Index: head/tests/sys/audit/administrative.c =================================================================== --- head/tests/sys/audit/administrative.c +++ head/tests/sys/audit/administrative.c @@ -369,57 +369,6 @@ } -ATF_TC_WITH_CLEANUP(auditon_success); -ATF_TC_HEAD(auditon_success, tc) -{ - atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " - "auditon(2) call"); -} - -ATF_TC_BODY(auditon_success, tc) -{ - pid = getpid(); - au_evclass_map_t evclass; - snprintf(adregex, sizeof(adregex), "auditon.*%d.*return,success", pid); - - /* Initialize evclass to get the event-class mapping for auditon(2) */ - evclass.ec_number = AUE_AUDITON; - evclass.ec_class = 0; - FILE *pipefd = setup(fds, auclass); - ATF_REQUIRE_EQ(0, auditon(A_GETCLASS, &evclass, sizeof(&evclass))); - check_audit(fds, adregex, pipefd); -} - -ATF_TC_CLEANUP(auditon_success, tc) -{ - cleanup(); -} - - -ATF_TC_WITH_CLEANUP(auditon_failure); -ATF_TC_HEAD(auditon_failure, tc) -{ - atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " - "auditon(2) call"); -} - -ATF_TC_BODY(auditon_failure, tc) -{ - pid = getpid(); - snprintf(adregex, sizeof(adregex), "auditon.*%d.*return,failure", pid); - - FILE *pipefd = setup(fds, auclass); - /* Failure reason: Invalid au_evclass_map_t structure */ - ATF_REQUIRE_EQ(-1, auditon(A_GETCLASS, NULL, 0)); - check_audit(fds, adregex, pipefd); -} - -ATF_TC_CLEANUP(auditon_failure, tc) -{ - cleanup(); -} - - ATF_TC_WITH_CLEANUP(acct_success); ATF_TC_HEAD(acct_success, tc) { @@ -791,6 +740,507 @@ } +ATF_TC_WITH_CLEANUP(auditon_getpolicy_success); +ATF_TC_HEAD(auditon_getpolicy_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "auditon(2) call for cmd: A_GETPOLICY"); +} + +ATF_TC_BODY(auditon_getpolicy_success, tc) +{ + int aupolicy; + pid = getpid(); + snprintf(adregex, sizeof(adregex), "GPOLICY command.*%d.*success", pid); + + FILE *pipefd = setup(fds, auclass); + ATF_REQUIRE_EQ(0, auditon(A_GETPOLICY, &aupolicy, sizeof(aupolicy))); + check_audit(fds, adregex, pipefd); +} + +ATF_TC_CLEANUP(auditon_getpolicy_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(auditon_getpolicy_failure); +ATF_TC_HEAD(auditon_getpolicy_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "auditon(2) call for cmd: A_GETPOLICY"); +} + +ATF_TC_BODY(auditon_getpolicy_failure, tc) +{ + pid = getpid(); + snprintf(adregex, sizeof(adregex), "GPOLICY command.*%d.*failure", pid); + + FILE *pipefd = setup(fds, auclass); + /* Failure reason: Invalid argument */ + ATF_REQUIRE_EQ(-1, auditon(A_GETPOLICY, NULL, 0)); + check_audit(fds, adregex, pipefd); +} + +ATF_TC_CLEANUP(auditon_getpolicy_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(auditon_setpolicy_success); +ATF_TC_HEAD(auditon_setpolicy_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "auditon(2) call for cmd: A_SETPOLICY"); +} + +ATF_TC_BODY(auditon_setpolicy_success, tc) +{ + int aupolicy; + pid = getpid(); + snprintf(adregex, sizeof(adregex), "SPOLICY command.*%d.