public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

grsecurity test: verify that the grsec device node is created

Browse Source
This commit is contained in:
Joachim Fasting 2016-07-17 21:38:11 +02:00
parent 96542a1b00
commit 8c8d6b4053
No known key found for this signature in database
GPG Key ID: 7544761007FE4E08
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
nixos/tests/grsecurity.nix
View File

@ -9,7 +9,6 @@ import ./make-test.nix ({ pkgs, ...} : {
machine = { config, pkgs, ... }: machine = { config, pkgs, ... }:
{ security.grsecurity.enable = true; { security.grsecurity.enable = true;
boot.kernel.sysctl."kernel.grsecurity.deter_bruteforce" = 0; boot.kernel.sysctl."kernel.grsecurity.deter_bruteforce" = 0;
security.apparmor.enable = true;
}; };
testScript = '' testScript = ''
@ -37,5 +36,9 @@ import ./make-test.nix ({ pkgs, ...} : {
$machine->execute("echo -e '#include <stdio.h>\nint main(void) { puts(\"hello\"); return 0; }' >main.c"); $machine->execute("echo -e '#include <stdio.h>\nint main(void) { puts(\"hello\"); return 0; }' >main.c");
$machine->succeed("${pkgs.tinycc.bin}/bin/tcc -run main.c"); $machine->succeed("${pkgs.tinycc.bin}/bin/tcc -run main.c");
}; };
subtest "RBAC", sub {
$machine->succeed("[ -c /dev/grsec ]");
};
''; '';
}) })