A bug existed in the parser that it would not detect the error case
where an unquoted ']' is given without a matching '[' (the quoted
cases are accepted properly). This patch fixes the issue.
Signed-off-by: Steve Beattie <steve@nxnw.org>
Acked-by: John Johansen <john.johansen@canonical.com>
Acked-by: Seth Arnold <seth.arnold@canonical.com>
Currently alternations are limited to a single level, make it so we can
nest alternations.
Note: this is a temporary solution to the problem. Long term this routine
to convert to pcre will go away when native parsing of aare is added to
the backend.
Signed-off-by: John Johansen <john.johansen@canonical.com>
Acked-by: Steve Beattie <steve@nxnw.org>
patch is needed to fix the build.
patch from: Jan Rękorajski <baggins@pld-linux.org>
Signed-off-by: John Johansen <john.johansen@canonical.com>
Acked-by: Steve Beattie <steve@nxnw.org>
The previous patch for removing libimmunix support from the regression
tests wasn't complete. Also, the 2.2 and 2.4 kernel support code is
closely related and can be removed considering how old those kernels
are.
Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Acked-by: Steve Beattie <steve@nxnw.org>
This typo allowed apparmor.h to be pulled in multiple times.
Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Acked-by: Steve Beattie <steve@nxnw.org>
The libapparmor_wrap.c target generates libapparmor_wrap.c and
LibAppArmor.pm. The Perl module must exist before `perl Makefile.PL`
under the Makefile.perl target, otherwise the generated Makefile.perl
ends up with an empty $(TO_INST_PM) variable and the pm_to_blib target's
dependencies are incomplete. That results in the Perl module not getting
copied to the blib directory and a build that is missing LibAppArmor.pm.
A build missing LibAppArmor.pm only occurred while building with
multiple threads.
Thanks to Seth Arnold for the suggestion on how to best fix the
dependencies.
Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Acked-by: Steve Beattie <steve@nxnw.org>
Only attempt to link against libapparmor since libimmunix has been
deprecated for 5+ years.
Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Acked-by: Steve Beattie <steve@nxnw.org>
The multiarch filesystem layout for Ubuntu uses directories such as
/usr/lib/{i386-linux-gnu,x86_64-linux-gnu,arm-linux-gnueabihf} so
peeking into /usr/{lib,lib64} is no longer sufficient.
This patch uses ldconfig to print out the libraries that it knows about
and grep that output for libapparmor.so or libimmunix.so.
Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Acked-by: Steve Beattie <steve@nxnw.org>
The parser sanity test make target does not directly depend on the make
targets that generate the tests consumed by the sanity test, leading to
runs that did not verify all the test cases when make check is invoked
with parallelism (e.g. make check -j4). This patch against trunk fixes
the issue.
Signed-off-by: Steve Beattie <steve@nxnw.org>
Acked-by: Seth Arnold <seth.arnold@canonical.com>
Acked-by: Tyler Hicks <tyhicks@canonical.com>
dnsmasq needs read access to more files in /var/lib/libvirt/dnsmasq/
(at least *.conf and *.addnhosts)
Since this directory contains only files that are intended for dnsmasq
(also confirmed by Jim Fehlig, the SUSE libvirt maintainer), the best
way is to just allow "/var/lib/libvirt/dnsmasq/* r,"
References: https://bugzilla.novell.com/show_bug.cgi?id=848215
+1'd for trunk and 2.8 by Jamie Strandboge <jamie@canonical.com>
The log parsing in the Immunix::AppArmor perl module has fallen behind
when it comes to audit events from some of the newer rule types
supported by apparmor_parser.
When an unsupported event is found, it causes aa-logprof to error out.
This patch creates a list of valid, but unsupported, event operations
that should be ignored by the perl module when parsing logs.
Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Acked-by: John Johansen <john.johansen@canonical.com>
When a parser that is aware of dbus rules is running under a kernel
that is unaware of dbus rules, the parser should ignore the dbus rules
instead of attempting to load them into the kernel. Otherwise, the
kernel will reject the entire profile, leaving the application
unconfined.
Similar to what is done for mount rules, the features listed in
apparmorfs should be checked to see if dbus is supported under the
current kernel.
Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Acked-by: John Johansen <john.johansen@canonical.com>
The purpose is to provide test coverage for accessing UNIX domain socket
files. AppArmor write permissions are needed to create the socket files
and both read and write permissions are needed to connect to the socket.
This patch adds a test to the UNIX file descriptor passing tests and
creates an entirely new set of tests for sending and receiving messages
using path-based SOCK_STREAM, SOCK_DGRAM, and SOCK_SEQPACKET UNIX domain
sockets.
Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Acked-by: Steve Beattie <steve@nxnw.org>
Allow directories to be passed directly to the parser and handled instead
of needing an initscript to find the files in the directory.
eg. load all profiles in profiles dir
apparmor_parser -r /etc/apparmor.d/
eg. load all binary files in the cache dir
apparmor_parser -Br /etc/apparmor.d/cache/
Signed-off-by: John Johansen <john.johansen@canonical.com>
Acked-by: Steve Beattie <steve@nxnw.org>
This patch adds a python metaclass to wrap the test methods in the
subclasses of the template class AATestTemplate with the keep_on_fail
function, which sets the do_cleanup attribute to False when a testcase
failure occurs (i.e. an Exception is raised), and removes the manually
applied decorators to the caching tests that made use of this.
The downside to this approach is that the way metaclasses are declared
changed between python 2 and python 3 in an incompatible way. Since
python 3 is The Future™, I chose that approach and made the caching
and valgrind tests which use testlib be python3 (until this change,
they would have worked under either python 2 or python 3).
(An output message when a failure occurs is tweaked, to make the
output a little cleaner when verbose test output is requested and
failures occur.)
Signed-off-by: Steve Beattie <steve@nxnw.org>
Acked-by: Christian Boltz <apparmor@cboltz.de>
This patch modifies testlib.write_file() to take a directory and a file
name instead of a path and return the joined result for callers to use
if necessary.
Signed-off-by: Steve Beattie <steve@nxnw.org>
Acked-by: Christian Boltz <apparmor@cboltz.de>
This patch adds the command run to the reported message when a valgrind
failure is detected. This makes reproducing the failure outside of the
test suite easier, for easier diagnosis of what problem is occurring.
Signed-off-by: Steve Beattie <steve@nxnw.org>
Acked-by: Christian Boltz <apparmor@cboltz.de>
When converting the valgrind tests from optparse to argparse, I managed
to not verify that the resulting code actually worked :( . This patch
fixes it by adding a positional argument to handle the optional passed
directory location.
Signed-off-by: Steve Beattie <steve@nxnw.org>
Acked-by: Christian Boltz <apparmor@cboltz.de>
[previous commit forgot to bzr add caching.py; this commit fixes that]
This patch rewrites the caching test in python, using python's unittest
framework. It has been used with python 2.7 and python 3.3; python2.6
may have issues. It covers the tests in the existing caching.sh
test script (with the exception of the test that checks for when the
parser in $PATH is newer), as well as adding additional tests that
more extensively cover using a cache in an alternate location from
basedir. It also adds simple tests for the --create-cache-dir option
(along with that option's interaction with the alt-cache option).
(Some further work to be done is listed under TODO.)
Patch history:
v1: - initial version
v2: - create template base class
- add keep_on_fail() decorator to keep temporary test files
around after a test fails
- don't dump raw cache file to failure output in
test_cache_writing_updates_cache_file()
- push run_cmd into template class
- create run_cmd_check wrapper to run_cmd that adds an assertion
check based on whether return code matches the expected rc
(the valgrind tests only want to verify that the rc is not a
specific set of values, hence the separate wrapper function)
- similarly, add a check to run_cmd_check for verifying the output
contains a specific string, also simplifying many of the caching
tests.
- create testlib.write_file() to simplify writing file
Signed-off-by: Steve Beattie <steve@nxnw.org>
Acked-by: Christian Boltz <apparmor@cboltz.de>
This patch rewrites the caching test in python, using python's unittest
framework. It has been used with python 2.7 and python 3.3; python2.6
may have issues. It covers the tests in the existing caching.sh
test script (with the exception of the test that checks for when the
parser in $PATH is newer), as well as adding additional tests that
more extensively cover using a cache in an alternate location from
basedir. It also adds simple tests for the --create-cache-dir option
(along with that option's interaction with the alt-cache option).
(Some further work to be done is listed under TODO.)
Patch history:
v1: - initial version
v2: - create template base class
- add keep_on_fail() decorator to keep temporary test files
around after a test fails
- don't dump raw cache file to failure output in
test_cache_writing_updates_cache_file()
- push run_cmd into template class
- create run_cmd_check wrapper to run_cmd that adds an assertion
check based on whether return code matches the expected rc
(the valgrind tests only want to verify that the rc is not a
specific set of values, hence the separate wrapper function)
- similarly, add a check to run_cmd_check for verifying the output
contains a specific string, also simplifying many of the caching
tests.
- create testlib.write_file() to simplify writing file
Signed-off-by: Steve Beattie <steve@nxnw.org>
Acked-by: Christian Boltz <apparmor@cboltz.de>
This patch adds a test wrapper that runs valgrind on the parser over the
simple_tests tree (or other directory tree if passed on the command
line). An alternate parser location can also be passed on the command
line.
