{"body":"#include <stdlib.h>\n#include <stdio.h>\n#include <errno.h>\n#include <sys/apparmor.h>\n\nstatic void\ntest (const char *label,\n      const char *path,\n      uint32_t    mask,\n      int         should_allow,\n      int         should_audit)\n{\n  int allowed;\n  int audited;\n\n  aa_query_dconf (mask, label, path, &allowed, &audited);\n\n  if (allowed == should_allow && audited == should_audit)\n    printf (\"PASS: \");\n  else\n    printf (\"FAIL: \");\n\n  printf (\"path = %s, mask = 0x%x\", path, mask);\n\n  if (allowed == should_allow)\n    printf (\", allowed = %d\", allowed);\n  else\n    printf (\", allowed = %d (expected %d)\", allowed, should_allow);\n\n  if (audited == should_audit)\n    printf (\", audited = %d\", audited);\n  else\n    printf (\", audited = %d (expected %d)\", audited, should_audit);\n\n  printf (\"\\n\");\n}\n\nint\nmain (int   argc,\n      char *argv[])\n{\n  char *label;\n  aa_dconf_info info;\n  unsigned int i;\n  uint32_t mask;\n  const char *path;\n  int allowed;\n  int audited;\n\n  printf (\"aa_getcon () -> %d\\n\", aa_getcon (&label, NULL));\n  perror (\"aa_getcon ()\");\n  printf (\"label: '%s'\\n\", label);\n\n  printf (\"aa_query_dconf_info () -> %d\\n\", aa_query_dconf_info (label, &info));\n  perror (\"aa_query_dconf_info ()\");\n\n  printf (\"read-only paths:\\n\");\n  for (i = 0; i < info.r_n; i++)\n    printf (\"%s\\n\", info.r_paths[i]);\n\n  printf (\"\\nread-write paths:\\n\");\n  for (i = 0; i < info.rw_n; i++)\n    printf (\"%s\\n\", info.rw_paths[i]);\n\n  printf (\"\\naudited read-only paths:\\n\");\n  for (i = 0; i < info.ar_n; i++)\n    printf (\"%s\\n\", info.ar_paths[i]);\n\n  printf (\"\\naudited read-write paths:\\n\");\n  for (i = 0; i < info.arw_n; i++)\n    printf (\"%s\\n\", info.arw_paths[i]);\n\n  aa_clear_dconf_info (&info);\n\n  printf (\"\\n\");\n\n  test (label, \"/a\", AA_DCONF_READ, 1, 0);\n  test (label, \"/a\", AA_DCONF_WRITE, 0, 1);\n  test (label, \"/a\", AA_DCONF_READ | AA_DCONF_WRITE, 0, 1);\n  test (label, \"/a/b\", AA_DCONF_READ, 0, 1);\n  test (label, \"/b/c\", AA_DCONF_READ, 0, 1);\n  test (label, \"/b/c/\", AA_DCONF_READ, 1, 0);\n  test (label, \"/b/c/d\", AA_DCONF_READ, 1, 0);\n  test (label, \"/d\", AA_DCONF_READ, 1, 0);\n  test (label, \"/d\", AA_DCONF_WRITE, 1, 0);\n  test (label, \"/d\", AA_DCONF_READ | AA_DCONF_WRITE, 1, 0);\n  test (label, \"/e/f\", AA_DCONF_READ | AA_DCONF_WRITE, 0, 1);\n  test (label, \"/e/f/\", AA_DCONF_READ | AA_DCONF_WRITE, 1, 0);\n  test (label, \"/e/f/g\", AA_DCONF_READ | AA_DCONF_WRITE, 1, 0);\n  test (label, \"/g\", AA_DCONF_READ, 1, 1);\n  test (label, \"/g/h\", AA_DCONF_READ, 0, 1);\n  test (label, \"/h/i\", AA_DCONF_READ, 0, 1);\n  test (label, \"/h/i/\", AA_DCONF_READ, 1, 1);\n  test (label, \"/h/i/j\", AA_DCONF_READ, 1, 1);\n  test (label, \"/j\", AA_DCONF_READ, 1, 1);\n  test (label, \"/j/k\", AA_DCONF_READ, 0, 1);\n  test (label, \"/k/l/m\", AA_DCONF_READ, 1, 1);\n  test (label, \"/k/l/m\", AA_DCONF_WRITE, 1, 1);\n  test (label, \"/k/l/m\", AA_DCONF_READ | AA_DCONF_WRITE, 1, 1);\n\n  free (label);\n\n  return 0;\n}\n","name":"","extension":"txt","url":"https://www.irccloud.com/pastebin/zWKOTcO2","modified":1487707333,"id":"zWKOTcO2","size":2885,"lines":104,"own_paste":false,"theme":"","date":1487707333}