"Cannot prepare environment for test"); \
}while(0)
+/**
+ * Dropping root privileges
+ * returns 0 on success, 1 on error
+ */
+int drop_root_privileges()
+{
+ if (getuid() == 0) {
+ /* process is running as root, drop privileges */
+ if (setgid(5000) != 0)
+ return 1;
+ if (setuid(5000) != 0)
+ return 1;
+ }
+ int uid = getuid();
+ if (uid == 5000)
+ return 0;
+
+ return 1;
+}
+
RUNNER_TEST_GROUP_INIT(SECURITY_SERVER_TESTS_CLIENT_SMACK)
/*
RUNNER_ASSERT(SECURITY_SERVER_API_SUCCESS ==
security_server_request_cookie(cookie,20));
+ RUNNER_ASSERT_MSG(drop_root_privileges() == 0, "uid = " << getuid());
+
RUNNER_ASSERT(SECURITY_SERVER_API_SUCCESS ==
security_server_check_privilege_by_cookie(
cookie,
RUNNER_ASSERT_MSG(strcmp(label,"")==0, "label is \""<< label<<"\"");
free(label);
+ RUNNER_ASSERT_MSG(drop_root_privileges() == 0, "uid = " << getuid());
+
LogDebug("child, listen");
if (listen(sockfd, 5) < 0) {
LogDebug("child, exit");
int status;
waitpid(pid, &status, 0);
- RUNNER_ASSERT(SECURITY_SERVER_API_SUCCESS == result1);
- RUNNER_ASSERT(SECURITY_SERVER_API_ERROR_ACCESS_DENIED == result2);
+ RUNNER_ASSERT_MSG(SECURITY_SERVER_API_SUCCESS == result1, "result = " << result1);
+ RUNNER_ASSERT_MSG(SECURITY_SERVER_API_ERROR_ACCESS_DENIED == result2, "result = " << result2);
}
/*
* test: security_server_check_privilege_by_sockfd
* description: This test will create dummy server that will accept connection
* and die. The client will try to check access rights using connection descriptor.
- * Unfortunatelly in this cases smack_set_label_for_self will not change label
- * connected with unix socket. Thats why this test will fail.
+ * Because we read a smack label not from socket directly, but from from pid of process
+ * on the other end of socket - that's why smack label will be updated.
+ * In this test client is running under root and server is not - to test the extreme case.
* expected: Function call with access rights set to "r" should return SUCCESS,
* with "rw" should return ACCESS DENIED.
*/
int result1 = -1;
int result2 = -1;
+ int kill_result = -1;
smack_accesses *handle;
RUNNER_ASSERT(0 == smack_accesses_new(&handle));
exit(1);
}
+ RUNNER_ASSERT_MSG(drop_root_privileges() == 0, "uid = " << getuid());
+
LogDebug("child, listen");
if (listen(sockfd, 5) < 0) {
LogDebug("child, exit");
exit(1);
} else {
// parent
+
+ RUNNER_ASSERT_MSG(drop_root_privileges() == 0, "uid = " << getuid());
+
LogDebug("Parent, sleep 2");
sleep(2);
int sockfd = connect_to_testserver();
LogDebug("Parent: Close desc");
close(sockfd);
LogDebug("Parent: killing child");
- kill(pid, SIGKILL);
+ // we cannot kill child - because of dropping privileges
+ kill_result = kill(pid, SIGKILL);
}
- int status;
- waitpid(pid, &status, 0);
+ if (kill_result == 0) {
+ int status;
+ waitpid(pid, &status, 0);
+ }
+ else
+ sleep(2);
- RUNNER_ASSERT(SECURITY_SERVER_API_ERROR_ACCESS_DENIED == result1);
- RUNNER_ASSERT(SECURITY_SERVER_API_ERROR_ACCESS_DENIED == result2);
+ RUNNER_ASSERT_MSG(SECURITY_SERVER_API_SUCCESS == result1, "result1 = " << result1);
+ RUNNER_ASSERT_MSG(SECURITY_SERVER_API_ERROR_ACCESS_DENIED == result2, " result2 = " << result2);
}
int main(int argc, char *argv[])
#include <dpl/test/test_runner.h>
#include <dpl/test/test_runner_child.h>
#include <dlog.h>
+#include <privilege-control.h>
#include "test.h"
#define SECURITY_SERVER_SOCK_PATH "/tmp/.security_server.sock"
char obj_name[OBJ_NAME_SIZE];
struct sockaddr_un clientaddr;
+/**
+ * Dropping root privileges
+ * returns 0 on success, 1 on error
+ */
+int drop_root_privileges()
+{
+ if (getuid() == 0) {
+ /* process is running as root, drop privileges */
+ if (setgid(5000) != 0)
+ return 1;
+ if (setuid(5000) != 0)
+ return 1;
+ }
+ int uid = getuid();
+ if (uid == 5000)
+ return 0;
+
+ return 1;
+}
+
/* Create a Unix domain socket and bind */
int create_new_socket()
{
RUNNER_ASSERT(0 == smack_accesses_apply(smack.get()));
smack_set_label_for_self(object);
+
+ RUNNER_ASSERT_MSG(drop_root_privileges() == 0, "uid = " << getuid());
+
security_server_app_give_access(subject, getpid());
RUNNER_ASSERT(1 == smack_have_access(subject, object, "rwxat"));
RUNNER_ASSERT(0 == smack_accesses_apply(smack.get()));
smack_set_label_for_self(object);
+
+ RUNNER_ASSERT_MSG(drop_root_privileges() == 0, "uid = " << getuid());
+
RUNNER_ASSERT(SECURITY_SERVER_API_ERROR_ACCESS_DENIED == security_server_app_give_access(subject, getpid()));
RUNNER_ASSERT(0 == smack_have_access(subject, object, "r"));