[apparmor] [PATCH] Add support for variable expansion in profile names, and attachments
John Johansen
john.johansen at canonical.com
Tue Jun 9 03:46:09 UTC 2015
On 06/08/2015 08:03 PM, Steve Beattie wrote:
> I haven't waded entirely into this patch yet, but I just wanted to make
> a comment about something:
>
> On Mon, Jun 08, 2015 at 04:29:03PM -0700, John Johansen wrote:
>> On 06/08/2015 02:23 PM, Christian Boltz wrote:
>>>> --- /dev/null
>>>> +++ b/parser/tst/simple_tests/vars/vars_profile_name_12.sd
>>>> @@ -0,0 +1,9 @@
>>>> +#=DESCRIPTION profiles declared with the profile keyword can begin
>>>> with var +#=EXRESULT PASS
>>>> +
>>>> +@{FOO}=bar baz
>>>> +@{BAR}=baz foo
>>>> +
>>>> +profile /does/not/exist@{BAR} @{FOO} {
>>>> + /does/not/exist r,
>>>> +}
>>>
>>> As discussed on IRC: The attachment will expand to {bar,baz} - and
>>> that's not a valid attachment (not starting with /), so this test should
>>> fail.
>>>
>> Nope, as discussed this needs to be fixed in a different patch. And the
>> simple_tests don't have a way to encode an xfail so that the tests won't
>> fail while that patch is being worked on
>>
>> Basically we go with PASS for now, and when the fix is done it will cause
>> this test to FAIL, and need to be patched at that point.
>>
>> The only other options are fixing the tests to accept an xfail, sorry I
>> am not doing that atm, changing it to disabled, or dropping the test
>> which I would rather not do.
>>
>> dropping the test means it will get lost, setting it to disabled means
>> it will get lost as well as it will be forgotten then the patch finally
>> lands, and not get updated.
>
> Actually, some jerk already implemented xfail for you, in the form of
> marking a test with the additional header comment:
>
> #=TODO
>
> To be fair, as far as forgetting goes, we do have two existing tests
> that are marked TODO; the issues they cover apparently have been
> addressed as they currently succeed.
>
err shouldn't an xfail result in the test set failing if it actually fails?
that way we can fix the test to be fail instead of xfail
> simple.pl (Wstat: 0 Tests: 71412 Failed: 0)
> TODO passed: 71328, 71411
>
> They are:
>
> parser/tst/simple_tests/xtrans/x-conflict.sd
> parser/tst/simple_tests/xtrans/minimize-x-conflict.sd
>
> So we should probably address those as well.
>
>
>
More information about the AppArmor
mailing list