Fixing libsmack tests.

[Issue#]        PSDAC-50
[Bug/Feature]   libsmack tests fail.
[Cause]         Access format does not allow additional characters.
                Default tests label is not "_".
[Solution]      Changing accesses to proper ones.
                Changing way of installing manifest file and adding exec labels
                for binaries.
[Verification]  Build, install and run libsmack tests. All should pass.

Change-Id: Ie31f43137c83a74d6c9a829bfecc828f8fff0e60

Conflicts:

	packaging/security-tests.spec

diff --git a/packaging/security-tests.manifest b/packaging/security-tests.manifest
index 86dbb26..3e5ea61 100644 (file)
--- a/packaging/security-tests.manifest
+++ b/packaging/security-tests.manifest
@@ -1,4 +1,20 @@
 <manifest>
+    <assign>
+        <filesystem path="/usr/bin/security-tests.sh" exec_label="_" />
+        <filesystem path="/usr/bin/security-tests-all.sh" exec_label="_" />
+
+        <filesystem path="/usr/bin/tests-summary.sh" exec_label="_" />
+        <filesystem path="/usr/bin/test-performance-check.sh" exec_label="_" />
+        <filesystem path="/usr/bin/perf" exec_label="_" />
+
+        <filesystem path="/usr/bin/libsmack-test" exec_label="_" />
+        <filesystem path="/usr/bin/libprivilege-control-test" exec_label="_" />
+        <filesystem path="/usr/bin/security-server-tests-client-smack" exec_label="_" />
+        <filesystem path="/usr/bin/security-server-tests-server" exec_label="_" />
+        <filesystem path="/usr/bin/security-server-tests-password" exec_label="_" />
+        <filesystem path="/usr/bin/security-server-tests-stress" exec_label="_" />
+        <filesystem path="/usr/bin/security-server-tests-dbus" exec_label="_" />
+    </assign>
     <request>
         <domain name="_" />
     </request>

diff --git a/packaging/security-tests.spec b/packaging/security-tests.spec
index c944bc0..c0a3c47 100644 (file)
--- a/packaging/security-tests.spec
+++ b/packaging/security-tests.spec
@@ -26,6 +26,7 @@ Security tests repository - for tests that can't be kept together with code.
 
 %prep
 %setup -q
+cp %{SOURCE1} .
 
 %build
 export LDFLAGS+="-Wl,--rpath=%{_prefix}/lib"
@@ -38,15 +39,9 @@ cmake . -DCMAKE_INSTALL_PREFIX=%{_prefix} \
 make %{?jobs:-j%jobs}
 
 %install
-rm -rf %{buildroot}
-mkdir -p %{buildroot}%{_datadir}
-cp -a %{SOURCE1} %{buildroot}%{_datadir}/%{name}.manifest
 %make_install
 ln -sf /etc/smack/test_smack_rules %{buildroot}/etc/smack/test_smack_rules_lnk
 
-%clean
-rm -rf %{buildroot}
-
 %post
 find /etc/smack/test_privilege_control_DIR/ -type f -name exec -exec chmod 0755 {} +
 
@@ -71,7 +66,7 @@ osp-installer -u j4RuPsZrNt
 osp-installer -u V5LKqDFBXm
 
 %files
-%manifest %{_datadir}/%{name}.manifest
+%manifest %{name}.manifest
 %defattr(-, root, root, -)
 /usr/bin/security-tests.sh
 /usr/bin/security-tests-all.sh

diff --git a/tests/libsmack-tests/test_cases.cpp b/tests/libsmack-tests/test_cases.cpp
index 23d0e74..8a02c3c 100644 (file)
--- a/tests/libsmack-tests/test_cases.cpp
+++ b/tests/libsmack-tests/test_cases.cpp
@@ -616,15 +616,14 @@ RUNNER_TEST_SMACK(smack02_aplying_rules_into_kernel)
 }
 
 //pairs of rules for test with mixed cases, different length and mixed order
-const char *rules_tab[] = {
-    "reader1",  "-",                "-----",
-    "reader2",  "--------",         "-----",
-    "reader3",  "RwXaT",            "rwxat",
-    "reader4",  "RrrXXXXTTT",       "r-x-t",
-    "reader5",  "-r-w-a-t",         "rw-at",
-    "reader6",  "",                 "-----",
-    "reader7",  "xa--Rt---W",       "rwxat",
-    "reader8",  "#Ax[T].!~W@1}",    "-wxat"
+std::vector< std::vector<std::string> > correct_rules = {
+    { "reader1",  "-",                "------" },
+    { "reader2",  "--------",         "------" },
+    { "reader3",  "RwXaTl",           "rwxatl" },
+    { "reader4",  "RrrXXXXTTT",       "r-x-t-" },
+    { "reader5",  "-r-w-a-t-",        "rw-at-" },
+    { "reader6",  "",                 "------" },
+    { "reader7",  "xa--Rt---W--L",    "rwxatl" },
 };
 
 RUNNER_TEST_SMACK(smack03_mixed_rule_string_add)
@@ -642,15 +641,18 @@ RUNNER_TEST_SMACK(smack03_mixed_rule_string_add)
 
     struct smack_accesses *rules = NULL;        //rules prepared in this test case
     int result;                                 //for storing functions results
-    int i;
     int expected;
 
     result = smack_accesses_new(&rules);        //rules struct init
     RUNNER_ASSERT_MSG_BT(result == 0, "Unable to create smack_accesses instance");
 
     //adding test rules with mixed string
-    for (i = 0; i < (3 * 8); i += 3) {
-        result = smack_accesses_add(rules, rules_tab[i], "book", rules_tab[i + 1]); //using mixed rules from table
+    for (auto rule=correct_rules.begin(); rule != correct_rules.end(); ++rule) {
+        //using mixed rules from table
+        result = smack_accesses_add(rules,
+                                    (*rule)[0].c_str(),
+                                    "book",
+                                    (*rule)[1].c_str());
         RUNNER_ASSERT_MSG_BT(result == 0, "Unable to add smack rules");
     }
 
@@ -664,12 +666,15 @@ RUNNER_TEST_SMACK(smack03_mixed_rule_string_add)
     RUNNER_ASSERT_MSG_BT(result == 0, "Unable to apply rules into kernel");
 
     //checking accesses using normal rules
-    for (i = 0; i < (3 * 8); i += 3) {
-        if (!strcmp(rules_tab[i + 2], "-----"))
+    for (auto rule=correct_rules.begin(); rule != correct_rules.end(); ++rule) {
+        if ((*rule)[2] == "------")
             expected = 0;
         else
             expected = 1;
-        result = smack_have_access(rules_tab[i], "book", rules_tab[i + 2]); //using normal rules from table
+        //using normal rules from table
+        result = smack_have_access((*rule)[0].c_str(),
+                                   "book",
+                                   (*rule)[2].c_str());
         RUNNER_ASSERT_MSG_BT(result == expected, "Error while checking Smack access");
     }
 
@@ -689,17 +694,19 @@ RUNNER_TEST_SMACK(smack04_mixed_rule_string_have_access)
     //In this test case we checking previous aplied rules but for compare mixed strings are used
 
     int result;
-    int i;
     int expected;
 
     //rules were added in previous RUNNER_TEST section
     //checking accesses using mixed rules
-    for (i = 0; i < (3 * 8); i += 3) {
-        if (!strcmp(rules_tab[i + 2], "-----"))
+    for (auto rule=correct_rules.begin(); rule != correct_rules.end(); ++rule) {
+        if ((*rule)[2] == "------")
             expected = 0;
         else
             expected = 1;
-        result = smack_have_access(rules_tab[i], "book", rules_tab[i + 1]); //using mixed rules from table
+        //using mixed rules from table
+        result = smack_have_access((*rule)[0].c_str(),
+                                   "book",
+                                   (*rule)[1].c_str());
         RUNNER_ASSERT_MSG_BT(result == expected, "Error while checking Smack access");
     }
 }
@@ -1261,7 +1268,7 @@ RUNNER_TEST_SMACK(smack11_saving_loading_rules)
     // Adding rules from file
     result = smack_accesses_add_from_file(rulesBasic, fd);
     close(fd);
-    RUNNER_ASSERT_MSG_BT(result == 0, "Accesses were loaded from file");
+    RUNNER_ASSERT_MSG_BT(result == 0, "Error importing accesses from file");
 
