refractor: tests/bats -> tests/integration

tests/integration/aa-enforce.bats

@@ -0,0 +1,27 @@
+#!/usr/bin/env bats
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-2.0-only
+
+load common
+
+setup_file() {
+    aa_setup
+    skip
+}
+
+@test "aa-enforce: Disable profile" {
+    sudo aa-disable pass
+}
+
+@test "aa-enforce: Enforce a profile" {
+    sudo aa-enforce pass
+}
+
+@test "aa-enforce: Complain a profile" {
+    sudo aa-complain pass
+}
+
+@test "aa-enforce: Audit a profile" {
+    sudo aa-audit pass
+}

tests/integration/aa-status.bats

@@ -0,0 +1,26 @@
+#!/usr/bin/env bats
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-2.0-only
+
+load common
+
+@test "aa-status: Check status" {
+    sudo aa-status
+}
+
+@test "aa-status: Display the number of loaded policies" {
+    sudo aa-status --profiled
+}
+
+@test "aa-status: Display the number of loaded enforicing policies" {
+    sudo aa-status --enforced
+}
+
+@test "aa-status: Display the number of loaded non-enforcing policies" {
+    sudo aa-status --complaining
+}
+
+@test "aa-status: Display the number of loaded enforcing policies that kill tasks" {
+    sudo aa-status --kill
+}

tests/integration/blkid.bats

@@ -0,0 +1,14 @@
+#!/usr/bin/env bats
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-2.0-only
+
+load common
+
+@test "blkid: List all partitions" {
+    sudo blkid
+}
+
+@test "blkid: List all partitions in a table, including current mountpoints" {
+    sudo blkid -o list
+}

tests/integration/chsh.bats

@@ -0,0 +1,19 @@
+#!/usr/bin/env bats
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-2.0-only
+
+load common
+
+@test "chsh: list available shells" {
+    chsh --list-shells || true
+}
+
+@test "chsh: Set a specific login shell for the current user" {
+    echo "$PASSWORD" | chsh --shell /usr/bin/bash
+}
+
+# bats test_tags=chsh
+@test "chsh: Set a login shell for a specific user" {
+    sudo chsh --shell /usr/bin/sh root
+}

tests/integration/common.bash

@@ -0,0 +1,122 @@
+#!/usr/bin/env bash
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-2.0-only
+
+export BATS_LIB_PATH=${BATS_LIB_PATH:-/usr/lib/bats}
+load "$BATS_LIB_PATH/bats-support/load"
+
+# User password for sudo commands
+export PASSWORD=${PASSWORD:-user}
+
+export XDG_CACHE_DIR=".cache"
+export XDG_CONFIG_DIR=".config"
+export XDG_DATA_DIR=".local/share"
+export XDG_STATE_DIR=".local/state"
+export XDG_BIN_DIR=".local/bin"
+export XDG_LIB_DIR=".local/lib"
+
+# Define extended user directories not defined in the XDG standard but commonly
+# used in profiles
+export XDG_SCREENSHOTS_DIR="Pictures/Screenshots"
+export XDG_WALLPAPERS_DIR="Pictures/Wallpapers"
+export XDG_BOOKS_DIR="Books"
+export XDG_GAMES_DIR="Games"
+export XDG_PROJECTS_DIR="Projects"
+export XDG_WORK_DIR="Work"
+export XDG_MAIL_DIR="Mail"
+export XDG_SYNC_DIR="Sync"
+export XDG_TORRENTS_DIR="Torrents"
+export XDG_GAMESSTUDIO_DIR="unity3d"
+
+# Define user directories for virtual machines, shared folders and disk images
+export XDG_VM_DIR=".vm"
+export XDG_VMSHARE_DIR=".vmshare"
+export XDG_IMG_DIR=".img"
+
+# Define user build directories and artifacts output
+export XDG_BUILD_DIR=".build"
+export XDG_PKG_DIR=".pkg"
+
+# Define user personal keyrings
+export XDG_GPG_DIR=".gnupg"
+export XDG_SSH_DIR=".ssh"
+export XDG_PASSWORDSTORE_DIR=".password-store"
+
+# Define user personal private directories
+export XDG_PRIVATE_DIR=".private"
+
+# Full path of the XDG Base Directory
+export user_cache_dirs=$HOME/$XDG_CACHE_DIR
+export user_config_dirs=$HOME/$XDG_CONFIG_DIR
+export user_state_dirs=$HOME/$XDG_STATE_DIR
+export user_bin_dirs=$HOME/$XDG_BIN_DIR
+export user_lib_dirs=$HOME/$XDG_LIB_DIR
+
+# Other user directories
+export user_desktop_dirs=$HOME/$XDG_DESKTOP_DIR
+export user_download_dirs=$HOME/$XDG_DOWNLOAD_DIR
+export user_templates_dirs=$HOME/$XDG_TEMPLATES_DIR
+export user_publicshare_dirs=$HOME/$XDG_PUBLICSHARE_DIR
+export user_documents_dirs=$HOME/$XDG_DOCUMENTS_DIR
+export user_music_dirs=$HOME/$XDG_MUSIC_DIR
+export user_pictures_dirs=$HOME/$XDG_PICTURES_DIR
+export user_videos_dirs=$HOME/$XDG_VIDEOS_DIR
+export user_books_dirs=$HOME/$XDG_BOOKS_DIR
+export user_games_dirs=$HOME/$XDG_GAMES_DIR
+export user_projects_dirs=$HOME/$XDG_PROJECTS_DIR
+export user_work_dirs=$HOME/$XDG_WORK_DIR
+export user_mail_dirs=$HOME/$XDG_MAIL_DIR
+export user_sync_dirs=$HOME/$XDG_SYNC_DIR
+export user_torrents_dirs=$HOME/$XDG_TORRENTS_DIR
+export user_vm_dirs=$HOME/$XDG_VM_DIR
+export user_vmshare_dirs=$HOME/$XDG_VMSHARE_DIR
+export user_img_dirs=$HOME/$XDG_IMG_DIR
+export user_build_dirs=$HOME/$XDG_BUILD_DIR
+export user_pkg_dirs=$HOME/$XDG_PKG_DIR
+export user_gpg_dirs=$HOME/$XDG_GPG_DIR
+export user_ssh_dirs=$HOME/$XDG_SSH_DIR
+export user_passwordstore_dirs=$HOME/$XDG_PASSWORDSTORE_DIR
+export user_private_dirs=$HOME/$XDG_PRIVATE_DIR
+
+_START="$(date +%s)"
+PROGRAM="$(basename "$BATS_TEST_FILENAME")"
+PROGRAM="${PROGRAM%.*}"
+export _START PROGRAM
+
+skip_if_not_installed() {
+    if ! which "$PROGRAM" &>/dev/null; then
+        skip "$PROGRAM is not installed"
+    fi
+}
+
+aa_setup() {
+    aa_start
+    skip_if_not_installed
+}
+
+aa_start() {
+    _START=$(date +%s)
+}
+
+aa_check() {
+    local now duration logs
+
+    now=$(date +%s)
+    duration=$((now - _START + 1))
+    logs=$(aa-log --raw --systemd --since "-${duration}s")
+    aa_start
+    if [[ -n "$logs" ]]; then
+        fail "profile $PROGRAM raised logs: $logs"
+    fi
+}
+
+# Bats setup and teardown hooks
+
+setup_file() {
+    aa_setup
+}
+
+teardown() {
+	aa_check
+}

tests/integration/cpuid.bats

@@ -0,0 +1,18 @@
+#!/usr/bin/env bats
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-2.0-only
+
+load common
+
+@test "cpuid: Display information for all CPUs" {
+    cpuid
+}
+
+@test "cpuid: Display information only for the current CPU" {
+    cpuid -1
+}
+
+@test "cpuid: Display raw hex information with no decoding" {
+    cpuid -r
+}

tests/integration/df.bats

@@ -0,0 +1,26 @@
+#!/usr/bin/env bats
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-2.0-only
+
+load common
+
+@test "df: Display all filesystems and their disk usage" {
+    df
+}
+
+@test "df: Display all filesystems and their disk usage in human-readable form" {
+    df -h
+}
+
+@test "df: Display the filesystem and its disk usage containing the given file or directory" {
+    df apparmor.d/
+}
+
+@test "df: Include statistics on the number of free inodes" {
+    df --inodes
+}
+
+@test "df: Display filesystem types" {
+    df --print-type
+}

