Page MenuHomeFreeBSD
Differential D15898 Diff 44531 tests/sys/audit/administrative.c

Changeset View

Standalone View

View Options

tests/sys/audit/administrative.c

Show All 21 Lines
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* SUCH DAMAGE. * SUCH DAMAGE.
* *
* $FreeBSD$ * $FreeBSD$
*/ */
#include <sys/param.h> #include <sys/param.h>
#include <sys/mount.h> #include <sys/mount.h>
#include <sys/reboot.h>
#include <sys/stat.h>
#include <sys/sysctl.h>
#include <sys/time.h> #include <sys/time.h>
#include <sys/timespec.h>
#include <sys/timex.h>
#include <bsm/audit.h>
#include <ufs/ufs/quota.h>
#include <atf-c.h> #include <atf-c.h>
#include <fcntl.h> #include <fcntl.h>
#include <stdlib.h>
#include <time.h>
#include <unistd.h> #include <unistd.h>
#include "utils.h" #include "utils.h"
static pid_t pid; static pid_t pid;
static int filedesc; static int filedesc;
static mode_t mode = 0777; static mode_t mode = 0777;
static struct pollfd fds[1]; static struct pollfd fds[1];
static char adregex[80]; static char adregex[80];
static const char *auclass = "ad"; static const char *auclass = "ad";
static const char *path = "fileforaudit"; static const char *path = "fileforaudit";
static const char *successreg = "fileforaudit.*return,success";
ATF_TC_WITH_CLEANUP(settimeofday_success); ATF_TC_WITH_CLEANUP(settimeofday_success);
ATF_TC_HEAD(settimeofday_success, tc) ATF_TC_HEAD(settimeofday_success, tc)
{ {
atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
"settimeofday(2) call"); "settimeofday(2) call");
} }
▲ Show 20 LinesShow All 43 Lines▼ Show 20 Lines
} }
ATF_TC_CLEANUP(settimeofday_failure, tc) ATF_TC_CLEANUP(settimeofday_failure, tc)
{ {
cleanup(); cleanup();
} }
ATF_TC_WITH_CLEANUP(clock_settime_success);
ATF_TC_HEAD(clock_settime_success, tc)
{
atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
"clock_settime(2) call");
}
ATF_TC_BODY(clock_settime_success, tc)
{
pid = getpid();
snprintf(adregex, sizeof(adregex), "clock_settime.*%d.*success", pid);
struct timespec tp;
ATF_REQUIRE_EQ(0, clock_gettime(CLOCK_REALTIME, &tp));
FILE *pipefd = setup(fds, auclass);
/* Setting the same time as obtained by clock_gettime(2) */
ATF_REQUIRE_EQ(0, clock_settime(CLOCK_REALTIME, &tp));
check_audit(fds, adregex, pipefd);
}
ATF_TC_CLEANUP(clock_settime_success, tc)
{
cleanup();
}
ATF_TC_WITH_CLEANUP(clock_settime_failure);
ATF_TC_HEAD(clock_settime_failure, tc)
{
atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
"clock_settime(2) call");
}
ATF_TC_BODY(clock_settime_failure, tc)
{
pid = getpid();
snprintf(adregex, sizeof(adregex), "clock_settime.*%d.*failure", pid);
struct timespec tp;
ATF_REQUIRE_EQ(0, clock_gettime(CLOCK_MONOTONIC, &tp));
FILE *pipefd = setup(fds, auclass);
/* Failure reason: cannot use CLOCK_MONOTONIC to set the system time */
ATF_REQUIRE_EQ(-1, clock_settime(CLOCK_MONOTONIC, &tp));
check_audit(fds, adregex, pipefd);
}
ATF_TC_CLEANUP(clock_settime_failure, tc)
{
cleanup();
}
ATF_TC_WITH_CLEANUP(adjtime_success); ATF_TC_WITH_CLEANUP(adjtime_success);
ATF_TC_HEAD(adjtime_success, tc) ATF_TC_HEAD(adjtime_success, tc)
{ {
atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
"adjtime(2) call"); "adjtime(2) call");
} }
ATF_TC_BODY(adjtime_success, tc) ATF_TC_BODY(adjtime_success, tc)
{ {
pid = getpid(); pid = getpid();
snprintf(adregex, sizeof(adregex), "adjtime.*%d.*return,success", pid); snprintf(adregex, sizeof(adregex), "adjtime.*%d.*return,success", pid);
FILE *pipefd = setup(fds, auclass); FILE *pipefd = setup(fds, auclass);
/* We don't want to change the system time, hence NULL */ /* We don't want to change the system time, hence NULL */
ATF_REQUIRE_EQ(0, adjtime(NULL,NULL)); ATF_REQUIRE_EQ(0, adjtime(NULL, NULL));
check_audit(fds, adregex, pipefd); check_audit(fds, adregex, pipefd);
} }
ATF_TC_CLEANUP(adjtime_success, tc) ATF_TC_CLEANUP(adjtime_success, tc)
{ {
cleanup(); cleanup();
} }
Show All 16 Lines
} }
ATF_TC_CLEANUP(adjtime_failure, tc) ATF_TC_CLEANUP(adjtime_failure, tc)
{ {
cleanup(); cleanup();
} }
ATF_TC_WITH_CLEANUP(ntp_adjtime_success);
ATF_TC_HEAD(ntp_adjtime_success, tc)
{
atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
"ntp_adjtime(2) call");
}
ATF_TC_BODY(ntp_adjtime_success, tc)
{
struct timex timebuff;
bzero(&timebuff, sizeof(timebuff));
pid = getpid();
snprintf(adregex, sizeof(adregex), "ntp_adjtime.*%d.*success", pid);
asomersUnsubmitted
Done
Inline Actions

