Add test_rate_limit to auditd watchdog test cases #18555
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
/azp run |
|
Waiting for sonic-net/sonic-buildimage#22620 merge |
|
Azure Pipelines successfully started running 1 pipeline(s). |
11 tasks
|
/azp run |
|
Azure Pipelines successfully started running 1 pipeline(s). |
qiluo-msft
pushed a commit
to sonic-net/sonic-buildimage
that referenced
this pull request
May 26, 2025
Add rate_limit check to auditd container watchdog Why I did it Auditd container recently enable rate limit, need watch dock to check this change applied correctly. Work item tracking Microsoft ADO (number only):32313402 How I did it Add rate_limit check to auditd container watchdog How to verify it Pass all test case. New test case added by: sonic-net/sonic-mgmt#18555 Manually verified the feature works, checked 4 cases: running config match with /etc/audit/audit.rules, will return: OK running config mismatch with /etc/audit/audit.rules, will return: FAIL (rate_limit: {} mismatch with config file setting: {}) running config rate limit no set, but rate limit set in /etc/audit/audit.rules, will return: FAIL (rate_limit not set = {}, config file setting: {}) rate limit disabled in /etc/audit/audit.rules, will return: OK
|
Depends on sonic-net/sonic-buildimage#22658 merge first |
|
/azp run |
|
Azure Pipelines successfully started running 1 pipeline(s). |
liuh-80
changed the title
|
This PR depends on sonic-net/sonic-buildimage#22709 merge first |
qiluo-msft
reviewed
Jun 3, 2025
|
|
||
| # watchdog will report FAIL when auditd running config mismatch with config file | ||
| duthost.command(r"sudo cp /etc/audit/rules.d/audit.rules /etc/audit.rules_backup") | ||
| duthost.command(r"sudo sed -i -e '$a\'$'\n''-r 1000' /etc/audit/rules.d/audit.rules") |
There was a problem hiding this comment.
No, this won't happen, because the next line will change running rate limit to 2000
|
Will close this PR and open later, because found watch dog json format issue, which need fix first: sonic-net/sonic-buildimage#22709 |
qiluo-msft
approved these changes
Jun 3, 2025
xincunli-sonic
approved these changes
Jun 4, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Add test_rate_limit to auditd watchdod test cases
Why I did it
Auditd watchgod container add ratelimit check in this PR:
sonic-net/sonic-buildimage#22620
Also, json format fix in this PR:
sonic-net/sonic-buildimage#22709
Add new test case to prevent regression
Work item tracking
How I did it
Add test_rate_limit to auditd watchdod test cases
How to verify it
Pass all test case.
Which release branch to backport (provide reason below if selected)
Tested branch (Please provide the tested image version)
Description for the changelog
Add test_rate_limit to auditd watchdod test cases
Link to config_db schema for YANG module changes
A picture of a cute animal (not mandatory but encouraged)