File: 01_verify_init.py

package info (click to toggle)
selinux-basics 0.5.0
  • links: PTS, VCS
  • area: main
  • in suites: wheezy
  • size: 140 kB
  • sloc: python: 279; sh: 217; perl: 43; makefile: 26
file content (42 lines) | stat: -rw-r--r-- 1,034 bytes parent folder | download | duplicates (4) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
 
class TestInitDomain(TestBase):
	"""
	Test that pid 1 (init) is running in the appropriate domain
	"""
	class ErrorGetfileconFailed(ErrorBase):
		def __str__(self):
			return "Could not read the domain of PID 1."

	class ErrorInitBadlyLabeled(ErrorBase):
		def __str__(self):
			return "The init process (PID 1) is running in an incorrect domain."

	@staticmethod
	def test():
		import os

		contextok = False

		(getin, getout, geterr) = os.popen3("getfilecon /proc/1")
		getin.close()

		for line in getout.readlines():
			line = line.rstrip()
			if line == "": continue
			if line.endswith(":system_r:init_t") \
				or line.find(":system_r:init_t:") >= 0:
				contextok = True
			else:
				print "..%s.." % line
		getout.close()

		for line in geterr.readlines():
			if line.find("failed") >= 0:
				contextok = "failed"
		geterr.close()

		if contextok == "failed":
			return [TestInitDomain.ErrorGetfileconFailed()]
		if not contextok:
			return [TestInitDomain.ErrorInitBadlyLabeled()]
		return []
register_test(TestInitDomain)