Thread: [Audit-test-developer] various backwards (rhel6) compatible fixes, 2014/09

Test suite for Linux audit and related security functionality

Status: Beta

Brought to you by: amygriffis, jjaburek, jonwallace, lindaknippers, and 2 others

audit-test-developer

[Audit-test-developer] various backwards (rhel6) compatible fixes, 2014/09

From: Jiri J. <jja...@re...> - 2014-09-23 09:43:13

Hello all,
another batch of fixes and small improvements we've made during the
last 10 months (or so), all of them should be fully backwards
compatible.

Brief description (with patch numbers):

- forgotten augrok fix for recent upstream code (01)
- documentation improvements (02-04)
- stronger passwords for testing (05-08)
- various audit-* fixes for later rhel6+ releases (09-11)
- proper test user cleanup / suite resilience (12-14)
- various syscall wrapper improvements (15-34)
- make system related changes (35-40)
- other uncategorized fixes (41-46)

As you can see, most of the patches are related to syscall wrapper
improvements - those are mostly scope-limited functionality
enhancements for existing wrappers.

   2.4% audit-test/misc/tests/
   2.3% audit-test/syscalls/
  12.5% audit-test/trustedprograms/tests/
  65.9% audit-test/utils/bin/
   5.3% audit-test/utils/
  10.2% audit-test/

The patches have been tested on RHEL6.5 without any major issues.
Attached via In-Reply-To/References to this mail.

Thanks for the review,
Jiri

[Audit-test-developer] [PATCH 01/46] augrok: fix if typo in augrok

From: Jiri J. <jja...@re...> - 2014-09-23 09:43:52

From: Miroslav Vadkerti <mva...@re...>

Previous patches broke augrok because of a if-elsif typo.

Signed-off-by: Miroslav Vadkerti <mva...@re...>
---
 audit-test/utils/augrok | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/audit-test/utils/augrok b/audit-test/utils/augrok
index a42cd21..973b85b 100755
--- a/audit-test/utils/augrok
+++ b/audit-test/utils/augrok
@@ -144,7 +144,7 @@ sub new {
                 }
 
                 #define __NR_truncate __NR3264_truncate
-                if ($v =~ /^__NR3264_(\w+)$/ and
+                elsif ($v =~ /^__NR3264_(\w+)$/ and
                          defined($new_v = $singleton->{"3264_$1"})) {
                     $singleton->{$k} = $new_v;
                     $changed = 1;
-- 
1.8.3.1

[Audit-test-developer] [PATCH 02/46] utils/envcheck: document the original intention of envcheck

From: Jiri J. <jja...@re...> - 2014-09-23 09:43:56

Signed-off-by: Jiri Jaburek <jja...@re...>
---
 audit-test/utils/envcheck | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/audit-test/utils/envcheck b/audit-test/utils/envcheck
index d43958f..c48e463 100755
--- a/audit-test/utils/envcheck
+++ b/audit-test/utils/envcheck
@@ -23,6 +23,19 @@
 # the prerequisities for audit-test suite run met.
 # This ranges from initial environment variable checking to ensuring proper
 # routing between TOE and NS.
+#
+
+# The idea is to catch various configuration or setup errors
+# and give useful hints, so that the user doesn't have to debug
+# the system/suite to find out what could possibly go wrong.
+#
+# This script is not supposed to replace or duplicate functionality
+# provided by the suite itself, it should be only used for basic sanity
+# verification of the environment. It doesn't claim to reveal all
+# configuration errors, but it can still be useful.
+#
+# Because of the reasons mentioned above, running this script
+# is purely optional.
 
 ## COLORS
 #
-- 
1.8.3.1

[Audit-test-developer] [PATCH 03/46] README.run: sanitize /usr/local/eal4_testing in all cases

From: Jiri J. <jja...@re...> - 2014-09-23 09:44:00

The original comment was misleading - the tester could have run
"make dist" as a regular user on a different computer, with the
files inside the tarball having incorrect ownership.

This change ensures that ownership/permissions on the testing
directory are set correctly in all cases.

Signed-off-by: Jiri Jaburek <jja...@re...>
---
 audit-test/README.run | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/audit-test/README.run b/audit-test/README.run
index e8f1493..c9875f4 100644
--- a/audit-test/README.run
+++ b/audit-test/README.run
@@ -115,9 +115,7 @@ Untar the previously created tar file into the newly created
 or
 # tar xvf audit-test-<commit>.tar.gz
 
-When the test suite is installed using the tar file, the ownership
-and permissions will be set correctly.  If another method is used to
-transfer the test suite, manually set the directory permissions:
+Ensure that all files in the target directory have the correct ownership:
 
 # chown -R root:root /usr/local/eal4_testing
 # chmod a+rX /usr/local/eal4_testing
-- 
1.8.3.1

[Audit-test-developer] [PATCH 04/46] README.ltp: use generic descriptions, version-independent

From: Jiri J. <jja...@re...> - 2014-09-23 09:44:03

The original version was strictly RHEL6.2 specific, with expected
results relevant to LTP 20110915 and RHEL6.2.
This change makes the README more generic, usable on a wider
variety of systems and LTP versions.

Signed-off-by: Jiri Jaburek <jja...@re...>
---
 ltp/README.ltp | 16 ++++++----------
 1 file changed, 6 insertions(+), 10 deletions(-)

diff --git a/ltp/README.ltp b/ltp/README.ltp
index 8389ae0..e380d59 100644
--- a/ltp/README.ltp
+++ b/ltp/README.ltp
@@ -1,18 +1,16 @@
-| Running LTP tests for RHEL6.2 certification
-+---------------------------------------------
+| Running LTP tests
++------------------
 
 Notes
 -----
-LTP source code from 20110915 is automatically downloaded
-for testing during the make phase.
+LTP source code is automatically downloaded during the make phase.
 
 If you do not have internet connection, please place the
 LTP sources as ltp-full.tar.bz2 to this directory. The download
 will be skipped if the sources are present. Note that a
 'make clean' will remove the LTP source file.
 
-Download link:
-http://sourceforge.net/projects/ltp/files/LTP%20Source/ltp-20110915/ltp-full-20110915.bz2
+You can find the LTP release tarballs on sourceforge.
 
 Requirements
 ------------
@@ -56,9 +54,8 @@ commands below.
 
 The logs from each test run are stored in the run.log and rollup.log files.
 
-Expected test results
----------------------
-
+Expected test results for RHEL6.2 / LTP 20110915
+------------------------------------------------
 When the tests are run in the native mode for the OS, all the
 tests should pass.  When the tests are run in 32-bit mode on
 a 64-bit OS, the following tests are expected to fail:
@@ -87,4 +84,3 @@ syscalls.rollup.log:truncate02_64
 On s390x the posix_fadvise03 and posixfadvise03_64 tests are expected
 to fail.  The test expects the test to fail due to an invalid advise value.
 Since more advise values are defined on s390, the syscall unexpectedly passes.
-
-- 
1.8.3.1

[Audit-test-developer] [PATCH 05/46] crypto: further improve cryptsetup passwords

From: Jiri J. <jja...@re...> - 2014-09-23 09:44:07

From: Miroslav Vadkerti <mva...@re...>

The previous LUKS password did not suffice for the
new quality rules enforced by pam_pwquality.

Signed-off-by: Miroslav Vadkerti <mva...@re...>
---
 audit-test/crypto/tests/test_cryptsetup_access.bash | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/audit-test/crypto/tests/test_cryptsetup_access.bash b/audit-test/crypto/tests/test_cryptsetup_access.bash
index af275e3..1e68568 100755
--- a/audit-test/crypto/tests/test_cryptsetup_access.bash
+++ b/audit-test/crypto/tests/test_cryptsetup_access.bash
@@ -37,7 +37,7 @@ source tp_luks_functions.bash || exit 2
 ### defaults
 DMCRYPT="cryptfs"
 DMCRYPTDEV="/dev/mapper/$DMCRYPT"
-LUKSPASS="kc3%a9?cF]X"
+LUKSPASS="kc3%a9?cF]Xffd"
 LUKSPASSND="2nd7k+meSs!!!"
 LUKSPASSRD="meSs!!1444b_"
 MOUNT="/mnt/crypt"
-- 
1.8.3.1

[Audit-test-developer] [PATCH 06/46] misc/test_procperm: increase password complexity, use sha512

From: Jiri J. <jja...@re...> - 2014-09-23 09:44:10

Signed-off-by: Jiri Jaburek <jja...@re...>
---
 audit-test/misc/tests/test_procperm.bash | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/audit-test/misc/tests/test_procperm.bash b/audit-test/misc/tests/test_procperm.bash
index 2e4d26b..1a40065 100755
--- a/audit-test/misc/tests/test_procperm.bash
+++ b/audit-test/misc/tests/test_procperm.bash
@@ -27,9 +27,9 @@
 #
 #  Note: 	Test originally called procperm.sh is now test_procperm.bash
 
-TEST_USER="perm_user"
-TEST_USER_PASSWD="ltp_test_pass"
-TEST_USER_ENCRYPTED_PASSWD="\$1\$1yzzszzz\$7P9AphbzAN43pTktT/kpp/"
+TEST_USER='perm_user'
+TEST_USER_PASSWD='ltP_t3st*_pass'
+TEST_USER_ENCRYPTED_PASSWD='$6$mdf9vvfz$2hQcpjsaKz21PUmjoVfLT23XZb/HbFEKmK6GePHj3arBU2cadAmVDcakSU9HgjaI0u.yzx.XAS3hNXZLtuCZ1.'
 
 #-----------------------------------------------------------------------
 # FUNCTION:  create_user
@@ -45,7 +45,7 @@ function create_user(){
 
         sleep 1
 
-        useradd -m -p $TEST_USER_ENCRYPTED_PASSWD $TEST_USER
+        useradd -m -p "$TEST_USER_ENCRYPTED_PASSWD" $TEST_USER
 
         if [ "$?" != 0 ]; then
                 echo "Could not add test user $TEST_USER."
-- 
1.8.3.1

[Audit-test-developer] [PATCH 07/46] tp: increase password complexity in test helpers

From: Jiri J. <jja...@re...> - 2014-09-23 09:44:15

Signed-off-by: Jiri Jaburek <jja...@re...>
---
 audit-test/trustedprograms/tests/group01   | 12 ++++++------
 audit-test/trustedprograms/tests/lastlog01 |  8 ++++----
 audit-test/trustedprograms/tests/pam01     | 14 +++++++-------
 audit-test/trustedprograms/tests/passwd01  | 12 ++++++------
 audit-test/trustedprograms/tests/passwd02  | 12 ++++++------
 audit-test/trustedprograms/tests/passwd03  | 12 ++++++------
 audit-test/trustedprograms/tests/shadow01  |  8 ++++----
 7 files changed, 39 insertions(+), 39 deletions(-)

diff --git a/audit-test/trustedprograms/tests/group01 b/audit-test/trustedprograms/tests/group01
index 2317cba..527c40e 100755
--- a/audit-test/trustedprograms/tests/group01
+++ b/audit-test/trustedprograms/tests/group01
@@ -37,12 +37,12 @@ use warnings;
 
 require "utils.plib";
 
-my $username1 = "cg_user1";
-my $username2 = "cg_user2";
-my $initial_password1 = "ltp_test_pass";
-my $initial_encrypted_password1 = "\\\$1\\\$1yzzszzz\\\$7P9AphbzAN43pTktT\/kpp\/";
-my $group1 = "cg_group1";
-my $newgroup1 = "new_" . $group1;
+my $username1 = 'cg_user1';
+my $username2 = 'cg_user2';
+my $initial_password1 = 'ltP_t3st*_pass';
+my $initial_encrypted_password1 = '$6$mdf9vvfz$2hQcpjsaKz21PUmjoVfLT23XZb/HbFEKmK6GePHj3arBU2cadAmVDcakSU9HgjaI0u.yzx.XAS3hNXZLtuCZ1.';
+my $group1 = 'cg_group1';
+my $newgroup1 = 'new_' . $group1;
 
 my @result;
 my $error = 0;
diff --git a/audit-test/trustedprograms/tests/lastlog01 b/audit-test/trustedprograms/tests/lastlog01
index 5ce382b..e559970 100755
--- a/audit-test/trustedprograms/tests/lastlog01
+++ b/audit-test/trustedprograms/tests/lastlog01
@@ -31,9 +31,9 @@
 #	to conform with LTP standards in the offical LTP tree.
 
 RHOST="localhost"
-TEST_USER="ll_user"
-TEST_USER_PASSWD="ltp_test_pass"
-TEST_USER_ENCRYPTED_PASSWD="\$1\$1yzzszzz\$7P9AphbzAN43pTktT/kpp/"
+TEST_USER='ll_user'
+TEST_USER_PASSWD='ltP_t3st*_pass'
+TEST_USER_ENCRYPTED_PASSWD='$6$mdf9vvfz$2hQcpjsaKz21PUmjoVfLT23XZb/HbFEKmK6GePHj3arBU2cadAmVDcakSU9HgjaI0u.yzx.XAS3hNXZLtuCZ1.'
 TEST_USER_HOMEDIR="/home/$TEST_USER"
 TEST=0
 
@@ -50,7 +50,7 @@ create_user(){
 	userdel $TEST_USER
         sleep 1
 
-	useradd -m -p $TEST_USER_ENCRYPTED_PASSWD -g 100 $TEST_USER
+	useradd -m -p "$TEST_USER_ENCRYPTED_PASSWD" -g users $TEST_USER
 
 	if [ $? != 0 ]
 	then {
diff --git a/audit-test/trustedprograms/tests/pam01 b/audit-test/trustedprograms/tests/pam01
index 5fe54d5..2f4263d 100755
--- a/audit-test/trustedprograms/tests/pam01
+++ b/audit-test/trustedprograms/tests/pam01
@@ -38,13 +38,13 @@ use warnings;
 
 require "utils.plib";
 
-my $username1 = "pam_user";
-my $initial_password = "ltp_test_pass";
-my $initial_encrypted_password = "\\\$1\\\$1yzzszzz\\\$7P9AphbzAN43pTktT\/kpp\/";
-my $good_password1 = "brand_new_phrase_for_test";
-#my $good_password1 = "long_difficult_password";
-my $good_password2 = "this_passphrase_is_different";
-my $good_password3 = "yet_another_password-phrase";
+my $username1 = 'pam_user';
+my $initial_password = 'ltP_t3st*_pass';
+my $initial_encrypted_password = '$6$mdf9vvfz$2hQcpjsaKz21PUmjoVfLT23XZb/HbFEKmK6GePHj3arBU2cadAmVDcakSU9HgjaI0u.yzx.XAS3hNXZLtuCZ1.';
+my $good_password1 = 'br4nd_.new_Phrase_for_test';
+#my $good_password1 = 'long_difficult_password';
+my $good_password2 = 'thIs_passphr4se_1s_?different';
+my $good_password3 = 'yEt_anoth3r,_passw0rd-phrase';
 
 
 # This two dimensional array contains the information for each test.  This includes:
diff --git a/audit-test/trustedprograms/tests/passwd01 b/audit-test/trustedprograms/tests/passwd01
index 6341343..98910a4 100755
--- a/audit-test/trustedprograms/tests/passwd01
+++ b/audit-test/trustedprograms/tests/passwd01
@@ -37,12 +37,12 @@ use warnings;
 
 require "utils.plib";
 
-my $username1 = "pd_user1";
-my $initial_password1 = "ltp_test_pass";
-my $initial_encrypted_password1 = "\\\$1\\\$1yzzszzz\\\$7P9AphbzAN43pTktT\/kpp\/";
-my $username2 = "pd_user2";
-my $initial_password2 = "ltp_test_pass";
-my $initial_encrypted_password2 = "\\\$1\\\$1yzzszzz\\\$7P9AphbzAN43pTktT\/kpp\/";
+my $username1 = 'pd_user1';
+my $initial_password1 = 'ltP_t3st*_pass';
+my $initial_encrypted_password1 = '$6$mdf9vvfz$2hQcpjsaKz21PUmjoVfLT23XZb/HbFEKmK6GePHj3arBU2cadAmVDcakSU9HgjaI0u.yzx.XAS3hNXZLtuCZ1.';
+my $username2 = 'pd_user2';
+my $initial_password2 = 'ltP_t3st*_pass';
+my $initial_encrypted_password2 = '$6$mdf9vvfz$2hQcpjsaKz21PUmjoVfLT23XZb/HbFEKmK6GePHj3arBU2cadAmVDcakSU9HgjaI0u.yzx.XAS3hNXZLtuCZ1.';
 
 my @test = (
 #           [ exit_code, description_of_test, command_to_execute ]
diff --git a/audit-test/trustedprograms/tests/passwd02 b/audit-test/trustedprograms/tests/passwd02
index 392a66c..c01c988 100755
--- a/audit-test/trustedprograms/tests/passwd02
+++ b/audit-test/trustedprograms/tests/passwd02
@@ -38,12 +38,12 @@ use warnings;
 
 require "utils.plib";
 
-my $username1 = "cs_user1";
-my $initial_password1 = "ltp_test_pass";
-my $initial_encrypted_password1 = "\\\$1\\\$1yzzszzz\\\$7P9AphbzAN43pTktT\/kpp\/";
-my $username2 = "cs_user2";
-my $initial_password2 = "ltp_test_pass";
-my $initial_encrypted_password2 = "\\\$1\\\$1yzzszzz\\\$7P9AphbzAN43pTktT\/kpp\/";
+my $username1 = 'cs_user1';
+my $initial_password1 = 'ltP_t3st*_pass';
+my $initial_encrypted_password1 = '$6$mdf9vvfz$2hQcpjsaKz21PUmjoVfLT23XZb/HbFEKmK6GePHj3arBU2cadAmVDcakSU9HgjaI0u.yzx.XAS3hNXZLtuCZ1.';
+my $username2 = 'cs_user2';
+my $initial_password2 = 'ltP_t3st*_pass';
+my $initial_encrypted_password2 = '$6$mdf9vvfz$2hQcpjsaKz21PUmjoVfLT23XZb/HbFEKmK6GePHj3arBU2cadAmVDcakSU9HgjaI0u.yzx.XAS3hNXZLtuCZ1.';
 
 my @test = (
 #           [ exit_code, description_of_test, command_to_execute ]
diff --git a/audit-test/trustedprograms/tests/passwd03 b/audit-test/trustedprograms/tests/passwd03
index ab80c33..1971025 100755
--- a/audit-test/trustedprograms/tests/passwd03
+++ b/audit-test/trustedprograms/tests/passwd03
@@ -38,12 +38,12 @@ use warnings;
 
 require "utils.plib";
 
-my $username1 = "cs_user1";
-my $initial_password1 = "ltp_test_pass";
-my $initial_encrypted_password1 = "\\\$1\\\$1yzzszzz\\\$7P9AphbzAN43pTktT\/kpp\/";
-my $username2 = "cs_user2";
-my $initial_password2 = "ltp_test_pass";
-my $initial_encrypted_password2 = "\\\$1\\\$1yzzszzz\\\$7P9AphbzAN43pTktT\/kpp\/";
+my $username1 = 'cs_user1';
+my $initial_password1 = 'ltP_t3st*_pass';
+my $initial_encrypted_password1 = '$6$mdf9vvfz$2hQcpjsaKz21PUmjoVfLT23XZb/HbFEKmK6GePHj3arBU2cadAmVDcakSU9HgjaI0u.yzx.XAS3hNXZLtuCZ1.';
+my $username2 = 'cs_user2';
+my $initial_password2 = 'ltP_t3st*_pass';
+my $initial_encrypted_password2 = '$6$mdf9vvfz$2hQcpjsaKz21PUmjoVfLT23XZb/HbFEKmK6GePHj3arBU2cadAmVDcakSU9HgjaI0u.yzx.XAS3hNXZLtuCZ1.';
 
 my @test = (
 #           [ exit_code, description_of_test, command_to_execute ]
diff --git a/audit-test/trustedprograms/tests/shadow01 b/audit-test/trustedprograms/tests/shadow01
index b16068c..07d5890 100755
--- a/audit-test/trustedprograms/tests/shadow01
+++ b/audit-test/trustedprograms/tests/shadow01
@@ -38,10 +38,10 @@ use warnings;
 
 require "utils.plib";
 
