[apparmor] [PATCH 2/2] libaalogparse: Regression tests for dbus-daemon audit messages
Seth Arnold
seth.arnold at canonical.com
Fri Aug 9 01:25:48 UTC 2013
On Thu, Aug 01, 2013 at 12:31:31AM -0700, Tyler Hicks wrote:
> Test a set of send, bind, and receive denials routed through the syslog,
> as well as a set routed through auditd.
>
> Signed-off-by: Tyler Hicks <tyhicks at canonical.com>
Acked-By: Seth Arnold <seth.arnold at canonical.com>
Thanks!
> ---
> libraries/libapparmor/testsuite/test_multi.c | 16 ++++++++++++++++
> .../testsuite/test_multi/testcase_dbus_01.err | 0
> .../testsuite/test_multi/testcase_dbus_01.in | 1 +
> .../testsuite/test_multi/testcase_dbus_01.out | 15 +++++++++++++++
> .../testsuite/test_multi/testcase_dbus_02.err | 0
> .../testsuite/test_multi/testcase_dbus_02.in | 1 +
> .../testsuite/test_multi/testcase_dbus_02.out | 11 +++++++++++
> .../testsuite/test_multi/testcase_dbus_03.err | 0
> .../testsuite/test_multi/testcase_dbus_03.in | 1 +
> .../testsuite/test_multi/testcase_dbus_03.out | 16 ++++++++++++++++
> .../testsuite/test_multi/testcase_dbus_04.err | 0
> .../testsuite/test_multi/testcase_dbus_04.in | 1 +
> .../testsuite/test_multi/testcase_dbus_04.out | 17 +++++++++++++++++
> .../testsuite/test_multi/testcase_dbus_05.err | 0
> .../testsuite/test_multi/testcase_dbus_05.in | 1 +
> .../testsuite/test_multi/testcase_dbus_05.out | 13 +++++++++++++
> .../testsuite/test_multi/testcase_dbus_06.err | 0
> .../testsuite/test_multi/testcase_dbus_06.in | 1 +
> .../testsuite/test_multi/testcase_dbus_06.out | 18 ++++++++++++++++++
> 19 files changed, 112 insertions(+)
> create mode 100644 libraries/libapparmor/testsuite/test_multi/testcase_dbus_01.err
> create mode 100644 libraries/libapparmor/testsuite/test_multi/testcase_dbus_01.in
> create mode 100644 libraries/libapparmor/testsuite/test_multi/testcase_dbus_01.out
> create mode 100644 libraries/libapparmor/testsuite/test_multi/testcase_dbus_02.err
> create mode 100644 libraries/libapparmor/testsuite/test_multi/testcase_dbus_02.in
> create mode 100644 libraries/libapparmor/testsuite/test_multi/testcase_dbus_02.out
> create mode 100644 libraries/libapparmor/testsuite/test_multi/testcase_dbus_03.err
> create mode 100644 libraries/libapparmor/testsuite/test_multi/testcase_dbus_03.in
> create mode 100644 libraries/libapparmor/testsuite/test_multi/testcase_dbus_03.out
> create mode 100644 libraries/libapparmor/testsuite/test_multi/testcase_dbus_04.err
> create mode 100644 libraries/libapparmor/testsuite/test_multi/testcase_dbus_04.in
> create mode 100644 libraries/libapparmor/testsuite/test_multi/testcase_dbus_04.out
> create mode 100644 libraries/libapparmor/testsuite/test_multi/testcase_dbus_05.err
> create mode 100644 libraries/libapparmor/testsuite/test_multi/testcase_dbus_05.in
> create mode 100644 libraries/libapparmor/testsuite/test_multi/testcase_dbus_05.out
> create mode 100644 libraries/libapparmor/testsuite/test_multi/testcase_dbus_06.err
> create mode 100644 libraries/libapparmor/testsuite/test_multi/testcase_dbus_06.in
> create mode 100644 libraries/libapparmor/testsuite/test_multi/testcase_dbus_06.out
>
> diff --git a/libraries/libapparmor/testsuite/test_multi.c b/libraries/libapparmor/testsuite/test_multi.c
> index 1732e31..eb73279 100644
> --- a/libraries/libapparmor/testsuite/test_multi.c
> +++ b/libraries/libapparmor/testsuite/test_multi.c
