test: Grant permissions

Test permission granting using the internal ACL.

Signed-off-by: David Howells <dhowells@redhat.com>
diff --git a/tests/keyctl/grant/bad-args/runtest.sh b/tests/keyctl/grant/bad-args/runtest.sh
index 6e8e1a2..1b61097 100644
--- a/tests/keyctl/grant/bad-args/runtest.sh
+++ b/tests/keyctl/grant/bad-args/runtest.sh
@@ -22,8 +22,7 @@
 
 # create a non-keyring
 marker "CREATE KEY"
-create_key user lizard gizzard @s
-expect_keyid keyid
+create_key --new=keyid user lizard gizzard @s
 
 # check that unsupported permissions aren't permitted
 marker "CHECK PERMS"
diff --git a/tests/keyctl/grant/valid/runtest.sh b/tests/keyctl/grant/valid/runtest.sh
index ddd7e2a..8d0c515 100644
--- a/tests/keyctl/grant/valid/runtest.sh
+++ b/tests/keyctl/grant/valid/runtest.sh
@@ -17,14 +17,12 @@
 
 # create a keyring and attach it to the session keyring
 marker "ADD KEYRING"
-create_keyring wibble @s
-expect_keyid keyringid
+create_keyring --new=keyringid wibble @s
 
 # Create a key and remove most permissions from the key; just leave setsec for
 # the owner.
 marker "ADD KEY"
-create_key user lizard gizzard $keyringid
-expect_keyid keyid
+create_key --new=keyid user lizard gizzard $keyringid
 marker "REMOVE PERMITS"
 grant_key_permit $keyid own S
 grant_key_permit $keyid pos 0
@@ -112,8 +110,7 @@
 # Create a key and remove most permissions from the key; just leave setsec for
 # the owner.
 marker "ADD KEY 2"
-create_key user lizard gizzard $keyringid
-expect_keyid keyid
+create_key --new=keyid user lizard gizzard $keyringid
 marker "REMOVE PERMITS 2"
 grant_key_permit $keyid own S
 grant_key_permit $keyid pos 0
@@ -134,8 +131,7 @@
 # Create a key and remove most permissions from the key; just leave setsec and
 # view for the owner.
 marker "ADD KEY 3"
-create_key user lizard gizzard $keyringid
-expect_keyid keyid
+create_key --new=keyid user lizard gizzard $keyringid
 marker "REMOVE PERMITS 3"
 grant_key_permit $keyid own Sv
 grant_key_permit $keyid pos 0
diff --git a/tests/keyctl/grant/valid2/runtest.sh b/tests/keyctl/grant/valid2/runtest.sh
index 51091be..1fc6bfa 100644
--- a/tests/keyctl/grant/valid2/runtest.sh
+++ b/tests/keyctl/grant/valid2/runtest.sh
@@ -17,14 +17,12 @@
 
 # create a keyring and attach it to the session keyring
 marker "ADD KEYRING"
-create_keyring wibble @s
-expect_keyid keyringid
+create_keyring --new=keyringid wibble @s
 
 # Create a keyring and remove most permissions from it; leaving just
 # setsec for the owner.
 marker "ADD KEYRING"
-create_keyring lizard $keyringid
-expect_keyid keyid
+create_keyring --new=keyid lizard $keyringid
 marker "REMOVE PERMITS"
 grant_key_permit $keyid own S
 grant_key_permit $keyid pos 0
@@ -56,8 +54,7 @@
 create_key --fail user lizard gizzard $keyid
 expect_error EACCES
 grant_key_permit $keyid all w
-create_key user lizard gizzard $keyid
-expect_keyid keyid2
+create_key --new=keyid2 user lizard gizzard $keyid
 grant_key_permit $keyid all 0
 unlink_key --fail $keyid $keyid2
 expect_error EACCES
@@ -69,7 +66,7 @@
 search_for_key --fail $keyid user lizard
 expect_error EACCES
 grant_key_permit $keyid pos s
-search_for_key $keyid user lizard
+search_for_key --expect=$keyid2 $keyid user lizard
 grant_key_permit $keyid pos 0
 search_for_key --fail $keyid user lizard
 expect_error EACCES
@@ -78,7 +75,7 @@
 search_for_key --fail @s user lizard
 expect_error ENOKEY
 grant_key_permit $keyid pos s
-search_for_key @s user lizard
+search_for_key --expect=$keyid2 @s user lizard
 grant_key_permit $keyid pos 0
 search_for_key --fail @s user lizard
 expect_error ENOKEY
@@ -132,8 +129,7 @@
 # Create a keyring and remove most permissions from it; leaving just
 # setsec for the owner.
 marker "ADD KEYRING 2"
-create_keyring lizard $keyringid
-expect_keyid keyid
+create_keyring --new=keyid lizard $keyringid
 marker "REMOVE PERMITS 2"
 grant_key_permit $keyid own S
 grant_key_permit $keyid pos 0
@@ -154,8 +150,7 @@
 # Create a keyring and remove most permissions from it; leaving just
 # setsec for the owner.
 marker "ADD KEYRING 3"
-create_keyring lizard $keyringid
-expect_keyid keyid
+create_keyring --new=keyid lizard $keyringid
 marker "REMOVE PERMITS 3"
 grant_key_permit $keyid all Sv
 grant_key_permit $keyid own 0
diff --git a/tests/keyctl/grant/valid3/runtest.sh b/tests/keyctl/grant/valid3/runtest.sh
index e2003f2..3457e6b 100644
--- a/tests/keyctl/grant/valid3/runtest.sh
+++ b/tests/keyctl/grant/valid3/runtest.sh
@@ -17,14 +17,12 @@
 
 # create a keyring and attach it to the session keyring
 marker "ADD KEYRING"
-create_keyring wibble @s
-expect_keyid keyringid
+create_keyring --new=keyringid wibble @s
 
 # Create a keyring and remove most permissions from it; leaving just
 # setsec for everyone.
 marker "ADD KEYRING"
-create_keyring lizard $keyringid
-expect_keyid keyid
+create_keyring --new=keyid lizard $keyringid
 marker "REMOVE PERMITS"
 grant_key_permit $keyid all S
 grant_key_permit $keyid own 0
@@ -56,8 +54,7 @@
 create_key --fail user lizard gizzard $keyid
 expect_error EACCES
 grant_key_permit $keyid own w
-create_key user lizard gizzard $keyid
-expect_keyid keyid2
+create_key --new=keyid2 user lizard gizzard $keyid
 grant_key_permit $keyid own 0
 unlink_key --fail $keyid $keyid2
 expect_error EACCES
@@ -69,7 +66,7 @@
 search_for_key --fail $keyid user lizard
 expect_error EACCES
 grant_key_permit $keyid pos s
-search_for_key $keyid user lizard
+search_for_key --expect=$keyid2 $keyid user lizard
 grant_key_permit $keyid pos 0
 search_for_key --fail $keyid user lizard
 expect_error EACCES
@@ -78,7 +75,7 @@
 search_for_key --fail @s user lizard
 expect_error ENOKEY
 grant_key_permit $keyid pos s
-search_for_key @s user lizard
+search_for_key --expect=$keyid2 @s user lizard
 grant_key_permit $keyid pos 0
 search_for_key --fail @s user lizard
 expect_error ENOKEY
@@ -132,8 +129,7 @@
 # Create a keyring and remove most permissions from it; leaving just
 # setsec for the owner.
 marker "ADD KEYRING 2"
-create_keyring lizard $keyringid
-expect_keyid keyid
+create_keyring --new=keyid lizard $keyringid
 marker "REMOVE PERMITS 2"
 grant_key_permit $keyid all S
 grant_key_permit $keyid own 0
@@ -154,8 +150,7 @@
 # Create a keyring and remove most permissions from it; leaving just
 # setsec for the owner.
 marker "ADD KEYRING 3"
-create_keyring lizard $keyringid
-expect_keyid keyid
+create_keyring --new=keyid lizard $keyringid
 marker "REMOVE PERMITS 3"
 grant_key_permit $keyid own Sv
 grant_key_permit $keyid pos 0
diff --git a/tests/keyctl/grant/valid4/runtest.sh b/tests/keyctl/grant/valid4/runtest.sh
index aabcc3b..8605098 100644
--- a/tests/keyctl/grant/valid4/runtest.sh
+++ b/tests/keyctl/grant/valid4/runtest.sh
@@ -17,14 +17,12 @@
 
 # create a keyring and attach it to the session keyring
 marker "ADD KEYRING"
-create_keyring wibble @s
-expect_keyid keyringid
+create_keyring --new=keyringid wibble @s
 
