← Back to branch summary

~ubuntu-branches/ubuntu/hardy/apparmor/hardy-proposed

« back to all changes in this revision

Viewing changes to tests/regression/subdomain/openat.sh

  • Committer: Bazaar Package Importer
  • Author(s): Kees Cook, Mathias Gug, Kees Cook
  • Date: 2008-01-03 13:29:31 UTC
  • mfrom: (1.1.3 upstream)
  • Revision ID: james.westby@ubuntu.com-20080103132931-ioypwnni24jj3b4t
Tags: 2.1+1075-0ubuntu1
[ Mathias Gug ]
* profiles/apparmor.d/abstractions/nameservice: update nameservice
  abstraction to support nscd setup.

[ Kees Cook ]
* merge with upstream trunk revision 1075.
* debian/{control,apparmor.postrm,apparmor.postinst,apparmor.initramfs}:
  dropped module hook since module is loaded in kernel automatically now.
* debian/rules: tweaked get-orig-source to use defined variables.
* debian/copyright: mention "get-orig-source" build rule.
* debian/{rules,control,libpam-apparmor.docs}: add libpam-apparmor now
  that PAM is 0.99.

Show diffs side-by-side

added added

removed removed

Lines of Context:
tests/regression/subdomain/openat.sh
1
1
#! /bin/bash
2
 
# $Id: openat.sh 441 2007-03-14 20:53:10Z steve-beattie $
 
2
# $Id: openat.sh 1069 2007-12-23 01:10:29Z jrjohansen $
3
3
 
4
4
#       Copyright (C) 2002-2007 Novell/SUSE
5
5
#
40
40
 
41
41
# PASS TEST (the file shouldn't exist, so open should create it
42
42
resettest
43
 
genprofile ${dir}:r ${filepath}:$okperm
 
43
genprofile ${dir}/:r ${filepath}:$okperm
44
44
runchecktest "OPENAT RW (create) " pass $dir $file
45
45
 
46
46
# PASS TEST
47
47
resettest
48
48
touch ${filepath}
49
 
genprofile ${dir}:r ${filepath}:$okperm
 
49
genprofile ${dir}/:r ${filepath}:$okperm
50
50
runchecktest "OPENAT RW (exists)" pass $dir $file
51
51
 
52
52
# FAILURE TEST (1)
53
53
resettest
54
54
touch ${filepath}
55
 
genprofile ${dir}:r ${filepath}:$badperm1
 
55
genprofile ${dir}/:r ${filepath}:$badperm1
56
56
runchecktest "OPENAT R" fail $dir $file
57
57
 
58
58
# FAILURE TEST (2)
59
59
resettest
60
60
touch ${filepath}
61
 
genprofile ${dir}:r ${filepath}:$badperm2
 
61
genprofile ${dir}/:r ${filepath}:$badperm2
62
62
runchecktest "OPENAT W (exists)" fail $dir $file
63
63
 
64
64
# FAILURE TEST (3)
65
65
resettest
66
 
genprofile ${dir}:r ${filepath}:$badperm1 cap:dac_override
 
66
genprofile ${dir}/:r ${filepath}:$badperm1 cap:dac_override
67
67
runchecktest "OPENAT R+dac_override" fail $dir $file
68
68
 
69
69
# FAILURE TEST (4)
70
70
# This is testing for bug: https://bugs.wirex.com/show_bug.cgi?id=2885
71
71
# When we open O_CREAT|O_RDWR, we are (were?) allowing only write access
72
72
# to be required.
 
73
# This test currently passes when it should fail because of the o_creat bug
73
74
resettest
74
 
genprofile ${dir}:r ${filepath}:$badperm2
75
 
runchecktest "OPENAT W (create)" fail $dir $file
 
75
genprofile ${dir}/:r ${filepath}:$badperm2
 
76
runchecktest "OPENAT W (create)" known_fail $dir $file
76
77
 
77
78
# PASS rename of directory in between opendir/openat
78
79
resettest
79
 
genprofile ${dir}/${subdir}:rw ${dir}/otherdir:w ${dir}/otherdir/file:rw
 
80
genprofile ${dir}/${subdir}/:rw ${dir}/otherdir/:w ${dir}/otherdir/file:rw
80
81
runchecktest "OPENAT RW (rename/newpath)" pass --rename ${dir}/otherdir ${dir}/${subdir} file
81
82
 
82
83
# PASS rename of directory in between opendir/openat - file exists
83
84
resettest
84
85
touch ${filepath}
85
 
genprofile ${dir}/${subdir}:rw ${dir}/otherdir:w ${dir}/otherdir/file:rw
 
86
genprofile ${dir}/${subdir}/:rw ${dir}/otherdir/:w ${dir}/otherdir/file:rw
86
87
runchecktest "OPENAT RW (rename/newpath)" pass --rename ${dir}/otherdir ${dir}/${subdir} file
87
88
 
88
89
# FAIL rename of directory in between opendir/openat - use old name
89
90
resettest
90
 
genprofile ${dir}/${subdir}:rw ${dir}/otherdir:w ${dir}/${subdir}/file:rw
 
91
genprofile ${dir}/${subdir}/:rw ${dir}/otherdir/:w ${dir}/${subdir}/file:rw
91
92
runchecktest "OPENAT RW (rename/newpath)" fail --rename ${dir}/otherdir ${dir}/${subdir} file
92
 
exit
93
93
 
94
94
# FAIL rename of directory in between opendir/openat - use old name, file exists
95
95
resettest
96
96
touch ${filepath}
97
 
genprofile ${dir}/${subdir}:rw ${dir}/otherdir:w ${dir}/${subdir}/file:rw
 
97
genprofile ${dir}/${subdir}/:rw ${dir}/otherdir/:w ${dir}/${subdir}/file:rw
98
98
runchecktest "OPENAT RW (rename/newpath)" fail --rename ${dir}/otherdir ${dir}/${subdir} file