[apparmor] [patch 5/5] tests: support more complex change_profile tests
Tyler Hicks
tyhicks at canonical.com
Fri Mar 18 22:24:08 UTC 2016
On 2016-03-18 10:29:09, steve at nxnw.org wrote:
> This adds support to the profile generator script for change_profile
> rules, giving the ability to write the 3 factor version of the rule
> (e.g. "change_profile /t -> A_PROFILE") which was significantly more
> difficult using straight raw rules, which is why we don't have any 3
> factor rule tests.
>
> Signed-off-by: Steve Beattie <steve at nxnw.org>
Acked-by: Tyler Hicks <tyhicks at canonical.com>
Thanks!
> ---
> parser/tst/equality.sh | 4 ++++
> tests/regression/apparmor/mkprofile.pl | 18 ++++++++++++++++++
> 2 files changed, 22 insertions(+)
>
> Index: b/tests/regression/apparmor/mkprofile.pl
> ===================================================================
> --- a/tests/regression/apparmor/mkprofile.pl
> +++ b/tests/regression/apparmor/mkprofile.pl
> @@ -334,6 +334,22 @@ sub gen_flag($) {
> }
> }
>
> +sub gen_change_profile($) {
> + my $rule = shift;
> + my @rules = split (/:/, $rule);
> + if (@rules == 2) {
> + if ($rules[1] =~ /^ALL$/) {
> + push (@{$output_rules{$hat}}, " change_profile,\n",);
> + } else {
> + push (@{$output_rules{$hat}}, " change_profile -> $rules[1],\n",);
> + }
> + } elsif (@rules == 3) {
> + push (@{$output_rules{$hat}}, " change_profile $rules[1] -> $rules[2],\n",);
> + } else {
> + (!$nowarn) && print STDERR "Warning: invalid change_profile description '$rule', ignored\n";
> + }
> +}
> +
> sub gen_hat($) {
> my $rule = shift;
> my @rules = split (/:/, $rule);
> @@ -406,6 +422,8 @@ sub gen_from_args() {
> gen_flag($rule);
> } elsif ($rule =~ /^hat:/) {
> gen_hat($rule);
> + } elsif ($rule =~ /^change_profile:/) {
> + gen_change_profile($rule);
> } elsif ($rule =~ /^addimage:/) {
> gen_addimage($rule);
> $addimage = 1;
>
>
> --
> AppArmor mailing list
> AppArmor at lists.ubuntu.com
> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20160318/002b4bd1/attachment.pgp>
More information about the AppArmor
mailing list