github.com/kubiko/snapd@v0.0.0-20201013125620-d4f3094d9ddf/interfaces/builtin/network_observe_test.go (about) 1 // -*- Mode: Go; indent-tabs-mode: t -*- 2 3 /* 4 * Copyright (C) 2016 Canonical Ltd 5 * 6 * This program is free software: you can redistribute it and/or modify 7 * it under the terms of the GNU General Public License version 3 as 8 * published by the Free Software Foundation. 9 * 10 * This program is distributed in the hope that it will be useful, 11 * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 * GNU General Public License for more details. 14 * 15 * You should have received a copy of the GNU General Public License 16 * along with this program. If not, see <http://www.gnu.org/licenses/>. 17 * 18 */ 19 20 package builtin_test 21 22 import ( 23 . "gopkg.in/check.v1" 24 25 "github.com/snapcore/snapd/interfaces" 26 "github.com/snapcore/snapd/interfaces/apparmor" 27 "github.com/snapcore/snapd/interfaces/builtin" 28 "github.com/snapcore/snapd/interfaces/seccomp" 29 "github.com/snapcore/snapd/snap" 30 "github.com/snapcore/snapd/snap/snaptest" 31 "github.com/snapcore/snapd/testutil" 32 ) 33 34 type NetworkObserveInterfaceSuite struct { 35 iface interfaces.Interface 36 slotInfo *snap.SlotInfo 37 slot *interfaces.ConnectedSlot 38 plugInfo *snap.PlugInfo 39 plug *interfaces.ConnectedPlug 40 } 41 42 const netobsMockPlugSnapInfoYaml = `name: other 43 version: 1.0 44 apps: 45 app2: 46 command: foo 47 plugs: [network-observe] 48 ` 49 50 var _ = Suite(&NetworkObserveInterfaceSuite{ 51 iface: builtin.MustInterface("network-observe"), 52 }) 53 54 func (s *NetworkObserveInterfaceSuite) SetUpTest(c *C) { 55 s.slotInfo = &snap.SlotInfo{ 56 Snap: &snap.Info{SuggestedName: "core", SnapType: snap.TypeOS}, 57 Name: "network-observe", 58 Interface: "network-observe", 59 } 60 s.slot = interfaces.NewConnectedSlot(s.slotInfo, nil, nil) 61 plugSnap := snaptest.MockInfo(c, netobsMockPlugSnapInfoYaml, nil) 62 s.plugInfo = plugSnap.Plugs["network-observe"] 63 s.plug = interfaces.NewConnectedPlug(s.plugInfo, nil, nil) 64 } 65 66 func (s *NetworkObserveInterfaceSuite) TestName(c *C) { 67 c.Assert(s.iface.Name(), Equals, "network-observe") 68 } 69 70 func (s *NetworkObserveInterfaceSuite) TestSanitizeSlot(c *C) { 71 c.Assert(interfaces.BeforePrepareSlot(s.iface, s.slotInfo), IsNil) 72 } 73 74 func (s *NetworkObserveInterfaceSuite) TestSanitizePlug(c *C) { 75 c.Assert(interfaces.BeforePreparePlug(s.iface, s.plugInfo), IsNil) 76 } 77 78 func (s *NetworkObserveInterfaceSuite) TestUsedSecuritySystems(c *C) { 79 // connected plugs have a non-nil security snippet for apparmor 80 apparmorSpec := &apparmor.Specification{} 81 err := apparmorSpec.AddConnectedPlug(s.iface, s.plug, s.slot) 82 c.Assert(err, IsNil) 83 c.Assert(apparmorSpec.SecurityTags(), DeepEquals, []string{"snap.other.app2"}) 84 c.Assert(apparmorSpec.SnippetForTag("snap.other.app2"), testutil.Contains, `net_raw`) 85 86 // connected plugs have a non-nil security snippet for seccomp 87 seccompSpec := &seccomp.Specification{} 88 err = seccompSpec.AddConnectedPlug(s.iface, s.plug, s.slot) 89 c.Assert(err, IsNil) 90 c.Assert(seccompSpec.SecurityTags(), DeepEquals, []string{"snap.other.app2"}) 91 c.Check(seccompSpec.SnippetForTag("snap.other.app2"), testutil.Contains, "capset\n") 92 } 93 94 func (s *NetworkObserveInterfaceSuite) TestInterfaces(c *C) { 95 c.Check(builtin.Interfaces(), testutil.DeepContains, s.iface) 96 }