     // Applying rules
     result = smack_accesses_apply(rulesBasic);
@@ -1270,7 +1277,7 @@ RUNNER_TEST_SMACK(smack11_saving_loading_rules)
     // Checking rules
     RUNNER_ASSERT_MSG_BT(checkNoAccesses("test_subject_01", "test_object_01"),
         " Error while checking smack access loaded from /etc/smack/test_smack_rules2. Accesses exist.");
-    result = smack_have_access("test_subject_01", "test_object_02", "rwat");
+    result = smack_have_access("test_subject_01", "test_object_02", "rwatl");
     RUNNER_ASSERT_MSG_BT(result == 1,
         " Error while checking smack access loaded from /etc/smack/test_smack_rules2. Result: " << result );
     result = smack_have_access("test_subject_01", "test_object_03", "wat");
@@ -1278,7 +1285,7 @@ RUNNER_TEST_SMACK(smack11_saving_loading_rules)
         " Error while checking smack access loaded from /etc/smack/test_smack_rules2. Result: " << result );
     RUNNER_ASSERT_MSG_BT(checkNoAccesses("test_subject_02", "test_object_01"),
         " Error while checking smack access loaded from /etc/smack/test_smack_rules2. Accesses exist.");
-    result = smack_have_access("test_subject_02", "test_object_02", "wa-ft");
+    result = smack_have_access("test_subject_02", "test_object_02", "wa-lt");
     RUNNER_ASSERT_MSG_BT(result == 1,
         " Error while checking smack access loaded from /etc/smack/test_smack_rules2. Result: " << result );
     result = smack_have_access("test_subject_02", "test_object_03", "wr");
@@ -1290,7 +1297,7 @@ RUNNER_TEST_SMACK(smack11_saving_loading_rules)
     result = smack_have_access("test_subject_03", "test_object_02", "rwat");
     RUNNER_ASSERT_MSG_BT(result == 1,
         " Error while checking smack access loaded from /etc/smack/test_smack_rules2. Result: " << result );
-    result = smack_have_access("test_subject_03", "test_object_03", "w");
+    result = smack_have_access("test_subject_03", "test_object_03", "w---l-");
     RUNNER_ASSERT_MSG_BT(result == 1,
         " Error while checking smack access loaded from /etc/smack/test_smack_rules2. Result: " << result );
 
@@ -1312,20 +1319,6 @@ RUNNER_TEST_SMACK(smack11_saving_loading_rules)
     close(fd);
     RUNNER_ASSERT_MSG_BT(result != 0, "Accesses were loaded from file");
 
-    // Applying rules
-    result = smack_accesses_apply(rulesBasic);
-    RUNNER_ASSERT_MSG_BT(result == 0, "Error while applying accesses. Result: " << result);
-
-    // Checking rules
-    result = smack_have_access("test_subject_01", "test_object_01", "rwat");
-    RUNNER_ASSERT_MSG_BT(result == 1,
-        " Error while checking smack access loaded from /etc/smack/test_smack_rules3. Result: " << result );
-    RUNNER_ASSERT_MSG_BT(checkNoAccesses("test_subject_01", "test_object_02"),
-        " Error while checking smack access loaded from /etc/smack/test_smack_rules3. Accesses exist.");
-    result = smack_have_access("test_subject_01", "test_object_03", "x");
-    RUNNER_ASSERT_MSG_BT(result == 0,
-        " Error while checking smack access loaded from /etc/smack/test_smack_rules3. Result: " << result );
-
     // Removing rules
     removeAccessesAll();
 
@@ -1344,20 +1337,6 @@ RUNNER_TEST_SMACK(smack11_saving_loading_rules)
     close(fd);
     RUNNER_ASSERT_MSG_BT(result != 0, "Accesses were loaded from file");
 
-    // Applying rules
-    result = smack_accesses_apply(rulesBasic);
-    RUNNER_ASSERT_MSG_BT(result == 0, "Error while applying accesses. Result: " << result);
-
-    // Checking rules
-    result = smack_have_access("test_subject_01", "test_object_01", "rxwat");
-    RUNNER_ASSERT_MSG_BT(result == 1,
-        " Error while checking smack access loaded from /etc/smack/test_smack_rules4. Result: " << result );
-    RUNNER_ASSERT_MSG_BT(checkNoAccesses("test_subject_01", "test_object_02"),
-        " Error while checking smack access loaded from /etc/smack/test_smack_rules4. Accesses exist.");
-    result = smack_have_access("test_subject_01", "test_object_03", "a");
-    RUNNER_ASSERT_MSG_BT(result == 0,
-        " Error while checking smack access loaded from /etc/smack/test_smack_rules4. Result: " << result );
-
     // Removing rules
     removeAccessesAll();
 

diff --git a/tests/libsmack-tests/test_smack_rules2 b/tests/libsmack-tests/test_smack_rules2
index d649f81..7708bb2 100644 (file)
--- a/tests/libsmack-tests/test_smack_rules2
+++ b/tests/libsmack-tests/test_smack_rules2
@@ -1,9 +1,9 @@
 test_subject_01 test_object_01 ---
 test_subject_01 test_object_02 rwatl
 test_subject_01 test_object_03 wat
-test_subject_02 test_object_01 $$$$$$$
-test_subject_02 test_object_02 wa-ft
-test_subject_02 test_object_03 +rwh4r9d32!@#$
-test_subject_03 test_object_01 aaaaaa %$%^$#@b
+test_subject_02 test_object_01 -------
+test_subject_02 test_object_02 wa-lt
+test_subject_02 test_object_03 -rw--r------
+test_subject_03 test_object_01 aaaaaa ------
 test_subject_03 test_object_02 rwat
-test_subject_03 test_object_03 w---ls
+test_subject_03 test_object_03 w---l-