github.com/blixtra/rkt@v0.8.1-0.20160204105720-ab0d1add1a43/pkg/selinux/selinux_test.go (about) 1 // Copyright 2014,2015 Red Hat, Inc 2 // Copyright 2014,2015 Docker, Inc 3 // 4 // Licensed under the Apache License, Version 2.0 (the "License"); 5 // you may not use this file except in compliance with the License. 6 // You may obtain a copy of the License at 7 // 8 // http://www.apache.org/licenses/LICENSE-2.0 9 // 10 // Unless required by applicable law or agreed to in writing, software 11 // distributed under the License is distributed on an "AS IS" BASIS, 12 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 // See the License for the specific language governing permissions and 14 // limitations under the License. 15 16 // +build linux 17 18 package selinux_test 19 20 import ( 21 "os" 22 "testing" 23 24 "github.com/coreos/rkt/pkg/selinux" 25 ) 26 27 func testSetfilecon(t *testing.T) { 28 if selinux.SelinuxEnabled() { 29 tmp := "selinux_test" 30 out, _ := os.OpenFile(tmp, os.O_WRONLY, 0) 31 out.Close() 32 err := selinux.Setfilecon(tmp, "system_u:object_r:bin_t:s0") 33 if err != nil { 34 t.Log("Setfilecon failed") 35 t.Fatal(err) 36 } 37 os.Remove(tmp) 38 } 39 } 40 41 func TestSELinux(t *testing.T) { 42 var ( 43 err error 44 plabel, flabel string 45 ) 46 47 if selinux.SelinuxEnabled() { 48 t.Log("Enabled") 49 plabel, flabel = selinux.GetLxcContexts() 50 if plabel == "" { 51 t.Log("No lxc contexts, skipping tests") 52 return 53 } 54 t.Log(plabel) 55 t.Log(flabel) 56 selinux.FreeLxcContexts(plabel) 57 plabel, flabel = selinux.GetLxcContexts() 58 t.Log(plabel) 59 t.Log(flabel) 60 selinux.FreeLxcContexts(plabel) 61 t.Log("getenforce ", selinux.SelinuxGetEnforce()) 62 t.Log("getenforcemode ", selinux.SelinuxGetEnforceMode()) 63 pid := os.Getpid() 64 t.Logf("PID:%d MCS:%s\n", pid, selinux.IntToMcs(pid, 1023)) 65 err = selinux.Setfscreatecon("unconfined_u:unconfined_r:unconfined_t:s0") 66 if err == nil { 67 t.Log(selinux.Getfscreatecon()) 68 } else { 69 t.Log("setfscreatecon failed", err) 70 t.Fatal(err) 71 } 72 err = selinux.Setfscreatecon("") 73 if err == nil { 74 t.Log(selinux.Getfscreatecon()) 75 } else { 76 t.Log("setfscreatecon failed", err) 77 t.Fatal(err) 78 } 79 t.Log(selinux.Getpidcon(1)) 80 } else { 81 t.Log("Disabled") 82 } 83 }