apparmor/Testing/severity_test.py

import shutil
import sys
import unittest

sys.path.append('../')

import apparmor.severity as severity
from apparmor.common import AppArmorException

class Test(unittest.TestCase):  
    
    def setUp(self):
        #copy the local profiles to the test directory
        shutil.copytree('/etc/apparmor.d/', './profiles/')
        
    def testRank_Test(self):
        #z = severity.Severity()
        
        s = severity.Severity('severity.db')
        rank = s.rank('/usr/bin/whatis', 'x')
        self.assertEqual(rank, 5, 'Wrong rank')
        rank = s.rank('/etc', 'x')
        self.assertEqual(rank, 10, 'Wrong rank')
        rank = s.rank('/dev/doublehit', 'x')
        self.assertEqual(rank, 0, 'Wrong rank')
        rank = s.rank('/dev/doublehit', 'rx')
        self.assertEqual(rank, 4, 'Wrong rank')
        rank = s.rank('/dev/doublehit', 'rwx')
        self.assertEqual(rank, 8, 'Wrong rank')
        rank = s.rank('/dev/tty10', 'rwx')
        self.assertEqual(rank, 9, 'Wrong rank')
        rank = s.rank('/var/adm/foo/**', 'rx')
        self.assertEqual(rank, 3, 'Wrong rank')
        rank = s.rank('CAP_KILL')
        self.assertEqual(rank, 8, 'Wrong rank')
        rank = s.rank('CAP_SETPCAP')
        self.assertEqual(rank, 9, 'Wrong rank')
        self.assertEqual(s.rank('/etc/apparmor/**', 'r') , 6,  'Invalid Rank')
        self.assertEqual(s.rank('/etc/**', 'r') , 10,  'Invalid Rank')
        
        # Load all variables for /sbin/klogd and test them
        s.load_variables('profiles/sbin.klogd')
        self.assertEqual(s.rank('@{PROC}/sys/vm/overcommit_memory', 'r'), 6, 'Invalid Rank')
        self.assertEqual(s.rank('@{HOME}/sys/@{PROC}/overcommit_memory', 'r'), 10, 'Invalid Rank')
        self.assertEqual(s.rank('/overco@{multiarch}mmit_memory', 'r'), 10, 'Invalid Rank')
        
        s.unload_variables()
        
        s.load_variables('profiles/usr.sbin.dnsmasq')
        self.assertEqual(s.rank('@{PROC}/sys/@{TFTP_DIR}/overcommit_memory', 'r'), 6, 'Invalid Rank')
        self.assertEqual(s.rank('@{PROC}/sys/vm/overcommit_memory', 'r'), 6, 'Invalid Rank')
        self.assertEqual(s.rank('@{HOME}/sys/@{PROC}/overcommit_memory', 'r'), 10, 'Invalid Rank')
        self.assertEqual(s.rank('/overco@{multiarch}mmit_memory', 'r'), 10, 'Invalid Rank')
        
        #self.assertEqual(s.rank('/proc/@{PID}/maps', 'rw'), 9, 'Invalid Rank')
        
    def testInvalid(self):
        s = severity.Severity('severity.db')
        rank = s.rank('/dev/doublehit', 'i')  
        self.assertEqual(rank, 10, 'Wrong') 
        try:
            broken = severity.Severity('severity_broken.db')   
        except AppArmorException:
            pass
        rank =  s.rank('CAP_UNKOWN')
        rank =  s.rank('CAP_K*')  
        
        

