BuildRequires: libattr-devel
BuildRequires: pkgconfig(libcap)
BuildRequires: pkgconfig(libsmack)
-BuildRequires: pkgconfig(libprivilege-control)
-BuildRequires: pkgconfig(security-server)
BuildRequires: pkgconfig(security-manager)
BuildRequires: pkgconfig(key-manager)
+BuildRequires: key-manager-initial-values
+BuildRequires: util-linux
+BuildRequires: pkgconfig(yaca)
+BuildRequires: pkgconfig(ode)
BuildRequires: pkgconfig(dlog)
BuildRequires: pkgconfig(glib-2.0)
BuildRequires: pkgconfig(dbus-1)
BuildRequires: pkgconfig(libpcrecpp)
BuildRequires: pkgconfig(libxml-2.0)
-BuildRequires: pkgconfig(libiri)
BuildRequires: pkgconfig(sqlite3)
BuildRequires: pkgconfig(libwebappenc)
+BuildRequires: pkgconfig(openssl1.1)
BuildRequires: cynara-devel
+BuildRequires: libcynara-creds-dbus-devel
+BuildRequires: libcynara-creds-gdbus-devel
+BuildRequires: libcynara-creds-sd-bus-devel
BuildRequires: pkgconfig(libtzplatform-config)
BuildRequires: boost-devel
BuildRequires: pkgconfig(vconf)
BuildRequires: pkgconfig(libgum) >= 1.0.5
+BuildRequires: pkgconfig(security-privilege-manager)
+BuildRequires: pkgconfig(libsystemd)
+BuildRequires: openssl1.1
Requires: perf
Requires: gdb
-Requires: key-manager-listener
+Requires: diffutils
+Requires: iproute2
+Requires: toybox-symlinks-ping
+
+%global ckm_test_dir %{?TZ_SYS_SHARE:%TZ_SYS_SHARE/ckm-test/}%{!?TZ_SYS_SHARE:/usr/share/ckm-test/}
+%global ckm_rw_data_dir %{?TZ_SYS_DATA:%TZ_SYS_DATA/ckm/}%{!?TZ_SYS_DATA:/opt/data/ckm/}
+%global tz_backend_enabled %{?tz_backend:%tz_backend}%{!?tz_backend:OFF}
%description
Security tests repository - for tests that can't be kept together with code.
%prep
%setup -q
-cp %{SOURCE1} .
%build
export LDFLAGS+="-Wl,--rpath=%{_prefix}/lib"
-# password protection enabled
-%define ckm_password_protection_disable 1
-
cmake . -DCMAKE_INSTALL_PREFIX=%{_prefix} \
+%if "%{_with_emulator}" == "1"
+ -DEMULATOR="ON" \
+%endif
+%if %{tz_backend_enabled} == ON
+ -DTZ_BACKEND="ON" \
+%endif
-DDPL_LOG="ON" \
+ -DDPL_WITH_DLOG="ON" \
-DVERSION=%{version} \
-DCMAKE_BUILD_TYPE=%{?build_type:%build_type}%{!?build_type:DEBUG} \
%if "%{sec_product_feature_security_mdfpp_enable}" == "1"
-DSECURITY_MDFPP_STATE_ENABLE=1 \
%endif
-%if 0%{?ckm_password_protection_disable}
- -DPASSWORD_PROTECTION_DISABLE=1 \
-%endif
-DCMAKE_VERBOSE_MAKEFILE=ON \
-DCYNARA_DB_DIR=%{_localstatedir}/cynara/db \
- -DAPP_USER="security_test_user"
+ -DAPP_USER="security_test_user" \
+ -DCKM_TEST_DIR=%{ckm_test_dir} \
+ -DCKM_RW_DATA_DIR=%{ckm_rw_data_dir} \
+ -DGLOBAL_APP_DIR=%{TZ_SYS_RW_APP} \
+ -DLOCAL_APP_DIR="%{TZ_SYS_HOME}/security_test_user/apps_rw"
make %{?jobs:-j%jobs}
+%pre
+id -u security_test_user 1>/dev/null 2>&1 || \
+ gum-utils -o -a --username=security_test_user --usertype=normal
+
%install
%make_install
ln -sf /etc/smack/test_smack_rules %{buildroot}/etc/smack/test_smack_rules_lnk
+cp -a %{SOURCE1} %{buildroot}%{_datadir}/
%post
-find /etc/smack/test_privilege_control_DIR/ -type f -name exec -exec chmod 0755 {} +
-
-# Load permissions templates
-api_feature_loader --verbose
-
-# Set vconf key for cc-mode testing if vconf key isn't there.
