RHEL 9.0.0 Alpha bootstrap

The content of this branch was automatically imported from Fedora ELN
with the following as its source:
https://src.fedoraproject.org/rpms/libsemanage#83ed0d4737094f7f23111cd1b02c44bc44a25b8b
This commit is contained in:
Petr Šabata 2020-10-15 17:31:21 +02:00
parent 7b9951355e
commit 49fa036b9d
49 changed files with 4301 additions and 0 deletions

148
.gitignore vendored
View File

@ -0,0 +1,148 @@
libsemanage-1.0.tgz
libsemanage-1.1.4.tgz
libsemanage-1.1.6.tgz
libsemanage-1.3.1.tgz
libsemanage-1.3.2.tgz
libsemanage-1.3.3.tgz
libsemanage-1.3.4.tgz
libsemanage-1.3.5.tgz
libsemanage-1.3.7.tgz
libsemanage-1.3.8.tgz
libsemanage-1.3.9.tgz
libsemanage-1.3.10.tgz
libsemanage-1.3.11.tgz
libsemanage-1.3.14.tgz
libsemanage-1.3.18.tgz
libsemanage-1.3.20.tgz
libsemanage-1.3.23.tgz
libsemanage-1.3.24.tgz
libsemanage-1.3.28.tgz
libsemanage-1.3.30.tgz
libsemanage-1.3.31.tgz
libsemanage-1.3.32.tgz
libsemanage-1.3.34.tgz
libsemanage-1.3.35.tgz
libsemanage-1.3.36.tgz
libsemanage-1.3.38.tgz
libsemanage-1.3.39.tgz
libsemanage-1.3.40.tgz
libsemanage-1.3.41.tgz
libsemanage-1.3.43.tgz
libsemanage-1.3.45.tgz
libsemanage-1.3.48.tgz
libsemanage-1.3.51.tgz
libsemanage-1.3.52.tgz
libsemanage-1.3.53.tgz
libsemanage-1.3.56.tgz
libsemanage-1.3.59.tgz
libsemanage-1.3.61.tgz
libsemanage-1.3.63.tgz
libsemanage-1.3.64.tgz
libsemanage-1.4.tgz
libsemanage-1.5.1.tgz
libsemanage-1.5.2.tgz
libsemanage-1.5.3.tgz
libsemanage-1.5.4.tgz
libsemanage-1.5.6.tgz
libsemanage-1.5.8.tgz
libsemanage-1.5.9.tgz
libsemanage-1.5.11.tgz
libsemanage-1.5.14.tgz
libsemanage-1.5.15.tgz
libsemanage-1.5.16.tgz
libsemanage-1.5.18.tgz
libsemanage-1.5.19.tgz
libsemanage-1.5.20.tgz
libsemanage-1.5.21.tgz
libsemanage-1.5.23.tgz
libsemanage-1.5.26.tgz
libsemanage-1.5.28.tgz
libsemanage-1.5.29.tgz
libsemanage-1.5.31.tgz
libsemanage-1.6.tgz
libsemanage-1.6.2.tgz
libsemanage-1.6.3.tgz
libsemanage-1.6.5.tgz
libsemanage-1.6.6.tgz
libsemanage-1.6.7.tgz
libsemanage-1.6.8.tgz
libsemanage-1.6.9.tgz
libsemanage-1.6.11.tgz
libsemanage-1.6.12.tgz
libsemanage-1.6.13.tgz
libsemanage-1.6.15.tgz
libsemanage-1.6.16.tgz
libsemanage-1.6.17.tgz
libsemanage-1.8.tgz
libsemanage-1.9.1.tgz
libsemanage-1.9.2.tgz
libsemanage-1.10.0.tgz
libsemanage-1.10.1.tgz
libsemanage-2.0.0.tgz
libsemanage-2.0.1.tgz
libsemanage-2.0.2.tgz
libsemanage-2.0.3.tgz
libsemanage-2.0.4.tgz
libsemanage-2.0.5.tgz
libsemanage-2.0.6.tgz
libsemanage-2.0.9.tgz
libsemanage-2.0.10.tgz
libsemanage-2.0.11.tgz
libsemanage-2.0.12.tgz
libsemanage-2.0.14.tgz
libsemanage-2.0.15.tgz
libsemanage-2.0.16.tgz
libsemanage-2.0.18.tgz
libsemanage-2.0.19.tgz
libsemanage-2.0.20.tgz
libsemanage-2.0.22.tgz
libsemanage-2.0.23.tgz
libsemanage-2.0.24.tgz
libsemanage-2.0.25.tgz
libsemanage-2.0.26.tgz
libsemanage-2.0.27.tgz
libsemanage-2.0.28.tgz
libsemanage-2.0.29.tgz
libsemanage-2.0.30.tgz
libsemanage-2.0.31.tgz
libsemanage-2.0.32.tgz
libsemanage-2.0.33.tgz
libsemanage-2.0.35.tgz
libsemanage-2.0.36.tgz
libsemanage-2.0.37.tgz
libsemanage-2.0.38.tgz
libsemanage-2.0.39.tgz
libsemanage-2.0.40.tgz
libsemanage-2.0.41.tgz
libsemanage-2.0.42.tgz
libsemanage-2.0.43.tgz
libsemanage-2.0.44.tgz
libsemanage-2.0.45.tgz
/libsemanage-2.0.46.tgz
/libsemanage-2.1.0.tgz
/libsemanage-2.1.2.tgz
/libsemanage-2.1.3.tgz
/libsemanage-2.1.4.tgz
/libsemanage-2.1.5.tgz
/libsemanage-2.1.6.tgz
/libsemanage-2.1.7.tgz
/libsemanage-2.1.8.tgz
/libsemanage-2.1.9.tgz
/libsemanage-2.1.10.tgz
/libsemanage-2.2.tgz
/libsemanage-2.3.tgz
/libsemanage-2.4.tar.gz
/libsemanage-2.5-rc1.tar.gz
/libsemanage-2.5.tar.gz
/libsemanage-2.6.tar.gz
/libsemanage-2.7.tar.gz
/libsemanage-2.8-rc1.tar.gz
/libsemanage-2.8-rc2.tar.gz
/libsemanage-2.8-rc3.tar.gz
/libsemanage-2.8.tar.gz
/libsemanage-2.9-rc1.tar.gz
/libsemanage-2.9-rc2.tar.gz
/libsemanage-2.9.tar.gz
/libsemanage-3.0-rc1.tar.gz
/libsemanage-3.0.tar.gz
/libsemanage-3.1.tar.gz

View File

@ -0,0 +1,66 @@
From 4a8aa78cd21b400c13b1895c03a97a8974aeff47 Mon Sep 17 00:00:00 2001
From: Petr Lautrbach <plautrba@redhat.com>
Date: Wed, 7 Nov 2018 18:17:34 +0100
Subject: [PATCH] libsemanage: Fix RESOURCE_LEAK and USE_AFTER_FREE coverity
scan defects
---
libsemanage/src/direct_api.c | 21 ++++++++-------------
1 file changed, 8 insertions(+), 13 deletions(-)
diff --git a/libsemanage/src/direct_api.c b/libsemanage/src/direct_api.c
index 1088a0ac6165..79aa72b98cf5 100644
--- a/libsemanage/src/direct_api.c
+++ b/libsemanage/src/direct_api.c
@@ -1028,7 +1028,7 @@ static int semanage_direct_write_langext(semanage_handle_t *sh,
fp = NULL;
- ret = 0;
+ return 0;
cleanup:
if (fp != NULL) fclose(fp);
@@ -2184,7 +2184,6 @@ cleanup:
semanage_module_info_destroy(sh, modinfo);
free(modinfo);
- if (fp != NULL) fclose(fp);
return status;
}
@@ -2349,16 +2348,6 @@ static int semanage_direct_get_module_info(semanage_handle_t *sh,
free(tmp);
tmp = NULL;
- if (fclose(fp) != 0) {
- ERR(sh,
- "Unable to close %s module lang ext file.",
- (*modinfo)->name);
- status = -1;
- goto cleanup;
- }
-
- fp = NULL;
-
/* lookup enabled/disabled status */
ret = semanage_module_get_path(sh,
*modinfo,
@@ -2402,7 +2391,13 @@ cleanup:
free(modinfos);
}
- if (fp != NULL) fclose(fp);
+ if (fp != NULL && fclose(fp) != 0) {
+ ERR(sh,
+ "Unable to close %s module lang ext file.",
+ (*modinfo)->name);
+ status = -1;
+ }
+
return status;
}
--
2.23.0

16
gating.yaml Normal file
View File

@ -0,0 +1,16 @@
--- !Policy
product_versions:
- fedora-*
decision_context: bodhi_update_push_testing
subject_type: koji_build
rules:
- !PassingTestCaseRule {test_case_name: fedora-ci.koji-build.tier0.functional}
--- !Policy
product_versions:
- fedora-*
decision_context: bodhi_update_push_stable
subject_type: koji_build
rules:
- !PassingTestCaseRule {test_case_name: fedora-ci.koji-build.tier0.functional}

