Lukasz Wojciechowski [Thu, 13 Nov 2014 14:02:23 +0000 (15:02 +0100)]
Fix potential segfaults if assert won't throw
Prepare code for assertions that won't throw an exception even if
condition check fails. Such situation can happen, when when exception
would have been thrown during stack unwinding after another exception.
Change-Id: Icb44b0e5e51bcb9b7f23fcc270d2e60eab4ecc1e
Lukasz Wojciechowski [Tue, 4 Nov 2014 10:31:33 +0000 (11:31 +0100)]
Make StatusMonitor::getStatus() always return value
Bug fix. Not all paths returned a value. RUNNER_FAIL_MSG may avoid
throwing e.g. when not in test.
Change-Id: Ief39fcc83ab3828f2e7d71682927e30140c1e191
Pawel Wieczorek [Mon, 17 Nov 2014 13:07:20 +0000 (14:07 +0100)]
Move string consts to corresponding test commons
New member has been added:
* SERVICE (in CynaraTestConsts, for D-Bus)
Change-Id: I6963cbbf9b57380447b764ae0f3b09ec2795ff9f
Pawel Wieczorek [Mon, 1 Dec 2014 12:19:55 +0000 (13:19 +0100)]
Create cynara_db_tests group
Create an empty test group for database integrity tests.
Change-Id: I065ea1c0d6ee7318f8e3a2be878867695a5ebfc7
Pawel Wieczorek [Mon, 8 Sep 2014 14:23:58 +0000 (16:23 +0200)]
Move files_compare() function to test commons
Function files_compare() from tests for libsmack can be used in other
tests as well. It is now accessible outside libsmack tests.
Change-Id: Ic56b4aff4c4170e24b5cfb2754e2ef4aed4cf541
Pawel Wieczorek [Mon, 1 Dec 2014 11:02:13 +0000 (12:02 +0100)]
Add support for empty files to files_compare()
This patch modifies approach to return values. It returns an integer
less than, equal to, or greater than zero if fd1 is found, respectively,
to be less than, to match, or be greater than fd2.
Change-Id: I9402a19a3280023ee87524cccdec36fafe52b75b
Marcin Niesluchowski [Mon, 24 Nov 2014 17:44:39 +0000 (18:44 +0100)]
Merge branch 'tizen' into cynara
Change-Id: I4914064a6a5e309decea74043195e91424cb9141
Lukasz Wojciechowski [Mon, 24 Nov 2014 11:33:25 +0000 (12:33 +0100)]
Prevent running cynara service by masking
Before and after each testcase CynaraTestEnv runs code, that
saves and restores cynara's database. Cynara service is stopped
for that time, however it can be socket-activated and start during
critical moment of database modification.
To prevent such situation cynara is masked for critical sections.
Change-Id: I2dba7f9985121d92a2bb2ffd6318ec922022979c
Lukasz Wojciechowski [Mon, 24 Nov 2014 05:30:20 +0000 (06:30 +0100)]
Add methods for masking and unmasking service
Masking a service prevents the service from being started.
Unmasking allows to start service again. Both of these operations
are implemented to affect service only till device reboot.
Masking and unmasking service needs reloading configuration
of dbus manager. That is also done in implementation.
Change-Id: Ibbb64dbae6ed6aaa68b085f8a66d4810cecd22c1
Lukasz Wojciechowski [Mon, 24 Nov 2014 05:18:35 +0000 (06:18 +0100)]
Add method for getting service's pid
Systemd that is responsible for launching service provide information
about it's pid with dbus properties mechanism.
Change-Id: Ia56094ad776a758596b4344172a6109b3648365e
Lukasz Wojciechowski [Mon, 24 Nov 2014 04:31:40 +0000 (05:31 +0100)]
Handle job signals from systemd
A set of currently running jobs was added. Jobs are identified
with unique job path created by systemd.
Every time a start/stop/restart command is sent to systemd,
related job is added to set.
When JobNew signal is received its handler puts it also in the set.
Job is removed from the set, when JobRemoved signal is delivered from
systemd.
After each action generating a job in systemd unit (start/stop/restart)
program waits until all jobs from the set are removed.
Timeouts used earlier to "synchronize" action calls are removed.
Change-Id: Id944c9f52ecfeb06efabdb9424c835d09af7bb4f
Lukasz Wojciechowski [Mon, 24 Nov 2014 03:08:32 +0000 (04:08 +0100)]
Subscribe to dbus signals from systemd
Set bus matching filters for JobNew and JobRemove signals from systemd.
