Hello,
several log examples result in rules where the 'owner' conditional
should be added. With logparser.py fixed to handle owner-only events, we
need to add the owner conditional to several test_multi/*.profile files.
I verified all log files for the changed profiles and made sure that
- the log line contains fsuid= and ouid=
- fsuid == ouid
I also did a quick check on all log events containing ouid= and for
those with fsuid == ouid, I checked that the profile has the owner
conditional.
I propose this patch for trunk and 2.11
[ 03-update-tests-owner.diff ]
=== modified file ./libraries/libapparmor/testsuite/test_multi/avc_syslog_01.profile
--- libraries/libapparmor/testsuite/test_multi/avc_syslog_01.profile 2016-11-01 21:57:42.345480000 +0100
+++ libraries/libapparmor/testsuite/test_multi/avc_syslog_01.profile 2017-07-30 21:45:22.535786424 +0200
@@ -1,4 +1,4 @@
/usr/sbin/cupsd {
- /boot/ r,
+ owner /boot/ r,
}
=== modified file ./libraries/libapparmor/testsuite/test_multi/syslog_audit_01.profile
--- libraries/libapparmor/testsuite/test_multi/syslog_audit_01.profile 2016-11-01 21:57:42.345480000 +0100
+++ libraries/libapparmor/testsuite/test_multi/syslog_audit_01.profile 2017-07-30 21:43:10.144355117 +0200
@@ -1,4 +1,4 @@
/home/ubuntu/bzr/apparmor/tests/regression/apparmor/mkdir {
- /tmp/sdtest.7283-14445-r31VAP/tmpdir/ w,
+ owner /tmp/sdtest.7283-14445-r31VAP/tmpdir/ w,
}
=== modified file ./libraries/libapparmor/testsuite/test_multi/testcase_dmesg_link_01.profile
--- libraries/libapparmor/testsuite/test_multi/testcase_dmesg_link_01.profile 2016-11-01 21:57:42.345480000 +0100
+++ libraries/libapparmor/testsuite/test_multi/testcase_dmesg_link_01.profile 2017-07-30 21:48:28.650990017 +0200
@@ -1,4 +1,4 @@
/home/ubuntu/bzr/apparmor/tests/regression/apparmor/link {
- /tmp/sdtest.19088-12382-HWH57d/linkfile l,
+ owner /tmp/sdtest.19088-12382-HWH57d/linkfile l,
}
=== modified file ./libraries/libapparmor/testsuite/test_multi/testcase_encoded_comm.profile
--- libraries/libapparmor/testsuite/test_multi/testcase_encoded_comm.profile 2016-10-21 13:08:26.364128000 +0200
+++ libraries/libapparmor/testsuite/test_multi/testcase_encoded_comm.profile 2017-07-30 21:44:32.907999387 +0200
@@ -1,4 +1,4 @@
"/home/steve/tmp/my prog.sh" {
- "/home/steve/tmp/my prog.sh" r,
+ owner "/home/steve/tmp/my prog.sh" r,
}
=== modified file ./libraries/libapparmor/testsuite/test_multi/testcase_encoded_profile.profile
--- libraries/libapparmor/testsuite/test_multi/testcase_encoded_profile.profile 2016-10-21 13:08:26.364128000 +0200
+++ libraries/libapparmor/testsuite/test_multi/testcase_encoded_profile.profile 2017-07-30 21:45:02.995870244 +0200
@@ -1,4 +1,4 @@
profile "test space" {
- /lib/x86_64-linux-gnu/libdl-2.13.so r,
+ owner /lib/x86_64-linux-gnu/libdl-2.13.so r,
}
=== modified file ./libraries/libapparmor/testsuite/test_multi/testcase_syslog_link_01.profile
--- libraries/libapparmor/testsuite/test_multi/testcase_syslog_link_01.profile 2016-11-01 21:57:42.345480000 +0100
+++ libraries/libapparmor/testsuite/test_multi/testcase_syslog_link_01.profile 2017-07-30 21:43:59.352143526 +0200
@@ -1,4 +1,4 @@
/home/ubuntu/bzr/apparmor/tests/regression/apparmor/link {
- /tmp/sdtest.19088-12382-HWH57d/linkfile l,
+ owner /tmp/sdtest.19088-12382-HWH57d/linkfile l,
}
=== modified file ./libraries/libapparmor/testsuite/test_multi/testcase_syslog_read.profile
--- libraries/libapparmor/testsuite/test_multi/testcase_syslog_read.profile 2016-10-21 13:08:26.364128000 +0200
+++ libraries/libapparmor/testsuite/test_multi/testcase_syslog_read.profile 2017-07-30 21:48:45.794916833 +0200
@@ -1,4 +1,4 @@
/usr/sbin/vsftpd {
- /home/bane/foo r,
+ owner /home/bane/foo r,
}
Regards,
Christian Boltz
--
Yeah, life always gets in the way of the important stuff :-)
[Per Jessen in opensuse-project]
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20170730/6dd25dfe/attachment.pgp>