rpms
/
libcap
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

add CI tests using the standard test interface (astepano)

This commit is contained in:
root 2019-01-28 11:36:30 +00:00
parent fbcc8c1370
commit 38b03e9432
13 changed files with 637 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

64
tests/capsh-basic-functionality/Makefile Normal file
View File

@ -0,0 +1,64 @@
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Makefile of /CoreOS/libcap/Sanity/capsh-basic-functionality
# Description: tests basic functionality
# Author: Karel Srot <ksrot@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2017 Red Hat, Inc.
#
# This copyrighted material is made available to anyone wishing
# to use, modify, copy, or redistribute it subject to the terms
# and conditions of the GNU General Public License version 2.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public
# License along with this program; if not, write to the Free
# Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
# Boston, MA 02110-1301, USA.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
export TEST=/CoreOS/libcap/Sanity/capsh-basic-functionality
export TESTVERSION=1.0
BUILT_FILES=
FILES=$(METADATA) runtest.sh Makefile PURPOSE
.PHONY: all install download clean
run: $(FILES) build
./runtest.sh
build: $(BUILT_FILES)
test -x runtest.sh || chmod a+x runtest.sh
clean:
rm -f *~ $(BUILT_FILES)
include /usr/share/rhts/lib/rhts-make.include
$(METADATA): Makefile
@echo "Owner: Karel Srot <ksrot@redhat.com>" > $(METADATA)
@echo "Name: $(TEST)" >> $(METADATA)
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
@echo "Path: $(TEST_DIR)" >> $(METADATA)
@echo "Description: tests basic functionality" >> $(METADATA)
@echo "Type: Sanity" >> $(METADATA)
@echo "TestTime: 5m" >> $(METADATA)
@echo "RunFor: libcap" >> $(METADATA)
@echo "Requires: libcap" >> $(METADATA)
@echo "Priority: Normal" >> $(METADATA)
@echo "License: GPLv2" >> $(METADATA)
@echo "Confidential: no" >> $(METADATA)
@echo "Destructive: no" >> $(METADATA)
@echo "Releases: -RHEL4 -RHELClient5 -RHELServer5 -RHEL6" >> $(METADATA)
rhts-lint $(METADATA)

3
tests/capsh-basic-functionality/PURPOSE Normal file
View File

@ -0,0 +1,3 @@
PURPOSE of /CoreOS/libcap/Sanity/capsh-basic-functionality
Description: tests basic functionality
Author: Karel Srot <ksrot@redhat.com>

