Dogcows Code - chaz/tar/blob - tests/selnx01.at

   1 # Process this file with autom4te to create testsuite. -*- Autotest -*-
   2 #
   3 # Test suite for GNU tar.
   4 # Copyright (C) 2012 Free Software Foundation, Inc.
   5 #
   6 # This program is free software; you can redistribute it and/or modify
   7 # it under the terms of the GNU General Public License as published by
   8 # the Free Software Foundation; either version 3, or (at your option)
   9 # any later version.
  10 #
  11 # This program is distributed in the hope that it will be useful,
  12 # but WITHOUT ANY WARRANTY; without even the implied warranty of
  13 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14 # GNU General Public License for more details.
  15 #
  16 # You should have received a copy of the GNU General Public License
  17 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
  18 #
  19 # Test description:
  20 #
  21 # This is basic test for selinux support (store & restore).
  22
  23 AT_SETUP([selinux: basic store/restore])
  24 AT_KEYWORDS([xattrs selinux selnx01])
  25
  26 AT_TAR_CHECK([
  27 AT_XATTRS_UTILS_PREREQ
  28 AT_SELINUX_PREREQ
  29
  30 mkdir dir
  31 genfile --file dir/file
  32 ln -s file dir/link
  33
  34 getfattr -h -d -msecurity.selinux dir dir/file dir/link > start
  35
  36 restorecon -R dir
  37 chcon -h --user=system_u     dir
  38 chcon -h --user=unconfined_u dir/file
  39 chcon -h --user=system_u     dir/link
  40
  41 # archive whole directory including selinux contexts
  42 tar --selinux -cf archive.tar dir
  43
  44 # clear the directory
  45 rm -rf dir
  46
  47 # ================================================
  48 # check if selinux contexts are correctly restored
  49
  50 tar --selinux -xf archive.tar
  51
  52 # archive for later debugging
  53 cp archive.tar archive_origin.tar
  54
  55 # check if selinux contexts were restored
  56 getfattr -h -d dir dir/file dir/link -msecurity.selinux | \
  57     grep -v -e '^#' -e ^$ | cut -d: -f1
  58
  59 # ===========================================================================
  60 # check if selinux contexts are not restored when --selinux option is missing
  61
  62 getfattr -h -d -msecurity.selinux dir dir/file dir/link > with_selinux
  63 rm -rf dir
  64 tar -xf archive.tar
  65 getfattr -h -d -msecurity.selinux dir dir/file dir/link > without_selinux
  66
  67 diff with_selinux without_selinux > diff_with_without
  68 if test "$?" -eq "0"; then
  69     echo "selinux contexts probably restored while --selinux is off"
  70 fi
  71
  72 # =================================================================
  73 # check if selinux is not archived when --selinux option is missing
  74
  75 tar -cf archive.tar dir
  76
  77 # clear the directory
  78 rm -rf dir
  79
  80 # restore (with --selinux)
  81 tar --selinux -xf archive.tar dir
  82
  83 getfattr -h -d -msecurity.selinux dir dir/file dir/link > final
  84 diff start final > final_diff
  85 if test "$?" -ne "0"; then
  86     echo "bad result"
  87 fi
  88
  89 ],
  90 [0],
  91 [security.selinux="system_u
  92 security.selinux="unconfined_u
  93 security.selinux="system_u
  94 ])
  95
  96 AT_CLEANUP