On 12/21/2021 5:12 AM, Vishal Goel wrote:
Hi,
Signed-off-by: Vishal Goel <[email protected]>
What test case do you have that generates these records?
Could you include a permissive license with this code?
I'd like to add it or a derivative of it to the Smack test suite.
Test case for 1st log:-
void main(int argc,char *argv[])
{
int pid;
if (argc < 2) {
printf("enter pid of the tracee process\n");
exit(0);
}
pid = atoi(argv[1]);
fprintf(stderr,"Inside\n");
ptrace(PTRACE_ATTACH, pid,NULL,NULL);
while(1)
{
sleep(10);
}
}
Test case for 2nd log:-
void main(int argc,char *argv[])
{
int pid;
pid = getpid();
fprintf(stderr,"Inside\n");
ptrace(PTRACE_TRACEME, pid,NULL,NULL);
while(1)
{
sleep(10);
}
}
Test case for 3rd log:-
void main()
{
int pid;
char *argv[2];
fprintf(stderr,"Inside\n");
pid = fork();
if(pid == 0) {
argv[0] = "/tst_pt";
argv[1] = NULL;
if(ptrace(PTRACE_TRACEME, pid,NULL,NULL))
printf("attached child\n");
printf("going for exec\n");
execv("/tst_pt",argv);
}
else
{
while(1)
{
sleep(10);
}
}
}
Added linux-audit to the CC list.
Thanks
Vishal Goel
--
Linux-audit mailing list
[email protected]
https://listman.redhat.com/mailman/listinfo/linux-audit
