1 #include <dpl/test/test_runner.h>
5 #include <summary_collector.h>
10 #include <sys/xattr.h>
11 #include <linux/xattr.h>
13 #include <libprivilege-control_test_common.h>
14 #include <tests_common.h>
16 #include <security-manager.h>
18 #include <cynara_test_client.h>
20 DEFINE_SMARTPTR(security_manager_app_inst_req_free, app_inst_req, AppInstReqUniquePtr);
22 static const char *const LABELLED_BINARY_PATH = "/usr/bin/test-app-efl";
24 static const char *const SM_APP_ID1 = "sm_test_app_id_double";
25 static const char *const SM_PKG_ID1 = "sm_test_pkg_id_double";
27 static const char *const SM_APP_ID2 = "sm_test_app_id_full";
28 static const char *const SM_PKG_ID2 = "sm_test_pkg_id_full";
30 static const char *const SM_APP_ID3 = "sm_test_app_id_uid";
31 static const char *const SM_PKG_ID3 = "sm_test_pkg_id_uid";
33 static const privileges_t SM_ALLOWED_PRIVILEGES = {
34 "security_manager_test_rules2_r",
35 "security_manager_test_rules2_no_r"
38 static const privileges_t SM_DENIED_PRIVILEGES = {
39 "security_manager_test_rules1",
40 "security_manager_test_rules2"
43 static const privileges_t SM_NO_PRIVILEGES = {
46 static const char *const XATTR_NAME_TIZENEXEC = XATTR_SECURITY_PREFIX "TIZEN_EXEC_LABEL";
48 static const char *const SM_PRIVATE_PATH = "/etc/smack/test_DIR/app_dir";
49 static const char *const SM_PUBLIC_PATH = "/etc/smack/test_DIR/app_dir_public";
50 static const char *const SM_PUBLIC_RO_PATH = "/etc/smack/test_DIR/app_dir_public_ro";
51 static const char *const SM_DENIED_PATH = "/etc/smack/test_DIR/non_app_dir";
52 static const char *const SM_PRIVATE_PATH_FOR_USER_5000 = "/home/app/securitytests/test_DIR";
53 static const char *const ANY_USER_REPRESENTATION = "anyuser";/*this may be actually any string*/
57 static bool isLinkToExec(const char *fpath, const struct stat *sb)
64 // check if it's a link
65 if ( !S_ISLNK(sb->st_mode))
68 target = realpath(fpath, NULL);
69 RUNNER_ASSERT_MSG_BT(target != 0, "Could not obtain real path from link.");
71 ret = stat(target, &buf);
72 RUNNER_ASSERT_MSG_BT(ret == 0, "Could not obtain real path's stat from link.");
74 if (buf.st_mode != (buf.st_mode | S_IXUSR | S_IFREG))
81 static int nftw_check_sm_labels_app_dir(const char *fpath, const struct stat *sb,
82 const char* correctLabel, bool transmute_test, bool exec_test)
89 result = smack_lgetlabel(fpath, &label, SMACK_LABEL_ACCESS);
90 RUNNER_ASSERT_MSG_BT(result == 0, "Could not get label for the path");
91 labelPtr.reset(label);
92 RUNNER_ASSERT_MSG_BT(label != NULL, "ACCESS label on " << fpath << " is not set");
93 result = strcmp(correctLabel, label);
94 RUNNER_ASSERT_MSG_BT(result == 0, "ACCESS label on " << fpath << " is incorrect"
95 " (should be '" << correctLabel << "' and is '" << label << "')");
99 result = smack_lgetlabel(fpath, &label, SMACK_LABEL_EXEC);
100 RUNNER_ASSERT_MSG_BT(result == 0, "Could not get label for the path");
101 labelPtr.reset(label);
103 if (S_ISREG(sb->st_mode) && (sb->st_mode & S_IXUSR) && exec_test) {
104 RUNNER_ASSERT_MSG_BT(label != NULL, "EXEC label on " << fpath << " is not set");
105 result = strcmp(correctLabel, label);
106 RUNNER_ASSERT_MSG_BT(result == 0, "Incorrect EXEC label on executable file " << fpath);
108 RUNNER_ASSERT_MSG_BT(label == NULL, "EXEC label on " << fpath << " is set");
112 if (isLinkToExec(fpath, sb) && exec_test) {
113 char buf[SMACK_LABEL_LEN+1];
114 result = lgetxattr(fpath, XATTR_NAME_TIZENEXEC, buf, sizeof(buf));
115 RUNNER_ASSERT_MSG_BT(result != -1, "Could not get label for the path "
116 << fpath << "("<<strerror(errno)<<")");
118 result = strcmp(correctLabel, buf);
119 RUNNER_ASSERT_MSG_BT(result == 0, "Incorrect TIZEN_EXEC_LABEL attribute"
120 " on link to executable " << fpath);
126 result = smack_lgetlabel(fpath, &label, SMACK_LABEL_TRANSMUTE);
127 RUNNER_ASSERT_MSG_BT(result == 0, "Could not get label for the path");
128 labelPtr.reset(label);
130 if (S_ISDIR(sb->st_mode) && transmute_test == true) {
131 RUNNER_ASSERT_MSG_BT(label != NULL, "TRANSMUTE label on " << fpath << " is not set at all");
132 RUNNER_ASSERT_MSG_BT(strcmp(label,"TRUE") == 0,
133 "TRANSMUTE label on " << fpath << " is not set properly: '"<<label<<"'");
135 RUNNER_ASSERT_MSG_BT(label == NULL, "TRANSMUTE label on " << fpath << " is set");
142 static int nftw_check_sm_labels_app_private_dir(const char *fpath, const struct stat *sb,
143 int /*typeflag*/, struct FTW* /*ftwbuf*/)
145 return nftw_check_sm_labels_app_dir(fpath, sb, USER_APP_ID, false, true);
148 static int nftw_check_sm_labels_app_public_dir(const char *fpath, const struct stat *sb,
149 int /*typeflag*/, struct FTW* /*ftwbuf*/)
152 return nftw_check_sm_labels_app_dir(fpath, sb, "User", true, false);
155 static int nftw_check_sm_labels_app_floor_dir(const char *fpath, const struct stat *sb,
156 int /*typeflag*/, struct FTW* /*ftwbuf*/)
159 return nftw_check_sm_labels_app_dir(fpath, sb, "_", false, false);
162 static app_inst_req* do_app_inst_req_new()
165 app_inst_req *req = NULL;
167 result = security_manager_app_inst_req_new(&req);
168 RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
169 "creation of new request failed. Result: " << result);
170 RUNNER_ASSERT_MSG_BT(req != NULL, "creation of new request did not allocate memory");
174 static void prepare_app_path()
178 result = nftw(SM_PRIVATE_PATH, &nftw_remove_labels, FTW_MAX_FDS, FTW_PHYS);
179 RUNNER_ASSERT_MSG_BT(result == 0, "Unable to clean Smack labels in " << SM_PRIVATE_PATH);
181 result = nftw(SM_PUBLIC_PATH, &nftw_remove_labels, FTW_MAX_FDS, FTW_PHYS);
182 RUNNER_ASSERT_MSG_BT(result == 0, "Unable to clean Smack labels in " << SM_PUBLIC_PATH);
184 result = nftw(SM_PUBLIC_RO_PATH, &nftw_remove_labels, FTW_MAX_FDS, FTW_PHYS);
185 RUNNER_ASSERT_MSG_BT(result == 0, "Unable to clean Smack labels in " << SM_PUBLIC_RO_PATH);
187 result = nftw(SM_DENIED_PATH, &nftw_set_labels_non_app_dir, FTW_MAX_FDS, FTW_PHYS);
188 RUNNER_ASSERT_MSG_BT(result == 0, "Unable to set Smack labels in " << SM_DENIED_PATH);
191 static void prepare_app_env()
196 /* TODO: add parameters to this function */
197 static void check_app_path_after_install()
201 result = nftw(SM_PRIVATE_PATH, &nftw_check_sm_labels_app_private_dir, FTW_MAX_FDS, FTW_PHYS);
202 RUNNER_ASSERT_MSG_BT(result == 0, "Unable to check Smack labels for " << SM_PRIVATE_PATH);
204 result = nftw(SM_PUBLIC_PATH, &nftw_check_sm_labels_app_public_dir, FTW_MAX_FDS, FTW_PHYS);
205 RUNNER_ASSERT_MSG_BT(result == 0, "Unable to check Smack labels for " << SM_PUBLIC_PATH);
207 result = nftw(SM_PUBLIC_RO_PATH, &nftw_check_sm_labels_app_floor_dir, FTW_MAX_FDS, FTW_PHYS);
208 RUNNER_ASSERT_MSG_BT(result == 0, "Unable to check Smack labels for " << SM_PUBLIC_RO_PATH);
210 result = nftw(SM_DENIED_PATH, &nftw_check_labels_non_app_dir, FTW_MAX_FDS, FTW_PHYS);
211 RUNNER_ASSERT_MSG_BT(result == 0, "Unable to check Smack labels for " << SM_DENIED_PATH);
215 static void check_app_permissions(const char *const app_id, const char *const pkg_id, const char *const user,