123
tests/capsh-basic-functionality/runtest.sh Executable file
View File

@ -0,0 +1,123 @@
#!/bin/bash
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# runtest.sh of /CoreOS/libcap/Sanity/capsh-basic-functionality
# Description: tests basic functionality
# Author: Karel Srot <ksrot@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2017 Red Hat, Inc.
#
# This copyrighted material is made available to anyone wishing
# to use, modify, copy, or redistribute it subject to the terms
# and conditions of the GNU General Public License version 2.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public
# License along with this program; if not, write to the Free
# Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
# Boston, MA 02110-1301, USA.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# Include Beaker environment
. /usr/bin/rhts-environment.sh || exit 1
. /usr/share/beakerlib/beakerlib.sh || exit 1
PACKAGE="libcap"
rlJournalStart
rlPhaseStartSetup
rlAssertRpm $PACKAGE
rlRun "TmpDir=\$(mktemp -d)" 0 "Creating tmp directory"
rlRun "pushd $TmpDir"
rlRun "useradd -m libcap_tester"
rlPhaseEnd
rlPhaseStartTest "Remove the listed capabilities from the prevailing bounding set"
rlRun -s "capsh --drop=cap_net_raw -- -c 'getpcaps \$\$'"
rlAssertGrep "Capabilities for" $rlRun_LOG
rlAssertNotGrep cap_net_raw $rlRun_LOG
rlRun -s "capsh --drop=cap_net_raw -- -c 'ping localhost -c 1'" 2,126 "Ping without cap_net_raw shoud fail"
rlAssertGrep "Operation not permitted" $rlRun_LOG
rlPhaseEnd
rlPhaseStartTest "Set the prevailing process capabilities"
rlRun -s "capsh --caps=cap_chown+p --print"
rlAssertGrep "Current: = cap_chown+p" $rlRun_LOG
rlPhaseEnd
rlPhaseStartTest "Set the inheritable set of capabilities"
rlRun -s "capsh --inh=cap_chown --print"
rlRun "grep 'Current: = ' $rlRun_LOG | grep 'cap_chown+eip'"
rlRun -s "capsh --inh=cap_chown -- -c 'getpcaps \$\$' 2>&1"
rlAssertGrep "cap_chown+eip" $rlRun_LOG
rlPhaseEnd
rlPhaseStartTest "Assume the identity of the user nobody"
USERID=`id -u nobody`
GROUPID=`id -g nobody`
rlRun -s "capsh --user=nobody -- -c 'id'"
rlAssertGrep "uid=$USERID(nobody) gid=$GROUPID(nobody) groups=$GROUPID(nobody)" $rlRun_LOG
rlPhaseEnd
rlPhaseStartTest "Force all uid values to equal to nobody"
rlRun -s "capsh --uid=$USERID -- -c 'id'"
rlAssertGrep "uid=$USERID(nobody) gid=0(root) groups=0(root)" $rlRun_LOG
rlPhaseEnd
rlPhaseStartTest "Force all gid values to equal to nobody"
rlRun -s "capsh --gid=$GROUPID -- -c 'id'"
rlAssertGrep "uid=0(root) gid=$GROUPID(nobody)" $rlRun_LOG
rlPhaseEnd
rlPhaseStartTest "Set the supplementary groups"
GROUP2ID=`id -g daemon`
rlRun -s "capsh --groups=${GROUPID},${GROUP2ID} -- -c id"
rlAssertGrep "uid=0(root) gid=0(root) groups=0(root),${GROUP2ID}(daemon),${GROUPID}(nobody)" $rlRun_LOG
rlPhaseEnd
rlPhaseStartTest "Permit the process to retain its capabilities after a setuid"
CURRENT=`capsh --print | grep 'Current:' | cut -d '+' -f 1`
rlRun -s "capsh --keep=0 --uid=$USERID --print"
rlAssertGrep 'Current: =$' $rlRun_LOG -E
rlRun -s "capsh --keep=1 --uid=$USERID --print"
rlAssertGrep "$CURRENT" $rlRun_LOG
rlPhaseEnd
rlPhaseStartTest "Decode capabilities"
rlRun "CODE=$( cat /proc/$$/status | awk '/CapEff/ { print $2 }' )"
rlRun "DECODE=$( capsh --decode=$CODE | cut -d '=' -f 2 )"
rlRun "capsh --print | grep 'Current: = $DECODE'"
rlPhaseEnd
rlPhaseStartTest "Verify the existence of a capability on the system"
rlRun "capsh --supports=cap_net_raw"
rlRun -s "capsh --supports=cap_foo_bar" 1
rlAssertGrep "cap\[cap_foo_bar\] not recognized by library" $rlRun_LOG
rlPhaseEnd
rlPhaseStartTest "Verify exit code for unsupported option"
rlRun "capsh --foo bar" 1
rlPhaseEnd
rlPhaseStartTest "Run as a regular user"
USERID=`id -u libcap_tester`
rlRun -s "su - libcap_tester -c 'capsh --print'"
rlAssertGrep "Current: =\$" $rlRun_LOG -E
rlAssertGrep "uid=$USERID(libcap_tester)" $rlRun_LOG
rlPhaseEnd
rlPhaseStartCleanup
rlRun "userdel -r libcap_tester"
rlRun "popd"
rlRun "rm -r $TmpDir" 0 "Removing tmp directory"
rlPhaseEnd
rlJournalPrintText
rlJournalEnd

