本文整理汇总了Python中apparmor.rule.capability.CapabilityRule类的典型用法代码示例。如果您正苦于以下问题:Python CapabilityRule类的具体用法?Python CapabilityRule怎么用?Python CapabilityRule使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
在下文中一共展示了CapabilityRule类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: test_delete_duplicates_3
def test_delete_duplicates_3(self):
self.ruleset.add(CapabilityRule.parse('audit capability dac_override,'))
inc = CapabilityRuleset()
rules = [
'capability dac_override,',
]
for rule in rules:
inc.add(CapabilityRule.parse(rule))
expected_raw = [
' capability chown,',
' allow capability sys_admin,',
' deny capability chgrp, # example comment',
' audit capability dac_override,',
'',
]
expected_clean = [
' deny capability chgrp, # example comment',
'',
' allow capability sys_admin,',
' audit capability dac_override,',
' capability chown,',
'',
]
self.assertEqual(self.ruleset.delete_duplicates(inc), 0)
self.assertEqual(expected_raw, self.ruleset.get_raw(1))
self.assertEqual(expected_clean, self.ruleset.get_clean(1))示例2: test_write_manually
def test_write_manually(self):
obj = CapabilityRule(['ptrace', 'audit_write'], allow_keyword=True)
expected = ' allow capability audit_write ptrace,'
self.assertEqual(expected, obj.get_clean(2), 'unexpected clean rule')
self.assertEqual(expected, obj.get_raw(2), 'unexpected raw rule')示例3: _check_invalid_rawrule
def _check_invalid_rawrule(self, rawrule):
obj = None
with self.assertRaises(AppArmorException):
obj = CapabilityRule(CapabilityRule.parse(rawrule))
self.assertFalse(CapabilityRule.match(rawrule))
self.assertIsNone(obj, 'CapbilityRule handed back an object unexpectedly')示例4: _compare_obj_with_rawrule
def _compare_obj_with_rawrule(self, rawrule, expected):
obj = CapabilityRule.parse(rawrule)
self.assertTrue(CapabilityRule.match(rawrule))
self.assertEqual(rawrule.strip(), obj.raw_rule)
self._compare_obj(obj, expected)示例5: _check_write_rule
def _check_write_rule(self, rawrule, cleanrule):
obj = CapabilityRule.parse(rawrule)
clean = obj.get_clean()
raw = obj.get_raw()
self.assertTrue(CapabilityRule.match(rawrule))
self.assertEqual(cleanrule.strip(), clean, 'unexpected clean rule')
self.assertEqual(rawrule.strip(), raw, 'unexpected raw rule')示例6: test_ruleset_2
def test_ruleset_2(self):
ruleset = CapabilityRuleset()
rules = [
'capability chown,',
'allow capability sys_admin,',
'deny capability chgrp, # example comment',
]
expected_raw = [
' capability chown,',
' allow capability sys_admin,',
' deny capability chgrp, # example comment',
'',
]
expected_clean = [
' deny capability chgrp, # example comment',
'',
' allow capability sys_admin,',
' capability chown,',
'',
]
for rule in rules:
ruleset.add(CapabilityRule.parse(rule))
self.assertEqual(expected_raw, ruleset.get_raw(1))
self.assertEqual(expected_clean, ruleset.get_clean(1))示例7: test_delete_duplicates_4
def test_delete_duplicates_4(self):
inc = CapabilityRuleset()
rules = [
'capability,',
]
for rule in rules:
inc.add(CapabilityRule.parse(rule))
expected_raw = [
' allow capability sys_admin,', # XXX huh? should be deleted!
' deny capability chgrp, # example comment',
'',
]
expected_clean = [
' deny capability chgrp, # example comment',
'',
' allow capability sys_admin,', # XXX huh? should be deleted!
'',
]
self.assertEqual(self.ruleset.delete_duplicates(inc), 1)
self.assertEqual(expected_raw, self.ruleset.get_raw(1))
self.assertEqual(expected_clean, self.ruleset.get_clean(1))示例8: test_invalid_is_equal
def test_invalid_is_equal(self):
obj = CapabilityRule.parse('capability sys_admin,')
testobj = BaseRule() # different type
with self.assertRaises(AppArmorBug):
obj.is_equal(testobj)示例9: test_borked_obj_is_covered
def test_borked_obj_is_covered(self):
obj = CapabilityRule.parse('capability sys_admin,')
testobj = CapabilityRule('chown')
testobj.capability.clear()
with self.assertRaises(AppArmorBug):
obj.is_covered(testobj)示例10: test_covered_deny_2
def test_covered_deny_2(self):
obj = CapabilityRule.parse('deny capability sys_admin,')
self.assertTrue(self._is_covered(obj, 'deny capability sys_admin,'))
self.assertFalse(self._is_covered(obj, 'audit deny capability sys_admin,'))
self.assertFalse(self._is_covered(obj, 'capability sys_admin,'))
self.assertFalse(self._is_covered(obj, 'deny capability chown,'))
self.assertFalse(self._is_covered(obj, 'deny capability,'))示例11: test_covered_check_audit
def test_covered_check_audit(self):
obj = CapabilityRule.parse('audit capability sys_admin,')
self.assertFalse(self._is_covered_exact(obj, 'capability sys_admin,'))
self.assertTrue(self._is_covered_exact(obj, 'audit capability sys_admin,'))
self.assertFalse(self._is_covered_exact(obj, 'audit capability,'))
self.assertFalse(self._is_covered_exact(obj, 'capability chown,'))
self.assertFalse(self._is_covered_exact(obj, 'capability,'))示例12: AASetup
def AASetup(self):
self.ruleset = CapabilityRuleset()
rules = [
'capability chown,',
'allow capability sys_admin,',
'deny capability chgrp, # example comment',
]
for rule in rules:
self.ruleset.add(CapabilityRule.parse(rule))示例13: test_covered_all
def test_covered_all(self):
obj = CapabilityRule.parse('capability,')
self.assertTrue(self._is_covered(obj, 'capability sys_admin,'))
self.assertTrue(self._is_covered(obj, 'capability audit_write,'))
self.assertTrue(self._is_covered(obj, 'capability audit_write sys_admin,'))
self.assertTrue(self._is_covered(obj, 'capability sys_admin audit_write,'))
self.assertTrue(self._is_covered(obj, 'capability,'))
self.assertFalse(self._is_covered(obj, 'audit capability,'))示例14: _check_test_delete_duplicates_in_profile
def _check_test_delete_duplicates_in_profile(self, rules, expected_raw, expected_clean, expected_deleted):
obj = CapabilityRuleset()
for rule in rules:
obj.add(CapabilityRule.parse(rule))
deleted = obj.delete_duplicates(None)
self.assertEqual(expected_raw, obj.get_raw(1))
self.assertEqual(expected_clean, obj.get_clean(1))
self.assertEqual(deleted, expected_deleted)示例15: test_equal
def test_equal(self):
obj = CapabilityRule.parse('capability sys_admin,')
self.assertTrue(self._is_equal(obj, 'capability sys_admin,', True))
self.assertFalse(self._is_equal(obj, 'allow capability sys_admin,', True))
self.assertFalse(self._is_equal(obj, 'allow capability sys_admin,', True))
self.assertFalse(self._is_equal(obj, 'audit capability sys_admin,', True))
self.assertTrue(self._is_equal(obj, 'capability sys_admin,', False))
self.assertTrue(self._is_equal(obj, 'allow capability sys_admin,', False))
self.assertFalse(self._is_equal(obj, 'audit capability sys_admin,', False))