2 * Copyright (c) 2018 Aniket Pandey
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
7 * 1. Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * 2. Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution.
13 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
14 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
15 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
16 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
17 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
18 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
19 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 #include <sys/param.h>
27 #include <sys/mount.h>
28 #include <sys/reboot.h>
30 #include <sys/sysctl.h>
32 #include <sys/timespec.h>
33 #include <sys/timex.h>
35 #include <bsm/audit.h>
36 #include <bsm/audit_kevents.h>
37 #include <ufs/ufs/quota.h>
50 /* Default argument for handling ENOSYS in auditon(2) functions */
51 static int auditon_def = 0;
52 static mode_t mode = 0777;
53 static struct pollfd fds[1];
54 static char adregex[80];
55 static const char *auclass = "ad";
56 static const char *path = "fileforaudit";
57 static const char *successreg = "fileforaudit.*return,success";
60 ATF_TC_WITH_CLEANUP(settimeofday_success);
61 ATF_TC_HEAD(settimeofday_success, tc)
63 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
64 "settimeofday(2) call");
67 ATF_TC_BODY(settimeofday_success, tc)
70 snprintf(adregex, sizeof(adregex), "settimeofday.*%d.*success", pid);
74 ATF_REQUIRE_EQ(0, gettimeofday(&tp, &tzp));
76 FILE *pipefd = setup(fds, auclass);
77 /* Setting the same time as obtained by gettimeofday(2) */
78 ATF_REQUIRE_EQ(0, settimeofday(&tp, &tzp));
79 check_audit(fds, adregex, pipefd);
82 ATF_TC_CLEANUP(settimeofday_success, tc)
88 ATF_TC_WITH_CLEANUP(settimeofday_failure);
89 ATF_TC_HEAD(settimeofday_failure, tc)
91 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
92 "settimeofday(2) call");
95 ATF_TC_BODY(settimeofday_failure, tc)
98 snprintf(adregex, sizeof(adregex), "settimeofday.*%d.*failure", pid);
102 ATF_REQUIRE_EQ(0, gettimeofday(&tp, &tzp));
104 FILE *pipefd = setup(fds, auclass);
106 /* Failure reason: Invalid value for tp.tv_sec; */
107 ATF_REQUIRE_EQ(-1, settimeofday(&tp, &tzp));
108 check_audit(fds, adregex, pipefd);
111 ATF_TC_CLEANUP(settimeofday_failure, tc)
117 ATF_TC_WITH_CLEANUP(clock_settime_success);
118 ATF_TC_HEAD(clock_settime_success, tc)
120 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
121 "clock_settime(2) call");
124 ATF_TC_BODY(clock_settime_success, tc)
127 snprintf(adregex, sizeof(adregex), "clock_settime.*%d.*success", pid);
130 ATF_REQUIRE_EQ(0, clock_gettime(CLOCK_REALTIME, &tp));
132 FILE *pipefd = setup(fds, auclass);
133 /* Setting the same time as obtained by clock_gettime(2) */
134 ATF_REQUIRE_EQ(0, clock_settime(CLOCK_REALTIME, &tp));
135 check_audit(fds, adregex, pipefd);
138 ATF_TC_CLEANUP(clock_settime_success, tc)
144 ATF_TC_WITH_CLEANUP(clock_settime_failure);
145 ATF_TC_HEAD(clock_settime_failure, tc)
147 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
148 "clock_settime(2) call");
151 ATF_TC_BODY(clock_settime_failure, tc)
154 snprintf(adregex, sizeof(adregex), "clock_settime.*%d.*failure", pid);
157 ATF_REQUIRE_EQ(0, clock_gettime(CLOCK_MONOTONIC, &tp));
159 FILE *pipefd = setup(fds, auclass);
160 /* Failure reason: cannot use CLOCK_MONOTONIC to set the system time */
161 ATF_REQUIRE_EQ(-1, clock_settime(CLOCK_MONOTONIC, &tp));
162 check_audit(fds, adregex, pipefd);
165 ATF_TC_CLEANUP(clock_settime_failure, tc)
171 ATF_TC_WITH_CLEANUP(adjtime_success);
172 ATF_TC_HEAD(adjtime_success, tc)
174 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
178 ATF_TC_BODY(adjtime_success, tc)
181 snprintf(adregex, sizeof(adregex), "adjtime.*%d.*return,success", pid);
183 FILE *pipefd = setup(fds, auclass);
184 /* We don't want to change the system time, hence NULL */
185 ATF_REQUIRE_EQ(0, adjtime(NULL, NULL));
186 check_audit(fds, adregex, pipefd);
189 ATF_TC_CLEANUP(adjtime_success, tc)
195 ATF_TC_WITH_CLEANUP(adjtime_failure);
196 ATF_TC_HEAD(adjtime_failure, tc)
198 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
202 ATF_TC_BODY(adjtime_failure, tc)
205 snprintf(adregex, sizeof(adregex), "adjtime.*%d.*return,failure", pid);
207 FILE *pipefd = setup(fds, auclass);
208 ATF_REQUIRE_EQ(-1, adjtime((struct timeval *)(-1), NULL));
209 check_audit(fds, adregex, pipefd);
212 ATF_TC_CLEANUP(adjtime_failure, tc)
