29 +33,37 @@ disable_ssh_strong_rng expect -c ' spawn ssh $env(TEST_USER)@localhost - expect -nocase {Are you sure you want to continue} {send "yes\r"} - expect -nocase {password: $} {send "badpassword\r"} - expect -nocase {permission denied} - expect -nocase {password: $} {send "badpassword\r"} - expect -nocase {permission denied} - expect -nocase {password: $} {send "badpassword\r"} - expect -nocase {permission denied} {close; wait}' + expect { + {continue} { send "yes\r"; exp_continue } + {assword} { send "badpassword\r" } + } + expect { + {denied} { exp_continue } + {assword} { send "badpassword\r" } + } + expect { + {denied} { exp_continue } + {assword} { send "badpassword\r" } + } + expect -nocase {denied} { close; wait }' # test /sbin/faillock --user $TEST_USER --reset > /dev/null || exit_error -msg_1="faillock reset uid=$tuid: exe=./sbin/faillock.*res=success.*" +msg_1="faillock reset uid=$tuid.*exe=./sbin/faillock.*res=success.*" augrok -q type=USER_ACCT msg_1=~"$msg_1" || exit_fail # verify the account is unlocked expect -c ' spawn ssh $env(TEST_USER)@localhost - expect -nocase {Are you sure you want to continue} {send "yes\r"} - expect -nocase {password: $} { - send "$env(TEST_USER_PASSWD)\r" - send "PS1=:\\::\r" + expect { + {continue} { send "yes\r"; exp_continue } + {assword} { + send "$env(TEST_USER_PASSWD)\r" + send "PS1=:\\::\r" + } } - expect {:::$} {close; wait}' + expect {:::$} { close; wait }' msg_2="acct=\"$TEST_USER\" exe=./usr/sbin/sshd.*terminal=ssh res=success.*" augrok -q type=CRED_ACQ msg_1=~"PAM:setcred $msg_2" || exit_fail -- 1.7.6.5 |
From: <mva...@re...> - 2012-05-10 08:07:38
|
From: Miroslav Vadkerti <mva...@re...> This causes the expect script not wait for timeout and saves around 20s of time while running the test. Signed-off-by: Miroslav Vadkerti <mva...@re...> --- audit/libpam/tests/test_ssh04_fail.bash | 15 ++++++++++----- 1 files changed, 10 insertions(+), 5 deletions(-) diff --git a/audit/libpam/tests/test_ssh04_fail.bash b/audit/libpam/tests/test_ssh04_fail.bash index ad8de17..49a7095 100755 --- a/audit/libpam/tests/test_ssh04_fail.bash +++ b/audit/libpam/tests/test_ssh04_fail.bash @@ -29,11 +29,16 @@ source testcase.bash || exit 2 RUSER="root" -expect -c ' - spawn ssh root@localhost - expect -nocase {Are you sure you want to continue} {send "yes\r"} - expect -nocase {password: $} {send "badpassword\r"} - expect -nocase {permission denied} {close; wait}' +expect -c " + spawn ssh root@localhost + expect { + {continue} {send yes\r; exp_continue} + {assword} {send badpassword\r} + } + expect { + {permission denied} {close; wait} + {assword} {close; wait} + }" msg_1="acct=\"*$RUSER\"*[ :]* exe=./usr/sbin/sshd.*terminal=ssh res=failed.*" augrok -q type=USER_AUTH msg_1=~"PAM:authentication $msg_1" || exit_fail -- 1.7.6.5 |
From: <mva...@re...> - 2012-05-10 08:07:38
|
From: Miroslav Vadkerti <mva...@re...> This causes the expect script not wait for timeout and saves around 20s of time while running the test. Signed-off-by: Miroslav Vadkerti <mva...@re...> --- audit/libpam/tests/test_sshd.bash | 15 ++++++++------- 1 files changed, 8 insertions(+), 7 deletions(-) diff --git a/audit/libpam/tests/test_sshd.bash b/audit/libpam/tests/test_sshd.bash index 8f055ba..d9857bd 100755 --- a/audit/libpam/tests/test_sshd.bash +++ b/audit/libpam/tests/test_sshd.bash @@ -23,14 +23,15 @@ source tp_ssh_functions.bash || exit 2 disable_ssh_strong_rng # test -expect -c ' - spawn ssh $env(TEST_USER)@localhost - expect -nocase {Are you sure you want to continue} {send "yes\r"} - expect -nocase {password: $} { - send "$env(TEST_USER_PASSWD)\r" - send "PS1=:\\::\r" +expect -c " + spawn ssh ${TEST_USER}@localhost + expect { + {continue} {send yes\r; exp_continue} + {assword} {send ${TEST_USER_PASSWD}\r} } - expect {:::$} {close; wait}' + expect {$TEST_USER} {send exit\r} + expect eof + exit 0" msg_1="acct=\"*$TEST_USER\"*[ :]* exe=./usr/sbin/sshd.*terminal=ssh res=success.*" augrok -q type=CRED_REFR msg_1=~"PAM: setcred $msg_1" || \ -- 1.7.6.5 |
