From dc3d11bf0a0fa0cdebfd6e2cf88baa53b0a3a88a Mon Sep 17 00:00:00 2001
From: Christian Boltz <apparmor@cboltz.de>
Date: Sat, 27 Jul 2019 22:23:15 +0200
Subject: [PATCH] add log testcases for exec with and without target=

- in complain mode, exec events include target=...
- in enforce mode, the log message doesn't include target=...

Note that the utils tests skip exec events (they'd be interactive),
therefore exec*.profile doesn't contain an exec rule.
---
 .../libapparmor/testsuite/test_multi/exec01.err  |  0
 .../libapparmor/testsuite/test_multi/exec01.in   |  1 +
 .../libapparmor/testsuite/test_multi/exec01.out  | 16 ++++++++++++++++
 .../testsuite/test_multi/exec01.profile          |  2 ++
 .../libapparmor/testsuite/test_multi/exec02.err  |  0
 .../libapparmor/testsuite/test_multi/exec02.in   |  1 +
 .../libapparmor/testsuite/test_multi/exec02.out  | 15 +++++++++++++++
 .../testsuite/test_multi/exec02.profile          |  2 ++
 8 files changed, 37 insertions(+)
 create mode 100644 libraries/libapparmor/testsuite/test_multi/exec01.err
 create mode 100644 libraries/libapparmor/testsuite/test_multi/exec01.in
 create mode 100644 libraries/libapparmor/testsuite/test_multi/exec01.out
 create mode 100644 libraries/libapparmor/testsuite/test_multi/exec01.profile
 create mode 100644 libraries/libapparmor/testsuite/test_multi/exec02.err
 create mode 100644 libraries/libapparmor/testsuite/test_multi/exec02.in
 create mode 100644 libraries/libapparmor/testsuite/test_multi/exec02.out
 create mode 100644 libraries/libapparmor/testsuite/test_multi/exec02.profile

diff --git a/libraries/libapparmor/testsuite/test_multi/exec01.err b/libraries/libapparmor/testsuite/test_multi/exec01.err
new file mode 100644
index 000000000..e69de29bb
diff --git a/libraries/libapparmor/testsuite/test_multi/exec01.in b/libraries/libapparmor/testsuite/test_multi/exec01.in
new file mode 100644
index 000000000..1fd6561b9
--- /dev/null
+++ b/libraries/libapparmor/testsuite/test_multi/exec01.in
@@ -0,0 +1 @@
+type=AVC msg=audit(1556742889.059:3686): apparmor="ALLOWED" operation="exec" profile="/home/cb/bin/hello.sh" name="/usr/bin/rm" pid=13108 comm="hello.sh" requested_mask="x" denied_mask="x" fsuid=1000 ouid=0 target="/home/cb/bin/hello.sh//null-/usr/bin/rm"
diff --git a/libraries/libapparmor/testsuite/test_multi/exec01.out b/libraries/libapparmor/testsuite/test_multi/exec01.out
new file mode 100644
index 000000000..462afb49e
--- /dev/null
+++ b/libraries/libapparmor/testsuite/test_multi/exec01.out
@@ -0,0 +1,16 @@
+START
+File: exec01.in
+Event type: AA_RECORD_ALLOWED
+Audit ID: 1556742889.059:3686
+Operation: exec
+Mask: x
+Denied Mask: x
+fsuid: 1000
+ouid: 0
+Profile: /home/cb/bin/hello.sh
+Name: /usr/bin/rm
+Command: hello.sh
+Name2: /home/cb/bin/hello.sh//null-/usr/bin/rm
+PID: 13108
+Epoch: 1556742889
+Audit subid: 3686
diff --git a/libraries/libapparmor/testsuite/test_multi/exec01.profile b/libraries/libapparmor/testsuite/test_multi/exec01.profile
new file mode 100644
index 000000000..edf510590
--- /dev/null
+++ b/libraries/libapparmor/testsuite/test_multi/exec01.profile
@@ -0,0 +1,2 @@
+/home/cb/bin/hello.sh {
+}
diff --git a/libraries/libapparmor/testsuite/test_multi/exec02.err b/libraries/libapparmor/testsuite/test_multi/exec02.err
new file mode 100644
index 000000000..e69de29bb
diff --git a/libraries/libapparmor/testsuite/test_multi/exec02.in b/libraries/libapparmor/testsuite/test_multi/exec02.in
new file mode 100644
index 000000000..e60202821
--- /dev/null
+++ b/libraries/libapparmor/testsuite/test_multi/exec02.in
@@ -0,0 +1 @@
+type=AVC msg=audit(1564250674.378:1307): apparmor="DENIED" operation="exec" profile="/usr/bin/wireshark" name="/usr/lib64/wireshark/extcap/androiddump" pid=23247 comm="pool" requested_mask="x" denied_mask="x" fsuid=1000 ouid=0
diff --git a/libraries/libapparmor/testsuite/test_multi/exec02.out b/libraries/libapparmor/testsuite/test_multi/exec02.out
new file mode 100644
index 000000000..5543e4222
--- /dev/null
+++ b/libraries/libapparmor/testsuite/test_multi/exec02.out
@@ -0,0 +1,15 @@
+START
+File: exec02.in
+Event type: AA_RECORD_DENIED
+Audit ID: 1564250674.378:1307
+Operation: exec
+Mask: x
+Denied Mask: x
+fsuid: 1000
+ouid: 0
+Profile: /usr/bin/wireshark
+Name: /usr/lib64/wireshark/extcap/androiddump
+Command: pool
+PID: 23247
+Epoch: 1564250674
+Audit subid: 1307
diff --git a/libraries/libapparmor/testsuite/test_multi/exec02.profile b/libraries/libapparmor/testsuite/test_multi/exec02.profile
new file mode 100644
index 000000000..e05eb5ab7
--- /dev/null
+++ b/libraries/libapparmor/testsuite/test_multi/exec02.profile
@@ -0,0 +1,2 @@
+/usr/bin/wireshark {
+}