On Wed, Jan 27, 2010 at 11:12 AM, Stephen Smalley <[email protected]> wrote: > On Tue, 2010-01-26 at 22:34 -0800, Garrett Cooper wrote: >> On Jan 26, 2010, at 6:30 AM, Stephen Smalley wrote: >> >> > On Tue, 2010-01-26 at 00:31 -0800, Garrett Cooper wrote: >> >> On Fri, Jan 15, 2010 at 9:48 AM, Garrett Cooper <[email protected]> >> >> wrote: >> >>> On Tue, Jan 12, 2010 at 7:38 AM, Serge E. Hallyn <[email protected]> >> >>> wrote: >> >>>> Quoting Garrett Cooper ([email protected]): >> >>>>> On Mon, Jan 11, 2010 at 1:00 PM, Serge E. Hallyn <[email protected]> >> >>>>> wrote: >> >>>>>> Quoting Serge E. Hallyn ([email protected]): >> >>>>>>> Quoting Serge E. Hallyn ([email protected]): >> >>>>>>>> Quoting Stephen Smalley ([email protected]): >> >>>>>>>>> On Mon, 2010-01-11 at 13:50 -0600, Serge E. Hallyn wrote: >> >>>>>>>>>>> Fails with: >> >>>>>>>>>>> cp: cannot stat >> >>>>>>>>>>> `/home/sds/ltp/testcases/kernel/security/selinux-testsuite/refpolicy/policy_files/generic/test_policy.*': >> >>>>>>>>>>> No such file or directory >> >>>>>>>>>> >> >>>>>>>>>> You ran /home/sds/ltp/testscripts/test_selinux.sh, right? >> >>>>>>>>>> >> >>>>>>>>>> I think we are supposed to actually be running >> >>>>>>>>>> /opt/ltp/testscripts/test_selinux.sh. So then the first question >> >>>>>>>>>> for >> >>>>>>>>>> Garrett is how should we deduce /home/sds/ltp as $LTP_SRCDIR from >> >>>>>>>>>> a >> >>>>>>>>>> testscript? Or should the policy sources be copied into /opt? >> >>>>>>>>> >> >>>>>>>>> Ok, but regardless: the refpolicy Makefile is still broken. >> >>>>>>>> >> >>>>>>>> Yup. >> >>>>>>> >> >>>>>>> All right, baby-steps. >> >>>>>>> >> >>>>>>> The attached test_selinux.diff is not to be applied, but something >> >>>>>>> like it is needed. Should we have the ltp 'make install' fill in >> >>>>>>> TOP_SRCDIR in /opt/ltp/testscripts/test_selinux.sh? BTW, Garrett, >> >>>>>>> that is the issue I was saying is shared between test_selinux.sh >> >>>>>>> and some others including test_robind.sh. That's why I'm not just >> >>>>>>> sending a patch to make it work, bc i think we need more general >> >>>>>>> guidance. >> >>>>>>> >> >>>>>>> The second match makes the 'make load' part of test_selinux.sh >> >>>>>>> succeed on rhel5.4. Stephen, how does it do on fedora? >> >>>>>>> >> >>>>>>> After loading policy it fails to execute ltp-pan, but I figure let's >> >>>>>>> get policy loading working first. >> >>>>>>> >> >>>>>>> -serge >> >>>>>> >> >>>>>> gah, attaching the actual patches this time. >> >>>>>> >> >>>>>> -serge >> >>>>> >> >>>>> 1. I'm rejecting the test_selinux.diff solely because it has /root/ltp >> >>>>> hardcoded as LTPROOT. >> >>>> >> >>>> I said 'not to be applied'. You're not rejecting. >> >>>> >> >>>>> 2. Why is the redhat stuff support to work >> >>>>> agnostic to the major and minor version? >> >>>> >> >>>> It's not agnostic to the major version. Only the minor version. >> >>>> >> >>>> And since you've made ltp not compile on rhel4 (requiring make-3.81. >> >>>> feh) >> >>>> i suppose we can just get rid of rhel4 support selinux-testsuite. >> >>> >> >>> No. 1. Compiling make 3.81 today and installing it is trivial, so it >> >>> shouldn't be removed today. 2. I've finally decided that I'm going to >> >>> look outside of the box into providing equivalent functionality via >> >>> shell functions using purely built-in commands [and test(1)] to fill >> >>> in the feature gaps for make 3.80. I've gotten to the point where I >> >>> just gave up trying to ride out what I possibly can in make 3.80, so >> >>> it's time to pull in some external pieces to get the job done. >> >> >> >> All of the install junk works now, but the modes need fixing, or >> >> some such fun. Please analyze the test_selinux.sh script and tell me >> >> what to commit next to fix everything. >> > >> > Hi Garrett, >> > >> > I needed to apply the patch below to make test_selinux.sh run >> > successfully on Fedora 12. The