From: <mva...@re...> - 2012-05-10 08:07:41
|
From: Miroslav Vadkerti <mva...@re...> This causes the expect script not wait for timeout and saves around 20s of time while running the test. Signed-off-by: Miroslav Vadkerti <mva...@re...> --- audit/libpam/tests/test_sshd_fail.bash | 15 ++++++++++----- 1 files changed, 10 insertions(+), 5 deletions(-) diff --git a/audit/libpam/tests/test_sshd_fail.bash b/audit/libpam/tests/test_sshd_fail.bash index 0da749b..069c8ff 100755 --- a/audit/libpam/tests/test_sshd_fail.bash +++ b/audit/libpam/tests/test_sshd_fail.bash @@ -23,11 +23,16 @@ source tp_ssh_functions.bash || exit 2 disable_ssh_strong_rng # test -expect -c ' - spawn ssh $env(TEST_USER)@localhost - expect -nocase {Are you sure you want to continue} {send "yes\r"} - expect -nocase {password: $} {send "badpassword\r"} - expect -nocase {permission denied} {close; wait}' +expect -c " + spawn ssh $TEST_USER@localhost + expect { + {continue} {send yes\r; exp_continue} + {assword} {send badpassword\r} + } + expect { + {permission denied} {close; wait} + {assword} {close; wait} + }" msg_1="acct=\"*$TEST_USER\"*[ :]* exe=./usr/sbin/sshd.*terminal=ssh res=failed.*" augrok -q type=USER_AUTH msg_1=~"PAM: *authentication $msg_1" || exit_fail -- 1.7.6.5 |
From: Linda K. <lin...@hp...> - 2012-05-10 16:51:29
|
Hi Miroslav, Thanks for keeping the audit-test suite up to date. Are the changes for RHEL6.3 backward compatible with 6.2? They all seem to be but if they're not, then I'm wondering if we need to make the version dependency visible somehow. -- ljk mva...@re... wrote: > From: Miroslav Vadkerti <mva...@re...> > > Changes for audit in RHEL6.3 has caused max_log_file > tests to fail. This was because changes to how audit > detects the audit.log file size (doesn't use fstat now). > > Signed-off-by: Miroslav Vadkerti <mva...@re...> > --- > audit/fail-safe/tests/test_max_log_file.bash | 7 +++++-- > 1 files changed, 5 insertions(+), 2 deletions(-) > > diff --git a/audit/fail-safe/tests/test_max_log_file.bash b/audit/fail-safe/tests/test_max_log_file.bash > index b1081af..9233b0a 100755 > --- a/audit/fail-safe/tests/test_max_log_file.bash > +++ b/audit/fail-safe/tests/test_max_log_file.bash > @@ -30,14 +30,17 @@ write_config -s "$auditd_conf" \ > max_log_file=$max_log_file \ > max_log_file_action=$action || exit 2 > > -restart_auditd || exit 2 > - > # Prepopulate log with max_log_file minus 5k > write_file "$audit_log" $((max_log_file * 1024 - 5)) || exit 2 > > +restart_auditd || exit 2 > + > +echo "audit.log size before: $(stat -c %s $audit_log)" > + > # each record is at least 80 bytes (based on empirical evidence), so writing > # 200 records should always take us over (200 * 80 =~ 15k) > write_records 200 || exit 2 > +echo "audit.log size after: $(stat -c %s $audit_log)" > > case $action in > email) |
From: Ondrej M. <om...@re...> - 2012-05-11 07:57:20
|
Hi Linda, yes - changes are backward compatible. Fail-safe tests pass with both 6.2 and 6.3 audit package. On 05/10/2012 06:51 PM, Linda Knippers wrote: > Hi Miroslav, > > Thanks for keeping the audit-test suite up to date. > > Are the changes for RHEL6.3 backward compatible with 6.2? > They all seem to be but if they're not, then I'm wondering if > we need to make the version dependency visible somehow. > > -- ljk > > mva...@re... wrote: >> From: Miroslav Vadkerti<mva...@re...> >> >> Changes for audit in RHEL6.3 has caused max_log_file >> tests to fail. This was because changes to how audit >> detects the audit.log file size (doesn't use fstat now). >> >> Signed-off-by: Miroslav Vadkerti<mva...@re...> >> --- >> audit/fail-safe/tests/test_max_log_file.bash | 7 +++++-- >> 1 files changed, 5 insertions(+), 2 deletions(-) >> >> diff --git a/audit/fail-safe/tests/test_max_log_file.bash b/audit/fail-safe/tests/test_max_log_file.bash >> index b1081af..9233b0a 100755 >> --- a/audit/fail-safe/tests/test_max_log_file.bash >> +++ b/audit/fail-safe/tests/test_max_log_file.bash >> @@ -30,14 +30,17 @@ write_config -s "$auditd_conf" \ >> max_log_file=$max_log_file \ >> max_log_file_action=$action || exit 2 >> >> -restart_auditd || exit 2 >> - >> # Prepopulate log with max_log_file minus 5k >> write_file "$audit_log" $((max_log_file * 1024 - 5)) || exit 2 >> >> +restart_auditd || exit 2 >> + >> +echo "audit.log size before: $(stat -c %s $audit_log)" >> + >> # each record is at least 80 bytes (based on empirical evidence), so writing >> # 200 records should always take us over (200 * 80 =~ 15k) >> write_records 200 || exit 2 >> +echo "audit.log size after: $(stat -c %s $audit_log)" >> >> case $action in >> email) > > > ------------------------------------------------------------------------------ > Live Security Virtual Conference > Exclusive live event will cover all the ways today's security and > threat landscape has changed and how IT managers can respond. Discussions > will include endpoint security, mobile security and the latest in malware > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > _______________________________________________ > Audit-test-developer mailing list > Aud...@li... > https://lists.sourceforge.net/lists/listinfo/audit-test-developer -- Ondrej Moriš, RHCE Quality Assurance Engineer BaseOS QE - Security Email: om...@re... Web: www.cz.redhat.com IRC: omoris at #qa #urt #brno, #penguins Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic |
From: Linda K. <lin...@hp...> - 2012-05-11 13:09:40
|
Thanks Ondrej, this all looks good to me. Miroslav, please go ahead and push your patches. -- ljk Ondrej Moriš wrote: > Hi Linda, yes - changes are backward compatible. Fail-safe tests pass > with both 6.2 and 6.3 audit package. > > On 05/10/2012 06:51 PM, Linda Knippers wrote: >> Hi Miroslav, >> >> Thanks for keeping the audit-test suite up to date. >> >> Are the changes for RHEL6.3 backward compatible with 6.2? >> They all seem to be but if they're not, then I'm wondering if >> we need to make the version dependency visible somehow. >> >> -- ljk >> >> mva...@re... wrote: >>> From: Miroslav Vadkerti<mva...@re...> >>> >>> Changes for audit in RHEL6.3 has caused max_log_file >>> tests to fail. This was because changes to how audit >>> detects the audit.log file size (doesn't use fstat now). >>> >>> Signed-off-by: Miroslav Vadkerti<mva...@re...> >>> --- >>> audit/fail-safe/tests/test_max_log_file.bash | 7 +++++-- >>> 1 files changed, 5 insertions(+), 2 deletions(-) >>> >>> diff --git a/audit/fail-safe/tests/test_max_log_file.bash >>> b/audit/fail-safe/tests/test_max_log_file.bash >>> index b1081af..9233b0a 100755 >>> --- a/audit/fail-safe/tests/test_max_log_file.bash >>> +++ b/audit/fail-safe/tests/test_max_log_file.bash >>> @@ -30,14 +30,17 @@ write_config -s "$auditd_conf" \ >>> max_log_file=$max_log_file \ >>> max_log_file_action=$action || exit 2 >>> >>> -restart_auditd || exit 2 >>> - >>> # Prepopulate log with max_log_file minus 5k >>> write_file "$audit_log" $((max_log_file * 1024 - 5)) || exit 2 >>> >>> +restart_auditd || exit 2 >>> + >>> +echo "audit.log size before: $(stat -c %s $audit_log)" >>> + >>> # each record is at least 80 bytes (based on empirical evidence), >>> so writing >>> # 200 records should always take us over (200 * 80 =~ 15k) >>> write_records 200 || exit 2 >>> +echo "audit.log size after: $(stat -c %s $audit_log)" >>> >>> case $action in >>> email) >> >> >> ------------------------------------------------------------------------------ >> >> Live Security Virtual Conference >> Exclusive live event will cover all the ways today's security and >> threat landscape has changed and how IT managers can respond. Discussions >> will include endpoint security, mobile security and the latest in malware >> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ >> _______________________________________________ >> Audit-test-developer mailing list >> Aud...@li... >> https://lists.sourceforge.net/lists/listinfo/audit-test-developer > > |
