[apparmor] [PATCH 4/5] parser: Update equality tests for the new eavesdrop permission

[Tyler Hicks]

Rules using implied permissions may pick up the eavesdropping
permission, depending on the conditionals present in the rule.

Signed-off-by: Tyler Hicks <tyhicks at canonical.com>
---
 parser/tst/equality.sh | 28 ++++++++++++++++++----------
 1 file changed, 18 insertions(+), 10 deletions(-)

diff --git a/parser/tst/equality.sh b/parser/tst/equality.sh
index e329a87..418043a 100755
--- a/parser/tst/equality.sh
+++ b/parser/tst/equality.sh
@@ -104,13 +104,21 @@ verify_binary_equality "dbus send + receive" \
 	"/t { dbus rw, }" \
 
 verify_binary_equality "dbus all accesses" \
-	"/t { dbus (send, receive, bind), }" \
-	"/t { dbus (read, write, bind), }" \
-	"/t { dbus (r, w, bind), }" \
-	"/t { dbus (rw, bind), }" \
+	"/t { dbus (send, receive, bind, eavesdrop), }" \
+	"/t { dbus (read, write, bind, eavesdrop), }" \
+	"/t { dbus (r, w, bind, eavesdrop), }" \
+	"/t { dbus (rw, bind, eavesdrop), }" \
 	"/t { dbus (), }" \
 	"/t { dbus, }" \
 
+verify_binary_equality "dbus implied accesses with a bus conditional" \
+	"/t { dbus (send, receive, bind, eavesdrop) bus=session, }" \
+	"/t { dbus (read, write, bind, eavesdrop) bus=session, }" \
+	"/t { dbus (r, w, bind, eavesdrop) bus=session, }" \
+	"/t { dbus (rw, bind, eavesdrop) bus=session, }" \
+	"/t { dbus () bus=session, }" \
+	"/t { dbus bus=session, }" \
+
 verify_binary_equality "dbus implied accesses for services" \
 	"/t { dbus bind name=com.foo, }" \
 	"/t { dbus name=com.foo, }"
@@ -141,12 +149,12 @@ verify_binary_equality "dbus element parsing" \
 verify_binary_equality "dbus access parsing" \
 	"/t { dbus, }" \
 	"/t { dbus (), }" \
-	"/t { dbus (send, receive, bind), }" \
-	"/t { dbus (send receive bind), }" \
-	"/t { dbus (send,	receive                  bind), }" \
-	"/t { dbus (send,receive,bind), }" \
-	"/t { dbus (send,receive,,,,,,,,,,,,,,,,bind), }" \
-	"/t { dbus (send,send,send,send send receive,bind), }" \
+	"/t { dbus (send, receive, bind, eavesdrop), }" \
+	"/t { dbus (send receive bind eavesdrop), }" \
+	"/t { dbus (send,	receive                  bind,  eavesdrop), }" \
+	"/t { dbus (send,receive,bind,eavesdrop), }" \
+	"/t { dbus (send,receive,,,,,,,,,,,,,,,,bind,eavesdrop), }" \
+	"/t { dbus (send,send,send,send send receive,bind	eavesdrop), }" \
 
 verify_binary_equality "dbus variable expansion" \
 	"/t { dbus (send, receive) path=/com/foo member=spork interface=org.foo peer=(name=com.foo label=/com/foo), }" \
-- 
1.8.3.2