1# Process this file with autom4te to create testsuite. -*- Autotest -*-
2#
3# Test suite for GNU tar.
4# Copyright 2012-2021 Free Software Foundation, Inc.
5
6# This file is part of GNU tar.
7
8# GNU tar is free software; you can redistribute it and/or modify
9# it under the terms of the GNU General Public License as published by
10# the Free Software Foundation; either version 3 of the License, or
11# (at your option) any later version.
12
13# GNU tar is distributed in the hope that it will be useful,
14# but WITHOUT ANY WARRANTY; without even the implied warranty of
15# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
16# GNU General Public License for more details.
17
18# You should have received a copy of the GNU General Public License
19# along with this program.  If not, see <http://www.gnu.org/licenses/>.
20#
21# Test description:
22#
23# This is basic test for selinux support (store & restore).
24
25AT_SETUP([selinux: basic store/restore])
26AT_KEYWORDS([xattrs selinux selnx01])
27
28AT_TAR_CHECK([
29AT_XATTRS_UTILS_PREREQ
30AT_SELINUX_PREREQ
31
32mkdir dir
33genfile --file dir/file
34ln -s file dir/link
35
36getfattr -h -d -msecurity.selinux dir dir/file dir/link > start
37
38restorecon -R dir
39chcon -h --user=system_u     dir
40chcon -h --user=unconfined_u dir/file
41chcon -h --user=system_u     dir/link
42
43# archive whole directory including selinux contexts
44tar --selinux -cf archive.tar dir
45
46# clear the directory
47rm -rf dir
48
49# ================================================
50# check if selinux contexts are correctly restored
51
52tar --selinux -xf archive.tar
53
54# archive for later debugging
55cp archive.tar archive_origin.tar
56
57# check if selinux contexts were restored
58getfattr -h -d dir dir/file dir/link -msecurity.selinux | \
59    grep -v -e '^#' -e ^$ | cut -d: -f1
60
61# ===========================================================================
62# check if selinux contexts are not restored when --selinux option is missing
63
64getfattr -h -d -msecurity.selinux dir dir/file dir/link > with_selinux
65rm -rf dir
66tar -xf archive.tar
67getfattr -h -d -msecurity.selinux dir dir/file dir/link > without_selinux
68
69diff with_selinux without_selinux > diff_with_without
70if test "$?" -eq "0"; then
71    echo "selinux contexts probably restored while --selinux is off"
72fi
73
74# =================================================================
75# check if selinux is not archived when --selinux option is missing
76
77tar -cf archive.tar dir
78
79# clear the directory
80rm -rf dir
81
82# restore (with --selinux)
83tar --selinux -xf archive.tar dir
84
85getfattr -h -d -msecurity.selinux dir dir/file dir/link > final
86diff start final > final_diff
87if test "$?" -ne "0"; then
88    echo "bad result"
89fi
90
91],
92[0],
93[security.selinux="system_u
94security.selinux="unconfined_u
95security.selinux="system_u
96])
97
98AT_CLEANUP
99