1531
libsemanage.spec Normal file

File diff suppressed because it is too large Load Diff

58
semanage.conf Normal file
View File

@ -0,0 +1,58 @@
# Authors: Jason Tang <jtang@tresys.com>
#
# Copyright (C) 2004-2005 Tresys Technology, LLC
#
# This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
# License as published by the Free Software Foundation; either
# version 2.1 of the License, or (at your option) any later version.
#
# This library is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public
# License along with this library; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
#
# Specify how libsemanage will interact with a SELinux policy manager.
# The four options are:
#
# "source" - libsemanage manipulates a source SELinux policy
# "direct" - libsemanage will write directly to a module store.
# /foo/bar - Write by way of a policy management server, whose
# named socket is at /foo/bar. The path must begin
# with a '/'.
# foo.com:4242 - Establish a TCP connection to a remote policy
# management server at foo.com. If there is a colon
# then the remainder is interpreted as a port number;
# otherwise default to port 4242.
module-store = direct
# When generating the final linked and expanded policy, by default
# semanage will set the policy version to POLICYDB_VERSION_MAX, as
# given in <sepol/policydb.h>. Change this setting if a different
# version is necessary.
#policy-version = 19
# expand-check check neverallow rules when executing all semanage
# commands. There might be a penalty in execution time if this
# option is enabled.
expand-check=0
# usepasswd check tells semanage to scan all pass word records for home directories
# and setup the labeling correctly. If this is turned off, SELinux will label /home
# correctly only. You will need to use semanage fcontext command.
# For example, if you had home dirs in /althome directory you would have to execute
# semanage fcontext -a -e /home /althome
usepasswd=False
bzip-small=true
bzip-blocksize=5
ignoredirs=/root
optimize-policy=true
[sefcontext_compile]
path = /usr/sbin/sefcontext_compile
args = -r $@
[end]

1
sources Normal file
View File

@ -0,0 +1 @@
SHA512 (libsemanage-3.1.tar.gz) = 8609ca7d13b5c603677740f2b14558fea3922624af182d20d618237ba11fcf2559fab82fc68d1efa6ff118f064d426f005138521652c761de92cd66150102197

View File

@ -0,0 +1,63 @@
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Makefile of /CoreOS/libsemanage/Sanity/semanage-handle-functions
# Description: Test functions from handle.h
# Author: Jan Zarsky <jzarsky@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2017 Red Hat, Inc.
#
# This program is free software: you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation, either version 2 of
# the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see http://www.gnu.org/licenses/.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
export TEST=/CoreOS/libsemanage/Sanity/semanage-handle-functions
export TESTVERSION=1.0
BUILT_FILES=
FILES=$(METADATA) runtest.sh Makefile PURPOSE functions.c test_*.c
.PHONY: all install download clean
run: $(FILES) build
./runtest.sh
build: $(BUILT_FILES)
test -x runtest.sh || chmod a+x runtest.sh
clean:
rm -f *~ $(BUILT_FILES)
include /usr/share/rhts/lib/rhts-make.include
$(METADATA): Makefile
@echo "Owner: Jan Zarsky <jzarsky@redhat.com>" > $(METADATA)
@echo "Name: $(TEST)" >> $(METADATA)
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
@echo "Path: $(TEST_DIR)" >> $(METADATA)
@echo "Description: Test functions from handle.h" >> $(METADATA)
@echo "Type: Sanity" >> $(METADATA)
@echo "TestTime: 5m" >> $(METADATA)
@echo "RunFor: libsemanage" >> $(METADATA)
@echo "Requires: libsemanage libsemanage-devel glibc gcc" >> $(METADATA)
@echo "Priority: Normal" >> $(METADATA)
@echo "License: GPLv2+" >> $(METADATA)
@echo "Confidential: no" >> $(METADATA)
@echo "Destructive: no" >> $(METADATA)
@echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA)
rhts-lint $(METADATA)

View File

@ -0,0 +1,3 @@
PURPOSE of /CoreOS/libsemanage/Sanity/semanage-handle-functions
Description: Test functions from handle.h
Author: Jan Zarsky <jzarsky@redhat.com>

View File

@ -0,0 +1,132 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <semanage/semanage.h>
void check_result_int(const char *expected, int real) {
int exp = strtol(expected, NULL, 10);
if (exp != real) {
fprintf(stderr, "Expected %d but got %d\n", exp, real);
exit(1);
}
}
semanage_handle_t *test_handle_create() {
semanage_handle_t *sh = NULL;
sh = semanage_handle_create();
printf("semanage_handle_create(): %p\n", (void *) sh);
if (sh == NULL) {
perror("semanage_handle_create");
exit(1);
}
return sh;
}
int test_connect(semanage_handle_t *sh) {
int result = semanage_connect(sh);
printf("semanage_connect(%p): %d\n", (void *) sh, result);
if (result != 0) {
perror("semanage_connect");
exit(1);
}
return result;
}
int test_disconnect(semanage_handle_t *sh) {
int result = semanage_disconnect(sh);
printf("semanage_disconnect(%p): %d\n", (void *) sh, result);
if (result != 0) {
perror("semanage_disconnect");
exit(1);
}
return result;
}
int test_begin_transaction(semanage_handle_t *sh) {
int result = semanage_begin_transaction(sh);
printf("semanage_begin_transaction(%p): %d\n", (void *) sh, result);
if (result != 0) {
perror("semanage_begin_transaction");
exit(1);
}
return result;
}
int test_commit(semanage_handle_t *sh) {
int result = semanage_commit(sh);
printf("semanage_commit(%p): %d\n", (void *) sh, result);
if (result != 0) {
perror("semanage_commit");
exit(1);
}
return result;
}
#define STATE_INIT 1
#define STATE_HANDLE 2
#define STATE_CONN 3
#define STATE_TRANS 4
int get_state(const char *state_str) {
if (strcmp(state_str, "init") == 0)
return STATE_INIT;
if (strcmp(state_str, "handle") == 0)
return STATE_HANDLE;
if (strcmp(state_str, "conn") == 0)
return STATE_CONN;
if (strcmp(state_str, "trans") == 0)
return STATE_TRANS;
return 0;
}
semanage_handle_t * get_handle(const char *state_str) {
int state;
semanage_handle_t *sh = NULL;
state = get_state(state_str);
if (state >= STATE_INIT)
sh = NULL;
if (state >= STATE_HANDLE)
sh = test_handle_create();
if (state >= STATE_CONN)
test_connect(sh);
if (state >= STATE_TRANS)
test_begin_transaction(sh);
return sh;
}
void destroy_handle(semanage_handle_t *sh, const char *state_str) {
int state;
state = get_state(state_str);
if (state >= STATE_TRANS)
test_commit(sh);
if (state >= STATE_CONN)
test_disconnect(sh);
if (state >= STATE_HANDLE) {
semanage_handle_destroy(sh);
printf("semanage_handle_destroy(%p)\n", (void *) sh);
}
}

View File

@ -0,0 +1,29 @@
init handle conn trans
semanage_set_root x ok ok ok -
semanage_root x ok ok ok -
semanage_handle_create x ok - - -
semanage_set_rebuild fail ok ok -
semanage_set_reload fail ok ok -
semanage_get_hll_compiler_path fail ? ? -
semanage_set_create_store fail ok ok - should be called after connect
semanage_get_disable_dontaudit fail ? ? -
semanage_set_disable_dontaudit fail ? ? -
semanage_get_preserve_tunables fail ? ? -
semanage_set_preserve_tunables fail ? ? -
semanage_get_ignore_module_cache fail ? ? -
semanage_set_ignore_module_cache fail ? ? -
semanage_set_check_contexts fail ok ok -
semanage_get_default_priority fail ok ok -
semanage_set_default_priority fail ok ok -
semanage_is_connected x fail ok ok -
semanage_select_store fail ok ok - should be called before connect
semanage_set_store_root fail ok ok -
semanage_is_managed x fail ok fail -
semanage_mls_enabled x fail ? ok -
semanage_connect x fail ok ? -
semanage_access_check x fail ok ? -
semanage_disconnect x fail fail ok - ok when disconnected twice
semanage_handle_destroy x fail ok ok -
semanage_begin_transaction x fail fail ok ok ok when begin twice
semanage_commit x fail fail fail ok
semanage_reload_policy fail ? ? ?

View File

@ -0,0 +1,122 @@
#!/bin/bash
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# runtest.sh of /CoreOS/libsemanage/Sanity/semanage-handle-functions
# Description: Test functions from handle.h
# Author: Jan Zarsky <jzarsky@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2017 Red Hat, Inc.
#
# This program is free software: you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation, either version 2 of
# the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see http://www.gnu.org/licenses/.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# Include Beaker environment
. /usr/bin/rhts-environment.sh || exit 1
. /usr/share/beakerlib/beakerlib.sh || exit 1
PACKAGE="libsemanage"
rlJournalStart
rlPhaseStartSetup
rlAssertRpm ${PACKAGE}
rlAssertRpm ${PACKAGE}-devel
rlAssertRpm "glibc"
rlAssertRpm "gcc"
if rlIsRHEL ">=7" || rlIsFedora; then
rlRun -l "gcc test_root.c -o test_root -lsemanage -Wall -Wextra -std=c99"
fi
rlRun -l "gcc test_handle_create.c -o test_handle_create -lsemanage -Wall -Wextra -Wno-unused-parameter -std=c99"
rlRun -l "gcc test_access_check.c -o test_access_check -lsemanage -Wall -Wextra -std=c99"
rlRun -l "gcc test_is_managed.c -o test_is_managed -lsemanage -Wall -Wextra -std=c99"
rlRun -l "gcc test_connect.c -o test_connect -lsemanage -Wall -Wextra -std=c99"
rlRun -l "gcc test_is_connected.c -o test_is_connected -lsemanage -Wall -Wextra -std=c99"
rlRun -l "gcc test_mls_enabled.c -o test_mls_enabled -lsemanage -Wall -Wextra -std=c99"
rlRun -l "gcc test_transaction.c -o test_transaction -lsemanage -Wall -Wextra -std=c99"
ERR_FAIL=1
ERR_ABORT=134
rlPhaseEnd
if rlIsRHEL ">=7" || rlIsFedora; then
rlPhaseStartTest "semanage_root, semanage_test_root"
rlRun "./test_root init"
rlRun "./test_root handle"
rlRun "./test_root conn"
rlRun "./test_root init /somepath"
rlRun "./test_root handle /somepath"
rlRun "./test_root conn /somepath"
rlPhaseEnd
fi
rlPhaseStartTest "semanage_handle_create, semanage_handle_destroy"
rlRun "./test_handle_create init"
rlPhaseEnd
rlPhaseStartTest "semanage_access_check"
rlRun "./test_access_check init" $ERR_ABORT
rlRun "./test_access_check handle 2"
rlRun "./test_access_check conn 2"
rlPhaseEnd
rlPhaseStartTest "semanage_is_managed"
rlRun "./test_is_managed init" $ERR_ABORT
rlRun "./test_is_managed handle 1"
rlRun "./test_is_managed conn" $ERR_FAIL
rlPhaseEnd
rlPhaseStartTest "semanage_connect, semanage_disconnect"
rlRun "./test_connect init" $ERR_ABORT
rlRun "./test_connect init reversed" $ERR_ABORT
rlRun "./test_connect handle"
rlRun "./test_connect handle twice"
rlRun "./test_connect handle reversed" $ERR_ABORT
# why does it work??
rlRun "./test_connect conn"
rlPhaseEnd
rlPhaseStartTest "semanage_is_connected"
rlRun "./test_is_connected init" $ERR_ABORT
rlRun "./test_is_connected handle 0"
rlRun "./test_is_connected conn 1"
rlPhaseEnd
rlPhaseStartTest "semanage_mls_enabled"
rlRun "./test_mls_enabled init" $ERR_ABORT
rlRun "./test_mls_enabled handle" $ERR_ABORT
rlRun "./test_mls_enabled conn 1"
rlPhaseEnd
rlPhaseStartTest "semanage_begin_transaction, semanage_commit"
rlRun "./test_transaction init" $ERR_ABORT
rlRun "./test_transaction init reversed" $ERR_ABORT
rlRun "./test_transaction handle" $ERR_ABORT
rlRun "./test_transaction handle reversed" $ERR_ABORT
rlRun "./test_transaction conn"
rlRun "./test_transaction conn twice"
rlRun "./test_transaction conn reversed" $ERR_FAIL
rlPhaseEnd
rlPhaseStartCleanup
rlRun "rm -f output test_root test_handle_create test_access_check \
test_is_managed test_connect test_is_connected \
test_mls_enabled test_transaction"
rlPhaseEnd
rlJournalPrintText
rlJournalEnd