timebuff is used uninitialized.

asomers: timebuff is used uninitialized.
aniketpAuthorUnsubmitted
Done
Inline Actions

Is it not supposed to be filled by ntp_adjtime(2). That is what man-page suggested.

aniketp: Is it not supposed to be filled by `ntp_adjtime(2)`. That is what man-page suggested.
asomersUnsubmitted
Done
Inline Actions

No, you're misreading it. That argument is provided from userland to the kernel.

asomers: No, you're misreading it. That argument is provided from userland to the kernel.
FILE *pipefd = setup(fds, auclass);
ATF_REQUIRE(ntp_adjtime(&timebuff) != -1);
check_audit(fds, adregex, pipefd);
}
ATF_TC_CLEANUP(ntp_adjtime_success, tc)
{
cleanup();
}
ATF_TC_WITH_CLEANUP(ntp_adjtime_failure);
ATF_TC_HEAD(ntp_adjtime_failure, tc)
{
atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
"ntp_adjtime(2) call");
}
ATF_TC_BODY(ntp_adjtime_failure, tc)
{
pid = getpid();
snprintf(adregex, sizeof(adregex), "ntp_adjtime.*%d.*failure", pid);
FILE *pipefd = setup(fds, auclass);
ATF_REQUIRE_EQ(-1, ntp_adjtime(NULL));
check_audit(fds, adregex, pipefd);
}
ATF_TC_CLEANUP(ntp_adjtime_failure, tc)
{
cleanup();
}
ATF_TC_WITH_CLEANUP(nfs_getfh_success); ATF_TC_WITH_CLEANUP(nfs_getfh_success);
ATF_TC_HEAD(nfs_getfh_success, tc) ATF_TC_HEAD(nfs_getfh_success, tc)
{ {
atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
"getfh(2) call"); "getfh(2) call");
} }
ATF_TC_BODY(nfs_getfh_success, tc) ATF_TC_BODY(nfs_getfh_success, tc)
Show All 35 Lines
} }
ATF_TC_CLEANUP(nfs_getfh_failure, tc) ATF_TC_CLEANUP(nfs_getfh_failure, tc)
{ {
cleanup(); cleanup();
} }
ATF_TC_WITH_CLEANUP(auditctl_success);
ATF_TC_HEAD(auditctl_success, tc)
{
atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
"auditctl(2) call");
}
ATF_TC_BODY(auditctl_success, tc)
{
/* File needs to exist in order to call auditctl(2) */
ATF_REQUIRE((filedesc = open(path, O_CREAT | O_WRONLY, mode)) != -1);
FILE *pipefd = setup(fds, auclass);
ATF_REQUIRE_EQ(0, auditctl(path));
asomersUnsubmitted
Done
Inline Actions

What happens to the system's audit trail after this command? Does it keep recording the stuff in /var/audit?

asomers: What happens to the system's audit trail after this command? Does it keep recording the stuff…
aniketpAuthorUnsubmitted
Done
Inline Actions

After I call auditctl(2) myself, auditing starts in my configured path rather than /var/audit.
But when the audit daemon is stopped and started. Process resumes in /var/audit

Actually:
When the auditd(8) is not already running, everything works fine after running the tests. But on the other side, auditing in /var/audit stops.

