Re: [LTP] regression: selinux testsuite broken since October

Garrett Cooper Wed, 27 Jan 2010 21:57:56 -0800

On Wed, Jan 27, 2010 at 2:37 PM, Garrett Cooper <[email protected]> wrote:
> On Wed, Jan 27, 2010 at 11:12 AM, Stephen Smalley <[email protected]> wrote:
>> On Tue, 2010-01-26 at 22:34 -0800, Garrett Cooper wrote:
>>> On Jan 26, 2010, at 6:30 AM, Stephen Smalley wrote:
>>>
>>> > On Tue, 2010-01-26 at 00:31 -0800, Garrett Cooper wrote:
>>> >> On Fri, Jan 15, 2010 at 9:48 AM, Garrett Cooper <[email protected]> 
>>> >> wrote:
>>> >>> On Tue, Jan 12, 2010 at 7:38 AM, Serge E. Hallyn <[email protected]> 
>>> >>> wrote:
>>> >>>> Quoting Garrett Cooper ([email protected]):
>>> >>>>> On Mon, Jan 11, 2010 at 1:00 PM, Serge E. Hallyn <[email protected]> 
>>> >>>>> wrote:
>>> >>>>>> Quoting Serge E. Hallyn ([email protected]):
>>> >>>>>>> Quoting Serge E. Hallyn ([email protected]):
>>> >>>>>>>> Quoting Stephen Smalley ([email protected]):
>>> >>>>>>>>> On Mon, 2010-01-11 at 13:50 -0600, Serge E. Hallyn wrote:
>>> >>>>>>>>>>> Fails with:
>>> >>>>>>>>>>> cp: cannot stat
>>> >>>>>>>>>>> `/home/sds/ltp/testcases/kernel/security/selinux-testsuite/refpolicy/policy_files/generic/test_policy.*':
>>> >>>>>>>>>>>  No such file or directory
>>> >>>>>>>>>>
>>> >>>>>>>>>> You ran /home/sds/ltp/testscripts/test_selinux.sh, right?
>>> >>>>>>>>>>
>>> >>>>>>>>>> I think we are supposed to actually be running
>>> >>>>>>>>>> /opt/ltp/testscripts/test_selinux.sh.  So then the first 
>>> >>>>>>>>>> question for
>>> >>>>>>>>>> Garrett is how should we deduce /home/sds/ltp as $LTP_SRCDIR 
>>> >>>>>>>>>> from a
>>> >>>>>>>>>> testscript?  Or should the policy sources be copied into /opt?
>>> >>>>>>>>>
>>> >>>>>>>>> Ok, but regardless:  the refpolicy Makefile is still broken.
>>> >>>>>>>>
>>> >>>>>>>> Yup.
>>> >>>>>>>
>>> >>>>>>> All right, baby-steps.
>>> >>>>>>>
>>> >>>>>>> The attached test_selinux.diff is not to be applied, but something
>>> >>>>>>> like it is needed.  Should we have the ltp 'make install' fill in
>>> >>>>>>> TOP_SRCDIR in /opt/ltp/testscripts/test_selinux.sh?  BTW, Garrett,
>>> >>>>>>> that is the issue I was saying is shared between test_selinux.sh
>>> >>>>>>> and some others including test_robind.sh.  That's why I'm not just
>>> >>>>>>> sending a patch to make it work, bc i think we need more general
>>> >>>>>>> guidance.
>>> >>>>>>>
>>> >>>>>>> The second match makes the 'make load' part of test_selinux.sh
>>> >>>>>>> succeed on rhel5.4.  Stephen, how does it do on fedora?
>>> >>>>>>>
>>> >>>>>>> After loading policy it fails to execute ltp-pan, but I figure let's
>>> >>>>>>> get policy loading working first.
>>> >>>>>>>
>>> >>>>>>> -serge
>>> >>>>>>
>>> >>>>>> gah, attaching the actual patches this time.