View File

@ -0,0 +1,32 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <semanage/semanage.h>
#include "functions.c"
int main (int argc, char **argv) {
semanage_handle_t *sh;
if (argc < 2)
exit(1);
sh = get_handle(argv[1]);
int result = semanage_access_check(sh);
printf("semanage_access_check(%p): %d\n", (void *) sh, result);
if (result < 0 || (result != 0 && result != SEMANAGE_CAN_READ
&& result != SEMANAGE_CAN_WRITE)) {
perror("semanage_access_check");
exit(1);
}
if (argc >= 3)
check_result_int(argv[2], result);
destroy_handle(sh, argv[1]);
exit(0);
}

View File

@ -0,0 +1,33 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <semanage/semanage.h>
#include "functions.c"
int main (int argc, char **argv) {
semanage_handle_t *sh;
if (argc < 2)
exit(1);
sh = get_handle(argv[1]);
if (argc >= 3 && strcmp(argv[2], "reversed") == 0) {
test_disconnect(sh);
test_connect(sh);
}
else {
test_connect(sh);
test_disconnect(sh);
}
if (argc >= 3 && strcmp(argv[2], "twice") == 0) {
test_disconnect(sh);
}
destroy_handle(sh, argv[1]);
exit(0);
}

View File

@ -0,0 +1,15 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <semanage/semanage.h>
#include "functions.c"
int main (int argc, char **argv) {
semanage_handle_t *sh = test_handle_create();
semanage_handle_destroy(sh);
exit(0);
}

View File

@ -0,0 +1,32 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <semanage/semanage.h>
#include "functions.c"
int main (int argc, char **argv) {
semanage_handle_t *sh;
int result;
if (argc < 2)
exit(1);
sh = get_handle(argv[1]);
result = semanage_is_connected(sh);
printf("semanage_is_connected(%p): %d\n", (void *) sh, result);
if (result != 0 && result != 1) {
perror("semanage_is_connected");
exit(1);
}
if (argc >= 3)
check_result_int(argv[2], result);
destroy_handle(sh, argv[1]);
exit(0);
}

View File

@ -0,0 +1,32 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <semanage/semanage.h>
#include "functions.c"
int main (int argc, char **argv) {
semanage_handle_t *sh;
int result;
if (argc < 2)
exit(1);
sh = get_handle(argv[1]);
result = semanage_is_managed(sh);
printf("semanage_is_managed(%p): %d\n", (void *) sh, result);
if (result != 0 && result != 1) {
perror("semanage_is_managed");
exit(1);
}
if (argc >= 3)
check_result_int(argv[2], result);
destroy_handle(sh, argv[1]);
exit(0);
}

View File

@ -0,0 +1,32 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <semanage/semanage.h>
#include "functions.c"
int main (int argc, char **argv) {
semanage_handle_t *sh;
int result;
if (argc < 2)
exit(1);
sh = get_handle(argv[1]);
result = semanage_mls_enabled(sh);
printf("semanage_mls_enabled(%p): %d\n", (void *) sh, result);
if (result != 0 && result != 1) {
perror("semanage_mls_enabled");
exit(1);
}
if (argc >= 4)
check_result_int(argv[3], result);
destroy_handle(sh, argv[1]);
exit(0);
}

View File

@ -0,0 +1,53 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <semanage/semanage.h>
#include "functions.c"
int main (int argc, char **argv) {
semanage_handle_t *sh;
const char *root;
int result;
if (argc < 2)
exit(1);
sh = get_handle(argv[1]);
root = semanage_root();
printf("semanage_root(): %s\n", root);
if (root == NULL) {
perror("semanage_root");
exit(1);
}
if (argc >= 3) {
result = semanage_set_root(argv[2]);
printf("semanage_set_root(\"%s\"): %d\n", argv[2], result);
if (root == NULL) {
perror("semanage_set_root");
exit(1);
}
root = semanage_root();
printf("semanage_root(): %s\n", root);
if (result != 0) {
perror("semanage_root");
exit(1);
}
if (strcmp(root, argv[2]) != 0) {
fprintf(stderr, "Expected \"%s\" but got \"%s\"\n", argv[2], root);
exit(1);
}
}
destroy_handle(sh, argv[1]);
exit(0);
}

View File

@ -0,0 +1,34 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <semanage/semanage.h>
#include "functions.c"
int main (int argc, char **argv) {
semanage_handle_t *sh;
if (argc < 2)
exit(1);
sh = get_handle(argv[1]);
if (argc >= 3 && strcmp(argv[2], "reversed") == 0) {
test_commit(sh);
test_begin_transaction(sh);
}
else if (argc >= 3 && strcmp(argv[2], "twice") == 0) {
test_begin_transaction(sh);
test_begin_transaction(sh);
test_commit(sh);
}
else {
test_begin_transaction(sh);
test_commit(sh);
}
destroy_handle(sh, argv[1]);
exit(0);
}

View File

@ -0,0 +1,63 @@
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Makefile of /CoreOS/libsemanage/Sanity/semanage-seuser-functions
# Description: Test semanage_seuser_* functions
# Author: Jan Zarsky <jzarsky@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2017 Red Hat, Inc.
#
# This program is free software: you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation, either version 2 of
# the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see http://www.gnu.org/licenses/.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
export TEST=/CoreOS/libsemanage/Sanity/semanage-seuser-functions
export TESTVERSION=1.0
BUILT_FILES=
FILES=$(METADATA) runtest.sh Makefile PURPOSE functions.c test_*.c
.PHONY: all install download clean
run: $(FILES) build
./runtest.sh
build: $(BUILT_FILES)
test -x runtest.sh || chmod a+x runtest.sh
clean:
rm -f *~ $(BUILT_FILES)
include /usr/share/rhts/lib/rhts-make.include
$(METADATA): Makefile
@echo "Owner: Jan Zarsky <jzarsky@redhat.com>" > $(METADATA)
@echo "Name: $(TEST)" >> $(METADATA)
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
@echo "Path: $(TEST_DIR)" >> $(METADATA)
@echo "Description: Test semanage_seuser_* functions" >> $(METADATA)
@echo "Type: Sanity" >> $(METADATA)
@echo "TestTime: 5m" >> $(METADATA)
@echo "RunFor: libsemanage" >> $(METADATA)
@echo "Requires: libsemanage libsemanage-devel glibc gcc" >> $(METADATA)
@echo "Priority: Normal" >> $(METADATA)
@echo "License: GPLv2+" >> $(METADATA)
@echo "Confidential: no" >> $(METADATA)
@echo "Destructive: no" >> $(METADATA)
@echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA)
rhts-lint $(METADATA)

View File

@ -0,0 +1,3 @@
PURPOSE of /CoreOS/libsemanage/Sanity/semanage-seuser-functions
Description: Test semanage_seuser_* functions
Author: Jan Zarsky <jzarsky@redhat.com>

