1 #include <dpl/test/test_runner.h>
5 #include <summary_collector.h>
10 #include <sys/xattr.h>
11 #include <linux/xattr.h>
13 #include <libprivilege-control_test_common.h>
14 #include <tests_common.h>
16 #include <security-manager.h>
18 #include <cynara_test_client.h>
20 DEFINE_SMARTPTR(security_manager_app_inst_req_free, app_inst_req, AppInstReqUniquePtr);
22 static const char *const LABELLED_BINARY_PATH = "/usr/bin/test-app-efl";
24 static const char *const SM_APP_ID1 = "sm_test_app_id_double";
25 static const char *const SM_PKG_ID1 = "sm_test_pkg_id_double";
27 static const char *const SM_APP_ID2 = "sm_test_app_id_full";
28 static const char *const SM_PKG_ID2 = "sm_test_pkg_id_full";
30 static const char *const SM_APP_ID3 = "sm_test_app_id_uid";
31 static const char *const SM_PKG_ID3 = "sm_test_pkg_id_uid";
33 static const privileges_t SM_ALLOWED_PRIVILEGES = {
34 "security_manager_test_rules2_r",
35 "security_manager_test_rules2_no_r"
38 static const privileges_t SM_DENIED_PRIVILEGES = {
39 "security_manager_test_rules1",
40 "security_manager_test_rules2"
43 static const privileges_t SM_NO_PRIVILEGES = {
46 static const char *const XATTR_NAME_TIZENEXEC = XATTR_SECURITY_PREFIX "TIZEN_EXEC_LABEL";
48 static const char *const SM_PRIVATE_PATH = "/etc/smack/test_DIR/app_dir";
49 static const char *const SM_PUBLIC_PATH = "/etc/smack/test_DIR/app_dir_public";
50 static const char *const SM_PUBLIC_RO_PATH = "/etc/smack/test_DIR/app_dir_public_ro";
51 static const char *const SM_DENIED_PATH = "/etc/smack/test_DIR/non_app_dir";
52 static const char *const SM_PRIVATE_PATH_FOR_USER_5000 = "/home/app/securitytests/test_DIR";
53 static const char *const ANY_USER_REPRESENTATION = "anyuser";/*this may be actually any string*/
55 static void generateAppLabel(const std::string &pkgId, std::string &label)
62 static bool isLinkToExec(const char *fpath, const struct stat *sb)
69 // check if it's a link
70 if ( !S_ISLNK(sb->st_mode))
73 target = realpath(fpath, nullptr);
74 RUNNER_ASSERT_ERRNO_MSG(target != 0, "Could not obtain real path from link");
76 ret = stat(target, &buf);
77 RUNNER_ASSERT_ERRNO_MSG(ret == 0, "Could not obtain real path's stat from link");
79 if (buf.st_mode != (buf.st_mode | S_IXUSR | S_IFREG))
86 static int nftw_check_sm_labels_app_dir(const char *fpath, const struct stat *sb,
87 const char* correctLabel, bool transmute_test, bool exec_test)
91 char* label = nullptr;
94 result = smack_lgetlabel(fpath, &label, SMACK_LABEL_ACCESS);
95 RUNNER_ASSERT_MSG(result == 0, "Could not get label for the path");
96 labelPtr.reset(label);
97 RUNNER_ASSERT_MSG(label != nullptr, "ACCESS label on " << fpath << " is not set");
98 result = strcmp(correctLabel, label);
99 RUNNER_ASSERT_MSG(result == 0, "ACCESS label on " << fpath << " is incorrect"
100 " (should be '" << correctLabel << "' and is '" << label << "')");
104 result = smack_lgetlabel(fpath, &label, SMACK_LABEL_EXEC);
105 RUNNER_ASSERT_MSG(result == 0, "Could not get label for the path");
106 labelPtr.reset(label);
108 if (S_ISREG(sb->st_mode) && (sb->st_mode & S_IXUSR) && exec_test) {
109 RUNNER_ASSERT_MSG(label != nullptr, "EXEC label on " << fpath << " is not set");
110 result = strcmp(correctLabel, label);
111 RUNNER_ASSERT_MSG(result == 0, "Incorrect EXEC label on executable file " << fpath);
113 RUNNER_ASSERT_MSG(label == nullptr, "EXEC label on " << fpath << " is set");
117 if (isLinkToExec(fpath, sb) && exec_test) {
118 char buf[SMACK_LABEL_LEN+1];
119 result = lgetxattr(fpath, XATTR_NAME_TIZENEXEC, buf, sizeof(buf));