>>> >>>>>>
>>> >>>>>> -serge
>>> >>>>>
>>> >>>>> 1. I'm rejecting the test_selinux.diff solely because it has /root/ltp
>>> >>>>> hardcoded as LTPROOT.
>>> >>>>
>>> >>>> I said 'not to be applied'.  You're not rejecting.
>>> >>>>
>>> >>>>> 2. Why is the redhat stuff support to work
>>> >>>>> agnostic to the major and minor version?
>>> >>>>
>>> >>>> It's not agnostic to the major version.  Only the minor version.
>>> >>>>
>>> >>>> And since you've made ltp not compile on rhel4 (requiring make-3.81.  
>>> >>>> feh)
>>> >>>> i suppose we can just get rid of rhel4 support selinux-testsuite.
>>> >>>
>>> >>> No. 1. Compiling make 3.81 today and installing it is trivial, so it
>>> >>> shouldn't be removed today. 2. I've finally decided that I'm going to
>>> >>> look outside of the box into providing equivalent functionality via
>>> >>> shell functions using purely built-in commands [and test(1)] to fill
>>> >>> in the feature gaps for make 3.80. I've gotten to the point where I
>>> >>> just gave up trying to ride out what I possibly can in make 3.80, so
>>> >>> it's time to pull in some external pieces to get the job done.
>>> >>
>>> >>    All of the install junk works now, but the modes need fixing, or
>>> >> some such fun. Please analyze the test_selinux.sh script and tell me
>>> >> what to commit next to fix everything.
>>> >
>>> > Hi Garrett,
>>> >
>>> > I needed to apply the patch below to make test_selinux.sh run
>>> > successfully on Fedora 12.  The problems were:
>>> > - The setting of LTPROOT in test_selinux.sh was incorrect, leading to
>>> > problems with invoking everything else.  Note that I invoke it by doing:
>>> > cd /opt/ltp && ./testscripts/test_selinux.sh
>>> > and thus $0 is a relative path, whereas we want an absolute one.
>>> > - You don't need to cd to $POLICYDIR at all since you specify
>>> > $POLICYDIR/test_policy.pp to semodule -i and semodule -r is acting on
>>> > the installed policy module.
>>> > - The attempt to extract paths from runtest/selinux and invoke chcon on
>>> > them wasn't working as $LTPROOT wasn't being expanded; easier to just do
>>> > a chcon -R there as before.
>>> > - runtest/selinux had the wrong paths to the test programs (or
>>> > alternatively, they aren't being installed to the right location - they
>>> > all get installed directly to $LTPROOT/testcases/bin.
>>> >
>>> > Index: testscripts/test_selinux.sh
>>> > ===================================================================
>>> > RCS file: /cvsroot/ltp/ltp/testscripts/test_selinux.sh,v
>>> > retrieving revision 1.20
>>> > diff -u -r1.20 test_selinux.sh
>>> > --- testscripts/test_selinux.sh     26 Jan 2010 07:05:02 -0000      1.20
>>> > +++ testscripts/test_selinux.sh     26 Jan 2010 14:20:40 -0000
>>> > @@ -37,15 +37,14 @@
>>> > fi
>>> >
>>> > # set the LTPROOT directory
>>> > -LTPROOT=${LTPROOT:=${0%/*}}
>>> > -cd "$LTPROOT"
>>> > +LTPROOT=`pwd`
>>> > export TMP=${TMP:-/tmp}
>>> > -# If we're in the testscripts directory, go down a dir..
>>> > +# If we're in the testscripts directory, go up a dir..
>>> > LTPROOT_TMP=${LTPROOT%/testscripts}
>>> > if [ "x${LTPROOT_TMP}" != "x${LTPROOT}" ]
>>> > then
>>> >     cd ..
>>> > -   LTPROOT=$LTPROOT_TMP
>>> > +   LTPROOT=`pwd`
>>> > fi
>>> > export LTPROOT
>>> > unset LTPROOT_TMP
>>> > @@ -89,7 +88,6 @@
>>> >
>>> > # install the test policy...
