« back to all changes in this revision
Viewing changes to utils/test/test-aa-easyprof.py
- browse files at revision 2158
- compare with another revision
- download diff
- download tarball
- view history from revision 2158
- Committer: jdstrand
- Date: 2013-07-08 00:25:14 UTC
- Revision ID: jamie@canonical.com-20130708002514-vepdmybul061jlt7
update manifest JSON structure to use m['security']['profiles']['profile_name']
instead of m['security']['profile_name']
instead of m['security']['profile_name']
added
removed
utils/test/test-aa-easyprof.py
58
58
class Manifest(object):
59
59
def __init__(self, profile_name):
60
60
self.security = dict()
61
self.security['profiles'] = dict()
61
62
self.profile_name = profile_name
62
self.security[self.profile_name] = dict()
63
self.security['profiles'][self.profile_name] = dict()
63
64
64
65
def add_policygroups(self, policy_list):
65
self.security[self.profile_name]['policy_groups'] = policy_list.split(",")
66
self.security['profiles'][self.profile_name]['policy_groups'] = policy_list.split(",")
66
67
67
68
def add_author(self, author):
68
self.security[self.profile_name]['author'] = author
69
self.security['profiles'][self.profile_name]['author'] = author
69
70
70
71
def add_copyright(self, copyright):
71
self.security[self.profile_name]['copyright'] = copyright
72
self.security['profiles'][self.profile_name]['copyright'] = copyright
72
73
73
74
def add_comment(self, comment):
74
self.security[self.profile_name]['comment'] = comment
75
self.security['profiles'][self.profile_name]['comment'] = comment
75
76
76
77
def add_binary(self, binary):
77
self.security[self.profile_name]['binary'] = binary
78
self.security['profiles'][self.profile_name]['binary'] = binary
78
79
79
80
def add_template(self, template):
80
self.security[self.profile_name]['template'] = template
81
self.security['profiles'][self.profile_name]['template'] = template
81
82
82
83
def add_template_variable(self, name, value):
83
if not 'template_variables' in self.security[self.profile_name]:
84
self.security[self.profile_name]['template_variables'] = dict()
84
if not 'template_variables' in self.security['profiles'][self.profile_name]:
85
self.security['profiles'][self.profile_name]['template_variables'] = dict()
85
86
86
self.security[self.profile_name]['template_variables'][name] = value
87
self.security['profiles'][self.profile_name]['template_variables'][name] = value
87
88
88
89
def emit_json(self, use_security_prefix=True):
89
90
manifest = dict()
1403
1404
# this should come from manpage
1404
1405
m = '''{
1405
1406
"security": {
1406
"com.example.foo": {
1407
"abstractions": [
1408
"audio",
1409
"gnome"
1410
],
1411
"author": "Your Name",
1412
"binary": "/opt/foo/**",
1413
"comment": "Unstructured single-line comment",
1414
"copyright": "Unstructured single-line copyright statement",
1415
"name": "My Foo App",
1416
"policy_groups": [
1417
"opt-application",
1418
"user-application"
1419
],
1420
"policy_vendor": "somevendor",
1421
"policy_version": 1.0,
1422
"read_path": [
1423
"/tmp/foo_r",
1424
"/tmp/bar_r/"
1425
],
1426
"template": "user-application",
1427
"template_variables": {
1428
"APPNAME": "foo",
1429
"VAR1": "bar",
1430
"VAR2": "baz"
1431
},
1432
"write_path": [
1433
"/tmp/foo_w",
1434
"/tmp/bar_w/"
1435
]
1407
"profiles": {
1408
"com.example.foo": {
1409
"abstractions": [
1410
"audio",
1411
"gnome"
1412
],
1413
"author": "Your Name",
1414
"binary": "/opt/foo/**",
1415
"comment": "Unstructured single-line comment",
1416
"copyright": "Unstructured single-line copyright statement",
1417
"name": "My Foo App",
1418
"policy_groups": [
1419
"opt-application",
1420
"user-application"
1421
],
1422
"policy_vendor": "somevendor",
1423
"policy_version": 1.0,
1424
"read_path": [
1425
"/tmp/foo_r",
1426
"/tmp/bar_r/"
1427
],
1428
"template": "user-application",
1429
"template_variables": {
1430
"APPNAME": "foo",
1431
"VAR1": "bar",
1432
"VAR2": "baz"
1433
},
1434
"write_path": [
1435
"/tmp/foo_w",
1436
"/tmp/bar_w/"
1437
]
1438
}
1436
1439
}
1437
1440
}
1438
1441
}'''
1458
1461
# and template
1459
1462
m = '''{
1460
1463
"security": {
1461
"com.ubuntu.developer.myusername.MyCoolApp": {
1462
"name": "MyCoolApp",
1463
"policy_groups": [
1464
"opt-application",
1465
"user-application"
1466
],
1467
"policy_vendor": "ubuntu",
1468
"policy_version": 1.0,
1469
"template": "user-application",
1470
"template_variables": {
1471
"APPNAME": "MyCoolApp"
1464
"profiles": {
1465
"com.ubuntu.developer.myusername.MyCoolApp": {
1466
"name": "MyCoolApp",
1467
"policy_groups": [
1468
"opt-application",
1469
"user-application"
1470
],
1471
"policy_vendor": "ubuntu",
1472
"policy_version": 1.0,
1473
"template": "user-application",
1474
"template_variables": {
1475
"APPNAME": "MyCoolApp",
1476
"APPVERSION": "0.1.2"
1477
}
1472
1478
}
1473
1479
}
1474
1480
}
1494
1500
# this should come from manpage
1495
1501
m = '''{
1496
1502
"security": {
1497
"com.ubuntu.developer.myusername.MyCoolApp": {
1498
"name": "MyCoolApp",
1499
"policy_groups": [
1500
"opt-application",
1501
"user-application"
1502
],
1503
"policy_vendor": "ubuntu",
1504
"template": "user-application",
1505
"template_variables": {
1506
"APPNAME": "MyCoolApp"
1503
"profiles": {
1504
"com.ubuntu.developer.myusername.MyCoolApp": {
1505
"policy_groups": [
1506
"opt-application",
1507
"user-application"
1508
],
1509
"policy_vendor": "ubuntu",
1510
"template": "user-application",
1511
"template_variables": {
1512
"APPNAME": "MyCoolApp",
1513
"APPVERSION": "0.1.2"
1514
}
1507
1515
}
1508
1516
}
1509
1517
}
1524
1532
# this should come from manpage
1525
1533
m = '''{
1526
1534
"security": {
1527
"com.ubuntu.developer.myusername.MyCoolApp": {
1528
"name": "MyCoolApp",
1529
"policy_groups": [
1530
"opt-application",
1531
"user-application"
1532
],
1533
"policy_version": 1.0,
1534
"template": "user-application",
1535
"template_variables": {
1536
"APPNAME": "MyCoolApp"
1535
"profiles": {
1536
"com.ubuntu.developer.myusername.MyCoolApp": {
1537
"policy_groups": [
1538
"opt-application",
1539
"user-application"
1540
],
1541
"policy_version": 1.0,
1542
"template": "user-application",
1543
"template_variables": {
1544
"APPNAME": "MyCoolApp",
1545
"APPVERSION": "0.1.2"
1546
}
1537
1547
}
1538
1548
}
1539
1549
}
1553
1563
'''Test parse_manifest_multiple'''
1554
1564
m = '''{
1555
1565
"security": {
1556
"com.example.foo": {
1557
"abstractions": [
1558
"audio",
1559
"gnome"
1560
],
1561
"author": "Your Name",
1562
"binary": "/opt/foo/**",
1563
"comment": "Unstructured single-line comment",
1564
"copyright": "Unstructured single-line copyright statement",
1565
"name": "My Foo App",
1566
"policy_groups": [
1567
"opt-application",
1568
"user-application"
1569
],
1570
"read_path": [
1571
"/tmp/foo_r",
1572
"/tmp/bar_r/"
1573
],
1574
"template": "user-application",
1575
"template_variables": {
1576
"APPNAME": "foo",
1577
"VAR1": "bar",
1578
"VAR2": "baz"
1566
"profiles": {
1567
"com.example.foo": {
1568
"abstractions": [
1569
"audio",
1570
"gnome"
1571
],
1572
"author": "Your Name",
1573
"binary": "/opt/foo/**",
1574
"comment": "Unstructured single-line comment",
1575
"copyright": "Unstructured single-line copyright statement",
1576
"name": "My Foo App",
1577
"policy_groups": [
1578
"opt-application",
1579
"user-application"
1580
],
1581
"read_path": [
1582
"/tmp/foo_r",
1583
"/tmp/bar_r/"
1584
],
1585
"template": "user-application",
1586
"template_variables": {
1587
"APPNAME": "foo",
1588
"VAR1": "bar",
1589
"VAR2": "baz"
1590
},
1591
"write_path": [
1592
"/tmp/foo_w",
1593
"/tmp/bar_w/"
1594
]
1579
1595
},
1580
"write_path": [
1581
"/tmp/foo_w",
1582
"/tmp/bar_w/"
1583
]
1584
},
1585
"com.ubuntu.developer.myusername.MyCoolApp": {
1586
"name": "MyCoolApp",
1587
"policy_groups": [
1588
"opt-application"
1589
],
1590
"policy_vendor": "ubuntu",
1591
"policy_version": 1.0,
1592
"template": "user-application",
1593
"template_variables": {
1594
"APPNAME": "MyCoolApp"
1596
"com.ubuntu.developer.myusername.MyCoolApp": {
1597
"policy_groups": [
1598
"opt-application"
1599
],
1600
"policy_vendor": "ubuntu",
1601
"policy_version": 1.0,
1602
"template": "user-application",
1603
"template_variables": {
1604
"APPNAME": "MyCoolApp",
1605
"APPVERSION": "0.1.2"
1606
}
1595
1607
}
1596
1608
}
1597
1609
}
1633
1645
'''Test verify_manifest (full)'''
1634
1646
m = '''{
1635
1647
"security": {
1636
"com.example.foo": {
1637
"abstractions": [
1638
"base"
1639
],
1640
"author": "Your Name",
1641
"binary": "/opt/com.example/foo/**",
1642
"comment": "some free-form single-line comment",
1643
"copyright": "Unstructured single-line copyright statement",
1644
"name": "foo",
1645
"policy_groups": [
1646
"user-application",
1647
"opt-application"
1648
],
1649
"template": "user-application",
1650
"template_variables": {
1651
"OK1": "foo",
1652
"OK2": "com.example.foo"
1648
"profiles": {
1649
"com.example.foo": {
1650
"abstractions": [
1651
"base"
1652
],
1653
"author": "Your Name",
1654
"binary": "/opt/com.example/foo/**",
1655
"comment": "some free-form single-line comment",
1656
"copyright": "Unstructured single-line copyright statement",
1657
"name": "foo",
1658
"policy_groups": [
1659
"user-application",
1660
"opt-application"
1661
],
1662
"template": "user-application",
1663
"template_variables": {
1664
"OK1": "foo",
1665
"OK2": "com.example.foo"
1666
}
1667
}
1653
1668
}
1654
}
1655
1669
}
1656
1670
}'''
1657
1671
self._verify_manifest(m, expected=True)
1660
1674
'''Test verify_manifest (full bad)'''
1661
1675
m = '''{
1662
1676
"security": {
1663
"/com.example.foo": {
1664
"abstractions": [
1665
"audio",
1666
"gnome"
1667
],
1668
"author": "Your Name",
1669
"binary": "/usr/foo/**",
1670
"comment": "some free-form single-line comment",
1671
"copyright": "Unstructured single-line copyright statement",
1672
"name": "foo",
1673
"policy_groups": [
1674
"user-application",
1675
"opt-application"
1676
],
1677
"read_path": [
1678
"/tmp/foo_r",
1679
"/tmp/bar_r/"
1680
],
1681
"template": "user-application",
1682
"template_variables": {
1683
"VAR1": "f*o",
1684
"VAR2": "*foo",
1685
"VAR3": "fo*",
1686
"VAR4": "b{ar",
1687
"VAR5": "b{a,r}",
1688
"VAR6": "b}ar",
1689
"VAR7": "bar[0-9]",
1690
"VAR8": "b{ar",
1691
"VAR9": "/tmp/../etc/passwd"
1692
},
1693
"write_path": [
1694
"/tmp/foo_w",
1695
"/tmp/bar_w/"
1696
]
1697
}
1677
"profiles": {
1678
"/com.example.foo": {
1679
"abstractions": [
1680
"audio",
1681
"gnome"
1682
],
1683
"author": "Your Name",
1684
"binary": "/usr/foo/**",
1685
"comment": "some free-form single-line comment",
1686
"copyright": "Unstructured single-line copyright statement",
1687
"name": "foo",
1688
"policy_groups": [
1689
"user-application",
1690
"opt-application"
1691
],
1692
"read_path": [
1693
"/tmp/foo_r",
1694
"/tmp/bar_r/"
1695
],
1696
"template": "user-application",
1697
"template_variables": {
1698
"VAR1": "f*o",
1699
"VAR2": "*foo",
1700
"VAR3": "fo*",
1701
"VAR4": "b{ar",
1702
"VAR5": "b{a,r}",
1703
"VAR6": "b}ar",
1704
"VAR7": "bar[0-9]",
1705
"VAR8": "b{ar",
1706
"VAR9": "/tmp/../etc/passwd"
1707
},
1708
"write_path": [
1709
"/tmp/foo_w",
1710
"/tmp/bar_w/"
1711
]
1712
}
1713
}
1698
1714
}
1699
1715
}'''
1700
1716
1704
1720
'''Test verify_manifest (binary in /usr)'''
1705
1721
m = '''{
1706
1722
"security": {
1707
"com.example.foo": {
1708
"binary": "/usr/foo/**",
1709
"template": "user-application"
1723
"profiles": {
1724
"com.example.foo": {
1725
"binary": "/usr/foo/**",
1726
"template": "user-application"
1727
}
1710
1728
}
1711
1729
}
1712
1730
}'''
1716
1734
'''Test verify_manifest (bad profile_name)'''
1717
1735
m = '''{
1718
1736
"security": {
1719
"/foo": {
1720
"binary": "/opt/com.example/foo/**",
1721
"template": "user-application"
1737
"profiles": {
1738
"/foo": {
1739
"binary": "/opt/com.example/foo/**",
1740
"template": "user-application"
1741
}
1722
1742
}
1723
1743
}
1724
1744
}'''
1726
1746
1727
1747
m = '''{
1728
1748
"security": {
1729
"bin/*": {
1730
"binary": "/opt/com.example/foo/**",
1731
"template": "user-application"
1749
"profiles": {
1750
"bin/*": {
1751
"binary": "/opt/com.example/foo/**",
1752
"template": "user-application"
1753
}
1732
1754
}
1733
1755
}
1734
1756
}'''
1738
1760
'''Test verify_manifest (profile_name)'''
1739
1761
m = '''{
1740
1762
"security": {
1741
"com.example.foo": {
1742
