blob: f6e7451c7104d32e5b1aa4aee23351d19e117259 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
|
#!/usr/bin/env rspec
require 'spec_helper'
[:seluser, :selrole, :seltype, :selrange].each do |param|
property = Puppet::Type.type(:file).attrclass(param)
describe property do
include PuppetSpec::Files
before do
@path = make_absolute("/my/file")
@resource = Puppet::Type.type(:file).new :path => @path
@sel = property.new :resource => @resource
end
it "retrieve on #{param} should return :absent if the file isn't statable" do
@resource.expects(:stat).returns nil
@sel.retrieve.should == :absent
end
it "should retrieve nil for #{param} if there is no SELinux support" do
stat = stub 'stat', :ftype => "foo"
@resource.expects(:stat).returns stat
@sel.expects(:get_selinux_current_context).with(@path).returns nil
@sel.retrieve.should be_nil
end
it "should retrieve #{param} if a SELinux context is found with a range" do
stat = stub 'stat', :ftype => "foo"
@resource.expects(:stat).returns stat
@sel.expects(:get_selinux_current_context).with(@path).returns "user_u:role_r:type_t:s0"
expectedresult = case param
when :seluser; "user_u"
when :selrole; "role_r"
when :seltype; "type_t"
when :selrange; "s0"
end
@sel.retrieve.should == expectedresult
end
it "should retrieve #{param} if a SELinux context is found without a range" do
stat = stub 'stat', :ftype => "foo"
@resource.expects(:stat).returns stat
@sel.expects(:get_selinux_current_context).with(@path).returns "user_u:role_r:type_t"
expectedresult = case param
when :seluser; "user_u"
when :selrole; "role_r"
when :seltype; "type_t"
when :selrange; nil
end
@sel.retrieve.should == expectedresult
end
it "should handle no default gracefully" do
@sel.expects(:get_selinux_default_context).with(@path).returns nil
@sel.default.must be_nil
end
it "should be able to detect matchpathcon defaults" do
@sel.stubs(:debug)
@sel.expects(:get_selinux_default_context).with(@path).returns "user_u:role_r:type_t:s0"
expectedresult = case param
when :seluser; "user_u"
when :selrole; "role_r"
when :seltype; "type_t"
when :selrange; "s0"
end
@sel.default.must == expectedresult
end
it "should return nil for defaults if selinux_ignore_defaults is true" do
@resource[:selinux_ignore_defaults] = :true
@sel.default.must be_nil
end
it "should be able to set a new context" do
stat = stub 'stat', :ftype => "foo"
@sel.should = %w{newone}
@sel.expects(:set_selinux_context).with(@path, ["newone"], param)
@sel.sync
end
it "should do nothing for safe_insync? if no SELinux support" do
@sel.should = %{newcontext}
@sel.expects(:selinux_support?).returns false
@sel.safe_insync?("oldcontext").should == true
end
end
end
|
