def test_write_manually(self): obj = RlimitRule('as', '1024MB') expected = ' set rlimit as <= 1024MB,' self.assertEqual(expected, obj.get_clean(2), 'unexpected clean rule') self.assertEqual(expected, obj.get_raw(2), 'unexpected raw rule')
def _check_invalid_rawrule(self, rawrule): obj = None self.assertFalse(RlimitRule.match(rawrule)) with self.assertRaises(AppArmorException): obj = RlimitRule(RlimitRule.parse(rawrule)) self.assertIsNone(obj, 'RlimitRule handed back an object unexpectedly')
def _run_test(self, rawrule, expected): self.assertTrue(RlimitRule.match(rawrule)) obj = RlimitRule.parse(rawrule) clean = obj.get_clean() raw = obj.get_raw() self.assertEqual(expected.strip(), clean, 'unexpected clean rule') self.assertEqual(rawrule.strip(), raw, 'unexpected raw rule')
def test_borked_obj_is_covered_2(self): obj = RlimitRule.parse('set rlimit cpu <= 1024,') testobj = RlimitRule('cpu', '1024') testobj.value = '' with self.assertRaises(AppArmorBug): obj.is_covered(testobj)
def _run_test(self, param, expected): obj = RlimitRule.parse(self.rule) check_obj = RlimitRule.parse(param) self.assertTrue(RlimitRule.match(param)) self.assertEqual(obj.is_equal(check_obj), expected[0], 'Mismatch in is_equal, expected %s' % expected[0]) self.assertEqual(obj.is_equal(check_obj, True), expected[1], 'Mismatch in is_equal/strict, expected %s' % expected[1]) self.assertEqual(obj.is_covered(check_obj), expected[2], 'Mismatch in is_covered, expected %s' % expected[2]) self.assertEqual(obj.is_covered(check_obj, True, True), expected[3], 'Mismatch in is_covered/exact, expected %s' % expected[3])
def test_invalid_is_equal(self): obj = RlimitRule.parse('set rlimit cpu <= 1024,') testobj = BaseRule() # different type with self.assertRaises(AppArmorBug): obj.is_equal(testobj)
class RlimitSize_to_intTest(AATest): def AASetup(self): self.obj = RlimitRule('cpu', '1') tests = [ ('40GB' , 40 * 1024 * 1024 * 1024), ('40MB' , 41943040), ('40KB' , 40960), ('40' , 40), ] def _run_test(self, params, expected): self.assertEqual(self.obj.size_to_int(params), expected) def test_invalid_size_to_int_01(self): with self.assertRaises(AppArmorException): self.obj.size_to_int('20mice')
class RlimitSize_to_intTest(AATest): def AASetup(self): self.obj = RlimitRule('cpu', '1') tests = [ ('40GB', 40 * 1024 * 1024 * 1024), ('40MB', 41943040), ('40KB', 40960), ('40', 40), ] def _run_test(self, params, expected): self.assertEqual(self.obj.size_to_int(params), expected) def test_invalid_size_to_int_01(self): with self.assertRaises(AppArmorException): self.obj.size_to_int('20mice')
class RlimitTime_to_intTest(AATest): def AASetup(self): self.obj = RlimitRule('cpu', '1') tests = [ ('40', 0.00004), ('30us', 0.00003), ('40ms', 0.04), ('40seconds', 40), ('2minutes', 2 * 60), ('2hours', 2 * 60 * 60), ('1 day', 1 * 60 * 60 * 24), ('2 weeks', 2 * 60 * 60 * 24 * 7), ] def _run_test(self, params, expected): self.assertEqual(self.obj.time_to_int(params, 'us'), expected) def test_with_seconds_as_default(self): self.assertEqual(self.obj.time_to_int('40', 'seconds'), 40) def test_with_ms_as_default(self): self.assertEqual(self.obj.time_to_int('40', 'ms'), 0.04) def test_with_us_as_default(self): self.assertEqual(self.obj.time_to_int('30', 'us'), 0.00003) def test_invalid_time_to_int(self): with self.assertRaises(AppArmorException): self.obj.time_to_int('20mice', 'seconds')
