Chromad: Investigate adding autotests to cover seccomp policies |
|||
Issue descriptionCan we run a local Samba server as part of test images to get at least some coverage against seccomp regressions?
,
Aug 7 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/platform2/+/9ccbd2abe4d94572c0c8dfd5c28ccd812ff67743 commit 9ccbd2abe4d94572c0c8dfd5c28ccd812ff67743 Author: Lutz Justen <ljusten@chromium.org> Date: Mon Aug 07 20:50:45 2017 authpolicy: Log seccomp for verbose debug level Enables logging of seccomp filter failures for the 'kVerbose' debug level. This level can be set with the crosh command 'authpolicy_debug 3' or through the D-Bus call SetDefaultLogLevel(3). The AuthPolicy daemon autotest needs a way to enable seccomp logs in order to print the offending syscall. One way of doing this is to write certain flags to /etc/authpolicyd_flags, but since DUTs don't always have rootfs verification disabled, this is not an option. With this CL, the daemon can use the D-Bus call. See also CL:600408,CL:601788 BUG= chromium:687177 TEST=test_that -b chell $DUT_IP enterprise_AuthPolicyDaemon Change-Id: Ia7aac601ec6e5d916bcb847c42305dd8b60959be Reviewed-on: https://chromium-review.googlesource.com/602128 Commit-Ready: Lutz Justen <ljusten@chromium.org> Tested-by: Lutz Justen <ljusten@chromium.org> Reviewed-by: Roman Sorokin <rsorokin@chromium.org> [modify] https://crrev.com/9ccbd2abe4d94572c0c8dfd5c28ccd812ff67743/authpolicy/authpolicy_flags.cc [modify] https://crrev.com/9ccbd2abe4d94572c0c8dfd5c28ccd812ff67743/authpolicy/authpolicy_flags.h
,
Sep 14 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/autotest/+/cd8f017ddcea589351b81d75271b1c16336fe535 commit cd8f017ddcea589351b81d75271b1c16336fe535 Author: Lutz Justen <ljusten@chromium.org> Date: Thu Sep 14 18:36:39 2017 Add AuthPolicy daemon autotest library Adds a Python autotest library to run the basic authpolicy commands domain join, user authentication and policy fetch, as well as helper methods to print logs and detect seccomp failures. The test that uses this library is going to be in a private repo. See also CL:*447072,CL:*447073. BUG= chromium:687177 TEST=test_that -b chell $DUT_IP enterprise_AuthPolicyDaemon Change-Id: I7b75ffd1ee0ae931b79afc062a864e43c20e8e08 Reviewed-on: https://chromium-review.googlesource.com/600408 Commit-Ready: Lutz Justen <ljusten@chromium.org> Tested-by: Lutz Justen <ljusten@chromium.org> Reviewed-by: Lutz Justen <ljusten@chromium.org> [add] https://crrev.com/cd8f017ddcea589351b81d75271b1c16336fe535/client/common_lib/cros/authpolicy.py
,
Sep 15 2017
The following revision refers to this bug: https://chrome-internal.googlesource.com/chromeos/autotest-private/+/d5fff1aa38c0316763c09bd2d1a67209cf229ea4 commit d5fff1aa38c0316763c09bd2d1a67209cf229ea4 Author: Lutz Justen <ljusten@chromium.org> Date: Fri Sep 15 03:14:08 2017
,
Sep 15 2017
The following revision refers to this bug: https://chrome-internal.googlesource.com/chromeos/overlays/chromeos-overlay/+/2863e8ef708bb0ef142e220410fa5a1f3a8df558 commit 2863e8ef708bb0ef142e220410fa5a1f3a8df558 Author: Lutz Justen <ljusten@chromium.org> Date: Fri Sep 15 03:14:08 2017
,
Jan 17 2018
Fixed ?
,
Jan 18 2018
Yes, the tests should provide a good coverage now.
,
Apr 27 2018
|
|||
►
Sign in to add a comment |
|||
Comment 1 by ljusten@chromium.org
, Jun 29 2017