Imported Upstream version 20080930

[ltp-debian.git] / testcases / audit-test / syscalls / dac-run.conf

#!/bin/bash
# =============================================================================
# (c) Copyright Hewlett-Packard Development Company, L.P., 2007
#
#   This program is free software: you can redistribute it and/or modify
#   it under the terms of version 2 the GNU General Public License as
#   published by the Free Software Foundation.
#   
#   This program is distributed in the hope that it will be useful,
#   but WITHOUT ANY WARRANTY; without even the implied warranty of
#   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#   GNU General Public License for more details.
#   
#   You should have received a copy of the GNU General Public License
#   along with this program.  If not, see <http://www.gnu.org/licenses/>.
# =============================================================================

## Unless specified, the expected error for test failures is EACCES.

##
## FS syscalls
##

## SYSCALL:     access()
## PURPOSE:
## Verify audit of attempts to check permissions for a file.  The testcases
## below try to check permissions for a file which may or may not be accessible
## to the test process.  The test procedure is as follows:
## 1.  Create a new file and make it only accessible to the file owner.
## 2a. If expres=success, execute the test process as the file owner and
##     attempt to check permissions; verify the result
## 2b. If expres=fail, execute the test process as another user and
##     attempt to check permissions; verify the result
## 3.  Check the audit log for the correct syscall result
+ access perm=file_read expres=success dacugo=user user=super
+ access perm=file_read expres=fail dacugo=user user=test 

## SYSCALL:     chdir()
## PURPOSE:
## Verify audit of attempts to change working directory.  The test cases
## below try to change the current working directory to a directory that may or
## may not be accessible to the test process.  The test procedure is as follows:
## 1.  Create a new directory.
## 2a. If expres=success, execute the test process as the directory owner and
##     attempt to change the working directory to the new directory;
##     verify the result
## 2b. If expres=fail, execute the test process as another user and
##     attempt to change the working directory to the new directory;
##     verify the result
## 3.  Check the audit log for the correct syscall result
+ chdir perm=dir_exec expres=success dacugo=user user=super
+ chdir perm=dir_exec expres=fail dacugo=user user=test 

## SYSCALL:     creat()
## PURPOSE:
## Verify audit of attempts to create new files in the filesystem.  The
## testcases below try to create a new file in a directory which may or may not
## be accessible to the test process.  The test procedure is as follows:
## 1.  Create a new directory and make it only accessible to the directory owner.
## 2a. If expres=success, execute the test process as the directory owner and
##     attempt to create a new file in the directory, verify the result
## 2b. If expres=fail, execute the test process as another user and
##     attempt to create a new file in the directory, verify the result
## 3.  Check the audit log for the correct syscall result
+ creat perm=dir_add_name expres=success dacugo=user user=super
+ creat perm=dir_add_name expres=fail dacugo=user user=test 

## SYSCALL:     execve()
## PURPOSE:
## Verify audit of attempts to execute program.  The test cases below try to
## execute a file for which the user may or may not have appropriate
## permissions. The test procedure is as follows:
## 1.  Create a file which is only executable by the file owner.
## 2a. If expres=success, execute the test process as the file owner and
##     attempt to execute the test file, verify the result
## 2b. If expres=fail, execute the test process as another user and attempt to
##     execute the test file, verify the result
##  3. Check the audit log for the correct syscall result
+ execve perm=file_exec expres=success dacugo=user user=super
+ execve perm=file_exec expres=fail dacugo=user user=test 

## SYSCALL:     link()
## PURPOSE:
## Verify audit of attempts to create hard links in the filesystem. The test
## cases below try to create a new hard link in a directory for which the user
## may or may not have appropriate permissions. The test procedure is as
## follows:
## 1.  Create a new source file which is accessible to all users.
## 2.  Create a new destination directory for the hard link which is only
##     accessible to the directory owner.
## 3a. If expres=success, execute the test process as the directory owner and
##     attempt to create a hard link, verify the result
## 3b. If expres=fail, execute the test process as another user and
##     attempt to create a hard link, verify the result
## 4.  Check the audit log for the correct syscall result
+ link perm=dir_add_name which=new expres=success dacugo=user user=super
+ link perm=dir_add_name which=new expres=fail dacugo=user user=test 