-my $username1 = "sha_user";
-my $initial_password1 = "ltp_test_pass";
-my $initial_encrypted_password1 = "\\\$1\\\$1yzzszzz\\\$7P9AphbzAN43pTktT\/kpp\/";
-my $new_password = "what_an_incredible_password";
+my $username1 = 'sha_user';
+my $initial_password1 = 'ltP_t3st*_pass';
+my $initial_encrypted_password1 = '$6$mdf9vvfz$2hQcpjsaKz21PUmjoVfLT23XZb/HbFEKmK6GePHj3arBU2cadAmVDcakSU9HgjaI0u.yzx.XAS3hNXZLtuCZ1.';
+my $new_password = 'br4nd_.new_Phrase_for_test';
 
 my @result;
 my $error = 0;
-- 
1.8.3.1

[Audit-test-developer] [PATCH 08/46] tp/utils.plib: cleanup, various improvements

From: Jiri J. <jja...@re...> - 2014-09-23 09:44:17

- use faillock before every login to avoid faillock-related denials
- use userdel -r instead of 'rm $HOME' to remove mail spool as well
- don't override file perms on possibly existing opasswd file
- use 'passwd --stdin' instead of expect when setting a plaintext pw
- specify 'users' group by name, not gid
- properly quote arguments for spawned shells (fixes crypt(3) sha512)

Signed-off-by: Jiri Jaburek <jja...@re...>
---
 audit-test/trustedprograms/tests/utils.plib | 55 ++++++++++++++---------------
 1 file changed, 26 insertions(+), 29 deletions(-)

diff --git a/audit-test/trustedprograms/tests/utils.plib b/audit-test/trustedprograms/tests/utils.plib
index 948f789..75f4cb8 100755
--- a/audit-test/trustedprograms/tests/utils.plib
+++ b/audit-test/trustedprograms/tests/utils.plib
@@ -13,10 +13,8 @@ sub create_user($) {
   if ( ! $username ) {
     return -1;
   }
-  `rm -rf /home/$username`;
-  `userdel $username 2> /dev/null`;
-  sleep(1);
-  `useradd -m -g 100 $username`;
+  `userdel -rf '$username' 2>/dev/null`;
+  `useradd -m -g users '$username'`;
   if ($? != 0) {
     die("ERROR $?: Cannot create user $username");
   }
@@ -29,7 +27,7 @@ sub delete_user($) {
     return -1;
   }
   clear_oldpassword();
-  `rm -rf /home/$username; userdel $username`;
+  `userdel -rf '$username'`;
   if ($? != 0) {
     die("ERROR $?: Cannot delete user $username");
   }
@@ -37,35 +35,29 @@ sub delete_user($) {
 }
 
 sub clear_oldpassword() {
-  `cat /dev/null > /etc/security/opasswd; chmod 600 /etc/security/opasswd`;
+  my $opasswd = "/etc/security/opasswd";
+  if (-e $opasswd) {
+    `echo -n > '$opasswd'`;
+  } else {
+    `echo -n > '$opasswd'; chmod 600 '$opasswd'`;
+  }
   return $?;
 }
 
 sub set_password($$) {
   my $username = shift;
   my $password = shift;
-  my $exp = new Expect;
-  $exp->raw_pty(1);
-  $exp->spawn("passwd $username")
-    or die "Cannot spawn: $!\n";
-  $exp->expect("10",
-    [
-      qr/New password: $/i,
-        sub {
-          sleep($SLEEP);
-          my $self = shift;
-          $self->send("$password\n");
-          sleep($SLEEP);
-          exp_continue;
-        }
-    ]
-  );
+  `echo '$password' | passwd --stdin '$username'`;
+  if ($? != 0) {
+    print("ERROR $?: Cannot set password\n");
+  }
+  return $?;
 }
 
 sub set_encrypted_password($$) {
   my $username = shift;
   my $encrypted_password = shift;
-  `usermod -p $encrypted_password $username`;
+  `usermod -p '$encrypted_password' '$username'`;
   if ($? != 0) {
     die("ERROR $?: Cannot set encrypted password");
   }
@@ -78,8 +70,9 @@ sub change_password ($$$) {
   my $new_password = shift;
 print("[$username], [$current_password], [$new_password]\n");
   my $exp = new Expect;
+  `faillock --user '$username' --reset`;
   $exp->raw_pty(1);
-  $exp->spawn("ssh -t $username\@localhost 'passwd'")
+  $exp->spawn("ssh -t '$username\@localhost' 'passwd'")
     or die "ERROR: Cannot spawn: $!\n";
   $exp->expect("10",
     [
@@ -185,8 +178,9 @@ sub run_as_user ($$$) {
     $command .= " " . $item;
   }
   my $exp = new Expect;
+  `faillock --user '$username' --reset`;
   $exp->raw_pty(1);
-  $exp->spawn("ssh -t $username\@localhost '$command'")
+  $exp->spawn("ssh -t '$username\@localhost' '$command'")
     or die "ERROR: Cannot spawn: $!\n";
   $exp->expect("10",
     [
@@ -222,8 +216,9 @@ sub check_expired ($$$) {
   my $command = shift;
   my $exit = 1;
   my $exp = new Expect;
+  `faillock --user '$username' --reset`;
   $exp->raw_pty(1);
-  $exp->spawn("ssh -t $username\@localhost '$command'")
+  $exp->spawn("ssh -t '$username\@localhost' '$command'")
     or die "ERROR: Cannot spawn: $!\n";
   $exp->expect("10",
     [
@@ -278,8 +273,9 @@ sub user_change_shell($$$$) {
   my $command = shift;
   my $newshell = shift;
   my $exp = new Expect;
+  `faillock --user '$username' --reset`;
   $exp->raw_pty(1);
-  $exp->spawn("ssh -t $username\@localhost '$command'")
+  $exp->spawn("ssh -t '$username\@localhost' '$command'")
     or die "ERROR: Cannot spawn: $!\n";
   $exp->expect("10",
     [
@@ -325,8 +321,9 @@ sub user_change_finger($$$$$$) {
   my $newwork = shift;
   my $newhome = shift;
   my $exp = new Expect;
+  `faillock --user '$username' --reset`;
   $exp->raw_pty(1);
-  $exp->spawn("ssh -t $username\@localhost '$command'")
+  $exp->spawn("ssh -t '$username\@localhost' '$command'")
     or die "ERROR: Cannot spawn: $!\n";
   $exp->expect("10",
     [
@@ -426,7 +423,7 @@ sub revert_system_time($) {
 sub chage_read($$) {
   my $user = $_[0];
   my $line = $_[1];
-  my @array = `chage -l $user`;
+  my @array = `chage -l '$user'`;
   @array = split(/:\s+/, $array[$line]);
   chomp($array[1]);
   return $array[1];
-- 
1.8.3.1

[Audit-test-developer] [PATCH 10/46] audit-remote: Added a waiting time when a message is sent via audit-remote.

From: Jiri J. <jja...@re...> - 2014-09-23 09:44:24

From: Ondrej Moris <om...@re...>

Recently audit has changed in a way that it does not empty remote queue
when it is stopped. Our tests using (in a quite non-standard way) audisp-remote
to sent message to the remote end were failing due to this change, adding an
appropriate wait time make sure that testing messages will be sent before
audisp-remote terminates.

Signed-off-by: Ondrej Moris <om...@re...>
---
 audit-test/audit-remote/tests/audisp-remote_functions.bash | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/audit-test/audit-remote/tests/audisp-remote_functions.bash b/audit-test/audit-remote/tests/audisp-remote_functions.bash
index 13bdb91..f64c420 100644
--- a/audit-test/audit-remote/tests/audisp-remote_functions.bash
+++ b/audit-test/audit-remote/tests/audisp-remote_functions.bash
@@ -203,7 +203,7 @@ create_user_test_msg() {
 send_audisp_remote_test_msg() {
     [ -z "$*" ] && exit_error \
         "send_audisp_remote_test_msg: no message to send"
-    echo "$*" | /sbin/audisp-remote
+    ( echo "$*" ; sleep 10 ) | /sbin/audisp-remote
 }
 
 check_received_test_msg() {
-- 
1.8.3.1

[Audit-test-developer] [PATCH 09/46] audit-tools, misc: use bash shebang

From: Jiri J. <jja...@re...> - 2014-09-23 09:44:26

From: Miroslav Vadkerti <mva...@re...>

Recent changes in run.bash are not sh compatible, use bash instead.

Signed-off-by: Miroslav Vadkerti <mva...@re...>
---
 audit-test/audit-tools/tests/test_auditd_reload  | 2 +-
 audit-test/audit-tools/tests/test_auditd_restart | 2 +-
 audit-test/audit-tools/tests/test_auditd_start   | 2 +-
 audit-test/audit-tools/tests/test_auditd_status  | 2 +-
 audit-test/audit-tools/tests/test_auditd_stop    | 2 +-
 audit-test/misc/tests/procpermtest.sh            | 2 +-
 audit-test/misc/tests/test_ipc_permission.bash   | 2 +-
 audit-test/misc/tests/test_objreuse.bash         | 2 +-
 audit-test/misc/tests/test_permission.bash       | 2 +-
 audit-test/misc/tests/test_procperm.bash         | 2 +-
 audit-test/misc/tests/test_sys_procperms.bash    | 2 +-
 11 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/audit-test/audit-tools/tests/test_auditd_reload b/audit-test/audit-tools/tests/test_auditd_reload
index c23f6bc..551aee5 100755
--- a/audit-test/audit-tools/tests/test_auditd_reload
+++ b/audit-test/audit-tools/tests/test_auditd_reload
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/bash
 
 # =============================================================================
 # (c) Copyright Hewlett-Packard Development Company, L.P., 2011
diff --git a/audit-test/audit-tools/tests/test_auditd_restart b/audit-test/audit-tools/tests/test_auditd_restart
index ab6b2d0..65dc5c7 100755
--- a/audit-test/audit-tools/tests/test_auditd_restart
+++ b/audit-test/audit-tools/tests/test_auditd_restart
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/bash
 
 # =============================================================================
 # (c) Copyright Hewlett-Packard Development Company, L.P., 2011
diff --git a/audit-test/audit-tools/tests/test_auditd_start b/audit-test/audit-tools/tests/test_auditd_start
index 83093f8..7f4fd6c 100755
--- a/audit-test/audit-tools/tests/test_auditd_start
+++ b/audit-test/audit-tools/tests/test_auditd_start
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/bash
 
