Differential D20221 Diff 56092 autotests/input/usr.bin.apparmor-profile-test

Changeset View

Standalone View

View Options

autotests/input/usr.bin.apparmor-profile-test

Show First 20 LinesShow All 173 Lines▼ Show 20 Line(s)159/usr/bin/error (complain, audit) {
174 174
175 # Comments not allowed 175 # Comments not allowed
176 dbus (send) #No comment 176 dbus (send) #No comment
177 path=/org/hello 177 path=/org/hello
178 #No comment 178 #No comment
179 interface=org.hello #No comment 179 interface=org.hello #No comment
180 peer=(name=org.hello #No comment 180 peer=(name=org.hello #No comment
181 label=unconfined), #Comment 181 label=unconfined), #Comment
182 @{VARIABLE} = val1 val2 val3 #No comment 182
183 # Don't allow assignment of variables within profiles
184 @{VARIABLE} = val1 val2 val3 # Comment
185
186 # Alias rules not allowed within profiles
187 alias /run/ -> /mnt/run/,
183 188
184 # Error: Open rule 189 # Error: Open rule
185 /home/*/file rw 190 /home/*/file rw
186 capability dac_override 191 capability dac_override
187 deny file /etc/fstab w 192 deny file /etc/fstab w
188 audit network ieee802154, 193 audit network ieee802154,
189 194
190 dbus (receive 195 dbus (receive
Show All 22 Lines200profile other_tests {
213 network unix 218 network unix
214 unix, 219 unix,
215 ptrace unix 220 ptrace unix
216 unix, 221 unix,
217 unix unix 222 unix unix
218 unix, 223 unix,
219 224
220 # Transition rules 225 # Transition rules
221 /usr/bin/foo cx -> hello*, 226 /usr/bin/foo cx -> hello*, # profile name
222 /usr/bin/foo Cx -> path/, 227 /usr/bin/foo Cx -> path/, # path
223 /usr/bin/foo cx -> ab[ad/]hello, 228 /usr/bin/foo cx -> ab[ad/]hello, # profile name
224 /usr/bin/foo Cx -> ab[cd/]a[ad/]hello/path, 229 /usr/bin/foo Cx -> ab[cd/]a[ad/]hello/path, # path
225 /usr/bin/foo Cx -> ab[hello/path, 230 /usr/bin/foo Cx -> ab[hello/path, # profile name
226 231
227 /usr/bin/foo cx -> "hello*", 232 /usr/bin/foo cx -> "hello*", # profile name
228 /usr/bin/foo Cx -> "path/", 233 /usr/bin/foo Cx -> "path/", # path
229 /usr/bin/foo cx -> "ab[ad/]hello", 234 /usr/bin/foo cx -> "ab[ad/]hello", # profile name
230 /usr/bin/foo Cx -> "ab[cd/]a[ad/]hello/path", 235 /usr/bin/foo Cx -> "ab[cd/]a[ad/]hello/path", # path
231 /usr/bin/foo Cx -> "ab[hello/path", 236 /usr/bin/foo Cx -> "ab[hello/path", # profile name
232 237
233 /usr/bin/foo cx -> holas//hello/sa, 238 /usr/bin/foo cx -> holas//hello/sa, # path
234 /usr/bin/foo cx -> df///dd//hat, 239 /usr/bin/foo cx -> df///dd//hat, # path + hat
235 /usr/bin/foo cx -> holas,#sd\323fsdf, 240 /usr/bin/foo cx -> holas,#sd\323fsdf, # profile name
236 241
237 # Access modes 242 # Access modes
238 /hello/lib/foo rwklms, # s invalid 243 /hello/lib/foo rwklms, # s invalid
239 /hello/lib/foo rwmaix, # w & a incompatible 244 /hello/lib/foo rwmaix, # w & a incompatible
240 /hello/lib/foo kalmw, 245 /hello/lib/foo kalmw,
241 /hello/lib/foo wa, 246 /hello/lib/foo wa,
242 # OK 247 # OK
243 /hello/lib/foo rrwrwwrwrw, 248 /hello/lib/foo rrwrwwrwrw,
244 /hello/lib/foo ixixix, 249 /hello/lib/foo ixixix,
245 # Incompatible exec permissions 250 # Incompatible exec permissions
246 ixixux, uxuxUxux, ixixixPixix, ixixpx uxuxuxPuxux, UxUxcUxUx, 251 ixixux, uxuxUxux, ixixixPixix, ixixpx uxuxuxPuxux, UxUxcUxUx,
247 pixpixcixix, cxcxcxix, pixpixpux pixpixix xxix xxpux ixixx puxpuxx, 252 pixpixcixix, cxcxcxix, pixpixpux pixpixix xxix xxpux ixixx puxpuxx,
Show All 23 Lines