On 07/18/2014 03:07 PM, Bernhard Voelker wrote: > On 07/18/2014 02:04 PM, Pádraig Brady wrote: >> * tests/cp/cp-a-selinux.sh: Copy from a different file system to >> most likely have a different context that will test context >> setting logic correctly. > >> diff --git a/tests/cp/cp-a-selinux.sh b/tests/cp/cp-a-selinux.sh >> index db0d689..58887d2 100755 >> --- a/tests/cp/cp-a-selinux.sh >> +++ b/tests/cp/cp-a-selinux.sh >> @@ -41,6 +41,7 @@ ls -Z d | grep $ctx || fail=1 >> [...] >> @@ -110,12 +111,15 @@ test $skip = 1 \ >> >> cd mnt || framework_failure_ >> >> -echo > f || framework_failure_ >> - >> +# Create files with hopefully different contexts >> +echo > ../f || framework_failure_ >> echo > g || framework_failure_ >> +test "$(stat -c%C ../f)" = "$(stat -c%C g)" && >> + skip_ "files on separate file systems have the same security context" >> + > > Not ever worked with SELinux contexts, but why should ".." > have a different security context than "." (other than if it's > really on a different file system)? > And if that's true, then why should a "subdir" not have a different > context, too - which could then be used instead? (I'd somehow feel > more comfortable with a "subdir" instead of using ".."). > >> +cp -Z --preserve=context ../f g && fail=1 >> +cp --preserve=context -Z ../f g && fail=1 >> +cp --preserve=context --context="$ctx" ../f g && fail=1 >> >> Exit $fail > > (How) does "../f" get deleted? > > Otherwise +1. > > Thanks & have a nice day, > Berny
creates a new file system in file mounts it loop back with a specific context cd mount point touch file_with_mount_context touch ../file_with_standard_context All files are removed on test completion thanks, Pádraig
