Skip to content

Commit

Permalink
tests/atsecure: avoid running bash under test domains
Browse files Browse the repository at this point in the history 
The 'env' utility can be used just as well. This avoids the "bash:
/root/.bashrc: Permission denied" error message that appears when the
testsuite is ran with a terminal attached to the stdout/stdin and the
corresponding AVC denials.

Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com>
  • Loading branch information
@WOnder93
WOnder93 committed Mar 14, 2023
1 parent 1c0b28e commit 17fecc4
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions tests/atsecure/test
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,12 +20,12 @@ ok( $result, 0 );

# Verify that LD_PRELOAD is ignored when noatsecure permission is not allowed.
$result = system(
"runcon -t test_atsecure_denied_t -- bash -c 'LD_PRELOAD=$basedir/evil.so runcon -t test_atsecure_newdomain_t $basedir/good'"
"runcon -t test_atsecure_denied_t -- env LD_PRELOAD=$basedir/evil.so runcon -t test_atsecure_newdomain_t $basedir/good"
);
ok( $result, 0 );

# Verify that LD_PRELOAD is honored when noatsecure permission is allowed.
$result = system(
"runcon -t test_atsecure_allowed_t -- bash -c 'LD_PRELOAD=$basedir/evil.so runcon -t test_atsecure_newdomain_t $basedir/good'"
"runcon -t test_atsecure_allowed_t -- env LD_PRELOAD=$basedir/evil.so runcon -t test_atsecure_newdomain_t $basedir/good"
);
ok($result);

0 comments on commit 17fecc4

Please sign in to comment.