 # Create a keyring and remove most permissions from it; leaving just
 # setsec for the owner.
 marker "ADD KEYRING"
-create_keyring lizard $keyringid
-expect_keyid keyid
+create_keyring --new=keyid lizard $keyringid
 marker "REMOVE PERMITS"
 grant_key_permit $keyid own S
 grant_key_permit $keyid pos 0
@@ -56,8 +54,7 @@
 create_key --fail user lizard gizzard $keyid
 expect_error EACCES
 grant_key_permit $keyid grp w
-create_key user lizard gizzard $keyid
-expect_keyid keyid2
+create_key --new=keyid2 user lizard gizzard $keyid
 grant_key_permit $keyid grp 0
 unlink_key --fail $keyid $keyid2
 expect_error EACCES
@@ -69,7 +66,7 @@
 search_for_key --fail $keyid user lizard
 expect_error EACCES
 grant_key_permit $keyid pos s
-search_for_key $keyid user lizard
+search_for_key --expect=$keyid2 $keyid user lizard
 grant_key_permit $keyid pos 0
 search_for_key --fail $keyid user lizard
 expect_error EACCES
@@ -78,7 +75,7 @@
 search_for_key --fail @s user lizard
 expect_error ENOKEY
 grant_key_permit $keyid pos s
-search_for_key @s user lizard
+search_for_key --expect=$keyid2 @s user lizard
 grant_key_permit $keyid pos 0
 search_for_key --fail @s user lizard
 expect_error ENOKEY
@@ -132,8 +129,7 @@
 # Create a keyring and remove most permissions from it; leaving just
 # setsec for the owner.
 marker "ADD KEYRING 2"
-create_keyring lizard $keyringid
-expect_keyid keyid
+create_keyring --new=keyid lizard $keyringid
 marker "REMOVE PERMITS 2"
 grant_key_permit $keyid own S
 grant_key_permit $keyid pos 0
@@ -154,8 +150,7 @@
 # Create a keyring and remove most permissions from it; leaving just
 # setsec for the owner.
 marker "ADD KEYRING 3"
-create_keyring lizard $keyringid
-expect_keyid keyid
+create_keyring --new=keyid lizard $keyringid
 marker "REMOVE PERMITS 3"
 grant_key_permit $keyid grp Sv
 grant_key_permit $keyid own 0
diff --git a/tests/keyctl/grant/valid5/runtest.sh b/tests/keyctl/grant/valid5/runtest.sh
index 1d2b6b4..4c0329e 100644
--- a/tests/keyctl/grant/valid5/runtest.sh
+++ b/tests/keyctl/grant/valid5/runtest.sh
@@ -17,14 +17,12 @@
 
 # create a keyring and attach it to the session keyring
 marker "ADD KEYRING"
-create_keyring wibble @s
-expect_keyid keyringid
+create_keyring --new=keyringid wibble @s
 
 # Create a keyring and remove most permissions from it; leaving just
 # setsec for the owner.
 marker "ADD KEYRING"
-create_keyring lizard $keyringid
-expect_keyid keyid
+create_keyring --new=keyid lizard $keyringid
 marker "REMOVE PERMITS"
 grant_key_permit $keyid own S
 grant_key_permit $keyid pos 0
@@ -62,8 +60,7 @@
 create_key --fail user lizard gizzard $keyid
 expect_error EACCES
 grant_key_permit $keyid pos ws
-create_key user lizard gizzard $keyid
-expect_keyid keyid2
+create_key --new=keyid2 user lizard gizzard $keyid
 grant_key_permit $keyid pos 0
 unlink_key --fail $keyid $keyid2
 expect_error EACCES
@@ -75,7 +72,7 @@
 search_for_key --fail $keyid user lizard
 expect_error EACCES
 grant_key_permit $keyid pos s
-search_for_key $keyid user lizard
+search_for_key --expect=$keyid2 $keyid user lizard
 grant_key_permit $keyid pos 0
 search_for_key --fail $keyid user lizard
 expect_error EACCES
@@ -84,7 +81,7 @@
 search_for_key --fail @s user lizard
 expect_error ENOKEY
 grant_key_permit $keyid pos s
-search_for_key @s user lizard
+search_for_key --expect=$keyid2 @s user lizard
 grant_key_permit $keyid pos 0
 search_for_key --fail @s user lizard
 expect_error ENOKEY
@@ -149,8 +146,7 @@
 # Create a keyring and remove most permissions from it; leaving just
 # setsec for the owner.
 marker "ADD KEYRING 2"
-create_keyring lizard $keyringid
-expect_keyid keyid
+create_keyring --new=keyid lizard $keyringid
 marker "REMOVE PERMITS 2"
 grant_key_permit $keyid own S
 grant_key_permit $keyid pos 0
@@ -174,8 +170,7 @@
 # Create a keyring and remove most permissions from it; leaving just
 # setsec for the owner.
 marker "ADD KEYRING 3"
-create_keyring lizard $keyringid
-expect_keyid keyid
+create_keyring --new=keyid lizard $keyringid
 marker "REMOVE PERMITS 3"
 grant_key_permit $keyid pos Ssv
 grant_key_permit $keyid own 0
diff --git a/tests/toolbox.inc.sh b/tests/toolbox.inc.sh
index 4af465f..c3c9f88 100644
--- a/tests/toolbox.inc.sh
+++ b/tests/toolbox.inc.sh
@@ -1422,8 +1422,14 @@
 
     echo keyctl grant "$@" >>$OUTPUTFILE
     keyctl grant "$@" >>$OUTPUTFILE 2>&1
-    if [ $? != $my_exitval ]
+    e=$?
+    if [ $e = $my_exitval ]
     then
+	if [ $e = 0 ]
+	then
+	    check_notify setattr $1
+	fi
+    else
 	failed
     fi
 }