[apparmor] [patch] test-logparser.py: add test for disconnected path

Christian Boltz apparmor at cboltz.de
Tue Mar 3 19:04:02 UTC 2015 

Hello,

as a follow-up to the logparser.py change that converts disconnected
path events to an error, this patch adds a testcase to test-logparser.py.

In theory, trunk is enough for added tests, but also adding it to 2.9
can't hurt ,-)


[ test-logparser-disconnected-path.diff ]

=== modified file 'utils/test/test-logparser.py'
--- utils/test/test-logparser.py        2015-01-18 13:55:15 +0000
+++ utils/test/test-logparser.py        2015-03-03 19:01:26 +0000
@@ -66,6 +66,34 @@
         self.assertIsNone(ReadLog.RE_LOG_v2_6_audit.search(event))
         self.assertIsNotNone(ReadLog.RE_LOG_v2_6_syslog.search(event))
 
+    def test_parse_disconnected_path(self):
+        # from https://bugzilla.opensuse.org/show_bug.cgi?id=918787
+        event = 'type=AVC msg=audit(1424425690.883:716630): apparmor="ALLOWED" operation="file_mmap" info="Failed name lookup - disconnected path" error=-13 profile="/sbin/klogd" name="var/run/nscd/passwd" pid=25333 comm="id" requested_mask="r" denied_mask="r" fsuid=1002 ouid=0'
+        parsed_event = self.parser.parse_event(event)
+
+        self.assertEqual(parsed_event, {
+            'aamode': 'ERROR',   # aamode for disconnected paths overridden aamode in parse_event()
+            'active_hat': None,
+            'attr': None,
+            'denied_mask': {'r', '::r'},
+            'error_code': 13,
+            'info': 'Failed name lookup - disconnected path',
+            'magic_token': 0,
+            'name': 'var/run/nscd/passwd',
+            'name2': None,
+            'operation': 'file_mmap',
+            'parent': 0,
+            'pid': 25333,
+            'profile': '/sbin/klogd',
+            'request_mask': {'r', '::r'},
+            'resource': 'Failed name lookup - disconnected path',
+            'task': 0,
+            'time': 1424425690
+        })
+
+        self.assertIsNotNone(ReadLog.RE_LOG_v2_6_audit.search(event))
+        self.assertIsNone(ReadLog.RE_LOG_v2_6_syslog.search(event))
+
 
 if __name__ == "__main__":
     unittest.main(verbosity=2)



Regards,

Christian Boltz
-- 
Und das mit dem TOFU solltest du auch noch üben.
Also eher das _ohne_ TOFU. 
[Matthias Houdek in suse-linux]

More information about the AppArmor mailing list