[prev in list] [next in list] [prev in thread] [next in thread]
List: apparmor-dev
Subject: Re: [apparmor] [patch 14/18] parser: add additional language tests to get wider test coverage
From: John Johansen <john.johansen () canonical ! com>
Date: 2014-01-24 10:29:35
Message-ID: 52E2408F.2060501 () canonical ! com
[Download RAW message or body]
On 01/17/2014 11:16 PM, Steve Beattie wrote:
>
> Ah, so it is. Here's a patch that adds it, as well as some additional
> test cases around the combinations of audit, allow, deny and other:
>
> Signed-off-by: Steve Beattie <steve@nxnw.org>
Acked-by: John Johansen <john.johansen@canonical.com>
> ---
> parser/tst/simple_tests/file/allow/ok_other_1.sd | 7 +++++++
> parser/tst/simple_tests/file/allow/ok_other_2.sd | 7 +++++++
> parser/tst/simple_tests/file/ok_other_2.sd | 7 +++++++
> parser/tst/simple_tests/file/ok_other_3.sd | 7 +++++++
> utils/vim/create-apparmor.vim.py | 8 ++++----
> 5 files changed, 32 insertions(+), 4 deletions(-)
>
> Index: b/utils/vim/create-apparmor.vim.py
> ===================================================================
> --- a/utils/vim/create-apparmor.vim.py
> +++ b/utils/vim/create-apparmor.vim.py
> @@ -88,11 +88,11 @@ filename=r'(\/|\@\{\S*\})\S*'
>
> aa_regex_map = {
> 'FILENAME': filename,
> - 'FILE': r'\v^\s*(audit\s+)?(deny\s+|allow\s+)?(owner\s+)?' + \
> filename + r'\s+', # Start of a file rule + 'FILE': \
> r'\v^\s*(audit\s+)?(deny\s+|allow\s+)?(owner\s+|other\s+)?' + filename + r'\s+', # \
> Start of a file rule # (whitespace_+_, owner etc. flag_?_, filename pattern, \
> whitespace_+_)
> - 'DENYFILE': r'\v^\s*(audit\s+)?deny\s+(owner\s+)?' + filename + \
> r'\s+', # deny, otherwise like FILE
> - 'auditdenyowner': r'(audit\s+)?(deny\s+|allow\s+)?(owner\s+)?',
> - 'audit_DENY_owner': r'(audit\s+)?deny\s+(owner\s+)?', # must include "deny", \
> otherwise like auditdenyowner + 'DENYFILE': \
> r'\v^\s*(audit\s+)?deny\s+(owner\s+|other\s+)?' + filename + r'\s+', # deny, \
> otherwise like FILE + 'auditdenyowner': \
> r'(audit\s+)?(deny\s+|allow\s+)?(owner\s+|other\s+)?', + 'audit_DENY_owner': \
> r'(audit\s+)?deny\s+(owner\s+|other\s+)?', # must include "deny", otherwise like \
> auditdenyowner 'auditdeny': r'(audit\s+)?(deny\s+|allow\s+)?',
> 'EOL': r'\s*,(\s*$|(\s*#.*$)\@=)', # End of a line (whitespace_?_, \
> comma, whitespace_?_ comment.*) 'TRANSITION': r'(\s+-\>\s+\S+)?',
> Index: b/parser/tst/simple_tests/file/ok_other_2.sd
> ===================================================================
> --- /dev/null
> +++ b/parser/tst/simple_tests/file/ok_other_2.sd
> @@ -0,0 +1,7 @@
> +#
> +#=DESCRIPTION simple deny other flag test
> +#=EXRESULT PASS
> +
> +profile test {
> + deny other /tmp/** rw,
> +}
> Index: b/parser/tst/simple_tests/file/ok_other_3.sd
> ===================================================================
> --- /dev/null
> +++ b/parser/tst/simple_tests/file/ok_other_3.sd
> @@ -0,0 +1,7 @@
> +#
> +#=DESCRIPTION simple other flag test
> +#=EXRESULT PASS
> +
> +profile test {
> + audit other /tmp/** rw,
> +}
> Index: b/parser/tst/simple_tests/file/allow/ok_other_1.sd
> ===================================================================
> --- /dev/null
> +++ b/parser/tst/simple_tests/file/allow/ok_other_1.sd
> @@ -0,0 +1,7 @@
> +#
> +#=DESCRIPTION simple allow other flag test
> +#=EXRESULT PASS
> +
> +profile test {
> + allow other /tmp/** rw,
> +}
> Index: b/parser/tst/simple_tests/file/allow/ok_other_2.sd
> ===================================================================
> --- /dev/null
> +++ b/parser/tst/simple_tests/file/allow/ok_other_2.sd
> @@ -0,0 +1,7 @@
> +#
> +#=DESCRIPTION simple audit allow other flag test
> +#=EXRESULT PASS
> +
> +profile test {
> + audit allow other /tmp/** rw,
> +}
>
> > That all said - I remember that we discussed an automated way to test
> > apparmor.vim (basically by letting vim write the colored file as HTML) -
> > but that was loooong ago and I don't remember the details.
> >
> > Can someone give a pointer or, better, provide a patch for the tests/
> > Makefile? ;-)
>
> I don't have time to draw up a patch, but the 2html.vim
> syntax plugin looks like it's the right thing to use, based on
> http://vim.wikia.com/wiki/Pasting_code_with_syntax_coloring_in_emails ,
> if anyone else wants to take this on.
>
>
>
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic