test exec events/rules in test-libapparmor-test_multi.py

So far, exec events were accidentally skipped in
test-libapparmor-test_multi.py because aa[profile][hat] was not
initialized, and ask_exec() exited early because of this.

Initialize aa[profile][hat] in the test to fix this.

To avoid that someone needs to select "inherit" each time the tests run,
add an optional default_ans parameter to ask_exec(), and let the test
call it with 'CMD_ix'.

(In case you wonder - defaulting to CMD_cx would ask to sanitize the
environment. CMD_ix avoids this.)

Also, we have to copy over aa[profile][hat] to log_dict in the test
because ask_exec() modifies aa[...], but the test only checks its local
log_dict.

Finally, add the expected exec rules to the *.profile files

libraries/libapparmor/testsuite/test_multi/exec01.profile

@@ -1,2 +1,4 @@
 /home/cb/bin/hello.sh {
+  /usr/bin/rm mrix,
+
 }

libraries/libapparmor/testsuite/test_multi/exec02.profile

@@ -1,2 +1,4 @@
 /usr/bin/wireshark {
+  /usr/lib64/wireshark/extcap/androiddump mrix,
+
 }

utils/apparmor/aa.py

@@ -728,7 +728,7 @@ def ask_addhat(hashlog):
                     continue
 
 
-def ask_exec(hashlog):
+def ask_exec(hashlog, default_ans=''):
     """ask the user about exec events (requests to execute another program) and which exec mode to use"""
 
     for aamode in hashlog:
@@ -816,7 +816,10 @@ def ask_exec(hashlog):
                     # ask user about the exec mode to use
                     ans = ''
                     while ans not in ('CMD_ix', 'CMD_px', 'CMD_cx', 'CMD_nx', 'CMD_pix', 'CMD_cix', 'CMD_nix', 'CMD_ux', 'CMD_DENY'):  # add '(I)gnore'? (hotkey conflict with '(i)x'!)
-                        ans = q.promptUser()[0]
+                        if default_ans:
+                            ans = default_ans
+                        else:
+                            ans = q.promptUser()[0]
 
                         if ans.startswith('CMD_EXEC_IX_'):
                             exec_toggle = not exec_toggle

utils/test/test-libapparmor-test_multi.py

@@ -222,8 +222,9 @@ def logfile_to_profile(logfile):
     # cleanup apparmor.aa storage
     apparmor.aa.reset_aa()
 
-    profile, hat = split_name(parsed_event['profile'])
+    apparmor.aa.load_sev_db()
 
+    profile, hat = split_name(parsed_event['profile'])
 
     dummy_prof = apparmor.aa.ProfileStorage('TEST DUMMY for active_profiles', profile_dummy_file, 'logprof_to_profile()')
 
@@ -233,14 +234,23 @@ def logfile_to_profile(logfile):
     # else:
     apparmor.aa.active_profiles.add_profile(profile_dummy_file, profile, '', dummy_prof)
 
+    apparmor.aa.aa[profile] = {}
+    apparmor.aa.aa[profile][hat] = dummy_prof
+
     log_reader = ReadLog(logfile, apparmor.aa.active_profiles, '')
     hashlog = log_reader.read_log('')
 
-    apparmor.aa.ask_exec(hashlog)
+    apparmor.aa.ask_exec(hashlog, 'CMD_ix')
     apparmor.aa.ask_addhat(hashlog)
 
     log_dict = apparmor.aa.collapse_log(hashlog, ignore_null_profiles=False)
 
+    # ask_exec modifies 'aa', not log_dict. "transfer" exec rules from 'aa' to log_dict
+    for tmpaamode in hashlog:
+        for tmpprofile in hashlog[tmpaamode]:
+            for rule_obj in apparmor.aa.aa[profile][hat]['file'].rules:
+                log_dict[tmpaamode][tmpprofile]['file'].add(rule_obj)
+
     if list(log_dict[aamode].keys()) != [parsed_event['profile']]:
         raise Exception('log_dict[{}] contains unexpected keys. Logfile: {}, keys {}'.format(aamode, logfile, log_dict.keys()))