if __name__ == "__main__":
    #import sys;sys.argv = ['', 'Test.testName']
    unittest.main()
Fixes from review 52-53, merging cleanprof into apparmor/tools.py corrected enforce() and complain() to create/remove symlinks to force-complain/disable subdirs. Wrote some tests for globbing methods, segregated glob-path and glob-path-with-extension into methods in aa.py 2013-08-30 03:54:31 +05:30			`import shutil`
modified severity and testing modules 2013-06-21 20:08:32 +05:30			`import sys`
			`import unittest`
tested and completed config.py ans severity.py with the exception of source hooks in severity 2013-06-25 04:46:59 +05:30
Some fixes from review16 and updated codebase 2013-07-17 20:38:13 +05:30			`sys.path.append('../')`
modified severity and testing modules 2013-06-21 20:08:32 +05:30
updated codebase 2013-07-06 18:57:06 +05:30			`import apparmor.severity as severity`
			`from apparmor.common import AppArmorException`
Fixed configparser and added unit test for the same tried on python2 and python3 2013-07-19 00:44:55 +05:30
A new version of the variable loader for severity 2013-07-18 19:17:43 +05:30			`class Test(unittest.TestCase):`
Fixes from review 52-53, merging cleanprof into apparmor/tools.py corrected enforce() and complain() to create/remove symlinks to force-complain/disable subdirs. Wrote some tests for globbing methods, segregated glob-path and glob-path-with-extension into methods in aa.py 2013-08-30 03:54:31 +05:30
			`def setUp(self):`
			`#copy the local profiles to the test directory`
			`shutil.copytree('/etc/apparmor.d/', './profiles/')`
added variable handling also added a loader for all paths 2013-06-23 05:04:22 +05:30
			`def testRank_Test(self):`
edits from review 26,27 and codebase update 2013-07-28 08:23:46 +05:30			`#z = severity.Severity()`
Fixes from review 19-22 and updated codebase 2013-07-20 04:19:07 +05:30
modified severity and testing modules 2013-06-21 20:08:32 +05:30			`s = severity.Severity('severity.db')`
added variable handling also added a loader for all paths 2013-06-23 05:04:22 +05:30			`rank = s.rank('/usr/bin/whatis', 'x')`
			`self.assertEqual(rank, 5, 'Wrong rank')`
			`rank = s.rank('/etc', 'x')`
			`self.assertEqual(rank, 10, 'Wrong rank')`
			`rank = s.rank('/dev/doublehit', 'x')`
			`self.assertEqual(rank, 0, 'Wrong rank')`
			`rank = s.rank('/dev/doublehit', 'rx')`
			`self.assertEqual(rank, 4, 'Wrong rank')`
			`rank = s.rank('/dev/doublehit', 'rwx')`
			`self.assertEqual(rank, 8, 'Wrong rank')`
			`rank = s.rank('/dev/tty10', 'rwx')`
			`self.assertEqual(rank, 9, 'Wrong rank')`
			`rank = s.rank('/var/adm/foo/**', 'rx')`
			`self.assertEqual(rank, 3, 'Wrong rank')`
			`rank = s.rank('CAP_KILL')`
			`self.assertEqual(rank, 8, 'Wrong rank')`
			`rank = s.rank('CAP_SETPCAP')`
			`self.assertEqual(rank, 9, 'Wrong rank')`
			`self.assertEqual(s.rank('/etc/apparmor/**', 'r') , 6, 'Invalid Rank')`
			`self.assertEqual(s.rank('/etc/**', 'r') , 10, 'Invalid Rank')`
A new version of the variable loader for severity 2013-07-18 19:17:43 +05:30
			`# Load all variables for /sbin/klogd and test them`
Fixes from review 52-53, merging cleanprof into apparmor/tools.py corrected enforce() and complain() to create/remove symlinks to force-complain/disable subdirs. Wrote some tests for globbing methods, segregated glob-path and glob-path-with-extension into methods in aa.py 2013-08-30 03:54:31 +05:30			`s.load_variables('profiles/sbin.klogd')`
Fixes from review 19-22 and updated codebase 2013-07-20 04:19:07 +05:30			`self.assertEqual(s.rank('@{PROC}/sys/vm/overcommit_memory', 'r'), 6, 'Invalid Rank')`
			`self.assertEqual(s.rank('@{HOME}/sys/@{PROC}/overcommit_memory', 'r'), 10, 'Invalid Rank')`
			`self.assertEqual(s.rank('/overco@{multiarch}mmit_memory', 'r'), 10, 'Invalid Rank')`

			`s.unload_variables()`

Fixes from review 52-53, merging cleanprof into apparmor/tools.py corrected enforce() and complain() to create/remove symlinks to force-complain/disable subdirs. Wrote some tests for globbing methods, segregated glob-path and glob-path-with-extension into methods in aa.py 2013-08-30 03:54:31 +05:30			`s.load_variables('profiles/usr.sbin.dnsmasq')`
Fixes from review 19-22 and updated codebase 2013-07-20 04:19:07 +05:30			`self.assertEqual(s.rank('@{PROC}/sys/@{TFTP_DIR}/overcommit_memory', 'r'), 6, 'Invalid Rank')`
added variable handling also added a loader for all paths 2013-06-23 05:04:22 +05:30			`self.assertEqual(s.rank('@{PROC}/sys/vm/overcommit_memory', 'r'), 6, 'Invalid Rank')`
			`self.assertEqual(s.rank('@{HOME}/sys/@{PROC}/overcommit_memory', 'r'), 10, 'Invalid Rank')`
tested and completed config.py ans severity.py with the exception of source hooks in severity 2013-06-25 04:46:59 +05:30			`self.assertEqual(s.rank('/overco@{multiarch}mmit_memory', 'r'), 10, 'Invalid Rank')`
added variable handling also added a loader for all paths 2013-06-23 05:04:22 +05:30
			`#self.assertEqual(s.rank('/proc/@{PID}/maps', 'rw'), 9, 'Invalid Rank')`
modified severity and testing modules 2013-06-21 20:08:32 +05:30
A new version of the variable loader for severity 2013-07-18 19:17:43 +05:30			`def testInvalid(self):`
			`s = severity.Severity('severity.db')`
			`rank = s.rank('/dev/doublehit', 'i')`
			`self.assertEqual(rank, 10, 'Wrong')`
			`try:`
			`broken = severity.Severity('severity_broken.db')`
			`except AppArmorException:`
			`pass`
			`rank = s.rank('CAP_UNKOWN')`
			`rank = s.rank('CAP_K*')`
added variable handling also added a loader for all paths 2013-06-23 05:04:22 +05:30

modified severity and testing modules 2013-06-21 20:08:32 +05:30
			`if __name__ == "__main__":`
			`#import sys;sys.argv = ['', 'Test.testName']`
			`unittest.main()`