test-libapparmor-test_multi.py: allow to parse a specific logfile

test-libapparmor-test_multi.py converts the libapparmor test_multi log examples to profiles. This patch allows to call test-libapparmor-test-multi.py with a logfile (containing a single log line) as parameter. It will then print the resulting profile. Example: # python3 test-libapparmor-test_multi.py /path/to/libraries/libapparmor/testsuite/test_multi/testcase_dbus_01.in /tmp/apparmor-2.8.0/tests/regression/apparmor/dbus_service { dbus send bus=session path=/org/freedesktop/DBus interface=org.freedesktop.DBus member=Hello peer=(label=unconfined), }
2025-03-04 08:24:42 +01:00 · 2018-05-06 17:42:43 +02:00 · 2018-05-06 17:42:43 +02:00 · 0bc6078cfd
commit 0bc6078cfd
parent eca16ae6cf
1 changed files with 53 additions and 39 deletions
--- a/utils/test/test-libapparmor-test_multi.py
+++ b/utils/test/test-libapparmor-test_multi.py
@ -13,6 +13,7 @@ import unittest
 from common_test import AATest, setup_all_loops, setup_aa, read_file

 import os
+import sys
 from apparmor.common import open_file_read

 import apparmor.aa
@ -192,6 +193,23 @@ class TestLogToProfile(AATest):

    def _run_test(self, params, expected):
        logfile = '%s.in' % params
+
+        if params.split('/')[-1] in log_to_profile_skip:
+            return
+
+        profile, new_profile = logfile_to_profile(logfile)
+        if profile is None:
+            return
+
+        expected_profile = read_file('%s.profile' % params)
+
+        if params.split('/')[-1] in log_to_profile_known_failures:
+            self.assertNotEqual(new_profile, expected_profile)  # known failure
+        else:
+            self.assertEqual(new_profile, expected_profile)
+
+
+def logfile_to_profile(logfile):
    profile_dummy_file = 'AATest_does_exist'

    # we need to find out the profile name and aamode (complain vs. enforce mode) so that the test can access the correct place in storage
@ -199,15 +217,12 @@ class TestLogToProfile(AATest):
    parsed_event = parser.parse_event(read_file(logfile))

    if not parsed_event:  # AA_RECORD_INVALID
-            return
-
-        if params.split('/')[-1] in log_to_profile_skip:
-            return
+        return None, 'INVALID'

    aamode = parsed_event['aamode']

    if aamode in['AUDIT', 'STATUS', 'HINT']: # ignore some event types  # XXX maybe we shouldn't ignore AUDIT events?
-            return
+        return None, aamode

    if aamode not in ['PERMITTING', 'REJECTING']:
        raise Exception('Unexpected aamode %s' % parsed_event['aamode'])
@ -237,13 +252,7 @@ class TestLogToProfile(AATest):

    new_profile = apparmor.aa.serialize_profile(log_dict[aamode][profile], profile, None)

-        expected_profile = read_file('%s.profile' % params)
-
-        if params.split('/')[-1] in log_to_profile_known_failures:
-            self.assertNotEqual(new_profile, expected_profile)  # known failure
-        else:
-            self.assertEqual(new_profile, expected_profile)
-
+    return profile, new_profile

 def find_test_multi(log_dir):
    '''find all log sniplets in the given log_dir'''
@ -264,7 +273,12 @@ def find_test_multi(log_dir):

    return tests

+# if a logfile is given as parameter, print the resulting profile and exit (with $? = 42 to make sure tests break if the caller accidently hands over a parameter)
+if __name__ == '__main__' and len(sys.argv) == 2:
+    print(logfile_to_profile(sys.argv[1])[1])
+    exit(42)

+# still here? That means a normal test run
 print('Testing libapparmor test_multi tests...')
 TestLibapparmorTestMulti.tests = find_test_multi('../../libraries/libapparmor/testsuite/test_multi/')
 TestLogToProfile.tests = find_test_multi('../../libraries/libapparmor/testsuite/test_multi/')