[apparmor] [patch] Add some simple_tests (dbus and bare file rules)

Steve Beattie steve at nxnw.org
Thu Jan 7 21:20:24 UTC 2016 

On Thu, Jan 07, 2016 at 09:54:40PM +0100, Christian Boltz wrote:
> [ more-simple_tests.diff ]
> 
> === added file 'parser/tst/simple_tests/dbus/ok_bind_2.sd'
> --- parser/tst/simple_tests/dbus/ok_bind_2.sd   1970-01-01 00:00:00 +0000
> +++ parser/tst/simple_tests/dbus/ok_bind_2.sd   2015-10-27 22:55:01 +0000
> @@ -0,0 +1,7 @@
> +#
> +#=DESCRIPTION simple dbus implicit bind acceptance test with deny keyword
> +#=EXRESULT PASS
> +
> +profile a_profile {
> +  deny dbus name=(SomeService),
> +}

Hrm, I'm surprised the autogenerated dbus tests don't cover this,
since they exercise deny pretty excessively. But grepping recursively
for 'deny dbus name' doesn't find anything.

> === added file 'parser/tst/simple_tests/file/ok_bare_1.sd'
> --- parser/tst/simple_tests/file/ok_bare_1.sd   1970-01-01 00:00:00 +0000
> +++ parser/tst/simple_tests/file/ok_bare_1.sd   2015-10-27 22:50:19 +0000
> @@ -0,0 +1,7 @@
> +#
> +#=Description bare file rule
> +#=EXRESULT PASS
> +#
> +/usr/bin/foo {
> +  file,
> +}

Covered by parser/tst/simple_tests/file/file/ok_2.sd; note that the
file/file/ subdirectory covers use of the file keyword with file
pathnames. I'm okay with okay with renaming/replacing that one with
ok_bare_1.sd, but keeping it in the file/file/ subdirectory.

> === added file 'parser/tst/simple_tests/file/ok_bare_2.sd'
> --- parser/tst/simple_tests/file/ok_bare_2.sd   1970-01-01 00:00:00 +0000
> +++ parser/tst/simple_tests/file/ok_bare_2.sd   2015-10-27 22:50:36 +0000
> @@ -0,0 +1,7 @@
> +#
> +#=Description bare file rule
> +#=EXRESULT PASS
> +#
> +/usr/bin/foo {
> +  deny file,
> +}

Yep, that's not covered by existing tests.

Acked-by: Steve Beattie <steve at nxnw.org>, as long as the duplication
between file/ok_bare_1.sd and file/file/ok_2.sd is resolved.

-- 
Steve Beattie
<sbeattie at ubuntu.com>
http://NxNW.org/~steve/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20160107/1b187e89/attachment.pgp>

More information about the AppArmor mailing list