X-Git-Url: http://review.tizen.org/git/?a=blobdiff_plain;f=tests%2Fsecurity-manager-tests%2Fsecurity_manager_tests.cpp;h=0e505afcf027136f509fe562cf8b1d99937a84c3;hb=c8a77b62054614b6bd3f9a30bff54918bec5aea6;hp=24217967addff81c1e1e914d4ef3577af0b98820;hpb=d99e3fec86832fa71267b67e2eb9ab8b88da0d43;p=platform%2Fcore%2Ftest%2Fsecurity-tests.git

diff --git a/tests/security-manager-tests/security_manager_tests.cpp b/tests/security-manager-tests/security_manager_tests.cpp
index 2421796..0e505af 100644
--- a/tests/security-manager-tests/security_manager_tests.cpp
+++ b/tests/security-manager-tests/security_manager_tests.cpp
@@ -7,22 +7,38 @@
 #include <sys/types.h>
 #include <sys/stat.h>
 #include <sys/xattr.h>
+#include <linux/xattr.h>
 
 #include <libprivilege-control_test_common.h>
 #include <tests_common.h>
 
 #include <security-manager.h>
+#include <sm_db.h>
 
 DEFINE_SMARTPTR(security_manager_app_inst_req_free, app_inst_req, AppInstReqUniquePtr);
 
-static const char* SM_APP_ID = "sm_test_app_id";
-static const char* SM_PKG_ID = "sm_test_pkg_id";
+static const char *const LABELLED_BINARY_PATH = "/usr/bin/test-app-efl";
 
-static uid_t SM_ALLOWED_UID1 = 6666;
-static uid_t SM_ALLOWED_UID2 = 7777;
+static const char *const SM_APP_ID1 = "sm_test_app_id_double";
+static const char *const SM_PKG_ID1 = "sm_test_pkg_id_double";
 
-static const char* SM_ALLOWED_PERMISSION1 = "security_manager_test_rules2_r";
-static const char* SM_ALLOWED_PERMISSION2 = "security_manager_test_rules2_no_r";
+static const char *const SM_APP_ID2 = "sm_test_app_id_full";
+static const char *const SM_PKG_ID2 = "sm_test_pkg_id_full";
+
+static const char *const SM_APP_ID3 = "sm_test_app_id_uid";
+static const char *const SM_PKG_ID3 = "sm_test_pkg_id_uid";
+
+static const privileges_t SM_ALLOWED_PRIVILEGES = {
+    "security_manager_test_rules2_r",
+    "security_manager_test_rules2_no_r"
+};
+
+static const privileges_t SM_DENIED_PRIVILEGES  = {
+    "security_manager_test_rules1",
+    "security_manager_test_rules2"
+};
+
+static const char *const XATTR_NAME_TIZENEXEC =  XATTR_SECURITY_PREFIX "TIZEN_EXEC_LABEL";
 
 static const rules_t SM_ALLOWED_RULES = {
     { USER_APP_ID, "test_sm_book_8", "r" },
@@ -59,14 +75,36 @@ static const rules_t SM_DENIED_RULES = {
     { "test_sm_subject_7", USER_APP_ID, "rwx" }
 };
 
-static const char* SM_DENIED_PERMISSION1 = "security_manager_test_rules1";
-static const char* SM_DENIED_PERMISSION2 = "security_manager_test_rules2";
+static const char *const SM_PRIVATE_PATH = "/etc/smack/test_DIR/app_dir";
+static const char *const SM_PUBLIC_PATH = "/etc/smack/test_DIR/app_dir_public";
+static const char *const SM_PUBLIC_RO_PATH = "/etc/smack/test_DIR/app_dir_public_ro";
+static const char *const SM_DENIED_PATH = "/etc/smack/test_DIR/non_app_dir";
+static const char *const SM_PRIVATE_PATH_FOR_USER_5000 = "/home/app/securitytests/test_DIR";
+
+
+static bool isLinkToExec(const char *fpath, const struct stat *sb)
+{
+
+    struct stat buf;
+    char *target;
+    int ret;
+
+    // check if it's a link
+    if ( !S_ISLNK(sb->st_mode))
+        return false;
+
+    target = realpath(fpath, NULL);
+    RUNNER_ASSERT_MSG_BT(target != 0, "Could not obtain real path from link.");
 
-static const char* SM_PRIVATE_PATH = "/etc/smack/test_DIR/app_dir";
-static const char* SM_PUBLIC_PATH = "/etc/smack/test_DIR/app_dir_public";
-static const char* SM_PUBLIC_RO_PATH = "/etc/smack/test_DIR/app_dir_public_ro";
-static const char* SM_DENIED_PATH = "/etc/smack/test_DIR/non_app_dir";
+    ret = stat(target, &buf);
+    RUNNER_ASSERT_MSG_BT(ret == 0, "Could not obtain real path's stat from link.");
 
+    if (buf.st_mode != (buf.st_mode | S_IXUSR | S_IFREG))
+        return false;
+
+
+    return true;
+}
 
 static int nftw_check_sm_labels_app_dir(const char *fpath, const struct stat *sb,
                               const char* correctLabel, bool transmute_test, bool exec_test)
@@ -98,6 +136,20 @@ static int nftw_check_sm_labels_app_dir(const char *fpath, const struct stat *sb
         RUNNER_ASSERT_MSG_BT(label == NULL, "EXEC label on " << fpath << " is set");
 
 
+    /* LINK TO EXEC */
+    if (isLinkToExec(fpath, sb) && exec_test) {
+        char buf[SMACK_LABEL_LEN+1];
+        result = lgetxattr(fpath, XATTR_NAME_TIZENEXEC, buf, sizeof(buf));
+        RUNNER_ASSERT_MSG_BT(result != -1, "Could not get label for the path "
+                << fpath << "("<<strerror(errno)<<")");
+        buf[result]='\0';
+        result = strcmp(correctLabel, buf);
+        RUNNER_ASSERT_MSG_BT(result == 0, "Incorrect TIZEN_EXEC_LABEL attribute"
+                " on link to executable " << fpath);
+    }
+
+
+
     /* TRANSMUTE */
     result = smack_lgetlabel(fpath, &label, SMACK_LABEL_TRANSMUTE);
     RUNNER_ASSERT_MSG_BT(result == 0, "Could not get label for the path");
@@ -135,9 +187,6 @@ static int nftw_check_sm_labels_app_floor_dir(const char *fpath, const struct st
     return nftw_check_sm_labels_app_dir(fpath, sb, "_", false, false);
 }
 
-
-RUNNER_TEST_GROUP_INIT(SECURITY_MANAGER)
-
 static app_inst_req* do_app_inst_req_new()
 {
     int result;
@@ -167,6 +216,12 @@ static void prepare_app_path()
     RUNNER_ASSERT_MSG_BT(result == 0, "Unable to set Smack labels in " << SM_DENIED_PATH);
 }
 
+static void prepare_app_env()
+{
+    prepare_app_path();
+}
+
+/* TODO: add parameters to this function */
 static void check_app_path_after_install()
 {
     int result;
@@ -184,60 +239,171 @@ static void check_app_path_after_install()
     RUNNER_ASSERT_MSG_BT(result == 0, "Unable to check Smack labels for " << SM_DENIED_PATH);
 }
 
-static void check_app_permission_after_install()
+static void check_app_permissions(const char *const app_id, const char *const pkg_id,
+                                  const privileges_t &allowed_privs, const privileges_t &denied_privs,
+                                  const rules_t &allowed_rules, const rules_t &denied_rules)
 {
     bool result;
 
