From 3b2ce10e7ec8b10e3c1d96ae52302ef46c29829d Mon Sep 17 00:00:00 2001
From: Marcin Lis <m.lis@samsung.com>
Date: Tue, 18 Nov 2014 16:04:56 +0100
Subject: [PATCH] security-manager tests: reorganize directories used and
 registered by apps

1. Move global user directories from /etc/smack/ to its home dir: /usr/apps/
2. Remove directories, functions and checks associated with
   SECURITY_MANAGER_PATH_PUBLIC - it should not be used anymore and will be
   removed.

[Verification] run security-manager-tests and ensure that all succeed.

Change-Id: Ifb04fd19b35cc226473159728d172525fbc44bdc
Signed-off-by: Marcin Lis <m.lis@samsung.com>
---
 packaging/security-tests.spec                      |  4 ++--
 tests/security-manager-tests/CMakeLists.txt        |  2 +-
 .../security_manager_tests.cpp                     | 25 +++-------------------
 .../test_DIR/app_dir_public/.level_1/.level_2/exec |  0
 .../app_dir_public/.level_1/.level_2/normal        |  0
 .../test_DIR/app_dir_public/.level_1/exec          |  0
 .../test_DIR/app_dir_public/.level_1/level_2/exec  |  0
 .../app_dir_public/.level_1/level_2/normal         |  0
 .../test_DIR/app_dir_public/.level_1/normal        |  0
 .../test_DIR/app_dir_public/exec                   |  0
 .../test_DIR/app_dir_public/level_1/.level_2/exec  |  0
 .../app_dir_public/level_1/.level_2/normal         |  0
 .../test_DIR/app_dir_public/level_1/exec           |  0
 .../test_DIR/app_dir_public/level_1/level_2/exec   |  0
 .../app_dir_public/level_1/level_2/link_to_exec    |  1 -
 .../level_1/level_2/link_to_non_exec               |  1 -
 .../test_DIR/app_dir_public/level_1/level_2/normal |  0
 .../test_DIR/app_dir_public/level_1/link_to_exec   |  1 -
 .../app_dir_public/level_1/link_to_non_exec        |  1 -
 .../test_DIR/app_dir_public/level_1/normal         |  0
 .../test_DIR/app_dir_public/link_to_exec           |  1 -
 .../test_DIR/app_dir_public/link_to_non_app_dir    |  1 -
 .../test_DIR/app_dir_public/link_to_non_app_exec   |  1 -
 .../test_DIR/app_dir_public/link_to_non_app_normal |  1 -
 .../test_DIR/app_dir_public/link_to_non_exec       |  1 -
 .../test_DIR/app_dir_public/normal                 |  0
 26 files changed, 6 insertions(+), 34 deletions(-)
 delete mode 100755 tests/security-manager-tests/test_DIR/app_dir_public/.level_1/.level_2/exec
 delete mode 100644 tests/security-manager-tests/test_DIR/app_dir_public/.level_1/.level_2/normal
 delete mode 100755 tests/security-manager-tests/test_DIR/app_dir_public/.level_1/exec
 delete mode 100755 tests/security-manager-tests/test_DIR/app_dir_public/.level_1/level_2/exec
 delete mode 100644 tests/security-manager-tests/test_DIR/app_dir_public/.level_1/level_2/normal
 delete mode 100644 tests/security-manager-tests/test_DIR/app_dir_public/.level_1/normal
 delete mode 100755 tests/security-manager-tests/test_DIR/app_dir_public/exec
 delete mode 100755 tests/security-manager-tests/test_DIR/app_dir_public/level_1/.level_2/exec
 delete mode 100644 tests/security-manager-tests/test_DIR/app_dir_public/level_1/.level_2/normal
 delete mode 100755 tests/security-manager-tests/test_DIR/app_dir_public/level_1/exec
 delete mode 100755 tests/security-manager-tests/test_DIR/app_dir_public/level_1/level_2/exec
 delete mode 120000 tests/security-manager-tests/test_DIR/app_dir_public/level_1/level_2/link_to_exec
 delete mode 120000 tests/security-manager-tests/test_DIR/app_dir_public/level_1/level_2/link_to_non_exec
 delete mode 100644 tests/security-manager-tests/test_DIR/app_dir_public/level_1/level_2/normal
 delete mode 120000 tests/security-manager-tests/test_DIR/app_dir_public/level_1/link_to_exec
 delete mode 120000 tests/security-manager-tests/test_DIR/app_dir_public/level_1/link_to_non_exec
 delete mode 100644 tests/security-manager-tests/test_DIR/app_dir_public/level_1/normal
 delete mode 120000 tests/security-manager-tests/test_DIR/app_dir_public/link_to_exec
 delete mode 120000 tests/security-manager-tests/test_DIR/app_dir_public/link_to_non_app_dir
 delete mode 120000 tests/security-manager-tests/test_DIR/app_dir_public/link_to_non_app_exec
 delete mode 120000 tests/security-manager-tests/test_DIR/app_dir_public/link_to_non_app_normal
 delete mode 120000 tests/security-manager-tests/test_DIR/app_dir_public/link_to_non_exec
 delete mode 100644 tests/security-manager-tests/test_DIR/app_dir_public/normal