*success", pid); + + /* Retrieve the current auditing policy, to be used with A_SETPOLICY */ + ATF_REQUIRE_EQ(0, auditon(A_GETPOLICY, &aupolicy, sizeof(aupolicy))); + FILE *pipefd = setup(fds, auclass); + ATF_REQUIRE_EQ(0, auditon(A_SETPOLICY, &aupolicy, sizeof(aupolicy))); + check_audit(fds, adregex, pipefd); +} + +ATF_TC_CLEANUP(auditon_setpolicy_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(auditon_setpolicy_failure); +ATF_TC_HEAD(auditon_setpolicy_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "auditon(2) call for cmd: A_SETPOLICY"); +} + +ATF_TC_BODY(auditon_setpolicy_failure, tc) +{ + pid = getpid(); + snprintf(adregex, sizeof(adregex), "SPOLICY command.*%d.*failure", pid); + + FILE *pipefd = setup(fds, auclass); + /* Failure reason: Invalid argument */ + ATF_REQUIRE_EQ(-1, auditon(A_SETPOLICY, NULL, 0)); + check_audit(fds, adregex, pipefd); +} + +ATF_TC_CLEANUP(auditon_setpolicy_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(auditon_getkmask_success); +ATF_TC_HEAD(auditon_getkmask_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "auditon(2) call for cmd: A_GETKMASK"); +} + +ATF_TC_BODY(auditon_getkmask_success, tc) +{ + pid = getpid(); + au_mask_t evmask; + snprintf(adregex, sizeof(adregex), "get kernel mask.*%d.*success", pid); + + bzero(&evmask, sizeof(evmask)); + FILE *pipefd = setup(fds, auclass); + ATF_REQUIRE_EQ(0, auditon(A_GETKMASK, &evmask, sizeof(evmask))); + check_audit(fds, adregex, pipefd); +} + +ATF_TC_CLEANUP(auditon_getkmask_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(auditon_getkmask_failure); +ATF_TC_HEAD(auditon_getkmask_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "auditon(2) call for cmd: A_GETKMASK"); +} + +ATF_TC_BODY(auditon_getkmask_failure, tc) +{ + pid = getpid(); + snprintf(adregex, sizeof(adregex), "get kernel mask.*%d.*failure", pid); + + FILE *pipefd = setup(fds, auclass); + /* Failure reason: Invalid au_mask_t structure */ + ATF_REQUIRE_EQ(-1, auditon(A_GETKMASK, NULL, 0)); + check_audit(fds, adregex, pipefd); +} + +ATF_TC_CLEANUP(auditon_getkmask_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(auditon_setkmask_success); +ATF_TC_HEAD(auditon_setkmask_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "auditon(2) call for cmd: A_SETKMASK"); +} + +ATF_TC_BODY(auditon_setkmask_success, tc) +{ + pid = getpid(); + au_mask_t evmask; + snprintf(adregex, sizeof(adregex), "set kernel mask.*%d.*success", pid); + + /* Retrieve the current audit mask to be used with A_SETKMASK */ + bzero(&evmask, sizeof(evmask)); + ATF_REQUIRE_EQ(0, auditon(A_GETKMASK, &evmask, sizeof(evmask))); + + FILE *pipefd = setup(fds, auclass); + ATF_REQUIRE_EQ(0, auditon(A_SETKMASK, &evmask, sizeof(evmask))); + check_audit(fds, adregex, pipefd); +} + +ATF_TC_CLEANUP(auditon_setkmask_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(auditon_setkmask_failure); +ATF_TC_HEAD(auditon_setkmask_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "auditon(2) call for cmd: A_SETKMASK"); +} + +ATF_TC_BODY(auditon_setkmask_failure, tc) +{ + pid = getpid(); + snprintf(adregex, sizeof(adregex), "set kernel mask.*%d.