110
134
stub_test.__doc__ = "test '%s'" % (test_string)
111
135
setattr(AARegexSplitComment, 'test_split_comment_%d' % (i), stub_test)
137
class AARegexPath(unittest.TestCase):
138
'''Tests for RE_PROFILE_PATH_ENTRY'''
140
def test_simple_path_01(self):
141
'''test ' /tmp/foo r,' '''
143
line = ' /tmp/foo r,'
144
result = aa.RE_PROFILE_PATH_ENTRY.search(line)
145
self.assertTrue(result, 'Couldn\'t find file rule in "%s"' % line)
146
mode = result.groups()[4].strip()
147
self.assertEqual(mode, 'r', 'Expected mode "r", got "%s"' % (mode))
149
def test_simple_path_02(self):
150
'''test ' audit /tmp/foo rw,' '''
152
line = ' audit /tmp/foo rw,'
153
result = aa.RE_PROFILE_PATH_ENTRY.search(line)
154
self.assertTrue(result, 'Couldn\'t find file rule in "%s"' % line)
155
audit = result.groups()[0].strip()
156
self.assertEqual(audit, 'audit', 'Couldn\t find audit modifier')
157
mode = result.groups()[4].strip()
158
self.assertEqual(mode, 'rw', 'Expected mode "rw", got "%s"' % (mode))
160
def test_simple_path_03(self):
161
'''test ' audit deny /tmp/foo rw,' '''
163
line = ' audit deny /tmp/foo rw,'
164
result = aa.RE_PROFILE_PATH_ENTRY.search(line)
165
self.assertTrue(result, 'Couldn\'t find file rule in "%s"' % line)
166
audit = result.groups()[0].strip()
167
self.assertEqual(audit, 'audit', 'Couldn\t find audit modifier')
168
deny = result.groups()[1].strip()
169
self.assertEqual(deny, 'deny', 'Couldn\t find deny modifier')
170
mode = result.groups()[4].strip()
171
self.assertEqual(mode, 'rw', 'Expected mode "rw", got "%s"' % (mode))
173
def test_simple_bad_path_01(self):
177
result = aa.RE_PROFILE_PATH_ENTRY.search(line)
178
self.assertFalse(result, 'RE_PROFILE_PATH_ENTRY unexpectedly matched "%s"' % line)
180
def test_simple_bad_path_02(self):
181
'''test ' file /tmp/foo rw,' '''
183
line = ' file /tmp/foo rw,'
184
result = aa.RE_PROFILE_PATH_ENTRY.search(line)
185
self.assertFalse(result, 'RE_PROFILE_PATH_ENTRY unexpectedly matched "%s"' % line)
187
class AARegexFile(unittest.TestCase):
188
'''Tests for RE_PROFILE_FILE_ENTRY'''
190
def _assertEqualStrings(self, str1, str2):
191
self.assertEqual(str1, str2, 'Expected %s, got "%s"' % (str1, str2))
193
def test_simple_file_01(self):
194
'''test ' file /tmp/foo rw,' '''
198
line = ' file %s %s,' % (path, mode)
199
result = aa.RE_PROFILE_FILE_ENTRY.search(line)
200
self.assertTrue(result, 'Couldn\'t find file rule in "%s"' % line)
201
self._assertEqualStrings(path, result.groups()[3].strip())
202
self._assertEqualStrings(mode, result.groups()[4].strip())
204
def test_simple_file_02(self):
208
result = aa.RE_PROFILE_FILE_ENTRY.search(line)
209
self.assertTrue(result, 'Couldn\'t find file rule in "%s"' % line)
210
path = result.groups()[3]
211
self.assertEqual(path, None, 'Unexpected path, got "%s"' % path)
212
mode = result.groups()[4]
213
self.assertEqual(mode, None, 'Unexpected mode, got "%s"' % (mode))
215
def test_simple_file_03(self):
216
'''test ' audit file,' '''
218
line = ' audit file,'
219
result = aa.RE_PROFILE_FILE_ENTRY.search(line)
220
self.assertTrue(result, 'Couldn\'t find file rule in "%s"' % line)
221
audit = result.groups()[0].strip()
222
self.assertEqual(audit, 'audit', 'Couldn\t find audit modifier')
223
path = result.groups()[3]
224
self.assertEqual(path, None, 'Unexpected path, got "%s"' % path)
225
mode = result.groups()[4]
226
self.assertEqual(mode, None, 'Unexpected mode, got "%s"' % (mode))
228
def test_simple_bad_file_01(self):
232
result = aa.RE_PROFILE_FILE_ENTRY.search(line)
233
self.assertFalse(result, 'RE_PROFILE_FILE_ENTRY unexpectedly matched "%s"' % line)
235
def test_simple_bad_file_02(self):
236
'''test ' /tmp/foo rw,' '''
238
line = ' /tmp/foo rw,'
239
result = aa.RE_PROFILE_FILE_ENTRY.search(line)
240
self.assertFalse(result, 'RE_PROFILE_FILE_ENTRY unexpectedly matched "%s"' % line)
242
def test_simple_bad_file_03(self):
243
'''test ' file /tmp/foo,' '''
245
line = ' file /tmp/foo,'
246
result = aa.RE_PROFILE_FILE_ENTRY.search(line)
247
self.assertFalse(result, 'RE_PROFILE_FILE_ENTRY unexpectedly matched "%s"' % line)
249
def test_simple_bad_file_04(self):
250
'''test ' file r,' '''
253
result = aa.RE_PROFILE_FILE_ENTRY.search(line)
254
self.assertFalse(result, 'RE_PROFILE_FILE_ENTRY unexpectedly matched "%s"' % line)
256
class AARegexSignal(unittest.TestCase):
257
'''Tests for RE_PROFILE_SIGNAL'''
259
def test_bare_signal_01(self):
260
'''test ' signal,' '''
264
result = aa.RE_PROFILE_SIGNAL.search(line)
265
self.assertTrue(result, 'Couldn\'t find signal rule in "%s"' % line)
266
parsed = result.groups()[2].strip()
267
self.assertEqual(parsed, rule, 'Expected signal rule "%s", got "%s"'
270
def test_bare_signal_02(self):
271
'''test ' audit signal,' '''
274
line = ' audit %s' % rule
275
result = aa.RE_PROFILE_SIGNAL.search(line)
276
self.assertTrue(result, 'Couldn\'t find signal rule in "%s"' % line)
277
self.assertTrue(result.groups()[0], 'Couldn\'t find audit modifier in "%s"' % line)
278
parsed = result.groups()[2].strip()
279
self.assertEqual(parsed, rule, 'Expected signal rule "%s", got "%s"'
282
def test_simple_signal_01(self):
283
'''test ' signal receive,' '''
285
rule = 'signal receive,'
287
result = aa.RE_PROFILE_SIGNAL.search(line)
288
self.assertTrue(result, 'Couldn\'t find signal rule in "%s"' % line)
289
parsed = result.groups()[2].strip()
290
self.assertEqual(parsed, rule, 'Expected signal rule "%s", got "%s"'
293
def test_simple_signal_02(self):
294
'''test ' signal (send, receive),' '''
296
rule = 'signal (send, receive),'
298
result = aa.RE_PROFILE_SIGNAL.search(line)
299
self.assertTrue(result, 'Couldn\'t find signal rule in "%s"' % line)
300
parsed = result.groups()[2].strip()
301
self.assertEqual(parsed, rule, 'Expected signal rule "%s", got "%s"'
304
def test_simple_signal_03(self):
305
'''test ' audit signal (receive),' '''
307
rule = 'signal (receive),'
308
line = ' audit %s' % rule
309
result = aa.RE_PROFILE_SIGNAL.search(line)
310
self.assertTrue(result, 'Couldn\'t find signal rule in "%s"' % line)
311
self.assertTrue(result.groups()[0], 'Couldn\'t find audit modifier in "%s"' % line)
312
parsed = result.groups()[2].strip()
313
self.assertEqual(parsed, rule, 'Expected signal rule "%s", got "%s"'
316
def test_set_signal_01(self):
317
'''test ' signal (send, receive) set=(usr1 usr2),' '''
319
rule = 'signal (send, receive) set=(usr1 usr2),'
321
result = aa.RE_PROFILE_SIGNAL.search(line)
322
self.assertTrue(result, 'Couldn\'t find signal rule in "%s"' % line)
323
parsed = result.groups()[2].strip()
324
self.assertEqual(parsed, rule, 'Expected signal rule "%s", got "%s"'
327
def test_peer_signal_01(self):
328
'''test ' signal send set=(hup, quit) peer=/usr/sbin/daemon,' '''
330
rule = 'signal send set=(hup, quit) peer=/usr/sbin/daemon,'
332
result = aa.RE_PROFILE_SIGNAL.search(line)
333
self.assertTrue(result, 'Couldn\'t find signal rule in "%s"' % line)
334
parsed = result.groups()[2].strip()
335
self.assertEqual(parsed, rule, 'Expected signal rule "%s", got "%s"'
338
class AARegexPtrace(unittest.TestCase):
339
'''Tests for RE_PROFILE_PTRACE'''
341
def test_bare_ptrace_01(self):
342
'''test ' ptrace,' '''
346
result = aa.RE_PROFILE_PTRACE.search(line)
347
self.assertTrue(result, 'Couldn\'t find ptrace rule in "%s"' % line)
348
parsed = result.groups()[2].strip()
349
self.assertEqual(parsed, rule, 'Expected ptrace rule "%s", got "%s"'
352
def test_bare_ptrace_02(self):
353
'''test ' audit ptrace,' '''
356
line = ' audit %s' % rule
357
result = aa.RE_PROFILE_PTRACE.search(line)
358
self.assertTrue(result, 'Couldn\'t find ptrace rule in "%s"' % line)
359
self.assertTrue(result.groups()[0], 'Couldn\'t find audit modifier in "%s"' % line)
360
parsed = result.groups()[2].strip()
361
self.assertEqual(parsed, rule, 'Expected ptrace rule "%s", got "%s"'
364
def test_simple_ptrace_01(self):
365