## SYSCALL:     linkat()
## PURPOSE:
## Verify audit of attempts to create hard links relative to a directory file
## descriptor. See above for more details.
+ linkat perm=dir_add_name at=1 which=new expres=success dacugo=user user=super
+ linkat perm=dir_add_name at=1 which=new expres=fail dacugo=user user=test 

## SYSCALL:     mkdir()
## PURPOSE:
## Verify audit of attempts to create new directories in the filesystem. The
## test cases below try to create a new sub-directory in a directory for which
## the user may or may not have appropriate permissions.  The test procedure is
## as follows:
## 1.  Create a new destination directory for the sub-directory which is only
##     accessible to the directory owner.
## 2a. If expres=success, execute the test process as the directory owner and
##     attempt to create a directory, verify the result
## 2b. If expres=fail, execute the test process as another user and
##     attempt to create a directory, verify the result
## 3.  Check the audit log for the correct syscall result
+ mkdir perm=dir_add_name expres=success dacugo=user user=super
+ mkdir perm=dir_add_name expres=fail dacugo=user user=test 

## SYSCALL:     mkdirat()
## PURPOSE:
## Verify audit of attempts to create new directories relative to a directory
## file descriptor. See above for more details.
+ mkdirat perm=dir_add_name at=1 expres=success dacugo=user user=super
+ mkdirat perm=dir_add_name at=1 expres=fail dacugo=user user=test 

## SYSCALL:     mknod()
## PURPOSE:
## Verify audit of attempts to create new nodes in the filesystem. The
## test cases below try to create a new node in a directory for which the user
## may or may not have appropriate permissions. The test procedure is as
## follows:
## 1.  Create a new destination directory for the node which is only
##     accessible to the directory owner.
## 2a. If expres=success, execute the test process as the directory owner and
##     attempt to create a node, verify the result
## 2b. If expres=fail, execute the test process as another user and
##     attempt to create a node, verify the result
## 3.  Check the audit log for the correct syscall result
+ mknod perm=dir_add_name expres=success dacugo=user user=super
+ mknod perm=dir_add_name expres=fail dacugo=user user=test 

## SYSCALL:     mknodat()
## PURPOSE:
## Verify audit of attempts to create new nodes relative to a directory
## file descriptor. See above for more details. 
+ mknodat perm=dir_add_name at=1 expres=success dacugo=user user=super
+ mknodat perm=dir_add_name at=1 expres=fail dacugo=user user=test 

## SYSCALL:     open()
## PURPOSE:
## Verify audit of attempts to open or create new files in the filesystem.
## There are three types of testcases in this set of tests.  The first, using the
## 'perm=dir_add_name' variable, tries to create a new file in a directory which
## may or may not be accessible to the test process executing the open()
## syscall.  The second, using the 'perm=file_read' variable, tries to open a
## file for reading for which the test process may or may not have read
## permission.  The third, using the 'perm=file_write' variable, tries to open a
## file for writing for which the test process may or may not have write
## permission.  The test procedure is as follows:
## 1a. If perm=dir_add_name, create a new directory and make it only
##     accessible to the directory owner.
## 1b. If perm=file_read, create a file which is only read-accessible to the
##     file owner.
## 1c. If perm=file_write, create a file which is only write-accessible to the
##     file owner.
## 2a. If expres=success, execute the test process as the directory or file
##     owner and attempt the open() syscall using the value of flag to
##     determine whether to create a new file or open an existing file for read
##     or write; verify the result.
## 2b. If expres=fail, execute the test process as another user and
##     attempt the open() syscall using the value of flag to determine whether
##     to create a new file or open an existing file for read or write; verify
##     the result.
## 3.  Check the audit log for the correct syscall result
+ open perm=dir_add_name flag=create expres=success dacugo=user user=super
+ open perm=dir_add_name flag=create expres=fail dacugo=user user=test 
+ open perm=file_read flag=read expres=success dacugo=user user=super
+ open perm=file_read flag=read expres=fail dacugo=user user=test 
+ open perm=file_write flag=write expres=success dacugo=user user=super
+ open perm=file_write flag=write expres=fail dacugo=user user=test 

