A few changes to help ensure the signal test runs correctly:
1. Increase the sleep duration of the ptrace test to 5 seconds as
100ms was not reliably long enough on all of my test systems.
2. Spawn a separate process to send the TERM signal to the test
processes as the script process may not be eligible for auditing
if the system has the default '-a exit,always never' filter rule.
3. Fix the process group's child tasks to properly exit after
sleeping.
Signed-off-by: Paul Moore <p...@paul-moore.com>
---
tests/signal/test | 20 +++++++++++++-------
1 file changed, 13 insertions(+), 7 deletions(-)
diff --git a/tests/signal/test b/tests/signal/test
index 16ad39b..683a110 100755
--- a/tests/signal/test
+++ b/tests/signal/test
@@ -49,7 +49,7 @@ my $result;
# Add rule to catch signals generated by self
$result =
system(
-"auditctl -a exit,always -F arch=b$ENV{MODE} -S kill -F pid=$$ -F key=$key
>/dev/null 2>&1"
+"auditctl -a exit,always -F arch=b$ENV{MODE} -S kill -F key=$key >/dev/null
2>&1"
);
ok( $result, 0 ); # Was the rule accepted?
@@ -59,16 +59,22 @@ if ( not $task1_pid ) {
setpgrp || die;
# create 2 child processes
- fork || sleep 10;
- fork || sleep 10;
+ for ( 1 .. 2 ) {
+ if ( not fork ) {
+ sleep 10;
+ exit;
+ }
+ }
sleep 10;
}
sleep 1;
+# Did taskself start okay
+ok( $task1_pid > 0 );
+
# generate signal
-my $count = kill 'SIGTERM', -$task1_pid;
-ok( $count, 1 ); # Was the signal delivered?
-ok( $task1_pid > 0 ); # Did taskself start ok?
+$result = system("kill -SIGTERM $task1_pid");
+ok( $result, 0 );
# Delete audit rule
system(
@@ -85,7 +91,7 @@ ok( $result, 0 ); # Was the rule accepted?
# Create task to which to attach
seek( $fh_out, 0, 0 );
-system("sleep .1 >/dev/null 2>&1 & echo \$! >$stdout");
+system("sleep 5 >/dev/null 2>&1 & echo \$! >$stdout");
my $task2_pid = <$fh_out>;
chomp($task2_pid);
--
Linux-audit mailing list
Linux-audit@redhat.com
https://listman.redhat.com/mailman/listinfo/linux-audit
