SM: Use PasswdAccess instead of pwdnam

Change-Id: I12db6dc0f48ac63a9d3d99b351ef6dd9b519e06f

diff --git a/src/common/passwd_access.cpp b/src/common/passwd_access.cpp
index 6f5554946763e595fc0a138cb3d6146fbdd95c10..ffa164dc6c063f4ad1c75cc77831e4483105941d 100644 (file)
--- a/src/common/passwd_access.cpp
+++ b/src/common/passwd_access.cpp
@@ -28,15 +28,27 @@
 
 #include "passwd_access.h"
 
-namespace PasswdAccess {
-    uid_t uid(const std::string &username) {
-        struct passwd *passwd = nullptr;
+namespace {
+    struct passwd *getPasswd(const std::string &username) {
+        struct passwd *info = nullptr;
         do {
             errno = 0;
-            passwd = getpwnam(username.c_str());
-        } while (passwd == nullptr && errno == EINTR);
-        RUNNER_ASSERT_ERRNO_MSG(passwd != nullptr, "Error in getpwnam(). Username: " << username);
-        return passwd->pw_uid;
+            info = getpwnam(username.c_str());
+        } while (info == nullptr && errno == EINTR);
+        RUNNER_ASSERT_ERRNO_MSG(info != nullptr, "Error in getpwnam(). Username: " << username);
+        return info;
+    }
+}
+
+namespace PasswdAccess {
+    uid_t uid(const std::string &username) {
+        return getPasswd(username)->pw_uid;
+    }
+
+    void allUser(const std::string &username, uid_t &uid, gid_t &gid) {
+        auto info = getPasswd(username);
+        uid = info->pw_uid;
+        gid = info->pw_gid;
     }
 
     gid_t gid(const std::string &groupname) {

diff --git a/src/common/passwd_access.h b/src/common/passwd_access.h
index 36388286723845ced8571083acd8dd1c3fc57555..74d1f0d15ba8157b05cdc53338e22f017dbb012d 100644 (file)
--- a/src/common/passwd_access.h
+++ b/src/common/passwd_access.h
@@ -28,6 +28,7 @@
 
 namespace PasswdAccess {
     uid_t uid(const std::string &username);
+    void allUser(const std::string &username, uid_t &uid, gid_t &gid) {
     gid_t gid(const std::string &groupname);
 } // namespace PasswdAccess
 

diff --git a/src/security-manager-tests/security_manager_tests.cpp b/src/security-manager-tests/security_manager_tests.cpp
index 21efcba93455570a896ffce0f8dd1dd524ca31e9..e19e33742effa0a68e0b66353cb81edd2f6815a8 100644 (file)
--- a/src/security-manager-tests/security_manager_tests.cpp
+++ b/src/security-manager-tests/security_manager_tests.cpp
@@ -44,7 +44,6 @@
 #include <grp.h>
 #include <pwd.h>
 
-#include <tzplatform_config.h>
 #include <security-manager.h>
 
 #include <access_provider.h>
@@ -152,28 +151,6 @@ static inline void register_current_process_as_privilege_manager(uid_t uid, bool
     Api::setProcessLabel(PRIVILEGE_MANAGER_APP.c_str());
 };
 
-static inline struct passwd *getUserStruct(const std::string &userName) {
-    struct passwd *pw = nullptr;
-    errno = 0;
-
-    while(!(pw = getpwnam(userName.c_str()))) {
-        RUNNER_ASSERT_ERRNO_MSG(errno == EINTR, "getpwnam() failed");
-    };
-
-    return pw;
-};
-
-static inline struct passwd *getUserStruct(const uid_t uid) {
-    struct passwd *pw = nullptr;
-    errno = 0;
-
-    while(!(pw = getpwuid(uid))) {
-        RUNNER_ASSERT_ERRNO_MSG(errno == EINTR, "getpwnam() failed");
-    };
-
-    return pw;
-};
-
 void check_exact_access(const std::string& subject, const std::string& object, const std::string& access)
 {
     // check access
@@ -237,8 +214,6 @@ void check_exact_smack_accesses(const std::string &subject, const std::string &o
     }
 }
 
