PR#2: Add CI tests using the standard test interface - rpms/libsemanage

rpms / libsemanage

#2 Add CI tests using the standard test interface

Closed 6 years ago by plautrba. Opened 6 years ago by sturivny.

git://fedorapeople.org/~sturivny/libsemanage new_tests into master

Add CI tests using the standard test interface

Serhii Turivny • 6 years ago

932a129

tests/semanage-handle-functions/Makefile

file added

+63

		`@@ -0,0 +1,63 @@`
		`+ # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~`
		`+ #`
		`+ # Makefile of /CoreOS/libsemanage/Sanity/semanage-handle-functions`
		`+ # Description: Test functions from handle.h`
		`+ # Author: Jan Zarsky <jzarsky@redhat.com>`
		`+ #`
		`+ # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~`
		`+ #`
		`+ # Copyright (c) 2017 Red Hat, Inc.`
		`+ #`
		`+ # This program is free software: you can redistribute it and/or`
		`+ # modify it under the terms of the GNU General Public License as`
		`+ # published by the Free Software Foundation, either version 2 of`
		`+ # the License, or (at your option) any later version.`
		`+ #`
		`+ # This program is distributed in the hope that it will be`
		`+ # useful, but WITHOUT ANY WARRANTY; without even the implied`
		`+ # warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR`
		`+ # PURPOSE. See the GNU General Public License for more details.`
		`+ #`
		`+ # You should have received a copy of the GNU General Public License`
		`+ # along with this program. If not, see http://www.gnu.org/licenses/.`
		`+ #`
		`+ # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~`
		`+`
		`+ export TEST=/CoreOS/libsemanage/Sanity/semanage-handle-functions`
		`+ export TESTVERSION=1.0`
		`+`
		`+ BUILT_FILES=`
		`+`
		`+ FILES=$(METADATA) runtest.sh Makefile PURPOSE functions.c test_*.c`
		`+`
		`+ .PHONY: all install download clean`
		`+`
		`+ run: $(FILES) build`
		`+ ./runtest.sh`
		`+`
		`+ build: $(BUILT_FILES)`
		`+ test -x runtest.sh \|\| chmod a+x runtest.sh`
		`+`
		`+ clean:`
		`+ rm -f *~ $(BUILT_FILES)`
		`+`
		`+`
		`+ include /usr/share/rhts/lib/rhts-make.include`
		`+`
		`+ $(METADATA): Makefile`
		`+ @echo "Owner: Jan Zarsky <jzarsky@redhat.com>" > $(METADATA)`
		`+ @echo "Name: $(TEST)" >> $(METADATA)`
		`+ @echo "TestVersion: $(TESTVERSION)" >> $(METADATA)`
		`+ @echo "Path: $(TEST_DIR)" >> $(METADATA)`
		`+ @echo "Description: Test functions from handle.h" >> $(METADATA)`
		`+ @echo "Type: Sanity" >> $(METADATA)`
		`+ @echo "TestTime: 5m" >> $(METADATA)`
		`+ @echo "RunFor: libsemanage" >> $(METADATA)`
		`+ @echo "Requires: libsemanage libsemanage-devel glibc gcc" >> $(METADATA)`
		`+ @echo "Priority: Normal" >> $(METADATA)`
		`+ @echo "License: GPLv2+" >> $(METADATA)`
		`+ @echo "Confidential: no" >> $(METADATA)`
		`+ @echo "Destructive: no" >> $(METADATA)`
		`+ @echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA)`
		`+`
		`+ rhts-lint $(METADATA)`

tests/semanage-handle-functions/PURPOSE

file added

		`@@ -0,0 +1,3 @@`
		`+ PURPOSE of /CoreOS/libsemanage/Sanity/semanage-handle-functions`
		`+ Description: Test functions from handle.h`
		`+ Author: Jan Zarsky <jzarsky@redhat.com>`

tests/semanage-handle-functions/functions.c

file added

+132

		`@@ -0,0 +1,132 @@`
		`+ #include <stdio.h>`
		`+ #include <stdlib.h>`
		`+ #include <string.h>`
		`+ #include <errno.h>`
		`+ #include <semanage/semanage.h>`
		`+`
		`+ void check_result_int(const char *expected, int real) {`
		`+ int exp = strtol(expected, NULL, 10);`
		`+`
		`+ if (exp != real) {`
		`+ fprintf(stderr, "Expected %d but got %d\n", exp, real);`
		`+ exit(1);`
		`+ }`
		`+ }`
		`+`
		`+ semanage_handle_t *test_handle_create() {`
		`+ semanage_handle_t *sh = NULL;`
		`+`
		`+ sh = semanage_handle_create();`
		`+ printf("semanage_handle_create(): %p\n", (void *) sh);`
		`+`
		`+ if (sh == NULL) {`
		`+ perror("semanage_handle_create");`
		`+ exit(1);`
		`+ }`
		`+`
		`+ return sh;`
		`+ }`
		`+`
		`+ int test_connect(semanage_handle_t *sh) {`
		`+ int result = semanage_connect(sh);`
		`+ printf("semanage_connect(%p): %d\n", (void *) sh, result);`
		`+`
		`+ if (result != 0) {`
		`+ perror("semanage_connect");`
		`+ exit(1);`
		`+ }`
		`+`
		`+ return result;`
		`+ }`
		`+`
		`+ int test_disconnect(semanage_handle_t *sh) {`
		`+ int result = semanage_disconnect(sh);`
		`+ printf("semanage_disconnect(%p): %d\n", (void *) sh, result);`
		`+`
		`+ if (result != 0) {`
		`+ perror("semanage_disconnect");`
		`+ exit(1);`
		`+ }`
		`+`
		`+ return result;`
		`+ }`
		`+`
		`+ int test_begin_transaction(semanage_handle_t *sh) {`
		`+ int result = semanage_begin_transaction(sh);`
		`+ printf("semanage_begin_transaction(%p): %d\n", (void *) sh, result);`
		`+`
		`+ if (result != 0) {`
		`+ perror("semanage_begin_transaction");`
		`+ exit(1);`
		`+ }`
		`+`
		`+ return result;`
		`+ }`
		`+`
		`+ int test_commit(semanage_handle_t *sh) {`
		`+ int result = semanage_commit(sh);`
		`+ printf("semanage_commit(%p): %d\n", (void *) sh, result);`
		`+`
		`+ if (result != 0) {`
		`+ perror("semanage_commit");`
		`+ exit(1);`
		`+ }`
		`+`
		`+ return result;`
		`+ }`
		`+`
		`+ #define STATE_INIT 1`
		`+ #define STATE_HANDLE 2`
		`+ #define STATE_CONN 3`
		`+ #define STATE_TRANS 4`
		`+`
		`+ int get_state(const char *state_str) {`
		`+ if (strcmp(state_str, "init") == 0)`
		`+ return STATE_INIT;`
		`+ if (strcmp(state_str, "handle") == 0)`
		`+ return STATE_HANDLE;`
		`+ if (strcmp(state_str, "conn") == 0)`
		`+ return STATE_CONN;`
		`+ if (strcmp(state_str, "trans") == 0)`
		`+ return STATE_TRANS;`
		`+`
		`+ return 0;`
		`+ }`
		`+`
		`+ semanage_handle_t * get_handle(const char *state_str) {`
		`+ int state;`
		`+ semanage_handle_t *sh = NULL;`
		`+`
		`+ state = get_state(state_str);`
		`+`
		`+ if (state >= STATE_INIT)`
		`+ sh = NULL;`
		`+`
		`+ if (state >= STATE_HANDLE)`
		`+ sh = test_handle_create();`
		`+`
		`+ if (state >= STATE_CONN)`
		`+ test_connect(sh);`
		`+`
		`+ if (state >= STATE_TRANS)`
		`+ test_begin_transaction(sh);`
		`+`
		`+ return sh;`
		`+ }`
		`+`
		`+ void destroy_handle(semanage_handle_t sh, const char state_str) {`
		`+ int state;`
		`+`
		`+ state = get_state(state_str);`
		`+`
		`+ if (state >= STATE_TRANS)`
		`+ test_commit(sh);`
		`+`
		`+ if (state >= STATE_CONN)`
		`+ test_disconnect(sh);`
		`+`
		`+ if (state >= STATE_HANDLE) {`
		`+ semanage_handle_destroy(sh);`
		`+ printf("semanage_handle_destroy(%p)\n", (void *) sh);`
		`+ }`
		`+ }`

tests/semanage-handle-functions/plan.txt

file added

+29

		`@@ -0,0 +1,29 @@`
		`+ init handle conn trans`
		`+ semanage_set_root x ok ok ok -`
		`+ semanage_root x ok ok ok -`
		`+ semanage_handle_create x ok - - -`
		`+ semanage_set_rebuild fail ok ok -`
		`+ semanage_set_reload fail ok ok -`
		`+ semanage_get_hll_compiler_path fail ? ? -`
		`+ semanage_set_create_store fail ok ok - should be called after connect`
		`+ semanage_get_disable_dontaudit fail ? ? -`
		`+ semanage_set_disable_dontaudit fail ? ? -`
		`+ semanage_get_preserve_tunables fail ? ? -`
		`+ semanage_set_preserve_tunables fail ? ? -`
		`+ semanage_get_ignore_module_cache fail ? ? -`
		`+ semanage_set_ignore_module_cache fail ? ? -`
		`+ semanage_set_check_contexts fail ok ok -`
		`+ semanage_get_default_priority fail ok ok -`
		`+ semanage_set_default_priority fail ok ok -`
		`+ semanage_is_connected x fail ok ok -`
		`+ semanage_select_store fail ok ok - should be called before connect`
		`+ semanage_set_store_root fail ok ok -`
		`+ semanage_is_managed x fail ok fail -`
		`+ semanage_mls_enabled x fail ? ok -`
		`+ semanage_connect x fail ok ? -`
		`+ semanage_access_check x fail ok ? -`
		`+ semanage_disconnect x fail fail ok - ok when disconnected twice`
		`+ semanage_handle_destroy x fail ok ok -`
		`+ semanage_begin_transaction x fail fail ok ok ok when begin twice`
		`+ semanage_commit x fail fail fail ok`
		`+ semanage_reload_policy fail ? ? ?`

tests/semanage-handle-functions/runtest.sh

file added

+122

		`@@ -0,0 +1,122 @@`
		`+ #!/bin/bash`
		`+ # vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k`
		`+ # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~`
		`+ #`
		`+ # runtest.sh of /CoreOS/libsemanage/Sanity/semanage-handle-functions`
		`+ # Description: Test functions from handle.h`
		`+ # Author: Jan Zarsky <jzarsky@redhat.com>`
		`+ #`
		`+ # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~`
		`+ #`
		`+ # Copyright (c) 2017 Red Hat, Inc.`
		`+ #`
		`+ # This program is free software: you can redistribute it and/or`
		`+ # modify it under the terms of the GNU General Public License as`
		`+ # published by the Free Software Foundation, either version 2 of`
		`+ # the License, or (at your option) any later version.`
		`+ #`
		`+ # This program is distributed in the hope that it will be`
		`+ # useful, but WITHOUT ANY WARRANTY; without even the implied`
		`+ # warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR`
		`+ # PURPOSE. See the GNU General Public License for more details.`
		`+ #`
		`+ # You should have received a copy of the GNU General Public License`
		`+ # along with this program. If not, see http://www.gnu.org/licenses/.`
		`+ #`
		`+ # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~`
		`+`
		`+ # Include Beaker environment`
		`+ . /usr/bin/rhts-environment.sh \|\| exit 1`
		`+ . /usr/share/beakerlib/beakerlib.sh \|\| exit 1`
		`+`
		`+ PACKAGE="libsemanage"`
		`+`
		`+ rlJournalStart`
		`+ rlPhaseStartSetup`
		`+ rlAssertRpm ${PACKAGE}`
		`+ rlAssertRpm ${PACKAGE}-devel`
		`+ rlAssertRpm "glibc"`
		`+ rlAssertRpm "gcc"`
		`+`
		`+ if rlIsRHEL ">=7" \|\| rlIsFedora; then`
		`+ rlRun -l "gcc test_root.c -o test_root -lsemanage -Wall -Wextra -std=c99"`
		`+ fi`
		`+`
		`+ rlRun -l "gcc test_handle_create.c -o test_handle_create -lsemanage -Wall -Wextra -Wno-unused-parameter -std=c99"`
		`+ rlRun -l "gcc test_access_check.c -o test_access_check -lsemanage -Wall -Wextra -std=c99"`
		`+ rlRun -l "gcc test_is_managed.c -o test_is_managed -lsemanage -Wall -Wextra -std=c99"`
		`+ rlRun -l "gcc test_connect.c -o test_connect -lsemanage -Wall -Wextra -std=c99"`
		`+ rlRun -l "gcc test_is_connected.c -o test_is_connected -lsemanage -Wall -Wextra -std=c99"`
		`+ rlRun -l "gcc test_mls_enabled.c -o test_mls_enabled -lsemanage -Wall -Wextra -std=c99"`
		`+ rlRun -l "gcc test_transaction.c -o test_transaction -lsemanage -Wall -Wextra -std=c99"`
		`+`
		`+ ERR_FAIL=1`
		`+ ERR_ABORT=134`
		`+ rlPhaseEnd`
		`+`
		`+ if rlIsRHEL ">=7" \|\| rlIsFedora; then`
		`+ rlPhaseStartTest "semanage_root, semanage_test_root"`
		`+ rlRun "./test_root init"`
		`+ rlRun "./test_root handle"`
		`+ rlRun "./test_root conn"`
		`+ rlRun "./test_root init /somepath"`
		`+ rlRun "./test_root handle /somepath"`
		`+ rlRun "./test_root conn /somepath"`
		`+ rlPhaseEnd`
		`+ fi`
		`+`
		`+ rlPhaseStartTest "semanage_handle_create, semanage_handle_destroy"`
		`+ rlRun "./test_handle_create init"`
		`+ rlPhaseEnd`
		`+`
		`+ rlPhaseStartTest "semanage_access_check"`
		`+ rlRun "./test_access_check init" $ERR_ABORT`
		`+ rlRun "./test_access_check handle 2"`
		`+ rlRun "./test_access_check conn 2"`
		`+ rlPhaseEnd`
		`+`
		`+ rlPhaseStartTest "semanage_is_managed"`
		`+ rlRun "./test_is_managed init" $ERR_ABORT`
		`+ rlRun "./test_is_managed handle 1"`
		`+ rlRun "./test_is_managed conn" $ERR_FAIL`
		`+ rlPhaseEnd`
		`+`
		`+ rlPhaseStartTest "semanage_connect, semanage_disconnect"`
		`+ rlRun "./test_connect init" $ERR_ABORT`
		`+ rlRun "./test_connect init reversed" $ERR_ABORT`
		`+ rlRun "./test_connect handle"`
		`+ rlRun "./test_connect handle twice"`
		`+ rlRun "./test_connect handle reversed" $ERR_ABORT`
		`+ # why does it work??`
		`+ rlRun "./test_connect conn"`
		`+ rlPhaseEnd`
		`+`
		`+ rlPhaseStartTest "semanage_is_connected"`
		`+ rlRun "./test_is_connected init" $ERR_ABORT`
		`+ rlRun "./test_is_connected handle 0"`
		`+ rlRun "./test_is_connected conn 1"`
		`+ rlPhaseEnd`
		`+`
		`+ rlPhaseStartTest "semanage_mls_enabled"`
		`+ rlRun "./test_mls_enabled init" $ERR_ABORT`
		`+ rlRun "./test_mls_enabled handle" $ERR_ABORT`
		`+ rlRun "./test_mls_enabled conn 1"`
		`+ rlPhaseEnd`
		`+`
		`+ rlPhaseStartTest "semanage_begin_transaction, semanage_commit"`
		`+ rlRun "./test_transaction init" $ERR_ABORT`
		`+ rlRun "./test_transaction init reversed" $ERR_ABORT`
		`+ rlRun "./test_transaction handle" $ERR_ABORT`
		`+ rlRun "./test_transaction handle reversed" $ERR_ABORT`
		`+ rlRun "./test_transaction conn"`
		`+ rlRun "./test_transaction conn twice"`
		`+ rlRun "./test_transaction conn reversed" $ERR_FAIL`
		`+ rlPhaseEnd`
		`+`
		`+ rlPhaseStartCleanup`
		`+ rlRun "rm -f output test_root test_handle_create test_access_check \`
		`+ test_is_managed test_connect test_is_connected \`
		`+ test_mls_enabled test_transaction"`
		`+ rlPhaseEnd`
		`+ rlJournalPrintText`
		`+ rlJournalEnd`

