diff --git a/tests/profiles/lsof/task.yaml b/tests/profiles/lsof/task.yaml index fc030f3e3..317b4f290 100644 --- a/tests/profiles/lsof/task.yaml +++ b/tests/profiles/lsof/task.yaml @@ -1,49 +1,41 @@ -summary: stress test for the lsof profile -execute: | - ### Trivial test cases - #lsof /usr/bin/bash | MATCH '/usr/bin/bash' #initial basic test - # lsof >/dev/null 2>&1 - # test $? -eq 0$ +summary: stress test for the lsof profile +execute: | + ########### + ## SETUP ## + ########### + # Create character device (check it doesn't exist!!) + [ -e /dev/mem ] || sudo mknod /dev/mem c 1 1 # major 1-> memory device; #minor 1-> DMA + # make sure we can run lsof -d mem later + sudo chmod 660 /dev/mem - #if debugging necessary, run spread with '-vv' and '-debugging' and uncomment below - #lsof | tee /var/tmp/lsof_no_denials.txt + # Create loopback test device (check it doesn't exist either!) + [ -e /dev/loop10 ] || sudo mknod /dev/loop10 b 7 10 # major 1 -> loopback device; #minor10 -> instance 10 of device driver; shouldn't be in use. + dd if=/dev/zero of=/tmp/test.img bs=1M count=10 # Fill /tmp/test.img with 10MB of 0's + sudo losetup /dev/loop10 /tmp/test.img # mount /tmp/test.img on /dev/loop10 so it looks like a block device - # Create block and character devices only if they don't exist - ########### - ## SETUP ## - ########### - # Create character device (check it doesn't exist!!) - [ -e /dev/mem ] || sudo mknod /dev/mem c 1 1 #major 1-> memory device; #minor 1-> DMA - # make sure we can run lsof -d mem later - sudo chmod 660 /dev/mem - - # Create loopback test device (chck it doesn't exist either!) - [ -e /dev/loop10 ] || sudo mknod /dev/loop10 b 7 10 # major 1 -> loopback device; #minor10 -> instance 10 of device driver; shouldn't be in use. - dd if=/dev/zero of=/tmp/test.img bs=1M count=10 # Fill /tmp/test.img with 10MB of 0's - sudo losetup /dev/loop10 /tmp/test.img #mount /tmp/test.img on /dev/loop10 so it looks like a block device - - # Create character test device (check again!) - [ -e /dev/char-test ] || sudo mknod /dev/char-test c 99 1 #this major shouldn't be defined, should be a useless device just for extra testing + # Create character test device (check again!) + [ -e /dev/char-test ] || sudo mknod /dev/char-test c 99 1 # this major shouldn't be defined, should be a useless device just for extra testing - ########### - ## TESTS ## - ########### + ########### + ## TESTS ## + ########### - # List all open files attached to /, recursively - #sudo lsof +D / - # these 2 could be combined in one (-i -U) to list all UNIX sockets and network files$$$$ - sudo lsof -i - sudo lsof -U + # List all open files attached to /, recursively + # sudo lsof +D / + # these 2 could be combined in one (-i -U) to list all UNIX sockets and network files + sudo lsof -i + sudo lsof -U # these 5 could be combined ( -d mem,mmap,txt,CHR,BLK) for mapped, memory-mapped, binaries, character & block devices) - sudo lsof -d mem - sudo lsof -d mmap - sudo lsof -d txt - sudo lsof -d CHR - sudo lsof -d BLK + sudo lsof -d mem + sudo lsof -d mmap + sudo lsof -d txt + sudo lsof -d CHR + sudo lsof -d BLK - # ########################################################################## + ############################# # Test Deleted but Open Files + ############################# # Create a test file and open it in the background echo "test data" > /tmp/deleted-file sleep 1 @@ -60,8 +52,9 @@ execute: | kill $TAIL_PID - # ####################################################### + ############################## # Start a temporary web server + ############################## python3 -m http.server 8080 & PYTHON_PID=$! sleep 2 @@ -71,26 +64,23 @@ execute: | # Cleanup kill $PYTHON_PID - # ######################################################## - # Test Named Pipe + #################### + # Test Named Pipe + #################### # Open a named pipe mkfifo /tmp/testpipe - cat /tmp/testpipe & # Open for reading in the background - CAT_PID=$! - sleep 2 - echo "test" > /tmp/testpipe #so that grep doesn't hang - sleep 1 + # open the pipe for r/w so that it remains open + exec 3<> /tmp/testpipe # Check lsof dislays open pipe sudo lsof +E | tee /tmp/lsof.log | grep /tmp/testpipe || grep FIFO /tmp/lsof.log # Cleanup - #kill $CAT_PID 2>/dev/null #in case cat terminates as soon as it outputs the redirected input from echoi + exec 3<&- # Close fd 3 rm /tmp/testpipe - # - # - # cat /tmp/script_debug.log - # ########################### - #Open network sockets + + ##################### + # Open network sockets + ##################### # Start a temporary web server python3 -m http.server 8080 & sleep 1 @@ -103,7 +93,7 @@ execute: | kill $PYTHON_PID # ################################### - #Process deletes its own binary + # Process deletes its own binary echo -e '#!/bin/bash\nrm -- "$0"\nsleep 60' > /tmp/self-delete.sh chmod +x /tmp/self-delete.sh @@ -119,30 +109,31 @@ execute: | kill $SCRIPT_PID 2>/dev/null - # ################################### - # #Zombie process - # ## Create a process that turns into a zombie + ################# + # Zombie process + ################# + # Create a process that turns into a zombie bash -c 'sleep 10 & wait $!' & PARENT_PID=$! - # # Wait a moment and check for zombies + # Wait a moment and check for zombies sleep 2 ps -ef | grep defunct sudo lsof -p $PARENT_PID - # # Cleanup + # Cleanup kill $PARENT_PID 2>/dev/null - - # ######################################### - # #Encrypted loopback device + ########################### + # Encrypted loopback device + ########################### # Create an encrypted loopback device dd if=/dev/zero of=/tmp/encrypted.img bs=1M count=30 sudo losetup /dev/loop20 /tmp/encrypted.img echo "securest passphrase" | sudo cryptsetup luksFormat /dev/loop20 --key-file=- echo "securest passphrase" | sudo cryptsetup luksOpen /dev/loop20 encdev --key-file=- - # # Mount it and check open files + # Mount it and check open files sudo mkfs.ext4 /dev/mapper/encdev mkdir -p /mnt/encrypted sudo mount /dev/mapper/encdev /mnt/encrypted @@ -154,55 +145,57 @@ execute: | sudo lsof /mnt/encrypted exec 3<&- # Close file descriptor after lsof - # # Cleanup + # Cleanup sudo umount /mnt/encrypted sudo cryptsetup luksClose encdev sudo losetup -d /dev/loop20 rm /tmp/encrypted.img - # ############################################# + ######## #Try SMB + ######## #Install SMB and Mount SMB share sudo apt update && sudo apt install -y samba sleep 1 sudo mkdir -p /srv/samba/share sudo chmod 777 /srv/samba/share # Allow all users to access (for testing) + # Inline the 'testshare' entry to the samba config file printf "\n[testshare]\npath = /srv/samba/share\nbrowseable = yes\nread only = no\nguest ok = yes\nforce user = nobody\n" | sudo tee -a /etc/samba/smb.conf sleep 1 sudo systemctl restart smbd nmbd - - sudo ss -tulnp | grep smbd - + + # sudo ss -tulnp | grep smbd # uncomment if need to troubleshoot SMB. + sudo modprobe cifs - - - #testparm - + + sleep 1 sudo mkdir -p /mnt/smb sudo mount -t cifs //127.0.0.1/testshare /mnt/smb -o guest - # Try open file from mounted sharew + # Try open file from mounted share echo "test content" | sudo tee /srv/samba/share/testfile.txt - sudo sync #sync samba or no content is cat'd - cat /mnt/smb/testfile.txt & - CAT_PID=$! + sudo sync # sync samba to update testfile.txt + # Open shared file for reading ans assign fd 3. Opoen for r/w can be tricky in smb, this does the trick. + exec 3