diff options
| author | Dave Brolley <brolley@redhat.com> | 2010-02-15 13:56:20 -0500 |
|---|---|---|
| committer | Dave Brolley <brolley@redhat.com> | 2010-02-15 13:56:20 -0500 |
| commit | 27dc09b13650456b7b3efd45c07690083e526b6d (patch) | |
| tree | fee2a7ea25f8e8d5f51a0bb5012c07743b170476 /testsuite | |
| parent | 189559623dcda793b1ae9ade54299f5c7a775b76 (diff) | |
| download | systemtap-steved-27dc09b13650456b7b3efd45c07690083e526b6d.tar.gz systemtap-steved-27dc09b13650456b7b3efd45c07690083e526b6d.tar.xz systemtap-steved-27dc09b13650456b7b3efd45c07690083e526b6d.zip | |
Rework identification of probes allowed for unprivileged users.
- Bind unprivileged permission at probe registration time.
- Remove check_unprivileged filter from derived_probe_builder
and its children.
- Add test suites for unprivilegedok and unprivilegedko.
Diffstat (limited to 'testsuite')
10 files changed, 59 insertions, 4 deletions
diff --git a/testsuite/semko/fortyeight.stp b/testsuite/semko/fortyeight.stp deleted file mode 100755 index e79d7a1d..00000000 --- a/testsuite/semko/fortyeight.stp +++ /dev/null @@ -1,4 +0,0 @@ -#! /bin/sh - -# None of these probe types should even be acceptable to pass-2 -stap --unprivileged -p2 -t -e 'probe kernel.function("sys_open")!, kernel.trace("*")!, kernel.mark("*")!, module("*scsi*").function("*") { }' diff --git a/testsuite/systemtap.unprivileged/foo.c b/testsuite/systemtap.unprivileged/foo.c new file mode 100644 index 00000000..82ff7232 --- /dev/null +++ b/testsuite/systemtap.unprivileged/foo.c @@ -0,0 +1,7 @@ +/* Test application */ +void bar () { +} + +main () { + bar (); +} diff --git a/testsuite/systemtap.unprivileged/unprivilegedko.exp b/testsuite/systemtap.unprivileged/unprivilegedko.exp new file mode 100644 index 00000000..edcea130 --- /dev/null +++ b/testsuite/systemtap.unprivileged/unprivilegedko.exp @@ -0,0 +1,13 @@ +set self unprivilegedko +foreach file [lsort [glob -nocomplain $srcdir/systemtap.unprivileged/$self/*.stp]] { + set test $self/[file tail $file] + verbose -log "Running $file" + set rc [stap_run_batch $file] + if {$rc < 0} { + # crashed + fail $test + } else { + setup_xfail *-*-* + if {$rc == 0} { pass $test } else { fail $test } + } +} diff --git a/testsuite/systemtap.unprivileged/unprivilegedko/five.stp b/testsuite/systemtap.unprivileged/unprivilegedko/five.stp new file mode 100755 index 00000000..3f6d278e --- /dev/null +++ b/testsuite/systemtap.unprivileged/unprivilegedko/five.stp @@ -0,0 +1,4 @@ +#! /bin/sh + +# This probe should not be acceptable to pass-2 +stap --unprivileged -p2 -e 'probe kernel.mark("*").format("*") { }' diff --git a/testsuite/systemtap.unprivileged/unprivilegedko/four.stp b/testsuite/systemtap.unprivileged/unprivilegedko/four.stp new file mode 100755 index 00000000..6c5e4f64 --- /dev/null +++ b/testsuite/systemtap.unprivileged/unprivilegedko/four.stp @@ -0,0 +1,4 @@ +#! /bin/sh + +# This probe should not be acceptable to pass-2 +stap --unprivileged -p2 -e 'probe kernel.mark("*") {}'
\ No newline at end of file diff --git a/testsuite/systemtap.unprivileged/unprivilegedko/one.stp b/testsuite/systemtap.unprivileged/unprivilegedko/one.stp new file mode 100755 index 00000000..1dfde502 --- /dev/null +++ b/testsuite/systemtap.unprivileged/unprivilegedko/one.stp @@ -0,0 +1,4 @@ +#! /bin/sh + +# This probe should not be acceptable to pass-2 +stap --unprivileged -p2 -e 'probe kernel.function("sys_open") { }' diff --git a/testsuite/systemtap.unprivileged/unprivilegedko/three.stp b/testsuite/systemtap.unprivileged/unprivilegedko/three.stp new file mode 100755 index 00000000..5ab986c5 --- /dev/null +++ b/testsuite/systemtap.unprivileged/unprivilegedko/three.stp @@ -0,0 +1,4 @@ +#! /bin/sh + +# This probe should not be acceptable to pass-2 +stap --unprivileged -p2 -e 'probe module("*scsi*").function("*") { }' diff --git a/testsuite/systemtap.unprivileged/unprivilegedko/two.stp b/testsuite/systemtap.unprivileged/unprivilegedko/two.stp new file mode 100755 index 00000000..f37149b2 --- /dev/null +++ b/testsuite/systemtap.unprivileged/unprivilegedko/two.stp @@ -0,0 +1,4 @@ +#! /bin/sh + +# This probe should not be acceptable to pass-2 +stap --unprivileged -p2 -e 'probe kernel.trace("*") {}'
\ No newline at end of file diff --git a/testsuite/systemtap.unprivileged/unprivilegedok.exp b/testsuite/systemtap.unprivileged/unprivilegedok.exp new file mode 100644 index 00000000..d86bdd7b --- /dev/null +++ b/testsuite/systemtap.unprivileged/unprivilegedok.exp @@ -0,0 +1,15 @@ +set self unprivilegedok + +# Need to build a user application +catch {exec gcc -g -o foo $srcdir/systemtap.unprivileged/foo.c} err +if {$err == "" && [file exists foo]} then { pass "$self compile" } else { fail "$self compile: $err" } + +# Now run the tests +foreach file [lsort [glob -nocomplain $srcdir/systemtap.unprivileged/$self/*.stp]] { + set test $self/[file tail $file] + verbose -log "Running $file" + set rc [stap_run_batch $file] + if {$rc == 0} { pass $test } else { fail $test } +} + +catch {exec rm -f foo} diff --git a/testsuite/systemtap.unprivileged/unprivilegedok/one.stp b/testsuite/systemtap.unprivileged/unprivilegedok/one.stp new file mode 100755 index 00000000..fb0ad6e7 --- /dev/null +++ b/testsuite/systemtap.unprivileged/unprivilegedok/one.stp @@ -0,0 +1,4 @@ +#! /bin/sh + +# This probe should be ok +stap --unprivileged -p2 -t -e 'probe process("foo").function("bar").call { }' -c ./foo |