So basically, to make everything work normally, we'll have to stop and start auditd8) again. (I verified this behaviour using an independent program).

aniketp: After I call `auditctl(2)` myself, auditing starts in my configured path rather than /var/audit.
asomersUnsubmitted
Done
Inline Actions

Tough call. Do we skip the test if auditd is already running? Or do we run it anyway, but make sure to restart auditd in the cleanup? I'm leaning toward the latter, even though it will cause a short disruption to the system-wide audit trail. My reasoning is that none of the ATF tests should be run in a production environment, so a brief audit-trail disruption should be ok.

asomers: Tough call. Do we skip the test if auditd is already running? Or do we run it anyway, but…
check_audit(fds, successreg, pipefd);
close(filedesc);
}
ATF_TC_CLEANUP(auditctl_success, tc)
{
/*
* auditctl(2) disables audit log at /var/audit and initiates auditing
* at the configured path. To reset this, we need to stop and start the
* auditd(8) again. Here, we check if auditd(8) was running already
* before the test started. If so, we stop and start it again.
*/
system("service auditd onestop > /dev/null 2>&1");
if (!atf_utils_file_exists("started_auditd"))
system("service auditd onestart > /dev/null 2>&1");
}
ATF_TC_WITH_CLEANUP(auditctl_failure);
ATF_TC_HEAD(auditctl_failure, tc)
{
atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
"auditctl(2) call");
}
ATF_TC_BODY(auditctl_failure, tc)
{
pid = getpid();
snprintf(adregex, sizeof(adregex), "auditctl.*%d.*return,failure", pid);
FILE *pipefd = setup(fds, auclass);
/* Failure reason: file does not exist */
ATF_REQUIRE_EQ(-1, auditctl(NULL));
check_audit(fds, adregex, pipefd);
}
ATF_TC_CLEANUP(auditctl_failure, tc)
{
cleanup();
}
ATF_TC_WITH_CLEANUP(auditon_success);
ATF_TC_HEAD(auditon_success, tc)
{
atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
"auditon(2) call");
}
ATF_TC_BODY(auditon_success, tc)
{
pid = getpid();
au_evclass_map_t evclass;
snprintf(adregex, sizeof(adregex), "auditon.*%d.*return,success", pid);
FILE *pipefd = setup(fds, auclass);
ATF_REQUIRE_EQ(0, auditon(A_GETCLASS, &evclass, sizeof(&evclass)));
asomersUnsubmitted
Done
Inline Actions

evclass is used uninitialized here.

asomers: evclass is used uninitialized here.
asomersUnsubmitted
Done
Inline Actions

You should initialize ec_class too, even though current kernel code doesn't use it. Otherwise, tools like Coverity will detect this as a use of uninitialized data. Anything will work. Either bzero, or an explicit value.

asomers: You should initialize `ec_class` too, even though current kernel code doesn't use it.
check_audit(fds, adregex, pipefd);
}
ATF_TC_CLEANUP(auditon_success, tc)
{
cleanup();
}
asomersUnsubmitted
Done
Inline Actions

It's not useful to document that the file is conditional; the condition one line above makes that clear. If you're going to document it, it should be to highlight its role in the cleanup function.

asomers: It's not useful to document that the file is conditional; the condition one line above makes…
ATF_TC_WITH_CLEANUP(auditon_failure);
ATF_TC_HEAD(auditon_failure, tc)
{
atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
"auditon(2) call");
}
ATF_TC_BODY(auditon_failure, tc)
{
pid = getpid();
asomersUnsubmitted
Done
Inline Actions

Why go to so much effort not to enable accounting? It would be simpler to make acctpath a constant. It will be deleted anyway at the end of the test.

asomers: Why go to so much effort not to enable accounting? It would be simpler to make acctpath a…
snprintf(adregex, sizeof(adregex), "auditon.*%d.*return,failure", pid);
FILE *pipefd = setup(fds, auclass);
/* Failure reason: Invalid au_evclass_map_t structure */
ATF_REQUIRE_EQ(-1, auditon(A_GETCLASS, NULL, 0));
check_audit(fds, adregex, pipefd);
}
ATF_TC_CLEANUP(auditon_failure, tc)
{
asomersUnsubmitted
Done
Inline Actions