tests/semanage-handle-functions/test_access_check.c

file added

+32

		`@@ -0,0 +1,32 @@`
		`+ #include <stdio.h>`
		`+ #include <stdlib.h>`
		`+ #include <string.h>`
		`+ #include <errno.h>`
		`+ #include <semanage/semanage.h>`
		`+`
		`+ #include "functions.c"`
		`+`
		`+ int main (int argc, char **argv) {`
		`+ semanage_handle_t *sh;`
		`+`
		`+ if (argc < 2)`
		`+ exit(1);`
		`+`
		`+ sh = get_handle(argv[1]);`
		`+`
		`+ int result = semanage_access_check(sh);`
		`+ printf("semanage_access_check(%p): %d\n", (void *) sh, result);`
		`+`
		`+ if (result < 0 \|\| (result != 0 && result != SEMANAGE_CAN_READ`
		`+ && result != SEMANAGE_CAN_WRITE)) {`
		`+ perror("semanage_access_check");`
		`+ exit(1);`
		`+ }`
		`+`
		`+ if (argc >= 3)`
		`+ check_result_int(argv[2], result);`
		`+`
		`+ destroy_handle(sh, argv[1]);`
		`+`
		`+ exit(0);`
		`+ }`

tests/semanage-handle-functions/test_connect.c

file added

+33

		`@@ -0,0 +1,33 @@`
		`+ #include <stdio.h>`
		`+ #include <stdlib.h>`
		`+ #include <string.h>`
		`+ #include <errno.h>`
		`+ #include <semanage/semanage.h>`
		`+`
		`+ #include "functions.c"`
		`+`
		`+ int main (int argc, char **argv) {`
		`+ semanage_handle_t *sh;`
		`+`
		`+ if (argc < 2)`
		`+ exit(1);`
		`+`
		`+ sh = get_handle(argv[1]);`
		`+`
		`+ if (argc >= 3 && strcmp(argv[2], "reversed") == 0) {`
		`+ test_disconnect(sh);`
		`+ test_connect(sh);`
		`+ }`
		`+ else {`
		`+ test_connect(sh);`
		`+ test_disconnect(sh);`
		`+ }`
		`+`
		`+ if (argc >= 3 && strcmp(argv[2], "twice") == 0) {`
		`+ test_disconnect(sh);`
		`+ }`
		`+`
		`+ destroy_handle(sh, argv[1]);`
		`+`
		`+ exit(0);`
		`+ }`

tests/semanage-handle-functions/test_handle_create.c

file added

+15

		`@@ -0,0 +1,15 @@`
		`+ #include <stdio.h>`
		`+ #include <stdlib.h>`
		`+ #include <string.h>`
		`+ #include <errno.h>`
		`+ #include <semanage/semanage.h>`
		`+`
		`+ #include "functions.c"`
		`+`
		`+ int main (int argc, char **argv) {`
		`+ semanage_handle_t *sh = test_handle_create();`
		`+`
		`+ semanage_handle_destroy(sh);`
		`+`
		`+ exit(0);`
		`+ }`

tests/semanage-handle-functions/test_is_connected.c

file added

+32

		`@@ -0,0 +1,32 @@`
		`+ #include <stdio.h>`
		`+ #include <stdlib.h>`
		`+ #include <string.h>`
		`+ #include <errno.h>`
		`+ #include <semanage/semanage.h>`
		`+`
		`+ #include "functions.c"`
		`+`
		`+ int main (int argc, char **argv) {`
		`+ semanage_handle_t *sh;`
		`+ int result;`
		`+`
		`+ if (argc < 2)`
		`+ exit(1);`
		`+`
		`+ sh = get_handle(argv[1]);`
		`+`
		`+ result = semanage_is_connected(sh);`
		`+ printf("semanage_is_connected(%p): %d\n", (void *) sh, result);`
		`+`
		`+ if (result != 0 && result != 1) {`
		`+ perror("semanage_is_connected");`
		`+ exit(1);`
		`+ }`
		`+`
		`+ if (argc >= 3)`
		`+ check_result_int(argv[2], result);`
		`+`
		`+ destroy_handle(sh, argv[1]);`
		`+`
		`+ exit(0);`
		`+ }`

tests/semanage-handle-functions/test_is_managed.c

file added

+32

		`@@ -0,0 +1,32 @@`
		`+ #include <stdio.h>`
		`+ #include <stdlib.h>`
		`+ #include <string.h>`
		`+ #include <errno.h>`
		`+ #include <semanage/semanage.h>`
		`+`
		`+ #include "functions.c"`
		`+`
		`+ int main (int argc, char **argv) {`
		`+ semanage_handle_t *sh;`
		`+ int result;`
		`+`
		`+ if (argc < 2)`
		`+ exit(1);`
		`+`
		`+ sh = get_handle(argv[1]);`
		`+`
		`+ result = semanage_is_managed(sh);`
		`+ printf("semanage_is_managed(%p): %d\n", (void *) sh, result);`
		`+`
		`+ if (result != 0 && result != 1) {`
		`+ perror("semanage_is_managed");`
		`+ exit(1);`
		`+ }`
		`+`
		`+ if (argc >= 3)`
		`+ check_result_int(argv[2], result);`
		`+`
		`+ destroy_handle(sh, argv[1]);`
		`+`
		`+ exit(0);`
		`+ }`

tests/semanage-handle-functions/test_mls_enabled.c

file added

+32

		`@@ -0,0 +1,32 @@`
		`+ #include <stdio.h>`
		`+ #include <stdlib.h>`
		`+ #include <string.h>`
		`+ #include <errno.h>`
		`+ #include <semanage/semanage.h>`
		`+`
		`+ #include "functions.c"`
		`+`
		`+ int main (int argc, char **argv) {`
		`+ semanage_handle_t *sh;`
		`+ int result;`
		`+`
		`+ if (argc < 2)`
		`+ exit(1);`
		`+`
		`+ sh = get_handle(argv[1]);`
		`+`
		`+ result = semanage_mls_enabled(sh);`
		`+ printf("semanage_mls_enabled(%p): %d\n", (void *) sh, result);`
		`+`
		`+ if (result != 0 && result != 1) {`
		`+ perror("semanage_mls_enabled");`
		`+ exit(1);`
		`+ }`
		`+`
		`+ if (argc >= 4)`
		`+ check_result_int(argv[3], result);`
		`+`
		`+ destroy_handle(sh, argv[1]);`
		`+`
		`+ exit(0);`
		`+ }`

tests/semanage-handle-functions/test_root.c

file added

+53

		`@@ -0,0 +1,53 @@`
		`+ #include <stdio.h>`
		`+ #include <stdlib.h>`
		`+ #include <string.h>`
		`+ #include <errno.h>`
		`+ #include <semanage/semanage.h>`
		`+`
		`+ #include "functions.c"`
		`+`
		`+ int main (int argc, char **argv) {`
		`+ semanage_handle_t *sh;`
		`+ const char *root;`
		`+ int result;`
		`+`
		`+ if (argc < 2)`
		`+ exit(1);`
		`+`
		`+ sh = get_handle(argv[1]);`
		`+`
		`+ root = semanage_root();`
		`+ printf("semanage_root(): %s\n", root);`
		`+`
		`+ if (root == NULL) {`
		`+ perror("semanage_root");`
		`+ exit(1);`
		`+ }`
		`+`
		`+ if (argc >= 3) {`
		`+ result = semanage_set_root(argv[2]);`
		`+ printf("semanage_set_root(\"%s\"): %d\n", argv[2], result);`
		`+`
		`+ if (root == NULL) {`
		`+ perror("semanage_set_root");`
		`+ exit(1);`
		`+ }`
		`+`
		`+ root = semanage_root();`
		`+ printf("semanage_root(): %s\n", root);`
		`+`
		`+ if (result != 0) {`
		`+ perror("semanage_root");`
		`+ exit(1);`
		`+ }`
		`+`
		`+ if (strcmp(root, argv[2]) != 0) {`
		`+ fprintf(stderr, "Expected \"%s\" but got \"%s\"\n", argv[2], root);`
		`+ exit(1);`
		`+ }`
		`+ }`
		`+`
		`+ destroy_handle(sh, argv[1]);`
		`+`
		`+ exit(0);`
		`+ }`

tests/semanage-handle-functions/test_transaction.c

file added

+34

		`@@ -0,0 +1,34 @@`
		`+ #include <stdio.h>`
		`+ #include <stdlib.h>`
		`+ #include <string.h>`
		`+ #include <errno.h>`
		`+ #include <semanage/semanage.h>`
		`+`
		`+ #include "functions.c"`
		`+`
		`+ int main (int argc, char **argv) {`
		`+ semanage_handle_t *sh;`
		`+`
		`+ if (argc < 2)`
		`+ exit(1);`
		`+`
		`+ sh = get_handle(argv[1]);`
		`+`
		`+ if (argc >= 3 && strcmp(argv[2], "reversed") == 0) {`
		`+ test_commit(sh);`
		`+ test_begin_transaction(sh);`
		`+ }`
		`+ else if (argc >= 3 && strcmp(argv[2], "twice") == 0) {`
		`+ test_begin_transaction(sh);`
		`+ test_begin_transaction(sh);`
		`+ test_commit(sh);`
		`+ }`
		`+ else {`
		`+ test_begin_transaction(sh);`
		`+ test_commit(sh);`
		`+ }`
		`+`
		`+ destroy_handle(sh, argv[1]);`
		`+`
		`+ exit(0);`
		`+ }`

tests/semanage-seuser-functions/Makefile

file added

+63

		`@@ -0,0 +1,63 @@`
		`+ # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~`
		`+ #`
		`+ # Makefile of /CoreOS/libsemanage/Sanity/semanage-seuser-functions`
		`+ # Description: Test semanage_seuser_* functions`
		`+ # Author: Jan Zarsky <jzarsky@redhat.com>`
		`+ #`
		`+ # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~`
		`+ #`
		`+ # Copyright (c) 2017 Red Hat, Inc.`
		`+ #`
		`+ # This program is free software: you can redistribute it and/or`
		`+ # modify it under the terms of the GNU General Public License as`
		`+ # published by the Free Software Foundation, either version 2 of`
		`+ # the License, or (at your option) any later version.`
		`+ #`
		`+ # This program is distributed in the hope that it will be`
		`+ # useful, but WITHOUT ANY WARRANTY; without even the implied`
		`+ # warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR`
		`+ # PURPOSE. See the GNU General Public License for more details.`
		`+ #`
		`+ # You should have received a copy of the GNU General Public License`
		`+ # along with this program. If not, see http://www.gnu.org/licenses/.`
		`+ #`
		`+ # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~`
		`+`
		`+ export TEST=/CoreOS/libsemanage/Sanity/semanage-seuser-functions`
		`+ export TESTVERSION=1.0`
		`+`
		`+ BUILT_FILES=`
		`+`
		`+ FILES=$(METADATA) runtest.sh Makefile PURPOSE functions.c test_*.c`
		`+`
		`+ .PHONY: all install download clean`
		`+`
		`+ run: $(FILES) build`
		`+ ./runtest.sh`
		`+`
		`+ build: $(BUILT_FILES)`
		`+ test -x runtest.sh \|\| chmod a+x runtest.sh`
		`+`
		`+ clean:`
		`+ rm -f *~ $(BUILT_FILES)`
		`+`
		`+`
		`+ include /usr/share/rhts/lib/rhts-make.include`
		`+`
		`+ $(METADATA): Makefile`
		`+ @echo "Owner: Jan Zarsky <jzarsky@redhat.com>" > $(METADATA)`
		`+ @echo "Name: $(TEST)" >> $(METADATA)`
		`+ @echo "TestVersion: $(TESTVERSION)" >> $(METADATA)`
		`+ @echo "Path: $(TEST_DIR)" >> $(METADATA)`
		`+ @echo "Description: Test semanage_seuser_* functions" >> $(METADATA)`
		`+ @echo "Type: Sanity" >> $(METADATA)`
		`+ @echo "TestTime: 5m" >> $(METADATA)`
		`+ @echo "RunFor: libsemanage" >> $(METADATA)`
		`+ @echo "Requires: libsemanage libsemanage-devel glibc gcc" >> $(METADATA)`
		`+ @echo "Priority: Normal" >> $(METADATA)`
		`+ @echo "License: GPLv2+" >> $(METADATA)`
		`+ @echo "Confidential: no" >> $(METADATA)`
		`+ @echo "Destructive: no" >> $(METADATA)`
		`+ @echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA)`
		`+`
		`+ rhts-lint $(METADATA)`

