func (s *appArmorSuite) TestUnloadProfileRunsAppArmorParserRemove(c *C) {
cmd := testutil.MockCommand(c, "apparmor_parser", "")
defer cmd.Restore()
err := apparmor.UnloadProfile("snap.samba.smbd")
c.Assert(err, IsNil)
c.Assert(cmd.Calls(), DeepEquals, []string{"--remove snap.samba.smbd"})
}
func (s *appArmorSuite) TestUnloadProfileReportsErrors(c *C) {
cmd := testutil.MockCommand(c, "apparmor_parser", "exit 42")
defer cmd.Restore()
err := apparmor.UnloadProfile("snap.samba.smbd")
c.Assert(err.Error(), Equals, `cannot unload apparmor profile: exit status 42
apparmor_parser output:
`)
}
func (s *appArmorSuite) TestLoadProfileRunsAppArmorParserReplace(c *C) {
cmd := testutil.MockCommand(c, "apparmor_parser", "")
defer cmd.Restore()
err := apparmor.LoadProfile("/path/to/snap.samba.smbd")
c.Assert(err, IsNil)
c.Assert(cmd.Calls(), DeepEquals, []string{
"--replace --write-cache -O no-expr-simplify --cache-loc=/var/cache/apparmor /path/to/snap.samba.smbd"})
}
func (s *appArmorSuite) TestLoadProfileReportsErrors(c *C) {
cmd := testutil.MockCommand(c, "apparmor_parser", "exit 42")
defer cmd.Restore()
err := apparmor.LoadProfile("/path/to/snap.samba.smbd")
c.Assert(err.Error(), Equals, `cannot load apparmor profile: exit status 42
apparmor_parser output:
`)
c.Assert(cmd.Calls(), DeepEquals, []string{
"--replace --write-cache -O no-expr-simplify --cache-loc=/var/cache/apparmor /path/to/snap.samba.smbd"})
}
func (s *backendSuite) SetUpTest(c *C) {
// Isolate this test to a temporary directory
s.rootDir = c.MkDir()
dirs.SetRootDir(s.rootDir)
// Mock away any real udev interaction
s.udevadmCmd = testutil.MockCommand(c, "udevadm", "")
// Prepare a directory for udev rules
// NOTE: Normally this is a part of the OS snap.
err := os.MkdirAll(dirs.SnapUdevRulesDir, 0700)
c.Assert(err, IsNil)
// Create a fresh repository for each test
s.repo = interfaces.NewRepository()
s.iface = &interfaces.TestInterface{InterfaceName: "iface"}
err = s.repo.AddInterface(s.iface)
c.Assert(err, IsNil)
}
func (s *appArmorSuite) TestUnloadRemovesCachedProfile(c *C) {
cmd := testutil.MockCommand(c, "apparmor_parser", "")
defer cmd.Restore()
dirs.SetRootDir(c.MkDir())
defer dirs.SetRootDir("")
err := os.MkdirAll(dirs.AppArmorCacheDir, 0755)
c.Assert(err, IsNil)
fname := filepath.Join(dirs.AppArmorCacheDir, "profile")
ioutil.WriteFile(fname, []byte("blob"), 0600)
err = apparmor.UnloadProfile("profile")
c.Assert(err, IsNil)
_, err = os.Stat(fname)
c.Check(os.IsNotExist(err), Equals, true)
}
func (s *backendSuite) SetUpTest(c *C) {
// Isolate this test to a temporary directory
s.rootDir = c.MkDir()
dirs.SetRootDir(s.rootDir)
// Prepare a directory for apparmor profiles.
// NOTE: Normally this is a part of the OS snap.
err := os.MkdirAll(dirs.SnapAppArmorDir, 0700)
c.Assert(err, IsNil)
err = os.MkdirAll(dirs.AppArmorCacheDir, 0700)
c.Assert(err, IsNil)
// Mock away any real apparmor interaction
s.parserCmd = testutil.MockCommand(c, "apparmor_parser", fakeAppArmorParser)
// Create a fresh repository for each test
s.repo = interfaces.NewRepository()
s.iface = &interfaces.TestInterface{InterfaceName: "iface"}
err = s.repo.AddInterface(s.iface)
c.Assert(err, IsNil)
}