218 ATF_TC_WITH_CLEANUP(ntp_adjtime_success);
219 ATF_TC_HEAD(ntp_adjtime_success, tc)
221 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
222 "ntp_adjtime(2) call");
225 ATF_TC_BODY(ntp_adjtime_success, tc)
227 struct timex timebuff;
228 bzero(&timebuff, sizeof(timebuff));
231 snprintf(adregex, sizeof(adregex), "ntp_adjtime.*%d.*success", pid);
233 FILE *pipefd = setup(fds, auclass);
234 ATF_REQUIRE(ntp_adjtime(&timebuff) != -1);
235 check_audit(fds, adregex, pipefd);
238 ATF_TC_CLEANUP(ntp_adjtime_success, tc)
244 ATF_TC_WITH_CLEANUP(ntp_adjtime_failure);
245 ATF_TC_HEAD(ntp_adjtime_failure, tc)
247 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
248 "ntp_adjtime(2) call");
251 ATF_TC_BODY(ntp_adjtime_failure, tc)
254 snprintf(adregex, sizeof(adregex), "ntp_adjtime.*%d.*failure", pid);
256 FILE *pipefd = setup(fds, auclass);
257 ATF_REQUIRE_EQ(-1, ntp_adjtime(NULL));
258 check_audit(fds, adregex, pipefd);
261 ATF_TC_CLEANUP(ntp_adjtime_failure, tc)
267 ATF_TC_WITH_CLEANUP(nfs_getfh_success);
268 ATF_TC_HEAD(nfs_getfh_success, tc)
270 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
274 ATF_TC_BODY(nfs_getfh_success, tc)
278 snprintf(adregex, sizeof(adregex), "nfs_getfh.*%d.*ret.*success", pid);
280 /* File needs to exist to call getfh(2) */
281 ATF_REQUIRE((filedesc = open(path, O_CREAT, mode)) != -1);
282 FILE *pipefd = setup(fds, auclass);
283 ATF_REQUIRE_EQ(0, getfh(path, &fhp));
284 check_audit(fds, adregex, pipefd);
288 ATF_TC_CLEANUP(nfs_getfh_success, tc)
294 ATF_TC_WITH_CLEANUP(nfs_getfh_failure);
295 ATF_TC_HEAD(nfs_getfh_failure, tc)
297 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
301 ATF_TC_BODY(nfs_getfh_failure, tc)
304 snprintf(adregex, sizeof(adregex), "nfs_getfh.*%d.*ret.*failure", pid);
306 FILE *pipefd = setup(fds, auclass);
307 /* Failure reason: file does not exist */
308 ATF_REQUIRE_EQ(-1, getfh(path, NULL));
309 check_audit(fds, adregex, pipefd);
312 ATF_TC_CLEANUP(nfs_getfh_failure, tc)
318 ATF_TC_WITH_CLEANUP(auditctl_success);
319 ATF_TC_HEAD(auditctl_success, tc)
321 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
325 ATF_TC_BODY(auditctl_success, tc)
327 /* File needs to exist in order to call auditctl(2) */
328 ATF_REQUIRE((filedesc = open(path, O_CREAT | O_WRONLY, mode)) != -1);
329 FILE *pipefd = setup(fds, auclass);
330 ATF_REQUIRE_EQ(0, auditctl(path));
331 check_audit(fds, successreg, pipefd);
335 ATF_TC_CLEANUP(auditctl_success, tc)
338 * auditctl(2) disables audit log at /var/audit and initiates auditing
339 * at the configured path. To reset this, we need to stop and start the
340 * auditd(8) again. Here, we check if auditd(8) was running already
341 * before the test started. If so, we stop and start it again.
343 * TODO: should we skip this test if auditd(8) is already running to
344 * avoid restarting it?
346 if (!atf_utils_file_exists("started_fake_auditd")) {
347 system("service auditd onestop > /dev/null 2>&1");
348 system("service auditd onestart > /dev/null 2>&1");
355 ATF_TC_WITH_CLEANUP(auditctl_failure);
356 ATF_TC_HEAD(auditctl_failure, tc)
358 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
362 ATF_TC_BODY(auditctl_failure, tc)
365 snprintf(adregex, sizeof(adregex), "auditctl.*%d.*return,failure", pid);
367 FILE *pipefd = setup(fds, auclass);
368 /* Failure reason: file does not exist */
369 ATF_REQUIRE_EQ(-1, auditctl(NULL));
370 check_audit(fds, adregex, pipefd);
373 ATF_TC_CLEANUP(auditctl_failure, tc)
379 ATF_TC_WITH_CLEANUP(acct_success);
380 ATF_TC_HEAD(acct_success, tc)
382 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
384 atf_tc_set_md_var(tc, "require.files",
385 "/etc/rc.d/accounting /etc/rc.d/auditd");
388 ATF_TC_BODY(acct_success, tc)
390 int acctinfo, filedesc2;
391 size_t len = sizeof(acctinfo);
392 const char *acctname = "kern.acct_configured";
393 ATF_REQUIRE_EQ(0, sysctlbyname(acctname, &acctinfo, &len, NULL, 0));
395 /* File needs to exist to start system accounting */
396 ATF_REQUIRE((filedesc = open(path, O_CREAT | O_RDWR, mode)) != -1);
399 * acctinfo = 0: System accounting was disabled
400 * acctinfo = 1: System accounting was enabled
403 ATF_REQUIRE((filedesc2 = open("acct_ok", O_CREAT, mode)) != -1);
408 snprintf(adregex, sizeof(adregex),
409 "acct.*%s.*%d.*return,success", path, pid);
412 * We temporarily switch the accounting record to a file at
413 * our own configured path in order to confirm acct(2)'s successful
414 * auditing. Then we set everything back to its original state.
