Update KillFilter to handle 'deleted' exe's.
Updates KillFilter so that it handles the case where the executable linked to by /proc/PID/exe is updated or deleted. Includes new test case with coverage for this fix as well. Fixes LP Bug #1073768 Change-Id: If568693e0b491f8806ff0156701766929ca0b3e0
This commit is contained in:
parent
2917884dd5
commit
342de823b2
@ -158,6 +158,10 @@ class KillFilter(CommandFilter):
|
||||
|
||||
try:
|
||||
command = os.readlink("/proc/%d/exe" % int(args[1]))
|
||||
# NOTE(dprince): /proc/PID/exe may have ' (deleted)' on
|
||||
# the end if an executable is updated or deleted
|
||||
if command.endswith(" (deleted)"):
|
||||
command = command[:command.rindex(" ")]
|
||||
if command != self.args[0]:
|
||||
# Affected executable doesn't match
|
||||
return False
|
||||
|
@ -17,6 +17,7 @@
|
||||
import os
|
||||
import subprocess
|
||||
|
||||
import mock
|
||||
import unittest2 as unittest
|
||||
|
||||
from quantum.common import utils
|
||||
@ -35,6 +36,9 @@ class RootwrapTestCase(unittest.TestCase):
|
||||
filters.CommandFilter("/nonexistant/cat", "root"),
|
||||
filters.CommandFilter("/bin/cat", "root")] # Keep this one last
|
||||
|
||||
def tearDown(self):
|
||||
super(RootwrapTestCase, self).tearDown()
|
||||
|
||||
def test_RegExpFilter_match(self):
|
||||
usercmd = ["ls", "/root"]
|
||||
filtermatch = wrapper.match_filter(self.filters, usercmd)
|
||||
@ -112,6 +116,16 @@ class RootwrapTestCase(unittest.TestCase):
|
||||
usercmd = ['kill', 'notapid']
|
||||
self.assertFalse(f.match(usercmd))
|
||||
|
||||
def test_KillFilter_deleted_exe(self):
|
||||
"""Makes sure deleted exe's are killed correctly"""
|
||||
# See bug #1073768.
|
||||
with mock.patch('os.readlink') as mock_readlink:
|
||||
mock_readlink.return_value = '/bin/commandddddd (deleted)'
|
||||
f = filters.KillFilter("root", "/bin/commandddddd")
|
||||
usercmd = ['kill', 1234]
|
||||
self.assertTrue(f.match(usercmd))
|
||||
mock_readlink.assert_called_once_with("/proc/1234/exe")
|
||||
|
||||
def test_ReadFileFilter(self):
|
||||
goodfn = '/good/file.name'
|
||||
f = filters.ReadFileFilter(goodfn)
|
||||
|
Loading…
Reference in New Issue
Block a user