View File

@ -0,0 +1,263 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <semanage/semanage.h>
void check_result_int(const char *expected, int real) {
int exp = strtol(expected, NULL, 10);
if (exp != real) {
fprintf(stderr, "Expected %d but got %d\n", exp, real);
exit(1);
}
}
semanage_handle_t *test_handle_create() {
semanage_handle_t *sh = NULL;
sh = semanage_handle_create();
printf("semanage_handle_create(): %p\n", (void *) sh);
if (sh == NULL) {
perror("semanage_handle_create");
exit(2);
}
return sh;
}
int test_connect(semanage_handle_t *sh) {
int result = semanage_connect(sh);
printf("semanage_connect(%p): %d\n", (void *) sh, result);
if (result != 0) {
perror("semanage_connect");
exit(2);
}
return result;
}
int test_disconnect(semanage_handle_t *sh) {
int result = semanage_disconnect(sh);
printf("semanage_disconnect(%p): %d\n", (void *) sh, result);
if (result != 0) {
perror("semanage_disconnect");
exit(2);
}
return result;
}
int test_begin_transaction(semanage_handle_t *sh) {
int result = semanage_begin_transaction(sh);
printf("semanage_begin_transaction(%p): %d\n", (void *) sh, result);
if (result != 0) {
perror("semanage_begin_transaction");
exit(2);
}
return result;
}
int test_commit(semanage_handle_t *sh) {
int result = semanage_commit(sh);
printf("semanage_commit(%p): %d\n", (void *) sh, result);
if (result != 0) {
perror("semanage_commit");
exit(2);
}
return result;
}
semanage_seuser_key_t *test_get_key(semanage_handle_t *sh, const char *name) {
semanage_seuser_key_t *key;
int result = semanage_seuser_key_create(sh, name, &key);
printf("semanage_seuser_key_create(%p, %s, %p): %d\n",
(void *) sh, name, (void *) &key, result);
if (key == NULL || result < 0) {
perror("semanage_seuser_key_create");
exit(2);
}
return key;
}
semanage_seuser_t *test_get_seuser_nth(semanage_handle_t *sh, unsigned int index) {
int result;
semanage_seuser_t **records;
unsigned int count;
result = semanage_seuser_list(sh, &records, &count);
printf("semanage_seuser_list(%p, %p, %p): %d\n",
(void *) sh, (void *) &records, (void *) &count, result);
if (result < 0) {
perror("semanage_seuser_list");
exit(2);
}
if (count < index + 1)
exit(2);
return records[index];
}
semanage_seuser_t *test_get_seuser_new(semanage_handle_t *sh) {
int result;
semanage_seuser_t *seuser;
result = semanage_seuser_create(sh, &seuser);
printf("semanage_seuser_create(%p, %p): %d\n",
(void *) sh, (void *) seuser, result);
if (result < 0) {
perror("semanage_seuser_create");
exit(2);
}
return seuser;
}
semanage_seuser_t *test_get_seuser(semanage_handle_t *sh, const char *param) {
if (strcmp(param, "new") == 0)
return test_get_seuser_new(sh);
if (strcmp(param, "first") == 0)
return test_get_seuser_nth(sh, 0);
if (strcmp(param, "second") == 0)
return test_get_seuser_nth(sh, 1);
fprintf(stderr, "Unknown seuser \"%s\" specified\n", param);
exit(2);
}
void test_add_local_seuser(semanage_handle_t *sh, semanage_seuser_t *seuser) {
int result;
semanage_seuser_key_t *key;
result = semanage_seuser_key_extract(sh, seuser, &key);
printf("semanage_seuser_key_extract(%p, %p, %p): %d\n",
(void *) sh, (void *) seuser, (void *) &key, result);
if (result < 0) {
perror("semanage_seuser_key_extract");
exit(2);
}
result = semanage_seuser_modify_local(sh, key, seuser);
printf("semanage_seuser_modify_local(%p, %p, %p): %d\n",
(void *) seuser, (void *) key, (void *) seuser, result);
if (result < 0) {
perror("semanage_seuser_modify_local");
exit(2);
}
}
void test_del_local_seuser(semanage_handle_t *sh, semanage_seuser_t *seuser) {
int result;
semanage_seuser_key_t *key;
result = semanage_seuser_key_extract(sh, seuser, &key);
printf("semanage_seuser_key_extract(%p, %p, %p): %d\n",
(void *) sh, (void *) seuser, (void *) &key, result);
if (result < 0) {
perror("semanage_seuser_key_extract");
exit(2);
}
result = semanage_seuser_del_local(sh, key);
printf("semanage_seuser_del_local(%p, %p): %d\n",
(void *) seuser, (void *) key, result);
if (result < 0) {
perror("semanage_seuser_del_local");
exit(2);
}
}
#define STATE_INIT 1
#define STATE_HANDLE 2
#define STATE_CONN 3
#define STATE_TRANS 4
int get_state(const char *state_str) {
if (strcmp(state_str, "init") == 0)
return STATE_INIT;
if (strcmp(state_str, "handle") == 0)
return STATE_HANDLE;
if (strcmp(state_str, "conn") == 0)
return STATE_CONN;
if (strcmp(state_str, "trans") == 0)
return STATE_TRANS;
return 0;
}
semanage_handle_t * get_handle(const char *state_str) {
int state;
semanage_handle_t *sh = NULL;
state = get_state(state_str);
if (state >= STATE_INIT)
sh = NULL;
if (state >= STATE_HANDLE)
sh = test_handle_create();
if (state >= STATE_CONN)
test_connect(sh);
if (state >= STATE_TRANS)
test_begin_transaction(sh);
return sh;
}
void destroy_handle(semanage_handle_t *sh, const char *state_str) {
int state;
state = get_state(state_str);
if (state >= STATE_TRANS)
test_commit(sh);
if (state >= STATE_CONN)
test_disconnect(sh);
if (state >= STATE_HANDLE) {
semanage_handle_destroy(sh);
printf("semanage_handle_destroy(%p)\n", (void *) sh);
}
}
int strcmp_null(const char *str1, const char *str2) {
if (str1 == NULL && str2 == NULL)
return 0;
if (str1 == NULL) {
if (strcmp(str2, "NULL") == 0)
return 0;
else
return -1;
}
if (str2 == NULL) {
if (strcmp(str1, "NULL") == 0)
return 0;
else
return 1;
}
return strcmp(str1, str2);
}

