1*2d543d20SAndroid Build Coastguard Workerimport unittest 2*2d543d20SAndroid Build Coastguard Workerimport os 3*2d543d20SAndroid Build Coastguard Workerimport os.path 4*2d543d20SAndroid Build Coastguard Workerimport sys 5*2d543d20SAndroid Build Coastguard Workerfrom tempfile import mkdtemp 6*2d543d20SAndroid Build Coastguard Workerfrom subprocess import Popen, PIPE 7*2d543d20SAndroid Build Coastguard Worker 8*2d543d20SAndroid Build Coastguard Worker 9*2d543d20SAndroid Build Coastguard Workerclass Audit2allowTests(unittest.TestCase): 10*2d543d20SAndroid Build Coastguard Worker 11*2d543d20SAndroid Build Coastguard Worker def assertDenied(self, err): 12*2d543d20SAndroid Build Coastguard Worker self.assertTrue('Permission denied' in err, 13*2d543d20SAndroid Build Coastguard Worker '"Permission denied" not found in %r' % err) 14*2d543d20SAndroid Build Coastguard Worker 15*2d543d20SAndroid Build Coastguard Worker def assertNotFound(self, err): 16*2d543d20SAndroid Build Coastguard Worker self.assertTrue('not found' in err, 17*2d543d20SAndroid Build Coastguard Worker '"not found" not found in %r' % err) 18*2d543d20SAndroid Build Coastguard Worker 19*2d543d20SAndroid Build Coastguard Worker def assertFailure(self, status): 20*2d543d20SAndroid Build Coastguard Worker self.assertTrue(status != 0, 21*2d543d20SAndroid Build Coastguard Worker '"Succeeded when it should have failed') 22*2d543d20SAndroid Build Coastguard Worker 23*2d543d20SAndroid Build Coastguard Worker def assertSuccess(self, cmd, status, err): 24*2d543d20SAndroid Build Coastguard Worker self.assertTrue(status == 0, 25*2d543d20SAndroid Build Coastguard Worker '"%s should have succeeded for this test %r' % (cmd, err)) 26*2d543d20SAndroid Build Coastguard Worker 27*2d543d20SAndroid Build Coastguard Worker def test_sepolgen_ifgen(self): 28*2d543d20SAndroid Build Coastguard Worker "Verify sepolgen-ifgen works" 29*2d543d20SAndroid Build Coastguard Worker temp_directory = mkdtemp(suffix='audit2allow_test') 30*2d543d20SAndroid Build Coastguard Worker output_file = os.path.join(temp_directory, 'interface_info') 31*2d543d20SAndroid Build Coastguard Worker p = Popen([ 32*2d543d20SAndroid Build Coastguard Worker sys.executable, './sepolgen-ifgen', '-p', 'test_dummy_policy', '-o', output_file, 33*2d543d20SAndroid Build Coastguard Worker '--attr-helper', './sepolgen-ifgen-attr-helper' 34*2d543d20SAndroid Build Coastguard Worker ], stdout=PIPE) 35*2d543d20SAndroid Build Coastguard Worker out, err = p.communicate() 36*2d543d20SAndroid Build Coastguard Worker if err: 37*2d543d20SAndroid Build Coastguard Worker print(out, err) 38*2d543d20SAndroid Build Coastguard Worker self.assertSuccess("sepolgen-ifgen", p.returncode, err) 39*2d543d20SAndroid Build Coastguard Worker os.unlink(output_file) 40*2d543d20SAndroid Build Coastguard Worker os.rmdir(temp_directory) 41*2d543d20SAndroid Build Coastguard Worker 42*2d543d20SAndroid Build Coastguard Worker def test_audit2allow(self): 43*2d543d20SAndroid Build Coastguard Worker "Verify audit2allow works" 44*2d543d20SAndroid Build Coastguard Worker p = Popen([sys.executable, './audit2allow', '-p', 'test_dummy_policy', '-i', 'test.log'], stdout=PIPE) 45*2d543d20SAndroid Build Coastguard Worker out, err = p.communicate() 46*2d543d20SAndroid Build Coastguard Worker if err: 47*2d543d20SAndroid Build Coastguard Worker print(out, err) 48*2d543d20SAndroid Build Coastguard Worker self.assertSuccess("audit2allow", p.returncode, err) 49*2d543d20SAndroid Build Coastguard Worker 50*2d543d20SAndroid Build Coastguard Worker def test_audit2why(self): 51*2d543d20SAndroid Build Coastguard Worker "Verify audit2why works" 52*2d543d20SAndroid Build Coastguard Worker p = Popen([sys.executable, './audit2why', '-p', 'test_dummy_policy', '-i', 'test.log'], stdout=PIPE) 53*2d543d20SAndroid Build Coastguard Worker out, err = p.communicate() 54*2d543d20SAndroid Build Coastguard Worker if err: 55*2d543d20SAndroid Build Coastguard Worker print(out, err) 56*2d543d20SAndroid Build Coastguard Worker self.assertSuccess("audit2why", p.returncode, err) 57*2d543d20SAndroid Build Coastguard Worker 58*2d543d20SAndroid Build Coastguard Worker def test_xperms(self): 59*2d543d20SAndroid Build Coastguard Worker "Verify that xperms generation works" 60*2d543d20SAndroid Build Coastguard Worker p = Popen([sys.executable, './audit2allow', '-x', '-p', 'test_dummy_policy', '-i', 'test.log'], stdout=PIPE) 61*2d543d20SAndroid Build Coastguard Worker out, err = p.communicate() 62*2d543d20SAndroid Build Coastguard Worker if err: 63*2d543d20SAndroid Build Coastguard Worker print(out, err) 64*2d543d20SAndroid Build Coastguard Worker self.assertTrue(b"allowxperm" in out) 65*2d543d20SAndroid Build Coastguard Worker self.assertSuccess("xperms", p.returncode, err) 66*2d543d20SAndroid Build Coastguard Worker 67*2d543d20SAndroid Build Coastguard Worker 68*2d543d20SAndroid Build Coastguard Workerif __name__ == "__main__": 69*2d543d20SAndroid Build Coastguard Worker unittest.main() 70