mirrors/apparmor
1
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor.git synced 2025-03-04 16:35:02 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

tests: Update mkprofile.pl to accept unix rules

Browse source 
Example gen_unix() inputs and outputs:

  "unix:ALL" -> "  unix,\n"

  "unix:(create,bind,listen,accept):addr=@foo:peer=(label=bar)" ->
    "  unix (create,bind,listen accept) addr=@foo peer=(label=bar),\n"

Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Acked-by: Steve Beattie <steve@nxnw.org>
This commit is contained in:
Tyler Hicks 2014-09-05 09:43:49 -05:00
parent cdd23798bb
commit 79698cdbfe
2 changed files with 12 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
tests/regression/apparmor/mkprofile.pl
View file

@ -154,6 +154,16 @@ sub gen_network($) {
push (@{$output_rules{$hat}}, " @rules,\n"); push (@{$output_rules{$hat}}, " @rules,\n");
} }
sub gen_unix($) {
my $rule = shift;
if ($rule =~ /^unix:ALL$/) {
push (@{$output_rules{$hat}}, " unix,\n");
} else {
$rule =~ s/:/ /g;
push(@{$output_rules{$hat}}, " " . $rule . ",\n");
}
}
sub gen_cap($) { sub gen_cap($) {
my $rule = shift; my $rule = shift;
my @rules = split (/:/, $rule); my @rules = split (/:/, $rule);
@ -376,6 +386,8 @@ sub gen_from_args() {
gen_netdomain($rule); gen_netdomain($rule);
} elsif ($rule =~ /^network:/) { } elsif ($rule =~ /^network:/) {
gen_network($rule); gen_network($rule);
} elsif ($rule =~ /^unix:/) {
gen_unix($rule);
} elsif ($rule =~ /^cap:/) { } elsif ($rule =~ /^cap:/) {
gen_cap($rule); gen_cap($rule);
} elsif ($rule =~ /^ptrace:/) { } elsif ($rule =~ /^ptrace:/) {

1
tests/regression/apparmor/unix_socket.sh
View file

@ -76,7 +76,6 @@ testsocktype()
# TODO: Make additional changes to test abstract sockets w/ confinement # TODO: Make additional changes to test abstract sockets w/ confinement
# #
# * Adjust genprofile to generate af_unix abstract socket rules
# * Create variables to hold genprofile arguments for socket accesses # * Create variables to hold genprofile arguments for socket accesses
# and initialize them according to socket address type # and initialize them according to socket address type
# * Remove the following conditional # * Remove the following conditional