-    result = check_all_accesses(smack_check(), SM_ALLOWED_RULES);
+    result = check_all_accesses(smack_check(), allowed_rules);
     RUNNER_ASSERT_MSG_BT(result, "Permissions not added.");
-    result = check_no_accesses(smack_check(), SM_DENIED_RULES);
+    result = check_no_accesses(smack_check(), denied_rules);
     RUNNER_ASSERT_MSG_BT(result, "Permissions added.");
 
-    check_perm_app_has_permission(USER_APP_ID, SM_ALLOWED_PERMISSION1, true);
-    check_perm_app_has_permission(USER_APP_ID, SM_ALLOWED_PERMISSION2, true);
-    check_perm_app_has_permission(USER_APP_ID, SM_DENIED_PERMISSION1, false);
-    check_perm_app_has_permission(USER_APP_ID, SM_DENIED_PERMISSION2, false);
+    /* TODO: USER_APP_ID is hardcoded in the following checks, because libprivilege always generate
+     *       label "User" for all installed apps. Adjust it when libprivilege is upgraded. */
+    (void)app_id; // unused parameter
+    (void)pkg_id; // unused parameter
+
+    for (auto it = allowed_privs.begin(); it != allowed_privs.end(); ++it)
+        check_perm_app_has_permission(USER_APP_ID, (*it).c_str(), true);
+
+    for (auto it = denied_privs.begin(); it != denied_privs.end(); ++it)
+        check_perm_app_has_permission(USER_APP_ID, (*it).c_str(), false);
 }
 
-static void prepare_app_env()
+static void check_app_after_install(const char *const app_id, const char *const pkg_id,
+                                    const privileges_t &allowed_privs, const privileges_t &denied_privs,
+                                    const rules_t &allowed_rules, const rules_t &denied_rules)
 {
-    prepare_app_path();
+    TestSecurityManagerDatabase dbtest;
+    dbtest.test_db_after__app_install(app_id, pkg_id, allowed_privs);
+    dbtest.check_privileges_removed(app_id, pkg_id, denied_privs);
+
+    check_app_permissions(app_id, pkg_id,
+                          allowed_privs, denied_privs,
+                          allowed_rules, denied_rules);
 }
 
-static void check_app_env_after_install()
+static void check_app_after_install(const char *const app_id, const char *const pkg_id)
 {
-    check_app_path_after_install();
-    check_app_permission_after_install();
+    TestSecurityManagerDatabase dbtest;
+    dbtest.test_db_after__app_install(app_id, pkg_id);
+}
+
+static void check_app_after_uninstall(const char *const app_id, const char *const pkg_id,
+                                      const privileges_t &privileges, const bool is_pkg_removed)
+{
+    TestSecurityManagerDatabase dbtest;
+    dbtest.test_db_after__app_uninstall(app_id, pkg_id, privileges, is_pkg_removed);
 }
 
-RUNNER_TEST(security_manager_01_app_install_unsinstall)
+static void check_app_after_uninstall(const char *const app_id, const char *const pkg_id,
+                                      const bool is_pkg_removed)
+{
+    TestSecurityManagerDatabase dbtest;
+    dbtest.test_db_after__app_uninstall(app_id, pkg_id, is_pkg_removed);
+}
+
+static void install_app(const char *app_id, const char *pkg_id)
 {
     int result;
     AppInstReqUniquePtr request;
+    request.reset(do_app_inst_req_new());
 
