#!/bin/sh
# autopkgtest check: Sample Rekall runs on small Linux memdump
# Author: Sascha Steinbiss <satta@debian.org>
set -e

ORIGDIR=$(pwd)
DATADIR=$ORIGDIR/debian/tests/
WORKDIR=$(mktemp -d)

trap "rm -rf $WORKDIR" 0 INT QUIT ABRT PIPE TERM
cd $WORKDIR

cp $DATADIR/foo.xz .
unxz foo.xz

for m in check_modules pslist check_syscall lsmod iomem netstat lsof check_idt check_proc_fops; do
  rekall --cache memory -p $DATADIR/3.16.0-4-amd64 -f foo $m
done