216 const privileges_t &allowed_privs, const privileges_t &denied_privs)
220 CynaraTestClient ctc;
222 for (auto &priv : allowed_privs) {
223 ctc.check(pkg_id, "", user, priv.c_str(), CYNARA_API_SUCCESS);
226 for (auto &priv : denied_privs) {
227 ctc.check(pkg_id, "", user, priv.c_str(), CYNARA_API_ACCESS_DENIED);
231 static void check_app_after_install(const char *const app_id, const char *const pkg_id,
232 const privileges_t &allowed_privs,
233 const privileges_t &denied_privs)
235 TestSecurityManagerDatabase dbtest;
236 dbtest.test_db_after__app_install(app_id, pkg_id, allowed_privs);
237 dbtest.check_privileges_removed(app_id, pkg_id, denied_privs);
239 /*Privileges should be granted to all users if root installs app*/
240 check_app_permissions(app_id, pkg_id, ANY_USER_REPRESENTATION, allowed_privs, denied_privs);
243 static void check_app_after_install(const char *const app_id, const char *const pkg_id)
245 TestSecurityManagerDatabase dbtest;
246 dbtest.test_db_after__app_install(app_id, pkg_id);
249 static void check_app_after_uninstall(const char *const app_id, const char *const pkg_id,
250 const privileges_t &privileges, const bool is_pkg_removed)
252 TestSecurityManagerDatabase dbtest;
253 dbtest.test_db_after__app_uninstall(app_id, pkg_id, privileges, is_pkg_removed);
256 /*Privileges should not be granted anymore to any user*/
257 check_app_permissions(app_id, pkg_id, ANY_USER_REPRESENTATION, SM_NO_PRIVILEGES, privileges);
260 static void check_app_after_uninstall(const char *const app_id, const char *const pkg_id,
261 const bool is_pkg_removed)
263 TestSecurityManagerDatabase dbtest;
264 dbtest.test_db_after__app_uninstall(app_id, pkg_id, is_pkg_removed);
267 static void install_app(const char *app_id, const char *pkg_id)
270 AppInstReqUniquePtr request;
271 request.reset(do_app_inst_req_new());
273 result = security_manager_app_inst_req_set_app_id(request.get(), app_id);
274 RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
275 "setting app id failed. Result: " << result);
277 result = security_manager_app_inst_req_set_pkg_id(request.get(), pkg_id);
278 RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
279 "setting pkg id failed. Result: " << result);
281 result = security_manager_app_install(request.get());
282 RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
283 "installing app failed. Result: " << result);
285 check_app_after_install(app_id, pkg_id);
289 static void uninstall_app(const char *app_id, const char *pkg_id,
290 bool expect_installed, bool expect_pkg_removed)
293 AppInstReqUniquePtr request;
294 request.reset(do_app_inst_req_new());
296 result = security_manager_app_inst_req_set_app_id(request.get(), app_id);
297 RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
298 "setting app id failed. Result: " << result);
300 result = security_manager_app_uninstall(request.get());
301 RUNNER_ASSERT_MSG_BT(!expect_installed || (lib_retcode)result == SECURITY_MANAGER_SUCCESS,
302 "uninstalling app failed. Result: " << result);
304 check_app_after_uninstall(app_id, pkg_id, expect_pkg_removed);
308 RUNNER_TEST_GROUP_INIT(SECURITY_MANAGER)
311 RUNNER_TEST(security_manager_01_app_double_install_double_uninstall)
314 AppInstReqUniquePtr request;
316 request.reset(do_app_inst_req_new());
318 result = security_manager_app_inst_req_set_app_id(request.get(), SM_APP_ID1);
319 RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
