Update KillFilter to handle 'deleted' exe's.
Updates KillFilter so that it handles the case where the executable linked to by /proc/PID/exe is updated or deleted. Includes new test case with coverage for this fix as well. Fixes LP Bug #1073768 Change-Id: If568693e0b491f8806ff0156701766929ca0b3e0
This commit is contained in:
parent
2917884dd5
commit
342de823b2
@ -158,6 +158,10 @@ class KillFilter(CommandFilter):
|
|||||||
|
|
||||||
try:
|
try:
|
||||||
command = os.readlink("/proc/%d/exe" % int(args[1]))
|
command = os.readlink("/proc/%d/exe" % int(args[1]))
|
||||||
|
# NOTE(dprince): /proc/PID/exe may have ' (deleted)' on
|
||||||
|
# the end if an executable is updated or deleted
|
||||||
|
if command.endswith(" (deleted)"):
|
||||||
|
command = command[:command.rindex(" ")]
|
||||||
if command != self.args[0]:
|
if command != self.args[0]:
|
||||||
# Affected executable doesn't match
|
# Affected executable doesn't match
|
||||||
return False
|
return False
|
||||||
|
@ -17,6 +17,7 @@
|
|||||||
import os
|
import os
|
||||||
import subprocess
|
import subprocess
|
||||||
|
|
||||||
|
import mock
|
||||||
import unittest2 as unittest
|
import unittest2 as unittest
|
||||||
|
|
||||||
from quantum.common import utils
|
from quantum.common import utils
|
||||||
@ -35,6 +36,9 @@ class RootwrapTestCase(unittest.TestCase):
|
|||||||
filters.CommandFilter("/nonexistant/cat", "root"),
|
filters.CommandFilter("/nonexistant/cat", "root"),
|
||||||
filters.CommandFilter("/bin/cat", "root")] # Keep this one last
|
filters.CommandFilter("/bin/cat", "root")] # Keep this one last
|
||||||
|
|
||||||
|
def tearDown(self):
|
||||||
|
super(RootwrapTestCase, self).tearDown()
|
||||||
|
|
||||||
def test_RegExpFilter_match(self):
|
def test_RegExpFilter_match(self):
|
||||||
usercmd = ["ls", "/root"]
|
usercmd = ["ls", "/root"]
|
||||||
filtermatch = wrapper.match_filter(self.filters, usercmd)
|
filtermatch = wrapper.match_filter(self.filters, usercmd)
|
||||||
@ -112,6 +116,16 @@ class RootwrapTestCase(unittest.TestCase):
|
|||||||
usercmd = ['kill', 'notapid']
|
usercmd = ['kill', 'notapid']
|
||||||
self.assertFalse(f.match(usercmd))
|
self.assertFalse(f.match(usercmd))
|
||||||
|
|
||||||
|
def test_KillFilter_deleted_exe(self):
|
||||||
|
"""Makes sure deleted exe's are killed correctly"""
|
||||||
|
# See bug #1073768.
|
||||||
|
with mock.patch('os.readlink') as mock_readlink:
|
||||||
|
mock_readlink.return_value = '/bin/commandddddd (deleted)'
|
||||||
|
f = filters.KillFilter("root", "/bin/commandddddd")
|
||||||
|
usercmd = ['kill', 1234]
|
||||||
|
self.assertTrue(f.match(usercmd))
|
||||||
|
mock_readlink.assert_called_once_with("/proc/1234/exe")
|
||||||
|
|
||||||
def test_ReadFileFilter(self):
|
def test_ReadFileFilter(self):
|
||||||
goodfn = '/good/file.name'
|
goodfn = '/good/file.name'
|
||||||
f = filters.ReadFileFilter(goodfn)
|
f = filters.ReadFileFilter(goodfn)
|
||||||
|
Loading…
Reference in New Issue
Block a user