RUNNER_ASSERT_MSG(fs.tellg() > 0, "SMACK file empty, but privileges list was not empty.");
}
+void set_app_privilege_nosmack(int line_no,
+ const char* app_id, app_type_t app_type,
+ const char** privileges, const char* type,
+ const char* app_path, const char* dac_file,
+ const std::vector< std::vector<std::string> > &rules)
+{
+ check_app_installed(line_no, app_path);
+
+ int result;
+
+ result = perm_app_enable_permissions(app_id, app_type, privileges, 1);
+ RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS, "Line: " << line_no <<
+ " Error enabling app permissions. Result: " << result);
+
+ result = test_have_nosmack_accesses(rules);
+ RUNNER_ASSERT_MSG(result == -1, "Line: " << line_no <<
+ " Permissions shouldn't be added. Result: " << result);
+
+ result = perm_app_set_privilege(app_id, type, app_path);
+ RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS, "Line: " << line_no <<
+ " Error in perm_app_set_privilege. Error: " << result);
+
+ //Even though app privileges are set, no smack label should be extracted.
+ char* label = NULL;
+ result = smack_new_label_from_self(&label);
+ RUNNER_ASSERT_MSG(result == -1, "Line: " << line_no <<
+ " new_label_from_self should return error (SMACK is off). Result: " << result);
+ RUNNER_ASSERT_MSG(label == NULL, "Line: " << line_no <<
+ " new_label_from_self shouldn't allocate memory for label.");
+
+ check_groups(dac_file);
+}
+
/**
* NOSMACK version of privilege_control05_set_app_privilege test.
*
{
int result;
+ check_app_installed(__LINE__, APP_SET_PRIV_PATH);
+
//Preset exec label
smack_lsetlabel(APP_SET_PRIV_PATH_REAL, APP_ID, SMACK_LABEL_EXEC);
smack_lsetlabel(APP_SET_PRIV_PATH, APP_ID "_symlink", SMACK_LABEL_EXEC);
//Set app privileges
result = perm_app_set_privilege(APP_ID, NULL, APP_SET_PRIV_PATH);
RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS,
- "Error in perm_app_set_privilege. Result: " << result);
+ "Error in perm_app_set_privilege. Error: " << result);
//Even though app privileges are set, no smack label should be extracted.
char* label = NULL;
*/
RUNNER_CHILD_TEST_NOSMACK(privilege_control05_set_app_privilege_wgt_nosmack)
{
- int result;
-
- result = perm_app_enable_permissions(WGT_APP_ID, APP_TYPE_WGT, PRIVS_WGT, 1);
- RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS,
- " Error enabling app permissions. Result: " << result);
-
- result = test_have_nosmack_accesses(rules_wgt);
- RUNNER_ASSERT_MSG(result == -1, "Permissions shouldn't be added. Result: " << result);
-
- result = perm_app_set_privilege(WGT_APP_ID, "wgt", WGT_APP_PATH);
- RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS,
- "Error in perm_app_set_privilege. Result: " << result);
-
- //Even though app privileges are set, no smack label should be extracted.
- char* label = NULL;
- result = smack_new_label_from_self(&label);
- RUNNER_ASSERT_MSG(result == -1,
- "new_label_from_self should return error (SMACK is off). Result: " << result);
- RUNNER_ASSERT_MSG(label == NULL, "new_label_from_self shouldn't allocate memory for label.");
-
- check_groups(LIBPRIVILEGE_TEST_DAC_FILE_WGT);
+ set_app_privilege_nosmack(__LINE__, WGT_APP_ID, APP_TYPE_WGT, PRIVS_WGT, "wgt", WGT_APP_PATH,
+ LIBPRIVILEGE_TEST_DAC_FILE_WGT, rules_wgt);
}
/**
*/
RUNNER_CHILD_TEST_NOSMACK(privilege_control05_set_app_privilege_wgt_partner_nosmack)
{
- int result;
-
- result = perm_app_enable_permissions(WGT_PARTNER_APP_ID, APP_TYPE_WGT_PARTNER, PRIVS_WGT, 1);
- RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS,
- " Error enabling app permissions. Result: " << result);
-
- result = test_have_nosmack_accesses(rules_wgt_partner);
- RUNNER_ASSERT_MSG(result == -1, "Permissions shouldn't be added. Result: " << result);
-
- result = perm_app_set_privilege(WGT_PARTNER_APP_ID, "wgt_partner", WGT_PARTNER_APP_PATH);
- RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS,
- "Error in perm_app_set_privilege. Result: " << result);
-
- //Even though app privileges are set, no smack label should be extracted.
- char* label = NULL;
- result = smack_new_label_from_self(&label);
- RUNNER_ASSERT_MSG(result == -1,
- "new_label_from_self should return error (SMACK is off). Result: " << result);
- RUNNER_ASSERT_MSG(label == NULL, "new_label_from_self shouldn't allocate memory for label.");
-
- check_groups(LIBPRIVILEGE_TEST_DAC_FILE_WGT);
+ set_app_privilege_nosmack(__LINE__, WGT_PARTNER_APP_ID, APP_TYPE_WGT_PARTNER, PRIVS_WGT,
+ "wgt_partner", WGT_PARTNER_APP_PATH,
+ LIBPRIVILEGE_TEST_DAC_FILE_WGT, rules_wgt_partner);
}
/**
*/
RUNNER_CHILD_TEST_NOSMACK(privilege_control05_set_app_privilege_wgt_platform_nosmack)
{
- int result;
-
- result = perm_app_enable_permissions(WGT_PLATFORM_APP_ID, APP_TYPE_WGT_PLATFORM, PRIVS_WGT, 1);
- RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS,
- " Error enabling app permissions. Result: " << result);
-
- result = test_have_nosmack_accesses(rules_wgt_platform);
- RUNNER_ASSERT_MSG(result == -1, "Permissions shouldn't be added. Result: " << result);
-
- result = perm_app_set_privilege(WGT_PLATFORM_APP_ID, "wgt_platform", WGT_PLATFORM_APP_PATH);
- RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS,
- "Error in perm_app_set_privilege. Result: " << result);
-
- //Even though app privileges are set, no smack label should be extracted.
