summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDavid Howells <dhowells@redhat.com>2019-08-28 14:07:59 +0100
committerDavid Howells <dhowells@redhat.com>2020-01-31 16:15:44 +0000
commit163801244a2c4e1fbbfe454fc0fce5d5e3fccb7c (patch)
treef42f307fab2516699db62e1180a286bf55647f30
parent5bfc701a74a45444a84974be0933eb8950f7877f (diff)
downloadkeyutils-pipe-watch.tar.gz
test: Grant permissionspipe-watch
Test permission granting using the internal ACL. Signed-off-by: David Howells <dhowells@redhat.com>
Diffstat
-rw-r--r--tests/keyctl/grant/bad-args/runtest.sh3
-rw-r--r--tests/keyctl/grant/valid/runtest.sh12
-rw-r--r--tests/keyctl/grant/valid2/runtest.sh19
-rw-r--r--tests/keyctl/grant/valid3/runtest.sh19
-rw-r--r--tests/keyctl/grant/valid4/runtest.sh19
-rw-r--r--tests/keyctl/grant/valid5/runtest.sh19
-rw-r--r--tests/toolbox.inc.sh8
7 files changed, 40 insertions, 59 deletions
diff --git a/tests/keyctl/grant/bad-args/runtest.sh b/tests/keyctl/grant/bad-args/runtest.sh
index 6e8e1a2..1b61097 100644
--- a/tests/keyctl/grant/bad-args/runtest.sh
+++ b/tests/keyctl/grant/bad-args/runtest.sh
@@ -22,8 +22,7 @@ expect_error EINVAL
# create a non-keyring
marker "CREATE KEY"
-create_key user lizard gizzard @s
-expect_keyid keyid
+create_key --new=keyid user lizard gizzard @s
# check that unsupported permissions aren't permitted
marker "CHECK PERMS"
diff --git a/tests/keyctl/grant/valid/runtest.sh b/tests/keyctl/grant/valid/runtest.sh
index ddd7e2a..8d0c515 100644
--- a/tests/keyctl/grant/valid/runtest.sh
+++ b/tests/keyctl/grant/valid/runtest.sh
@@ -17,14 +17,12 @@ echo "++++ BEGINNING TEST" >$OUTPUTFILE
# create a keyring and attach it to the session keyring
marker "ADD KEYRING"
-create_keyring wibble @s
-expect_keyid keyringid
+create_keyring --new=keyringid wibble @s
# Create a key and remove most permissions from the key; just leave setsec for
# the owner.
marker "ADD KEY"
-create_key user lizard gizzard $keyringid
-expect_keyid keyid
+create_key --new=keyid user lizard gizzard $keyringid
marker "REMOVE PERMITS"
grant_key_permit $keyid own S
grant_key_permit $keyid pos 0
@@ -112,8 +110,7 @@ expect_error ENOKEY
# Create a key and remove most permissions from the key; just leave setsec for
# the owner.
marker "ADD KEY 2"
-create_key user lizard gizzard $keyringid
-expect_keyid keyid
+create_key --new=keyid user lizard gizzard $keyringid
marker "REMOVE PERMITS 2"
grant_key_permit $keyid own S
grant_key_permit $keyid pos 0
@@ -134,8 +131,7 @@ expect_error EKEYREVOKED
# Create a key and remove most permissions from the key; just leave setsec and
# view for the owner.
marker "ADD KEY 3"
-create_key user lizard gizzard $keyringid
-expect_keyid keyid
+create_key --new=keyid user lizard gizzard $keyringid
marker "REMOVE PERMITS 3"
grant_key_permit $keyid own Sv
grant_key_permit $keyid pos 0
diff --git a/tests/keyctl/grant/valid2/runtest.sh b/tests/keyctl/grant/valid2/runtest.sh
index 51091be..1fc6bfa 100644
--- a/tests/keyctl/grant/valid2/runtest.sh
+++ b/tests/keyctl/grant/valid2/runtest.sh
@@ -17,14 +17,12 @@ echo "++++ BEGINNING TEST" >$OUTPUTFILE
# create a keyring and attach it to the session keyring
marker "ADD KEYRING"