tests/integration/dfc.bats

@@ -0,0 +1,22 @@
+#!/usr/bin/env bats
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-2.0-only
+
+load common
+
+@test "dfc: Display filesystems and their disk usage in human-readable form with colors and graphs" {
+    dfc
+}
+
+@test "dfc: Display all filesystems including pseudo, duplicate and inaccessible filesystems" {
+    dfc -a
+}
+
+@test "dfc: Display filesystems without color" {
+    dfc -c never
+}
+
+@test "dfc: Display filesystems containing &#34;ext&#34; in the filesystem type" {
+    dfc -t ext
+}

tests/integration/dmesg.bats

@@ -0,0 +1,30 @@
+#!/usr/bin/env bats
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-2.0-only
+
+load common
+
+@test "dmesg: Show kernel messages" {
+    sudo dmesg
+}
+
+@test "dmesg: Show kernel error messages" {
+    sudo dmesg --level err
+}
+
+@test "dmesg: Show how much physical memory is available on this system" {
+    sudo dmesg | grep -i memory
+}
+
+@test "dmesg: Show kernel messages with a timestamp (available in kernels 3.5.0 and newer)" {
+    sudo dmesg -T
+}
+
+@test "dmesg: Show kernel messages in human-readable form (available in kernels 3.5.0 and newer)" {
+    sudo dmesg -H
+}
+
+@test "dmesg: Colorize output (available in kernels 3.5.0 and newer)" {
+    sudo dmesg -L
+}

tests/integration/fc-cache.bats

@@ -0,0 +1,18 @@
+#!/usr/bin/env bats
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-2.0-only
+
+load common
+
+@test "fc-cache: Generate font cache files" {
+    fc-cache
+}
+
+@test "fc-cache: Force a rebuild of all font cache files, without checking if cache is up-to-date" {
+    fc-cache -f
+}
+
+@test "fc-cache: Erase font cache files, then generate new font cache files" {
+    fc-cache -r
+}

tests/integration/fc-list.bats

@@ -0,0 +1,22 @@
+#!/usr/bin/env bats
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-2.0-only
+
+load common
+
+@test "fc-list: Return a list of installed fonts in your system" {
+    fc-list
+}
+
+@test "fc-match: Return a sorted list of best matching fonts" {
+    fc-match -s 'DejaVu Serif'
+}
+
+@test "fc-pattern: Display default information about a font" {
+    fc-pattern --default 'DejaVu Serif'
+}
+
+@test "fc-pattern: Display configuration information about a font" {
+    fc-pattern --config 'DejaVu Serif'
+}

tests/integration/flatpak.bats

@@ -0,0 +1,34 @@
+#!/usr/bin/env bats
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-2.0-only
+
+load common
+
+@test "flatpak: List installed applications, ignoring runtimes" {
+    flatpak list --app
+}
+
+@test "flatpak: Install an application from a remote source" {
+    flatpak install --noninteractive org.vim.Vim
+}
+
+@test "flatpak: Show information about an installed application" {
+    flatpak info org.vim.Vim
+}
+
+@test "flatpak: Run an installed application" {
+    flatpak run org.vim.Vim
+}
+
+@test "flatpak: Update all installed applications and runtimes" {
+    flatpak update --noninteractive
+}
+
+@test "flatpak: Remove an installed application" {
+    flatpak remove --noninteractive org.vim.Vim
+}
+
+@test "flatpak: Remove all unused applications" {
+    flatpak remove --unused
+}

tests/integration/fwupdmgr.bats

@@ -0,0 +1,23 @@
+#!/usr/bin/env bats
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-2.0-only
+
+load common
+
+@test "fwupdmgr: Display all devices detected by fwupd" {
+    fwupdmgr get-devices
+}
+
+@test "fwupdmgr: Download the latest firmware metadata from LVFS" {
+    fwupdmgr refresh || true
+}
+
+@test "fwupdmgr: List the updates available for devices on your system" {
+    fwupdmgr get-updates || true
+}
+
+@test "fwupdmgr: Install firmware updates" {
+    fwupdmgr update || true
+}
+

