#include <stdio.h>
#include <vector>
#include <errno.h>
-
-
#include <dpl/test/test_runner.h>
#include <dpl/log/log.h>
-
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/mman.h>
#include <sys/xattr.h>
#include <sys/smack.h>
-
#include <privilege-control.h>
#define APPID_ADD "test_APP_ID_add"
#define APPID_REVOKE "test_APP_ID_revoke"
#define APPID_DIR "test_APP_ID_dir"
+
+#define APP_SET_PRIV "test_APP"
+#define APP_SET_PRIV_PATH "/etc/smack/test_privilege_control_DIR/test_set_app_privilege/test_APP"
+
const char *PRIVS[] = { "WRT", "test_privilege_control_rules", NULL };
+#define APP_GID 5000
+#define APP_UID 5000
+#define APP_USER_NAME "app"
+#define APP_HOME_DIR "/opt/home/app"
+
+
// Rules from test_privilege_control_rules.smack
const std::vector< std::vector<std::string> > rulesAdd = {
{ APPID_ADD, "test_book_1", "r" },
if (pFile != NULL)
fclose(pFile);
}
+
+/**
+ * Set APP privileges.
+ */
+RUNNER_TEST(privilege_control_set_app_privilege)
+{
+ int result;
+ char* labelApp = "test_pc_label";
+
+ // Preset exec label
+ smack_setlabel(APP_SET_PRIV_PATH,labelApp, SMACK_LABEL_EXEC);
+
+ // Set APP privileges
+ result = set_app_privilege(APP_SET_PRIV, NULL, APP_SET_PRIV_PATH);
+ RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS, "Error in set_app_privilege. Error: " << result);
+
+ // Check if SMACK label really set
+ char * label;
+ result = smack_new_label_from_self(&label);
+ RUNNER_ASSERT_MSG(result == 0, "Error setting label for exec" << result);
+ result = strcmp(labelApp, label);
+ RUNNER_ASSERT_MSG(result == 0, "Label NOT set");
+
+ // Check if DAC privileges really set
+ RUNNER_ASSERT_MSG(getuid() == APP_UID, "Wrong UID");
+ RUNNER_ASSERT_MSG(getgid() == APP_GID, "Wrong GID");
+
+ result = strcmp(getenv("HOME"), APP_HOME_DIR);
+ RUNNER_ASSERT_MSG(result == 0, "Wrong HOME DIR");
+
+ result = strcmp(getenv("USER"), APP_USER_NAME);
+ RUNNER_ASSERT_MSG(result == 0, "Wrong user USER NAME");
+}
+