diff options
author | José Bollo <jose.bollo@iot.bzh> | 2018-02-08 09:57:25 +0100 |
---|---|---|
committer | José Bollo <jose.bollo@iot.bzh> | 2018-02-13 11:02:00 +0100 |
commit | 0ffb178ea81ebcde3990dd8269ccc08ebbc83416 (patch) | |
tree | eb7db261cbbda2bb1ca31b962d9d2255a0931734 /meta-security/lib/oeqa/runtime/files/test_smack_tcp_sockets.sh | |
parent | 4c1200c414361d35faf90ba887e012ab3cbab3db (diff) |
meta-security: Remove unused content
This unused content can be devided in two parts:
- setting and feature in bitbake classes
- tests
None are actually used by AGL.
Even if this content can be later included in distribution,
I prefer to remove it now.
Change-Id: I4e6a8ac6326986a5652a7c47614dcaa3db8cabb6
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
Diffstat (limited to 'meta-security/lib/oeqa/runtime/files/test_smack_tcp_sockets.sh')
-rw-r--r-- | meta-security/lib/oeqa/runtime/files/test_smack_tcp_sockets.sh | 108 |
1 files changed, 0 insertions, 108 deletions
diff --git a/meta-security/lib/oeqa/runtime/files/test_smack_tcp_sockets.sh b/meta-security/lib/oeqa/runtime/files/test_smack_tcp_sockets.sh deleted file mode 100644 index ed18f2371..000000000 --- a/meta-security/lib/oeqa/runtime/files/test_smack_tcp_sockets.sh +++ /dev/null @@ -1,108 +0,0 @@ -#!/bin/sh -RC=0 -test_file=/tmp/smack_socket_tcp -SMACK_PATH=`grep smack /proc/mounts | awk '{print $2}' ` -# make sure no access is granted -# 12345678901234567890123456789012345678901234567890123456 -echo -n "label1 label2 -----" > $SMACK_PATH/load - -tcp_server=`which tcp_server` -if [ -z $tcp_server ]; then - if [ -f "/tmp/tcp_server" ]; then - tcp_server="/tmp/tcp_server" - else - echo "tcp_server binary not found" - exit 1 - fi -fi -tcp_client=`which tcp_client` -if [ -z $tcp_client ]; then - if [ -f "/tmp/tcp_client" ]; then - tcp_client="/tmp/tcp_client" - else - echo "tcp_client binary not found" - exit 1 - fi -fi - -# checking access for sockets with different labels -$tcp_server 50016 label1 &>/dev/null & -server_pid=$! -sleep 2 -$tcp_client 50016 label2 label1 &>/dev/null & -client_pid=$! - -wait $server_pid -server_rv=$? -wait $client_pid -client_rv=$? - -if [ $server_rv -eq 0 -o $client_rv -eq 0 ]; then - echo "Sockets with different labels should not communicate on tcp" - exit 1 -fi - -# granting access between different labels -# 12345678901234567890123456789012345678901234567890123456 -echo -n "label1 label2 rw---" > $SMACK_PATH/load -# checking access for sockets with different labels, but having a rule granting rw -$tcp_server 50017 label1 2>$test_file & -server_pid=$! -sleep 1 -$tcp_client 50017 label2 label1 2>$test_file & -client_pid=$! -wait $server_pid -server_rv=$? -wait $client_pid -client_rv=$? -if [ $server_rv -ne 0 -o $client_rv -ne 0 ]; then - echo "Sockets with different labels, but having rw access, should communicate on tcp" - exit 1 -fi - -# checking access for sockets with the same label -$tcp_server 50018 label1 2>$test_file & -server_pid=$! -sleep 1 -$tcp_client 50018 label1 label1 2>$test_file & -client_pid=$! -wait $server_pid -server_rv=$? -wait $client_pid -client_rv=$? -if [ $server_rv -ne 0 -o $client_rv -ne 0 ]; then - echo "Sockets with same labels should communicate on tcp" - exit 1 -fi - -# checking access on socket labeled star (*) -# should always be permitted -$tcp_server 50019 \* 2>$test_file & -server_pid=$! -sleep 1 -$tcp_client 50019 label1 label1 2>$test_file & -client_pid=$! -wait $server_pid -server_rv=$? -wait $client_pid -client_rv=$? -if [ $server_rv -ne 0 -o $client_rv -ne 0 ]; then - echo "Should have access on tcp socket labeled star (*)" - exit 1 -fi - -# checking access from socket labeled star (*) -# all access from subject star should be denied -$tcp_server 50020 label1 2>$test_file & -server_pid=$! -sleep 1 -$tcp_client 50020 label1 \* 2>$test_file & -client_pid=$! -wait $server_pid -server_rv=$? -wait $client_pid -client_rv=$? -if [ $server_rv -eq 0 -o $client_rv -eq 0 ]; then - echo "Socket labeled star should not have access to any tcp socket" - exit 1 -fi |