416 FILE *pipefd = setup(fds, auclass);
417 ATF_REQUIRE_EQ(0, acct(path));
418 check_audit(fds, adregex, pipefd);
422 ATF_TC_CLEANUP(acct_success, tc)
424 /* Reset accounting configured path */
425 ATF_REQUIRE_EQ(0, system("service accounting onestop"));
426 if (atf_utils_file_exists("acct_ok")) {
427 ATF_REQUIRE_EQ(0, system("service accounting onestart"));
433 ATF_TC_WITH_CLEANUP(acct_failure);
434 ATF_TC_HEAD(acct_failure, tc)
436 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
440 ATF_TC_BODY(acct_failure, tc)
443 snprintf(adregex, sizeof(adregex), "acct.*%d.*return,failure", pid);
445 FILE *pipefd = setup(fds, auclass);
446 /* Failure reason: File does not exist */
447 ATF_REQUIRE_EQ(-1, acct(path));
448 check_audit(fds, adregex, pipefd);
451 ATF_TC_CLEANUP(acct_failure, tc)
457 ATF_TC_WITH_CLEANUP(getauid_success);
458 ATF_TC_HEAD(getauid_success, tc)
460 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
464 ATF_TC_BODY(getauid_success, tc)
468 snprintf(adregex, sizeof(adregex), "getauid.*%d.*return,success", pid);
470 FILE *pipefd = setup(fds, auclass);
471 ATF_REQUIRE_EQ(0, getauid(&auid));
472 check_audit(fds, adregex, pipefd);
475 ATF_TC_CLEANUP(getauid_success, tc)
481 ATF_TC_WITH_CLEANUP(getauid_failure);
482 ATF_TC_HEAD(getauid_failure, tc)
484 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
488 ATF_TC_BODY(getauid_failure, tc)
491 snprintf(adregex, sizeof(adregex), "getauid.*%d.*return,failure", pid);
493 FILE *pipefd = setup(fds, auclass);
494 /* Failure reason: Bad address */
495 ATF_REQUIRE_EQ(-1, getauid(NULL));
496 check_audit(fds, adregex, pipefd);
499 ATF_TC_CLEANUP(getauid_failure, tc)
505 ATF_TC_WITH_CLEANUP(setauid_success);
506 ATF_TC_HEAD(setauid_success, tc)
508 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
512 ATF_TC_BODY(setauid_success, tc)
516 snprintf(adregex, sizeof(adregex), "setauid.*%d.*return,success", pid);
517 ATF_REQUIRE_EQ(0, getauid(&auid));
519 FILE *pipefd = setup(fds, auclass);
520 ATF_REQUIRE_EQ(0, setauid(&auid));
521 check_audit(fds, adregex, pipefd);
524 ATF_TC_CLEANUP(setauid_success, tc)
530 ATF_TC_WITH_CLEANUP(setauid_failure);
531 ATF_TC_HEAD(setauid_failure, tc)
533 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
537 ATF_TC_BODY(setauid_failure, tc)
540 snprintf(adregex, sizeof(adregex), "setauid.*%d.*return,failure", pid);
542 FILE *pipefd = setup(fds, auclass);
543 /* Failure reason: Bad address */
544 ATF_REQUIRE_EQ(-1, setauid(NULL));
545 check_audit(fds, adregex, pipefd);
548 ATF_TC_CLEANUP(setauid_failure, tc)
554 ATF_TC_WITH_CLEANUP(getaudit_success);
555 ATF_TC_HEAD(getaudit_success, tc)
557 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
561 ATF_TC_BODY(getaudit_success, tc)
564 auditinfo_t auditinfo;
565 snprintf(adregex, sizeof(adregex), "getaudit.*%d.*return,success", pid);
567 FILE *pipefd = setup(fds, auclass);
568 ATF_REQUIRE_EQ(0, getaudit(&auditinfo));
569 check_audit(fds, adregex, pipefd);
572 ATF_TC_CLEANUP(getaudit_success, tc)
578 ATF_TC_WITH_CLEANUP(getaudit_failure);
579 ATF_TC_HEAD(getaudit_failure, tc)
581 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
585 ATF_TC_BODY(getaudit_failure, tc)
588 snprintf(adregex, sizeof(adregex), "getaudit.*%d.*return,failure", pid);
590 FILE *pipefd = setup(fds, auclass);
591 /* Failure reason: Bad address */
592 ATF_REQUIRE_EQ(-1, getaudit(NULL));
593 check_audit(fds, adregex, pipefd);
596 ATF_TC_CLEANUP(getaudit_failure, tc)
602 ATF_TC_WITH_CLEANUP(setaudit_success);
603 ATF_TC_HEAD(setaudit_success, tc)
605 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
609 ATF_TC_BODY(setaudit_success, tc)
612 auditinfo_t auditinfo;
613 snprintf(adregex, sizeof(adregex), "setaudit.*%d.*return,success", pid);
614 ATF_REQUIRE_EQ(0, getaudit(&auditinfo));
616 FILE *pipefd = setup(fds, auclass);
617 ATF_REQUIRE_EQ(0, setaudit(&auditinfo));
618 check_audit(fds, adregex, pipefd);
621 ATF_TC_CLEANUP(setaudit_success, tc)
627 ATF_TC_WITH_CLEANUP(setaudit_failure);
628 ATF_TC_HEAD(setaudit_failure, tc)
630 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
634 ATF_TC_BODY(setaudit_failure, tc)
637 snprintf(adregex, sizeof(adregex), "setaudit.*%d.*return,failure", pid);
639 FILE *pipefd = setup(fds, auclass);
640 /* Failure reason: Bad address */
641 ATF_REQUIRE_EQ(-1, setaudit(NULL));
642 check_audit(fds, adregex, pipefd);
645 ATF_TC_CLEANUP(setaudit_failure, tc)
651 ATF_TC_WITH_CLEANUP(getaudit_addr_success);
652 ATF_TC_HEAD(getaudit_addr_success, tc)
654 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
655 "getaudit_addr(2) call");
658 ATF_TC_BODY(getaudit_addr_success, tc)
661 auditinfo_addr_t auditinfo;
662 snprintf(adregex, sizeof(adregex),
663 "getaudit_addr.*%d.*return,success", pid);
665 FILE *pipefd = setup(fds, auclass);
666 ATF_REQUIRE_EQ(0, getaudit_addr(&auditinfo, sizeof(auditinfo)));
667 check_audit(fds, adregex, pipefd);
670 ATF_TC_CLEANUP(getaudit_addr_success, tc)
676 ATF_TC_WITH_CLEANUP(getaudit_addr_failure);
677 ATF_TC_HEAD(getaudit_addr_failure, tc)
679 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
680 "getaudit_addr(2) call");
683 ATF_TC_BODY(getaudit_addr_failure, tc)
686 snprintf(adregex, sizeof(adregex),
687 "getaudit_addr.*%d.*return,failure", pid);
689 FILE *pipefd = setup(fds, auclass);
690 /* Failure reason: Bad address */
691 ATF_REQUIRE_EQ(-1, getaudit_addr(NULL, 0));
692 check_audit(fds, adregex, pipefd);
695 ATF_TC_CLEANUP(getaudit_addr_failure, tc)
701 ATF_TC_WITH_CLEANUP(setaudit_addr_success);
702 ATF_TC_HEAD(setaudit_addr_success, tc)
704 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
705 "setaudit_addr(2) call");
708 ATF_TC_BODY(setaudit_addr_success, tc)
711 auditinfo_addr_t auditinfo;
712 snprintf(adregex, sizeof(adregex),
713 "setaudit_addr.*%d.*return,success", pid);
715 ATF_REQUIRE_EQ(0, getaudit_addr(&auditinfo, sizeof(auditinfo)));
716 FILE *pipefd = setup(fds, auclass);
717 ATF_REQUIRE_EQ(0, setaudit_addr(&auditinfo, sizeof(auditinfo)));
718 check_audit(fds, adregex, pipefd);
721 ATF_TC_CLEANUP(setaudit_addr_success, tc)
727 ATF_TC_WITH_CLEANUP(setaudit_addr_failure);
728 ATF_TC_HEAD(setaudit_addr_failure, tc)
730 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
731 "setaudit_addr(2) call");
734 ATF_TC_BODY(setaudit_addr_failure, tc)
737 snprintf(adregex, sizeof(adregex),
738 "setaudit_addr.*%d.*return,failure", pid);
740 FILE *pipefd = setup(fds, auclass);
741 /* Failure reason: Bad address */
742 ATF_REQUIRE_EQ(-1, setaudit_addr(NULL, 0));
743 check_audit(fds, adregex, pipefd);
746 ATF_TC_CLEANUP(setaudit_addr_failure, tc)
752 * Note: The test-case uses A_GETFSIZE as the command argument but since it is
753 * not an independent audit event, it will be used to check the default mode
754 * auditing of auditon(2) system call.
