From 94c5cf047f0e079ab42beba66f8f3c3d552bda74 Mon Sep 17 00:00:00 2001 From: Christian Boltz Date: Mon, 5 May 2025 20:53:53 +0200 Subject: [PATCH] Split priority rules with `unsafe` keyword to separate tests This helps to limit the amount of rules skipped in the utils tests (because the utils don't support the `unsafe` keyword) --- .../simple_tests/file/priority/front_perms_ok_1.sd | 5 ----- .../simple_tests/file/priority/front_perms_ok_2.sd | 5 ----- .../simple_tests/file/priority/front_perms_ok_3.sd | 12 ++++++++++++ .../simple_tests/file/priority/front_perms_ok_4.sd | 13 +++++++++++++ utils/test/test-parser-simple-tests.py | 4 ++-- 5 files changed, 27 insertions(+), 12 deletions(-) create mode 100644 parser/tst/simple_tests/file/priority/front_perms_ok_3.sd create mode 100644 parser/tst/simple_tests/file/priority/front_perms_ok_4.sd diff --git a/parser/tst/simple_tests/file/priority/front_perms_ok_1.sd b/parser/tst/simple_tests/file/priority/front_perms_ok_1.sd index 2375fd1dc..137a9454a 100644 --- a/parser/tst/simple_tests/file/priority/front_perms_ok_1.sd +++ b/parser/tst/simple_tests/file/priority/front_perms_ok_1.sd @@ -15,10 +15,5 @@ priority=-1 file ux /foo3, priority=-1 file Ux /foo4, priority=-1 file ix /foo5, - priority=-1 file unsafe px /foo6, - priority=-1 file unsafe Px /foo7, - priority=-1 file unsafe ux /foo8, - priority=-1 file unsafe Ux /foo9, - priority=-1 file unsafe ix /foo10, } diff --git a/parser/tst/simple_tests/file/priority/front_perms_ok_2.sd b/parser/tst/simple_tests/file/priority/front_perms_ok_2.sd index f1ee0837a..88db2191f 100644 --- a/parser/tst/simple_tests/file/priority/front_perms_ok_2.sd +++ b/parser/tst/simple_tests/file/priority/front_perms_ok_2.sd @@ -15,10 +15,5 @@ priority=-1 ux /foo3, priority=-1 Ux /foo4, priority=-1 ix /foo5, - priority=-1 unsafe px /foo6, - priority=-1 unsafe Px /foo7, - priority=-1 unsafe ux /foo8, - priority=-1 unsafe Ux /foo9, - priority=-1 unsafe ix /foo10, } diff --git a/parser/tst/simple_tests/file/priority/front_perms_ok_3.sd b/parser/tst/simple_tests/file/priority/front_perms_ok_3.sd new file mode 100644 index 000000000..4140ae0ef --- /dev/null +++ b/parser/tst/simple_tests/file/priority/front_perms_ok_3.sd @@ -0,0 +1,12 @@ +# +#=DESCRIPTION perms before pathname + unsafe keyword +#=EXRESULT PASS +# +/usr/bin/foo { + priority=-1 file unsafe px /foo6, + priority=-1 file unsafe Px /foo7, + priority=-1 file unsafe ux /foo8, + priority=-1 file unsafe Ux /foo9, + priority=-1 file unsafe ix /foo10, + +} diff --git a/parser/tst/simple_tests/file/priority/front_perms_ok_4.sd b/parser/tst/simple_tests/file/priority/front_perms_ok_4.sd new file mode 100644 index 000000000..3a33020eb --- /dev/null +++ b/parser/tst/simple_tests/file/priority/front_perms_ok_4.sd @@ -0,0 +1,13 @@ +# +#=DESCRIPTION perms before pathname + unsafe keyword +#=EXRESULT PASS +# +/usr/bin/foo { + + priority=-1 unsafe px /foo6, + priority=-1 unsafe Px /foo7, + priority=-1 unsafe ux /foo8, + priority=-1 unsafe Ux /foo9, + priority=-1 unsafe ix /foo10, + +} diff --git a/utils/test/test-parser-simple-tests.py b/utils/test/test-parser-simple-tests.py index 22a7b480b..04e03fb68 100644 --- a/utils/test/test-parser-simple-tests.py +++ b/utils/test/test-parser-simple-tests.py @@ -251,8 +251,8 @@ unknown_line = ( 'file/file/front_perms_ok_2.sd', 'file/front_perms_ok_2.sd', 'xtrans/simple_ok_cx_1.sd', - 'file/priority/front_perms_ok_1.sd', - 'file/priority/front_perms_ok_2.sd', + 'file/priority/front_perms_ok_3.sd', + 'file/priority/front_perms_ok_4.sd', # owner / audit {...} blocks 'file/file/owner/ok_1.sd',