diff --git a/tests/Regression/no-plugin-exception-during-analyses/Makefile b/tests/Regression/no-plugin-exception-during-analyses/Makefile index bf6f78e..ff78118 100644 --- a/tests/Regression/no-plugin-exception-during-analyses/Makefile +++ b/tests/Regression/no-plugin-exception-during-analyses/Makefile @@ -29,7 +29,7 @@ export TESTVERSION=1.0 BUILT_FILES= -FILES=$(METADATA) runtest.sh Makefile +FILES=$(METADATA) runtest.sh Makefile short.log .PHONY: all install download clean diff --git a/tests/Regression/no-plugin-exception-during-analyses/runtest.sh b/tests/Regression/no-plugin-exception-during-analyses/runtest.sh index d1cc105..c8434f3 100755 --- a/tests/Regression/no-plugin-exception-during-analyses/runtest.sh +++ b/tests/Regression/no-plugin-exception-during-analyses/runtest.sh @@ -51,10 +51,22 @@ rlJournalStart rlAssertNotGrep "setroubleshoot.*: Plugin Exception " journal-after.txt [[ $? -eq 0 ]] || STATUS=$? rlRun "[[ $STATUS -eq 0 ]] || cat journal-after.txt" + rlRun "rm -f journal-after.txt" + rlPhaseEnd + + rlPhaseStartTest "no 'Plugin Exception' in short.log" + OUTPUT_FILE=`mktemp` + rlRun "sealert -a ./short.log >& $OUTPUT_FILE" + STATUS=0 + rlAssertNotGrep "'generator' object is not subscriptable" $OUTPUT_FILE + [[ $? -eq 0 ]] || STATUS=$? + rlAssertGrep "Plugin catchall_labels" $OUTPUT_FILE + [[ $? -eq 0 ]] || STATUS=$? + rlRun "[[ $STATUS -eq 0 ]] || cat $OUTPUT_FILE" + rlRun "rm -f $OUTPUT_FILE" rlPhaseEnd rlPhaseStartCleanup - rlRun "rm -f journal-after.txt" rlPhaseEnd rlJournalPrintText rlJournalEnd diff --git a/tests/Regression/no-plugin-exception-during-analyses/short.log b/tests/Regression/no-plugin-exception-during-analyses/short.log new file mode 100644 index 0000000..ba154b2 --- /dev/null +++ b/tests/Regression/no-plugin-exception-during-analyses/short.log @@ -0,0 +1,10 @@ +type=PROCTITLE msg=audit(1574867531.103:1226): proctitle=2F7573722F7362696E2F6368726F6E7964002D6E002D66002F7661722F72756E2F74696D656D61737465722F6368726F6E792E636F6E66 +type=AVC msg=audit(1574867531.516:1227): avc: denied { read } for pid=936 comm="auditd" name="passwd" dev="sda2" ino=25468387 scontext=system_u:system_r:auditd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=0 +type=AVC msg=audit(1574867531.516:1228): avc: denied { read } for pid=936 comm="auditd" name="passwd" dev="sda2" ino=25468387 scontext=system_u:system_r:auditd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=0 +type=AVC msg=audit(1574867531.516:1229): avc: denied { write } for pid=936 comm="auditd" name="nss" dev="sda2" ino=209156 scontext=system_u:system_r:auditd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=sock_file permissive=0 +type=AVC msg=audit(1574867531.516:1230): avc: denied { read } for pid=936 comm="auditd" name="group" dev="sda2" ino=25468401 scontext=system_u:system_r:auditd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=0 +type=AVC msg=audit(1574867531.516:1231): avc: denied { read } for pid=936 comm="auditd" name="group" dev="sda2" ino=25468401 scontext=system_u:system_r:auditd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=0 +type=AVC msg=audit(1574867531.516:1232): avc: denied { write } for pid=936 comm="auditd" name="nss" dev="sda2" ino=209156 scontext=system_u:system_r:auditd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=sock_file permissive=0 +type=SYSCALL msg=audit(1574867527.549:1163): arch=c000003e syscall=21 success=no exit=-13 a0=7f61e4002460 a1=4 a2=0 a3=0 items=1 ppid=1 pid=1871 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="in:imjournal" exe="/usr/sbin/rsyslogd" subj=system_u:system_r:syslogd_t:s0 key=(null)ARCH=x86_64 SYSCALL=access AUID="unset" UID="root" GID="root" EUID="root" SUID="root" FSUID="root" EGID="root" SGID="root" FSGID="root" +type=CWD msg=audit(1574867527.549:1163): cwd="/" +type=PATH msg=audit(1574867527.549:1163): item=0 name="/var/lib/rsyslog/imjournal.state" inode=25845859 dev=08:02 mode=0100600 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:unlabeled_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0OUID="root" OGID="root"