[apparmor] [PATCH v2 09/11] tests: Test the getattr permission in unix_socket_client
Tyler Hicks
tyhicks at canonical.com
Mon Sep 15 19:56:02 UTC 2014
The client will now do a getsockname() on its socket in order to test
the AppArmor 'getattr' unix rule permission.
Signed-off-by: Tyler Hicks <tyhicks at canonical.com>
---
tests/regression/apparmor/unix_socket_client.c | 19 +++++++++++++++++++
tests/regression/apparmor/unix_socket_pathname.sh | 3 ++-
2 files changed, 21 insertions(+), 1 deletion(-)
diff --git a/tests/regression/apparmor/unix_socket_client.c b/tests/regression/apparmor/unix_socket_client.c
index c43f650..015c41d 100644
--- a/tests/regression/apparmor/unix_socket_client.c
+++ b/tests/regression/apparmor/unix_socket_client.c
@@ -139,6 +139,21 @@ static int get_set_sock_io_timeo(int sock)
return 0;
}
+static int test_getattr(int sock)
+{
+ struct sockaddr_un addr;
+ socklen_t addr_len = sizeof(addr);
+ int rc;
+
+ rc = getsockname(sock, (struct sockaddr *)&addr, &addr_len);
+ if (rc == -1) {
+ perror("FAIL - getsockname");
+ return 1;
+ }
+
+ return 0;
+}
+
int main(int argc, char *argv[])
{
struct sockaddr_un peer_addr, *pa;
@@ -197,6 +212,10 @@ int main(int argc, char *argv[])
if (rc)
exit(1);
+ rc = test_getattr(sock);
+ if (rc)
+ exit(1);
+
pa = &peer_addr;
pa_len = sun_path_len + sizeof(peer_addr.sun_family);
diff --git a/tests/regression/apparmor/unix_socket_pathname.sh b/tests/regression/apparmor/unix_socket_pathname.sh
index d089d09..c3bc160 100755
--- a/tests/regression/apparmor/unix_socket_pathname.sh
+++ b/tests/regression/apparmor/unix_socket_pathname.sh
@@ -49,9 +49,10 @@ fi
# af_unix support requires 'unix create' to call socket()
# af_unix support requires 'unix getopt' to call getsockopt()
# af_unix support requires 'unix setopt' to call setsockopt()
+# af_unix support requires 'unix getattr' to call getsockname()
af_unix=
if [ "$(have_features network/af_unix)" == "true" ] ; then
- af_unix="unix:(create,getopt,setopt)"
+ af_unix="unix:(create,getopt,setopt,getattr)"
fi
okclient=rw
--
2.1.0
More information about the AppArmor
mailing list