Skip to content

Commit e934c87

Browse files
committed
[Change] tests: de-duplicate Dockerfile bake via opt-in helper; issue #485
[Change] tests/helpers/uat-lmd.bash: remove redundant scan_ignore_root="0" reset from uat_lmd_install (already baked by tests/Dockerfile*); add opt-in uat_lmd_disable_root_filter helper so each UAT caller explicitly documents its dependency on the override (effective value unchanged — Dockerfile bake remains); issue #485 [Change] tests/uat/*.bats: migrate 19 callers to invoke uat_lmd_disable_root_filter after uat_lmd_install, preserving prior test semantics; issue #485
1 parent cb90926 commit e934c87

22 files changed

Lines changed: 48 additions & 1 deletion

CHANGELOG

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -86,6 +86,15 @@ v2.0.1 | Mar 25 2026:
8686

8787
[Change] monitor: log filtered-cycle event count when all events dropped by
8888
tier-2 scan filter (_event_count > 0 but _tot_files == 0); issue #485
89+
[Change] tests/helpers/uat-lmd.bash: de-duplicate Dockerfile-level
90+
scan_ignore_root="0" bake — remove redundant sed from
91+
uat_lmd_install and add opt-in uat_lmd_disable_root_filter
92+
helper so each UAT caller explicitly documents its
93+
dependency on the override; all 19 existing UAT callers
94+
migrated (effective value unchanged — still 0 via
95+
Dockerfile bake + explicit helper call); unblocks issue-485
96+
UAT which re-sets scan_ignore_root=1 to exercise the
97+
production default; issue #485
8998
[Change] Vendored libs synced to canonical: tlog_lib 2.0.6, alert_lib 1.0.7, elog_lib 1.0.6, pkg_lib 1.0.10 (zero functional change)
9099
[Change] Alert templates: consolidate summary into headers; drop "TOTAL" prefix from
91100
labels (HITS/CLEANED/QUARANTINED); add quarantine metrics; aligned column spacing

CHANGELOG.RELEASE

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -86,6 +86,15 @@ v2.0.1 | Mar 25 2026:
8686

8787
[Change] monitor: log filtered-cycle event count when all events dropped by
8888
tier-2 scan filter (_event_count > 0 but _tot_files == 0); issue #485
89+
[Change] tests/helpers/uat-lmd.bash: de-duplicate Dockerfile-level
90+
scan_ignore_root="0" bake — remove redundant sed from
91+
uat_lmd_install and add opt-in uat_lmd_disable_root_filter
92+
helper so each UAT caller explicitly documents its
93+
dependency on the override; all 19 existing UAT callers
94+
migrated (effective value unchanged — still 0 via
95+
Dockerfile bake + explicit helper call); unblocks issue-485
96+
UAT which re-sets scan_ignore_root=1 to exercise the
97+
production default; issue #485
8998
[Change] Vendored libs synced to canonical: tlog_lib 2.0.6, alert_lib 1.0.7, elog_lib 1.0.6, pkg_lib 1.0.10 (zero functional change)
9099
[Change] Alert templates: consolidate summary into headers; drop "TOTAL" prefix from
91100
labels (HITS/CLEANED/QUARANTINED); add quarantine metrics; aligned column spacing

tests/helpers/uat-lmd.bash

Lines changed: 11 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -26,7 +26,6 @@ uat_lmd_install() {
2626
sed -i 's/^email_alert=.*/email_alert="0"/' "$conf"
2727
sed -i 's/^scan_clamscan=.*/scan_clamscan="0"/' "$conf"
2828
sed -i 's/^import_config_url=.*/import_config_url=""/' "$conf"
29-
sed -i 's/^scan_ignore_root=.*/scan_ignore_root="0"/' "$conf"
3029
sed -i 's/^scan_tmpdir_paths=.*/scan_tmpdir_paths=""/' "$conf"
3130

3231
# Save clean config for uat_lmd_reset() if not already saved
@@ -169,3 +168,14 @@ MOCK
169168

170169
echo "$mock_dir"
171170
}
171+
172+
# uat_lmd_disable_root_filter — Explicit opt-in for scan_ignore_root=0 override.
173+
# The effective default in the Docker test image is scan_ignore_root=0 (baked
174+
# by tests/Dockerfile*). This helper de-duplicates the prior uat_lmd_install
175+
# reset and documents each UAT caller's dependency on that override. Phase 4's
176+
# issue-#485 UAT explicitly re-sets scan_ignore_root=1 via uat_lmd_set_config
177+
# to exercise the production default. Issue #485.
178+
uat_lmd_disable_root_filter() {
179+
local conf="${LMD_INSTALL:-/usr/local/maldetect}/conf.maldet"
180+
sed -i 's/^scan_ignore_root=.*/scan_ignore_root="0"/' "$conf"
181+
}

tests/uat/01-scan-quarantine.bats

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -12,6 +12,7 @@ TEST_DIR="/tmp/uat-lmd-test/scan-quar"
1212
setup_file() {
1313
uat_setup
1414
uat_lmd_install
15+
uat_lmd_disable_root_filter # preserve prior UAT semantics; issue #485
1516
uat_lmd_reset
1617
mkdir -p "$TEST_DIR"
1718
}

tests/uat/02-quarantine-permissions.bats

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -12,6 +12,7 @@ TEST_DIR="/tmp/uat-lmd-test/quar-perms"
1212
setup_file() {
1313
uat_setup
1414
uat_lmd_install
15+
uat_lmd_disable_root_filter # preserve prior UAT semantics; issue #485
1516
uat_lmd_reset
1617
mkdir -p "$TEST_DIR"
1718
}

tests/uat/03-report-management.bats

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -12,6 +12,7 @@ TEST_DIR="/tmp/uat-lmd-test/reports"
1212
setup_file() {
1313
uat_setup
1414
uat_lmd_install
15+
uat_lmd_disable_root_filter # preserve prior UAT semantics; issue #485
1516
uat_lmd_reset
1617
mkdir -p "$TEST_DIR"
1718

tests/uat/04-config-overrides.bats

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -12,6 +12,7 @@ TEST_DIR="/tmp/uat-lmd-test/config-override"
1212
setup_file() {
1313
uat_setup
1414
uat_lmd_install
15+
uat_lmd_disable_root_filter # preserve prior UAT semantics; issue #485
1516
uat_lmd_reset
1617
mkdir -p "$TEST_DIR"
1718
}

tests/uat/05-monitor-mode.bats

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -15,6 +15,7 @@ MALDET_LOG="$LMD_INSTALL/logs/event_log"
1515
setup_file() {
1616
uat_setup
1717
uat_lmd_install
18+
uat_lmd_disable_root_filter # preserve prior UAT semantics; issue #485
1819
uat_lmd_reset
1920

2021
# Skip entire file if inotifywait is not available

tests/uat/06-background-scan.bats

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -12,6 +12,7 @@ TEST_DIR="/tmp/uat-lmd-test/bg-scan"
1212
setup_file() {
1313
uat_setup
1414
uat_lmd_install
15+
uat_lmd_disable_root_filter # preserve prior UAT semantics; issue #485
1516
uat_lmd_reset
1617
mkdir -p "$TEST_DIR"
1718
uat_lmd_create_eicar "$TEST_DIR"

tests/uat/07-ignore-system.bats

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -12,6 +12,7 @@ TEST_DIR="/tmp/uat-lmd-test/ignore"
1212
setup_file() {
1313
uat_setup
1414
uat_lmd_install
15+
uat_lmd_disable_root_filter # preserve prior UAT semantics; issue #485
1516
uat_lmd_reset
1617
mkdir -p "$TEST_DIR"
1718
}

0 commit comments

Comments
 (0)