2020-12-01 10:02:31 +00:00
|
|
|
from .conftest import (
|
|
|
|
tick_box,
|
|
|
|
cross_box,
|
|
|
|
mock_command,
|
|
|
|
)
|
|
|
|
|
|
|
|
|
2021-11-18 01:03:37 +00:00
|
|
|
def mock_selinux_config(state, host):
|
2020-12-01 10:02:31 +00:00
|
|
|
'''
|
|
|
|
Creates a mock SELinux config file with expected content
|
|
|
|
'''
|
|
|
|
# validate state string
|
|
|
|
valid_states = ['enforcing', 'permissive', 'disabled']
|
|
|
|
assert state in valid_states
|
|
|
|
# getenforce returns the running state of SELinux
|
2021-11-18 01:03:37 +00:00
|
|
|
mock_command('getenforce', {'*': (state.capitalize(), '0')}, host)
|
2020-12-01 10:02:31 +00:00
|
|
|
# create mock configuration with desired content
|
2021-11-18 01:03:37 +00:00
|
|
|
host.run('''
|
2020-12-01 10:02:31 +00:00
|
|
|
mkdir /etc/selinux
|
|
|
|
echo "SELINUX={state}" > /etc/selinux/config
|
|
|
|
'''.format(state=state.lower()))
|
|
|
|
|
|
|
|
|
2021-11-18 01:03:37 +00:00
|
|
|
def test_selinux_enforcing_exit(host):
|
2020-12-01 10:02:31 +00:00
|
|
|
'''
|
|
|
|
confirms installer prompts to exit when SELinux is Enforcing by default
|
|
|
|
'''
|
2021-11-18 01:03:37 +00:00
|
|
|
mock_selinux_config("enforcing", host)
|
|
|
|
check_selinux = host.run('''
|
2020-12-01 10:02:31 +00:00
|
|
|
source /opt/pihole/basic-install.sh
|
|
|
|
checkSelinux
|
|
|
|
''')
|
2022-07-10 13:54:55 +02:00
|
|
|
expected_stdout = cross_box + ' Current SELinux: enforcing'
|
2020-12-01 10:02:31 +00:00
|
|
|
assert expected_stdout in check_selinux.stdout
|
|
|
|
expected_stdout = 'SELinux Enforcing detected, exiting installer'
|
|
|
|
assert expected_stdout in check_selinux.stdout
|
|
|
|
assert check_selinux.rc == 1
|
|
|
|
|
|
|
|
|
2021-11-18 01:03:37 +00:00
|
|
|
def test_selinux_permissive(host):
|
2020-12-01 10:02:31 +00:00
|
|
|
'''
|
|
|
|
confirms installer continues when SELinux is Permissive
|
|
|
|
'''
|
2021-11-18 01:03:37 +00:00
|
|
|
mock_selinux_config("permissive", host)
|
|
|
|
check_selinux = host.run('''
|
2020-12-01 10:02:31 +00:00
|
|
|
source /opt/pihole/basic-install.sh
|
|
|
|
checkSelinux
|
|
|
|
''')
|
2022-07-10 13:54:55 +02:00
|
|
|
expected_stdout = tick_box + ' Current SELinux: permissive'
|
2020-12-01 10:02:31 +00:00
|
|
|
assert expected_stdout in check_selinux.stdout
|
|
|
|
assert check_selinux.rc == 0
|
|
|
|
|
2020-12-01 10:13:36 +00:00
|
|
|
|
2021-11-18 01:03:37 +00:00
|
|
|
def test_selinux_disabled(host):
|
2020-12-01 10:02:31 +00:00
|
|
|
'''
|
|
|
|
confirms installer continues when SELinux is Disabled
|
|
|
|
'''
|
2021-11-18 01:03:37 +00:00
|
|
|
mock_selinux_config("disabled", host)
|
|
|
|
check_selinux = host.run('''
|
2020-12-01 10:02:31 +00:00
|
|
|
source /opt/pihole/basic-install.sh
|
|
|
|
checkSelinux
|
|
|
|
''')
|
2022-07-10 13:54:55 +02:00
|
|
|
expected_stdout = tick_box + ' Current SELinux: disabled'
|
2020-12-01 10:02:31 +00:00
|
|
|
assert expected_stdout in check_selinux.stdout
|
|
|
|
assert check_selinux.rc == 0
|