tests/semanage-seuser-functions/PURPOSE

file added

		`@@ -0,0 +1,3 @@`
		`+ PURPOSE of /CoreOS/libsemanage/Sanity/semanage-seuser-functions`
		`+ Description: Test semanage_seuser_* functions`
		`+ Author: Jan Zarsky <jzarsky@redhat.com>`

tests/semanage-seuser-functions/functions.c

file added

+263

		`@@ -0,0 +1,263 @@`
		`+ #include <stdio.h>`
		`+ #include <stdlib.h>`
		`+ #include <string.h>`
		`+ #include <errno.h>`
		`+ #include <semanage/semanage.h>`
		`+`
		`+ void check_result_int(const char *expected, int real) {`
		`+ int exp = strtol(expected, NULL, 10);`
		`+`
		`+ if (exp != real) {`
		`+ fprintf(stderr, "Expected %d but got %d\n", exp, real);`
		`+ exit(1);`
		`+ }`
		`+ }`
		`+`
		`+ semanage_handle_t *test_handle_create() {`
		`+ semanage_handle_t *sh = NULL;`
		`+`
		`+ sh = semanage_handle_create();`
		`+ printf("semanage_handle_create(): %p\n", (void *) sh);`
		`+`
		`+ if (sh == NULL) {`
		`+ perror("semanage_handle_create");`
		`+ exit(2);`
		`+ }`
		`+`
		`+ return sh;`
		`+ }`
		`+`
		`+ int test_connect(semanage_handle_t *sh) {`
		`+ int result = semanage_connect(sh);`
		`+ printf("semanage_connect(%p): %d\n", (void *) sh, result);`
		`+`
		`+ if (result != 0) {`
		`+ perror("semanage_connect");`
		`+ exit(2);`
		`+ }`
		`+`
		`+ return result;`
		`+ }`
		`+`
		`+ int test_disconnect(semanage_handle_t *sh) {`
		`+ int result = semanage_disconnect(sh);`
		`+ printf("semanage_disconnect(%p): %d\n", (void *) sh, result);`
		`+`
		`+ if (result != 0) {`
		`+ perror("semanage_disconnect");`
		`+ exit(2);`
		`+ }`
		`+`
		`+ return result;`
		`+ }`
		`+`
		`+ int test_begin_transaction(semanage_handle_t *sh) {`
		`+ int result = semanage_begin_transaction(sh);`
		`+ printf("semanage_begin_transaction(%p): %d\n", (void *) sh, result);`
		`+`
		`+ if (result != 0) {`
		`+ perror("semanage_begin_transaction");`
		`+ exit(2);`
		`+ }`
		`+`
		`+ return result;`
		`+ }`
		`+`
		`+ int test_commit(semanage_handle_t *sh) {`
		`+ int result = semanage_commit(sh);`
		`+ printf("semanage_commit(%p): %d\n", (void *) sh, result);`
		`+`
		`+ if (result != 0) {`
		`+ perror("semanage_commit");`
		`+ exit(2);`
		`+ }`
		`+`
		`+ return result;`
		`+ }`
		`+`
		`+ semanage_seuser_key_t test_get_key(semanage_handle_t sh, const char *name) {`
		`+ semanage_seuser_key_t *key;`
		`+ int result = semanage_seuser_key_create(sh, name, &key);`
		`+ printf("semanage_seuser_key_create(%p, %s, %p): %d\n",`
		`+ (void ) sh, name, (void ) &key, result);`
		`+`
		`+ if (key == NULL \|\| result < 0) {`
		`+ perror("semanage_seuser_key_create");`
		`+ exit(2);`
		`+ }`
		`+`
		`+ return key;`
		`+ }`
		`+`
		`+ semanage_seuser_t test_get_seuser_nth(semanage_handle_t sh, unsigned int index) {`
		`+ int result;`
		`+ semanage_seuser_t **records;`
		`+ unsigned int count;`
		`+`
		`+ result = semanage_seuser_list(sh, &records, &count);`
		`+ printf("semanage_seuser_list(%p, %p, %p): %d\n",`
		`+ (void ) sh, (void ) &records, (void *) &count, result);`
		`+`
		`+ if (result < 0) {`
		`+ perror("semanage_seuser_list");`
		`+ exit(2);`
		`+ }`
		`+`
		`+ if (count < index + 1)`
		`+ exit(2);`
		`+`
		`+ return records[index];`
		`+ }`
		`+`
		`+ semanage_seuser_t test_get_seuser_new(semanage_handle_t sh) {`
		`+ int result;`
		`+ semanage_seuser_t *seuser;`
		`+`
		`+ result = semanage_seuser_create(sh, &seuser);`
		`+ printf("semanage_seuser_create(%p, %p): %d\n",`
		`+ (void ) sh, (void ) seuser, result);`
		`+`
		`+ if (result < 0) {`
		`+ perror("semanage_seuser_create");`
		`+ exit(2);`
		`+ }`
		`+`
		`+ return seuser;`
		`+ }`
		`+`
		`+ semanage_seuser_t test_get_seuser(semanage_handle_t sh, const char *param) {`
		`+ if (strcmp(param, "new") == 0)`
		`+ return test_get_seuser_new(sh);`
		`+`
		`+ if (strcmp(param, "first") == 0)`
		`+ return test_get_seuser_nth(sh, 0);`
		`+`
		`+ if (strcmp(param, "second") == 0)`
		`+ return test_get_seuser_nth(sh, 1);`
		`+`
		`+ fprintf(stderr, "Unknown seuser \"%s\" specified\n", param);`
		`+ exit(2);`
		`+ }`
		`+`
		`+ void test_add_local_seuser(semanage_handle_t sh, semanage_seuser_t seuser) {`
		`+ int result;`
		`+ semanage_seuser_key_t *key;`
		`+`
		`+ result = semanage_seuser_key_extract(sh, seuser, &key);`
		`+ printf("semanage_seuser_key_extract(%p, %p, %p): %d\n",`
		`+ (void ) sh, (void ) seuser, (void *) &key, result);`
		`+`
		`+ if (result < 0) {`
		`+ perror("semanage_seuser_key_extract");`
		`+ exit(2);`
		`+ }`
		`+`
		`+ result = semanage_seuser_modify_local(sh, key, seuser);`
		`+ printf("semanage_seuser_modify_local(%p, %p, %p): %d\n",`
		`+ (void ) seuser, (void ) key, (void *) seuser, result);`
		`+`
		`+ if (result < 0) {`
		`+ perror("semanage_seuser_modify_local");`
		`+ exit(2);`
		`+ }`
		`+ }`
		`+`
		`+ void test_del_local_seuser(semanage_handle_t sh, semanage_seuser_t seuser) {`
		`+ int result;`
		`+ semanage_seuser_key_t *key;`
		`+`
		`+ result = semanage_seuser_key_extract(sh, seuser, &key);`
		`+ printf("semanage_seuser_key_extract(%p, %p, %p): %d\n",`
		`+ (void ) sh, (void ) seuser, (void *) &key, result);`
		`+`
		`+ if (result < 0) {`
		`+ perror("semanage_seuser_key_extract");`
		`+ exit(2);`
		`+ }`
		`+`
		`+ result = semanage_seuser_del_local(sh, key);`
		`+ printf("semanage_seuser_del_local(%p, %p): %d\n",`
		`+ (void ) seuser, (void ) key, result);`
		`+`
		`+ if (result < 0) {`
		`+ perror("semanage_seuser_del_local");`
		`+ exit(2);`
		`+ }`
		`+ }`
		`+`
		`+ #define STATE_INIT 1`
		`+ #define STATE_HANDLE 2`
		`+ #define STATE_CONN 3`
		`+ #define STATE_TRANS 4`
		`+`
		`+ int get_state(const char *state_str) {`
		`+ if (strcmp(state_str, "init") == 0)`
		`+ return STATE_INIT;`
		`+ if (strcmp(state_str, "handle") == 0)`
		`+ return STATE_HANDLE;`
		`+ if (strcmp(state_str, "conn") == 0)`
		`+ return STATE_CONN;`
		`+ if (strcmp(state_str, "trans") == 0)`
		`+ return STATE_TRANS;`
		`+`
		`+ return 0;`
		`+ }`
		`+`
		`+ semanage_handle_t * get_handle(const char *state_str) {`
		`+ int state;`
		`+ semanage_handle_t *sh = NULL;`
		`+`
		`+ state = get_state(state_str);`
		`+`
		`+ if (state >= STATE_INIT)`
		`+ sh = NULL;`
		`+`
		`+ if (state >= STATE_HANDLE)`
		`+ sh = test_handle_create();`
		`+`
		`+ if (state >= STATE_CONN)`
		`+ test_connect(sh);`
		`+`
		`+ if (state >= STATE_TRANS)`
		`+ test_begin_transaction(sh);`
		`+`
		`+ return sh;`
		`+ }`
		`+`
		`+ void destroy_handle(semanage_handle_t sh, const char state_str) {`
		`+ int state;`
		`+`
		`+ state = get_state(state_str);`
		`+`
		`+ if (state >= STATE_TRANS)`
		`+ test_commit(sh);`
		`+`
		`+ if (state >= STATE_CONN)`
		`+ test_disconnect(sh);`
		`+`
		`+ if (state >= STATE_HANDLE) {`
		`+ semanage_handle_destroy(sh);`
		`+ printf("semanage_handle_destroy(%p)\n", (void *) sh);`
		`+ }`
		`+ }`
		`+`
		`+ int strcmp_null(const char str1, const char str2) {`
		`+ if (str1 == NULL && str2 == NULL)`
		`+ return 0;`
		`+`
		`+ if (str1 == NULL) {`
		`+ if (strcmp(str2, "NULL") == 0)`
		`+ return 0;`
		`+ else`
		`+ return -1;`
		`+ }`
		`+`
		`+ if (str2 == NULL) {`
		`+ if (strcmp(str1, "NULL") == 0)`
		`+ return 0;`
		`+ else`
		`+ return 1;`
		`+ }`
		`+`
		`+ return strcmp(str1, str2);`
		`+ }`

tests/semanage-seuser-functions/runtest.sh

file added

+255

		`@@ -0,0 +1,255 @@`
		`+ #!/bin/bash`
		`+ # vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k`
		`+ # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~`
		`+ #`
		`+ # runtest.sh of /CoreOS/libsemanage/Sanity/semanage-seuser-functions`
		`+ # Description: Test semanage_seuser_* functions`
		`+ # Author: Jan Zarsky <jzarsky@redhat.com>`
		`+ #`
		`+ # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~`
		`+ #`
		`+ # Copyright (c) 2017 Red Hat, Inc.`
		`+ #`
		`+ # This program is free software: you can redistribute it and/or`
		`+ # modify it under the terms of the GNU General Public License as`
		`+ # published by the Free Software Foundation, either version 2 of`
		`+ # the License, or (at your option) any later version.`
		`+ #`
		`+ # This program is distributed in the hope that it will be`
		`+ # useful, but WITHOUT ANY WARRANTY; without even the implied`
		`+ # warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR`
		`+ # PURPOSE. See the GNU General Public License for more details.`
		`+ #`
		`+ # You should have received a copy of the GNU General Public License`
		`+ # along with this program. If not, see http://www.gnu.org/licenses/.`
		`+ #`
		`+ # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~`
		`+`
		`+ # Include Beaker environment`
		`+ . /usr/bin/rhts-environment.sh \|\| exit 1`
		`+ . /usr/share/beakerlib/beakerlib.sh \|\| exit 1`
		`+`
		`+ PACKAGE="libsemanage"`
		`+`
		`+ rlJournalStart`
		`+ rlPhaseStartSetup`
		`+ rlAssertRpm ${PACKAGE}`
		`+ rlAssertRpm ${PACKAGE}-devel`
		`+ rlAssertRpm "glibc"`
		`+ rlAssertRpm "gcc"`
		`+`
		`+ for f in test_*.c ; do`
		`+ out=$(echo -n $f \| cut -d'.' -f1)`
		`+ rlRun "gcc $f -o $out -lsemanage -Wall -Wextra -Werror -std=c99"`
		`+ done`
		`+`
		`+ POLICY_TYPE="$(grep -E '^SELINUXTYPE=' /etc/selinux/config \| cut -d'=' -f2 \| tr '[:upper:]' '[:lower:]' \| tr -d ' ')"`
		`+`
		`+ if rlIsFedora; then`
		`+ SEUSERS_PATH="/var/lib/selinux/$POLICY_TYPE/active/seusers"`
		`+ elif rlIsRHEL '>=7'; then`
		`+ SEUSERS_PATH="/etc/selinux/$POLICY_TYPE/active/seusers"`
		`+ else`
		`+ SEUSERS_PATH="/etc/selinux/$POLICY_TYPE/seusers"`
		`+ fi`
		`+`
		`+ rlRun "cat $SEUSERS_PATH"`
		`+`
		`+ SEUSERS_COUNT="$(cat $SEUSERS_PATH \| grep -vE '^#\|^$' \| wc -l)"`
		`+ rlRun "[[ \"$SEUSERS_COUNT\" -gt 0 ]]"`
		`+`
		`+ SEUSERS="$(cat $SEUSERS_PATH \| grep -vE '^#\|^$' \| cut -d':' -f1 \| tr '\n' ' ')"`
		`+ rlRun "[[ -n \"$SEUSERS\" ]]"`
		`+`
		`+ first_line="$(cat $SEUSERS_PATH \| grep -vE '^#\|^$' \| head -n 1)"`
		`+ SEUSER="$(echo -n $first_line \| cut -d':' -f1)"`
		`+ rlRun "[[ -n \"$SEUSER\" ]]"`
		`+ SEUSER_SENAME="$(echo -n $first_line \| cut -d':' -f2)"`
		`+ rlRun "[[ -n \"$SEUSER_SENAME\" ]]"`
		`+ SEUSER_MLSRANGE="$(echo -n $first_line \| cut -d':' -f3-4)"`
		`+ rlRun "[[ -n \"$SEUSER_MLSRANGE\" ]]"`
		`+`
		`+ SEUSER_NONEXISTENT="nonuser"`
		`+ SEUSER_DEFAULT="__default__"`
		`+`
		`+ ERR_FAIL=1`
		`+ ERR_ABORT=134`
		`+ ERR_SEGFAULT=139`
		`+`
		`+ # note: each test_*.c program takes first argument which specifies setup`
		`+ # before executing specified function`
		`+ # init semanage handle == NULL`
		`+ # handle semanage handle obtained via semanage_handle_create`
		`+ # conn connected via semanage_connect`
		`+ # trans inside transaction, via semanage_begin_transaction`
		`+ # program returns 1 on error in function, 2 on error in setup`
		`+ rlPhaseEnd`
		`+`
		`+ rlPhaseStartTest "semanage_seuser_key_create, semanage_seuser_key_free"`
		`+ # FIXME`
		`+ # rlRun "./test_key_create init $SEUSER" $ERR_ABORT,$ERR_SEGFAULT`
		`+ # rlRun "./test_key_create handle $SEUSER" $ERR_FAIL`
		`+ rlRun "./test_key_create conn $SEUSER"`
		`+ rlRun "./test_key_create trans $SEUSER"`
		`+ rlPhaseEnd`
		`+`
		`+ rlPhaseStartTest "semanage_seuser_key_extract"`
		`+ # FIXME`
		`+ #rlRun "./test_key_extract conn new"`
		`+ rlRun "./test_key_extract conn first"`
		`+ # FIXME`
		`+ #rlRun "./test_key_extract trans new"`
		`+ rlRun "./test_key_extract trans first"`
		`+ rlPhaseEnd`
		`+`
		`+ rlPhaseStartTest "semanage_seuser_compare"`
		`+ rlRun "./test_compare conn $SEUSER same"`
		`+ rlRun "./test_compare conn $SEUSER_NONEXISTENT different"`
		`+ rlRun "./test_compare trans $SEUSER same"`
		`+ rlRun "./test_compare trans $SEUSER_NONEXISTENT different"`
		`+ rlPhaseEnd`
		`+`
		`+ rlPhaseStartTest "semanage_seuser_compare2"`
		`+ rlRun "./test_compare2 conn NULL 0" $ERR_ABORT,$ERR_SEGFAULT`
		`+ rlRun "./test_compare2 conn 0 NULL" $ERR_ABORT,$ERR_SEGFAULT`
		`+ rlRun "./test_compare2 conn NULL NULL" $ERR_ABORT,$ERR_SEGFAULT`
		`+ rlRun "./test_compare2 conn 0 0"`
		`+ rlRun "./test_compare2 conn 0 1"`
		`+ rlRun "./test_compare2 trans NULL 0" $ERR_ABORT,$ERR_SEGFAULT`
		`+ rlRun "./test_compare2 trans 0 NULL" $ERR_ABORT,$ERR_SEGFAULT`
		`+ rlRun "./test_compare2 trans NULL NULL" $ERR_ABORT,$ERR_SEGFAULT`
		`+ rlRun "./test_compare2 trans 0 0"`
		`+ rlRun "./test_compare2 trans 0 1"`
		`+ rlPhaseEnd`
		`+`
		`+ rlPhaseStartTest "semanage_seuser_count"`
		`+ rlRun "./test_count init" $ERR_ABORT,$ERR_SEGFAULT`
		`+ rlRun "./test_count handle" $ERR_FAIL`
		`+ rlRun "./test_count conn $SEUSERS_COUNT"`
		`+ rlRun "./test_count trans $SEUSERS_COUNT"`
		`+ rlPhaseEnd`
		`+`
		`+ rlPhaseStartTest "semanage_seuser_list"`
		`+ rlRun "./test_list init" $ERR_ABORT,$ERR_SEGFAULT`
		`+ rlRun "./test_list handle" $ERR_FAIL`
		`+ rlRun "./test_list conn $SEUSERS_COUNT $SEUSERS"`
		`+ rlRun "./test_list trans $SEUSERS_COUNT $SEUSERS"`
		`+ rlPhaseEnd`
		`+`
		`+ rlPhaseStartTest "semanage_seuser_iterate"`
		`+ rlRun "./test_iterate init" $ERR_ABORT,$ERR_SEGFAULT`
		`+ rlRun "./test_iterate handle" $ERR_FAIL`
		`+ rlRun "./test_iterate conn $SEUSERS"`
		`+ rlRun "./test_iterate trans $SEUSERS"`
		`+ rlPhaseEnd`
		`+`
		`+ rlPhaseStartTest "semanage_seuser_exists"`
		`+ rlRun "./test_exists conn $SEUSER_NONEXISTENT 0"`
		`+ rlRun "./test_exists conn $SEUSER_DEFAULT 1"`
		`+ rlRun "./test_exists conn $USER 1"`
		`+ rlRun "./test_exists trans $SEUSER_NONEXISTENT 0"`
		`+ rlRun "./test_exists trans $SEUSER_DEFAULT 1"`
		`+ rlRun "./test_exists trans $SEUSER 1"`
		`+ rlPhaseEnd`
		`+`
		`+ rlPhaseStartTest "semanage_seuser_query"`
		`+ rlRun "./test_query conn $SEUSER_NONEXISTENT" $ERR_FAIL`
		`+ rlRun "./test_query conn $SEUSER_DEFAULT"`
		`+ rlRun "./test_query conn $SEUSER"`
		`+ rlRun "./test_query trans $SEUSER_NONEXISTENT" $ERR_FAIL`
		`+ rlRun "./test_query trans $SEUSER_DEFAULT"`
		`+ rlRun "./test_query trans $SEUSER"`
		`+ rlPhaseEnd`
		`+`
		`+ rlPhaseStartTest "semanage_seuser_get_name"`
		`+ rlRun "./test_get_name conn new NULL"`
		`+ rlRun "./test_get_name conn first $SEUSER"`
		`+ rlRun "./test_get_name trans new NULL"`
		`+ rlRun "./test_get_name trans first $SEUSER"`
		`+ rlPhaseEnd`
		`+`
		`+ rlPhaseStartTest "semanage_seuser_set_name"`
		`+ name="someuser"`
		`+ rlRun "./test_set_name conn $name"`
		`+ rlRun "./test_set_name trans $name"`
		`+ rlPhaseEnd`
		`+`
		`+ rlPhaseStartTest "semanage_seuser_get_sename"`
		`+ rlRun "./test_get_sename conn new NULL"`
		`+ rlRun "./test_get_sename conn first $SEUSER_SENAME"`
		`+ rlRun "./test_get_sename trans new NULL"`
		`+ rlRun "./test_get_sename trans first $SEUSER_SENAME"`
		`+ rlPhaseEnd`
		`+`
		`+ rlPhaseStartTest "semanage_seuser_set_sename"`
		`+ sename="someuser_u"`
		`+ rlRun "./test_set_sename conn $sename"`
		`+ rlRun "./test_set_sename trans $sename"`
		`+ rlPhaseEnd`
		`+`
		`+ rlPhaseStartTest "semanage_seuser_get_mlsrange"`
		`+ rlRun "./test_get_mlsrange conn new NULL"`
		`+ rlRun "./test_get_mlsrange conn first $SEUSER_MLSRANGE"`
		`+ rlRun "./test_get_mlsrange trans new NULL"`
		`+ rlRun "./test_get_mlsrange trans first $SEUSER_MLSRANGE"`
		`+ rlPhaseEnd`
		`+`
		`+ rlPhaseStartTest "semanage_seuser_set_mlsrange"`
		`+ mlsrange="c0-s1:c0.c42"`
		`+ rlRun "./test_set_mlsrange conn $mlsrange"`
		`+ rlRun "./test_set_mlsrange trans $mlsrange"`
		`+ rlPhaseEnd`
		`+`
		`+ rlPhaseStartTest "semanage_seuser_clone"`
		`+ # FIXME`
		`+ #rlRun "./test_clone conn new"`
		`+ rlRun "./test_clone conn first"`
		`+ # FIXME`
		`+ #rlRun "./test_clone trans new"`
		`+ rlRun "./test_clone trans first"`
		`+ rlPhaseEnd`
		`+`
		`+ rlPhaseStartTest "semanage_seuser_create"`
		`+ # FIXME`
		`+ #rlRun "./test_create init" $ERR_ABORT,$ERR_SEGFAULT`
		`+ #rlRun "./test_create handle" $ERR_ABORT,$ERR_SEGFAULT`
		`+ rlRun "./test_create conn"`
		`+ rlRun "./test_create trans"`
		`+ rlPhaseEnd`
		`+`
		`+ rlPhaseStartTest "semanage_seuser_modify_local"`
		`+ # function requires transaction`
		`+ #rlRun "./test_modify_local conn new" $ERR_FAIL`
		`+ #rlRun "./test_modify_local conn first" $ERR_FAIL`
		`+ #rlRun "./test_modify_local trans new" $ERR_FAIL`
		`+ rlRun "./test_modify_local trans first"`
		`+ rlPhaseEnd`
		`+`
		`+ rlPhaseStartTest "semanage_seuser_del_local"`
		`+ # adding local seuser requires transaction`
		`+ # FIXME`
		`+ #rlRun "./test_del_local trans first new"`
		`+ #rlRun "./test_del_local trans first second"`
		`+ rlRun "./test_del_local trans first first"`
		`+ rlPhaseEnd`
		`+`
		`+ rlPhaseStartTest "semanage_seuser_exists_local"`
		`+ # adding local seuser requires transaction`
		`+ rlRun "./test_exists_local trans first first 1"`
		`+ rlRun "./test_exists_local trans first second 0"`
		`+ rlPhaseEnd`
		`+`
		`+ rlPhaseStartTest "semanage_seuser_count_local"`
		`+ # adding local seuser requires transaction`
		`+ # FIXME`
		`+ #rlRun "./test_count_local trans 0"`
		`+ rlRun "./test_count_local trans 1"`
		`+ rlRun "./test_count_local trans 2"`
		`+ rlPhaseEnd`
		`+`
		`+ rlPhaseStartCleanup`
		`+ testfiles="$(ls -1 test_* \| grep -v '\.c' \| tr '\n' ' ')"`
		`+ rlRun "rm -f $testfiles"`
		`+ rlPhaseEnd`
		`+ rlJournalPrintText`
		`+ rlJournalEnd`

tests/semanage-seuser-functions/test_clone.c

file added

+60

		`@@ -0,0 +1,60 @@`
		`+ #include <stdio.h>`
		`+ #include <stdlib.h>`
		`+ #include <string.h>`
		`+ #include <errno.h>`
		`+ #include <semanage/semanage.h>`
		`+`
		`+ #include "functions.c"`
		`+`
		`+ int main (int argc, char **argv) {`
		`+ semanage_handle_t *sh;`
		`+ semanage_seuser_t *seuser;`
		`+ semanage_seuser_t *seuser_clone;`
		`+ int result;`
		`+ const char *str;`
		`+ const char *str_clone;`
		`+`
		`+ if (argc < 3)`
		`+ exit(2);`
		`+`
		`+ sh = get_handle(argv[1]);`
		`+`
		`+ seuser = test_get_seuser(sh, argv[2]);`
		`+`
		`+ result = semanage_seuser_clone(sh, seuser, &seuser_clone);`
		`+ printf("semanage_seuser_clone(%p, %p): %d\n",`
		`+ (void ) seuser, (void ) seuser_clone, result);`
		`+`
		`+ if (result < 0) {`
		`+ perror("semanage_seuser_clone");`
		`+ exit(1);`
		`+ }`
		`+`
		`+ str = semanage_seuser_get_name(seuser);`
		`+ str_clone = semanage_seuser_get_name(seuser_clone);`
		`+`
		`+ if (strcmp(str, str_clone) != 0) {`
		`+ fprintf(stderr, "Different in get_name\n");`
		`+ exit(1);`
		`+ }`
		`+`
		`+ str = semanage_seuser_get_sename(seuser);`
		`+ str_clone = semanage_seuser_get_sename(seuser_clone);`
		`+`
		`+ if (strcmp(str, str_clone) != 0) {`
		`+ fprintf(stderr, "Different in get_sename\n");`
		`+ exit(1);`
		`+ }`
		`+`
		`+ str = semanage_seuser_get_mlsrange(seuser);`
		`+ str_clone = semanage_seuser_get_mlsrange(seuser_clone);`
		`+`
		`+ if (strcmp(str, str_clone) != 0) {`
		`+ fprintf(stderr, "Different in get_mlsrange\n");`
		`+ exit(1);`
		`+ }`
		`+`
		`+ destroy_handle(sh, argv[1]);`
		`+`
		`+ exit(0);`
		`+ }`