View File

@ -0,0 +1,255 @@
#!/bin/bash
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# runtest.sh of /CoreOS/libsemanage/Sanity/semanage-seuser-functions
# Description: Test semanage_seuser_* functions
# Author: Jan Zarsky <jzarsky@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2017 Red Hat, Inc.
#
# This program is free software: you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation, either version 2 of
# the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see http://www.gnu.org/licenses/.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# Include Beaker environment
. /usr/bin/rhts-environment.sh || exit 1
. /usr/share/beakerlib/beakerlib.sh || exit 1
PACKAGE="libsemanage"
rlJournalStart
rlPhaseStartSetup
rlAssertRpm ${PACKAGE}
rlAssertRpm ${PACKAGE}-devel
rlAssertRpm "glibc"
rlAssertRpm "gcc"
for f in test_*.c ; do
out=$(echo -n $f | cut -d'.' -f1)
rlRun "gcc $f -o $out -lsemanage -Wall -Wextra -Werror -std=c99"
done
POLICY_TYPE="$(grep -E '^SELINUXTYPE=' /etc/selinux/config | cut -d'=' -f2 | tr '[:upper:]' '[:lower:]' | tr -d ' ')"
if rlIsFedora; then
SEUSERS_PATH="/var/lib/selinux/$POLICY_TYPE/active/seusers"
elif rlIsRHEL '>=7'; then
SEUSERS_PATH="/etc/selinux/$POLICY_TYPE/active/seusers"
else
SEUSERS_PATH="/etc/selinux/$POLICY_TYPE/seusers"
fi
rlRun "cat $SEUSERS_PATH"
SEUSERS_COUNT="$(cat $SEUSERS_PATH | grep -vE '^#|^$' | wc -l)"
rlRun "[[ \"$SEUSERS_COUNT\" -gt 0 ]]"
SEUSERS="$(cat $SEUSERS_PATH | grep -vE '^#|^$' | cut -d':' -f1 | tr '\n' ' ')"
rlRun "[[ -n \"$SEUSERS\" ]]"
first_line="$(cat $SEUSERS_PATH | grep -vE '^#|^$' | head -n 1)"
SEUSER="$(echo -n $first_line | cut -d':' -f1)"
rlRun "[[ -n \"$SEUSER\" ]]"
SEUSER_SENAME="$(echo -n $first_line | cut -d':' -f2)"
rlRun "[[ -n \"$SEUSER_SENAME\" ]]"
SEUSER_MLSRANGE="$(echo -n $first_line | cut -d':' -f3-4)"
rlRun "[[ -n \"$SEUSER_MLSRANGE\" ]]"
SEUSER_NONEXISTENT="nonuser"
SEUSER_DEFAULT="__default__"
ERR_FAIL=1
ERR_ABORT=134
ERR_SEGFAULT=139
# note: each test_*.c program takes first argument which specifies setup
# before executing specified function
# init semanage handle == NULL
# handle semanage handle obtained via semanage_handle_create
# conn connected via semanage_connect
# trans inside transaction, via semanage_begin_transaction
# program returns 1 on error in function, 2 on error in setup
rlPhaseEnd
rlPhaseStartTest "semanage_seuser_key_create, semanage_seuser_key_free"
# FIXME
# rlRun "./test_key_create init $SEUSER" $ERR_ABORT,$ERR_SEGFAULT
# rlRun "./test_key_create handle $SEUSER" $ERR_FAIL
rlRun "./test_key_create conn $SEUSER"
rlRun "./test_key_create trans $SEUSER"
rlPhaseEnd
rlPhaseStartTest "semanage_seuser_key_extract"
# FIXME
#rlRun "./test_key_extract conn new"
rlRun "./test_key_extract conn first"
# FIXME
#rlRun "./test_key_extract trans new"
rlRun "./test_key_extract trans first"
rlPhaseEnd
rlPhaseStartTest "semanage_seuser_compare"
rlRun "./test_compare conn $SEUSER same"
rlRun "./test_compare conn $SEUSER_NONEXISTENT different"
rlRun "./test_compare trans $SEUSER same"
rlRun "./test_compare trans $SEUSER_NONEXISTENT different"
rlPhaseEnd
rlPhaseStartTest "semanage_seuser_compare2"
rlRun "./test_compare2 conn NULL 0" $ERR_ABORT,$ERR_SEGFAULT
rlRun "./test_compare2 conn 0 NULL" $ERR_ABORT,$ERR_SEGFAULT
rlRun "./test_compare2 conn NULL NULL" $ERR_ABORT,$ERR_SEGFAULT
rlRun "./test_compare2 conn 0 0"
rlRun "./test_compare2 conn 0 1"
rlRun "./test_compare2 trans NULL 0" $ERR_ABORT,$ERR_SEGFAULT
rlRun "./test_compare2 trans 0 NULL" $ERR_ABORT,$ERR_SEGFAULT
rlRun "./test_compare2 trans NULL NULL" $ERR_ABORT,$ERR_SEGFAULT
rlRun "./test_compare2 trans 0 0"
rlRun "./test_compare2 trans 0 1"
rlPhaseEnd
rlPhaseStartTest "semanage_seuser_count"
rlRun "./test_count init" $ERR_ABORT,$ERR_SEGFAULT
rlRun "./test_count handle" $ERR_FAIL
rlRun "./test_count conn $SEUSERS_COUNT"
rlRun "./test_count trans $SEUSERS_COUNT"
rlPhaseEnd
rlPhaseStartTest "semanage_seuser_list"
rlRun "./test_list init" $ERR_ABORT,$ERR_SEGFAULT
rlRun "./test_list handle" $ERR_FAIL
rlRun "./test_list conn $SEUSERS_COUNT $SEUSERS"
rlRun "./test_list trans $SEUSERS_COUNT $SEUSERS"
rlPhaseEnd
rlPhaseStartTest "semanage_seuser_iterate"
rlRun "./test_iterate init" $ERR_ABORT,$ERR_SEGFAULT
rlRun "./test_iterate handle" $ERR_FAIL
rlRun "./test_iterate conn $SEUSERS"
rlRun "./test_iterate trans $SEUSERS"
rlPhaseEnd
rlPhaseStartTest "semanage_seuser_exists"
rlRun "./test_exists conn $SEUSER_NONEXISTENT 0"
rlRun "./test_exists conn $SEUSER_DEFAULT 1"
rlRun "./test_exists conn $USER 1"
rlRun "./test_exists trans $SEUSER_NONEXISTENT 0"
rlRun "./test_exists trans $SEUSER_DEFAULT 1"
rlRun "./test_exists trans $SEUSER 1"
rlPhaseEnd
rlPhaseStartTest "semanage_seuser_query"
rlRun "./test_query conn $SEUSER_NONEXISTENT" $ERR_FAIL
rlRun "./test_query conn $SEUSER_DEFAULT"
rlRun "./test_query conn $SEUSER"
rlRun "./test_query trans $SEUSER_NONEXISTENT" $ERR_FAIL
rlRun "./test_query trans $SEUSER_DEFAULT"
rlRun "./test_query trans $SEUSER"
rlPhaseEnd
rlPhaseStartTest "semanage_seuser_get_name"
rlRun "./test_get_name conn new NULL"
rlRun "./test_get_name conn first $SEUSER"
rlRun "./test_get_name trans new NULL"
rlRun "./test_get_name trans first $SEUSER"
rlPhaseEnd
rlPhaseStartTest "semanage_seuser_set_name"
name="someuser"
rlRun "./test_set_name conn $name"
rlRun "./test_set_name trans $name"
rlPhaseEnd
rlPhaseStartTest "semanage_seuser_get_sename"
rlRun "./test_get_sename conn new NULL"
rlRun "./test_get_sename conn first $SEUSER_SENAME"
rlRun "./test_get_sename trans new NULL"
rlRun "./test_get_sename trans first $SEUSER_SENAME"
rlPhaseEnd
rlPhaseStartTest "semanage_seuser_set_sename"
sename="someuser_u"
rlRun "./test_set_sename conn $sename"
rlRun "./test_set_sename trans $sename"
rlPhaseEnd
rlPhaseStartTest "semanage_seuser_get_mlsrange"
rlRun "./test_get_mlsrange conn new NULL"
rlRun "./test_get_mlsrange conn first $SEUSER_MLSRANGE"
rlRun "./test_get_mlsrange trans new NULL"
rlRun "./test_get_mlsrange trans first $SEUSER_MLSRANGE"
rlPhaseEnd
rlPhaseStartTest "semanage_seuser_set_mlsrange"
mlsrange="c0-s1:c0.c42"
rlRun "./test_set_mlsrange conn $mlsrange"
rlRun "./test_set_mlsrange trans $mlsrange"
rlPhaseEnd
rlPhaseStartTest "semanage_seuser_clone"
# FIXME
#rlRun "./test_clone conn new"
rlRun "./test_clone conn first"
# FIXME
#rlRun "./test_clone trans new"
rlRun "./test_clone trans first"
rlPhaseEnd
rlPhaseStartTest "semanage_seuser_create"
# FIXME
#rlRun "./test_create init" $ERR_ABORT,$ERR_SEGFAULT
#rlRun "./test_create handle" $ERR_ABORT,$ERR_SEGFAULT
rlRun "./test_create conn"
rlRun "./test_create trans"
rlPhaseEnd
rlPhaseStartTest "semanage_seuser_modify_local"
# function requires transaction
#rlRun "./test_modify_local conn new" $ERR_FAIL
#rlRun "./test_modify_local conn first" $ERR_FAIL
#rlRun "./test_modify_local trans new" $ERR_FAIL
rlRun "./test_modify_local trans first"
rlPhaseEnd
rlPhaseStartTest "semanage_seuser_del_local"
# adding local seuser requires transaction
# FIXME
#rlRun "./test_del_local trans first new"
#rlRun "./test_del_local trans first second"
rlRun "./test_del_local trans first first"
rlPhaseEnd
rlPhaseStartTest "semanage_seuser_exists_local"
# adding local seuser requires transaction
rlRun "./test_exists_local trans first first 1"
rlRun "./test_exists_local trans first second 0"
rlPhaseEnd
rlPhaseStartTest "semanage_seuser_count_local"
# adding local seuser requires transaction
# FIXME
#rlRun "./test_count_local trans 0"
rlRun "./test_count_local trans 1"
rlRun "./test_count_local trans 2"
rlPhaseEnd
rlPhaseStartCleanup
testfiles="$(ls -1 test_* | grep -v '\.c' | tr '\n' ' ')"
rlRun "rm -f $testfiles"
rlPhaseEnd
rlJournalPrintText
rlJournalEnd

View File

@ -0,0 +1,60 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <semanage/semanage.h>
#include "functions.c"
int main (int argc, char **argv) {
semanage_handle_t *sh;
semanage_seuser_t *seuser;
semanage_seuser_t *seuser_clone;
int result;
const char *str;
const char *str_clone;
if (argc < 3)
exit(2);
sh = get_handle(argv[1]);
seuser = test_get_seuser(sh, argv[2]);
result = semanage_seuser_clone(sh, seuser, &seuser_clone);
printf("semanage_seuser_clone(%p, %p): %d\n",
(void *) seuser, (void *) seuser_clone, result);
if (result < 0) {
perror("semanage_seuser_clone");
exit(1);
}
str = semanage_seuser_get_name(seuser);
str_clone = semanage_seuser_get_name(seuser_clone);
if (strcmp(str, str_clone) != 0) {
fprintf(stderr, "Different in get_name\n");
exit(1);
}
str = semanage_seuser_get_sename(seuser);
str_clone = semanage_seuser_get_sename(seuser_clone);
if (strcmp(str, str_clone) != 0) {
fprintf(stderr, "Different in get_sename\n");
exit(1);
}
str = semanage_seuser_get_mlsrange(seuser);
str_clone = semanage_seuser_get_mlsrange(seuser_clone);
if (strcmp(str, str_clone) != 0) {
fprintf(stderr, "Different in get_mlsrange\n");
exit(1);
}
destroy_handle(sh, argv[1]);
exit(0);
}

View File

@ -0,0 +1,44 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <semanage/semanage.h>
#include "functions.c"
int main (int argc, char **argv) {
semanage_handle_t *sh;
semanage_seuser_t *seuser;
semanage_seuser_key_t *key;
int result;
if (argc < 3)
exit(2);
sh = get_handle(argv[1]);
seuser = test_get_seuser(sh, "first");
key = test_get_key(sh, argv[2]);
result = semanage_seuser_compare(seuser, key);
printf("semanage_seuser_compare(%p, %p): %d\n",
(void *) seuser, (void *) key, result);
if (argc >= 4) {
if (strcmp(argv[3], "same") == 0 && result != 0) {
fprintf(stderr, "Expected same but got different\n");
exit(1);
}
else if (strcmp(argv[3], "different") == 0 && result == 0) {
fprintf(stderr, "Expected different but got same\n");
exit(1);
}
}
semanage_seuser_key_free(key);
destroy_handle(sh, argv[1]);
exit(0);
}

View File

@ -0,0 +1,54 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <semanage/semanage.h>
#include "functions.c"
int main (int argc, char **argv) {
semanage_handle_t *sh;
semanage_seuser_t *seuser;
semanage_seuser_t *seuser2;
int result;
int first = -1;
int second = -1;
if (argc < 4)
exit(2);
sh = get_handle(argv[1]);
if (strcmp(argv[2], "NULL") == 0) {
seuser = NULL;
}
else {
first = strtol(argv[2], NULL, 10);
seuser = test_get_seuser_nth(sh, first);
}
if (strcmp(argv[3], "NULL") == 0) {
seuser2 = NULL;
}
else {
second = strtol(argv[3], NULL, 10);
seuser2 = test_get_seuser_nth(sh, second);
}
result = semanage_seuser_compare2(seuser, seuser2);
printf("semanage_seuser_compare(%p, %p): %d\n",
(void *) seuser, (void *) seuser2, result);
if (first == second && result != 0) {
fprintf(stderr, "Expected same but got different\n");
exit(1);
}
else if (first != second && result == 0) {
fprintf(stderr, "Expected different but got same\n");
exit(1);
}
destroy_handle(sh, argv[1]);
exit(0);
}

View File

@ -0,0 +1,34 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <semanage/semanage.h>
#include "functions.c"
int main (int argc, char **argv) {
semanage_handle_t *sh;
unsigned int response;
int result;
if (argc < 2)
exit(2);
sh = get_handle(argv[1]);
result = semanage_seuser_count(sh, &response);
printf("semanage_seuser_count(%p, %p): %d, response: %u\n",
(void *) sh, (void *) &response, result, response);
if (result < 0) {
perror("semanage_seuser_count");
exit(1);
}
if (argc >= 3)
check_result_int(argv[2], response);
destroy_handle(sh, argv[1]);
exit(0);
}

