[PATCH testsuite 01/24] keys: change test_newcon_key_t to be just an object context

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



It's only used to test chaing the label of a key, so there is no need to
declare it as a domain type.

Signed-off-by: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
---
 policy/test_keys.te | 4 ----
 tests/keys/test     | 2 +-
 2 files changed, 1 insertion(+), 5 deletions(-)

diff --git a/policy/test_keys.te b/policy/test_keys.te
index 78c0663..f6a3f2c 100644
--- a/policy/test_keys.te
+++ b/policy/test_keys.te
@@ -40,10 +40,6 @@ allow test_key_t self:key { create write search read view link setattr };
 
 # Set new context on a keyring:
 type test_newcon_key_t;
-key_domain_type(test_newcon_key_t)
-unconfined_runs_test(test_newcon_key_t)
-typeattribute test_newcon_key_t testdomain;
-typeattribute test_newcon_key_t keydomain;
 
 allow test_key_t test_newcon_key_t:key { create write search view };
 
diff --git a/tests/keys/test b/tests/keys/test
index 2dafb17..061bc62 100755
--- a/tests/keys/test
+++ b/tests/keys/test
@@ -67,7 +67,7 @@ ok( $result >> 8 eq 11 );
 
 print "Change keyring context\n";
 $result = system
-"runcon -t test_key_t $basedir/keyctl_relabel $v system_u:system_r:test_newcon_key_t:s0";
+"runcon -t test_key_t $basedir/keyctl_relabel $v system_u:object_r:test_newcon_key_t:s0";
 ok( $result eq 0 );
 
 print "Test permission checks between a keyring created by another process\n";
-- 
2.37.1




[Index of Archives]     [Selinux Refpolicy]     [Linux SGX]     [Fedora Users]     [Fedora Desktop]     [Yosemite Photos]     [Yosemite Camping]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux