LogicalFile: add tests for selinux

2 files changed, 39 insertions, 3 deletions

diff --git a/src/logicalfile/test/test_base.py b/src/logicalfile/test/test_base.py
index 80315df..6d2f2a1 100644
--- a/src/logicalfile/test/test_base.py
+++ b/src/logicalfile/test/test_base.py
@@ -20,6 +20,7 @@ import pywbem
 import os
 import socket
 import unittest
+import subprocess
 
 class LogicalFileTestBase(unittest.TestCase):
     """
@@ -36,6 +37,12 @@ class LogicalFileTestBase(unittest.TestCase):
         cls.password = os.environ.get("LMI_CIMOM_PASSWORD", "")
         cls.wbemconnection = pywbem.WBEMConnection(cls.url, (cls.username, cls.password))
         cls.testdir = os.environ.get("LMI_LOGICALFILE_TESTDIR", "/var/tmp/logicalfile-tests")
+        cls.selinux_enabled = True
+        try:
+            rc = subprocess.call(['selinuxenabled'])
+            if rc != 0: cls.selinux_enabled = False
+        except:
+            cls.selinux_enabled = False
 
     def setUp(self):
         pass
diff --git a/src/logicalfile/test/test_basic.py b/src/logicalfile/test/test_basic.py
index c75bf5a..f14de6e 100644
--- a/src/logicalfile/test/test_basic.py
+++ b/src/logicalfile/test/test_basic.py
@@ -24,6 +24,7 @@ import pywbem
 import os
 import stat
 import shutil
+import subprocess
 
 class TestLogicalFile(LogicalFileTestBase):
     """
@@ -36,7 +37,9 @@ class TestLogicalFile(LogicalFileTestBase):
                               'class': 'LMI_DataFile',
                               'props': {'Readable':True,
                                         'Writeable':False,
-                                        'Executable':True}},
+                                        'Executable':True,
+                                        'SELinuxCurrentContext':'testlf_u:testlf_r:testlf_data_t:s0',
+                                        'SELinuxExpectedContext':''}},
                       'dir':{'path' : self.testdir + "/dir",
                              'class': 'LMI_UnixDirectory',
                              'props': {}},
@@ -47,7 +50,8 @@ class TestLogicalFile(LogicalFileTestBase):
                                             'Executable':True}},
                       'symlink':{'path' : self.testdir + "/symlink",
                                  'class': 'LMI_SymbolicLink',
-                                 'props': {}},
+                                 'props': {'SELinuxCurrentContext':'testlf_u:testlf_r:testlf_symlink_t:s0',
+                                           'SELinuxExpectedContext':''}},
                       'fifo':{'path' : self.testdir + "/fifo",
                               'class': 'LMI_FIFOPipeFile',
                               'props': {}},
@@ -82,13 +86,32 @@ class TestLogicalFile(LogicalFileTestBase):
         except OSError:
             os.makedirs(self.testdir)
             data_file = self.files['data']['path']
+            data_props = self.files['data']['props']
             f = open(data_file, "w+")
             f.write("hello")
             f.close()
             os.chmod(data_file, 0550)
+            if self.selinux_enabled:
+                labels = data_props['SELinuxCurrentContext'].split(':')
+                out = subprocess.check_output(['chcon', '-h',
+                                               '-u', labels[0],
+                                               '-r', labels[1],
+                                               '-t', labels[2], data_file])
+                out = subprocess.check_output(['matchpathcon', '-n', data_file])
+                data_props['SELinuxExpectedContext'] = out[:-1] # remove \n
             os.mkdir(self.files['dir']['path'])
             os.link(data_file, self.files['hardlink']['path'])
-            os.symlink(data_file, self.files['symlink']['path'])
+            slink_file = self.files['symlink']['path']
+            slink_props = self.files['symlink']['props']
+            os.symlink(data_file, slink_file)
+            if self.selinux_enabled:
+                labels = slink_props['SELinuxCurrentContext'].split(':')
+                out = subprocess.check_output(['chcon', '-h',
+                                               '-u', labels[0],
+                                               '-r', labels[1],
+                                               '-t', labels[2], slink_file])
+                out = subprocess.check_output(['matchpathcon', '-n', slink_file])
+                slink_props['SELinuxExpectedContext'] = out[:-1] # remove \n
             os.mkfifo(self.files['fifo']['path'])
             chdev = self.files['chdev']
             chdev_device = os.makedev(chdev['props']['DeviceMajor'], chdev['props']['DeviceMinor'])
@@ -182,6 +205,12 @@ class TestLogicalFile(LogicalFileTestBase):
                 self.assertEquals(len(assocs_ident), 1)
                 self.assertEquals(assocs_ident[0]['LFName'], f['path'])
                 self.assertEquals(assocs_ident[0]['LFCreationClassName'], f['class'])
+                if not isinstance(match[0], pywbem.CIMInstanceName):
+                    if self.selinux_enabled and (k == 'data' or k == 'symlink'):
+                        self.assertEquals(assocs_ident[0]['SELinuxCurrentContext'],
+                                          f['props']['SELinuxCurrentContext'])
+                        self.assertEquals(assocs_ident[0]['SELinuxExpectedContext'],
+                                          f['props']['SELinuxExpectedContext'])
 
                 cop_ident = pywbem.CIMInstanceName(classname='LMI_UnixFile',
                                                    namespace='root/cimv2',