* Fwd: [LTP] [PATCH] Create $SELINUXTMPDIR in each of the tests
@ 2009-04-18 18:47 Subrata Modak
2009-04-20 1:32 ` [LTP] Fwd: " Serge E. Hallyn
2009-04-29 19:07 ` Stephen Smalley
0 siblings, 2 replies; 13+ messages in thread
From: Subrata Modak @ 2009-04-18 18:47 UTC (permalink / raw)
To: Stephen Smalley; +Cc: ltp-list, SE Linux, Jiri Palecek, James Morris
Stephen,
Would you like to say something about the following Patch ?
Regards--
Subrata
-------- Forwarded Message --------
From: Jiri Palecek > <<jirka@debian.POK.IBM.COM>
Cc: ltp-list@lists.sourceforge.net <ltp-list@lists.sourceforge.net>
Subject: [LTP] [PATCH] Create $SELINUXTMPDIR in each of the tests
Date: Thu, 16 Apr 2009 12:52:05 +0200
Hello,
while running the selinux tests, I was contemplating the way the $SELINUXTMPDIR is created. It seems to me that creating it in each test individually would allow running the tests in parallel, make some hacks needed to prevent interference of the tests unnecessary, allow the tests to be run directly from ltpmenu et al., and wouldn't add much more code. What do you think about this?
PS: This patch still has issues, namely, the cleanup is denied sometimes.
Regards
Jiri Palecek
Signed-off-by: Jiri Palecek <jpalecek@web.de>
---
.../tests/bounds/selinux_bounds.sh | 7 +++----
.../tests/capable_file/selinux_capable_file.sh | 8 +++-----
.../tests/capable_sys/selinux_capable_sys.sh | 8 ++++----
.../tests/entrypoint/selinux_entrypoint.sh | 7 +++----
.../execute_no_trans/selinux_execute_no_trans.sh | 7 +++----
.../tests/fdreceive/selinux_fdreceive.sh | 7 +++----
.../selinux-testsuite/tests/file/selinux_file.sh | 14 ++++----------
.../tests/inherit/selinux_inherit.sh | 8 +++-----
.../selinux-testsuite/tests/ioctl/selinux_ioctl.sh | 5 ++++-
.../selinux-testsuite/tests/link/selinux_link.sh | 7 +++----
.../selinux-testsuite/tests/mkdir/selinux_mkdir.sh | 7 +++----
.../selinux-testsuite/tests/open/selinux_open.sh | 7 +++----
.../tests/readlink/selinux_readlink.sh | 7 +++----
.../tests/relabel/selinux_relabel.sh | 7 +++----
.../tests/rename/selinux_rename.sh | 7 +++----
.../selinux-testsuite/tests/rxdir/selinux_rxdir.sh | 7 +++----
.../tests/setattr/selinux_setattr.sh | 7 +++----
.../selinux-testsuite/tests/stat/selinux_stat.sh | 7 +++----
18 files changed, 57 insertions(+), 77 deletions(-)
diff --git a/testcases/kernel/security/selinux-testsuite/tests/bounds/selinux_bounds.sh b/testcases/kernel/security/selinux-testsuite/tests/bounds/selinux_bounds.sh
index fb0876e..5a3fa06 100755
--- a/testcases/kernel/security/selinux-testsuite/tests/bounds/selinux_bounds.sh
+++ b/testcases/kernel/security/selinux-testsuite/tests/bounds/selinux_bounds.sh
@@ -14,8 +14,8 @@ setup()
export TST_COUNT=0
export TST_TOTAL=4
- # Remove any leftover test directories from prior failed runs.
- rm -rf $SELINUXTMPDIR/bounds_file*
+ SELINUXTMPDIR=$(mktemp -d)
+ chcon -t test_file_t $SELINUXTMPDIR
# Create test files
dd if=/dev/zero of=$SELINUXTMPDIR/bounds_file count=1
@@ -141,8 +141,7 @@ test06()
cleanup()
{
- # Cleanup
- rm -rf $SELINUXTMPDIR/bounds_file*
+ rm -rf $SELINUXTMPDIR
}
# Function: main
diff --git a/testcases/kernel/security/selinux-testsuite/tests/capable_file/selinux_capable_file.sh b/testcases/kernel/security/selinux-testsuite/tests/capable_file/selinux_capable_file.sh
index 86d89a1..f5f1040 100755
--- a/testcases/kernel/security/selinux-testsuite/tests/capable_file/selinux_capable_file.sh
+++ b/testcases/kernel/security/selinux-testsuite/tests/capable_file/selinux_capable_file.sh
@@ -17,9 +17,8 @@ setup()
export TST_COUNT=0
export TST_TOTAL=10
- # Clean up from a previous run
- rm -f $SELINUXTMPDIR/temp_file 2>&1
- rm -f $SELINUXTMPDIR/temp_file2 2>&1
+ SELINUXTMPDIR=$(mktemp -d)
+ chcon -t test_file_t $SELINUXTMPDIR
}
#
@@ -233,8 +232,7 @@ test10()
cleanup()
{
- rm -f $SELINUXTMPDIR/temp_file 2>&1
- rm -f $SELINUXTMPDIR/temp_file2 2>&1
+ rm -rf $SELINUXTMPDIR
}
# Function: main
diff --git a/testcases/kernel/security/selinux-testsuite/tests/capable_sys/selinux_capable_sys.sh b/testcases/kernel/security/selinux-testsuite/tests/capable_sys/selinux_capable_sys.sh
index da880b3..1965142 100755
--- a/testcases/kernel/security/selinux-testsuite/tests/capable_sys/selinux_capable_sys.sh
+++ b/testcases/kernel/security/selinux-testsuite/tests/capable_sys/selinux_capable_sys.sh
@@ -17,8 +17,8 @@ setup()
export TST_COUNT=0
export TST_TOTAL=8
- # Clean up from a previous run
- rm -f $SELINUXTMPDIR/temp_file 2>&1
+ SELINUXTMPDIR=$(mktemp -d)
+ chcon -t test_file_t $SELINUXTMPDIR
}
#
@@ -195,8 +195,7 @@ test08()
cleanup()
{
- # Remove files
- rm -f $SELINUXTMPDIR/temp_file 2>&1
+ rm -rf $SELINUXTMPDIR
}
# Function: main
@@ -215,6 +214,7 @@ test02 || EXIT_VAL=$RC
test03 || EXIT_VAL=$RC
test04 || EXIT_VAL=$RC
cleanup
+setup
test05 || EXIT_VAL=$RC
test06 || EXIT_VAL=$RC
test07 || EXIT_VAL=$RC
diff --git a/testcases/kernel/security/selinux-testsuite/tests/entrypoint/selinux_entrypoint.sh b/testcases/kernel/security/selinux-testsuite/tests/entrypoint/selinux_entrypoint.sh
index 4ae880a..bd58845 100755
--- a/testcases/kernel/security/selinux-testsuite/tests/entrypoint/selinux_entrypoint.sh
+++ b/testcases/kernel/security/selinux-testsuite/tests/entrypoint/selinux_entrypoint.sh
@@ -15,8 +15,8 @@ setup()
export TST_COUNT=0
export TST_TOTAL=2
- # Clean up from a previous run
- rm -f $SELINUXTMPDIR/true 2>&1
+ SELINUXTMPDIR=$(mktemp -d)
+ chcon -t test_file_t $SELINUXTMPDIR
}
test01()
@@ -63,8 +63,7 @@ test02()
cleanup()
{
- # Cleanup.
- rm -f $SELINUXTMPDIR/true
+ rm -rf $SELINUXTMPDIR
}
# Function: main
diff --git a/testcases/kernel/security/selinux-testsuite/tests/execute_no_trans/selinux_execute_no_trans.sh b/testcases/kernel/security/selinux-testsuite/tests/execute_no_trans/selinux_execute_no_trans.sh
index 2c58fe1..67bfe6f 100755
--- a/testcases/kernel/security/selinux-testsuite/tests/execute_no_trans/selinux_execute_no_trans.sh
+++ b/testcases/kernel/security/selinux-testsuite/tests/execute_no_trans/selinux_execute_no_trans.sh
@@ -15,8 +15,8 @@ setup()
export TST_COUNT=0
export TST_TOTAL=2
- # Clean up from a previous run
- rm -f $SELINUXTMPDIR/true 2>&1
+ SELINUXTMPDIR=$(mktemp -d)
+ chcon -t test_file_t $SELINUXTMPDIR
}
test01()
@@ -66,8 +66,7 @@ test02()
cleanup()
{
- # Cleanup.
- rm -f $SELINUXTMPDIR/true
+ rm -rf $SELINUXTMPDIR
}
# Function: main
diff --git a/testcases/kernel/security/selinux-testsuite/tests/fdreceive/selinux_fdreceive.sh b/testcases/kernel/security/selinux-testsuite/tests/fdreceive/selinux_fdreceive.sh
index 4ec7f2e..76bbedd 100755
--- a/testcases/kernel/security/selinux-testsuite/tests/fdreceive/selinux_fdreceive.sh
+++ b/testcases/kernel/security/selinux-testsuite/tests/fdreceive/selinux_fdreceive.sh
@@ -15,8 +15,8 @@ setup()
export TST_COUNT=0
export TST_TOTAL=3
- # Remove any leftover test file from prior failed runs.
- rm -rf $SELINUXTMPDIR/test_file $SELINUXTMPDIR/test_file2 $SELINUXTMPDIR/test_sock
+ SELINUXTMPDIR=$(mktemp -d)
+ chcon -t test_file_t $SELINUXTMPDIR
# Create and label the test files.
touch $SELINUXTMPDIR/test_file $SELINUXTMPDIR/test_file2
@@ -100,8 +100,7 @@ cleanup()
# Kill the server.
kill -s TERM $PID
- # Cleanup.
- rm -rf $SELINUXTMPDIR/test_file $SELINUXTMPDIR/test_file2 $SELINUXTMPDIR/test_sock
+ rm -rf $SELINUXTMPDIR
}
# Function: main
diff --git a/testcases/kernel/security/selinux-testsuite/tests/file/selinux_file.sh b/testcases/kernel/security/selinux-testsuite/tests/file/selinux_file.sh
index 0c88e9b..71b09dd 100755
--- a/testcases/kernel/security/selinux-testsuite/tests/file/selinux_file.sh
+++ b/testcases/kernel/security/selinux-testsuite/tests/file/selinux_file.sh
@@ -17,10 +17,9 @@ setup()
export TST_COUNT=0
export TST_TOTAL=14
- # Clean up from a previous run
- rm -f $SELINUXTMPDIR/temp_file 2>&1
- rm -f $SELINUXTMPDIR/temp_file2 2>&1
- rm -f $SELINUXTMPDIR/temp_file3 2>&1
+ LTPBIN=$LTPROOT/testcases/bin
+ SELINUXTMPDIR=$(mktemp -d)
+ chcon -t test_file_t $SELINUXTMPDIR
#
# Create the temp files
@@ -361,12 +360,7 @@ test14()
cleanup()
{
- #
- # Delete the temp files
- #
- rm -f $basedir/temp_file 2>&1
- rm -f $basedir/temp_file2 2>&1
- rm -f $basedir/temp_file3 2>&1
+ rm -rf $SELINUXTMPDIR
}
#
diff --git a/testcases/kernel/security/selinux-testsuite/tests/inherit/selinux_inherit.sh b/testcases/kernel/security/selinux-testsuite/tests/inherit/selinux_inherit.sh
index 8a48185..13defc8 100755
--- a/testcases/kernel/security/selinux-testsuite/tests/inherit/selinux_inherit.sh
+++ b/testcases/kernel/security/selinux-testsuite/tests/inherit/selinux_inherit.sh
@@ -15,8 +15,8 @@ setup()
export TST_COUNT=0
export TST_TOTAL=3
- # Clean up from a previous run
- rm -f $SELINUXTMPDIR/test_file 2>&1
+ SELINUXTMPDIR=$(mktemp -d)
+ chcon -t test_file_t $SELINUXTMPDIR
# Create a test file with the test_inherit_file_t type
# for use in the tests.
@@ -97,9 +97,7 @@ test03()
cleanup()
{
- # Cleanup.
- rm -rf $SELINUXTMPDIR/test_file
- cd $SAVEPWD
+ rm -rf $SELINUXTMPDIR
}
# Function: main
diff --git a/testcases/kernel/security/selinux-testsuite/tests/ioctl/selinux_ioctl.sh b/testcases/kernel/security/selinux-testsuite/tests/ioctl/selinux_ioctl.sh
index a46a8f9..61bfacd 100755
--- a/testcases/kernel/security/selinux-testsuite/tests/ioctl/selinux_ioctl.sh
+++ b/testcases/kernel/security/selinux-testsuite/tests/ioctl/selinux_ioctl.sh
@@ -17,6 +17,9 @@ setup()
export TST_COUNT=0
export TST_TOTAL=2
+ SELINUXTMPDIR=$(mktemp -d)
+ chcon -t test_file_t $SELINUXTMPDIR
+
# Create a temporary file for testing
rm -f $SELINUXTMPDIR/temp_file 2>&1
touch $SELINUXTMPDIR/temp_file 2>&1
@@ -65,7 +68,7 @@ test02()
cleanup()
{
- rm -f $SELINUXTMPDIR/temp_file 2>&1
+ rm -rf $SELINUXTMPDIR
}
# Function: main
diff --git a/testcases/kernel/security/selinux-testsuite/tests/link/selinux_link.sh b/testcases/kernel/security/selinux-testsuite/tests/link/selinux_link.sh
index b78a2df..b666320 100755
--- a/testcases/kernel/security/selinux-testsuite/tests/link/selinux_link.sh
+++ b/testcases/kernel/security/selinux-testsuite/tests/link/selinux_link.sh
@@ -15,8 +15,8 @@ setup()
export TST_COUNT=0
export TST_TOTAL=6
- # Clean up from a previous run
- rm -f $SELINUXTMPDIR/test_dir 2>&1
+ SELINUXTMPDIR=$(mktemp -d)
+ chcon -t test_file_t $SELINUXTMPDIR
# Create a test directory with the test_addname_dir_t type
# for use in the tests.
@@ -157,8 +157,7 @@ test06()
cleanup()
{
- # Cleanup.