120 RUNNER_ASSERT_ERRNO_MSG(result != -1, "Could not get label for the path " << fpath);
122 result = strcmp(correctLabel, buf);
123 RUNNER_ASSERT_MSG(result == 0, "Incorrect TIZEN_EXEC_LABEL attribute"
124 " on link to executable " << fpath);
130 result = smack_lgetlabel(fpath, &label, SMACK_LABEL_TRANSMUTE);
131 RUNNER_ASSERT_MSG(result == 0, "Could not get label for the path");
132 labelPtr.reset(label);
134 if (S_ISDIR(sb->st_mode) && transmute_test == true) {
135 RUNNER_ASSERT_MSG(label != nullptr, "TRANSMUTE label on " << fpath << " is not set at all");
136 RUNNER_ASSERT_MSG(strcmp(label,"TRUE") == 0,
137 "TRANSMUTE label on " << fpath << " is not set properly: '"<<label<<"'");
139 RUNNER_ASSERT_MSG(label == nullptr, "TRANSMUTE label on " << fpath << " is set");
146 static int nftw_check_sm_labels_app_private_dir(const char *fpath, const struct stat *sb,
147 int /*typeflag*/, struct FTW* /*ftwbuf*/)
149 return nftw_check_sm_labels_app_dir(fpath, sb, USER_APP_ID, false, true);
152 static int nftw_check_sm_labels_app_public_dir(const char *fpath, const struct stat *sb,
153 int /*typeflag*/, struct FTW* /*ftwbuf*/)
156 return nftw_check_sm_labels_app_dir(fpath, sb, "User", true, false);
159 static int nftw_check_sm_labels_app_floor_dir(const char *fpath, const struct stat *sb,
160 int /*typeflag*/, struct FTW* /*ftwbuf*/)
163 return nftw_check_sm_labels_app_dir(fpath, sb, "_", false, false);
166 static app_inst_req* do_app_inst_req_new()
169 app_inst_req *req = nullptr;
171 result = security_manager_app_inst_req_new(&req);
172 RUNNER_ASSERT_MSG((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
173 "creation of new request failed. Result: " << result);
174 RUNNER_ASSERT_MSG(req != nullptr, "creation of new request did not allocate memory");
178 static void prepare_app_path()
182 result = nftw(SM_PRIVATE_PATH, &nftw_remove_labels, FTW_MAX_FDS, FTW_PHYS);
183 RUNNER_ASSERT_MSG(result == 0, "Unable to clean Smack labels in " << SM_PRIVATE_PATH);
185 result = nftw(SM_PUBLIC_PATH, &nftw_remove_labels, FTW_MAX_FDS, FTW_PHYS);
186 RUNNER_ASSERT_MSG(result == 0, "Unable to clean Smack labels in " << SM_PUBLIC_PATH);
188 result = nftw(SM_PUBLIC_RO_PATH, &nftw_remove_labels, FTW_MAX_FDS, FTW_PHYS);
189 RUNNER_ASSERT_MSG(result == 0, "Unable to clean Smack labels in " << SM_PUBLIC_RO_PATH);
191 result = nftw(SM_DENIED_PATH, &nftw_set_labels_non_app_dir, FTW_MAX_FDS, FTW_PHYS);
192 RUNNER_ASSERT_MSG(result == 0, "Unable to set Smack labels in " << SM_DENIED_PATH);
195 static void prepare_app_env()
200 /* TODO: add parameters to this function */
201 static void check_app_path_after_install()
205 result = nftw(SM_PRIVATE_PATH, &nftw_check_sm_labels_app_private_dir, FTW_MAX_FDS, FTW_PHYS);
206 RUNNER_ASSERT_MSG(result == 0, "Unable to check Smack labels for " << SM_PRIVATE_PATH);
208 result = nftw(SM_PUBLIC_PATH, &nftw_check_sm_labels_app_public_dir, FTW_MAX_FDS, FTW_PHYS);
209 RUNNER_ASSERT_MSG(result == 0, "Unable to check Smack labels for " << SM_PUBLIC_PATH);
211 result = nftw(SM_PUBLIC_RO_PATH, &nftw_check_sm_labels_app_floor_dir, FTW_MAX_FDS, FTW_PHYS);
212 RUNNER_ASSERT_MSG(result == 0, "Unable to check Smack labels for " << SM_PUBLIC_RO_PATH);
214 result = nftw(SM_DENIED_PATH, &nftw_check_labels_non_app_dir, FTW_MAX_FDS, FTW_PHYS);
215 RUNNER_ASSERT_MSG(result == 0, "Unable to check Smack labels for " << SM_DENIED_PATH);
219 static void check_app_permissions(const char *const app_id, const char *const pkg_id, const char *const user,
220 const privileges_t &allowed_privs, const privileges_t &denied_privs)
223 std::string smackLabel;
224 generateAppLabel(pkg_id, smackLabel);