tests/integration/gpgconf.bats

@@ -0,0 +1,34 @@
+#!/usr/bin/env bats
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-2.0-only
+
+load common
+
+@test "gpgconf: List all components" {
+    gpgconf --list-components
+}
+
+@test "gpgconf: List the directories used by gpgconf" {
+    gpgconf --list-dirs
+}
+
+@test "gpgconf: List all options of a component" {
+    gpgconf --list-options gpg
+    gpgconf --list-options gpgsm
+    gpgconf --list-options gpg-agent
+    gpgconf --list-options scdaemon || true
+    gpgconf --list-options dirmngr
+}
+
+@test "gpgconf: List programs and test whether they are runnable" {
+    gpgconf --check-programs || true
+}
+
+@test "gpgconf: Reload a component" {
+    gpgconf --reload gpg
+    gpgconf --reload gpgsm
+    gpgconf --reload gpg-agent
+    gpgconf --reload scdaemon || true
+    gpgconf --reload dirmngr
+}

tests/integration/groupadd.bats

@@ -0,0 +1,32 @@
+#!/usr/bin/env bats
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-2.0-only
+
+load common
+
+@test "groupadd: Create a new group" {
+    sudo groupadd user2
+}
+
+@test "groupadd: Create a new system group" {
+    sudo groupadd --system system2
+}
+
+@test "groupadd: Create a new group with the specific groupid" {
+    sudo groupadd --gid 3000 user3
+}
+
+@test "groupmod: Change the group name" {
+    sudo groupmod --new-name user22 user2
+}
+
+@test "groupmod: Change the group ID" {
+    sudo groupmod --gid 2222 user22
+}
+
+@test "groupdel: Delete newly created group" {
+    sudo groupdel user22
+    sudo groupdel system2
+    sudo groupdel user3
+}

tests/integration/groups.bats

@@ -0,0 +1,15 @@
+#!/usr/bin/env bats
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-2.0-only
+
+load common
+
+@test "groups: Print group memberships for the current user" {
+    groups
+}
+
+@test "groups: Print group memberships for a list of users" {
+    groups root
+}
+

tests/integration/homectl.bats

@@ -0,0 +1,44 @@
+#!/usr/bin/env bats
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-2.0-only
+
+load common
+
+setup_file() {
+    sudo systemctl start systemd-homed
+    skip
+    aa_setup
+}
+
+@test "homectl: Display help" {
+    homectl --no-pager --help
+}
+
+@test "homectl: Create a user account and their associated home directory" {
+    sudo homectl create user2
+}
+
+@test "homectl: List user accounts and their associated home directories" {
+    homectl list
+}
+
+@test "homectl: Change the password for a specific user" {
+    sudo homectl passwd user2
+}
+
+@test "homectl: Run a shell or a command with access to a specific home directory" {
+    sudo homectl with user2 -- ls -al /home/user2
+}
+
+@test "homectl: Lock or unlock a specific home directory" {
+    sudo homectl lock user2
+}
+
+@test "homectl: Change the disk space assigned to a specific home directory to 100 GiB" {
+    sudo homectl resize user2 1G
+}
+
+@test "homectl: Remove a specific user and the associated home directory" {
+    sudo homectl remove user2
+}

tests/integration/hostnamectl.bats

@@ -0,0 +1,20 @@
+#!/usr/bin/env bats
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-2.0-only
+
+load common
+
+@test "hostnamectl: Get the hostname of the computer" {
+    hostnamectl
+}
+
+@test "hostnamectl: Get the location of the computer" {
+    hostnamectl location
+}
+
+@test "hostnamectl: Set the hostname of the computer" {
+    name=$(hostnamectl hostname)
+    sudo hostnamectl set-hostname "new"
+    sudo hostnamectl set-hostname "$name"
+}

tests/integration/id.bats

@@ -0,0 +1,30 @@
+#!/usr/bin/env bats
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-2.0-only
+
+load common
+
+@test "id: Display current user&#39;s ID (UID), group ID (GID) and groups to which they belong" {
+    id
+}
+
+@test "id: Display the current user identity" {
+    id -un
+}
+
+@test "id: Display the current user identity as a number" {
+    id -u
+}
+
+@test "id: Display the current primary group identity" {
+    id -gn
+}
+
+@test "id: Display the current primary group identity as a number" {
+    id -g
+}
+
+@test "id: Display an arbitrary user ID (UID), group ID (GID) and groups to which they belong" {
+    id root
+}

tests/integration/ip.bats

@@ -0,0 +1,42 @@
+#!/usr/bin/env bats
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-2.0-only
+
+load common
+
+@test "ip-address: List network interfaces and their associated IP addresses" {
+    ip address
+}
+
+@test "ip-address: Filter to show only active network interfaces" {
+    ip address show up
+}
+
+@test "ip-route: Display the routing table" {
+    ip route
+}
+
+@test "ip-route-get: Print route to a destination" {
+    ip route get 1.1.1.1
+}
+
+@test "ip link: Show information about all network interfaces" {
+    ip link
+}
+
+@test "ip neighbour: Display the neighbour/ARP table entries" {
+    ip neighbour
+}
+
+@test "ip rule: Display the routing policy" {
+    ip rule show
+    ip rule list
+}
+
+@test "ip: Manage network namespace" {
+    sudo ip netns add foo
+    sudo ip netns list
+    sudo ip netns exec foo bash -c "pwd"
+    sudo ip netns delete foo
+}

tests/integration/lsblk.bats

@@ -0,0 +1,38 @@
+#!/usr/bin/env bats
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-2.0-only
+
+load common
+
+@test "lsblk: List all storage devices in a tree-like format" {
+    lsblk
+}
+
+@test "lsblk: Also list empty devices" {
+    lsblk -a
+}
+
+@test "lsblk: Print the SIZE column in bytes rather than in a human-readable format" {
+    lsblk -b
+}
+
+@test "lsblk: Output info about filesystems" {
+    lsblk -f
+}
+
+@test "lsblk: Use ASCII characters for tree formatting" {
+    lsblk -i
+}
+
+@test "lsblk: Output info about block-device topology" {
+    lsblk -t
+}
+
+@test "lsblk: Exclude the devices specified by the comma-separated list of major device numbers" {
+    lsblk -e 1
+}
+
+@test "lsblk: Display a customized summary using a comma-separated list of columns" {
+    lsblk --output NAME,SERIAL,MODEL,TRAN,TYPE,SIZE,FSTYPE,MOUNTPOINT
+}

tests/integration/lscpu.bats

@@ -0,0 +1,18 @@
+#!/usr/bin/env bats
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-2.0-only
+
+load common
+
+@test "lscpu: Display information about all CPUs" {
+    lscpu
+}
+
+@test "lscpu: Display information in a table" {
+    lscpu --extended
+}
+
+@test "lscpu: Display only information about offline CPUs in a table" {
+    lscpu --extended --offline
+}

tests/integration/lspci.bats

@@ -0,0 +1,26 @@
+#!/usr/bin/env bats
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-2.0-only
+
+load common
+
+@test "lspci: Show a brief list of devices" {
+    lspci
+}
+
+@test "lspci: Display additional info" {
+    lspci -v
+}
+
+@test "lspci: Display drivers and modules handling each device" {
+    lspci -k
+}
+
+@test "lspci: Show a specific device" {
+    lspci -s 00:00.0
+}
+
+@test "lspci: Dump info in a readable form" {
+    lspci -vm
+}

tests/integration/lsusb.bats

@@ -0,0 +1,18 @@
+#!/usr/bin/env bats
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-2.0-only
+
+load common
+
+@test "lsusb: List all the USB devices available" {
+    lsusb || true
+}
+
+@test "lsusb: List the USB hierarchy as a tree" {
+    lsusb -t || true
+}
+
+@test "lsusb: List verbose information about USB devices" {
+    lsusb --verbose || true
+}

tests/integration/needrestart.bats

@@ -0,0 +1,34 @@
+#!/usr/bin/env bats
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-2.0-only
+
+load common
+
+@test "needrestart: List outdated processes" {
+    needrestart
+}
+
+@test "needrestart: Interactively restart services" {
+    sudo needrestart
+}
+
+@test "needrestart: List outdated processes in verbose mode" {
+    needrestart -v
+}
+
+@test "needrestart: Check if the kernel is outdated" {
+    needrestart -k
+}
+
+@test "needrestart: Check if the CPU microcode is outdated" {
+    needrestart -w
+}
+
+@test "needrestart: List outdated processes in batch mode" {
+    needrestart -b
+}
+
+@test "needrestart: Display help" {
+    needrestart --help
+}

tests/integration/ps.bats

@@ -0,0 +1,30 @@
+#!/usr/bin/env bats
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-2.0-only
+
+load common
+
+@test "ps: List all running processes" {
+    ps aux
+}
+
+@test "ps: List all running processes including the full command string" {
+    ps auxww
+}
+
+@test "ps: List all processes of the current user in extra full format" {
+    ps --user "$(id -u)" -F
+}
+
+@test "ps: List all processes of the current user as a tree" {
+    ps --user "$(id -u)" -f
+}
+
+@test "ps: Get the parent PID of a process" {
+    ps -o ppid= -p 1
+}
+
+@test "ps: Sort processes by memory consumption" {
+    ps auxww --sort size
+}

tests/integration/pstree.bats

@@ -0,0 +1,19 @@
+#!/usr/bin/env bats
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-2.0-only
+
+load common
+
+@test "pstree: Display a tree of processes" {
+    pstree
+}
+
+@test "pstree: Display a tree of processes with PIDs" {
+    pstree -p
+}
+
+@test "pstree: Display all process trees rooted at processes owned by specified user" {
+    pstree root
+}
+

tests/integration/snap.bats

@@ -0,0 +1,34 @@
+#!/usr/bin/env bats
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-2.0-only
+
+load common
+
+@test "snap: Search for a package" {
+    snap find vim
+}
+
+@test "snap: Install a package" {
+    sudo snap install nano-strict
+}
+
+@test "snap: Update a package to another channel (track, risk, or branch)" {
+    sudo snap refresh nano-strict --channel=edge
+}
+
+@test "snap: Update all packages" {
+    sudo snap refresh
+}
+
+@test "snap: Display basic information about installed snap software" {
+    sudo snap list
+}
+
+@test "snap: Check for recent snap changes in the system" {
+    sudo snap changes
+}
+
+@test "snap: Uninstall a package" {
+    sudo snap remove nano-strict
+}

tests/integration/sync.bats

@@ -0,0 +1,14 @@
+#!/usr/bin/env bats
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-2.0-only
+
+load common
+
+@test "sync: Flush all pending write operations on all disks" {
+    sync
+}
+
+@test "sync: Flush all pending write operations on a single file to disk" {
+    sudo sync /
+}

tests/integration/sysctl.bats

@@ -0,0 +1,27 @@
+#!/usr/bin/env bats
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-2.0-only
+
+load common
+
+@test "sysctl: Show all available variables and their values" {
+    sysctl -a
+}
+
+@test "sysctl: Set a changeable kernel state variable" {
+    sudo sysctl -w vm.panic_on_oom=0
+}
+
+@test "sysctl: Get currently open file handlers" {
+    sysctl fs.file-nr
+}
+
+@test "sysctl: Get limit for simultaneous open files" {
+    sysctl fs.file-max
+}
+
+@test "sysctl: Apply changes from `/etc/sysctl.conf`" {
+    sysctl -p
+}
+

tests/integration/systemd-ac-power.bats

@@ -0,0 +1,15 @@
+#!/usr/bin/env bats
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-2.0-only
+
+load common
+
+@test "systemd-ac-power: Report whether we are connected to an external power source." {
+    systemd-ac-power || true
+}
+
+@test "systemd-ac-power: Check if battery is discharging and low" {
+    systemd-ac-power --low || true
+}
+

tests/integration/systemd-analyze.bats

@@ -0,0 +1,20 @@
+#!/usr/bin/env bats
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-2.0-only
+
+load common
+
+@test "systemd-analyze: List all running units, ordered by the time they took to initialize" {
+    systemd-analyze --no-pager blame
+}
+
+@test "systemd-analyze: Print a tree of the time-critical chain of units" {
+    systemd-analyze --no-pager critical-chain
+}
+
+@test "systemd-analyze: Show security scores of running units" {
+    systemd-analyze --no-pager security
+}
+
+

