felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

test(aa-log): update tests to the last changes.

Browse source
This commit is contained in:
Alexandre Pujol 2024-09-27 12:20:48 +01:00
parent e1f665aec1
commit a8c18f9b94
No known key found for this signature in database
GPG key ID: C5469996F0DF68EC
4 changed files with 50 additions and 41 deletions
Download patch file Download diff file Expand all files Collapse all files

61
pkg/aa/rule_test.go
View file

@ -124,7 +124,7 @@ var (
wString: "include if exists <local/foo>",
},
{
name: "include/abs",
name: "include-abs",
rule: &Include{Path: "/usr/share/apparmor.d/", IsMagic: false},
other: &Include{Path: "/usr/share/apparmor.d/", IsMagic: true},
wCompare: -1,
@ -190,7 +190,7 @@ var (
wString: "capability net_admin,",
},
{
name: "capability/multi",
name: "capability-multi",
rule: &Capability{Names: []string{"dac_override", "dac_read_search"}},
other: capability2,
wCompare: -15,
@ -198,7 +198,7 @@ var (
wString: "capability dac_override dac_read_search,",
},
{
name: "capability/all",
name: "capability-all",
rule: &Capability{},
other: capability2,
wCompare: -1,
@ -222,7 +222,7 @@ var (
log: mount1Log,
rule: mount1,
other: mount2,
wCompare: 38,
wCompare: 37,
wMerge: false,
wString: "mount fstype=overlay overlay -> /var/lib/docker/overlay2/opaque-bug-check1209538631/merged/, # failed perms check",
},
@ -250,7 +250,7 @@ var (
log: pivotroot1Log,
rule: pivotroot1,
other: pivotroot2,
wCompare: 7,
wCompare: -5,
wMerge: false,
wString: "pivot_root oldroot=@{run}/systemd/mount-rootfs/ @{run}/systemd/mount-rootfs/,",
},
@ -307,7 +307,7 @@ var (
wString: "signal receive set=kill peer=firefox//&firejail-default,",
},
{
name: "ptrace/xdg-document-portal",
name: "ptrace-xdg-document-portal",
fromLog: newPtraceFromLog,
log: ptrace1Log,
rule: ptrace1,
@ -317,7 +317,7 @@ var (
wString: "ptrace read peer=nautilus,",
},
{
name: "ptrace/snap-update-ns.firefox",
name: "ptrace-snap-update-ns.firefox",
fromLog: newPtraceFromLog,
log: ptrace2Log,
rule: ptrace2,
@ -355,7 +355,7 @@ var (
wString: "dbus bind bus=session name=org.gnome.evolution.dataserver.Sources5,",
},
{
name: "dbus/bind",
name: "dbus-bind",
rule: &Dbus{Access: []string{"bind"}, Bus: "session", Name: "org.gnome.*"},
other: dbus2,
wCompare: -39,
@ -381,31 +381,33 @@ var (
wString: "/usr/share/poppler/cMap/Identity-H r,",
},
{
name: "file/empty",
name: "file-all",
rule: &File{},
other: &File{},
wCompare: 0,
wMerge: true,
wString: " ,",
wString: " ,", // FIXME:
},
{
name: "file/equal",
rule: &File{Path: "/usr/share/poppler/cMap/Identity-H"},
other: &File{Path: "/usr/share/poppler/cMap/Identity-H"},
wCompare: 0,
wMerge: true,
wString: "/usr/share/poppler/cMap/Identity-H ,",
name: "file-equal",
rule: &File{Path: "/usr/share/poppler/cMap/Identity-H"},
other: &File{Path: "/usr/share/poppler/cMap/Identity-H"},
wValidErr: true,
wCompare: 0,
wMerge: true,
wString: "/usr/share/poppler/cMap/Identity-H ,",
},
{
name: "file/owner",
rule: &File{Path: "/usr/share/poppler/cMap/Identity-H", Owner: true},
other: &File{Path: "/usr/share/poppler/cMap/Identity-H"},
wCompare: 1,
wMerge: false,
wString: "owner /usr/share/poppler/cMap/Identity-H ,",
name: "file-owner",
rule: &File{Path: "/usr/share/poppler/cMap/Identity-H", Owner: true},
other: &File{Path: "/usr/share/poppler/cMap/Identity-H"},
wCompare: 1,
wValidErr: true,
wMerge: false,
wString: "owner /usr/share/poppler/cMap/Identity-H ,",
},
{
name: "file/access",
name: "file-access",
rule: &File{Path: "/usr/share/poppler/cMap/Identity-H", Access: []string{"r"}},
other: &File{Path: "/usr/share/poppler/cMap/Identity-H", Access: []string{"w"}},
wCompare: -5,
@ -413,12 +415,13 @@ var (
wString: "/usr/share/poppler/cMap/Identity-H r,",
},
{
name: "file/close",
rule: &File{Path: "/usr/share/poppler/cMap/"},
other: &File{Path: "/usr/share/poppler/cMap/Identity-H"},
wCompare: -10,
wMerge: false,
wString: "/usr/share/poppler/cMap/ ,",
name: "file-close",
rule: &File{Path: "/usr/share/poppler/cMap/"},
other: &File{Path: "/usr/share/poppler/cMap/Identity-H"},
wCompare: -10,
wValidErr: true,
wMerge: false,
wString: "/usr/share/poppler/cMap/ ,",
},
{
name: "link1",