[RFC PATCH] audit-testsuite: improve our chances of losing records in lost_reset

From: Paul Moore <paul(a)paul-moore.com&gt; If the point of the lost_reset test is to flood the system with audit records, why are we restricting ourselves with a filter? Let's log everything. Signed-off-by: Paul Moore <paul(a)paul-moore.com&gt; --- tests/lost_reset/test | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/lost_reset/test b/tests/lost_reset/test index af82f0b..054e1e0 100755 --- a/tests/lost_reset/test +++ b/tests/lost_reset/test @@ -57,7 +57,7 @@ for ( $i = 0 ; $i < $iterations ; $i++ ) { # iteration count # Add rule to generate audit queue events from floodping $result = - system("auditctl -a exit,always -S all -F pid=$ping_pid >/dev/null 2>&1"); + system("auditctl -a exit,always -S all >/dev/null 2>&1"); my $counter = 0; my $timeout = 50; @@ -82,7 +82,7 @@ for ( $i = 0 ; $i < $iterations ; $i++ ) { # iteration count } kill 'TERM', $ping_pid; - system("auditctl -d exit,always -S all -F pid=$ping_pid >/dev/null 2>&1"); + system("auditctl -d exit,always -S all >/dev/null 2>&1"); # Restart the daemon to collect messages in the log system("service auditd start >/dev/null 2>&1");