def test_write_manually(self):
obj = CapabilityRule(['ptrace', 'audit_write'], allow_keyword=True)
expected = ' allow capability audit_write ptrace,'
self.assertEqual(expected, obj.get_clean(2), 'unexpected clean rule')
self.assertEqual(expected, obj.get_raw(2), 'unexpected raw rule')
def test_write_manually(self):
obj = CapabilityRule(['ptrace', 'audit_write'], allow_keyword=True)
expected = ' allow capability audit_write ptrace,'
self.assertEqual(expected, obj.get_clean(2), 'unexpected clean rule')
self.assertEqual(expected, obj.get_raw(2), 'unexpected raw rule')
def test_cap_from_log(self):
parser = ReadLog('', '', '', '')
event = 'type=AVC msg=audit(1415403814.628:662): apparmor="ALLOWED" operation="capable" profile="/bin/ping" pid=15454 comm="ping" capability=13 capname="net_raw"'
parsed_event = parser.parse_event(event)
self.assertEqual(
parsed_event, {
'request_mask': None,
'denied_mask': None,
'error_code': 0,
'magic_token': 0,
'parent': 0,
'profile': '/bin/ping',
'operation': 'capable',
'resource': None,
'info': None,
'aamode': 'PERMITTING',
'time': 1415403814,
'active_hat': None,
'pid': 15454,
'task': 0,
'attr': None,
'name2': None,
'name': 'net_raw',
'family': None,
'protocol': None,
'sock_type': None,
})
obj = CapabilityRule(parsed_event['name'], log_event=parsed_event)
self._compare_obj(
obj, {
'allow_keyword': False,
'deny': False,
'audit': False,
'capability': {'net_raw'},
'all_caps': False,
'comment': "",
})
self.assertEqual(obj.get_raw(1), ' capability net_raw,')
def test_cap_from_log(self):
parser = ReadLog('', '', '', '', '')
event = 'type=AVC msg=audit(1415403814.628:662): apparmor="ALLOWED" operation="capable" profile="/bin/ping" pid=15454 comm="ping" capability=13 capname="net_raw"'
parsed_event = parser.parse_event(event)
self.assertEqual(parsed_event, {
'request_mask': None,
'denied_mask': None,
'error_code': 0,
'magic_token': 0,
'parent': 0,
'profile': '/bin/ping',
'operation': 'capable',
'resource': None,
'info': None,
'aamode': 'PERMITTING',
'time': 1415403814,
'active_hat': None,
'pid': 15454,
'task': 0,
'attr': None,
'name2': None,
'name': 'net_raw'
})
obj = CapabilityRule(parsed_event['name'], log_event=parsed_event)
self._compare_obj(obj, {
'allow_keyword': False,
'deny': False,
'audit': False,
'capability': {'net_raw'},
'all_caps': False,
'comment': "",
})
self.assertEqual(obj.get_raw(1), ' capability net_raw,')