diff --git a/packaging/security-tests.spec b/packaging/security-tests.spec
index 255d65d..fb16074 100644
--- a/packaging/security-tests.spec
+++ b/packaging/security-tests.spec
@@ -60,7 +60,7 @@ ln -sf /etc/smack/test_smack_rules %{buildroot}/etc/smack/test_smack_rules_lnk
 %{_bindir}/gum-utils --add-user --username=security-tests-app --usertype=4 --offline
 
 find /etc/smack/test_privilege_control_DIR/ -type f -name exec -exec chmod 0755 {} +
-find /etc/smack/test_DIR/ -type f -name exec -exec chmod 0755 {} +
+find /usr/apps/test_DIR/ -type f -name exec -exec chmod 0755 {} +
 
 # Load permissions templates
 api_feature_loader --verbose
@@ -100,7 +100,7 @@ echo "security-tests postinst done ..."
 /etc/smack/test_smack_rules_lnk
 /usr/share/privilege-control/*
 /etc/smack/test_privilege_control_DIR/*
-/etc/smack/test_DIR/*
+/usr/apps/test_DIR/*
 /home/security-tests-app/test_DIR
 /usr/bin/test-app-efl
 /usr/bin/test-app-osp
diff --git a/tests/security-manager-tests/CMakeLists.txt b/tests/security-manager-tests/CMakeLists.txt
index 1f190bb..9392c3e 100644
--- a/tests/security-manager-tests/CMakeLists.txt
+++ b/tests/security-manager-tests/CMakeLists.txt
@@ -68,7 +68,7 @@ INSTALL(TARGETS ${TARGET_SEC_MGR_TESTS} DESTINATION /usr/bin)
 
 INSTALL(DIRECTORY
     ${PROJECT_SOURCE_DIR}/tests/security-manager-tests/test_DIR
-    DESTINATION /etc/smack/
+    DESTINATION /usr/apps/
 )
 
 INSTALL(DIRECTORY
diff --git a/tests/security-manager-tests/security_manager_tests.cpp b/tests/security-manager-tests/security_manager_tests.cpp
index afe4c18..ab6c0cd 100644
--- a/tests/security-manager-tests/security_manager_tests.cpp
+++ b/tests/security-manager-tests/security_manager_tests.cpp
@@ -49,10 +49,9 @@ static const privileges_t SM_NO_PRIVILEGES  = {
 
 static const std::vector<std::string> SM_ALLOWED_GROUPS = {"db_browser", "db_alarm"};
 
-static const char *const SM_PRIVATE_PATH = "/etc/smack/test_DIR/app_dir";
-static const char *const SM_PUBLIC_PATH = "/etc/smack/test_DIR/app_dir_public";
-static const char *const SM_PUBLIC_RO_PATH = "/etc/smack/test_DIR/app_dir_public_ro";
-static const char *const SM_DENIED_PATH = "/etc/smack/test_DIR/non_app_dir";
+static const char *const SM_PRIVATE_PATH = "/usr/apps/test_DIR/app_dir";
+static const char *const SM_PUBLIC_RO_PATH = "/usr/apps/test_DIR/app_dir_public_ro";
+static const char *const SM_DENIED_PATH = "/usr/apps/test_DIR/non_app_dir";
 static const char *const SM_PRIVATE_PATH_FOR_USER = "/home/" APP_USER "/test_DIR";
 static const char *const ANY_USER_REPRESENTATION = "anyuser";/*this may be actually any string*/
 
@@ -115,13 +114,6 @@ static int nftw_check_sm_labels_app_private_dir(const char *fpath, const struct
     return nftw_check_sm_labels_app_dir(fpath, sb, USER_APP_ID, false, true);
 }
 
-static int nftw_check_sm_labels_app_public_dir(const char *fpath, const struct stat *sb,
-                               int /*typeflag*/, struct FTW* /*ftwbuf*/)
-{
-
-    return nftw_check_sm_labels_app_dir(fpath, sb, "User", true, false);
-}
-
 static int nftw_check_sm_labels_app_floor_dir(const char *fpath, const struct stat *sb,
                                int /*typeflag*/, struct FTW* /*ftwbuf*/)
 {
@@ -148,9 +140,6 @@ static void prepare_app_path()
     result = nftw(SM_PRIVATE_PATH, &nftw_remove_labels, FTW_MAX_FDS, FTW_PHYS);
     RUNNER_ASSERT_MSG(result == 0, "Unable to clean Smack labels in " << SM_PRIVATE_PATH);
 