64
tests/pam_cap-so-sanity-test/Makefile Normal file
View File

@ -0,0 +1,64 @@
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Makefile of /CoreOS/libcap/Sanity/pam_cap-so-sanity-test
# Description: basic functionality test for pam_cap.so module
# Author: Karel Srot <ksrot@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2017 Red Hat, Inc.
#
# This copyrighted material is made available to anyone wishing
# to use, modify, copy, or redistribute it subject to the terms
# and conditions of the GNU General Public License version 2.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public
# License along with this program; if not, write to the Free
# Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
# Boston, MA 02110-1301, USA.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
export TEST=/CoreOS/libcap/Sanity/pam_cap-so-sanity-test
export TESTVERSION=1.0
BUILT_FILES=
FILES=$(METADATA) runtest.sh Makefile PURPOSE
.PHONY: all install download clean
run: $(FILES) build
./runtest.sh
build: $(BUILT_FILES)
test -x runtest.sh || chmod a+x runtest.sh
clean:
rm -f *~ $(BUILT_FILES)
include /usr/share/rhts/lib/rhts-make.include
$(METADATA): Makefile
@echo "Owner: Karel Srot <ksrot@redhat.com>" > $(METADATA)
@echo "Name: $(TEST)" >> $(METADATA)
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
@echo "Path: $(TEST_DIR)" >> $(METADATA)
@echo "Description: basic functionality test for pam_cap.so module" >> $(METADATA)
@echo "Type: Sanity" >> $(METADATA)
@echo "TestTime: 5m" >> $(METADATA)
@echo "RunFor: libcap" >> $(METADATA)
@echo "Requires: libcap" >> $(METADATA)
@echo "Priority: Normal" >> $(METADATA)
@echo "License: GPLv2" >> $(METADATA)
@echo "Confidential: no" >> $(METADATA)
@echo "Destructive: no" >> $(METADATA)
@echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA)
rhts-lint $(METADATA)

5
tests/pam_cap-so-sanity-test/PURPOSE Normal file
View File

@ -0,0 +1,5 @@
PURPOSE of /CoreOS/libcap/Sanity/pam_cap-so-sanity-test
Description: basic functionality test for pam_cap.so module
Author: Karel Srot <ksrot@redhat.com>
Test if a test user can be granted capabilities via pam_cap.so module.

63
tests/pam_cap-so-sanity-test/runtest.sh Executable file
View File

@ -0,0 +1,63 @@
#!/bin/bash
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# runtest.sh of /CoreOS/libcap/Sanity/pam_cap-so-sanity-test
# Description: basic functionality test for pam_cap.so module
# Author: Karel Srot <ksrot@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2017 Red Hat, Inc.
#
# This copyrighted material is made available to anyone wishing
# to use, modify, copy, or redistribute it subject to the terms
# and conditions of the GNU General Public License version 2.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public
# License along with this program; if not, write to the Free
# Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
# Boston, MA 02110-1301, USA.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# Include Beaker environment
. /usr/bin/rhts-environment.sh || exit 1
. /usr/share/beakerlib/beakerlib.sh || exit 1
PACKAGE="libcap"
rlJournalStart
rlPhaseStartSetup
rlAssertRpm $PACKAGE
rlRun "TmpDir=\$(mktemp -d)" 0 "Creating tmp directory"
rlRun "pushd $TmpDir"
rlRun "useradd -m pam_cap_user"
rlRun "useradd -m pam_cap_user2"
rlFileBackup /etc/pam.d/su
[ -f /etc/security/capability.conf ] && rlFileBackup /etc/security/capability.conf
rlRun "echo -e 'cap_net_raw pam_cap_user\nnone *' > /etc/security/capability.conf"
rlRun "sed '1 s/^/auth required pam_cap.so/' -i /etc/pam.d/su" 0 "Configure pam_cap.so in /etc/pam.d/su"
rlPhaseEnd
rlPhaseStartTest
rlRun "su - pam_cap_user -c 'getpcaps \$\$' &> user1.log"
rlAssertGrep "Capabilities for.* = cap_net_raw" user1.log -E
rlRun "su - pam_cap_user2 -c 'getpcaps \$\$' &> user2.log"
rlAssertNotGrep "cap_net_raw" user2.log
rlPhaseEnd
rlPhaseStartCleanup
rlRun "userdel -r pam_cap_user"
rlRun "userdel -r pam_cap_user2"
rlFileRestore
rlRun "popd"
rlRun "rm -r $TmpDir" 0 "Removing tmp directory"
rlPhaseEnd
rlJournalPrintText
rlJournalEnd