"binary": "/opt/com.example/foo/**",
1743
"template": "user-application"
1763
"profiles": {
1764
"com.example.foo": {
1765
"binary": "/opt/com.example/foo/**",
1766
"template": "user-application"
1767
}
1744
1768
}
1745
1769
}
1746
1770
}'''
1750
1774
'''Test verify_manifest (abstractions)'''
1751
1775
m = '''{
1752
1776
"security": {
1753
"com.example.foo": {
1754
"binary": "/opt/com.example/foo/**",
1755
"template": "user-application",
1756
"abstractions": [
1757
"base"
1758
]
1777
"profiles": {
1778
"com.example.foo": {
1779
"binary": "/opt/com.example/foo/**",
1780
"template": "user-application",
1781
"abstractions": [
1782
"base"
1783
]
1784
}
1759
1785
}
1760
1786
}
1761
1787
}'''
1765
1791
'''Test verify_manifest (bad abstractions)'''
1766
1792
m = '''{
1767
1793
"security": {
1768
"com.example.foo": {
1769
"binary": "/opt/com.example/foo/**",
1770
"template": "user-application",
1771
"abstractions": [
1772
"user-tmp"
1773
]
1794
"profiles": {
1795
"com.example.foo": {
1796
"binary": "/opt/com.example/foo/**",
1797
"template": "user-application",
1798
"abstractions": [
1799
"user-tmp"
1800
]
1801
}
1774
1802
}
1775
1803
}
1776
1804
}'''
1780
1808
'''Test verify_manifest (good template_var)'''
1781
1809
m = '''{
1782
1810
"security": {
1783
"com.example.foo": {
1784
"binary": "/opt/com.example/something with spaces/**",
1785
"template": "user-application",
1786
"template_variables": {
1787
"OK1": "foo",
1788
"OK2": "com.example.foo",
1789
"OK3": "something with spaces"
1811
"profiles": {
1812
"com.example.foo": {
1813
"binary": "/opt/com.example/something with spaces/**",
1814
"template": "user-application",
1815
"template_variables": {
1816
"OK1": "foo",
1817
"OK2": "com.example.foo",
1818
"OK3": "something with spaces"
1819
}
1790
1820
}
1791
1821
}
1792
1822
}
1807
1837
]:
1808
1838
m = '''{
1809
1839
"security": {
1810
"com.example.foo": {
1811
"binary": "/opt/com.example/foo/**",
1840
"profiles": {
1841
"com.example.foo": {
1842
"binary": "/opt/com.example/foo/**",
1812
1843
"template": "user-application",
1813
"template_variables": {
1814
%s
1844
"template_variables": {
1845
%s
1846
}
1815
1847
}
1816
1848
}
1817
1849
}
1867
1899
]:
1868
1900
m = '''{
1869
1901
"security": {
1870
"com.example.foo": {
1871
"binary": "/opt/com.example/foo/**",
1872
"template": "user-application",
1873
"template_variables": {
1874
%s
1902
"profiles": {
1903
"com.example.foo": {
1904
"binary": "/opt/com.example/foo/**",
1905
"template": "user-application",
1906
"template_variables": {
1907
%s
1908
}
1875
1909
}
1876
1910
}
1877
1911
}
1894
1928
'''Test policy vendor via manifest (nonexistent)'''
1895
1929
m = '''{
1896
1930
"security": {
1897
"com.example.foo": {
1898
"policy_vendor": "nonexistent",
1899
"policy_version": 1.0,
1900
"binary": "/opt/com.example/foo/**",
1901
"template": "user-application"
1931
"profiles": {
1932
"com.example.foo": {
1933
"policy_vendor": "nonexistent",
1934
"policy_version": 1.0,
1935
"binary": "/opt/com.example/foo/**",
1936
"template": "user-application"
1937
}
1902
1938
}
1903
1939
}
1904