-    result = nftw(SM_PUBLIC_PATH, &nftw_remove_labels, FTW_MAX_FDS, FTW_PHYS);
-    RUNNER_ASSERT_MSG(result == 0, "Unable to clean Smack labels in " << SM_PUBLIC_PATH);
-
     result = nftw(SM_PUBLIC_RO_PATH, &nftw_remove_labels, FTW_MAX_FDS, FTW_PHYS);
     RUNNER_ASSERT_MSG(result == 0, "Unable to clean Smack labels in " << SM_PUBLIC_RO_PATH);
 
@@ -171,9 +160,6 @@ static void check_app_path_after_install()
     result = nftw(SM_PRIVATE_PATH, &nftw_check_sm_labels_app_private_dir, FTW_MAX_FDS, FTW_PHYS);
     RUNNER_ASSERT_MSG(result == 0, "Unable to check Smack labels for " << SM_PRIVATE_PATH);
 
-    result = nftw(SM_PUBLIC_PATH, &nftw_check_sm_labels_app_public_dir, FTW_MAX_FDS, FTW_PHYS);
-    RUNNER_ASSERT_MSG(result == 0, "Unable to check Smack labels for " << SM_PUBLIC_PATH);
-
     result = nftw(SM_PUBLIC_RO_PATH, &nftw_check_sm_labels_app_floor_dir, FTW_MAX_FDS, FTW_PHYS);
     RUNNER_ASSERT_MSG(result == 0, "Unable to check Smack labels for " << SM_PUBLIC_RO_PATH);
 
@@ -402,11 +388,6 @@ RUNNER_TEST(security_manager_02_app_install_uninstall_full)
     RUNNER_ASSERT_MSG((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
             "setting allowed path failed. Result: " << result);
 