-#%if "%{sec_product_feature_security_mdfpp_enable}" != "1"
-# echo "Install vconf key (file/security_mdpp/security_mdpp_state) for testing key-manager"
-# vconftool set -t string file/security_mdpp/security_mdpp_state "Unset"
-#%endif
-
-id -u security_test_user 1>/dev/null 2>&1 || \
- useradd -r -g users -s /sbin/nologin -c "for tests only" security_test_user
+# Reload dbus daemon to apply newly installed configuration
+systemctl reload dbus
echo "security-tests postinst done ..."
%files
-%manifest %{name}.manifest
+%manifest %{_datadir}/%{name}.manifest
%defattr(-, root, root, -)
/usr/bin/security-tests.sh
/usr/bin/security-tests-all.sh
/usr/bin/test-performance-check.sh
+/usr/bin/setup-nether-tests-nns.sh
+/usr/bin/teardown-nether-tests-nns.sh
+/usr/bin/setup-nether-tests-dns.sh
+/usr/bin/teardown-nether-tests-dns.sh
/etc/dbus-1/system.d/security-tests.conf
/usr/bin/libsmack-test
-/usr/bin/smack-dbus-tests
-/usr/bin/libprivilege-control-test
-/usr/bin/security-server-tests-client-smack
-/usr/bin/security-server-tests-server
-/usr/bin/security-server-tests-password
-/usr/bin/security-server-tests-privilege
-/usr/bin/security-server-tests-stress
/etc/smack/test_smack_rules_full
/etc/smack/test_smack_rules2
/etc/smack/test_smack_rules3
/etc/smack/test_smack_rules4
-/usr/bin/security-server-tests-mt
-/usr/bin/security-server-tests-api-speed
/usr/bin/security-manager-tests
/etc/smack/test_smack_rules
/etc/smack/test_smack_rules_lnk
-/usr/share/privilege-control/*
-/etc/smack/test_privilege_control_DIR/*
-/usr/apps/*
-/usr/bin/test-app-efl
-/usr/bin/test-app-osp
-/usr/bin/test-app-wgt
+%{TZ_SYS_RW_APP}*
+%attr(755, security_test_user,users) %{TZ_SYS_HOME}/security_test_user/apps_rw/*
/usr/bin/cynara-test
/usr/bin/ckm-tests
-/usr/bin/ckm-integration-tests
-/usr/share/ckm-test/*
+%caps(cap_mac_admin=ep) /usr/bin/ckm-privileged-tests
+%caps(cap_mac_admin=ep) /usr/bin/ckm-integration-tests
+/usr/bin/yaca-test
+/usr/bin/nether-tests
+/usr/bin/ode-tests
+%{ckm_test_dir}/*
/etc/security-tests
/usr/lib/security-tests/cynara-tests/plugins/single-policy/*
/usr/lib/security-tests/cynara-tests/plugins/multiple-policy/*
/usr/lib/security-tests/cynara-tests/plugins/test-agent/*
/usr/bin/security-tests-inner-test
+/usr/bin/security-tests-cleanup-test
+/usr/bin/cleanup_test.sh
/usr/bin/libwebappenc-tests
+%{_prefix}/share/yaca-test
+%dir %{_prefix}/share/security-tests-cleanup-test
+%{_prefix}/share/security-tests-cleanup-test/*
%postun
-id -u security_test_user 1>/dev/null 2>&1 && userdel security_test_user
+id -u security_test_user 1>/dev/null 2>&1 && gum-utils -o -d --uid=`id -u security_test_user`