RepoMirrors/selinux
1
0
Fork 0
mirror of https://github.com/SELinuxProject/selinux synced 2025-01-27 07:43:24 +00:00
Code Issues Packages Projects Releases Wiki Activity
5421320d3a
selinux/checkpolicy/tests/test_roundtrip.sh
Christian Göttsche 2b9f21ef81 checkpolicy: add round-trip tests 
Add round-trip tests for checkpolicy(8).
Test standard and MLS minimal policies as well as SELinux and Xen
policies with each available statement.
The output is checked against an expected result and then then checked
for idempotence.

Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
Acked-by: James Carter <jwcart2@gmail.com>
2023-11-07 16:27:26 -05:00

42 lines
1.5 KiB
Bash
Executable File
Raw Blame History

#!/bin/sh
set -eu
BASEDIR=$(dirname "$0")
CHECKPOLICY="${BASEDIR}/../checkpolicy"
check_policy() {
POLICY=$1
EXPECTED=$2
OPTS=$3
echo "==== Testing ${1}"
${CHECKPOLICY} ${OPTS} "${BASEDIR}/${POLICY}" -o "${BASEDIR}/testpol.bin"
${CHECKPOLICY} ${OPTS} -b -F "${BASEDIR}/testpol.bin" -o "${BASEDIR}/testpol.conf"
diff -u "${BASEDIR}/${EXPECTED}" "${BASEDIR}/testpol.conf"
${CHECKPOLICY} ${OPTS} "${BASEDIR}/${EXPECTED}" -o "${BASEDIR}/testpol.bin"
${CHECKPOLICY} ${OPTS} -b -F "${BASEDIR}/testpol.bin" -o "${BASEDIR}/testpol.conf"
diff -u "${BASEDIR}/${EXPECTED}" "${BASEDIR}/testpol.conf"
echo "==== ${1} success"
echo ""
}
check_policy policy_minimal.conf policy_minimal.conf '-E'
check_policy policy_minimal.conf policy_minimal.conf '-E -S -O'
check_policy policy_minimal_mls.conf policy_minimal_mls.conf '-M -E'
check_policy policy_minimal_mls.conf policy_minimal_mls.conf '-M -E -S -O'
check_policy policy_allonce.conf policy_allonce.expected.conf ''
check_policy policy_allonce.conf policy_allonce.expected_opt.conf '-S -O'
check_policy policy_allonce_mls.conf policy_allonce_mls.expected.conf '-M'
check_policy policy_allonce_mls.conf policy_allonce_mls.expected_opt.conf '-M -S -O'
check_policy policy_allonce_xen.conf policy_allonce_xen.expected.conf '--target xen -c 30 -E'
check_policy policy_allonce_xen.conf policy_allonce_xen.expected_opt.conf '--target xen -c 30 -E -S -O'
Reference in New Issue View Git Blame Copy Permalink