Fix auditd watchdog Json response format break by invalid control character issue #22709
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
/azp run Azure.sonic-buildimage |
|
Azure Pipelines successfully started running 1 pipeline(s). |
11 tasks
|
Close and re-open to trigger image build |
|
/azpw run Azure.sonic-buildimage |
xincunli-sonic
approved these changes
Jun 3, 2025
qiluo-msft
approved these changes
Jun 3, 2025
|
/azp run Azure.sonic-buildimage |
|
Azure Pipelines successfully started running 1 pipeline(s). |
qiluo-msft
pushed a commit
to sonic-net/sonic-mgmt
that referenced
this pull request
Jun 4, 2025
Add test_rate_limit to auditd watchdod test cases Why I did it Auditd watchgod container add ratelimit check in this PR: sonic-net/sonic-buildimage#22620 Also, json format fix in this PR: sonic-net/sonic-buildimage#22709 Add new test case to prevent regression Work item tracking Microsoft ADO (number only):32313402 How I did it Add test_rate_limit to auditd watchdod test cases How to verify it Pass all test case.
dakotac-arista
pushed a commit
to dakotac-arista/sonic-buildimage
that referenced
this pull request
Jun 5, 2025
…racter issue (sonic-net#22709) Fix auditd watchdog Json response format break by invalid control character issue Why I did it auditd watchdog some time return an invalid Json response, which will break test case: E Failed: Invalid JSON response from auditd watchdog: { E "auditd_conf":"FAIL (sha1 = efcce7fdf80e5ef917c40d60a2b6de55c9cfb466 -, expected = 7cdbd1450570c7c12bdc67115b46d9ae778cbd76)", E "syslog_conf":"FAIL (syslog.conf does not contain 'active = yes': Command 'nsenter --target 1 --pid --mount --uts --ipc --net grep '^active = yes' /etc/audit/plugins.d/syslog.conf' failed with status 1: )", E "auditd_rules":"FAIL (rules sha1 = 93e0a1416d3c3e12c2a708abe20e58c55c8d6d62 -, expected 77e0d8ff297ab3089b234fcd97a20e1c05380f3e)", E "auditd_service":"FAIL (auditd.service does not contain 'CPUQuota=10%': Command 'nsenter --target 1 --pid --mount --uts --ipc --net grep '^CPUQuota=10%' /lib/systemd/system/auditd.service' failed with status 1: )", E "auditd_active":"OK", E "rate_limit":"FAIL (rate_limit: enabled 1 E failure 1 E pid 109644 E rate_limit 2000 E backlog_limit 8192 E lost 0 E backlog 0 E backlog_wait_time 60000 E backlog_wait_time_actual 0 E loginuid_immutable 0 unlocked E mismatch with config file setting: 1000)" E } exception: Invalid control character at: line 7 column 44 (char 760) Work item tracking Microsoft ADO 32313402 How I did it Escape result before build Json response: How to verify it Pass all test case. Manually verify format issue fixed: { "auditd_conf":"FAIL (sha1 = efcce7fdf80e5ef917c40d60a2b6de55c9cfb466 -)", "syslog_conf":"FAIL (syslog.conf does not contain 'active = yes': Command 'nsenter --target 1 --pid --mount --uts --ipc --net grep '^active = yes' /etc/audit/plugins.d/syslog.conf' failed with status 1: )", "auditd_rules":"FAIL (rules sha1 = da39a3ee5e6b4b0d3255bfef95601890afd80709 -, expected f88174f901ec8709bacaf325158f10ec62909d13)", "auditd_service":"FAIL (auditd.service does not contain 'CPUQuota=10%': Command 'nsenter --target 1 --pid --mount --uts --ipc --net grep '^CPUQuota=10%' /lib/systemd/system/auditd.service' failed with status 1: )", "auditd_active":"OK", "auditd_reload":"OK", "rate_limit":"FAIL (rate_limit: enabled 1\nfailure 1\npid 332282\nrate_limit 2000\nbacklog_limit 8192\nlost 0\nbacklog 0\nbacklog_wait_time 60000\nbacklog_wait_time_actual 0\nloginuid_immutable 0 unlocked\n mismatch with config file setting: 1000)" }
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fix auditd watchdog Json response format break by invalid control character issue
Why I did it
auditd watchdog some time return an invalid Json response, which will break test case:
E Failed: Invalid JSON response from auditd watchdog: {
E "auditd_conf":"FAIL (sha1 = efcce7fdf80e5ef917c40d60a2b6de55c9cfb466 -, expected = 7cdbd1450570c7c12bdc67115b46d9ae778cbd76)",
E "syslog_conf":"FAIL (syslog.conf does not contain 'active = yes': Command 'nsenter --target 1 --pid --mount --uts --ipc --net grep '^active = yes' /etc/audit/plugins.d/syslog.conf' failed with status 1: )",
E "auditd_rules":"FAIL (rules sha1 = 93e0a1416d3c3e12c2a708abe20e58c55c8d6d62 -, expected 77e0d8ff297ab3089b234fcd97a20e1c05380f3e)",
E "auditd_service":"FAIL (auditd.service does not contain 'CPUQuota=10%': Command 'nsenter --target 1 --pid --mount --uts --ipc --net grep '^CPUQuota=10%' /lib/systemd/system/auditd.service' failed with status 1: )",
E "auditd_active":"OK",
E "rate_limit":"FAIL (rate_limit: enabled 1
E failure 1
E pid 109644
E rate_limit 2000
E backlog_limit 8192
E lost 0
E backlog 0
E backlog_wait_time 60000
E backlog_wait_time_actual 0
E loginuid_immutable 0 unlocked
E mismatch with config file setting: 1000)"
E } exception: Invalid control character at: line 7 column 44 (char 760)
Work item tracking
How I did it
Escape result before build Json response:
How to verify it
Pass all test case.
Manually verify format issue fixed:
{
"auditd_conf":"FAIL (sha1 = efcce7fdf80e5ef917c40d60a2b6de55c9cfb466 -)",
"syslog_conf":"FAIL (syslog.conf does not contain 'active = yes': Command 'nsenter --target 1 --pid --mount --uts --ipc --net grep '^active = yes' /etc/audit/plugins.d/syslog.conf' failed with status 1: )",
"auditd_rules":"FAIL (rules sha1 = da39a3ee5e6b4b0d3255bfef95601890afd80709 -, expected f88174f901ec8709bacaf325158f10ec62909d13)",
"auditd_service":"FAIL (auditd.service does not contain 'CPUQuota=10%': Command 'nsenter --target 1 --pid --mount --uts --ipc --net grep '^CPUQuota=10%' /lib/systemd/system/auditd.service' failed with status 1: )",
"auditd_active":"OK",
"auditd_reload":"OK",
"rate_limit":"FAIL (rate_limit: enabled 1\nfailure 1\npid 332282\nrate_limit 2000\nbacklog_limit 8192\nlost 0\nbacklog 0\nbacklog_wait_time 60000\nbacklog_wait_time_actual 0\nloginuid_immutable 0 unlocked\n mismatch with config file setting: 1000)"
}
Which release branch to backport (provide reason below if selected)
Tested branch (Please provide the tested image version)
Description for the changelog
Fix auditd watchdog Json response format break by invalid control character issue
Link to config_db schema for YANG module changes
A picture of a cute animal (not mandatory but encouraged)