 # =============================================================================
 # (c) Copyright Hewlett-Packard Development Company, L.P., 2011
diff --git a/audit-test/audit-tools/tests/test_auditd_status b/audit-test/audit-tools/tests/test_auditd_status
index ad7e880..74e70ba 100755
--- a/audit-test/audit-tools/tests/test_auditd_status
+++ b/audit-test/audit-tools/tests/test_auditd_status
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/bash
 
 # =============================================================================
 # (c) Copyright Hewlett-Packard Development Company, L.P., 2011
diff --git a/audit-test/audit-tools/tests/test_auditd_stop b/audit-test/audit-tools/tests/test_auditd_stop
index 86eeb93..cc6b849 100755
--- a/audit-test/audit-tools/tests/test_auditd_stop
+++ b/audit-test/audit-tools/tests/test_auditd_stop
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/bash
 
 # =============================================================================
 # (c) Copyright Hewlett-Packard Development Company, L.P., 2011
diff --git a/audit-test/misc/tests/procpermtest.sh b/audit-test/misc/tests/procpermtest.sh
index ee0dea0..d41920e 100755
--- a/audit-test/misc/tests/procpermtest.sh
+++ b/audit-test/misc/tests/procpermtest.sh
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/bash
 #
 #*********************************************************************
 #   Copyright (C) International Business Machines  Corp., 2000
diff --git a/audit-test/misc/tests/test_ipc_permission.bash b/audit-test/misc/tests/test_ipc_permission.bash
index 84e8052..664a151 100755
--- a/audit-test/misc/tests/test_ipc_permission.bash
+++ b/audit-test/misc/tests/test_ipc_permission.bash
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/bash
 #
 #*********************************************************************
 #   Copyright (C) International Business Machines  Corp., 2000
diff --git a/audit-test/misc/tests/test_objreuse.bash b/audit-test/misc/tests/test_objreuse.bash
index 13d83e5..33399a3 100755
--- a/audit-test/misc/tests/test_objreuse.bash
+++ b/audit-test/misc/tests/test_objreuse.bash
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/bash
 #
 #*********************************************************************
 #   Copyright (C) International Business Machines  Corp., 2000
diff --git a/audit-test/misc/tests/test_permission.bash b/audit-test/misc/tests/test_permission.bash
index 129e0c5..8cbf775 100755
--- a/audit-test/misc/tests/test_permission.bash
+++ b/audit-test/misc/tests/test_permission.bash
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/bash
 #
 #*********************************************************************
 #   Copyright (C) International Business Machines  Corp., 2000
diff --git a/audit-test/misc/tests/test_procperm.bash b/audit-test/misc/tests/test_procperm.bash
index 1a40065..0074bcb 100755
--- a/audit-test/misc/tests/test_procperm.bash
+++ b/audit-test/misc/tests/test_procperm.bash
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/bash
 #
 #*********************************************************************
 #   Copyright (C) International Business Machines  Corp., 2000
diff --git a/audit-test/misc/tests/test_sys_procperms.bash b/audit-test/misc/tests/test_sys_procperms.bash
index ca5a497..777bbf1 100755
--- a/audit-test/misc/tests/test_sys_procperms.bash
+++ b/audit-test/misc/tests/test_sys_procperms.bash
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/bash
 #
 #*********************************************************************
 #   Copyright (C) International Business Machines  Corp., 2000
-- 
1.8.3.1

[Audit-test-developer] [PATCH 11/46] audit-remote: killing audisp-remote in the testing /sbin/init

From: Jiri J. <jja...@re...> - 2014-09-23 09:44:28

From: Ondrej Moris <om...@re...>

On a virtual machines it might happen due to potential caching of
/var/log/audit mounted on tmpfs that /sbin/init is called too many
times during disk_full halt and single tests. This caused very long
testing time and due to imjournal rate-limit it moreover caused
imjournal to drop messages. With this commit we kill audisp-remote
(causing /sbin/init to be triggered) as soon as possible (ie. after
first execution of /sbin/init) from /sbin/init itself.

Signed-off-by: Ondrej Moris <om...@re...>
---
 audit-test/audit-remote/tests/audisp-remote_functions.bash | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/audit-test/audit-remote/tests/audisp-remote_functions.bash b/audit-test/audit-remote/tests/audisp-remote_functions.bash
index f64c420..dcbca67 100644
--- a/audit-test/audit-remote/tests/audisp-remote_functions.bash
+++ b/audit-test/audit-remote/tests/audisp-remote_functions.bash
@@ -541,6 +541,10 @@ pre_halt() {
 #!/bin/bash -x
 if [[ \$1 == $mask_runlevel ]]; then
     logger "audisp-remote_testing: $$ runlevel=\$1"
+
+    # Since /sbin/init might be executed many times, we should
+    # kill audisp-remote to avoid unpleasant chain-reaction
+    killall -q audisp-remote
 else
     exec /sbin/init.audisp-remote_testing "\$@"
 fi
-- 
1.8.3.1

[Audit-test-developer] [PATCH 12/46] improve removal process of test users within the suite

From: Jiri J. <jja...@re...> - 2014-09-23 09:44:33

- use killall -9 on all processes of the test users, to kill
  leftover processes that might be running (ie. when the test
  fails on an unexpected exception)

- use userdel -rf instead of removing homedir, mail spool
  and cron spool manually, the `-f' should be unnecessary,
  but makes the removal process a bit more robust in case
  there are leftover zombies (stuck in a syscall)

Without this change, ls /var/spool/mail:
cg_user1  cg_user2  cs_user1  cs_user2  eal  eal2  joe  ll_user
pd_user1  pd_user2  rpc

Signed-off-by: Jiri Jaburek <jja...@re...>
---
 audit-test/kvm/test_libvirt_access.bash               |  4 ++--
 audit-test/kvm/test_libvirt_access_ssh.bash           |  4 ++--
 audit-test/kvm/test_selinux_chcon_resource.bash       |  4 ++--
 audit-test/libpam/tests/test_sudo.bash                | 16 +++++++++-------
 audit-test/misc/tests/test_ipc_permission.bash        | 11 ++++-------
 audit-test/misc/tests/test_procperm.bash              | 11 ++++-------
 audit-test/netfilebt/testperm.bash                    |  6 ++++--
 audit-test/netfilter/testpermip4.bash                 |  6 ++++--
 audit-test/netfilter/testpermip6.bash                 |  6 ++++--
 audit-test/trustedprograms/tests/cron_functions.bash  | 19 ++++---------------
 audit-test/trustedprograms/tests/lastlog01            | 10 ++++------
 audit-test/trustedprograms/tests/test_usermod_l.bash  |  2 +-
 .../trustedprograms/tests/tp_auth_functions.bash      |  2 +-
 audit-test/trustedprograms/tests/utils.plib           |  2 ++
 audit-test/utils/run.bash                             |  8 +++++---
 15 files changed, 52 insertions(+), 59 deletions(-)

diff --git a/audit-test/kvm/test_libvirt_access.bash b/audit-test/kvm/test_libvirt_access.bash
index d4eba93..2018f6b 100755
--- a/audit-test/kvm/test_libvirt_access.bash
+++ b/audit-test/kvm/test_libvirt_access.bash
@@ -28,7 +28,7 @@ source testcase.bash || exit 2
 
 set -x
 
-append_cleanup "userdel -fr -Z testuser1"
+append_cleanup "killall -9 -u testuser1; userdel -fr -Z testuser1"
 append_cleanup "groupdel testuser1"
 userdel -fr -Z testuser1
 groupdel testuser1
@@ -38,7 +38,7 @@ if [[ $? -ne 0 ]]; then
 	exit_error
 fi
 
-append_cleanup "userdel -fr -Z testuser2"
+append_cleanup "killall -9 -u testuser2; userdel -fr -Z testuser2"
 append_cleanup "groupdel testuser2"
 userdel -fr -Z testuser2
 groupdel testuser2
diff --git a/audit-test/kvm/test_libvirt_access_ssh.bash b/audit-test/kvm/test_libvirt_access_ssh.bash
index 00ad5dd..20fbfa6 100755
--- a/audit-test/kvm/test_libvirt_access_ssh.bash
+++ b/audit-test/kvm/test_libvirt_access_ssh.bash
@@ -28,7 +28,7 @@ source testcase.bash || exit 2
 
 set -x
 
-append_cleanup "userdel -fr -Z testuser1"
+append_cleanup "killall -9 -u testuser1; userdel -fr -Z testuser1"
 append_cleanup "groupdel testuser1"
 userdel -fr -Z testuser1
 groupdel testuser1
@@ -38,7 +38,7 @@ if [[ $? -ne 0 ]]; then
 	exit_error
 fi
 
-append_cleanup "userdel -fr -Z testuser2"
+append_cleanup "killall -9 -u testuser2; userdel -fr -Z testuser2"
 append_cleanup "groupdel testuser2"
 userdel -fr -Z testuser2
 groupdel testuser2
diff --git a/audit-test/kvm/test_selinux_chcon_resource.bash b/audit-test/kvm/test_selinux_chcon_resource.bash
index edf4517..9ffa11a 100755
--- a/audit-test/kvm/test_selinux_chcon_resource.bash
+++ b/audit-test/kvm/test_selinux_chcon_resource.bash
@@ -27,7 +27,7 @@ source testcase.bash || exit 2
 
 set -x
 
-append_cleanup "userdel -fr testuser1"
+append_cleanup "killall -9 -u testuser1; userdel -fr testuser1"
 append_cleanup "groupdel testuser1"
 userdel -fr testuser1
 groupdel testuser1
@@ -37,7 +37,7 @@ if [[ $? -ne 0 ]]; then
 	exit_error
 fi
 
-append_cleanup "userdel -fr testuser2"
+append_cleanup "killall -9 -u testuser2; userdel -fr testuser2"
 append_cleanup "groupdel testuser2"
 userdel -fr testuser2
 groupdel testuser2
diff --git a/audit-test/libpam/tests/test_sudo.bash b/audit-test/libpam/tests/test_sudo.bash
index 5bd48f6..1a2f5ed 100755
--- a/audit-test/libpam/tests/test_sudo.bash
+++ b/audit-test/libpam/tests/test_sudo.bash
@@ -206,18 +206,20 @@ CMD_RET_p4=0
 source pam_functions.bash || exit 2
 
 setup_cleanup() {
-	prepend_cleanup "rm -rf /home/$USERG /home/$USERO /home/$USERT /var/mail/$USERG /var/mail/$USERO /var/mail/$USERT"
 	prepend_cleanup "rm -f /etc/sudoers.new"
 	prepend_cleanup "groupdel $GROUP"
-	prepend_cleanup "userdel $USERT"
-	prepend_cleanup "userdel $USERO"
-	prepend_cleanup "userdel $USERG"
+	prepend_cleanup "killall -9 -u $USERT; userdel -rf $USERT"
+	prepend_cleanup "killall -9 -u $USERO; userdel -rf $USERO"
+	prepend_cleanup "killall -9 -u $USERG; userdel -rf $USERG"
 }
 
 gen_user() {
-	userdel $USERG 2> /dev/null
-	userdel $USERO 2> /dev/null
-	userdel $USERT 2> /dev/null
+	killall -9 -u $USERG
+	killall -9 -u $USERO
+	killall -9 -u $USERT
+	userdel -rf $USERG 2> /dev/null
+	userdel -rf $USERO 2> /dev/null
+	userdel -rf $USERT 2> /dev/null
 	groupdel $GROUP 2> /dev/null
 	groupadd $GROUP
 	useradd -u $USERG_ID -g $GROUP -p $PASSENC $USERG
diff --git a/audit-test/misc/tests/test_ipc_permission.bash b/audit-test/misc/tests/test_ipc_permission.bash
index 664a151..bc5ab20 100755
--- a/audit-test/misc/tests/test_ipc_permission.bash
+++ b/audit-test/misc/tests/test_ipc_permission.bash
@@ -41,9 +41,8 @@ TEST_USER2="permtest3"
 function create_user(){
         echo "Creating test user $TEST_USER2..."
         if egrep "^$TEST_USER2" /etc/passwd; then
-                userdel $TEST_USER2 >& /dev/null
-                [ -d "home/$TEST_USER2" ] && rm -rf /home/$TEST_USER2
-                sleep 1
+                killall -9 -u $TEST_USER2
+                userdel -rf $TEST_USER2
         fi
 
         useradd -g $TEST_USER2 $TEST_USER2
@@ -72,10 +71,8 @@ function create_group(){
 
 function delete_user(){
         echo "Deleting test user $TEST_USER2..."
-        userdel -r $TEST_USER2 >& /dev/null
-        [ -d "/home/$TEST_USER2" ] && rm -rf /home/$TEST_USER2
-
-        sleep 1
+        killall -9 -u $TEST_USER2
+        userdel -rf $TEST_USER2 >& /dev/null
         if [ "$?" != "0" ]; then
                 echo "Not able to delete test user $TEST_USER2."
                 exit 1
diff --git a/audit-test/misc/tests/test_procperm.bash b/audit-test/misc/tests/test_procperm.bash
index 0074bcb..554d9f5 100755
--- a/audit-test/misc/tests/test_procperm.bash
+++ b/audit-test/misc/tests/test_procperm.bash
@@ -39,11 +39,9 @@ function create_user(){
         echo "Creating test user $TEST_USER..."
 
         #erase user if he may exist , so we can have a clean env
-        userdel $TEST_USER >& /dev/null
+        killall -9 -u $TEST_USER
+        userdel -rf $TEST_USER >& /dev/null
 	groupdel $TEST_USER >& /dev/null
-        [ -d "/home/$TEST_USER" ] && rm -rf /home/$TEST_USER
-
-        sleep 1
 
         useradd -m -p "$TEST_USER_ENCRYPTED_PASSWD" $TEST_USER
 
@@ -60,10 +58,9 @@ function create_user(){
 function delete_user(){
         echo "Deleting test user $TEST_USER..."
 
-        userdel $TEST_USER >& /dev/null
-	sleep 1
+        killall -9 -u $TEST_USER
+        userdel -rf $TEST_USER >& /dev/null
 	groupdel $TEST_USER >& /dev/null
-        [ -d "/home/$TEST_USER" ] && rm -rf /home/$TEST_USER
 
         if [ "$?" != "0" ]; then
                 echo "Not able to delete test user $TEST_USER."
diff --git a/audit-test/netfilebt/testperm.bash b/audit-test/netfilebt/testperm.bash
index 88300df..888e9ae 100755
--- a/audit-test/netfilebt/testperm.bash
+++ b/audit-test/netfilebt/testperm.bash
@@ -32,12 +32,14 @@ useradd -m -p usertest "$TEST_USER"
 rc=$?
 if [[ $rc -ne 0 ]]; then
     echo "operation not permitted, return code is $rc"
-    userdel -r "$TEST_USER" &>/dev/null
+    killall -9 -u "$TEST_USER"
+    userdel -rf "$TEST_USER" &>/dev/null
     ebtables -L
     exit_pass
 else
     echo "test failed, ebtables operation permitted"
-    userdel -r "$TEST_USER" &>/dev/null
+    killall -9 -u "$TEST_USER"
+    userdel -rf "$TEST_USER" &>/dev/null
     ebtables -L
     exit_fail
 fi
diff --git a/audit-test/netfilter/testpermip4.bash b/audit-test/netfilter/testpermip4.bash
index 26a86ab..5787012 100755
--- a/audit-test/netfilter/testpermip4.bash
+++ b/audit-test/netfilter/testpermip4.bash
@@ -14,12 +14,14 @@ useradd -m -p usertest "$TEST_USER"
 rc=$?
 if [[ $rc -ne 0 ]]; then
     echo "operation not permitted, return code is $rc"
-    userdel -r "$TEST_USER" &>/dev/null
+    killall -9 -u "$TEST_USER"
+    userdel -rf "$TEST_USER" &>/dev/null
     ebtables -L
     exit_pass
 else
     echo "test failed, ebtables operation permitted"
-    userdel -r "$TEST_USER" &>/dev/null
+    killall -9 -u "$TEST_USER"
+    userdel -rf "$TEST_USER" &>/dev/null
     ebtables -L
     exit_fail
 fi
diff --git a/audit-test/netfilter/testpermip6.bash b/audit-test/netfilter/testpermip6.bash
index b8b5535..9524d33 100755
--- a/audit-test/netfilter/testpermip6.bash
+++ b/audit-test/netfilter/testpermip6.bash
@@ -13,12 +13,14 @@ useradd -m -p usertest "$TEST_USER"
 rc=$?
 if [[ $rc -ne 0 ]]; then
     echo "operation not permitted, return code is $rc"
-    userdel -r "$TEST_USER" &>/dev/null
+    killall -9 -u "$TEST_USER"
+    userdel -rf "$TEST_USER" &>/dev/null
     ebtables -L
     exit_pass
 else
     echo "test failed, ebtables operation permitted"
-    userdel -r "$TEST_USER" &>/dev/null
+    killall -9 -u "$TEST_USER"
+    userdel -rf "$TEST_USER" &>/dev/null
     ebtables -L
     exit_fail
 fi
diff --git a/audit-test/trustedprograms/tests/cron_functions.bash b/audit-test/trustedprograms/tests/cron_functions.bash
index e8da274..3491941 100644
--- a/audit-test/trustedprograms/tests/cron_functions.bash
+++ b/audit-test/trustedprograms/tests/cron_functions.bash
@@ -59,20 +59,9 @@ function cleanup {
                 crontab -r -u $TEST_USER
         fi
 
-	if [ -d "/home/$TEST_USER2" ]; then
-		userdel $TEST_USER2
-		rm -rf /home/$TEST_USER2
-	fi
+	killall -9 -u $TEST_USER2
+	userdel -rf $TEST_USER2 2>/dev/null
 
-	if [ -d "$TEST_DIR" ]; then
-		rm -rf $TEST_DIR
-	fi
-
-	if [ -e "$CRON_ALLOW" ]; then
-                rm -f $CRON_ALLOW
-        fi
-
-        if [ -e "$CRON_DENY" ]; then
-                rm -f $CRON_DENY
-        fi
+	rm -rf $TEST_DIR
+	rm -f $CRON_ALLOW $CRON_DENY
 }
diff --git a/audit-test/trustedprograms/tests/lastlog01 b/audit-test/trustedprograms/tests/lastlog01
index e559970..047a368 100755
--- a/audit-test/trustedprograms/tests/lastlog01
+++ b/audit-test/trustedprograms/tests/lastlog01
@@ -34,7 +34,6 @@ RHOST="localhost"
 TEST_USER='ll_user'
 TEST_USER_PASSWD='ltP_t3st*_pass'
 TEST_USER_ENCRYPTED_PASSWD='$6$mdf9vvfz$2hQcpjsaKz21PUmjoVfLT23XZb/HbFEKmK6GePHj3arBU2cadAmVDcakSU9HgjaI0u.yzx.XAS3hNXZLtuCZ1.'
-TEST_USER_HOMEDIR="/home/$TEST_USER"
 TEST=0
 
 #-----------------------------------------------------------------------
@@ -46,9 +45,8 @@ create_user(){
         echo "Creating test user $TEST_USER..."
 
 	#erase user if he may exist , so we can have a clean env
-        rm -rf /home/$TEST_USER
-	userdel $TEST_USER
-        sleep 1
+	killall -9 -u $TEST_USER
+	userdel -rf $TEST_USER
 
 	useradd -m -p "$TEST_USER_ENCRYPTED_PASSWD" -g users $TEST_USER
 
@@ -67,8 +65,8 @@ create_user(){
 
 delete_user(){
         echo "Deleting test user $TEST_USER..."
-        rm -rf /home/$TEST_USER
-	userdel $TEST_USER
+	killall -9 -u $TEST_USER
+	userdel -rf $TEST_USER
         if [ $? != 0 ]
         then
                 echo "Not able to delete test user $TEST_USER."
diff --git a/audit-test/trustedprograms/tests/test_usermod_l.bash b/audit-test/trustedprograms/tests/test_usermod_l.bash
index b91610d..452c5c6 100755
--- a/audit-test/trustedprograms/tests/test_usermod_l.bash
+++ b/audit-test/trustedprograms/tests/test_usermod_l.bash
@@ -23,7 +23,7 @@ source tp_auth_functions.bash || exit 2
 # setup
 useradd -n -G games -u $uid $user || exit_error "groupadd failed"
 read user2 uid2 <<<"$(generate_unique_user)"
-prepend_cleanup "userdel -r $user2"
+prepend_cleanup "killall -9 -u $user2; userdel -rf $user2"
 
 # test
 setpid usermod -l $user2 $user || exit_error "usermod failed"
diff --git a/audit-test/trustedprograms/tests/tp_auth_functions.bash b/audit-test/trustedprograms/tests/tp_auth_functions.bash
index 9f0ffee..4792216 100644
--- a/audit-test/trustedprograms/tests/tp_auth_functions.bash
+++ b/audit-test/trustedprograms/tests/tp_auth_functions.bash
@@ -82,7 +82,7 @@ function user_cleanup {
 read group gid <<<"$(generate_unique_group)"
 read user uid <<<"$(generate_unique_user)"
 
-prepend_cleanup "grep -q '^$user:' /etc/passwd && { killall -9 -u '$user' ; userdel -r '$user'; }"
+prepend_cleanup "grep -q '^$user:' /etc/passwd && { killall -9 -u '$user' ; userdel -rf '$user'; }"
 prepend_cleanup "grep -q '^$group:' /etc/group && groupdel '$group'"
 
 set -x
diff --git a/audit-test/trustedprograms/tests/utils.plib b/audit-test/trustedprograms/tests/utils.plib
index 75f4cb8..2c58855 100755
--- a/audit-test/trustedprograms/tests/utils.plib
+++ b/audit-test/trustedprograms/tests/utils.plib
@@ -13,6 +13,7 @@ sub create_user($) {
   if ( ! $username ) {
     return -1;
   }
+  `killall -9 -u '$username'`;
   `userdel -rf '$username' 2>/dev/null`;
   `useradd -m -g users '$username'`;
   if ($? != 0) {
@@ -27,6 +28,7 @@ sub delete_user($) {
     return -1;
   }
   clear_oldpassword();
+  `killall -9 -u '$username'`;
   `userdel -rf '$username'`;
   if ($? != 0) {
     die("ERROR $?: Cannot delete user $username");
diff --git a/audit-test/utils/run.bash b/audit-test/utils/run.bash
index 721e744..7106479 100755
--- a/audit-test/utils/run.bash
+++ b/audit-test/utils/run.bash
@@ -247,7 +247,8 @@ function startup {
     killall -HUP auditd	# reload config when auditd was already running
 
     # Add the test user which is used for unprivileged tests
-    userdel -r "$TEST_USER" &>/dev/null
+    killall -9 -u "$TEST_USER"
+    userdel -Z -rf "$TEST_USER" &>/dev/null
     groupdel "$TEST_USER" &>/dev/null
     dmsg "Adding group $TEST_USER"
     groupadd "$TEST_USER" || die
@@ -257,7 +258,8 @@ function startup {
     faillock --user "$TEST_USER" --reset
 
     # Add the test user which is in sysadm_r
-    userdel -r "$TEST_ADMIN" &>/dev/null
+    killall -9 -u "$TEST_ADMIN"
+    userdel -Z -rf "$TEST_ADMIN" &>/dev/null
     groupdel "$TEST_ADMIN" &>/dev/null
     dmsg "Adding group $TEST_ADMIN"
     groupadd "$TEST_ADMIN" || die
@@ -289,7 +291,7 @@ function cleanup {
         killall -9 -u "$RUSER"
         # Remove the test user
         dmsg "Removing user $RUSER"
-        userdel -Z -r "$RUSER" &>/dev/null
+        userdel -Z -rf "$RUSER" &>/dev/null
         dmsg "Removing group $RUSER"
         groupdel "$RUSER" &>/dev/null
         # Cleanup polyinstantiated home directory
-- 
1.8.3.1

[Audit-test-developer] [PATCH 13/46] misc/procperm: don't fail when removing nonexistent group

From: Jiri J. <jja...@re...> - 2014-09-23 09:44:35

The group may have been removed by userdel due to 'USERGROUPS_ENAB yes'
being set in login.defs.

If - in delete_user - the last groupdel fails, its non-0
return value is carried as a function return value back
to the parent shell and is evaluated as ERROR, so return 0
explicitly.

Signed-off-by: Jiri Jaburek <jja...@re...>
---
 audit-test/misc/tests/test_procperm.bash | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/audit-test/misc/tests/test_procperm.bash b/audit-test/misc/tests/test_procperm.bash
index 554d9f5..7cb55c0 100755
--- a/audit-test/misc/tests/test_procperm.bash
+++ b/audit-test/misc/tests/test_procperm.bash
@@ -49,6 +49,8 @@ function create_user(){
                 echo "Could not add test user $TEST_USER."
                 exit 1
         fi
+
+	return 0
 }
 
 #-----------------------------------------------------------------------
@@ -60,12 +62,15 @@ function delete_user(){
 
         killall -9 -u $TEST_USER
         userdel -rf $TEST_USER >& /dev/null
-	groupdel $TEST_USER >& /dev/null
 
         if [ "$?" != "0" ]; then
                 echo "Not able to delete test user $TEST_USER."
                 exit 1
         fi
+
+	groupdel $TEST_USER >& /dev/null
+
+	return 0
 }
 
 #
-- 
1.8.3.1

[Audit-test-developer] [PATCH 16/46] utils/bin/do_send: use send(2) instead of sendto(2)

From: Jiri J. <jja...@re...> - 2014-09-23 09:44:46

Signed-off-by: Jiri Jaburek <jja...@re...>
---
 audit-test/utils/bin/do_send.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/audit-test/utils/bin/do_send.c b/audit-test/utils/bin/do_send.c
index cefb3b9..573b0b3 100644
--- a/audit-test/utils/bin/do_send.c
+++ b/audit-test/utils/bin/do_send.c
@@ -54,7 +54,7 @@ int main(int argc, char **argv)
   errno = 0;
   sflgs = 0;
   sflgs |= MSG_OOB;
-  rc = sendto(sock, MSG_STRING, MSG_LEN, sflgs, host->ai_addr, host->ai_addrlen);
+  rc = send(sock, MSG_STRING, MSG_LEN, sflgs);
   result = (rc < 0 ? TEST_FAIL : TEST_SUCCESS);
 
   printf("%d %d %d\n", result, result ? errno : rc, getpid());
-- 
1.8.3.1

[Audit-test-developer] [PATCH 17/46] utils/bin/do_ipc: fix segfault when no args are present

From: Jiri J. <jja...@re...> - 2014-09-23 09:44:49

Signed-off-by: Jiri Jaburek <jja...@re...>
---
 audit-test/utils/bin/do_ipc.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/audit-test/utils/bin/do_ipc.c b/audit-test/utils/bin/do_ipc.c
index d845e05..6d1d7ee 100644
--- a/audit-test/utils/bin/do_ipc.c
+++ b/audit-test/utils/bin/do_ipc.c
@@ -22,7 +22,7 @@ int main(int argc, char **argv)
     int exitval, result;
     int op, flags = 0;
 
-    if (argc < 1) {
+    if (argc < 2) {
 	fprintf(stderr, "%s: you must specify an ipc operation\n", argv[0]);
 	return 1;
     }
-- 
1.8.3.1

[Audit-test-developer] [PATCH 18/46] utils/bin/ipc_common: allow custom ipc object mode

From: Jiri J. <jja...@re...> - 2014-09-23 09:44:53

Signed-off-by: Jiri Jaburek <jja...@re...>
---
 audit-test/utils/bin/ipc_common.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/audit-test/utils/bin/ipc_common.c b/audit-test/utils/bin/ipc_common.c
index 02f4977..32db2ae 100644
--- a/audit-test/utils/bin/ipc_common.c
+++ b/audit-test/utils/bin/ipc_common.c
@@ -61,6 +61,12 @@ int translate_ipc_flags(char *string, int *flags)
     if (!strcmp(string, "create"))
 	/* use IPC_EXCL on create to catch cleanup problems */
 	*flags |= IPC_CREAT|IPC_EXCL|S_IRUSR|S_IWUSR;
+    else if (!strncmp(string, "create:", strlen("create:"))) {
+        /* create with custom mode */
+        *flags |= IPC_CREAT|IPC_EXCL;
+        *flags &= ~((int)0x01ff);  /* reset 9 lsbits */
+        *flags |= strtol(string+strlen("create:"), NULL, 8);
+    }
     else if (!strcmp(string, "read"))
 	*flags |= S_IRUSR;
     else if (!strcmp(string, "write"))
-- 
1.8.3.1

[Audit-test-developer] [PATCH 19/46] utils/bin/ipc_common: add support for IPC_STAT

From: Jiri J. <jja...@re...> - 2014-09-23 09:44:56

Signed-off-by: Jiri Jaburek <jja...@re...>
---
 audit-test/utils/bin/ipc_common.c | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/audit-test/utils/bin/ipc_common.c b/audit-test/utils/bin/ipc_common.c
index 32db2ae..359569f 100644
--- a/audit-test/utils/bin/ipc_common.c
+++ b/audit-test/utils/bin/ipc_common.c
@@ -159,6 +159,9 @@ int do_msgctl(int msqid, int cmd)
 	buf.msg_perm.uid = 0; /* use root's uid */
 	ret = msgctl(msqid, cmd, &buf);
 	break;
+    case IPC_STAT:
+	ret = msgctl(msqid, cmd, &buf);
+	break;
     }
     return ret;
 }
@@ -231,6 +234,9 @@ int do_semctl(int semid, int cmd)
 	((struct semid_ds *)sebuf.buf)->sem_perm.uid = 0; /* use root's uid */
 	ret = semctl(semid, 1, cmd, sebuf);
 	break;
+    case IPC_STAT:
+	ret = semctl(semid, 1, cmd, &sebuf);
+	break;
     }
     return ret;
 }
@@ -280,6 +286,9 @@ int do_shmctl(int shmid, int cmd)
 	buf.shm_perm.uid = 0; /* use root's uid */
 	ret = shmctl(shmid, cmd, &buf);
 	break;
+    case IPC_STAT:
+	ret = shmctl(shmid, cmd, &buf);
+	break;
     }
     return ret;
 }
-- 
1.8.3.1

[Audit-test-developer] [PATCH 20/46] utils/bin/ipc_common: allow numeric flag specification