## SYSCALL:     openat()
## PURPOSE:
## Verify audit of attempts to open or create new files relative to a directory
## file descriptor. See above for more details.
+ openat perm=dir_add_name at=1 flag=create expres=success dacugo=user user=super
+ openat perm=dir_add_name at=1 flag=create expres=fail dacugo=user user=test 
+ openat perm=file_read at=1 flag=read expres=success dacugo=user user=super
+ openat perm=file_read at=1 flag=read expres=fail dacugo=user user=test 
+ openat perm=file_write at=1 flag=write expres=success dacugo=user user=super
+ openat perm=file_write at=1 flag=write expres=fail dacugo=user user=test 

## SYSCALL:     readlink()
## PURPOSE:
## Verify audit of attempts to read symbolic links in the filesystem.  The test
## cases below try to read a symbolic link for which the user may or may not
## have appropriate permissions.  The test procedure is as follows:
## 1.  Create a new test file which is accessible to all users.
## 2.  Create a new symbolic link to the test file which is only accessible
##     to the symlink owner.
## 3a. If expres=success, execute the test process as the symlink owner and
##     attempt to read the symlink, verify the result
## 3b. If expres=fail, execute the test process as another user and
##     attempt to read the symlink, verify the result
## 4.  Check the audit log for the correct syscall result
+ readlink perm=symlink_read expres=success dacugo=user user=super
+ readlink perm=symlink_read expres=fail dacugo=user user=test 

## SYSCALL:     readlinkat()
## PURPOSE:
## Verify audit of attempts to read symbolic links relative to a directory
## file descriptor. See above for more details.
+ readlinkat perm=symlink_read at=1 expres=success dacugo=user user=super
+ readlinkat perm=symlink_read at=1 expres=fail dacugo=user user=test 

## SYSCALL:     rename()
## PURPOSE:
## Verify audit of attempts to change the name or location of a file in the
## filesystem.  There are three types of testcases in this set of tests.  The
## first, using the 'perm=dir_remove_name,which=old' variables, creates the
## original file in a parent directory which may or may not be accessible to the
## test process and tries to move this file into a new directory.  The second
## test, using the 'perm=dir_add_name' variable, creates a new parent directory
## which may or may not be accessible to the test process and tries to move the
## original file into this new directory.  The third test, using the
## 'perm=dir_remove_name,which=new' variables, creates a parent directory which
## may or may not be accessible to the test process and tries to rename a file
## to the name of an existing file in that directory.  The test procedure is as
## follows:
##  1.  Create a new parent directory for the original object. If
##      perm=dir_remove_name,which=old then make it only accessible to the
##      directory owner.
##  2.  Create the original object.
##  3.  Create a new parent directory for the new location. If perm=dir_add_name
##      or perm=dir_remove_name,which=new then make it only accessible to the
##      directory owner.
##  4.  If perm=dir_remove_name,which=new then create a file at the new location.
##  5a. If expres=success, execute the test process as the directory owner and
##      attempt the rename() syscall, verify the result
##  5b. If expres=fail, execute the test process as another user and attempt the
##      rename() syscall, verify the result
##  6.  Check the audit log for the correct syscall result
+ rename perm=dir_remove_name entry=file which=old expres=success dacugo=user \
  user=super tag=rename__dac_dir_remove_name_old_success_owner
+ rename perm=dir_remove_name entry=file which=old expres=fail dacugo=user \
  user=test tag=rename__dac_dir_remove_name_old_fail_owner
+ rename perm=dir_add_name which=new expres=success dacugo=user user=super
+ rename perm=dir_add_name which=new expres=fail dacugo=user user=test 
+ rename perm=dir_remove_name entry=file which=new expres=success dacugo=user \
  user=super tag=rename__dac_dir_remove_name_new_success_owner
+ rename perm=dir_remove_name entry=file which=new expres=fail dacugo=user \
  user=test tag=rename__dac_dir_remove_name_new_fail_owner

## SYSCALL:     renameat()
## PURPOSE:
## Verify audit of attempts to change the name or location of a file relative to
## a directory file descriptor. See above for more details.
+ renameat perm=dir_remove_name at=1 entry=file which=old expres=success \
  dacugo=user user=super tag=renameat__dac_dir_remove_name_old_success_owner
+ renameat perm=dir_remove_name at=1 entry=file which=old expres=fail \
  dacugo=user user=test tag=renameat__dac_dir_remove_name_old_fail_owner
+ renameat perm=dir_add_name at=1 which=new expres=success dacugo=user user=super
+ renameat perm=dir_add_name at=1 which=new expres=fail dacugo=user user=test 
+ renameat perm=dir_remove_name at=1 entry=file which=new expres=success \
  dacugo=user user=super tag=renameat__dac_dir_remove_name_new_success_owner
+ renameat perm=dir_remove_name at=1 entry=file which=new expres=fail \
  dacugo=user user=test tag=renameat__dac_dir_remove_name_new_fail_owner

## SYSCALL:     rmdir()
## PURPOSE:
## Verify audit of attempts to an remove empty directory from the filesystem.
## The testcases below try to remove a sub-directory from a directory which may
## or may not be accessible to the test process.  The test procedure is as
## follows:
## 1.  Create a new parent directory which is only accessible to the directory
##     owner.
## 2.  Create a new sub-directory in the parent directory.
## 3a. If expres=success, execute the test process as the directory owner and
##     attempt to remove the sub-directory, verify the result
## 3b. If expres=fail, execute the test process as another user and
##     attempt to remove the sub-directory, verify the result
## 4.  Check the audit log for the correct syscall result
+ rmdir perm=dir_remove_name entry=dir expres=success dacugo=user user=super
+ rmdir perm=dir_remove_name entry=dir expres=fail dacugo=user user=test 

## SYSCALL:     symlink()
## PURPOSE:
## Verify audit of attempts to create a symbolic link in the filesystem.  The
## testcases below try to create a new symbolic link in a directory for which
## the user may or may not have appropriate permissions.  The test procedure is
## as follows:
## 1.  Create a new destination directory for the symlink which is only
##     accessible to the directory owner.
## 2a. If expres=success, execute the test process as the directory owner and
##     attempt to create a symlink, verify the result
## 2b. If expres=fail, execute the test process as another user and
##     attempt to create a symlink, verify the result
## 3.  Check the audit log for the correct syscall result
+ symlink perm=dir_add_name which=new expres=success dacugo=user user=super
+ symlink perm=dir_add_name which=new expres=fail dacugo=user user=test 

## SYSCALL:     symlinkat()
## PURPOSE:
## Verify audit of attempts to create a symbolic link relative to a directory
## file descriptor. See above for more details.
+ symlinkat perm=dir_add_name at=1 which=new expres=success dacugo=user user=super
+ symlinkat perm=dir_add_name at=1 which=new expres=fail dacugo=user user=test 

## SYSCALL:     truncate(), truncate64()
## PURPOSE:
## Verify audit of attempts to truncate a file to a specified length.  The test
## cases below try to truncate a file which may or may not be writeable by the
## test process executing the truncate() syscall.  The test procedure is as
## follows:
## 1.  Create a file which is only write-accessible to the file owner.
## 2a. If expres=success, execute the test process as the file owner and
##     attempt to truncate the file, verify the result
## 2b. If expres=fail, execute the test process as another user and
##     attempt to truncate the file, verify the result
## 3.  Check the audit log for the correct syscall result
+ truncate perm=file_write expres=success dacugo=user user=super
+ truncate perm=file_write expres=fail dacugo=user user=test 
if [[ $MODE == 32 ]]; then
+ truncate64 perm=file_write expres=success dacugo=user user=super
+ truncate64 perm=file_write expres=fail dacugo=user user=test 
fi

## SYSCALL:     unlink()
## PURPOSE:
## Verify audit of attempts to remove a file in the filesystem.  The testcases
## below try to remove a file from a directory for which the user may or may not
## have appropriate permissions.  The test procedure is as follows:
## 1.  Create a new parent directory which is only accessible to the directory
##     owner.
## 2.  Create a new file in the parent directory.
## 3a. If expres=success, execute the test process as the directory owner and
##     attempt to remove the file, verify the result
## 3b. If expres=fail, execute the test process as another user and
##     attempt to remove the file, verify the result
## 4.  Check the audit log for the correct syscall result
+ unlink perm=dir_remove_name entry=file expres=success dacugo=user user=super
+ unlink perm=dir_remove_name entry=file expres=fail dacugo=user user=test 