226 CynaraTestClient ctc;
228 for (auto &priv : allowed_privs) {
229 ctc.check(smackLabel.c_str(), "", user, priv.c_str(), CYNARA_API_SUCCESS);
232 for (auto &priv : denied_privs) {
233 ctc.check(smackLabel.c_str(), "", user, priv.c_str(), CYNARA_API_ACCESS_DENIED);
237 static void check_app_after_install(const char *const app_id, const char *const pkg_id,
238 const privileges_t &allowed_privs,
239 const privileges_t &denied_privs)
241 TestSecurityManagerDatabase dbtest;
242 dbtest.test_db_after__app_install(app_id, pkg_id, allowed_privs);
243 dbtest.check_privileges_removed(app_id, pkg_id, denied_privs);
245 /*Privileges should be granted to all users if root installs app*/
246 check_app_permissions(app_id, pkg_id, ANY_USER_REPRESENTATION, allowed_privs, denied_privs);
249 static void check_app_after_install(const char *const app_id, const char *const pkg_id)
251 TestSecurityManagerDatabase dbtest;
252 dbtest.test_db_after__app_install(app_id, pkg_id);
255 static void check_app_after_uninstall(const char *const app_id, const char *const pkg_id,
256 const privileges_t &privileges, const bool is_pkg_removed)
258 TestSecurityManagerDatabase dbtest;
259 dbtest.test_db_after__app_uninstall(app_id, pkg_id, privileges, is_pkg_removed);
262 /*Privileges should not be granted anymore to any user*/
263 check_app_permissions(app_id, pkg_id, ANY_USER_REPRESENTATION, SM_NO_PRIVILEGES, privileges);
266 static void check_app_after_uninstall(const char *const app_id, const char *const pkg_id,
267 const bool is_pkg_removed)
269 TestSecurityManagerDatabase dbtest;
270 dbtest.test_db_after__app_uninstall(app_id, pkg_id, is_pkg_removed);
273 static void install_app(const char *app_id, const char *pkg_id)
276 AppInstReqUniquePtr request;
277 request.reset(do_app_inst_req_new());
279 result = security_manager_app_inst_req_set_app_id(request.get(), app_id);
280 RUNNER_ASSERT_MSG((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
281 "setting app id failed. Result: " << result);
283 result = security_manager_app_inst_req_set_pkg_id(request.get(), pkg_id);
284 RUNNER_ASSERT_MSG((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
285 "setting pkg id failed. Result: " << result);
287 result = security_manager_app_install(request.get());
288 RUNNER_ASSERT_MSG((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
289 "installing app failed. Result: " << result);
291 check_app_after_install(app_id, pkg_id);
295 static void uninstall_app(const char *app_id, const char *pkg_id,
296 bool expect_installed, bool expect_pkg_removed)
299 AppInstReqUniquePtr request;
300 request.reset(do_app_inst_req_new());
302 result = security_manager_app_inst_req_set_app_id(request.get(), app_id);
303 RUNNER_ASSERT_MSG((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
304 "setting app id failed. Result: " << result);
306 result = security_manager_app_uninstall(request.get());
307 RUNNER_ASSERT_MSG(!expect_installed || (lib_retcode)result == SECURITY_MANAGER_SUCCESS,
308 "uninstalling app failed. Result: " << result);
310 check_app_after_uninstall(app_id, pkg_id, expect_pkg_removed);
314 RUNNER_TEST_GROUP_INIT(SECURITY_MANAGER)
317 RUNNER_TEST(security_manager_01_app_double_install_double_uninstall)
320 AppInstReqUniquePtr request;
322 request.reset(do_app_inst_req_new());
324 result = security_manager_app_inst_req_set_app_id(request.get(), SM_APP_ID1);
325 RUNNER_ASSERT_MSG((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
326 "setting app id failed. Result: " << result);
328 result = security_manager_app_inst_req_set_pkg_id(request.get(), SM_PKG_ID1);
