at 2010-2-8 18:10, Garrett Cooper wrote: > On Sun, Feb 7, 2010 at 10:08 PM, Rishikesh <[email protected]> > wrote: >> On 02/08/2010 11:32 AM, Shi Weihua wrote: >>> An error occured on my i386 box. >>> (OS: Fedora8, Kernel: 2.6.33-rc6, libcap: libcap-2.16) >>> ------------- >>> exec_without_inh 1 TFAIL : Failed to drop CAP_SYS_ADMIN from bounding >>> set. >>> exec_without_inh 0 TINFO : (ret=-1, errno 38) >>> ------------- >>> If the macro HAVE_DECL_CAP_BSET_DROP is 0, this error will occurs. >>> But the program should to be broken when f != CAP_SET, like the similar code >>> "if (ret || f != CAP_SET) {" in exec_with_inh.c. >>> >>> The TBROK message will be outputted if my patch merged. >>> ------------- >>> exec_without_inh 1 TBROK : Failed to add CAP_SYS_ADMIN to pI >>> >> Looks good. I will include if others are not having any comment. >> >> Acked-by: Rishikesh K Rajak <[email protected]> >> >> Thanks >> Rishi >> >>> ------------- >>> >>> Signed-off-by: Shi Weihua<[email protected]> >>> --- >>> --- testcases/kernel/security/cap_bound/exec_without_inh.c.orig >>> 2010-02-08 11:54:22.000000000 -0500 >>> +++ testcases/kernel/security/cap_bound/exec_without_inh.c 2010-02-08 >>> 11:55:00.000000000 -0500 >>> @@ -80,6 +80,11 @@ int main(int argc, char *argv[]) >>> tst_exit(); >>> } >>> } >>> + else if (ret) { >>> + tst_resm(TBROK, "Failed to add CAP_SYS_ADMIN to pI\n"); >>> + tst_exit(); >>> + } >>> + >>> #if HAVE_DECL_CAP_FREE >>> cap_free(cur); >>> #endif > > Wow -- I really made a mess of that test a few months back... please do... > > else if (ret) { > tst_brkm(TBROK | TERRNO, tst_exit, "Failed to add > CAP_SYS_ADMIN to pI"); > } > > ... instead.
ok. I fixed it based on your advice. Signed-off-by: Shi Weihua<[email protected]> --- --- testcases/kernel/security/cap_bound/exec_without_inh.c.orig 2010-02-08 11:54:22.000000000 -0500 +++ testcases/kernel/security/cap_bound/exec_without_inh.c 2010-02-09 10:11:15.000000000 -0500 @@ -80,6 +80,10 @@ int main(int argc, char *argv[]) tst_exit(); } } + else if (ret) { + tst_brkm(TBROK | TERRNO, tst_exit, "Failed to add \ + CAP_SYS_ADMIN to pI"); + } #if HAVE_DECL_CAP_FREE cap_free(cur); #endif > Thanks for catching that one failure point ;)...! > -Garrett > > ------------------------------------------------------------------------------ The Planet: dedicated and managed hosting, cloud storage, colocation Stay online with enterprise data centers and the best network in the business Choose flexible plans and management services without long-term contracts Personal 24x7 support from experience hosting pros just a phone call away. http://p.sf.net/sfu/theplanet-com _______________________________________________ Ltp-list mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/ltp-list