tests/semanage-seuser-functions/test_compare.c

file added

+44

		`@@ -0,0 +1,44 @@`
		`+ #include <stdio.h>`
		`+ #include <stdlib.h>`
		`+ #include <string.h>`
		`+ #include <errno.h>`
		`+ #include <semanage/semanage.h>`
		`+`
		`+ #include "functions.c"`
		`+`
		`+ int main (int argc, char **argv) {`
		`+ semanage_handle_t *sh;`
		`+ semanage_seuser_t *seuser;`
		`+ semanage_seuser_key_t *key;`
		`+ int result;`
		`+`
		`+ if (argc < 3)`
		`+ exit(2);`
		`+`
		`+ sh = get_handle(argv[1]);`
		`+`
		`+ seuser = test_get_seuser(sh, "first");`
		`+`
		`+ key = test_get_key(sh, argv[2]);`
		`+`
		`+ result = semanage_seuser_compare(seuser, key);`
		`+ printf("semanage_seuser_compare(%p, %p): %d\n",`
		`+ (void ) seuser, (void ) key, result);`
		`+`
		`+ if (argc >= 4) {`
		`+ if (strcmp(argv[3], "same") == 0 && result != 0) {`
		`+ fprintf(stderr, "Expected same but got different\n");`
		`+ exit(1);`
		`+ }`
		`+ else if (strcmp(argv[3], "different") == 0 && result == 0) {`
		`+ fprintf(stderr, "Expected different but got same\n");`
		`+ exit(1);`
		`+ }`
		`+ }`
		`+`
		`+ semanage_seuser_key_free(key);`
		`+`
		`+ destroy_handle(sh, argv[1]);`
		`+`
		`+ exit(0);`
		`+ }`

tests/semanage-seuser-functions/test_compare2.c

file added

+54

		`@@ -0,0 +1,54 @@`
		`+ #include <stdio.h>`
		`+ #include <stdlib.h>`
		`+ #include <string.h>`
		`+ #include <errno.h>`
		`+ #include <semanage/semanage.h>`
		`+`
		`+ #include "functions.c"`
		`+`
		`+ int main (int argc, char **argv) {`
		`+ semanage_handle_t *sh;`
		`+ semanage_seuser_t *seuser;`
		`+ semanage_seuser_t *seuser2;`
		`+ int result;`
		`+ int first = -1;`
		`+ int second = -1;`
		`+`
		`+ if (argc < 4)`
		`+ exit(2);`
		`+`
		`+ sh = get_handle(argv[1]);`
		`+`
		`+ if (strcmp(argv[2], "NULL") == 0) {`
		`+ seuser = NULL;`
		`+ }`
		`+ else {`
		`+ first = strtol(argv[2], NULL, 10);`
		`+ seuser = test_get_seuser_nth(sh, first);`
		`+ }`
		`+`
		`+ if (strcmp(argv[3], "NULL") == 0) {`
		`+ seuser2 = NULL;`
		`+ }`
		`+ else {`
		`+ second = strtol(argv[3], NULL, 10);`
		`+ seuser2 = test_get_seuser_nth(sh, second);`
		`+ }`
		`+`
		`+ result = semanage_seuser_compare2(seuser, seuser2);`
		`+ printf("semanage_seuser_compare(%p, %p): %d\n",`
		`+ (void ) seuser, (void ) seuser2, result);`
		`+`
		`+ if (first == second && result != 0) {`
		`+ fprintf(stderr, "Expected same but got different\n");`
		`+ exit(1);`
		`+ }`
		`+ else if (first != second && result == 0) {`
		`+ fprintf(stderr, "Expected different but got same\n");`
		`+ exit(1);`
		`+ }`
		`+`
		`+ destroy_handle(sh, argv[1]);`
		`+`
		`+ exit(0);`
		`+ }`

tests/semanage-seuser-functions/test_count.c

file added

+34

		`@@ -0,0 +1,34 @@`
		`+ #include <stdio.h>`
		`+ #include <stdlib.h>`
		`+ #include <string.h>`
		`+ #include <errno.h>`
		`+ #include <semanage/semanage.h>`
		`+`
		`+ #include "functions.c"`
		`+`
		`+ int main (int argc, char **argv) {`
		`+ semanage_handle_t *sh;`
		`+ unsigned int response;`
		`+ int result;`
		`+`
		`+ if (argc < 2)`
		`+ exit(2);`
		`+`
		`+ sh = get_handle(argv[1]);`
		`+`
		`+ result = semanage_seuser_count(sh, &response);`
		`+ printf("semanage_seuser_count(%p, %p): %d, response: %u\n",`
		`+ (void ) sh, (void ) &response, result, response);`
		`+`
		`+ if (result < 0) {`
		`+ perror("semanage_seuser_count");`
		`+ exit(1);`
		`+ }`
		`+`
		`+ if (argc >= 3)`
		`+ check_result_int(argv[2], response);`
		`+`
		`+ destroy_handle(sh, argv[1]);`
		`+`
		`+ exit(0);`
		`+ }`

tests/semanage-seuser-functions/test_count_local.c

file added

+46

		`@@ -0,0 +1,46 @@`
		`+ #include <stdio.h>`
		`+ #include <stdlib.h>`
		`+ #include <string.h>`
		`+ #include <errno.h>`
		`+ #include <semanage/semanage.h>`
		`+`
		`+ #include "functions.c"`
		`+`
		`+ int main (int argc, char **argv) {`
		`+ semanage_handle_t *sh;`
		`+ semanage_seuser_t *seuser;`
		`+ int result;`
		`+ unsigned int response;`
		`+ int num;`
		`+`
		`+ if (argc < 2)`
		`+ exit(2);`
		`+`
		`+ sh = get_handle(argv[1]);`
		`+`
		`+ num = strtol(argv[2], NULL, 10);`
		`+`
		`+ for (int i = 0; i < num; i++) {`
		`+ seuser = test_get_seuser_nth(sh, i);`
		`+`
		`+ test_add_local_seuser(sh, seuser);`
		`+ }`
		`+`
		`+ result = semanage_seuser_count_local(sh, &response);`
		`+ printf("semanage_seuser_count_local(%p, %p): %d, response: %d\n",`
		`+ (void ) sh, (void ) &response, result, response);`
		`+`
		`+ if (result < 0) {`
		`+ perror("semanage_seuser_count_local");`
		`+ exit(1);`
		`+ }`
		`+`
		`+ if (argc >= 3)`
		`+ check_result_int(argv[2], response);`
		`+`
		`+ test_del_local_seuser(sh, seuser);`
		`+`
		`+ destroy_handle(sh, argv[1]);`
		`+`
		`+ exit(0);`
		`+ }`

tests/semanage-seuser-functions/test_create.c

file added

+53

		`@@ -0,0 +1,53 @@`
		`+ #include <stdio.h>`
		`+ #include <stdlib.h>`
		`+ #include <string.h>`
		`+ #include <errno.h>`
		`+ #include <semanage/semanage.h>`
		`+`
		`+ #include "functions.c"`
		`+`
		`+ int main (int argc, char **argv) {`
		`+ semanage_handle_t *sh;`
		`+ semanage_seuser_t *seuser;`
		`+ int result;`
		`+ const char *str;`
		`+`
		`+ if (argc < 2)`
		`+ exit(2);`
		`+`
		`+ sh = get_handle(argv[1]);`
		`+`
		`+ result = semanage_seuser_create(sh, &seuser);`
		`+ printf("semanage_seuser_create(%p, %p): %d\n",`
		`+ (void ) sh, (void ) seuser, result);`
		`+`
		`+ if (result < 0) {`
		`+ perror("semanage_seuser_create");`
		`+ exit(1);`
		`+ }`
		`+`
		`+ str = semanage_seuser_get_name(seuser);`
		`+`
		`+ if (str != NULL) {`
		`+ fprintf(stderr, "Expected name == NULL, got %s\n", str);`
		`+ exit(1);`
		`+ }`
		`+`
		`+ str = semanage_seuser_get_sename(seuser);`
		`+`
		`+ if (str != NULL) {`
		`+ fprintf(stderr, "Expected sename == NULL, got %s\n", str);`
		`+ exit(1);`
		`+ }`
		`+`
		`+ str = semanage_seuser_get_mlsrange(seuser);`
		`+`
		`+ if (str != NULL) {`
		`+ fprintf(stderr, "Expected mlsrange == NULL, got %s\n", str);`
		`+ exit(1);`
		`+ }`
		`+`
		`+ destroy_handle(sh, argv[1]);`
		`+`
		`+ exit(0);`
		`+ }`

tests/semanage-seuser-functions/test_del_local.c

file added

+64

		`@@ -0,0 +1,64 @@`
		`+ #include <stdio.h>`
		`+ #include <stdlib.h>`
		`+ #include <string.h>`
		`+ #include <errno.h>`
		`+ #include <semanage/semanage.h>`
		`+`
		`+ #include "functions.c"`
		`+`
		`+ int main (int argc, char **argv) {`
		`+ semanage_handle_t *sh;`
		`+ semanage_seuser_t *seuser;`
		`+ semanage_seuser_t *seuser_del;`
		`+ semanage_seuser_key_t *key;`
		`+ semanage_seuser_t **records;`
		`+ int result;`
		`+ unsigned int count;`
		`+`
		`+ if (argc < 4)`
		`+ exit(2);`
		`+`
		`+ sh = get_handle(argv[1]);`
		`+`
		`+ seuser = test_get_seuser(sh, argv[2]);`
		`+`
		`+ test_add_local_seuser(sh, seuser);`
		`+`
		`+ seuser_del = test_get_seuser(sh, argv[3]);`
		`+`
		`+ result = semanage_seuser_key_extract(sh, seuser_del, &key);`
		`+ printf("semanage_seuser_key_extract(%p, %p, %p): %d\n",`
		`+ (void ) sh, (void ) seuser_del, (void *) &key, result);`
		`+`
		`+ if (result < 0) {`
		`+ perror("semanage_seuser_key_extract");`
		`+ exit(2);`
		`+ }`
		`+`
		`+ result = semanage_seuser_del_local(sh, key);`
		`+ printf("semanage_seuser_del_local(%p, %p): %d\n",`
		`+ (void ) seuser, (void ) key, result);`
		`+`
		`+ if (result < 0) {`
		`+ perror("semanage_seuser_del_local");`
		`+ exit(1);`
		`+ }`
		`+`
		`+ result = semanage_seuser_list_local(sh, &records, &count);`
		`+ printf("semanage_seuser_list_local(%p, %p, %p): %d\n",`
		`+ (void ) sh, (void ) &records, (void *) &count, result);`
		`+`
		`+ if (result < 0) {`
		`+ perror("semanage_seuser_list_local");`
		`+ exit(2);`
		`+ }`
		`+`
		`+ if (count != 0) {`
		`+ fprintf(stderr, "Number of local seusers is not 0!\n");`
		`+ exit(1);`
		`+ }`
		`+`
		`+ destroy_handle(sh, argv[1]);`
		`+`
		`+ exit(0);`
		`+ }`

tests/semanage-seuser-functions/test_exists.c

file added

+37

		`@@ -0,0 +1,37 @@`
		`+ #include <stdio.h>`
		`+ #include <stdlib.h>`
		`+ #include <string.h>`
		`+ #include <errno.h>`
		`+ #include <semanage/semanage.h>`
		`+`
		`+ #include "functions.c"`
		`+`
		`+ int main (int argc, char **argv) {`
		`+ semanage_handle_t *sh;`
		`+ semanage_seuser_key_t *key;`
		`+ int result;`
		`+ int response;`
		`+`
		`+ if (argc < 3)`
		`+ exit(2);`
		`+`
		`+ sh = get_handle(argv[1]);`
		`+`
		`+ key = test_get_key(sh, argv[2]);`
		`+`
		`+ result = semanage_seuser_exists(sh, key, &response);`
		`+ printf("semanage_seuser_exists(%p, %p, %p): %d, response: %d\n",`
		`+ (void ) sh, (void ) key, (void *) &response, result, response);`
		`+`
		`+ if (result < 0) {`
		`+ perror("semanage_seuser_exists");`
		`+ exit(1);`
		`+ }`
		`+`
		`+ if (argc >= 4)`
		`+ check_result_int(argv[3], response);`
		`+`
		`+ destroy_handle(sh, argv[1]);`
		`+`
		`+ exit(0);`
		`+ }`

tests/semanage-seuser-functions/test_exists_local.c

file added

+59

		`@@ -0,0 +1,59 @@`
		`+ #include <stdio.h>`
		`+ #include <stdlib.h>`
		`+ #include <string.h>`
		`+ #include <errno.h>`
		`+ #include <semanage/semanage.h>`
		`+`
		`+ #include "functions.c"`
		`+`
		`+ int main (int argc, char **argv) {`
		`+ semanage_handle_t *sh;`
		`+ semanage_seuser_t *seuser;`
		`+ semanage_seuser_t *seuser_exists;`
		`+ semanage_seuser_key_t *key;`
		`+ int result;`
		`+ int response;`
		`+ int exp;`
		`+`
		`+ if (argc < 4)`
		`+ exit(2);`
		`+`
		`+ sh = get_handle(argv[1]);`
		`+`
		`+ seuser = test_get_seuser(sh, argv[2]);`
		`+ seuser_exists = test_get_seuser(sh, argv[3]);`
		`+`
		`+ test_add_local_seuser(sh, seuser);`
		`+`
		`+ result = semanage_seuser_key_extract(sh, seuser_exists, &key);`
		`+ printf("semanage_seuser_key_extract(%p, %p, %p): %d\n",`
		`+ (void ) sh, (void ) seuser_exists, (void *) &key, result);`
		`+ if (result < 0) {`
		`+ perror("semanage_seuser_key_extract");`
		`+ exit(2);`
		`+ }`
		`+`
		`+ result = semanage_seuser_exists_local(sh, key, &response);`
		`+ printf("semanage_seuser_exists_local(%p, %p, %p): %d\n",`
		`+ (void ) sh, (void ) key, (void *) &response, result);`
		`+`
		`+ if (result < 0) {`
		`+ perror("semanage_seuser_exists_local");`
		`+ exit(1);`
		`+ }`
		`+`
		`+ if (argc >= 5) {`
		`+ exp = strtol(argv[4], NULL, 10);`
		`+`
		`+ if (response != exp) {`
		`+ fprintf(stderr, "Expected %d but got %d\n", exp, response);`
		`+ exit(1);`
		`+ }`
		`+ }`
		`+`
		`+ test_del_local_seuser(sh, seuser);`
		`+`
		`+ destroy_handle(sh, argv[1]);`
		`+`
		`+ exit(0);`
		`+ }`

tests/semanage-seuser-functions/test_get_mlsrange.c

file added

+32

		`@@ -0,0 +1,32 @@`
		`+ #include <stdio.h>`
		`+ #include <stdlib.h>`
		`+ #include <string.h>`
		`+ #include <errno.h>`
		`+ #include <semanage/semanage.h>`
		`+`
		`+ #include "functions.c"`
		`+`
		`+ int main (int argc, char **argv) {`
		`+ semanage_handle_t *sh;`
		`+ semanage_seuser_t *seuser;`
		`+`
		`+ if (argc < 4)`
		`+ exit(2);`
		`+`
		`+ sh = get_handle(argv[1]);`
		`+`
		`+ seuser = test_get_seuser(sh, argv[2]);`
		`+`
		`+ const char *name = semanage_seuser_get_mlsrange(seuser);`
		`+ printf("semanage_seuser_get_mlsrange(%p): %s\n",`
		`+ (void *) seuser, name);`
		`+`
		`+ if (strcmp_null(argv[3], name) != 0) {`
		`+ fprintf(stderr, "Expected %s but got %s\n", argv[2], name);`
		`+ exit(1);`
		`+ }`
		`+`
		`+ destroy_handle(sh, argv[1]);`
		`+`
		`+ exit(0);`
		`+ }`

tests/semanage-seuser-functions/test_get_name.c

file added

+32

		`@@ -0,0 +1,32 @@`
		`+ #include <stdio.h>`
		`+ #include <stdlib.h>`
		`+ #include <string.h>`
		`+ #include <errno.h>`
		`+ #include <semanage/semanage.h>`
		`+`
		`+ #include "functions.c"`
		`+`
		`+ int main (int argc, char **argv) {`
		`+ semanage_handle_t *sh;`
		`+ semanage_seuser_t *seuser;`
		`+`
		`+ if (argc < 4)`
		`+ exit(2);`
		`+`
		`+ sh = get_handle(argv[1]);`
		`+`
		`+ seuser = test_get_seuser(sh, argv[2]);`
		`+`
		`+ const char *name = semanage_seuser_get_name(seuser);`
		`+ printf("semanage_seuser_get_name(%p): %s\n",`
		`+ (void *) seuser, name);`
		`+`
		`+ if (strcmp_null(argv[3], name) != 0) {`
		`+ fprintf(stderr, "Expected %s but got %s\n", argv[2], name);`
		`+ exit(1);`
		`+ }`
		`+`
		`+ destroy_handle(sh, argv[1]);`
		`+`
		`+ exit(0);`
		`+ }`

tests/semanage-seuser-functions/test_get_sename.c

file added

+32

		`@@ -0,0 +1,32 @@`
		`+ #include <stdio.h>`
		`+ #include <stdlib.h>`
		`+ #include <string.h>`
		`+ #include <errno.h>`
		`+ #include <semanage/semanage.h>`
		`+`
		`+ #include "functions.c"`
		`+`
		`+ int main (int argc, char **argv) {`
		`+ semanage_handle_t *sh;`
		`+ semanage_seuser_t *seuser;`
		`+`
		`+ if (argc < 4)`
		`+ exit(2);`
		`+`
		`+ sh = get_handle(argv[1]);`
		`+`
		`+ seuser = test_get_seuser(sh, argv[2]);`
		`+`
		`+ const char *name = semanage_seuser_get_sename(seuser);`
		`+ printf("semanage_seuser_get_sename(%p): %s\n",`
		`+ (void *) seuser, name);`
		`+`
		`+ if (strcmp_null(argv[3], name) != 0) {`
		`+ fprintf(stderr, "Expected %s but got %s\n", argv[2], name);`
		`+ exit(1);`
		`+ }`
		`+`
		`+ destroy_handle(sh, argv[1]);`
		`+`
		`+ exit(0);`
		`+ }`

tests/semanage-seuser-functions/test_iterate.c

file added

+49

		`@@ -0,0 +1,49 @@`
		`+ #include <stdio.h>`
		`+ #include <stdlib.h>`
		`+ #include <string.h>`
		`+ #include <errno.h>`
		`+ #include <semanage/semanage.h>`
		`+`
		`+ #include "functions.c"`
		`+`
		`+ int counter = 0;`
		`+`
		`+ int handler(const semanage_seuser_t record, void varg) {`
		`+ char args = (char ) varg;`
		`+`
		`+ const char *name = semanage_seuser_get_name(record);`
		`+`
		`+ if (strcmp(name, args[2 + counter++]) != 0)`
		`+ return -1;`
		`+`
		`+ return 0;`
		`+ }`
		`+`
		`+ int main (int argc, char **argv) {`
		`+ semanage_handle_t *sh;`
		`+ int result;`
		`+`
		`+ if (argc < 2)`
		`+ exit(2);`
		`+`
		`+ sh = get_handle(argv[1]);`
		`+`
		`+ char **param = NULL;`
		`+`
		`+ if (argc >= 3) {`
		`+ param = argv;`
		`+ }`
		`+`
		`+ result = semanage_seuser_iterate(sh, &handler, (void *) param);`
		`+ printf("semanage_seuser_iterate(%p, %p, %p): %d\n",`
		`+ (void ) sh, (void ) &handler, (void *) param, result);`
		`+`
		`+ if (result < 0) {`
		`+ perror("semanage_seuser_iterate");`
		`+ exit(1);`
		`+ }`
		`+`
		`+ destroy_handle(sh, argv[1]);`
		`+`
		`+ exit(0);`
		`+ }`

tests/semanage-seuser-functions/test_key_create.c

file added

+39

		`@@ -0,0 +1,39 @@`
		`+ #include <stdio.h>`
		`+ #include <stdlib.h>`
		`+ #include <string.h>`
		`+ #include <errno.h>`
		`+ #include <semanage/semanage.h>`
		`+`
		`+ #include "functions.c"`
		`+`
		`+ int main (int argc, char **argv) {`
		`+ semanage_handle_t *sh;`
		`+ semanage_seuser_key_t *key;`
		`+ const char *name;`
		`+ int result;`
		`+`
		`+ if (argc < 3)`
		`+ exit(2);`
		`+`
		`+ sh = get_handle(argv[1]);`
		`+`
		`+ if (strcmp(argv[2], "NULL") == 0)`
		`+ name = NULL;`
		`+ else`
		`+ name = argv[2];`
		`+`
		`+ result = semanage_seuser_key_create(sh, name, &key);`
		`+ printf("semanage_seuser_key_create(%p, %s, %p): %d\n",`
		`+ (void ) sh, name, (void ) &key, result);`
		`+`
		`+ if (result < 0 \|\| key == NULL) {`
		`+ perror("semanage_seuser_key_create");`
		`+ exit(1);`
		`+ }`
		`+`
		`+ semanage_seuser_key_free(key);`
		`+`
		`+ destroy_handle(sh, argv[1]);`
		`+`
		`+ exit(0);`
		`+ }`

tests/semanage-seuser-functions/test_key_extract.c

file added

+45

		`@@ -0,0 +1,45 @@`
		`+ #include <stdio.h>`
		`+ #include <stdlib.h>`
		`+ #include <string.h>`
		`+ #include <errno.h>`
		`+ #include <semanage/semanage.h>`
		`+`
		`+ #include "functions.c"`
		`+`
		`+ int main (int argc, char **argv) {`
		`+ semanage_handle_t *sh;`
		`+ semanage_seuser_t *seuser;`
		`+ semanage_seuser_key_t *key;`
		`+ int result;`
		`+`
		`+ if (argc < 3)`
		`+ exit(2);`
		`+`
		`+ sh = get_handle(argv[1]);`
		`+`
		`+ seuser = test_get_seuser(sh, argv[2]);`
		`+`
		`+ result = semanage_seuser_key_extract(sh, seuser, &key);`
		`+ printf("semanage_seuser_key_extract(%p, %p, %p): %d\n",`
		`+ (void ) sh, (void ) seuser, (void *) &key, result);`
		`+`
		`+ if (result < 0) {`
		`+ perror("semanage_seuser_key_extract");`
		`+ exit(1);`
		`+ }`
		`+`
		`+ result = semanage_seuser_compare(seuser, key);`
		`+ printf("semanage_seuser_compare(%p, %p): %d\n",`
		`+ (void ) seuser, (void ) key, result);`
		`+`
		`+ if (result != 0) {`
		`+ perror("semanage_seuser_compare");`
		`+ exit(1);`
		`+ }`
		`+`
		`+ semanage_seuser_key_free(key);`
		`+`
		`+ destroy_handle(sh, argv[1]);`
		`+`
		`+ exit(0);`
		`+ }`

tests/semanage-seuser-functions/test_list.c

file added

+63

		`@@ -0,0 +1,63 @@`
		`+ #include <stdio.h>`
		`+ #include <stdlib.h>`
		`+ #include <string.h>`
		`+ #include <errno.h>`
		`+ #include <semanage/semanage.h>`
		`+`
		`+ #include "functions.c"`
		`+`
		`+ int main (int argc, char **argv) {`
		`+ semanage_handle_t *sh;`
		`+ semanage_seuser_t **records;`
		`+ unsigned int count;`
		`+ int result;`
		`+`
		`+ if (argc < 2)`
		`+ exit(2);`
		`+`
		`+ sh = get_handle(argv[1]);`
		`+`
		`+ result = semanage_seuser_list(sh, &records, &count);`
		`+ printf("semanage_seuser_list(%p, %p, %p): %d",`
		`+ (void ) sh, (void ) &records, (void *) &count, result);`
		`+`
		`+ if (result < 0) {`
		`+ perror("semanage_seuser_list");`
		`+ exit(1);`
		`+ }`
		`+`
		`+ printf(", count: %u, records: ", count);`
		`+`
		`+ const char *name;`
		`+`
		`+ for (unsigned int i = 0; i < count; i++) {`
		`+ name = semanage_seuser_get_name(records[i]);`
		`+ printf("%p (%s), ", (void *) records[i], name);`
		`+ }`
		`+`
		`+ printf("\n");`
		`+`
		`+ if (argc >= 3) {`
		`+ unsigned int exp_count = strtoul(argv[2], NULL, 10);`
		`+`
		`+ if (count != exp_count) {`
		`+ printf("Expected %u but got %u\n", exp_count, count);`
		`+ exit(1);`
		`+ }`
		`+`
		`+ const char *name;`
		`+`
		`+ for (unsigned int i = 0; i < count; i++) {`
		`+ name = semanage_seuser_get_name(records[i]);`
		`+`
		`+ if (strcmp(name, argv[3 + i]) != 0) {`
		`+ printf("Expected %s but got %s\n", name, argv[3 + i]);`
		`+ exit(1);`
		`+ }`
		`+ }`
		`+ }`
		`+`
		`+ destroy_handle(sh, argv[1]);`
		`+`
		`+ exit(0);`
		`+ }`

tests/semanage-seuser-functions/test_modify_local.c

file added

+64

		`@@ -0,0 +1,64 @@`
		`+ #include <stdio.h>`
		`+ #include <stdlib.h>`
		`+ #include <string.h>`
		`+ #include <errno.h>`
		`+ #include <semanage/semanage.h>`
		`+`
		`+ #include "functions.c"`
		`+`
		`+ int main (int argc, char **argv) {`
		`+ semanage_handle_t *sh;`
		`+ semanage_seuser_t *seuser;`
		`+ semanage_seuser_key_t *key;`
		`+ semanage_seuser_t **records;`
		`+ int result;`
		`+ unsigned int count;`
		`+`
		`+ if (argc < 3)`
		`+ exit(2);`
		`+`
		`+ sh = get_handle(argv[1]);`
		`+`
		`+ seuser = test_get_seuser(sh, argv[2]);`
		`+`
		`+ result = semanage_seuser_key_extract(sh, seuser, &key);`
		`+ printf("semanage_seuser_key_extract(%p, %p, %p): %d\n",`
		`+ (void ) sh, (void ) seuser, (void *) &key, result);`
		`+`
		`+ if (result < 0) {`
		`+ perror("semanage_seuser_key_extract");`
		`+ exit(2);`
		`+ }`
		`+`
		`+ result = semanage_seuser_modify_local(sh, key, seuser);`
		`+ printf("semanage_seuser_modify_local(%p, %p, %p): %d\n",`
		`+ (void ) seuser, (void ) key, (void *) seuser, result);`
		`+`
		`+ if (result < 0) {`
		`+ perror("semanage_seuser_modify_local");`
		`+ exit(1);`
		`+ }`
		`+`
		`+ result = semanage_seuser_list_local(sh, &records, &count);`
		`+ printf("semanage_seuser_list_local(%p, %p, %p): %d\n",`
		`+ (void ) sh, (void ) &records, (void *) &count, result);`
		`+`
		`+ if (result < 0) {`
		`+ perror("semanage_seuser_list_local");`
		`+ exit(2);`
		`+ }`
		`+`
		`+ if (count != 1) {`
		`+ fprintf(stderr, "Number of local seusers is %u, expected 1!\n", count);`
		`+ exit(1);`
		`+ }`
		`+`
		`+ if (semanage_seuser_compare(records[0], key) != 0) {`
		`+ fprintf(stderr, "Local seuser is different!\n");`
		`+ exit(1);`
		`+ }`
		`+`
		`+ destroy_handle(sh, argv[1]);`
		`+`
		`+ exit(0);`
		`+ }`

