return "User::Pkg::" + pkgId;
}
+std::string generatePathROLabel(const std::string &pkgId)
+{
+ return generatePathRWLabel(pkgId) + "::RO";
+}
+
+std::string getPublicPathLabel()
+{
+ return "User::Home";
+}
+
static std::string genPath(int app_num, const char *postfix) {
char buf[16];
sprintf(buf, "%02d", app_num);
void check_app_permissions(const char *const app_id, const char *const pkg_id,
const char *const user, const privileges_t &allowed_privs,
- const privileges_t &denied_privs)
+ const privileges_t &denied_privs, bool isHybrid)
{
(void) pkg_id;
- std::string smackLabel = generateProcessLabel(app_id, pkg_id);
+ std::string smackLabel = generateProcessLabel(app_id, pkg_id, isHybrid);
CynaraTestClient::Client ctc;
void check_app_after_install(const char *const app_id, const char *const pkg_id,
const privileges_t &allowed_privs,
const privileges_t &denied_privs,
- const std::vector<std::string> &allowed_groups)
+ const std::vector<std::string> &allowed_groups,
+ bool isHybrid)
{
TestSecurityManagerDatabase dbtest;
dbtest.test_db_after__app_install(app_id, pkg_id);
/*Privileges should be granted to all users if root installs app*/
- check_app_permissions(app_id, pkg_id, ANY_USER_REPRESENTATION, allowed_privs, denied_privs);
+ check_app_permissions(app_id, pkg_id, ANY_USER_REPRESENTATION, allowed_privs, denied_privs, isHybrid);
/* Setup mapping of gids to privileges */
/* Do this for each privilege for extra check */
}
void check_app_after_uninstall(const char *const app_id, const char *const pkg_id,
- const privileges_t &privileges, const bool is_pkg_removed)
+ const privileges_t &privileges, const bool is_pkg_removed,
+ bool isHybrid)
{
TestSecurityManagerDatabase dbtest;
dbtest.test_db_after__app_uninstall(app_id, pkg_id, is_pkg_removed);
/*Privileges should not be granted anymore to any user*/
- check_app_permissions(app_id, pkg_id, ANY_USER_REPRESENTATION, SM_NO_PRIVILEGES, privileges);
+ check_app_permissions(app_id, pkg_id, ANY_USER_REPRESENTATION, SM_NO_PRIVILEGES, privileges, isHybrid);
}
std::string access_opposite(std::string &access) {
std::string generateProcessLabel(const std::string &appId, const std::string &pkgId, bool isHybrid = false);
std::string generatePathRWLabel(const std::string &pkgId);
+std::string generatePathROLabel(const std::string &pkgId);
+std::string getPublicPathLabel();
std::string genRWPath(int app_num);
std::string genROPath(int app_num);
std::string genPublicROPath(int app_num);
int /*typeflag*/, struct FTW* /*ftwbuf*/);
void check_app_permissions(const char *const app_id, const char *const pkg_id,
const char *const user, const privileges_t &allowed_privs,
- const privileges_t &denied_privs);
+ const privileges_t &denied_privs, bool isHybrid = false);
void check_app_after_install(const char *const app_id, const char *const pkg_id);
void check_app_after_install(const char *const app_id, const char *const pkg_id,
const privileges_t &allowed_privs,
const privileges_t &denied_privs,
- const std::vector<std::string> &allowed_groups);
+ const std::vector<std::string> &allowed_groups,
+ bool isHybrid = false);
void check_path(const std::string &path, const std::string &label);
void check_app_path_after_install(int app_num, const char *pkgId, bool others_enabled=false);
void check_app_after_uninstall(const char *const app_id, const char *const pkg_id,
const bool is_pkg_removed);
void check_app_after_uninstall(const char *const app_id, const char *const pkg_id,
- const privileges_t &privileges, const bool is_pkg_removed);
+ const privileges_t &privileges, const bool is_pkg_removed,
+ bool isHybrid = false);
std::string access_opposite(std::string &access);
void check_exact_smack_accesses(const std::string &subject,