320 "setting app id failed. Result: " << result);
322 result = security_manager_app_inst_req_set_pkg_id(request.get(), SM_PKG_ID1);
323 RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
324 "setting pkg id failed. Result: " << result);
326 result = security_manager_app_install(request.get());
327 RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
328 "installing app failed. Result: " << result);
330 result = security_manager_app_install(request.get());
331 RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
332 "installing already installed app failed. Result: " << result);
334 /* Check records in the security-manager database */
335 check_app_after_install(SM_APP_ID1, SM_PKG_ID1);
337 request.reset(do_app_inst_req_new());
339 result = security_manager_app_inst_req_set_app_id(request.get(), SM_APP_ID1);
340 RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
341 "setting app id failed. Result: " << result);
343 result = security_manager_app_uninstall(request.get());
344 RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
345 "uninstalling app failed. Result: " << result);
347 result = security_manager_app_uninstall(request.get());
348 RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
349 "uninstalling already uninstalled app failed. Result: " << result);
351 /* Check records in the security-manager database */
352 check_app_after_uninstall(SM_APP_ID1, SM_PKG_ID1, TestSecurityManagerDatabase::REMOVED);
355 RUNNER_TEST(security_manager_02_app_install_uninstall_full)
358 AppInstReqUniquePtr request;
362 request.reset(do_app_inst_req_new());
364 result = security_manager_app_inst_req_set_app_id(request.get(), SM_APP_ID2);
365 RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
366 "setting app id failed. Result: " << result);
368 result = security_manager_app_inst_req_set_pkg_id(request.get(), SM_PKG_ID2);
369 RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
370 "setting pkg id failed. Result: " << result);
372 result = security_manager_app_inst_req_add_privilege(request.get(), SM_ALLOWED_PRIVILEGES[0].c_str());
373 RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
374 "setting allowed permission failed. Result: " << result);
375 result = security_manager_app_inst_req_add_privilege(request.get(), SM_ALLOWED_PRIVILEGES[1].c_str());
376 RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
377 "setting allowed permission failed. Result: " << result);
379 result = security_manager_app_inst_req_add_path(request.get(), SM_PRIVATE_PATH,
380 SECURITY_MANAGER_PATH_PRIVATE);
381 RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
382 "setting allowed path failed. Result: " << result);
384 result = security_manager_app_inst_req_add_path(request.get(), SM_PUBLIC_PATH,
385 SECURITY_MANAGER_PATH_PUBLIC);
386 RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
387 "setting allowed path failed. Result: " << result);
389 result = security_manager_app_inst_req_add_path(request.get(), SM_PUBLIC_RO_PATH,
390 SECURITY_MANAGER_PATH_PUBLIC_RO);
391 RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
392 "setting allowed path failed. Result: " << result);
394 result = security_manager_app_install(request.get());
395 RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
396 "installing app failed. Result: " << result);
398 /* Check records in the security-manager database */
399 check_app_after_install(SM_APP_ID2, SM_PKG_ID2,
400 SM_ALLOWED_PRIVILEGES, SM_DENIED_PRIVILEGES);
402 /* TODO: add parameters to this function */
