From 23203f9f686e0d2268d4165f26b0efd30bd7c8a5 Mon Sep 17 00:00:00 2001 From: Naresh Kamboju Date: Wed, 22 Apr 2015 13:15:27 +0530 Subject: Ubunutu: audit-test: Adding new audit-test The Linux audit framework provides a CAPP-compliant (Controlled Access Protection Profiles) auditing system that reliably collects information about any security-relevant (or non-security-relevant) event on a system. It can help you track actions performed on a system. Kconfig required - CONFIG_AUDIT=y - CONFIG_HAVE_ARCH_AUDITSYSCALL=y - CONFIG_AUDITSYSCALL=y - CONFIG_AUDIT_WATCH=y - CONFIG_AUDIT_TREE=y - CONFIG_INTEGRITY_AUDIT=y - CONFIG_AUDIT_GENERIC=y - CONFIG_AUDIT_ARCH_COMPAT_GENERIC=y - CONFIG_AUDIT_COMPAT_GENERIC=y Audit test suite validates syscall, filter and audit-tools. Change-Id: I7e1bce102021bd63b40fa66a4292c3d6f53fff25 Signed-off-by: Naresh Kamboju --- ubuntu/audit-test.yaml | 92 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 92 insertions(+) create mode 100644 ubuntu/audit-test.yaml (limited to 'ubuntu/audit-test.yaml') diff --git a/ubuntu/audit-test.yaml b/ubuntu/audit-test.yaml new file mode 100644 index 0000000..d980fef --- /dev/null +++ b/ubuntu/audit-test.yaml @@ -0,0 +1,92 @@ +metadata: + name: audit + format: "Lava-Test-Shell Test Definition 1.0" + description: "The Linux audit framework provides a CAPP-compliant + (Controlled Access Protection Profiles) auditing system that reliably + collects information about any security-relevant(or non-security-relevant) + event on a system. It can help you track actions performed on a system. + Required kernel configs + CONFIG_AUDIT=y + CONFIG_HAVE_ARCH_AUDITSYSCALL=y + CONFIG_AUDITSYSCALL=y + CONFIG_AUDIT_WATCH=y + CONFIG_AUDIT_TREE=y + CONFIG_INTEGRITY_AUDIT=y + CONFIG_AUDIT_GENERIC=y + CONFIG_AUDIT_ARCH_COMPAT_GENERIC=y + CONFIG_AUDIT_COMPAT_GENERIC=y" + maintainer: + - naresh.kamboju@linaro.org + os: + - ubuntu + scope: + - functional + devices: + - beaglebone-black + - juno + - kvm + - vexpress-tc2 + +install: + steps: + - 'VERSION=2.4.1' + - 'wget http://testdata.validation.linaro.org/tests/audit-$VERSION.tar.gz' + - 'tar -xf audit-$VERSION.tar.gz' + - 'cd audit-$VERSION' + - './configure' + - 'make all' + - 'make install' + - 'cd -' + deps: + - wget + - make + - automake + - aptitude + - expect + - cpp + - gcc + - binutils + - virt-what + - libpod-latex-perl + - libcap-dev + - selinux-policy-default + - selinux-policy-dev + - libselinux1-dev + - libselinux1 + - libaudit-dev + - python-dev + - libldap2-dev + - libsasl2-dev + - libssl-dev + - swig + - auditd + +params: + VERSION: '2.4.1' + +run: + steps: + - 'HOME_PWD=`pwd`' + - 'mkdir /usr/local/eal4_testing' + - 'chmod 755 /usr/local/eal4_testing' + - 'cd /usr/local/eal4_testing' + - 'wget http://testdata.validation.linaro.org/tests/audit-test-code.tar.gz' + - 'tar -xf audit-test-code.tar.gz' + - 'chown -R root:root /usr/local/eal4_testing' + - 'chmod a+rX /usr/local/eal4_testing' + - 'cd audit-test-code/audit-test/' + - 'make' + - 'groupadd wheel' + - 'useradd -c "EAL Test User" -g wheel eal' + - '/usr/bin/expect $HOME_PWD/ubuntu/scripts/audit-make-run.exp' + - 'pkill -9 auditd' + - 'cat audit.rollup.log' + - 'lava-test-case audit-test --result pass' + - 'lava-test-case-attach audit-test audit.rollup.log text/plan' + +parse: + pattern: "^\\[\\d*\\]\\s+(?P[. a-zA-Z0-9_-]+)\\s+(?PERROR|FAIL|PASS)" + fixupdict: + ERROR: skip + FAIL: fail + PASS: pass -- cgit v1.2.3