BUG: some tests fail on RHEL-6
pcmoore opened this issue · 22 comments
We need to attempt a test run on a RHEL-6 system.
Test are running, there is just a minor issue in the test driver - auditctl is expected in /usr/sbin but located in /sbin, I will patch it. Most of the test failed, I have to investigate that. We should also introduce some logic to distinguish between rhel-6, rhel-7 and fedora tests.
Well I did my homework and check all the tests in RHEL6. Details are as follows.
Working
- syscalls_file
- user_msg
Broken but Compatible
- exec_execve - on RHEL6, it might take some time to populate events, test sometimes fails and sometimes passes, I hate adding sleeps to tests, but in this case adding 1s sleep before events before ausearch call makes it green
Broken
- file_* - are these tests for directory watches? Is it supposed to be working on RHEL6? Rules are added correctly but no syscalls are audited at all
Generally Broken
- login_tty - this test is broken for all distributions at the moment.
Great, thanks for looking into this, I think we can move this from Q to BUG.
Ok, I tracked down the problem with the file_* tests. The tempdir and tempfile functions don't honour the TEMPLATE assignment, so the intended file never gets created or tested. Testing with $filename = "$dir/$key";system("touch $filename"); works fine.
The login_tty test doesn't work on RHEL6 because that feature/bugfix hasn't been backported to RHEL6.
Not directly related to this issue, but in the process of debugging the tests, I found it difficult to parse the log output. It would be nice if there was a clear delimiter between each subdir test so when failures happen it is easier to see what part of the output goes with which test case.
Here's a quick and dirty tempfile TEMPLATE workaround for RHEL6: rgbriggs@4d0fddc
Here's a quick and dirty tempfile TEMPLATE workaround for RHEL6: rgbriggs@4d0fddc
Thanks guys for the help on this.
One of the things that is nice about tempfile() is the automatic cleanup when UNLINK is true. @rgbriggs you mention that RHEL-6.x doesn't honor the tempfile() TEMPLATE parameter, does it still generate a file if we omit the TEMPLATE parameter? The name/location of the temp file generally shouldn't be important to us (assuming it is created in a valid temp/writable location, but I think that is a safe assumption).
It still generates a file while seemingly ignoring the TEMPLATE parameter, so I assume it would generate the same pattern of file with the TEMPLATE parameter missing. The file was generated in a safe place. Knowing that the TEMPLATE parameter was ignored (or incorrect syntax of the supplied parameter?) then I would cast some doubt that the UNLINK parameter was honoured either.
It should be easy enough to verify if the UNLINK worked.
The UNLINK parameter was also ignored. There are temp files hanging around in /tmp/.
Thanks for checking, but that's a bummer. We definitely need to find an alternate method of creating, and cleaning up, temporary files that works on RHEL-6.x forward (yes, I'm intentionally ignoring RHEL-5.x).
The quick and dirty patch from #19 (comment) does clean up after itself. The tempdir command does reap the files from the touch system command.
So the TEMPLATE parameter works for tempdir() but not tempfile()? I didn't think that was the case based on your earlier comment, perhaps I misunderstood.
I don't see any rm/unlink actions in the quick n' dirty patch so the only way the temp files could be deleted is if $dir was deleted. What am I missing?
The TEMPLATE parameter appears to not work for either tempdir() or tempfile(), but it appears unlink works or defaults to on for tempdir() but not for tempfile(), which surprised me.
Huh, yeah, I wouldn't have guess that either. What a mess.
This unpredictability makes me wonder about the difficulty of doing our own temp file management.
Well, for other tests I've just been making tempfiles based on the unique key generated for the test and cleaning up after myself.
That may be the only reasonable solution, my only concern is cleanup in the case of abnormal termination, e.g. kill the test via Ctrl-C. That said, I'm not even sure the existing tempdir()/tempfile() solution handles this correctly, and I'm also not sure how much we should ultimately care about this; as long as everything is created under /tmp, artifacts under corner cases may be acceptable.
It actually might be good to have some "clean-up stack" which is called when test exits or is killed / aborted. For instance, when you create a temporary file, you just add a removing call-back onto clean-up stack. Callbacks from the stack are then called by some exit subroutine or from a signal handler. Does it make sense? I can open an issue and write something for demonstration and we can then decide whether it is useful or not...?
@The-Mule yes, that makes sense to me (and I think what the original tempfile/tempdir code did), I just don't currently know how to do signal/exit handlers in perl; if you can write up a demonstration I think that would be very helpful.
It's not clear how much effort we want to put into RHEL-6.x at this point so let's close this out for now.