On 01/17/2014 11:16 PM, Steve Beattie wrote:
>
> Ah, so it is. Here's a patch that adds it, as well as some additional
> test cases around the combinations of audit, allow, deny and other:
>
> Signed-off-by: Steve Beattie <[email protected]>
Acked-by: John Johansen <[email protected]>
> ---
> parser/tst/simple_tests/file/allow/ok_other_1.sd | 7 +++++++
> parser/tst/simple_tests/file/allow/ok_other_2.sd | 7 +++++++
> parser/tst/simple_tests/file/ok_other_2.sd | 7 +++++++
> parser/tst/simple_tests/file/ok_other_3.sd | 7 +++++++
> utils/vim/create-apparmor.vim.py | 8 ++++----
> 5 files changed, 32 insertions(+), 4 deletions(-)
>
> Index: b/utils/vim/create-apparmor.vim.py
> ===================================================================
> --- a/utils/vim/create-apparmor.vim.py
> +++ b/utils/vim/create-apparmor.vim.py
> @@ -88,11 +88,11 @@ filename=r'(\/|\@\{\S*\})\S*'
>
> aa_regex_map = {
> 'FILENAME': filename,
> - 'FILE': r'\v^\s*(audit\s+)?(deny\s+|allow\s+)?(owner\s+)?' +
> filename + r'\s+', # Start of a file rule
> + 'FILE':
> r'\v^\s*(audit\s+)?(deny\s+|allow\s+)?(owner\s+|other\s+)?' + filename +
> r'\s+', # Start of a file rule
> # (whitespace_+_, owner etc. flag_?_, filename
> pattern, whitespace_+_)
> - 'DENYFILE': r'\v^\s*(audit\s+)?deny\s+(owner\s+)?' + filename +
> r'\s+', # deny, otherwise like FILE
> - 'auditdenyowner': r'(audit\s+)?(deny\s+|allow\s+)?(owner\s+)?',
> - 'audit_DENY_owner': r'(audit\s+)?deny\s+(owner\s+)?', # must include
> "deny", otherwise like auditdenyowner
> + 'DENYFILE': r'\v^\s*(audit\s+)?deny\s+(owner\s+|other\s+)?' +
> filename + r'\s+', # deny, otherwise like FILE
> + 'auditdenyowner':
> r'(audit\s+)?(deny\s+|allow\s+)?(owner\s+|other\s+)?',
> + 'audit_DENY_owner': r'(audit\s+)?deny\s+(owner\s+|other\s+)?', # must
> include "deny", otherwise like auditdenyowner
> 'auditdeny': r'(audit\s+)?(deny\s+|allow\s+)?',
> 'EOL': r'\s*,(\s*$|(\s*#.*$)\@=)', # End of a line
> (whitespace_?_, comma, whitespace_?_ comment.*)
> 'TRANSITION': r'(\s+-\>\s+\S+)?',
> Index: b/parser/tst/simple_tests/file/ok_other_2.sd
> ===================================================================
> --- /dev/null
> +++ b/parser/tst/simple_tests/file/ok_other_2.sd
> @@ -0,0 +1,7 @@
> +#
> +#=DESCRIPTION simple deny other flag test
> +#=EXRESULT PASS
> +
> +profile test {
> + deny other /tmp/** rw,
> +}
> Index: b/parser/tst/simple_tests/file/ok_other_3.sd
> ===================================================================
> --- /dev/null
> +++ b/parser/tst/simple_tests/file/ok_other_3.sd
> @@ -0,0 +1,7 @@
> +#
> +#=DESCRIPTION simple other flag test
> +#=EXRESULT PASS
> +
> +profile test {
> + audit other /tmp/** rw,
> +}
> Index: b/parser/tst/simple_tests/file/allow/ok_other_1.sd
> ===================================================================
> --- /dev/null
> +++ b/parser/tst/simple_tests/file/allow/ok_other_1.sd
> @@ -0,0 +1,7 @@
> +#
> +#=DESCRIPTION simple allow other flag test
> +#=EXRESULT PASS
> +
> +profile test {
> + allow other /tmp/** rw,
> +}
> Index: b/parser/tst/simple_tests/file/allow/ok_other_2.sd
> ===================================================================
> --- /dev/null
> +++ b/parser/tst/simple_tests/file/allow/ok_other_2.sd
> @@ -0,0 +1,7 @@
> +#
> +#=DESCRIPTION simple audit allow other flag test
> +#=EXRESULT PASS
> +
> +profile test {
> + audit allow other /tmp/** rw,
> +}
>
>> That all said - I remember that we discussed an automated way to test
>> apparmor.vim (basically by letting vim write the colored file as HTML) -
>> but that was loooong ago and I don't remember the details.
>>
>> Can someone give a pointer or, better, provide a patch for the tests/
>> Makefile? ;-)
>
> I don't have time to draw up a patch, but the 2html.vim
> syntax plugin looks like it's the right thing to use, based on
> http://vim.wikia.com/wiki/Pasting_code_with_syntax_coloring_in_emails ,
> if anyone else wants to take this on.
>
>
>
--
AppArmor mailing list
[email protected]
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/apparmor
