blob: d8209587ada72a769d90454572e65a8aeeddc4ea (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
|
#!/usr/bin/env ruby
require File.expand_path(File.dirname(__FILE__) + '/../spec_helper')
require 'facter'
describe "SELinux facts" do
after do
Facter.clear
end
it "should return true if SELinux enabled" do
Facter.fact(:kernel).stubs(:value).returns("Linux")
FileTest.stubs(:exists?).returns false
File.stubs(:read).with("/proc/self/attr/current").returns("notkernel")
FileTest.expects(:exists?).with("/selinux/enforce").returns true
FileTest.expects(:exists?).with("/proc/self/attr/current").returns true
File.expects(:read).with("/proc/self/attr/current").returns("kernel")
Facter.fact(:selinux).value.should == "true"
end
it "should return true if SELinux policy enabled" do
Facter.fact(:selinux).stubs(:value).returns("true")
FileTest.stubs(:exists?).returns false
File.stubs(:read).with("/selinux/enforce").returns("0")
FileTest.expects(:exists?).with("/selinux/enforce").returns true
File.expects(:read).with("/selinux/enforce").returns("1")
Facter.fact(:selinux_enforced).value.should == "true"
end
it "should return an SELinux policy version" do
Facter.fact(:selinux).stubs(:value).returns("true")
File.stubs(:read).with("/selinux/policyvers").returns("")
File.expects(:read).with("/selinux/policyvers").returns("1")
Facter.fact(:selinux_policyversion).value.should == "1"
end
it "should return the SELinux current mode" do
Facter.fact(:selinux).stubs(:value).returns("true")
sample_output_file = File.dirname(__FILE__) + '/data/selinux_sestatus'
selinux_sestatus = File.read(sample_output_file)
Facter::Util::Resolution.stubs(:exec).with('/usr/sbin/sestatus').returns(selinux_sestatus)
Facter.fact(:selinux_current_mode).value.should == "permissive"
end
it "should return the SELinux mode from the configuration file" do
Facter.fact(:selinux).stubs(:value).returns("true")
sample_output_file = File.dirname(__FILE__) + '/data/selinux_sestatus'
selinux_sestatus = File.read(sample_output_file)
Facter::Util::Resolution.stubs(:exec).with('/usr/sbin/sestatus').returns(selinux_sestatus)
Facter.fact(:selinux_config_mode).value.should == "permissive"
end
it "should return the SELinux configuration file policy" do
Facter.fact(:selinux).stubs(:value).returns("true")
sample_output_file = File.dirname(__FILE__) + '/data/selinux_sestatus'
selinux_sestatus = File.read(sample_output_file)
Facter::Util::Resolution.stubs(:exec).with('/usr/sbin/sestatus').returns(selinux_sestatus)
Facter.fact(:selinux_config_policy).value.should == "targeted"
end
it "should ensure legacy selinux_mode facts returns same value as selinux_config_policy fact" do
Facter.fact(:selinux).stubs(:value).returns("true")
Facter.fact(:selinux_config_policy).stubs(:value).returns("targeted")
Facter.fact(:selinux_mode).value.should == "targeted"
end
end
|
