Security Enhanced Linux
What's New
Frequently Asked Questions
Background
Documents
License
Download
Participating
Mail List
Archives
Remaining Work
Contributors
Related Work
Press Releases
Information Assurance Research
NIARL In-house Research Areas
Mathematical Sciences Program
Sabbaticals
Computer & Information Sciences Research
Technology Transfer
Advanced Computing
Advanced Mathematics
Communications & Networking
Information Processing
Microelectronics
Other Technologies
Technology Fact Sheets
Publications
Related Links
|
SELinux Mailing List
subject: [PATCH 6/6] netfilter integration: add netfilter contexts sorting test case Date: Mon, 17 Jul 2006 16:32:38 -0400
libsemanage/tests/Makefile | 6 +- libsemanage/tests/nc_sort_malformed | 25 ++++++++++ libsemanage/tests/nc_sort_sorted | 25 ++++++++++ libsemanage/tests/nc_sort_unsorted | 27 +++++++++++ libsemanage/tests/test_semanage_store.c | 73 ++++++++++++++++++++++++++++++++ libsemanage/tests/test_semanage_store.h | 26 files changed, 155 insertions(+), 3 deletions(-) diff --exclude .svn -purN trunk/libsemanage/tests/Makefile netfilter-integration/libsemanage/tests/Makefile --- trunk/libsemanage/tests/Makefile 2006-07-11 11:53:29.388406000 -0400@@ -5,7 +5,7 @@ SOURCES = $(wildcard *.c) TESTSRC=../src
# Add the required external object files here:
-LIBSEMANAGE = ../src/libsemanage.a
###########################################################################
@@ -13,13 +13,13 @@ EXECUTABLE = libsemanage-tests
CC = gcc
INCLUDE = -I$(TESTSRC) -I$(TESTSRC)/../include/semanage -LDFLAGS = -lcunit -lsemanage +LDFLAGS = -lcunit OBJECTS = $(SOURCES:.c=.o) all: $(EXECUTABLE) $(EXECUTABLE): $(OBJECTS) - $(CC) $(OBJECTS) $(LIBSEMANAGE) $(LDFLAGS) -o $@@@ -0,0 +1,25 @@ +1 *mangle +1 :PREROUTING ACCEPT [0:0] +1 :INPUT ACCEPT [0:0] +1 :FORWARD ACCEPT [0:0] +1 :OUTPUT ACCEPT [0:0] +1 :POSTROUTING ACCEPT [0:0] +1 :selinux_input - [0:0] +1 :selinux_output - [0:0] +1 :selinux_new_input - [0:0] +1 :selinux_new_output - [0:0] +1 -A INPUT -j selinux_input +1 -A OUTPUT -j selinux_output +1 -A selinux_input -m state --state NEW -j selinux_new_input +1 -A selinux_input -m state --state RELATED,ESTABLISHED -j CONNSECMARK --restore +1 -A selinux_output -m state --state NEW -j selinux_new_output +1 -A selinux_output -m state --state RELATED,ESTABLISHED -j CONNSECMARK --restore +1 -A selinux_new_input -j SECMARK --selctx system_u:object_r:server_packet_t +5 -A selinux_new_input -p tcp --dport 80 -j SECMARK --selctx system_u:object_r:http_server_packet_t +-A selinux_new_input -j CONNSECMARK --save +9 -A selinux_new_input -j RETURN +1 -A selinux_new_output -j SECMARK --selctx system_u:object_r:client_packet_t +5 -A selinux_new_output -p tcp --dport 80 -j SECMARK --selctx system_u:object_r:http_client_packet_t +9 -A selinux_new_output -j CONNSECMARK --save +9 -A selinux_new_output -j RETURN +9 COMMIT diff --exclude .svn -purN trunk/libsemanage/tests/nc_sort_sorted netfilter-integration/libsemanage/tests/nc_sort_sorted --- trunk/libsemanage/tests/nc_sort_sorted 1969-12-31 19:00:00.000000000 -0500@@ -0,0 +1,25 @@ +*mangle +:PREROUTING ACCEPT [0:0] +:INPUT ACCEPT [0:0] +:FORWARD ACCEPT [0:0] +:OUTPUT ACCEPT [0:0] +:POSTROUTING ACCEPT [0:0] +:selinux_input - [0:0] +:selinux_output - [0:0] +:selinux_new_input - [0:0] +:selinux_new_output - [0:0] +-A INPUT -j selinux_input +-A OUTPUT -j selinux_output +-A selinux_input -m state --state NEW -j selinux_new_input +-A selinux_input -m state --state RELATED,ESTABLISHED -j CONNSECMARK --restore +-A selinux_output -m state --state NEW -j selinux_new_output +-A selinux_output -m state --state RELATED,ESTABLISHED -j CONNSECMARK --restore +-A selinux_new_input -j SECMARK --selctx system_u:object_r:server_packet_t +-A selinux_new_output -j SECMARK --selctx system_u:object_r:client_packet_t +-A selinux_new_input -p tcp --dport 80 -j SECMARK --selctx system_u:object_r:http_server_packet_t +-A selinux_new_output -p tcp --dport 80 -j SECMARK --selctx system_u:object_r:http_client_packet_t +-A selinux_new_input -j CONNSECMARK --save +-A selinux_new_input -j RETURN +-A selinux_new_output -j CONNSECMARK --save +-A selinux_new_output -j RETURN +COMMIT diff --exclude .svn -purN trunk/libsemanage/tests/nc_sort_unsorted netfilter-integration/libsemanage/tests/nc_sort_unsorted --- trunk/libsemanage/tests/nc_sort_unsorted 1969-12-31 19:00:00.000000000 -0500@@ -0,0 +1,27 @@ +1 *mangle +1 :PREROUTING ACCEPT [0:0] +1 :INPUT ACCEPT [0:0] +1 :FORWARD ACCEPT [0:0] +1 :OUTPUT ACCEPT [0:0] +1 :POSTROUTING ACCEPT [0:0] +1 :selinux_input - [0:0] +1 :selinux_output - [0:0] +1 :selinux_new_input - [0:0] +1 :selinux_new_output - [0:0] +# a comment +1 -A INPUT -j selinux_input +1 -A OUTPUT -j selinux_output +1 -A selinux_input -m state --state NEW -j selinux_new_input +1 -A selinux_input -m state --state RELATED,ESTABLISHED -j CONNSECMARK --restore +1 -A selinux_output -m state --state NEW -j selinux_new_output + # another comment +1 -A selinux_output -m state --state RELATED,ESTABLISHED -j CONNSECMARK --restore +1-A selinux_new_input -j SECMARK --selctx system_u:object_r:server_packet_t +5 -A selinux_new_input -p tcp --dport 80 -j SECMARK --selctx system_u:object_r:http_server_packet_t +9 -A selinux_new_input -j CONNSECMARK --save +9 -A selinux_new_input -j RETURN +1 -A selinux_new_output -j SECMARK --selctx system_u:object_r:client_packet_t +5 -A selinux_new_output -p tcp --dport 80 -j SECMARK --selctx system_u:object_r:http_client_packet_t +9 -A selinux_new_output -j CONNSECMARK --save +9 -A selinux_new_output -j RETURN +9 COMMIT diff --exclude .svn -purN trunk/libsemanage/tests/test_semanage_store.c netfilter-integration/libsemanage/tests/test_semanage_store.c --- trunk/libsemanage/tests/test_semanage_store.c 2006-07-11 11:53:29.388406000 -0400@@ -1,5 +1,6 @@ /* Authors: Christopher Ashworth <cashworth@tresys.com> * Caleb Case <ccase@tresys.com> #include <unistd.h> #include <CUnit/Basic.h> @@ -118,6 +123,11 @@ int semanage_store_add_tests(CU_pSuite s CU_cleanup_registry(); return CU_get_error(); } } @@ -278,3 +288,66 @@ void test_semanage_get_lock(void)
CU_ASSERT( err == 0 );
+/* Tests the semanage_nc_sort function in semanage_store.c --- trunk/libsemanage/tests/test_semanage_store.h 2006-07-11 11:53:29.388406000 -0400@@ -1,4 +1,5 @@ /* Authors: Christopher Ashworth <cashworth@tresys.com>void test_semanage_get_lock(void); +void test_semanage_nc_sort(void); #endif -- Chris PeBenito Tresys Technology, LLC (410) 290-1411 x150 -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message.
|
|
Date Posted: Jan 15, 2009 | Last Modified: Jan 15, 2009 | Last Reviewed: Jan 15, 2009 |