tpm_device.py: clean audit before vm start

Cleaning audit logs should be before vm start, and need clean all audit.log*(.1, .2, etc) files. Also move it later to wait more time. And replace ausearch cmd since it can not capture well sometimes, audit.log can reflect actual info instead. Signed-off-by: Yanqiu Zhang <[email protected]>
autotest · Sep 26, 2024 · 6493425 · 6493425
1 parent ca60e7a
commit 6493425
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 5 deletions.
diff --git a/libvirt/tests/cfg/virtual_device/tpm_device.cfg b/libvirt/tests/cfg/virtual_device/tpm_device.cfg
@@ -141,7 +141,7 @@
                     swtpm_path = '/usr/bin/swtpm'
                     variants:
                         - start_vm:
-                            audit_cmd = ausearch -ts recent -m VIRT_RESOURCE| grep 'tpm-external'
+                            audit_cmd = "cat /var/log/audit/audit.log| grep 'tpm-external'"
                             ausearch_check = 'reason=start.*device="/var/tmp/guest-swtpm.sock".*res=success'
                         - suspend_resume:
                             vm_operate = 'resume'

diff --git a/libvirt/tests/src/virtual_device/tpm_device.py b/libvirt/tests/src/virtual_device/tpm_device.py
@@ -830,6 +830,12 @@ def check_swtpmpidfile(vm_name, test_stage):
             return
         if tpm_model and backend_version != 'default':
             expect_fail = False
+            if ausearch_check:
+                cmd = "truncate -s 0  /var/log/audit/audit.log*"
+                process.run(cmd, shell=True)
+                ausearch_ret = process.run(audit_cmd, verbose=True, shell=True, ignore_status=True)
+                if not ausearch_ret:
+                    test.fail('audit log is not cleaned well.')
             try:
                 vm.start()
             except VMStartError as detail:
@@ -838,10 +844,6 @@ def check_swtpmpidfile(vm_name, test_stage):
                     return
                 else:
                     test.fail(detail)
-            if ausearch_check:
-                process.run("echo > /var/log/audit/audit.log", ignore_status=True)
-                ausearch_result = process.run(audit_cmd, verbose=True, shell=True)
-                libvirt.check_result(ausearch_result, expected_match=ausearch_check)
             if undefine_flag:
                 time.sleep(5)
                 vm.destroy()
@@ -946,6 +948,9 @@ def check_swtpmpidfile(vm_name, test_stage):
                         return
             domid = vm.get_id()
             check_qemu_cmd_line(vm, vm_name, domid)
+            if ausearch_check:
+                ausearch_result = process.run(audit_cmd, verbose=True, shell=True)
+                libvirt.check_result(ausearch_result, expected_match=ausearch_check)
             if backend_type == "passthrough":
                 if tpm_real_v == "1.2" and tpm_model == "tpm-crb":
                     expect_fail = True