View File

@ -0,0 +1,46 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <semanage/semanage.h>
#include "functions.c"
int main (int argc, char **argv) {
semanage_handle_t *sh;
semanage_seuser_t *seuser;
int result;
unsigned int response;
int num;
if (argc < 2)
exit(2);
sh = get_handle(argv[1]);
num = strtol(argv[2], NULL, 10);
for (int i = 0; i < num; i++) {
seuser = test_get_seuser_nth(sh, i);
test_add_local_seuser(sh, seuser);
}
result = semanage_seuser_count_local(sh, &response);
printf("semanage_seuser_count_local(%p, %p): %d, response: %d\n",
(void *) sh, (void *) &response, result, response);
if (result < 0) {
perror("semanage_seuser_count_local");
exit(1);
}
if (argc >= 3)
check_result_int(argv[2], response);
test_del_local_seuser(sh, seuser);
destroy_handle(sh, argv[1]);
exit(0);
}

View File

@ -0,0 +1,53 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <semanage/semanage.h>
#include "functions.c"
int main (int argc, char **argv) {
semanage_handle_t *sh;
semanage_seuser_t *seuser;
int result;
const char *str;
if (argc < 2)
exit(2);
sh = get_handle(argv[1]);
result = semanage_seuser_create(sh, &seuser);
printf("semanage_seuser_create(%p, %p): %d\n",
(void *) sh, (void *) seuser, result);
if (result < 0) {
perror("semanage_seuser_create");
exit(1);
}
str = semanage_seuser_get_name(seuser);
if (str != NULL) {
fprintf(stderr, "Expected name == NULL, got %s\n", str);
exit(1);
}
str = semanage_seuser_get_sename(seuser);
if (str != NULL) {
fprintf(stderr, "Expected sename == NULL, got %s\n", str);
exit(1);
}
str = semanage_seuser_get_mlsrange(seuser);
if (str != NULL) {
fprintf(stderr, "Expected mlsrange == NULL, got %s\n", str);
exit(1);
}
destroy_handle(sh, argv[1]);
exit(0);
}

View File

@ -0,0 +1,64 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <semanage/semanage.h>
#include "functions.c"
int main (int argc, char **argv) {
semanage_handle_t *sh;
semanage_seuser_t *seuser;
semanage_seuser_t *seuser_del;
semanage_seuser_key_t *key;
semanage_seuser_t **records;
int result;
unsigned int count;
if (argc < 4)
exit(2);
sh = get_handle(argv[1]);
seuser = test_get_seuser(sh, argv[2]);
test_add_local_seuser(sh, seuser);
seuser_del = test_get_seuser(sh, argv[3]);
result = semanage_seuser_key_extract(sh, seuser_del, &key);
printf("semanage_seuser_key_extract(%p, %p, %p): %d\n",
(void *) sh, (void *) seuser_del, (void *) &key, result);
if (result < 0) {
perror("semanage_seuser_key_extract");
exit(2);
}
result = semanage_seuser_del_local(sh, key);
printf("semanage_seuser_del_local(%p, %p): %d\n",
(void *) seuser, (void *) key, result);
if (result < 0) {
perror("semanage_seuser_del_local");
exit(1);
}
result = semanage_seuser_list_local(sh, &records, &count);
printf("semanage_seuser_list_local(%p, %p, %p): %d\n",
(void *) sh, (void *) &records, (void *) &count, result);
if (result < 0) {
perror("semanage_seuser_list_local");
exit(2);
}
if (count != 0) {
fprintf(stderr, "Number of local seusers is not 0!\n");
exit(1);
}
destroy_handle(sh, argv[1]);
exit(0);
}

View File

@ -0,0 +1,37 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <semanage/semanage.h>
#include "functions.c"
int main (int argc, char **argv) {
semanage_handle_t *sh;
semanage_seuser_key_t *key;
int result;
int response;
if (argc < 3)
exit(2);
sh = get_handle(argv[1]);
key = test_get_key(sh, argv[2]);
result = semanage_seuser_exists(sh, key, &response);
printf("semanage_seuser_exists(%p, %p, %p): %d, response: %d\n",
(void *) sh, (void *) key, (void *) &response, result, response);
if (result < 0) {
perror("semanage_seuser_exists");
exit(1);
}
if (argc >= 4)
check_result_int(argv[3], response);
destroy_handle(sh, argv[1]);
exit(0);
}

View File

@ -0,0 +1,59 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <semanage/semanage.h>
#include "functions.c"
int main (int argc, char **argv) {
semanage_handle_t *sh;
semanage_seuser_t *seuser;
semanage_seuser_t *seuser_exists;
semanage_seuser_key_t *key;
int result;
int response;
int exp;
if (argc < 4)
exit(2);
sh = get_handle(argv[1]);
seuser = test_get_seuser(sh, argv[2]);
seuser_exists = test_get_seuser(sh, argv[3]);
test_add_local_seuser(sh, seuser);
result = semanage_seuser_key_extract(sh, seuser_exists, &key);
printf("semanage_seuser_key_extract(%p, %p, %p): %d\n",
(void *) sh, (void *) seuser_exists, (void *) &key, result);
if (result < 0) {
perror("semanage_seuser_key_extract");
exit(2);
}
result = semanage_seuser_exists_local(sh, key, &response);
printf("semanage_seuser_exists_local(%p, %p, %p): %d\n",
(void *) sh, (void *) key, (void *) &response, result);
if (result < 0) {
perror("semanage_seuser_exists_local");
exit(1);
}
if (argc >= 5) {
exp = strtol(argv[4], NULL, 10);
if (response != exp) {
fprintf(stderr, "Expected %d but got %d\n", exp, response);
exit(1);
}
}
test_del_local_seuser(sh, seuser);
destroy_handle(sh, argv[1]);
exit(0);
}

View File

@ -0,0 +1,32 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <semanage/semanage.h>
#include "functions.c"
int main (int argc, char **argv) {
semanage_handle_t *sh;
semanage_seuser_t *seuser;
if (argc < 4)
exit(2);
sh = get_handle(argv[1]);
seuser = test_get_seuser(sh, argv[2]);
const char *name = semanage_seuser_get_mlsrange(seuser);
printf("semanage_seuser_get_mlsrange(%p): %s\n",
(void *) seuser, name);
if (strcmp_null(argv[3], name) != 0) {
fprintf(stderr, "Expected %s but got %s\n", argv[2], name);
exit(1);
}
destroy_handle(sh, argv[1]);
exit(0);
}

View File

@ -0,0 +1,32 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <semanage/semanage.h>
#include "functions.c"
int main (int argc, char **argv) {
semanage_handle_t *sh;
semanage_seuser_t *seuser;
if (argc < 4)
exit(2);
sh = get_handle(argv[1]);
seuser = test_get_seuser(sh, argv[2]);
const char *name = semanage_seuser_get_name(seuser);
printf("semanage_seuser_get_name(%p): %s\n",
(void *) seuser, name);
if (strcmp_null(argv[3], name) != 0) {
fprintf(stderr, "Expected %s but got %s\n", argv[2], name);
exit(1);
}
destroy_handle(sh, argv[1]);
exit(0);
}

View File

@ -0,0 +1,32 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <semanage/semanage.h>
#include "functions.c"
int main (int argc, char **argv) {
semanage_handle_t *sh;
semanage_seuser_t *seuser;
if (argc < 4)
exit(2);
sh = get_handle(argv[1]);
seuser = test_get_seuser(sh, argv[2]);
const char *name = semanage_seuser_get_sename(seuser);
printf("semanage_seuser_get_sename(%p): %s\n",
(void *) seuser, name);
if (strcmp_null(argv[3], name) != 0) {
fprintf(stderr, "Expected %s but got %s\n", argv[2], name);
exit(1);
}
destroy_handle(sh, argv[1]);
exit(0);
}

View File

@ -0,0 +1,49 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <semanage/semanage.h>
#include "functions.c"
int counter = 0;
int handler(const semanage_seuser_t *record, void *varg) {
char **args = (char **) varg;
const char *name = semanage_seuser_get_name(record);
if (strcmp(name, args[2 + counter++]) != 0)
return -1;
return 0;
}
int main (int argc, char **argv) {
semanage_handle_t *sh;
int result;
if (argc < 2)
exit(2);
sh = get_handle(argv[1]);
char **param = NULL;
if (argc >= 3) {
param = argv;
}
result = semanage_seuser_iterate(sh, &handler, (void *) param);
printf("semanage_seuser_iterate(%p, %p, %p): %d\n",
(void *) sh, (void *) &handler, (void *) param, result);
if (result < 0) {
perror("semanage_seuser_iterate");
exit(1);
}
destroy_handle(sh, argv[1]);
exit(0);
}

View File

@ -0,0 +1,39 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <semanage/semanage.h>
#include "functions.c"
int main (int argc, char **argv) {
semanage_handle_t *sh;
semanage_seuser_key_t *key;
const char *name;
int result;
if (argc < 3)
exit(2);
sh = get_handle(argv[1]);
if (strcmp(argv[2], "NULL") == 0)
name = NULL;
else
name = argv[2];
result = semanage_seuser_key_create(sh, name, &key);
printf("semanage_seuser_key_create(%p, %s, %p): %d\n",
(void *) sh, name, (void *) &key, result);
if (result < 0 || key == NULL) {
perror("semanage_seuser_key_create");
exit(1);
}
semanage_seuser_key_free(key);
destroy_handle(sh, argv[1]);
exit(0);
}