Subscribe to signals from systemd over dbus
Add dbus filter for all incoming messages (stub - empty body).
Change-Id: I516bf562d50a4e7a3933e0a1d5905bffb73dbc68
Lukasz Wojciechowski [Mon, 24 Nov 2014 02:42:53 +0000 (03:42 +0100)]
Cleanup DBusAccess
Remove not used variables and function.
Fix memory leak of not released objects in sendResetFailedToService().
Read object path data from dbus response.
Change-Id: I94e531fe6aef64de9eb8a1fc3e7fc8623727e697
Marcin Niesluchowski [Mon, 24 Nov 2014 13:18:23 +0000 (14:18 +0100)]
Ignore smack-dbus tests
Current dbus release does not support smack context in GetConnectionCredentials
method yet.
Change-Id: I58112e9702c04a634c149c5c2c3753404970cc87
Rafal Krypa [Mon, 24 Nov 2014 11:27:24 +0000 (12:27 +0100)]
Merge branch 'security-manager' into tizen
Conflicts:
tests/security-manager-tests/common/sm_db.cpp
tests/security-manager-tests/common/sm_db.h
tests/security-manager-tests/security_manager_tests.cpp
Change-Id: I69e6e9321ab58702086ba402e23a6d9b06e7fdb9
Rafal Krypa [Mon, 24 Nov 2014 10:19:41 +0000 (11:19 +0100)]
Merge branch 'cynara' into tizen
Conflicts:
tests/cynara-tests/common/cynara_test_admin.h
tests/cynara-tests/test_cases.cpp
Change-Id: I49296db7a8983f3aee1f4750852ea516e9d7f3a2
Marcin Lis [Tue, 18 Nov 2014 15:04:56 +0000 (16:04 +0100)]
security-manager tests: reorganize directories used and registered by apps
1. Move global user directories from /etc/smack/ to its home dir: /usr/apps/
2. Remove directories, functions and checks associated with
SECURITY_MANAGER_PATH_PUBLIC - it should not be used anymore and will be
removed.
[Verification] run security-manager-tests and ensure that all succeed.
Change-Id: Ifb04fd19b35cc226473159728d172525fbc44bdc
Signed-off-by: Marcin Lis <m.lis@samsung.com>
Rafal Krypa [Tue, 18 Nov 2014 14:37:33 +0000 (15:37 +0100)]
Require gum-utils, not libgum
In gumd 1.0.2 gum-utils tool has been split from package libgum into
separate package gum-utils.
Change-Id: Ia5903f1b5725e681545b56a1e581312a22443017
Marcin Niesluchowski [Mon, 17 Nov 2014 16:36:16 +0000 (17:36 +0100)]
Ignore tests failing on file label removal
Change-Id: Ib4f97f1bfdda0cf2229852096bf47582dc68aa3b
Aleksander Zdyb [Mon, 17 Nov 2014 12:16:32 +0000 (13:16 +0100)]
Fix build dependencies on Cynara
Change-Id: I3bb0ec78446999e2dfb7fe6e670fc586c113b5bf
Krzysztof Sasiak [Thu, 23 Oct 2014 11:53:58 +0000 (13:53 +0200)]
Update tests to work with group names instead of gids
Change-Id: Ia6ac604ca4d5369a486772d1f9f39fd57e1c3ecd
Michal Eljasiewicz [Tue, 4 Nov 2014 11:15:00 +0000 (12:15 +0100)]
security-server tests commented out from all tests
Change-Id: I549718922f98f08c242b9bde313ecad839392b8e
Signed-off-by: Michal Eljasiewicz <m.eljasiewic@samsung.com>
Michal Eljasiewicz [Wed, 5 Nov 2014 13:04:51 +0000 (14:04 +0100)]
security_server_tests_dbus moved to separate directory
tests moved out of security_server directory and renamed
Change-Id: If3a3aedecc91f43803dfb349ac6a06a79ed4eccd
Signed-off-by: Michal Eljasiewicz <m.eljasiewic@samsung.com>
Zbigniew Jasinski [Fri, 31 Oct 2014 11:11:20 +0000 (12:11 +0100)]
Extending security_manager_set_process_label_from_binary and
security_manager_set_process_label_from_appid for proper socket
labeling.