tests/semanage-seuser-functions/test_query.c

file added

+50

		`@@ -0,0 +1,50 @@`
		`+ #include <stdio.h>`
		`+ #include <stdlib.h>`
		`+ #include <string.h>`
		`+ #include <errno.h>`
		`+ #include <semanage/semanage.h>`
		`+`
		`+ #include "functions.c"`
		`+`
		`+ int main (int argc, char **argv) {`
		`+ semanage_handle_t *sh;`
		`+ semanage_seuser_key_t *key;`
		`+ semanage_seuser_t *response;`
		`+ int result;`
		`+`
		`+ if (argc < 3)`
		`+ exit(2);`
		`+`
		`+ sh = get_handle(argv[1]);`
		`+`
		`+ result = semanage_seuser_key_create(sh, argv[2], &key);`
		`+ printf("semanage_seuser_key_create(%p, %s, %p): %d\n",`
		`+ (void ) sh, argv[2], (void ) &key, result);`
		`+`
		`+ if (result < 0 \|\| key == NULL) {`
		`+ perror("semanage_seuser_key_create");`
		`+ exit(2);`
		`+ }`
		`+`
		`+ result = semanage_seuser_query(sh, key, &response);`
		`+ printf("semanage_seuser_query(%p, %p, %p): %d, response: %p\n",`
		`+ (void ) sh, (void ) key, (void ) &response, result, (void ) response);`
		`+`
		`+ if (result < 0) {`
		`+ perror("semanage_seuser_query");`
		`+ exit(1);`
		`+ }`
		`+`
		`+ const char *name = semanage_seuser_get_name(response);`
		`+ printf("semanage_seuser_get_name(%p): %s\n",`
		`+ (void *) response, name);`
		`+`
		`+ if (strcmp(argv[2], name) != 0) {`
		`+ perror("semanage_seuser_get_name");`
		`+ exit(2);`
		`+ }`
		`+`
		`+ destroy_handle(sh, argv[1]);`
		`+`
		`+ exit(0);`
		`+ }`

tests/semanage-seuser-functions/test_set_mlsrange.c

file added

+62

		`@@ -0,0 +1,62 @@`
		`+ #include <stdio.h>`
		`+ #include <stdlib.h>`
		`+ #include <string.h>`
		`+ #include <errno.h>`
		`+ #include <semanage/semanage.h>`
		`+`
		`+ #include "functions.c"`
		`+`
		`+ int main (int argc, char **argv) {`
		`+ semanage_handle_t *sh;`
		`+ semanage_seuser_t *user;`
		`+ int result;`
		`+ const char *mlsrange;`
		`+`
		`+ if (argc < 3)`
		`+ exit(2);`
		`+`
		`+ sh = get_handle(argv[1]);`
		`+`
		`+ user = test_get_seuser(sh, "first");`
		`+`
		`+ if (strcmp(argv[2], "NULL") == 0)`
		`+ mlsrange = NULL;`
		`+ else`
		`+ mlsrange = argv[2];`
		`+`
		`+ const char *old_mlsrange = semanage_seuser_get_mlsrange(user);`
		`+ printf("semanage_seuser_get_mlsrange(%p): %s\n",`
		`+ (void *) user, old_mlsrange);`
		`+`
		`+ if (old_mlsrange == NULL) {`
		`+ perror("semanage_seuser_get_mlsrange");`
		`+ exit(2);`
		`+ }`
		`+`
		`+ if (strcmp(old_mlsrange, mlsrange) == 0) {`
		`+ printf("New mlsrange is the same\n");`
		`+ exit(2);`
		`+ }`
		`+`
		`+ result = semanage_seuser_set_mlsrange(sh, user, mlsrange);`
		`+ printf("semanage_seuser_set_mlsrange(%p, %p, %s): %d\n",`
		`+ (void ) sh, (void ) user, mlsrange, result);`
		`+`
		`+ if (result < 0) {`
		`+ perror("semanage_seuser_set_mlsrange");`
		`+ exit(1);`
		`+ }`
		`+`
		`+ const char *new_mlsrange = semanage_seuser_get_mlsrange(user);`
		`+ printf("semanage_seuser_get_mlsrange(%p): %s\n",`
		`+ (void *) user, new_mlsrange);`
		`+`
		`+ if (strcmp(new_mlsrange, mlsrange) != 0) {`
		`+ perror("semanage_seuser_get_mlsrange");`
		`+ exit(1);`
		`+ }`
		`+`
		`+ destroy_handle(sh, argv[1]);`
		`+`
		`+ exit(0);`
		`+ }`

tests/semanage-seuser-functions/test_set_name.c

file added

+62

		`@@ -0,0 +1,62 @@`
		`+ #include <stdio.h>`
		`+ #include <stdlib.h>`
		`+ #include <string.h>`
		`+ #include <errno.h>`
		`+ #include <semanage/semanage.h>`
		`+`
		`+ #include "functions.c"`
		`+`
		`+ int main (int argc, char **argv) {`
		`+ semanage_handle_t *sh;`
		`+ semanage_seuser_t *user;`
		`+ int result;`
		`+ const char *name;`
		`+`
		`+ if (argc < 3)`
		`+ exit(2);`
		`+`
		`+ sh = get_handle(argv[1]);`
		`+`
		`+ user = test_get_seuser(sh, "first");`
		`+`
		`+ if (strcmp(argv[2], "NULL") == 0)`
		`+ name = NULL;`
		`+ else`
		`+ name = argv[2];`
		`+`
		`+ const char *old_name = semanage_seuser_get_name(user);`
		`+ printf("semanage_seuser_get_name(%p): %s\n",`
		`+ (void *) user, old_name);`
		`+`
		`+ if (old_name == NULL) {`
		`+ perror("semanage_seuser_get_name");`
		`+ exit(2);`
		`+ }`
		`+`
		`+ if (strcmp(old_name, name) == 0) {`
		`+ printf("New name is the same\n");`
		`+ exit(2);`
		`+ }`
		`+`
		`+ result = semanage_seuser_set_name(sh, user, name);`
		`+ printf("semanage_seuser_set_name(%p, %p, %s): %d\n",`
		`+ (void ) sh, (void ) user, name, result);`
		`+`
		`+ if (result < 0) {`
		`+ perror("semanage_seuser_set_name");`
		`+ exit(1);`
		`+ }`
		`+`
		`+ const char *new_name = semanage_seuser_get_name(user);`
		`+ printf("semanage_seuser_get_name(%p): %s\n",`
		`+ (void *) user, new_name);`
		`+`
		`+ if (strcmp(new_name, name) != 0) {`
		`+ perror("semanage_seuser_get_name");`
		`+ exit(1);`
		`+ }`
		`+`
		`+ destroy_handle(sh, argv[1]);`
		`+`
		`+ exit(0);`
		`+ }`

tests/semanage-seuser-functions/test_set_sename.c

file added

+62

		`@@ -0,0 +1,62 @@`
		`+ #include <stdio.h>`
		`+ #include <stdlib.h>`
		`+ #include <string.h>`
		`+ #include <errno.h>`
		`+ #include <semanage/semanage.h>`
		`+`
		`+ #include "functions.c"`
		`+`
		`+ int main (int argc, char **argv) {`
		`+ semanage_handle_t *sh;`
		`+ semanage_seuser_t *user;`
		`+ int result;`
		`+ const char *name;`
		`+`
		`+ if (argc < 3)`
		`+ exit(2);`
		`+`
		`+ sh = get_handle(argv[1]);`
		`+`
		`+ user = test_get_seuser(sh, "first");`
		`+`
		`+ if (strcmp(argv[2], "NULL") == 0)`
		`+ name = NULL;`
		`+ else`
		`+ name = argv[2];`
		`+`
		`+ const char *old_name = semanage_seuser_get_sename(user);`
		`+ printf("semanage_seuser_get_sename(%p): %s\n",`
		`+ (void *) user, old_name);`
		`+`
		`+ if (old_name == NULL) {`
		`+ perror("semanage_seuser_get_sename");`
		`+ exit(2);`
		`+ }`
		`+`
		`+ if (strcmp(old_name, name) == 0) {`
		`+ printf("New name is the same\n");`
		`+ exit(2);`
		`+ }`
		`+`
		`+ result = semanage_seuser_set_sename(sh, user, name);`
		`+ printf("semanage_seuser_set_sename(%p, %p, %s): %d\n",`
		`+ (void ) sh, (void ) user, name, result);`
		`+`
		`+ if (result < 0) {`
		`+ perror("semanage_seuser_set_sename");`
		`+ exit(1);`
		`+ }`
		`+`
		`+ const char *new_name = semanage_seuser_get_sename(user);`
		`+ printf("semanage_seuser_get_sename(%p): %s\n",`
		`+ (void *) user, new_name);`
		`+`
		`+ if (strcmp(new_name, name) != 0) {`
		`+ perror("semanage_seuser_get_sename");`
		`+ exit(1);`
		`+ }`
		`+`
		`+ destroy_handle(sh, argv[1]);`
		`+`
		`+ exit(0);`
		`+ }`

tests/tests.yml

file added

+22

		`@@ -0,0 +1,22 @@`
		`+ ---`
		`+ # Tests that run in all contexts`
		`+ - hosts: localhost`
		`+ roles:`
		`+ - role: standard-test-beakerlib`
		`+ tags:`
		`+ - classic`
		`+ tests:`
		`+ - semanage-handle-functions`
		`+ - semanage-seuser-functions`
		`+ - verify-options-in-semanage-conf`
		`+ required_packages:`
		`+ - libsemanage # Required for semanage-*-functions tests`
		`+ - libsemanage-devel # Required for semanage-*-functions tests`
		`+ - glibc # Required for semanage-*-functions tests`
		`+ - gcc # Required for semanage-*-functions tests`
		`+ - libselinux # Required for verify-options-in-semanage-conf`
		`+ - libselinux-utils # Required for verify-options-in-semanage-conf`
		`+ - policycoreutils # Required for verify-options-in-semanage-conf`
		`+ - policycoreutils-python # Required for verify-options-in-semanage-conf when running on RHEL`
		`+ - selinux-policy # Required for verify-options-in-semanage-conf`
		`+ - selinux-policy-devel # Required for verify-options-in-semanage-conf`

tests/verify-options-in-semanage-conf/Makefile

file added

+64

		`@@ -0,0 +1,64 @@`
		`+ # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~`
		`+ #`
		`+ # Makefile of /CoreOS/libsemanage/Sanity/verify-options-in-semanage-conf`
		`+ # Description: Are the verify options in semanage.conf honored?`
		`+ # Author: Milos Malik <mmalik@redhat.com>`
		`+ #`
		`+ # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~`
		`+ #`
		`+ # Copyright (c) 2016 Red Hat, Inc.`
		`+ #`
		`+ # This copyrighted material is made available to anyone wishing`
		`+ # to use, modify, copy, or redistribute it subject to the terms`
		`+ # and conditions of the GNU General Public License version 2.`
		`+ #`
		`+ # This program is distributed in the hope that it will be`
		`+ # useful, but WITHOUT ANY WARRANTY; without even the implied`
		`+ # warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR`
		`+ # PURPOSE. See the GNU General Public License for more details.`
		`+ #`
		`+ # You should have received a copy of the GNU General Public`
		`+ # License along with this program; if not, write to the Free`
		`+ # Software Foundation, Inc., 51 Franklin Street, Fifth Floor,`
		`+ # Boston, MA 02110-1301, USA.`
		`+ #`
		`+ # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~`
		`+`
		`+ export TEST=/CoreOS/libsemanage/Sanity/verify-options-in-semanage-conf`
		`+ export TESTVERSION=1.0`
		`+`
		`+ BUILT_FILES=`
		`+`
		`+ FILES=$(METADATA) runtest.sh Makefile PURPOSE empty.te`
		`+`
		`+ .PHONY: all install download clean`
		`+`
		`+ run: $(FILES) build`
		`+ ./runtest.sh`
		`+`
		`+ build: $(BUILT_FILES)`
		`+ test -x runtest.sh \|\| chmod a+x runtest.sh`
		`+`
		`+ clean:`
		`+ rm -f *~ $(BUILT_FILES)`
		`+`
		`+ include /usr/share/rhts/lib/rhts-make.include`
		`+`
		`+ $(METADATA): Makefile`
		`+ @echo "Owner: Milos Malik <mmalik@redhat.com>" > $(METADATA)`
		`+ @echo "Name: $(TEST)" >> $(METADATA)`
		`+ @echo "TestVersion: $(TESTVERSION)" >> $(METADATA)`
		`+ @echo "Path: $(TEST_DIR)" >> $(METADATA)`
		`+ @echo "Description: Are the verify options in semanage.conf honored?" >> $(METADATA)`
		`+ @echo "Type: Sanity" >> $(METADATA)`
		`+ @echo "TestTime: 10m" >> $(METADATA)`
		`+ @echo "RunFor: libsemanage" >> $(METADATA)`
		`+ @echo "Requires: libselinux libselinux-utils libsemanage policycoreutils policycoreutils-python selinux-policy selinux-policy-devel" >> $(METADATA)`
		`+ @echo "Priority: Normal" >> $(METADATA)`
		`+ @echo "License: GPLv2" >> $(METADATA)`
		`+ @echo "Confidential: no" >> $(METADATA)`
		`+ @echo "Destructive: no" >> $(METADATA)`
		`+ @echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA)`
		`+`
		`+ rhts-lint $(METADATA)`
		`+`