329 RUNNER_ASSERT_MSG((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
330 "setting pkg id failed. Result: " << result);
332 result = security_manager_app_install(request.get());
333 RUNNER_ASSERT_MSG((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
334 "installing app failed. Result: " << result);
336 result = security_manager_app_install(request.get());
337 RUNNER_ASSERT_MSG((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
338 "installing already installed app failed. Result: " << result);
340 /* Check records in the security-manager database */
341 check_app_after_install(SM_APP_ID1, SM_PKG_ID1);
343 request.reset(do_app_inst_req_new());
345 result = security_manager_app_inst_req_set_app_id(request.get(), SM_APP_ID1);
346 RUNNER_ASSERT_MSG((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
347 "setting app id failed. Result: " << result);
349 result = security_manager_app_uninstall(request.get());
350 RUNNER_ASSERT_MSG((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
351 "uninstalling app failed. Result: " << result);
353 result = security_manager_app_uninstall(request.get());
354 RUNNER_ASSERT_MSG((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
355 "uninstalling already uninstalled app failed. Result: " << result);
357 /* Check records in the security-manager database */
358 check_app_after_uninstall(SM_APP_ID1, SM_PKG_ID1, TestSecurityManagerDatabase::REMOVED);
361 RUNNER_TEST(security_manager_02_app_install_uninstall_full)
364 AppInstReqUniquePtr request;
368 request.reset(do_app_inst_req_new());
370 result = security_manager_app_inst_req_set_app_id(request.get(), SM_APP_ID2);
371 RUNNER_ASSERT_MSG((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
372 "setting app id failed. Result: " << result);
374 result = security_manager_app_inst_req_set_pkg_id(request.get(), SM_PKG_ID2);
375 RUNNER_ASSERT_MSG((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
376 "setting pkg id failed. Result: " << result);
378 result = security_manager_app_inst_req_add_privilege(request.get(), SM_ALLOWED_PRIVILEGES[0].c_str());
379 RUNNER_ASSERT_MSG((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
380 "setting allowed permission failed. Result: " << result);
381 result = security_manager_app_inst_req_add_privilege(request.get(), SM_ALLOWED_PRIVILEGES[1].c_str());
382 RUNNER_ASSERT_MSG((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
383 "setting allowed permission failed. Result: " << result);
385 result = security_manager_app_inst_req_add_path(request.get(), SM_PRIVATE_PATH,
386 SECURITY_MANAGER_PATH_PRIVATE);
387 RUNNER_ASSERT_MSG((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
388 "setting allowed path failed. Result: " << result);
390 result = security_manager_app_inst_req_add_path(request.get(), SM_PUBLIC_PATH,
391 SECURITY_MANAGER_PATH_PUBLIC);
392 RUNNER_ASSERT_MSG((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
393 "setting allowed path failed. Result: " << result);
395 result = security_manager_app_inst_req_add_path(request.get(), SM_PUBLIC_RO_PATH,
396 SECURITY_MANAGER_PATH_PUBLIC_RO);
397 RUNNER_ASSERT_MSG((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
398 "setting allowed path failed. Result: " << result);
400 result = security_manager_app_install(request.get());
401 RUNNER_ASSERT_MSG((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
402 "installing app failed. Result: " << result);
404 /* Check records in the security-manager database */
405 check_app_after_install(SM_APP_ID2, SM_PKG_ID2,
406 SM_ALLOWED_PRIVILEGES, SM_DENIED_PRIVILEGES);
