RGBCube/uutils-coreutils
1
Fork 0
mirror of https://github.com/RGBCube/uutils-coreutils synced 2025-07-28 03:27:44 +00:00
Code Issues Activity

id: add support for showing SELinux context (--context/-Z)

Browse source
This commit is contained in:
Jan Scheer 2021-06-19 20:26:28 +02:00
parent e2a00b67ed
commit f1d317147b
7 changed files with 315 additions and 23 deletions
Download patch file Download diff file Expand all files Collapse all files

101
tests/by-util/test_id.rs
View file

@ -52,14 +52,6 @@ fn test_id_no_specified_user() {
let exp_result = unwrap_or_return!(expected_result(&[]));
let mut _exp_stdout = exp_result.stdout_str().to_string();
#[cfg(target_os = "linux")]
{
// NOTE: (SELinux NotImplemented) strip 'context' part from exp_stdout:
if let Some(context_offset) = exp_result.stdout_str().find(" context=") {
_exp_stdout.replace_range(context_offset.._exp_stdout.len() - 1, "");
}
}
result
.stdout_is(_exp_stdout)
.stderr_is(exp_result.stderr_str())
@ -425,6 +417,99 @@ fn test_id_zero() {
}
}
#[test]
#[cfg(target_os = "linux")]
fn test_id_context() {
use selinux::{self, KernelSupport};
if selinux::kernel_support() == KernelSupport::Unsupported {
println!(
"{}: test skipped: Kernel has no support for SElinux context",
UUTILS_INFO
);
return;
}
let scene = TestScenario::new(util_name!());
for c_flag in &["-Z", "--context"] {
scene
.ucmd()
.args(&[c_flag])
.succeeds()
.stdout_only(unwrap_or_return!(expected_result(&[c_flag])).stdout_str());
for &z_flag in &["-z", "--zero"] {
let args = [c_flag, z_flag];
scene
.ucmd()
.args(&args)
.succeeds()
.stdout_only(unwrap_or_return!(expected_result(&args)).stdout_str());
for &opt1 in &["--name", "--real"] {
// id: cannot print only names or real IDs in default format
let args = [opt1, c_flag];
scene
.ucmd()
.args(&args)
.succeeds()
.stdout_only(unwrap_or_return!(expected_result(&args)).stdout_str());
let args = [opt1, c_flag, z_flag];
scene
.ucmd()
.args(&args)
.succeeds()
.stdout_only(unwrap_or_return!(expected_result(&args)).stdout_str());
for &opt2 in &["--user", "--group", "--groups"] {
// u/g/G n/r z Z
// for now, we print clap's standard response for "conflicts_with" instead of:
// id: cannot print "only" of more than one choice
let args = [opt2, c_flag, opt1];
let _result = scene.ucmd().args(&args).fails();
// let exp_result = unwrap_or_return!(expected_result(&args));
// result
// .stdout_is(exp_result.stdout_str())
// .stderr_is(exp_result.stderr_str())
// .code_is(exp_result.code());
}
}
for &opt2 in &["--user", "--group", "--groups"] {
// u/g/G z Z
// for now, we print clap's standard response for "conflicts_with" instead of:
// id: cannot print "only" of more than one choice
let args = [opt2, c_flag];
let _result = scene.ucmd().args(&args).fails();
// let exp_result = unwrap_or_return!(expected_result(&args));
// result
// .stdout_is(exp_result.stdout_str())
// .stderr_is(exp_result.stderr_str())
// .code_is(exp_result.code());
}
}
}
}
#[test]
#[cfg(unix)]
fn test_id_no_specified_user_posixly() {
// gnu/tests/id/no-context.sh
let scene = TestScenario::new(util_name!());
let result = scene.ucmd().env("POSIXLY_CORRECT", "1").succeeds();
assert!(!result.stdout_str().contains("context="));
#[cfg(target_os = "linux")]
{
use selinux::{self, KernelSupport};
if selinux::kernel_support() == KernelSupport::Unsupported {
println!(
"{}: test skipped: Kernel has no support for SElinux context",
UUTILS_INFO
);
return;
} else {
let result = scene.ucmd().succeeds();
assert!(result.stdout_str().contains("context="));
}
}
}
fn check_coreutil_version(util_name: &str, version_expected: &str) -> String {
// example:
// $ id --version | head -n 1