problems were: >> > - The setting of LTPROOT in test_selinux.sh was incorrect, leading to >> > problems with invoking everything else. Note that I invoke it by doing: >> > cd /opt/ltp && ./testscripts/test_selinux.sh >> > and thus $0 is a relative path, whereas we want an absolute one. >> > - You don't need to cd to $POLICYDIR at all since you specify >> > $POLICYDIR/test_policy.pp to semodule -i and semodule -r is acting on >> > the installed policy module. >> > - The attempt to extract paths from runtest/selinux and invoke chcon on >> > them wasn't working as $LTPROOT wasn't being expanded; easier to just do >> > a chcon -R there as before. >> > - runtest/selinux had the wrong paths to the test programs (or >> > alternatively, they aren't being installed to the right location - they >> > all get installed directly to $LTPROOT/testcases/bin. >> > >> > Index: testscripts/test_selinux.sh >> > =================================================================== >> > RCS file: /cvsroot/ltp/ltp/testscripts/test_selinux.sh,v >> > retrieving revision 1.20 >> > diff -u -r1.20 test_selinux.sh >> > --- testscripts/test_selinux.sh 26 Jan 2010 07:05:02 -0000 1.20 >> > +++ testscripts/test_selinux.sh 26 Jan 2010 14:20:40 -0000 >> > @@ -37,15 +37,14 @@ >> > fi >> > >> > # set the LTPROOT directory >> > -LTPROOT=${LTPROOT:=${0%/*}} >> > -cd "$LTPROOT" >> > +LTPROOT=`pwd` >> > export TMP=${TMP:-/tmp} >> > -# If we're in the testscripts directory, go down a dir.. >> > +# If we're in the testscripts directory, go up a dir.. >> > LTPROOT_TMP=${LTPROOT%/testscripts} >> > if [ "x${LTPROOT_TMP}" != "x${LTPROOT}" ] >> > then >> > cd .. >> > - LTPROOT=$LTPROOT_TMP >> > + LTPROOT=`pwd` >> > fi >> > export LTPROOT >> > unset LTPROOT_TMP >> > @@ -89,7 +88,6 @@ >> > >> > # install the test policy... >> > echo "Installing test_policy module..." >> > -cd $POLICYDIR >> > if ! semodule -i $POLICYDIR/test_policy.pp; then >> > echo "Failed to install test_policy module, aborting test run." >> > config_unset_expandcheck >> > @@ -100,9 +98,6 @@ >> > >> > config_unset_expandcheck >> > >> > -# go back to test's root directory >> > -cd $LTPROOT >> > - >> > echo "Running the SELinux testsuite..." >> > >> > mkdir $TMP/selinux > /dev/null 2>&1 >> > @@ -112,8 +107,7 @@ >> > # The ../testcases/bin directory needs to have the test_file_t type. >> > # Save and restore later. >> > SAVEBINTYPE=`ls -Zd $LTPROOT/testcases/bin | awk '{ print $4 }' | awk -F: >> > '{ print $3 }'` >> > -/usr/bin/chcon -t test_file_t $LTPROOT/testcases/bin \ >> > - $(awk '$1 !~ /^#/ { print $2 }' >> > "$LTPROOT/runtest/selinux") >> > +/usr/bin/chcon -R -t test_file_t $LTPROOT/testcases/bin >> > >> > $LTPROOT/bin/ltp-pan -S -a $LTPROOT/results/selinux -n ltp-selinux \ >> > -l $LTPROOT/results/selinux.logfile \ >> > @@ -127,7 +121,6 @@ >> > /usr/bin/chcon -R -t $SAVEBINTYPE $LTPROOT/testcases/bin >> > >> > echo "Removing test_policy module..." >> > -cd $POLICYDIR >> > if ! semodule -r test_policy; then >> > echo "Failed to remove test_policy module." >> > exit 1 >> > Index: runtest/selinux >> > =================================================================== >> > RCS file: /cvsroot/ltp/ltp/runtest/selinux,v >> > retrieving revision 1.4 >> > diff -u -r1.4 selinux >> > --- runtest/selinux 25 Jan 2010 12:44:59 -0000 1.4 >> > +++ runtest/selinux 26 Jan 2010 14:20:40 -0000 >> > @@ -1,40 +1,40 @@ >> > #DESCRIPTION:Security-Enhanced Linux >> > -SELinux01 >> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_capable_file.sh >> > -SELinux02 >> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_capable_net.sh >> > -SELinux03 >> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_capable_sys.sh >> > -SELinux04 >> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_domain_trans.sh >> > -SELinux05 >> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_entrypoint.sh >> > -SELinux06 >> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_execshare.sh >> > -SELinux07 >> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_exectrace.sh >> > -SELinux08 >> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_execute_no_trans.sh >> > -SELinux09 >> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_fdreceive.sh >> > -SELinux10 >> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_file.sh >> > -SELinux11 >> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_inherit.sh >> > -SELinux12 >> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_ioctl.sh >> > -SELinux13 >> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_link.sh >> > -SELinux14 >> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_mkdir.sh >> > -SELinux15 >> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_msg.sh >> > -SELinux16 >> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_open.sh >> > -SELinux17 >> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_ptrace.sh >> > -SELinux18 >> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_readlink.sh >> > -SELinux19 >> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_relabel.sh >> > -SELinux20 >> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_rename.sh >> > -SELinux21 >> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_rxdir.sh >> > -SELinux22 >> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_sem.sh >> > -SELinux23 >> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_setattr.sh >> > -SELinux24 >> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_setnice.sh >> > -SELinux25 >> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_shm.sh >> > -SELinux26 >> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_sigkill.sh >> > -SELinux27 >> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_stat.sh >> > -SELinux28 >> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_sysctl.sh >> > -SELinux29 >> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_task_create.sh >> > -SELinux30 >> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_task_getpgid.sh >> > -SELinux31 >> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_task_getscheduler.sh >> > -SELinux32 >> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_task_getsid.sh >> > -SELinux33 >> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_task_setnice.sh >> > -SELinux34 >> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_task_setpgid.sh >> > -SELinux35 >> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_task_setscheduler.sh >> > -SELinux36 >> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_wait.sh >> > -SELinux37 >> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_dyntrace.sh >> > -SELinux38 >> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_dyntrans.sh >> > -SELinux39 >> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_bounds.sh >> > +SELinux01 $LTPROOT/testcases/bin/selinux_capable_file.sh >> > +SELinux02 $LTPROOT/testcases/bin/selinux_capable_net.sh >> > +SELinux03 $LTPROOT/testcases/bin/selinux_capable_sys.sh >> > +SELinux04 $LTPROOT/testcases/bin/selinux_domain_trans.sh >> > +SELinux05 $LTPROOT/testcases/bin/selinux_entrypoint.sh >> > +SELinux06 $LTPROOT/testcases/bin/selinux_execshare.sh >> > +SELinux07 $LTPROOT/testcases/bin/selinux_exectrace.sh >> > +SELinux08 $LTPROOT/testcases/bin/selinux_execute_no_trans.sh >> > +SELinux09 $LTPROOT/testcases/bin/selinux_fdreceive.sh >> > +SELinux10 $LTPROOT/testcases/bin/selinux_file.sh >> > +SELinux11 $LTPROOT/testcases/bin/selinux_inherit.sh >> > +SELinux12 $LTPROOT/testcases/bin/selinux_ioctl.sh >> > +SELinux13 $LTPROOT/testcases/bin/selinux_link.sh >> > +SELinux14 $LTPROOT/testcases/bin/selinux_mkdir.sh >> > +SELinux15 $LTPROOT/testcases/bin/selinux_msg.sh >> > +SELinux16 $LTPROOT/testcases/bin/selinux_open.sh >> > +SELinux17 $LTPROOT/testcases/bin/selinux_ptrace.sh >> > +SELinux18 $LTPROOT/testcases/bin/selinux_readlink.sh >> > +SELinux19 $LTPROOT/testcases/bin/selinux_relabel.sh >> > +SELinux20 $LTPROOT/testcases/bin/selinux_rename.sh >> > +SELinux21 $LTPROOT/testcases/bin/selinux_rxdir.sh >> > +SELinux22 $LTPROOT/testcases/bin/selinux_sem.sh >> > +SELinux23 $LTPROOT/testcases/bin/selinux_setattr.sh >> > +SELinux24 $LTPROOT/testcases/bin/selinux_setnice.sh >> > +SELinux25 $LTPROOT/testcases/bin/selinux_shm.sh >> > +SELinux26 $LTPROOT/testcases/bin/selinux_sigkill.sh >> > +SELinux27 $LTPROOT/testcases/bin/selinux_stat.sh >> > +SELinux28 $LTPROOT/testcases/bin/selinux_sysctl.sh >> > +SELinux29 $LTPROOT/testcases/bin/selinux_task_create.sh >> > +SELinux30 $LTPROOT/testcases/bin/selinux_task_getpgid.sh >> > +SELinux31 $LTPROOT/testcases/bin/selinux_task_getscheduler.sh >> > +SELinux32 $LTPROOT/testcases/bin/selinux_task_getsid.sh >> > +SELinux33 $LTPROOT/testcases/bin/selinux_task_setnice.sh >> > +SELinux34 $LTPROOT/testcases/bin/selinux_task_setpgid.sh >> > +SELinux35 $LTPROOT/testcases/bin/selinux_task_setscheduler.sh >> > +SELinux36 $LTPROOT/testcases/bin/selinux_wait.sh >> > +SELinux37 $LTPROOT/testcases/bin/selinux_dyntrace.sh >> > +SELinux38 $LTPROOT/testcases/bin/selinux_dyntrans.sh >> > +SELinux39 $LTPROOT/testcases/bin/selinux_bounds.sh >> >> Ok -- I think that we just resolved the last of the selinux test suite saga >> by properly >> >> The difference between your suggested patch above and what I committed >> was the line were it determined LTPROOT. Assuming that LTPROOT is the >> directory where the script was run isn't a smart idea, and I'm pretty >> sure that you were doing this purely because test_selinux.sh was in >> your path. > > So you require that the test script be invoked by absolute path, ala: > $ /opt/ltp/testscripts/test_selinux.sh > > I was invoking the tests via: > $ cd /opt/ltp > $ ./testscripts/test_selinux.sh > > The latter won't work with your current LTPROOT definition; it will end > up with a LTPROOT=. and LTPBIN=./testcases/bin, which then won't work > when it gets referenced by the individual test scripts particularly when > they change to a subdirectory for a particular test. This yields a > couple of failures in the .log and 'No such file or directory' errors in > the .outfile. > >> After the above items were committed, this is the end result: >> >> Total Tests: 39 >> Total Failures: 0 >> Kernel Version: 2.6.31.9-174.fc12.i686.PAE >> Machine Architecture: i686 >> Hostname: localhost.localdomain >> >> I highly encourage others to test this out as well -- maybe we can enable it >> in the default build after I can get some RHEL4 folks to test the port...? > > When invoked via cd /opt/ltp && ./testscripts/test_selinux.sh I get the > following errors in the .outfile: > > chcon: cannot access `selinux_wait_io': No such file or directory > ./testcases/bin/selinux_file.sh: line 188: tst_resm: command not found > runcon: selinux_wait_parent: No such file or directory > ./testcases/bin/selinux_wait.sh: line 35: tst_resm: command not found > runcon: selinux_wait_parent: No such file or directory > ./testcases/bin/selinux_wait.sh: line 51: tst_resm: command not found > > The first message actually shows up even when invoked > via /opt/ltp/testscripts/test_selinux.sh, although it doesn't appear to > cause any FAIL in that case. The test_resm messages are odd - is that > not getting defined anywhere?
Ok. Send me a patch that does a readlink -f of the LTPPATH and set your PATH to include $LTPROOT/testcases/bin, and you'll be good to go -- thanks! -Garrett ------------------------------------------------------------------------------ The Planet: dedicated and managed hosting, cloud storage, colocation Stay online with enterprise data centers and the best network in the business Choose flexible plans and management services without long-term contracts Personal 24x7 support from experience hosting pros just a phone call away. http://p.sf.net/sfu/theplanet-com _______________________________________________ Ltp-list mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/ltp-list
