Hello, Am Donnerstag, 7. Januar 2016 schrieb Steve Beattie: > On Thu, Jan 07, 2016 at 09:54:40PM +0100, Christian Boltz wrote: > > [ more-simple_tests.diff ] > > > > === added file 'parser/tst/simple_tests/dbus/ok_bind_2.sd' > > --- parser/tst/simple_tests/dbus/ok_bind_2.sd 1970-01-01 00:00:00 > > +0000 +++ parser/tst/simple_tests/dbus/ok_bind_2.sd 2015-10-27 > > 22:55:01 +0000 @@ -0,0 +1,7 @@ > > +# > > +#=DESCRIPTION simple dbus implicit bind acceptance test with deny > > keyword +#=EXRESULT PASS > > + > > +profile a_profile { > > + deny dbus name=(SomeService), > > +} > > Hrm, I'm surprised the autogenerated dbus tests don't cover this, > since they exercise deny pretty excessively. But grepping recursively > for 'deny dbus name' doesn't find anything.
IIRC I noticed this by missing code coverage, so... ;-) > > === added file 'parser/tst/simple_tests/file/ok_bare_1.sd' > > --- parser/tst/simple_tests/file/ok_bare_1.sd 1970-01-01 00:00:00 > > +0000 +++ parser/tst/simple_tests/file/ok_bare_1.sd 2015-10-27 > > 22:50:19 +0000 @@ -0,0 +1,7 @@ > > +# > > +#=Description bare file rule > > +#=EXRESULT PASS > > +# > > +/usr/bin/foo { > > + file, > > +} > > Covered by parser/tst/simple_tests/file/file/ok_2.sd; note that the > file/file/ subdirectory covers use of the file keyword with file > pathnames. I'm okay with okay with renaming/replacing that one with > ok_bare_1.sd, but keeping it in the file/file/ subdirectory. I don't really care about the filename, so I'll just remove ok_bare_1.sd from the patch (and keep ok_2.sd unchanged). This also means I'll rename ok_bare_2.sd to ok_bare_1.sd to avoid someone wonders why ok_bare_1.sd doesn't exist ;-) > > === added file 'parser/tst/simple_tests/file/ok_bare_2.sd' > > --- parser/tst/simple_tests/file/ok_bare_2.sd 1970-01-01 00:00:00 > > +0000 +++ parser/tst/simple_tests/file/ok_bare_2.sd 2015-10-27 > > 22:50:36 +0000 @@ -0,0 +1,7 @@ > > +# > > +#=Description bare file rule > > +#=EXRESULT PASS > > +# > > +/usr/bin/foo { > > + deny file, > > +} > > Yep, that's not covered by existing tests. > > Acked-by: Steve Beattie <st...@nxnw.org>, as long as the duplication > between file/ok_bare_1.sd and file/file/ok_2.sd is resolved. Regards, Christian Boltz -- ...als ich letztens an der Elbe saß, mein Astra-was-sonst nuckelte und die Aufschriften auf den Containerschiffen studierte, beschloss ich, daß die Einheit "Kilopunkt" (kPt) für Fonts durchaus praxisnah sei. Die Überprüfung meiner Erkenntnisse ("Dasch verdammte Wort is minstens 5 Medder hoch, wennichsogar...") muß ich leider bis zum Erwerb eines Schlauchbootes zurückstellen. Wissenschaft fordert Opfer. [Ratti in suse-linux]
signature.asc
Description: This is a digitally signed message part.
-- AppArmor mailing list AppArmor@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor