File: 110-static-relabel-yes.t

package info (click to toggle)
libvirt-tck 0.1.0~2.git890d1c-1
  • links: PTS, VCS
  • area: main
  • in suites: experimental
  • size: 1,128 kB
  • sloc: perl: 2,885; sh: 1,180; xml: 992; makefile: 6
file content (81 lines) | stat: -rw-r--r-- 2,304 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
 
# -*- perl -*-
#
# Copyright (C) 2009 Red Hat, Inc.
# Copyright (C) 2009 Daniel P. Berrange
#
# This program is free software; You can redistribute it and/or modify
# it under the GNU General Public License as published by the Free
# Software Foundation; either version 2, or (at your option) any
# later version
#
# The file "LICENSE" distributed along with this file provides full
# details of the terms and conditions
#

=pod

=head1 NAME

domain/110-static-relabel-yes.t - Static label generation with relabelling

=head1 DESCRIPTION

The test case validates that static labels are honoured
and files can be relabelled

=cut

use strict;
use warnings;

use Test::More tests => 5;

use Sys::Virt::TCK;
use Sys::Virt::TCK::SELinux;

my $tck = Sys::Virt::TCK->new();
my $conn = eval { $tck->setup(); };
BAIL_OUT "failed to setup test harness: $@" if $@;
END { $tck->cleanup if $tck; }

my $info;
eval {
    $info = $conn->get_node_security_model();
};

SKIP: {
    skip "Only relevant to SELinux hosts", 5 unless $info && $info->{model} eq "selinux";

    my $disk = $tck->create_sparse_disk("selinux", "tck", 50);

    my $origmcs = ":c1,c2";
    my $origdomainlabel = $SELINUX_DOMAIN_CONTEXT . $origmcs;
    my $origimagelabel = selinux_restore_file_context($disk);

    my $xml = $tck->generic_domain("tck")
	->seclabel(model => "selinux", type => "static", relabel => "yes", label => $origdomainlabel)
	->disk(src => $disk, dst => "vdb", type => "file")
	->as_xml;

    diag "Creating a new transient domain";
    my $dom;
    ok_domain(sub { $dom = $conn->create_domain($xml) }, "created transient domain object");

    diag $dom->get_xml_description();
    my $domainlabel = xpath($dom, "string(/domain/seclabel/label)");
    diag "domainlabel $domainlabel";
    my $imagelabel = xpath($dom, "string(/domain/seclabel/imagelabel)");
    diag "imagelabel $imagelabel";

    is($origdomainlabel, $domainlabel, "static label is $domainlabel");
    is($imagelabel, $SELINUX_IMAGE_CONTEXT . $origmcs, "image label is $SELINUX_DOMAIN_CONTEXT$origmcs");

    is(selinux_get_file_context($disk), $imagelabel, "$disk label is $imagelabel");

    diag "Destroying the transient domain";
    $dom->destroy;

    is(selinux_get_file_context($disk), $origimagelabel, "$disk label is $origimagelabel");
}

# end