grsecurity test: verify that the grsec device node is created

+4 -1
+4 -1
nixos/tests/grsecurity.nix
··· 9 machine = { config, pkgs, ... }: 10 { security.grsecurity.enable = true; 11 boot.kernel.sysctl."kernel.grsecurity.deter_bruteforce" = 0; 12 - security.apparmor.enable = true; 13 }; 14 15 testScript = '' ··· 36 subtest "tcc", sub { 37 $machine->execute("echo -e '#include <stdio.h>\nint main(void) { puts(\"hello\"); return 0; }' >main.c"); 38 $machine->succeed("${pkgs.tinycc.bin}/bin/tcc -run main.c"); 39 }; 40 ''; 41 })
··· 9 machine = { config, pkgs, ... }: 10 { security.grsecurity.enable = true; 11 boot.kernel.sysctl."kernel.grsecurity.deter_bruteforce" = 0; 12 }; 13 14 testScript = '' ··· 35 subtest "tcc", sub { 36 $machine->execute("echo -e '#include <stdio.h>\nint main(void) { puts(\"hello\"); return 0; }' >main.c"); 37 $machine->succeed("${pkgs.tinycc.bin}/bin/tcc -run main.c"); 38 + }; 39 + 40 + subtest "RBAC", sub { 41 + $machine->succeed("[ -c /dev/grsec ]"); 42 }; 43 ''; 44 })