[apparmor] [patch 14/18] parser: add additional language tests to get wider test coverage
John Johansen
john.johansen at canonical.com
Fri Jan 24 10:29:35 UTC 2014
On 01/17/2014 11:16 PM, Steve Beattie wrote:
>
> Ah, so it is. Here's a patch that adds it, as well as some additional
> test cases around the combinations of audit, allow, deny and other:
>
> Signed-off-by: Steve Beattie <steve at nxnw.org>
Acked-by: John Johansen <john.johansen at canonical.com>
> ---
> parser/tst/simple_tests/file/allow/ok_other_1.sd | 7 +++++++
> parser/tst/simple_tests/file/allow/ok_other_2.sd | 7 +++++++
> parser/tst/simple_tests/file/ok_other_2.sd | 7 +++++++
> parser/tst/simple_tests/file/ok_other_3.sd | 7 +++++++
> utils/vim/create-apparmor.vim.py | 8 ++++----
> 5 files changed, 32 insertions(+), 4 deletions(-)
>
> Index: b/utils/vim/create-apparmor.vim.py
> ===================================================================
> --- a/utils/vim/create-apparmor.vim.py
> +++ b/utils/vim/create-apparmor.vim.py
> @@ -88,11 +88,11 @@ filename=r'(\/|\@\{\S*\})\S*'
>
> aa_regex_map = {
> 'FILENAME': filename,
> - 'FILE': r'\v^\s*(audit\s+)?(deny\s+|allow\s+)?(owner\s+)?' + filename + r'\s+', # Start of a file rule
> + 'FILE': r'\v^\s*(audit\s+)?(deny\s+|allow\s+)?(owner\s+|other\s+)?' + filename + r'\s+', # Start of a file rule
> # (whitespace_+_, owner etc. flag_?_, filename pattern, whitespace_+_)
> - 'DENYFILE': r'\v^\s*(audit\s+)?deny\s+(owner\s+)?' + filename + r'\s+', # deny, otherwise like FILE
> - 'auditdenyowner': r'(audit\s+)?(deny\s+|allow\s+)?(owner\s+)?',
> - 'audit_DENY_owner': r'(audit\s+)?deny\s+(owner\s+)?', # must include "deny", otherwise like auditdenyowner
> + 'DENYFILE': r'\v^\s*(audit\s+)?deny\s+(owner\s+|other\s+)?' + filename + r'\s+', # deny, otherwise like FILE
> + 'auditdenyowner': r'(audit\s+)?(deny\s+|allow\s+)?(owner\s+|other\s+)?',
> + 'audit_DENY_owner': r'(audit\s+)?deny\s+(owner\s+|other\s+)?', # must include "deny", otherwise like auditdenyowner
> 'auditdeny': r'(audit\s+)?(deny\s+|allow\s+)?',
> 'EOL': r'\s*,(\s*$|(\s*#.*$)\@=)', # End of a line (whitespace_?_, comma, whitespace_?_ comment.*)
> 'TRANSITION': r'(\s+-\>\s+\S+)?',
> Index: b/parser/tst/simple_tests/file/ok_other_2.sd
> ===================================================================
> --- /dev/null
> +++ b/parser/tst/simple_tests/file/ok_other_2.sd
> @@ -0,0 +1,7 @@
> +#
> +#=DESCRIPTION simple deny other flag test
> +#=EXRESULT PASS
> +
> +profile test {
> + deny other /tmp/** rw,
> +}
> Index: b/parser/tst/simple_tests/file/ok_other_3.sd
> ===================================================================
> --- /dev/null
> +++ b/parser/tst/simple_tests/file/ok_other_3.sd
> @@ -0,0 +1,7 @@
> +#
> +#=DESCRIPTION simple other flag test
> +#=EXRESULT PASS
> +
> +profile test {
> + audit other /tmp/** rw,
> +}
> Index: b/parser/tst/simple_tests/file/allow/ok_other_1.sd
> ===================================================================
> --- /dev/null
> +++ b/parser/tst/simple_tests/file/allow/ok_other_1.sd
> @@ -0,0 +1,7 @@
> +#
> +#=DESCRIPTION simple allow other flag test
> +#=EXRESULT PASS
> +
> +profile test {
> + allow other /tmp/** rw,
> +}
> Index: b/parser/tst/simple_tests/file/allow/ok_other_2.sd
> ===================================================================
> --- /dev/null
> +++ b/parser/tst/simple_tests/file/allow/ok_other_2.sd
> @@ -0,0 +1,7 @@
> +#
> +#=DESCRIPTION simple audit allow other flag test
> +#=EXRESULT PASS
> +
> +profile test {
> + audit allow other /tmp/** rw,
> +}
>
>> That all said - I remember that we discussed an automated way to test
>> apparmor.vim (basically by letting vim write the colored file as HTML) -
>> but that was loooong ago and I don't remember the details.
>>
>> Can someone give a pointer or, better, provide a patch for the tests/
>> Makefile? ;-)
>
> I don't have time to draw up a patch, but the 2html.vim
> syntax plugin looks like it's the right thing to use, based on
> http://vim.wikia.com/wiki/Pasting_code_with_syntax_coloring_in_emails ,
> if anyone else wants to take this on.
>
>
>
More information about the AppArmor
mailing list