*failure", pid); + + FILE *pipefd = setup(fds, auclass); + /* Failure reason: Invalid au_mask_t structure */ + ATF_REQUIRE_EQ(-1, auditon(A_SETKMASK, NULL, 0)); + check_audit(fds, adregex, pipefd); +} + +ATF_TC_CLEANUP(auditon_setkmask_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(auditon_getqctrl_success); +ATF_TC_HEAD(auditon_getqctrl_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "auditon(2) call for cmd: A_GETQCTRL"); +} + +ATF_TC_BODY(auditon_getqctrl_success, tc) +{ + pid = getpid(); + au_qctrl_t evqctrl; + snprintf(adregex, sizeof(adregex), "GQCTRL command.*%d.*success", pid); + + bzero(&evqctrl, sizeof(evqctrl)); + FILE *pipefd = setup(fds, auclass); + ATF_REQUIRE_EQ(0, auditon(A_GETQCTRL, &evqctrl, sizeof(evqctrl))); + check_audit(fds, adregex, pipefd); +} + +ATF_TC_CLEANUP(auditon_getqctrl_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(auditon_getqctrl_failure); +ATF_TC_HEAD(auditon_getqctrl_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "auditon(2) call for cmd: A_GETQCTRL"); +} + +ATF_TC_BODY(auditon_getqctrl_failure, tc) +{ + pid = getpid(); + snprintf(adregex, sizeof(adregex), "GQCTRL command.*%d.*failure", pid); + + FILE *pipefd = setup(fds, auclass); + /* Failure reason: Invalid au_qctrl_t structure */ + ATF_REQUIRE_EQ(-1, auditon(A_GETQCTRL, NULL, 0)); + check_audit(fds, adregex, pipefd); +} + +ATF_TC_CLEANUP(auditon_getqctrl_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(auditon_setqctrl_success); +ATF_TC_HEAD(auditon_setqctrl_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "auditon(2) call for cmd: A_SETKMASK"); +} + +ATF_TC_BODY(auditon_setqctrl_success, tc) +{ + pid = getpid(); + au_qctrl_t evqctrl; + snprintf(adregex, sizeof(adregex), "SQCTRL command.*%d.*success", pid); + + /* Retrieve the current audit mask to be used with A_SETQCTRL */ + bzero(&evqctrl, sizeof(evqctrl)); + ATF_REQUIRE_EQ(0, auditon(A_GETQCTRL, &evqctrl, sizeof(evqctrl))); + + FILE *pipefd = setup(fds, auclass); + ATF_REQUIRE_EQ(0, auditon(A_SETQCTRL, &evqctrl, sizeof(evqctrl))); + check_audit(fds, adregex, pipefd); +} + +ATF_TC_CLEANUP(auditon_setqctrl_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(auditon_setqctrl_failure); +ATF_TC_HEAD(auditon_setqctrl_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "auditon(2) call for cmd: A_SETKMASK"); +} + +ATF_TC_BODY(auditon_setqctrl_failure, tc) +{ + pid = getpid(); + snprintf(adregex, sizeof(adregex), "SQCTRL command.*%d.*failure", pid); + + FILE *pipefd = setup(fds, auclass); + /* Failure reason: Invalid au_qctrl_t structure */ + ATF_REQUIRE_EQ(-1, auditon(A_SETQCTRL, NULL, 0)); + check_audit(fds, adregex, pipefd); +} + +ATF_TC_CLEANUP(auditon_setqctrl_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(auditon_getclass_success); +ATF_TC_HEAD(auditon_getclass_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "auditon(2) call for cmd: A_GETCLASS"); +} + +ATF_TC_BODY(auditon_getclass_success, tc) +{ + pid = getpid(); + au_evclass_map_t evclass; + snprintf(adregex, sizeof(adregex), "get event class.*%d.