* [LTP] [PATCH 1/1] fix ssh03 on system running mls policy
@ 2011-08-17 21:38 James Czyzak
2011-08-25 14:57 ` Cyril Hrubis
0 siblings, 1 reply; 3+ messages in thread
From: James Czyzak @ 2011-08-17 21:38 UTC (permalink / raw)
To: Shubham, ltp-list; +Cc: debora
[-- Attachment #1.1: Type: text/plain, Size: 1470 bytes --]
Modified ssh03 to unset TCtmp. On a system running the latest selinux
mls policy the call to tst_setup in the cmdlib.sh script with the TCtmp
variable still set with the TEST_USER directory will result in the
directory being created with the context of the logged in user (i.e.
administrator running the test
...staff_u:object_r:home_root_t:SystemLow) when the useradd is run
afterwords the directory will already exist but the context of directory
/home/ssh_user3 should be
user_u:object_r:user_home_dir_t:SystemLow-SystemHigh. Now when the test
is run to ssh login with the valid password the test will fail due to
not being able to change to the user directory which is caused by a
mismatched context. The unset of TCtmp will prevent this. This does not
appear to be detrimental to systems running with a targeted policy and
should have no ill affect systems not running selinux, although a test
could be placed around the unset to determine if selinux is running and
the mls policy is in use.
Signed-off-by James Czyzak <czyzak2@linux.vnet.ibm.com>
<mailto:czyzak2@linux.vnet.ibm.com>
diff --git a/testcases/network/tcp_cmds/ssh/ssh03
b/testcases/network/tcp_cmds/s
index 8fbca34..a75032c 100755
--- a/testcases/network/tcp_cmds/ssh/ssh03
+++ b/testcases/network/tcp_cmds/ssh/ssh03
@@ -42,7 +42,7 @@ do_setup()
TCtmp=/home/$TEST_USER
rm -Rf $TCtmp
-
+ unset TCtmp
tst_setup
exists expect ssh ssh03_s1 useradd userdel
[-- Attachment #1.2: Type: text/html, Size: 2113 bytes --]
[-- Attachment #2: Type: text/plain, Size: 332 bytes --]
------------------------------------------------------------------------------
Get a FREE DOWNLOAD! and learn more about uberSVN rich system,
user administration capabilities and model configuration. Take
the hassle out of deploying and managing Subversion and the
tools developers use with it. http://p.sf.net/sfu/wandisco-d2d-2
[-- Attachment #3: Type: text/plain, Size: 155 bytes --]
_______________________________________________
Ltp-list mailing list
Ltp-list@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ltp-list
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [LTP] [PATCH 1/1] fix ssh03 on system running mls policy
2011-08-17 21:38 [LTP] [PATCH 1/1] fix ssh03 on system running mls policy James Czyzak
@ 2011-08-25 14:57 ` Cyril Hrubis
0 siblings, 0 replies; 3+ messages in thread
From: Cyril Hrubis @ 2011-08-25 14:57 UTC (permalink / raw)
To: James Czyzak; +Cc: ltp-list, debora
Hi!
> Modified ssh03 to unset TCtmp. On a system running the latest
> selinux mls policy the call to tst_setup in the cmdlib.sh script
> with the TCtmp variable still set with the TEST_USER directory will
> result in the directory being created with the context of the logged
> in user (i.e. administrator running the test
> ...staff_u:object_r:home_root_t:SystemLow) when the useradd is run
> afterwords the directory will already exist but the context of
> directory /home/ssh_user3 should be
> user_u:object_r:user_home_dir_t:SystemLow-SystemHigh. Now when the
> test is run to ssh login with the valid password the test will fail
> due to not being able to change to the user directory which is
> caused by a mismatched context. The unset of TCtmp will prevent
> this. This does not appear to be detrimental to systems running with
> a targeted policy and should have no ill affect systems not running
> selinux, although a test could be placed around the unset to
> determine if selinux is running and the mls policy is in use.
