component: - audit framework: beakerlib require: - url: https://gitlab.cee.redhat.com/special-projects/tests/audit name: /Library/testing type: library - audit adjust: - enabled: false when: distro != rhel-6 and distro != rhel-7 continue: false contact: - omoris@redhat.com description: | Test Name: dns-reverse-lookup Author: Eduard Benes Location: /CoreOS/audit/Sanity/dns-reverse-lookup Short Description: Empty addr parameter to audit logging function should cause to bypass reverse dns lookup. Long Description: If the addr parameter being passed to an audit logging function (such as audit_log_user_message) is "", it should bypass a reverse dns lookup. This can be verified by stracing this program: #include int main(void) { int fd = audit_open(); audit_log_user_message(fd, AUDIT_USER_AUTH, "", NULL, "", NULL, 1); return 0; } Stracing this program will give much more than ~40 lines of output if dns reverse lookup has been performed. Number around 40 is acceptable. duration: 5m enabled: true extra-nitrate: TC#0075628 extra-summary: /CoreOS/audit/Sanity/dns-reverse-lookup extra-task: /CoreOS/audit/Sanity/dns-reverse-lookup recommend: - audit - audit-libs - audit-libs-devel - strace - gcc summary: Empty addr parameter to audit logging function should cause to bypass reverse dns lookup. tag: - CI-Tier-1 - NoRHEL3 - NoRHEL4 - Tier1 - Tier1security test: ./runtest.sh tier: '1' name: /Sanity/dns-reverse-lookup order: 50 link: [] id: path: /Sanity/dns-reverse-lookup manual: false tty: false environment: {} result: respect where: check: [] restart-on-exit-code: [] restart-max-count: 1 restart-with-reboot: false sources: - /var/tmp/tmt/run-017/Plans/general/discover/Downstream_audit_tests/tests/main.fmf - /var/tmp/tmt/run-017/Plans/general/discover/Downstream_audit_tests/tests/Sanity/dns-reverse-lookup/main.fmf context: {}