[apparmor] [PATCH 4/2] parser: Test the 'allow' modifier
John Johansen
john.johansen at canonical.com
Fri Mar 13 21:39:39 UTC 2015
On 03/13/2015 02:34 PM, Tyler Hicks wrote:
> Signed-off-by: Tyler Hicks <tyhicks at canonical.com>
Acked-by: John Johansen <john.johansen at canonical.com>
> ---
> parser/tst/equality.sh | 8 ++++++++
> 1 file changed, 8 insertions(+)
>
> diff --git a/parser/tst/equality.sh b/parser/tst/equality.sh
> index ea7259f..2258758 100755
> --- a/parser/tst/equality.sh
> +++ b/parser/tst/equality.sh
> @@ -270,6 +270,10 @@ for rule in "capability" "capability mac_admin" \
> "/f r" "/f w" "/f rwmlk" "/** r" "/**/ w" \
> "file /f r" "file /f w" "file /f rwmlk"
> do
> + verify_binary_equality "allow modifier for \"${rule}\"" \
> + "/t { ${rule}, }" \
> + "/t { allow ${rule}, }"
> +
> verify_binary_inequality "audit, deny, and audit deny modifiers for \"${rule}\"" \
> "/t { ${rule}, }" \
> "/t { audit ${rule}, }" \
> @@ -282,6 +286,10 @@ done
> for rule in "/f ux" "/f Ux" "/f px" "/f Px" "/f ix" \
> "file /f ux" "file /f UX" "file /f px" "file /f Px" "file /f ix"
> do
> + verify_binary_equality "allow modifier for \"${rule}\"" \
> + "/t { ${rule}, }" \
> + "/t { allow ${rule}, }" \
> +
> verify_binary_inequality "deny, audit deny modifier for \"${rule}\"" \
> "/t { ${rule}, }" \
> "/t { audit ${rule}, }" \
>
More information about the AppArmor
mailing list