QA:Testcase policycoreutils semodule

This page was last edited on 1 August 2016, at 14:16.

From Fedora Project Wiki

Revision as of 14:16, 1 August 2016 by Plautrba (talk | contribs) (Created page with "{{QA/Test_Case |description=This test case tests semodule basic functionalities (module installation/removal, listing). |setup=Ensure that {{package|policycoreutils}} package ...")

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Description

This test case tests semodule basic functionalities (module installation/removal, listing).

Setup

Ensure that policycoreutils package is installed.

How to test

Create file called audittmp.cil containing simple auditallow rule:

cd /tmp
echo "(auditallow unconfined_t user_tmp_t (file (create)))" > audittmp.cil

Install new module semodule -i audittmp.cil
Check that the module is properly installed

semodule -l | grep audittmp
audittmp

Create new file in /tmp

touch /tmp/new_file

Check that the file creation was logged

ausearch -m avc -ts recent | grep new_file
type=AVC msg=audit(1470058493.388:6693): avc:  granted  { create } for  pid=7410 comm="touch" name="new_file" scontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_tmp_t:s0 tclass=file

Remove new module semodule -r audittmp
Check that the module is no longer listed as installed semodule -l
Clean up rm -rf new_file audittmp.cil

Expected Results

All commands are executed successfully
AVC message simillar to the one shown above was logged

Retrieved from "https://fedoraproject.org/w/index.php?title=QA:Testcase_policycoreutils_semodule&oldid=466549"

Package policycoreutils test cases

Copyright © 2024 Red Hat, Inc. and others. All Rights Reserved. For comments or queries, please contact us.

The Fedora Project is maintained and driven by the community and sponsored by Red Hat. This is a community maintained site. Red Hat is not responsible for content.