try:
command = os.readlink("/proc/%d/exe" % int(args[1]))
+ # NOTE(dprince): /proc/PID/exe may have ' (deleted)' on
+ # the end if an executable is updated or deleted
+ if command.endswith(" (deleted)"):
+ command = command[:command.rindex(" ")]
if command != self.args[0]:
# Affected executable doesn't match
return False
import os
import subprocess
+import mock
import unittest2 as unittest
from quantum.common import utils
filters.CommandFilter("/nonexistant/cat", "root"),
filters.CommandFilter("/bin/cat", "root")] # Keep this one last
+ def tearDown(self):
+ super(RootwrapTestCase, self).tearDown()
+
def test_RegExpFilter_match(self):
usercmd = ["ls", "/root"]
filtermatch = wrapper.match_filter(self.filters, usercmd)
usercmd = ['kill', 'notapid']
self.assertFalse(f.match(usercmd))
+ def test_KillFilter_deleted_exe(self):
+ """Makes sure deleted exe's are killed correctly"""
+ # See bug #1073768.
+ with mock.patch('os.readlink') as mock_readlink:
+ mock_readlink.return_value = '/bin/commandddddd (deleted)'
+ f = filters.KillFilter("root", "/bin/commandddddd")
+ usercmd = ['kill', 1234]
+ self.assertTrue(f.match(usercmd))
+ mock_readlink.assert_called_once_with("/proc/1234/exe")
+
def test_ReadFileFilter(self):
goodfn = '/good/file.name'
f = filters.ReadFileFilter(goodfn)
Code Review / openstack-build / neutron-build.git / commitdiff