Added checking for proper socket Smack labeling. Implementation:
https://review.tizen.org/gerrit/27849
Change-Id: I3cf1f7a06615f7652fcefe6d89b2fe370d5f2ba5
Zbigniew Jasinski [Wed, 29 Oct 2014 09:10:26 +0000 (10:10 +0100)]
Test case for security_manager_drop_process_privileges function.
security_manager_drop_process_privileges implementation:
https://review.tizen.org/gerrit/27848
Change-Id: I17732780dad25f8c3ecdde3e9ad30781a87a6b69
Rafal Krypa [Tue, 4 Nov 2014 18:21:08 +0000 (19:21 +0100)]
Remove test for security_manager_set_process_label_from_binary()
Removing test for security-manager function that is now being removed
from security-manager (https://review.tizen.org/gerrit/27041).
Change-Id: I879016d2d0e87b7d0e1eafe982d4e25e61b2f71e
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
Michal Eljasiewicz [Tue, 4 Nov 2014 10:51:04 +0000 (11:51 +0100)]
libprivilege-control tests commented out from all tests
Change-Id: Id76b6b0ba3b9b5c2ee8948fb2078c44e5a444fdc
Signed-off-by: Michal Eljasiewicz <m.eljasiewic@samsung.com>
Lukasz Wojciechowski [Fri, 17 Oct 2014 18:27:59 +0000 (20:27 +0200)]
Check creation of maximal count of cynara requests
Request creating function should return CYNARA_API_MAX_PENDING_REQUESTS,
when maximal number of possible requests (2^16) is created.
Change-Id: Icdbbf6e6377a73892ccd8f4affa31756f6161414
Lukasz Wojciechowski [Fri, 17 Oct 2014 18:22:57 +0000 (20:22 +0200)]
Add CynaraTestAsync::Client::createRequest() method
Method can be used for testing cynara_async_create_request() API function.
Change-Id: Ib26d97a1a45451c014f3a495408f555c203bf834
Lukasz Wojciechowski [Fri, 17 Oct 2014 16:45:33 +0000 (18:45 +0200)]
Add test for checking CACHE_MISS when cache is empty
Change-Id: I5857cec7b8d8da2b281a60029648d70516a3c00f
Lukasz Wojciechowski [Fri, 17 Oct 2014 16:44:02 +0000 (18:44 +0200)]
Add CynaraTestAsync::Client::checkCache() method
Method can be used to test cynara_async_check_cache() API function.
Change-Id: Ibc7009362bec2cfdc90472299d3bfdf155f186c3
Lukasz Wojciechowski [Fri, 17 Oct 2014 14:15:43 +0000 (16:15 +0200)]
Add CynaraTestAsync::RequestMonitor class
Added class shall be used for monitoring all requests, matching
callbacks and checking expected causes and responses in callbacks.
Change-Id: I0ddb2d8848d80950d430f768510c6466144b399d
Lukasz Wojciechowski [Thu, 16 Oct 2014 17:23:13 +0000 (19:23 +0200)]
Create cynara_async_tests group
Create a test group for asynchronous API tests
and add CynaraTestAsync::Client initialization test.
Change-Id: I0e8cc37cd16282a7834cc61dd72e1aa90fb9129e
Lukasz Wojciechowski [Thu, 16 Oct 2014 17:21:58 +0000 (19:21 +0200)]
Add CynaraTestAsync::Client
This is a class that will wrap usage of libcynara-client-async API.
Change-Id: I89124b57c811e016854122fec6b2cf0ddbaa0525
Lukasz Wojciechowski [Thu, 16 Oct 2014 17:10:49 +0000 (19:10 +0200)]
Add RUNNER_ERROR_MSG(message) macro
Macro can be used to print error messages during test runtime.
Sometimes there is a need to print out important information
that are related to error that happen during test run, but it is
impossible to do that with RUNNER_ASSERT... macros because
an exception is alredy thrown.
Change-Id: I574af27bba7c20f21e2c6f9fc0b808f7ed9675ed
Lukasz Wojciechowski [Thu, 16 Oct 2014 15:25:13 +0000 (17:25 +0200)]
Add CynaraTestAsync::StatusMonitor
Added class wraps functionality of status callbacks.
Change-Id: I8c42a80d02b9092e89d930367632110ca33e3fa9
Marcin Niesluchowski [Thu, 23 Oct 2014 11:32:38 +0000 (13:32 +0200)]
Fix security_manager_05_app_install_uninstall_by_uid_5000
User app (uid 5000) used for tests has been removed from system.