From: Miroslav V. <mva...@re...> - 2012-05-14 07:19:20
|
Thanks for the review Linda, pushing now. ----- Original Message ----- > Thanks Ondrej, this all looks good to me. > > Miroslav, please go ahead and push your patches. > > -- ljk > > Ondrej Moriš wrote: > > Hi Linda, yes - changes are backward compatible. Fail-safe tests > > pass > > with both 6.2 and 6.3 audit package. > > > > On 05/10/2012 06:51 PM, Linda Knippers wrote: > >> Hi Miroslav, > >> > >> Thanks for keeping the audit-test suite up to date. > >> > >> Are the changes for RHEL6.3 backward compatible with 6.2? > >> They all seem to be but if they're not, then I'm wondering if > >> we need to make the version dependency visible somehow. > >> > >> -- ljk > >> > >> mva...@re... wrote: > >>> From: Miroslav Vadkerti<mva...@re...> > >>> > >>> Changes for audit in RHEL6.3 has caused max_log_file > >>> tests to fail. This was because changes to how audit > >>> detects the audit.log file size (doesn't use fstat now). > >>> > >>> Signed-off-by: Miroslav Vadkerti<mva...@re...> > >>> --- > >>> audit/fail-safe/tests/test_max_log_file.bash | 7 +++++-- > >>> 1 files changed, 5 insertions(+), 2 deletions(-) > >>> > >>> diff --git a/audit/fail-safe/tests/test_max_log_file.bash > >>> b/audit/fail-safe/tests/test_max_log_file.bash > >>> index b1081af..9233b0a 100755 > >>> --- a/audit/fail-safe/tests/test_max_log_file.bash > >>> +++ b/audit/fail-safe/tests/test_max_log_file.bash > >>> @@ -30,14 +30,17 @@ write_config -s "$auditd_conf" \ > >>> max_log_file=$max_log_file \ > >>> max_log_file_action=$action || exit 2 > >>> > >>> -restart_auditd || exit 2 > >>> - > >>> # Prepopulate log with max_log_file minus 5k > >>> write_file "$audit_log" $((max_log_file * 1024 - 5)) || exit 2 > >>> > >>> +restart_auditd || exit 2 > >>> + > >>> +echo "audit.log size before: $(stat -c %s $audit_log)" > >>> + > >>> # each record is at least 80 bytes (based on empirical > >>> evidence), > >>> so writing > >>> # 200 records should always take us over (200 * 80 =~ 15k) > >>> write_records 200 || exit 2 > >>> +echo "audit.log size after: $(stat -c %s $audit_log)" > >>> > >>> case $action in > >>> email) > >> > >> > >> ------------------------------------------------------------------------------ > >> > >> Live Security Virtual Conference > >> Exclusive live event will cover all the ways today's security and > >> threat landscape has changed and how IT managers can respond. > >> Discussions > >> will include endpoint security, mobile security and the latest in > >> malware > >> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > >> _______________________________________________ > >> Audit-test-developer mailing list > >> Aud...@li... > >> https://lists.sourceforge.net/lists/listinfo/audit-test-developer > > > > > > > ------------------------------------------------------------------------------ > Live Security Virtual Conference > Exclusive live event will cover all the ways today's security and > threat landscape has changed and how IT managers can respond. > Discussions > will include endpoint security, mobile security and the latest in > malware > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > _______________________________________________ > Audit-test-developer mailing list > Aud...@li... > https://lists.sourceforge.net/lists/listinfo/audit-test-developer > -- Miroslav Vadkerti :: Quality Assurance Engineer / RHCE :: BaseOS QE - Security Phone +420 532 294 129 :: CR cell +420 775 039 842 :: SR cell +421 904 135 440 IRC mvadkert at #qe #urt #brno #rpmdiff :: GnuPG ID 0x25881087 at pgp.mit.edu Red Hat s.r.o, Purkyňova 99/71, 612 45, Brno, Czech Republic |