Quoting Dwight Engen (dwight.en...@oracle.com):
> On Wed, 16 Oct 2013 13:17:08 -0500
> Serge Hallyn <serge.hal...@ubuntu.com> wrote:
>
> > Quoting Dwight Engen (dwight.en...@oracle.com):
> > > - Add attach test cases
> > >
> > > - Moved setting of LSM label later to avoid failure of IPC between
> > > parent and child during attach
> >
> > ...
> >
> > > diff --git a/src/tests/attach.c b/src/tests/attach.c
> > > new file mode 100644
> > > index 0000000..76a1f1f
> > > --- /dev/null
> > > +++ b/src/tests/attach.c
> > > @@ -0,0 +1,380 @@
> > > +/* liblxcapi
> > > + *
> > > + * Copyright © 2013 Oracle.
> > > + *
> > > + * Authors:
> > > + * Dwight Engen <dwight.en...@oracle.com>
> > > + *
> > > + * This program is free software; you can redistribute it and/or
> > > modify
> > > + * it under the terms of the GNU General Public License version 2,
> > > as
> > > + * published by the Free Software Foundation.
> > > + *
> > > + * This program is distributed in the hope that it will be useful,
> > > + * but WITHOUT ANY WARRANTY; without even the implied warranty of
> > > + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
> > > + * GNU General Public License for more details.
> > > + *
> > > + * You should have received a copy of the GNU General Public
> > > License along
> > > + * with this program; if not, write to the Free Software
> > > Foundation, Inc.,
> > > + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
> > > + */
> > > +
> > > +#include <lxc/lxccontainer.h>
> > > +#include <lxc/utils.h>
> > > +#include <lxc/lsm/lsm.h>
> > > +
> > > +#include <errno.h>
> > > +#include <unistd.h>
> > > +
> > > +#define TSTNAME "lxc-attach-test"
> > > +#define TSTERR(fmt, ...) do { \
> > > + fprintf(stderr, "%s:%d " fmt "\n", __FILE__, __LINE__,
> > > ##__VA_ARGS__); \ +} while (0)
> > > +
> > > +#if HAVE_APPARMOR
> > > +#define LSM_CONFIG_KEY "lxc.aa_profile"
> > > +#define LSM_LABEL "lxc-container-default"
> > > +#endif
> > > +
> > > +#if HAVE_SELINUX
> > > +#define LSM_CONFIG_KEY "lxc.se_context"
> > > +#define
> > > LSM_LABEL "unconfined_u:unconfined_r:lxc_t:s0-s0:c0.c1023"
> > > +#endif
> >
> > This breaks builds for me because both HAVE_APPARMOR and HAVE_SELINUX
> > are set.
>
> Ahh, hmm. Do you actually have both run time enabled? Does that work?! Should
> I try to run time detect which ones are enabled and then run the tests for
> what it finds?
well libselinux is enabled and selinux is compiled into the
kernel (but not actually enabled). In any case I guess compile
time checking isn't right for this. So yeah, you should check
at runtime.
-serge
------------------------------------------------------------------------------
October Webinars: Code for Performance
Free Intel webinars can help you accelerate application performance.
Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from
the latest Intel processors and coprocessors. See abstracts and register >
http://pubads.g.doubleclick.net/gampad/clk?id=60135031&iu=/4140/ostg.clktrk
_______________________________________________
Lxc-devel mailing list
Lxc-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lxc-devel
