apparmor automated
critical
- Image Types:
- basesdk-amd64 / fixedfunction-armhf / fixedfunction-arm64 / fixedfunction-amd64 / hmi-armhf / hmi-amd64 / sdk-amd64
- Image Deployment:
- APT, OSTree
- Type:
- functional
Description
Security infrastructure: checking that AppArmor is available in the kernel and active is part of strategic application and services confinement.
Pre Conditions
- Clone the tests repository from another computer (Note that the branch being tested may change depending on the release, please make sure to clone the correct branch for the release in question):
- Copy the test directory apparmor to the target device:
- Log into the target device:
$ git clone --branch apertis/v2024 https://gitlab.apertis.org/tests/apparmor.git
$ DUT_IP=<device-ip>
$ scp -r apparmor user@$DUT_IP:
$ ssh user@$DUT_IP
Execution Steps
- Enter test directory:
- Execute the following command:
$ cd apparmor
$ common/run-test-in-systemd --basename --timeout 3000 ./apparmor.sh
Expected
The apparmor.sh script should return 0. The return value indicates the number of tests which failed. The ouput should be similar to the following example:
access.sh: PASSED - /tmp/sdtest.4283-31579-rMuWBs
capabilities.sh: FAILED - /tmp/sdtest.4548-350-UPHWk3
Although extraneous lines might been shown in case of error or for debug. Those won't interfere with the test parser.
Notes
- Make sure that you have disconnect the ethernet connection to the target before you start the tethering process.
- This testcase groups upstream developed tests mostly and therefore it's not runnning any Apertis specific test.