403 check_app_path_after_install();
405 request.reset(do_app_inst_req_new());
407 result = security_manager_app_inst_req_set_app_id(request.get(), SM_APP_ID2);
408 RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
409 "setting app id failed. Result: " << result);
411 result = security_manager_app_uninstall(request.get());
412 RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
413 "uninstalling app failed. Result: " << result);
415 /* Check records in the security-manager database,
416 * all previously allowed privileges should be removed */
417 check_app_after_uninstall(SM_APP_ID2, SM_PKG_ID2,
418 SM_ALLOWED_PRIVILEGES, TestSecurityManagerDatabase::REMOVED);
421 RUNNER_CHILD_TEST_SMACK(security_manager_03_set_label_from_binary)
423 const char *const testBinaryPath = LABELLED_BINARY_PATH;
424 const char *const expectedLabel = USER_APP_ID;
429 result = security_manager_set_process_label_from_binary(testBinaryPath);
430 RUNNER_ASSERT_MSG_BT(result == SECURITY_MANAGER_SUCCESS,
431 "security_manager_set_process_label_from_binary(" <<
432 testBinaryPath << ") failed. Result: " << result);
434 result = smack_new_label_from_self(&label);
435 RUNNER_ASSERT_MSG_BT(result >= 0,
436 " Error getting current process label");
437 RUNNER_ASSERT_MSG_BT(label != NULL,
438 " Process label is not set");
439 labelPtr.reset(label);
441 result = strcmp(expectedLabel, label);
442 RUNNER_ASSERT_MSG_BT(result == 0,
443 " Process label is incorrect. Expected: \"" << expectedLabel << "\" Actual: \""
447 RUNNER_CHILD_TEST_NOSMACK(security_manager_03_set_label_from_binary_nosmack)
449 const char *const testBinaryPath = LABELLED_BINARY_PATH;
452 result = security_manager_set_process_label_from_binary(testBinaryPath);
453 RUNNER_ASSERT_MSG_BT(result == SECURITY_MANAGER_SUCCESS,
454 "security_manager_set_process_label_from_binary(" <<
455 testBinaryPath << ") failed. Result: " << result);
458 RUNNER_CHILD_TEST_SMACK(security_manager_04_set_label_from_appid)
460 const char *const app_id = "sm_test_app_id_set_label_from_appid";
461 const char *const pkg_id = "sm_test_pkg_id_set_label_from_appid";
462 const char *const expected_label = USER_APP_ID;
467 uninstall_app(app_id, pkg_id, false, true);
468 install_app(app_id, pkg_id);
470 result = security_manager_set_process_label_from_appid(app_id);
471 RUNNER_ASSERT_MSG_BT(result == SECURITY_MANAGER_SUCCESS,
472 "security_manager_set_process_label_from_appid(" <<
473 app_id << ") failed. Result: " << result);
475 result = smack_new_label_from_self(&label);
476 RUNNER_ASSERT_MSG_BT(result >= 0,
477 " Error getting current process label");
478 RUNNER_ASSERT_MSG_BT(label != NULL,
479 " Process label is not set");
480 labelPtr.reset(label);
482 result = strcmp(expected_label, label);
483 RUNNER_ASSERT_MSG_BT(result == 0,
484 " Process label is incorrect. Expected: \"" << expected_label <<
485 "\" Actual: \"" << label << "\"");
487 uninstall_app(app_id, pkg_id, true, true);
490 RUNNER_CHILD_TEST_NOSMACK(security_manager_04_set_label_from_appid_nosmack)
492 const char *const app_id = "sm_test_app_id_set_label_from_appid";
493 const char *const pkg_id = "sm_test_pkg_id_set_label_from_appid";
496 uninstall_app(app_id, pkg_id, false, true);
497 install_app(app_id, pkg_id);
499 result = security_manager_set_process_label_from_appid(app_id);
500 RUNNER_ASSERT_MSG_BT(result == SECURITY_MANAGER_SUCCESS,
501 "security_manager_set_process_label_from_appid(" <<