View File

@ -0,0 +1,45 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <semanage/semanage.h>
#include "functions.c"
int main (int argc, char **argv) {
semanage_handle_t *sh;
semanage_seuser_t *seuser;
semanage_seuser_key_t *key;
int result;
if (argc < 3)
exit(2);
sh = get_handle(argv[1]);
seuser = test_get_seuser(sh, argv[2]);
result = semanage_seuser_key_extract(sh, seuser, &key);
printf("semanage_seuser_key_extract(%p, %p, %p): %d\n",
(void *) sh, (void *) seuser, (void *) &key, result);
if (result < 0) {
perror("semanage_seuser_key_extract");
exit(1);
}
result = semanage_seuser_compare(seuser, key);
printf("semanage_seuser_compare(%p, %p): %d\n",
(void *) seuser, (void *) key, result);
if (result != 0) {
perror("semanage_seuser_compare");
exit(1);
}
semanage_seuser_key_free(key);
destroy_handle(sh, argv[1]);
exit(0);
}

View File

@ -0,0 +1,63 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <semanage/semanage.h>
#include "functions.c"
int main (int argc, char **argv) {
semanage_handle_t *sh;
semanage_seuser_t **records;
unsigned int count;
int result;
if (argc < 2)
exit(2);
sh = get_handle(argv[1]);
result = semanage_seuser_list(sh, &records, &count);
printf("semanage_seuser_list(%p, %p, %p): %d",
(void *) sh, (void *) &records, (void *) &count, result);
if (result < 0) {
perror("semanage_seuser_list");
exit(1);
}
printf(", count: %u, records: ", count);
const char *name;
for (unsigned int i = 0; i < count; i++) {
name = semanage_seuser_get_name(records[i]);
printf("%p (%s), ", (void *) records[i], name);
}
printf("\n");
if (argc >= 3) {
unsigned int exp_count = strtoul(argv[2], NULL, 10);
if (count != exp_count) {
printf("Expected %u but got %u\n", exp_count, count);
exit(1);
}
const char *name;
for (unsigned int i = 0; i < count; i++) {
name = semanage_seuser_get_name(records[i]);
if (strcmp(name, argv[3 + i]) != 0) {
printf("Expected %s but got %s\n", name, argv[3 + i]);
exit(1);
}
}
}
destroy_handle(sh, argv[1]);
exit(0);
}

View File

@ -0,0 +1,64 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <semanage/semanage.h>
#include "functions.c"
int main (int argc, char **argv) {
semanage_handle_t *sh;
semanage_seuser_t *seuser;
semanage_seuser_key_t *key;
semanage_seuser_t **records;
int result;
unsigned int count;
if (argc < 3)
exit(2);
sh = get_handle(argv[1]);
seuser = test_get_seuser(sh, argv[2]);
result = semanage_seuser_key_extract(sh, seuser, &key);
printf("semanage_seuser_key_extract(%p, %p, %p): %d\n",
(void *) sh, (void *) seuser, (void *) &key, result);
if (result < 0) {
perror("semanage_seuser_key_extract");
exit(2);
}
result = semanage_seuser_modify_local(sh, key, seuser);
printf("semanage_seuser_modify_local(%p, %p, %p): %d\n",
(void *) seuser, (void *) key, (void *) seuser, result);
if (result < 0) {
perror("semanage_seuser_modify_local");
exit(1);
}
result = semanage_seuser_list_local(sh, &records, &count);
printf("semanage_seuser_list_local(%p, %p, %p): %d\n",
(void *) sh, (void *) &records, (void *) &count, result);
if (result < 0) {
perror("semanage_seuser_list_local");
exit(2);
}
if (count != 1) {
fprintf(stderr, "Number of local seusers is %u, expected 1!\n", count);
exit(1);
}
if (semanage_seuser_compare(records[0], key) != 0) {
fprintf(stderr, "Local seuser is different!\n");
exit(1);
}
destroy_handle(sh, argv[1]);
exit(0);
}

View File

@ -0,0 +1,50 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <semanage/semanage.h>
#include "functions.c"
int main (int argc, char **argv) {
semanage_handle_t *sh;
semanage_seuser_key_t *key;
semanage_seuser_t *response;
int result;
if (argc < 3)
exit(2);
sh = get_handle(argv[1]);
result = semanage_seuser_key_create(sh, argv[2], &key);
printf("semanage_seuser_key_create(%p, %s, %p): %d\n",
(void *) sh, argv[2], (void *) &key, result);
if (result < 0 || key == NULL) {
perror("semanage_seuser_key_create");
exit(2);
}
result = semanage_seuser_query(sh, key, &response);
printf("semanage_seuser_query(%p, %p, %p): %d, response: %p\n",
(void *) sh, (void *) key, (void *) &response, result, (void *) response);
if (result < 0) {
perror("semanage_seuser_query");
exit(1);
}
const char *name = semanage_seuser_get_name(response);
printf("semanage_seuser_get_name(%p): %s\n",
(void *) response, name);
if (strcmp(argv[2], name) != 0) {
perror("semanage_seuser_get_name");
exit(2);
}
destroy_handle(sh, argv[1]);
exit(0);
}

View File

@ -0,0 +1,62 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <semanage/semanage.h>
#include "functions.c"
int main (int argc, char **argv) {
semanage_handle_t *sh;
semanage_seuser_t *user;
int result;
const char *mlsrange;
if (argc < 3)
exit(2);
sh = get_handle(argv[1]);
user = test_get_seuser(sh, "first");
if (strcmp(argv[2], "NULL") == 0)
mlsrange = NULL;
else
mlsrange = argv[2];
const char *old_mlsrange = semanage_seuser_get_mlsrange(user);
printf("semanage_seuser_get_mlsrange(%p): %s\n",
(void *) user, old_mlsrange);
if (old_mlsrange == NULL) {
perror("semanage_seuser_get_mlsrange");
exit(2);
}
if (strcmp(old_mlsrange, mlsrange) == 0) {
printf("New mlsrange is the same\n");
exit(2);
}
result = semanage_seuser_set_mlsrange(sh, user, mlsrange);
printf("semanage_seuser_set_mlsrange(%p, %p, %s): %d\n",
(void *) sh, (void *) user, mlsrange, result);
if (result < 0) {
perror("semanage_seuser_set_mlsrange");
exit(1);
}
const char *new_mlsrange = semanage_seuser_get_mlsrange(user);
printf("semanage_seuser_get_mlsrange(%p): %s\n",
(void *) user, new_mlsrange);
if (strcmp(new_mlsrange, mlsrange) != 0) {
perror("semanage_seuser_get_mlsrange");
exit(1);
}
destroy_handle(sh, argv[1]);
exit(0);
}

View File

@ -0,0 +1,62 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <semanage/semanage.h>
#include "functions.c"
int main (int argc, char **argv) {
semanage_handle_t *sh;
semanage_seuser_t *user;
int result;
const char *name;
if (argc < 3)
exit(2);
sh = get_handle(argv[1]);
user = test_get_seuser(sh, "first");
if (strcmp(argv[2], "NULL") == 0)
name = NULL;
else
name = argv[2];
const char *old_name = semanage_seuser_get_name(user);
printf("semanage_seuser_get_name(%p): %s\n",
(void *) user, old_name);
if (old_name == NULL) {
perror("semanage_seuser_get_name");
exit(2);
}
if (strcmp(old_name, name) == 0) {
printf("New name is the same\n");
exit(2);
}
result = semanage_seuser_set_name(sh, user, name);
printf("semanage_seuser_set_name(%p, %p, %s): %d\n",
(void *) sh, (void *) user, name, result);
if (result < 0) {
perror("semanage_seuser_set_name");
exit(1);
}
const char *new_name = semanage_seuser_get_name(user);
printf("semanage_seuser_get_name(%p): %s\n",
(void *) user, new_name);
if (strcmp(new_name, name) != 0) {
perror("semanage_seuser_get_name");
exit(1);
}
destroy_handle(sh, argv[1]);
exit(0);
}

View File

@ -0,0 +1,62 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <semanage/semanage.h>
#include "functions.c"
int main (int argc, char **argv) {
semanage_handle_t *sh;
semanage_seuser_t *user;
int result;
const char *name;
if (argc < 3)
exit(2);
sh = get_handle(argv[1]);
user = test_get_seuser(sh, "first");
if (strcmp(argv[2], "NULL") == 0)
name = NULL;
else
name = argv[2];
const char *old_name = semanage_seuser_get_sename(user);
printf("semanage_seuser_get_sename(%p): %s\n",
(void *) user, old_name);
if (old_name == NULL) {
perror("semanage_seuser_get_sename");
exit(2);
}
if (strcmp(old_name, name) == 0) {
printf("New name is the same\n");
exit(2);
}
result = semanage_seuser_set_sename(sh, user, name);
printf("semanage_seuser_set_sename(%p, %p, %s): %d\n",
(void *) sh, (void *) user, name, result);
if (result < 0) {
perror("semanage_seuser_set_sename");
exit(1);
}
const char *new_name = semanage_seuser_get_sename(user);
printf("semanage_seuser_get_sename(%p): %s\n",
(void *) user, new_name);
if (strcmp(new_name, name) != 0) {
perror("semanage_seuser_get_sename");
exit(1);
}
destroy_handle(sh, argv[1]);
exit(0);
}

25
tests/tests.yml Normal file
View File

@ -0,0 +1,25 @@
---
# Tests that run in all contexts
- hosts: localhost
roles:
- role: standard-test-beakerlib
tags:
- classic
repositories:
- repo: "https://src.fedoraproject.org/tests/selinux.git"
dest: "selinux"
fmf_filter: "tier: 1 | component: libsemanage & tags: generic"
required_packages:
- libsemanage # Required for sanity-tests
- libsemanage-devel # Required for sanity-tests
- glibc # Required for sanity-tests
- gcc # Required for sanity-tests
- CUnit-devel # Required for sanity-tests
- libselinux # Required for verify-options-in-semanage-conf
- libselinux-utils # Required for verify-options-in-semanage-conf
- policycoreutils # Required for verify-options-in-semanage-conf
- policycoreutils-python-utils # Required for verify-options-in-semanage-conf
- selinux-policy # Required for verify-options-in-semanage-conf
- selinux-policy-devel # Required for verify-options-in-semanage-conf
- lksctp-tools # sctp_test
- psmisc # sctp_test