Pro tip: if you initialize filedesc2 to -1, then you can unconditionally close it and ignore the return value. However, in this case it would be better to move the close statement up to line 336, immediately after opening it.

asomers: Pro tip: if you initialize filedesc2 to -1, then you can unconditionally close it and ignore…
cleanup();
asomersUnsubmitted
Done
Inline Actions

You can't do cleanup in the test body, because it won't run if the test fails. You need to move this to the cleanup function.

asomers: You can't do cleanup in the test body, because it won't run if the test fails. You need to…
}
ATF_TC_WITH_CLEANUP(acct_success);
ATF_TC_HEAD(acct_success, tc)
{
atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
"acct(2) call");
}
ATF_TC_BODY(acct_success, tc)
{
int acctinfo, filedesc2;
size_t len = sizeof(acctinfo);
const char *acctname = "kern.acct_configured";
ATF_REQUIRE_EQ(0, sysctlbyname(acctname, &acctinfo, &len, NULL, 0));
/* File needs to exist to start system accounting */
ATF_REQUIRE((filedesc = open(path, O_CREAT | O_RDWR, mode)) != -1);
/*
* acctinfo = 0: System accounting was disabled
* acctinfo = 1: System accounting was enabled
*/
if (acctinfo) {
ATF_REQUIRE((filedesc2 = open("acct_ok", O_CREAT, mode)) != -1);
close(filedesc2);
}
pid = getpid();
snprintf(adregex, sizeof(adregex),
"acct.*%s.*%d.*return,success", path, pid);
/*
* We temporarily switch the accounting record to a file at
* our own configured path in order to confirm acct(2)'s successful
* auditing. Then we set everything back to its original state.
*/
FILE *pipefd = setup(fds, auclass);
ATF_REQUIRE_EQ(0, acct(path));
check_audit(fds, adregex, pipefd);
close(filedesc);
}
ATF_TC_CLEANUP(acct_success, tc)
{
/* Reset accounting configured path */
ATF_REQUIRE_EQ(0, system("service accounting onestop"));
if (atf_utils_file_exists("acct_ok")) {
ATF_REQUIRE_EQ(0, system("service accounting onestart"));
}
cleanup();
}
ATF_TC_WITH_CLEANUP(acct_failure);
ATF_TC_HEAD(acct_failure, tc)
{
atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
"acct(2) call");
}
ATF_TC_BODY(acct_failure, tc)
{
pid = getpid();
snprintf(adregex, sizeof(adregex), "acct.*%d.*return,failure", pid);
FILE *pipefd = setup(fds, auclass);
/* Failure reason: File does not exist */
ATF_REQUIRE_EQ(-1, acct(path));
check_audit(fds, adregex, pipefd);
}
ATF_TC_CLEANUP(acct_failure, tc)
{
cleanup();
}
ATF_TC_WITH_CLEANUP(getauid_success); ATF_TC_WITH_CLEANUP(getauid_success);
ATF_TC_HEAD(getauid_success, tc) ATF_TC_HEAD(getauid_success, tc)
{ {
atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
"getauid(2) call"); "getauid(2) call");
} }
ATF_TC_BODY(getauid_success, tc) ATF_TC_BODY(getauid_success, tc)
▲ Show 20 LinesShow All 279 Lines▼ Show 20 Lines
} }
ATF_TC_CLEANUP(setaudit_addr_failure, tc) ATF_TC_CLEANUP(setaudit_addr_failure, tc)
{ {
cleanup(); cleanup();
} }
/*
* Audit of reboot(2) cannot be tested in normal conditions as we don't want
* to reboot the system while running the tests
*/
ATF_TC_WITH_CLEANUP(reboot_failure);
ATF_TC_HEAD(reboot_failure, tc)
{
atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
"reboot(2) call");
}
ATF_TC_BODY(reboot_failure, tc)
{
pid = getpid();
snprintf(adregex, sizeof(adregex), "reboot.*%d.*return,failure", pid);
FILE *pipefd = setup(fds, auclass);
ATF_REQUIRE_EQ(-1, reboot(-1));
check_audit(fds, adregex, pipefd);
}
ATF_TC_CLEANUP(reboot_failure, tc)
{
cleanup();
}
/*
* Audit of quotactl(2) cannot be tested in normal conditions as we don't want
* to tamper with filesystem quotas
asomersUnsubmitted
Done
Inline Actions