756 * Please See: sys/security/audit/audit_bsm_klib.c
757 * function(): au_event_t auditon_command_event() :: case A_GETFSIZE:
759 ATF_TC_WITH_CLEANUP(auditon_default_success);
760 ATF_TC_HEAD(auditon_default_success, tc)
762 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
766 ATF_TC_BODY(auditon_default_success, tc)
768 au_fstat_t fsize_arg;
769 bzero(&fsize_arg, sizeof(au_fstat_t));
772 snprintf(adregex, sizeof(adregex), "auditon.*%d.*return,success", pid);
774 FILE *pipefd = setup(fds, auclass);
775 ATF_REQUIRE_EQ(0, auditon(A_GETFSIZE, &fsize_arg, sizeof(fsize_arg)));
776 check_audit(fds, adregex, pipefd);
779 ATF_TC_CLEANUP(auditon_default_success, tc)
785 ATF_TC_WITH_CLEANUP(auditon_default_failure);
786 ATF_TC_HEAD(auditon_default_failure, tc)
788 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
792 ATF_TC_BODY(auditon_default_failure, tc)
795 snprintf(adregex, sizeof(adregex), "auditon.*%d.*return,failure", pid);
797 FILE *pipefd = setup(fds, auclass);
798 /* Failure reason: Invalid argument */
799 ATF_REQUIRE_EQ(-1, auditon(A_GETFSIZE, NULL, 0));
800 check_audit(fds, adregex, pipefd);
803 ATF_TC_CLEANUP(auditon_default_failure, tc)
809 ATF_TC_WITH_CLEANUP(auditon_getpolicy_success);
810 ATF_TC_HEAD(auditon_getpolicy_success, tc)
812 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
813 "auditon(2) call for cmd: A_GETPOLICY");
816 ATF_TC_BODY(auditon_getpolicy_success, tc)
820 snprintf(adregex, sizeof(adregex), "GPOLICY command.*%d.*success", pid);
822 FILE *pipefd = setup(fds, auclass);
823 ATF_REQUIRE_EQ(0, auditon(A_GETPOLICY, &aupolicy, sizeof(aupolicy)));
824 check_audit(fds, adregex, pipefd);
827 ATF_TC_CLEANUP(auditon_getpolicy_success, tc)
833 ATF_TC_WITH_CLEANUP(auditon_getpolicy_failure);
834 ATF_TC_HEAD(auditon_getpolicy_failure, tc)
836 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
837 "auditon(2) call for cmd: A_GETPOLICY");
840 ATF_TC_BODY(auditon_getpolicy_failure, tc)
843 snprintf(adregex, sizeof(adregex), "GPOLICY command.*%d.*failure", pid);
845 FILE *pipefd = setup(fds, auclass);
846 /* Failure reason: Invalid argument */
847 ATF_REQUIRE_EQ(-1, auditon(A_GETPOLICY, NULL, 0));
848 check_audit(fds, adregex, pipefd);
851 ATF_TC_CLEANUP(auditon_getpolicy_failure, tc)
857 ATF_TC_WITH_CLEANUP(auditon_setpolicy_success);
858 ATF_TC_HEAD(auditon_setpolicy_success, tc)
860 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
861 "auditon(2) call for cmd: A_SETPOLICY");
864 ATF_TC_BODY(auditon_setpolicy_success, tc)
868 snprintf(adregex, sizeof(adregex), "SPOLICY command.*%d.*success", pid);
870 /* Retrieve the current auditing policy, to be used with A_SETPOLICY */
871 ATF_REQUIRE_EQ(0, auditon(A_GETPOLICY, &aupolicy, sizeof(aupolicy)));
872 FILE *pipefd = setup(fds, auclass);
873 ATF_REQUIRE_EQ(0, auditon(A_SETPOLICY, &aupolicy, sizeof(aupolicy)));
874 check_audit(fds, adregex, pipefd);
877 ATF_TC_CLEANUP(auditon_setpolicy_success, tc)
883 ATF_TC_WITH_CLEANUP(auditon_setpolicy_failure);
884 ATF_TC_HEAD(auditon_setpolicy_failure, tc)
886 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
887 "auditon(2) call for cmd: A_SETPOLICY");
890 ATF_TC_BODY(auditon_setpolicy_failure, tc)
893 snprintf(adregex, sizeof(adregex), "SPOLICY command.*%d.*failure", pid);
895 FILE *pipefd = setup(fds, auclass);
896 /* Failure reason: Invalid argument */
897 ATF_REQUIRE_EQ(-1, auditon(A_SETPOLICY, NULL, 0));
898 check_audit(fds, adregex, pipefd);
901 ATF_TC_CLEANUP(auditon_setpolicy_failure, tc)
907 ATF_TC_WITH_CLEANUP(auditon_getkmask_success);
908 ATF_TC_HEAD(auditon_getkmask_success, tc)
910 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
911 "auditon(2) call for cmd: A_GETKMASK");
914 ATF_TC_BODY(auditon_getkmask_success, tc)
918 snprintf(adregex, sizeof(adregex), "get kernel mask.*%d.*success", pid);
920 bzero(&evmask, sizeof(evmask));
921 FILE *pipefd = setup(fds, auclass);
922 ATF_REQUIRE_EQ(0, auditon(A_GETKMASK, &evmask, sizeof(evmask)));
923 check_audit(fds, adregex, pipefd);
926 ATF_TC_CLEANUP(auditon_getkmask_success, tc)
932 ATF_TC_WITH_CLEANUP(auditon_getkmask_failure);
933 ATF_TC_HEAD(auditon_getkmask_failure, tc)
935 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
936 "auditon(2) call for cmd: A_GETKMASK");
939 ATF_TC_BODY(auditon_getkmask_failure, tc)
942 snprintf(adregex, sizeof(adregex), "get kernel mask.*%d.*failure", pid);
944 FILE *pipefd = setup(fds, auclass);
945 /* Failure reason: Invalid au_mask_t structure */