tests/verify-options-in-semanage-conf/PURPOSE

file added

		`@@ -0,0 +1,9 @@`
		`+ PURPOSE of /CoreOS/libsemanage/Sanity/verify-options-in-semanage-conf`
		`+ Author: Milos Malik <mmalik@redhat.com>`
		`+`
		`+ Are the verify options in semanage.conf honored?`
		`+ Tested options: verify kernel, verify module, verify linked`
		`+ Tested tools: semodule, semanage`
		`+ Positive and negative cases are tested.`
		`+ Original information found at http://selinuxproject.org/page/PolicyValidate`
		`+`

tests/verify-options-in-semanage-conf/empty.te

file added

		`@@ -0,0 +1,2 @@`
		`+ policy_module(empty,1.0)`
		`+`

tests/verify-options-in-semanage-conf/runtest.sh

file added

+142

		`@@ -0,0 +1,142 @@`
		`+ #!/bin/bash`
		`+ # vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k`
		`+ # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~`
		`+ #`
		`+ # runtest.sh of /CoreOS/libsemanage/Sanity/verify-options-in-semanage-conf`
		`+ # Description: Are the verify options in semanage.conf honored?`
		`+ # Author: Milos Malik <mmalik@redhat.com>`
		`+ #`
		`+ # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~`
		`+ #`
		`+ # Copyright (c) 2016 Red Hat, Inc.`
		`+ #`
		`+ # This copyrighted material is made available to anyone wishing`
		`+ # to use, modify, copy, or redistribute it subject to the terms`
		`+ # and conditions of the GNU General Public License version 2.`
		`+ #`
		`+ # This program is distributed in the hope that it will be`
		`+ # useful, but WITHOUT ANY WARRANTY; without even the implied`
		`+ # warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR`
		`+ # PURPOSE. See the GNU General Public License for more details.`
		`+ #`
		`+ # You should have received a copy of the GNU General Public`
		`+ # License along with this program; if not, write to the Free`
		`+ # Software Foundation, Inc., 51 Franklin Street, Fifth Floor,`
		`+ # Boston, MA 02110-1301, USA.`
		`+ #`
		`+ # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~`
		`+`
		`+ # Include Beaker environment`
		`+ . /usr/bin/rhts-environment.sh \|\| exit 1`
		`+ . /usr/share/beakerlib/beakerlib.sh \|\| exit 1`
		`+`
		`+ PACKAGE="libsemanage"`
		`+ MODULE_NAME="empty"`
		`+ SEMANAGE_CONF="/etc/selinux/semanage.conf"`
		`+`
		`+ rlJournalStart`
		`+ rlPhaseStartSetup`
		`+ rlAssertRpm ${PACKAGE}`
		`+ rlAssertRpm policycoreutils`
		`+ rlAssertRpm selinux-policy`
		`+ rlFileBackup ${SEMANAGE_CONF}`
		`+ rlRun "rpm -qf /usr/sbin/semanage"`
		`+ rlRun "grep -v -e '^#' -e '^$' ${SEMANAGE_CONF}"`
		+ OUTPUT_FILE=`mktemp`
		`+`
		`+ rlRun "setenforce 1"`
		`+ rlRun "sestatus"`
		`+ rlRun "ls -l ${MODULE_NAME}.te"`
		`+ rlRun "make -f /usr/share/selinux/devel/Makefile"`
		`+ rlRun "ls -l ${MODULE_NAME}.pp"`
		`+ rlPhaseEnd`
		`+`
		`+ rlLog "positive cases follow"`
		`+ # TODO: /bin/true could be replaced a script, which prints the supplied arguments into a file for further inspection`
		`+`
		`+ rlPhaseStartTest "verify kernel"`
		`+ rlRun "semodule -r ${MODULE_NAME}" 0,1`
		`+ rlFileRestore`
		`+ rlRun "echo -en '[verify kernel]\npath = /bin/true\nargs = \$@\n[end]\n' >> ${SEMANAGE_CONF}"`
		`+ rlRun "semodule -i ${MODULE_NAME}.pp 2>&1 \| tee ${OUTPUT_FILE}"`
		`+ rlAssertNotGrep "semodule.*failed" ${OUTPUT_FILE} -i`
		`+ rlRun "semodule -l \| grep ${MODULE_NAME}"`
		`+ rlRun "semanage module -a ${MODULE_NAME}.pp 2>&1 \| tee ${OUTPUT_FILE}"`
		`+ rlAssertNotGrep "could not commit semanage transaction\|no such file or directory" ${OUTPUT_FILE} -Ei`
		`+ rlRun "semanage module -l \| grep ${MODULE_NAME}"`
		`+ rlPhaseEnd`
		`+`
		`+ rlPhaseStartTest "verify module"`
		`+ rlRun "semodule -r ${MODULE_NAME}" 0,1`
		`+ rlFileRestore`
		`+ rlRun "echo -en '[verify module]\npath = /bin/true\nargs = \$@\n[end]\n' >> ${SEMANAGE_CONF}"`
		`+ rlRun "semodule -i ${MODULE_NAME}.pp 2>&1 \| tee ${OUTPUT_FILE}"`
		`+ rlAssertNotGrep "semodule.*failed" ${OUTPUT_FILE} -i`
		`+ rlRun "semodule -l \| grep ${MODULE_NAME}"`
		`+ rlRun "semanage module -a ${MODULE_NAME}.pp 2>&1 \| tee ${OUTPUT_FILE}"`
		`+ rlAssertNotGrep "could not commit semanage transaction\|no such file or directory" ${OUTPUT_FILE} -Ei`
		`+ rlRun "semanage module -l \| grep ${MODULE_NAME}"`
		`+ rlPhaseEnd`
		`+`
		`+ if rlIsRHEL '<7.3' ; then # because "[verify linked]" was dropped`
		`+ rlPhaseStartTest "verify linked"`
		`+ rlRun "semodule -r ${MODULE_NAME}" 0,1`
		`+ rlFileRestore`
		`+ rlRun "echo -en '[verify linked]\npath = /bin/true\nargs = \$@\n[end]\n' >> ${SEMANAGE_CONF}"`
		`+ rlRun "semodule -i ${MODULE_NAME}.pp 2>&1 \| tee ${OUTPUT_FILE}"`
		`+ rlAssertNotGrep "semodule.*failed" ${OUTPUT_FILE} -i`
		`+ rlRun "semodule -l \| grep ${MODULE_NAME}"`
		`+ rlRun "semanage module -a ${MODULE_NAME}.pp 2>&1 \| tee ${OUTPUT_FILE}"`
		`+ rlAssertNotGrep "could not commit semanage transaction\|no such file or directory" ${OUTPUT_FILE} -Ei`
		`+ rlRun "semanage module -l \| grep ${MODULE_NAME}"`
		`+ rlPhaseEnd`
		`+ fi`
		`+`
		`+ rlLog "negative cases follow"`
		`+ # TODO: /bin/false could be replaced a script, which prints the supplied arguments into a file for further inspection`
		`+`
		`+ rlPhaseStartTest "verify kernel"`
		`+ rlRun "semodule -r ${MODULE_NAME}" 0,1`
		`+ rlFileRestore`
		`+ rlRun "echo -en '[verify kernel]\npath = /bin/false\nargs = \$@\n[end]\n' >> ${SEMANAGE_CONF}"`
		`+ rlRun "semodule -i ${MODULE_NAME}.pp 2>&1 \| tee ${OUTPUT_FILE}"`
		`+ rlAssertGrep "semodule.*failed" ${OUTPUT_FILE} -i`
		`+ rlRun "semodule -l \| grep ${MODULE_NAME}" 1`
		`+ rlRun "semanage module -a ${MODULE_NAME}.pp 2>&1 \| tee ${OUTPUT_FILE}"`
		`+ rlAssertGrep "could not commit semanage transaction\|no such file or directory" ${OUTPUT_FILE} -Ei`
		`+ rlRun "semanage module -l \| grep ${MODULE_NAME}" 1`
		`+ rlPhaseEnd`
		`+`
		`+ rlPhaseStartTest "verify module"`
		`+ rlRun "semodule -r ${MODULE_NAME}" 0,1`
		`+ rlFileRestore`
		`+ rlRun "echo -en '[verify module]\npath = /bin/false\nargs = \$@\n[end]\n' >> ${SEMANAGE_CONF}"`
		`+ rlRun "semodule -i ${MODULE_NAME}.pp 2>&1 \| tee ${OUTPUT_FILE}"`
		`+ rlAssertGrep "semodule.*failed" ${OUTPUT_FILE} -i`
		`+ rlRun "semodule -l \| grep ${MODULE_NAME}" 1`
		`+ rlRun "semanage module -a ${MODULE_NAME}.pp 2>&1 \| tee ${OUTPUT_FILE}"`
		`+ rlAssertGrep "could not commit semanage transaction\|no such file or directory" ${OUTPUT_FILE} -Ei`
		`+ rlRun "semanage module -l \| grep ${MODULE_NAME}" 1`
		`+ rlPhaseEnd`
		`+`
		`+ if rlIsRHEL '<7.3' ; then # because "[verify linked]" was dropped`
		`+ rlPhaseStartTest "verify linked"`
		`+ rlRun "semodule -r ${MODULE_NAME}" 0,1`
		`+ rlFileRestore`
		`+ rlRun "echo -en '[verify linked]\npath = /bin/false\nargs = \$@\n[end]\n' >> ${SEMANAGE_CONF}"`
		`+ rlRun "semodule -i ${MODULE_NAME}.pp 2>&1 \| tee ${OUTPUT_FILE}"`
		`+ rlAssertGrep "semodule.*failed" ${OUTPUT_FILE} -i`
		`+ rlRun "semodule -l \| grep ${MODULE_NAME}" 1`
		`+ rlRun "semanage module -a ${MODULE_NAME}.pp 2>&1 \| tee ${OUTPUT_FILE}"`
		`+ rlAssertGrep "could not commit semanage transaction\|no such file or directory" ${OUTPUT_FILE} -Ei`
		`+ rlRun "semanage module -l \| grep ${MODULE_NAME}" 1`
		`+ rlPhaseEnd`
		`+ fi`
		`+`
		`+ rlPhaseStartCleanup`
		`+ rlRun "rm -f ${MODULE_NAME}.pp ${OUTPUT_FILE}"`
		`+ rlFileRestore`
		`+ rlPhaseEnd`
		`+ rlJournalPrintText`
		`+ rlJournalEnd`
		`+`

no initial comment

sturivny commented 6 years ago

Justification

Adds tests according to the CI wiki [0] specifically the standard test interface in the spec [1].

The playbook includes Tier1 level test cases that have been tested in the following contexts and is passing reliably: Atomic Host, Docker, and Classic.
Test logs are stored in the Artifacts directory.

The following steps are used to execute the tests using the standard test interface:

Test enveronment

Make sure you have installed packages from the spec

$ rpm -q ansible python2-dnf libselinux-python standard-test-roles
ansible-2.3.2.0-1.fc26.noarch
python2-dnf-2.6.3-11.fc26.noarch
libselinux-python-2.6-7.fc26.x86_64
standard-test-roles-2.4-1.fc26.noarch

Atomic

Tests do not run on atomic

Docker Container

Tests do not run on docker container

Run tests for Classic

$ sudo ANSIBLE_INVENTORY=$(test -e inventory && echo inventory || echo /usr/share/ansible/inventory) TEST_SUBJECTS="" 
$ sudo ansible-playbook --tags classic tests.yml

[0] https://fedoraproject.org/wiki/CI
[1] https://fedoraproject.org/wiki/Changes/InvokingTests

Snip of the example test run for Classic tests:

TASK [standard-test-beakerlib : Check the results] ******************************************************************************************************************************************************************
changed: [localhost]

PLAY RECAP **********************************************************************************************************************************************************************************************************
localhost                  : ok=15   changed=8    unreachable=0    failed=0   

PASS semanage-handle-functions
PASS semanage-seuser-functions
PASS verify-options-in-semanage-conf

Notes

Tests will be enabled in CI, yet gating is currently disabled, so nothing will change. Tests will run on each dist-git commit, they are not triggered by koji builds and if you are using FMN, it should notify you of failures normally.

The RH QE maintainer contact in case you have questions: sturivny @redhat.com
The idea is that these tests become yours just as you're maintaining the package, there will, of course, be people around if you have questions or troubles.

Edited 6 years ago by sturivny

plautrba commented 6 years ago

Please update your templates to provide correct informations how to run tests. See https://src.fedoraproject.org/rpms/checkpolicy/pull-request/1 if you need some inspiration.

plautrba commented 6 years ago

verify-options-in-semanage-conf test fails on Rawhide. For some reason it checks if policycoreutils-python is installed.

plautrba commented 6 years ago

There are 2 issues in the verify-options-in-semanage-conf test:

line with rlAssertRpm policycoreutils-python is intended to check if /usr/sbin/semanage in installed. But semanage command is part of policycoreutils-python-utils package in Fedora
policycoreutils-python was renamed to python2-policycoreutils in Rawhide

Both issues can be fixed simply by changing the line with rlAssertRpm policycoreutils-python to assert whether /usr/sbin/semanage is in a system

plautrba commented 6 years ago

@sturivny issues I reported should be already fixed in the original source of tests. Please update the pull request so I can retest it and eventually merge it

Edited 6 years ago by plautrba

plautrba commented 6 years ago

@sturivny ping - https://src.fedoraproject.org/rpms/libsemanage/pull-request/2#comment-1416

sturivny commented 6 years ago