RUNNER_ASSERT_MSG(result == 1, "Error while checking Smack access");
result = smack_have_access("reader", "book", "rwx"); //should have no access - wrong rule, should be "r" only
RUNNER_ASSERT_MSG(result == 0, "Error while checking Smack access");
- result = smack_have_access("mars", "book", "rwx"); //should have no acces - rule not exist
- RUNNER_ASSERT_MSG(result == 0, "Error while checking Smack access");
+ result = smack_have_access("mars", "book", "rwx"); //should fail - rule not exist
+ RUNNER_ASSERT_MSG(result == -1, "Error while checking Smack access");
//int smack_revoke_subject(const char *subject);
result = smack_revoke_subject("snickers"); //this subject do not exist in kernel rules
result = smack_have_access("spy", "book", "rwx"); //testing access after revoke_subject() from kernel
RUNNER_ASSERT_MSG(result == 0, "Error in acces aplied to kernel"); //now spy should have no access
- result = smack_have_access("spy", "book", "-----"); //and should have "-----" rule
- RUNNER_ASSERT_MSG(result == 1, "Error in acces aplied to kernel");
result = smack_accesses_add(rules, "twix", "book", "rwx"); //for create new rule as a consequence of use accesses_clear() below
RUNNER_ASSERT_MSG(result == 0, "Unable to add smack rules");
result = smack_have_access("writer", "book", "rwx"); //testing acces after acces_clear()
RUNNER_ASSERT_MSG(result == 0, "Error in acces aplied to kernel"); //now writer also should have no access
- result = smack_have_access("writer", "book", "-----"); //and should have "-----" rule
- RUNNER_ASSERT_MSG(result == 1, "Error in acces aplied to kernel");
- result = smack_have_access("twix", "book", "-----"); //rule created by calling accesses_clear()
- RUNNER_ASSERT_MSG(result == 1, "Error in acces aplied to kernel");
//free resources
smack_accesses_free(rules);
struct smack_accesses *rules = NULL; //rules prepared in this test case
int result; //for storing functions results
int i;
+ int expected;
result = smack_accesses_new(&rules); //rules struct init
RUNNER_ASSERT_MSG(result == 0, "Unable to create smack_accesses instance");
//checking accesses using normal rules
for (i = 0; i < (3 * 8); i += 3) {
+ if (!strcmp(rules_tab[i + 2], "-----"))
+ expected = 0;
+ else
+ expected = 1;
result = smack_have_access(rules_tab[i], "book", rules_tab[i + 2]); //using normal rules from table
- RUNNER_ASSERT_MSG(result == 1, "Error while checking Smack access");
+ RUNNER_ASSERT_MSG(result == expected, "Error while checking Smack access");
}
//free resources
int result;
int i;
+ int expected;
//rules were added in previous RUNNER_TEST section
//checking accesses using mixed rules
for (i = 0; i < (3 * 8); i += 3) {
+ if (!strcmp(rules_tab[i + 2], "-----"))
+ expected = 0;
+ else
+ expected = 1;
result = smack_have_access(rules_tab[i], "book", rules_tab[i + 1]); //using mixed rules from table
- RUNNER_ASSERT_MSG(result == 1, "Error while checking Smack access");
+ RUNNER_ASSERT_MSG(result == expected, "Error while checking Smack access");
}
}