-create_keyring wibble @s
-expect_keyid keyringid
+create_keyring --new=keyringid wibble @s
# Create a keyring and remove most permissions from it; leaving just
# setsec for the owner.
marker "ADD KEYRING"
-create_keyring lizard $keyringid
-expect_keyid keyid
+create_keyring --new=keyid lizard $keyringid
marker "REMOVE PERMITS"
grant_key_permit $keyid own S
grant_key_permit $keyid pos 0
@@ -56,8 +54,7 @@ marker "TEST WRITE"
create_key --fail user lizard gizzard $keyid
expect_error EACCES
grant_key_permit $keyid all w
-create_key user lizard gizzard $keyid
-expect_keyid keyid2
+create_key --new=keyid2 user lizard gizzard $keyid
grant_key_permit $keyid all 0
unlink_key --fail $keyid $keyid2
expect_error EACCES
@@ -69,7 +66,7 @@ marker "TEST SEARCH"
search_for_key --fail $keyid user lizard
expect_error EACCES
grant_key_permit $keyid pos s
-search_for_key $keyid user lizard
+search_for_key --expect=$keyid2 $keyid user lizard
grant_key_permit $keyid pos 0
search_for_key --fail $keyid user lizard
expect_error EACCES
@@ -78,7 +75,7 @@ marker "TEST SEARCH 2"
search_for_key --fail @s user lizard
expect_error ENOKEY
grant_key_permit $keyid pos s
-search_for_key @s user lizard
+search_for_key --expect=$keyid2 @s user lizard
grant_key_permit $keyid pos 0
search_for_key --fail @s user lizard
expect_error ENOKEY
@@ -132,8 +129,7 @@ expect_error ENOKEY
# Create a keyring and remove most permissions from it; leaving just
# setsec for the owner.
marker "ADD KEYRING 2"
-create_keyring lizard $keyringid
-expect_keyid keyid
+create_keyring --new=keyid lizard $keyringid
marker "REMOVE PERMITS 2"
grant_key_permit $keyid own S
grant_key_permit $keyid pos 0
@@ -154,8 +150,7 @@ expect_error EKEYREVOKED
# Create a keyring and remove most permissions from it; leaving just
# setsec for the owner.
marker "ADD KEYRING 3"
-create_keyring lizard $keyringid
-expect_keyid keyid
+create_keyring --new=keyid lizard $keyringid
marker "REMOVE PERMITS 3"
grant_key_permit $keyid all Sv
grant_key_permit $keyid own 0
diff --git a/tests/keyctl/grant/valid3/runtest.sh b/tests/keyctl/grant/valid3/runtest.sh
index e2003f2..3457e6b 100644
--- a/tests/keyctl/grant/valid3/runtest.sh
+++ b/tests/keyctl/grant/valid3/runtest.sh
@@ -17,14 +17,12 @@ echo "++++ BEGINNING TEST" >$OUTPUTFILE
# create a keyring and attach it to the session keyring
marker "ADD KEYRING"
-create_keyring wibble @s
-expect_keyid keyringid
+create_keyring --new=keyringid wibble @s
# Create a keyring and remove most permissions from it; leaving just
# setsec for everyone.
marker "ADD KEYRING"
-create_keyring lizard $keyringid
-expect_keyid keyid
+create_keyring --new=keyid lizard $keyringid
marker "REMOVE PERMITS"
grant_key_permit $keyid all S
grant_key_permit $keyid own 0
@@ -56,8 +54,7 @@ marker "TEST WRITE"
create_key --fail user lizard gizzard $keyid
expect_error EACCES
grant_key_permit $keyid own w
-create_key user lizard gizzard $keyid
-expect_keyid keyid2
+create_key --new=keyid2 user lizard gizzard $keyid
grant_key_permit $keyid own 0
unlink_key --fail $keyid $keyid2
expect_error EACCES
@@ -69,7 +66,7 @@ marker "TEST SEARCH"
search_for_key --fail $keyid user lizard
expect_error EACCES
grant_key_permit $keyid pos s
-search_for_key $keyid user lizard
+search_for_key --expect=$keyid2 $keyid user lizard
grant_key_permit $keyid pos 0
search_for_key --fail $keyid user lizard
expect_error EACCES
@@ -78,7 +75,7 @@ marker "TEST SEARCH 2"