408 /* TODO: add parameters to this function */
409 check_app_path_after_install();
411 request.reset(do_app_inst_req_new());
413 result = security_manager_app_inst_req_set_app_id(request.get(), SM_APP_ID2);
414 RUNNER_ASSERT_MSG((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
415 "setting app id failed. Result: " << result);
417 result = security_manager_app_uninstall(request.get());
418 RUNNER_ASSERT_MSG((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
419 "uninstalling app failed. Result: " << result);
421 /* Check records in the security-manager database,
422 * all previously allowed privileges should be removed */
423 check_app_after_uninstall(SM_APP_ID2, SM_PKG_ID2,
424 SM_ALLOWED_PRIVILEGES, TestSecurityManagerDatabase::REMOVED);
427 RUNNER_CHILD_TEST_SMACK(security_manager_03_set_label_from_binary)
429 const char *const testBinaryPath = LABELLED_BINARY_PATH;
430 const char *const expectedLabel = USER_APP_ID;
432 char *label = nullptr;
435 result = security_manager_set_process_label_from_binary(testBinaryPath);
436 RUNNER_ASSERT_MSG(result == SECURITY_MANAGER_SUCCESS,
437 "security_manager_set_process_label_from_binary(" <<
438 testBinaryPath << ") failed. Result: " << result);
440 result = smack_new_label_from_self(&label);
441 RUNNER_ASSERT_MSG(result >= 0,
442 " Error getting current process label");
443 RUNNER_ASSERT_MSG(label != nullptr,
444 " Process label is not set");
445 labelPtr.reset(label);
447 result = strcmp(expectedLabel, label);
448 RUNNER_ASSERT_MSG(result == 0,
449 " Process label is incorrect. Expected: \"" << expectedLabel << "\" Actual: \""
453 RUNNER_CHILD_TEST_NOSMACK(security_manager_03_set_label_from_binary_nosmack)
455 const char *const testBinaryPath = LABELLED_BINARY_PATH;
458 result = security_manager_set_process_label_from_binary(testBinaryPath);
459 RUNNER_ASSERT_MSG(result == SECURITY_MANAGER_SUCCESS,
460 "security_manager_set_process_label_from_binary(" <<
461 testBinaryPath << ") failed. Result: " << result);
464 RUNNER_CHILD_TEST_SMACK(security_manager_04_set_label_from_appid)
466 const char *const app_id = "sm_test_app_id_set_label_from_appid";
467 const char *const pkg_id = "sm_test_pkg_id_set_label_from_appid";
468 const char *const expected_label = USER_APP_ID;
469 char *label = nullptr;
473 uninstall_app(app_id, pkg_id, false, true);
474 install_app(app_id, pkg_id);
476 result = security_manager_set_process_label_from_appid(app_id);
477 RUNNER_ASSERT_MSG(result == SECURITY_MANAGER_SUCCESS,
478 "security_manager_set_process_label_from_appid(" <<
479 app_id << ") failed. Result: " << result);
481 result = smack_new_label_from_self(&label);
482 RUNNER_ASSERT_MSG(result >= 0,
483 " Error getting current process label");
484 RUNNER_ASSERT_MSG(label != nullptr,
485 " Process label is not set");
486 labelPtr.reset(label);
488 result = strcmp(expected_label, label);
489 RUNNER_ASSERT_MSG(result == 0,
490 " Process label is incorrect. Expected: \"" << expected_label <<
491 "\" Actual: \"" << label << "\"");
493 uninstall_app(app_id, pkg_id, true, true);
496 RUNNER_CHILD_TEST_NOSMACK(security_manager_04_set_label_from_appid_nosmack)
498 const char *const app_id = "sm_test_app_id_set_label_from_appid";
499 const char *const pkg_id = "sm_test_pkg_id_set_label_from_appid";
502 uninstall_app(app_id, pkg_id, false, true);
503 install_app(app_id, pkg_id);
505 result = security_manager_set_process_label_from_appid(app_id);
506 RUNNER_ASSERT_MSG(result == SECURITY_MANAGER_SUCCESS,
507 "security_manager_set_process_label_from_appid(" <<
508 app_id << ") failed. Result: " << result);
