apparmor-chaiwala-system automated

high

Image Types:
basesdk-amd64 / minimal-armhf-internal / minimal-armhf / minimal-arm64 / minimal-amd64 / sdk-amd64 / target-armhf-internal / target-armhf / target-amd64
Image Deployment:
APT, OSTree
Type:
functional

Description

Test that AppArmor's system wide rules works according to Apertis security goals (Chaiwala was an older codename for Apertis).


Pre Conditions

  1. Clone the tests repository from another computer (Note that the branch being tested may change depending on the release, please make sure to clone the correct branch for the release in question):
  2. $ git clone --branch apertis/v2020 https://gitlab.apertis.org/tests/apparmor-chaiwala-system.git
  3. Copy the test directory apparmor-chaiwala-system to the target device:
  4. $ DUT_IP=<device-ip>
    $ scp -r apparmor-chaiwala-system user@$DUT_IP:
  5. Log into the target device:
  6. $ ssh user@$DUT_IP

Execution Steps

  1. Enter test directory:
  2. $ cd apparmor-chaiwala-system
  3. Execute the following command:
  4. $ common/run-test-in-systemd --timeout=90 --basename ./run-test.sh

Expected

The run-test.sh script should return 0. The return value indicates the number of tests which failed. A similar output will be shown:

Files retained in: /tmp/apparmor-chaiwala-system-gKUGXfrDVm-hFuzCE

/home/user/apparmor-chaiwala-system-master/goals/exec.sh: PASSED - /tmp/apparmor-chaiwala-system-gKUGXfrDVm-hFuzCE

Files retained in: /tmp/apparmor-chaiwala-system-ThPLvpkUnz-UZABGW

/home/user/apparmor-chaiwala-system-master/goals/home.sh: PASSED - /tmp/apparmor-chaiwala-system-ThPLvpkUnz-UZABGW

Notes

  • This tests only check that system wide rules (not components ones) are correctly implemented.