*success", pid); + + /* Initialize evclass to get the event-class mapping for auditon(2) */ + evclass.ec_number = AUE_AUDITON; + evclass.ec_class = 0; + FILE *pipefd = setup(fds, auclass); + ATF_REQUIRE_EQ(0, auditon(A_GETCLASS, &evclass, sizeof(evclass))); + check_audit(fds, adregex, pipefd); +} + +ATF_TC_CLEANUP(auditon_getclass_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(auditon_getclass_failure); +ATF_TC_HEAD(auditon_getclass_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "auditon(2) call for cmd: A_GETCLASS"); +} + +ATF_TC_BODY(auditon_getclass_failure, tc) +{ + pid = getpid(); + snprintf(adregex, sizeof(adregex), "get event class.*%d.*failure", pid); + + FILE *pipefd = setup(fds, auclass); + /* Failure reason: Invalid au_evclass_map_t structure */ + ATF_REQUIRE_EQ(-1, auditon(A_GETCLASS, NULL, 0)); + check_audit(fds, adregex, pipefd); +} + +ATF_TC_CLEANUP(auditon_getclass_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(auditon_setclass_success); +ATF_TC_HEAD(auditon_setclass_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "auditon(2) call for cmd: A_SETCLASS"); +} + +ATF_TC_BODY(auditon_setclass_success, tc) +{ + pid = getpid(); + au_evclass_map_t evclass; + snprintf(adregex, sizeof(adregex), "set event class.*%d.*success", pid); + + /* Initialize evclass and get the event-class mapping for auditon(2) */ + evclass.ec_number = AUE_AUDITON; + evclass.ec_class = 0; + ATF_REQUIRE_EQ(0, auditon(A_GETCLASS, &evclass, sizeof(evclass))); + + FILE *pipefd = setup(fds, auclass); + ATF_REQUIRE_EQ(0, auditon(A_SETCLASS, &evclass, sizeof(evclass))); + check_audit(fds, adregex, pipefd); +} + +ATF_TC_CLEANUP(auditon_setclass_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(auditon_setclass_failure); +ATF_TC_HEAD(auditon_setclass_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "auditon(2) call for cmd: A_SETCLASS"); +} + +ATF_TC_BODY(auditon_setclass_failure, tc) +{ + pid = getpid(); + snprintf(adregex, sizeof(adregex), "set event class.*%d.*failure", pid); + + FILE *pipefd = setup(fds, auclass); + /* Failure reason: Invalid au_evclass_map_t structure */ + ATF_REQUIRE_EQ(-1, auditon(A_SETCLASS, NULL, 0)); + check_audit(fds, adregex, pipefd); +} + +ATF_TC_CLEANUP(auditon_setclass_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(auditon_getcond_success); +ATF_TC_HEAD(auditon_getcond_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "auditon(2) call for cmd: A_GETCOND"); +} + +ATF_TC_BODY(auditon_getcond_success, tc) +{ + int auditcond; + pid = getpid(); + snprintf(adregex, sizeof(adregex), "get audit state.*%d.*success", pid); + + FILE *pipefd = setup(fds, auclass); + ATF_REQUIRE_EQ(0, auditon(A_GETCOND, &auditcond, sizeof(auditcond))); + check_audit(fds, adregex, pipefd); +} + +ATF_TC_CLEANUP(auditon_getcond_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(auditon_getcond_failure); +ATF_TC_HEAD(auditon_getcond_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "auditon(2) call for cmd: A_GETCOND"); +} + +ATF_TC_BODY(auditon_getcond_failure, tc) +{ + pid = getpid(); + snprintf(adregex, sizeof(adregex), "get audit state.*%d.