/var/lib/pcp/testsuite/723 is in pcp-testsuite 4.0.1-1.
This file is owned by root:root, with mode 0o755.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 | #!/bin/sh
# PCP QA Test No. 723
# Exercise Linux kernel proc.psinfo.label metric
#
# Copyright (c) 2013 Red Hat. All Rights Reserved.
#
seq=`basename $0`
echo "QA output created by $seq"
# get standard environment, filters and checks
. ./common.product
. ./common.filter
. ./common.check
pid=$$
test $PCP_PLATFORM = linux || _notrun "Test unsupported on $PCP_PLATFORM"
test -f /proc/$pid/attr/current || _notrun "No kernel support for labels"
# for some kernels, /proc/$pid/attr/current exists, but attempts to
# access the "file" produce an Invalid argument error
#
cat /proc/$$/attr/current >/dev/null 2>&1 || _notrun "Incomplete kernel support for process security labels"
status=1 # failure is the default!
$sudo rm -rf $tmp.* $seq.full
trap "cd $here; rm -rf $tmp.*; exit \$status" 0 1 2 3 15
# real QA test starts here
$sudo rm -f $seq.full
#debug# ls -l /proc/$pid/attr/current
syslabel=`cat /proc/$pid/attr/current | tr '\0' '\n'`
echo "SYS Label for process $pid is: $syslabel" >> $seq.full
pminfo -f proc.psinfo.labels > $tmp.labels
pcplabel=`grep "^ inst \[$pid or " $tmp.labels \
| $PCP_AWK_PROG '{ print $NF }' \
| sed -e 's/^"//' -e 's/"$//'`
echo "PCP Label for process $pid is: $pcplabel" >> $seq.full
echo "Extracted from list:" >> $seq.full
cat $tmp.labels >> $seq.full
if [ "$pcplabel" = "$syslabel" ]
then
echo "Security label for current process checks out"
status=0
else
echo "Mismatch on security labels:"
echo "PCP Label: $pcplabel"
echo "SYS Label: $syslabel"
status=1
fi
exit
|