[apparmor] [PATCH 1/4] tests: Update deleted.sh for af_unix mediation

Seth Arnold seth.arnold at canonical.com
Thu Sep 11 01:29:41 UTC 2014 

On Thu, Sep 04, 2014 at 05:43:21PM -0500, Tyler Hicks wrote:
> Signed-off-by: Tyler Hicks <tyhicks at canonical.com>

Acked-by: Seth Arnold <seth.arnold at canonical.com>

Thanks

> ---
>  tests/regression/apparmor/deleted.sh | 12 +++++++++---
>  1 file changed, 9 insertions(+), 3 deletions(-)
> 
> diff --git a/tests/regression/apparmor/deleted.sh b/tests/regression/apparmor/deleted.sh
> index a058b39..84a51fc 100755
> --- a/tests/regression/apparmor/deleted.sh
> +++ b/tests/regression/apparmor/deleted.sh
> @@ -63,6 +63,12 @@ socket=${tmpdir}/unix_fd_test
>  fd_client=$PWD/unix_fd_client
>  okperm=rwl
>  badperm=wl
> +af_unix=""
> +
> +if [ "$(have_features network/af_unix)" == "true" ]; then
> +	af_unix="unix:create"
> +fi
> +
>  # Content generated with:
>  # dd if=/dev/urandom bs=32 count=4 2> /dev/null | od -x | head -8 | sed -e 's/^[[:xdigit:]]\{7\}//g' -e 's/ //g'
>  cat > ${file} << EOM
> @@ -81,7 +87,7 @@ rm -f ${socket}
>  
>  # PASS - unconfined client
>  
> -genprofile $file:$okperm $socket:rw $fd_client:ux
> +genprofile $af_unix $file:$okperm $socket:rw $fd_client:ux
>  
>  runchecktest "fd passing; unconfined client" pass $file $socket $fd_client "delete_file"
>  
> @@ -99,7 +105,7 @@ EOM
>  rm -f ${socket}
>  
>  # PASS - confined client, rw access to the file
> -genprofile $file:$okperm $socket:rw $fd_client:px -- image=$fd_client $file:$okperm $socket:rw
> +genprofile $af_unix $file:$okperm $socket:rw $fd_client:px -- image=$fd_client $af_unix $file:$okperm $socket:rw
>  runchecktest "fd passing; confined client w/ rw" pass $file $socket $fd_client "delete_file"
>  
>  sleep 1
> @@ -116,7 +122,7 @@ EOM
>  rm -f ${socket}
>  # FAIL - confined client, w access to the file
>  
> -genprofile $file:$okperm $socket:rw $fd_client:px -- image=$fd_client $file:$badperm $socket:rw
> +genprofile $af_unix $file:$okperm $socket:rw $fd_client:px -- image=$fd_client $af_unix $file:$badperm $socket:rw
>  runchecktest "fd passing; confined client w/ w only" fail $file $socket $fd_client "delete_file"
>  
>  sleep 1
> -- 
> 2.1.0
> 
> 
> -- 
> AppArmor mailing list
> AppArmor at lists.ubuntu.com
> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
> 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20140910/147bf728/attachment-0001.pgp>

More information about the AppArmor mailing list