#!/bin/sh

set -e

. $(pwd)/common.sh

cat >$TMP/myprofile <<EOF
# super strict filter
EOF

# ensure that the command "true" can not run due to impossible
# filtering

printf "Test that seccomp filtering kills processes"
if $L appid myprofile /bin/true 2>/dev/null; then
    # true returned successfully, our filtering is broken!
    FAIL
else
    # true returend a error code, check dmesg
    if dmesg|tail -n1|grep -q "audit"; then
        PASS
    else
        FAIL
    fi
fi
