From 4d9cde96eb4fd2d37af27db9d323fbd8c7bff914 Mon Sep 17 00:00:00 2001 From: Marcin Niesluchowski Date: Tue, 9 Dec 2014 16:52:50 +0100 Subject: [PATCH] Make app id and pkg id unique for each security-manager test app ids and pkg ids are used in global scope, some of them same for various tests. They should be unique based on test name. Change-Id: Idb80cb5adb63d8557fb9327769d42cefde4bdd24 --- .../security_manager_tests.cpp | 72 ++++++++++++---------- 1 file changed, 38 insertions(+), 34 deletions(-) diff --git a/tests/security-manager-tests/security_manager_tests.cpp b/tests/security-manager-tests/security_manager_tests.cpp index 5c362d4..fba16fd 100644 --- a/tests/security-manager-tests/security_manager_tests.cpp +++ b/tests/security-manager-tests/security_manager_tests.cpp @@ -25,15 +25,6 @@ DEFINE_SMARTPTR(security_manager_app_inst_req_free, app_inst_req, AppInstReqUniquePtr); DEFINE_SMARTPTR(cap_free, _cap_struct, CapsSetsUniquePtr); -static const char *const SM_APP_ID1 = "sm_test_app_id_double"; -static const char *const SM_PKG_ID1 = "sm_test_pkg_id_double"; - -static const char *const SM_APP_ID2 = "sm_test_app_id_full"; -static const char *const SM_PKG_ID2 = "sm_test_pkg_id_full"; - -static const char *const SM_APP_ID3 = "sm_test_app_id_uid"; -static const char *const SM_PKG_ID3 = "sm_test_pkg_id_uid"; - static const privileges_t SM_ALLOWED_PRIVILEGES = { "security_manager_test_rules2_r", "security_manager_test_rules2_no_r" @@ -319,14 +310,16 @@ RUNNER_TEST(security_manager_01_app_double_install_double_uninstall) { int result; AppInstReqUniquePtr request; + const char *const sm_app_id = "sm_test_01_app_id_double"; + const char *const sm_pkg_id = "sm_test_01_pkg_id_double"; request.reset(do_app_inst_req_new()); - result = security_manager_app_inst_req_set_app_id(request.get(), SM_APP_ID1); + result = security_manager_app_inst_req_set_app_id(request.get(), sm_app_id); RUNNER_ASSERT_MSG((lib_retcode)result == SECURITY_MANAGER_SUCCESS, "setting app id failed. Result: " << result); - result = security_manager_app_inst_req_set_pkg_id(request.get(), SM_PKG_ID1); + result = security_manager_app_inst_req_set_pkg_id(request.get(), sm_pkg_id); RUNNER_ASSERT_MSG((lib_retcode)result == SECURITY_MANAGER_SUCCESS, "setting pkg id failed. Result: " << result); @@ -339,11 +332,11 @@ RUNNER_TEST(security_manager_01_app_double_install_double_uninstall) "installing already installed app failed. Result: " << result); /* Check records in the security-manager database */ - check_app_after_install(SM_APP_ID1, SM_PKG_ID1); + check_app_after_install(sm_app_id, sm_pkg_id); request.reset(do_app_inst_req_new()); - result = security_manager_app_inst_req_set_app_id(request.get(), SM_APP_ID1); + result = security_manager_app_inst_req_set_app_id(request.get(), sm_app_id); RUNNER_ASSERT_MSG((lib_retcode)result == SECURITY_MANAGER_SUCCESS, "setting app id failed. Result: " << result); @@ -356,23 +349,25 @@ RUNNER_TEST(security_manager_01_app_double_install_double_uninstall) "uninstalling already uninstalled app failed. Result: " << result); /* Check records in the security-manager database */ - check_app_after_uninstall(SM_APP_ID1, SM_PKG_ID1, TestSecurityManagerDatabase::REMOVED); + check_app_after_uninstall(sm_app_id, sm_pkg_id, TestSecurityManagerDatabase::REMOVED); } RUNNER_TEST(security_manager_02_app_install_uninstall_full) { int result; AppInstReqUniquePtr request; + const char *const sm_app_id = "sm_test_02_app_id_full"; + const char *const sm_pkg_id = "sm_test_02_pkg_id_full"; prepare_app_env(); request.reset(do_app_inst_req_new()); - result = security_manager_app_inst_req_set_app_id(request.get(), SM_APP_ID2); + result = security_manager_app_inst_req_set_app_id(request.get(), sm_app_id); RUNNER_ASSERT_MSG((lib_retcode)result == SECURITY_MANAGER_SUCCESS, "setting