## SYSCALL:     unlinkat()
## PURPOSE:
## Verify audit of attempts to remove a file relative to a directory file
## descriptor. See above for more details.
+ unlinkat perm=dir_remove_name at=1 entry=file expres=success dacugo=user user=super
+ unlinkat perm=dir_remove_name at=1 entry=file expres=fail dacugo=user user=test 

## SYSCALL:     uselib()
## PURPOSE:
## Verify audit of attempts to load shared library.  The testcases below try to
## load a library for which the user may or may not have appropriate
## permissions.
## NOTE:
## The kernel only accepts obsolete formats, so the true success case is
## difficult to reproduce. Permission checks happen before the format checks, so
## verifying ENOEXEC is sufficient to demonstrate DAC/MAC success.
## The test procedure is as follows:
## 1.  Create a dummy shared library which is only accessible to the library
##     owner.
## 2a. If expres=success, execute the test process as the directory owner and
##     attempt to load the library, verify the result
## 2b. If expres=fail, execute the test process as another user and
##     attempt to load the library, verify the result
##  3. Check the audit log for the correct syscall result
if [[ $HOSTTYPE != x86_64 ]]; then
+ uselib perm=file_exec expres=fail dacugo=user user=root err=ENOEXEC \
  tag=uselib__dac_file_exec_success_user
+ uselib perm=file_exec expres=fail dacugo=user user=test 
fi

## SYSCALL:     utime(), utimes()
## PURPOSE:
## Verify audit of attempts to change access and/or modification times of an
## inode.  The testcases below try to change the timestamps to the current time
## for a file which may or may not be write accessible to the test process.
## The test procedure is as follows:
## 1.  Create a new file which is only write accessible to the file owner.
## 2a. If expres=success, execute the test process as the file owner and
##     attempt to change the file's timestamps; verify the result
## 2b. If expres=fail, execute the test process as another user and
##     attempt to change the file's timestamps; verify the result
## 3.  Check the audit log for the correct syscall result
if [[ $HOSTTYPE != ia64 ]]; then
+ utime perm=file_write expres=success dacugo=user user=super
+ utime perm=file_write expres=fail dacugo=user user=test 
fi
+ utimes perm=file_write expres=success dacugo=user user=super
+ utimes perm=file_write expres=fail dacugo=user user=test 

##
## IPC syscalls
##

## Note: When testing the ipc() syscall, the 'op' variable determines the tested
## syscall operation.

## SYSCALL:     msgget(), ipc()
## PURPOSE:
## Verify audit of attempts to get a message queue identifier.  There are two
## types of testcases in this set of tests. The first, using the
## 'perm=msg_key_read' variable, tries to open a message queue for reading which
## may or may not be read-accessible to the test process.  The second, using the
## 'perm=msg_key_write' variable, tries to open a message queue for writing
## which may or may not be write-accessible to the test process.  The test
## procedure is as follows:
## 1a. If perm=msg_key_read, create a message queue which is only
##     read-accessible to the message queue owner.
## 1b. If perm=msg_key_write, create a message queue which is only
##     write-accessible to the message queue owner.
## 2a. If expres=success, execute the test process as the message queue
##     owner and attempt the syscall using the value of flag to determine
##     whether to open the message queue for read or write; verify the result.
## 2b. If expres=fail, execute the test process as another user and attempt the
##     syscall using the value of flag to determine whether to open the message
##     queue for read or write; verify the result.
## 3.  Check the audit log for the correct syscall result
if [[ $MODE == 64 ]]; then
+ msgget perm=msg_key_read expres=success dacugo=user user=super
+ msgget perm=msg_key_read expres=fail dacugo=user user=test 
+ msgget perm=msg_key_write expres=success dacugo=user user=super
+ msgget perm=msg_key_write expres=fail dacugo=user user=test 
fi
if [[ $MODE == 32 ]]; then
+ ipc op=msgget perm=msg_key_read expres=success dacugo=user user=super
+ ipc op=msgget perm=msg_key_read expres=fail dacugo=user user=test 
+ ipc op=msgget perm=msg_key_write expres=success dacugo=user user=super
+ ipc op=msgget perm=msg_key_write expres=fail dacugo=user user=test 
fi

