Dogcows Code - chaz/tar/blob - tests/selnx01.at

   1 # Process this file with autom4te to create testsuite. -*- Autotest -*-
   2 #
   3 # Test suite for GNU tar.
   4 # Copyright 2012-2014 Free Software Foundation, Inc.
   5
   6 # This file is part of GNU tar.
   7
   8 # GNU tar is free software; you can redistribute it and/or modify
   9 # it under the terms of the GNU General Public License as published by
  10 # the Free Software Foundation; either version 3 of the License, or
  11 # (at your option) any later version.
  12
  13 # GNU tar is distributed in the hope that it will be useful,
  14 # but WITHOUT ANY WARRANTY; without even the implied warranty of
  15 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  16 # GNU General Public License for more details.
  17
  18 # You should have received a copy of the GNU General Public License
  19 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
  20 #
  21 # Test description:
  22 #
  23 # This is basic test for selinux support (store & restore).
  24
  25 AT_SETUP([selinux: basic store/restore])
  26 AT_KEYWORDS([xattrs selinux selnx01])
  27
  28 AT_TAR_CHECK([
  29 AT_XATTRS_UTILS_PREREQ
  30 AT_SELINUX_PREREQ
  31
  32 mkdir dir
  33 genfile --file dir/file
  34 ln -s file dir/link
  35
  36 getfattr -h -d -msecurity.selinux dir dir/file dir/link > start
  37
  38 restorecon -R dir
  39 chcon -h --user=system_u     dir
  40 chcon -h --user=unconfined_u dir/file
  41 chcon -h --user=system_u     dir/link
  42
  43 # archive whole directory including selinux contexts
  44 tar --selinux -cf archive.tar dir
  45
  46 # clear the directory
  47 rm -rf dir
  48
  49 # ================================================
  50 # check if selinux contexts are correctly restored
  51
  52 tar --selinux -xf archive.tar
  53
  54 # archive for later debugging
  55 cp archive.tar archive_origin.tar
  56
  57 # check if selinux contexts were restored
  58 getfattr -h -d dir dir/file dir/link -msecurity.selinux | \
  59     grep -v -e '^#' -e ^$ | cut -d: -f1
  60
  61 # ===========================================================================
  62 # check if selinux contexts are not restored when --selinux option is missing
  63
  64 getfattr -h -d -msecurity.selinux dir dir/file dir/link > with_selinux
  65 rm -rf dir
  66 tar -xf archive.tar
  67 getfattr -h -d -msecurity.selinux dir dir/file dir/link > without_selinux
  68
  69 diff with_selinux without_selinux > diff_with_without
  70 if test "$?" -eq "0"; then
  71     echo "selinux contexts probably restored while --selinux is off"
  72 fi
  73
  74 # =================================================================
  75 # check if selinux is not archived when --selinux option is missing
  76
  77 tar -cf archive.tar dir
  78
  79 # clear the directory
  80 rm -rf dir
  81
  82 # restore (with --selinux)
  83 tar --selinux -xf archive.tar dir
  84
  85 getfattr -h -d -msecurity.selinux dir dir/file dir/link > final
  86 diff start final > final_diff
  87 if test "$?" -ne "0"; then
  88     echo "bad result"
  89 fi
  90
  91 ],
  92 [0],
  93 [security.selinux="system_u
  94 security.selinux="unconfined_u
  95 security.selinux="system_u
  96 ])
  97
  98 AT_CLEANUP