class RlimitTime_to_intTest(AATest): def AASetup(self): self.obj = RlimitRule('cpu', '1') tests = [ ('40' , 0.00004), ('30us' , 0.00003), ('40ms' , 0.04), ('40seconds', 40), ('2minutes' , 2*60), ('2hours' , 2*60*60), ('1 day' , 1*60*60*24), ('2 weeks' , 2*60*60*24*7), ] def _run_test(self, params, expected): self.assertEqual(self.obj.time_to_int(params, 'us'), expected) def test_with_seconds_as_default(self): self.assertEqual(self.obj.time_to_int('40', 'seconds'), 40) def test_with_ms_as_default(self): self.assertEqual(self.obj.time_to_int('40', 'ms'), 0.04) def test_with_us_as_default(self): self.assertEqual(self.obj.time_to_int('30', 'us'), 0.00003) def test_invalid_time_to_int(self): with self.assertRaises(AppArmorException): self.obj.time_to_int('20mice', 'seconds')
class RlimitFromInit(RlimitTest): tests = [ # RlimitRule object audit allow deny comment rlimit value all/infinity? (RlimitRule('as', '2047MB') , exp(False, False, False, '' , 'as' , '2047MB' , False)), (RlimitRule('as', '2047 MB') , exp(False, False, False, '' , 'as' , '2047 MB' , False)), (RlimitRule('cpu', '1024') , exp(False, False, False, '' , 'cpu' , '1024' , False)), (RlimitRule('rttime', '60minutes') , exp(False, False, False, '' , 'rttime' , '60minutes', False)), (RlimitRule('nice', '-10') , exp(False, False, False, '' , 'nice' , '-10' , False)), (RlimitRule('rss', RlimitRule.ALL) , exp(False, False, False, '' , 'rss' , None , True )), ] def _run_test(self, obj, expected): self._compare_obj(obj, expected)
def test_ruleset_1(self): ruleset = RlimitRuleset() rules = [ ' set rlimit cpu <= 100,', ' set rlimit as <= 50MB,', ] expected_raw = [ 'set rlimit cpu <= 100,', 'set rlimit as <= 50MB,', '', ] expected_clean = [ 'set rlimit as <= 50MB,', 'set rlimit cpu <= 100,', '', ] for rule in rules: ruleset.add(RlimitRule.parse(rule)) self.assertEqual(expected_raw, ruleset.get_raw()) self.assertEqual(expected_clean, ruleset.get_clean())
def test_audit_keyword(self): with self.assertRaises(AppArmorBug): RlimitRule('as', '1024MB', audit=True)
def _run_test(self, rawrule, expected): self.assertTrue(RlimitRule.match(rawrule)) obj = RlimitRule.parse(rawrule) self.assertEqual(rawrule.strip(), obj.raw_rule) self._compare_obj(obj, expected)
def _run_test(self, params, expected): obj = RlimitRule._parse(params) self.assertEqual(obj.logprof_header(), expected)
def _run_test(self, rawrule, expected): #self.assertFalse(RlimitRule.match(rawrule)) # the main regex isn't very strict with self.assertRaises(expected): RlimitRule.parse(rawrule)
def AASetup(self): self.obj = RlimitRule('cpu', '1')
def test_empty_net_data_2(self): obj = RlimitRule('as', '1024MB') obj.value = '' # no value set, and ALL not set with self.assertRaises(AppArmorBug): obj.get_clean(1)
def test_deny_keyword(self): with self.assertRaises(AppArmorBug): RlimitRule('as', '1024MB', deny=True)
def test_missing_params_2(self): with self.assertRaises(TypeError): RlimitRule('as')
def _run_test(self, params, expected): with self.assertRaises(expected): RlimitRule(params[0], params[1])