app id failed. Result: " << result); - result = security_manager_app_inst_req_set_pkg_id(request.get(), SM_PKG_ID2); + result = security_manager_app_inst_req_set_pkg_id(request.get(), sm_pkg_id); RUNNER_ASSERT_MSG((lib_retcode)result == SECURITY_MANAGER_SUCCESS, "setting pkg id failed. Result: " << result); @@ -398,7 +393,7 @@ RUNNER_TEST(security_manager_02_app_install_uninstall_full) "installing app failed. Result: " << result); /* Check records in the security-manager database */ - check_app_after_install(SM_APP_ID2, SM_PKG_ID2, + check_app_after_install(sm_app_id, sm_pkg_id, SM_ALLOWED_PRIVILEGES, SM_DENIED_PRIVILEGES, SM_ALLOWED_GROUPS); /* TODO: add parameters to this function */ @@ -406,7 +401,7 @@ RUNNER_TEST(security_manager_02_app_install_uninstall_full) request.reset(do_app_inst_req_new()); - result = security_manager_app_inst_req_set_app_id(request.get(), SM_APP_ID2); + result = security_manager_app_inst_req_set_app_id(request.get(), sm_app_id); RUNNER_ASSERT_MSG((lib_retcode)result == SECURITY_MANAGER_SUCCESS, "setting app id failed. Result: " << result); @@ -416,14 +411,14 @@ RUNNER_TEST(security_manager_02_app_install_uninstall_full) /* Check records in the security-manager database, * all previously allowed privileges should be removed */ - check_app_after_uninstall(SM_APP_ID2, SM_PKG_ID2, + check_app_after_uninstall(sm_app_id, sm_pkg_id, SM_ALLOWED_PRIVILEGES, TestSecurityManagerDatabase::REMOVED); } RUNNER_CHILD_TEST_SMACK(security_manager_03_set_label_from_appid) { - const char *const app_id = "sm_test_app_id_set_label_from_appid"; - const char *const pkg_id = "sm_test_pkg_id_set_label_from_appid"; + const char *const app_id = "sm_test_03_app_id_set_label_from_appid_smack"; + const char *const pkg_id = "sm_test_03_pkg_id_set_label_from_appid_smack"; const char *const expected_label = USER_APP_ID; const char *const socketLabel = "not_expected_label"; char *label = nullptr; @@ -488,8 +483,8 @@ RUNNER_CHILD_TEST_SMACK(security_manager_03_set_label_from_appid) RUNNER_CHILD_TEST_NOSMACK(security_manager_03_set_label_from_appid_nosmack) { - const char *const app_id = "sm_test_app_id_set_label_from_appid"; - const char *const pkg_id = "sm_test_pkg_id_set_label_from_appid"; + const char *const app_id = "sm_test_03_app_id_set_label_from_appid_nosmack"; + const char *const pkg_id = "sm_test_03_pkg_id_set_label_from_appid_nosmack"; int result; uninstall_app(app_id, pkg_id, false, true); @@ -546,11 +541,14 @@ static struct passwd* get_app_pw() } -static void install_and_check(AppInstReqUniquePtr &request, const std::string &user, uid_t uid) +static void install_and_check(AppInstReqUniquePtr &request, + const char *const sm_app_id, + const char *const sm_pkg_id, + const std::string &user, uid_t uid) { int result; //install app for non-root user and try to register public path (should fail) - prepare_request(request, SM_APP_ID3, SM_PKG_ID3, SECURITY_MANAGER_PATH_PUBLIC, SM_PRIVATE_PATH_FOR_USER, uid); + prepare_request(request, sm_app_id, sm_pkg_id, SECURITY_MANAGER_PATH_PUBLIC, SM_PRIVATE_PATH_FOR_USER, uid); result = security_manager_app_install(request.get()); RUNNER_ASSERT_MSG((lib_retcode)result == SECURITY_MANAGER_ERROR_AUTHENTICATION_FAILED, @@ -558,14 +556,14 @@ static void install_and_check(AppInstReqUniquePtr &request, const std::string &u //install app for non-root user //should fail (users may only register folders inside their home) - prepare_request(request, SM_APP_ID3, SM_PKG_ID3, SECURITY_MANAGER_PATH_PRIVATE, SM_PRIVATE_PATH, uid); + prepare_request(request, sm_app_id, sm_pkg_id, SECURITY_MANAGER_PATH_PRIVATE, SM_PRIVATE_PATH, uid); result = security_manager_app_install(request.get()); RUNNER_ASSERT_MSG((lib_retcode)result == SECURITY_MANAGER_ERROR_AUTHENTICATION_FAILED, "installing app not