From 30ef83d85fe78e7ff0e85370852ebb653b5734d5 Mon Sep 17 00:00:00 2001 From: Sebastien Buisson Date: Tue, 10 Aug 2021 12:59:41 +0200 Subject: [PATCH] DDN-1956 tests: exercise laudit/laudit-report Add sanity-laudit.sh to exercise laudit and laudit-report command line tools. Test-Parameters: trivial Test-Parameters: mdtcount=2 testlist=sanity-laudit serverextra_install_params="--packages lipe-client" facet=mds1 Signed-off-by: Sebastien Buisson Change-Id: I97fefecab6442d9031de6a7fcd86d07a517386c2 Reviewed-on: https://review.whamcloud.com/46907 Tested-by: jenkins Tested-by: Maloo Reviewed-by: Andreas Dilger --- lustre/tests/Makefile.am | 1 + lustre/tests/sanity-laudit.sh | 194 ++++++++++++++++++++++++++++++++++++ lustre/tests/test-groups/regression | 1 + 3 files changed, 196 insertions(+) create mode 100644 lustre/tests/sanity-laudit.sh diff --git a/lustre/tests/Makefile.am b/lustre/tests/Makefile.am index 251f54b..bbcabc0 100644 --- a/lustre/tests/Makefile.am +++ b/lustre/tests/Makefile.am @@ -35,6 +35,7 @@ noinst_SCRIPTS += mds-survey.sh parallel-scale-nfs.sh large-lun.sh noinst_SCRIPTS += parallel-scale-nfsv3.sh parallel-scale-nfsv4.sh noinst_SCRIPTS += setup-cifs.sh parallel-scale-cifs.sh noinst_SCRIPTS += posix.sh sanity-scrub.sh scrub-performance.sh ha.sh pjdfstest.sh +noinst_SCRIPTS += sanity-laudit.sh noinst_SCRIPTS += sanity-lfsck.sh lfsck-performance.sh sanity-lipe.sh noinst_SCRIPTS += sanity-lipe-find3.sh noinst_SCRIPTS += sanity-lipe-scan3.sh diff --git a/lustre/tests/sanity-laudit.sh b/lustre/tests/sanity-laudit.sh new file mode 100644 index 0000000..0dc8689 --- /dev/null +++ b/lustre/tests/sanity-laudit.sh @@ -0,0 +1,194 @@ +#!/bin/bash +# +# Tests for laudit and laudit-report +# +set -e + +ONLY=${ONLY:-"$*"} + +LUSTRE=${LUSTRE:-$(dirname $0)/..} +. $LUSTRE/tests/test-framework.sh +init_test_env $@ +. ${CONFIG:=$LUSTRE/tests/cfg/$NAME.sh} +init_logging + +# bug number for skipped test: +ALWAYS_EXCEPT="$SANITY_LAUDIT_EXCEPT " +# UPDATE THE COMMENT ABOVE WITH BUG NUMBERS WHEN CHANGING ALWAYS_EXCEPT! + +! remote_mds_nodsh || skip_env "remote MDS with nodsh" +! remote_ost_nodsh || skip_env "remote OSS with nodsh" + +# check if laudit and laudit-report are installed on clients +for t in laudit laudit-report; do + do_nodes $CLIENTS "which $t" &>/dev/null || + skip_env "$t is not installed on client" +done + +# laudit configuration +LAUDIT="laudit" +LAUDIT_REPORT="laudit-report" +LAUDIT_DUMP_PATH=$TMP/audit +LAUDIT_CONF_FILE=$TMP/laudit.conf + +build_test_filter +check_and_setup_lustre +check_runas_id $RUNAS_ID $RUNAS_ID $RUNAS + +setup_changelogs() { + changelog_register || error "changelog_register failed" + local cl_user="${CL_USERS[$SINGLEMDS]%% *}" + changelog_users $SINGLEMDS | grep -q $cl_user || + error "User $cl_user not found in changelog_users" + changelog_chmask "ALL" +} + +cleanup_sanity_laudit() { + rm -f $LAUDIT_CONF_FILE + rm -rf $LAUDIT_DUMP_PATH + killall laudit +} + +generate_conf_file() { + cat < $LAUDIT_CONF_FILE +{ + "fs_name": "$FSNAME", + "mount": "$MOUNT", + "dump_path": "$LAUDIT_DUMP_PATH", + "mdts": [ +EOF + for i in $(seq 1 $MDSCOUNT); do + echo " {\"mdt_idx\": $((i-1)), \"reader_id\": \"${CL_USERS[mds$i]%% *}\"}," >> $LAUDIT_CONF_FILE + done + cat <> $LAUDIT_CONF_FILE + ], + "parse_interval_sec": 10, + "sync_every_n_entries": 1000, + "max_syncs_before_sleep": 10 +} +EOF +} + +create_simple_files() { + local dir=$1 + + changelog_clear 0 || error "changelog_clear failed" + $RUNAS touch $dir/$tfile + $RUNAS cat $dir/$tfile + changelog_dump +} + +check_events() { + grep 01CREAT $* || error "01CREAT event not found" + grep -E "10OPEN.