audit-testsuite icon indicating copy to clipboard operation
audit-testsuite copied to clipboard
verified publisher icon linux-audit

BUG: filter_exclude fails when execute in specific context

Open The-Mule opened this issue 8 years ago • 2 comments

SElinux context is parsed in filter_exclude test incorrectly:

if($subj =~ /([^:]+):([^:]+):([^:]+):([^-]+)-([^-]+)/) {
        ($subj_user, $subj_role, $subj_type, $subj_sen, $subj_clr) = ($1, $2, $3, $4, $5);
}

When there is no clearance (eg. system_u:unconfined_r:unconfined_t:s0 [*]) parsing will not work. The following regex works: ([^:]+):([^:]+):([^:]+):([^-]+)-?([^-]+)?.

Please notice that clearance is used in several places of the test and hence we need to fix those parts as well.

[*] FYI, when I am running testsuite via Beaker, tests are executed with this context.

Reproducer: runcon system_u:unconfined_r:unconfined_t:s0 make tests

The-Mule avatar Apr 19 '17 15:04 The-Mule

Quick fix - https://github.com/The-Mule/audit-testsuite/commit/783e2a558e35a34ba28782866393aa92655c6cdc

The-Mule avatar Apr 20 '17 11:04 The-Mule

Understood. The fix looks good to me.

rgbriggs avatar Apr 21 '17 00:04 rgbriggs