54 lines
2.0 KiB
Bash
Executable File
54 lines
2.0 KiB
Bash
Executable File
#!/bin/bash
|
|
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
|
|
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
#
|
|
# runtest.sh of /CoreOS/iptables/Regression/xtables-tools-locking-vulnerable-to-local-DoS
|
|
# Description: Test for xtables tools locking vulnerable to local DoS
|
|
# Author: Tomas Dolezal <todoleza@redhat.com>
|
|
#
|
|
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
#
|
|
# Copyright (c) 2015 Red Hat, Inc.
|
|
#
|
|
# This program is free software: you can redistribute it and/or
|
|
# modify it under the terms of the GNU General Public License as
|
|
# published by the Free Software Foundation, either version 2 of
|
|
# the License, or (at your option) any later version.
|
|
#
|
|
# This program is distributed in the hope that it will be
|
|
# useful, but WITHOUT ANY WARRANTY; without even the implied
|
|
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
|
# PURPOSE. See the GNU General Public License for more details.
|
|
#
|
|
# You should have received a copy of the GNU General Public License
|
|
# along with this program. If not, see http://www.gnu.org/licenses/.
|
|
#
|
|
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
|
|
# Include Beaker environment
|
|
. /usr/bin/rhts-environment.sh || exit 1
|
|
. /usr/share/beakerlib/beakerlib.sh || exit 1
|
|
|
|
rlJournalStart
|
|
rlPhaseStartSetup
|
|
rlRun "TmpDir=\$(mktemp -d)" 0 "Creating tmp directory"
|
|
rlRun "pushd $TmpDir"
|
|
rlPhaseEnd
|
|
|
|
rlPhaseStartTest
|
|
if rlIsRHEL '<8' || rlIsFedora '<32' || rlIsCentOS '<8'; then
|
|
rlRun "strace -fe flock,bind,open,openat -o strace.out iptables -w -L" 0 "execute iptables in strace"
|
|
echo --debug--; cat strace.out
|
|
rlAssertNotGrep "bind.*xtables" strace.out -E
|
|
rlAssertGrep " flock(" strace.out
|
|
rlAssertGrep "/run/xtables.lock" strace.out
|
|
fi
|
|
rlPhaseEnd
|
|
|
|
rlPhaseStartCleanup
|
|
rlRun "popd"
|
|
rlRun "rm -r $TmpDir" 0 "Removing tmp directory"
|
|
rlPhaseEnd
|
|
rlJournalPrintText
|
|
rlJournalEnd
|