From: jin-gyu.kim <jin-gyu.kim@samsung.com>
Date: Mon, 22 Feb 2021 04:28:46 +0000 (+0900)
Subject: Add exception lists for SMACK execute label test.
X-Git-Tag: submit/tizen/20210222.064054^0
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=cdac6cf442bd6b99d4de2efe9d40ca8896d7645f;p=platform%2Fcore%2Fsecurity%2Fsecurity-config.git

Add exception lists for SMACK execute label test.

- Some executables need to be set SMACK execute label.
- Add exeception list file to include those cases.

Change-Id: I24a3abb50b6d5a2c43db276ab1219f64ef2a309a
---

diff --git a/test/execute_label_check_test/CMakeLists.txt b/test/execute_label_check_test/CMakeLists.txt
index 0187462..3311a41 100755
--- a/test/execute_label_check_test/CMakeLists.txt
+++ b/test/execute_label_check_test/CMakeLists.txt
@@ -3,6 +3,7 @@ CMAKE_MINIMUM_REQUIRED(VERSION 2.6)
 FILE(GLOB SHELL_SCRIPT *.sh)
 INSTALL(FILES
 	${SHELL_SCRIPT}
+	execute_label_check_exception.list
 	DESTINATION
 	/usr/share/security-config/test/execute_label_check_test
 )
diff --git a/test/execute_label_check_test/execute_label_check_exception.list b/test/execute_label_check_test/execute_label_check_exception.list
new file mode 100755
index 0000000..bab519c
--- /dev/null
+++ b/test/execute_label_check_test/execute_label_check_exception.list
@@ -0,0 +1,2 @@
+/usr/libexec/dlog-log-critical
+
diff --git a/test/execute_label_check_test/execute_label_check_test.sh b/test/execute_label_check_test/execute_label_check_test.sh
old mode 100644
new mode 100755
index 781b900..9b9b239
--- a/test/execute_label_check_test/execute_label_check_test.sh
+++ b/test/execute_label_check_test/execute_label_check_test.sh
@@ -4,6 +4,22 @@ PATH="/usr/bin:/bin:/usr/sbin:/sbin"
 test_dir=("/usr" "/etc" "/opt")
 result_file="/opt/share/security-config/result/execute_label_check.result"
 log_file="/opt/share/security-config/log/execute_label_check.log"
+exception_file="/usr/share/security-config/test/execute_label_check_test/execute_label_check_exception.list"
+
+# check exception
+# args : $1 = file path
+function CHECK_EXCEPTION
+{
+	while read exception_list_line
+	do
+		if [ "$1" == $exception_list_line ]
+		then
+			return 1
+		fi
+	done < $exception_file
+
+	return 0
+}
 
 # args : $1 = target dir path. Searching recursively inside of it.
 function run_chsmack
@@ -13,7 +29,12 @@ function run_chsmack
 		execute_label=$(echo $LINE | cut -d '"' -f4)
 		if [ "$execute_label" != "_" ]
 		then
-			echo $LINE >> $log_file
+			file_path=$(echo $LINE | cut -d " " -f1)
+			CHECK_EXCEPTION $file_path # exception check
+			if [ "$?" == 0 ]
+			then
+				echo $LINE >> $log_file
+			fi
 		fi
 	done
 }