File: 01_verify_init.py

package info (click to toggle)
selinux-basics 0.6.0
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid, trixie
  • size: 144 kB
  • sloc: python: 280; sh: 120; perl: 95; makefile: 2
file content (42 lines) | stat: -rw-r--r-- 1,153 bytes parent folder | download | duplicates (3) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
 
class TestInitDomain(TestBase):
	"""
	Test that pid 1 (init) is running in the appropriate domain
	"""
	class ErrorGetfileconFailed(ErrorBase):
		def __str__(self):
			return "Could not read the domain of PID 1."

	class ErrorInitBadlyLabeled(ErrorBase):
		def __str__(self):
			return "The init process (PID 1) is running in an incorrect domain."

	@staticmethod
	def test():
		from subprocess import Popen, PIPE

		contextok = False

		pipe = Popen("getfilecon /proc/1", shell=True, stdin=PIPE, stdout=PIPE, stderr=PIPE, close_fds=True, universal_newlines=True)
		pipe.stdin.close()

		for line in pipe.stdout.readlines():
			line = line.rstrip()
			if line == "": continue
			if line.endswith(":system_r:init_t") \
				or line.find(":system_r:init_t:") >= 0:
				contextok = True
			else:
				print("..%s.." % line)
		pipe.stdout.close()

		for line in pipe.stderr.readlines():
			if line.find("failed") >= 0:
				contextok = "failed"
		pipe.stderr.close()

		if contextok == "failed":
			return [TestInitDomain.ErrorGetfileconFailed()]
		if not contextok:
			return [TestInitDomain.ErrorInitBadlyLabeled()]
		return []
register_test(TestInitDomain)