Check that syslogd priv process does exec on itself.

author: bluhm <bluhm@openbsd.org> 2016-10-06 13:06:14 +0000
committer: bluhm <bluhm@openbsd.org> 2016-10-06 13:06:14 +0000
commit: 37bde5edfb22924cc9002ce75c02eb456f3bde0b (patch)
tree: 0a6eb18e0abe6f8712ed1237300e0ffd7a0a4ca0
parent: Do an exec on itself in the privileged syslogd(8) parent process (diff)
download: wireguard-openbsd-37bde5edfb22924cc9002ce75c02eb456f3bde0b.tar.xz
wireguard-openbsd-37bde5edfb22924cc9002ce75c02eb456f3bde0b.zip
8 files changed, 17 insertions, 11 deletions
diff --git a/regress/usr.sbin/syslogd/args-privsep.pl b/regress/usr.sbin/syslogd/args-privsep.pl
index d88e2740601..66ade910f65 100644
--- a/regress/usr.sbin/syslogd/args-privsep.pl
+++ b/regress/usr.sbin/syslogd/args-privsep.pl
@@ -4,31 +4,37 @@
 # The server receives the message on its UDP socket.
 # Find the message in client, file, pipe, syslogd, server log.
 # Check fstat for the parent and child process.
-# Check ktrace for setting the correct uid and gid.
+# Check ktrace for setting the correct uid and gid and exec priv.
 
 use strict;
 use warnings;
 
 our %args = (
     syslogd => {
+	up => qr/fork\+exec done/,
 	loggrep => {
 	    qr/ -F / => 0,
 	    qr/ -d / => 1,
+	    qr/\[priv\]: fork\+exec done/ => 1,
 	},
 	fstat => {
 	    qr/^root .* wd / => 1,
 	    qr/^root .* root / => 0,
 	    qr/^root .* kqueue / => 0,
 	    qr/^root .* internet/ => 0,
+	    qr/^root .* 3\* unix stream/ => 1,
+	    qr/^root +syslogd +\d+ +([4-9]|\d\d)/ => 0,
 	    qr/^_syslogd .* wd / => 1,
 	    qr/^_syslogd .* root / => 1,
 	    qr/^_syslogd .* kqueue / => 1,
 	    qr/^_syslogd .* internet/ => 2,
 	},
 	ktrace => {
-	    qr/CALL  setresuid(.*"_syslogd".*){3}/ => 2,
-	    qr/CALL  setresgid(.*"_syslogd".*){3}/ => 2,
-	    qr/CALL  setsid/ => 0,
+	    qr/syslogd  CALL  setresuid(.*"_syslogd".*){3}/ => 2,
+	    qr/syslogd  CALL  setresgid(.*"_syslogd".*){3}/ => 2,
+	    qr/syslogd  CALL  setsid/ => 0,
+	    qr/syslogd  RET   execve 0/ => 2,
+	    qr/\[\d\] = "-P"/ => 1,
 	},
     },
 );
diff --git a/regress/usr.sbin/syslogd/args-sighup-config.pl b/regress/usr.sbin/syslogd/args-sighup-config.pl
index 6f03753063e..597b1b17574 100644
--- a/regress/usr.sbin/syslogd/args-sighup-config.pl
+++ b/regress/usr.sbin/syslogd/args-sighup-config.pl
@@ -20,7 +20,7 @@ our %args = (
     syslogd => {
 	ktrace => {
 	    qr/syslogd  PSIG  SIGHUP caught handler/ => 1,
-	    qr/syslogd  RET   execve 0/ => 2,
+	    qr/syslogd  RET   execve 0/ => 4,
 	},
 	loggrep => {
 	    qr/config file modified: restarting/ => 1,
diff --git a/regress/usr.sbin/syslogd/args-sighup-privsep.pl b/regress/usr.sbin/syslogd/args-sighup-privsep.pl
index e7f2b75a465..f05c176569c 100644
--- a/regress/usr.sbin/syslogd/args-sighup-privsep.pl
+++ b/regress/usr.sbin/syslogd/args-sighup-privsep.pl
@@ -20,7 +20,7 @@ our %args = (
     syslogd => {
 	ktrace => {
 	    qr/syslogd  PSIG  SIGHUP caught handler/ => 2,
-	    qr/syslogd  RET   execve 0/ => 1,
+	    qr/syslogd  RET   execve 0/ => 2,
 	},
 	loggrep => {
 	    qr/syslogd: restarted/ => 1,
diff --git a/regress/usr.sbin/syslogd/args-sighup-tcp.pl b/regress/usr.sbin/syslogd/args-sighup-tcp.pl
index f18f3bc55fe..77467ee977f 100644
--- a/regress/usr.sbin/syslogd/args-sighup-tcp.pl
+++ b/regress/usr.sbin/syslogd/args-sighup-tcp.pl
@@ -25,7 +25,7 @@ our %args = (
 	},
 	ktrace => {
 	    qr/syslogd  PSIG  SIGHUP caught handler/ => 1,
-	    qr/syslogd  RET   execve 0/ => 1,
+	    qr/syslogd  RET   execve 0/ => 2,
 	},
 	loghost => '@tcp://127.0.0.1:$connectport',
 	loggrep => {
diff --git a/regress/usr.sbin/syslogd/args-sighup-tls.pl b/regress/usr.sbin/syslogd/args-sighup-tls.pl
index 4b5d7e3a714..d6df5f8066b 100644
--- a/regress/usr.sbin/syslogd/args-sighup-tls.pl
+++ b/regress/usr.sbin/syslogd/args-sighup-tls.pl
@@ -25,7 +25,7 @@ our %args = (
 	},
 	ktrace => {
 	    qr/syslogd  PSIG  SIGHUP caught handler/ => 1,
-	    qr/syslogd  RET   execve 0/ => 1,
+	    qr/syslogd  RET   execve 0/ => 2,
 	},
 	loghost => '@tls://127.0.0.1:$connectport',
 	loggrep => {
diff --git a/regress/usr.sbin/syslogd/args-sighup.pl b/regress/usr.sbin/syslogd/args-sighup.pl
index c8dc56ad865..4912af12fc5 100644
--- a/regress/usr.sbin/syslogd/args-sighup.pl
+++ b/regress/usr.sbin/syslogd/args-sighup.pl
@@ -20,7 +20,7 @@ our %args = (
     syslogd => {
 	ktrace => {
 	    qr/syslogd  PSIG  SIGHUP caught handler/ => 1,
-	    qr/syslogd  RET   execve 0/ => 1,
+	    qr/syslogd  RET   execve 0/ => 2,
 	},
 	loggrep => {
 	    qr/config file changed: dying/ => 0,
diff --git a/regress/usr.sbin/syslogd/args-sigpipe.pl b/regress/usr.sbin/syslogd/args-sigpipe.pl
index a74f8ae3a67..9c638870cb6 100644
--- a/regress/usr.sbin/syslogd/args-sigpipe.pl
+++ b/regress/usr.sbin/syslogd/args-sigpipe.pl
@@ -20,7 +20,7 @@ our %args = (
     syslogd => {
 	ktrace => {
 	    qr/syslogd  PSIG  SIGPIPE/ => 0,
-	    qr/syslogd  RET   execve 0/ => 1,
+	    qr/syslogd  RET   execve 0/ => 2,
 	},
 	loggrep => { get_between2loggrep() },
     },
diff --git a/regress/usr.sbin/syslogd/args-sigterm.pl b/regress/usr.sbin/syslogd/args-sigterm.pl
index d97704c6820..35d637e0241 100644
--- a/regress/usr.sbin/syslogd/args-sigterm.pl
+++ b/regress/usr.sbin/syslogd/args-sigterm.pl
@@ -20,7 +20,7 @@ our %args = (
     syslogd => {
 	ktrace => {
 	    qr/syslogd  PSIG  SIGTERM caught handler/ => 1,
-	    qr/syslogd  RET   execve 0/ => 1,
+	    qr/syslogd  RET   execve 0/ => 2,
 	},
 	loggrep => qr/\[unpriv\] syslogd child about to exit/,
     },
author	bluhm <bluhm@openbsd.org>	2016-10-06 13:06:14 +0000
committer	bluhm <bluhm@openbsd.org>	2016-10-06 13:06:14 +0000
commit	37bde5edfb22924cc9002ce75c02eb456f3bde0b (patch)
tree	0a6eb18e0abe6f8712ed1237300e0ffd7a0a4ca0
parent	Do an exec on itself in the privileged syslogd(8) parent process (diff)
download	wireguard-openbsd-37bde5edfb22924cc9002ce75c02eb456f3bde0b.tar.xz wireguard-openbsd-37bde5edfb22924cc9002ce75c02eb456f3bde0b.zip