Due to this chage security-manager can not find it in /etc/passwd.
Special user is created in %post section and is removed in %postun
section. Current test name:
security_manager_05_app_install_uninstall_by_app_user
Change-Id: Ia2eec416b44fe216b08f1fc29ec46826621ad796
Lukasz Wojciechowski [Thu, 16 Oct 2014 14:01:55 +0000 (16:01 +0200)]
Add licence and copyright header to cynara test files
Change-Id: I4cb894b91b076c6475f8c285966dd2bacc0ff64d
Rafal Krypa [Tue, 21 Oct 2014 11:35:55 +0000 (13:35 +0200)]
One missing fix for cynara_check return code
Commit
1c357c269b should also adjust tests for security-manager.
Changing expected return code of cynara_check from CYNARA_API_SUCCESS
to CYNARA_API_ACCESS_ALLOWED.
Change-Id: I4f1ad908f0d91f91af9dec9a701f8f41504730dc
Marcin Niesluchowski [Wed, 22 Oct 2014 11:34:10 +0000 (13:34 +0200)]
Merge remote-tracking branch 'tizen-gerrit/cynara' into HEAD
Change-Id: Id5089ff0e604c1608038d68ffc5d5e041a2d29d7
Marcin Niesluchowski [Wed, 22 Oct 2014 11:10:37 +0000 (13:10 +0200)]
Merge commit '
af35045308e6b0221690b420f530e53ce6c2fbad' into HEAD
Change-Id: Ib16081848a41ef480360b31a14bb9a9bc4786c3f
Marcin Niesluchowski [Mon, 13 Oct 2014 13:05:27 +0000 (15:05 +0200)]
Move HTML collector to separate files
Change-Id: I9e3d507cbde42bced1daac0eae351c55b925a63c
Marcin Niesluchowski [Mon, 13 Oct 2014 11:39:02 +0000 (13:39 +0200)]
Move Console collector to separate files
Change-Id: Ia7c23d144db858f94eac34e79e12dd11faad9de4
Marcin Niesluchowski [Mon, 13 Oct 2014 09:09:48 +0000 (11:09 +0200)]
Move XML collector to separate files
Change-Id: I7c82a9415bbf9969ab2bc5bc008878b8b61bbcc4
Marcin Niesluchowski [Mon, 13 Oct 2014 09:42:33 +0000 (11:42 +0200)]
Move statistic class to separate file
Change-Id: Ife2fd4e0e2952d6145096a8c4de14ed5bbfdb369
Marcin Niesluchowski [Mon, 13 Oct 2014 08:24:02 +0000 (10:24 +0200)]
Remove CSV collector
Change-Id: Iae8c4bbb7cfd415e228426885f224412122ce52f
Marcin Niesluchowski [Mon, 13 Oct 2014 08:13:47 +0000 (10:13 +0200)]
Remove TAP collector
Change-Id: Ie9022778cf489eaaba0177ba8b84c5d0dd425fdb
Marcin Niesluchowski [Mon, 13 Oct 2014 13:21:49 +0000 (15:21 +0200)]
Remove unnecessary includes from test_results_collector.cpp
Change-Id: I7caaf12269eb63f1a1e7ec2dc3afaa203aa8ad82
Marcin Niesluchowski [Tue, 21 Oct 2014 09:34:12 +0000 (11:34 +0200)]
Revert commits to cynara tests
Some commits to cynara tests making security-tests not buildable
with cynara release.
This reverts commits:
1c357c2 "Fix cynara_check return codes"
d2eb84f "Add tests for cynara_admin_check function"
a58d784 "Enhance CynaraTestAdmin with adminCheck() method"
e0b08a3 "Add tests for none bucket"
Change-Id: If344771ef62de103c24cd551cd40a6b9b8be44a3
Marcin Niesluchowski [Tue, 21 Oct 2014 09:43:03 +0000 (11:43 +0200)]
Revert commits to security-manager tests
Some commits to security-manager tests making security-tests not buildable
with security-manager release.
This reverts commits:
e3e2809 "security-manager: test security_manager_set_process_groups_from_appid"
Change-Id: I009c33811a3af23451e5cac6db142a555f248408
Lukasz Wojciechowski [Thu, 16 Oct 2014 08:21:42 +0000 (10:21 +0200)]
Adjust libcynara-admin error codes
Cynara integrates error codes in all libraries.
Release 0.4.0 uses new unified error codes.
Old error codes are removed.
