apparmor automated

critical

Image Types:
basesdk-amd64 / minimal-armhf-internal / minimal-armhf / minimal-arm64 / minimal-amd64 / sdk-amd64 / target-armhf-internal / target-amd64
Image Deployment:
APT, OSTree
Type:
functional

Description

Security infrastructure: checking that AppArmor is available in the kernel and active is part of strategic application and services confinement.


Pre Conditions

  1. Clone the tests repository from another computer (Note that the branch being tested may change depending on the release, please make sure to clone the correct branch for the release in question):
  2. $ git clone --branch apertis/v2020dev0 https://gitlab.apertis.org/tests/apparmor.git

  3. Copy the test directory apparmor to the target device:
  4. $ DUT_IP=<device-ip>

    $ scp -r apparmor user@$DUT_IP:

  5. Log into the target device:
  6. $ ssh user@$DUT_IP


Execution Steps

  1. Enter test directory:
  2. $ cd apparmor

  3. Execute the following command:
  4. $ common/run-test-in-systemd --basename --timeout 3000 ./apparmor.sh


Expected

The apparmor.sh script should return 0. The return value indicates the number of tests which failed. The ouput should be similar to the following example:

access.sh: PASSED - /tmp/sdtest.4283-31579-rMuWBs

capabilities.sh: FAILED - /tmp/sdtest.4548-350-UPHWk3

Although extraneous lines might been shown in case of error or for debug. Those won't interfere with the test parser.

Notes

  • Make sure that you have disconnect the ethernet connection to the target before you start the tethering process.
  • This testcase groups upstream developed tests mostly and therefore it's not runnning any Apertis specific test.