65
tests/pkg-config-libcap-pc-addition/Makefile Normal file
View File

@ -0,0 +1,65 @@
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Makefile of /CoreOS/libcap/Sanity/pkg-config-libcap-pc-addition
# Description: Test for BZ#1425490 (Missing libcap.pc)
# Author: Karel Srot <ksrot@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2017 Red Hat, Inc.
#
# This copyrighted material is made available to anyone wishing
# to use, modify, copy, or redistribute it subject to the terms
# and conditions of the GNU General Public License version 2.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public
# License along with this program; if not, write to the Free
# Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
# Boston, MA 02110-1301, USA.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
export TEST=/CoreOS/libcap/Sanity/pkg-config-libcap-pc-addition
export TESTVERSION=1.0
BUILT_FILES=
FILES=$(METADATA) runtest.sh Makefile PURPOSE
.PHONY: all install download clean
run: $(FILES) build
./runtest.sh
build: $(BUILT_FILES)
test -x runtest.sh || chmod a+x runtest.sh
clean:
rm -f *~ $(BUILT_FILES)
include /usr/share/rhts/lib/rhts-make.include
$(METADATA): Makefile
@echo "Owner: Karel Srot <ksrot@redhat.com>" > $(METADATA)
@echo "Name: $(TEST)" >> $(METADATA)
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
@echo "Path: $(TEST_DIR)" >> $(METADATA)
@echo "Description: Test for BZ#1425490 (Missing libcap.pc)" >> $(METADATA)
@echo "Type: Sanity" >> $(METADATA)
@echo "TestTime: 5m" >> $(METADATA)
@echo "RunFor: libcap" >> $(METADATA)
@echo "Requires: libcap libcap-devel pkgconfig" >> $(METADATA)
@echo "Priority: Normal" >> $(METADATA)
@echo "License: GPLv2" >> $(METADATA)
@echo "Confidential: no" >> $(METADATA)
@echo "Destructive: no" >> $(METADATA)
@echo "Bug: 1425490" >> $(METADATA)
@echo "Releases: -RHEL4 -RHELClient5 -RHELServer5 -RHEL6" >> $(METADATA)
rhts-lint $(METADATA)

7
tests/pkg-config-libcap-pc-addition/PURPOSE Normal file
View File

@ -0,0 +1,7 @@
PURPOSE of /CoreOS/libcap/Sanity/pkg-config-libcap-pc-addition
Description: Test for BZ#1425490 (Missing libcap.pc)
Author: Karel Srot <ksrot@redhat.com>
Bug summary: Missing libcap.pc
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=1425490
Checking the presence and sanity of the libcap.pc file.

