}
}
-RUNNER_TEST_GROUP_INIT(SECURIT_MANAGER_TRUSTED_SHARING)
+RUNNER_TEST_GROUP_INIT(SECURITY_MANAGER_TRUSTED_SHARING)
+
+RUNNER_TEST(security_manager_35_share_uninstall_target) {
+ std::vector<AppInstallHelper> helper {{"app30a"}, {"app30b"}};
+ auto &owner = helper[0];
+ auto &target = helper[1];
+
+ for (auto &e : helper) {
+ e.revokeRules();
+ e.createInstallDir();
+ }
+
+ owner.createPrivateDir();
+ owner.createSharedFile();
+
+ InstallRequest ownerReq;
+ ownerReq.setAppId(owner.getAppId());
+ ownerReq.setPkgId(owner.getPkgId());
+ ownerReq.addPath(owner.getSharedPath(), SECURITY_MANAGER_PATH_RW);
+ int result = nftw(owner.getInstallDir().c_str(), &nftw_remove_labels, FTW_MAX_FDS, FTW_PHYS);
+ RUNNER_ASSERT_MSG(result == 0, "Unable to remove Smack labels in " << owner.getInstallDir());
+ Api::install(ownerReq);
+
+ InstallRequest targetReq;
+ targetReq.setAppId(target.getAppId());
+ targetReq.setPkgId(target.getAppId());
+ Api::install(targetReq);
+
+ SharingRequest share1;
+ std::string sharedPath = owner.getSharedPath();
+ share1.setOwnerAppId(owner.getAppId());
+ share1.setTargetAppId(target.getAppId());
+ const char *path[] = {sharedPath.c_str()};
+ share1.addPaths(path, 1);
+ Api::applySharing(share1);
+
+ TestSecurityManagerDatabase db;
+ std::string pathLabel1 = db.get_path_label(sharedPath.c_str());
+ RUNNER_ASSERT_MSG(!pathLabel1.empty(), "Couldn't fetch path label from database for file " << sharedPath);
+
+ check_system_access(pathLabel1);
+ check_owner_access(owner.generateAppLabel(), pathLabel1);
+ check_target_access(owner.generatePkgLabel(), target.generateAppLabel(), pathLabel1);
+ check_path_label(sharedPath, pathLabel1);
+
+ Api::uninstall(targetReq);
+
+ check_system_access(pathLabel1, false);
+ check_owner_access(owner.generateAppLabel(), pathLabel1, false);
+ check_target_access(owner.generatePkgLabel(), target.generateAppLabel(), pathLabel1, false, false);
+ check_path_label(sharedPath, owner.generatePkgLabel());
+
+ Api::dropSharing(share1, SECURITY_MANAGER_ERROR_APP_UNKNOWN);
+ Api::uninstall(ownerReq);
+}
+
+RUNNER_TEST(security_manager_35_share_uninstall_owner) {
+ std::vector<AppInstallHelper> helper {{"app30a"}, {"app30b"}};
+ auto &owner = helper[0];
+ auto &target = helper[1];
+
+ for (auto &e : helper) {
+ e.revokeRules();
+ e.createInstallDir();
+ }
+
+ owner.createPrivateDir();
+ owner.createSharedFile();
+
+ InstallRequest ownerReq;
+ ownerReq.setAppId(owner.getAppId());
+ ownerReq.setPkgId(owner.getPkgId());
+ ownerReq.addPath(owner.getSharedPath(), SECURITY_MANAGER_PATH_RW);
+ int result = nftw(owner.getInstallDir().c_str(), &nftw_remove_labels, FTW_MAX_FDS, FTW_PHYS);
+ RUNNER_ASSERT_MSG(result == 0, "Unable to remove Smack labels in " << owner.getInstallDir());
+ Api::install(ownerReq);
+
+ InstallRequest targetReq;
+ targetReq.setAppId(target.getAppId());
+ targetReq.setPkgId(target.getAppId());
+ Api::install(targetReq);
+
+ SharingRequest share1;
+ std::string sharedPath = owner.getSharedPath();
+ share1.setOwnerAppId(owner.getAppId());
+ share1.setTargetAppId(target.getAppId());
+ const char *path[] = {sharedPath.c_str()};
+ share1.addPaths(path, 1);
+ Api::applySharing(share1);
+
+ TestSecurityManagerDatabase db;
+ std::string pathLabel1 = db.get_path_label(sharedPath.c_str());
+ RUNNER_ASSERT_MSG(!pathLabel1.empty(), "Couldn't fetch path label from database for file " << sharedPath);
+
+ check_system_access(pathLabel1);
+ check_owner_access(owner.generateAppLabel(), pathLabel1);
+ check_target_access(owner.generatePkgLabel(), target.generateAppLabel(), pathLabel1);
+ check_path_label(sharedPath, pathLabel1);
+
+ Api::uninstall(ownerReq);
+
+ check_system_access(pathLabel1, false);
+ check_owner_access(owner.generateAppLabel(), pathLabel1, false);
+ check_target_access(owner.generatePkgLabel(), target.generateAppLabel(), pathLabel1, false, false);
+
+ Api::dropSharing(share1, SECURITY_MANAGER_ERROR_APP_UNKNOWN);
+ Api::uninstall(targetReq);
+}
RUNNER_TEST(security_manager_40_set_wrong_author_id)
{