github.com/containers/libpod@v1.9.4-0.20220419124438-4284fd425507/pkg/apparmor/apparmor_linux_test.go (about) 1 // +build linux,apparmor 2 3 package apparmor 4 5 import ( 6 "os" 7 "testing" 8 ) 9 10 type versionExpected struct { 11 output string 12 version int 13 } 14 15 func TestParseAAParserVersion(t *testing.T) { 16 if !IsEnabled() { 17 t.Skip("AppArmor disabled: skipping tests") 18 } 19 versions := []versionExpected{ 20 { 21 output: `AppArmor parser version 2.10 22 Copyright (C) 1999-2008 Novell Inc. 23 Copyright 2009-2012 Canonical Ltd. 24 25 `, 26 version: 210000, 27 }, 28 { 29 output: `AppArmor parser version 2.8 30 Copyright (C) 1999-2008 Novell Inc. 31 Copyright 2009-2012 Canonical Ltd. 32 33 `, 34 version: 208000, 35 }, 36 { 37 output: `AppArmor parser version 2.20 38 Copyright (C) 1999-2008 Novell Inc. 39 Copyright 2009-2012 Canonical Ltd. 40 41 `, 42 version: 220000, 43 }, 44 { 45 output: `AppArmor parser version 2.05 46 Copyright (C) 1999-2008 Novell Inc. 47 Copyright 2009-2012 Canonical Ltd. 48 49 `, 50 version: 205000, 51 }, 52 { 53 output: `AppArmor parser version 2.9.95 54 Copyright (C) 1999-2008 Novell Inc. 55 Copyright 2009-2012 Canonical Ltd. 56 57 `, 58 version: 209095, 59 }, 60 { 61 output: `AppArmor parser version 3.14.159 62 Copyright (C) 1999-2008 Novell Inc. 63 Copyright 2009-2012 Canonical Ltd. 64 65 `, 66 version: 314159, 67 }, 68 } 69 70 for _, v := range versions { 71 version, err := parseAAParserVersion(v.output) 72 if err != nil { 73 t.Fatalf("expected error to be nil for %#v, got: %v", v, err) 74 } 75 if version != v.version { 76 t.Fatalf("expected version to be %d, was %d, for: %#v\n", v.version, version, v) 77 } 78 } 79 } 80 81 const ( 82 aapath = "/sys/kernel/security/apparmor/" 83 profile = "libpod-default-testing" 84 ) 85 86 func TestInstallDefault(t *testing.T) { 87 if _, err := os.Stat(aapath); err != nil { 88 t.Skip("AppArmor isn't available in this environment") 89 } 90 91 // removes `profile` 92 removeProfile := func() error { 93 path := aapath + ".remove" 94 95 f, err := os.OpenFile(path, os.O_APPEND|os.O_WRONLY, os.ModeAppend) 96 if err != nil { 97 return err 98 } 99 defer f.Close() 100 101 _, err = f.WriteString(profile) 102 return err 103 } 104 105 // makes sure `profile` is loaded according to `state` 106 checkLoaded := func(state bool) { 107 loaded, err := IsLoaded(profile) 108 if err != nil { 109 t.Fatalf("Error searching AppArmor profile '%s': %v", profile, err) 110 } 111 if state != loaded { 112 if state { 113 t.Fatalf("AppArmor profile '%s' isn't loaded but should", profile) 114 } else { 115 t.Fatalf("AppArmor profile '%s' is loaded but shouldn't", profile) 116 } 117 } 118 } 119 120 // test installing the profile 121 if err := InstallDefault(profile); err != nil { 122 t.Fatalf("Couldn't install AppArmor profile '%s': %v", profile, err) 123 } 124 checkLoaded(true) 125 126 // remove the profile and check again 127 if err := removeProfile(); err != nil { 128 t.Fatalf("Couldn't remove AppArmor profile '%s': %v", profile, err) 129 } 130 checkLoaded(false) 131 } 132 133 func TestDefaultContent(t *testing.T) { 134 if _, err := os.Stat(aapath); err != nil { 135 t.Skip("AppArmor isn't available in this environment") 136 } 137 if _, err := DefaultContent(profile); err != nil { 138 t.Fatalf("Couldn't retrieve default AppArmor profile content '%s': %v", profile, err) 139 } 140 }