Print this page
11838 secflag tests are racy
*** 11,31 ****
# http://www.illumos.org/license/CDDL.
#
#
# Copyright 2015, Richard Lowe.
#
mkdir /tmp/$$-secflags-test
cd /tmp/$$-secflags-test
/usr/bin/psecflags -s none $$ # Clear ourselves out
cat > expected <<EOF
I: none
EOF
! /usr/bin/psecflags $$ | grep I: > output
diff -u expected output || exit 1 # Make sure the setting of 'none' worked
cleanup() {
cd /
rm -fr /tmp/$$-secflags-test
--- 11,38 ----
# http://www.illumos.org/license/CDDL.
#
#
# Copyright 2015, Richard Lowe.
+ # Copyright 2019 Joyent, Inc.
#
+ # check secflags, waiting a little bit for the change to happen
+ secflags() {
+ sleep 1
+ /usr/bin/psecflags $*
+ }
+
mkdir /tmp/$$-secflags-test
cd /tmp/$$-secflags-test
/usr/bin/psecflags -s none $$ # Clear ourselves out
cat > expected <<EOF
I: none
EOF
! secflags $$ | grep I: > output
diff -u expected output || exit 1 # Make sure the setting of 'none' worked
cleanup() {
cd /
rm -fr /tmp/$$-secflags-test
*** 40,50 ****
cat > expected <<EOF
I: aslr
EOF
! /usr/bin/psecflags $$ | grep I: > output
diff -u expected output || exit 1
}
self_add() {
echo "Add (self)"
--- 47,57 ----
cat > expected <<EOF
I: aslr
EOF
! secflags $$ | grep I: > output
diff -u expected output || exit 1
}
self_add() {
echo "Add (self)"
*** 51,61 ****
/usr/bin/psecflags -s current,noexecstack $$
cat > expected <<EOF
I: aslr,noexecstack
EOF
! /usr/bin/psecflags $$ | grep I: > output
diff -u expected output || exit 1
}
self_remove() {
echo "Remove (self)"
--- 58,68 ----
/usr/bin/psecflags -s current,noexecstack $$
cat > expected <<EOF
I: aslr,noexecstack
EOF
! secflags $$ | grep I: > output
diff -u expected output || exit 1
}
self_remove() {
echo "Remove (self)"
*** 62,89 ****
/usr/bin/psecflags -s current,-aslr $$
cat > expected <<EOF
I: noexecstack
EOF
! /usr/bin/psecflags $$ | grep I: > output
diff -u expected output || exit 1
}
self_all() {
echo "All (self)"
/usr/bin/psecflags -s all $$
! /usr/bin/psecflags $$ | grep -q 'I:.*,.*,' || exit 1 # This is lame, but functional
}
self_none() {
echo "None (self)"
/usr/bin/psecflags -s all $$
/usr/bin/psecflags -s none $$
cat > expected <<EOF
I: none
EOF
! /usr/bin/psecflags $$ | grep I: > output
diff -u expected output || exit 1
}
child_set() {
echo "Set (child)"
--- 69,96 ----
/usr/bin/psecflags -s current,-aslr $$
cat > expected <<EOF
I: noexecstack
EOF
! secflags $$ | grep I: > output
diff -u expected output || exit 1
}
self_all() {
echo "All (self)"
/usr/bin/psecflags -s all $$
! secflags $$ | grep -q 'I:.*,.*,' || exit 1 # This is lame, but functional
}
self_none() {
echo "None (self)"
/usr/bin/psecflags -s all $$
/usr/bin/psecflags -s none $$
cat > expected <<EOF
I: none
EOF
! secflags $$ | grep I: > output
diff -u expected output || exit 1
}
child_set() {
echo "Set (child)"
*** 94,104 ****
pid=$!
cat > expected <<EOF
E: aslr
I: aslr
EOF
! /usr/bin/psecflags $pid | grep '[IE]:' > output
kill $pid
diff -u expected output || exit 1
}
child_add() {
--- 101,111 ----
pid=$!
cat > expected <<EOF
E: aslr
I: aslr
EOF
! secflags $pid | grep '[IE]:' > output
kill $pid
diff -u expected output || exit 1
}
child_add() {
*** 111,121 ****
pid=$!
cat > expected <<EOF
E: aslr,noexecstack
I: aslr,noexecstack
EOF
! /usr/bin/psecflags $pid | grep '[IE]:' > output
kill $pid
/usr/bin/psecflags -s none $$
diff -u expected output || exit 1
}
--- 118,128 ----
pid=$!
cat > expected <<EOF
E: aslr,noexecstack
I: aslr,noexecstack
EOF
! secflags $pid | grep '[IE]:' > output
kill $pid
/usr/bin/psecflags -s none $$
diff -u expected output || exit 1
}
*** 129,139 ****
pid=$!
cat > expected <<EOF
E: none
I: none
EOF
! /usr/bin/psecflags $pid | grep '[IE]:' > output
kill $pid
/usr/bin/psecflags -s none $$
diff -u expected output || exit 1
}
--- 136,146 ----
pid=$!
cat > expected <<EOF
E: none
I: none
EOF
! secflags $pid | grep '[IE]:' > output
kill $pid
/usr/bin/psecflags -s none $$
diff -u expected output || exit 1
}
*** 142,152 ****
typeset pid ret
/usr/bin/psecflags -s all -e sleep 10000 &
pid=$!
! /usr/bin/psecflags $pid | grep -q 'E:.*,.*,' # This is lame, but functional
ret=$?
kill $pid
(( $ret != 0 )) && exit $ret
}
--- 149,159 ----
typeset pid ret
/usr/bin/psecflags -s all -e sleep 10000 &
pid=$!
! secflags $pid | grep -q 'E:.*,.*,' # This is lame, but functional
ret=$?
kill $pid
(( $ret != 0 )) && exit $ret
}
*** 161,171 ****
pid=$!
cat > expected <<EOF
E: none
I: none
EOF
! /usr/bin/psecflags $pid | grep '[IE]:' > output
kill $pid
diff -u expected output || exit 1
}
list() {
--- 168,178 ----
pid=$!
cat > expected <<EOF
E: none
I: none
EOF
! secflags $pid | grep '[IE]:' > output
kill $pid
diff -u expected output || exit 1
}
list() {