static const std::string PRIVILEGE_MANAGER_APP = "privilege_manager";
static const std::string PRIVILEGE_MANAGER_PKG = "privilege_manager";
-static const std::string PRIVILEGE_MANAGER_SELF_PRIVILEGE = "http://tizen.org/privilege/systemsettings";
-static const std::string PRIVILEGE_MANAGER_ADMIN_PRIVILEGE = "http://tizen.org/privilege/systemsettings.admin";
+static const std::string PRIVILEGE_MANAGER_SELF_PRIVILEGE = "http://tizen.org/privilege/notexist";
+static const std::string PRIVILEGE_MANAGER_ADMIN_PRIVILEGE = "http://tizen.org/privilege/internal/usermanagement";
static const std::vector<std::string> MANY_APPS = {
"security_manager_10_app_1",
}
};
+class ScopedProcessLabel {
+public:
+ ScopedProcessLabel() {
+ smack_new_label_from_self(&label);
+ }
+
+ ~ScopedProcessLabel() {
+ smack_set_label_for_self(label);
+ free(label);
+ }
+
+private:
+ char *label;
+};
+
static std::string generateAppLabel(const std::string &appId)
{
return "User::App::" + appId;
RUNNER_ASSERT_ERRNO_MSG(result == 0,
"Can't set socket label. Result: " << result);
- Api::setProcessLabel(app_id);
-
- result = smack_new_label_from_file(*sockPtr, XATTR_NAME_SMACKIPIN, &label);
- RUNNER_ASSERT_ERRNO_MSG(result != -1, "smack_new_label_from_file failed: " << label);
- labelPtr.reset(label);
- result = expected_label.compare(label);
- RUNNER_ASSERT_MSG(result == 0, "Socket label is incorrect. Expected: " <<
- expected_label << " Actual: " << label);
-
- result = smack_new_label_from_file(*sockPtr, XATTR_NAME_SMACKIPOUT, &label);
- RUNNER_ASSERT_ERRNO_MSG(result != -1, "smack_new_label_from_file failed: " << label);
- labelPtr.reset(label);
- result = expected_label.compare(label);
- RUNNER_ASSERT_MSG(result == 0, "Socket label is incorrect. Expected: " <<
- expected_label << " Actual: " << label);
-
- result = smack_new_label_from_self(&label);
- RUNNER_ASSERT_MSG(result >= 0,
- " Error getting current process label");
- RUNNER_ASSERT_MSG(label != nullptr,
- " Process label is not set");
- labelPtr.reset(label);
-
- result = expected_label.compare(label);
- RUNNER_ASSERT_MSG(result == 0,
- " Process label is incorrect. Expected: \"" << expected_label <<
- "\" Actual: \"" << label << "\"");
+ {
+ ScopedProcessLabel keepLabel;
+ Api::setProcessLabel(app_id);
+
+ result = smack_new_label_from_file(*sockPtr, XATTR_NAME_SMACKIPIN, &label);
+ RUNNER_ASSERT_ERRNO_MSG(result != -1, "smack_new_label_from_file failed: " << label);
+ labelPtr.reset(label);
+ result = expected_label.compare(label);
+ RUNNER_ASSERT_MSG(result == 0, "Socket label is incorrect. Expected: " <<
+ expected_label << " Actual: " << label);
+
+ result = smack_new_label_from_file(*sockPtr, XATTR_NAME_SMACKIPOUT, &label);
+ RUNNER_ASSERT_ERRNO_MSG(result != -1, "smack_new_label_from_file failed: " << label);
+ labelPtr.reset(label);
+ result = expected_label.compare(label);
+ RUNNER_ASSERT_MSG(result == 0, "Socket label is incorrect. Expected: " <<
+ expected_label << " Actual: " << label);
+
+ result = smack_new_label_from_self(&label);
+ RUNNER_ASSERT_MSG(result >= 0,
+ " Error getting current process label");
+ RUNNER_ASSERT_MSG(label != nullptr,
+ " Process label is not set");
+ labelPtr.reset(label);
+
+ result = expected_label.compare(label);
+ RUNNER_ASSERT_MSG(result == 0,
+ " Process label is incorrect. Expected: \"" << expected_label <<
+ "\" Actual: \"" << label << "\"");
+ }
uninstall_app(app_id, pkg_id, true);
}
uninstall_app(app_id, pkg_id, true);
install_app(app_id, pkg_id);
- Api::setProcessLabel(app_id);
+ {
+ ScopedProcessLabel keepLabel;
+ Api::setProcessLabel(app_id);
+ }
uninstall_app(app_id, pkg_id, true);
}
const std::string username("sm_test_15_username");
PolicyRequest addPolicyRequest;
CynaraTestAdmin::Admin admin;
+ ScopedProcessLabel keepLabel;
struct message {
uid_t uid;
const std::string username("sm_test_15_username");
PolicyRequest addPolicyRequest;
CynaraTestAdmin::Admin admin;
+ ScopedProcessLabel keepLabel;
struct message {
uid_t uid;
const std::string username("sm_test_15_username");
PolicyRequest addPolicyRequest;
CynaraTestAdmin::Admin admin;
+ ScopedProcessLabel keepLabel;
struct message {
uid_t uid;
int pipefd2[2];
pid_t pid;
int result = 0;
+ ScopedProcessLabel keepLabel;
RUNNER_ASSERT_MSG((pipe(pipefd) != -1),"pipe failed");
RUNNER_ASSERT_MSG((pipe(pipefd2) != -1),"second pipe failed");
int pipefd[2];
pid_t pid;
int result = 0;
+ ScopedProcessLabel keepLabel;
RUNNER_ASSERT_MSG((pipe(pipefd) != -1),"pipe failed");
unsigned int privileges_count = 0;
- register_current_process_as_privilege_manager(user.getUid(), false);
- //the above call, registers 1 new privilege for the given user, hence the incrementation of below variable
- ++privileges_count;
-
for(unsigned int i = 0; i < MANY_APPS.size(); ++i) {
InstallRequest requestInst;
requestInst.setAppId(MANY_APPS[i].c_str());
privileges_count += MANY_APPS_PRIVILEGES.at(i).size();
};
+ register_current_process_as_privilege_manager(user.getUid(), false);
+ //the above call, registers 1 new privilege for the given user, hence the incrementation of below variable
+ ++privileges_count;
+
//send info to child
msg.uid = user.getUid();
msg.gid = user.getGid();
} msg;
privileges_t admin_required_privs = {
- "http://tizen.org/privilege/systemsettings.admin",
- "http://tizen.org/privilege/systemsettings"};
+ PRIVILEGE_MANAGER_SELF_PRIVILEGE,
+ PRIVILEGE_MANAGER_ADMIN_PRIVILEGE};
privileges_t manifest_privs = {
"http://tizen.org/privilege/internet",
"http://tizen.org/privilege/camera"};
projects / platform / core / test / security-tests.git / commitdiff