*failure", pid); + + FILE *pipefd = setup(fds, auclass); + /* Failure reason: Invalid argument */ + ATF_REQUIRE_EQ(-1, auditon(A_GETCOND, NULL, 0)); + check_audit(fds, adregex, pipefd); +} + +ATF_TC_CLEANUP(auditon_getcond_failure, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(auditon_setcond_success); +ATF_TC_HEAD(auditon_setcond_success, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " + "auditon(2) call for cmd: A_SETCOND"); +} + +ATF_TC_BODY(auditon_setcond_success, tc) +{ + int auditcond = AUC_AUDITING; + pid = getpid(); + snprintf(adregex, sizeof(adregex), "set audit state.*%d.*success", pid); + + FILE *pipefd = setup(fds, auclass); + /* At this point auditd is running, so the audit state is AUC_AUDITING */ + ATF_REQUIRE_EQ(0, auditon(A_SETCOND, &auditcond, sizeof(auditcond))); + check_audit(fds, adregex, pipefd); +} + +ATF_TC_CLEANUP(auditon_setcond_success, tc) +{ + cleanup(); +} + + +ATF_TC_WITH_CLEANUP(auditon_setcond_failure); +ATF_TC_HEAD(auditon_setcond_failure, tc) +{ + atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " + "auditon(2) call for cmd: A_SETCOND"); +} + +ATF_TC_BODY(auditon_setcond_failure, tc) +{ + pid = getpid(); + snprintf(adregex, sizeof(adregex), "set audit state.*%d.*failure", pid); + + FILE *pipefd = setup(fds, auclass); + /* Failure reason: Invalid argument */ + ATF_REQUIRE_EQ(-1, auditon(A_SETCOND, NULL, 0)); + check_audit(fds, adregex, pipefd); +} + +ATF_TC_CLEANUP(auditon_setcond_failure, tc) +{ + cleanup(); +} + + /* * Audit of reboot(2) cannot be tested in normal conditions as we don't want * to reboot the system while running the tests @@ -958,11 +1408,8 @@ ATF_TP_ADD_TC(tp, nfs_getfh_failure); ATF_TP_ADD_TC(tp, acct_success); ATF_TP_ADD_TC(tp, acct_failure); - ATF_TP_ADD_TC(tp, auditctl_success); ATF_TP_ADD_TC(tp, auditctl_failure); - ATF_TP_ADD_TC(tp, auditon_success); - ATF_TP_ADD_TC(tp, auditon_failure); ATF_TP_ADD_TC(tp, getauid_success); ATF_TP_ADD_TC(tp, getauid_failure); @@ -978,6 +1425,31 @@ ATF_TP_ADD_TC(tp, getaudit_addr_failure); ATF_TP_ADD_TC(tp, setaudit_addr_success); ATF_TP_ADD_TC(tp, setaudit_addr_failure); + + ATF_TP_ADD_TC(tp, auditon_getpolicy_success); + ATF_TP_ADD_TC(tp, auditon_getpolicy_failure); + ATF_TP_ADD_TC(tp, auditon_setpolicy_success); + ATF_TP_ADD_TC(tp, auditon_setpolicy_failure); + + ATF_TP_ADD_TC(tp, auditon_getkmask_success); + ATF_TP_ADD_TC(tp, auditon_getkmask_failure); + ATF_TP_ADD_TC(tp, auditon_setkmask_success); + ATF_TP_ADD_TC(tp, auditon_setkmask_failure); + + ATF_TP_ADD_TC(tp, auditon_getqctrl_success); + ATF_TP_ADD_TC(tp, auditon_getqctrl_failure); + ATF_TP_ADD_TC(tp, auditon_setqctrl_success); + ATF_TP_ADD_TC(tp, auditon_setqctrl_failure); + + ATF_TP_ADD_TC(tp, auditon_getclass_success); + ATF_TP_ADD_TC(tp, auditon_getclass_failure); + ATF_TP_ADD_TC(tp, auditon_setclass_success); + ATF_TP_ADD_TC(tp, auditon_setclass_failure); + + ATF_TP_ADD_TC(tp, auditon_getcond_success); + ATF_TP_ADD_TC(tp, auditon_getcond_failure); + ATF_TP_ADD_TC(tp, auditon_setcond_success); + ATF_TP_ADD_TC(tp, auditon_setcond_failure); ATF_TP_ADD_TC(tp, reboot_failure); ATF_TP_ADD_TC(tp, quotactl_failure);