-    prepare_app_env();
+    result = security_manager_app_inst_req_set_app_id(request.get(), app_id);
+    RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
+            "setting app id failed. Result: " << result);
+
+    result = security_manager_app_inst_req_set_pkg_id(request.get(), pkg_id);
+    RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
+            "setting pkg id failed. Result: " << result);
+
+    result = security_manager_app_install(request.get());
+    RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
+            "installing app failed. Result: " << result);
+
+    check_app_after_install(app_id, pkg_id);
+
+}
+
+static void uninstall_app(const char *app_id, const char *pkg_id,
+        bool expect_installed, bool expect_pkg_removed)
+{
+    int result;
+    AppInstReqUniquePtr request;
+    request.reset(do_app_inst_req_new());
+
+    result = security_manager_app_inst_req_set_app_id(request.get(), app_id);
+    RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
+          "setting app id failed. Result: " << result);
+
+    result = security_manager_app_uninstall(request.get());
+    RUNNER_ASSERT_MSG_BT(!expect_installed || (lib_retcode)result == SECURITY_MANAGER_SUCCESS,
+          "uninstalling app failed. Result: " << result);
+
+    check_app_after_uninstall(app_id, pkg_id, expect_pkg_removed);
+}
+
+
+RUNNER_TEST_GROUP_INIT(SECURITY_MANAGER)
+
+
+RUNNER_TEST(security_manager_01_app_double_install_double_uninstall)
+{
+    int result;
+    AppInstReqUniquePtr request;
 
     request.reset(do_app_inst_req_new());
 
-    result = security_manager_app_inst_req_set_app_id(request.get(), SM_APP_ID);
+    result = security_manager_app_inst_req_set_app_id(request.get(), SM_APP_ID1);
     RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
             "setting app id failed. Result: " << result);
 
-    result = security_manager_app_inst_req_set_pkg_id(request.get(), SM_PKG_ID);
+    result = security_manager_app_inst_req_set_pkg_id(request.get(), SM_PKG_ID1);
     RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
             "setting pkg id failed. Result: " << result);
 
-    result = security_manager_app_inst_req_add_allowed_user(request.get(), SM_ALLOWED_UID1);
+    result = security_manager_app_install(request.get());
     RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
-            "setting allowed user failed. Result: " << result);
-    result = security_manager_app_inst_req_add_allowed_user(request.get(), SM_ALLOWED_UID2);
+            "installing app failed. Result: " << result);
+
+    result = security_manager_app_install(request.get());
     RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
-            "setting allowed user failed. Result: " << result);
+            "installing already installed app failed. Result: " << result);
 
-    result = security_manager_app_inst_req_add_privilege(request.get(), SM_ALLOWED_PERMISSION1);
+    /* Check records in the security-manager database */
+    check_app_after_install(SM_APP_ID1, SM_PKG_ID1);
+
+    request.reset(do_app_inst_req_new());
+
+    result = security_manager_app_inst_req_set_app_id(request.get(), SM_APP_ID1);
+    RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
+            "setting app id failed. Result: " << result);
+
+    result = security_manager_app_uninstall(request.get());
+    RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
+            "uninstalling app failed. Result: " << result);
+
+    result = security_manager_app_uninstall(request.get());
+    RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
+            "uninstalling already uninstalled app failed. Result: " << result);
+
+    /* Check records in the security-manager database */
+    check_app_after_uninstall(SM_APP_ID1, SM_PKG_ID1, TestSecurityManagerDatabase::REMOVED);
+}
+
+RUNNER_TEST(security_manager_02_app_install_uninstall_full)
+{
+    int result;
+    AppInstReqUniquePtr request;
+
+    prepare_app_env();
+
+    request.reset(do_app_inst_req_new());
+
+    result = security_manager_app_inst_req_set_app_id(request.get(), SM_APP_ID2);
+    RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
+            "setting app id failed. Result: " << result);
+
+    result = security_manager_app_inst_req_set_pkg_id(request.get(), SM_PKG_ID2);
+    RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
+            "setting pkg id failed. Result: " << result);
+
+    result = security_manager_app_inst_req_add_privilege(request.get(), SM_ALLOWED_PRIVILEGES[0].c_str());
     RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
             "setting allowed permission failed. Result: " << result);
-    result = security_manager_app_inst_req_add_privilege(request.get(), SM_ALLOWED_PERMISSION2);
+    result = security_manager_app_inst_req_add_privilege(request.get(), SM_ALLOWED_PRIVILEGES[1].c_str());
     RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
             "setting allowed permission failed. Result: " << result);
 
@@ -260,11 +426,17 @@ RUNNER_TEST(security_manager_01_app_install_unsinstall)
     RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
             "installing app failed. Result: " << result);
 
