[apparmor] [PATCH] Check expect profiles are present after load/replace
Kees Cook
kees.cook at canonical.com
Tue Aug 10 05:31:10 BST 2010
On Sun, Aug 08, 2010 at 03:47:32AM -0700, John Johansen wrote:
> This admittedly hackish bit of bash ensures that the profiles that the
> test suite just loaded are in fact listed as being present in the kernel.
> I don't think this is ready to commit yet as I think it can be improved,
> and am looking for feedback or alternate patches to clean it up.
This looks fine for the regression test hardness, IMO.
> + #check to see if the profiles are actually loaded
> + for f in `cat $profilenames` ; do
> + grep -q "^${f} \(.*\)$" ${sys_profiles}
Maybe improve the grep to:
grep -Eq ^"$f"' \([^)]+\)$' ${sys_profiles}
-Kees
--
Kees Cook
Ubuntu Security Team
More information about the AppArmor
mailing list