mirror of
https://github.com/systemd/systemd-stable.git
synced 2025-01-07 17:17:44 +03:00
cc5549ca12
We had all kinds of indentation: 2 sp, 3 sp, 4 sp, 8 sp, and mixed. 4 sp was the most common, in particular the majority of scripts under test/ used that. Let's standarize on 4 sp, because many commandlines are long and there's a lot of nesting, and with 8sp indentation less stuff fits. 4 sp also seems to be the default indentation, so this will make it less likely that people will mess up if they don't load the editor config. (I think people often use vi, and vi has no support to load project-wide configuration automatically. We distribute a .vimrc file, but it is not loaded by default, and even the instructions in it seem to discourage its use for security reasons.) Also remove the few vim config lines that were left. We should either have them on all files, or none. Also remove some strange stuff like '#!/bin/env bash', yikes.
109 lines
3.4 KiB
Bash
Executable File
109 lines
3.4 KiB
Bash
Executable File
#!/bin/bash
|
|
set -e
|
|
TEST_DESCRIPTION="SELinux tests"
|
|
TEST_NO_NSPAWN=1
|
|
|
|
# Requirements:
|
|
# Fedora 23
|
|
# selinux-policy-targeted
|
|
# selinux-policy-devel
|
|
|
|
# Check if selinux-policy-devel is installed, and if it isn't bail out early instead of failing
|
|
test -f /usr/share/selinux/devel/include/system/systemd.if || exit 0
|
|
|
|
. $TEST_BASE_DIR/test-functions
|
|
SETUP_SELINUX=yes
|
|
KERNEL_APPEND="$KERNEL_APPEND selinux=1 security=selinux"
|
|
|
|
test_setup() {
|
|
create_empty_image
|
|
mkdir -p $TESTDIR/root
|
|
mount ${LOOPDEV}p1 $TESTDIR/root
|
|
|
|
# Create what will eventually be our root filesystem onto an overlay
|
|
(
|
|
LOG_LEVEL=5
|
|
eval $(udevadm info --export --query=env --name=${LOOPDEV}p2)
|
|
|
|
setup_basic_environment
|
|
|
|
# setup the testsuite service
|
|
cat <<EOF >$initdir/etc/systemd/system/testsuite.service
|
|
[Unit]
|
|
Description=Testsuite service
|
|
|
|
[Service]
|
|
ExecStart=/test-selinux-checks.sh
|
|
Type=oneshot
|
|
EOF
|
|
|
|
cat <<EOF >$initdir/etc/systemd/system/hola.service
|
|
[Service]
|
|
Type=oneshot
|
|
ExecStart=/bin/echo Start Hola
|
|
ExecReload=/bin/echo Reload Hola
|
|
ExecStop=/bin/echo Stop Hola
|
|
RemainAfterExit=yes
|
|
EOF
|
|
|
|
setup_testsuite
|
|
|
|
cat <<EOF >$initdir/etc/systemd/system/load-systemd-test-module.service
|
|
[Unit]
|
|
Description=Load systemd-test module
|
|
DefaultDependencies=no
|
|
Requires=local-fs.target
|
|
Conflicts=shutdown.target
|
|
After=local-fs.target
|
|
Before=sysinit.target shutdown.target autorelabel.service
|
|
ConditionSecurity=selinux
|
|
ConditionPathExists=|/.load-systemd-test-module
|
|
|
|
[Service]
|
|
ExecStart=/bin/sh -x -c 'echo 0 >/sys/fs/selinux/enforce && cd /systemd-test-module && make -f /usr/share/selinux/devel/Makefile load && rm /.load-systemd-test-module'
|
|
Type=oneshot
|
|
TimeoutSec=0
|
|
RemainAfterExit=yes
|
|
EOF
|
|
|
|
touch $initdir/.load-systemd-test-module
|
|
mkdir -p $initdir/etc/systemd/system/basic.target.wants
|
|
ln -fs load-systemd-test-module.service $initdir/etc/systemd/system/basic.target.wants/load-systemd-test-module.service
|
|
|
|
local _modules_dir=/var/lib/selinux
|
|
rm -rf $initdir/$_modules_dir
|
|
if ! cp -ar $_modules_dir $initdir/$_modules_dir; then
|
|
dfatal "Failed to copy $_modules_dir"
|
|
exit 1
|
|
fi
|
|
|
|
local _policy_headers_dir=/usr/share/selinux/devel
|
|
rm -rf $initdir/$_policy_headers_dir
|
|
inst_dir /usr/share/selinux
|
|
if ! cp -ar $_policy_headers_dir $initdir/$_policy_headers_dir; then
|
|
dfatal "Failed to copy $_policy_headers_dir"
|
|
exit 1
|
|
fi
|
|
|
|
mkdir $initdir/systemd-test-module
|
|
cp systemd_test.te $initdir/systemd-test-module
|
|
cp systemd_test.if $initdir/systemd-test-module
|
|
cp test-selinux-checks.sh $initdir
|
|
dracut_install -o sesearch
|
|
dracut_install runcon
|
|
dracut_install checkmodule semodule semodule_package m4 make /usr/libexec/selinux/hll/pp load_policy sefcontext_compile
|
|
) || return 1
|
|
|
|
# mask some services that we do not want to run in these tests
|
|
ln -s /dev/null $initdir/etc/systemd/system/systemd-hwdb-update.service
|
|
ln -s /dev/null $initdir/etc/systemd/system/systemd-journal-catalog-update.service
|
|
ln -s /dev/null $initdir/etc/systemd/system/systemd-networkd.service
|
|
ln -s /dev/null $initdir/etc/systemd/system/systemd-networkd.socket
|
|
ln -s /dev/null $initdir/etc/systemd/system/systemd-resolved.service
|
|
|
|
ddebug "umount $TESTDIR/root"
|
|
umount $TESTDIR/root
|
|
}
|
|
|
|
do_test "$@"
|