This patch changes old error codes into new ones.
Please do not merge this patch until 0.4.0 is released
or patch "
35771f4 Use client error codes in admin libraries"
in cynara repository is merged.
Change-Id: I7d89945a075b9353399b417f1fce5ef8a06694c4
José Bollo [Tue, 14 Oct 2014 15:39:19 +0000 (17:39 +0200)]
Building: better handling of deprecated
It is useful to keep deprecated items as warning.
For doing that, this new option is needed.
Change-Id: Iaf140652f40d8a990d246741091119106c7b132b
Signed-off-by: José Bollo <jose.bollo@open.eurogiciel.org>
Lukasz Wojciechowski [Thu, 9 Oct 2014 16:28:29 +0000 (18:28 +0200)]
Fix cynara_check return codes
After merging "
151ad89 Change client API error codes"
into cynara values returned by cynara_check() changed.
In case of access allowed cynara_check returns
CYNARA_API_ACCESS_ALLOWED instead of CYNARA_API_SUCCESS.
Change-Id: I98ff68068c9c67648601c339b0ff51af7e3e1280
Lukasz Wojciechowski [Tue, 23 Sep 2014 15:56:03 +0000 (17:56 +0200)]
Add tests for cynara_admin_check function
cynara_admin_check() function provides simmilar functionality to
cynara_check() from client's API. Differences between those two are:
* admin version can start check search in any given bucket;
* admin version can constrain search to single bucket (no recursion);
* in admin version policy types are returned without being interpreted
by plugins in cynara service (e.g. no UI popups are launched).
There are 4 tests added:
* tc16_admin_check_single_bucket - for trivial single bucket checks;
* tc17_admin_check_nested_bucket - for testing proper check search
scope (recursion and start bucket);
* tc18_admin_check_multiple_matches - for testing if minimum policy
is found, when there is more than a single policy matching;
* tc19_admin_check_none_bucket - for testing proper behaviour, when
default and only matching policy in bucket is of type NONE.
Verification:
After cynara patch https://review.tizen.org/gerrit/27971 is applied
test should pass. They can fail before due to policy types enumeration
inconsistency between external and internal caynara layers.
Change-Id: Ia37df3491fbc31beb9c638daa515ce5a6b92eb59
Lukasz Wojciechowski [Mon, 22 Sep 2014 14:03:36 +0000 (16:03 +0200)]
Enhance CynaraTestAdmin with adminCheck() method
adminCheck() method allows running and checking result of
cynara_admin_check() form libcynara-admin API.
It asserts result of cynara_admin_check() function call
and values of check results with expected values.
Change-Id: Id2a35b3b1f43f2802ccee14355b6efb8a5f5c511
Marcin Niesluchowski [Mon, 1 Sep 2014 09:38:06 +0000 (11:38 +0200)]
Make expected result of cynara client check default
Change-Id: If5e51ff720c8b03aa2d3beabefce459b65306fca
Marcin Niesluchowski [Wed, 20 Aug 2014 09:13:28 +0000 (11:13 +0200)]
Add tests for none bucket
Change-Id: I546ded4f234470ab3754338080ab9800dde18279
Rafal Krypa [Tue, 16 Sep 2014 14:28:07 +0000 (16:28 +0200)]
security-manager: test security_manager_set_process_groups_from_appid
New security-manager API supports setting process groups based on
privilege settings. This is intended for launchers. Check it during
application installation check to verify if gid-mapped privileges
are handled correctly.
Change-Id: Ie558bf985dbbc5cd1451ae743aa2f26f519fef5e
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
Rafal Krypa [Fri, 12 Sep 2014 15:14:25 +0000 (17:14 +0200)]
security-manager: drop testing of obsolete TIZENEXEC label on symlinks
This feature is just being removed from security-manager. No labels
will be set on symlinks.
Change-Id: I9f19cb0b4f2d273407654f9e04f15d6d4823ed05
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
Rafal Krypa [Fri, 12 Sep 2014 15:10:27 +0000 (17:10 +0200)]
security-manager: use Smack label for verifying Cynara rules, not pkgId
Since security-manager doesn't provide function for that, tests
need to reimplement it. It should be kept in line with security-manager
code. For now there is only one label for all apps: "User".
Change-Id: I79eafea8c38bb86a3ec775a851d7e7605c1865e8
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
Lukasz Wojciechowski [Mon, 15 Sep 2014 12:17:57 +0000 (14:17 +0200)]
Check integrity after partial policy set
cynara_admin_set_policy() API function sets whole collection of policies
in single call. Setting some of them may fail. In such case no policies
should be applied to cynara service.
