forked from elastic/beats
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add missing syscalls to i386 seccomp policy (elastic#13008) (elastic#…
…13030) This included fstatat64 which is called by os.Stat() and used in quite a few places around Beats codebase. Fixes elastic#12990 (cherry picked from commit 33d267d)
- Loading branch information
Showing
3 changed files
with
50 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,44 @@ | ||
import platform | ||
import unittest | ||
from base import BaseTest | ||
|
||
|
||
def is_version_below(version, target): | ||
t = map(int, target.split('.')) | ||
v = map(int, version.split('.')) | ||
v += [0] * (len(t) - len(v)) | ||
for i in range(len(t)): | ||
if v[i] != t[i]: | ||
return v[i] < t[i] | ||
return False | ||
|
||
|
||
# Require Linux greater or equal than 3.17 and 386/amd64 platform | ||
def is_seccomp_supported(): | ||
p = platform.platform().split('-') | ||
if p[0] != 'Linux': | ||
return False | ||
if is_version_below(p[1], '3.17'): | ||
return False | ||
return {'i386', 'i686', 'x86_64', 'amd64'}.intersection(p) | ||
|
||
|
||
@unittest.skipUnless(is_seccomp_supported(), "Requires Linux 3.17 or greater and i386/amd64 architecture") | ||
class Test(BaseTest): | ||
""" | ||
Test Beat seccomp policy is loaded | ||
""" | ||
|
||
def setUp(self): | ||
super(BaseTest, self).setUp() | ||
|
||
def test_seccomp_installed(self): | ||
""" | ||
Test seccomp policy is installed | ||
""" | ||
self.render_config_template( | ||
) | ||
proc = self.start_beat(extra_args=["-N"]) | ||
self.wait_until(lambda: self.log_contains("Syscall filter successfully installed")) | ||
|
||
proc.kill_and_wait() |