From 79698cdbfebc365bcdfab5315591783021cd2415 Mon Sep 17 00:00:00 2001 From: Tyler Hicks Date: Fri, 5 Sep 2014 09:43:49 -0500 Subject: [PATCH] tests: Update mkprofile.pl to accept unix rules Example gen_unix() inputs and outputs: "unix:ALL" -> " unix,\n" "unix:(create,bind,listen,accept):addr=@foo:peer=(label=bar)" -> " unix (create,bind,listen accept) addr=@foo peer=(label=bar),\n" Signed-off-by: Tyler Hicks Acked-by: Steve Beattie --- tests/regression/apparmor/mkprofile.pl | 12 ++++++++++++ tests/regression/apparmor/unix_socket.sh | 1 - 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/tests/regression/apparmor/mkprofile.pl b/tests/regression/apparmor/mkprofile.pl index e1e67f5ba..adae98f37 100755 --- a/tests/regression/apparmor/mkprofile.pl +++ b/tests/regression/apparmor/mkprofile.pl @@ -154,6 +154,16 @@ sub gen_network($) { push (@{$output_rules{$hat}}, " @rules,\n"); } +sub gen_unix($) { + my $rule = shift; + if ($rule =~ /^unix:ALL$/) { + push (@{$output_rules{$hat}}, " unix,\n"); + } else { + $rule =~ s/:/ /g; + push(@{$output_rules{$hat}}, " " . $rule . ",\n"); + } +} + sub gen_cap($) { my $rule = shift; my @rules = split (/:/, $rule); @@ -376,6 +386,8 @@ sub gen_from_args() { gen_netdomain($rule); } elsif ($rule =~ /^network:/) { gen_network($rule); + } elsif ($rule =~ /^unix:/) { + gen_unix($rule); } elsif ($rule =~ /^cap:/) { gen_cap($rule); } elsif ($rule =~ /^ptrace:/) { diff --git a/tests/regression/apparmor/unix_socket.sh b/tests/regression/apparmor/unix_socket.sh index 3d708868d..309636c79 100755 --- a/tests/regression/apparmor/unix_socket.sh +++ b/tests/regression/apparmor/unix_socket.sh @@ -76,7 +76,6 @@ testsocktype() # TODO: Make additional changes to test abstract sockets w/ confinement # - # * Adjust genprofile to generate af_unix abstract socket rules # * Create variables to hold genprofile arguments for socket accesses # and initialize them according to socket address type # * Remove the following conditional