search_for_key --fail @s user lizard
expect_error ENOKEY
grant_key_permit $keyid pos s
-search_for_key @s user lizard
+search_for_key --expect=$keyid2 @s user lizard
grant_key_permit $keyid pos 0
search_for_key --fail @s user lizard
expect_error ENOKEY
@@ -132,8 +129,7 @@ expect_error ENOKEY
# Create a keyring and remove most permissions from it; leaving just
# setsec for the owner.
marker "ADD KEYRING 2"
-create_keyring lizard $keyringid
-expect_keyid keyid
+create_keyring --new=keyid lizard $keyringid
marker "REMOVE PERMITS 2"
grant_key_permit $keyid all S
grant_key_permit $keyid own 0
@@ -154,8 +150,7 @@ expect_error EKEYREVOKED
# Create a keyring and remove most permissions from it; leaving just
# setsec for the owner.
marker "ADD KEYRING 3"
-create_keyring lizard $keyringid
-expect_keyid keyid
+create_keyring --new=keyid lizard $keyringid
marker "REMOVE PERMITS 3"
grant_key_permit $keyid own Sv
grant_key_permit $keyid pos 0
diff --git a/tests/keyctl/grant/valid4/runtest.sh b/tests/keyctl/grant/valid4/runtest.sh
index aabcc3b..8605098 100644
--- a/tests/keyctl/grant/valid4/runtest.sh
+++ b/tests/keyctl/grant/valid4/runtest.sh
@@ -17,14 +17,12 @@ echo "++++ BEGINNING TEST" >$OUTPUTFILE
# create a keyring and attach it to the session keyring
marker "ADD KEYRING"
-create_keyring wibble @s
-expect_keyid keyringid
+create_keyring --new=keyringid wibble @s
# Create a keyring and remove most permissions from it; leaving just
# setsec for the owner.
marker "ADD KEYRING"
-create_keyring lizard $keyringid
-expect_keyid keyid
+create_keyring --new=keyid lizard $keyringid
marker "REMOVE PERMITS"
grant_key_permit $keyid own S
grant_key_permit $keyid pos 0
@@ -56,8 +54,7 @@ marker "TEST WRITE"
create_key --fail user lizard gizzard $keyid
expect_error EACCES
grant_key_permit $keyid grp w
-create_key user lizard gizzard $keyid
-expect_keyid keyid2
+create_key --new=keyid2 user lizard gizzard $keyid
grant_key_permit $keyid grp 0
unlink_key --fail $keyid $keyid2
expect_error EACCES
@@ -69,7 +66,7 @@ marker "TEST SEARCH"
search_for_key --fail $keyid user lizard
expect_error EACCES
grant_key_permit $keyid pos s
-search_for_key $keyid user lizard
+search_for_key --expect=$keyid2 $keyid user lizard
grant_key_permit $keyid pos 0
search_for_key --fail $keyid user lizard
expect_error EACCES
@@ -78,7 +75,7 @@ marker "TEST SEARCH 2"
search_for_key --fail @s user lizard
expect_error ENOKEY
grant_key_permit $keyid pos s
-search_for_key @s user lizard
+search_for_key --expect=$keyid2 @s user lizard
grant_key_permit $keyid pos 0
search_for_key --fail @s user lizard
expect_error ENOKEY
@@ -132,8 +129,7 @@ expect_error ENOKEY
# Create a keyring and remove most permissions from it; leaving just
# setsec for the owner.
marker "ADD KEYRING 2"
-create_keyring lizard $keyringid
-expect_keyid keyid
+create_keyring --new=keyid lizard $keyringid
marker "REMOVE PERMITS 2"
grant_key_permit $keyid own S
grant_key_permit $keyid pos 0
@@ -154,8 +150,7 @@ expect_error EKEYREVOKED
# Create a keyring and remove most permissions from it; leaving just
# setsec for the owner.
marker "ADD KEYRING 3"
-create_keyring lizard $keyringid
-expect_keyid keyid
+create_keyring --new=keyid lizard $keyringid
marker "REMOVE PERMITS 3"
grant_key_permit $keyid grp Sv
grant_key_permit $keyid own 0
diff --git a/tests/keyctl/grant/valid5/runtest.sh b/tests/keyctl/grant/valid5/runtest.sh
index 1d2b6b4..4c0329e 100644
--- a/tests/keyctl/grant/valid5/runtest.sh
+++ b/tests/keyctl/grant/valid5/runtest.sh
@@ -17,14 +17,12 @@ echo "++++ BEGINNING TEST" >$OUTPUTFILE
# create a keyring and attach it to the session keyring
marker "ADD KEYRING"
-create_keyring wibble @s
-expect_keyid keyringid
+create_keyring --new=keyringid wibble @s
# Create a keyring and remove most permissions from it; leaving just
# setsec for the owner.
marker "ADD KEYRING"
-create_keyring lizard $keyringid
-expect_keyid keyid
+create_keyring --new=keyid lizard $keyringid
marker "REMOVE PERMITS"
grant_key_permit $keyid own S
grant_key_permit $keyid pos 0
@@ -62,8 +60,7 @@ marker "TEST WRITE"
create_key --fail user lizard gizzard $keyid
expect_error EACCES
grant_key_permit $keyid pos ws
-create_key user lizard gizzard $keyid
-expect_keyid keyid2
+create_key --new=keyid2 user lizard gizzard $keyid
grant_key_permit $keyid pos 0
unlink_key --fail $keyid $keyid2
expect_error EACCES
@@ -75,7 +72,7 @@ marker "TEST SEARCH"
search_for_key --fail $keyid user lizard
expect_error EACCES
grant_key_permit $keyid pos s
-search_for_key $keyid user lizard
+search_for_key --expect=$keyid2 $keyid user lizard
grant_key_permit $keyid pos 0
search_for_key --fail $keyid user lizard
expect_error EACCES
@@ -84,7 +81,7 @@ marker "TEST SEARCH 2"
search_for_key --fail @s user lizard
expect_error ENOKEY
grant_key_permit $keyid pos s
-search_for_key @s user lizard
+search_for_key --expect=$keyid2 @s user lizard
grant_key_permit $keyid pos 0
search_for_key --fail @s user lizard
expect_error ENOKEY
@@ -149,8 +146,7 @@ expect_error ENOKEY
# Create a keyring and remove most permissions from it; leaving just
# setsec for the owner.
marker "ADD KEYRING 2"
-create_keyring lizard $keyringid
-expect_keyid keyid
+create_keyring --new=keyid lizard $keyringid
marker "REMOVE PERMITS 2"
grant_key_permit $keyid own S
grant_key_permit $keyid pos 0
@@ -174,8 +170,7 @@ expect_error EKEYREVOKED
# Create a keyring and remove most permissions from it; leaving just
# setsec for the owner.
marker "ADD KEYRING 3"
-create_keyring lizard $keyringid
-expect_keyid keyid
+create_keyring --new=keyid lizard $keyringid
marker "REMOVE PERMITS 3"
grant_key_permit $keyid pos Ssv
grant_key_permit $keyid own 0
diff --git a/tests/toolbox.inc.sh b/tests/toolbox.inc.sh
index 4af465f..c3c9f88 100644
--- a/tests/toolbox.inc.sh
+++ b/tests/toolbox.inc.sh
@@ -1422,8 +1422,14 @@ function grant_key_permit ()
echo keyctl grant "$@" >>$OUTPUTFILE
keyctl grant "$@" >>$OUTPUTFILE 2>&1
- if [ $? != $my_exitval ]
+ e=$?
+ if [ $e = $my_exitval ]
then
+ if [ $e = 0 ]
+ then
+ check_notify setattr $1
+ fi
+ else
failed
fi
}
View Lorry Controller Status