Menu
▾
▴
[Selinux-commits] SF.net SVN: selinux: [2550] trunk/sepolgen
|
From: <ssm...@us...> - 2007-09-10 19:20:35
|
Revision: 2550
http://selinux.svn.sourceforge.net/selinux/?rev=2550&view=rev
Author: ssmalley
Date: 2007-09-10 12:20:32 -0700 (Mon, 10 Sep 2007)
Log Message:
-----------
Author: Karl MacMillan
Email: kma...@me...
Subject: Suppress rule generation for dontaudit rules
Date: Mon, 03 Sep 2007 12:18:11 -0400
Suppress rule generation for dontaudit rules.
The current policy generation code incorrectly generates allow rules for dontaudit messages. This patch fixes that.
Modified Paths:
--------------
trunk/sepolgen/src/sepolgen/audit.py
trunk/sepolgen/tests/test_audit.py
Modified: trunk/sepolgen/src/sepolgen/audit.py
===================================================================
--- trunk/sepolgen/src/sepolgen/audit.py 2007-09-05 16:32:27 UTC (rev 2549)
+++ trunk/sepolgen/src/sepolgen/audit.py 2007-09-10 19:20:32 UTC (rev 2550)
@@ -402,7 +402,7 @@
self.__parse(l)
self.__post_process()
- def to_access(self, avc_filter=None):
+ def to_access(self, avc_filter=None, only_denials=True):
"""Convert the audit logs access into a an access vector set.
Convert the audit logs into an access vector set, optionally
@@ -421,6 +421,8 @@
"""
av_set = access.AccessVectorSet()
for avc in self.avc_msgs:
+ if avc.denial != True and only_denials:
+ continue
if avc_filter:
if avc_filter.filter(avc):
av_set.add(avc.scontext.type, avc.tcontext.type, avc.tclass,
Modified: trunk/sepolgen/tests/test_audit.py
===================================================================
--- trunk/sepolgen/tests/test_audit.py 2007-09-05 16:32:27 UTC (rev 2549)
+++ trunk/sepolgen/tests/test_audit.py 2007-09-10 19:20:32 UTC (rev 2550)
@@ -46,6 +46,8 @@
type=AVC_PATH msg=audit(1162850461.778:1113): path="/etc/rc.d/init.d/innd"
"""
+granted1 = """type=AVC msg=audit(1188833848.190:34): avc: granted { getattr } for pid=4310 comm="ls" name="foo.pp" dev=sda5 ino=295171 scontext=user_u:system_r:unconfined_t:s0 tcontext=user_u:object_r:user_home_t:s0 tclass=file"""
+
path1 = """type=AVC_PATH msg=audit(1162852201.019:1225): path="/usr/lib/sa/sa1"
"""
@@ -63,6 +65,26 @@
self.assertEquals(avc.tclass, "")
self.assertEquals(avc.accesses, [])
+ def test_granted(self):
+ avc = sepolgen.audit.AVCMessage(granted1)
+ avc.from_split_string(granted1.split())
+
+ self.assertEquals(avc.scontext.user, "user_u")
+ self.assertEquals(avc.scontext.role, "system_r")
+ self.assertEquals(avc.scontext.type, "unconfined_t")
+ self.assertEquals(avc.scontext.level, "s0")
+
+ self.assertEquals(avc.tcontext.user, "user_u")
+ self.assertEquals(avc.tcontext.role, "object_r")
+ self.assertEquals(avc.tcontext.type, "user_home_t")
+ self.assertEquals(avc.tcontext.level, "s0")
+
+ self.assertEquals(avc.tclass, "file")
+ self.assertEquals(avc.accesses, ["getattr"])
+
+ self.assertEquals(avc.denial, False)
+
+
def test_from_split_string(self):
# syslog message
avc = sepolgen.audit.AVCMessage(audit1)
@@ -148,4 +170,23 @@
self.assertEquals(len(a.compute_sid_msgs), 0)
self.assertEquals(len(a.invalid_msgs), 0)
self.assertEquals(len(a.policy_load_msgs), 0)
+
+class TestGeneration(unittest.TestCase):
+ def test_generation(self):
+ parser = sepolgen.audit.AuditParser()
+ parser.parse_string(log1)
+ avs = parser.to_access()
+
+ self.assertEqual(len(avs), 1)
+
+ def test_genaration_granted(self):
+ parser = sepolgen.audit.AuditParser()
+ parser.parse_string(granted1)
+ avs = parser.to_access()
+
+ self.assertEqual(len(avs), 0)
+ avs = parser.to_access(only_denials=False)
+
+ self.assertEqual(len(avs), 1)
+
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
