Re: [LTP] regression: selinux testsuite broken since October

Tue, 26 Jan 2010 06:33:02 -0800 

On Tue, 2010-01-26 at 00:31 -0800, Garrett Cooper wrote:
> On Fri, Jan 15, 2010 at 9:48 AM, Garrett Cooper <[email protected]> wrote:
> > On Tue, Jan 12, 2010 at 7:38 AM, Serge E. Hallyn <[email protected]> wrote:
> >> Quoting Garrett Cooper ([email protected]):
> >>> On Mon, Jan 11, 2010 at 1:00 PM, Serge E. Hallyn <[email protected]> wrote:
> >>> > Quoting Serge E. Hallyn ([email protected]):
> >>> >> Quoting Serge E. Hallyn ([email protected]):
> >>> >> > Quoting Stephen Smalley ([email protected]):
> >>> >> > > On Mon, 2010-01-11 at 13:50 -0600, Serge E. Hallyn wrote:
> >>> >> > > > > Fails with:
> >>> >> > > > > cp: cannot stat
> >>> >> > > > > `/home/sds/ltp/testcases/kernel/security/selinux-testsuite/refpolicy/policy_files/generic/test_policy.*':
> >>> >> > > > >  No such file or directory
> >>> >> > > >
> >>> >> > > > You ran /home/sds/ltp/testscripts/test_selinux.sh, right?
> >>> >> > > >
> >>> >> > > > I think we are supposed to actually be running
> >>> >> > > > /opt/ltp/testscripts/test_selinux.sh.  So then the first 
> >>> >> > > > question for
> >>> >> > > > Garrett is how should we deduce /home/sds/ltp as $LTP_SRCDIR 
> >>> >> > > > from a
> >>> >> > > > testscript?  Or should the policy sources be copied into /opt?
> >>> >> > >
> >>> >> > > Ok, but regardless:  the refpolicy Makefile is still broken.
> >>> >> >
> >>> >> > Yup.
> >>> >>
> >>> >> All right, baby-steps.
> >>> >>
> >>> >> The attached test_selinux.diff is not to be applied, but something
> >>> >> like it is needed.  Should we have the ltp 'make install' fill in
> >>> >> TOP_SRCDIR in /opt/ltp/testscripts/test_selinux.sh?  BTW, Garrett,
> >>> >> that is the issue I was saying is shared between test_selinux.sh
> >>> >> and some others including test_robind.sh.  That's why I'm not just
> >>> >> sending a patch to make it work, bc i think we need more general
> >>> >> guidance.
> >>> >>
> >>> >> The second match makes the 'make load' part of test_selinux.sh
> >>> >> succeed on rhel5.4.  Stephen, how does it do on fedora?
> >>> >>
> >>> >> After loading policy it fails to execute ltp-pan, but I figure let's
> >>> >> get policy loading working first.
> >>> >>
> >>> >> -serge
> >>> >
> >>> > gah, attaching the actual patches this time.
> >>> >
> >>> > -serge
> >>>
> >>> 1. I'm rejecting the test_selinux.diff solely because it has /root/ltp
> >>> hardcoded as LTPROOT.
> >>
> >> I said 'not to be applied'.  You're not rejecting.
> >>
> >>> 2. Why is the redhat stuff support to work
> >>> agnostic to the major and minor version?
> >>
> >> It's not agnostic to the major version.  Only the minor version.
> >>
> >> And since you've made ltp not compile on rhel4 (requiring make-3.81.  feh)
> >> i suppose we can just get rid of rhel4 support selinux-testsuite.
> >
> > No. 1. Compiling make 3.81 today and installing it is trivial, so it
> > shouldn't be removed today. 2. I've finally decided that I'm going to
> > look outside of the box into providing equivalent functionality via
> > shell functions using purely built-in commands [and test(1)] to fill
> > in the feature gaps for make 3.80. I've gotten to the point where I
> > just gave up trying to ride out what I possibly can in make 3.80, so
> > it's time to pull in some external pieces to get the job done.
> 
>     All of the install junk works now, but the modes need fixing, or
> some such fun. Please analyze the test_selinux.sh script and tell me
> what to commit next to fix everything.

Hi Garrett,

I needed to apply the patch below to make test_selinux.sh run
successfully on Fedora 12.  The problems were:
- The setting of LTPROOT in test_selinux.sh was incorrect, leading to
problems with invoking everything else.  Note that I invoke it by doing:
cd /opt/ltp && ./testscripts/test_selinux.sh
and thus $0 is a relative path, whereas we want an absolute one.
- You don't need to cd to $POLICYDIR at all since you specify
$POLICYDIR/test_policy.pp to semodule -i and semodule -r is acting on
the installed policy module.
- The attempt to extract paths from runtest/selinux and invoke chcon on
them wasn't working as $LTPROOT wasn't being expanded; easier to just do
a chcon -R there as before.
- runtest/selinux had the wrong paths to the test programs (or
alternatively, they aren't being installed to the right location - they
all get installed directly to $LTPROOT/testcases/bin.

