mirror of
https://github.com/roddhjav/apparmor.d.git
synced 2024-12-25 14:36:33 +01:00
tests: ensure vim syntax and abi are set on all profile/abs.
This commit is contained in:
parent
5585773802
commit
75f2c0c7b8
1 changed files with 34 additions and 17 deletions
|
@ -10,12 +10,38 @@ set -eu -o pipefail
|
|||
|
||||
readonly APPARMORD="apparmor.d"
|
||||
|
||||
_ensure_include() {
|
||||
local file="$1"
|
||||
local include="$2"
|
||||
if ! grep -q "^ *${include}$" "$file"; then
|
||||
echo "$file does not contain '$include'"
|
||||
exit 1
|
||||
fi
|
||||
}
|
||||
|
||||
_ensure_abi() {
|
||||
local file="$1"
|
||||
if ! grep -q "^ *abi <abi/4.0>," "$file"; then
|
||||
echo "$file does not contain 'abi <abi/4.0>,'"
|
||||
exit 1
|
||||
fi
|
||||
}
|
||||
|
||||
_ensure_vim() {
|
||||
local file="$1"
|
||||
if ! grep -q "^# vim:syntax=apparmor" "$file"; then
|
||||
echo "$file does not contain '# vim:syntax=apparmor'"
|
||||
exit 1
|
||||
fi
|
||||
}
|
||||
|
||||
check_profiles() {
|
||||
echo "⋅ Checking if all profiles contain:"
|
||||
echo " - 'abi <abi/4.0>,'"
|
||||
echo " - 'profile *profile_name* {'"
|
||||
echo " - 'profile <profile_name>'"
|
||||
echo " - 'include if exists <local/*>'"
|
||||
echo " - include if exists local for subprofiles"
|
||||
echo " - vim:syntax=apparmor"
|
||||
directories=("$APPARMORD/groups/*" "$APPARMORD/profiles-*-*")
|
||||
# shellcheck disable=SC2068
|
||||
for dir in ${directories[@]}; do
|
||||
|
@ -24,14 +50,9 @@ check_profiles() {
|
|||
name="$(basename "$file")"
|
||||
name="${name/.apparmor.d/}"
|
||||
include="include if exists <local/$name>"
|
||||
if ! grep -q "^ *${include}$" "$file"; then
|
||||
echo "$name does not contain '$include'"
|
||||
exit 1
|
||||
fi
|
||||
if ! grep -q "^ *abi <abi/4.0>," "$file"; then
|
||||
echo "$name does not contain 'abi <abi/4.0>,'"
|
||||
exit 1
|
||||
fi
|
||||
_ensure_include "$file" "$include"
|
||||
_ensure_abi "$file"
|
||||
_ensure_vim "$file"
|
||||
if ! grep -q "^profile $name" "$file"; then
|
||||
echo "$name does not contain 'profile $name'"
|
||||
exit 1
|
||||
|
@ -52,6 +73,7 @@ check_abstractions() {
|
|||
echo "⋅ Checking if all abstractions contain:"
|
||||
echo " - 'abi <abi/4.0>,'"
|
||||
echo " - 'include if exists <abstractions/*.d>'"
|
||||
echo " - vim:syntax=apparmor"
|
||||
directories=(
|
||||
"$APPARMORD/abstractions/" "$APPARMORD/abstractions/app/"
|
||||
"$APPARMORD/abstractions/bus/" "$APPARMORD/abstractions/common/"
|
||||
|
@ -61,14 +83,9 @@ check_abstractions() {
|
|||
name="$(basename "$file")"
|
||||
root="${dir/${APPARMORD}\/abstractions\//}"
|
||||
include="include if exists <abstractions/${root}${name}.d>"
|
||||
if ! grep -q "^ *${include}$" "$file"; then
|
||||
echo "$file does not contain '$include'"
|
||||
exit 1
|
||||
fi
|
||||
# if ! grep -q "^ *abi <abi/4.0>," "$file"; then
|
||||
# echo "$file does not contain 'abi <abi/4.0>,'"
|
||||
# exit 1
|
||||
# fi
|
||||
_ensure_include "$file" "$include"
|
||||
_ensure_abi "$file"
|
||||
_ensure_vim "$file"
|
||||
done
|
||||
done
|
||||
|
||||
|
|
Loading…
Reference in a new issue