-
-
 RUNNER_CHILD_TEST(security_manager_10_privacy_manager_fetch_whole_policy_for_self)
 {
     //TEST DATA
@@ -301,10 +276,11 @@ RUNNER_CHILD_TEST(security_manager_10_privacy_manager_fetch_whole_policy_for_sel
         pipe.claimChildEp();
         pipe.wait();
 
-        struct passwd *pw = getUserStruct(username);
-        std::string uidStr = std::to_string(pw->pw_uid);
-        register_current_process_as_privilege_manager(pw->pw_uid);
-        int result = drop_root_privileges(pw->pw_uid, pw->pw_gid);
+        uid_t uid; gid_t gid;
+        PasswdAccess::allUser(username, uid, gid);
+        std::string uidStr = std::to_string(uid);
+        register_current_process_as_privilege_manager(uid);
+        int result = drop_root_privileges(uid, gid);
         RUNNER_ASSERT_MSG(result == 0, "drop_root_privileges failed");
 
         std::vector<PolicyEntry> policyEntries;
@@ -409,13 +385,14 @@ RUNNER_CHILD_TEST(security_manager_11_privacy_manager_fetch_whole_policy_for_adm
         pipe.claimChildEp();
         pipe.wait();
 
-        struct passwd *pw = getUserStruct(usernames.at(0));
-        std::string uidStr = std::to_string(pw->pw_uid);
-        register_current_process_as_privilege_manager(pw->pw_uid);
+        uid_t uid; gid_t gid;
+        PasswdAccess::allUser(usernames.at(0), uid, gid);
+        std::string uidStr = std::to_string(uid);
+        register_current_process_as_privilege_manager(uid);
 
         //change uid to normal user
         errno = 0;
-        int result = drop_root_privileges(pw->pw_uid, pw->pw_gid);
+        int result = drop_root_privileges(uid, gid);
         RUNNER_ASSERT_MSG(result == 0, "drop_root_privileges failed");
 
         std::vector<PolicyEntry> policyEntries;
@@ -522,16 +499,16 @@ RUNNER_CHILD_TEST(security_manager_12_privacy_manager_fetch_whole_policy_for_adm
         pipe.claimChildEp();
         pipe.wait();
 
-        struct passwd *pw = getUserStruct(usernames.at(1));
-        uid_t myUid = pw->pw_uid;
-        gid_t myGid = pw->pw_gid;
-        std::string uidStr1 = std::to_string(myUid);
-        pw = getUserStruct(usernames.at(0));
-        std::string uidStr0 = std::to_string(pw->pw_uid);
-        register_current_process_as_privilege_manager(myUid, true);
+        uid_t normalUid;
+        gid_t normalGid;
+        PasswdAccess::allUser(usernames.at(1), normalUid, normalUid);
+        std::string normalUidStr = std::to_string(normalUid);
+        uid_t adminUid = PasswdAccess::uid(usernames.at(0));
+        std::string adminUidStr = std::to_string(adminUid);
+        register_current_process_as_privilege_manager(normalUid, true);
 
         //change uid to normal user
-        int result = drop_root_privileges(myUid, myGid);
+        int result = drop_root_privileges(normalUid, normalGid);
         RUNNER_ASSERT_MSG(result == 0, "drop_root_privileges failed");
 
 
@@ -550,9 +527,9 @@ RUNNER_CHILD_TEST(security_manager_12_privacy_manager_fetch_whole_policy_for_adm
             std::string app = policyEntry.getAppId();
             std::string privilege = policyEntry.getPrivilege();
 
-            RUNNER_ASSERT_MSG(user == uidStr0 || user == uidStr1, "Unexpected user: " << user);
+            RUNNER_ASSERT_MSG(user == normalUid || user == adminUid, "Unexpected user: " << user);
 
-            std::string uidStrToLook = user == uidStr0 ? usernames.at(0) : usernames.at(1);
+            std::string uidStrToLook = user == normalUid ? usernames.at(0) : usernames.at(1);
 
             try {
                 std::set<std::string>::iterator tmp = users2AppsMap.at(uidStrToLook).at(app).find(privilege);
@@ -604,11 +581,12 @@ RUNNER_CHILD_TEST(security_manager_13_privacy_manager_fetch_policy_after_update_
         sync[0].claimChildEp();
         sync[0].wait();
 
-        struct passwd *pw = getUserStruct(usernames.at(0));
-        register_current_process_as_privilege_manager(pw->pw_uid);
+        uid_t uid; gid_t gid;
+        PasswdAccess::allUser(usernames.at(0), uid, gid);
+        register_current_process_as_privilege_manager(uid);
 
         //change uid to normal user
-        int result = drop_root_privileges(pw->pw_uid, pw->pw_gid);
+        int result = drop_root_privileges(uid, gid);
         RUNNER_ASSERT_MSG(result == 0, "drop_root_privileges failed");
 
         PolicyEntry filter;
@@ -616,7 +594,7 @@ RUNNER_CHILD_TEST(security_manager_13_privacy_manager_fetch_policy_after_update_
 
         PolicyEntry policyEntry(
                 MANY_APPS[0],
-                std::to_string(pw->pw_uid),
+                std::to_string(uid),
                 "http://tizen.org/privilege/internet"
                 );
         policyEntry.setLevel("Deny");
@@ -624,7 +602,7 @@ RUNNER_CHILD_TEST(security_manager_13_privacy_manager_fetch_policy_after_update_
         policyRequest.addEntry(policyEntry);
         policyEntry = PolicyEntry(
                 MANY_APPS[1],
-                std::to_string(pw->pw_uid),
+                std::to_string(uid),
                 "http://tizen.org/privilege/display"
                 );
         policyEntry.setLevel("Deny");
@@ -641,11 +619,10 @@ RUNNER_CHILD_TEST(security_manager_13_privacy_manager_fetch_policy_after_update_
             sync[1].claimChildEp();
             sync[1].wait();
 
-            struct passwd *pw = getUserStruct(usernames.at(0));
-            uid_t target_uid = pw->pw_uid;
-            pw = getUserStruct(usernames.at(1));
-            uid_t my_uid = pw->pw_uid;
-            gid_t my_gid = pw->pw_gid;
+            uid_t target_uid = PasswdAccess::uid(usernames.at(0));
+            uid_t my_uid;
+            gid_t my_gid;
+            PasswdAccess::allUser(usernames.at(1), my_uid, my_gid);
 
             register_current_process_as_privilege_manager(my_uid);
 
@@ -795,11 +772,12 @@ RUNNER_CHILD_TEST(security_manager_14_privacy_manager_fetch_and_update_policy_fo
         pipe.claimChildEp();
         pipe.wait();
 
-        struct passwd *pw = getUserStruct(usernames.at(1));
-        register_current_process_as_privilege_manager(pw->pw_uid, true);
+        uid_t uid; gid_t gid;
+        PasswdAccess::allUser(usernames.at(1), uid, gid);
+        register_current_process_as_privilege_manager(uid, true);
 
         //change uid to normal user
-        int result = drop_root_privileges(pw->pw_uid, pw->pw_gid);
+        int result = drop_root_privileges(uid, gid);
         RUNNER_ASSERT_MSG(result == 0, "drop_root_privileges failed");
 
         PolicyRequest *policyRequest = new PolicyRequest();
@@ -3141,7 +3119,7 @@ public:
     }
 
     uid_t uid(void) const {
-        return tzplatform_getuid(TZ_SYS_GLOBALAPP_USER);
+        return TzPlatformConfig::getGlobalUserId();
     }
 
     gid_t gid(void) const {