Index: testscripts/test_selinux.sh
===================================================================
RCS file: /cvsroot/ltp/ltp/testscripts/test_selinux.sh,v
retrieving revision 1.20
diff -u -r1.20 test_selinux.sh
--- testscripts/test_selinux.sh 26 Jan 2010 07:05:02 -0000      1.20
+++ testscripts/test_selinux.sh 26 Jan 2010 14:20:40 -0000
@@ -37,15 +37,14 @@
 fi
 
 # set the LTPROOT directory
-LTPROOT=${LTPROOT:=${0%/*}}
-cd "$LTPROOT"
+LTPROOT=`pwd`
 export TMP=${TMP:-/tmp}
-# If we're in the testscripts directory, go down a dir..
+# If we're in the testscripts directory, go up a dir..
 LTPROOT_TMP=${LTPROOT%/testscripts}
 if [ "x${LTPROOT_TMP}" != "x${LTPROOT}" ]
 then
        cd ..
-       LTPROOT=$LTPROOT_TMP
+       LTPROOT=`pwd`
 fi
 export LTPROOT
 unset LTPROOT_TMP
@@ -89,7 +88,6 @@
 
 # install the test policy...
 echo "Installing test_policy module..."
-cd $POLICYDIR
 if ! semodule -i $POLICYDIR/test_policy.pp; then
        echo "Failed to install test_policy module, aborting test run."
        config_unset_expandcheck
@@ -100,9 +98,6 @@
 
 config_unset_expandcheck
 
-# go back to test's root directory
-cd $LTPROOT
-
 echo "Running the SELinux testsuite..."
 
 mkdir $TMP/selinux > /dev/null 2>&1
@@ -112,8 +107,7 @@
 # The ../testcases/bin directory needs to have the test_file_t type.
 # Save and restore later.
 SAVEBINTYPE=`ls -Zd $LTPROOT/testcases/bin | awk '{ print $4 }' | awk -F: '{ 
print $3 }'`
-/usr/bin/chcon -t test_file_t  $LTPROOT/testcases/bin \
-                               $(awk '$1 !~ /^#/ { print $2 }' 
"$LTPROOT/runtest/selinux")
+/usr/bin/chcon -R -t test_file_t       $LTPROOT/testcases/bin
 
 $LTPROOT/bin/ltp-pan -S -a $LTPROOT/results/selinux -n ltp-selinux \
        -l $LTPROOT/results/selinux.logfile \
@@ -127,7 +121,6 @@
 /usr/bin/chcon -R -t $SAVEBINTYPE $LTPROOT/testcases/bin
 
