2012-01-20 21:49:32 +04:00
/*
2014-03-17 13:38:38 +04:00
* Copyright ( C ) 2013 , 2014 Red Hat , Inc .
2012-01-20 21:49:32 +04:00
*
* This library is free software ; you can redistribute it and / or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation ; either
* version 2.1 of the License , or ( at your option ) any later version .
*
* This library is distributed in the hope that it will be useful ,
* but WITHOUT ANY WARRANTY ; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the GNU
* Lesser General Public License for more details .
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library ; If not , see
* < http : //www.gnu.org/licenses/>.
*/
# include <config.h>
2014-03-06 10:02:49 +04:00
# if WITH_SELINUX
# include <selinux / selinux.h>
# endif
2012-01-20 21:49:32 +04:00
# include "testutils.h"
2021-04-29 17:40:33 +03:00
# define LIBVIRT_VIRIDENTITYPRIV_H_ALLOW
# include "viridentitypriv.h"
2012-01-20 21:49:32 +04:00
# include "virlog.h"
# define VIR_FROM_THIS VIR_FROM_NONE
2014-02-28 16:16:17 +04:00
VIR_LOG_INIT ( " tests.identitytest " ) ;
2012-01-20 21:49:32 +04:00
2021-04-29 17:40:33 +03:00
char *
virIdentityEnsureSystemToken ( void )
{
return g_strdup ( " 3de80bcbf22d4833897f1638e01be9b2 " ) ;
}
2019-10-14 15:45:03 +03:00
static int testIdentityAttrs ( const void * data G_GNUC_UNUSED )
2012-01-20 21:49:32 +04:00
{
2019-09-19 17:38:03 +03:00
g_autoptr ( virIdentity ) ident = virIdentityNew ( ) ;
2012-01-20 21:49:32 +04:00
const char * val ;
2019-08-07 18:30:57 +03:00
int rc ;
2012-01-20 21:49:32 +04:00
2019-07-26 14:21:29 +03:00
if ( virIdentitySetUserName ( ident , " fred " ) < 0 )
2019-10-01 19:38:12 +03:00
return - 1 ;
2012-01-20 21:49:32 +04:00
2019-08-07 18:30:57 +03:00
if ( ( rc = virIdentityGetUserName ( ident , & val ) ) < 0 )
2019-10-01 19:38:12 +03:00
return - 1 ;
2012-01-20 21:49:32 +04:00
2019-08-07 18:30:57 +03:00
if ( STRNEQ_NULLABLE ( val , " fred " ) | | rc ! = 1 ) {
2012-01-20 21:49:32 +04:00
VIR_DEBUG ( " Expected 'fred' got '%s' " , NULLSTR ( val ) ) ;
2019-10-01 19:38:12 +03:00
return - 1 ;
2012-01-20 21:49:32 +04:00
}
2019-08-07 18:30:57 +03:00
if ( ( rc = virIdentityGetGroupName ( ident , & val ) ) < 0 )
2019-10-01 19:38:12 +03:00
return - 1 ;
2012-01-20 21:49:32 +04:00
2019-08-07 18:30:57 +03:00
if ( val ! = NULL | | rc ! = 0 ) {
2012-01-20 21:49:32 +04:00
VIR_DEBUG ( " Unexpected groupname attribute " ) ;
2019-10-01 19:38:12 +03:00
return - 1 ;
2012-01-20 21:49:32 +04:00
}
2019-07-26 14:21:29 +03:00
if ( virIdentitySetUserName ( ident , " joe " ) > = 0 ) {
2012-01-20 21:49:32 +04:00
VIR_DEBUG ( " Unexpectedly overwrote attribute " ) ;
2019-10-01 19:38:12 +03:00
return - 1 ;
2012-01-20 21:49:32 +04:00
}
2019-08-07 18:30:57 +03:00
if ( ( rc = virIdentityGetUserName ( ident , & val ) ) < 0 )
2019-10-01 19:38:12 +03:00
return - 1 ;
2012-01-20 21:49:32 +04:00
2019-08-07 18:30:57 +03:00
if ( STRNEQ_NULLABLE ( val , " fred " ) | | rc ! = 1 ) {
2012-01-20 21:49:32 +04:00
VIR_DEBUG ( " Expected 'fred' got '%s' " , NULLSTR ( val ) ) ;
2019-10-01 19:38:12 +03:00
return - 1 ;
2012-01-20 21:49:32 +04:00
}
2019-10-01 19:38:12 +03:00
return 0 ;
2012-01-20 21:49:32 +04:00
}
2014-03-06 10:02:49 +04:00
static int testIdentityGetSystem ( const void * data )
{