## SYSCALL:     msgrcv(), ipc()
## PURPOSE:
## Verify audit of attempts to receive messages from a message queue.  The test
## cases below try to receive a message from a message queue which may or may
## not be accessible to the test process.  The test procedure is as follows:
## 1.  Create a message queue which is only read-accessible to the message queue
##     owner.
## 2a. If expres=success, execute the test process as the message queue
##     owner and attempt to receive a message, verify the result
## 2b. If expres=fail, execute the test process as another user and attempt to
##     receive a message, verify the result
## 3.  Check the audit log for the correct syscall result
if [[ $MODE == 64 ]]; then
+ msgrcv perm=msg_id_recv expres=success dacugo=user user=super
+ msgrcv perm=msg_id_recv expres=fail dacugo=user user=test 
fi
if [[ $MODE == 32 ]]; then
+ ipc op=msgrcv perm=msg_id_recv expres=success dacugo=user user=super
+ ipc op=msgrcv perm=msg_id_recv expres=fail dacugo=user user=test 
fi

## SYSCALL:     msgsnd(), ipc()
## PURPOSE:
## Verify audit of attempts to send messages to a message queue.  The test
## cases below try to send a message to a message queue which may or may
## not be accessible to the test process.  The test procedure is as follows:
## 1.  Create a message queue which is only write-accessible to the message
##     queue owner.
## 2a. If expres=success, execute the test process as the message queue
##     owner and attempt to send a message, verify the result
## 2b. If expres=fail, execute the test process as another user and attempt to
##     send a message, verify the result
## 3.  Check the audit log for the correct syscall result
if [[ $MODE == 64 ]]; then
+ msgsnd perm=msg_id_send msg="this is a test" expres=success dacugo=user \
  user=super testfunc=test_su_msg_send
+ msgsnd perm=msg_id_send msg="this is a test" expres=fail dacugo=user \
  user=test testfunc=test_su_msg_send
fi
if [[ $MODE == 32 ]]; then
+ ipc op=msgsnd perm=msg_id_send msg="this is a test" expres=success dacugo=user \
  user=super testfunc=test_su_msg_send
+ ipc op=msgsnd perm=msg_id_send msg="this is a test" expres=fail dacugo=user \
  user=test testfunc=test_su_msg_send
fi

## SYSCALL:     semget(), ipc()
## PURPOSE:
## Verify audit of attempts to get a semaphore set identifier.  There are two
## types of testcases in this set of tests. The first, using the
## 'perm=sem_key_read' variable, tries to open a semaphore set for read
## operations which may or may not be read-accessible to the test process.  The
## second, using the 'perm=sem_key_write' variable, tries to open a semaphore
## set for write operations which may or may not be write-accessible to the test
## process.  The test procedure is as follows:
## 1a. If perm=sem_key_read, create a semaphore set which is only
##     read-accessible to the semaphore set owner.
## 1b. If perm=sem_key_write, create a semaphore set which is only
##     write-accessible to the semaphore set owner.
## 2a. If expres=success, execute the test process as the semaphore set
##     owner and attempt the syscall using the value of flag to determine
##     whether to open the semaphore set for read or write; verify the result.
## 2b. If expres=fail, execute the test process as another user and attempt the
##     syscall using the value of flag to determine whether to open the
##     semaphore set for read or write; verify the result.
## 3.  Check the audit log for the correct syscall result
if [[ $MODE == 64 ]]; then
+ semget perm=sem_key_read expres=success dacugo=user user=super
+ semget perm=sem_key_read expres=fail dacugo=user user=test 
+ semget perm=sem_key_write expres=success dacugo=user user=super
+ semget perm=sem_key_write expres=fail dacugo=user user=test 
fi
if [[ $MODE == 32 ]]; then
+ ipc op=semget perm=sem_key_read expres=success dacugo=user user=super
+ ipc op=semget perm=sem_key_read expres=fail dacugo=user user=test 
+ ipc op=semget perm=sem_key_write expres=success dacugo=user user=super
+ ipc op=semget perm=sem_key_write expres=fail dacugo=user user=test 
fi