946 ATF_REQUIRE_EQ(-1, auditon(A_GETKMASK, NULL, 0));
947 check_audit(fds, adregex, pipefd);
950 ATF_TC_CLEANUP(auditon_getkmask_failure, tc)
956 ATF_TC_WITH_CLEANUP(auditon_setkmask_success);
957 ATF_TC_HEAD(auditon_setkmask_success, tc)
959 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
960 "auditon(2) call for cmd: A_SETKMASK");
963 ATF_TC_BODY(auditon_setkmask_success, tc)
967 snprintf(adregex, sizeof(adregex), "set kernel mask.*%d.*success", pid);
969 /* Retrieve the current audit mask to be used with A_SETKMASK */
970 bzero(&evmask, sizeof(evmask));
971 ATF_REQUIRE_EQ(0, auditon(A_GETKMASK, &evmask, sizeof(evmask)));
973 FILE *pipefd = setup(fds, auclass);
974 ATF_REQUIRE_EQ(0, auditon(A_SETKMASK, &evmask, sizeof(evmask)));
975 check_audit(fds, adregex, pipefd);
978 ATF_TC_CLEANUP(auditon_setkmask_success, tc)
984 ATF_TC_WITH_CLEANUP(auditon_setkmask_failure);
985 ATF_TC_HEAD(auditon_setkmask_failure, tc)
987 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
988 "auditon(2) call for cmd: A_SETKMASK");
991 ATF_TC_BODY(auditon_setkmask_failure, tc)
994 snprintf(adregex, sizeof(adregex), "set kernel mask.*%d.*failure", pid);
996 FILE *pipefd = setup(fds, auclass);
997 /* Failure reason: Invalid au_mask_t structure */
998 ATF_REQUIRE_EQ(-1, auditon(A_SETKMASK, NULL, 0));
999 check_audit(fds, adregex, pipefd);
1002 ATF_TC_CLEANUP(auditon_setkmask_failure, tc)
1008 ATF_TC_WITH_CLEANUP(auditon_getqctrl_success);
1009 ATF_TC_HEAD(auditon_getqctrl_success, tc)
1011 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
1012 "auditon(2) call for cmd: A_GETQCTRL");
1015 ATF_TC_BODY(auditon_getqctrl_success, tc)
1019 snprintf(adregex, sizeof(adregex), "GQCTRL command.*%d.*success", pid);
1021 bzero(&evqctrl, sizeof(evqctrl));
1022 FILE *pipefd = setup(fds, auclass);
1023 ATF_REQUIRE_EQ(0, auditon(A_GETQCTRL, &evqctrl, sizeof(evqctrl)));
1024 check_audit(fds, adregex, pipefd);
1027 ATF_TC_CLEANUP(auditon_getqctrl_success, tc)
1033 ATF_TC_WITH_CLEANUP(auditon_getqctrl_failure);
1034 ATF_TC_HEAD(auditon_getqctrl_failure, tc)
1036 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
1037 "auditon(2) call for cmd: A_GETQCTRL");
1040 ATF_TC_BODY(auditon_getqctrl_failure, tc)
1043 snprintf(adregex, sizeof(adregex), "GQCTRL command.*%d.*failure", pid);
1045 FILE *pipefd = setup(fds, auclass);
1046 /* Failure reason: Invalid au_qctrl_t structure */
1047 ATF_REQUIRE_EQ(-1, auditon(A_GETQCTRL, NULL, 0));
1048 check_audit(fds, adregex, pipefd);
1051 ATF_TC_CLEANUP(auditon_getqctrl_failure, tc)
1057 ATF_TC_WITH_CLEANUP(auditon_setqctrl_success);
1058 ATF_TC_HEAD(auditon_setqctrl_success, tc)
1060 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
1061 "auditon(2) call for cmd: A_SETKMASK");
1064 ATF_TC_BODY(auditon_setqctrl_success, tc)
1068 snprintf(adregex, sizeof(adregex), "SQCTRL command.*%d.*success", pid);
1070 /* Retrieve the current audit mask to be used with A_SETQCTRL */
1071 bzero(&evqctrl, sizeof(evqctrl));
1072 ATF_REQUIRE_EQ(0, auditon(A_GETQCTRL, &evqctrl, sizeof(evqctrl)));
1074 FILE *pipefd = setup(fds, auclass);
1075 ATF_REQUIRE_EQ(0, auditon(A_SETQCTRL, &evqctrl, sizeof(evqctrl)));
1076 check_audit(fds, adregex, pipefd);
1079 ATF_TC_CLEANUP(auditon_setqctrl_success, tc)
1085 ATF_TC_WITH_CLEANUP(auditon_setqctrl_failure);
1086 ATF_TC_HEAD(auditon_setqctrl_failure, tc)
1088 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
1089 "auditon(2) call for cmd: A_SETKMASK");
1092 ATF_TC_BODY(auditon_setqctrl_failure, tc)
1095 snprintf(adregex, sizeof(adregex), "SQCTRL command.*%d.*failure", pid);
1097 FILE *pipefd = setup(fds, auclass);
1098 /* Failure reason: Invalid au_qctrl_t structure */
1099 ATF_REQUIRE_EQ(-1, auditon(A_SETQCTRL, NULL, 0));
1100 check_audit(fds, adregex, pipefd);
1103 ATF_TC_CLEANUP(auditon_setqctrl_failure, tc)
1109 ATF_TC_WITH_CLEANUP(auditon_getclass_success);
1110 ATF_TC_HEAD(auditon_getclass_success, tc)
1112 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
1113 "auditon(2) call for cmd: A_GETCLASS");
1116 ATF_TC_BODY(auditon_getclass_success, tc)
1119 au_evclass_map_t evclass;
1120 snprintf(adregex, sizeof(adregex), "get event class.*%d.*success", pid);
1122 /* Initialize evclass to get the event-class mapping for auditon(2) */
1123 evclass.ec_number = AUE_AUDITON;
1124 evclass.ec_class = 0;
1125 FILE *pipefd = setup(fds, auclass);
1126 ATF_REQUIRE_EQ(0, auditon(A_GETCLASS, &evclass, sizeof(evclass)));
