mir/apparmor
2
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor synced 2025-08-30 13:58:22 +00:00
Code Issues Releases Wiki Activity

Merge ProfileStorage: incldue profile header in __repr__()

Browse Source 
ProfileStorage knows a whole profile, therefore it should also include the profile header in `__repr__()`.

Also add a test for this.

While on it, add a test for an invalid type change for a type that doesn't have special handling in `__setitem__()` to increase test coverage.

MR: https://gitlab.com/apparmor/apparmor/-/merge_requests/1233
Approved-by: Georgia Garcia <georgia.garcia@canonical.com>
Merged-by: Christian Boltz <apparmor@cboltz.de>
This commit is contained in:
Christian Boltz
2024-05-17 14:02:45 +00:00
parent 5936c775ef eb3550c1b4
commit e1bda6d1a2
2 changed files with 22 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
utils/apparmor/profile_storage.py
View File

@@ -132,8 +132,11 @@ class ProfileStorage:
raise AppArmorBug('Attempt to overwrite "%s" with %s, type %s' % (key, value, type(value))) raise AppArmorBug('Attempt to overwrite "%s" with %s, type %s' % (key, value, type(value)))
def __repr__(self): def __repr__(self):
name = type(self).__name__ classname = type(self).__name__
return '\n<%s>\n%s\n</%s>\n' % (name, '\n'.join(self.get_rules_clean(1)), name) header = '\n'.join(self.get_header(0, self['name'], False))
rules = '\n'.join(self.get_rules_clean(1))
endprofile = '}'
return f'\n<{classname}>\n{header}\n{rules}\n{endprofile}\n</{classname}>\n'
def get(self, key, fallback=None): def get(self, key, fallback=None):
if key in self.data: if key in self.data:

17
utils/test/test-profile-storage.py
View File

@@ -13,6 +13,7 @@ import unittest
from apparmor.common import AppArmorBug, AppArmorException from apparmor.common import AppArmorBug, AppArmorException
from apparmor.profile_storage import ProfileStorage, add_or_remove_flag, split_flags, var_transform from apparmor.profile_storage import ProfileStorage, add_or_remove_flag, split_flags, var_transform
from apparmor.rule.capability import CapabilityRule
from common_test import AATest, setup_all_loops from common_test import AATest, setup_all_loops
@@ -121,6 +122,22 @@ class TestSetInvalid(AATest):
with self.assertRaises(expected): with self.assertRaises(expected):
self.storage[params[0]] = params[1] self.storage[params[0]] = params[1]
def testInvalidTypeChange(self):
storage = ProfileStorage('/test/foo', 'hat', 'TEST')
storage.data['invalid'] = 42 # manually set behind __setitem__'s back to avoid checks
with self.assertRaises(AppArmorBug):
storage['invalid'] = 'foo' # attempt to change type from int to str
class AaTest_repr(AATest):
def testRepr(self):
prof_storage = ProfileStorage('/test/foo', 'hat', 'TEST')
prof_storage['name'] = 'foo'
prof_storage['xattrs'] = 'user.bar=bar'
prof_storage['capability'].add(CapabilityRule('dac_override'))
self.assertEqual(str(prof_storage), '\n<ProfileStorage>\nprofile foo xattrs=(user.bar=bar) {\n capability dac_override,\n\n}\n</ProfileStorage>\n')
class AaTest_parse_profile_start(AATest): class AaTest_parse_profile_start(AATest):
tests = ( tests = (