510 uninstall_app(app_id, pkg_id, true, true);
515 static void prepare_request(AppInstReqUniquePtr &request,
516 const char *const app_id,
517 const char *const pkg_id,
518 app_install_path_type pathType,
519 const char *const path)
522 request.reset(do_app_inst_req_new());
524 result = security_manager_app_inst_req_set_app_id(request.get(), app_id);
525 RUNNER_ASSERT_MSG((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
526 "setting app id failed. Result: " << result);
528 result = security_manager_app_inst_req_set_pkg_id(request.get(), pkg_id);
529 RUNNER_ASSERT_MSG((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
530 "setting pkg id failed. Result: " << result);
532 result = security_manager_app_inst_req_add_path(request.get(), path, pathType);
533 RUNNER_ASSERT_MSG((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
534 "setting allowed path failed. Result: " << result);
539 RUNNER_CHILD_TEST(security_manager_05_app_install_uninstall_by_uid_5000)
542 AppInstReqUniquePtr request;
543 const std::string user = std::to_string(static_cast<unsigned int>(APP_UID));
546 //switch user to non-root
547 result = drop_root_privileges();
548 RUNNER_ASSERT_MSG(result == 0, "drop_root_privileges failed");
550 //install app as non-root user and try to register public path (should fail)
551 prepare_request(request, SM_APP_ID3, SM_PKG_ID3, SECURITY_MANAGER_PATH_PUBLIC, SM_PRIVATE_PATH_FOR_USER_5000);
553 result = security_manager_app_install(request.get());
554 RUNNER_ASSERT_MSG((lib_retcode)result == SECURITY_MANAGER_ERROR_AUTHENTICATION_FAILED,
555 "installing app not failed. Result: " << result);
557 //install app as non-root user
558 //should fail (non-root users may only register folders inside their home)
559 prepare_request(request, SM_APP_ID3, SM_PKG_ID3, SECURITY_MANAGER_PATH_PRIVATE, SM_PRIVATE_PATH);
561 result = security_manager_app_install(request.get());
562 RUNNER_ASSERT_MSG((lib_retcode)result == SECURITY_MANAGER_ERROR_AUTHENTICATION_FAILED,
563 "installing app not failed. Result: " << result);
565 //install app as non-root user
566 //should succeed - this time i register folder inside user's home dir
567 prepare_request(request, SM_APP_ID3, SM_PKG_ID3, SECURITY_MANAGER_PATH_PRIVATE, SM_PRIVATE_PATH_FOR_USER_5000);
569 for (auto &privilege : SM_ALLOWED_PRIVILEGES) {
570 result = security_manager_app_inst_req_add_privilege(request.get(), privilege.c_str());
571 RUNNER_ASSERT_MSG((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
572 "setting allowed permission failed. Result: " << result);
575 result = security_manager_app_install(request.get());
576 RUNNER_ASSERT_MSG((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
577 "installing app failed. Result: " << result);
579 check_app_permissions(SM_APP_ID3, SM_PKG_ID3, user.c_str(), SM_ALLOWED_PRIVILEGES, SM_DENIED_PRIVILEGES);
581 //uninstall app as non-root user
582 request.reset(do_app_inst_req_new());
584 result = security_manager_app_inst_req_set_app_id(request.get(), SM_APP_ID3);
585 RUNNER_ASSERT_MSG((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
586 "setting app id failed. Result: " << result);
588 result = security_manager_app_uninstall(request.get());
589 RUNNER_ASSERT_MSG((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
590 "uninstalling app failed. Result: " << result);
592 check_app_permissions(SM_APP_ID3, SM_PKG_ID3, user.c_str(), SM_NO_PRIVILEGES, SM_ALLOWED_PRIVILEGES);
596 int main(int argc, char *argv[])
598 SummaryCollector::Register();
599 return DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);