1127 check_audit(fds, adregex, pipefd);
1130 ATF_TC_CLEANUP(auditon_getclass_success, tc)
1136 ATF_TC_WITH_CLEANUP(auditon_getclass_failure);
1137 ATF_TC_HEAD(auditon_getclass_failure, tc)
1139 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
1140 "auditon(2) call for cmd: A_GETCLASS");
1143 ATF_TC_BODY(auditon_getclass_failure, tc)
1146 snprintf(adregex, sizeof(adregex), "get event class.*%d.*failure", pid);
1148 FILE *pipefd = setup(fds, auclass);
1149 /* Failure reason: Invalid au_evclass_map_t structure */
1150 ATF_REQUIRE_EQ(-1, auditon(A_GETCLASS, NULL, 0));
1151 check_audit(fds, adregex, pipefd);
1154 ATF_TC_CLEANUP(auditon_getclass_failure, tc)
1160 ATF_TC_WITH_CLEANUP(auditon_setclass_success);
1161 ATF_TC_HEAD(auditon_setclass_success, tc)
1163 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
1164 "auditon(2) call for cmd: A_SETCLASS");
1167 ATF_TC_BODY(auditon_setclass_success, tc)
1170 au_evclass_map_t evclass;
1171 snprintf(adregex, sizeof(adregex), "set event class.*%d.*success", pid);
1173 /* Initialize evclass and get the event-class mapping for auditon(2) */
1174 evclass.ec_number = AUE_AUDITON;
1175 evclass.ec_class = 0;
1176 ATF_REQUIRE_EQ(0, auditon(A_GETCLASS, &evclass, sizeof(evclass)));
1178 FILE *pipefd = setup(fds, auclass);
1179 ATF_REQUIRE_EQ(0, auditon(A_SETCLASS, &evclass, sizeof(evclass)));
1180 check_audit(fds, adregex, pipefd);
1183 ATF_TC_CLEANUP(auditon_setclass_success, tc)
1189 ATF_TC_WITH_CLEANUP(auditon_setclass_failure);
1190 ATF_TC_HEAD(auditon_setclass_failure, tc)
1192 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
1193 "auditon(2) call for cmd: A_SETCLASS");
1196 ATF_TC_BODY(auditon_setclass_failure, tc)
1199 snprintf(adregex, sizeof(adregex), "set event class.*%d.*failure", pid);
1201 FILE *pipefd = setup(fds, auclass);
1202 /* Failure reason: Invalid au_evclass_map_t structure */
1203 ATF_REQUIRE_EQ(-1, auditon(A_SETCLASS, NULL, 0));
1204 check_audit(fds, adregex, pipefd);
1207 ATF_TC_CLEANUP(auditon_setclass_failure, tc)
1213 ATF_TC_WITH_CLEANUP(auditon_getcond_success);
1214 ATF_TC_HEAD(auditon_getcond_success, tc)
1216 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
1217 "auditon(2) call for cmd: A_GETCOND");
1220 ATF_TC_BODY(auditon_getcond_success, tc)
1224 snprintf(adregex, sizeof(adregex), "get audit state.*%d.*success", pid);
1226 FILE *pipefd = setup(fds, auclass);
1227 ATF_REQUIRE_EQ(0, auditon(A_GETCOND, &auditcond, sizeof(auditcond)));
1228 check_audit(fds, adregex, pipefd);
1231 ATF_TC_CLEANUP(auditon_getcond_success, tc)
1237 ATF_TC_WITH_CLEANUP(auditon_getcond_failure);
1238 ATF_TC_HEAD(auditon_getcond_failure, tc)
1240 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
1241 "auditon(2) call for cmd: A_GETCOND");
1244 ATF_TC_BODY(auditon_getcond_failure, tc)
1247 snprintf(adregex, sizeof(adregex), "get audit state.*%d.*failure", pid);
1249 FILE *pipefd = setup(fds, auclass);
1250 /* Failure reason: Invalid argument */
1251 ATF_REQUIRE_EQ(-1, auditon(A_GETCOND, NULL, 0));
1252 check_audit(fds, adregex, pipefd);
1255 ATF_TC_CLEANUP(auditon_getcond_failure, tc)
1261 ATF_TC_WITH_CLEANUP(auditon_setcond_success);
1262 ATF_TC_HEAD(auditon_setcond_success, tc)
1264 atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
1265 "auditon(2) call for cmd: A_SETCOND");
1268 ATF_TC_BODY(auditon_setcond_success, tc)
1270 int auditcond = AUC_AUDITING;
1272 snprintf(adregex, sizeof(adregex), "set audit state.*%d.*success", pid);
1274 FILE *pipefd = setup(fds, auclass);
1275 /* At this point auditd is running, so the audit state is AUC_AUDITING */
1276 ATF_REQUIRE_EQ(0, auditon(A_SETCOND, &auditcond, sizeof(auditcond)));
1277 check_audit(fds, adregex, pipefd);
1280 ATF_TC_CLEANUP(auditon_setcond_success, tc)
1286 ATF_TC_WITH_CLEANUP(auditon_setcond_failure);
1287 ATF_TC_HEAD(auditon_setcond_failure, tc)
1289 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
1290 "auditon(2) call for cmd: A_SETCOND");
1293 ATF_TC_BODY(auditon_setcond_failure, tc)
1296 snprintf(adregex, sizeof(adregex), "set audit state.*%d.*failure", pid);
1298 FILE *pipefd = setup(fds, auclass);
1299 /* Failure reason: Invalid argument */
1300 ATF_REQUIRE_EQ(-1, auditon(A_SETCOND, NULL, 0));
1301 check_audit(fds, adregex, pipefd);
1304 ATF_TC_CLEANUP(auditon_setcond_failure, tc)
1310 * Following test-cases for auditon(2) are all in failure mode only as although
1311 * auditable, they have not been implemented and return ENOSYS whenever called.