View File

@ -0,0 +1,64 @@
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Makefile of /CoreOS/libsemanage/Sanity/verify-options-in-semanage-conf
# Description: Are the verify options in semanage.conf honored?
# Author: Milos Malik <mmalik@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2016 Red Hat, Inc.
#
# This copyrighted material is made available to anyone wishing
# to use, modify, copy, or redistribute it subject to the terms
# and conditions of the GNU General Public License version 2.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public
# License along with this program; if not, write to the Free
# Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
# Boston, MA 02110-1301, USA.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
export TEST=/CoreOS/libsemanage/Sanity/verify-options-in-semanage-conf
export TESTVERSION=1.0
BUILT_FILES=
FILES=$(METADATA) runtest.sh Makefile PURPOSE empty.te
.PHONY: all install download clean
run: $(FILES) build
./runtest.sh
build: $(BUILT_FILES)
test -x runtest.sh || chmod a+x runtest.sh
clean:
rm -f *~ $(BUILT_FILES)
include /usr/share/rhts/lib/rhts-make.include
$(METADATA): Makefile
@echo "Owner: Milos Malik <mmalik@redhat.com>" > $(METADATA)
@echo "Name: $(TEST)" >> $(METADATA)
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
@echo "Path: $(TEST_DIR)" >> $(METADATA)
@echo "Description: Are the verify options in semanage.conf honored?" >> $(METADATA)
@echo "Type: Sanity" >> $(METADATA)
@echo "TestTime: 10m" >> $(METADATA)
@echo "RunFor: libsemanage" >> $(METADATA)
@echo "Requires: libselinux libselinux-utils libsemanage policycoreutils policycoreutils-python selinux-policy selinux-policy-devel" >> $(METADATA)
@echo "Priority: Normal" >> $(METADATA)
@echo "License: GPLv2" >> $(METADATA)
@echo "Confidential: no" >> $(METADATA)
@echo "Destructive: no" >> $(METADATA)
@echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA)
rhts-lint $(METADATA)

View File

@ -0,0 +1,9 @@
PURPOSE of /CoreOS/libsemanage/Sanity/verify-options-in-semanage-conf
Author: Milos Malik <mmalik@redhat.com>
Are the verify options in semanage.conf honored?
Tested options: verify kernel, verify module, verify linked
Tested tools: semodule, semanage
Positive and negative cases are tested.
Original information found at http://selinuxproject.org/page/PolicyValidate

View File

@ -0,0 +1,2 @@
policy_module(empty,1.0)

View File

@ -0,0 +1,142 @@
#!/bin/bash
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# runtest.sh of /CoreOS/libsemanage/Sanity/verify-options-in-semanage-conf
# Description: Are the verify options in semanage.conf honored?
# Author: Milos Malik <mmalik@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2016 Red Hat, Inc.
#
# This copyrighted material is made available to anyone wishing
# to use, modify, copy, or redistribute it subject to the terms
# and conditions of the GNU General Public License version 2.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public
# License along with this program; if not, write to the Free
# Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
# Boston, MA 02110-1301, USA.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# Include Beaker environment
. /usr/bin/rhts-environment.sh || exit 1
. /usr/share/beakerlib/beakerlib.sh || exit 1
PACKAGE="libsemanage"
MODULE_NAME="empty"
SEMANAGE_CONF="/etc/selinux/semanage.conf"
rlJournalStart
rlPhaseStartSetup
rlAssertRpm ${PACKAGE}
rlAssertRpm policycoreutils
rlAssertRpm selinux-policy
rlFileBackup ${SEMANAGE_CONF}
rlRun "rpm -qf /usr/sbin/semanage"
rlRun "grep -v -e '^#' -e '^$' ${SEMANAGE_CONF}"
OUTPUT_FILE=`mktemp`
rlRun "setenforce 1"
rlRun "sestatus"
rlRun "ls -l ${MODULE_NAME}.te"
rlRun "make -f /usr/share/selinux/devel/Makefile"
rlRun "ls -l ${MODULE_NAME}.pp"
rlPhaseEnd
rlLog "positive cases follow"
# TODO: /bin/true could be replaced a script, which prints the supplied arguments into a file for further inspection
rlPhaseStartTest "verify kernel"
rlRun "semodule -r ${MODULE_NAME}" 0,1
rlFileRestore
rlRun "echo -en '[verify kernel]\npath = /bin/true\nargs = \$@\n[end]\n' >> ${SEMANAGE_CONF}"
rlRun "semodule -i ${MODULE_NAME}.pp 2>&1 | tee ${OUTPUT_FILE}"
rlAssertNotGrep "semodule.*failed" ${OUTPUT_FILE} -i
rlRun "semodule -l | grep ${MODULE_NAME}"
rlRun "semanage module -a ${MODULE_NAME}.pp 2>&1 | tee ${OUTPUT_FILE}"
rlAssertNotGrep "could not commit semanage transaction|no such file or directory" ${OUTPUT_FILE} -Ei
rlRun "semanage module -l | grep ${MODULE_NAME}"
rlPhaseEnd
rlPhaseStartTest "verify module"
rlRun "semodule -r ${MODULE_NAME}" 0,1
rlFileRestore
rlRun "echo -en '[verify module]\npath = /bin/true\nargs = \$@\n[end]\n' >> ${SEMANAGE_CONF}"
rlRun "semodule -i ${MODULE_NAME}.pp 2>&1 | tee ${OUTPUT_FILE}"
rlAssertNotGrep "semodule.*failed" ${OUTPUT_FILE} -i
rlRun "semodule -l | grep ${MODULE_NAME}"
rlRun "semanage module -a ${MODULE_NAME}.pp 2>&1 | tee ${OUTPUT_FILE}"
rlAssertNotGrep "could not commit semanage transaction|no such file or directory" ${OUTPUT_FILE} -Ei
rlRun "semanage module -l | grep ${MODULE_NAME}"
rlPhaseEnd
if rlIsRHEL '<7.3' ; then # because "[verify linked]" was dropped
rlPhaseStartTest "verify linked"
rlRun "semodule -r ${MODULE_NAME}" 0,1
rlFileRestore
rlRun "echo -en '[verify linked]\npath = /bin/true\nargs = \$@\n[end]\n' >> ${SEMANAGE_CONF}"
rlRun "semodule -i ${MODULE_NAME}.pp 2>&1 | tee ${OUTPUT_FILE}"
rlAssertNotGrep "semodule.*failed" ${OUTPUT_FILE} -i
rlRun "semodule -l | grep ${MODULE_NAME}"
rlRun "semanage module -a ${MODULE_NAME}.pp 2>&1 | tee ${OUTPUT_FILE}"
rlAssertNotGrep "could not commit semanage transaction|no such file or directory" ${OUTPUT_FILE} -Ei
rlRun "semanage module -l | grep ${MODULE_NAME}"
rlPhaseEnd
fi
rlLog "negative cases follow"
# TODO: /bin/false could be replaced a script, which prints the supplied arguments into a file for further inspection
rlPhaseStartTest "verify kernel"
rlRun "semodule -r ${MODULE_NAME}" 0,1
rlFileRestore
rlRun "echo -en '[verify kernel]\npath = /bin/false\nargs = \$@\n[end]\n' >> ${SEMANAGE_CONF}"
rlRun "semodule -i ${MODULE_NAME}.pp 2>&1 | tee ${OUTPUT_FILE}"
rlAssertGrep "semodule.*failed" ${OUTPUT_FILE} -i
rlRun "semodule -l | grep ${MODULE_NAME}" 1
rlRun "semanage module -a ${MODULE_NAME}.pp 2>&1 | tee ${OUTPUT_FILE}"
rlAssertGrep "could not commit semanage transaction|no such file or directory" ${OUTPUT_FILE} -Ei
rlRun "semanage module -l | grep ${MODULE_NAME}" 1
rlPhaseEnd
rlPhaseStartTest "verify module"
rlRun "semodule -r ${MODULE_NAME}" 0,1
rlFileRestore
rlRun "echo -en '[verify module]\npath = /bin/false\nargs = \$@\n[end]\n' >> ${SEMANAGE_CONF}"
rlRun "semodule -i ${MODULE_NAME}.pp 2>&1 | tee ${OUTPUT_FILE}"
rlAssertGrep "semodule.*failed" ${OUTPUT_FILE} -i
rlRun "semodule -l | grep ${MODULE_NAME}" 1
rlRun "semanage module -a ${MODULE_NAME}.pp 2>&1 | tee ${OUTPUT_FILE}"
rlAssertGrep "could not commit semanage transaction|no such file or directory" ${OUTPUT_FILE} -Ei
rlRun "semanage module -l | grep ${MODULE_NAME}" 1
rlPhaseEnd
if rlIsRHEL '<7.3' ; then # because "[verify linked]" was dropped
rlPhaseStartTest "verify linked"
rlRun "semodule -r ${MODULE_NAME}" 0,1
rlFileRestore
rlRun "echo -en '[verify linked]\npath = /bin/false\nargs = \$@\n[end]\n' >> ${SEMANAGE_CONF}"
rlRun "semodule -i ${MODULE_NAME}.pp 2>&1 | tee ${OUTPUT_FILE}"
rlAssertGrep "semodule.*failed" ${OUTPUT_FILE} -i
rlRun "semodule -l | grep ${MODULE_NAME}" 1
rlRun "semanage module -a ${MODULE_NAME}.pp 2>&1 | tee ${OUTPUT_FILE}"
rlAssertGrep "could not commit semanage transaction|no such file or directory" ${OUTPUT_FILE} -Ei
rlRun "semanage module -l | grep ${MODULE_NAME}" 1
rlPhaseEnd
fi
rlPhaseStartCleanup
rlRun "rm -f ${MODULE_NAME}.pp ${OUTPUT_FILE}"
rlFileRestore
rlPhaseEnd
rlJournalPrintText
rlJournalEnd