'''test ' ptrace trace,' '''
367
rule = 'ptrace trace,'
369
result = aa.RE_PROFILE_PTRACE.search(line)
370
self.assertTrue(result, 'Couldn\'t find ptrace rule in "%s"' % line)
371
parsed = result.groups()[2].strip()
372
self.assertEqual(parsed, rule, 'Expected ptrace rule "%s", got "%s"'
375
def test_simple_ptrace_02(self):
376
'''test ' ptrace (tracedby, readby),' '''
378
rule = 'ptrace (tracedby, readby),'
380
result = aa.RE_PROFILE_PTRACE.search(line)
381
self.assertTrue(result, 'Couldn\'t find ptrace rule in "%s"' % line)
382
parsed = result.groups()[2].strip()
383
self.assertEqual(parsed, rule, 'Expected ptrace rule "%s", got "%s"'
386
def test_simple_ptrace_03(self):
387
'''test ' audit ptrace (read),' '''
389
rule = 'ptrace (read),'
390
line = ' audit %s' % rule
391
result = aa.RE_PROFILE_PTRACE.search(line)
392
self.assertTrue(result, 'Couldn\'t find ptrace rule in "%s"' % line)
393
self.assertTrue(result.groups()[0], 'Couldn\'t find audit modifier in "%s"' % line)
394
parsed = result.groups()[2].strip()
395
self.assertEqual(parsed, rule, 'Expected ptrace rule "%s", got "%s"'
398
def test_peer_ptrace_01(self):
399
'''test ' ptrace trace peer=/usr/sbin/daemon,' '''
401
rule = 'ptrace trace peer=/usr/sbin/daemon,'
403
result = aa.RE_PROFILE_PTRACE.search(line)
404
self.assertTrue(result, 'Couldn\'t find ptrace rule in "%s"' % line)
405
parsed = result.groups()[2].strip()
406
self.assertEqual(parsed, rule, 'Expected ptrace rule "%s", got "%s"'
409
class AARegexPivotRoot(unittest.TestCase):
410
'''Tests for RE_PROFILE_PIVOT_ROOT'''
412
def test_bare_pivot_root_01(self):
413
'''test ' pivot_root,' '''
417
result = aa.RE_PROFILE_PIVOT_ROOT.search(line)
418
self.assertTrue(result, 'Couldn\'t find pivot_root rule in "%s"' % line)
419
parsed = result.groups()[2].strip()
420
self.assertEqual(parsed, rule, 'Expected pivot_root rule "%s", got "%s"'
423
def test_bare_pivot_root_02(self):
424
'''test ' audit pivot_root,' '''
427
line = ' audit %s' % rule
428
result = aa.RE_PROFILE_PIVOT_ROOT.search(line)
429
self.assertTrue(result, 'Couldn\'t find pivot_root rule in "%s"' % line)
430
self.assertTrue(result.groups()[0], 'Couldn\'t find audit modifier in "%s"' % line)
431
parsed = result.groups()[2].strip()
432
self.assertEqual(parsed, rule, 'Expected pivot_root rule "%s", got "%s"'
435
def test_old_pivot_root_01(self):
436
'''test ' pivot_root /old,' '''
438
rule = 'pivot_root /old,'
440
result = aa.RE_PROFILE_PIVOT_ROOT.search(line)
441
self.assertTrue(result, 'Couldn\'t find pivot_root rule in "%s"' % line)
442
parsed = result.groups()[2].strip()
443
self.assertEqual(parsed, rule, 'Expected pivot_root rule "%s", got "%s"'
446
def test_new_pivot_root_01(self):
447
'''test ' pivot_root /old /new,' '''
449
rule = 'pivot_root /old /new,'
451
result = aa.RE_PROFILE_PIVOT_ROOT.search(line)
452
self.assertTrue(result, 'Couldn\'t find pivot_root rule in "%s"' % line)
453
parsed = result.groups()[2].strip()
454
self.assertEqual(parsed, rule, 'Expected pivot_root rule "%s", got "%s"'
457
def test_child_pivot_root_01(self):
458
'''test ' pivot_root /old /new -> child,' '''
460
rule = 'pivot_root /old /new -> child,'
462
result = aa.RE_PROFILE_PIVOT_ROOT.search(line)
463
self.assertTrue(result, 'Couldn\'t find pivot_root rule in "%s"' % line)
464
parsed = result.groups()[2].strip()
465
self.assertEqual(parsed, rule, 'Expected pivot_root rule "%s", got "%s"'
468
def test_child_pivot_root_02(self):
469
'''test ' audit pivot_root /old /new -> child,' '''
471
rule = 'pivot_root /old /new -> child,'
472
line = ' audit %s' % rule
473
result = aa.RE_PROFILE_PIVOT_ROOT.search(line)
474
self.assertTrue(result, 'Couldn\'t find pivot_root rule in "%s"' % line)
475
self.assertTrue(result.groups()[0], 'Couldn\'t find audit modifier in "%s"' % line)
476
parsed = result.groups()[2].strip()
477
self.assertEqual(parsed, rule, 'Expected pivot_root rule "%s", got "%s"'
113
480
if __name__ == '__main__':