diff options
Diffstat (limited to 'tests/runcon')
| -rwxr-xr-x | tests/runcon/runcon-compute.sh | 30 | ||||
| -rwxr-xr-x | tests/runcon/runcon-no-reorder.sh | 44 |
2 files changed, 74 insertions, 0 deletions
diff --git a/tests/runcon/runcon-compute.sh b/tests/runcon/runcon-compute.sh new file mode 100755 index 0000000..bc3cd8c --- /dev/null +++ b/tests/runcon/runcon-compute.sh @@ -0,0 +1,30 @@ +#!/bin/sh +# Ensure that runcon -c uses absolute file names + +# Copyright (C) 2022-2023 Free Software Foundation, Inc. + +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. + +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <https://www.gnu.org/licenses/>. + +. "${srcdir=.}/tests/init.sh"; path_prepend_ ./src +print_ver_ runcon + +# Create an executable that's sure to fail +printf '%s\n' '#!/bin/sh' 'exit 1' >> 'true' || framework_failure_ +chmod a+x 'true' || framework_failure_ + +runcon -c true; ret=$? +test "$ret" = 125 && skip_ 'runcon setup failed' +test "$ret" = 1 || fail=1 + +Exit $fail diff --git a/tests/runcon/runcon-no-reorder.sh b/tests/runcon/runcon-no-reorder.sh new file mode 100755 index 0000000..f07a4e5 --- /dev/null +++ b/tests/runcon/runcon-no-reorder.sh @@ -0,0 +1,44 @@ +#!/bin/sh +# Ensure that runcon does not reorder its arguments. + +# Copyright (C) 2007-2023 Free Software Foundation, Inc. + +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. + +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <https://www.gnu.org/licenses/>. + +. "${srcdir=.}/tests/init.sh"; path_prepend_ ./src +print_ver_ runcon + +diag='runcon: runcon may be used only on a SELinux kernel' +echo "$diag" > exp || framework_failure_ + + +# This test works even on systems without SELinux. +# On such a system it fails with the above diagnostic, which is fine. +# Before the no-reorder change, it would have failed with a diagnostic +# about -j being an invalid option. +runcon $(id -Z) true -j 2> out && > exp +# Ensure we fail appropriately for invalid options +returns_ 125 runcon -j true || fail=1 + +# When run on a system with no /selinux/context (i.e., in a chroot), +# it fails with this: "runcon: invalid context: \ +# root:system_r:unconfined_t:s0-s0:c0.c1023: No such file or directory" +# That diagnostic is ok, too, so map it to the more common one. +case $(cat out) in + 'runcon: invalid context: '*) echo "$diag" > out;; +esac + +compare exp out || fail=1 + +Exit $fail |