From a5c3e6064b583477de8564a20799a630474d556d Mon Sep 17 00:00:00 2001
From: wujing <wujing50@huawei.com>
Date: Tue, 29 Mar 2022 20:07:31 +0800
Subject: [PATCH 06/16] test: adapt to the enabled selinux host environment

Signed-off-by: wujing <wujing50@huawei.com>
---
 test/services/execution/spec/CMakeLists.txt   |  2 +
 .../execution/spec/selinux_label_ut.cc        | 48 ++++++++++++++++---
 2 files changed, 43 insertions(+), 7 deletions(-)

diff --git a/test/services/execution/spec/CMakeLists.txt b/test/services/execution/spec/CMakeLists.txt
index 9ce30219..e1aa680e 100644
--- a/test/services/execution/spec/CMakeLists.txt
+++ b/test/services/execution/spec/CMakeLists.txt
@@ -15,6 +15,7 @@ add_executable(${EXE}
     ${CMAKE_CURRENT_SOURCE_DIR}/../../../../src/utils/cutils/path.c
     ${CMAKE_CURRENT_SOURCE_DIR}/../../../../src/utils/cutils/map/map.c
     ${CMAKE_CURRENT_SOURCE_DIR}/../../../../src/utils/cutils/map/rb_tree.c
+    ${CMAKE_CURRENT_SOURCE_DIR}/../../../../src/utils/cpputils/cxxutils.cc
     ${CMAKE_CURRENT_SOURCE_DIR}/../../../../src/daemon/common/err_msg.c
     ${CMAKE_CURRENT_SOURCE_DIR}/../../../mocks/namespace_mock.cc
     ${CMAKE_CURRENT_SOURCE_DIR}/../../../../src/daemon/common/selinux_label.c
@@ -46,6 +47,7 @@ target_include_directories(${EXE} PUBLIC
     ${CMAKE_CURRENT_SOURCE_DIR}/../../../../src/daemon/common
     ${CMAKE_CURRENT_SOURCE_DIR}/../../../include
     ${CMAKE_CURRENT_SOURCE_DIR}/../../../../src/utils/cutils
+    ${CMAKE_CURRENT_SOURCE_DIR}/../../../../src/utils/cpputils
     ${CMAKE_CURRENT_SOURCE_DIR}/../../../../src/utils/sha256
     ${CMAKE_CURRENT_SOURCE_DIR}/../../../../src/utils/cutils/map
     ${CMAKE_CURRENT_SOURCE_DIR}/../../../../src/daemon/services/execution/manager
diff --git a/test/services/execution/spec/selinux_label_ut.cc b/test/services/execution/spec/selinux_label_ut.cc
index ea3c480c..c0e9ab1c 100644
--- a/test/services/execution/spec/selinux_label_ut.cc
+++ b/test/services/execution/spec/selinux_label_ut.cc
@@ -25,6 +25,7 @@
 #include <sys/stat.h>
 #include "namespace_mock.h"
 #include "utils.h"
+#include "cxxutils.h"
 
 using namespace std;
 
@@ -40,6 +41,34 @@ protected:
     }
 };
 
+std::string get_lxc_context_filed(const std::string &filed)
+{
+    ifstream in("/etc/selinux/targeted/contexts/lxc_contexts");
+    string line;
+    while (getline(in, line)) {
+        stringstream ss(line);
+        string tmp;
+        while (getline(ss, tmp)) {
+            auto configs = CXXUtils::Split(tmp, '=');
+            if (configs.size() != 2) {
+                return "";
+            }
+            if (configs.at(0).substr(0, filed.size()) != filed) {
+                continue;
+            }
+
+            auto elements = CXXUtils::Split(configs.at(1), ':');
+            if (elements.size() < 3) {
+                return "";
+            }
+
+            return elements.at(2);
+        }
+    }
+
+    return "";
+}
+
 TEST_F(SELinuxLabelUnitTest, test_init_label_normal)
 {
     const char *disable_label[] = { "disable" };
@@ -48,17 +77,22 @@ TEST_F(SELinuxLabelUnitTest, test_init_label_normal)
     const char *type_label[] = { "type:faketype" };
     const char *level_label[] = { "level:s0:c1,c2" };
     const char *full_label[] = { "user:fakeuser", "level:s0:c1,c2", "type:faketype", "role:fakerole" };
+    std::string process_context = get_lxc_context_filed("process");
+    std::string file_context = get_lxc_context_filed("file");
 
     std::vector<std::tuple<const char **, size_t, int, std::string, std::string>> normal {
         std::make_tuple(disable_label, 1, 0, "", ""),
-        std::make_tuple(user_label, 1, 0, "fakeuser:system_r:container_t:s0", "fakeuser:object_r:container_file_t:s0"),
-        std::make_tuple(role_label, 1, 0, "system_u:fakerole:container_t:s0", "system_u:object_r:container_file_t:s0"),
-        std::make_tuple(type_label, 1, 0, "system_u:system_r:faketype:s0", "system_u:object_r:container_file_t:s0"),
-        std::make_tuple(level_label, 1, 0, "system_u:system_r:container_t:s0:c1,c2",
-                        "system_u:object_r:container_file_t:s0:c1,c2"),
+        std::make_tuple(user_label, 1, 0, "fakeuser:system_r:" + process_context + ":s0",
+                        "fakeuser:object_r:" + file_context + ":s0"),
+        std::make_tuple(role_label, 1, 0, "system_u:fakerole:" + process_context + ":s0",
+                        "system_u:object_r:" + file_context + ":s0"),
+        std::make_tuple(type_label, 1, 0, "system_u:system_r:faketype:s0", "system_u:object_r:" + file_context + ":s0"),
+        std::make_tuple(level_label, 1, 0, "system_u:system_r:" + process_context + ":s0:c1,c2",
+                        "system_u:object_r:" + file_context + ":s0:c1,c2"),
         std::make_tuple(full_label, 4, 0, "fakeuser:fakerole:faketype:s0:c1,c2",
-                        "fakeuser:object_r:container_file_t:s0:c1,c2"),
-        std::make_tuple(nullptr, 0, 0, "system_u:system_r:container_t:s0", "system_u:object_r:container_file_t:s0"),
+                        "fakeuser:object_r:" + file_context + ":s0:c1,c2"),
+        std::make_tuple(nullptr, 0, 0, "system_u:system_r:" + process_context + ":s0",
+                        "system_u:object_r:" + file_context + ":s0"),
     };
 
     if (!is_selinux_enabled()) {
-- 
2.20.1