regression tests: switch from bashism == to posix str comparison =

the == string comparison is a bashism. switch to posix supported =

Signed-off-by: John Johansen <john.johansen@canonical.com>

tests/regression/apparmor/aa_exec_wrapper.sh

@@ -16,7 +16,7 @@ fi
 out=$($1 -- cat /proc/self/attr/current 2>&1)
 rc=$?
 
-if [ $rc -eq 0 ] && [ "$out" == "$2" ]; then
+if [ $rc -eq 0 ] && [ "$out" = "$2" ]; then
 	echo PASS
 	exit 0
 elif [ $rc -ne 0 ]; then

tests/regression/apparmor/attach_disconnected.sh

@@ -55,7 +55,7 @@ fi
 # MS_PRIVATE temporarily.
 FINDMNT=/bin/findmnt
 if [ -x "${FINDMNT}" ] && ${FINDMNT} -no PROPAGATION / > /dev/null 2>&1 ; then
-	if [ "$(${FINDMNT} -no PROPAGATION /)" == "shared" ] ; then
+	if [ "$(${FINDMNT} -no PROPAGATION /)" = "shared" ] ; then
 	root_was_shared="yes"
 	fi
 elif [ "$(ps hp1  -ocomm)" = "systemd" ] ; then

tests/regression/apparmor/capabilities.sh

@@ -97,7 +97,7 @@ for TEST in ${TESTS} ; do
 
 	# no capabilities allowed
 	genprofile ${my_entries}
-	if [ "${TEST}" == "syscall_ptrace" -a "$(kernel_features ptrace)" == "true" ] ; then
+	if [ "${TEST}" = "syscall_ptrace" -a "$(kernel_features ptrace)" = "true" ] ; then
 	    # ptrace between profiles confining tasks of same pid is controlled by the ptrace rule
 	    # capability + ptrace rule needed between pids
 	    runchecktest "${TEST} -- no caps" pass ${my_arg}
@@ -111,9 +111,9 @@ for TEST in ${TESTS} ; do
 
 	# iterate through each of the capabilities
 	for cap in ${CAPABILITIES} ; do
-		if [ "X$(eval echo \${${TEST}_${cap}})" == "XTRUE" ] ; then
+		if [ "X$(eval echo \${${TEST}_${cap}})" = "XTRUE" ] ; then
 			expected_result=pass
-		elif [ "${TEST}" == "syscall_ptrace" -a "$(kernel_features ptrace)" == "true" ]; then
+		elif [ "${TEST}" = "syscall_ptrace" -a "$(kernel_features ptrace)" = "true" ]; then
 			expected_result=pass
 		else
 			expected_result=fail
@@ -126,7 +126,7 @@ for TEST in ${TESTS} ; do
 	# a subprofile.
 	settest ${testwrapper}
 	genprofile hat:$bin/${TEST} addimage:${bin}/${TEST} ${my_entries}
-	if [ "${TEST}" == "syscall_ptrace" -a "$(kernel_features ptrace)" == "true" ] ; then
+	if [ "${TEST}" = "syscall_ptrace" -a "$(kernel_features ptrace)" = "true" ] ; then
 	    # ptrace between profiles confining tasks of same pid is controlled by the ptrace rule
 	    # capability + ptrace rule needed between pids
 	    runchecktest "${TEST} changehat -- no caps" pass $bin/${TEST} ${my_arg}
@@ -139,9 +139,9 @@ for TEST in ${TESTS} ; do
 	runchecktest "${TEST} changehat -- all caps" pass $bin/${TEST} ${my_arg}
 
 	for cap in ${CAPABILITIES} ; do
-		if [ "X$(eval echo \${${TEST}_${cap}})" == "XTRUE" ] ; then
+		if [ "X$(eval echo \${${TEST}_${cap}})" = "XTRUE" ] ; then
 			expected_result=pass
-		elif [ "${TEST}" == "syscall_ptrace" -a "$(kernel_features ptrace)" == "true" ]; then
+		elif [ "${TEST}" = "syscall_ptrace" -a "$(kernel_features ptrace)" = "true" ]; then
 			expected_result=pass
 		else
 			expected_result=fail

tests/regression/apparmor/changeprofile.sh

@@ -47,7 +47,7 @@ runchecktest "NO CHANGEPROFILE (access parent file)" pass nochange $file
 runchecktest "NO CHANGEPROFILE (access sub file)" fail nochange $subfile
 