62
tests/pkg-config-libcap-pc-addition/runtest.sh Executable file
View File

@ -0,0 +1,62 @@
#!/bin/bash
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# runtest.sh of /CoreOS/libcap/Sanity/pkg-config-libcap-pc-addition
# Description: Test for BZ#1425490 (Missing libcap.pc)
# Author: Karel Srot <ksrot@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2017 Red Hat, Inc.
#
# This copyrighted material is made available to anyone wishing
# to use, modify, copy, or redistribute it subject to the terms
# and conditions of the GNU General Public License version 2.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public
# License along with this program; if not, write to the Free
# Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
# Boston, MA 02110-1301, USA.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# Include Beaker environment
. /usr/bin/rhts-environment.sh || exit 1
. /usr/share/beakerlib/beakerlib.sh || exit 1
PACKAGE="libcap"
rlJournalStart
rlPhaseStartSetup
rlAssertRpm $PACKAGE
rlRun "TmpDir=\$(mktemp -d)" 0 "Creating tmp directory"
rlRun "pushd $TmpDir"
rlPhaseEnd
rlPhaseStartTest
rlRun "rpm -ql libcap-devel | grep libcap.pc" 0 "There must be libcap.pc"
if [ $? -eq 0 ]; then
PCFILE=$(rpm -ql libcap-devel | grep libcap.pc)
rlRun "pkg-config --libs libcap | grep -- '-lcap'"
VER=$(awk '/Version:/ { print $2 }' $PCFILE | tail -1)
rlRun "pkg-config --modversion libcap | grep $VER"
rlRun -s "pkg-config --print-variables libcap"
rlAssertGrep "^prefix" $rlRun_LOG
rlAssertGrep "^exec_prefix" $rlRun_LOG
rlAssertGrep "^libdir" $rlRun_LOG
rlAssertGrep "^includedir" $rlRun_LOG
fi
rlPhaseEnd
rlPhaseStartCleanup
rlRun "popd"
rlRun "rm -r $TmpDir" 0 "Removing tmp directory"
rlPhaseEnd
rlJournalPrintText
rlJournalEnd

64
tests/setcap-getcap-basic-functionality/Makefile Normal file
View File

@ -0,0 +1,64 @@
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Makefile of /CoreOS/libcap/Sanity/setcap-getcap-basic-functionality
# Description: test basic functionality
# Author: Karel Srot <ksrot@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2017 Red Hat, Inc.
#
# This copyrighted material is made available to anyone wishing
# to use, modify, copy, or redistribute it subject to the terms
# and conditions of the GNU General Public License version 2.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public
# License along with this program; if not, write to the Free
# Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
# Boston, MA 02110-1301, USA.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
export TEST=/CoreOS/libcap/Sanity/setcap-getcap-basic-functionality
export TESTVERSION=1.0
BUILT_FILES=
FILES=$(METADATA) runtest.sh Makefile PURPOSE
.PHONY: all install download clean
run: $(FILES) build
./runtest.sh
build: $(BUILT_FILES)
test -x runtest.sh || chmod a+x runtest.sh
clean:
rm -f *~ $(BUILT_FILES)
include /usr/share/rhts/lib/rhts-make.include
$(METADATA): Makefile
@echo "Owner: Karel Srot <ksrot@redhat.com>" > $(METADATA)
@echo "Name: $(TEST)" >> $(METADATA)
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
@echo "Path: $(TEST_DIR)" >> $(METADATA)
@echo "Description: test basic functionality" >> $(METADATA)
@echo "Type: Sanity" >> $(METADATA)
@echo "TestTime: 5m" >> $(METADATA)
@echo "RunFor: libcap" >> $(METADATA)
@echo "Requires: libcap" >> $(METADATA)
@echo "Priority: Normal" >> $(METADATA)
@echo "License: GPLv2" >> $(METADATA)
@echo "Confidential: no" >> $(METADATA)
@echo "Destructive: no" >> $(METADATA)
@echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA)
rhts-lint $(METADATA)

3
tests/setcap-getcap-basic-functionality/PURPOSE Normal file
View File

@ -0,0 +1,3 @@
PURPOSE of /CoreOS/libcap/Sanity/setcap-getcap-basic-functionality
Description: test basic functionality
Author: Karel Srot <ksrot@redhat.com>

