1f08c3bdfSopenharmony_ciAlways look here for latest version of these tests: 2f08c3bdfSopenharmony_cihttp://sourceforge.jp/projects/tomoyo/svn/view/trunk/2.3.x/tomoyo-tools/kernel_test/?root=tomoyo 3f08c3bdfSopenharmony_ci 4f08c3bdfSopenharmony_ciThese testcases test the TOMOYO Security Module. And they are not part of 5f08c3bdfSopenharmony_cidefault LTP build/install/run. 6f08c3bdfSopenharmony_ci 7f08c3bdfSopenharmony_ciA kernel with TOMOYO configured is required to run the TOMOYO testsuite. 8f08c3bdfSopenharmony_ciThe securityfs filesystem must be mounted at /sys/kernel/security . 9f08c3bdfSopenharmony_ci 10f08c3bdfSopenharmony_ciPreparation steps are: 11f08c3bdfSopenharmony_ci 12f08c3bdfSopenharmony_ci1) Download tomoyo-tools package and extract and build and install. 13f08c3bdfSopenharmony_ci 14f08c3bdfSopenharmony_ci # wget -O tomoyo-tools.tar.gz 'http://sourceforge.jp/projects/tomoyo/svn/view/trunk/2.3.x/tomoyo-tools.tar.gz?root=tomoyo&view=tar' 15f08c3bdfSopenharmony_ci # tar -zxf tomoyo-tools.tar.gz 16f08c3bdfSopenharmony_ci # make -C tomoyo-tools/ install 17f08c3bdfSopenharmony_ci 18f08c3bdfSopenharmony_ci Programs are installed in /usr/sbin/ with prefix "tomoyo-" and 19f08c3bdfSopenharmony_ci /usr/lib/tomoyo/ directory without prefix "tomoyo-". 20f08c3bdfSopenharmony_ci 21f08c3bdfSopenharmony_ci You can make a RPM package by "rpmbuild -bb tomoyo-tools/tomoyo-tools.spec" and 22f08c3bdfSopenharmony_ci a DEB package by "alien -k" after "rpmbuild -bb". 23f08c3bdfSopenharmony_ci 24f08c3bdfSopenharmony_ci2) Run /usr/lib/tomoyo/init_policy . 25f08c3bdfSopenharmony_ci 26f08c3bdfSopenharmony_ci This will take several minutes. 27f08c3bdfSopenharmony_ci 28f08c3bdfSopenharmony_ci Hiding kernel source directory by "mount -t tmpfs none /usr/src/linux/" 29f08c3bdfSopenharmony_ci would save some time. 30f08c3bdfSopenharmony_ci 31f08c3bdfSopenharmony_ci Configuration files are saved in /etc/tomoyo/ directory. 32f08c3bdfSopenharmony_ci You can do "rm -fR /etc/tomoyo/" if you want to uninstall. 33f08c3bdfSopenharmony_ci 34f08c3bdfSopenharmony_ci3) Reboot the system with TOMOYO enabled kernel. 35f08c3bdfSopenharmony_ci 36f08c3bdfSopenharmony_ci To make sure TOMOYO is selected, you can add security=tomoyo to kernel's 37f08c3bdfSopenharmony_ci command line. 38f08c3bdfSopenharmony_ci 39f08c3bdfSopenharmony_ci4) Build the tests. 40f08c3bdfSopenharmony_ci 41f08c3bdfSopenharmony_ci # (extract the tar ball containing the tests.) 42f08c3bdfSopenharmony_ci # make autotools 43f08c3bdfSopenharmony_ci # ./configure 44f08c3bdfSopenharmony_ci # cd testcases/kernel/security/tomoyo/ 45f08c3bdfSopenharmony_ci # make 46f08c3bdfSopenharmony_ci # find `/bin/pwd` -type f -perm +100 >> /etc/tomoyo/manager.conf 47f08c3bdfSopenharmony_ci # /usr/sbin/tomoyo-loadpolicy m 48f08c3bdfSopenharmony_ci 49f08c3bdfSopenharmony_ciTest steps are: 50f08c3bdfSopenharmony_ci 51f08c3bdfSopenharmony_ci1) Run the tests from the directory you ran "make". 52f08c3bdfSopenharmony_ci 53f08c3bdfSopenharmony_ci # ./testall.sh 54f08c3bdfSopenharmony_ci 55f08c3bdfSopenharmony_ci Please don't run the tests inside /tmp/ directory, for /tmp/ directory is 56f08c3bdfSopenharmony_ci hidden by "newns" (a wrapper program to run the test in a new namespace). 57f08c3bdfSopenharmony_ci 58f08c3bdfSopenharmony_ci You can use "| grep -vF OK" to pick up only failed tests as testall.sh does. 59