rpms / udica

Clone
Source Code
GIT

#10 updating sanity testsuite
Closed 4 years ago by lvrabec. Opened 4 years ago by lvrabec.
rpms/ lvrabec/udica fix-sanity-tests  into  master

file modified
+1 
@@ -6,3 +6,4 @@ 
 

  /v0.1.6.tar.gz
 

  /v0.1.7.tar.gz
 

  /v0.1.8.tar.gz
 

+ /v0.1.9.tar.gz

file added
+61 
@@ -0,0 +1,61 @@ 
 

+ From 1ef277aa4840a72ff474f6500bcc6576f37af0af Mon Sep 17 00:00:00 2001
 

+ From: Lukas Vrabec <lvrabec@redhat.com>
 

+ Date: Tue, 27 Aug 2019 21:20:16 +0200
 

+ Subject: [PATCH] Update tests test_basic.podman.cil, test_basic.docker.cil.
 

+  Round 2
 

+ 

+ Because of the new versions of SELinux policy in Fedora 30 and Fedora
 

+ Rawhide, also several tests in Udica needed to be fixed to use new
 

+ labels.
 

+ ---
 

+  tests/semanage.py           | 1 -
 

+  tests/test_basic.docker.cil | 3 ---
 

+  tests/test_basic.podman.cil | 5 +----
 

+  3 files changed, 1 insertion(+), 8 deletions(-)
 

+ 

+ diff --git a/tests/semanage.py b/tests/semanage.py
 

+ index f64fda4..318a46a 100644
 

+ --- a/tests/semanage.py
 

+ +++ b/tests/semanage.py
 

+ @@ -156,7 +156,6 @@ fcontexts_homedirs = [
 

+      ('/var/spool/fcron/new\\.systab', 'system_u:object_r:system_cron_spool_t:s0'),
 

+      ('/var/spool/fcron/systab\\.orig', 'system_u:object_r:system_cron_spool_t:s0'),
 

+      ('/var/spool/postfix/etc/localtime', 'system_u:object_r:locale_t:s0'),
 

+ -    ('/var/spool/cron', 'system_u:object_r:user_cron_spool_t:s0'),
 

+      ('/var/spool/cron/user', 'system_u:object_r:user_cron_spool_t:s0')
 

+  ]
 

+  

+ diff --git a/tests/test_basic.docker.cil b/tests/test_basic.docker.cil
 

+ index b29cb32..220c53b 100644
 

+ --- a/tests/test_basic.docker.cil
 

+ +++ b/tests/test_basic.docker.cil
 

+ @@ -285,9 +285,6 @@
 

+      (allow process user_cron_spool_t ( dir ( open read getattr lock search ioctl add_name remove_name write ))) 

+      (allow process user_cron_spool_t ( file ( getattr read write append ioctl lock map open create  ))) 

+      (allow process user_cron_spool_t ( sock_file ( getattr read write append open  ))) 

+ -    (allow process user_cron_spool_t ( dir ( open read getattr lock search ioctl add_name remove_name write ))) 

+ -    (allow process user_cron_spool_t ( file ( getattr read write append ioctl lock map open create  ))) 

+ -    (allow process user_cron_spool_t ( sock_file ( getattr read write append open  ))) 

+      (allow process var_spool_t ( dir ( open read getattr lock search ioctl add_name remove_name write ))) 

+      (allow process var_spool_t ( file ( getattr read write append ioctl lock map open create  ))) 

+      (allow process var_spool_t ( sock_file ( getattr read write append open  ))) 

+ diff --git a/tests/test_basic.podman.cil b/tests/test_basic.podman.cil
 

+ index 06b44e3..618fe07 100644
 

+ --- a/tests/test_basic.podman.cil
 

+ +++ b/tests/test_basic.podman.cil
 

+ @@ -287,10 +287,7 @@
 

+      (allow process user_cron_spool_t ( dir ( open read getattr lock search ioctl add_name remove_name write ))) 

+      (allow process user_cron_spool_t ( file ( getattr read write append ioctl lock map open create  ))) 