> @@ -137,6 +137,10 @@ int print_results(aa_log_record *record)
> {
> printf("Profile: %s\n", record->profile);
> }
> + if (record->peer_profile != NULL)
> + {
> + printf("Peer profile: %s\n", record->peer_profile);
> + }
> if (record->name != NULL)
> {
> printf("Name: %s\n", record->name);
> @@ -173,6 +177,10 @@ int print_results(aa_log_record *record)
> {
> printf("Info: %s\n", record->info);
> }
> + if (record->peer_info != NULL)
> + {
> + printf("Peer info: %s\n", record->peer_info);
> + }
> if (record->error_code)
> {
> printf("ErrorCode: %d\n", record->error_code);
> @@ -181,6 +189,10 @@ int print_results(aa_log_record *record)
> {
> printf("PID: %ld\n", record->pid);
> }
> + if (record->peer_pid != 0)
> + {
> + printf("Peer PID: %ld\n", record->peer_pid);
> + }
> if (record->active_hat != NULL)
> {
> printf("Active hat: %s\n", record->active_hat);
> @@ -201,6 +213,10 @@ int print_results(aa_log_record *record)
> print_string("Foreign addr", record->net_foreign_addr);
> print_long("Local port", record->net_local_port, 0);
> print_long("Foreign port", record->net_foreign_port, 0);
> + print_string("DBus bus", record->dbus_bus);
> + print_string("DBus path", record->dbus_path);
> + print_string("DBus interface", record->dbus_interface);
> + print_string("DBus member", record->dbus_member);
>
> printf("Epoch: %lu\n", record->epoch);
> printf("Audit subid: %u\n", record->audit_sub_id);
> diff --git a/libraries/libapparmor/testsuite/test_multi/testcase_dbus_01.err b/libraries/libapparmor/testsuite/test_multi/testcase_dbus_01.err
> new file mode 100644
> index 0000000..e69de29
> diff --git a/libraries/libapparmor/testsuite/test_multi/testcase_dbus_01.in b/libraries/libapparmor/testsuite/test_multi/testcase_dbus_01.in
> new file mode 100644
> index 0000000..56c1d08
> --- /dev/null
> +++ b/libraries/libapparmor/testsuite/test_multi/testcase_dbus_01.in
> @@ -0,0 +1 @@
> +Jul 31 17:10:35 dbusdev-saucy-amd64 dbus[1692]: apparmor="DENIED" operation="dbus_method_call" bus="session" name="org.freedesktop.DBus" path="/org/freedesktop/DBus" interface="org.freedesktop.DBus" member="Hello" mask="send" pid=2922 profile="/tmp/apparmor-2.8.0/tests/regression/apparmor/dbus_service" peer_profile="unconfined"
> diff --git a/libraries/libapparmor/testsuite/test_multi/testcase_dbus_01.out b/libraries/libapparmor/testsuite/test_multi/testcase_dbus_01.out
> new file mode 100644
> index 0000000..e679b8e
> --- /dev/null
> +++ b/libraries/libapparmor/testsuite/test_multi/testcase_dbus_01.out
> @@ -0,0 +1,15 @@
> +START
> +File: test_multi/testcase_dbus_01.in
> +Event type: AA_RECORD_DENIED
> +Operation: dbus_method_call
> +Denied Mask: send
> +Profile: /tmp/apparmor-2.8.0/tests/regression/apparmor/dbus_service
> +Peer profile: unconfined
> +Name: org.freedesktop.DBus
> +PID: 2922
> +DBus bus: session
> +DBus path: /org/freedesktop/DBus
> +DBus interface: org.freedesktop.DBus
> +DBus member: Hello
> +Epoch: 0
> +Audit subid: 0
> diff --git a/libraries/libapparmor/testsuite/test_multi/testcase_dbus_02.err b/libraries/libapparmor/testsuite/test_multi/testcase_dbus_02.err
> new file mode 100644
> index 0000000..e69de29
> diff --git a/libraries/libapparmor/testsuite/test_multi/testcase_dbus_02.in b/libraries/libapparmor/testsuite/test_multi/testcase_dbus_02.in
> new file mode 100644
> index 0000000..4a90758
> --- /dev/null