- rm -rf $SELINUXTMPDIR/test_dir
+ rm -rf $SELINUXTMPDIR
}
# Function: main
diff --git a/testcases/kernel/security/selinux-testsuite/tests/mkdir/selinux_mkdir.sh b/testcases/kernel/security/selinux-testsuite/tests/mkdir/selinux_mkdir.sh
index 79f1c57..a8b8eb7 100755
--- a/testcases/kernel/security/selinux-testsuite/tests/mkdir/selinux_mkdir.sh
+++ b/testcases/kernel/security/selinux-testsuite/tests/mkdir/selinux_mkdir.sh
@@ -15,8 +15,8 @@ setup()
export TST_COUNT=0
export TST_TOTAL=5
- # Remove any leftover test directory from prior failed runs.
- rm -rf $SELINUXTMPDIR/test_dir
+ SELINUXTMPDIR=$(mktemp -d)
+ chcon -t test_file_t $SELINUXTMPDIR
# Create a test directory with the test_mkdir_dir_t type
# for use in the tests.
@@ -129,8 +129,7 @@ test05()
cleanup()
{
- # Cleanup.
- rm -rf $SELINUXTMPDIR/test_dir
+ rm -rf $SELINUXTMPDIR
}
# Function: main
diff --git a/testcases/kernel/security/selinux-testsuite/tests/open/selinux_open.sh b/testcases/kernel/security/selinux-testsuite/tests/open/selinux_open.sh
index de7be4c..edd5922 100755
--- a/testcases/kernel/security/selinux-testsuite/tests/open/selinux_open.sh
+++ b/testcases/kernel/security/selinux-testsuite/tests/open/selinux_open.sh
@@ -15,8 +15,8 @@ setup()
export TST_COUNT=0
export TST_TOTAL=8
- # Remove any leftover test directories from prior failed runs.
- rm -rf $SELINUXTMPDIR/test_file
+ SELINUXTMPDIR=$(mktemp -d)
+ chcon -t test_file_t $SELINUXTMPDIR
# Create a test file.
touch $SELINUXTMPDIR/test_file
@@ -180,8 +180,7 @@ test08()
cleanup()
{
- # Cleanup.
- rm -rf $SELINUXTMPDIR/test_file
+ rm -rf $SELINUXTMPDIR
}
# Function: main
diff --git a/testcases/kernel/security/selinux-testsuite/tests/readlink/selinux_readlink.sh b/testcases/kernel/security/selinux-testsuite/tests/readlink/selinux_readlink.sh
index 2c4a885..11e6c29 100755
--- a/testcases/kernel/security/selinux-testsuite/tests/readlink/selinux_readlink.sh
+++ b/testcases/kernel/security/selinux-testsuite/tests/readlink/selinux_readlink.sh
@@ -15,8 +15,8 @@ setup()
export TST_COUNT=0
export TST_TOTAL=3
- # Remove any leftover test files from prior failed runs.
- rm -rf $SELINUXTMPDIR/test_file $SELINUXTMPDIR/test_symlink
+ SELINUXTMPDIR=$(mktemp -d)
+ chcon -t test_file_t $SELINUXTMPDIR
# Create a test file.
touch $SELINUXTMPDIR/test_file 2>&1
@@ -86,8 +86,7 @@ test03()
cleanup()
{
- # Cleanup.
- rm -rf $SELINUXTMPDIR/test_file $SELINUXTMPDIR/test_symlink
+ rm -rf $SELINUXTMPDIR
}
# Function: main
diff --git a/testcases/kernel/security/selinux-testsuite/tests/relabel/selinux_relabel.sh b/testcases/kernel/security/selinux-testsuite/tests/relabel/selinux_relabel.sh
index 8d8bad3..076228d 100755
--- a/testcases/kernel/security/selinux-testsuite/tests/relabel/selinux_relabel.sh
+++ b/testcases/kernel/security/selinux-testsuite/tests/relabel/selinux_relabel.sh
@@ -15,8 +15,8 @@ setup()
export TST_COUNT=0
export TST_TOTAL=3
- # Remove any leftover test file from prior failed runs.
- rm -rf $SELINUXTMPDIR/test_file
+ SELINUXTMPDIR=$(mktemp -d)
+ chcon -t test_file_t $SELINUXTMPDIR
# Create a test file with the test_relabel_oldtype_t
# type for use in the tests.
@@ -90,8 +90,7 @@ test03()
cleanup()
{
- # Cleanup.
- rm -rf $SELINUXTMPDIR/test_file
+ rm -rf $SELINUXTMPDIR
}
# Function: main
diff --git a/testcases/kernel/security/selinux-testsuite/tests/rename/selinux_rename.sh b/testcases/kernel/security/selinux-testsuite/tests/rename/selinux_rename.sh
index 36e2485..ca9e409 100755
--- a/testcases/kernel/security/selinux-testsuite/tests/rename/selinux_rename.sh
+++ b/testcases/kernel/security/selinux-testsuite/tests/rename/selinux_rename.sh
@@ -15,8 +15,8 @@ setup()
export TST_COUNT=0
export TST_TOTAL=9
- # Remove any leftover test directories from prior failed runs.
- rm -rf $SELINUXTMPDIR/src_dir $SELINUXTMPDIR/dst_dir
+ SELINUXTMPDIR=$(mktemp -d)
+ chcon -t test_file_t $SELINUXTMPDIR
# Create the source and destination test directories for the rename.
mkdir --context=system_u:object_r:test_rename_src_dir_t $SELINUXTMPDIR/src_dir 2>&1
@@ -231,8 +231,7 @@ test09()
cleanup()
{
- # Cleanup.
- rm -rf $SELINUXTMPDIR/src_dir $SELINUXTMPDIR/dst_dir
+ rm -rf $SELINUXTMPDIR
}
# Function: main
diff --git a/testcases/kernel/security/selinux-testsuite/tests/rxdir/selinux_rxdir.sh b/testcases/kernel/security/selinux-testsuite/tests/rxdir/selinux_rxdir.sh
index 82c335e..7d836ce 100755
--- a/testcases/kernel/security/selinux-testsuite/tests/rxdir/selinux_rxdir.sh
+++ b/testcases/kernel/security/selinux-testsuite/tests/rxdir/selinux_rxdir.sh
@@ -15,8 +15,8 @@ setup()
export TST_COUNT=0
export TST_TOTAL=4
- # Remove any leftover test directory from prior failed runs.
- rm -rf $SELINUXTMPDIR/test_dir
+ SELINUXTMPDIR=$(mktemp -d)
+ chcon -t test_file_t $SELINUXTMPDIR
# Create a test dir with the test_rxdir_dir_t type
# for use in the tests.
@@ -102,8 +102,7 @@ test04()
cleanup()
{
- # Cleanup.
- rm -rf $SELINUXTMPDIR/test_dir
+ rm -rf $SELINUXTMPDIR
}
# Function: main
diff --git a/testcases/kernel/security/selinux-testsuite/tests/setattr/selinux_setattr.sh b/testcases/kernel/security/selinux-testsuite/tests/setattr/selinux_setattr.sh
index dd30179..2ab6070 100755
--- a/testcases/kernel/security/selinux-testsuite/tests/setattr/selinux_setattr.sh
+++ b/testcases/kernel/security/selinux-testsuite/tests/setattr/selinux_setattr.sh
@@ -15,8 +15,8 @@ setup()
export TST_COUNT=0
export TST_TOTAL=4
- # Remove any leftover test file from prior failed runs.
- rm -rf $SELINUXTMPDIR/test_file
+ SELINUXTMPDIR=$(mktemp -d)
+ chcon -t test_file_t $SELINUXTMPDIR
# Create a test file with the test_setattr_file_t type
# for use in the tests.
@@ -100,8 +100,7 @@ test04()
cleanup()
{
- # Cleanup.
- rm -rf $SELINUXTMPDIR/test_file
+ rm -rf $SELINUXTMPDIR
}
# Function: main
diff --git a/testcases/kernel/security/selinux-testsuite/tests/stat/selinux_stat.sh b/testcases/kernel/security/selinux-testsuite/tests/stat/selinux_stat.sh
index 98ed91f..3a13122 100755
--- a/testcases/kernel/security/selinux-testsuite/tests/stat/selinux_stat.sh
+++ b/testcases/kernel/security/selinux-testsuite/tests/stat/selinux_stat.sh
@@ -15,8 +15,8 @@ setup()
export TST_COUNT=0
export TST_TOTAL=2
- # Remove any leftover test file from prior failed runs.
- rm -rf $SELINUXTMPDIR/test_file
+ SELINUXTMPDIR=$(mktemp -d)
+ chcon -t test_file_t $SELINUXTMPDIR
# Create a test file with the test_stat_file_t type
# for use in the tests.
@@ -64,8 +64,7 @@ test02()
cleanup()
{
- # Cleanup.
- rm -rf $SELINUXTMPDIR/test_file
+ rm -rf $SELINUXTMPDIR
}
# Function: main
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply related [flat|nested] 13+ messages in thread
* Re: [LTP] Fwd: [PATCH] Create $SELINUXTMPDIR in each of the tests
2009-04-18 18:47 Fwd: [LTP] [PATCH] Create $SELINUXTMPDIR in each of the tests Subrata Modak
@ 2009-04-20 1:32 ` Serge E. Hallyn
2009-04-20 1:35 ` Serge E. Hallyn
[not found] ` <op.usoj4f1cu2flwt@marcela-gaxm89c>
2009-04-29 19:07 ` Stephen Smalley
1 sibling, 2 replies; 13+ messages in thread
From: Serge E. Hallyn @ 2009-04-20 1:32 UTC (permalink / raw)
To: Subrata Modak; +Cc: Stephen Smalley, ltp-list, SE Linux, Jiri Palecek
Quoting Subrata Modak (subrata@linux.vnet.ibm.com):
> Stephen,
>
> Would you like to say something about the following Patch ?
If the motivation is to support multiple concurrent ltp runs, wouldn't
it be better to have selinux-testsuite/tests/runtest.sh set/export
SELINUXTMPDIR to a per-run tempdir? Even as simple as
/tmp/selinux-$pid.
Well, and testscripts/test_selinux.sh I guess...
-serge
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [LTP] Fwd: [PATCH] Create $SELINUXTMPDIR in each of the tests
2009-04-20 1:32 ` [LTP] Fwd: " Serge E. Hallyn
@ 2009-04-20 1:35 ` Serge E. Hallyn
[not found] ` <op.usoj4f1cu2flwt@marcela-gaxm89c>
1 sibling, 0 replies; 13+ messages in thread
From: Serge E. Hallyn @ 2009-04-20 1:35 UTC (permalink / raw)
To: Subrata Modak; +Cc: Stephen Smalley, ltp-list, SE Linux, Jiri Palecek
Quoting Serge E. Hallyn (serue@us.ibm.com):
> Quoting Subrata Modak (subrata@linux.vnet.ibm.com):
> > Stephen,
> >
> > Would you like to say something about the following Patch ?
>
> If the motivation is to support multiple concurrent ltp runs, wouldn't
> it be better to have selinux-testsuite/tests/runtest.sh set/export
> SELINUXTMPDIR to a per-run tempdir? Even as simple as
> /tmp/selinux-$pid.
>
> Well, and testscripts/test_selinux.sh I guess...
Hmm, no, bc at that level you can't easily support multiple policy
module loads anyway. Never mind.
-serge
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [LTP] Fwd: [PATCH] Create $SELINUXTMPDIR in each of the tests
[not found] ` <op.usoj4f1cu2flwt@marcela-gaxm89c>
@ 2009-04-20 13:36 ` Serge E. Hallyn
0 siblings, 0 replies; 13+ messages in thread
From: Serge E. Hallyn @ 2009-04-20 13:36 UTC (permalink / raw)
To: Jiří Paleček
Cc: Subrata Modak, Stephen Smalley, ltp-list, SE Linux
Quoting Jiří Paleček (jpalecek@web.de):
> On Mon, 20 Apr 2009 03:32:43 +0200, Serge E. Hallyn <serue@us.ibm.com> wrote:
>
> > Quoting Subrata Modak (subrata@linux.vnet.ibm.com):
> >> Stephen,
> >>
> >> Would you like to say something about the following Patch ?
> >
> > If the motivation is to support multiple concurrent ltp runs, wouldn't
> > it be better to have selinux-testsuite/tests/runtest.sh set/export
> > SELINUXTMPDIR to a per-run tempdir? Even as simple as
> > /tmp/selinux-$pid.
>
> No, the motivation was mostly to allow running these tests directly from PAN, without any supporting scripts. The ability to run the tests concurrently is just a pleasant bonus. I chose this way, because I find the needed changes pretty small.
Yeah - seems like a good idea.
If the directories sometimes don't get deleted, then you might help out
the admin by giving the directories easy to spot names so they can
manually clean up... i.e. use mktemp -d /tmp/ltpselinuxXXXX or maybe
even better mkdir -p /tmp/ltpselinux; mktemp -d -p /tmp/ltpselinux
thanks,
-serge
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [LTP] Fwd: [PATCH] Create $SELINUXTMPDIR in each of the tests
2009-04-18 18:47 Fwd: [LTP] [PATCH] Create $SELINUXTMPDIR in each of the tests Subrata Modak
2009-04-20 1:32 ` [LTP] Fwd: " Serge E. Hallyn
@ 2009-04-29 19:07 ` Stephen Smalley
[not found] ` <op.us5xofaeu2flwt@debian>
1 sibling, 1 reply; 13+ messages in thread
From: Stephen Smalley @ 2009-04-29 19:07 UTC (permalink / raw)
To: subrata; +Cc: ltp-list, SE Linux, Jiri Palecek
On Sun, 2009-04-19 at 00:17 +0530, Subrata Modak wrote:
> Stephen,
>
> Would you like to say something about the following Patch ?
Yes, it breaks the selinux testsuite for me. Please revert.
>
> Regards--
> Subrata
>
> -------- Forwarded Message --------
> From: Jiri Palecek > <<jirka@debian.POK.IBM.COM>
> Cc: ltp-list@lists.sourceforge.net <ltp-list@lists.sourceforge.net>
> Subject: [LTP] [PATCH] Create $SELINUXTMPDIR in each of the tests
> Date: Thu, 16 Apr 2009 12:52:05 +0200
>
> Hello,
>
> while running the selinux tests, I was contemplating the way the $SELINUXTMPDIR is created. It seems to me that creating it in each test individually would allow running the tests in parallel, make some hacks needed to prevent interference of the tests unnecessary, allow the tests to be run directly from ltpmenu et al., and wouldn't add much more code. What do you think about this?
