diff --git a/.fmf/version b/.fmf/version new file mode 100644 index 0000000..d00491f --- /dev/null +++ b/.fmf/version @@ -0,0 +1 @@ +1 diff --git a/plans/selinux.fmf b/plans/selinux.fmf new file mode 100644 index 0000000..c093b2e --- /dev/null +++ b/plans/selinux.fmf @@ -0,0 +1,7 @@ +summary: selinux tests - Tier 1 | policycoreutils +discover: + how: fmf + url: https://src.fedoraproject.org/tests/selinux + filter: "tier: 1 | component: policycoreutils & tags: generic, fedora" +execute: + how: tmt diff --git a/tests/CIL-modules-without-compilation/Makefile b/tests/CIL-modules-without-compilation/Makefile deleted file mode 100644 index 2d8a660..0000000 --- a/tests/CIL-modules-without-compilation/Makefile +++ /dev/null @@ -1,64 +0,0 @@ -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Makefile of /CoreOS/policycoreutils/Sanity/CIL-modules-without-compilation -# Description: What the test does -# Author: Milos Malik -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2016 Red Hat, Inc. -# -# This copyrighted material is made available to anyone wishing -# to use, modify, copy, or redistribute it subject to the terms -# and conditions of the GNU General Public License version 2. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public -# License along with this program; if not, write to the Free -# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, -# Boston, MA 02110-1301, USA. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -export TEST=/CoreOS/policycoreutils/Sanity/CIL-modules-without-compilation -export TESTVERSION=1.0 - -BUILT_FILES= - -FILES=$(METADATA) runtest.sh Makefile PURPOSE - -.PHONY: all install download clean - -run: $(FILES) build - ./runtest.sh - -build: $(BUILT_FILES) - test -x runtest.sh || chmod a+x runtest.sh - -clean: - rm -f *~ $(BUILT_FILES) - -include /usr/share/rhts/lib/rhts-make.include - -$(METADATA): Makefile - @echo "Owner: Milos Malik " > $(METADATA) - @echo "Name: $(TEST)" >> $(METADATA) - @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) - @echo "Path: $(TEST_DIR)" >> $(METADATA) - @echo "Description: What the test does" >> $(METADATA) - @echo "Type: Sanity" >> $(METADATA) - @echo "TestTime: 5m" >> $(METADATA) - @echo "RunFor: policycoreutils" >> $(METADATA) - @echo "Requires: policycoreutils" >> $(METADATA) - @echo "Priority: Normal" >> $(METADATA) - @echo "License: GPLv2" >> $(METADATA) - @echo "Confidential: no" >> $(METADATA) - @echo "Destructive: no" >> $(METADATA) - @echo "Releases: -RHEL4 -RHEL6 -RHELClient5 -RHELServer5" >> $(METADATA) - - rhts-lint $(METADATA) - diff --git a/tests/CIL-modules-without-compilation/PURPOSE b/tests/CIL-modules-without-compilation/PURPOSE deleted file mode 100644 index a9c7d54..0000000 --- a/tests/CIL-modules-without-compilation/PURPOSE +++ /dev/null @@ -1,5 +0,0 @@ -PURPOSE of /CoreOS/policycoreutils/Sanity/CIL-modules-without-compilation -Author: Milos Malik - -Is it possible to manage policy modules written in CIL without any compilation? Does semanage and semodule understand them? - diff --git a/tests/CIL-modules-without-compilation/runtest.sh b/tests/CIL-modules-without-compilation/runtest.sh deleted file mode 100755 index 451461a..0000000 --- a/tests/CIL-modules-without-compilation/runtest.sh +++ /dev/null @@ -1,73 +0,0 @@ -#!/bin/bash -# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# runtest.sh of /CoreOS/policycoreutils/Sanity/CIL-modules-without-compilation -# Description: What the test does -# Author: Milos Malik -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2016 Red Hat, Inc. -# -# This copyrighted material is made available to anyone wishing -# to use, modify, copy, or redistribute it subject to the terms -# and conditions of the GNU General Public License version 2. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public -# License along with this program; if not, write to the Free -# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, -# Boston, MA 02110-1301, USA. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -# Include Beaker environment -. /usr/bin/rhts-environment.sh || exit 1 -. /usr/share/beakerlib/beakerlib.sh || exit 1 - -PACKAGE="policycoreutils" - -rlJournalStart - rlPhaseStartSetup - rlAssertRpm $PACKAGE - rlRun "echo '()' > empty.cil" - rlRun "echo '(())' > invalid.cil" - rlPhaseEnd - - rlPhaseStartTest "empty CIL module" - rlRun "semodule -lfull | grep '400.*empty.*cil'" 1 - rlRun "semodule -i empty.cil" - rlRun "semodule -lfull | grep '400.*empty.*cil'" - rlRun "semodule -r empty" - rlRun "semodule -lfull | grep '400.*empty.*cil'" 1 - rlRun "semanage module -l | grep 'empty.*400.*cil'" 1 - rlRun "semanage module -a empty.cil" - rlRun "semanage module -l | grep 'empty.*400.*cil'" - rlRun "semanage module -r empty" - rlRun "semanage module -l | grep 'empty.*400.*cil'" 1 - rlPhaseEnd - - rlPhaseStartTest "invalid CIL module" - rlRun "semodule -lfull | grep '400.*invalid.*cil'" 1 - rlRun "semodule -i invalid.cil" 1 - rlRun "semodule -lfull | grep '400.*invalid.*cil'" 1 - rlRun "semodule -r invalid" 1 - rlRun "semodule -lfull | grep '400.*invalid.*cil'" 1 - rlRun "semanage module -l | grep 'invalid.*400.*cil'" 1 - rlRun "semanage module -a invalid.cil" 1 - rlRun "semanage module -l | grep 'invalid.*400.*cil'" 1 - rlRun "semanage module -r invalid" 1 - rlRun "semanage module -l | grep 'invalid.*400.*cil'" 1 - rlPhaseEnd - - rlPhaseStartCleanup - rlRun "rm -f empty.cil invalid.cil" - rlPhaseEnd -rlJournalPrintText -rlJournalEnd - diff --git a/tests/linux-system-roles.selinux-tests/Makefile b/tests/linux-system-roles.selinux-tests/Makefile deleted file mode 100644 index eed0222..0000000 --- a/tests/linux-system-roles.selinux-tests/Makefile +++ /dev/null @@ -1,63 +0,0 @@ -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Makefile of selinux-ansible-playbook -# Description: Run linux-system-roles.selinux (https://github.com/linux-system-roles/selinux.git) Ansible role tests -# Author: Petr Lautrbach -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2018 Red Hat, Inc. -# -# This program is free software: you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation, either version 2 of -# the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see http://www.gnu.org/licenses/. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -export TEST=linux-system-roles.selinux-tests -export TESTVERSION=1.0 - -BUILT_FILES= - -FILES=$(METADATA) runtest.sh Makefile PURPOSE - -.PHONY: all install download clean - -run: $(FILES) build - ./runtest.sh - -build: $(BUILT_FILES) - test -x runtest.sh || chmod a+x runtest.sh - -clean: - rm -f *~ $(BUILT_FILES) - -include /usr/share/rhts/lib/rhts-make.include - -$(METADATA): Makefile - @echo "Owner: Petr Lautrbach " > $(METADATA) - @echo "Name: $(TEST)" >> $(METADATA) - @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) - @echo "Path: $(TEST_DIR)" >> $(METADATA) - @echo "Description: Run linux-system-roles.selinux (https://github.com/linux-system-roles/selinux.git) Ansible role tests" >> $(METADATA) - @echo "Type: Sanity" >> $(METADATA) - @echo "TestTime: 10m" >> $(METADATA) - @echo "RunFor: policycoreutils" >> $(METADATA) - @echo "Requires: policycoreutils ansible git" >> $(METADATA) - @echo "Priority: Normal" >> $(METADATA) - @echo "License: GPLv2+" >> $(METADATA) - @echo "Confidential: no" >> $(METADATA) - @echo "Destructive: no" >> $(METADATA) - @echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA) - - rhts-lint $(METADATA) - diff --git a/tests/linux-system-roles.selinux-tests/PURPOSE b/tests/linux-system-roles.selinux-tests/PURPOSE deleted file mode 100644 index 0494ab0..0000000 --- a/tests/linux-system-roles.selinux-tests/PURPOSE +++ /dev/null @@ -1,4 +0,0 @@ -PURPOSE of selinux-ansible-playbook -Author: Petr Lautrbach - -Run linux-system-roles.selinux (https://github.com/linux-system-roles/selinux.git) Ansible role tests diff --git a/tests/linux-system-roles.selinux-tests/runtest.sh b/tests/linux-system-roles.selinux-tests/runtest.sh deleted file mode 100755 index 95485af..0000000 --- a/tests/linux-system-roles.selinux-tests/runtest.sh +++ /dev/null @@ -1,57 +0,0 @@ -#!/bin/bash -# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Description: Run linux-system-roles.selinux (https://github.com/linux-system-roles/selinux.git) Ansible role tests -# Author: Petr Lautrbach -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2018 Red Hat, Inc. -# -# This program is free software: you can redistribute it and/or -# modify it under the terms of the GNU General Public License as -# published by the Free Software Foundation, either version 2 of -# the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see http://www.gnu.org/licenses/. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -# Include Beaker environment -. /usr/bin/rhts-environment.sh || exit 1 -. /usr/share/beakerlib/beakerlib.sh || exit 1 - -PACKAGE="policycoreutils" - -rlJournalStart - rlPhaseStartSetup - rlAssertRpm $PACKAGE - rlAssertRpm "git" - rlAssertRpm "ansible" - - rlPhaseEnd - - rlPhaseStartTest - rlRun "git clone https://github.com/linux-system-roles/selinux.git" - rlRun "cd selinux/test" - - for ansible_test in test_*.yml; do - rlRun "ansible-playbook -i localhost, -c local -v $ansible_test" - done - - rlPhaseEnd - - rlPhaseStartCleanup - rlRun "cd ../../" - rlRun "rm -rf selinux" - rlPhaseEnd -rlJournalPrintText -rlJournalEnd - diff --git a/tests/load_policy/Makefile b/tests/load_policy/Makefile deleted file mode 100644 index ffee588..0000000 --- a/tests/load_policy/Makefile +++ /dev/null @@ -1,64 +0,0 @@ -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Makefile of /CoreOS/policycoreutils/Sanity/load_policy -# Description: Does load_policy work as expected? Does it produce correct audit messages? -# Author: Milos Malik -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2016 Red Hat, Inc. -# -# This copyrighted material is made available to anyone wishing -# to use, modify, copy, or redistribute it subject to the terms -# and conditions of the GNU General Public License version 2. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public -# License along with this program; if not, write to the Free -# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, -# Boston, MA 02110-1301, USA. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -export TEST=/CoreOS/policycoreutils/Sanity/load_policy -export TESTVERSION=1.0 - -BUILT_FILES= - -FILES=$(METADATA) runtest.sh Makefile PURPOSE - -.PHONY: all install download clean - -run: $(FILES) build - ./runtest.sh - -build: $(BUILT_FILES) - test -x runtest.sh || chmod a+x runtest.sh - -clean: - rm -f *~ $(BUILT_FILES) - -include /usr/share/rhts/lib/rhts-make.include - -$(METADATA): Makefile - @echo "Owner: Milos Malik " > $(METADATA) - @echo "Name: $(TEST)" >> $(METADATA) - @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) - @echo "Path: $(TEST_DIR)" >> $(METADATA) - @echo "Description: Does load_policy work as expected? Does it produce correct audit messages?" >> $(METADATA) - @echo "Type: Sanity" >> $(METADATA) - @echo "TestTime: 5m" >> $(METADATA) - @echo "RunFor: policycoreutils" >> $(METADATA) - @echo "Requires: audit policycoreutils selinux-policy-targeted" >> $(METADATA) - @echo "Priority: Normal" >> $(METADATA) - @echo "License: GPLv2" >> $(METADATA) - @echo "Confidential: no" >> $(METADATA) - @echo "Destructive: no" >> $(METADATA) - @echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA) - - rhts-lint $(METADATA) - diff --git a/tests/load_policy/PURPOSE b/tests/load_policy/PURPOSE deleted file mode 100644 index a5984d3..0000000 --- a/tests/load_policy/PURPOSE +++ /dev/null @@ -1,5 +0,0 @@ -PURPOSE of /CoreOS/policycoreutils/Sanity/load_policy -Author: Milos Malik - -Does load_policy work as expected? Does it produce correct audit messages? - diff --git a/tests/load_policy/runtest.sh b/tests/load_policy/runtest.sh deleted file mode 100755 index 2a77654..0000000 --- a/tests/load_policy/runtest.sh +++ /dev/null @@ -1,79 +0,0 @@ -#!/bin/bash -# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# runtest.sh of /CoreOS/policycoreutils/Sanity/load_policy -# Description: Does load_policy work as expected? Does it produce correct audit messages? -# Author: Milos Malik -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2016 Red Hat, Inc. -# -# This copyrighted material is made available to anyone wishing -# to use, modify, copy, or redistribute it subject to the terms -# and conditions of the GNU General Public License version 2. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public -# License along with this program; if not, write to the Free -# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, -# Boston, MA 02110-1301, USA. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -# Include Beaker environment -. /usr/bin/rhts-environment.sh || exit 1 -. /usr/share/beakerlib/beakerlib.sh || exit 1 - -PACKAGE="policycoreutils" -if rlIsRHEL 6 ; then - SELINUX_FS_MOUNT="/selinux" -else # RHEL-7 and above - SELINUX_FS_MOUNT="/sys/fs/selinux" -fi - -rlJournalStart - rlPhaseStartSetup - rlAssertRpm ${PACKAGE} - rlRun "ls -l `which load_policy`" - BINARY_POLICY=`find /etc/selinux/targeted -type f -name policy.?? | sort -n | tail -n 1` - rlRun "ls -l ${BINARY_POLICY}" - rlPhaseEnd - - rlPhaseStartTest - rlRun "load_policy --xyz 2>&1 | grep \"invalid option\"" - rlRun "dmesg | grep -i selinux" 0,1 - rlRun "grep -i selinux /proc/mounts" - START_DATE_TIME=`date "+%m/%d/%Y %T"` - sleep 1 - rlRun "load_policy -q" - rlRun "grep -i selinux /proc/mounts" - sleep 1 - if rlIsRHEL ; then - rlRun "ausearch -m MAC_POLICY_LOAD -i -ts ${START_DATE_TIME} | grep load_policy" - fi - rlRun "ausearch -m MAC_POLICY_LOAD -i -ts ${START_DATE_TIME} | grep 'policy loaded'" - rlRun "umount ${SELINUX_FS_MOUNT}" - rlRun "grep -i selinux /proc/mounts" 1 - START_DATE_TIME=`date "+%m/%d/%Y %T"` - sleep 1 - rlRun "load_policy -i ${BINARY_POLICY}" - rlRun "grep -i selinux /proc/mounts" - sleep 1 - if rlIsRHEL ; then - rlRun "ausearch -m MAC_POLICY_LOAD -i -ts ${START_DATE_TIME} | grep load_policy" - fi - rlRun "ausearch -m MAC_POLICY_LOAD -i -ts ${START_DATE_TIME} | grep 'policy loaded'" - rlRun "dmesg | grep -i selinux" - rlPhaseEnd - - rlPhaseStartCleanup - rlPhaseEnd -rlJournalPrintText -rlJournalEnd - diff --git a/tests/restorecon/Makefile b/tests/restorecon/Makefile deleted file mode 100644 index 991e8f9..0000000 --- a/tests/restorecon/Makefile +++ /dev/null @@ -1,70 +0,0 @@ -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Makefile of /CoreOS/policycoreutils/Sanity/restorecon -# Description: does restorecon work correctly ? -# Author: Milos Malik -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2011 Red Hat, Inc. All rights reserved. -# -# This copyrighted material is made available to anyone wishing -# to use, modify, copy, or redistribute it subject to the terms -# and conditions of the GNU General Public License version 2. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public -# License along with this program; if not, write to the Free -# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, -# Boston, MA 02110-1301, USA. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -export TEST=/CoreOS/policycoreutils/Sanity/restorecon -export TESTVERSION=1.0 - -BUILT_FILES= - -FILES=$(METADATA) runtest.sh Makefile PURPOSE testpolicy.te testpolicy.fc - -.PHONY: all install download clean - -run: $(FILES) build - ./runtest.sh - -build: $(BUILT_FILES) - chmod a+x runtest.sh - chcon -t bin_t runtest.sh;: - -clean: - rm -f *~ $(BUILT_FILES) - -include /usr/share/rhts/lib/rhts-make.include - -$(METADATA): Makefile - @echo "Owner: Milos Malik " > $(METADATA) - @echo "Name: $(TEST)" >> $(METADATA) - @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) - @echo "Path: $(TEST_DIR)" >> $(METADATA) - @echo "Description: does restorecon work correctly ?" >> $(METADATA) - @echo "Type: Sanity" >> $(METADATA) - @echo "TestTime: 15m" >> $(METADATA) - @echo "RunFor: policycoreutils" >> $(METADATA) - @echo "Requires: policycoreutils" >> $(METADATA) - @echo "Requires: grep" >> $(METADATA) - @echo "Requires: e2fsprogs" >> $(METADATA) - @echo "Requires: libselinux" >> $(METADATA) - @echo "Requires: selinux-policy-devel" >> $(METADATA) - @echo "Requires: libselinux-utils" >> $(METADATA) - @echo "Priority: Normal" >> $(METADATA) - @echo "License: GPLv2" >> $(METADATA) - @echo "Confidential: no" >> $(METADATA) - @echo "Destructive: no" >> $(METADATA) - @echo "Releases: -RHEL4" >> $(METADATA) - - rhts-lint $(METADATA) - diff --git a/tests/restorecon/PURPOSE b/tests/restorecon/PURPOSE deleted file mode 100644 index d029be8..0000000 --- a/tests/restorecon/PURPOSE +++ /dev/null @@ -1,5 +0,0 @@ -PURPOSE of /CoreOS/policycoreutils/Sanity/restorecon -Author: Milos Malik - -Does restorecon work correctly? - diff --git a/tests/restorecon/runtest.sh b/tests/restorecon/runtest.sh deleted file mode 100755 index b16d4c0..0000000 --- a/tests/restorecon/runtest.sh +++ /dev/null @@ -1,367 +0,0 @@ -#!