← Back to branch summary

~snappy-dev/snapd/master

« back to all changes in this revision

Viewing changes to cmd/snap-confine/tests/test_bad_seccomp_filter_args_prctl

  • Committer: GitHub
  • Author(s): Zygmunt Krynicki
  • Date: 2016-12-06 13:54:07 UTC
  • mfrom: (2661.2.15)
  • Revision ID: git-v1:0ac9c21d5bf0d4d7db987cbe985a49f755295d0b
Merge pull request #2268 from zyga/merged-snap-confine

many: merge snap-confine into snapd

Show diffs side-by-side

added added

removed removed

Lines of Context:
cmd/snap-confine/tests/test_bad_seccomp_filter_args_prctl
 
1
#!/bin/sh
 
2
 
 
3
set -e
 
4
 
 
5
. "${srcdir:-.}/common.sh"
 
6
 
 
7
get_common_syscalls >"$TMP"/tmpl
 
8
cat >>"$TMP"/tmpl <<EOF
 
9
# what we are testing
 
10
EOF
 
11
 
 
12
for i in 'PR_GET_SECCOM' 'PR_GET_SECCOMPP' 'PR_GET_SECC0MP' ; do
 
13
    printf "Test bad seccomp arg filtering (prctl %s)" "$i"
 
14
    cat "$TMP"/tmpl >"$TMP"/snap.name.app
 
15
    echo "prctl $i" >>"$TMP"/snap.name.app
 
16
 
 
17
    if $L snap.name.app /bin/true 2>/dev/null; then
 
18
        # true returned successfully, bad arg test failed
 
19
        cat "$TMP"/snap.name.app
 
20
        FAIL
 
21
    fi
 
22
 
 
23
    # all good
 
24
    PASS
 
25
done
 
26
 
 
27
for i in 'PR_CAP_AMBIENT_RAIS' 'PR_CAP_AMBIENT_RAISEE' ; do
 
28
    printf "Test bad seccomp arg filtering (prctl PR_CAP_AMBIENT %s)" "$i"
 
29
    cat "$TMP"/tmpl >"$TMP"/snap.name.app
 
30
    echo "prctl PR_CAP_AMBIENT $i" >>"$TMP"/snap.name.app
 
31
 
 
32
    if $L snap.name.app /bin/true 2>/dev/null; then
 
33
        # true returned successfully, bad arg test failed
 
34
        cat "$TMP"/snap.name.app
 
35
        FAIL
 
36
    fi
 
37
 
 
38
    # all good
 
39
    PASS
 
40
done