>
> PS: This patch still has issues, namely, the cleanup is denied sometimes.
>
> Regards
> Jiri Palecek
>
>
> Signed-off-by: Jiri Palecek <jpalecek@web.de>
> ---
> .../tests/bounds/selinux_bounds.sh | 7 +++----
> .../tests/capable_file/selinux_capable_file.sh | 8 +++-----
> .../tests/capable_sys/selinux_capable_sys.sh | 8 ++++----
> .../tests/entrypoint/selinux_entrypoint.sh | 7 +++----
> .../execute_no_trans/selinux_execute_no_trans.sh | 7 +++----
> .../tests/fdreceive/selinux_fdreceive.sh | 7 +++----
> .../selinux-testsuite/tests/file/selinux_file.sh | 14 ++++----------
> .../tests/inherit/selinux_inherit.sh | 8 +++-----
> .../selinux-testsuite/tests/ioctl/selinux_ioctl.sh | 5 ++++-
> .../selinux-testsuite/tests/link/selinux_link.sh | 7 +++----
> .../selinux-testsuite/tests/mkdir/selinux_mkdir.sh | 7 +++----
> .../selinux-testsuite/tests/open/selinux_open.sh | 7 +++----
> .../tests/readlink/selinux_readlink.sh | 7 +++----
> .../tests/relabel/selinux_relabel.sh | 7 +++----
> .../tests/rename/selinux_rename.sh | 7 +++----
> .../selinux-testsuite/tests/rxdir/selinux_rxdir.sh | 7 +++----
> .../tests/setattr/selinux_setattr.sh | 7 +++----
> .../selinux-testsuite/tests/stat/selinux_stat.sh | 7 +++----
> 18 files changed, 57 insertions(+), 77 deletions(-)
>
> diff --git a/testcases/kernel/security/selinux-testsuite/tests/bounds/selinux_bounds.sh b/testcases/kernel/security/selinux-testsuite/tests/bounds/selinux_bounds.sh
> index fb0876e..5a3fa06 100755
> --- a/testcases/kernel/security/selinux-testsuite/tests/bounds/selinux_bounds.sh
> +++ b/testcases/kernel/security/selinux-testsuite/tests/bounds/selinux_bounds.sh
> @@ -14,8 +14,8 @@ setup()
> export TST_COUNT=0
> export TST_TOTAL=4
>
> - # Remove any leftover test directories from prior failed runs.
> - rm -rf $SELINUXTMPDIR/bounds_file*
> + SELINUXTMPDIR=$(mktemp -d)
> + chcon -t test_file_t $SELINUXTMPDIR
>
> # Create test files
> dd if=/dev/zero of=$SELINUXTMPDIR/bounds_file count=1
> @@ -141,8 +141,7 @@ test06()
>
> cleanup()
> {
> - # Cleanup
> - rm -rf $SELINUXTMPDIR/bounds_file*
> + rm -rf $SELINUXTMPDIR
> }
>
> # Function: main
> diff --git a/testcases/kernel/security/selinux-testsuite/tests/capable_file/selinux_capable_file.sh b/testcases/kernel/security/selinux-testsuite/tests/capable_file/selinux_capable_file.sh
> index 86d89a1..f5f1040 100755
> --- a/testcases/kernel/security/selinux-testsuite/tests/capable_file/selinux_capable_file.sh
> +++ b/testcases/kernel/security/selinux-testsuite/tests/capable_file/selinux_capable_file.sh
> @@ -17,9 +17,8 @@ setup()
> export TST_COUNT=0
> export TST_TOTAL=10
>
> - # Clean up from a previous run
> - rm -f $SELINUXTMPDIR/temp_file 2>&1
> - rm -f $SELINUXTMPDIR/temp_file2 2>&1
> + SELINUXTMPDIR=$(mktemp -d)
> + chcon -t test_file_t $SELINUXTMPDIR
> }
>
> #
> @@ -233,8 +232,7 @@ test10()
>
> cleanup()
> {
> - rm -f $SELINUXTMPDIR/temp_file 2>&1
> - rm -f $SELINUXTMPDIR/temp_file2 2>&1
> + rm -rf $SELINUXTMPDIR
> }
>
> # Function: main
> diff --git a/testcases/kernel/security/selinux-testsuite/tests/capable_sys/selinux_capable_sys.sh b/testcases/kernel/security/selinux-testsuite/tests/capable_sys/selinux_capable_sys.sh
> index da880b3..1965142 100755
> --- a/testcases/kernel/security/selinux-testsuite/tests/capable_sys/selinux_capable_sys.sh
> +++ b/testcases/kernel/security/selinux-testsuite/tests/capable_sys/selinux_capable_sys.sh
> @@ -17,8 +17,8 @@ setup()
> export TST_COUNT=0
> export TST_TOTAL=8
>
> - # Clean up from a previous run
> - rm -f $SELINUXTMPDIR/temp_file 2>&1
> + SELINUXTMPDIR=$(mktemp -d)
> + chcon -t test_file_t $SELINUXTMPDIR
> }
>
> #
> @@ -195,8 +195,7 @@ test08()
>
> cleanup()
> {
> - # Remove files
> - rm -f $SELINUXTMPDIR/temp_file 2>&1
> + rm -rf $SELINUXTMPDIR
> }
>
> # Function: main
> @@ -215,6 +214,7 @@ test02 || EXIT_VAL=$RC
> test03 || EXIT_VAL=$RC
> test04 || EXIT_VAL=$RC
> cleanup
> +setup
> test05 || EXIT_VAL=$RC
> test06 || EXIT_VAL=$RC
> test07 || EXIT_VAL=$RC
> diff --git a/testcases/kernel/security/selinux-testsuite/tests/entrypoint/selinux_entrypoint.sh b/testcases/kernel/security/selinux-testsuite/tests/entrypoint/selinux_entrypoint.sh
> index 4ae880a..bd58845 100755
> --- a/testcases/kernel/security/selinux-testsuite/tests/entrypoint/selinux_entrypoint.sh
> +++ b/testcases/kernel/security/selinux-testsuite/tests/entrypoint/selinux_entrypoint.sh
> @@ -15,8 +15,8 @@ setup()
> export TST_COUNT=0
> export TST_TOTAL=2
>
> - # Clean up from a previous run
> - rm -f $SELINUXTMPDIR/true 2>&1
> + SELINUXTMPDIR=$(mktemp -d)
> + chcon -t test_file_t $SELINUXTMPDIR
> }
>
> test01()
> @@ -63,8 +63,7 @@ test02()
>
> cleanup()
> {
> - # Cleanup.
> - rm -f $SELINUXTMPDIR/true
> + rm -rf $SELINUXTMPDIR
> }
>
> # Function: main
> diff --git a/testcases/kernel/security/selinux-testsuite/tests/execute_no_trans/selinux_execute_no_trans.sh b/testcases/kernel/security/selinux-testsuite/tests/execute_no_trans/selinux_execute_no_trans.sh
> index 2c58fe1..67bfe6f 100755
> --- a/testcases/kernel/security/selinux-testsuite/tests/execute_no_trans/selinux_execute_no_trans.sh
> +++ b/testcases/kernel/security/selinux-testsuite/tests/execute_no_trans/selinux_execute_no_trans.sh
> @@ -15,8 +15,8 @@ setup()
> export TST_COUNT=0
> export TST_TOTAL=2
>
> - # Clean up from a previous run
> - rm -f $SELINUXTMPDIR/true 2>&1
> + SELINUXTMPDIR=$(mktemp -d)
> + chcon -t test_file_t $SELINUXTMPDIR
> }
>
> test01()
> @@ -66,8 +66,7 @@ test02()
>
> cleanup()
> {
> - # Cleanup.
> - rm -f $SELINUXTMPDIR/true
> + rm -rf $SELINUXTMPDIR
> }
>
> # Function: main
> diff --git a/testcases/kernel/security/selinux-testsuite/tests/fdreceive/selinux_fdreceive.sh b/testcases/kernel/security/selinux-testsuite/tests/fdreceive/selinux_fdreceive.sh
> index 4ec7f2e..76bbedd 100755
> --- a/testcases/kernel/security/selinux-testsuite/tests/fdreceive/selinux_fdreceive.sh
> +++ b/testcases/kernel/security/selinux-testsuite/tests/fdreceive/selinux_fdreceive.sh
> @@ -15,8 +15,8 @@ setup()
> export TST_COUNT=0
> export TST_TOTAL=3
>
> - # Remove any leftover test file from prior failed runs.
> - rm -rf $SELINUXTMPDIR/test_file $SELINUXTMPDIR/test_file2 $SELINUXTMPDIR/test_sock
> + SELINUXTMPDIR=$(mktemp -d)
> + chcon -t test_file_t $SELINUXTMPDIR
>
> # Create and label the test files.
> touch $SELINUXTMPDIR/test_file $SELINUXTMPDIR/test_file2
> @@ -100,8 +100,7 @@ cleanup()
> # Kill the server.
> kill -s TERM $PID
>
> - # Cleanup.
> - rm -rf $SELINUXTMPDIR/test_file $SELINUXTMPDIR/test_file2 $SELINUXTMPDIR/test_sock
> + rm -rf $SELINUXTMPDIR
> }
>
> # Function: main
> diff --git a/testcases/kernel/security/selinux-testsuite/tests/file/selinux_file.sh b/testcases/kernel/security/selinux-testsuite/tests/file/selinux_file.sh
> index 0c88e9b..71b09dd 100755
> --- a/testcases/kernel/security/selinux-testsuite/tests/file/selinux_file.sh
> +++ b/testcases/kernel/security/selinux-testsuite/tests/file/selinux_file.sh
> @@ -17,10 +17,9 @@ setup()
> export TST_COUNT=0
> export TST_TOTAL=14
>
> - # Clean up from a previous run
> - rm -f $SELINUXTMPDIR/temp_file 2>&1
> - rm -f $SELINUXTMPDIR/temp_file2 2>&1
> - rm -f $SELINUXTMPDIR/temp_file3 2>&1
> + LTPBIN=$LTPROOT/testcases/bin
> + SELINUXTMPDIR=$(mktemp -d)
> + chcon -t test_file_t $SELINUXTMPDIR
>
> #
> # Create the temp files
> @@ -361,12 +360,7 @@ test14()
>
> cleanup()
> {
> - #
> - # Delete the temp files
> - #
> - rm -f $basedir/temp_file 2>&1
> - rm -f $basedir/temp_file2 2>&1
> - rm -f $basedir/temp_file3 2>&1
> + rm -rf $SELINUXTMPDIR
> }
>
> #
> diff --git a/testcases/kernel/security/selinux-testsuite/tests/inherit/selinux_inherit.sh b/testcases/kernel/security/selinux-testsuite/tests/inherit/selinux_inherit.sh
> index 8a48185..13defc8 100755
> --- a/testcases/kernel/security/selinux-testsuite/tests/inherit/selinux_inherit.sh
> +++ b/testcases/kernel/security/selinux-testsuite/tests/inherit/selinux_inherit.sh
> @@ -15,8 +15,8 @@ setup()
> export TST_COUNT=0
> export TST_TOTAL=3
>
> - # Clean up from a previous run
> - rm -f $SELINUXTMPDIR/test_file 2>&1
> + SELINUXTMPDIR=$(mktemp -d)
> + chcon -t test_file_t $SELINUXTMPDIR
>
> # Create a test file with the test_inherit_file_t type
> # for use in the tests.
> @@ -97,9 +97,7 @@ test03()
>
> cleanup()
> {
> - # Cleanup.
> - rm -rf $SELINUXTMPDIR/test_file
> - cd $SAVEPWD
> + rm -rf $SELINUXTMPDIR
> }
>
> # Function: main
> diff --git a/testcases/kernel/security/selinux-testsuite/tests/ioctl/selinux_ioctl.sh b/testcases/kernel/security/selinux-testsuite/tests/ioctl/selinux_ioctl.sh
> index a46a8f9..61bfacd 100755
> --- a/testcases/kernel/security/selinux-testsuite/tests/ioctl/selinux_ioctl.sh
> +++ b/testcases/kernel/security/selinux-testsuite/tests/ioctl/selinux_ioctl.sh
> @@ -17,6 +17,9 @@ setup()
> export TST_COUNT=0
> export TST_TOTAL=2
>
> + SELINUXTMPDIR=$(mktemp -d)
> + chcon -t test_file_t $SELINUXTMPDIR
> +
> # Create a temporary file for testing
> rm -f $SELINUXTMPDIR/temp_file 2>&1
> touch $SELINUXTMPDIR/temp_file 2>&1
> @@ -65,7 +68,7 @@ test02()
>
> cleanup()
> {
> - rm -f $SELINUXTMPDIR/temp_file 2>&1
> + rm -rf $SELINUXTMPDIR
> }
>
> # Function: main
> diff --git a/testcases/kernel/security/selinux-testsuite/tests/link/selinux_link.sh b/testcases/kernel/security/selinux-testsuite/tests/link/selinux_link.sh
> index b78a2df..b666320 100755
> --- a/testcases/kernel/security/selinux-testsuite/tests/link/selinux_link.sh
> +++ b/testcases/kernel/security/selinux-testsuite/tests/link/selinux_link.sh
> @@ -15,8 +15,8 @@ setup()
> export TST_COUNT=0
> export TST_TOTAL=6
>
> - # Clean up from a previous run
> - rm -f $SELINUXTMPDIR/test_dir 2>&1
> + SELINUXTMPDIR=$(mktemp -d)
> + chcon -t test_file_t $SELINUXTMPDIR
>
> # Create a test directory with the test_addname_dir_t type
> # for use in the tests.
> @@ -157,8 +157,7 @@ test06()
>
> cleanup()
> {
> - # Cleanup.
> - rm -rf $SELINUXTMPDIR/test_dir
> + rm -rf $SELINUXTMPDIR
> }
>
> # Function: main
> diff --git a/testcases/kernel/security/selinux-testsuite/tests/mkdir/selinux_mkdir.sh b/testcases/kernel/security/selinux-testsuite/tests/mkdir/selinux_mkdir.sh
> index 79f1c57..a8b8eb7 100755
> --- a/testcases/kernel/security/selinux-testsuite/tests/mkdir/selinux_mkdir.sh
> +++ b/testcases/kernel/security/selinux-testsuite/tests/mkdir/selinux_mkdir.sh
> @@ -15,8 +15,8 @@ setup()
> export TST_COUNT=0
> export TST_TOTAL=5
>
> - # Remove any leftover test directory from prior failed runs.
