apparmor-tumbler automated
medium
- Image Types:
- basesdk-amd64 / sdk-amd64 / target-armhf-internal / target-armhf / target-amd64
- Image Deployment:
- APT, OSTree
- Type:
- functional
Description
Tests that the tumbler AppArmor profile doesn't cause false negatives and that it does not allow arbitrary reading of files in the home directory.
Pre Conditions
- Clone the tests repository from another computer (Note that the branch being tested may change depending on the release, please make sure to clone the correct branch for the release in question):
- Copy the test directory apparmor-tumbler to the target device:
- Log into the target device:
$ git clone --branch apertis/v2021pre https://gitlab.apertis.org/tests/apparmor-tumbler.git
$ DUT_IP=<device-ip>
$ scp -r apparmor-tumbler user@$DUT_IP:
$ ssh user@$DUT_IP
Execution Steps
- Enter test directory:
- Execute the following commands:
$ cd apparmor-tumbler
$ common/run-test-in-systemd --name run-test-sh --timeout 900 ./run-test.sh
Expected
Both tests should report pass and not fail:
tumbler.normal.expected: pass
tumbler.malicious.expected: pass
Notes
- The results of the tests printed to the standard output are enough to determine whether they passed or fail.
- If you get a failure and need to report a bug please check journalctl, run the test case again, and add the logs you get to the bug report.