[apparmor] [PATCH] regression test: conditionaly run pivot_root domain, transitions

Tyler Hicks tyhicks at canonical.com
Fri Sep 8 00:25:24 UTC 2017 

On 09/07/2017 06:44 PM, John Johansen wrote:
> Document the use of the features_X and requires() functions
> 
> Signed-off-by: John Johansen <john.johansen at canonical.com>

Thanks! I have a few typo fixes mentioned below but feel free to fix
them, add my ack, and commit.

Acked-by: Tyler Hicks <tyhicks at canonical.com>

> 
> 
> === modified file 'tests/regression/apparmor/prologue.inc'
> --- tests/regression/apparmor/prologue.inc	2017-09-07 09:28:06 +0000
> +++ tests/regression/apparmor/prologue.inc	2017-09-07 23:42:21 +0000
> @@ -23,6 +23,12 @@
>  
>  #use $() to retreive the failure message or "true" if success
>  
> +# kernel_features_istrue() - test whether boolean files are true
> +# $@: path(s) to test if true
> +# Returns: 0 and "true" if all specified paths exist and are true
> +#          1 and error message if features directory is not available
> +#          2 and error message if feature file does not exist
> +#          3 and error message if feature path is not a file
>  kernel_features_istrue()
>  {
>  	if [ ! -e "/sys/kernel/security/apparmor/features/" ] ; then
> @@ -46,6 +52,11 @@
>  	return 0;
>  }
>  
> +# kernel_features - test whether path(s) are present
> +# $@: feature path(s) to test
> +# Returns: 0 and outputs "true" if all paths exist
> +#          1 and error message if features dir is not available
> +#          2 and error message if path does not exist
>  kernel_features()
>  {
>  	if [ ! -e "/sys/kernel/security/apparmor/features/" ] ; then
> @@ -64,6 +75,8 @@
>  	return 0;
>  }
>  
> +# requires_kernek_features() - exit if kernel feature does not exist

s/requires_kernek_features/requires_kernel_features/

> +# $@: feature path(s) to test
>  requires_kernel_features()
>  {
>  	local res=$(kernel_features $@)
> @@ -73,6 +86,7 @@
>  	fi
>  }
>  
> +# requires_namespace_interface() - exit if namespace iterface is not available

s/iterface/interface/

>  requires_namespace_interface()
>  {
>  	if [ ! -e "/sys/kernel/security/apparmor/policy/namespaces" ]
> @@ -82,6 +96,7 @@
>  	fi
>  }
>  
> +# requires_query_interface() - exit if the query interface is not available
>  requires_query_interface()
>  {
>  	if [ ! -e "/sys/kernel/security/apparmor/.access" ]
> @@ -91,6 +106,10 @@
>  	fi
>  }
>  
> +# parser_supports() - test if the parser supports the following rules
> +# $@: rules to test, use quotes if the rule contains ws

s/ws/whitespace/

(I had to think about that one :)

> +# Returns: 0 and output "true" if all rules supported
> +#          1 and error message if compiler does not support rule
>  parser_supports()
>  {
>  	for R in "$@" ; do
> @@ -105,6 +124,8 @@
>  	return 0;
>  }
>  
> +#requires_parser_support() - exit if the parser does not suppor the rules

s/suppor/support/

Tyler

> +# $@: rules to test
>  requires_parser_support()
>  {
>  	local res=$(parser_supports $@)
> 


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20170907/e83712e3/attachment-0001.sig>

More information about the AppArmor mailing list