On Tue, 08 Sep 2009, Jamie Strandboge wrote: > > [PATCH 4] > > patch_4_tests.patch: > > Adds tests for virt-aa-helper and the security driver. secaatest.c is > > identical to seclabeltest.c except it initializes the 'apparmor' driver > > instead of 'selinux'. These tests are integrated into 'make check' and > > pass. > > -- Jamie Strandboge | http://www.canonical.com
diff -Nurp ./libvirt.orig/tests/Makefile.am ./libvirt/tests/Makefile.am
--- ./libvirt.orig/tests/Makefile.am 2009-08-17 11:00:40.000000000 -0500
+++ ./libvirt/tests/Makefile.am 2009-09-08 15:32:22.000000000 -0500
@@ -77,6 +77,10 @@ if WITH_SECDRIVER_SELINUX
noinst_PROGRAMS += seclabeltest
endif
+if WITH_SECDRIVER_APPARMOR
+noinst_PROGRAMS += secaatest
+endif
+
if WITH_CIL
noinst_PROGRAMS += object-locking
endif
@@ -112,6 +116,9 @@ test_scripts += \
virsh-synopsis
endif
+if WITH_SECDRIVER_APPARMOR
+test_scripts += virt-aa-helper-test
+endif
EXTRA_DIST += $(test_scripts)
TESTS = virshtest \
@@ -138,6 +145,10 @@ if WITH_SECDRIVER_SELINUX
TESTS += seclabeltest
endif
+if WITH_SECDRIVER_APPARMOR
+TESTS += secaatest
+endif
+
if WITH_LIBVIRTD
noinst_PROGRAMS += eventtest
TESTS += eventtest
@@ -255,6 +266,14 @@ else
EXTRA_DIST += seclabeltest.c
endif
+if WITH_SECDRIVER_APPARMOR
+secaatest_SOURCES = \
+ secaatest.c
+secaatest_LDADD = ../src/libvirt_driver_security.la $(LDADDS)
+else
+EXTRA_DIST += secaatest.c
+endif
+
qparamtest_SOURCES = \
qparamtest.c testutils.h testutils.c
qparamtest_LDADD = $(LDADDS)
diff -Nurp ./libvirt.orig/tests/secaatest.c ./libvirt/tests/secaatest.c
--- ./libvirt.orig/tests/secaatest.c 1969-12-31 18:00:00.000000000 -0600
+++ ./libvirt/tests/secaatest.c 2009-09-08 15:32:22.000000000 -0500
@@ -0,0 +1,45 @@
+#include <config.h>
+
+#include <unistd.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <errno.h>
+#include "security.h"
+
+int
+main (int argc ATTRIBUTE_UNUSED, char **argv ATTRIBUTE_UNUSED)
+{
+ int ret;
+
+ const char *doi, *model;
+ virSecurityDriverPtr security_drv;
+
+ ret = virSecurityDriverStartup (&security_drv, "apparmor");
+ if (ret == -1)
+ {
+ fprintf (stderr, "Failed to start security driver");
+ exit (-1);
+ }
+ /* No security driver wanted to be enabled: just return */
+ if (ret == -2)
+ return 0;
+
+ model = virSecurityDriverGetModel (security_drv);
+ if (!model)
+ {
+ fprintf (stderr, "Failed to copy secModel model: %s",
+ strerror (errno));
+ exit (-1);
+ }
+
+ doi = virSecurityDriverGetDOI (security_drv);
+ if (!doi)
+ {
+ fprintf (stderr, "Failed to copy secModel DOI: %s",
+ strerror (errno));
+ exit (-1);
+ }
+
+ return 0;
+}
diff -Nurp ./libvirt.orig/tests/virt-aa-helper-test ./libvirt/tests/virt-aa-helper-test
--- ./libvirt.orig/tests/virt-aa-helper-test 1969-12-31 18:00:00.000000000 -0600
+++ ./libvirt/tests/virt-aa-helper-test 2009-09-08 15:32:22.000000000 -0500
@@ -0,0 +1,100 @@
+#!/bin/sh
+set -e
+
+output="/dev/null"
+use_valgrind=""
+ld_library_path=""
+if [ ! -z "$1" ] && [ "$1" = "-d" ]; then