> - rm -rf $SELINUXTMPDIR/test_dir
> + SELINUXTMPDIR=$(mktemp -d)
> + chcon -t test_file_t $SELINUXTMPDIR
>
> # Create a test directory with the test_mkdir_dir_t type
> # for use in the tests.
> @@ -129,8 +129,7 @@ test05()
>
> cleanup()
> {
> - # Cleanup.
> - rm -rf $SELINUXTMPDIR/test_dir
> + rm -rf $SELINUXTMPDIR
> }
>
> # Function: main
> diff --git a/testcases/kernel/security/selinux-testsuite/tests/open/selinux_open.sh b/testcases/kernel/security/selinux-testsuite/tests/open/selinux_open.sh
> index de7be4c..edd5922 100755
> --- a/testcases/kernel/security/selinux-testsuite/tests/open/selinux_open.sh
> +++ b/testcases/kernel/security/selinux-testsuite/tests/open/selinux_open.sh
> @@ -15,8 +15,8 @@ setup()
> export TST_COUNT=0
> export TST_TOTAL=8
>
> - # Remove any leftover test directories from prior failed runs.
> - rm -rf $SELINUXTMPDIR/test_file
> + SELINUXTMPDIR=$(mktemp -d)
> + chcon -t test_file_t $SELINUXTMPDIR
>
> # Create a test file.
> touch $SELINUXTMPDIR/test_file
> @@ -180,8 +180,7 @@ test08()
>
> cleanup()
> {
> - # Cleanup.
> - rm -rf $SELINUXTMPDIR/test_file
> + rm -rf $SELINUXTMPDIR
> }
>
> # Function: main
> diff --git a/testcases/kernel/security/selinux-testsuite/tests/readlink/selinux_readlink.sh b/testcases/kernel/security/selinux-testsuite/tests/readlink/selinux_readlink.sh
> index 2c4a885..11e6c29 100755
> --- a/testcases/kernel/security/selinux-testsuite/tests/readlink/selinux_readlink.sh
> +++ b/testcases/kernel/security/selinux-testsuite/tests/readlink/selinux_readlink.sh
> @@ -15,8 +15,8 @@ setup()
> export TST_COUNT=0
> export TST_TOTAL=3
>
> - # Remove any leftover test files from prior failed runs.
> - rm -rf $SELINUXTMPDIR/test_file $SELINUXTMPDIR/test_symlink
> + SELINUXTMPDIR=$(mktemp -d)
> + chcon -t test_file_t $SELINUXTMPDIR
>
> # Create a test file.
> touch $SELINUXTMPDIR/test_file 2>&1
> @@ -86,8 +86,7 @@ test03()
>
> cleanup()
> {
> - # Cleanup.
> - rm -rf $SELINUXTMPDIR/test_file $SELINUXTMPDIR/test_symlink
> + rm -rf $SELINUXTMPDIR
> }
>
> # Function: main
> diff --git a/testcases/kernel/security/selinux-testsuite/tests/relabel/selinux_relabel.sh b/testcases/kernel/security/selinux-testsuite/tests/relabel/selinux_relabel.sh
> index 8d8bad3..076228d 100755
> --- a/testcases/kernel/security/selinux-testsuite/tests/relabel/selinux_relabel.sh
> +++ b/testcases/kernel/security/selinux-testsuite/tests/relabel/selinux_relabel.sh
> @@ -15,8 +15,8 @@ setup()
> export TST_COUNT=0
> export TST_TOTAL=3
>
> - # Remove any leftover test file from prior failed runs.
> - rm -rf $SELINUXTMPDIR/test_file
> + SELINUXTMPDIR=$(mktemp -d)
> + chcon -t test_file_t $SELINUXTMPDIR
>
> # Create a test file with the test_relabel_oldtype_t
> # type for use in the tests.
> @@ -90,8 +90,7 @@ test03()
>
> cleanup()
> {
> - # Cleanup.
> - rm -rf $SELINUXTMPDIR/test_file
> + rm -rf $SELINUXTMPDIR
> }
>
> # Function: main
> diff --git a/testcases/kernel/security/selinux-testsuite/tests/rename/selinux_rename.sh b/testcases/kernel/security/selinux-testsuite/tests/rename/selinux_rename.sh
> index 36e2485..ca9e409 100755
> --- a/testcases/kernel/security/selinux-testsuite/tests/rename/selinux_rename.sh
> +++ b/testcases/kernel/security/selinux-testsuite/tests/rename/selinux_rename.sh
> @@ -15,8 +15,8 @@ setup()
> export TST_COUNT=0
> export TST_TOTAL=9
>
> - # Remove any leftover test directories from prior failed runs.
> - rm -rf $SELINUXTMPDIR/src_dir $SELINUXTMPDIR/dst_dir
> + SELINUXTMPDIR=$(mktemp -d)
> + chcon -t test_file_t $SELINUXTMPDIR
>
> # Create the source and destination test directories for the rename.
> mkdir --context=system_u:object_r:test_rename_src_dir_t $SELINUXTMPDIR/src_dir 2>&1
> @@ -231,8 +231,7 @@ test09()
>
> cleanup()
> {
> - # Cleanup.
> - rm -rf $SELINUXTMPDIR/src_dir $SELINUXTMPDIR/dst_dir
> + rm -rf $SELINUXTMPDIR
> }
>
> # Function: main
> diff --git a/testcases/kernel/security/selinux-testsuite/tests/rxdir/selinux_rxdir.sh b/testcases/kernel/security/selinux-testsuite/tests/rxdir/selinux_rxdir.sh
> index 82c335e..7d836ce 100755
> --- a/testcases/kernel/security/selinux-testsuite/tests/rxdir/selinux_rxdir.sh
> +++ b/testcases/kernel/security/selinux-testsuite/tests/rxdir/selinux_rxdir.sh
> @@ -15,8 +15,8 @@ setup()
> export TST_COUNT=0
> export TST_TOTAL=4
>
> - # Remove any leftover test directory from prior failed runs.
> - rm -rf $SELINUXTMPDIR/test_dir
> + SELINUXTMPDIR=$(mktemp -d)
> + chcon -t test_file_t $SELINUXTMPDIR
>
> # Create a test dir with the test_rxdir_dir_t type
> # for use in the tests.
> @@ -102,8 +102,7 @@ test04()
>
> cleanup()
> {
> - # Cleanup.
> - rm -rf $SELINUXTMPDIR/test_dir
> + rm -rf $SELINUXTMPDIR
> }
>
> # Function: main
> diff --git a/testcases/kernel/security/selinux-testsuite/tests/setattr/selinux_setattr.sh b/testcases/kernel/security/selinux-testsuite/tests/setattr/selinux_setattr.sh
> index dd30179..2ab6070 100755
> --- a/testcases/kernel/security/selinux-testsuite/tests/setattr/selinux_setattr.sh
> +++ b/testcases/kernel/security/selinux-testsuite/tests/setattr/selinux_setattr.sh
> @@ -15,8 +15,8 @@ setup()
> export TST_COUNT=0
> export TST_TOTAL=4
>
> - # Remove any leftover test file from prior failed runs.
> - rm -rf $SELINUXTMPDIR/test_file
> + SELINUXTMPDIR=$(mktemp -d)
> + chcon -t test_file_t $SELINUXTMPDIR
>
> # Create a test file with the test_setattr_file_t type
> # for use in the tests.
> @@ -100,8 +100,7 @@ test04()
>
> cleanup()
> {
> - # Cleanup.
> - rm -rf $SELINUXTMPDIR/test_file
> + rm -rf $SELINUXTMPDIR
> }
>
> # Function: main
> diff --git a/testcases/kernel/security/selinux-testsuite/tests/stat/selinux_stat.sh b/testcases/kernel/security/selinux-testsuite/tests/stat/selinux_stat.sh
> index 98ed91f..3a13122 100755
> --- a/testcases/kernel/security/selinux-testsuite/tests/stat/selinux_stat.sh
> +++ b/testcases/kernel/security/selinux-testsuite/tests/stat/selinux_stat.sh
> @@ -15,8 +15,8 @@ setup()
> export TST_COUNT=0
> export TST_TOTAL=2
>
> - # Remove any leftover test file from prior failed runs.
> - rm -rf $SELINUXTMPDIR/test_file
> + SELINUXTMPDIR=$(mktemp -d)
> + chcon -t test_file_t $SELINUXTMPDIR
>
> # Create a test file with the test_stat_file_t type
> # for use in the tests.
> @@ -64,8 +64,7 @@ test02()
>
> cleanup()
> {
> - # Cleanup.
> - rm -rf $SELINUXTMPDIR/test_file
> + rm -rf $SELINUXTMPDIR
> }
>
> # Function: main
>
>
> ------------------------------------------------------------------------------
> Stay on top of everything new and different, both inside and
> around Java (TM) technology - register by April 22, and save
> $200 on the JavaOne (SM) conference, June 2-5, 2009, San Francisco.
> 300 plus technical and hands-on sessions. Register today.
> Use priority code J9JMT32. http://p.sf.net/sfu/p
> _______________________________________________
> Ltp-list mailing list
> Ltp-list@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/ltp-list
--
Stephen Smalley
National Security Agency
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [LTP] Fwd: [PATCH] Create $SELINUXTMPDIR in each of the tests
[not found] ` <op.us5xofaeu2flwt@debian>
@ 2009-04-29 19:40 ` Stephen Smalley
2009-04-29 19:52 ` Stephen Smalley
[not found] ` <op.us51ezmiu2flwt@debian>
0 siblings, 2 replies; 13+ messages in thread
From: Stephen Smalley @ 2009-04-29 19:40 UTC (permalink / raw)
To: Jiří Paleček; +Cc: subrata, ltp-list, SE Linux
On Wed, 2009-04-29 at 21:27 +0200, Jiří Paleček wrote:
> On Wed, 29 Apr 2009 21:07:38 +0200, Stephen Smalley <sds@tycho.nsa.gov>
> wrote:
>
> > On Sun, 2009-04-19 at 00:17 +0530, Subrata Modak wrote:
> >> Stephen,
> >>
> >> Would you like to say something about the following Patch ?
> >
> > Yes, it breaks the selinux testsuite for me. Please revert.
>
> How exactly does it break it?
Running it via test_selinux.sh was generating errors like:
cd: /testcases/bin: No such file or directory
in selinux.outfile, producing a couple bogus FAILs.
After backing out your setcurrent change and your SELINUXTMPDIR changes
and Chris' patch and running it via test_selinux.sh, I'm down to 6
remaining FAILs, likely due to further tightening of refpolicy since we
last updated the test policy. I'll have to go through them one by one
and examine the exact denials and error messages.
>
> >>
> >> -------- Forwarded Message --------
> >> From: Jiri Palecek > <<jirka@debian.POK.IBM.COM>
> >> Cc: ltp-list@lists.sourceforge.net <ltp-list@lists.sourceforge.net>
> >> Subject: [LTP] [PATCH] Create $SELINUXTMPDIR in each of the tests
> >> Date: Thu, 16 Apr 2009 12:52:05 +0200
> >>
> >> Hello,
> >>
> >> while running the selinux tests, I was contemplating the way the
> >> $SELINUXTMPDIR is created. It seems to me that creating it in each test
> >> individually would allow running the tests in parallel, make some hacks
> >> needed to prevent interference of the tests unnecessary, allow the
> >> tests to be run directly from ltpmenu et al., and wouldn't add much
> >> more code. What do you think about this?
> >>
> >> PS: This patch still has issues, namely, the cleanup is denied
> >> sometimes.
> >>
> >> Regards
> >> Jiri Palecek
> >>
> >>
> >> Signed-off-by: Jiri Palecek <jpalecek@web.de>
> >> ---
> >> .../tests/bounds/selinux_bounds.sh | 7 +++----
> >> .../tests/capable_file/selinux_capable_file.sh | 8 +++-----
> >> .../tests/capable_sys/selinux_capable_sys.sh | 8 ++++----
> >> .../tests/entrypoint/selinux_entrypoint.sh | 7 +++----
> >> .../execute_no_trans/selinux_execute_no_trans.sh | 7 +++----
> >> .../tests/fdreceive/selinux_fdreceive.sh | 7 +++----
> >> .../selinux-testsuite/tests/file/selinux_file.sh | 14
> >> ++++----------
> >> .../tests/inherit/selinux_inherit.sh | 8 +++-----
> >> .../selinux-testsuite/tests/ioctl/selinux_ioctl.sh | 5 ++++-
> >> .../selinux-testsuite/tests/link/selinux_link.sh | 7 +++----
> >> .../selinux-testsuite/tests/mkdir/selinux_mkdir.sh | 7 +++----
> >> .../selinux-testsuite/tests/open/selinux_open.sh | 7 +++----
> >> .../tests/readlink/selinux_readlink.sh | 7 +++----
> >> .../tests/relabel/selinux_relabel.sh | 7 +++----
> >> .../tests/rename/selinux_rename.sh | 7 +++----
> >> .../selinux-testsuite/tests/rxdir/selinux_rxdir.sh | 7 +++----
> >> .../tests/setattr/selinux_setattr.sh | 7 +++----
> >> .../selinux-testsuite/tests/stat/selinux_stat.sh | 7 +++----
> >> 18 files changed, 57 insertions(+), 77 deletions(-)
> >>
> >> diff --git
> >> a/testcases/kernel/security/selinux-testsuite/tests/bounds/selinux_bounds.sh
> >> b/testcases/kernel/security/selinux-testsuite/tests/bounds/selinux_bounds.sh
> >> index fb0876e..5a3fa06 100755
> >> ---
> >> a/testcases/kernel/security/selinux-testsuite/tests/bounds/selinux_bounds.sh
> >> +++
> >> b/testcases/kernel/security/selinux-testsuite/tests/bounds/selinux_bounds.sh
> >> @@ -14,8 +14,8 @@ setup()
> >> export TST_COUNT=0
> >> export TST_TOTAL=4
> >>
> >> - # Remove any leftover test directories from prior failed runs.