## SYSCALL:     semop(), ipc()
## PURPOSE:
## Verify audit of attempts to perform semaphore operations.  The test
## cases below try to perform a read operation on a semaphore in a set which may
## or may not be accessible to the test process.  The test procedure is as
## follows:
## 1.  Create a semaphore set which is only read-accessible to the semaphore set
##     owner.
## 2a. If expres=success, execute the test process as the semaphore set
##     owner and attempt a read operation, verify the result
## 2b. If expres=fail, execute the test process as another user and attempt a
##     read operation, verify the result
## 3.  Check the audit log for the correct syscall result
if [[ $MODE == 64 ]]; then
+ semop perm=sem_id_read expres=success dacugo=user user=super
+ semop perm=sem_id_read expres=fail dacugo=user user=test 
fi
if [[ $MODE == 32 ]]; then
+ ipc op=semop perm=sem_id_read expres=success dacugo=user user=super
+ ipc op=semop perm=sem_id_read expres=fail dacugo=user user=test 
fi

## SYSCALL:     semtimedop(), ipc()
## PURPOSE:
## Verify audit of attempts to perform semaphore operations.  The test
## cases below try to perform a write operation on a semaphore in a set which
## may or may not be accessible to the test process.  The test procedure is as
## follows:
## 1.  Create a semaphore set which is only write-accessible to the semaphore
##     set owner.
## 2a. If expres=success, execute the test process as the semaphore set
##     owner and attempt a write operation, verify the result
## 2b. If expres=fail, execute the test process as another user and attempt a
##     write operation, verify the result
## 3.  Check the audit log for the correct syscall result
if [[ $MODE == 64 ]]; then
+ semtimedop perm=sem_id_write expres=success dacugo=user user=super
+ semtimedop perm=sem_id_write expres=fail dacugo=user user=test 
fi
if [[ $MODE == 32 ]]; then
+ ipc op=semtimedop perm=sem_id_write expres=success dacugo=user user=super
+ ipc op=semtimedop perm=sem_id_write expres=fail dacugo=user user=test 
fi

## SYSCALL:     shmat(), ipc()
## PURPOSE:
## Verify audit of attempts to perform shared memory operations.  The test
## cases below try to perform shared memory operations on a shared memory
## segment which may or may not be accessible to the test process.  The test
## procedure is as follows:
## 1a. If perm=shm_key_read, create a shared memory segment which is only
##     read-accessible to the shared memory segment owner.
## 1b. If perm=shm_key_write, create a shared memory segment which is only
##     write-accessible to the shared memory segment owner.
## 2a. If expres=success, execute the test process as the shared memory segment
##     owner and attempt the syscall using the value of perm to determine
##     whether to perform a read or write operation; verify the result
## 2b. If expres=fail, execute the test process as another user and attempt the
##     syscall using the value of perm to determine whether to perform a read or
##     write operation; verify the result
## 3.  Check the audit log for the correct syscall result
if [[ $MODE == 64 ]]; then
+ shmat perm=shm_id_read expres=success dacugo=user user=super
+ shmat perm=shm_id_read expres=fail dacugo=user user=test 
+ shmat perm=shm_id_write expres=success dacugo=user user=super
+ shmat perm=shm_id_write expres=fail dacugo=user user=test 
fi
if [[ $MODE == 32 ]]; then
+ ipc op=shmat perm=shm_id_read expres=success dacugo=user user=super \
  augrokfunc=augrok_op_no_exit
+ ipc op=shmat perm=shm_id_read expres=fail dacugo=user user=test 
+ ipc op=shmat perm=shm_id_write expres=success dacugo=user user=super \
  augrokfunc=augrok_op_no_exit
+ ipc op=shmat perm=shm_id_write expres=fail dacugo=user user=test 
fi