> +++ b/libraries/libapparmor/testsuite/test_multi/testcase_dbus_02.in
> @@ -0,0 +1 @@
> +Jul 31 17:11:16 dbusdev-saucy-amd64 dbus[1692]: apparmor="DENIED" operation="dbus_bind" bus="session" name="com.apparmor.Test" mask="bind" pid=2940 profile="/tmp/apparmor-2.8.0/tests/regression/apparmor/dbus_service"
> diff --git a/libraries/libapparmor/testsuite/test_multi/testcase_dbus_02.out b/libraries/libapparmor/testsuite/test_multi/testcase_dbus_02.out
> new file mode 100644
> index 0000000..bf63d05
> --- /dev/null
> +++ b/libraries/libapparmor/testsuite/test_multi/testcase_dbus_02.out
> @@ -0,0 +1,11 @@
> +START
> +File: test_multi/testcase_dbus_02.in
> +Event type: AA_RECORD_DENIED
> +Operation: dbus_bind
> +Denied Mask: bind
> +Profile: /tmp/apparmor-2.8.0/tests/regression/apparmor/dbus_service
> +Name: com.apparmor.Test
> +PID: 2940
> +DBus bus: session
> +Epoch: 0
> +Audit subid: 0
> diff --git a/libraries/libapparmor/testsuite/test_multi/testcase_dbus_03.err b/libraries/libapparmor/testsuite/test_multi/testcase_dbus_03.err
> new file mode 100644
> index 0000000..e69de29
> diff --git a/libraries/libapparmor/testsuite/test_multi/testcase_dbus_03.in b/libraries/libapparmor/testsuite/test_multi/testcase_dbus_03.in
> new file mode 100644
> index 0000000..48d9401
> --- /dev/null
> +++ b/libraries/libapparmor/testsuite/test_multi/testcase_dbus_03.in
> @@ -0,0 +1 @@
> +Jul 31 17:11:58 dbusdev-saucy-amd64 dbus[1692]: apparmor="DENIED" operation="dbus_signal" bus="session" name="com.apparmor.Test" path="/com/apparmor/Test" interface="com.apparmor.Test" member="Signal" mask="receive" pid=2945 profile="/tmp/apparmor-2.8.0/tests/regression/apparmor/dbus_service" peer_pid=2947 peer_profile="unconfined"
> diff --git a/libraries/libapparmor/testsuite/test_multi/testcase_dbus_03.out b/libraries/libapparmor/testsuite/test_multi/testcase_dbus_03.out
> new file mode 100644
> index 0000000..9101fd0
> --- /dev/null
> +++ b/libraries/libapparmor/testsuite/test_multi/testcase_dbus_03.out
> @@ -0,0 +1,16 @@
> +START
> +File: test_multi/testcase_dbus_03.in
> +Event type: AA_RECORD_DENIED
> +Operation: dbus_signal
> +Denied Mask: receive
> +Profile: /tmp/apparmor-2.8.0/tests/regression/apparmor/dbus_service
> +Peer profile: unconfined
> +Name: com.apparmor.Test
> +PID: 2945
> +Peer PID: 2947
> +DBus bus: session
> +DBus path: /com/apparmor/Test
> +DBus interface: com.apparmor.Test
> +DBus member: Signal
> +Epoch: 0
> +Audit subid: 0
> diff --git a/libraries/libapparmor/testsuite/test_multi/testcase_dbus_04.err b/libraries/libapparmor/testsuite/test_multi/testcase_dbus_04.err
> new file mode 100644
> index 0000000..e69de29
> diff --git a/libraries/libapparmor/testsuite/test_multi/testcase_dbus_04.in b/libraries/libapparmor/testsuite/test_multi/testcase_dbus_04.in
> new file mode 100644
> index 0000000..b3fc527
> --- /dev/null
> +++ b/libraries/libapparmor/testsuite/test_multi/testcase_dbus_04.in
> @@ -0,0 +1 @@
> +type=USER_AVC msg=audit(1375323372.644:157): pid=363 uid=102 auid=4294967295 ses=4294967295 msg='apparmor="DENIED" operation="dbus_method_call" bus="system" name="org.freedesktop.DBus" path="/org/freedesktop/DBus" interface="org.freedesktop.DBus" member="Hello" mask="send" pid=2833 profile="/tmp/apparmor-2.8.0/tests/regression/apparmor/dbus_service" peer_profile="unconfined" exe="/bin/dbus-daemon" sauid=102 hostname=? addr=? terminal=?'