> >> - rm -rf $SELINUXTMPDIR/bounds_file*
> >> + SELINUXTMPDIR=$(mktemp -d)
> >> + chcon -t test_file_t $SELINUXTMPDIR
> >>
> >> # Create test files
> >> dd if=/dev/zero of=$SELINUXTMPDIR/bounds_file count=1
> >> @@ -141,8 +141,7 @@ test06()
> >>
> >> cleanup()
> >> {
> >> - # Cleanup
> >> - rm -rf $SELINUXTMPDIR/bounds_file*
> >> + rm -rf $SELINUXTMPDIR
> >> }
> >>
> >> # Function: main
> >> diff --git
> >> a/testcases/kernel/security/selinux-testsuite/tests/capable_file/selinux_capable_file.sh
> >> b/testcases/kernel/security/selinux-testsuite/tests/capable_file/selinux_capable_file.sh
> >> index 86d89a1..f5f1040 100755
> >> ---
> >> a/testcases/kernel/security/selinux-testsuite/tests/capable_file/selinux_capable_file.sh
> >> +++
> >> b/testcases/kernel/security/selinux-testsuite/tests/capable_file/selinux_capable_file.sh
> >> @@ -17,9 +17,8 @@ setup()
> >> export TST_COUNT=0
> >> export TST_TOTAL=10
> >>
> >> - # Clean up from a previous run
> >> - rm -f $SELINUXTMPDIR/temp_file 2>&1
> >> - rm -f $SELINUXTMPDIR/temp_file2 2>&1
> >> + SELINUXTMPDIR=$(mktemp -d)
> >> + chcon -t test_file_t $SELINUXTMPDIR
> >> }
> >>
> >> #
> >> @@ -233,8 +232,7 @@ test10()
> >>
> >> cleanup()
> >> {
> >> - rm -f $SELINUXTMPDIR/temp_file 2>&1
> >> - rm -f $SELINUXTMPDIR/temp_file2 2>&1
> >> + rm -rf $SELINUXTMPDIR
> >> }
> >>
> >> # Function: main
> >> diff --git
> >> a/testcases/kernel/security/selinux-testsuite/tests/capable_sys/selinux_capable_sys.sh
> >> b/testcases/kernel/security/selinux-testsuite/tests/capable_sys/selinux_capable_sys.sh
> >> index da880b3..1965142 100755
> >> ---
> >> a/testcases/kernel/security/selinux-testsuite/tests/capable_sys/selinux_capable_sys.sh
> >> +++
> >> b/testcases/kernel/security/selinux-testsuite/tests/capable_sys/selinux_capable_sys.sh
> >> @@ -17,8 +17,8 @@ setup()
> >> export TST_COUNT=0
> >> export TST_TOTAL=8
> >>
> >> - # Clean up from a previous run
> >> - rm -f $SELINUXTMPDIR/temp_file 2>&1
> >> + SELINUXTMPDIR=$(mktemp -d)
> >> + chcon -t test_file_t $SELINUXTMPDIR
> >> }
> >>
> >> #
> >> @@ -195,8 +195,7 @@ test08()
> >>
> >> cleanup()
> >> {
> >> - # Remove files
> >> - rm -f $SELINUXTMPDIR/temp_file 2>&1
> >> + rm -rf $SELINUXTMPDIR
> >> }
> >>
> >> # Function: main
> >> @@ -215,6 +214,7 @@ test02 || EXIT_VAL=$RC
> >> test03 || EXIT_VAL=$RC
> >> test04 || EXIT_VAL=$RC
> >> cleanup
> >> +setup
> >> test05 || EXIT_VAL=$RC
> >> test06 || EXIT_VAL=$RC
> >> test07 || EXIT_VAL=$RC
> >> diff --git
> >> a/testcases/kernel/security/selinux-testsuite/tests/entrypoint/selinux_entrypoint.sh
> >> b/testcases/kernel/security/selinux-testsuite/tests/entrypoint/selinux_entrypoint.sh
> >> index 4ae880a..bd58845 100755
> >> ---
> >> a/testcases/kernel/security/selinux-testsuite/tests/entrypoint/selinux_entrypoint.sh
> >> +++
> >> b/testcases/kernel/security/selinux-testsuite/tests/entrypoint/selinux_entrypoint.sh
> >> @@ -15,8 +15,8 @@ setup()
> >> export TST_COUNT=0
> >> export TST_TOTAL=2
> >>
> >> - # Clean up from a previous run
> >> - rm -f $SELINUXTMPDIR/true 2>&1
> >> + SELINUXTMPDIR=$(mktemp -d)
> >> + chcon -t test_file_t $SELINUXTMPDIR
> >> }
> >>
> >> test01()
> >> @@ -63,8 +63,7 @@ test02()
> >>
> >> cleanup()
> >> {
> >> - # Cleanup.
> >> - rm -f $SELINUXTMPDIR/true
> >> + rm -rf $SELINUXTMPDIR
> >> }
> >>
> >> # Function: main
> >> diff --git
> >> a/testcases/kernel/security/selinux-testsuite/tests/execute_no_trans/selinux_execute_no_trans.sh
> >> b/testcases/kernel/security/selinux-testsuite/tests/execute_no_trans/selinux_execute_no_trans.sh
> >> index 2c58fe1..67bfe6f 100755
> >> ---
> >> a/testcases/kernel/security/selinux-testsuite/tests/execute_no_trans/selinux_execute_no_trans.sh
> >> +++
> >> b/testcases/kernel/security/selinux-testsuite/tests/execute_no_trans/selinux_execute_no_trans.sh
> >> @@ -15,8 +15,8 @@ setup()
> >> export TST_COUNT=0
> >> export TST_TOTAL=2
> >>
> >> - # Clean up from a previous run
> >> - rm -f $SELINUXTMPDIR/true 2>&1
> >> + SELINUXTMPDIR=$(mktemp -d)
> >> + chcon -t test_file_t $SELINUXTMPDIR
> >> }
> >>
> >> test01()
> >> @@ -66,8 +66,7 @@ test02()
> >>
> >> cleanup()
> >> {
> >> - # Cleanup.
> >> - rm -f $SELINUXTMPDIR/true
> >> + rm -rf $SELINUXTMPDIR
> >> }
> >>
> >> # Function: main
> >> diff --git
> >> a/testcases/kernel/security/selinux-testsuite/tests/fdreceive/selinux_fdreceive.sh
> >> b/testcases/kernel/security/selinux-testsuite/tests/fdreceive/selinux_fdreceive.sh
> >> index 4ec7f2e..76bbedd 100755
> >> ---
> >> a/testcases/kernel/security/selinux-testsuite/tests/fdreceive/selinux_fdreceive.sh
> >> +++
> >> b/testcases/kernel/security/selinux-testsuite/tests/fdreceive/selinux_fdreceive.sh
> >> @@ -15,8 +15,8 @@ setup()
> >> export TST_COUNT=0
> >> export TST_TOTAL=3
> >>
> >> - # Remove any leftover test file from prior failed runs.
> >> - rm -rf $SELINUXTMPDIR/test_file $SELINUXTMPDIR/test_file2
> >> $SELINUXTMPDIR/test_sock
> >> + SELINUXTMPDIR=$(mktemp -d)
> >> + chcon -t test_file_t $SELINUXTMPDIR
> >>
> >> # Create and label the test files.
> >> touch $SELINUXTMPDIR/test_file $SELINUXTMPDIR/test_file2
> >> @@ -100,8 +100,7 @@ cleanup()
> >> # Kill the server.
> >> kill -s TERM $PID
> >>
> >> - # Cleanup.
> >> - rm -rf $SELINUXTMPDIR/test_file $SELINUXTMPDIR/test_file2
> >> $SELINUXTMPDIR/test_sock
> >> + rm -rf $SELINUXTMPDIR
> >> }
> >>
> >> # Function: main
> >> diff --git
> >> a/testcases/kernel/security/selinux-testsuite/tests/file/selinux_file.sh
> >> b/testcases/kernel/security/selinux-testsuite/tests/file/selinux_file.sh
> >> index 0c88e9b..71b09dd 100755
> >> ---
> >> a/testcases/kernel/security/selinux-testsuite/tests/file/selinux_file.sh
> >> +++
> >> b/testcases/kernel/security/selinux-testsuite/tests/file/selinux_file.sh
> >> @@ -17,10 +17,9 @@ setup()
> >> export TST_COUNT=0
> >> export TST_TOTAL=14
> >>
> >> - # Clean up from a previous run
> >> - rm -f $SELINUXTMPDIR/temp_file 2>&1
> >> - rm -f $SELINUXTMPDIR/temp_file2 2>&1
> >> - rm -f $SELINUXTMPDIR/temp_file3 2>&1
> >> + LTPBIN=$LTPROOT/testcases/bin
> >> + SELINUXTMPDIR=$(mktemp -d)
> >> + chcon -t test_file_t $SELINUXTMPDIR
> >>
> >> #
> >> # Create the temp files
> >> @@ -361,12 +360,7 @@ test14()
> >>
> >> cleanup()
> >> {
> >> - #
> >> - # Delete the temp files
> >> - #
> >> - rm -f $basedir/temp_file 2>&1
> >> - rm -f $basedir/temp_file2 2>&1
> >> - rm -f $basedir/temp_file3 2>&1
> >> + rm -rf $SELINUXTMPDIR
> >> }
> >>
> >> #
> >> diff --git
> >> a/testcases/kernel/security/selinux-testsuite/tests/inherit/selinux_inherit.sh
> >> b/testcases/kernel/security/selinux-testsuite/tests/inherit/selinux_inherit.sh
> >> index 8a48185..13defc8 100755
> >> ---
> >> a/testcases/kernel/security/selinux-testsuite/tests/inherit/selinux_inherit.sh
> >> +++
> >> b/testcases/kernel/security/selinux-testsuite/tests/inherit/selinux_inherit.sh
> >> @@ -15,8 +15,8 @@ setup()
> >> export TST_COUNT=0
> >> export TST_TOTAL=3
> >>
> >> - # Clean up from a previous run
> >> - rm -f $SELINUXTMPDIR/test_file 2>&1
> >> + SELINUXTMPDIR=$(mktemp -d)
> >> + chcon -t test_file_t $SELINUXTMPDIR
> >>
> >> # Create a test file with the test_inherit_file_t type
> >> # for use in the tests.
> >> @@ -97,9 +97,7 @@ test03()
> >>
> >> cleanup()
> >> {
> >> - # Cleanup.
> >> - rm -rf $SELINUXTMPDIR/test_file
> >> - cd $SAVEPWD
> >> + rm -rf $SELINUXTMPDIR
> >> }
> >>
> >> # Function: main
> >> diff --git
> >> a/testcases/kernel/security/selinux-testsuite/tests/ioctl/selinux_ioctl.sh
> >> b/testcases/kernel/security/selinux-testsuite/tests/ioctl/selinux_ioctl.sh
> >> index a46a8f9..61bfacd 100755
> >> ---
> >> a/testcases/kernel/security/selinux-testsuite/tests/ioctl/selinux_ioctl.sh
> >> +++
> >> b/testcases/kernel/security/selinux-testsuite/tests/ioctl/selinux_ioctl.sh
> >> @@ -17,6 +17,9 @@ setup()
> >> export TST_COUNT=0
> >> export TST_TOTAL=2
> >>
> >> + SELINUXTMPDIR=$(mktemp -d)
> >> + chcon -t test_file_t $SELINUXTMPDIR
> >> +
> >> # Create a temporary file for testing
> >> rm -f $SELINUXTMPDIR/temp_file 2>&1
> >> touch $SELINUXTMPDIR/temp_file 2>&1
> >> @@ -65,7 +68,7 @@ test02()
> >>
> >> cleanup()
> >> {
> >> - rm -f $SELINUXTMPDIR/temp_file 2>&1
> >> + rm -rf $SELINUXTMPDIR
> >> }
> >>
> >> # Function: main
> >> diff --git
> >> a/testcases/kernel/security/selinux-testsuite/tests/link/selinux_link.sh
> >> b/testcases/kernel/security/selinux-testsuite/tests/link/selinux_link.sh
> >> index b78a2df..b666320 100755
> >> ---
> >> a/testcases/kernel/security/selinux-testsuite/tests/link/selinux_link.sh
> >> +++
> >> b/testcases/kernel/security/selinux-testsuite/tests/link/selinux_link.sh
> >> @@ -15,8 +15,8 @@ setup()
> >> export TST_COUNT=0
> >> export TST_TOTAL=6
> >>
> >> - # Clean up from a previous run
> >> - rm -f $SELINUXTMPDIR/test_dir 2>&1
> >> + SELINUXTMPDIR=$(mktemp -d)
> >> + chcon -t test_file_t $SELINUXTMPDIR
> >>
> >> # Create a test directory with the test_addname_dir_t type
> >> # for use in the tests.
> >> @@ -157,8 +157,7 @@ test06()
> >>
> >> cleanup()
> >> {
> >> - # Cleanup.
> >> - rm -rf $SELINUXTMPDIR/test_dir
> >> + rm -rf $SELINUXTMPDIR
> >> }
> >>
> >> # Function: main
> >> diff --git
> >> a/testcases/kernel/security/selinux-testsuite/tests/mkdir/selinux_mkdir.sh
> >> b/testcases/kernel/security/selinux-testsuite/tests/mkdir/selinux_mkdir.sh
> >> index 79f1c57..a8b8eb7 100755
> >> ---
> >> a/testcases/kernel/security/selinux-testsuite/tests/mkdir/selinux_mkdir.sh
> >> +++
> >> b/testcases/kernel/security/selinux-testsuite/tests/mkdir/selinux_mkdir.sh
> >> @@ -15,8 +15,8 @@ setup()
> >> export TST_COUNT=0
> >> export TST_TOTAL=5
> >>
> >> - # Remove any leftover test directory from prior failed runs.
> >> - rm -rf $SELINUXTMPDIR/test_dir
> >> + SELINUXTMPDIR=$(mktemp -d)
> >> + chcon -t test_file_t $SELINUXTMPDIR
> >>
> >> # Create a test directory with the test_mkdir_dir_t type
> >> # for use in the tests.
> >> @@ -129,8 +129,7 @@ test05()
> >>
> >> cleanup()
> >> {
> >> - # Cleanup.
> >> - rm -rf $SELINUXTMPDIR/test_dir
> >> + rm -rf $SELINUXTMPDIR
> >> }
> >>
> >> # Function: main
> >> diff --git
> >> a/testcases/kernel/security/selinux-testsuite/tests/open/selinux_open.sh
> >> b/testcases/kernel/security/selinux-testsuite/tests/open/selinux_open.sh
> >> index de7be4c..edd5922 100755
> >> ---
> >> a/testcases/kernel/security/selinux-testsuite/tests/open/selinux_open.sh
> >> +++
> >> b/testcases/kernel/security/selinux-testsuite/tests/open/selinux_open.sh
> >> @@ -15,8 +15,8 @@ setup()
> >> export TST_COUNT=0
> >> export TST_TOTAL=8
> >>
> >> - # Remove any leftover test directories from prior failed runs.