This test confirms existance of detected bug. Try to set 2 policies
(one good and one that is not allowed) leads to setPolicies() error,
however 1st policy remains in cynara's storage.
Verification: until bug is fixed in cynara's storage test should fail.
Change-Id: I3449ccbcfacb03bdcdc7a5cfb4a3b639d9b694ce
Maciej J. Karpiuk [Wed, 17 Sep 2014 09:45:37 +0000 (11:45 +0200)]
Added ckm tests.
Change-Id: I69ba5318e73ee9f6844787f2ba6a29afec293f45
Aleksander Zdyb [Wed, 3 Sep 2014 06:11:47 +0000 (08:11 +0200)]
Add include for strerror()
Change-Id: Idf24aaca911199e40b87c78ac2dd4c03d378afbd
Marcin Niesluchowski [Wed, 27 Aug 2014 07:51:12 +0000 (09:51 +0200)]
Change NULL to nullptr
Change-Id: I316a253e25a2460c9e2ff85a791550073ebde51a
Marcin Niesluchowski [Wed, 30 Jul 2014 10:41:12 +0000 (12:41 +0200)]
Adjust README to actual version of security-tests
Change-Id: I575d19fb5abe525b168c1610ed24ca70f9d684c0
Marcin Niesluchowski [Mon, 18 Aug 2014 09:34:44 +0000 (11:34 +0200)]
Use SocketUniquePtr in libprivilege-control tests
Change-Id: I47a95cf3f8d6e4c830d1c26e1bfef70ed78747e3
Marcin Niesluchowski [Wed, 30 Jul 2014 07:54:08 +0000 (09:54 +0200)]
Reorder and change test macros
Change-Id: Id05a92516053ca7128198fe61f8f5c805637d645
Jan Cybulski [Tue, 12 Aug 2014 10:54:57 +0000 (12:54 +0200)]
Adjust security-manager tests
Security-manager is no longer using libprivilege-control
Tests should now use cynara to check if privileges
were granted during application installation.
Change-Id: I4a0fea8edfad31cb9265c89b9498d6fd27d47676
Jan Cybulski [Thu, 7 Aug 2014 06:31:48 +0000 (08:31 +0200)]
Allow to run tests without arguments
If no arguments are given, then tests will be run
as if argument was '--output=text', which already
implemented. The only obstracle is check for number
of arguments that is removed in this commit.
To verify this just run any tests without arguments.
Change-Id: I17f60518d6d137c12a5a53f7852653e5f07d7599
Signed-off-by: Jan Cybulski <j.cybulski@samsung.com>
Marcin Niesluchowski [Mon, 28 Jul 2014 08:49:13 +0000 (10:49 +0200)]
Move test framework from wrt-commons to security-tests
Change-Id: If185e7401ded389f40d1a07e610c5d999ff152c1
Jan Cybulski [Fri, 18 Jul 2014 07:59:10 +0000 (09:59 +0200)]
Add tests for installing apps by different users
Change-Id: I65f78b92c974f5711f91a526593e4d222e1bd43b
Marcin Niesluchowski [Tue, 15 Jul 2014 16:54:35 +0000 (18:54 +0200)]
Add cynara test environment class
Change-Id: I6a83f3aab6e5ff4de4d6a9092b0b882af0eb22be
Marcin Niesluchowski [Thu, 17 Jul 2014 17:06:37 +0000 (19:06 +0200)]
Add extra bucket cynara tests
Change-Id: I195ac63e423b79b422978003892d78b863cfc2e0
Marcin Niesluchowski [Thu, 17 Jul 2014 13:48:23 +0000 (15:48 +0200)]
Add single wildcard policies cynara test
Change-Id: If3dc244bcc93b6d02c981fcb3f9cd5cbc7004705
Marcin Niesluchowski [Thu, 17 Jul 2014 11:43:59 +0000 (13:43 +0200)]
Add allow remove set policies cynara tests
Change-Id: I4be35a4242e381fbac176ad5591d2a90e50dc423
Marcin Niesluchowski [Thu, 17 Jul 2014 09:29:43 +0000 (11:29 +0200)]
Add empty bucket cynara tests
Change-Id: Ie3eb6ece201e31490e72180d0c4f53397c8976e8
Marcin Niesluchowski [Tue, 15 Jul 2014 17:34:43 +0000 (19:34 +0200)]
Add cynara invalid params tests
Change-Id: I45a63f43911c57b2d1ceb8b69410e41b527066bc
Marcin Niesluchowski [Wed, 9 Jul 2014 13:52:12 +0000 (15:52 +0200)]
Add cynara test client class
Change-Id: I8ef613c06d5fbe2a3764aaac7fa1b0b1009a860b
Marcin Niesluchowski [Wed, 9 Jul 2014 12:17:15 +0000 (14:17 +0200)]
Add cynara test admin class
Change-Id: I6871e7e51d6f78df03948d7dc83a88e5fe0ffeb3
Marcin Niesluchowski [Thu, 10 Jul 2014 11:22:03 +0000 (13:22 +0200)]
Make DBusAccess class more generic
DBusAccess class should be able to restart any service.
