mirrors/apparmor.d
1
0
Fork 0
mirror of https://github.com/roddhjav/apparmor.d.git synced 2025-01-18 08:58:15 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

test(aa): add unit tests for the link rule.

Browse source
This commit is contained in:
Alexandre Pujol 2024-05-25 22:22:57 +01:00
parent 019b6f8197
commit 9812c38b83
Failed to generate hash of commit
2 changed files with 43 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
pkg/aa/data_test.go
View file

@ -292,6 +292,7 @@ var (
} }
// Link // Link
link3LogStr = `apparmor="ALLOWED" operation="link" class="file" profile="dolphin" name="@{user_config_dirs}/kiorc" comm="dolphin" requested_mask="l" denied_mask="l" fsuid=1000 ouid=1000 target="@{user_config_dirs}/#3954"`
link1Log = map[string]string{ link1Log = map[string]string{
"apparmor": "ALLOWED", "apparmor": "ALLOWED",
"operation": "link", "operation": "link",
@ -307,13 +308,31 @@ var (
"FSUID": "root", "FSUID": "root",
"OUID": "root", "OUID": "root",
} }
link3Log = map[string]string{
"apparmor": "ALLOWED",
"operation": "link",
"class": "file",
"profile": "dolphin",
"name": "@{user_config_dirs}/kiorc",
"comm": "dolphin",
"requested_mask": "l",
"denied_mask": "l",
"fsuid": "1000",
"ouid": "1000",
"target": "@{user_config_dirs}/#3954",
}
link1 = &Link{ link1 = &Link{
Path: "/tmp/mkinitcpio.QDWtza/early@{lib}/firmware/i915/dg1_dmc_ver2_02.bin.zst", Path: "/tmp/mkinitcpio.QDWtza/early@{lib}/firmware/i915/dg1_dmc_ver2_02.bin.zst",
Target: "/tmp/mkinitcpio.QDWtza/root@{lib}/firmware/i915/dg1_dmc_ver2_02.bin.zst", Target: "/tmp/mkinitcpio.QDWtza/root@{lib}/firmware/i915/dg1_dmc_ver2_02.bin.zst",
} }
link2 = &File{ link2 = &Link{
Owner: true, Owner: true,
Path: "@{user_config_dirs}/powerdevilrc{,.@{rand6}}", Path: "@{user_config_dirs}/powerdevilrc{,.@{rand6}}",
Target: "@{user_config_dirs}/#@{int}", Target: "@{user_config_dirs}/#@{int}",
} }
link3 = &Link{
Owner: true,
Path: "@{user_config_dirs}/kiorc",
Target: "@{user_config_dirs}/#3954",
}
) )

23
pkg/aa/rules_test.go
View file

@ -94,6 +94,12 @@ func TestRules_FromLog(t *testing.T) {
log: link1Log, log: link1Log,
want: link1, want: link1,
}, },
{
name: "link",
fromLog: newFileFromLog,
log: link3Log,
want: link3,
},
} }
for _, tt := range tests { for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) { t.Run(tt.name, func(t *testing.T) {
@ -267,6 +273,12 @@ func TestRules_Less(t *testing.T) {
other: &File{Path: "/usr/share/poppler/cMap/Identity-H"}, other: &File{Path: "/usr/share/poppler/cMap/Identity-H"},
want: true, want: true,
}, },
{
name: "link",
rule: link1,
other: link2,
want: true,
},
} }
for _, tt := range tests { for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) { t.Run(tt.name, func(t *testing.T) {
@ -363,6 +375,12 @@ func TestRules_Equals(t *testing.T) {
other: file2, other: file2,
want: true, want: true,
}, },
{
name: "link",
rule: link1,
other: link3,
want: false,
},
} }
for _, tt := range tests { for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) { t.Run(tt.name, func(t *testing.T) {
@ -473,6 +491,11 @@ func TestRules_String(t *testing.T) {
rule: file1, rule: file1,
want: "/usr/share/poppler/cMap/Identity-H r,", want: "/usr/share/poppler/cMap/Identity-H r,",
}, },
{
name: "link",
rule: link3,
want: "owner link @{user_config_dirs}/kiorc -> @{user_config_dirs}/#3954,",
},
} }
for _, tt := range tests { for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) { t.Run(tt.name, func(t *testing.T) {