Like the libapparmor python bindings test, this test uses a bit of magic
to generate tests that doesn't work with auto-detecting test utilities
like nose.
Running valgrind on the parser over all 69000+ testcases takes several
hours, so while this patch includes a make target 'make valgrind', it
does not add it to the set of tests run when 'make check' is called.
Perhaps a 'make extra-tests' target is in order.
Patch history:
v1: - initial version.
v2: - add some valgrind suppressions for overaggressive 4 byte reads
past the end of allocated storage (not completed).
v3: - add ability to dump valgrind suppressions to stdout, to use
diagnosis runs of valgrind for determining whether a given
failure is a false positive or not.
- correctly return 0 on a successful run and an error code if one
or more test cases fail.
- point LD_LIBRARY_PATH at the in-tree libapparmor build.
- split out some utility functions into testlib.py, for possible
use by other to be written test scripts
v4: - convert optparse to argparse
Signed-off-by: Steve Beattie <steve@nxnw.org>
Acked-by: Tyler Hicks <tyhicks@canonical.com> (for v2 version)
This patch converts to statically linking libapparmor with
whichever static libapparmor it can find on its library search path
(and verified to choose the in-tree version over the system one if both
are available)
Signed-off-by: Steve Beattie <steve@nxnw.org>
Acked-by: John Johansen <john.johansen@canonical.com>
This patch switches over from using our hackish way to get a
statically linked libstdc++ (which was based on the article at
http://www.trilithium.com/johan/2005/06/static-libstdc/) with the
-static-libstdc++ compiler option
Signed-off-by: Steve Beattie <steve@nxnw.org>
Acked-by: John Johansen <john.johansen@canonical.com>
With trunk commit 2205 "use libapparmor's find mountpoint fn",
the parser now builds against and uses libapparmor at runtime. However,
it currently builds against the system installed libapparmor library and
header files, which fails if either aren't installed, and is thus
painful for bootstrapping in a new environment.
Instead, the parser, like pam_apparmor and mod_apparmor, should build
against the in-tree libapparmor header and library. This patch does
that and adjusts the tests to point LD_LIBRARY_PATH at the location
of the built library as well.
Signed-off-by: Steve Beattie <steve@nxnw.org>
Acked-by: John Johansen <john.johansen@canonical.com>
$HOME/.config/fontconfig/conf.d/* and
$HOME/.config/fontconfig/fonts.conf
/etc/fonts/conf.d/50-user.conf:
<!--
Load per-user customization files where stored on XDG Base Directory
specification compliant places. it should be usually:
$HOME/.config/fontconfig/conf.d
$HOME/.config/fontconfig/fonts.conf
-->
<include ignore_missing="yes" prefix="xdg">fontconfig/conf.d</include>
<include ignore_missing="yes" prefix="xdg">fontconfig/fonts.conf</include>
abstractions/fonts should allow read access to those files:
From: Felix Geyer debfx@ubuntu.com
Acked-by: John Johansen <john.johansen@canonical.com>
cache files will be written out even if the '--skip-bad-cache' option
is given and the cached features file differs from the features of
the currently running kernel. The patch below fixes the regression.
From: John Johansen <john.johansen@canonical.com>
Acked-by: Steve Beattie <steve@nxnw.org>
Fix Makefile to rebuild dbus object when yacc definitions change.
Signed-off-by: Steve Beattie <steve@nxnw.org>
Acked-by: John Johansen <john.johansen@canonical.com>
With the conversion to c++, the use of void* pointers for the parser
interface buffers generates several warnings. This patch converts the
types from void* to u8* for the buffer pointers, to clean up those
warnings.
Signed-off-by: Steve Beattie <steve@nxnw.org>
Acked-by: John Johansen <john.johansen@canonical.com>
This patch is a very minor optimization to the search to determine
whether a given rule is an exact match or not. If a wildcard rule
(i.e. an inexact match) is discovered, exact_match is set to 0,
so we don't need to continue the tree traversal.
Signed-off-by: Steve Beattie <steve@nxnw.org>
Acked-by: John Johansen <john.johansen@canonical.com>
This patch fixes a few more parser memory leaks as identified by the
simple valgrind test script. These mostly occur during cleanup of
structs and classes and as such, don't represent very serious leaks
for common usages of the parser.
Signed-off-by: Steve Beattie <steve@nxnw.org>
Acked-by: John Johansen <john.johansen@canonical.com>
Our simple language tests did not include any file deny rule tests. This
patch adds a few simple ones.
Signed-off-by: Steve Beattie <steve@nxnw.org>
Acked-by: Christian Boltz <apparmor@cboltz.de>
