spec/unit/other/selinux_spec.rb


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99

#! /usr/bin/env ruby
require 'spec_helper'

require 'puppet/type/selboolean'
require 'puppet/type/selmodule'

describe Puppet::Type.type(:file), " when manipulating file contexts" do
  include PuppetSpec::Files

  before :each do

    @file = Puppet::Type::File.new(
      :name => make_absolute("/tmp/foo"),
      :ensure => "file",
      :seluser => "user_u",
      :selrole => "role_r",
      :seltype => "type_t")
  end

  it "should use :seluser to get/set an SELinux user file context attribute" do
    expect(@file[:seluser]).to eq("user_u")
  end

  it "should use :selrole to get/set an SELinux role file context attribute" do
    expect(@file[:selrole]).to eq("role_r")
  end

  it "should use :seltype to get/set an SELinux user file context attribute" do
    expect(@file[:seltype]).to eq("type_t")
  end
end

describe Puppet::Type.type(:selboolean), " when manipulating booleans" do
  before :each do
    provider_class = Puppet::Type::Selboolean.provider(Puppet::Type::Selboolean.providers[0])
    Puppet::Type::Selboolean.stubs(:defaultprovider).returns provider_class

    @bool = Puppet::Type::Selboolean.new(
      :name => "foo",
      :value => "on",
      :persistent => true )
  end

  it "should be able to access :name" do
    @bool[:name].should == "foo"
  end

  it "should be able to access :value" do
    expect(@bool.property(:value).should).to eq(:on)
  end

  it "should set :value to off" do
    @bool[:value] = :off
    expect(@bool.property(:value).should).to eq(:off)
  end

  it "should be able to access :persistent" do
    @bool[:persistent].should == :true
  end

  it "should set :persistent to false" do
    @bool[:persistent] = false
    @bool[:persistent].should == :false
  end
end

describe Puppet::Type.type(:selmodule), " when checking policy modules" do
  before :each do
    provider_class = Puppet::Type::Selmodule.provider(Puppet::Type::Selmodule.providers[0])
    Puppet::Type::Selmodule.stubs(:defaultprovider).returns provider_class

    @module = Puppet::Type::Selmodule.new(
      :name => "foo",
      :selmoduledir => "/some/path",
      :selmodulepath => "/some/path/foo.pp",
      :syncversion => true)
  end

  it "should be able to access :name" do
    @module[:name].should == "foo"
  end

  it "should be able to access :selmoduledir" do
    @module[:selmoduledir].should == "/some/path"
  end

  it "should be able to access :selmodulepath" do
    @module[:selmodulepath].should == "/some/path/foo.pp"
  end

  it "should be able to access :syncversion" do
    expect(@module[:syncversion]).to eq(:true)
  end

  it "should set the syncversion value to false" do
    @module[:syncversion] = :false
    expect(@module[:syncversion]).to eq(:false)
  end
end