-    check_app_env_after_install();
+    /* Check records in the security-manager database */
+    check_app_after_install(SM_APP_ID2, SM_PKG_ID2,
+                            SM_ALLOWED_PRIVILEGES, SM_DENIED_PRIVILEGES,
+                            SM_ALLOWED_RULES, SM_DENIED_RULES);
+
+    /* TODO: add parameters to this function */
+    check_app_path_after_install();
 
     request.reset(do_app_inst_req_new());
 
-    result = security_manager_app_inst_req_set_app_id(request.get(), SM_APP_ID);
+    result = security_manager_app_inst_req_set_app_id(request.get(), SM_APP_ID2);
     RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
             "setting app id failed. Result: " << result);
 
@@ -272,8 +444,170 @@ RUNNER_TEST(security_manager_01_app_install_unsinstall)
     RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
             "uninstalling app failed. Result: " << result);
 
+    /* Check records in the security-manager database,
+     * all previously allowed privileges should be removed */
+    check_app_after_uninstall(SM_APP_ID2, SM_PKG_ID2,
+                              SM_ALLOWED_PRIVILEGES, TestSecurityManagerDatabase::REMOVED);
+}
+
+RUNNER_CHILD_TEST_SMACK(security_manager_03_set_label_from_binary)
+{
+    const char *const testBinaryPath    = LABELLED_BINARY_PATH;
+    const char *const expectedLabel     = USER_APP_ID;
+    int result;
+    char *label = NULL;
+    CStringPtr labelPtr;
+
+    result = security_manager_set_process_label_from_binary(testBinaryPath);
+    RUNNER_ASSERT_MSG_BT(result == SECURITY_MANAGER_SUCCESS,
+            "security_manager_set_process_label_from_binary(" <<
+            testBinaryPath << ") failed. Result: " << result);
+
+    result = smack_new_label_from_self(&label);
+    RUNNER_ASSERT_MSG_BT(result >= 0,
+            " Error getting current process label");
+    RUNNER_ASSERT_MSG_BT(label != NULL,
+            " Process label is not set");
+    labelPtr.reset(label);
+
+    result = strcmp(expectedLabel, label);
+    RUNNER_ASSERT_MSG_BT(result == 0,
+            " Process label is incorrect. Expected: \"" << expectedLabel << "\" Actual: \""
+            << label << "\"");
+}
+
+RUNNER_CHILD_TEST_NOSMACK(security_manager_03_set_label_from_binary_nosmack)
+{
+    const char *const testBinaryPath = LABELLED_BINARY_PATH;
+    int result;
+
+    result = security_manager_set_process_label_from_binary(testBinaryPath);
+    RUNNER_ASSERT_MSG_BT(result == SECURITY_MANAGER_SUCCESS,
+            "security_manager_set_process_label_from_binary(" <<
+            testBinaryPath << ") failed. Result: " << result);
+}
+
+RUNNER_CHILD_TEST_SMACK(security_manager_04_set_label_from_appid)
+{
+    const char *const app_id = "sm_test_app_id_set_label_from_appid";
+    const char *const pkg_id = "sm_test_pkg_id_set_label_from_appid";
+    const char *const expected_label = USER_APP_ID;
+    char *label = NULL;
+    CStringPtr labelPtr;
+    int result;
+
+    uninstall_app(app_id, pkg_id, false, true);
+    install_app(app_id, pkg_id);
+
+    result = security_manager_set_process_label_from_appid(app_id);
+    RUNNER_ASSERT_MSG_BT(result == SECURITY_MANAGER_SUCCESS,
+            "security_manager_set_process_label_from_appid(" <<
+            app_id << ") failed. Result: " << result);
+
+    result = smack_new_label_from_self(&label);
+    RUNNER_ASSERT_MSG_BT(result >= 0,
+            " Error getting current process label");
+    RUNNER_ASSERT_MSG_BT(label != NULL,
+            " Process label is not set");
+    labelPtr.reset(label);
+
+    result = strcmp(expected_label, label);
+    RUNNER_ASSERT_MSG_BT(result == 0,
+            " Process label is incorrect. Expected: \"" << expected_label <<
+            "\" Actual: \"" << label << "\"");
+
+    uninstall_app(app_id, pkg_id, true, true);
+}
+
+RUNNER_CHILD_TEST_NOSMACK(security_manager_04_set_label_from_appid_nosmack)
+{
+    const char *const app_id = "sm_test_app_id_set_label_from_appid";
+    const char *const pkg_id = "sm_test_pkg_id_set_label_from_appid";
+    int result;
+
+    uninstall_app(app_id, pkg_id, false, true);
+    install_app(app_id, pkg_id);
+
+    result = security_manager_set_process_label_from_appid(app_id);
+    RUNNER_ASSERT_MSG_BT(result == SECURITY_MANAGER_SUCCESS,
+            "security_manager_set_process_label_from_appid(" <<
+            app_id << ") failed. Result: " << result);
+
+    uninstall_app(app_id, pkg_id, true, true);
 }
 
+
+
+static void prepare_request(AppInstReqUniquePtr &request,
+              const char *const app_id,
+              const char *const pkg_id,
+              app_install_path_type pathType,
+              const char *const path)
+{
+    int result;
+    request.reset(do_app_inst_req_new());
+
+    result = security_manager_app_inst_req_set_app_id(request.get(), app_id);
+    RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
+            "setting app id failed. Result: " << result);
+
+    result = security_manager_app_inst_req_set_pkg_id(request.get(), pkg_id);
+    RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
+            "setting pkg id failed. Result: " << result);
+
+    result = security_manager_app_inst_req_add_path(request.get(), path, pathType);
+    RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
+            "setting allowed path failed. Result: " << result);
+}
+
+
+
+RUNNER_CHILD_TEST(security_manager_05_app_install_uninstall_by_uid_5000)
+{
+    int result;
+    AppInstReqUniquePtr request;
+
+
+    //switch user to non-root
+    result = drop_root_privileges();
+    RUNNER_ASSERT_MSG_BT(result == 0, "drop_root_privileges failed");
+
+    //install app as non-root user and try to register public path (should fail)
+    prepare_request(request, SM_APP_ID3, SM_PKG_ID3, SECURITY_MANAGER_PATH_PUBLIC, SM_PRIVATE_PATH_FOR_USER_5000);
+
+    result = security_manager_app_install(request.get());
+    RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_ERROR_AUTHENTICATION_FAILED,
+            "installing app not failed. Result: " << result);
+
+    //install app as non-root user
+    //should fail (non-root users may only register folders inside their home)
+    prepare_request(request, SM_APP_ID3, SM_PKG_ID3, SECURITY_MANAGER_PATH_PRIVATE, SM_PRIVATE_PATH);
+
+    result = security_manager_app_install(request.get());
+    RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_ERROR_AUTHENTICATION_FAILED,
+            "installing app not failed. Result: " << result);
+
+    //install app as non-root user
+    //should succeed - this time i register folder inside user's home dir
+    prepare_request(request, SM_APP_ID3, SM_PKG_ID3, SECURITY_MANAGER_PATH_PRIVATE, SM_PRIVATE_PATH_FOR_USER_5000);
+
+    result = security_manager_app_install(request.get());
+    RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
+            "installing app failed. Result: " << result);
+
+    //uninstall app as non-root user
+    request.reset(do_app_inst_req_new());
+
+    result = security_manager_app_inst_req_set_app_id(request.get(), SM_APP_ID3);
+    RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
+            "setting app id failed. Result: " << result);
+
+    result = security_manager_app_uninstall(request.get());
+    RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
+            "uninstalling app failed. Result: " << result);
+}
+
+
 int main(int argc, char *argv[])
 {
     SummaryCollector::Register();