98
tests/setcap-getcap-basic-functionality/runtest.sh Executable file
View File

@ -0,0 +1,98 @@
#!/bin/bash
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# runtest.sh of /CoreOS/libcap/Sanity/setcap-getcap-basic-functionality
# Description: test basic functionality
# Author: Karel Srot <ksrot@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2017 Red Hat, Inc.
#
# This copyrighted material is made available to anyone wishing
# to use, modify, copy, or redistribute it subject to the terms
# and conditions of the GNU General Public License version 2.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public
# License along with this program; if not, write to the Free
# Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
# Boston, MA 02110-1301, USA.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# Include Beaker environment
. /usr/bin/rhts-environment.sh || exit 1
. /usr/share/beakerlib/beakerlib.sh || exit 1
PACKAGE="libcap"
rlJournalStart
rlPhaseStartSetup
rlAssertRpm $PACKAGE
rlRun "TmpDir=\$(mktemp -d)" 0 "Creating tmp directory"
rlRun "pushd $TmpDir"
rlRun "mkdir mydir && touch file1 mydir/file2 mydir/file3"
rlPhaseEnd
rlPhaseStartTest "set and get capabilities"
rlRun "setcap cap_net_admin+p file1 cap_net_raw+ei mydir/file2"
rlRun -s "getcap file1 mydir/file2"
rlAssertGrep "file1 = cap_net_admin+p" $rlRun_LOG
rlAssertGrep "mydir/file2 = cap_net_raw+ei" $rlRun_LOG
rlPhaseEnd
rlPhaseStartTest "set capabilities via stdin"
rlRun "echo -e 'cap_net_raw+p\ncap_net_admin+p' > input"
rlRun -s "setcap - mydir/file3 < input"
rlAssertGrep "Please enter caps for file \[empty line to end\]:" $rlRun_LOG
rlRun "getcap mydir/file3 | grep 'mydir/file3 = cap_net_admin,cap_net_raw+p'"
rlPhaseEnd
rlPhaseStartTest "set capabilities quietly via stdin"
rlRun "echo -e 'cap_net_raw+p' > input"
rlRun -s "setcap -q - mydir/file3 < input"
rlAssertNotGrep "Please enter caps for file" $rlRun_LOG
rlRun "getcap mydir/file3 | grep 'mydir/file3 = cap_net_raw+p'"
rlPhaseEnd
rlPhaseStartTest "remove capabilities"
rlRun "setcap -r mydir/file3"
rlRun "getcap | grep file3" 1 "There should be no capabilities listed for file1"
rlPhaseEnd
rlPhaseStartTest "listing capabilities recursively"
rlRun -s "getcap -r *"
rlAssertGrep "file1 = cap_net_admin+p" $rlRun_LOG
rlAssertGrep "mydir/file2 = cap_net_raw+ei" $rlRun_LOG
rlPhaseEnd
rlPhaseStartTest "listing capabilities verbosely"
rlRun -s "getcap -v mydir/*"
rlAssertGrep "mydir/file2 = cap_net_raw+ei" $rlRun_LOG
rlAssertGrep "mydir/file3\$" $rlRun_LOG -E
rlPhaseEnd
rlPhaseStartTest "print help"
rlRun "setcap -h | grep 'usage: setcap'" 1
rlRun "getcap -h | grep 'usage: getcap'" 1
rlPhaseEnd
rlPhaseStartTest "exit with 1 on error"
rlRun -s "setcap foo bar" 1
rlAssertGrep "fatal error: Invalid argument" $rlRun_LOG
rlRun -s "getcap -f oo" 1
rlAssertGrep "getcap: invalid option -- 'f'" $rlRun_LOG
rlPhaseEnd
rlPhaseStartCleanup
rlRun "popd"
rlRun "rm -r $TmpDir" 0 "Removing tmp directory"
rlPhaseEnd
rlJournalPrintText
rlJournalEnd

17
tests/tests.yml
View File

@ -3,11 +3,26 @@
- role: standard-test-beakerlib
tags:
- classic
- container
tests:
- sanity-tests
- pam_cap-so-sanity-test
- setcap-getcap-basic-functionality
required_packages:
- libcap
- libcap # libcap package required for all tests
- libcap-devel
- libcmocka
- libcmocka-devel
- gcc
- iputils # ping command required for capsh-basic-functionality
# Tests that run in atomic
- hosts: localhost
roles:
- role: standard-test-beakerlib
tags:
- atomic
tests:
- capsh-basic-functionality
- pam_cap-so-sanity-test
- setcap-getcap-basic-functionality