>>> > echo "Installing test_policy module..."
>>> > -cd $POLICYDIR
>>> > if ! semodule -i $POLICYDIR/test_policy.pp; then
>>> >     echo "Failed to install test_policy module, aborting test run."
>>> >     config_unset_expandcheck
>>> > @@ -100,9 +98,6 @@
>>> >
>>> > config_unset_expandcheck
>>> >
>>> > -# go back to test's root directory
>>> > -cd $LTPROOT
>>> > -
>>> > echo "Running the SELinux testsuite..."
>>> >
>>> > mkdir $TMP/selinux > /dev/null 2>&1
>>> > @@ -112,8 +107,7 @@
>>> > # The ../testcases/bin directory needs to have the test_file_t type.
>>> > # Save and restore later.
>>> > SAVEBINTYPE=`ls -Zd $LTPROOT/testcases/bin | awk '{ print $4 }' | awk -F: 
>>> > '{ print $3 }'`
>>> > -/usr/bin/chcon -t test_file_t      $LTPROOT/testcases/bin \
>>> > -                           $(awk '$1 !~ /^#/ { print $2 }' 
>>> > "$LTPROOT/runtest/selinux")
>>> > +/usr/bin/chcon -R -t test_file_t   $LTPROOT/testcases/bin
>>> >
>>> > $LTPROOT/bin/ltp-pan -S -a $LTPROOT/results/selinux -n ltp-selinux \
>>> >     -l $LTPROOT/results/selinux.logfile \
>>> > @@ -127,7 +121,6 @@
>>> > /usr/bin/chcon -R -t $SAVEBINTYPE $LTPROOT/testcases/bin
>>> >
>>> > echo "Removing test_policy module..."
>>> > -cd $POLICYDIR
>>> > if ! semodule -r test_policy; then
>>> >     echo "Failed to remove test_policy module."
>>> >     exit 1
>>> > Index: runtest/selinux
>>> > ===================================================================
>>> > RCS file: /cvsroot/ltp/ltp/runtest/selinux,v
>>> > retrieving revision 1.4
>>> > diff -u -r1.4 selinux
>>> > --- runtest/selinux 25 Jan 2010 12:44:59 -0000      1.4
>>> > +++ runtest/selinux 26 Jan 2010 14:20:40 -0000
>>> > @@ -1,40 +1,40 @@
>>> > #DESCRIPTION:Security-Enhanced Linux
>>> > -SELinux01  
>>> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_capable_file.sh
>>> > -SELinux02  
>>> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_capable_net.sh
>>> > -SELinux03  
>>> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_capable_sys.sh
>>> > -SELinux04  
>>> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_domain_trans.sh
>>> > -SELinux05  
>>> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_entrypoint.sh
>>> > -SELinux06  
>>> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_execshare.sh
>>> > -SELinux07  
>>> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_exectrace.sh
>>> > -SELinux08  
>>> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_execute_no_trans.sh
>>> > -SELinux09  
>>> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_fdreceive.sh
>>> > -SELinux10  
>>> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_file.sh
>>> > -SELinux11  
>>> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_inherit.sh
>>> > -SELinux12  
>>> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_ioctl.sh
>>> > -SELinux13  
>>> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_link.sh
>>> > -SELinux14  
>>> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_mkdir.sh
>>> > -SELinux15  
>>> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_msg.sh
>>> > -SELinux16  
>>> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_open.sh
>>> > -SELinux17  
>>> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_ptrace.sh
>>> > -SELinux18  
>>> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_readlink.sh
>>> > -SELinux19  
>>> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_relabel.sh
>>> > -SELinux20  
>>> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_rename.sh
>>> > -SELinux21  
>>> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_rxdir.sh
