tiny-container-system-aa-enforcement automated
medium
- Image Types:
- tiny-lxc-armhf-internal / tiny-lxc-armhf / tiny-lxc-arm64 / tiny-lxc-amd64
- Image Deployment:
- LXC
- Type:
- functional
Description
Test that the AppArmor profile for dbus-daemon is loaded in system-wide privileged container
Pre Conditions
- Clone the tests repository from another computer (Note that the branch being tested may change depending on the release, please make sure to clone the correct branch for the release in question):
- Copy the test directory tiny-image-recipes to the target device:
- Log into the target device:
$ git clone --branch apertis/v2022dev2 https://gitlab.apertis.org/infrastructure/tiny-image-recipes.git
$ DUT_IP=<device-ip>
$ scp -r tiny-image-recipes user@$DUT_IP:
$ ssh user@$DUT_IP
Execution Steps
- Enter test directory:
- Setup the AppArmor profile for container:
- Check that the AppArmor profile for dbus-daemon in the container is loaded
$ cd tiny-image-recipes
$ sed s/__NAMESPACE_PLACEHOLDER__/lxc-apertis-tiny-system/g lxc/lxc-tiny-connectivity-profile-template | apparmor_parser -qr
$ lavatests/test-aa-enforcement --ospack "$OSPACK" -t lxc/lxc-tiny-connectivity --aa-namespace "lxc-apertis-tiny-system"
Expected
Test command should report "pass".