From f0b96a1d846af137ac268687cbb8c2a27092eb1e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20Danis?= <frederic.danis@collabora.com>
Date: Fri, 2 Aug 2019 12:18:42 +0200
Subject: [PATCH] apparmor: Update apparmor-session-lockdown-no-deny test
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Replace aa_log_extract_tokens.pl by aa_log_extract_tokens.sh to remove
dependencies on auditd and libapparmor-perl packages.

Fixes: APERTIS-6233

Signed-off-by: FrÃ©dÃ©ric Danis <frederic.danis@collabora.com>
---
 test-cases/apparmor-session-lockdown-no-deny.yaml | 9 +++------
 1 file changed, 3 insertions(+), 6 deletions(-)

diff --git a/test-cases/apparmor-session-lockdown-no-deny.yaml b/test-cases/apparmor-session-lockdown-no-deny.yaml
index 4fb73b0..a7aeac1 100644
--- a/test-cases/apparmor-session-lockdown-no-deny.yaml
+++ b/test-cases/apparmor-session-lockdown-no-deny.yaml
@@ -17,6 +17,7 @@ metadata:
 
   macro_install_packages_preconditions: apertis-tests-apparmor-report
                                         apparmor-utils
+                                        aa-status
 
   expected:
     - "aa-status should show at least the following processes in complain mode:"
@@ -32,18 +33,14 @@ metadata:
     - "Note that there may be processes in other modes, such as in enforce mode,
        uncontained, or complain mode. Also note that the confinement status of
        profiles is irrelevant."
-    - "The aa_log_extract_tokens.pl command above should have no output."
+    - "The aa_log_extract_tokens.sh command above should have no output."
 
 run:
   steps:
-    - "First of all clean the auditd logs to ensure only new messages are seen:"
-    - $ echo -n | sudo tee /var/log/audit/audit.log
-    - "Then reboot the image."
-    - $ sudo reboot
     - "Ensure pulseaudio is running:"
     - $ pactl stat
     - "No need to check the output of the command."
     - "Now ensure AppArmor is enabled and working, by running aa-status:"
     - $ sudo aa-status
     - "Then ensure the audit log file has no AppArmor complaints:"
-    - $ sudo cat /var/log/audit/audit.log | sudo aa_log_extract_tokens.pl REJECTING
+    - $ sudo journalctl -b -t audit -o cat | ./aa_log_extract_tokens.sh DENIED
-- 
GitLab