>>> > -SELinux22  
>>> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_sem.sh
>>> > -SELinux23  
>>> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_setattr.sh
>>> > -SELinux24  
>>> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_setnice.sh
>>> > -SELinux25  
>>> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_shm.sh
>>> > -SELinux26  
>>> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_sigkill.sh
>>> > -SELinux27  
>>> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_stat.sh
>>> > -SELinux28  
>>> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_sysctl.sh
>>> > -SELinux29  
>>> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_task_create.sh
>>> > -SELinux30  
>>> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_task_getpgid.sh
>>> > -SELinux31  
>>> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_task_getscheduler.sh
>>> > -SELinux32  
>>> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_task_getsid.sh
>>> > -SELinux33  
>>> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_task_setnice.sh
>>> > -SELinux34  
>>> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_task_setpgid.sh
>>> > -SELinux35  
>>> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_task_setscheduler.sh
>>> > -SELinux36  
>>> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_wait.sh
>>> > -SELinux37  
>>> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_dyntrace.sh
>>> > -SELinux38  
>>> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_dyntrans.sh
>>> > -SELinux39  
>>> > $LTPROOT/testcases/bin/kernel/security/selinux-testsuite/tests/selinux_bounds.sh
>>> > +SELinux01  $LTPROOT/testcases/bin/selinux_capable_file.sh
>>> > +SELinux02  $LTPROOT/testcases/bin/selinux_capable_net.sh
>>> > +SELinux03  $LTPROOT/testcases/bin/selinux_capable_sys.sh
>>> > +SELinux04  $LTPROOT/testcases/bin/selinux_domain_trans.sh
>>> > +SELinux05  $LTPROOT/testcases/bin/selinux_entrypoint.sh
>>> > +SELinux06  $LTPROOT/testcases/bin/selinux_execshare.sh
>>> > +SELinux07  $LTPROOT/testcases/bin/selinux_exectrace.sh
>>> > +SELinux08  $LTPROOT/testcases/bin/selinux_execute_no_trans.sh
>>> > +SELinux09  $LTPROOT/testcases/bin/selinux_fdreceive.sh
>>> > +SELinux10  $LTPROOT/testcases/bin/selinux_file.sh
>>> > +SELinux11  $LTPROOT/testcases/bin/selinux_inherit.sh
>>> > +SELinux12  $LTPROOT/testcases/bin/selinux_ioctl.sh
>>> > +SELinux13  $LTPROOT/testcases/bin/selinux_link.sh
>>> > +SELinux14  $LTPROOT/testcases/bin/selinux_mkdir.sh
>>> > +SELinux15  $LTPROOT/testcases/bin/selinux_msg.sh
>>> > +SELinux16  $LTPROOT/testcases/bin/selinux_open.sh
>>> > +SELinux17  $LTPROOT/testcases/bin/selinux_ptrace.sh
>>> > +SELinux18  $LTPROOT/testcases/bin/selinux_readlink.sh
>>> > +SELinux19  $LTPROOT/testcases/bin/selinux_relabel.sh
>>> > +SELinux20  $LTPROOT/testcases/bin/selinux_rename.sh
>>> > +SELinux21  $LTPROOT/testcases/bin/selinux_rxdir.sh
>>> > +SELinux22  $LTPROOT/testcases/bin/selinux_sem.sh
>>> > +SELinux23  $LTPROOT/testcases/bin/selinux_setattr.sh
>>> > +SELinux24  $LTPROOT/testcases/bin/selinux_setnice.sh
>>> > +SELinux25  $LTPROOT/testcases/bin/selinux_shm.sh
>>> > +SELinux26  $LTPROOT/testcases/bin/selinux_sigkill.sh
>>> > +SELinux27  $LTPROOT/testcases/bin/selinux_stat.sh
>>> > +SELinux28  $LTPROOT/testcases/bin/selinux_sysctl.sh
>>> > +SELinux29  $LTPROOT/testcases/bin/selinux_task_create.sh
>>> > +SELinux30  $LTPROOT/testcases/bin/selinux_task_getpgid.sh
>>> > +SELinux31  $LTPROOT/testcases/bin/selinux_task_getscheduler.sh