 errno=EACCES
-if [ "$(kernel_features domain/stack)" == "true" ]; then
+if [ "$(kernel_features domain/stack)" = "true" ]; then
 	# The returned errno changed in the set of kernel patches that
 	# introduced AppArmor profile stacking
 	errno=ENOENT

tests/regression/apparmor/coredump.sh

@@ -18,7 +18,7 @@ cleancorefile()
 checkcorefile()
 {
 	# global _testdesc _pfmode _known outfile
-	if [ ${1:0:1} == "x" ] ; then
+	if [ ${1:0:1} = "x" ] ; then
 		requirement=${1#x}
 		_known=" (known problem)"
         else

tests/regression/apparmor/e2e.sh

@@ -41,7 +41,7 @@ load_and_verify() {
     local matching=0
     for binary_policy in /sys/kernel/security/apparmor/policy/profiles/$prof*/raw_data; do
         kernel_md5=$(cat $binary_policy | md5sum | awk '{ print $1 }')
-        if [ $kernel_md5 == $cache_md5 ]; then
+        if [ $kernel_md5 = $cache_md5 ]; then
             matching=1
             break
         fi

tests/regression/apparmor/exec_qual.sh

@@ -57,7 +57,7 @@ local_runchecktest()
 
 	checktestbg
 
-	if [ "$teststatus" == "pass" -a -n "$actual_confinement" -a "$actual_confinement" != "$expected_confinement" ]
+	if [ "$teststatus" = "pass" -a -n "$actual_confinement" -a "$actual_confinement" != "$expected_confinement" ]
 	then
 		 echo "Error: ${testname} failed. Test '${_testdesc}' actual confinement '$actual_confinement' differed from expected confinement '$expected_confinement'"
 		testfailed

tests/regression/apparmor/exec_stack.sh

@@ -51,7 +51,7 @@ touch $file $otherfile $sharedfile $thirdfile
 # meaning the below conditional check has the wrong results for those
 # kernels. Since this test is not about testing mmap just always add
 # the mmap perm
-#if [ "$(kernel_features domain/fix_binfmt_elf_mmap)" == "true" ]; then
+#if [ "$(kernel_features domain/fix_binfmt_elf_mmap)" = "true" ]; then
 #    elfmmap="m"
 #else
 #    elfmmap=""

tests/regression/apparmor/named_pipe.sh

@@ -38,7 +38,7 @@ badchild=r
 # Add genprofile params that are common to all hats here
 common=""
 
-if [ "$(kernel_features signal)" == "true" -a "$(parser_supports 'signal,')" == "true" ] ; then
+if [ "$(kernel_features signal)" = "true" -a "$(parser_supports 'signal,')" = "true" ] ; then
 	# Allow send/receive of all signals
 	common="${common} signal:ALL"
 fi

tests/regression/apparmor/nfs.sh

@@ -72,8 +72,8 @@ genprofile $file2:$fileperm
 sync; echo 3 > /proc/sys/vm/drop_caches
 runchecktest "OPEN RW (nfs file create after cache drop) " xpass $file2
 
-if [ "$(kernel_features network)" == "true" -o \
-	   "$(kernel_features network_v8)" == "true" ]; then
+if [ "$(kernel_features network)" = "true" -o \
+	   "$(kernel_features network_v8)" = "true" ]; then
 	# PASS TEST
 	# Allowing network streams and file access should pass regardless
 	genprofile "network:inet stream" $file3:$fileperm

tests/regression/apparmor/onexec.sh

@@ -44,7 +44,7 @@ do_test()
     shift 4
 
     desc="ONEXEC $desc ($prof -> $target_prof)"
-    if [ "$target_prof" == "nochange" ] ; then
+    if [ "$target_prof" = "nochange" ] ; then
         runchecktest "$desc" $res -l "$prof" -- "$@"
     else
         runchecktest "$desc" $res -O "$target_prof" -l "$prof" -L "$target_prof" -- "$@"

tests/regression/apparmor/pivot_root.sh

@@ -55,7 +55,7 @@ fi
 # MS_PRIVATE temporarily.
 FINDMNT=/bin/findmnt
 if [ -x "${FINDMNT}" ] && ${FINDMNT} -no PROPAGATION / > /dev/null 2>&1 ; then
-	if [ "$(${FINDMNT} -no PROPAGATION /)" == "shared" ] ; then
+	if [ "$(${FINDMNT} -no PROPAGATION /)" = "shared" ] ; then
 		root_was_shared="yes"
 	fi
 elif [ "$(ps hp1  -ocomm)" = "systemd" ] ; then

