1#!/bin/sh 2 3# 4# Copyright (c) 2009 Peter Holm <pho@FreeBSD.org> 5# All rights reserved. 6# 7# Redistribution and use in source and binary forms, with or without 8# modification, are permitted provided that the following conditions 9# are met: 10# 1. Redistributions of source code must retain the above copyright 11# notice, this list of conditions and the following disclaimer. 12# 2. Redistributions in binary form must reproduce the above copyright 13# notice, this list of conditions and the following disclaimer in the 14# documentation and/or other materials provided with the distribution. 15# 16# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 17# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 20# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 21# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 22# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 24# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 25# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26# SUCH DAMAGE. 27# 28# $FreeBSD$ 29# 30 31# Regression test for panic in second ls 32 33[ `id -u ` -ne 0 ] && echo "Must be root!" && exit 1 34 35. ../default.cfg 36 37sysctl -a | ! grep -q security.mac.chkexec && echo "chkexec.ko must be loaded" && exit 1 38 39mount | grep "${mntpoint}" | grep -q md${mdstart}${part} && umount $mntpoint 40mdconfig -l | grep -q md$mdstart && mdconfig -d -u $mdstart 41 42mdconfig -a -t swap -s 12m -u $mdstart 43bsdlabel -w md$mdstart auto 44 45newfs md${mdstart}${part} > /dev/null 46tunefs -l enable /dev/md${mdstart}${part} 47mount /dev/md${mdstart}${part} $mntpoint 48 49cp /bin/ls $mntpoint 50setfmac chkexec/md5:`md5 -q $mntpoint/ls` $mntpoint/ls 51sysctl security.mac.chkexec.enforce=1 52$mntpoint/ls $mntpoint/ls 53setfmac chkexec/none $mntpoint/ls 54$mntpoint/ls $mntpoint/ls 55sysctl security.mac.chkexec.enforce=0 56 57umount $mntpoint 58mdconfig -d -u $mdstart 59