test-seccomp: add log messages when skipping tests
This commit is contained in:
parent
92f6a1b6bc
commit
cd90ec7544
|
@ -89,10 +89,14 @@ static void test_filter_sets(void) {
|
|||
unsigned i;
|
||||
int r;
|
||||
|
||||
if (!is_seccomp_available())
|
||||
if (!is_seccomp_available()) {
|
||||
log_notice("Seccomp not available, skipping %s", __func__);
|
||||
return;
|
||||
if (geteuid() != 0)
|
||||
}
|
||||
if (geteuid() != 0) {
|
||||
log_notice("Not root, skipping %s", __func__);
|
||||
return;
|
||||
}
|
||||
|
||||
for (i = 0; i < _SYSCALL_FILTER_SET_MAX; i++) {
|
||||
pid_t pid;
|
||||
|
@ -161,10 +165,14 @@ static void test_restrict_namespace(void) {
|
|||
assert_se(namespace_flags_from_string(s, &ul) == 0 && ul == NAMESPACE_FLAGS_ALL);
|
||||
s = mfree(s);
|
||||
|
||||
if (!is_seccomp_available())
|
||||
if (!is_seccomp_available()) {
|
||||
log_notice("Seccomp not available, skipping remaining tests in %s", __func__);
|
||||
return;
|
||||
if (geteuid() != 0)
|
||||
}
|
||||
if (geteuid() != 0) {
|
||||
log_notice("Not root, skipping remaining tests in %s", __func__);
|
||||
return;
|
||||
}
|
||||
|
||||
pid = fork();
|
||||
assert_se(pid >= 0);
|
||||
|
@ -224,13 +232,20 @@ static void test_restrict_namespace(void) {
|
|||
static void test_protect_sysctl(void) {
|
||||
pid_t pid;
|
||||
|
||||
if (!is_seccomp_available())
|
||||
if (!is_seccomp_available()) {
|
||||
log_notice("Seccomp not available, skipping %s", __func__);
|
||||
return;
|
||||
if (geteuid() != 0)
|
||||
}
|
||||
if (geteuid() != 0) {
|
||||
log_notice("Not root, skipping %s", __func__);
|
||||
return;
|
||||
}
|
||||
|
||||
if (detect_container() > 0) /* in containers _sysctl() is likely missing anyway */
|
||||
/* in containers _sysctl() is likely missing anyway */
|
||||
if (detect_container() > 0) {
|
||||
log_notice("Testing in container, skipping %s", __func__);
|
||||
return;
|
||||
}
|
||||
|
||||
pid = fork();
|
||||
assert_se(pid >= 0);
|
||||
|
@ -257,10 +272,14 @@ static void test_protect_sysctl(void) {
|
|||
static void test_restrict_address_families(void) {
|
||||
pid_t pid;
|
||||
|
||||
if (!is_seccomp_available())
|
||||
if (!is_seccomp_available()) {
|
||||
log_notice("Seccomp not available, skipping %s", __func__);
|
||||
return;
|
||||
if (geteuid() != 0)
|
||||
}
|
||||
if (geteuid() != 0) {
|
||||
log_notice("Not root, skipping %s", __func__);
|
||||
return;
|
||||
}
|
||||
|
||||
pid = fork();
|
||||
assert_se(pid >= 0);
|
||||
|
@ -340,13 +359,20 @@ static void test_restrict_address_families(void) {
|
|||
static void test_restrict_realtime(void) {
|
||||
pid_t pid;
|
||||
|
||||
if (!is_seccomp_available())
|
||||
if (!is_seccomp_available()) {
|
||||
log_notice("Seccomp not available, skipping %s", __func__);
|
||||
return;
|
||||
if (geteuid() != 0)
|
||||
}
|
||||
if (geteuid() != 0) {
|
||||
log_notice("Not root, skipping %s", __func__);
|
||||
return;
|
||||
}
|