tests/regression/apparmor/posix_mq.sh

@@ -77,7 +77,7 @@ do_tests()
 
 
 for username in "root" "$userid" ; do
-    if [ $username == "root" ] ; then
+    if [ $username = "root" ] ; then
 	usercmd=""
     else
 	usercmd="-u $userid"

tests/regression/apparmor/ptrace.sh

@@ -55,7 +55,7 @@ runchecktest "test 2 -h prog" pass -h -n 100 $helper ${bin_true}
 runchecktest "test 2 -hc prog" pass -h -c -n 100 $helper ${bin_true}
 
 
-if [ "$(kernel_features ptrace)" == "true" -a "$(parser_supports 'ptrace,')" == "true" ] ; then
+if [ "$(kernel_features ptrace)" = "true" -a "$(parser_supports 'ptrace,')" = "true" ] ; then
 	. $bin/ptrace_v6.inc
 else
 	. $bin/ptrace_v5.inc

tests/regression/apparmor/query_label.sh

@@ -93,7 +93,7 @@ querytest()
 	runchecktest "$desc" "$pf" "$expect" "$label" "$perms" $*
 }
 
-if [ "$(kernel_features dbus)" == "true" ]; then
+if [ "$(kernel_features dbus)" = "true" ]; then
     # Check querying of a label that the kernel doesn't know about
     # aa_query_label() should return an error
     expect anything
@@ -227,7 +227,7 @@ fi
 genqueryprofile "file,"
 expect allow
 perms file exec,write,read,append,create,delete,setattr,getattr,chmod,chown,link,linksubset,lock,exec_mmap
-if [ "$(kernel_features query/label/multi_transaction)" == "true" ] ; then
+if [ "$(kernel_features query/label/multi_transaction)" = "true" ] ; then
     querytest "QUERY file (all base perms #1)" pass /anything
     querytest "QUERY file (all base perms #2)" pass /everything
 else

tests/regression/apparmor/socketpair.sh

@@ -37,7 +37,7 @@ af_unix_create_label=""
 af_unix_inherit=""
 aa_enabled="/sys/module/apparmor/parameters/enabled:r"
 
-if [ "$(kernel_features network/af_unix)" == "true" -a "$(parser_supports 'unix,')" == "true" ]; then
+if [ "$(kernel_features network/af_unix)" = "true" -a "$(parser_supports 'unix,')" = "true" ]; then
 	# AppArmor requires that the process inheriting the sock file
 	# descriptors have send,receive perms in its profile
 	af_unix_create="unix:(create,getopt)"

tests/regression/apparmor/swap.sh

@@ -29,7 +29,7 @@ bin=$pwd
 
 # check if we can run the test at all
 fstype=$(stat -f --format '%T' "${tmpdir}")
-if [ "${fstype}" == "tmpfs" ] ; then
+if [ "${fstype}" = "tmpfs" ] ; then
 	echo "ERROR: tmpdir '${tmpdir}' is of type tmpfs; can't mount a swapfile on it" 1>&2
 	echo "ERROR: skipping swap tests" 1>&2
 	num_testfailures=1

tests/regression/apparmor/sysv_mq.sh

@@ -66,7 +66,7 @@ do_tests()
 }
 
 for username in "root" "$userid" ; do
-    if [ $username == "root" ] ; then
+    if [ $username = "root" ] ; then
 	usercmd=""
     else
 	usercmd="-u $userid"

tests/regression/apparmor/unix_fd_server.sh

@@ -139,7 +139,7 @@ runchecktest "fd passing; confined -> confined (no perm)" fail $file $fd_client
 sleep 1
 rm -f ${socket}
 
-if [ "$(kernel_features policy/network/af_unix)" = "true" -a "$(parser_supports 'unix,')" == "true" ] ; then
+if [ "$(kernel_features policy/network/af_unix)" = "true" -a "$(parser_supports 'unix,')" = "true" ] ; then
     # FAIL - confined client, no access to the socket file
 
     genprofile $file:$okperm $af_unix $socket:rw $fd_client:px -- image=$fd_client $file:$okperm $af_unix