- char* label = NULL;
- result = smack_new_label_from_self(&label);
- RUNNER_ASSERT_MSG(result == -1,
- "new_label_from_self should return error (SMACK is off). Result: " << result);
- RUNNER_ASSERT_MSG(label == NULL, "new_label_from_self shouldn't allocate memory for label.");
-
- check_groups(LIBPRIVILEGE_TEST_DAC_FILE_WGT);
+ set_app_privilege_nosmack(__LINE__, WGT_PLATFORM_APP_ID, APP_TYPE_WGT_PLATFORM, PRIVS_WGT,
+ "wgt_platform", WGT_PLATFORM_APP_PATH,
+ LIBPRIVILEGE_TEST_DAC_FILE_WGT, rules_wgt_platform);
}
/**
*/
RUNNER_CHILD_TEST_NOSMACK(privilege_control05_set_app_privilege_osp_nosmack)
{
- int result;
-
- result = perm_app_enable_permissions(OSP_APP_ID, APP_TYPE_OSP, PRIVS_OSP, 1);
- RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS,
- " Error enabling app permissions. Result: " << result);
-
- result = test_have_nosmack_accesses(rules_osp);
- RUNNER_ASSERT_MSG(result == -1, "Permissions shouldn't be added. Result: " << result);
-
- result = perm_app_set_privilege(OSP_APP_ID, NULL, OSP_APP_PATH);
- RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS,
- "Error in perm_app_set_privilege. Result: " << result);
-
- //Even though app privileges are set, no smack label should be extracted.
- char* label = NULL;
- result = smack_new_label_from_self(&label);
- RUNNER_ASSERT_MSG(result == -1,
- "new_label_from_self should return error (SMACK is off). Result: " << result);
- RUNNER_ASSERT_MSG(label == NULL, "new_label_from_self shouldn't allocate memory for label.");
-
- check_groups(LIBPRIVILEGE_TEST_DAC_FILE_OSP);
+ set_app_privilege_nosmack(__LINE__, OSP_APP_ID, APP_TYPE_OSP, PRIVS_OSP, NULL, OSP_APP_PATH,
+ LIBPRIVILEGE_TEST_DAC_FILE_OSP, rules_osp);
}
/**
*/
RUNNER_CHILD_TEST_NOSMACK(privilege_control05_set_app_privilege_osp_partner_nosmack)
{
- int result;
-
- result = perm_app_enable_permissions(OSP_PARTNER_APP_ID, APP_TYPE_OSP_PARTNER, PRIVS_OSP, 1);
- RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS,
- "Error enabling app permissions. Result: " << result);
-
- result = test_have_nosmack_accesses(rules_osp_partner);
- RUNNER_ASSERT_MSG(result == -1, "Permissions shouldn't be added.");
-
- result = perm_app_set_privilege(OSP_PARTNER_APP_ID, NULL, OSP_PARTNER_APP_PATH);
- RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS,
- "Error in perm_app_set_privilege. Result: " << result);
-
- //Even though app privileges are set, no smack label should be extracted.
- char* label = NULL;
- result = smack_new_label_from_self(&label);
- RUNNER_ASSERT_MSG(result == -1,
- "new_label_from_self should return error (SMACK is off). Result: " << result);
- RUNNER_ASSERT_MSG(label == NULL, "new_label_from_self shouldn't allocate memory for label.");
-
- check_groups(LIBPRIVILEGE_TEST_DAC_FILE_OSP);
+ set_app_privilege_nosmack(__LINE__, OSP_PARTNER_APP_ID, APP_TYPE_OSP_PARTNER, PRIVS_OSP,
+ NULL, OSP_PARTNER_APP_PATH, LIBPRIVILEGE_TEST_DAC_FILE_OSP, rules_osp_partner);
}
/**
*/
RUNNER_CHILD_TEST_NOSMACK(privilege_control05_set_app_privilege_osp_platform_nosmack)
{
- int result;
-
- result = perm_app_enable_permissions(OSP_PLATFORM_APP_ID, APP_TYPE_OSP_PLATFORM, PRIVS_OSP, 1);
- RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS,
- " Error enabling app permissions. Result: " << result);
-
- result = test_have_nosmack_accesses(rules_osp_platform);
- RUNNER_ASSERT_MSG(result == -1, "Permissions shouldn't be added. Result: " << result);
-
- result = perm_app_set_privilege(OSP_PLATFORM_APP_ID, NULL, OSP_PLATFORM_APP_PATH);
- RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS,
- "Error in perm_app_set_privilege. Result: " << result);
-
- //Even though app privileges are set, no smack label should be extracted.
- char* label = NULL;
- result = smack_new_label_from_self(&label);
- RUNNER_ASSERT_MSG(result == -1,
- "new_label_from_self should return error (SMACK is off). Result: " << result);
- RUNNER_ASSERT_MSG(label == NULL, "new_label_from_self shouldn't allocate memory for label.");
-
- check_groups(LIBPRIVILEGE_TEST_DAC_FILE_OSP);
+ set_app_privilege_nosmack(__LINE__, OSP_PLATFORM_APP_ID, APP_TYPE_OSP_PLATFORM, PRIVS_OSP,
+ NULL, OSP_PLATFORM_APP_PATH,
+ LIBPRIVILEGE_TEST_DAC_FILE_OSP, rules_osp_platform);
}
/*