+ output="/dev/stdout"
+ shift
+fi
+
+exe="../src/virt-aa-helper"
+if [ ! -z "$1" ]; then
+ if [ "$1" = "-v" ]; then
+ use_valgrind="yes"
+ exe="./src/.libs/virt-aa-helper"
+ ld_library_path="./src/.libs"
+ else
+ exe="$1"
+ fi
+ shift
+fi
+
+if [ ! -x "$exe" ]; then
+ echo "Could not find '$exe'"
+ exit 1
+fi
+
+echo "testing `basename $exe`" >$output
+if [ "$use_valgrind" = "yes" ]; then
+ exe="valgrind --error-exitcode=2 --track-origins=yes $exe"
+fi
+
+extra_args="--dryrun"
+errors=0
+
+tmpdir=`mktemp -d`
+trap "rm -rf $tmpdir" EXIT HUP INT QUIT TERM
+
+disk1="$tmpdir/1.img"
+disk2="$tmpdir/2.img"
+relative_disk1="$tmpdir/./../`basename $tmpdir`//./1.img"
+nonexistent="$tmpdir/nonexistant.img"
+bad_disk="/etc/passwd"
+valid_uuid="libvirt-00000000-0000-0000-0000-0123456789ab"
+valid_name="foo"
+nonexistent_uuid="libvirt-00000000-0000-0000-0000-000000000001"
+touch "$disk1" "$disk2"
+
+testme() {
+ expected="$1"
+ outstr="$2"
+ args="$3"
+ echo -n " $outstr: " >$output
+ echo " '$extra_args $args': " >$output
+ set +e
+ LD_LIBRARY_PATH="$ld_library_path" $exe $extra_args $args >$output 2>&1
+ rc="$?"
+ set -e
+ if [ "$rc" = "$expected" ]; then
+ echo "pass" >$output
+ else
+ echo "FAIL: exited with '$rc'" >$output
+ errors=$(($errors + 1))
+ fi
+}
+
+# Expected failures
+echo "Expected failures:" >$output
+testme "1" "invalid arg" "-z"
+testme "1" "invalid case" "-A"
+testme "1" "not enough args" "-c"
+testme "1" "missing name" "-c -n -u $valid_uuid $disk1"
+testme "1" "bad name" "-c -n foo[a-z] -u $valid_uuid $disk1"
+testme "1" "no -u with -c" "-c -n $valid_name $disk1"
+testme "1" "bad uuid (bad digit)" "-c -n $valid_name -u libvirt-00000000-0000-0000-0000-00000000000g $disk1"
+testme "1" "bad uuid (too long)" "-c -n $valid_name -u ${valid_uuid}abcdef $disk1"
+testme "1" "bad uuid (too short)" "-c -n $valid_name -u libvirt-00000000-0000-0000-0000-0123456789a $disk1"
+testme "1" "missing uuid" "-c -n $valid_name -u $disk1"
+testme "1" "no -u with -R" "-R"
+testme "1" "non-existent uuid" "-R -u $nonexistent_uuid"
+testme "1" "no -u with -r" "-r"
+testme "1" "no name with -r" "-r -u $valid_uuid $disk1"
+testme "1" "bad disk" "-c -n $valid_name -u $valid_uuid $bad_disk"
+testme "1" "bad disk2" "-c -n $valid_name -u $valid_uuid $disk1 $bad_disk $disk2"
+
+echo "Expected pass:" >$output
+testme "0" "create" "-c -n foo -u $valid_uuid $disk1"
+testme "0" "create (non-existent disk)" "-c -n foo -u $valid_uuid $nonexistent"
+testme "0" "create (relative path)" "-c -n foo -u $valid_uuid $relative_disk1"
+testme "0" "replace" "-r -n foo -u $valid_uuid $disk2"
+testme "0" "replace (non-existent disk)" "-r -n foo -u $valid_uuid $nonexistent"
+testme "0" "help" "-h"
+
+echo "" >$output
+if [ "$errors" != "0" ]; then
+ echo "FAIL: $errors error(s)" >$output
+ exit 1
+fi
+echo PASS >$output
Attachment:
signature.asc
Description: Digital signature
-- Libvir-list mailing list Libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list