failed. Result: " << result); //install app for non-root user //should succeed - this time i register folder inside user's home dir - prepare_request(request, SM_APP_ID3, SM_PKG_ID3, SECURITY_MANAGER_PATH_PRIVATE, SM_PRIVATE_PATH_FOR_USER, uid); + prepare_request(request, sm_app_id, sm_pkg_id, SECURITY_MANAGER_PATH_PRIVATE, SM_PRIVATE_PATH_FOR_USER, uid); for (auto &privilege : SM_ALLOWED_PRIVILEGES) { result = security_manager_app_inst_req_add_privilege(request.get(), privilege.c_str()); @@ -576,13 +574,16 @@ static void install_and_check(AppInstReqUniquePtr &request, const std::string &u RUNNER_ASSERT_MSG((lib_retcode)result == SECURITY_MANAGER_SUCCESS, "installing app failed. Result: " << result); - check_app_permissions(SM_APP_ID3, SM_PKG_ID3, user.c_str(), SM_ALLOWED_PRIVILEGES, SM_DENIED_PRIVILEGES); + check_app_permissions(sm_app_id, sm_pkg_id, user.c_str(), SM_ALLOWED_PRIVILEGES, SM_DENIED_PRIVILEGES); } RUNNER_CHILD_TEST(security_manager_04a_app_install_uninstall_by_app_user_for_self) { int result; AppInstReqUniquePtr request; + const char *const sm_app_id = "sm_test_04a_app_id_uid"; + const char *const sm_pkg_id = "sm_test_04a_pkg_id_uid"; + struct passwd *pw = get_app_pw(); const std::string user = std::to_string(static_cast(pw->pw_uid)); @@ -590,12 +591,12 @@ RUNNER_CHILD_TEST(security_manager_04a_app_install_uninstall_by_app_user_for_sel result = drop_root_privileges(pw->pw_uid, pw->pw_gid); RUNNER_ASSERT_MSG(result == 0, "drop_root_privileges failed"); - install_and_check(request, user, 0); + install_and_check(request, sm_app_id, sm_pkg_id, user, 0); //uninstall app as non-root user request.reset(do_app_inst_req_new()); - result = security_manager_app_inst_req_set_app_id(request.get(), SM_APP_ID3); + result = security_manager_app_inst_req_set_app_id(request.get(), sm_app_id); RUNNER_ASSERT_MSG((lib_retcode)result == SECURITY_MANAGER_SUCCESS, "setting app id failed. Result: " << result); @@ -603,17 +604,20 @@ RUNNER_CHILD_TEST(security_manager_04a_app_install_uninstall_by_app_user_for_sel RUNNER_ASSERT_MSG((lib_retcode)result == SECURITY_MANAGER_SUCCESS, "uninstalling app failed. Result: " << result); - check_app_permissions(SM_APP_ID3, SM_PKG_ID3, user.c_str(), SM_NO_PRIVILEGES, SM_ALLOWED_PRIVILEGES); + check_app_permissions(sm_app_id, sm_pkg_id, user.c_str(), SM_NO_PRIVILEGES, SM_ALLOWED_PRIVILEGES); } RUNNER_CHILD_TEST(security_manager_04b_app_install_by_root_for_app_user) { int result; AppInstReqUniquePtr request; + const char *const sm_app_id = "sm_test_04b_app_id_uid"; + const char *const sm_pkg_id = "sm_test_04b_pkg_id_uid"; + struct passwd *pw = get_app_pw(); const std::string user = std::to_string(static_cast(pw->pw_uid)); - install_and_check(request, user, pw->pw_uid); + install_and_check(request, sm_app_id, sm_pkg_id, user, pw->pw_uid); //switch user to non-root - root may not uninstall apps for specified users result = drop_root_privileges(pw->pw_uid, pw->pw_gid); @@ -622,7 +626,7 @@ RUNNER_CHILD_TEST(security_manager_04b_app_install_by_root_for_app_user) //uninstall app as non-root user request.reset(do_app_inst_req_new()); - result = security_manager_app_inst_req_set_app_id(request.get(), SM_APP_ID3); + result = security_manager_app_inst_req_set_app_id(request.get(), sm_app_id); RUNNER_ASSERT_MSG((lib_retcode)result == SECURITY_MANAGER_SUCCESS, "setting app id failed. Result: " << result); @@ -630,7 +634,7 @@ RUNNER_CHILD_TEST(security_manager_04b_app_install_by_root_for_app_user) RUNNER_ASSERT_MSG((lib_retcode)result == SECURITY_MANAGER_SUCCESS, "uninstalling app failed. Result: " << result); - check_app_permissions(SM_APP_ID3, SM_PKG_ID3, user.c_str(), SM_NO_PRIVILEGES, SM_ALLOWED_PRIVILEGES); + check_app_permissions(sm_app_id, sm_pkg_id, user.c_str(), SM_NO_PRIVILEGES, SM_ALLOWED_PRIVILEGES); } -- 2.7.4