tests/integration/systemd-cat.bats

@@ -0,0 +1,14 @@
+#!/usr/bin/env bats
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-2.0-only
+
+load common
+
+@test "systemd-cat: Write the output of the specified command to the journal (both output streams are captured)" {
+    systemd-cat pwd
+}
+
+@test "systemd-cat: Write the output of a pipeline to the journal (`stderr` stays connected to the terminal)" {
+    echo apparmor.d-test-suite | systemd-cat
+}

tests/integration/systemd-cgls.bats

@@ -0,0 +1,19 @@
+#!/usr/bin/env bats
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-2.0-only
+
+load common
+
+@test "systemd-cgls: Display the whole control group hierarchy on your system" {
+    systemd-cgls --no-pager
+}
+
+@test "systemd-cgls: Display a control group tree of a specific resource controller" {
+    systemd-cgls --no-pager io
+}
+
+@test "systemd-cgls: Display the control group hierarchy of one or more systemd units" {
+    systemd-cgls --no-pager --unit systemd-logind
+}
+

tests/integration/systemd-detect-virt.bats

@@ -0,0 +1,26 @@
+#!/usr/bin/env bats
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-2.0-only
+
+load common
+
+@test "systemd-detect-virt: List detectable virtualization technologies" {
+    systemd-detect-virt --list
+}
+
+# bats test_tags=systemd-detect-virt
+@test "systemd-detect-virt: Detect virtualization, print the result and return a zero status code when running in a VM or a container, and a non-zero code otherwise" {
+    systemd-detect-virt || true
+}
+
+# bats test_tags=systemd-detect-virt
+@test "systemd-detect-virt: Silently check without printing anything" {
+    systemd-detect-virt --quiet || true
+}
+
+# bats test_tags=systemd-detect-virt
+@test "systemd-detect-virt: Only detect hardware virtualization" {
+    systemd-detect-virt --vm || true
+}
+

tests/integration/systemd-id128.bats

@@ -0,0 +1,23 @@
+#!/usr/bin/env bats
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-2.0-only
+
+load common
+
+@test "systemd-id128: Generate a new random identifier" {
+    systemd-id128 new
+}
+
+@test "systemd-id128: Print the identifier of the current machine" {
+    systemd-id128 machine-id
+}
+
+@test "systemd-id128: Print the identifier of the current boot" {
+    systemd-id128 boot-id
+}
+
+@test "systemd-id128: Generate a new random identifier and print it as a UUID (five groups of digits separated by hyphens)" {
+    systemd-id128 new --uuid
+}
+

tests/integration/systemd-sysusers.bats

@@ -0,0 +1,18 @@
+#!/usr/bin/env bats
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-2.0-only
+
+load common
+
+@test "systemd-sysusers: Print the contents of all configuration files (before each file, its name is printed as a comment)" {
+    systemd-sysusers --cat-config
+}
+
+@test "systemd-sysusers: Process configuration files and print what would be done without actually doing anything" {
+    systemd-sysusers --dry-run
+}
+
+@test "systemd-sysusers: Create users and groups from all configuration file" {
+    sudo systemd-sysusers
+}

tests/integration/uname.bats

@@ -0,0 +1,39 @@
+#!/usr/bin/env bats
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-2.0-only
+
+load common
+
+@test "uname: Print all information" {
+    uname --all
+}
+
+@test "uname: Print the current kernel name" {
+    uname --kernel-name
+}
+
+@test "uname: Print the current network node host name" {
+    uname --nodename
+}
+
+@test "uname: Print the current kernel release" {
+    uname --kernel-release
+}
+
+@test "uname: Print the current kernel version" {
+    uname --kernel-version
+}
+
+@test "uname: Print the current machine hardware name" {
+    uname --machine
+}
+
+@test "uname: Print the current processor type" {
+    uname --processor
+}
+
+@test "uname: Print the current operating system name" {
+    uname --operating-system
+}
+

