Add exception lists for SMACK execute label test.

author jin-gyu.kim <jin-gyu.kim@samsung.com>

Mon, 22 Feb 2021 04:28:46 +0000 (13:28 +0900)

committer jin-gyu.kim <jin-gyu.kim@samsung.com>

Mon, 22 Feb 2021 06:01:48 +0000 (15:01 +0900)
author jin-gyu.kim <jin-gyu.kim@samsung.com>
Mon, 22 Feb 2021 04:28:46 +0000 (13:28 +0900)
committer jin-gyu.kim <jin-gyu.kim@samsung.com>
Mon, 22 Feb 2021 06:01:48 +0000 (15:01 +0900)
diff --git a/test/execute_label_check_test/CMakeLists.txt b/test/execute_label_check_test/CMakeLists.txt

index 0187462d83c6d7373cd5198377ab055edd06a73c..3311a41f3365b617d241562ef70c7875ca6f1e7f 100755 (executable)
--- a/test/execute_label_check_test/CMakeLists.txt
+++ b/test/execute_label_check_test/CMakeLists.txt
@@ -3,6 +3,7 @@ CMAKE_MINIMUM_REQUIRED(VERSION 2.6)
  FILE(GLOB SHELL_SCRIPT *.sh)
  INSTALL(FILES
         ${SHELL_SCRIPT}
+       execute_label_check_exception.list
         DESTINATION
         /usr/share/security-config/test/execute_label_check_test
  )
diff --git a/test/execute_label_check_test/execute_label_check_exception.list b/test/execute_label_check_test/execute_label_check_exception.list

new file mode 100755 (executable)

index 0000000..bab519c
--- /dev/null
+++ b/test/execute_label_check_test/execute_label_check_exception.list
@@ -0,0 +1,2 @@
+/usr/libexec/dlog-log-critical
+
diff --git a/test/execute_label_check_test/execute_label_check_test.sh b/test/execute_label_check_test/execute_label_check_test.sh

old mode 100644 (file)

new mode 100755 (executable)

index 781b900..9b9b239
--- a/test/execute_label_check_test/execute_label_check_test.sh
+++ b/test/execute_label_check_test/execute_label_check_test.sh
@@ -4,6 +4,22 @@ PATH="/usr/bin:/bin:/usr/sbin:/sbin"
  test_dir=("/usr" "/etc" "/opt")
  result_file="/opt/share/security-config/result/execute_label_check.result"
  log_file="/opt/share/security-config/log/execute_label_check.log"
+exception_file="/usr/share/security-config/test/execute_label_check_test/execute_label_check_exception.list"
+
+# check exception
+# args : $1 = file path
+function CHECK_EXCEPTION
+{
+       while read exception_list_line
+       do
+               if [ "$1" == $exception_list_line ]
+               then
+                       return 1
+               fi
+       done < $exception_file
+
+       return 0
+}
  
  # args : $1 = target dir path. Searching recursively inside of it.
  function run_chsmack
@@ -13,7 +29,12 @@ function run_chsmack
                 execute_label=$(echo $LINE | cut -d '"' -f4)
                 if [ "$execute_label" != "_" ]
                 then
-                       echo $LINE >> $log_file
+                       file_path=$(echo $LINE | cut -d " " -f1)
+                       CHECK_EXCEPTION $file_path # exception check
+                       if [ "$?" == 0 ]
+                       then
+                               echo $LINE >> $log_file
+                       fi
                 fi
         done
  }
author	jin-gyu.kim <jin-gyu.kim@samsung.com>
	Mon, 22 Feb 2021 04:28:46 +0000 (13:28 +0900)
committer	jin-gyu.kim <jin-gyu.kim@samsung.com>
	Mon, 22 Feb 2021 06:01:48 +0000 (15:01 +0900)
test/execute_label_check_test/CMakeLists.txt		patch \| blob \| history
test/execute_label_check_test/execute_label_check_exception.list	[new file with mode: 0755]	patch \| blob
test/execute_label_check_test/execute_label_check_test.sh	[changed mode: 0644->0755]	patch \| blob \| history