> >> - rm -rf $SELINUXTMPDIR/test_file
> >> + SELINUXTMPDIR=$(mktemp -d)
> >> + chcon -t test_file_t $SELINUXTMPDIR
> >>
> >> # Create a test file.
> >> touch $SELINUXTMPDIR/test_file
> >> @@ -180,8 +180,7 @@ test08()
> >>
> >> cleanup()
> >> {
> >> - # Cleanup.
> >> - rm -rf $SELINUXTMPDIR/test_file
> >> + rm -rf $SELINUXTMPDIR
> >> }
> >>
> >> # Function: main
> >> diff --git
> >> a/testcases/kernel/security/selinux-testsuite/tests/readlink/selinux_readlink.sh
> >> b/testcases/kernel/security/selinux-testsuite/tests/readlink/selinux_readlink.sh
> >> index 2c4a885..11e6c29 100755
> >> ---
> >> a/testcases/kernel/security/selinux-testsuite/tests/readlink/selinux_readlink.sh
> >> +++
> >> b/testcases/kernel/security/selinux-testsuite/tests/readlink/selinux_readlink.sh
> >> @@ -15,8 +15,8 @@ setup()
> >> export TST_COUNT=0
> >> export TST_TOTAL=3
> >>
> >> - # Remove any leftover test files from prior failed runs.
> >> - rm -rf $SELINUXTMPDIR/test_file $SELINUXTMPDIR/test_symlink
> >> + SELINUXTMPDIR=$(mktemp -d)
> >> + chcon -t test_file_t $SELINUXTMPDIR
> >>
> >> # Create a test file.
> >> touch $SELINUXTMPDIR/test_file 2>&1
> >> @@ -86,8 +86,7 @@ test03()
> >>
> >> cleanup()
> >> {
> >> - # Cleanup.
> >> - rm -rf $SELINUXTMPDIR/test_file $SELINUXTMPDIR/test_symlink
> >> + rm -rf $SELINUXTMPDIR
> >> }
> >>
> >> # Function: main
> >> diff --git
> >> a/testcases/kernel/security/selinux-testsuite/tests/relabel/selinux_relabel.sh
> >> b/testcases/kernel/security/selinux-testsuite/tests/relabel/selinux_relabel.sh
> >> index 8d8bad3..076228d 100755
> >> ---
> >> a/testcases/kernel/security/selinux-testsuite/tests/relabel/selinux_relabel.sh
> >> +++
> >> b/testcases/kernel/security/selinux-testsuite/tests/relabel/selinux_relabel.sh
> >> @@ -15,8 +15,8 @@ setup()
> >> export TST_COUNT=0
> >> export TST_TOTAL=3
> >>
> >> - # Remove any leftover test file from prior failed runs.
> >> - rm -rf $SELINUXTMPDIR/test_file
> >> + SELINUXTMPDIR=$(mktemp -d)
> >> + chcon -t test_file_t $SELINUXTMPDIR
> >>
> >> # Create a test file with the test_relabel_oldtype_t
> >> # type for use in the tests.
> >> @@ -90,8 +90,7 @@ test03()
> >>
> >> cleanup()
> >> {
> >> - # Cleanup.
> >> - rm -rf $SELINUXTMPDIR/test_file
> >> + rm -rf $SELINUXTMPDIR
> >> }
> >>
> >> # Function: main
> >> diff --git
> >> a/testcases/kernel/security/selinux-testsuite/tests/rename/selinux_rename.sh
> >> b/testcases/kernel/security/selinux-testsuite/tests/rename/selinux_rename.sh
> >> index 36e2485..ca9e409 100755
> >> ---
> >> a/testcases/kernel/security/selinux-testsuite/tests/rename/selinux_rename.sh
> >> +++
> >> b/testcases/kernel/security/selinux-testsuite/tests/rename/selinux_rename.sh
> >> @@ -15,8 +15,8 @@ setup()
> >> export TST_COUNT=0
> >> export TST_TOTAL=9
> >>
> >> - # Remove any leftover test directories from prior failed runs.
> >> - rm -rf $SELINUXTMPDIR/src_dir $SELINUXTMPDIR/dst_dir
> >> + SELINUXTMPDIR=$(mktemp -d)
> >> + chcon -t test_file_t $SELINUXTMPDIR
> >>
> >> # Create the source and destination test directories for the rename.
> >> mkdir --context=system_u:object_r:test_rename_src_dir_t
> >> $SELINUXTMPDIR/src_dir 2>&1
> >> @@ -231,8 +231,7 @@ test09()
> >>
> >> cleanup()
> >> {
> >> - # Cleanup.
> >> - rm -rf $SELINUXTMPDIR/src_dir $SELINUXTMPDIR/dst_dir
> >> + rm -rf $SELINUXTMPDIR
> >> }
> >>
> >> # Function: main
> >> diff --git
> >> a/testcases/kernel/security/selinux-testsuite/tests/rxdir/selinux_rxdir.sh
> >> b/testcases/kernel/security/selinux-testsuite/tests/rxdir/selinux_rxdir.sh
> >> index 82c335e..7d836ce 100755
> >> ---
> >> a/testcases/kernel/security/selinux-testsuite/tests/rxdir/selinux_rxdir.sh
> >> +++
> >> b/testcases/kernel/security/selinux-testsuite/tests/rxdir/selinux_rxdir.sh
> >> @@ -15,8 +15,8 @@ setup()
> >> export TST_COUNT=0
> >> export TST_TOTAL=4
> >>
> >> - # Remove any leftover test directory from prior failed runs.
> >> - rm -rf $SELINUXTMPDIR/test_dir
> >> + SELINUXTMPDIR=$(mktemp -d)
> >> + chcon -t test_file_t $SELINUXTMPDIR
> >>
> >> # Create a test dir with the test_rxdir_dir_t type
> >> # for use in the tests.
> >> @@ -102,8 +102,7 @@ test04()
> >>
> >> cleanup()
> >> {
> >> - # Cleanup.
> >> - rm -rf $SELINUXTMPDIR/test_dir
> >> + rm -rf $SELINUXTMPDIR
> >> }
> >>
> >> # Function: main
> >> diff --git
> >> a/testcases/kernel/security/selinux-testsuite/tests/setattr/selinux_setattr.sh
> >> b/testcases/kernel/security/selinux-testsuite/tests/setattr/selinux_setattr.sh
> >> index dd30179..2ab6070 100755
> >> ---
> >> a/testcases/kernel/security/selinux-testsuite/tests/setattr/selinux_setattr.sh
> >> +++
> >> b/testcases/kernel/security/selinux-testsuite/tests/setattr/selinux_setattr.sh
> >> @@ -15,8 +15,8 @@ setup()
> >> export TST_COUNT=0
> >> export TST_TOTAL=4
> >>
> >> - # Remove any leftover test file from prior failed runs.
> >> - rm -rf $SELINUXTMPDIR/test_file
> >> + SELINUXTMPDIR=$(mktemp -d)
> >> + chcon -t test_file_t $SELINUXTMPDIR
> >>
> >> # Create a test file with the test_setattr_file_t type
> >> # for use in the tests.
> >> @@ -100,8 +100,7 @@ test04()
> >>
> >> cleanup()
> >> {
> >> - # Cleanup.
> >> - rm -rf $SELINUXTMPDIR/test_file
> >> + rm -rf $SELINUXTMPDIR
> >> }
> >>
> >> # Function: main
> >> diff --git
> >> a/testcases/kernel/security/selinux-testsuite/tests/stat/selinux_stat.sh
> >> b/testcases/kernel/security/selinux-testsuite/tests/stat/selinux_stat.sh
> >> index 98ed91f..3a13122 100755
> >> ---
> >> a/testcases/kernel/security/selinux-testsuite/tests/stat/selinux_stat.sh
> >> +++
> >> b/testcases/kernel/security/selinux-testsuite/tests/stat/selinux_stat.sh
> >> @@ -15,8 +15,8 @@ setup()
> >> export TST_COUNT=0
> >> export TST_TOTAL=2
> >>
> >> - # Remove any leftover test file from prior failed runs.
> >> - rm -rf $SELINUXTMPDIR/test_file
> >> + SELINUXTMPDIR=$(mktemp -d)
> >> + chcon -t test_file_t $SELINUXTMPDIR
> >>
> >> # Create a test file with the test_stat_file_t type
> >> # for use in the tests.
> >> @@ -64,8 +64,7 @@ test02()
> >>
> >> cleanup()
> >> {
> >> - # Cleanup.
> >> - rm -rf $SELINUXTMPDIR/test_file
> >> + rm -rf $SELINUXTMPDIR
> >> }
> >>
> >> # Function: main
> >>
> >>
> >> ------------------------------------------------------------------------------
> >> Stay on top of everything new and different, both inside and
> >> around Java (TM) technology - register by April 22, and save
> >> $200 on the JavaOne (SM) conference, June 2-5, 2009, San Francisco.
> >> 300 plus technical and hands-on sessions. Register today.
> >> Use priority code J9JMT32. http://p.sf.net/sfu/p
> >> _______________________________________________
> >> Ltp-list mailing list
> >> Ltp-list@lists.sourceforge.net
> >> https://lists.sourceforge.net/lists/listinfo/ltp-list
>
>
>
--
Stephen Smalley
National Security Agency
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [LTP] Fwd: [PATCH] Create $SELINUXTMPDIR in each of the tests
2009-04-29 19:40 ` Stephen Smalley
@ 2009-04-29 19:52 ` Stephen Smalley
[not found] ` <op.us51ezmiu2flwt@debian>
1 sibling, 0 replies; 13+ messages in thread
From: Stephen Smalley @ 2009-04-29 19:52 UTC (permalink / raw)
To: Jiří Paleček; +Cc: subrata, ltp-list, SE Linux
On Wed, 2009-04-29 at 15:40 -0400, Stephen Smalley wrote:
> On Wed, 2009-04-29 at 21:27 +0200, Jiří Paleček wrote:
> > On Wed, 29 Apr 2009 21:07:38 +0200, Stephen Smalley <sds@tycho.nsa.gov>
> > wrote:
> >
> > > On Sun, 2009-04-19 at 00:17 +0530, Subrata Modak wrote:
> > >> Stephen,
> > >>
> > >> Would you like to say something about the following Patch ?
> > >
> > > Yes, it breaks the selinux testsuite for me. Please revert.
> >
> > How exactly does it break it?
>
> Running it via test_selinux.sh was generating errors like:
> cd: /testcases/bin: No such file or directory
> in selinux.outfile, producing a couple bogus FAILs.
>
> After backing out your setcurrent change and your SELINUXTMPDIR changes
> and Chris' patch and running it via test_selinux.sh, I'm down to 6
> remaining FAILs, likely due to further tightening of refpolicy since we
> last updated the test policy. I'll have to go through them one by one
> and examine the exact denials and error messages.
Ah, 5 of the 6 were just due to not running mcstransd. Need to
eliminate that as a dependency.
Last FAIL is ioctl, and that one is expected - kernel ioctl checking
changed and no one rewrote the test yet.
--
Stephen Smalley
National Security Agency
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [LTP] Fwd: [PATCH] Create $SELINUXTMPDIR in each of the tests
[not found] ` <op.us51ezmiu2flwt@debian>
@ 2009-04-30 12:45 ` Stephen Smalley
2009-05-11 6:44 ` Subrata Modak
2009-04-30 15:20 ` [PATCH] Fix MLS handling in selinux tests Stephen Smalley
[not found] ` <1241087321.5983.12.camel@subratamodak.linux.ibm.com>
2 siblings, 1 reply; 13+ messages in thread
From: Stephen Smalley @ 2009-04-30 12:45 UTC (permalink / raw)
To: Jiří Paleček; +Cc: subrata, ltp-list, SE Linux
On Wed, 2009-04-29 at 22:48 +0200, Jiří Paleček wrote:
> On Wed, 29 Apr 2009 21:40:01 +0200, Stephen Smalley <sds@tycho.nsa.gov>
> wrote:
>
> > On Wed, 2009-04-29 at 21:27 +0200, Jiří Paleček wrote:
> >> On Wed, 29 Apr 2009 21:07:38 +0200, Stephen Smalley <sds@tycho.nsa.gov>
> >> wrote:
> >>
> >> > On Sun, 2009-04-19 at 00:17 +0530, Subrata Modak wrote:
> >> >> Stephen,
> >> >>
> >> >> Would you like to say something about the following Patch ?
> >> >
> >> > Yes, it breaks the selinux testsuite for me. Please revert.
> >>
> >> How exactly does it break it?
> >
> > Running it via test_selinux.sh was generating errors like:
> > cd: /testcases/bin: No such file or directory
> > in selinux.outfile, producing a couple bogus FAILs.
>
> This is probably caused by the line setting LTPBIN (which shouldn't have
> been there in the first place, my fault), does the attached patch fix it
> for you?
Your patch doesn't apply - looks like it is relative to further local
changes you have made in your own git repo (extra args to mktemp). But
applying the corresponding change here does fix that problem for me,
yes. Diff below is relative to ltp cvs.
