1
Index: subdomain/capabilities.sh
2
===================================================================
3
--- subdomain.orig/capabilities.sh
4
+++ subdomain/capabilities.sh
5
@@ -74,10 +74,10 @@ syscall_sethostname_args=a.dumb.example.
6
syscall_setdomainname_args=dumb.example.com
7
syscall_ioperm_args="0 0x3ff"
9
-syscall_chroot_args=${tmpdir}
10
+syscall_chroot_args=${tmpdir}/
12
# if a testcase requires extra subdomain rules, add them here
13
-syscall_chroot_extra_entries="/:r ${tmpdir}:r"
14
+syscall_chroot_extra_entries="/:r ${tmpdir}/:r"
16
testwrapper=changehat_wrapper
18
Index: subdomain/mult_mount.sh
19
===================================================================
20
--- subdomain.orig/mult_mount.sh
21
+++ subdomain/mult_mount.sh
22
@@ -48,8 +48,8 @@ file1b=$mp1/file2
33
Index: subdomain/readdir.sh
34
===================================================================
35
--- subdomain.orig/readdir.sh
36
+++ subdomain/readdir.sh
37
@@ -30,12 +30,12 @@ mkdir $dir
41
-genprofile $dir:$okperm
42
+genprofile $dir/:$okperm
44
runchecktest "READDIR" pass $dir
46
# CHDIR TEST (no perm)
48
-genprofile $dir:$badperm
49
+genprofile $dir/:$badperm
51
runchecktest "READDIR (no perm)" fail $dir
52
Index: subdomain/rename.sh
53
===================================================================
54
--- subdomain.orig/rename.sh
55
+++ subdomain/rename.sh
56
@@ -24,8 +24,8 @@ bin=$pwd
67
Index: subdomain/access.sh
68
===================================================================
69
--- subdomain.orig/access.sh
70
+++ subdomain/access.sh
71
@@ -22,7 +22,7 @@ bin=$pwd
80
Index: subdomain/mkdir.sh
81
===================================================================
82
--- subdomain.orig/mkdir.sh
83
+++ subdomain/mkdir.sh
84
@@ -18,7 +18,7 @@ bin=$pwd
93
Index: subdomain/xattrs.sh
94
===================================================================
95
--- subdomain.orig/xattrs.sh
96
+++ subdomain/xattrs.sh
97
@@ -40,7 +40,7 @@ bin=$pwd
100
link=$tmpdir/testlink
102
+dir=$tmpdir/testdir/
106
Index: subdomain/openat.sh
107
===================================================================
108
--- subdomain.orig/openat.sh
109
+++ subdomain/openat.sh
110
@@ -22,43 +22,44 @@ bin=$pwd
117
-filepath=${tmpdir}/${file}
118
+filepath=${dir}${file}
123
-mkdir ${tmpdir}/${subdir}
124
+mkdir ${dir}/${subdir}
127
-runchecktest "OPENAT unconfined RW (create) " pass $tmpdir $file
128
+runchecktest "OPENAT unconfined RW (create) " pass $dir $file
130
# PASS TEST (the file shouldn't exist, so open should create it
132
-genprofile ${tmpdir}:r ${filepath}:$okperm
133
-runchecktest "OPENAT RW (create) " pass $tmpdir $file
134
+genprofile ${dir}:r ${filepath}:$okperm
135
+runchecktest "OPENAT RW (create) " pass $dir $file
138
-genprofile ${tmpdir}:r ${filepath}:$okperm
139
-runchecktest "OPENAT RW" pass $tmpdir $file
140
+genprofile ${dir}:r ${filepath}:$okperm
141
+runchecktest "OPENAT RW" pass $dir $file
144
-genprofile ${tmpdir}:r ${filepath}:$badperm1
145
-runchecktest "OPENAT R" fail $tmpdir $file
146
+genprofile ${dir}:r ${filepath}:$badperm1
147
+runchecktest "OPENAT R" fail $dir $file
150
-genprofile ${tmpdir}:r ${filepath}:$badperm2
151
-runchecktest "OPENAT W" fail $tmpdir $file
152
+genprofile ${dir}:r ${filepath}:$badperm2
153
+runchecktest "OPENAT W" fail $dir $file
156
-genprofile ${tmpdir}:r ${filepath}:$badperm1 cap:dac_override
157
-runchecktest "OPENAT R+dac_override" fail $tmpdir $file
158
+genprofile ${dir}:r ${filepath}:$badperm1 cap:dac_override
159
+runchecktest "OPENAT R+dac_override" fail $dir $file
162
# This is testing for bug: https://bugs.wirex.com/show_bug.cgi?id=2885
163
# When we open O_CREAT|O_RDWR, we are (were?) allowing only write access
166
-genprofile ${tmpdir}:r ${filepath}:$badperm2
167
-runchecktest "OPENAT W (create)" fail $tmpdir $file
168
+genprofile ${dir}:r ${filepath}:$badperm2
169
+runchecktest "OPENAT W (create)" fail $dir $file