1313 * Commands: A_GETCWD A_GETCAR A_GETSTAT A_SETSTAT A_SETUMASK A_SETSMASK
1316 ATF_TC_WITH_CLEANUP(auditon_getcwd_failure);
1317 ATF_TC_HEAD(auditon_getcwd_failure, tc)
1319 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
1320 "auditon(2) call for cmd: A_GETCWD");
1323 ATF_TC_BODY(auditon_getcwd_failure, tc)
1326 snprintf(adregex, sizeof(adregex), "get cwd.*%d.*failure", pid);
1328 FILE *pipefd = setup(fds, auclass);
1329 ATF_REQUIRE_ERRNO(ENOSYS, auditon(A_GETCWD, &auditon_def,
1330 sizeof(auditon_def)) == -1);
1331 check_audit(fds, adregex, pipefd);
1334 ATF_TC_CLEANUP(auditon_getcwd_failure, tc)
1340 ATF_TC_WITH_CLEANUP(auditon_getcar_failure);
1341 ATF_TC_HEAD(auditon_getcar_failure, tc)
1343 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
1344 "auditon(2) call for cmd: A_GETCAR");
1347 ATF_TC_BODY(auditon_getcar_failure, tc)
1350 snprintf(adregex, sizeof(adregex), "get car.*%d.*failure", pid);
1352 FILE *pipefd = setup(fds, auclass);
1353 ATF_REQUIRE_ERRNO(ENOSYS, auditon(A_GETCAR, &auditon_def,
1354 sizeof(auditon_def)) == -1);
1355 check_audit(fds, adregex, pipefd);
1358 ATF_TC_CLEANUP(auditon_getcar_failure, tc)
1364 ATF_TC_WITH_CLEANUP(auditon_getstat_failure);
1365 ATF_TC_HEAD(auditon_getstat_failure, tc)
1367 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
1368 "auditon(2) call for cmd: A_GETSTAT");
1371 ATF_TC_BODY(auditon_getstat_failure, tc)
1374 snprintf(adregex, sizeof(adregex),
1375 "get audit statistics.*%d.*return,failure", pid);
1377 FILE *pipefd = setup(fds, auclass);
1378 ATF_REQUIRE_ERRNO(ENOSYS, auditon(A_GETSTAT, &auditon_def,
1379 sizeof(auditon_def)) == -1);
1380 check_audit(fds, adregex, pipefd);
1383 ATF_TC_CLEANUP(auditon_getstat_failure, tc)
1389 ATF_TC_WITH_CLEANUP(auditon_setstat_failure);
1390 ATF_TC_HEAD(auditon_setstat_failure, tc)
1392 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
1393 "auditon(2) call for cmd: A_SETSTAT");
1396 ATF_TC_BODY(auditon_setstat_failure, tc)
1399 snprintf(adregex, sizeof(adregex),
1400 "set audit statistics.*%d.*return,failure", pid);
1402 FILE *pipefd = setup(fds, auclass);
1403 ATF_REQUIRE_ERRNO(ENOSYS, auditon(A_SETSTAT, &auditon_def,
1404 sizeof(auditon_def)) == -1);
1405 check_audit(fds, adregex, pipefd);
1408 ATF_TC_CLEANUP(auditon_setstat_failure, tc)
1414 ATF_TC_WITH_CLEANUP(auditon_setumask_failure);
1415 ATF_TC_HEAD(auditon_setumask_failure, tc)
1417 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
1418 "auditon(2) call for cmd: A_SETUMASK");
1421 ATF_TC_BODY(auditon_setumask_failure, tc)
1424 snprintf(adregex, sizeof(adregex),
1425 "set mask per uid.*%d.*return,failure", pid);
1427 FILE *pipefd = setup(fds, auclass);
1428 ATF_REQUIRE_ERRNO(ENOSYS, auditon(A_SETUMASK, &auditon_def,
1429 sizeof(auditon_def)) == -1);
1430 check_audit(fds, adregex, pipefd);
1433 ATF_TC_CLEANUP(auditon_setumask_failure, tc)
1439 ATF_TC_WITH_CLEANUP(auditon_setsmask_failure);
1440 ATF_TC_HEAD(auditon_setsmask_failure, tc)
1442 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
1443 "auditon(2) call for cmd: A_SETSMASK");
1446 ATF_TC_BODY(auditon_setsmask_failure, tc)
1449 snprintf(adregex, sizeof(adregex),
1450 "set mask per session.*%d.*return,failure", pid);
1452 FILE *pipefd = setup(fds, auclass);
1453 ATF_REQUIRE_ERRNO(ENOSYS, auditon(A_SETSMASK, &auditon_def,
1454 sizeof(auditon_def)) == -1);
1455 check_audit(fds, adregex, pipefd);
1458 ATF_TC_CLEANUP(auditon_setsmask_failure, tc)
1465 * Audit of reboot(2) cannot be tested in normal conditions as we don't want
1466 * to reboot the system while running the tests
1470 ATF_TC_WITH_CLEANUP(reboot_failure);
1471 ATF_TC_HEAD(reboot_failure, tc)
1473 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
1477 ATF_TC_BODY(reboot_failure, tc)
1480 snprintf(adregex, sizeof(adregex), "reboot.*%d.*return,failure", pid);
1482 FILE *pipefd = setup(fds, auclass);
1483 ATF_REQUIRE_EQ(-1, reboot(-1));
1484 check_audit(fds, adregex, pipefd);
1487 ATF_TC_CLEANUP(reboot_failure, tc)
1494 * Audit of quotactl(2) cannot be tested in normal conditions as we don't want
1495 * to tamper with filesystem quotas
1499 ATF_TC_WITH_CLEANUP(quotactl_failure);
1500 ATF_TC_HEAD(quotactl_failure, tc)
1502 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
1503 "quotactl(2) call");
1506 ATF_TC_BODY(quotactl_failure, tc)
1509 snprintf(adregex, sizeof(adregex), "quotactl.*%d.*return,failure", pid);
1511 FILE *pipefd = setup(fds, auclass);
1512 ATF_REQUIRE_EQ(-1, quotactl(NULL, 0, 0, NULL));
1513 check_audit(fds, adregex, pipefd);
1516 ATF_TC_CLEANUP(quotactl_failure, tc)
1522 ATF_TC_WITH_CLEANUP(mount_failure);
1523 ATF_TC_HEAD(mount_failure, tc)
1525 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
1529 ATF_TC_BODY(mount_failure, tc)
1532 snprintf(adregex, sizeof(adregex), "mount.*%d.*return,failure", pid);
1534 FILE *pipefd = setup(fds, auclass);
1535 ATF_REQUIRE_EQ(-1, mount(NULL, NULL, 0, NULL));
1536 check_audit(fds, adregex, pipefd);
1539 ATF_TC_CLEANUP(mount_failure, tc)
1545 ATF_TC_WITH_CLEANUP(nmount_failure);
1546 ATF_TC_HEAD(nmount_failure, tc)
1548 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
1552 ATF_TC_BODY(nmount_failure, tc)
1555 snprintf(adregex, sizeof(adregex), "nmount.*%d.*return,failure", pid);
1557 FILE *pipefd = setup(fds, auclass);
1558 ATF_REQUIRE_EQ(-1, nmount(NULL, 0, 0));
1559 check_audit(fds, adregex, pipefd);
1562 ATF_TC_CLEANUP(nmount_failure, tc)
1568 ATF_TC_WITH_CLEANUP(swapon_failure);
1569 ATF_TC_HEAD(swapon_failure, tc)
1571 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
1575 ATF_TC_BODY(swapon_failure, tc)
1578 snprintf(adregex, sizeof(adregex), "swapon.*%d.*return,failure", pid);
1580 FILE *pipefd = setup(fds, auclass);
1581 /* Failure reason: Block device required */
1582 ATF_REQUIRE_EQ(-1, swapon(path));
1583 check_audit(fds, adregex, pipefd);
1586 ATF_TC_CLEANUP(swapon_failure, tc)
1592 ATF_TC_WITH_CLEANUP(swapoff_failure);
1593 ATF_TC_HEAD(swapoff_failure, tc)
1595 atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
1599 ATF_TC_BODY(swapoff_failure, tc)
1602 snprintf(adregex, sizeof(adregex), "swapoff.*%d.*return,failure", pid);
1604 FILE *pipefd = setup(fds, auclass);
1605 /* Failure reason: Block device required */
1606 ATF_REQUIRE_EQ(-1, swapoff(path, 0));
1607 check_audit(fds, adregex, pipefd);
1610 ATF_TC_CLEANUP(swapoff_failure, tc)
1618 ATF_TP_ADD_TC(tp, settimeofday_success);
1619 ATF_TP_ADD_TC(tp, settimeofday_failure);
1620 ATF_TP_ADD_TC(tp, clock_settime_success);
1621 ATF_TP_ADD_TC(tp, clock_settime_failure);
1622 ATF_TP_ADD_TC(tp, adjtime_success);
1623 ATF_TP_ADD_TC(tp, adjtime_failure);
1624 ATF_TP_ADD_TC(tp, ntp_adjtime_success);
1625 ATF_TP_ADD_TC(tp, ntp_adjtime_failure);
1627 ATF_TP_ADD_TC(tp, nfs_getfh_success);
1628 ATF_TP_ADD_TC(tp, nfs_getfh_failure);
1629 ATF_TP_ADD_TC(tp, acct_success);
1630 ATF_TP_ADD_TC(tp, acct_failure);
1631 ATF_TP_ADD_TC(tp, auditctl_success);
1632 ATF_TP_ADD_TC(tp, auditctl_failure);
1634 ATF_TP_ADD_TC(tp, getauid_success);
1635 ATF_TP_ADD_TC(tp, getauid_failure);
1636 ATF_TP_ADD_TC(tp, setauid_success);
1637 ATF_TP_ADD_TC(tp, setauid_failure);
1639 ATF_TP_ADD_TC(tp, getaudit_success);
1640 ATF_TP_ADD_TC(tp, getaudit_failure);
1641 ATF_TP_ADD_TC(tp, setaudit_success);
1642 ATF_TP_ADD_TC(tp, setaudit_failure);
1644 ATF_TP_ADD_TC(tp, getaudit_addr_success);
1645 ATF_TP_ADD_TC(tp, getaudit_addr_failure);
1646 ATF_TP_ADD_TC(tp, setaudit_addr_success);
1647 ATF_TP_ADD_TC(tp, setaudit_addr_failure);
1649 ATF_TP_ADD_TC(tp, auditon_default_success);
1650 ATF_TP_ADD_TC(tp, auditon_default_failure);
1652 ATF_TP_ADD_TC(tp, auditon_getpolicy_success);
1653 ATF_TP_ADD_TC(tp, auditon_getpolicy_failure);
1654 ATF_TP_ADD_TC(tp, auditon_setpolicy_success);
1655 ATF_TP_ADD_TC(tp, auditon_setpolicy_failure);
1657 ATF_TP_ADD_TC(tp, auditon_getkmask_success);
1658 ATF_TP_ADD_TC(tp, auditon_getkmask_failure);
1659 ATF_TP_ADD_TC(tp, auditon_setkmask_success);
1660 ATF_TP_ADD_TC(tp, auditon_setkmask_failure);
1662 ATF_TP_ADD_TC(tp, auditon_getqctrl_success);
1663 ATF_TP_ADD_TC(tp, auditon_getqctrl_failure);
1664 ATF_TP_ADD_TC(tp, auditon_setqctrl_success);
1665 ATF_TP_ADD_TC(tp, auditon_setqctrl_failure);
1667 ATF_TP_ADD_TC(tp, auditon_getclass_success);
1668 ATF_TP_ADD_TC(tp, auditon_getclass_failure);
1669 ATF_TP_ADD_TC(tp, auditon_setclass_success);
1670 ATF_TP_ADD_TC(tp, auditon_setclass_failure);
1672 ATF_TP_ADD_TC(tp, auditon_getcond_success);
1673 ATF_TP_ADD_TC(tp, auditon_getcond_failure);
1674 ATF_TP_ADD_TC(tp, auditon_setcond_success);
1675 ATF_TP_ADD_TC(tp, auditon_setcond_failure);
1677 ATF_TP_ADD_TC(tp, auditon_getcwd_failure);
1678 ATF_TP_ADD_TC(tp, auditon_getcar_failure);
1679 ATF_TP_ADD_TC(tp, auditon_getstat_failure);
1680 ATF_TP_ADD_TC(tp, auditon_setstat_failure);
1681 ATF_TP_ADD_TC(tp, auditon_setumask_failure);
1682 ATF_TP_ADD_TC(tp, auditon_setsmask_failure);
1684 ATF_TP_ADD_TC(tp, reboot_failure);
1685 ATF_TP_ADD_TC(tp, quotactl_failure);
1686 ATF_TP_ADD_TC(tp, mount_failure);
1687 ATF_TP_ADD_TC(tp, nmount_failure);
1688 ATF_TP_ADD_TC(tp, swapon_failure);
1689 ATF_TP_ADD_TC(tp, swapoff_failure);
1691 return (atf_no_error());
projects / FreeBSD / FreeBSD.git / blob