From 2132272e2991109f532217fe8f4009252acc3992 Mon Sep 17 00:00:00 2001 From: Milos Malik Date: Jan 29 2021 13:22:20 +0000 Subject: search for AVCs only, ignore USER_AVCs Because the test uses a custom policy module, there will always be at least 2 USER_AVC messages reported (received policyload notice caused by insertion and removal of the policy module). The ausearch calls should only care about AVC messages. The test also uses the semanage command, which is not required in Makefile. Both issues are now fixed. --- diff --git a/selinux-policy/rsyslog-and-similar/Makefile b/selinux-policy/rsyslog-and-similar/Makefile index 71bb017..5e88b90 100644 --- a/selinux-policy/rsyslog-and-similar/Makefile +++ b/selinux-policy/rsyslog-and-similar/Makefile @@ -69,6 +69,7 @@ $(METADATA): Makefile @echo "Requires: setools" >> $(METADATA) @echo "Requires: setools-console" >> $(METADATA) @echo "Requires: shadow-utils" >> $(METADATA) + @echo "Requires: /usr/sbin/semanage" >> $(METADATA) @echo "RhtsRequires: library(selinux-policy/common)" >> $(METADATA) @echo "Priority: Normal" >> $(METADATA) @echo "License: GPLv2" >> $(METADATA) diff --git a/selinux-policy/rsyslog-and-similar/runtest.sh b/selinux-policy/rsyslog-and-similar/runtest.sh index cb40304..6fefc7a 100755 --- a/selinux-policy/rsyslog-and-similar/runtest.sh +++ b/selinux-policy/rsyslog-and-similar/runtest.sh @@ -87,7 +87,7 @@ rlJournalStart rlRun "update_rsys" rlRun "systemctl restart rsyslog" sleep 3 - rlRun "ausearch -m AVC -m USER_AVC --start $tst_Time" 1 + rlRun "ausearch -m AVC --start $tst_Time" 1 rlRun "cp -rv /etc/rsyslog.conf-orig /etc/rsyslog.conf" rlRun "systemctl restart rsyslog" rlPhaseEnd @@ -103,7 +103,7 @@ rlJournalStart rlRun "echo ' ' >> /etc/rsyslog.conf" rlRun "systemctl restart rsyslog" sleep 3 - rlRun "ausearch -m AVC -m USER_AVC --start $tst_Time" 1 + rlRun "ausearch -m AVC --start $tst_Time" 1 rlRun 'semanage fcontext -d -t public_content_rw_t "/my/custom(/.*)?"' rlRun "semodule -r rsyslog_imfile_policy" rlRun "cp -rv /etc/rsyslog.conf-orig /etc/rsyslog.conf"