[pkg-apparmor] Bug#866368: apparmor-profiles-extra: Add autopkgtests to test & load policy
intrigeri at debian.org
intrigeri at debian.org
Thu Jun 29 08:30:12 UTC 2017
Package: apparmor-profiles-extra
Version: 1.11
Severity: minor
(Somewhat of a note to myself, but help/patches are welcome! :)
I think we could proceed in smallish iterations:
1. Run the same tests as what we run at build time already (see
override_dh_auto_test); they don't mess with the kernel, and don't
require AppArmor to be enabled. This ensures that parser updates
don't conflict with the policy we ship.
2. Actually load the profiles in the kernel, to ensure that kernel
updates don't conflict with the policy we ship: autopkgtests have
support for rebooting with a custom kernel command-line (see e.g.
how tests in src:linux work), so I believe we "just" have to
install apparmor-profiles-extra + apparmor packages, reboot with
AppArmor enabled, and check with systemctl that apparmor.service
has successfully started, which should ensure that all profiles we
ship have been compiled+loaded successfully.
Then we could do exactly the same in src:apparmor.
Cheers,
--
intrigeri
More information about the pkg-apparmor-team
mailing list