From 92e472987163e7dacd77b9be25b375964d6df205 Mon Sep 17 00:00:00 2001
From: Vit Mojzis <vmojzis@redhat.com>
Date: Sep 04 2020 15:16:01 +0000
Subject: tests: Add decentralized SELinux policy test


Test for unsound/dangerous SELinux policy practices.
See https://docs.google.com/document/d/11zoLrcrCXNTB-GEpbbcvFhyewdEIVFLugugLQZyTRhY/edit#
for more details

---

diff --git a/tests/tests-DSP.yml b/tests/tests-DSP.yml
new file mode 100644
index 0000000..e7909dd
--- /dev/null
+++ b/tests/tests-DSP.yml
@@ -0,0 +1,36 @@
+- hosts: localhost
+
+  pre_tasks:
+    - name: Clone DSP test repo
+      command: git clone --depth 1 https://pagure.io/DSP_test.git
+
+  roles:
+  - role: standard-test-beakerlib
+    tags:
+    - classic
+    tests:
+    - DSP_test
+    environment:
+      # RPM package containing the policy module
+      TEST_RPM: zabbix-selinux
+      # policy module name
+      TEST_POLICY: zabbix
+      # policy sources will be extracted from corresponding .src.rpm
+      # policy tar filename regexp (e.g. "usbguard-selinux*.tar.gz") 
+      # or empty string if policy sources are not inside a tar archive
+      POLICY_TAR:
+      # path to policy sources (in of the tar archive) -- <POLICY_TAR>/<POLICY_PATH>/<TEST_POLICY>.(te|if|fc)
+      # or path in the src.rpm if there is no tar archive -- <src.rpm>/<POLICY_PATH>/<TEST_POLICY>.(te|if|fc)
+      # can contain wildcards (e.g. for versions etc.)
+      POLICY_PATH: .
+
+    required_packages:
+    - policycoreutils
+    - selinux-policy
+    - selinux-policy-targeted
+    - setools-console
+    - libselinux-utils
+    - rpm
+    - tar
+    - git
+    - zabbix
\ No newline at end of file