CapabilityRule: Validate given caps against cap list

... and error out if an unknown capability is given. This also means recognizing bad capabilities in the parser simple_tests now works (so remove these from the exception_not_raised list), and that we can no longer hand over an unknown capability in test-capability.py to test their severity.
2025-09-03 07:45:50 +00:00 · 2023-10-29 21:31:43 +01:00
parent 5c34655f4a
commit 942202da17
3 changed files with 10 additions and 10 deletions
--- a/utils/test/test-capability.py
+++ b/utils/test/test-capability.py
@@ -460,7 +460,6 @@ class CapabiliySeverityTest(AATest):
        ('dac_read_search',             7),
        (['fsetid', 'dac_read_search'], 9),
        (CapabilityRule.ALL,            10),
-        ('foo',                         'unknown'),
    )

    def _run_test(self, params, expected):