mir/apparmor
2
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor synced 2025-09-01 23:05:11 +00:00
Code Issues Releases Wiki Activity

Fix the changehat_wrapper regression test

Browse Source 
The capabilities tests where failing in the changehat_wrapper test.  This was because
they could not the changehat_wrapper sub executable, which trying to exec a binary
in the tmpdir.

Specifically if the test was for syscall_ptrace.  It would generate a profile with
a hat for ^syscall_ptrace and attempt to execute ./syscall_ptrace.  However this
was failing in some situations, including when trying to debug from the tmpdir,
as the syscall_XXX binary is no longer local.

Instead use the fully qualified path for the hat name, and the exec path.

Signed-off-by: John Johansen <john.johansen@canonical.com>
This commit is contained in:
John Johansen
2012-03-26 06:10:18 -07:00
parent 40588d182a
commit 5c09f44f8b
2 changed files with 7 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
tests/regression/apparmor/capabilities.sh
View File

@@ -109,16 +109,16 @@ for TEST in ${TESTS} ; do
# okay, now check to see if the capability functions from within # okay, now check to see if the capability functions from within
# a subprofile. # a subprofile.
settest ${testwrapper} settest ${testwrapper}
genprofile hat:${TEST} addimage:${bin}/${TEST} ${my_entries} genprofile hat:$bin/${TEST} addimage:${bin}/${TEST} ${my_entries}
runchecktest "${TEST} changehat -- no caps" fail ${TEST} ${my_arg} runchecktest "${TEST} changehat -- no caps" fail $bin/${TEST} ${my_arg}
for cap in ${CAPABILITIES} ; do for cap in ${CAPABILITIES} ; do
if [ "X$(eval echo \${${TEST}_${cap}})" == "XTRUE" ] ; then if [ "X$(eval echo \${${TEST}_${cap}})" == "XTRUE" ] ; then
expected_result=pass expected_result=pass
else else
expected_result=fail expected_result=fail
fi fi
genprofile hat:${TEST} addimage:${bin}/${TEST} cap:${cap} ${my_entries} genprofile hat:$bin/${TEST} addimage:${bin}/${TEST} cap:${cap} ${my_entries}
runchecktest "${TEST} changehat -- capability ${cap}" ${expected_result} ${TEST} ${my_arg} runchecktest "${TEST} changehat -- capability ${cap}" ${expected_result} $bin/${TEST} ${my_arg}
done done
done done

6
tests/regression/apparmor/changehat_wrapper.c
View File

@@ -154,7 +154,7 @@ int main(int argc, char *argv[]) {
perror ("FAIL: child malloc"); perror ("FAIL: child malloc");
return -1; return -1;
} }
sprintf (pname, "./%s", argv[optind]); sprintf (pname, "%s", argv[optind]);
rc = !manual ? change_hat(argv[optind], magic_token) rc = !manual ? change_hat(argv[optind], magic_token)
: manual_change_hat(argv[optind], manual_string); : manual_change_hat(argv[optind], manual_string);
@@ -173,7 +173,7 @@ int main(int argc, char *argv[]) {
perror("FAIL: pipe failed"); perror("FAIL: pipe failed");
exit(1); exit(1);
} }
exit(execv(pname, &argv[optind])); exit(execv(pname, &argv[optind]));
} }
@@ -190,7 +190,7 @@ int main(int argc, char *argv[]) {
if ((WEXITSTATUS(waitstatus) == 0) && strcmp("PASS\n", buf) == 0) { if ((WEXITSTATUS(waitstatus) == 0) && strcmp("PASS\n", buf) == 0) {
printf("PASS\n"); printf("PASS\n");
} }
return WEXITSTATUS(waitstatus); return WEXITSTATUS(waitstatus);
} }