blob: 340c74ef163bb5b60ca42cfa78894f4333df6cc8 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
|
#!/usr/bin/env bash
# SPDX-License-Identifier: LGPL-2.1-or-later
set -e
TEST_DESCRIPTION="SELinux tests"
IMAGE_NAME="selinux"
TEST_NO_NSPAWN=1
# Requirements:
# selinux-policy-targeted
# selinux-policy-devel
# Check if selinux-policy-devel is installed, and if it isn't bail out early instead of failing
test -f /usr/share/selinux/devel/include/system/systemd.if || exit 0
# shellcheck source=test/test-functions
. "${TEST_BASE_DIR:?}/test-functions"
SETUP_SELINUX=yes
KERNEL_APPEND="${KERNEL_APPEND:=} selinux=1 security=selinux"
test_append_files() {
local workspace="${1:?}"
local policy_headers_dir=/usr/share/selinux/devel
local modules_dir=/var/lib/selinux
setup_selinux
# Make sure we never expand this to "/..."
rm -rf "${workspace:?}/$modules_dir"
if ! cp -ar "$modules_dir" "$workspace/$modules_dir"; then
dfatal "Failed to copy $modules_dir"
exit 1
fi
rm -rf "${workspace:?}/$policy_headers_dir"
inst_dir /usr/share/selinux
if ! cp -ar "$policy_headers_dir" "$workspace/$policy_headers_dir"; then
dfatal "Failed to copy $policy_headers_dir"
exit 1
fi
mkdir "$workspace/systemd-test-module"
cp -v systemd_test.* "$workspace/systemd-test-module/"
image_install checkmodule load_policy m4 make sefcontext_compile semodule semodule_package runcon
image_install -o sesearch
image_install -o /usr/libexec/selinux/hll/pp # Fedora/RHEL/...
image_install -o /usr/lib/selinux/hll/pp # Debian/Ubuntu/...
if ! chroot "$workspace" make -C /systemd-test-module -f /usr/share/selinux/devel/Makefile clean load systemd_test.pp QUIET=n; then
dfatal "Failed to build the systemd test module"
exit 1
fi
}
do_test "$@"
|