Fix LTPBIN definition in selinux_file.sh
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
---
testcases/kernel/security/selinux-testsuite/tests/file/selinux_file.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Index: testcases/kernel/security/selinux-testsuite/tests/file/selinux_file.sh
===================================================================
RCS file: /cvsroot/ltp/ltp/testcases/kernel/security/selinux-testsuite/tests/file/selinux_file.sh,v
retrieving revision 1.5
diff -u -r1.5 selinux_file.sh
--- testcases/kernel/security/selinux-testsuite/tests/file/selinux_file.sh 21 Apr 2009 09:39:58 -0000 1.5
+++ testcases/kernel/security/selinux-testsuite/tests/file/selinux_file.sh 30 Apr 2009 12:50:35 -0000
@@ -17,7 +17,7 @@
export TST_COUNT=0
export TST_TOTAL=14
- LTPBIN=$LTPROOT/testcases/bin
+ LTPBIN=${LTPBIN:-$LTPROOT/testcases/bin}
SELINUXTMPDIR=$(mktemp -d)
chcon -t test_file_t $SELINUXTMPDIR
--
Stephen Smalley
National Security Agency
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 13+ messages in thread
* [PATCH] Fix MLS handling in selinux tests
[not found] ` <op.us51ezmiu2flwt@debian>
2009-04-30 12:45 ` Stephen Smalley
@ 2009-04-30 15:20 ` Stephen Smalley
2009-05-11 6:44 ` Subrata Modak
[not found] ` <1241087321.5983.12.camel@subratamodak.linux.ibm.com>
2 siblings, 1 reply; 13+ messages in thread
From: Stephen Smalley @ 2009-04-30 15:20 UTC (permalink / raw)
To: ltp-list
Cc: Subrata Modak, Jiří Paleček, Serge E. Hallyn, selinux
Some of the selinux tests were using full security contexts but predated
MCS/MLS and thus lacked a MLS field. This broke testing if MLS was
enabled in the policy but mcstransd was not running. Change some of the
tests to avoid the need to use full contexts at all, and others to
conditionally append a MLS suffix if MLS is enabled.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
testcases/kernel/security/selinux-testsuite/tests/file/selinux_file.sh | 2 -
testcases/kernel/security/selinux-testsuite/tests/mkdir/selinux_mkdir.sh | 16 ++++++++--
testcases/kernel/security/selinux-testsuite/tests/relabel/selinux_relabel.sh | 2 -
testcases/kernel/security/selinux-testsuite/tests/rename/selinux_rename.sh | 9 +++--
testcases/kernel/security/selinux-testsuite/tests/rxdir/selinux_rxdir.sh | 3 +
5 files changed, 24 insertions(+), 8 deletions(-)
Index: testcases/kernel/security/selinux-testsuite/tests/file/selinux_file.sh
===================================================================
RCS file: /cvsroot/ltp/ltp/testcases/kernel/security/selinux-testsuite/tests/file/selinux_file.sh,v
retrieving revision 1.5
diff -u -r1.5 selinux_file.sh
--- testcases/kernel/security/selinux-testsuite/tests/file/selinux_file.sh 21 Apr 2009 09:39:58 -0000 1.5
+++ testcases/kernel/security/selinux-testsuite/tests/file/selinux_file.sh 30 Apr 2009 15:18:04 -0000
@@ -53,7 +53,7 @@
#
# Get the SID of the good file.
#
- good_file_sid="system_u:object_r:fileop_file_t"
+ good_file_sid=`ls -Z $SELINUXTMPDIR/temp_file | awk '{print $4}'`
}
test01()
Index: testcases/kernel/security/selinux-testsuite/tests/mkdir/selinux_mkdir.sh
===================================================================
RCS file: /cvsroot/ltp/ltp/testcases/kernel/security/selinux-testsuite/tests/mkdir/selinux_mkdir.sh,v
retrieving revision 1.4
diff -u -r1.4 selinux_mkdir.sh
--- testcases/kernel/security/selinux-testsuite/tests/mkdir/selinux_mkdir.sh 21 Apr 2009 09:39:59 -0000 1.4
+++ testcases/kernel/security/selinux-testsuite/tests/mkdir/selinux_mkdir.sh 30 Apr 2009 15:18:04 -0000
@@ -89,12 +89,18 @@
TCID="test04"
TST_COUNT=4
RC=0
+ SUFFIX=""
+ MLS=x`cat /selinux/mls`
+ if [ "$MLS" == "x1" ]
+ then
+ SUFFIX=":s0"
+ fi
# Verify that test_create_t can create a subdirectory
# with a different type.
# This requires add_name to test_mkdir_dir_t and create
# to test_create_dir_t.
- runcon -t test_create_t -- mkdir --context=system_u:object_r:test_create_dir_t $SELINUXTMPDIR/test_dir/test3 2>&1
+ runcon -t test_create_t -- mkdir --context=system_u:object_r:test_create_dir_t$SUFFIX $SELINUXTMPDIR/test_dir/test3 2>&1
RC=$?
if [ $RC -eq 0 ]
then
@@ -110,11 +116,17 @@
TCID="test05"
TST_COUNT=5
RC=0
+ SUFFIX=""
+ MLS=x`cat /selinux/mls`
+ if [ "$MLS" == "x1" ]
+ then
+ SUFFIX=":s0"
+ fi
# Verify that test_nocreate_t cannot create
# a subdirectory with a different type.
# Should fail on create check to the new type.
- runcon -t test_nocreate_t -- mkdir --context=system_u:object_r:test_create_dir_t $SELINUXTMPDIR/test_dir/test4 2>&1
+ runcon -t test_nocreate_t -- mkdir --context=system_u:object_r:test_create_dir_t$SUFFIX $SELINUXTMPDIR/test_dir/test4 2>&1
RC=$?
if [ $RC -ne 0 ]
then
Index: testcases/kernel/security/selinux-testsuite/tests/relabel/selinux_relabel.sh
===================================================================
RCS file: /cvsroot/ltp/ltp/testcases/kernel/security/selinux-testsuite/tests/relabel/selinux_relabel.sh,v
retrieving revision 1.4
diff -u -r1.4 selinux_relabel.sh
--- testcases/kernel/security/selinux-testsuite/tests/relabel/selinux_relabel.sh 21 Apr 2009 09:39:59 -0000 1.4
+++ testcases/kernel/security/selinux-testsuite/tests/relabel/selinux_relabel.sh 30 Apr 2009 15:18:04 -0000
@@ -31,7 +31,7 @@
RC=0
# Verify that test_relabel_t can relabel the file.
- runcon -t test_relabel_t chcon system_u:object_r:test_relabel_newtype_t $SELINUXTMPDIR/test_file 2>&1
+ runcon -t test_relabel_t chcon -t test_relabel_newtype_t $SELINUXTMPDIR/test_file 2>&1
RC=$?
if [ $RC -eq 0 ]
then
Index: testcases/kernel/security/selinux-testsuite/tests/rename/selinux_rename.sh
===================================================================
RCS file: /cvsroot/ltp/ltp/testcases/kernel/security/selinux-testsuite/tests/rename/selinux_rename.sh,v
retrieving revision 1.4
diff -u -r1.4 selinux_rename.sh
--- testcases/kernel/security/selinux-testsuite/tests/rename/selinux_rename.sh 21 Apr 2009 09:39:59 -0000 1.4
+++ testcases/kernel/security/selinux-testsuite/tests/rename/selinux_rename.sh 30 Apr 2009 15:18:04 -0000
@@ -19,15 +19,18 @@
chcon -t test_file_t $SELINUXTMPDIR
# Create the source and destination test directories for the rename.
- mkdir --context=system_u:object_r:test_rename_src_dir_t $SELINUXTMPDIR/src_dir 2>&1
- mkdir --context=system_u:object_r:test_rename_dst_dir_t $SELINUXTMPDIR/dst_dir 2>&1
+ mkdir $SELINUXTMPDIR/src_dir
+ chcon -t test_rename_src_dir_t $SELINUXTMPDIR/src_dir
+ mkdir $SELINUXTMPDIR/dst_dir
+ chcon -t test_rename_dst_dir_t $SELINUXTMPDIR/dst_dir
# Create a test file to try renaming.
touch $SELINUXTMPDIR/src_dir/test_file
chcon -t test_rename_file_t $SELINUXTMPDIR/src_dir/test_file
# Create a test directory to try renaming.
- mkdir --context=system_u:object_r:test_rename_dir_t $SELINUXTMPDIR/src_dir/test_dir
+ mkdir $SELINUXTMPDIR/src_dir/test_dir
+ chcon -t test_rename_dir_t $SELINUXTMPDIR/src_dir/test_dir
}
Index: testcases/kernel/security/selinux-testsuite/tests/rxdir/selinux_rxdir.sh
===================================================================
RCS file: /cvsroot/ltp/ltp/testcases/kernel/security/selinux-testsuite/tests/rxdir/selinux_rxdir.sh,v
retrieving revision 1.4
diff -u -r1.4 selinux_rxdir.sh
--- testcases/kernel/security/selinux-testsuite/tests/rxdir/selinux_rxdir.sh 21 Apr 2009 09:39:59 -0000 1.4
+++ testcases/kernel/security/selinux-testsuite/tests/rxdir/selinux_rxdir.sh 30 Apr 2009 15:18:04 -0000
@@ -20,7 +20,8 @@
# Create a test dir with the test_rxdir_dir_t type
# for use in the tests.
- mkdir --context=system_u:object_r:test_rxdir_dir_t $SELINUXTMPDIR/test_dir
+ mkdir $SELINUXTMPDIR/test_dir
+ chcon -t test_rxdir_dir_t $SELINUXTMPDIR/test_dir
# Touch a file in the directory.
touch $SELINUXTMPDIR/test_dir/test_file
--
Stephen Smalley
National Security Agency
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [LTP] Fwd: [PATCH] Create $SELINUXTMPDIR in each of the tests
[not found] ` <1241097725.27331.13.camel@localhost.localdomain>
@ 2009-05-01 11:52 ` Stephen Smalley
2009-05-05 13:52 ` Stephen Smalley
0 siblings, 1 reply; 13+ messages in thread
From: Stephen Smalley @ 2009-05-01 11:52 UTC (permalink / raw)
To: subrata
Cc: ltp-list, Jiří Paleček, Serge E. Hallyn,
James Morris, Eric Paris, selinux, Daniel J Walsh
On Thu, 2009-04-30 at 09:22 -0400, Stephen Smalley wrote:
> On Thu, 2009-04-30 at 15:58 +0530, Subrata Modak wrote:
> > On Wed, 2009-04-29 at 22:48 +0200, Jiří Paleček wrote:
> > > On Wed, 29 Apr 2009 21:40:01 +0200, Stephen Smalley <sds@tycho.nsa.gov>
> > > wrote:
> > >
> > > > On Wed, 2009-04-29 at 21:27 +0200, Jiří Paleček wrote:
> > > >> On Wed, 29 Apr 2009 21:07:38 +0200, Stephen Smalley <sds@tycho.nsa.gov>
> > > >> wrote:
> > > >>
> > > >> > On Sun, 2009-04-19 at 00:17 +0530, Subrata Modak wrote:
> > > >> >> Stephen,
> > > >> >>
> > > >> >> Would you like to say something about the following Patch ?
> > > >> >
> > > >> > Yes, it breaks the selinux testsuite for me. Please revert.
> > > >>
> > > >> How exactly does it break it?
> > > >
> > > > Running it via test_selinux.sh was generating errors like:
> > > > cd: /testcases/bin: No such file or directory
> > > > in selinux.outfile, producing a couple bogus FAILs.
> > >
> > > This is probably caused by the line setting LTPBIN (which shouldn't have
> > > been there in the first place, my fault), does the attached patch fix it
> > > for you?
> >
> > Nether applied this nor reverted the earlier one in this thread, as
> > conclusion is yet to be made. But, i have to push the release today as i
> > am going for a vacation for a couple of days. But, please send me the
> > cleanups on consensus. I will do the needful when i return.
>
> If you apply the re-based patch that I posted in response to his, then
> at least that problem is solved - no need to revert his original patch.
>
> I'd like to fork the refpolicy directory so that we can stop maintaining
> diffs under selinux-testsuite/misc/ for post-rhel5 changes. So if you
> could create a copy of refpolicy under selinux-testsuite, say
> "rhel5-refpolicy", and cvs add that to the tree, then we can work from
> there.
Actually, I think I'd like to have a tree of test policies, e.g.
refpolicy/trunk (test policy relative to refpolicy trunk)
refpolicy/redhat/5 (test policy relative to rhel5)
refpolicy/fedora/10 (test policy relative to fedora 10)
refpolicy/debian/5 (test policy relative to debian 5.0)
Only I'm not sure we necessarily want one for every fedora release due
to their short life cycles. But it looks like the test policy for f11
will be different than f10 (I have a patch to at least get it to build
without warnings, but am still working through some test failures on
f11).
--
Stephen Smalley
National Security Agency
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [LTP] Fwd: [PATCH] Create $SELINUXTMPDIR in each of the tests
2009-05-01 11:52 ` [LTP] Fwd: [PATCH] Create $SELINUXTMPDIR in each of the tests Stephen Smalley
@ 2009-05-05 13:52 ` Stephen Smalley
0 siblings, 0 replies; 13+ messages in thread
From: Stephen Smalley @ 2009-05-05 13:52 UTC (permalink / raw)
To: subrata
Cc: ltp-list, Jiří Paleček, Daniel J Walsh, selinux,
Eric Paris
On Fri, 2009-05-01 at 07:52 -0400, Stephen Smalley wrote:
> On Thu, 2009-04-30 at 09:22 -0400, Stephen Smalley wrote:
> > On Thu, 2009-04-30 at 15:58 +0530, Subrata Modak wrote:
> > > On Wed, 2009-04-29 at 22:48 +0200, Jiří Paleček wrote:
> > > > On Wed, 29 Apr 2009 21:40:01 +0200, Stephen Smalley <sds@tycho.nsa.gov>
> > > > wrote:
> > > >
> > > > > On Wed, 2009-04-29 at 21:27 +0200, Jiří Paleček wrote:
> > > > >> On Wed, 29 Apr 2009 21:07:38 +0200, Stephen Smalley <sds@tycho.nsa.gov>
> > > > >> wrote:
> > > > >>
> > > > >> > On Sun, 2009-04-19 at 00:17 +0530, Subrata Modak wrote:
> > > > >> >> Stephen,
> > > > >> >>
> > > > >> >> Would you like to say something about the following Patch ?
> > > > >> >
> > > > >> > Yes, it breaks the selinux testsuite for me. Please revert.
> > > > >>
> > > > >> How exactly does it break it?
> > > > >
> > > > > Running it via test_selinux.sh was generating errors like:
> > > > > cd: /testcases/bin: No such file or directory
> > > > > in selinux.outfile, producing a couple bogus FAILs.
> > > >
> > > > This is probably caused by the line setting LTPBIN (which shouldn't have
> > > > been there in the first place, my fault), does the attached patch fix it
> > > > for you?
> > >
> > > Nether applied this nor reverted the earlier one in this thread, as
> > > conclusion is yet to be made. But, i have to push the release today as i
> > > am going for a vacation for a couple of days. But, please send me the
> > > cleanups on consensus. I will do the needful when i return.
> >
> > If you apply the re-based patch that I posted in response to his, then
> > at least that problem is solved - no need to revert his original patch.