+      (allow process user_cron_spool_t ( sock_file ( getattr read write append open  ))) 

+ -    (allow process user_cron_spool_t ( dir ( open read getattr lock search ioctl add_name remove_name write ))) 

+ -    (allow process user_cron_spool_t ( file ( getattr read write append ioctl lock map open create  ))) 

+ -    (allow process user_cron_spool_t ( sock_file ( getattr read write append open  ))) 

+      (allow process var_spool_t ( dir ( open read getattr lock search ioctl add_name remove_name write ))) 

+      (allow process var_spool_t ( file ( getattr read write append ioctl lock map open create  ))) 

+      (allow process var_spool_t ( sock_file ( getattr read write append open  ))) 

+ -)
 

+ \ No newline at end of file
 

+ +)
 

+ -- 

+ 2.21.0
 

+

file modified
+1 -1 
@@ -1,1 +1,1 @@ 
 

- SHA512 (v0.1.8.tar.gz) = ada8f3183904ac0aa1715e564f708ce3bda02719ecc2587e3774205bba39e585f2df7392861317a4324e8ea2c2f6fa031c3a0f440be6ca5408398b238089b891
 

+ SHA512 (v0.1.9.tar.gz) = 24cbece968e8a494074297cf62b80d71b862bfe9366d30be5dd0be5158609b20358a1de42932584c2ead0f75d2a197fb57e0856c391e82975f70eba6a51a2ec3

file modified
+5 -3 
@@ -51,12 +51,13 @@ 
 

  

          rlRun "podman exec test ls /home" 1,2
 

          rlRun "podman exec test touch /var/spool/test" 1
 

+         rlRun "podman exec test dnf install nmap-ncat -y" 0
 

          rlWatchdog "rlRun \"podman exec test nc -l 53\"" 3
 

  

          CONT_ID=$(podman ps | grep test | cut -d ' ' -f 1)
 

          rlRun "podman inspect $CONT_ID | udica my_container >$OUTPUT_FILE"
 

          rlRun "podman stop test"
 

-         rlRun "podman rm test"
 

+         rlRun "podman rm --force test"
 

  

          rlRun "cat $OUTPUT_FILE"
 

          rlAssertExists "my_container.cil"
 
@@ -71,10 +72,11 @@ 
 

  

          rlRun "podman exec test2 ls /home" 0
 

          rlRun "podman exec test2 touch /var/spool/test" 0
 

-         rlWatchdog "rlRun \"podman exec test2 nc -l 53\" 1" 3
 

+         rlRun "podman exec test2 dnf install nmap-ncat -y" 0
 

+         rlWatchdog "rlRun \"podman exec test2 nc -l 53\" 2" 3
 

  

          rlRun "podman stop test2"
 

-         rlRun "podman rm test2"
 

+         rlRun "podman rm --force test2"
 

  

          rlRun "semodule -r my_container base_container net_container home_container"
 

          rlRun "rm my_container.cil"

file modified
+5 -1 
@@ -1,6 +1,6 @@ 
 

  Summary: A tool for generating SELinux security policies for containers
 

  Name: udica
 

- Version: 0.1.8
 

+ Version: 0.1.9
 

  Release: 2%{?dist}
 

  Source0: https://github.com/containers/udica/archive/v%{version}.tar.gz
 

  License: GPLv3+
 
@@ -13,6 +13,7 @@ 
 

  BuildRequires: python2 python2-devel python2-setuptools
 

  Requires: python2 libsemanage-python libselinux-python
 

  %endif
 

+ patch01: 0001-Update-tests-test_basic.podman.cil-test_basic.docker.patch
 

  

  %description
 

  Tool for generating SELinux security profiles for containers based on
 
@@ -60,6 +61,9 @@ 
 

  %endif
 

  

  %changelog
 

+ * Tue Aug 13 2019 Lukas Vrabec <lvrabec@redhat.com> - 0.1.9-2
 

+ - New rebase https://github.com/containers/udica/releases/tag/v0.1.9
 

+ 

  * Sat Jul 27 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.1.8-2
 

  - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild

Powered by Pagure 5.13.3
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.