summary refs log tree commit diff
path: root/nixos/tests/hardened.nix
diff options
context:
space:
mode:
authorJoachim Fasting <joachifm@fastmail.fm>2019-05-11 18:20:41 +0200
committerJoachim Fasting <joachifm@fastmail.fm>2019-05-11 18:21:44 +0200
commit92d41f83fdf8153bd76440e88302d649ea6f7b9e (patch)
tree2ca3af263f28d610d83c82b6de5629b3bb8b7277 /nixos/tests/hardened.nix
parent68f5d1fa4cd6400fa697cd7cf6dbb2cf8de17e34 (diff)
downloadnixpkgs-92d41f83fdf8153bd76440e88302d649ea6f7b9e.tar
nixpkgs-92d41f83fdf8153bd76440e88302d649ea6f7b9e.tar.gz
nixpkgs-92d41f83fdf8153bd76440e88302d649ea6f7b9e.tar.bz2
nixpkgs-92d41f83fdf8153bd76440e88302d649ea6f7b9e.tar.lz
nixpkgs-92d41f83fdf8153bd76440e88302d649ea6f7b9e.tar.xz
nixpkgs-92d41f83fdf8153bd76440e88302d649ea6f7b9e.tar.zst
nixpkgs-92d41f83fdf8153bd76440e88302d649ea6f7b9e.zip
nixos/tests/hardened: check that apparmor is properly loaded
Diffstat (limited to 'nixos/tests/hardened.nix')
-rw-r--r--nixos/tests/hardened.nix10


1 files changed, 10 insertions, 0 deletions
diff --git a/nixos/tests/hardened.nix b/nixos/tests/hardened.nix
index 07bd10963ba..614889c4d73 100644
--- a/nixos/tests/hardened.nix
+++ b/nixos/tests/hardened.nix
@@ -30,6 +30,16 @@ import ./make-test.nix ({ pkgs, ...} : {
     ''
       $machine->waitForUnit("multi-user.target");
 
+      subtest "apparmor-loaded", sub {
+          $machine->succeed("systemctl status apparmor.service");
+      };
+
+      # AppArmor securityfs
+      subtest "apparmor-securityfs", sub {
+          $machine->succeed("mountpoint -q /sys/kernel/security");
+          $machine->succeed("cat /sys/kernel/security/apparmor/profiles");
+      };
+
       # Test loading out-of-tree modules
       subtest "extra-module-packages", sub {
           $machine->succeed("grep -Fq wireguard /proc/modules");

 

generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-06-07 18:17:37 +0000