> >
> > I'd like to fork the refpolicy directory so that we can stop maintaining
> > diffs under selinux-testsuite/misc/ for post-rhel5 changes. So if you
> > could create a copy of refpolicy under selinux-testsuite, say
> > "rhel5-refpolicy", and cvs add that to the tree, then we can work from
> > there.
>
> Actually, I think I'd like to have a tree of test policies, e.g.
> refpolicy/trunk (test policy relative to refpolicy trunk)
> refpolicy/redhat/5 (test policy relative to rhel5)
> refpolicy/fedora/10 (test policy relative to fedora 10)
> refpolicy/debian/5 (test policy relative to debian 5.0)
>
> Only I'm not sure we necessarily want one for every fedora release due
> to their short life cycles. But it looks like the test policy for f11
> will be different than f10 (I have a patch to at least get it to build
> without warnings, but am still working through some test failures on
> f11).
Ok, I now have the selinux testsuite working on both f10 and f11 and
have set up a separate subdirectory to keep a legacy copy of the test
policy for rhel5. I'll send a patch under separate cover.
--
Stephen Smalley
National Security Agency
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [LTP] Fwd: [PATCH] Create $SELINUXTMPDIR in each of the tests
2009-04-30 12:45 ` Stephen Smalley
@ 2009-05-11 6:44 ` Subrata Modak
0 siblings, 0 replies; 13+ messages in thread
From: Subrata Modak @ 2009-05-11 6:44 UTC (permalink / raw)
To: Stephen Smalley; +Cc: Jiří Paleček, ltp-list, SE Linux
On Thu, 2009-04-30 at 08:45 -0400, Stephen Smalley wrote:
> On Wed, 2009-04-29 at 22:48 +0200, Jiří Paleček wrote:
> > On Wed, 29 Apr 2009 21:40:01 +0200, Stephen Smalley <sds@tycho.nsa.gov>
> > wrote:
> >
> > > On Wed, 2009-04-29 at 21:27 +0200, Jiří Paleček wrote:
> > >> On Wed, 29 Apr 2009 21:07:38 +0200, Stephen Smalley <sds@tycho.nsa.gov>
> > >> wrote:
> > >>
> > >> > On Sun, 2009-04-19 at 00:17 +0530, Subrata Modak wrote:
> > >> >> Stephen,
> > >> >>
> > >> >> Would you like to say something about the following Patch ?
> > >> >
> > >> > Yes, it breaks the selinux testsuite for me. Please revert.
> > >>
> > >> How exactly does it break it?
> > >
> > > Running it via test_selinux.sh was generating errors like:
> > > cd: /testcases/bin: No such file or directory
> > > in selinux.outfile, producing a couple bogus FAILs.
> >
> > This is probably caused by the line setting LTPBIN (which shouldn't have
> > been there in the first place, my fault), does the attached patch fix it
> > for you?
>
> Your patch doesn't apply - looks like it is relative to further local
> changes you have made in your own git repo (extra args to mktemp). But
> applying the corresponding change here does fix that problem for me,
> yes. Diff below is relative to ltp cvs.
>
> Fix LTPBIN definition in selinux_file.sh
>
> Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Thanks.
Regards--
Subrata
>
> ---
>
> testcases/kernel/security/selinux-testsuite/tests/file/selinux_file.sh | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> Index: testcases/kernel/security/selinux-testsuite/tests/file/selinux_file.sh
> ===================================================================
> RCS file: /cvsroot/ltp/ltp/testcases/kernel/security/selinux-testsuite/tests/file/selinux_file.sh,v
> retrieving revision 1.5
> diff -u -r1.5 selinux_file.sh
> --- testcases/kernel/security/selinux-testsuite/tests/file/selinux_file.sh 21 Apr 2009 09:39:58 -0000 1.5
> +++ testcases/kernel/security/selinux-testsuite/tests/file/selinux_file.sh 30 Apr 2009 12:50:35 -0000
> @@ -17,7 +17,7 @@
> export TST_COUNT=0
> export TST_TOTAL=14
>
> - LTPBIN=$LTPROOT/testcases/bin
> + LTPBIN=${LTPBIN:-$LTPROOT/testcases/bin}
> SELINUXTMPDIR=$(mktemp -d)
> chcon -t test_file_t $SELINUXTMPDIR
>
>
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [PATCH] Fix MLS handling in selinux tests
2009-04-30 15:20 ` [PATCH] Fix MLS handling in selinux tests Stephen Smalley
@ 2009-05-11 6:44 ` Subrata Modak
0 siblings, 0 replies; 13+ messages in thread
From: Subrata Modak @ 2009-05-11 6:44 UTC (permalink / raw)
To: Stephen Smalley
Cc: ltp-list, Jiří Paleček, Serge E. Hallyn, selinux
On Thu, 2009-04-30 at 11:20 -0400, Stephen Smalley wrote:
> Some of the selinux tests were using full security contexts but predated
> MCS/MLS and thus lacked a MLS field. This broke testing if MLS was
> enabled in the policy but mcstransd was not running. Change some of the
> tests to avoid the need to use full contexts at all, and others to
> conditionally append a MLS suffix if MLS is enabled.
>
> Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Thanks. Merged.
Regards--
Subrata
>
> testcases/kernel/security/selinux-testsuite/tests/file/selinux_file.sh | 2 -
> testcases/kernel/security/selinux-testsuite/tests/mkdir/selinux_mkdir.sh | 16 ++++++++--
> testcases/kernel/security/selinux-testsuite/tests/relabel/selinux_relabel.sh | 2 -
> testcases/kernel/security/selinux-testsuite/tests/rename/selinux_rename.sh | 9 +++--
> testcases/kernel/security/selinux-testsuite/tests/rxdir/selinux_rxdir.sh | 3 +
> 5 files changed, 24 insertions(+), 8 deletions(-)
>
> Index: testcases/kernel/security/selinux-testsuite/tests/file/selinux_file.sh
> ===================================================================
> RCS file: /cvsroot/ltp/ltp/testcases/kernel/security/selinux-testsuite/tests/file/selinux_file.sh,v
> retrieving revision 1.5
> diff -u -r1.5 selinux_file.sh
> --- testcases/kernel/security/selinux-testsuite/tests/file/selinux_file.sh 21 Apr 2009 09:39:58 -0000 1.5
> +++ testcases/kernel/security/selinux-testsuite/tests/file/selinux_file.sh 30 Apr 2009 15:18:04 -0000
> @@ -53,7 +53,7 @@
> #
> # Get the SID of the good file.
> #
> - good_file_sid="system_u:object_r:fileop_file_t"
> + good_file_sid=`ls -Z $SELINUXTMPDIR/temp_file | awk '{print $4}'`
> }
>
> test01()
> Index: testcases/kernel/security/selinux-testsuite/tests/mkdir/selinux_mkdir.sh
> ===================================================================
> RCS file: /cvsroot/ltp/ltp/testcases/kernel/security/selinux-testsuite/tests/mkdir/selinux_mkdir.sh,v
> retrieving revision 1.4
> diff -u -r1.4 selinux_mkdir.sh
> --- testcases/kernel/security/selinux-testsuite/tests/mkdir/selinux_mkdir.sh 21 Apr 2009 09:39:59 -0000 1.4
> +++ testcases/kernel/security/selinux-testsuite/tests/mkdir/selinux_mkdir.sh 30 Apr 2009 15:18:04 -0000
> @@ -89,12 +89,18 @@
> TCID="test04"
> TST_COUNT=4
> RC=0
> + SUFFIX=""
> + MLS=x`cat /selinux/mls`
> + if [ "$MLS" == "x1" ]
> + then
> + SUFFIX=":s0"
> + fi
>
> # Verify that test_create_t can create a subdirectory
> # with a different type.
> # This requires add_name to test_mkdir_dir_t and create
> # to test_create_dir_t.
> - runcon -t test_create_t -- mkdir --context=system_u:object_r:test_create_dir_t $SELINUXTMPDIR/test_dir/test3 2>&1
> + runcon -t test_create_t -- mkdir --context=system_u:object_r:test_create_dir_t$SUFFIX $SELINUXTMPDIR/test_dir/test3 2>&1
> RC=$?
> if [ $RC -eq 0 ]
> then
> @@ -110,11 +116,17 @@
> TCID="test05"
> TST_COUNT=5
> RC=0
> + SUFFIX=""
> + MLS=x`cat /selinux/mls`
> + if [ "$MLS" == "x1" ]
> + then
> + SUFFIX=":s0"
> + fi
>
> # Verify that test_nocreate_t cannot create
> # a subdirectory with a different type.
> # Should fail on create check to the new type.
> - runcon -t test_nocreate_t -- mkdir --context=system_u:object_r:test_create_dir_t $SELINUXTMPDIR/test_dir/test4 2>&1
> + runcon -t test_nocreate_t -- mkdir --context=system_u:object_r:test_create_dir_t$SUFFIX $SELINUXTMPDIR/test_dir/test4 2>&1
> RC=$?
> if [ $RC -ne 0 ]
> then
> Index: testcases/kernel/security/selinux-testsuite/tests/relabel/selinux_relabel.sh
> ===================================================================
> RCS file: /cvsroot/ltp/ltp/testcases/kernel/security/selinux-testsuite/tests/relabel/selinux_relabel.sh,v
> retrieving revision 1.4
> diff -u -r1.4 selinux_relabel.sh
> --- testcases/kernel/security/selinux-testsuite/tests/relabel/selinux_relabel.sh 21 Apr 2009 09:39:59 -0000 1.4
> +++ testcases/kernel/security/selinux-testsuite/tests/relabel/selinux_relabel.sh 30 Apr 2009 15:18:04 -0000
> @@ -31,7 +31,7 @@
> RC=0
>
> # Verify that test_relabel_t can relabel the file.
> - runcon -t test_relabel_t chcon system_u:object_r:test_relabel_newtype_t $SELINUXTMPDIR/test_file 2>&1
> + runcon -t test_relabel_t chcon -t test_relabel_newtype_t $SELINUXTMPDIR/test_file 2>&1
> RC=$?
> if [ $RC -eq 0 ]
> then
> Index: testcases/kernel/security/selinux-testsuite/tests/rename/selinux_rename.sh
> ===================================================================
> RCS file: /cvsroot/ltp/ltp/testcases/kernel/security/selinux-testsuite/tests/rename/selinux_rename.sh,v
> retrieving revision 1.4
> diff -u -r1.4 selinux_rename.sh
> --- testcases/kernel/security/selinux-testsuite/tests/rename/selinux_rename.sh 21 Apr 2009 09:39:59 -0000 1.4
> +++ testcases/kernel/security/selinux-testsuite/tests/rename/selinux_rename.sh 30 Apr 2009 15:18:04 -0000
> @@ -19,15 +19,18 @@
> chcon -t test_file_t $SELINUXTMPDIR
>
> # Create the source and destination test directories for the rename.
> - mkdir --context=system_u:object_r:test_rename_src_dir_t $SELINUXTMPDIR/src_dir 2>&1
> - mkdir --context=system_u:object_r:test_rename_dst_dir_t $SELINUXTMPDIR/dst_dir 2>&1
> + mkdir $SELINUXTMPDIR/src_dir
> + chcon -t test_rename_src_dir_t $SELINUXTMPDIR/src_dir
> + mkdir $SELINUXTMPDIR/dst_dir
> + chcon -t test_rename_dst_dir_t $SELINUXTMPDIR/dst_dir
>
> # Create a test file to try renaming.
> touch $SELINUXTMPDIR/src_dir/test_file
> chcon -t test_rename_file_t $SELINUXTMPDIR/src_dir/test_file
>
> # Create a test directory to try renaming.
> - mkdir --context=system_u:object_r:test_rename_dir_t $SELINUXTMPDIR/src_dir/test_dir
> + mkdir $SELINUXTMPDIR/src_dir/test_dir
> + chcon -t test_rename_dir_t $SELINUXTMPDIR/src_dir/test_dir
>
> }
>
> Index: testcases/kernel/security/selinux-testsuite/tests/rxdir/selinux_rxdir.sh
> ===================================================================
> RCS file: /cvsroot/ltp/ltp/testcases/kernel/security/selinux-testsuite/tests/rxdir/selinux_rxdir.sh,v
> retrieving revision 1.4
> diff -u -r1.4 selinux_rxdir.sh
> --- testcases/kernel/security/selinux-testsuite/tests/rxdir/selinux_rxdir.sh 21 Apr 2009 09:39:59 -0000 1.4
> +++ testcases/kernel/security/selinux-testsuite/tests/rxdir/selinux_rxdir.sh 30 Apr 2009 15:18:04 -0000
> @@ -20,7 +20,8 @@
>
> # Create a test dir with the test_rxdir_dir_t type
> # for use in the tests.
> - mkdir --context=system_u:object_r:test_rxdir_dir_t $SELINUXTMPDIR/test_dir
> + mkdir $SELINUXTMPDIR/test_dir
> + chcon -t test_rxdir_dir_t $SELINUXTMPDIR/test_dir
>
> # Touch a file in the directory.
> touch $SELINUXTMPDIR/test_dir/test_file
>
>
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 13+ messages in thread
end of thread, other threads:[~2009-05-11 6:44 UTC | newest]
Thread overview: 13+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2009-04-18 18:47 Fwd: [LTP] [PATCH] Create $SELINUXTMPDIR in each of the tests Subrata Modak
2009-04-20 1:32 ` [LTP] Fwd: " Serge E. Hallyn
2009-04-20 1:35 ` Serge E. Hallyn
[not found] ` <op.usoj4f1cu2flwt@marcela-gaxm89c>
2009-04-20 13:36 ` Serge E. Hallyn
2009-04-29 19:07 ` Stephen Smalley
[not found] ` <op.us5xofaeu2flwt@debian>
2009-04-29 19:40 ` Stephen Smalley
2009-04-29 19:52 ` Stephen Smalley
[not found] ` <op.us51ezmiu2flwt@debian>
2009-04-30 12:45 ` Stephen Smalley
2009-05-11 6:44 ` Subrata Modak
2009-04-30 15:20 ` [PATCH] Fix MLS handling in selinux tests Stephen Smalley
2009-05-11 6:44 ` Subrata Modak
[not found] ` <1241087321.5983.12.camel@subratamodak.linux.ibm.com>
[not found] ` <1241097725.27331.13.camel@localhost.localdomain>
2009-05-01 11:52 ` [LTP] Fwd: [PATCH] Create $SELINUXTMPDIR in each of the tests Stephen Smalley
2009-05-05 13:52 ` Stephen Smalley
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.