## SYSCALL:     shmget(), ipc()
## PURPOSE:
## Verify audit of attempts to get a shared memory id.  There are two types of
## testcases in this set of tests. The first, using the 'perm=shm_key_read'
## variable, tries to open a shared memory segment for read operations which may
## or may not be read-accessible to the test process.  The second, using the
## 'perm=shm_key_write' variable, tries to open a shared memory segment for
## write operations which may or may not be write-accessible to the test
## process.  The test procedure is as follows:
## 1a. If perm=shm_key_read, create a shared memory segment which is only
##     read-accessible to the shared memory segment owner.
## 1b. If perm=shm_key_write, create a shared memory segment which is only
##     write-accessible to the shared memory segment owner.
## 2a. If expres=success, execute the test process as the shared memory segment
##     owner and attempt the syscall using the value of flag to determine
##     whether to request the shared memory segment for read or write; verify
##     the result.
## 2b. If expres=fail, execute the test process as another user and attempt the
##     syscall using the value of flag to determine whether to request the
##     shared memory segment for read or write; verify the result.
## 3.  Check the audit log for the correct syscall result
if [[ $MODE == 64 ]]; then
+ shmget perm=shm_key_read expres=success dacugo=user user=super
+ shmget perm=shm_key_read expres=fail dacugo=user user=test 
+ shmget perm=shm_key_write expres=success dacugo=user user=super
+ shmget perm=shm_key_write expres=fail dacugo=user user=test 
fi
if [[ $MODE == 32 ]]; then
+ ipc op=shmget perm=shm_key_read expres=success dacugo=user user=super
+ ipc op=shmget perm=shm_key_read expres=fail dacugo=user user=test 
+ ipc op=shmget perm=shm_key_write expres=success dacugo=user user=super
+ ipc op=shmget perm=shm_key_write expres=fail dacugo=user user=test 
fi

##
## XATTR syscalls
##

## SYSCALL:     removexattr(), fremovexattr(), lremovexattr()
## PURPOSE:
## Verify audit of attempts to remove an extended attribute.  The testcases
## below try to remove an extended attribute on a file which may or may not be
## accessible to the test process.  The test procedure is as follows:
## 1.  Create a file which is only write-accessible to the file owner.
## 2a. If expres=success, execute the test process as the file owner and
##     attempt to remove an extended attribute, verify the result
## 2b. If expres=fail, execute the test process as another user and
##     attempt to remove an extended attribute, verify the result
## 3.  Check the audit log for the correct syscall result
+ fremovexattr perm=xattr_remove flag=user.mime_type expres=success dacugo=user \
  user=super
+ fremovexattr perm=xattr_remove flag=user.mime_type expres=fail dacugo=user \
  user=test 
+ lremovexattr perm=xattr_remove flag=user.mime_type expres=success dacugo=user \
  user=super
+ lremovexattr perm=xattr_remove flag=user.mime_type expres=fail dacugo=user \
  user=test 
+ removexattr perm=xattr_remove flag=user.mime_type expres=success dacugo=user \
  user=super
+ removexattr perm=xattr_remove flag=user.mime_type expres=fail dacugo=user \
  user=test 

## SYSCALL:     setxattr(), fsetxattr(), lsetxattr()
## PURPOSE:
## Verify audit of attempts to set an extended attribute.  The testcases
## below try to set an extended attribute on a file which may or may not be
## accessible to the test process.  The test procedure is as follows:
## 1.  Create a file which is only write-accessible to the file owner.
## 2a. If expres=success, execute the test process as the file owner and
##     attempt to set an extended attribute, verify the result
## 2b. If expres=fail, execute the test process as another user and
##     attempt to set an extended attribute, verify the result
## 3.  Check the audit log for the correct syscall result
+ fsetxattr perm=xattr_set flag=user.mime_type expres=success dacugo=user \
  user=super testfunc=test_su_setxattr
+ fsetxattr perm=xattr_set flag=user.mime_type expres=fail dacugo=user \
  user=test  testfunc=test_su_setxattr
+ lsetxattr perm=xattr_set flag=user.mime_type expres=success dacugo=user \
  user=super testfunc=test_su_setxattr
+ lsetxattr perm=xattr_set flag=user.mime_type expres=fail dacugo=user \
  user=test  testfunc=test_su_setxattr
+ setxattr perm=xattr_set flag=user.mime_type expres=success dacugo=user \
  user=super testfunc=test_su_setxattr
+ setxattr perm=xattr_set flag=user.mime_type expres=fail dacugo=user \
  user=test testfunc=test_su_setxattr