502 app_id << ") failed. Result: " << result);
504 uninstall_app(app_id, pkg_id, true, true);
509 static void prepare_request(AppInstReqUniquePtr &request,
510 const char *const app_id,
511 const char *const pkg_id,
512 app_install_path_type pathType,
513 const char *const path)
516 request.reset(do_app_inst_req_new());
518 result = security_manager_app_inst_req_set_app_id(request.get(), app_id);
519 RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
520 "setting app id failed. Result: " << result);
522 result = security_manager_app_inst_req_set_pkg_id(request.get(), pkg_id);
523 RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
524 "setting pkg id failed. Result: " << result);
526 result = security_manager_app_inst_req_add_path(request.get(), path, pathType);
527 RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
528 "setting allowed path failed. Result: " << result);
533 RUNNER_CHILD_TEST(security_manager_05_app_install_uninstall_by_uid_5000)
536 AppInstReqUniquePtr request;
537 const std::string user = std::to_string(static_cast<unsigned int>(APP_UID));
540 //switch user to non-root
541 result = drop_root_privileges();
542 RUNNER_ASSERT_MSG_BT(result == 0, "drop_root_privileges failed");
544 //install app as non-root user and try to register public path (should fail)
545 prepare_request(request, SM_APP_ID3, SM_PKG_ID3, SECURITY_MANAGER_PATH_PUBLIC, SM_PRIVATE_PATH_FOR_USER_5000);
547 result = security_manager_app_install(request.get());
548 RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_ERROR_AUTHENTICATION_FAILED,
549 "installing app not failed. Result: " << result);
551 //install app as non-root user
552 //should fail (non-root users may only register folders inside their home)
553 prepare_request(request, SM_APP_ID3, SM_PKG_ID3, SECURITY_MANAGER_PATH_PRIVATE, SM_PRIVATE_PATH);
555 result = security_manager_app_install(request.get());
556 RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_ERROR_AUTHENTICATION_FAILED,
557 "installing app not failed. Result: " << result);
559 //install app as non-root user
560 //should succeed - this time i register folder inside user's home dir
561 prepare_request(request, SM_APP_ID3, SM_PKG_ID3, SECURITY_MANAGER_PATH_PRIVATE, SM_PRIVATE_PATH_FOR_USER_5000);
563 for (auto &privilege : SM_ALLOWED_PRIVILEGES) {
564 result = security_manager_app_inst_req_add_privilege(request.get(), privilege.c_str());
565 RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
566 "setting allowed permission failed. Result: " << result);
569 result = security_manager_app_install(request.get());
570 RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
571 "installing app failed. Result: " << result);
573 check_app_permissions(SM_APP_ID3, SM_PKG_ID3, user.c_str(), SM_ALLOWED_PRIVILEGES, SM_DENIED_PRIVILEGES);
575 //uninstall app as non-root user
576 request.reset(do_app_inst_req_new());
578 result = security_manager_app_inst_req_set_app_id(request.get(), SM_APP_ID3);
579 RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
580 "setting app id failed. Result: " << result);
582 result = security_manager_app_uninstall(request.get());
583 RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
584 "uninstalling app failed. Result: " << result);
586 check_app_permissions(SM_APP_ID3, SM_PKG_ID3, user.c_str(), SM_NO_PRIVILEGES, SM_ALLOWED_PRIVILEGES);
590 int main(int argc, char *argv[])
592 SummaryCollector::Register();
593 return DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);