>
> Signed-off-by James Czyzak <czyzak2@linux.vnet.ibm.com>
> <mailto:czyzak2@linux.vnet.ibm.com>
>
> diff --git a/testcases/network/tcp_cmds/ssh/ssh03
> b/testcases/network/tcp_cmds/s
> index 8fbca34..a75032c 100755
> --- a/testcases/network/tcp_cmds/ssh/ssh03
> +++ b/testcases/network/tcp_cmds/ssh/ssh03
> @@ -42,7 +42,7 @@ do_setup()
> TCtmp=/home/$TEST_USER
>
> rm -Rf $TCtmp
> -
> + unset TCtmp
> tst_setup
>
What about not setting the TCtmp in the first place.
Change it from:
TCtmp=/home/$TEST_USER
rm -Rf $TCtmp
unset $TCtmp
to:
rm -Rf /home/$TEST_USER
And the Signed-off-by line is missing double colon and there is mailto
html tag that shouldn't be there.
I wonder why people aren't using git commit -s and git format-patch to
generate correct patches, which is easier than doing them by hand...
--
Cyril Hrubis
chrubis@suse.cz
------------------------------------------------------------------------------
EMC VNX: the world's simplest storage, starting under $10K
The only unified storage solution that offers unified management
Up to 160% more powerful than alternatives and 25% more efficient.
Guaranteed. http://p.sf.net/sfu/emc-vnx-dev2dev
_______________________________________________
Ltp-list mailing list
Ltp-list@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ltp-list
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [LTP] [PATCH 1/1] fix ssh03 on system running mls policy
[not found] <4E5D276C.3020505@linux.vnet.ibm.com>
@ 2011-09-01 13:03 ` Cyril Hrubis
0 siblings, 0 replies; 3+ messages in thread
From: Cyril Hrubis @ 2011-09-01 13:03 UTC (permalink / raw)
To: James Czyzak; +Cc: ltp-list, debora
Hi!
> Hi Cyril
>
> I sent this as new message since it's a revision of the patch as you
> suggested, which is a better way to do it. I wasn't sure whether it
> would be proper procedure to send a revised patch in a reply that
> contained the original. Anyway I modified some of the configuration
> settings of the mail client I'm using (Thunderbird) which unfortunately
> I need to run on a windows machine. Hopefully the configuration changes
> will prevent distortion of the patch. Please let me know if it does not.
>
> Signed-off-by: James Czyzak <czyzak2@linux.vnet.ibm.com>
The patch is OK. But please write description for the code change into
the mail body (instead of how Thunderbird tends to mangle patches ;).
Also there shouldn't be a whitespace before the Signed-off-by line.
> ---
> testcases/network/tcp_cmds/ssh/ssh03 | 4 +---
> 1 files changed, 1 insertions(+), 3 deletions(-)
>
> diff --git a/testcases/network/tcp_cmds/ssh/ssh03
> b/testcases/network/tcp_cmds/ssh/ssh03
> index 8fbca34..798d385 100755
> --- a/testcases/network/tcp_cmds/ssh/ssh03
> +++ b/testcases/network/tcp_cmds/ssh/ssh03
> @@ -39,10 +39,8 @@ do_setup()
> export TEST_USER_HOMEDIR="/home/$TEST_USER"
>
> # erase user if he/she already exists, so we can have a clean env
> - TCtmp=/home/$TEST_USER
> -
> - rm -Rf $TCtmp
>
> + rm -Rf /home/$TEST_USER
> tst_setup
>
> exists expect ssh ssh03_s1 useradd userdel
> --
> 1.7.4.1
--
Cyril Hrubis
chrubis@suse.cz
------------------------------------------------------------------------------
Special Offer -- Download ArcSight Logger for FREE!
Finally, a world-class log management solution at an even better
price-free! And you'll get a free "Love Thy Logs" t-shirt when you
download Logger. Secure your free ArcSight Logger TODAY!
http://p.sf.net/sfu/arcsisghtdev2dev
_______________________________________________
Ltp-list mailing list
Ltp-list@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ltp-list
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2011-09-01 13:03 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2011-08-17 21:38 [LTP] [PATCH 1/1] fix ssh03 on system running mls policy James Czyzak
2011-08-25 14:57 ` Cyril Hrubis
[not found] <4E5D276C.3020505@linux.vnet.ibm.com>
2011-09-01 13:03 ` Cyril Hrubis
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox