[apparmor] [PATCH 4/2] parser: Test the 'allow' modifier

John Johansen john.johansen at canonical.com
Fri Mar 13 21:39:39 UTC 2015


On 03/13/2015 02:34 PM, Tyler Hicks wrote:
> Signed-off-by: Tyler Hicks <tyhicks at canonical.com>

Acked-by: John Johansen <john.johansen at canonical.com>

> ---
>  parser/tst/equality.sh | 8 ++++++++
>  1 file changed, 8 insertions(+)
> 
> diff --git a/parser/tst/equality.sh b/parser/tst/equality.sh
> index ea7259f..2258758 100755
> --- a/parser/tst/equality.sh
> +++ b/parser/tst/equality.sh
> @@ -270,6 +270,10 @@ for rule in "capability" "capability mac_admin" \
>  	"/f r" "/f w" "/f rwmlk" "/** r" "/**/ w" \
>  	"file /f r" "file /f w" "file /f rwmlk"
>  do
> +	verify_binary_equality "allow modifier for \"${rule}\"" \
> +		"/t { ${rule}, }" \
> +		"/t { allow ${rule}, }"
> +
>  	verify_binary_inequality "audit, deny, and audit deny modifiers for \"${rule}\"" \
>  		"/t { ${rule}, }" \
>  		"/t { audit ${rule}, }" \
> @@ -282,6 +286,10 @@ done
>  for rule in "/f ux" "/f Ux" "/f px" "/f Px" "/f ix" \
>  	"file /f ux" "file /f UX" "file /f px" "file /f Px" "file /f ix"
>  do
> +	verify_binary_equality "allow modifier for \"${rule}\"" \
> +		"/t { ${rule}, }" \
> +		"/t { allow ${rule}, }" \
> +
>  	verify_binary_inequality "deny, audit deny modifier for \"${rule}\"" \
>  		"/t { ${rule}, }" \
>  		"/t { audit ${rule}, }" \
> 




More information about the AppArmor mailing list