Added libprivilege-control set_app_privilege tests.

[Issue] N/A
[Bug] N/A
[Cause] N/A
[Solution] N/A
[Verification] Build, run tests: security-tests.sh pc --output=text

Change-Id: I2bc6ed25e250d0f54d1939683b2f11c6017d927f

diff --git a/tests/libprivilege-control-tests/CMakeLists.txt b/tests/libprivilege-control-tests/CMakeLists.txt
index c30ff46..58056a4 100644 (file)
--- a/tests/libprivilege-control-tests/CMakeLists.txt
+++ b/tests/libprivilege-control-tests/CMakeLists.txt
@@ -86,6 +86,9 @@ FILE(WRITE          ${PROJECT_SOURCE_DIR}/test_privilege_control_DIR/A/.test_fil
 FILE(WRITE          ${PROJECT_SOURCE_DIR}/test_privilege_control_DIR/A/.test_file " ")
 FILE(WRITE          ${PROJECT_SOURCE_DIR}/test_privilege_control_DIR/A/B/test_file " ")
 
+FILE(MAKE_DIRECTORY ${PROJECT_SOURCE_DIR}/test_privilege_control_DIR/test_set_app_privilege)
+FILE(WRITE          ${PROJECT_SOURCE_DIR}/test_privilege_control_DIR/test_set_app_privilege/test_APP " ")
+
 INSTALL(DIRECTORY
     ${PROJECT_SOURCE_DIR}/test_privilege_control_DIR
     DESTINATION /etc/smack/

diff --git a/tests/libprivilege-control-tests/test_cases.cpp b/tests/libprivilege-control-tests/test_cases.cpp
index 1b727e0..a9a448e 100644 (file)
--- a/tests/libprivilege-control-tests/test_cases.cpp
+++ b/tests/libprivilege-control-tests/test_cases.cpp
@@ -26,17 +26,13 @@
 #include <stdio.h>
 #include <vector>
 #include <errno.h>
-
-
 #include <dpl/test/test_runner.h>
 #include <dpl/log/log.h>
-
 #include <sys/types.h>
 #include <sys/stat.h>
 #include <sys/mman.h>
 #include <sys/xattr.h>
 #include <sys/smack.h>
-
 #include <privilege-control.h>
 
 
@@ -45,8 +41,18 @@
 #define APPID_ADD  "test_APP_ID_add"
 #define APPID_REVOKE  "test_APP_ID_revoke"
 #define APPID_DIR  "test_APP_ID_dir"
+
+#define APP_SET_PRIV  "test_APP"
+#define APP_SET_PRIV_PATH "/etc/smack/test_privilege_control_DIR/test_set_app_privilege/test_APP"
+
 const char *PRIVS[] = { "WRT", "test_privilege_control_rules", NULL };
 
+#define APP_GID 5000
+#define APP_UID 5000
+#define APP_USER_NAME "app"
+#define APP_HOME_DIR "/opt/home/app"
+
+
 // Rules from test_privilege_control_rules.smack
 const std::vector< std::vector<std::string> > rulesAdd = {
         { APPID_ADD, "test_book_1", "r" },
@@ -218,3 +224,37 @@ RUNNER_TEST(privilege_control_revoke_permissions)
     if (pFile != NULL)
         fclose(pFile);
 }
+
+/**
+ * Set APP privileges.
+ */
+RUNNER_TEST(privilege_control_set_app_privilege)
+{
+    int result;
+    char* labelApp = "test_pc_label";
+
+    // Preset exec label
+    smack_setlabel(APP_SET_PRIV_PATH,labelApp, SMACK_LABEL_EXEC);
+
+    // Set APP privileges
+    result = set_app_privilege(APP_SET_PRIV, NULL, APP_SET_PRIV_PATH);
+    RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS, "Error in set_app_privilege. Error: " << result);
+
+    // Check if SMACK label really set
+    char * label;
+    result = smack_new_label_from_self(&label);
+    RUNNER_ASSERT_MSG(result == 0, "Error setting label for exec" << result);
+    result = strcmp(labelApp, label);
+    RUNNER_ASSERT_MSG(result == 0, "Label NOT set");
+
+    // Check if DAC privileges really set
+    RUNNER_ASSERT_MSG(getuid() == APP_UID, "Wrong UID");
+    RUNNER_ASSERT_MSG(getgid() == APP_GID, "Wrong GID");
+
+    result = strcmp(getenv("HOME"), APP_HOME_DIR);
+    RUNNER_ASSERT_MSG(result == 0, "Wrong HOME DIR");
+
+    result = strcmp(getenv("USER"), APP_USER_NAME);
+    RUNNER_ASSERT_MSG(result == 0, "Wrong user USER NAME");
+}
+