On Sun, Jul 30, 2017 at 10:55:23PM +0200, Christian Boltz wrote:
> Hello,
>
> several log examples result in rules where the 'owner' conditional
> should be added. With logparser.py fixed to handle owner-only events, we
> need to add the owner conditional to several test_multi/*.profile files.
>
> I verified all log files for the changed profiles and made sure that
> - the log line contains fsuid= and ouid=
> - fsuid == ouid
>
> I also did a quick check on all log events containing ouid= and for
> those with fsuid == ouid, I checked that the profile has the owner
> conditional.
>
>
> I propose this patch for trunk and 2.11
>
>
> [ 03-update-tests-owner.diff ]
I assume the huge amount of trailing whitespace in this patch is due to
kmail or konsole or something? If so,
Acked-by: Seth Arnold <seth.arnold at canonical.com>
Thanks
>
> === modified file ./libraries/libapparmor/testsuite/test_multi/avc_syslog_01.profile
> --- libraries/libapparmor/testsuite/test_multi/avc_syslog_01.profile 2016-11-01 21:57:42.345480000 +0100
> +++ libraries/libapparmor/testsuite/test_multi/avc_syslog_01.profile 2017-07-30 21:45:22.535786424 +0200
> @@ -1,4 +1,4 @@
> /usr/sbin/cupsd {
> - /boot/ r,
> + owner /boot/ r,
>
> }
> === modified file ./libraries/libapparmor/testsuite/test_multi/syslog_audit_01.profile
> --- libraries/libapparmor/testsuite/test_multi/syslog_audit_01.profile 2016-11-01 21:57:42.345480000 +0100
> +++ libraries/libapparmor/testsuite/test_multi/syslog_audit_01.profile 2017-07-30 21:43:10.144355117 +0200
> @@ -1,4 +1,4 @@
> /home/ubuntu/bzr/apparmor/tests/regression/apparmor/mkdir {
> - /tmp/sdtest.7283-14445-r31VAP/tmpdir/ w,
> + owner /tmp/sdtest.7283-14445-r31VAP/tmpdir/ w,
>
> }
> === modified file ./libraries/libapparmor/testsuite/test_multi/testcase_dmesg_link_01.profile
> --- libraries/libapparmor/testsuite/test_multi/testcase_dmesg_link_01.profile 2016-11-01 21:57:42.345480000 +0100
> +++ libraries/libapparmor/testsuite/test_multi/testcase_dmesg_link_01.profile 2017-07-30 21:48:28.650990017 +0200
> @@ -1,4 +1,4 @@
> /home/ubuntu/bzr/apparmor/tests/regression/apparmor/link {
> - /tmp/sdtest.19088-12382-HWH57d/linkfile l,
> + owner /tmp/sdtest.19088-12382-HWH57d/linkfile l,
>
> }
> === modified file ./libraries/libapparmor/testsuite/test_multi/testcase_encoded_comm.profile
> --- libraries/libapparmor/testsuite/test_multi/testcase_encoded_comm.profile 2016-10-21 13:08:26.364128000 +0200
> +++ libraries/libapparmor/testsuite/test_multi/testcase_encoded_comm.profile 2017-07-30 21:44:32.907999387 +0200
> @@ -1,4 +1,4 @@
> "/home/steve/tmp/my prog.sh" {
> - "/home/steve/tmp/my prog.sh" r,
> + owner "/home/steve/tmp/my prog.sh" r,
>
> }
> === modified file ./libraries/libapparmor/testsuite/test_multi/testcase_encoded_profile.profile
> --- libraries/libapparmor/testsuite/test_multi/testcase_encoded_profile.profile 2016-10-21 13:08:26.364128000 +0200
> +++ libraries/libapparmor/testsuite/test_multi/testcase_encoded_profile.profile 2017-07-30 21:45:02.995870244 +0200
> @@ -1,4 +1,4 @@
> profile "test space" {
> - /lib/x86_64-linux-gnu/libdl-2.13.so r,
> + owner /lib/x86_64-linux-gnu/libdl-2.13.so r,
>
> }
> === modified file ./libraries/libapparmor/testsuite/test_multi/testcase_syslog_link_01.profile
> --- libraries/libapparmor/testsuite/test_multi/testcase_syslog_link_01.profile 2016-11-01 21:57:42.345480000 +0100
> +++ libraries/libapparmor/testsuite/test_multi/testcase_syslog_link_01.profile 2017-07-30 21:43:59.352143526 +0200
> @@ -1,4 +1,4 @@
> /home/ubuntu/bzr/apparmor/tests/regression/apparmor/link {
> - /tmp/sdtest.19088-12382-HWH57d/linkfile l,
> + owner /tmp/sdtest.19088-12382-HWH57d/linkfile l,
>
> }
> === modified file ./libraries/libapparmor/testsuite/test_multi/testcase_syslog_read.profile
> --- libraries/libapparmor/testsuite/test_multi/testcase_syslog_read.profile 2016-10-21 13:08:26.364128000 +0200
> +++ libraries/libapparmor/testsuite/test_multi/testcase_syslog_read.profile 2017-07-30 21:48:45.794916833 +0200
> @@ -1,4 +1,4 @@
> /usr/sbin/vsftpd {
> - /home/bane/foo r,
> + owner /home/bane/foo r,
>
> }
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20170731/85aeb2d7/attachment-0001.pgp>