From: Jiri J. <jja...@re...> - 2014-09-23 09:44:59

Signed-off-by: Jiri Jaburek <jja...@re...>
---
 audit-test/utils/bin/ipc_common.c | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/audit-test/utils/bin/ipc_common.c b/audit-test/utils/bin/ipc_common.c
index 359569f..2c93e4d 100644
--- a/audit-test/utils/bin/ipc_common.c
+++ b/audit-test/utils/bin/ipc_common.c
@@ -77,10 +77,8 @@ int translate_ipc_flags(char *string, int *flags)
 	*flags |= IPC_RMID;
     else if (!strcmp(string, "set"))
 	*flags |= IPC_SET;
-    else {
-	fprintf(stderr, "ipc flag must be one of <create|read|write|rdwr|remove|set>\n");
-	return 1;
-    }
+    else
+        *flags |= atoi(string);
 
     return 0;
 }
-- 
1.8.3.1

[Audit-test-developer] [PATCH 21/46] utils/bin/do_mq_open: support for custom create mode

From: Jiri J. <jja...@re...> - 2014-09-23 09:45:03

Signed-off-by: Jiri Jaburek <jja...@re...>
---
 audit-test/utils/bin/do_mq_open.c | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)

diff --git a/audit-test/utils/bin/do_mq_open.c b/audit-test/utils/bin/do_mq_open.c
index 8d0ec9d..85bdf5e 100644
--- a/audit-test/utils/bin/do_mq_open.c
+++ b/audit-test/utils/bin/do_mq_open.c
@@ -23,16 +23,22 @@ int main(int argc, char **argv)
 {
     int exitval, result;
     int flags = 0;
+    mode_t mode = S_IRWXU;
 
     if (argc < 3) {
-	fprintf(stderr, "Usage:\n%s <path> <create|read|write|rdwr> [context]\n",
-		argv[0]);
+	fprintf(stderr, "Usage:\n"
+                "%s <path> <create|create:mode|read|write|rdwr> [context]\n",
+                argv[0]);
 	return 1;
     }
 
     if (!strcmp(argv[2], "create")) {
 	/* use O_EXCL on create to catch cleanup problems */
 	flags |= O_CREAT|O_EXCL;
+    } else if (!strncmp(argv[2], "create:", 7)) {
+        /* create with custom mode */
+        flags |= O_CREAT|O_EXCL;
+        mode = strtol(argv[2]+7, NULL, 8);
     } else if (!strcmp(argv[2], "read")) {
 	flags |= O_RDONLY;
     } else if (!strcmp(argv[2], "write")) {
@@ -40,8 +46,6 @@ int main(int argc, char **argv)
     } else if (!strcmp(argv[2], "rdwr")) {
 	flags |= O_RDWR;
     } else {
-	fprintf(stderr, "Usage:\n%s <path> <create|read|write|rdwr> [context]\n",
-		argv[0]);
 	return 1;
     }
 
@@ -53,7 +57,7 @@ int main(int argc, char **argv)
 #endif
 
     errno = 0;
-    exitval = mq_open(argv[1], flags, S_IRWXU, NULL);
+    exitval = mq_open(argv[1], flags, mode, NULL);
     result = exitval < 0;
 
     printf("%d %d %d\n", result, result ? errno : exitval, getpid());
-- 
1.8.3.1

[Audit-test-developer] [PATCH 22/46] utils/bin/do_send: don't set OOB on UDP

From: Jiri J. <jja...@re...> - 2014-09-23 09:45:07

This avoids the EOPNOTSUPP error.

Signed-off-by: Jiri Jaburek <jja...@re...>
---
 audit-test/utils/bin/do_send.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/audit-test/utils/bin/do_send.c b/audit-test/utils/bin/do_send.c
index 573b0b3..8a25675 100644
--- a/audit-test/utils/bin/do_send.c
+++ b/audit-test/utils/bin/do_send.c
@@ -20,7 +20,7 @@
 
 int main(int argc, char **argv)
 {
-  int rc, result, sflgs;
+  int rc, result, sflgs = 0;
   struct addrinfo *host = NULL;
   struct addrinfo addr_hints;
   int sock;
@@ -34,6 +34,7 @@ int main(int argc, char **argv)
   if (strcasecmp(argv[2], "tcp") == 0) {
     addr_hints.ai_socktype = SOCK_STREAM;
     addr_hints.ai_protocol = IPPROTO_TCP;
+    sflgs |= MSG_OOB;
   } else if (strcasecmp(argv[2], "udp") == 0) {
     addr_hints.ai_socktype = SOCK_DGRAM;
     addr_hints.ai_protocol = IPPROTO_UDP;
@@ -52,8 +53,6 @@ int main(int argc, char **argv)
     return TEST_ERROR;
 
   errno = 0;
-  sflgs = 0;
-  sflgs |= MSG_OOB;
   rc = send(sock, MSG_STRING, MSG_LEN, sflgs);
   result = (rc < 0 ? TEST_FAIL : TEST_SUCCESS);
 
-- 
1.8.3.1

[Audit-test-developer] [PATCH 24/46] utils/bin/do_bind: support unix domain sockets

From: Jiri J. <jja...@re...> - 2014-09-23 09:45:13

Signed-off-by: Jiri Jaburek <jja...@re...>
---
 audit-test/syscalls/syscall_functions.bash |  4 +--
 audit-test/utils/bin/do_bind.c             | 49 +++++++++++++++++++++---------
 2 files changed, 37 insertions(+), 16 deletions(-)

diff --git a/audit-test/syscalls/syscall_functions.bash b/audit-test/syscalls/syscall_functions.bash
index 161331e..bd38b40 100644
--- a/audit-test/syscalls/syscall_functions.bash
+++ b/audit-test/syscalls/syscall_functions.bash
@@ -715,8 +715,8 @@ function create_io_objects_cap {
 	io_priv)
 	    flag=1 ;;	# process io privilege level
 	port_priv)
-	    target=24 	# site-dependent mail handling, unused
-	    flag=0	# INADDR_ANY
+	    target=0.0.0.0	# INADDR_ANY
+	    flag=24		# site-dependent mail handling, unused
 	    [[ -n $op ]] && augrokfunc=augrok_op ;;
 	fio_fibmap)
 	    create_file target mode="a+rwx"
diff --git a/audit-test/utils/bin/do_bind.c b/audit-test/utils/bin/do_bind.c
index 1e77bd6..f6bfe75 100644
--- a/audit-test/utils/bin/do_bind.c
+++ b/audit-test/utils/bin/do_bind.c
@@ -16,33 +16,54 @@
 #include "includes.h"
 #include <sys/socket.h>
 #include <netinet/in.h>
-#include <linux/net.h>
+#include <arpa/inet.h>
+#include <linux/un.h>  /* instead of <sys/un.h> for UNIX_PATH_MAX */
 
 int main(int argc, char **argv)
 {
     int exitval, result;
     int sockfd;
-    struct sockaddr_in my_addr;
-    socklen_t addrlen = sizeof(my_addr);
+    union {
+        struct sockaddr_in in;
+        struct sockaddr_un un;
+    } addr;
+    socklen_t addrlen;
+    int domain;
 
-    if (argc != 3) {
-	fprintf(stderr, "Usage:\n%s <port> <0|127>\n", argv[0]);
-	return 1;
+    if (argc < 2) {
+        fprintf(stderr, "Usage:\n"
+                        "%s <address> [port]\n"
+                        "%s <unix_path>\n",
+                        argv[0], argv[0]);
+        return 1;
     }
 
-    memset(&my_addr, 0, addrlen);
-    my_addr.sin_family = AF_INET;
-    my_addr.sin_port = htons(atoi(argv[1]));
-    my_addr.sin_addr.s_addr = atoi(argv[2]);
+    /* try ipv4 addr first, fallback to unix domain sockets */
+    if (inet_aton(argv[1], NULL)) {
+        domain = PF_INET;
+        addrlen = sizeof(struct sockaddr_in);
+        memset(&addr, 0, addrlen);
+        addr.in.sin_family = AF_INET;
+        if (argc >= 3)
+            addr.in.sin_port = htons(atoi(argv[2]));
+        printf("%d\n", ntohs(addr.in.sin_port));
+        inet_aton(argv[1], &addr.in.sin_addr);
+    } else {
+        domain = PF_UNIX;
+        addrlen = sizeof(struct sockaddr_un);
+        memset(&addr, 0, addrlen);
+        addr.un.sun_family = AF_UNIX;
+        strncpy(addr.un.sun_path, argv[1], UNIX_PATH_MAX);
+    }
 
-    sockfd = socket(PF_INET, SOCK_STREAM, 0);
+    sockfd = socket(domain, SOCK_STREAM, 0);
     if (sockfd < 0) {
-	perror("do_bind: open socket");
-	return TEST_ERROR;
+        perror("do_bind: open socket");
+        return TEST_ERROR;
     }
 
     errno = 0;
-    exitval = bind(sockfd, (struct sockaddr *)&my_addr, addrlen);
+    exitval = bind(sockfd, (struct sockaddr *)&addr, addrlen);
     result = exitval < 0;
 
     printf("%d %d %d\n", result, result ? errno : exitval, getpid());
-- 
1.8.3.1

[Audit-test-developer] [PATCH 25/46] utils/bin/do_clone: make flag optional

From: Jiri J. <jja...@re...> - 2014-09-23 09:45:18

Signed-off-by: Jiri Jaburek <jja...@re...>
---
 audit-test/utils/bin/do_clone.c | 19 +++++++++----------
 1 file changed, 9 insertions(+), 10 deletions(-)

diff --git a/audit-test/utils/bin/do_clone.c b/audit-test/utils/bin/do_clone.c
index 4988e3f..fa89ba8 100644
--- a/audit-test/utils/bin/do_clone.c
+++ b/audit-test/utils/bin/do_clone.c
@@ -22,16 +22,15 @@ int main(int argc, char **argv)
     int flags = CLONE_VFORK;
     pid_t pid;
 
-    if (argc != 2) {
-	fprintf(stderr, "Usage:\n%s <flag>\n", argv[0]);
-	return TEST_ERROR;
-    }
-
-    if (!strcmp(argv[1], "newns")) {
-	flags |= CLONE_NEWNS;
-    } else {
-	fprintf(stderr, "Usage:\n%s: unknown flag: %s\n", argv[0], argv[1]);
-	return TEST_ERROR;
+    /* Usage: "%s [flag]\n", argv[0] */
+
+    if (argc >= 2) {
+        if (!strcmp(argv[1], "newns")) {
+            flags |= CLONE_NEWNS;
+        } else {
+            fprintf(stderr, "unknown flag: %s\n", argv[1]);
+            return TEST_ERROR;
+        }
     }
 