1940
}'''
1922
1958
policy_subdir = "%s/%s" % (policy_vendor, policy_version)
1923
1959
m = '''{
1924
1960
"security": {
1925
"com.example.foo": {
1926
"policy_vendor": "%s",
1927
"policy_version": %s,
1928
"binary": "/opt/com.example/foo/**",
1929
"template": "user-application"
1961
"profiles": {
1962
"com.example.foo": {
1963
"policy_vendor": "%s",
1964
"policy_version": %s,
1965
"binary": "/opt/com.example/foo/**",
1966
"template": "user-application"
1967
}
1930
1968
}
1931
1969
}
1932
1970
}''' % (policy_vendor, policy_version)
2055
2093
files["usr.bin.baz"] = "/usr/bin/baz"
2056
2094
m = '''{
2057
2095
"security": {
2096
"profiles": {
2058
2097
"%s": {
2059
2098
"abstractions": [
2060
2099
"audio",
2085
2124
]
2086
2125
},
2087
2126
"%s": {
2088
"name": "MyCoolApp",
2089
2127
"policy_groups": [
2090
2128
"opt-application",
2091
2129
"user-application"
2092
2130
],
2093
2131
"template": "user-application",
2094
2132
"template_variables": {
2095
"APPNAME": "MyCoolApp"
2133
"APPNAME": "MyCoolApp",
2134
"APPVERSION": "0.1.2"
2096
2135
}
2097
2136
},
2098
2137
"%s": {
2106
2145
"APPNAME": "baz"
2107
2146
}
2108
2147
}
2148
}
2109
2149
}
2110
2150
}''' % (files["com.example.foo"],
2111
2151
files["com.ubuntu.developer.myusername.MyCoolApp"],
2132
2172
files["com.example.foo"] = "com.example.foo"
2133
2173
m = '''{
2134
2174
"security": {
2175
"profiles": {
2135
2176
"%s": {
2136
2177
"abstractions": [
2137
2178
"audio",
2161
2202
"/tmp/bar_w/"
2162
2203
]
2163
2204
}
2205
}
2164
2206
}
2165
2207
}''' % (files["com.example.foo"])
2166
2208
2188
2230
files["usr.bin.baz"] = "/usr/bin/baz"
2189
2231
m = '''{
2190
2232
"security": {
2191
"%s": {
2192
"abstractions": [
2193
"gnome"
2194
],
2195
"policy_groups": [
2196
"user-application"
2197
],
2198
"template_variables": {
2199
"APPNAME": "baz"
2233
"profiles": {
2234
"%s": {
2235
"abstractions": [
2236
"gnome"
2237
],
2238
"policy_groups": [
2239
"user-application"
2240
],
2241
"template_variables": {
2242
"APPNAME": "baz"
2243
}
2200
2244
}
2201
2245
}
2202
2246
}
2224
2268
files["usr.bin.baz"] = "/usr/bin/baz"
2225
2269
m = '''{
2226
2270
"security": {
2227
"%s": {
2228
"abstractions": [
2229
"gnome"
2230
],
2231
"policy_groups": [
2232
"user-application"
2233
],
2234
"template_variables": {
2235
"APPNAME": "baz"
2271
"profiles": {
2272
"%s": {
2273
"abstractions": [
2274
"gnome"
2275
],
2276
"policy_groups": [
2277
"user-application"
2278
],
2279
"template_variables": {
2280
"APPNAME": "baz"
2281
}
2236
2282
}
2237
2283
}
2238
2284
}
2259
2305
files["usr.bin.baz"] = "/usr/bin/baz"
2260
2306
m = '''{
2261
2307
"security": {
2262
"%s": {
2263
"abstractions": [
2264
"gnome"
2265
],
2266
"policy_groups": [
2267
"user-application"
2268
],
2269
"template_variables": {
2270
"APPNAME": "baz"
2308
"profiles": {
2309
"%s": {
2310
"abstractions": [
2311
"gnome"
2312
],
2313
"policy_groups": [
2314
"user-application"
2315
],
2316
"template_variables": {
2317
"APPNAME": "baz"
2318
}
2271
2319
}
2272
2320
}
2273
2321
}
Loggerhead is a web-based interface for Breezy
Version: 2.0.1