>>> > +SELinux32  $LTPROOT/testcases/bin/selinux_task_getsid.sh
>>> > +SELinux33  $LTPROOT/testcases/bin/selinux_task_setnice.sh
>>> > +SELinux34  $LTPROOT/testcases/bin/selinux_task_setpgid.sh
>>> > +SELinux35  $LTPROOT/testcases/bin/selinux_task_setscheduler.sh
>>> > +SELinux36  $LTPROOT/testcases/bin/selinux_wait.sh
>>> > +SELinux37  $LTPROOT/testcases/bin/selinux_dyntrace.sh
>>> > +SELinux38  $LTPROOT/testcases/bin/selinux_dyntrans.sh
>>> > +SELinux39  $LTPROOT/testcases/bin/selinux_bounds.sh
>>>
>>> Ok -- I think that we just resolved the last of the selinux test suite saga 
>>> by properly
>>>
>>> The difference between your suggested patch above and what I committed
>>> was the line were it determined LTPROOT. Assuming that LTPROOT is the
>>> directory where the script was run isn't a smart idea, and I'm pretty
>>> sure that you were doing this purely because test_selinux.sh was in
>>> your path.
>>
>> So you require that the test script be invoked by absolute path, ala:
>> $ /opt/ltp/testscripts/test_selinux.sh
>>
>> I was invoking the tests via:
>> $ cd /opt/ltp
>> $ ./testscripts/test_selinux.sh
>>
>> The latter won't work with your current LTPROOT definition; it will end
>> up with a LTPROOT=. and LTPBIN=./testcases/bin, which then won't work
>> when it gets referenced by the individual test scripts particularly when
>> they change to a subdirectory for a particular test.  This yields a
>> couple of failures in the .log and 'No such file or directory' errors in
>> the .outfile.
>>
>>> After the above items were committed, this is the end result:
>>>
>>> Total Tests: 39
>>> Total Failures: 0
>>> Kernel Version: 2.6.31.9-174.fc12.i686.PAE
>>> Machine Architecture: i686
>>> Hostname: localhost.localdomain
>>>
>>> I highly encourage others to test this out as well -- maybe we can enable 
>>> it in the default build after I can get some RHEL4 folks to test the 
>>> port...?
>>
>> When invoked via cd /opt/ltp && ./testscripts/test_selinux.sh I get the
>> following errors in the .outfile:
>>
>> chcon: cannot access `selinux_wait_io': No such file or directory
>> ./testcases/bin/selinux_file.sh: line 188: tst_resm: command not found
>> runcon: selinux_wait_parent: No such file or directory
>> ./testcases/bin/selinux_wait.sh: line 35: tst_resm: command not found
>> runcon: selinux_wait_parent: No such file or directory
>> ./testcases/bin/selinux_wait.sh: line 51: tst_resm: command not found
>>
>> The first message actually shows up even when invoked
>> via /opt/ltp/testscripts/test_selinux.sh, although it doesn't appear to
>> cause any FAIL in that case.  The test_resm messages are odd - is that
>> not getting defined anywhere?
>
> Ok. Send me a patch that does a readlink -f of the LTPPATH and set
> your PATH to include $LTPROOT/testcases/bin, and you'll be good to go


    Nevermind. I just committed the change... please retest and
hopefully all goes well for you this time around.
Cheers,
-Garrett

------------------------------------------------------------------------------
The Planet: dedicated and managed hosting, cloud storage, colocation
Stay online with enterprise data centers and the best network in the business
Choose flexible plans and management services without long-term contracts
Personal 24x7 support from experience hosting pros just a phone call away.
http://p.sf.net/sfu/theplanet-com
_______________________________________________
Ltp-list mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/ltp-list

Re: [LTP] regression: selinux testsuite broken since October

Reply via email to