     /* use syscall() to force clone over clone2 */
-- 
1.8.3.1

[Audit-test-developer] [PATCH 26/46] utils/bin/do_*kill: support kill -0 (pid existence check)

From: Jiri J. <jja...@re...> - 2014-09-23 09:45:21

Signed-off-by: Jiri Jaburek <jja...@re...>
---
 audit-test/utils/bin/do_kill.c   | 17 +++++++++++------
 audit-test/utils/bin/do_tgkill.c | 13 +++++++++----
 audit-test/utils/bin/do_tkill.c  | 13 +++++++++----
 3 files changed, 29 insertions(+), 14 deletions(-)

diff --git a/audit-test/utils/bin/do_kill.c b/audit-test/utils/bin/do_kill.c
index b52a999..c811679 100644
--- a/audit-test/utils/bin/do_kill.c
+++ b/audit-test/utils/bin/do_kill.c
@@ -22,8 +22,8 @@ int main(int argc, char **argv)
     int pid, signum;
 
     if (argc < 3) {
-	fprintf(stderr, "Usage:\n%s <pid> <sigkill|sigstop|sigusr1> [group]\n", argv[0]);
-	return 1;
+        fprintf(stderr, "Usage:\n%s <pid> <sigkill|sigstop|sigusr1|pidcheck> [group]\n", argv[0]);
+        return 1;
     }
     pid = atoi(argv[1]);
 
@@ -33,17 +33,22 @@ int main(int argc, char **argv)
 	signum = SIGSTOP;
     } else if (!strcmp(argv[2], "sigusr1")) {
 	signum = SIGUSR1;
+    } else if (!strcmp(argv[2], "pidcheck")) {
+       /* "If  sig  is 0, then no signal is sent, but error checking is still
+        * performed; this can be used to check for the existence of a process ID
+        * or process group ID." */
+        signum = 0;
     } else {
-	fprintf(stderr, "Usage:\n%s <pid> <sigkill|sigstop|sigusr1> [group]\n", argv[0]);
-	return 1;
+        fprintf(stderr, "unsupported signal\n");
+        return 1;
     }
 
     if (argc > 3) {
 	if (!strcmp(argv[3], "group"))
 	    pid = -pid;
 	else {
-	    fprintf(stderr, "Usage:\n%s <pid> <sigkill|sigstop|sigusr1> [group]\n", argv[0]);
-	    return 1;
+            fprintf(stderr, "invalid argument\n");
+            return 1;
 	}
     }
 
diff --git a/audit-test/utils/bin/do_tgkill.c b/audit-test/utils/bin/do_tgkill.c
index b781a35..1d7db5c 100644
--- a/audit-test/utils/bin/do_tgkill.c
+++ b/audit-test/utils/bin/do_tgkill.c
@@ -22,8 +22,8 @@ int main(int argc, char **argv)
     int pid, signum;
 
     if (argc < 3) {
-	fprintf(stderr, "Usage:\n%s <pid> <sigkill|sigstop|sigusr1>\n", argv[0]);
-	return 1;
+        fprintf(stderr, "Usage:\n%s <pid> <sigkill|sigstop|sigusr1|pidcheck>\n", argv[0]);
+        return 1;
     }
     pid = atoi(argv[1]);
 
@@ -33,9 +33,14 @@ int main(int argc, char **argv)
 	signum = SIGSTOP;
     } else if (!strcmp(argv[2], "sigusr1")) {
 	signum = SIGUSR1;
+    } else if (!strcmp(argv[2], "pidcheck")) {
+       /* "If  sig  is 0, then no signal is sent, but error checking is still
+        * performed; this can be used to check for the existence of a process ID
+        * or process group ID." */
+        signum = 0;
     } else {
-	fprintf(stderr, "Usage:\n%s <pid> <sigkill|sigstop|sigusr1>\n", argv[0]);
-	return 1;
+        fprintf(stderr, "unsupported signal\n");
+        return 1;
     }
 
     errno = 0;
diff --git a/audit-test/utils/bin/do_tkill.c b/audit-test/utils/bin/do_tkill.c
index fd3ebd2..51b25be 100644
--- a/audit-test/utils/bin/do_tkill.c
+++ b/audit-test/utils/bin/do_tkill.c
@@ -22,8 +22,8 @@ int main(int argc, char **argv)
     int pid, signum;
 
     if (argc < 3) {
-	fprintf(stderr, "Usage:\n%s <pid> <sigkill|sigstop|sigusr1>\n", argv[0]);
-	return 1;
+        fprintf(stderr, "Usage:\n%s <pid> <sigkill|sigstop|sigusr1|pidcheck>\n", argv[0]);
+        return 1;
     }
     pid = atoi(argv[1]);
 
@@ -33,9 +33,14 @@ int main(int argc, char **argv)
 	signum = SIGSTOP;
     } else if (!strcmp(argv[2], "sigusr1")) {
 	signum = SIGUSR1;
+    } else if (!strcmp(argv[2], "pidcheck")) {
+       /* "If  sig  is 0, then no signal is sent, but error checking is still
+        * performed; this can be used to check for the existence of a process ID
+        * or process group ID." */
+        signum = 0;
     } else {
-	fprintf(stderr, "Usage:\n%s <pid> <sigkill|sigstop|sigusr1>\n", argv[0]);
-	return 1;
+        fprintf(stderr, "unsupported signal\n");
+        return 1;
     }
 
     /* use syscall() as no library routine for sys_tkill */
-- 
1.8.3.1

[Audit-test-developer] [PATCH 27/46] utils/bin/do_chown, lchown: support setting group

From: Jiri J. <jja...@re...> - 2014-09-23 09:45:24

From: Miroslav Vadkerti <mva...@re...>

This patch makes it possible to optionally set user
or group or both. To skip the setting pass empty string,
i.e. "".

This change is backward compatible with previous binary
usage in the syscall bucket.

Signed-off-by: Miroslav Vadkerti <mva...@re...>
---
 audit-test/utils/bin/do_chown.c  | 32 ++++++++++++++++++++++++--------
 audit-test/utils/bin/do_lchown.c | 34 +++++++++++++++++++++++++---------
 2 files changed, 49 insertions(+), 17 deletions(-)

diff --git a/audit-test/utils/bin/do_chown.c b/audit-test/utils/bin/do_chown.c
index 01b4b1e..54ff5b6 100644
--- a/audit-test/utils/bin/do_chown.c
+++ b/audit-test/utils/bin/do_chown.c
@@ -15,26 +15,42 @@
 
 #include "includes.h"
 #include <pwd.h>
+#include <grp.h>
 
 int main(int argc, char **argv)
 {
     int exitval, result;
+    gid_t gid = -1;
+    uid_t uid = -1;
     struct passwd *pw;
+    struct group *grp;
 
-    if (argc != 3) {
-	fprintf(stderr, "Usage:\n%s <path> <owner>\n", argv[0]);
-	return TEST_ERROR;
+    if (argc != 3 && argc != 4) {
+        fprintf(stderr, "Usage:\n%s <path> <owner> [<group>]\n", argv[0]);
+        return TEST_ERROR;
     }
 
-    pw = getpwnam(argv[2]);
-    if (!pw) {
-	perror("do_chown: getpwnam");
-	return TEST_ERROR;
+    if(strcmp(argv[2],"")) {
+        pw = getpwnam(argv[2]);
+        if (!pw) {
+            perror("do_chown: getpwnam");
+            return TEST_ERROR;
+        }
+        uid = pw->pw_uid;
+    }
+
+    if(argc == 4 && strcmp(argv[3],"")) {
+        grp = getgrnam(argv[3]);
+        if(!grp) {
+            perror("do_chown: getgrnam");
+            return TEST_ERROR;
+        }
+        gid = grp->gr_gid;
     }
 
     /* use syscall() to force chown over chown32 */
     errno = 0;
-    exitval = syscall(__NR_chown, argv[1], pw->pw_uid, -1);
+    exitval = syscall(__NR_chown, argv[1], uid, gid);
     result = exitval < 0;
 
     printf("%d %d %d\n", result, result ? errno : exitval, getpid());
diff --git a/audit-test/utils/bin/do_lchown.c b/audit-test/utils/bin/do_lchown.c
index da4be54..ab19662 100644
--- a/audit-test/utils/bin/do_lchown.c
+++ b/audit-test/utils/bin/do_lchown.c
@@ -15,28 +15,44 @@
 
 #include "includes.h"
 #include <pwd.h>
+#include <grp.h>
 
 int main(int argc, char **argv)
 {
     int exitval, result;
+    gid_t gid = -1;
+    uid_t uid = -1;
     struct passwd *pw;
+    struct group *grp;
 
-    if (argc != 3) {
-	fprintf(stderr, "Usage:\n%s <path> <owner>\n", argv[0]);
-	return TEST_ERROR;
+    if (argc != 3 && argc != 4) {
+        fprintf(stderr, "Usage:\n%s <path> <owner> [<group>]\n", argv[0]);
+        return TEST_ERROR;
     }
 
-    pw = getpwnam(argv[2]);
-    if (!pw) {
-	perror("do_lchown: getpwnam");
-	return TEST_ERROR;
+    if(strcmp(argv[2],"")) {
+        pw = getpwnam(argv[2]);
+        if (!pw) {
+            perror("do_lchown: getpwnam");
+            return TEST_ERROR;
+        }
+        uid = pw->pw_uid;
+    }
+
+    if(argc == 4 && strcmp(argv[3],"")) {
+        grp = getgrnam(argv[3]);
+        if(!grp) {
+            perror("do_lchown: getgrnam");
+            return TEST_ERROR;
+        }
+        gid = grp->gr_gid;
     }
 
-    /* use syscall() to force lchown over lchown32 */
     errno = 0;
-    exitval = syscall(__NR_lchown, argv[1], pw->pw_uid, -1);
+    exitval = syscall(__NR_lchown, argv[1], uid, gid);
     result = exitval < 0;
 
     printf("%d %d %d\n", result, result ? errno : exitval, getpid());
     return result;
+
 }
-- 
1.8.3.1

1 2 3 > >> (Page 1 of 3)