/bin/bash -# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# runtest.sh of /CoreOS/policycoreutils/Sanity/restorecon -# Description: does restorecon work correctly ? -# Author: Milos Malik -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2011 Red Hat, Inc. All rights reserved. -# -# This copyrighted material is made available to anyone wishing -# to use, modify, copy, or redistribute it subject to the terms -# and conditions of the GNU General Public License version 2. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public -# License along with this program; if not, write to the Free -# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, -# Boston, MA 02110-1301, USA. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -# Include rhts environment -. /usr/bin/rhts-environment.sh -. /usr/share/beakerlib/beakerlib.sh - -PACKAGE="policycoreutils" - -rlJournalStart - rlPhaseStartSetup - rlAssertRpm ${PACKAGE} - rlServiceStop mcstrans mcstransd - rlRun "rpm -qf `which restorecon` | grep ${PACKAGE}" - rlRun "setenforce 1" - rlRun "sestatus" - rlRun "setsebool allow_domain_fd_use on" - rlPhaseEnd - - rlPhaseStartTest "Functional test" - - TESTDIR="/opt/restorecon_testdir" - DIRS="correct.dir incorrect1.dir incorrect2.dir customizable.dir" - FILES="correct.file incorrect.file customizable.file" - - rlRun "make -f /usr/share/selinux/devel/Makefile" - rlRun "semodule -i testpolicy.pp" - - rlFileBackup /etc/selinux/targeted/contexts/customizable_types - rlRun "echo 'customizable_t' >> /etc/selinux/targeted/contexts/customizable_types" - - # Here is the testing dirs and files structure - # all the files have initial context corresponding to their names - - # ./ - # correct.file - # incorrect.file - # customizable.file - - # correct.dir/ - # correct.file - # incorrect.file - # customizable.file - - # incorrect1.dir/ - # correct.file - # incorrect.file - # customizable.file - - # incorrect2.dir/ - # correct.file - # incorrect.file - # customizable.file - - # customizable.dir/ - # correct.file - # incorrect.file - # customizable.file - - # Function to set initial contexts - function set_contexts { - # Set the intended contexts - rlLog "Setting initial contexts of testing dirs..." - restorecon -R $TESTDIR - for ITEM in `find . -name 'incorrect*'`; do - chcon -t incorrect_t $ITEM - done - for ITEM in `find . -name 'customizable*'`; do - chcon -t customizable_t $ITEM - done - } - - # Check that files in dir $1 have the initial contexts - function check_initial_contexts { - if echo $1 | grep -q 'incorrect.dir'; then - rlRun "ls -ladZ $1 | grep :incorrect_t" - elif echo $1 | grep -q 'correct.dir'; then - rlRun "ls -ladZ $1 | grep :correct_t" - elif echo $1 | grep -q 'customizable.dir'; then - rlRun "ls -ladZ $1 | grep :customizable_t" - fi - rlRun "ls -ladZ $1/* | grep '\ ../file_list < -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2013 Red Hat, Inc. All rights reserved. -# -# This copyrighted material is made available to anyone wishing -# to use, modify, copy, or redistribute it subject to the terms -# and conditions of the GNU General Public License version 2. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public -# License along with this program; if not, write to the Free -# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, -# Boston, MA 02110-1301, USA. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -export TEST=/CoreOS/policycoreutils/Regression/semanage-interface -export TESTVERSION=1.0 - -BUILT_FILES= - -FILES=$(METADATA) runtest.sh Makefile PURPOSE - -.PHONY: all install download clean - -run: $(FILES) build - ./runtest.sh - -build: $(BUILT_FILES) - test -x runtest.sh || chmod a+x runtest.sh - test -x runtest.sh || chcon -t bin_t runtest.sh - -clean: - rm -f *~ $(BUILT_FILES) - -include /usr/share/rhts/lib/rhts-make.include - -$(METADATA): Makefile - @echo "Owner: Milos Malik " > $(METADATA) - @echo "Name: $(TEST)" >> $(METADATA) - @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) - @echo "Path: $(TEST_DIR)" >> $(METADATA) - @echo "Description: Does semanage interface ... work correctly?" >> $(METADATA) - @echo "Type: Regression" >> $(METADATA) - @echo "TestTime: 20m" >> $(METADATA) - @echo "RunFor: policycoreutils" >> $(METADATA) - @echo "Requires: policycoreutils policycoreutils-python-utils grep selinux-policy-minimum selinux-policy-mls selinux-policy-targeted" >> $(METADATA) - @echo "Priority: Normal" >> $(METADATA) - @echo "License: GPLv2" >> $(METADATA) - @echo "Confidential: no" >> $(METADATA) - @echo "Destructive: no" >> $(METADATA) - @echo "Releases: -RHEL4" >> $(METADATA) - - rhts-lint $(METADATA) - diff --git a/tests/semanage-interface/PURPOSE b/tests/semanage-interface/PURPOSE deleted file mode 100644 index 86bd3ab..0000000 --- a/tests/semanage-interface/PURPOSE +++ /dev/null @@ -1,4 +0,0 @@ -PURPOSE of /CoreOS/policycoreutils/Regression/semanage-interface -Description: Does semanage interface ... work correctly? -Author: Milos Malik - diff --git a/tests/semanage-interface/runtest.sh b/tests/semanage-interface/runtest.sh deleted file mode 100755 index ba8608b..0000000 --- a/tests/semanage-interface/runtest.sh +++ /dev/null @@ -1,69 +0,0 @@ -#!/bin/bash -# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# runtest.sh of /CoreOS/policycoreutils/Regression/semanage-interface -# Description: Does semanage interface ... work correctly? -# Author: Milos Malik -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2013 Red Hat, Inc. All rights reserved. -# -# This copyrighted material is made available to anyone wishing -# to use, modify, copy, or redistribute it subject to the terms -# and conditions of the GNU General Public License version 2. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public -# License along with this program; if not, write to the Free -# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, -# Boston, MA 02110-1301, USA. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -# Include Beaker environment -. /usr/bin/rhts-environment.sh || exit 1 -. /usr/share/beakerlib/beakerlib.sh || exit 1 - -PACKAGE="policycoreutils" - -rlJournalStart - rlPhaseStartSetup - rlAssertRpm ${PACKAGE} - rlPhaseEnd - - rlPhaseStartTest - rlRun "semanage interface --help" 0,1 - for POLICY_TYPE in minimum mls targeted ; do - if [ ! -d /etc/selinux/${POLICY_TYPE} ] ; then - continue - fi - rlRun "semanage interface -l -S ${POLICY_TYPE}" - done - if ! rlIsRHEL 5; then - rlRun "semanage interface -l -S unknown 2>&1 | grep \"store cannot be accessed\"" - fi - rlRun "semanage interface -a -t xyz_t xyz 2>&1 | grep -i -e 'not defined' -e 'error' -e 'could not'" - rlRun "semanage interface -m xyz" 1,2 - rlRun "semanage interface -d xyz" 1 - rlRun "semanage interface -a -t netif_t xyz" - if rlIsRHEL 5 6; then - rlRun "semanage interface -m -r s0 xyz" - else - rlRun "semanage interface -m -t netif_t -r s0 xyz" - fi - rlRun "semanage interface -l | grep \"xyz.*:netif_t:s0\"" - rlRun "semanage interface -d xyz" - rlRun "semanage interface -l | grep xyz" 1 - rlPhaseEnd - - rlPhaseStartCleanup - rlPhaseEnd -rlJournalPrintText -rlJournalEnd - diff --git a/tests/semanage-login/Makefile b/tests/semanage-login/Makefile deleted file mode 100644 index 1172ca9..0000000 --- a/tests/semanage-login/Makefile +++ /dev/null @@ -1,65 +0,0 @@ -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Makefile of /CoreOS/policycoreutils/Regression/semanage-login -# Description: Does semanage login ... work correctly? -# Author: Milos Malik -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2013 Red Hat, Inc. All rights reserved. -# -# This copyrighted material is made available to anyone wishing -# to use, modify, copy, or redistribute it subject to the terms -# and conditions of the GNU General Public License version 2. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public -# License along with this program; if not, write to the Free -# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, -# Boston, MA 02110-1301, USA. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -export TEST=/CoreOS/policycoreutils/Regression/semanage-login -export TESTVERSION=1.0 - -BUILT_FILES= - -FILES=$(METADATA) runtest.sh Makefile PURPOSE - -.PHONY: all install download clean - -run: $(FILES) build - ./runtest.sh - -build: $(BUILT_FILES) - test -x runtest.sh || chmod a+x runtest.sh - test -x runtest.sh || chcon -t bin_t runtest.sh - -clean: - rm -f *~ $(BUILT_FILES) - -include /usr/share/rhts/lib/rhts-make.include - -$(METADATA): Makefile - @echo "Owner: Milos Malik " > $(METADATA) - @echo "Name: $(TEST)" >> $(METADATA) - @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) - @echo "Path: $(TEST_DIR)" >> $(METADATA) - @echo "Description: Does semanage login ... work correctly?" >> $(METADATA) - @echo "Type: Regression" >> $(METADATA) - @echo "TestTime: 10m" >> $(METADATA) - @echo "RunFor: policycoreutils" >> $(METADATA) - @echo "Requires: policycoreutils policycoreutils-python-utils grep shadow-utils selinux-policy-minimum selinux-policy-mls selinux-policy-targeted" >> $(METADATA) - @echo "Priority: Normal" >> $(METADATA) - @echo "License: GPLv2" >> $(METADATA) - @echo "Confidential: no" >> $(METADATA) - @echo "Destructive: no" >> $(METADATA) - @echo "Releases: -RHEL4" >> $(METADATA) - - rhts-lint $(METADATA) - diff --git a/tests/semanage-login/PURPOSE b/tests/semanage-login/PURPOSE deleted file mode 100644 index b8f26c6..0000000 --- a/tests/semanage-login/PURPOSE +++ /dev/null @@ -1,4 +0,0 @@ -PURPOSE of /CoreOS/policycoreutils/Regression/semanage-login -Description: Does semanage login ... work correctly? -Author: Milos Malik - diff --git a/tests/semanage-login/runtest.sh b/tests/semanage-login/runtest.sh deleted file mode 100755 index daf074c..0000000 --- a/tests/semanage-login/runtest.sh +++ /dev/null @@ -1,67 +0,0 @@ -#!/bin/bash -# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# runtest.sh of /CoreOS/policycoreutils/Regression/semanage-login -# Description: Does semanage login ... work correctly? -# Author: Milos Malik -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2013 Red Hat, Inc. All rights reserved. -# -# This copyrighted material is made available to anyone wishing -# to use, modify, copy, or redistribute it subject to the terms -# and conditions of the GNU General Public License version 2. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public -# License along with this program; if not, write to the Free -# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, -# Boston, MA 02110-1301, USA. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -# Include Beaker environment -. /usr/bin/rhts-environment.sh || exit 1 -. /usr/share/beakerlib/beakerlib.sh || exit 1 - -PACKAGE="policycoreutils" - -rlJournalStart - rlPhaseStartSetup - rlAssertRpm ${PACKAGE} - rlPhaseEnd - - rlPhaseStartTest - rlRun "semanage login --help" 0,1 - for POLICY_TYPE in minimum mls targeted ; do - if [ ! -d /etc/selinux/${POLICY_TYPE} ] ; then - continue - fi - rlRun "semanage login -l -S ${POLICY_TYPE}" - done - if ! rlIsRHEL 5; then - rlRun "semanage login -l -S unknown 2>&1 | grep \"store cannot be accessed\"" - fi - rlRun "semanage login -a -s xyz_u xyz 2>&1 | grep -i -e 'does not exist' -e 'mapping.*invalid' -e 'could not query'" - rlRun "semanage login -m xyz" 1 - rlRun "semanage login -d xyz" 1 - rlRun "useradd xyz" - rlRun "semanage login -a -s user_u xyz" - rlRun "semanage login -m -r s0 xyz" - rlRun "semanage login -l | grep \"xyz.*user_u.*s0\"" - rlRun "semanage login -d xyz" - rlRun "semanage login -l | grep xyz" 1 - rlRun "userdel -rf xyz" - rlPhaseEnd - - rlPhaseStartCleanup - rlPhaseEnd -rlJournalPrintText -rlJournalEnd - diff --git a/tests/semanage-permissive-d-problems/Makefile b/tests/semanage-permissive-d-problems/Makefile deleted file mode 100644 index a5bffc2..0000000 --- a/tests/semanage-permissive-d-problems/Makefile +++ /dev/null @@ -1,70 +0,0 @@ -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Makefile of /CoreOS/policycoreutils/Regression/semanage-permissive-d-problems -# Description: semanage permissive -d accepts more than domain types, its behavior is not reliable -# Author: Milos Malik -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2011 Red Hat, Inc. All rights reserved. -# -# This copyrighted material is made available to anyone wishing -# to use, modify, copy, or redistribute it subject to the terms -# and conditions of the GNU General Public License version 2. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public -# License along with this program; if not, write to the Free -# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, -# Boston, MA 02110-1301, USA. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -export TEST=/CoreOS/policycoreutils/Regression/semanage-permissive-d-problems -export TESTVERSION=1.0 - -BUILT_FILES= - -FILES=$(METADATA) runtest.sh Makefile PURPOSE - -.PHONY: all install download clean - -run: $(FILES) build - ./runtest.sh - -build: $(BUILT_FILES) - chmod a+x runtest.sh - chcon -t bin_t runtest.sh; : - -clean: - rm -f *~ $(BUILT_FILES) - -include /usr/share/rhts/lib/rhts-make.include - -$(METADATA): Makefile - @echo "Owner: Milos Malik " > $(METADATA) - @echo "Name: $(TEST)" >> $(METADATA) - @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) - @echo "Path: $(TEST_DIR)" >> $(METADATA) - @echo "Description: semanage permissive -d accepts more than domain types, its behavior is not reliable" >> $(METADATA) - @echo "Type: Regression" >> $(METADATA) - @echo "TestTime: 20m" >> $(METADATA) - @echo "RunFor: policycoreutils" >> $(METADATA) - @echo "Requires: policycoreutils" >> $(METADATA) - @echo "Requires: policycoreutils-python-utils" >> $(METADATA) - @echo "Requires: policycoreutils-devel" >> $(METADATA) - @echo "Requires: selinux-policy-devel" >> $(METADATA) - @echo "Requires: grep" >> $(METADATA) - @echo "Requires: coreutils" >> $(METADATA) - @echo "Priority: Normal" >> $(METADATA) - @echo "License: GPLv2" >> $(METADATA) - @echo "Releases: -RHEL4 -RHELServer5 -RHELClient5" >> $(METADATA) - @echo "Confidential: no" >> $(METADATA) - @echo "Destructive: no" >> $(METADATA) - - rhts-lint $(METADATA) - diff --git a/tests/semanage-permissive-d-problems/PURPOSE b/tests/semanage-permissive-d-problems/PURPOSE deleted file mode 100644 index f0d5e6f..0000000 --- a/tests/semanage-permissive-d-problems/PURPOSE +++ /dev/null @@ -1,5 +0,0 @@ -PURPOSE of /CoreOS/policycoreutils/Regression/semanage-permissive-d-problems -Author: Milos Malik - -Does semanage permissive work correctly? - diff --git a/tests/semanage-permissive-d-problems/runtest.sh b/tests/semanage-permissive-d-problems/runtest.sh deleted file mode 100755 index 61ccc4f..0000000 --- a/tests/semanage-permissive-d-problems/runtest.sh +++ /dev/null @@ -1,93 +0,0 @@ -#!/bin/bash -# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# runtest.sh of /CoreOS/policycoreutils/Regression/semanage-permissive-d-problems -# Description: semanage permissive -d accepts more than domain types, its behavior is not reliable -# Author: Milos Malik -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2011 Red Hat, Inc. All rights reserved. -# -# This copyrighted material is made available to anyone wishing -# to use, modify, copy, or redistribute it subject to the terms -# and conditions of the GNU General Public License version 2. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public -# License along with this program; if not, write to the Free -# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, -# Boston, MA 02110-1301, USA. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -# Include rhts environment -. /usr/bin/rhts-environment.sh -. /usr/share/beakerlib/beakerlib.sh - -PACKAGE="policycoreutils" - -rlJournalStart - rlPhaseStartSetup - rlAssertRpm ${PACKAGE} - rlRun "rpm -qf /usr/sbin/semanage" - OUTPUT_FILE=`mktemp` - rlRun "sestatus" - rlPhaseEnd - - if selinuxenabled ; then - rlPhaseStartTest - if rlIsRHEL 7 ; then - rlFileBackup /usr/share/selinux/default/Makefile - rlRun "rm -rf /usr/share/selinux/default/Makefile" - fi - rlRun "semanage permissive -l | grep fenced" 1 - rlRun "semanage permissive -a fenced_t" - rlRun "semanage permissive -l | grep fenced" - rlRun "semanage permissive -d fenced_t" - rlRun "semanage permissive -l | grep fenced" 1 - if rlIsRHEL 7 ; then - rlFileRestore - fi - rlPhaseEnd - - rlPhaseStartTest - rlRun "semanage permissive -l 2>&1 | grep -e ypserv_t -e ypbind_t | tee ${OUTPUT_FILE}" - rlRun "wc -l < ${OUTPUT_FILE} | grep ^0$" - rlRun "semanage permissive -a ypbind_t" - rlRun "semanage permissive -a ypserv_t" - rlRun "semanage permissive -l 2>&1 | grep -e ypserv_t -e ypbind_t | tee ${OUTPUT_FILE}" - rlRun "wc -l < ${OUTPUT_FILE} | grep ^2$" - rlRun "semanage permissive -d yp" 1-255 - rlRun "semanage permissive -l 2>&1 | grep -e ypserv_t -e ypbind_t | tee ${OUTPUT_FILE}" - rlRun "wc -l < ${OUTPUT_FILE} | grep ^2$" - rlRun "semanage permissive -d ypbind_t" - rlRun "semanage permissive -d ypserv_t" - rlRun "semanage permissive -l 2>&1 | grep -e ypserv_t -e ypbind_t | tee ${OUTPUT_FILE}" - rlRun "wc -l < ${OUTPUT_FILE} | grep ^0$" - rlPhaseEnd - - rlPhaseStartTest - rlRun -s "semanage permissive -d" 1 - rlAssertNotGrep 'traceback' $rlRun_LOG -iEq - rlAssertGrep 'error: the following argument is required: type' $rlRun_LOG -iEq - rm -f $rlRun_LOG - rlPhaseEnd - else - rlPhaseStartTest - rlRun "semanage permissive -l >& ${OUTPUT_FILE}" 0,1 - rlRun "grep -C 32 -i -e exception -e traceback -e error ${OUTPUT_FILE}" 1 - rlPhaseEnd - fi - - rlPhaseStartCleanup - rm -f ${OUTPUT_FILE} - rlPhaseEnd -rlJournalPrintText -rlJournalEnd - diff --git a/tests/semanage-port-add-delete-problems/Makefile b/tests/semanage-port-add-delete-problems/Makefile deleted file mode 100644 index 263da02..0000000 --- a/tests/semanage-port-add-delete-problems/Makefile +++ /dev/null @@ -1,71 +0,0 @@ -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Makefile of /CoreOS/policycoreutils/Regression/semanage-port-add-delete-problems -# Description: semanage accepts invalid port numbers and then cannot delete them -# Author: Milos Malik -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2009 Red Hat, Inc. All rights reserved. -# -# This copyrighted material is made available to anyone wishing -# to use, modify, copy, or redistribute it subject to the terms -# and conditions of the GNU General Public License version 2. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public -# License along with this program; if not, write to the Free -# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, -# Boston, MA 02110-1301, USA. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -export TEST=/CoreOS/policycoreutils/Regression/semanage-port-add-delete-problems -export TESTVERSION=1.0 - -BUILT_FILES= - -FILES=$(METADATA) runtest.sh Makefile PURPOSE - -.PHONY: all install download clean - -run: $(FILES) build - ./runtest.sh - -build: $(BUILT_FILES) - chmod a+x runtest.sh - chcon -t bin_t runtest.sh;: - -clean: - rm -f *~ $(BUILT_FILES) - -include /usr/share/rhts/lib/rhts-make.include - -$(METADATA): Makefile - @echo "Owner: Milos Malik " > $(METADATA) - @echo "Name: $(TEST)" >> $(METADATA) - @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) - @echo "Path: $(TEST_DIR)" >> $(METADATA) - @echo "Description: semanage accepts invalid port numbers and then cannot delete them" >> $(METADATA) - @echo "Type: Regression" >> $(METADATA) - @echo "TestTime: 15m" >> $(METADATA) - @echo "RunFor: policycoreutils" >> $(METADATA) - @echo "Requires: policycoreutils" >> $(METADATA) - @echo "Requires: policycoreutils-python-utils" >> $(METADATA) - @echo "Requires: setools-console" >> $(METADATA) - @echo "Requires: libselinux" >> $(METADATA) - @echo "Requires: libselinux-utils" >> $(METADATA) - @echo "Requires: coreutils" >> $(METADATA) - @echo "Requires: grep" >> $(METADATA) - @echo "Priority: Normal" >> $(METADATA) - @echo "License: GPLv2" >> $(METADATA) - @echo "Confidential: no" >> $(METADATA) - @echo "Destructive: no" >> $(METADATA) - @echo "Releases: -RHEL4" >> $(METADATA) - - rhts-lint $(METADATA) - diff --git a/tests/semanage-port-add-delete-problems/PURPOSE b/tests/semanage-port-add-delete-problems/PURPOSE deleted file mode 100644 index a59e74f..0000000 --- a/tests/semanage-port-add-delete-problems/PURPOSE +++ /dev/null @@ -1,5 +0,0 @@ -PURPOSE of /CoreOS/policycoreutils/Regression/semanage-port-add-delete-problems -Author: Milos Malik - -semanage accepts invalid port numbers and then cannot delete them - diff --git a/tests/semanage-port-add-delete-problems/runtest.sh b/tests/semanage-port-add-delete-problems/runtest.sh deleted file mode 100755 index 2bd9c9a..0000000 --- a/tests/semanage-port-add-delete-problems/runtest.sh +++ /dev/null @@ -1,137 +0,0 @@ -#!/bin/bash -# vim: dict=/usr/share/rhts-library/dictionary.vim cpt=.,w,b,u,t,i,k -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# runtest.sh of /CoreOS/policycoreutils/Regression/semanage-port-add-delete-problems -# Description: semanage accepts invalid port numbers and then cannot delete them -# Author: Milos Malik -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2009 Red Hat, Inc. All rights reserved. -# -# This copyrighted material is made available to anyone wishing -# to use, modify, copy, or redistribute it subject to the terms -# and conditions of the GNU General Public License version 2. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public -# License along with this program; if not, write to the Free -# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, -# Boston, MA 02110-1301, USA. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -. /usr/bin/rhts-environment.sh || exit 1 -. /usr/share/beakerlib/beakerlib.sh || exit 1 - -PACKAGE="policycoreutils" -PORT_NAME="ldap_port_t" -BAD_PORT_NUMBER="123456" -GOOD_PORT_NUMBER="1389" - -rlJournalStart - rlPhaseStartSetup - rlAssertRpm ${PACKAGE} - rlRun "rpm -qf /usr/sbin/semanage" - rlRun "rpm -qf /usr/bin/seinfo" - OUTPUT_FILE=`mktemp` - rlRun "setenforce 1" - rlRun "sestatus" - rlPhaseEnd - - rlPhaseStartTest - rlRun "semanage port -l | grep ${PORT_NAME}" - - rlRun "semanage port -l | grep ${PORT_NAME} | tee -a ${OUTPUT_FILE}" - rlRun "semanage port -a -t ${PORT_NAME} -p tcp ${BAD_PORT_NUMBER}" 1 - rlRun "semanage port -l | grep ${PORT_NAME} | tee -a ${OUTPUT_FILE}" - rlRun "semanage port -d -t ${PORT_NAME} -p tcp ${BAD_PORT_NUMBER}" 1 - rlRun "semanage port -l | grep ${PORT_NAME} | tee -a ${OUTPUT_FILE}" - #rlRun "sort ${OUTPUT_FILE} | uniq | wc -l | grep '^2$'" - - rlRun "semanage port -l | grep ${PORT_NAME} | grep ${GOOD_PORT_NUMBER}" 1 - rlRun "semanage port -a -t ${PORT_NAME} -p tcp ${GOOD_PORT_NUMBER}" - rlRun "semanage port -l | grep ${PORT_NAME} | grep ${GOOD_PORT_NUMBER}" - rlRun "semanage port -d -t ${PORT_NAME} -p tcp ${GOOD_PORT_NUMBER}" - rlRun "semanage port -l | grep ${PORT_NAME} | grep ${GOOD_PORT_NUMBER}" 1 - rlPhaseEnd - - rlPhaseStartTest - rlRun "semanage port -a -t syslogd_port_t -p tcp 60514-60516 2>&1 | grep -i traceback" 1 - rlRun "semanage port -l | grep syslogd_port_t" - rlRun "semanage port -d -t syslogd_port_t -p tcp 60514-60516 2>&1 | grep -i traceback" 1 - rlPhaseEnd - - if rlIsRHEL ; then - rlPhaseStartTest - rlRun "ps -efZ | grep -v grep | grep \"auditd_t.*auditd\"" - if rlIsRHEL 5 6; then - PORT_TYPE="syslogd_port_t" - else - PORT_TYPE="commplex_link_port_t" - fi - - # adding a port number to a type - START_DATE_TIME=`date "+%m/%d/%Y %T"` - sleep 1 - rlRun "semanage port -a -p tcp -t $PORT_TYPE 5005" - sleep 2 - - # Check for user_avc - rlRun "ausearch -m user_avc -ts ${START_DATE_TIME} > ${OUTPUT_FILE}" 0,1 - LINE_COUNT=`wc -l < ${OUTPUT_FILE}` - rlRun "cat ${OUTPUT_FILE}" - rlAssert0 "number of lines in ${OUTPUT_FILE} should be 0" ${LINE_COUNT} - - # deleting a port number from a type - START_DATE_TIME=`date "+%m/%d/%Y %T"` - sleep 1 - rlRun "semanage port -d -p tcp -t $PORT_TYPE 5005" - sleep 2 - - # Check for user_avc - rlRun "ausearch -m user_avc -ts ${START_DATE_TIME} > ${OUTPUT_FILE}" 0,1 - LINE_COUNT=`wc -l < ${OUTPUT_FILE}` - rlRun "cat ${OUTPUT_FILE}" - rlAssert0 "number of lines in ${OUTPUT_FILE} should be 0" ${LINE_COUNT} - rlPhaseEnd - fi - - if ! rlIsRHEL 5 ; then - rlPhaseStartTest - rlRun "seinfo --portcon | grep :hi_reserved_port_t:" - rlRun "seinfo --portcon | grep :reserved_port_t:" - rlRun "semanage port -l | grep ^hi_reserved_port_t" - rlRun "semanage port -l | grep ^reserved_port_t" - if ! rlIsRHEL 6 ; then - rlRun "seinfo --portcon | grep :unreserved_port_t:" - rlRun "semanage port -l | grep ^unreserved_port_t" - fi - rlPhaseEnd - fi - - rlPhaseStartTest "manipulation with hard-wired ports" - rlRun "semanage port -l | grep 'smtp_port_t.*tcp.*25'" - rlRun "semanage port -a -t smtp_port_t -p tcp 25 2>&1 | tee ${OUTPUT_FILE}" - rlAssertGrep "port .* already defined" ${OUTPUT_FILE} -i - rlRun "semanage port -a -t smtp_port_t -p tcp 25 2>&1 | tee ${OUTPUT_FILE}" - rlAssertGrep "port .* already defined" ${OUTPUT_FILE} -i - rlRun "semanage port -l | grep 'smtp_port_t.*tcp.*25'" - rlRun "semanage port -d -t smtp_port_t -p tcp 25 2>&1 | tee ${OUTPUT_FILE}" - rlAssertGrep "port .* is defined in policy.*cannot be deleted" ${OUTPUT_FILE} -i - rlRun "semanage port -d -t smtp_port_t -p tcp 25 2>&1 | tee ${OUTPUT_FILE}" - rlAssertGrep "port .* is defined in policy.*cannot be deleted" ${OUTPUT_FILE} -i - rlRun "semanage port -l | grep 'smtp_port_t.*tcp.*25'" - rlPhaseEnd - - rlPhaseStartCleanup - rm -f ${OUTPUT_FILE} - rlPhaseEnd -rlJournalPrintText -rlJournalEnd - diff --git a/tests/semanage-user/Makefile b/tests/semanage-user/Makefile deleted file mode 100644 index 5ab248d..0000000 --- a/tests/semanage-user/Makefile +++ /dev/null @@ -1,65 +0,0 @@ -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Makefile of /CoreOS/policycoreutils/Regression/semanage-user -# Description: Does semanage user ... work correctly? -# Author: Milos Malik -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2013 Red Hat, Inc. All rights reserved. -# -# This copyrighted material is made available to anyone wishing -# to use, modify, copy, or redistribute it subject to the terms -# and conditions of the GNU General Public License version 2. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public -# License along with this program; if not, write to the Free -# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, -# Boston, MA 02110-1301, USA. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -export TEST=/CoreOS/policycoreutils/Regression/semanage-user -export TESTVERSION=1.0 - -BUILT_FILES= - -FILES=$(METADATA) runtest.sh Makefile PURPOSE testpolicy.te - -.PHONY: all install download clean - -run: $(FILES) build - ./runtest.sh - -build: $(BUILT_FILES) - test -x runtest.sh || chmod a+x runtest.sh - test -x runtest.sh || chcon -t bin_t runtest.sh - -clean: - rm -f *~ $(BUILT_FILES) - -include /usr/share/rhts/lib/rhts-make.include - -$(METADATA): Makefile - @echo "Owner: Milos Malik " > $(METADATA) - @echo "Name: $(TEST)" >> $(METADATA) - @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) - @echo "Path: $(TEST_DIR)" >> $(METADATA) - @echo "Description: Does semanage user ... work correctly?" >> $(METADATA) - @echo "Type: Regression" >> $(METADATA) - @echo "TestTime: 20m" >> $(METADATA) - @echo "RunFor: policycoreutils" >> $(METADATA) - @echo "Requires: policycoreutils policycoreutils-python-utils grep selinux-policy-devel selinux-policy-minimum selinux-policy-mls selinux-policy-targeted selinux-policy-devel" >> $(METADATA) - @echo "Priority: Normal" >> $(METADATA) - @echo "License: GPLv2" >> $(METADATA) - @echo "Confidential: no" >> $(METADATA) - @echo "Destructive: no" >> $(METADATA) - @echo "Releases: -RHEL4" >> $(METADATA) - - rhts-lint $(METADATA) - diff --git a/tests/semanage-user/PURPOSE b/tests/semanage-user/PURPOSE deleted file mode 100644 index 8089db8..0000000 --- a/tests/semanage-user/PURPOSE +++ /dev/null @@ -1,4 +0,0 @@ -PURPOSE of /CoreOS/policycoreutils/Regression/semanage-user -Description: Does semanage user ... work correctly? -Author: Milos Malik - diff --git a/tests/semanage-user/runtest.sh b/tests/semanage-user/runtest.sh deleted file mode 100755 index b2413fb..0000000 --- a/tests/semanage-user/runtest.sh +++ /dev/null @@ -1,76 +0,0 @@ -#!/bin/bash -# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# runtest.sh of /CoreOS/policycoreutils/Regression/semanage-user -# Description: Does semanage user ... work correctly? -# Author: Milos Malik -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2013 Red Hat, Inc. All rights reserved. -# -# This copyrighted material is made available to anyone wishing -# to use, modify, copy, or redistribute it subject to the terms -# and conditions of the GNU General Public License version 2. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public -# License along with this program; if not, write to the Free -# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, -# Boston, MA 02110-1301, USA. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -# Include Beaker environment -. /usr/bin/rhts-environment.sh || exit 1 -. /usr/share/beakerlib/beakerlib.sh || exit 1 - -PACKAGE="policycoreutils" - -rlJournalStart - rlPhaseStartSetup - rlAssertRpm ${PACKAGE} - rlRun "make -f /usr/share/selinux/devel/Makefile" - rlRun "ls -l testpolicy.pp" - rlPhaseEnd - - rlPhaseStartTest - if rlIsRHEL 5 6; then - rlRun "semanage user --help" 1 - else - rlRun "semanage user --help" 0 - # semanage: list option can not be used with --level ("semanage user -l") - rlRun "semanage user --help | grep fcontext" 1 - fi - for POLICY_TYPE in minimum mls targeted ; do - if [ ! -d /etc/selinux/${POLICY_TYPE} ] ; then - continue - fi - rlRun "semanage user -l -S ${POLICY_TYPE}" - done - if ! rlIsRHEL 5; then - rlRun "semanage user -l -S unknown 2>&1 | grep \"store cannot be accessed\"" - fi - rlRun "semanage user -a -P user -R xyz_r xyz_u 2>&1 | grep -i -e 'undefined' -e 'error' -e 'could not'" - rlRun "semanage user -m xyz_u" 1 - rlRun "semanage user -d xyz_u" 1 - rlRun "semodule -i testpolicy.pp" - rlRun "semanage user -a -P user -R xyz_r xyz_u" - rlRun "semanage user -m -r s0 xyz_u" - rlRun "semanage user -l | grep \"xyz_u.*s0.*s0.*xyz_r\"" - rlRun "semanage user -d xyz_u" - rlRun "semanage user -l | grep xyz_u" 1 - rlRun "semodule -r testpolicy" - rlPhaseEnd - - rlPhaseStartCleanup - rlRun "rm -rf tmp testpolicy.{fc,if,pp}" - rlPhaseEnd -rlJournalPrintText -rlJournalEnd - diff --git a/tests/semanage-user/testpolicy.te b/tests/semanage-user/testpolicy.te deleted file mode 100644 index b854bef..0000000 --- a/tests/semanage-user/testpolicy.te +++ /dev/null @@ -1,11 +0,0 @@ -module testpolicy 1.0; - -type xyz_t; -role xyz_r; - -require { - type xyz_t; -} - -role xyz_r types xyz_t; - diff --git a/tests/sepolicy-generate/Makefile b/tests/sepolicy-generate/Makefile deleted file mode 100644 index 9e1a9b7..0000000 --- a/tests/sepolicy-generate/Makefile +++ /dev/null @@ -1,64 +0,0 @@ -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Makefile of /CoreOS/policycoreutils/Sanity/sepolicy-generate -# Description: sepolicy generate sanity test -# Author: Michal Trunecka -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2013 Red Hat, Inc. All rights reserved. -# -# This copyrighted material is made available to anyone wishing -# to use, modify, copy, or redistribute it subject to the terms -# and conditions of the GNU General Public License version 2. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public -# License along with this program; if not, write to the Free -# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, -# Boston, MA 02110-1301, USA. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -export TEST=/CoreOS/policycoreutils/Sanity/sepolicy-generate -export TESTVERSION=1.0 - -BUILT_FILES= - -FILES=$(METADATA) runtest.sh Makefile PURPOSE - -.PHONY: all install download clean - -run: $(FILES) build - ./runtest.sh - -build: $(BUILT_FILES) - test -x runtest.sh || chmod a+x runtest.sh - -clean: - rm -f *~ $(BUILT_FILES) - -include /usr/share/rhts/lib/rhts-make.include - -$(METADATA): Makefile - @echo "Owner: Michal Trunecka " > $(METADATA) - @echo "Name: $(TEST)" >> $(METADATA) - @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) - @echo "Path: $(TEST_DIR)" >> $(METADATA) - @echo "Description: sepolicy generate sanity test" >> $(METADATA) - @echo "Type: Sanity" >> $(METADATA) - @echo "TestTime: 115m" >> $(METADATA) - @echo "RunFor: policycoreutils" >> $(METADATA) - @echo "Requires: policycoreutils policycoreutils-devel rpm-build" >> $(METADATA) - @echo "Priority: Normal" >> $(METADATA) - @echo "License: GPLv2" >> $(METADATA) - @echo "Confidential: no" >> $(METADATA) - @echo "Destructive: no" >> $(METADATA) - @echo "Releases: -RHEL4 -RHEL5 -RHEL6" >> $(METADATA) - - rhts-lint $(METADATA) - diff --git a/tests/sepolicy-generate/PURPOSE b/tests/sepolicy-generate/PURPOSE deleted file mode 100644 index a069ff2..0000000 --- a/tests/sepolicy-generate/PURPOSE +++ /dev/null @@ -1,3 +0,0 @@ -PURPOSE of /CoreOS/policycoreutils/Sanity/sepolicy-generate -Description: sepolicy generate sanity test -Author: Michal Trunecka diff --git a/tests/sepolicy-generate/runtest.sh b/tests/sepolicy-generate/runtest.sh deleted file mode 100755 index 5da10b8..0000000 --- a/tests/sepolicy-generate/runtest.sh +++ /dev/null @@ -1,115 +0,0 @@ -#!/bin/bash -# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# runtest.sh of /CoreOS/policycoreutils/Sanity/sepolicy-generate -# Description: sepolicy generate sanity test -# Author: Michal Trunecka -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2013 Red Hat, Inc. All rights reserved. -# -# This copyrighted material is made available to anyone wishing -# to use, modify, copy, or redistribute it subject to the terms -# and conditions of the GNU General Public License version 2. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public -# License along with this program; if not, write to the Free -# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, -# Boston, MA 02110-1301, USA. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -# Include Beaker environment -. /usr/bin/rhts-environment.sh || exit 1 -. /usr/share/beakerlib/beakerlib.sh || exit 1 - -PACKAGE="policycoreutils" - -rlJournalStart - rlPhaseStartSetup - rlRun "rlCheckRequirements ${PACKAGES[*]}" || rlDie "cannot continue" - rlRun "TmpDir=\$(mktemp -d)" 0 "Creating tmp directory" - rlRun "pushd $TmpDir" - rlPhaseEnd - - rlPhaseStartTest - rlRun "mkdir mypolicy" - rlRun "sepolicy generate --customize -p mypolicy -n testpolicy -d httpd_sys_script_t -w /home" - rlRun "grep 'manage_dirs_pattern(httpd_sys_script_t' mypolicy/testpolicy.te" - rlRun "rm -rf mypolicy" - rlPhaseEnd - - rlPhaseStartTest - rlRun "mkdir mypolicy" - rlRun "touch /usr/bin/testpolicy" - for VARIANT in " -n testpolicy --admin_user -r webadm_r" \ - " --application /usr/bin/testpolicy " \ - " -n testpolicy --confined_admin -a firewalld " \ - " -n testpolicy --confined_admin " \ - " -n testpolicy --customize -d httpd_t -a firewalld " \ - " -n testpolicy --customize -d httpd_t" \ - " --dbus /usr/bin/testpolicy " \ - " -n testpolicy --desktop_user " \ - " --inetd /usr/bin/testpolicy " \ - " --init /usr/bin/testpolicy " \ - " -n testpolicy --newtype -t newtype_var_log_t " \ - " -n testpolicy --newtype -t newtype_unit_file_t " \ - " -n testpolicy --newtype -t newtype_var_run_t " \ - " -n testpolicy --newtype -t newtype_var_cache_t " \ - " -n testpolicy --newtype -t newtype_tmp_t " \ - " -n testpolicy --newtype -t newtype_port_t " \ - " -n testpolicy --newtype -t newtype_var_spool_t " \ - " -n testpolicy --newtype -t newtype_var_lib_t " \ - " -n testpolicy --sandbox " \ - " -n testpolicy --term_user " \ - " -n testpolicy --x_user " -# " --cgi /usr/bin/testpolicy " - do - rlRun "sepolicy generate -p mypolicy $VARIANT" - rlRun "cat mypolicy/testpolicy.te" - rlRun "cat mypolicy/testpolicy.if" - rlRun "cat mypolicy/testpolicy.fc" - if echo "$VARIANT" | grep -q newtype; then - rlAssertNotExists "mypolicy/testpolicy.sh" - rlAssertNotExists "mypolicy/testpolicy.spec" - else - rlRun "mypolicy/testpolicy.sh" - rlRun "semodule -l | grep testpolicy" - rlRun "semanage user -d testpolicy_u" 0-255 - rlRun "semodule -r testpolicy" - fi - - rlRun "rm -rf mypolicy/*" - rlRun "sleep 1" - - if ! echo "$VARIANT" | grep -q newtype; then - rlRun "sepolicy generate -p mypolicy -w /home $VARIANT" - rlRun "cat mypolicy/testpolicy.te" - rlRun "cat mypolicy/testpolicy.if" - rlRun "cat mypolicy/testpolicy.fc" - - rlRun "mypolicy/testpolicy.sh" - rlRun "semodule -l | grep testpolicy" - rlRun "semanage user -d testpolicy_u" 0-255 - rlRun "semodule -r testpolicy" - - rlRun "rm -rf mypolicy/*" - rlRun "sleep 1" - fi - done - rlRun "rm -rf mypolicy" - rlPhaseEnd - - rlPhaseStartCleanup - rlRun "popd" - rlRun "rm -r $TmpDir" 0 "Removing tmp directory" - rlPhaseEnd -rlJournalPrintText -rlJournalEnd diff --git a/tests/sestatus/Makefile b/tests/sestatus/Makefile deleted file mode 100644 index e45db0d..0000000 --- a/tests/sestatus/Makefile +++ /dev/null @@ -1,67 +0,0 @@ -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Makefile of /CoreOS/policycoreutils/Sanity/sestatus -# Description: tests everything about sestatus -# Author: Milos Malik -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2011 Red Hat, Inc. All rights reserved. -# -# This copyrighted material is made available to anyone wishing -# to use, modify, copy, or redistribute it subject to the terms -# and conditions of the GNU General Public License version 2. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public -# License along with this program; if not, write to the Free -# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, -# Boston, MA 02110-1301, USA. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -export TEST=/CoreOS/policycoreutils/Sanity/sestatus -export TESTVERSION=1.0 - -BUILT_FILES= - -FILES=$(METADATA) runtest.sh Makefile PURPOSE - -.PHONY: all install download clean - -run: $(FILES) build - ./runtest.sh - -build: $(BUILT_FILES) - chmod a+x runtest.sh - chcon -t bin_t runtest.sh - -clean: - rm -f *~ $(BUILT_FILES) - -include /usr/share/rhts/lib/rhts-make.include - -$(METADATA): Makefile - @echo "Owner: Milos Malik " > $(METADATA) - @echo "Name: $(TEST)" >> $(METADATA) - @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) - @echo "Path: $(TEST_DIR)" >> $(METADATA) - @echo "Description: tests everything about sestatus" >> $(METADATA) - @echo "Type: Sanity" >> $(METADATA) - @echo "TestTime: 5m" >> $(METADATA) - @echo "RunFor: policycoreutils" >> $(METADATA) - @echo "Requires: policycoreutils" >> $(METADATA) - @echo "Requires: grep" >> $(METADATA) - @echo "Requires: man" >> $(METADATA) - @echo "Priority: Normal" >> $(METADATA) - @echo "License: GPLv2" >> $(METADATA) - @echo "Confidential: no" >> $(METADATA) - @echo "Destructive: no" >> $(METADATA) - @echo "Releases: -RHEL4" >> $(METADATA) - - rhts-lint $(METADATA) - diff --git a/tests/sestatus/PURPOSE b/tests/sestatus/PURPOSE deleted file mode 100644 index cacee0f..0000000 --- a/tests/sestatus/PURPOSE +++ /dev/null @@ -1,4 +0,0 @@ -PURPOSE of /CoreOS/policycoreutils/Sanity/sestatus -Description: tests everything about sestatus -Author: Milos Malik - diff --git a/tests/sestatus/runtest.sh b/tests/sestatus/runtest.sh deleted file mode 100644 index b91b948..0000000 --- a/tests/sestatus/runtest.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# runtest.sh of /CoreOS/policycoreutils/Sanity/sestatus -# Description: tests everything about sestatus -# Author: Milos Malik -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2011 Red Hat, Inc. All rights reserved. -# -# This copyrighted material is made available to anyone wishing -# to use, modify, copy, or redistribute it subject to the terms -# and conditions of the GNU General Public License version 2. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public -# License along with this program; if not, write to the Free -# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, -# Boston, MA 02110-1301, USA. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -# Include rhts environment -. /usr/bin/rhts-environment.sh -. /usr/share/beakerlib/beakerlib.sh - -PACKAGE="policycoreutils" -if rlIsRHEL 5 6 ; then - SELINUX_FS_MOUNT="/selinux" -else # RHEL-7 and above - SELINUX_FS_MOUNT="/sys/fs/selinux" -fi - -rlJournalStart - rlPhaseStartSetup - rlAssertRpm ${PACKAGE} - rlFileBackup /etc/sestatus.conf - rlRun "mount | grep -i selinux" 0,1 - OUTPUT_FILE=`mktemp` - rlPhaseEnd - - rlPhaseStartTest "basic use" - rlRun "sestatus" - rlRun "sestatus -b 2>&1 | tee ${OUTPUT_FILE}" - rlAssertGrep "policy booleans" ${OUTPUT_FILE} -i - rlRun "sestatus -v 2>&1 | tee ${OUTPUT_FILE}" - rlAssertGrep "process contexts" ${OUTPUT_FILE} -i - rlAssertGrep "file contexts" ${OUTPUT_FILE} -i - rlAssertGrep "current context" ${OUTPUT_FILE} -i - rlAssertGrep "init context" ${OUTPUT_FILE} -i - rlAssertGrep "controlling term" ${OUTPUT_FILE} -i - rlRun "sestatus --xyz 2>&1 | tee ${OUTPUT_FILE}" - rlAssertGrep "invalid option" ${OUTPUT_FILE} -i - rlPhaseEnd - - rlPhaseStartTest "extreme cases" - # pretend that the config file contains an invalid section - rlRun "sed -i 's/files/xyz/' /etc/sestatus.conf" - rlRun "sestatus -v 2>&1 | tee ${OUTPUT_FILE}" - rlAssertGrep "line not in a section" ${OUTPUT_FILE} -i - rlRun "rm -f /etc/sestatus.conf" - rlRun "mkdir /etc/sestatus.conf" # intentionally replaced a file with a directory - rlRun "sestatus -v" - # pretend that the config file is missing - rlRun "rm -rf /etc/sestatus.conf" - for OPTION in "-bv" "-v" ; do - rlRun "sestatus ${OPTION} 2>&1 | tee ${OUTPUT_FILE}" - rlAssertGrep "unable to open /etc/sestatus.conf" ${OUTPUT_FILE} -i - done - rlFileRestore - # pretend that SELinux is disabled - rlRun "umount ${SELINUX_FS_MOUNT}" - for OPTION in "" "-b" "-v" "-bv" ; do - rlRun "sestatus ${OPTION} 2>&1 | tee ${OUTPUT_FILE}" - rlAssertGrep "selinux status.*disabled" ${OUTPUT_FILE} -i - done - rlRun "mount -t selinuxfs none ${SELINUX_FS_MOUNT}" - # pretend that no booleans are defined - rlRun "mkdir ./booleans" - rlRun "mount --bind ./booleans ${SELINUX_FS_MOUNT}/booleans" - rlRun "sestatus -b 2>&1 | tee ${OUTPUT_FILE}" - rlRun "umount ${SELINUX_FS_MOUNT}/booleans" - rlAssertNotGrep "booleans" ${OUTPUT_FILE} -i - rlRun "rmdir ./booleans" - rlPhaseEnd - - # This bug is not worth fixing in RHEL-5 - if ! rlIsRHEL 5 ; then - rlPhaseStartTest - rlRun "rpm -ql ${PACKAGE} | grep /usr/sbin/sestatus" - rlRun "rpm -ql ${PACKAGE} | grep /usr/share/man/man8/sestatus.8" - for OPTION in b v ; do - rlRun "sestatus --help 2>&1 | grep -- -${OPTION}" - rlRun "man sestatus | col -b | grep -- -${OPTION}" - done - if ! rlIsRHEL 6 ; then - rlRun "man -w sestatus.conf" - fi - rlPhaseEnd - fi - - rlPhaseStartCleanup - rlFileRestore - rm -f ${OUTPUT_FILE} - rlPhaseEnd -rlJournalPrintText -rlJournalEnd - diff --git a/tests/setsebool/Makefile b/tests/setsebool/Makefile deleted file mode 100644 index 0730993..0000000 --- a/tests/setsebool/Makefile +++ /dev/null @@ -1,65 +0,0 @@ -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Makefile of /CoreOS/policycoreutils/Sanity/setsebool -# Description: does setsebool work correctly ? -# Author: Milos Malik -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2011 Red Hat, Inc. All rights reserved. -# -# This copyrighted material is made available to anyone wishing -# to use, modify, copy, or redistribute it subject to the terms -# and conditions of the GNU General Public License version 2. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public -# License along with this program; if not, write to the Free -# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, -# Boston, MA 02110-1301, USA. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -export TEST=/CoreOS/policycoreutils/Sanity/setsebool -export TESTVERSION=1.0 - -BUILT_FILES= - -FILES=$(METADATA) runtest.sh Makefile PURPOSE - -.PHONY: all install download clean - -run: $(FILES) build - ./runtest.sh - -build: $(BUILT_FILES) - chmod a+x runtest.sh - chcon -t bin_t runtest.sh - -clean: - rm -f *~ $(BUILT_FILES) - -include /usr/share/rhts/lib/rhts-make.include - -$(METADATA): Makefile - @echo "Owner: Milos Malik " > $(METADATA) - @echo "Name: $(TEST)" >> $(METADATA) - @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) - @echo "Path: $(TEST_DIR)" >> $(METADATA) - @echo "Description: does setsebool work correctly ?" >> $(METADATA) - @echo "Type: Sanity" >> $(METADATA) - @echo "TestTime: 45m" >> $(METADATA) - @echo "RunFor: policycoreutils" >> $(METADATA) - @echo "Requires: audit policycoreutils libselinux-utils shadow-utils grep" >> $(METADATA) - @echo "Priority: Normal" >> $(METADATA) - @echo "License: GPLv2" >> $(METADATA) - @echo "Confidential: no" >> $(METADATA) - @echo "Destructive: no" >> $(METADATA) - @echo "Releases: -RHEL4" >> $(METADATA) - - rhts-lint $(METADATA) - diff --git a/tests/setsebool/PURPOSE b/tests/setsebool/PURPOSE deleted file mode 100644 index 07ce0bf..0000000 --- a/tests/setsebool/PURPOSE +++ /dev/null @@ -1,5 +0,0 @@ -PURPOSE of /CoreOS/policycoreutils/Sanity/setsebool -Author: Milos Malik - -Does setsebool work as expected? Does it produce correct audit messages? - diff --git a/tests/setsebool/runtest.sh b/tests/setsebool/runtest.sh deleted file mode 100755 index 04040d1..0000000 --- a/tests/setsebool/runtest.sh +++ /dev/null @@ -1,151 +0,0 @@ -#!/bin/bash -# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# runtest.sh of /CoreOS/policycoreutils/Sanity/setsebool -# Description: does setsebool work correctly ? -# Author: Milos Malik -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2011 Red Hat, Inc. All rights reserved. -# -# This copyrighted material is made available to anyone wishing -# to use, modify, copy, or redistribute it subject to the terms -# and conditions of the GNU General Public License version 2. -# -# This program is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied -# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR -# PURPOSE. See the GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public -# License along with this program; if not, write to the Free -# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, -# Boston, MA 02110-1301, USA. -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -# Include rhts environment -. /usr/bin/rhts-environment.sh -. /usr/share/beakerlib/beakerlib.sh - -PACKAGE="policycoreutils" -USER_NAME="user${RANDOM}" -USER_SECRET="s3kr3t${RANDOM}" -BOOLEAN="ftpd_connect_db" -if rlIsRHEL 5 6 ; then - SELINUX_FS_MOUNT="/selinux" -else # RHEL-7 and above - SELINUX_FS_MOUNT="/sys/fs/selinux" -fi - -rlJournalStart - rlPhaseStartSetup - rlAssertRpm ${PACKAGE} - OUTPUT_FILE=`mktemp` - chcon -t tmp_t ${OUTPUT_FILE} - - rlRun "useradd ${USER_NAME}" - rlRun "echo ${USER_SECRET} | passwd --stdin ${USER_NAME}" - rlPhaseEnd - - rlPhaseStartTest - for OPTION in "" "-P" ; do - for OPERATOR in " " "=" ; do - for VALUE in 0 1 false true off on ; do - rlRun "setsebool ${OPTION} ${BOOLEAN}${OPERATOR}${VALUE} | grep -i -e illegal -e usage -e invalid" 1 - if [ ${VALUE} == "0" -o ${VALUE} == "false" ] ; then - SHOWN_VALUE="off" - elif [ ${VALUE} == "1" -o ${VALUE} == "true" ] ; then - SHOWN_VALUE="on" - else - SHOWN_VALUE=${VALUE} - fi - rlRun "getsebool -a | grep \"^${BOOLEAN}.*${SHOWN_VALUE}\"" - done - done - done - rlPhaseEnd - - rlPhaseStartTest - rlRun "setsebool" 1 - rlRun "setsebool xyz=1 2>&1 | tee /dev/stderr | grep -i -e \"invalid boolean\" -e \"not found\" -e \"not defined\"" - rlRun "setsebool xyz=-1 2>&1 | tee /dev/stderr | grep -i \"illegal value\"" - rlRun "setsebool xyz=2 2>&1 | tee /dev/stderr | grep -i \"illegal value\"" - if ! rlIsRHEL 5 6 ; then - rlRun "setsebool -N 2>&1 | tee /dev/stderr | grep -i \"boolean.*required\"" - rlRun "setsebool -P 2>&1 | tee /dev/stderr | grep -i \"boolean.*required\"" - fi - rlRun "setsebool -P xyz=1 2>&1 | tee /dev/stderr | grep -i -e \"invalid boolean\" -e \"not found\" -e \"not defined\"" - rlRun "setsebool -P xyz=-1 2>&1 | tee /dev/stderr | grep -i \"illegal value\"" - rlRun "setsebool -P xyz=2 2>&1 | tee /dev/stderr | grep -i \"illegal value\"" - rlPhaseEnd - - if ! rlIsRHEL 5 6 ; then - rlPhaseStartTest - rlRun "su -l -c '/usr/sbin/setsebool allow_ypbind 0' ${USER_NAME} 2>&1 | tee ${OUTPUT_FILE}" - rlAssertGrep "try as root" ${OUTPUT_FILE} -i - rlRun "su -l -c '/usr/sbin/setsebool allow_ypbind 1' ${USER_NAME} 2>&1 | tee ${OUTPUT_FILE}" - rlAssertGrep "try as root" ${OUTPUT_FILE} -i - rlRun "su -l -c '/usr/sbin/setsebool -P allow_ypbind 0' ${USER_NAME} 2>&1 | tee ${OUTPUT_FILE}" - rlAssertGrep "try as root" ${OUTPUT_FILE} -i - rlRun "su -l -c '/usr/sbin/setsebool -P allow_ypbind 1' ${USER_NAME} 2>&1 | tee ${OUTPUT_FILE}" - rlAssertGrep "try as root" ${OUTPUT_FILE} -i - rlPhaseEnd - - rlPhaseStartTest - for OPTION in "" "-P" ; do - rlRun "getsebool allow_ypbind | grep nis_enabled" - rlRun "setsebool ${OPTION} allow_ypbind on" - rlRun "getsebool allow_ypbind | grep \"nis_enabled.*on\"" - rlRun "setsebool ${OPTION} allow_ypbind off" - rlRun "getsebool allow_ypbind | grep \"nis_enabled.*off\"" - done - rlPhaseEnd - - rlPhaseStartTest - # https://fedoraproject.org/wiki/Features/SELinuxBooleansRename - for LINE in `cat /etc/selinux/*/booleans.subs_dist | sort | uniq | tr -s ' ' | tr ' ' ':'` ; do - OLD_BOOLEAN_NAME=`echo ${LINE} | cut -d : -f 1` - NEW_BOOLEAN_NAME=`echo ${LINE} | cut -d : -f 2` - rlRun "getsebool ${OLD_BOOLEAN_NAME} 2>&1 | tee ${OUTPUT_FILE}" - rlRun "getsebool ${NEW_BOOLEAN_NAME} 2>&1 | tee -a ${OUTPUT_FILE}" - rlRun "uniq -c ${OUTPUT_FILE} | grep '2 '" - done - rlPhaseEnd - fi - - rlPhaseStartTest "audit messages" - START_DATE_TIME=`date "+%m/%d/%Y %T"` - sleep 1 - rlRun "setsebool ${BOOLEAN} on" - rlRun "setsebool ${BOOLEAN} off" - rlRun "setsebool ${BOOLEAN} on" - sleep 1 - rlRun "ausearch -m MAC_CONFIG_CHANGE -i -ts ${START_DATE_TIME} | grep \"type=MAC_CONFIG_CHANGE.*bool=${BOOLEAN} val=1 old_val=0\"" - rlRun "ausearch -m MAC_CONFIG_CHANGE -i -ts ${START_DATE_TIME} | grep \"type=MAC_CONFIG_CHANGE.*bool=${BOOLEAN} val=0 old_val=1\"" - if rlIsRHEL ; then - rlRun "ausearch -m MAC_CONFIG_CHANGE -i -ts ${START_DATE_TIME} | grep \"type=SYSCALL.*comm=setsebool\"" - fi - rlPhaseEnd - - rlPhaseStartTest "extreme cases" - # pretend that no booleans are defined - rlRun "mkdir ./booleans" - rlRun "mount --bind ./booleans ${SELINUX_FS_MOUNT}/booleans" - rlRun "setsebool ${BOOLEAN} on 2>&1 | tee ${OUTPUT_FILE}" - rlAssertGrep "could not change active booleans" ${OUTPUT_FILE} -i - rlRun "setsebool ${BOOLEAN} off 2>&1 | tee ${OUTPUT_FILE}" - rlAssertGrep "could not change active booleans" ${OUTPUT_FILE} -i - rlRun "umount ${SELINUX_FS_MOUNT}/booleans" - rlRun "rmdir ./booleans" - rlPhaseEnd - - rlPhaseStartCleanup - rlRun "userdel -rf ${USER_NAME}" - rm -f ${OUTPUT_FILE} - rlPhaseEnd -rlJournalPrintText -rlJournalEnd - diff --git a/tests/tests.yml b/tests/tests.yml deleted file mode 100644 index 29e9631..0000000 --- a/tests/tests.yml +++ /dev/null @@ -1,23 +0,0 @@ ---- -# Tests to run in a classic environment -- hosts: localhost - roles: - - role: standard-test-beakerlib - tags: - - classic - repositories: - - repo: "https://src.fedoraproject.org/tests/selinux.git" - dest: "selinux" - fmf_filter: "tier: 1 | component: policycoreutils & tags: generic, fedora" - -# Tests for atomic host -- hosts: localhost - tags: - - atomic - # no compatible tests - -# Tests for docker container -- hosts: localhost - tags: - - container - # no compatible tests