return result.rows.size() == 1;
}
-void TestSecurityManagerDatabase::setup_privilege_gids(const std::string &privilege,
- const std::vector<gid_t> &gids)
+void TestSecurityManagerDatabase::setup_privilege_groups(const std::string &privilege,
+ const std::vector<std::string> &groups)
{
Sqlite3DBaseSelectResult result;
std::ostringstream sql;
sql << "INSERT OR IGNORE INTO privilege (name) VALUES ('" << privilege << "')";
m_base.execute(sql.str(), result);
- for (const auto &gid : gids) {
+ for (const auto &group : groups) {
sql.clear();
sql.str("");
- sql << "INSERT OR IGNORE INTO privilege_gid (privilege_id, gid) "
+ sql << "INSERT OR IGNORE INTO privilege_group (privilege_id, name) "
"VALUES ((SELECT privilege_id FROM privilege WHERE name = '"
- << privilege << "')," << (int) gid << ")";
+ << privilege << "'), '" << group << "')";
m_base.execute(sql.str(), result);
}
}
* @brief Method for setting privilege to groups mapping in security-manager database
*
* @param privilege name of the privilege
- * @param gids vector of group ids
+ * @param groups vector of group names
*/
- void setup_privilege_gids(const std::string &privilege, const std::vector<gid_t> &gids);
+ void setup_privilege_groups(const std::string &privilege,
+ const std::vector<std::string> &groups);
private:
/**
static const privileges_t SM_NO_PRIVILEGES = {
};
-static const std::vector<gid_t> SM_ALLOWED_GIDS = {6001, 6002};
+static const std::vector<std::string> SM_ALLOWED_GROUPS = {"db_browser", "db_alarm"};
static const char *const SM_PRIVATE_PATH = "/etc/smack/test_DIR/app_dir";
static const char *const SM_PUBLIC_PATH = "/etc/smack/test_DIR/app_dir_public";
static void check_app_after_install(const char *const app_id, const char *const pkg_id,
const privileges_t &allowed_privs,
const privileges_t &denied_privs,
- const std::vector<gid_t> &allowed_gids)
+ const std::vector<std::string> &allowed_groups)
{
TestSecurityManagerDatabase dbtest;
dbtest.test_db_after__app_install(app_id, pkg_id, allowed_privs);
/* Setup mapping of gids to privileges */
/* Do this for each privilege for extra check */
for (const auto &privilege : allowed_privs) {
- dbtest.setup_privilege_gids(privilege, allowed_gids);
+ dbtest.setup_privilege_groups(privilege, allowed_groups);
+ }
+
+ std::vector<gid_t> allowed_gids;
+
+ for (const auto &groupName : allowed_groups) {
+ errno = 0;
+ struct group* grp = getgrnam(groupName.c_str());
+ RUNNER_ASSERT_ERRNO_MSG(grp, "Group: " << groupName << " not found");
+ allowed_gids.push_back(grp->gr_gid);
}
check_app_gids(app_id, allowed_gids);
/* Check records in the security-manager database */
check_app_after_install(SM_APP_ID2, SM_PKG_ID2,
- SM_ALLOWED_PRIVILEGES, SM_DENIED_PRIVILEGES, SM_ALLOWED_GIDS);
+ SM_ALLOWED_PRIVILEGES, SM_DENIED_PRIVILEGES, SM_ALLOWED_GROUPS);
/* TODO: add parameters to this function */
check_app_path_after_install();