tests/integration/upower.bats

@@ -0,0 +1,19 @@
+#!/usr/bin/env bats
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-2.0-only
+
+load common
+
+@test "upower: Display power and battery information" {
+    upower --dump
+}
+
+@test "upower: List all power devices" {
+    upower --enumerate
+}
+
+@test "upower: Display version" {
+    upower --version
+}
+

tests/integration/uptime.bats

@@ -0,0 +1,23 @@
+#!/usr/bin/env bats
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-2.0-only
+
+load common
+
+@test "uptime: Print current time, uptime, number of logged-in users and other information" {
+    uptime
+}
+
+@test "uptime: Show only the amount of time the system has been booted for" {
+    uptime --pretty
+}
+
+@test "uptime: Print the date and time the system booted up at" {
+    uptime --since
+}
+
+@test "uptime: Display version" {
+    uptime --version
+}
+

tests/integration/useradd.bats

@@ -0,0 +1,32 @@
+#!/usr/bin/env bats
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-2.0-only
+
+load common
+
+@test "useradd: Create a new user with the specified shell" {
+    sudo useradd --shell /bin/bash --create-home user2
+}
+
+@test "useradd: Create a new user with the specified user ID" {
+    sudo useradd --uid 3000 user3
+}
+
+@test "useradd: Create a new user belonging to additional groups (mind the lack of whitespace)" {
+    sudo useradd --groups adm user4
+}
+
+@test "useradd: Create a new system user without the home directory" {
+    sudo useradd --system sys2
+}
+
+@test "userdel: Remove a user" {
+    sudo userdel user3
+    sudo userdel user4
+    sudo userdel sys2
+}
+
+@test "userdel: Remove a user along with the home directory and mail spool" {
+    sudo userdel --remove user2
+}

tests/integration/userdbctl.bats

@@ -0,0 +1,27 @@
+#!/usr/bin/env bats
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-2.0-only
+
+load common
+
+@test "userdbctl: List all known user records" {
+    userdbctl --no-pager user
+}
+
+@test "userdbctl: Show details of a specific user" {
+    userdbctl --no-pager user "$USER"
+}
+
+@test "userdbctl: List all known groups" {
+    userdbctl --no-pager group
+}
+
+@test "userdbctl: Show details of a specific group" {
+    sudo userdbctl --no-pager group "$USER"
+}
+
+@test "userdbctl: List all services currently providing user/group definitions to the system" {
+    userdbctl --no-pager services
+}
+

tests/integration/users.bats

@@ -0,0 +1,15 @@
+#!/usr/bin/env bats
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-2.0-only
+
+load common
+
+@test "users: Print logged in usernames" {
+    users
+}
+
+@test "users: Print logged in usernames according to a given file" {
+    users /var/log/wmtp
+}
+

tests/integration/uuidd.bats

@@ -0,0 +1,18 @@
+#!/usr/bin/env bats
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-2.0-only
+
+load common
+
+@test "uuidd: Generate a random UUID" {
+    uuidd --random
+}
+
+@test "uuidd: Generate a bulk number of random UUIDs" {
+    uuidd --random --uuids 10
+}
+
+@test "uuidd: Generate a time-based UUID, based on the current time and MAC address of the system" {
+    uuidd --time
+}

tests/integration/uuidgen.bats

@@ -0,0 +1,14 @@
+#!/usr/bin/env bats
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-2.0-only
+
+load common
+
+@test "uuidgen: Create a random UUIDv4" {
+    uuidgen --random
+}
+
+@test "uuidgen: Create a UUIDv1 based on the current time" {
+    uuidgen --time
+}

tests/integration/w.bats

@@ -0,0 +1,14 @@
+#!/usr/bin/env bats
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-2.0-only
+
+load common
+
+@test "w: Display information about all users who are currently logged in" {
+    w
+}
+
+@test "w: Display information about a specific user" {
+    w root
+}

tests/integration/who.bats

@@ -0,0 +1,19 @@
+#!/usr/bin/env bats
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-2.0-only
+
+load common
+
+@test "who: Display the username, line, and time of all currently logged-in sessions" {
+    who
+}
+
+@test "who: Display all available information" {
+    who -a
+}
+
+@test "who: Display all available information with table headers" {
+    who -a -H
+}
+