Change-Id: I035321e9cd6fb219f2affc01b06299ace9c8af18
Jacek Bukarewicz [Fri, 11 Jul 2014 13:56:53 +0000 (15:56 +0200)]
Add tests for setting current process label
Change-Id: I020b8c812526c7e13d86df8ffe72c4d80a1e0fe0
Signed-off-by: Jacek Bukarewicz <j.bukarewicz@samsung.com>
Marcin Niesluchowski [Mon, 16 Jun 2014 09:48:12 +0000 (11:48 +0200)]
Refactor test for smack_*getlabel and smack_*setlabel.
Change-Id: I65b60e6d13137b3d6a3ece46becde5050f4aa0b0
Jacek Bukarewicz [Tue, 15 Jul 2014 08:07:59 +0000 (10:07 +0200)]
Use tzplatform_mkpath to get path to .rules-db.db3 database
Change-Id: I6b834fe93551349954480dbc809e483f6a146dfd
Signed-off-by: Jacek Bukarewicz <j.bukarewicz@samsung.com>
Marcin Lis [Thu, 3 Jul 2014 13:47:09 +0000 (15:47 +0200)]
Add security-manager database records testing.
Use the TestSecurityManagerDatabase class to test installation and privilege
assignment process in security-manager's database.
Change-Id: I08155d56904c31fe2a124d86d089014e9da95008
Signed-off-by: Marcin Lis <m.lis@samsung.com>
Marcin Lis [Thu, 3 Jul 2014 13:45:38 +0000 (15:45 +0200)]
Add parameters to security-manager tests functions.
This commit pre-reorganizes tests. It prepares security-manager tests
to implement database records checks in next step.
Change-Id: I4687a71f12117c8b5c02e90cb71851ec95aacf16
Signed-off-by: Marcin Lis <m.lis@samsung.com>
Marcin Lis [Wed, 2 Jul 2014 13:38:41 +0000 (15:38 +0200)]
Add new class to test security-manager database records.
Reuse the concept implemented in libprivilege-control tests.
The interface of the introduced class may be used in security-manager tests.
Currently it allows to check if app and pkg have been successfully installed
along with all requested privileges. Checking application uninstallation is
possible as well.
Change-Id: I1eb95312c7ace890402533ef17645b91485ad443
Signed-off-by: Marcin Lis <m.lis@samsung.com>
Marcin Lis [Tue, 1 Jul 2014 15:06:21 +0000 (17:06 +0200)]
Move generic Sqlite3DBase test files to common part.
Prepare DB-test framework for later use in security-manager tests.
Change-Id: I9454431db2654adc0019446e08615ae72051a0fd
Signed-off-by: Marcin Lis <m.lis@samsung.com>
Marcin Lis [Wed, 18 Jun 2014 13:17:42 +0000 (15:17 +0200)]
Add test for libprivilege permissions update.
This commit introduces tests for the following change:
https://review.tizen.org/gerrit/#/c/23382/
Change-Id: I42c228dac84c9aee8f7f55de4a9d4773f97f11f1
Signed-off-by: Marcin Lis <m.lis@samsung.com>
Marcin Niesluchowski [Mon, 23 Jun 2014 10:26:21 +0000 (12:26 +0200)]
Remove security_manager_app_inst_req_add_allowed_user from tests.
Function security_manager_app_inst_req_add_allowed_user will be
removed from security-manager.
Change-Id: I89aafc3d1ae49044bdcb860545181e6e355d6f28
Marcin Niesluchowski [Tue, 3 Jun 2014 12:36:59 +0000 (14:36 +0200)]
Add test for security-manager installer service.
