commit 8c8d6b4053f76e692b8a3c010d0d56f2a6974cd0

pyrox.dev / nixpkgs

lol

fork atom

grsecurity test: verify that the grsec device node is created

Joachim Fasting 9 years ago 8c8d6b40 96542a1b

+4 -1

1 changed file

expand all

unified split

nixos

tests

grsecurity.nix

+4 -1

nixos/tests/grsecurity.nix

··· 9 machine = { config, pkgs, ... }: 10 { security.grsecurity.enable = true; 11 boot.kernel.sysctl."kernel.grsecurity.deter_bruteforce" = 0; 12 - security.apparmor.enable = true; 13 }; 14 15 testScript = '' ··· 36 subtest "tcc", sub { 37 $machine->execute("echo -e '#include <stdio.h>\nint main(void) { puts(\"hello\"); return 0; }' >main.c"); 38 $machine->succeed("${pkgs.tinycc.bin}/bin/tcc -run main.c"); 39 }; 40 ''; 41 })

··· 9 machine = { config, pkgs, ... }: 10 { security.grsecurity.enable = true; 11 boot.kernel.sysctl."kernel.grsecurity.deter_bruteforce" = 0; 12 }; 13 14 testScript = '' ··· 35 subtest "tcc", sub { 36 $machine->execute("echo -e '#include <stdio.h>\nint main(void) { puts(\"hello\"); return 0; }' >main.c"); 37 $machine->succeed("${pkgs.tinycc.bin}/bin/tcc -run main.c"); 38 + }; 39 + 40 + subtest "RBAC", sub { 41 + $machine->succeed("[ -c /dev/grsec ]"); 42 }; 43 ''; 44 })