coreutils
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] test: run id-command context tests also with SMACK


From: Jarkko Sakkinen
Subject: Re: [PATCH] test: run id-command context tests also with SMACK
Date: Thu, 31 Oct 2013 10:11:22 +0200
User-agent: Mutt/1.5.21 (2010-09-15)

On Wed, Oct 30, 2013 at 12:52:09PM +0000, Pádraig Brady wrote:
> Too much copy/paste.
> Please refactor to have a helper function
> take a list of supported LSM file systems.

OK, I'll rework on this. I merely did this patch to get some guidance
on direction I should take. Thanks.

> thanks,
> Pádraig.

/Jarkko

> On 10/16/2013 04:11 PM, Jarkko Sakkinen wrote:
> > init.cfg: new require_lsm_ function for checking for any supported
> > LSM
> > tests/id/context.sh: change guard from require_selinux_ to
> > require_lsm_.
> > tests/id/no_context.sh: change guard from require_selinux_ to
> > require_lsm_.
> > ---
> >  init.cfg               |   17 +++++++++++++++++
> >  tests/id/context.sh    |    2 +-
> >  tests/id/no-context.sh |    2 +-
> >  3 files changed, 19 insertions(+), 2 deletions(-)
> > 
> > diff --git a/init.cfg b/init.cfg
> > index c48607c..0548fb0 100644
> > --- a/init.cfg
> > +++ b/init.cfg
> > @@ -316,6 +316,23 @@ require_selinux_()
> >    esac
> >  }
> >  
> > +require_lsm_()
> > +{
> > +  # When in a chroot of an LSM-enabled system, but with a mock-simulated
> > +  # LSM-*disabled* system, recognize that LSM is disabled system wide:
> > +  grep 'selinuxfs\|smackfs$' /proc/filesystems > /dev/null \
> > +    || skip_ "this system lacks LSM support"
> > +
> > +  # Independent of whether LSM is enabled system-wide,
> > +  # the current file system may lack LSM support.
> > +  case $(ls -Zd .) in
> > +    '? .'|'unlabeled .')
> > +      skip_ "this system (or maybe just" \
> > +        "the current file system) lacks LSM support"
> > +    ;;
> > +  esac
> > +}
> > +
> >  very_expensive_()
> >  {
> >    if test "$RUN_VERY_EXPENSIVE_TESTS" != yes; then
> > diff --git a/tests/id/context.sh b/tests/id/context.sh
> > index dc02303..9cf4fae 100755
> > --- a/tests/id/context.sh
> > +++ b/tests/id/context.sh
> > @@ -18,7 +18,7 @@
> >  . "${srcdir=.}/tests/init.sh"; path_prepend_ ./src
> >  print_ver_ id
> >  # Require selinux - when selinux is disabled, id never prints scontext.
> > -require_selinux_
> > +require_lsm_
> >  
> >  
> >  # Check without specified user, context string should be present.
> > diff --git a/tests/id/no-context.sh b/tests/id/no-context.sh
> > index 7038beb..f17f582 100755
> > --- a/tests/id/no-context.sh
> > +++ b/tests/id/no-context.sh
> > @@ -21,7 +21,7 @@ print_ver_ id
> >  
> >  # We don't need selinux *FS* support to test id,
> >  # but this is as good a witness as any, in general.
> > -require_selinux_
> > +require_lsm_
> >  
> >  
> >  # Require the context=... part by default.
> > 
> 



reply via email to

[Prev in Thread] Current Thread [Next in Thread]