Closed WOnder93 closed 5 years ago
How did you test this @WOnder93 ?
This PR adds some noise to the mmap tests, it's not serious enough to revert, but please fix this as soon as possible.
Compiling targeted test_policy module
Creating targeted test_policy.pp policy package
Running as user root with context unconfined_u:unconfined_r:unconfined_t
domain_trans/test ........... ok
entrypoint/test ............. ok
execshare/test .............. ok
exectrace/test .............. ok
execute_no_trans/test ....... ok
fdreceive/test .............. ok
inherit/test ................ ok
link/test ................... ok
mkdir/test .................. ok
msg/test .................... ok
open/test ................... ok
ptrace/test ................. ok
readlink/test ............... ok
relabel/test ................ ok
rename/test ................. ok
rxdir/test .................. ok
sem/test .................... ok
setattr/test ................ ok
setnice/test ................ ok
shm/test .................... ok
sigkill/test ................ ok
stat/test ................... ok
sysctl/test ................. ok
task_create/test ............ ok
task_setnice/test ........... ok
task_setscheduler/test ...... ok
task_getscheduler/test ...... ok
task_getsid/test ............ ok
task_getpgid/test ........... ok
task_setpgid/test ........... ok
test_mmap:mmap: Permission denied
test_mprotect:mprotect: Permission denied
test_lock:LOCK_EX: Permission denied
test_rw:read: Permission denied
file/test ................... ok
ioctl/test .................. ok
capable_file/test ........... ok
capable_net/test ............ ok
capable_sys/test ............ ok
dyntrans/test ............... ok
dyntrace/test ............... ok
bounds/test ................. ok
nnp_nosuid/test ............. ok
mmap/test ................... ok
unix_socket/test ............ ok
inet_socket/test ............ ok
overlay/test ................ ok
checkreqprot/test ........... ok
mqueue/test ................. ok
mac_admin/test .............. ok
atsecure/test ............... ok
cgroupfs_label/test ......... ok
cap_userns/test ............. ok
extended_socket_class/test .. ok
sctp/test ................... ok
netlink_socket/test ......... ok
prlimit/test ................ ok
binder/test ................. ok
infiniband_endport/test ..... ok
infiniband_pkey/test ........ ok
All tests successful.
Files=56, Tests=638, 128 wallclock secs ( 0.24 usr 0.20 sys + 8.05 cusr 29.39 csys = 37.88 CPU)
Result: PASS
libsemanage.semanage_direct_remove_key: Removing last test_policy module (no other test_policy module exists at another priority).
Hm, I overlooked that getattr
output includes a null character at the end (this actually caused the " 2>&1"
part of the command string to be discarded, leading to the noise). Adding | tr -d '\\000'
after the getattr command seems to fix it for me. I don't have time to send a patch/PR now, if someone wants to do it before I get the chance, then feel free to do it :)
I'll let you have the fun @WOnder93.
However, my earlier question about how you are testing these patches still stands as asked. Please figure something out because whatever you are doing to test these patches isn't rigorous enough.
I admit I forgot to test these two patches before submitting. I'm sorry, it was a human error on my part. I have now taken some steps towards automating such workflow, so hopefully I will be less likely to forget to do it in the future.
ls -Z
requires special handling due to different output across different coreutils versions. Instead usegetfattr(1)
, which can return the security context directly.Resolves issue #8.
(This was the only occurrence of
ls -Z
in the whole testsuite.)