salt/tests/unit/states/test_selinux.py

129 lines
5.2 KiB
Python
Raw Normal View History

2015-06-16 11:41:44 +00:00
# -*- coding: utf-8 -*-
'''
:codeauthor: :email:`Jayesh Kariya <jayeshk@saltstack.com>`
'''
# Import Python libs
from __future__ import absolute_import
# Import Salt Testing Libs
2017-03-22 16:42:17 +00:00
from tests.support.mixins import LoaderModuleMockMixin
from tests.support.unit import skipIf, TestCase
from tests.support.mock import (
2015-06-16 11:41:44 +00:00
NO_MOCK,
NO_MOCK_REASON,
MagicMock,
patch
)
# Import Salt Libs
import salt.states.selinux as selinux
2015-06-16 11:41:44 +00:00
@skipIf(NO_MOCK, NO_MOCK_REASON)
2017-03-22 16:42:17 +00:00
class SelinuxTestCase(TestCase, LoaderModuleMockMixin):
2015-06-16 11:41:44 +00:00
'''
Test cases for salt.states.selinux
'''
2017-03-22 16:42:17 +00:00
def setup_loader_modules(self):
return {selinux: {}}
2015-06-16 11:41:44 +00:00
# 'mode' function tests: 1
def test_mode(self):
'''
Test to verifies the mode SELinux is running in,
can be set to enforcing or permissive.
'''
2016-12-13 22:11:34 +00:00
ret = {'name': 'unknown',
2015-06-16 11:41:44 +00:00
'changes': {},
'result': False,
2016-12-13 22:11:34 +00:00
'comment': 'unknown is not an accepted mode'}
2015-06-16 11:41:44 +00:00
self.assertDictEqual(selinux.mode('unknown'), ret)
mock_en = MagicMock(return_value='Enforcing')
mock_pr = MagicMock(side_effect=['Permissive', 'Enforcing'])
with patch.dict(selinux.__salt__,
{'selinux.getenforce': mock_en,
'selinux.getconfig': mock_en,
2015-06-16 11:41:44 +00:00
'selinux.setenforce': mock_pr}):
comt = ('SELinux is already in Enforcing mode')
2016-12-13 22:11:34 +00:00
ret = {'name': 'Enforcing', 'comment': comt, 'result': True, 'changes': {}}
2015-06-16 11:41:44 +00:00
self.assertDictEqual(selinux.mode('Enforcing'), ret)
with patch.dict(selinux.__opts__, {'test': True}):
comt = ('SELinux mode is set to be changed to Permissive')
2016-12-13 22:11:34 +00:00
ret = {'name': 'Permissive', 'comment': comt,
'result': None, 'changes': {'new': 'Permissive', 'old': 'Enforcing'}}
2015-06-16 11:41:44 +00:00
self.assertDictEqual(selinux.mode('Permissive'), ret)
with patch.dict(selinux.__opts__, {'test': False}):
comt = ('SELinux has been set to Permissive mode')
2016-12-13 22:11:34 +00:00
ret = {'name': 'Permissive', 'comment': comt,
'result': True, 'changes': {'new': 'Permissive', 'old': 'Enforcing'}}
2015-06-16 11:41:44 +00:00
self.assertDictEqual(selinux.mode('Permissive'), ret)
comt = ('Failed to set SELinux to Permissive mode')
ret.update({'name': 'Permissive', 'comment': comt,
2016-12-13 22:11:34 +00:00
'result': False, 'changes': {}})
2015-06-16 11:41:44 +00:00
self.assertDictEqual(selinux.mode('Permissive'), ret)
# 'boolean' function tests: 1
def test_boolean(self):
'''
Test to set up an SELinux boolean.
'''
name = 'samba_create_home_dirs'
value = True
ret = {'name': name,
'changes': {},
'result': False,
'comment': ''}
mock_en = MagicMock(return_value=[])
with patch.dict(selinux.__salt__,
{'selinux.list_sebool': mock_en}):
comt = ('Boolean {0} is not available'.format(name))
ret.update({'comment': comt})
self.assertDictEqual(selinux.boolean(name, value), ret)
mock_bools = MagicMock(return_value={name: {'State': 'on',
'Default': 'on'}})
with patch.dict(selinux.__salt__,
{'selinux.list_sebool': mock_bools}):
comt = ('None is not a valid value for the boolean')
ret.update({'comment': comt})
self.assertDictEqual(selinux.boolean(name, None), ret)
comt = ('Boolean is in the correct state')
ret.update({'comment': comt, 'result': True})
self.assertDictEqual(selinux.boolean(name, value, True), ret)
comt = ('Boolean is in the correct state')
ret.update({'comment': comt, 'result': True})
self.assertDictEqual(selinux.boolean(name, value), ret)
mock_bools = MagicMock(return_value={name: {'State': 'off',
'Default': 'on'}})
mock = MagicMock(side_effect=[True, False])
with patch.dict(selinux.__salt__,
{'selinux.list_sebool': mock_bools,
'selinux.setsebool': mock}):
with patch.dict(selinux.__opts__, {'test': True}):
comt = ('Boolean samba_create_home_dirs'
' is set to be changed to on')
ret.update({'comment': comt, 'result': None})
self.assertDictEqual(selinux.boolean(name, value), ret)
with patch.dict(selinux.__opts__, {'test': False}):
comt = ('Boolean samba_create_home_dirs has been set to on')
ret.update({'comment': comt, 'result': True})
ret.update({'changes': {'State': {'old': 'off', 'new': 'on'}}})
2015-06-16 11:41:44 +00:00
self.assertDictEqual(selinux.boolean(name, value), ret)
comt = ('Failed to set the boolean '
'samba_create_home_dirs to on')
ret.update({'comment': comt, 'result': False})
ret.update({'changes': {}})
2015-06-16 11:41:44 +00:00
self.assertDictEqual(selinux.boolean(name, value), ret)