test: rework seccomp testing
Instead of a single test with enabled seccomp, rerun all other non-destructive and destructive tests for each seccomp level.
This commit is contained in:
Miroslav Lichvar
parent
b9f5ce83b0
commit
c536b2561b
4 changed files with 50 additions and 17 deletions
|
|
@ -1,17 +0,0 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
. ./test.common
|
||||
|
||||
check_chronyd_features SCFILTER || test_skip "SCFILTER support disabled"
|
||||
|
||||
test_start "system call filter"
|
||||
|
||||
for extra_chronyd_options in "-F -1" "-F 1"; do
|
||||
start_chronyd || test_fail
|
||||
wait_for_sync || test_fail
|
||||
stop_chronyd || test_fail
|
||||
check_chronyd_messages || test_fail
|
||||
check_chronyd_files || test_fail
|
||||
done
|
||||
|
||||
test_pass
|
||||
24
test/system/099-scfilter
Executable file
24
test/system/099-scfilter
Executable file
|
|
@ -0,0 +1,24 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
. ./test.common
|
||||
|
||||
check_chronyd_features SCFILTER || test_skip "SCFILTER support disabled"
|
||||
|
||||
test_start "system call filter in non-destructive tests"
|
||||
|
||||
for level in "-1" "1"; do
|
||||
test_message 1 1 "level $level:"
|
||||
for test in 0[0-8][0-9]-*[^_]; do
|
||||
test_message 2 0 "$test"
|
||||
TEST_SCFILTER=$level "./$test" > /dev/null 2> /dev/null
|
||||
result=$?
|
||||
|
||||
if [ $result != 0 ] && [ $result != 9 ] ; then
|
||||
test_bad
|
||||
test_fail
|
||||
fi
|
||||
test_ok
|
||||
done
|
||||
done
|
||||
|
||||
test_pass
|
||||
24
test/system/199-scfilter
Executable file
24
test/system/199-scfilter
Executable file
|
|
@ -0,0 +1,24 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
. ./test.common
|
||||
|
||||
check_chronyd_features SCFILTER || test_skip "SCFILTER support disabled"
|
||||
|
||||
test_start "system call filter in destructive tests"
|
||||
|
||||
for level in "-1" "1"; do
|
||||
test_message 1 1 "level $level:"
|
||||
for test in 1[0-8][0-9]-*[^_]; do
|
||||
test_message 2 0 "$test"
|
||||
TEST_SCFILTER=$level "./$test" > /dev/null 2> /dev/null
|
||||
result=$?
|
||||
|
||||
if [ $result != 0 ] && [ $result != 9 ] ; then
|
||||
test_bad
|
||||
test_fail
|
||||
fi
|
||||
test_ok
|
||||
done
|
||||
done
|
||||
|
||||
test_pass
|
||||
|
|
@ -20,6 +20,7 @@ TEST_DIR=${TEST_DIR:-$(pwd)/tmp}
|
|||
TEST_LIBDIR=${TEST_LIBDIR:-$TEST_DIR}
|
||||
TEST_LOGDIR=${TEST_LOGDIR:-$TEST_DIR}
|
||||
TEST_RUNDIR=${TEST_RUNDIR:-$TEST_DIR}
|
||||
TEST_SCFILTER=${TEST_SCFILTER:-0}
|
||||
|
||||
test_start() {
|
||||
check_chronyd_features NTP CMDMON || test_skip "NTP/CMDMON support disabled"
|
||||
|
|
@ -242,6 +243,7 @@ get_chronyd_options() {
|
|||
echo "-l $(get_logfile)"
|
||||
echo "-f $(get_conffile)"
|
||||
echo "-u $user"
|
||||
echo "-F $TEST_SCFILTER"
|
||||
echo "$extra_chronyd_options"
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue