2
# Copyright (C) 2002-2007 Novell/SUSE
4
# This program is free software; you can redistribute it and/or
5
# modify it under the terms of the GNU General Public License as
6
# published by the Free Software Foundation, version 2 of the
11
# Verify that the open syscall is correctly managed for confined profiles.
15
pwd=`cd $pwd ; /bin/pwd`
27
runchecktest "OPEN unconfined RW (create) " pass $file
29
# PASS TEST (the file shouldn't exist, so open should create it
31
genprofile $file:$okperm
32
runchecktest "OPEN RW (create) " pass $file
35
genprofile $file:$okperm
36
runchecktest "OPEN RW" pass $file
39
genprofile $file:$badperm1
40
runchecktest "OPEN R" fail $file
43
genprofile $file:$badperm2
44
runchecktest "OPEN W" fail $file
47
genprofile $file:$badperm1 cap:dac_override
48
runchecktest "OPEN R+dac_override" fail $file
51
# This is testing for bug: https://bugs.wirex.com/show_bug.cgi?id=2885
52
# When we open O_CREAT|O_RDWR, we are (were?) allowing only write access
55
genprofile $file:$badperm2
56
runchecktest "OPEN W (create)" fail $file