||||
|
||||
if (detect_container() > 0) /* in containers RT privs are likely missing anyway */
|
||||
/* in containers RT privs are likely missing anyway */
|
||||
if (detect_container() > 0) {
|
||||
log_notice("Testing in container, skipping %s", __func__);
|
||||
return;
|
||||
}
|
||||
|
||||
pid = fork();
|
||||
assert_se(pid >= 0);
|
||||
|
@ -378,10 +404,14 @@ static void test_restrict_realtime(void) {
|
|||
static void test_memory_deny_write_execute_mmap(void) {
|
||||
pid_t pid;
|
||||
|
||||
if (!is_seccomp_available())
|
||||
if (!is_seccomp_available()) {
|
||||
log_notice("Seccomp not available, skipping %s", __func__);
|
||||
return;
|
||||
if (geteuid() != 0)
|
||||
}
|
||||
if (geteuid() != 0) {
|
||||
log_notice("Not root, skipping %s", __func__);
|
||||
return;
|
||||
}
|
||||
|
||||
pid = fork();
|
||||
assert_se(pid >= 0);
|
||||
|
@ -422,10 +452,14 @@ static void test_memory_deny_write_execute_shmat(void) {
|
|||
int shmid;
|
||||
pid_t pid;
|
||||
|
||||
if (!is_seccomp_available())
|
||||
if (!is_seccomp_available()) {
|
||||
log_notice("Seccomp not available, skipping %s", __func__);
|
||||
return;
|
||||
if (geteuid() != 0)
|
||||
}
|
||||
if (geteuid() != 0) {
|
||||
log_notice("Not root, skipping %s", __func__);
|
||||
return;
|
||||
}
|
||||
|
||||
shmid = shmget(IPC_PRIVATE, page_size(), 0);
|
||||
assert_se(shmid >= 0);
|
||||
|
@ -468,10 +502,14 @@ static void test_memory_deny_write_execute_shmat(void) {
|
|||
static void test_restrict_archs(void) {
|
||||
pid_t pid;
|
||||
|
||||
if (!is_seccomp_available())
|
||||
if (!is_seccomp_available()) {
|
||||
log_notice("Seccomp not available, skipping %s", __func__);
|
||||
return;
|
||||
if (geteuid() != 0)
|
||||
}
|
||||
if (geteuid() != 0) {
|
||||
log_notice("Not root, skipping %s", __func__);
|
||||
return;
|
||||
}
|
||||
|
||||
pid = fork();
|
||||
assert_se(pid >= 0);
|
||||
|
@ -502,10 +540,14 @@ static void test_restrict_archs(void) {
|
|||
static void test_load_syscall_filter_set_raw(void) {
|
||||
pid_t pid;
|
||||
|
||||
if (!is_seccomp_available())
|
||||
if (!is_seccomp_available()) {
|
||||
log_notice("Seccomp not available, skipping %s", __func__);
|
||||
return;
|
||||
if (geteuid() != 0)
|
||||
}
|
||||
if (geteuid() != 0) {
|
||||
log_notice("Not root, skipping %s", __func__);
|
||||
return;
|
||||
}
|
||||
|
||||
pid = fork();
|
||||
assert_se(pid >= 0);
|
||||
|
@ -594,10 +636,14 @@ static void test_lock_personality(void) {
|
|||
unsigned long current;
|
||||
pid_t pid;
|
||||
|
||||
if (!is_seccomp_available())
|
||||
if (!is_seccomp_available()) {
|
||||
log_notice("Seccomp not available, skipping %s", __func__);
|
||||
return;
|
||||
if (geteuid() != 0)
|
||||
}
|
||||
if (geteuid() != 0) {
|
||||
log_notice("Not root, skipping %s", __func__);
|
||||
return;
|
||||
}
|
||||
|
||||
assert_se(opinionated_personality(¤t) >= 0);
|
||||
|
||||
|
|
Loading…
Reference in a new issue