Add tests for selinux

These tests ensure that selinux is set up properly for the basic case as well as for when behind_proxy is set and higher ports are used. Change-Id: I9d359b3fc71c7a83b6094f7ee535ab8418f20468 Depends-On: Ia985dad81a95130ea55bb6479632375ac4ea6d24
2015-09-25 12:00:21 -07:00 · 2015-09-25 12:00:21 -07:00 · ecfe7841f6
parent d62bb692ad
commit ecfe7841f6
2 changed files with 26 additions and 0 deletions
--- a/spec/acceptance/basic_spec.rb
+++ b/spec/acceptance/basic_spec.rb
@ -190,4 +190,19 @@ describe 'puppet-cgit module', :if => ['fedora', 'redhat'].include?(os[:family])
      its(:content) { should include 'Listen 443' }
    end
  end
+
+  describe 'selinux' do
+    describe command("semanage boolean -l | grep '^httpd_enable_cgi'") do
+      its(:stdout) { should match(/^httpd_enable_cgi.*\(on   ,   on\)/) }
+    end
+
+    describe command("semanage port -l | grep '^http_port_t'") do
+      its (:stdout) { should match(/^http_port_t.*\b80,/) }
+      its (:stdout) { should match(/^http_port_t.*\b443,/) }
+    end
+
+    describe command("semanage port -l | grep '^git_port_t'") do
+      its(:stdout) { should match(/^git_port_t.*\b9418,/) }
+    end
+  end
 end
--- a/spec/acceptance/behind_proxy_spec.rb
+++ b/spec/acceptance/behind_proxy_spec.rb
@ -191,4 +191,15 @@ describe 'puppet-cgit module begind proxy', :if => ['fedora', 'redhat'].include?
      its(:content) { should include 'Listen 4443' }
    end
  end
+
+  describe 'selinux' do
+    describe command("semanage port -l | grep '^http_port_t'") do
+      its(:stdout) { should match(/^http_port_t.*\b8080,/) }
+      its(:stdout) { should match(/^http_port_t.*\b4443,/) }
+    end
+
+    describe command("semanage port -l | grep '^git_port_t'") do
+      its(:stdout) { should match(/^git_port_t.*\b29418,/) }
+    end
+  end
 end