If we're going to temporarily disrupt the audit trail, then we may as well disrupt process accounting, too. You can check whether accounting is enabled with the kern.acct_configured sysctl. Then, during cleanup, either do "service accounting onestop" (if it wasn't enabled) or "service accounting restart" (if it was).

asomers: If we're going to temporarily disrupt the audit trail, then we may as well disrupt process…
*/
ATF_TC_WITH_CLEANUP(quotactl_failure);
ATF_TC_HEAD(quotactl_failure, tc)
{
atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
"quotactl(2) call");
}
ATF_TC_BODY(quotactl_failure, tc)
{
pid = getpid();
snprintf(adregex, sizeof(adregex), "quotactl.*%d.*return,failure", pid);
FILE *pipefd = setup(fds, auclass);
ATF_REQUIRE_EQ(-1, quotactl(NULL, 0, 0, NULL));
check_audit(fds, adregex, pipefd);
}
ATF_TC_CLEANUP(quotactl_failure, tc)
{
cleanup();
}
ATF_TC_WITH_CLEANUP(mount_failure);
ATF_TC_HEAD(mount_failure, tc)
asomersUnsubmitted
Done
Inline Actions

Can't you test quotactl successfully using the non-destructive Q_GETQUOTASIZE, Q_GETQUOTA, or Q_SYNC commands?

asomers: Can't you test quotactl successfully using the non-destructive `Q_GETQUOTASIZE`, `Q_GETQUOTA`…
aniketpAuthorUnsubmitted
Done
Inline Actions
int size;
if (quotactl("/", Q_GETQUOTASIZE, 0, &size) < 0)
        perror("quotactl");

outputs:
quotactl: Invalid argument

From the man-page, it looks like the error is because the filesystem quota is not already enabled on my system

MAN
The cmd argument or the command type is invalid.  In
Q_GETQUOTASIZE, Q_GETQUOTA, Q_SETQUOTA, and Q_SETUSE,
quotas are not currently enabled for this file system.
aniketp: ``` int size; if (quotactl("/", Q_GETQUOTASIZE, 0, &size) < 0) perror("quotactl"); ```…
asomersUnsubmitted
Done
Inline Actions

Does that even happen for Q_SYNC?

asomers: Does that even happen for `Q_SYNC`?
{
atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
"mount(2) call");
}
ATF_TC_BODY(mount_failure, tc)
{
pid = getpid();
snprintf(adregex, sizeof(adregex), "mount.*%d.*return,failure", pid);
FILE *pipefd = setup(fds, auclass);
ATF_REQUIRE_EQ(-1, mount(NULL, NULL, 0, NULL));
check_audit(fds, adregex, pipefd);
}
ATF_TC_CLEANUP(mount_failure, tc)
{
cleanup();
}
ATF_TC_WITH_CLEANUP(nmount_failure);
ATF_TC_HEAD(nmount_failure, tc)
{
atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
"nmount(2) call");
}
ATF_TC_BODY(nmount_failure, tc)
asomersUnsubmitted
Not Done
Inline Actions

Actually, you can mount a filesystem. nullfs would work, for example. But be sure to unmount it during the cleanup!

asomers: Actually, you can mount a filesystem. nullfs would work, for example. But be sure to unmount…
asomersUnsubmitted
Not Done
Inline Actions

Are you still working on mounting a filesystem?

asomers: Are you still working on mounting a filesystem?
aniketpAuthorUnsubmitted
Not Done
Inline Actions

I've been trying out numerous variations of commands to see if they execute successfully for mount(2) and nmount(2).

Whenever I get the "type" right, i.e either "nullfs" or "tmpfs", Any other set of command outputs Operation not supported.
For the wrong types, I expectedly get invalid argument

aniketp: I've been trying out numerous variations of commands to see if they execute successfully for…
{
pid = getpid();
snprintf(adregex, sizeof(adregex), "nmount.*%d.*return,failure", pid);
FILE *pipefd = setup(fds, auclass);
ATF_REQUIRE_EQ(-1, nmount(NULL, 0, 0));
check_audit(fds, adregex, pipefd);
}
ATF_TC_CLEANUP(nmount_failure, tc)
{
cleanup();
}
ATF_TC_WITH_CLEANUP(swapon_failure);
ATF_TC_HEAD(swapon_failure, tc)
{
atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
"swapon(2) call");
}
ATF_TC_BODY(swapon_failure, tc)
{
pid = getpid();
snprintf(adregex, sizeof(adregex), "swapon.*%d.*return,failure", pid);
FILE *pipefd = setup(fds, auclass);
/* Failure reason: Block device required */
ATF_REQUIRE_EQ(-1, swapon(path));
check_audit(fds, adregex, pipefd);
}
ATF_TC_CLEANUP(swapon_failure, tc)
{
cleanup();
}
ATF_TC_WITH_CLEANUP(swapoff_failure);
ATF_TC_HEAD(swapoff_failure, tc)
{
atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
"swapoff(2) call");
}
ATF_TC_BODY(swapoff_failure, tc)
{
pid = getpid();
snprintf(adregex, sizeof(adregex), "swapoff.*%d.*return,failure", pid);
FILE *pipefd = setup(fds, auclass);
/* Failure reason: Block device required */
ATF_REQUIRE_EQ(-1, swapoff(path));
check_audit(fds, adregex, pipefd);
}
ATF_TC_CLEANUP(swapoff_failure, tc)
{
cleanup();
}
ATF_TP_ADD_TCS(tp) ATF_TP_ADD_TCS(tp)
{ {
ATF_TP_ADD_TC(tp, settimeofday_success); ATF_TP_ADD_TC(tp, settimeofday_success);
ATF_TP_ADD_TC(tp, settimeofday_failure); ATF_TP_ADD_TC(tp, settimeofday_failure);
ATF_TP_ADD_TC(tp, clock_settime_success);
ATF_TP_ADD_TC(tp, clock_settime_failure);
ATF_TP_ADD_TC(tp, adjtime_success); ATF_TP_ADD_TC(tp, adjtime_success);
ATF_TP_ADD_TC(tp, adjtime_failure); ATF_TP_ADD_TC(tp, adjtime_failure);
ATF_TP_ADD_TC(tp, ntp_adjtime_success);
ATF_TP_ADD_TC(tp, ntp_adjtime_failure);
ATF_TP_ADD_TC(tp, nfs_getfh_success); ATF_TP_ADD_TC(tp, nfs_getfh_success);
ATF_TP_ADD_TC(tp, nfs_getfh_failure); ATF_TP_ADD_TC(tp, nfs_getfh_failure);
ATF_TP_ADD_TC(tp, acct_success);
ATF_TP_ADD_TC(tp, acct_failure);
ATF_TP_ADD_TC(tp, auditctl_success);
ATF_TP_ADD_TC(tp, auditctl_failure);
ATF_TP_ADD_TC(tp, auditon_success);
ATF_TP_ADD_TC(tp, auditon_failure);
ATF_TP_ADD_TC(tp, getauid_success); ATF_TP_ADD_TC(tp, getauid_success);
ATF_TP_ADD_TC(tp, getauid_failure); ATF_TP_ADD_TC(tp, getauid_failure);
ATF_TP_ADD_TC(tp, setauid_success); ATF_TP_ADD_TC(tp, setauid_success);
ATF_TP_ADD_TC(tp, setauid_failure); ATF_TP_ADD_TC(tp, setauid_failure);
ATF_TP_ADD_TC(tp, getaudit_success); ATF_TP_ADD_TC(tp, getaudit_success);
ATF_TP_ADD_TC(tp, getaudit_failure); ATF_TP_ADD_TC(tp, getaudit_failure);
ATF_TP_ADD_TC(tp, setaudit_success); ATF_TP_ADD_TC(tp, setaudit_success);
ATF_TP_ADD_TC(tp, setaudit_failure); ATF_TP_ADD_TC(tp, setaudit_failure);
ATF_TP_ADD_TC(tp, getaudit_addr_success); ATF_TP_ADD_TC(tp, getaudit_addr_success);
ATF_TP_ADD_TC(tp, getaudit_addr_failure); ATF_TP_ADD_TC(tp, getaudit_addr_failure);
ATF_TP_ADD_TC(tp, setaudit_addr_success); ATF_TP_ADD_TC(tp, setaudit_addr_success);
ATF_TP_ADD_TC(tp, setaudit_addr_failure); ATF_TP_ADD_TC(tp, setaudit_addr_failure);
ATF_TP_ADD_TC(tp, reboot_failure);
ATF_TP_ADD_TC(tp, quotactl_failure);
ATF_TP_ADD_TC(tp, mount_failure);
ATF_TP_ADD_TC(tp, nmount_failure);
ATF_TP_ADD_TC(tp, swapon_failure);
ATF_TP_ADD_TC(tp, swapoff_failure);
return (atf_no_error()); return (atf_no_error());
} }