const char * context = data ;
2019-10-01 19:38:12 +03:00
g_autoptr ( virIdentity ) ident = NULL ;
2014-03-06 10:02:49 +04:00
const char * val ;
2019-08-07 18:30:57 +03:00
int rc ;
2014-03-06 10:02:49 +04:00
# if !WITH_SELINUX
if ( context ) {
VIR_DEBUG ( " libvirt not compiled with SELinux, skipping this test " ) ;
2020-11-06 11:58:33 +03:00
return EXIT_AM_SKIP ;
2014-03-06 10:02:49 +04:00
}
# endif
if ( ! ( ident = virIdentityGetSystem ( ) ) ) {
VIR_DEBUG ( " Unable to get system identity " ) ;
2019-10-01 19:38:12 +03:00
return - 1 ;
2014-03-06 10:02:49 +04:00
}
2019-08-07 18:30:57 +03:00
if ( ( rc = virIdentityGetSELinuxContext ( ident , & val ) ) < 0 )
2019-10-01 19:38:12 +03:00
return - 1 ;
2014-03-06 10:02:49 +04:00
2019-08-07 18:30:57 +03:00
if ( context = = NULL ) {
if ( val ! = NULL | | rc ! = 0 ) {
VIR_DEBUG ( " Unexpected SELinux context %s " , NULLSTR ( val ) ) ;
2019-10-01 19:38:12 +03:00
return - 1 ;
2019-08-07 18:30:57 +03:00
}
} else {
if ( STRNEQ_NULLABLE ( val , context ) | | rc ! = 1 ) {
VIR_DEBUG ( " Want SELinux context '%s' got '%s' " ,
context , val ) ;
2019-10-01 19:38:12 +03:00
return - 1 ;
2019-08-07 18:30:57 +03:00
}
2014-03-06 10:02:49 +04:00
}
2019-10-01 19:38:12 +03:00
return 0 ;
2014-03-06 10:02:49 +04:00
}
2019-10-14 15:45:03 +03:00
static int testSetFakeSELinuxContext ( const void * data G_GNUC_UNUSED )
2014-03-06 10:02:49 +04:00
{
# if WITH_SELINUX
2020-07-15 13:32:48 +03:00
return setcon_raw ( data ) ;
2014-03-06 10:02:49 +04:00
# else
VIR_DEBUG ( " libvirt not compiled with SELinux, skipping this test " ) ;
return EXIT_AM_SKIP ;
# endif
}
2019-10-14 15:45:03 +03:00
static int testDisableFakeSELinux ( const void * data G_GNUC_UNUSED )
2014-03-06 10:02:49 +04:00
{
# if WITH_SELINUX
return security_disable ( ) ;
# else
VIR_DEBUG ( " libvirt not compiled with SELinux, skipping this test " ) ;
return EXIT_AM_SKIP ;
# endif
}
2012-01-20 21:49:32 +04:00
static int
mymain ( void )
{
2014-03-06 10:02:49 +04:00
const char * context = " unconfined_u:unconfined_r:unconfined_t:s0 " ;
2012-01-20 21:49:32 +04:00
int ret = 0 ;
2016-05-26 18:01:50 +03:00
if ( virTestRun ( " Identity attributes " , testIdentityAttrs , NULL ) < 0 )
2012-01-20 21:49:32 +04:00
ret = - 1 ;
2016-05-26 18:01:50 +03:00
if ( virTestRun ( " Setting fake SELinux context " , testSetFakeSELinuxContext , context ) < 0 )
2014-03-06 10:02:49 +04:00
ret = - 1 ;
2016-05-26 18:01:50 +03:00
if ( virTestRun ( " System identity (fake SELinux enabled) " , testIdentityGetSystem , context ) < 0 )
2014-03-06 10:02:49 +04:00
ret = - 1 ;
2016-05-26 18:01:50 +03:00
if ( virTestRun ( " Disabling fake SELinux " , testDisableFakeSELinux , NULL ) < 0 )
2014-03-06 10:02:49 +04:00
ret = - 1 ;
2016-05-26 18:01:50 +03:00
if ( virTestRun ( " System identity (fake SELinux disabled) " , testIdentityGetSystem , NULL ) < 0 )
2014-03-06 10:02:49 +04:00
ret = - 1 ;
2012-01-20 21:49:32 +04:00
2014-03-17 13:38:38 +04:00
return ret = = 0 ? EXIT_SUCCESS : EXIT_FAILURE ;
2012-01-20 21:49:32 +04:00
}
2014-03-06 10:02:49 +04:00
# if WITH_SELINUX
2024-03-22 18:57:44 +03:00
VIR_TEST_MAIN_PRELOAD ( mymain , " libsecurityselinuxhelper.so " )
2014-03-06 10:02:49 +04:00
# else
2017-03-29 17:45:42 +03:00
VIR_TEST_MAIN ( mymain )
2014-03-06 10:02:49 +04:00
# endif