Verification:
-> secuirty-tests.sh security-manager --output=text --runignored
(all should pass)
Change-Id: I43b10b0032300cbf4b21faceae85d1f1dc1a982f
Jan Cybulski [Thu, 5 Jun 2014 13:02:04 +0000 (15:02 +0200)]
Test labeling links to execs by security-manager
Security manager's installer service labels links to execs
with a special xattr: security.TIZEN_EXEC_LABEL.
This commit checks that functionality.
Change-Id: Iac86bc6a55aba4b3648ec2f4e475c28121b025f0
Signed-off-by: Jan Cybulski <j.cybulski@samsung.com>
Jacek Bukarewicz [Fri, 6 Jun 2014 13:09:53 +0000 (15:09 +0200)]
Use /tmp/ as location for smack test files
Smack laccess tests used /opt/home/app previously, but it does not
necessarily exist so replace it with /tmp/.
Change-Id: Id711c60ef49e0078519f8acc77d5b034a23c1596
Jan Cybulski [Thu, 5 Jun 2014 13:00:42 +0000 (15:00 +0200)]
Add tests for security manager's installer service
Add more specific tests for security manager's
security_manager_app_inst_req_add_path:
Tests for SM_PUBLIC_PATH and SM_PUBLIC_RO_PATH added.
Change-Id: I505fca28ef992676f967fa6cf29bc2d6343388c1
Signed-off-by: Jan Cybulski <j.cybulski@samsung.com>
Jan Cybulski [Wed, 4 Jun 2014 12:47:19 +0000 (14:47 +0200)]
Fix return value of smack_have_access
Libsmack's smack_have_access returns 0 on no access and -1 on errors.
Checking rule that does not exist should not return -1
Change-Id: I604eed75634c9bc1dfbeb41a70d0a11211be96f0
Signed-off-by: Jan Cybulski <j.cybulski@samsung.com>
Jan Cybulski [Wed, 4 Jun 2014 12:44:44 +0000 (14:44 +0200)]
Fix segmentation fault on libsmack tests
Change-Id: I6fbae1e6513a6121aae53863193d862b03da257a
Signed-off-by: Jan Cybulski <j.cybulski@samsung.com>
Aleksander Zdyb [Thu, 29 May 2014 12:39:17 +0000 (14:39 +0200)]
Add tests for Cynara RE (Rush-Edition)
Change-Id: I628a242f40001a2e81ac1728e19402ed30b11934
Signed-off-by: Aleksander Zdyb <a.zdyb@partner.samsung.com>
Marcin Niesluchowski [Fri, 23 May 2014 09:00:06 +0000 (11:00 +0200)]
Fix tc_unit_09_02_app_user_cookie_API_access_deny test.
Verfication:
-> security-server-tests-server --output=text --runignored \
--regexp=tc_unit_09_02_app_user_cookie_API_access_deny
(with smack; test should not fail)
Change-Id: I03e696482ce797a67c3de9b77418d448970c5f23
Jacek Bukarewicz [Wed, 21 May 2014 15:02:09 +0000 (17:02 +0200)]
Don't use OSP and WRT installers in security tests
Security tests used to install WRT and OSP test applications in
post installation script. This is not necessary and can be replaced by
shipping binaries and symlinks required by test in RPM package.
To verify check if libprivilege-control tests' results are unaffected by
this change.
Change-Id: Id1d73bfb0249bc63bd33613c40d04a673783642d
Signed-off-by: Jacek Bukarewicz <j.bukarewicz@samsung.com>
Marcin Niesluchowski [Thu, 22 May 2014 12:18:21 +0000 (14:18 +0200)]
Revert "Fix security-server server tests"
This reverts commit
df5967df7e0c2d61ca4829c3add727a1696cd058.
Conflicts:
tests/security-server-tests/server.cpp
Change-Id: I10296aab70f267f90e7a94432672fd0b94b9b129
Marcin Niesluchowski [Wed, 21 May 2014 06:51:52 +0000 (08:51 +0200)]
Adjust AccessProvider api to current security-server.
Sockets in security-server has been moved to /run labeled with
System::Run label and AccessProvider provided old smack accesses.
Previous references to sockets' old smack labels has been removed.
Verification:
-> security-tests-all.sh
(server, cookie-api, clientsmack and dbus tests should pass,
no changes in other tests)
Change-Id: I9796fb0b52890553767783de5cffdc7b5ecb8746