> diff --git a/libraries/libapparmor/testsuite/test_multi/testcase_dbus_04.out b/libraries/libapparmor/testsuite/test_multi/testcase_dbus_04.out
> new file mode 100644
> index 0000000..cd81768
> --- /dev/null
> +++ b/libraries/libapparmor/testsuite/test_multi/testcase_dbus_04.out
> @@ -0,0 +1,17 @@
> +START
> +File: test_multi/testcase_dbus_04.in
> +Event type: AA_RECORD_DENIED
> +Audit ID: 1375323372.644:157
> +Operation: dbus_method_call
> +Denied Mask: send
> +Profile: /tmp/apparmor-2.8.0/tests/regression/apparmor/dbus_service
> +Peer profile: unconfined
> +Name: org.freedesktop.DBus
> +Command: /bin/dbus-daemon
> +PID: 2833
> +DBus bus: system
> +DBus path: /org/freedesktop/DBus
> +DBus interface: org.freedesktop.DBus
> +DBus member: Hello
> +Epoch: 1375323372
> +Audit subid: 157
> diff --git a/libraries/libapparmor/testsuite/test_multi/testcase_dbus_05.err b/libraries/libapparmor/testsuite/test_multi/testcase_dbus_05.err
> new file mode 100644
> index 0000000..e69de29
> diff --git a/libraries/libapparmor/testsuite/test_multi/testcase_dbus_05.in b/libraries/libapparmor/testsuite/test_multi/testcase_dbus_05.in
> new file mode 100644
> index 0000000..ec63000
> --- /dev/null
> +++ b/libraries/libapparmor/testsuite/test_multi/testcase_dbus_05.in
> @@ -0,0 +1 @@
> +type=USER_AVC msg=audit(1375323416.656:167): pid=363 uid=102 auid=4294967295 ses=4294967295 msg='apparmor="DENIED" operation="dbus_bind" bus="system" name="org.freedesktop.nm_dhcp_client" mask="bind" pid=2838 profile="/tmp/apparmor-2.8.0/tests/regression/apparmor/dbus_service" exe="/bin/dbus-daemon" sauid=102 hostname=? addr=? terminal=?'
> diff --git a/libraries/libapparmor/testsuite/test_multi/testcase_dbus_05.out b/libraries/libapparmor/testsuite/test_multi/testcase_dbus_05.out
> new file mode 100644
> index 0000000..9d896d8
> --- /dev/null
> +++ b/libraries/libapparmor/testsuite/test_multi/testcase_dbus_05.out
> @@ -0,0 +1,13 @@
> +START
> +File: test_multi/testcase_dbus_05.in
> +Event type: AA_RECORD_DENIED
> +Audit ID: 1375323416.656:167
> +Operation: dbus_bind
> +Denied Mask: bind
> +Profile: /tmp/apparmor-2.8.0/tests/regression/apparmor/dbus_service
> +Name: org.freedesktop.nm_dhcp_client
> +Command: /bin/dbus-daemon
> +PID: 2838
> +DBus bus: system
> +Epoch: 1375323416
> +Audit subid: 167
> diff --git a/libraries/libapparmor/testsuite/test_multi/testcase_dbus_06.err b/libraries/libapparmor/testsuite/test_multi/testcase_dbus_06.err
> new file mode 100644
> index 0000000..e69de29
> diff --git a/libraries/libapparmor/testsuite/test_multi/testcase_dbus_06.in b/libraries/libapparmor/testsuite/test_multi/testcase_dbus_06.in
> new file mode 100644
> index 0000000..090a3cf
> --- /dev/null
> +++ b/libraries/libapparmor/testsuite/test_multi/testcase_dbus_06.in
> @@ -0,0 +1 @@
> +type=USER_AVC msg=audit(1375323488.608:182): pid=363 uid=102 auid=4294967295 ses=4294967295 msg='apparmor="DENIED" operation="dbus_signal" bus="system" name="org.freedesktop.nm_dhcp_client" path="/org/freedesktop/nm_dhcp_client" interface="org.freedesktop.nm_dhcp_client" member="Signal" mask="receive" pid=2859 profile="/tmp/apparmor-2.8.0/tests/regression/apparmor/dbus_service" peer_pid=2875 peer_profile="unconfined" exe="/bin/dbus-daemon" sauid=102 hostname=? addr=? terminal=?'
> diff --git a/libraries/libapparmor/testsuite/test_multi/testcase_dbus_06.out b/libraries/libapparmor/testsuite/test_multi/testcase_dbus_06.out
> new file mode 100644
> index 0000000..54ebc45
> --- /dev/null
> +++ b/libraries/libapparmor/testsuite/test_multi/testcase_dbus_06.out
> @@ -0,0 +1,18 @@
> +START
> +File: test_multi/testcase_dbus_06.in
> +Event type: AA_RECORD_DENIED
> +Audit ID: 1375323488.608:182
> +Operation: dbus_signal
> +Denied Mask: receive
> +Profile: /tmp/apparmor-2.8.0/tests/regression/apparmor/dbus_service
> +Peer profile: unconfined
> +Name: org.freedesktop.nm_dhcp_client
> +Command: /bin/dbus-daemon
> +PID: 2859
> +Peer PID: 2875
> +DBus bus: system
> +DBus path: /org/freedesktop/nm_dhcp_client
> +DBus interface: org.freedesktop.nm_dhcp_client
> +DBus member: Signal
> +Epoch: 1375323488
> +Audit subid: 182
> --
> 1.8.3.2
>
>
> --
> AppArmor mailing list
> AppArmor at lists.ubuntu.com
> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20130808/32495161/attachment.pgp>
More information about the AppArmor
mailing list