felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

tests(check): ensure bin is not used instead of sbin.

Browse source
This commit is contained in:
Alexandre Pujol 2025-04-28 21:48:53 +02:00
parent fd17a77b17
commit 8ae1118de6
No known key found for this signature in database
GPG key ID: C5469996F0DF68EC
2 changed files with 749 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

11
tests/check.sh
View file

@ -106,6 +106,16 @@ _ensure_vim() {
fi
}
check_sbin() {
echo -e "\033[1m ⋅ \033[0mEnsuring '@{sbin}' is used in all profiles:"
while IFS= read -r name; do
mapfile -t files < <(grep -l -R "@{bin}/$name" apparmor.d)
for file in "${files[@]}"; do
_die "$file contains '@{bin}/$name' instead of '@{sbin}/$name'"
done
done <tests/sbin.list
}
check_profiles() {
echo -e "\033[1m ⋅ \033[0mChecking if all profiles contain:"
echo " - apparmor.d header & license"
@ -170,5 +180,6 @@ check_abstractions() {
done
}
check_sbin
check_profiles
check_abstractions