 echo "Removing test_policy module..."
-cd $POLICYDIR
 if ! semodule -r test_policy; then
        echo "Failed to remove test_policy module."
        exit 1
Index: runtest/selinux
===================================================================
RCS file: /cvsroot/ltp/ltp/runtest/selinux,v
retrieving revision 1.4
diff -u -r1.4 selinux
--- runtest/selinux     25 Jan 2010 12:44:59 -0000      1.4
+++ runtest/selinux     26 Jan 2010 14:20:40 -0000
@@ -1,40 +1,40 @@
 #DESCRIPTION:Security-Enhanced Linux
-SELinux01      
$LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_capable_file.sh
-SELinux02      
$LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_capable_net.sh
-SELinux03      
$LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_capable_sys.sh
-SELinux04      
$LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_domain_trans.sh
-SELinux05      
$LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_entrypoint.sh
-SELinux06      
$LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_execshare.sh
-SELinux07      
$LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_exectrace.sh
-SELinux08      
$LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_execute_no_trans.sh
-SELinux09      
$LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_fdreceive.sh
-SELinux10      
$LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_file.sh
-SELinux11      
$LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_inherit.sh
-SELinux12      
$LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_ioctl.sh
-SELinux13      
$LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_link.sh
-SELinux14      
$LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_mkdir.sh
-SELinux15      
$LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_msg.sh
-SELinux16      
$LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_open.sh
-SELinux17      
$LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_ptrace.sh
-SELinux18      
$LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_readlink.sh
-SELinux19      
$LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_relabel.sh
-SELinux20      
$LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_rename.sh
-SELinux21      
$LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_rxdir.sh
-SELinux22      
$LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_sem.sh
-SELinux23      
$LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_setattr.sh
-SELinux24      
$LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_setnice.sh
-SELinux25      
$LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_shm.sh
-SELinux26      
$LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_sigkill.sh
-SELinux27      
$LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_stat.sh
-SELinux28      
$LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_sysctl.sh
-SELinux29      
$LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_task_create.sh
-SELinux30      
$LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_task_getpgid.sh
-SELinux31      
$LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_task_getscheduler.sh
-SELinux32      
$LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_task_getsid.sh
-SELinux33      
$LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_task_setnice.sh
-SELinux34      
$LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_task_setpgid.sh
-SELinux35      
$LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_task_setscheduler.sh
-SELinux36      
$LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_wait.sh
-SELinux37      
$LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_dyntrace.sh
-SELinux38      
$LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_dyntrans.sh
-SELinux39      
$LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_bounds.sh
+SELinux01      $LTPROOT/testcases/bin/selinux_capable_file.sh
+SELinux02      $LTPROOT/testcases/bin/selinux_capable_net.sh
+SELinux03      $LTPROOT/testcases/bin/selinux_capable_sys.sh
+SELinux04      $LTPROOT/testcases/bin/selinux_domain_trans.sh
+SELinux05      $LTPROOT/testcases/bin/selinux_entrypoint.sh
+SELinux06      $LTPROOT/testcases/bin/selinux_execshare.sh
+SELinux07      $LTPROOT/testcases/bin/selinux_exectrace.sh
+SELinux08      $LTPROOT/testcases/bin/selinux_execute_no_trans.sh
+SELinux09      $LTPROOT/testcases/bin/selinux_fdreceive.sh
+SELinux10      $LTPROOT/testcases/bin/selinux_file.sh
+SELinux11      $LTPROOT/testcases/bin/selinux_inherit.sh
+SELinux12      $LTPROOT/testcases/bin/selinux_ioctl.sh
+SELinux13      $LTPROOT/testcases/bin/selinux_link.sh
+SELinux14      $LTPROOT/testcases/bin/selinux_mkdir.sh
+SELinux15      $LTPROOT/testcases/bin/selinux_msg.sh
+SELinux16      $LTPROOT/testcases/bin/selinux_open.sh
+SELinux17      $LTPROOT/testcases/bin/selinux_ptrace.sh
+SELinux18      $LTPROOT/testcases/bin/selinux_readlink.sh
+SELinux19      $LTPROOT/testcases/bin/selinux_relabel.sh
+SELinux20      $LTPROOT/testcases/bin/selinux_rename.sh
+SELinux21      $LTPROOT/testcases/bin/selinux_rxdir.sh
+SELinux22      $LTPROOT/testcases/bin/selinux_sem.sh
+SELinux23      $LTPROOT/testcases/bin/selinux_setattr.sh
+SELinux24      $LTPROOT/testcases/bin/selinux_setnice.sh
+SELinux25      $LTPROOT/testcases/bin/selinux_shm.sh
+SELinux26      $LTPROOT/testcases/bin/selinux_sigkill.sh
+SELinux27      $LTPROOT/testcases/bin/selinux_stat.sh
+SELinux28      $LTPROOT/testcases/bin/selinux_sysctl.sh
+SELinux29      $LTPROOT/testcases/bin/selinux_task_create.sh
+SELinux30      $LTPROOT/testcases/bin/selinux_task_getpgid.sh
+SELinux31      $LTPROOT/testcases/bin/selinux_task_getscheduler.sh
+SELinux32      $LTPROOT/testcases/bin/selinux_task_getsid.sh
+SELinux33      $LTPROOT/testcases/bin/selinux_task_setnice.sh
+SELinux34      $LTPROOT/testcases/bin/selinux_task_setpgid.sh
+SELinux35      $LTPROOT/testcases/bin/selinux_task_setscheduler.sh
+SELinux36      $LTPROOT/testcases/bin/selinux_wait.sh
+SELinux37      $LTPROOT/testcases/bin/selinux_dyntrace.sh
+SELinux38      $LTPROOT/testcases/bin/selinux_dyntrans.sh
+SELinux39      $LTPROOT/testcases/bin/selinux_bounds.sh

-- 
Stephen Smalley
National Security Agency


------------------------------------------------------------------------------
The Planet: dedicated and managed hosting, cloud storage, colocation
Stay online with enterprise data centers and the best network in the business
Choose flexible plans and management services without long-term contracts
Personal 24x7 support from experience hosting pros just a phone call away.
http://p.sf.net/sfu/theplanet-com
_______________________________________________
Ltp-list mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/ltp-list

Reply via email to