*j=touch.*m=-w-" $* || error "10OPEN event not found (1)" + grep -E "11CLOSE.*j=touch" $* || error "11CLOSE event not found (1)" + grep -E "10OPEN.*j=cat.*m=r--" $* || error "10OPEN event not found (2)" + grep -E "11CLOSE.*j=cat" $* || error "11CLOSE event not found (2)" +} + +check_audit_files() { + local tfid=$1 + local lfiles + + lfiles=$(find $LAUDIT_DUMP_PATH/users/$RUNAS_ID:$RUNAS_ID/$(date +%Y) \ + -type f) + [ -n "$lfiles" ] || error "'users' file not present" + echo "Checking 'users' audit files" + check_events $lfiles + + lfiles=$(find $LAUDIT_DUMP_PATH/files/$tfid/$(date +%Y) -type f) + [ -n "$lfiles" ] || error "'files' file not present" + echo "Checking 'files' audit files" + check_events $lfiles +} + +check_audit_report() { + local tfid=$1 + local filepath=$2 + local report=$(mktemp) + + $LAUDIT_REPORT -u $RUNAS_ID:$RUNAS_ID $LAUDIT_CONF_FILE > $report || + error "$LAUDIT_REPORT -u $RUNAS_ID:$RUNAS_ID failed" + echo "Checking audit report for user $RUNAS_ID:$RUNAS_ID" + check_events $report + + $LAUDIT_REPORT -f $tfid $LAUDIT_CONF_FILE > $report || + error "$LAUDIT_REPORT -f $tfid failed" + echo "Checking audit report for FID $tfid" + check_events $report + + $LAUDIT_REPORT -f $filepath $LAUDIT_CONF_FILE > $report || + error "$LAUDIT_REPORT -f $filepath failed" + echo "Checking audit report for file $filepath" + check_events $report +} + +mkdir $LAUDIT_DUMP_PATH +stack_trap cleanup_sanity_laudit EXIT +setup_changelogs +generate_conf_file + +test_1() { + local tfid + local lfiles + + $LFS setdirstripe -c1 -i0 $DIR/$tdir + chmod 777 $DIR/$tdir + create_simple_files $DIR/$tdir + rm -rf $LAUDIT_DUMP_PATH/* + $LAUDIT -p $LAUDIT_CONF_FILE || error "laudit failed" + + tfid=$($LFS path2fid $DIR/$tdir/$tfile) + check_audit_files $tfid + check_audit_report $tfid $DIR/$tdir/$tfile + + if [ $MDSCOUNT -ge 2 ]; then + $LFS setdirstripe -c1 -i1 $DIR/${tdir}2 + chmod 777 $DIR/${tdir}2 + create_simple_files $DIR/${tdir}2 + rm -rf $LAUDIT_DUMP_PATH/* + $LAUDIT -p $LAUDIT_CONF_FILE || error "laudit failed" + + tfid=$($LFS path2fid $DIR/${tdir}2/$tfile) + check_audit_files $tfid + check_audit_report $tfid $DIR/${tdir}2/$tfile + fi +} +run_test 1 "laudit simple files" + +test_2() { + local tfid + local lfiles + + $LFS setdirstripe -c1 -i0 $DIR/$tdir + chmod 777 $DIR/$tdir + + rm -rf $LAUDIT_DUMP_PATH/* + $LAUDIT -p -d $LAUDIT_CONF_FILE || error "cannot launch laudit" + + create_simple_files $DIR/$tdir + sleep 20 # twice the parse_interval_sec + + tfid=$($LFS path2fid $DIR/$tdir/$tfile) + check_audit_files $tfid + check_audit_report $tfid $DIR/$tdir/$tfile + killall laudit + + if [ $MDSCOUNT -ge 2 ]; then + $LFS setdirstripe -c1 -i1 $DIR/${tdir}2 + chmod 777 $DIR/${tdir}2 + rm -rf $LAUDIT_DUMP_PATH/* + $LAUDIT -p -d $LAUDIT_CONF_FILE || error "cannot launch laudit" + create_simple_files $DIR/${tdir}2 + sleep 20 # twice the parse_interval_sec + + tfid=$($LFS path2fid $DIR/${tdir}2/$tfile) + check_audit_files $tfid + check_audit_report $tfid $DIR/${tdir}2/$tfile + fi +} +run_test 2 "laudit daemon mode" + +complete $SECONDS +check_and_cleanup_lustre +exit_status diff --git a/lustre/tests/test-groups/regression b/lustre/tests/test-groups/regression index c88e737..bfaef81b 100644 --- a/lustre/tests/test-groups/regression +++ b/lustre/tests/test-groups/regression @@ -28,3 +28,4 @@ sanity-pfl sanity-pcc sanity-lnet sanity-lipe +sanity-laudit -- 1.8.3.1