setroubleshoot/tests/Regression/embedded-null-byte-in-audit-records/runtest.sh

66 lines
2.5 KiB
Bash
Raw Normal View History

#!/bin/bash
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# runtest.sh of /CoreOS/setroubleshoot/Regression/embedded-null-byte-in-audit-records
# Description: Is sealert able to processes audit messages which contain embedded null bytes?
# Author: Milos Malik <mmalik@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2019 Red Hat, Inc.
#
# This program is free software: you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation, either version 2 of
# the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see http://www.gnu.org/licenses/.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# Include Beaker environment
. /usr/bin/rhts-environment.sh || exit 1
. /usr/share/beakerlib/beakerlib.sh || exit 1
PACKAGE="setroubleshoot"
rlJournalStart
rlPhaseStartSetup
rlAssertRpm ${PACKAGE}
rlRun "rpm -qf /usr/sbin/ausearch"
rlRun "rpm -qf /usr/bin/audit2allow"
rlRun "rpm -qf /usr/bin/sealert"
OUTPUT_FILE=`mktemp`
rlPhaseEnd
rlPhaseStartTest "bz#1775135 + bz#1776199"
if rlIsRHEL 7 ; then
rlRun "ausearch -i -m avc -if ./audit.log"
rlRun "audit2allow -i ./audit.log"
# if sealert got stuck, kill it after 15 seconds
rlWatchdog "sealert -a ./audit.log 2>&1 | tee ${OUTPUT_FILE}" 15
else # Fedora, RHEL-8 and above
rlRun "ausearch -i -m avc -if ./short.log"
rlRun "audit2allow -i ./short.log"
# if sealert got stuck, kill it after 15 seconds
rlWatchdog "sealert -a ./short.log 2>&1 | tee ${OUTPUT_FILE}" 15
fi
rlRun "grep -i -e Traceback -e TypeError -e embedded -e \"null byte\" ${OUTPUT_FILE}" 1
rlRun "grep -i \"Plugin catchall\" ${OUTPUT_FILE}" 0
if [ $? -ne 0 ]; then cat ${OUTPUT_FILE}; fi
rlPhaseEnd
rlPhaseStartCleanup
rm -f ${OUTPUT_FILE}
rlPhaseEnd
rlJournalPrintText
rlJournalEnd