-    result = security_manager_app_inst_req_add_path(request.get(), SM_PUBLIC_PATH,
-                                                    SECURITY_MANAGER_PATH_PUBLIC);
-    RUNNER_ASSERT_MSG((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
-            "setting allowed path failed. Result: " << result);
-
     result = security_manager_app_inst_req_add_path(request.get(), SM_PUBLIC_RO_PATH,
                                                     SECURITY_MANAGER_PATH_PUBLIC_RO);
     RUNNER_ASSERT_MSG((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
diff --git a/tests/security-manager-tests/test_DIR/app_dir_public/.level_1/.level_2/exec b/tests/security-manager-tests/test_DIR/app_dir_public/.level_1/.level_2/exec
deleted file mode 100755
index e69de29..0000000
diff --git a/tests/security-manager-tests/test_DIR/app_dir_public/.level_1/.level_2/normal b/tests/security-manager-tests/test_DIR/app_dir_public/.level_1/.level_2/normal
deleted file mode 100644
index e69de29..0000000
diff --git a/tests/security-manager-tests/test_DIR/app_dir_public/.level_1/exec b/tests/security-manager-tests/test_DIR/app_dir_public/.level_1/exec
deleted file mode 100755
index e69de29..0000000
diff --git a/tests/security-manager-tests/test_DIR/app_dir_public/.level_1/level_2/exec b/tests/security-manager-tests/test_DIR/app_dir_public/.level_1/level_2/exec
deleted file mode 100755
index e69de29..0000000
diff --git a/tests/security-manager-tests/test_DIR/app_dir_public/.level_1/level_2/normal b/tests/security-manager-tests/test_DIR/app_dir_public/.level_1/level_2/normal
deleted file mode 100644
index e69de29..0000000
diff --git a/tests/security-manager-tests/test_DIR/app_dir_public/.level_1/normal b/tests/security-manager-tests/test_DIR/app_dir_public/.level_1/normal
deleted file mode 100644
index e69de29..0000000
diff --git a/tests/security-manager-tests/test_DIR/app_dir_public/exec b/tests/security-manager-tests/test_DIR/app_dir_public/exec
deleted file mode 100755
index e69de29..0000000
diff --git a/tests/security-manager-tests/test_DIR/app_dir_public/level_1/.level_2/exec b/tests/security-manager-tests/test_DIR/app_dir_public/level_1/.level_2/exec
deleted file mode 100755
index e69de29..0000000
diff --git a/tests/security-manager-tests/test_DIR/app_dir_public/level_1/.level_2/normal b/tests/security-manager-tests/test_DIR/app_dir_public/level_1/.level_2/normal
deleted file mode 100644
index e69de29..0000000
diff --git a/tests/security-manager-tests/test_DIR/app_dir_public/level_1/exec b/tests/security-manager-tests/test_DIR/app_dir_public/level_1/exec
deleted file mode 100755
index e69de29..0000000
diff --git a/tests/security-manager-tests/test_DIR/app_dir_public/level_1/level_2/exec b/tests/security-manager-tests/test_DIR/app_dir_public/level_1/level_2/exec
deleted file mode 100755
index e69de29..0000000
diff --git a/tests/security-manager-tests/test_DIR/app_dir_public/level_1/level_2/link_to_exec b/tests/security-manager-tests/test_DIR/app_dir_public/level_1/level_2/link_to_exec
deleted file mode 120000
index f1b66f3..0000000
--- a/tests/security-manager-tests/test_DIR/app_dir_public/level_1/level_2/link_to_exec
+++ /dev/null
@@ -1 +0,0 @@
-exec
\ No newline at end of file
diff --git a/tests/security-manager-tests/test_DIR/app_dir_public/level_1/level_2/link_to_non_exec b/tests/security-manager-tests/test_DIR/app_dir_public/level_1/level_2/link_to_non_exec
deleted file mode 120000
index 5ae0346..0000000
--- a/tests/security-manager-tests/test_DIR/app_dir_public/level_1/level_2/link_to_non_exec
+++ /dev/null
@@ -1 +0,0 @@
-normal
\ No newline at end of file
diff --git a/tests/security-manager-tests/test_DIR/app_dir_public/level_1/level_2/normal b/tests/security-manager-tests/test_DIR/app_dir_public/level_1/level_2/normal
deleted file mode 100644
index e69de29..0000000
diff --git a/tests/security-manager-tests/test_DIR/app_dir_public/level_1/link_to_exec b/tests/security-manager-tests/test_DIR/app_dir_public/level_1/link_to_exec
deleted file mode 120000
index f1b66f3..0000000
--- a/tests/security-manager-tests/test_DIR/app_dir_public/level_1/link_to_exec
+++ /dev/null
@@ -1 +0,0 @@
-exec
\ No newline at end of file
diff --git a/tests/security-manager-tests/test_DIR/app_dir_public/level_1/link_to_non_exec b/tests/security-manager-tests/test_DIR/app_dir_public/level_1/link_to_non_exec
deleted file mode 120000
index 5ae0346..0000000
--- a/tests/security-manager-tests/test_DIR/app_dir_public/level_1/link_to_non_exec
+++ /dev/null
@@ -1 +0,0 @@
-normal
\ No newline at end of file
diff --git a/tests/security-manager-tests/test_DIR/app_dir_public/level_1/normal b/tests/security-manager-tests/test_DIR/app_dir_public/level_1/normal
deleted file mode 100644
index e69de29..0000000
diff --git a/tests/security-manager-tests/test_DIR/app_dir_public/link_to_exec b/tests/security-manager-tests/test_DIR/app_dir_public/link_to_exec
deleted file mode 120000
index f1b66f3..0000000
--- a/tests/security-manager-tests/test_DIR/app_dir_public/link_to_exec
+++ /dev/null
@@ -1 +0,0 @@
-exec
\ No newline at end of file
diff --git a/tests/security-manager-tests/test_DIR/app_dir_public/link_to_non_app_dir b/tests/security-manager-tests/test_DIR/app_dir_public/link_to_non_app_dir
deleted file mode 120000
index 4c67b09..0000000
--- a/tests/security-manager-tests/test_DIR/app_dir_public/link_to_non_app_dir
+++ /dev/null
@@ -1 +0,0 @@
-../non_app_dir
\ No newline at end of file
diff --git a/tests/security-manager-tests/test_DIR/app_dir_public/link_to_non_app_exec b/tests/security-manager-tests/test_DIR/app_dir_public/link_to_non_app_exec
deleted file mode 120000
index 94e5405..0000000
--- a/tests/security-manager-tests/test_DIR/app_dir_public/link_to_non_app_exec
+++ /dev/null
@@ -1 +0,0 @@
-../non_app_dir/exec
\ No newline at end of file
diff --git a/tests/security-manager-tests/test_DIR/app_dir_public/link_to_non_app_normal b/tests/security-manager-tests/test_DIR/app_dir_public/link_to_non_app_normal
deleted file mode 120000
index f7f5e53..0000000
--- a/tests/security-manager-tests/test_DIR/app_dir_public/link_to_non_app_normal
+++ /dev/null
@@ -1 +0,0 @@
-../non_app_dir/normal
\ No newline at end of file
diff --git a/tests/security-manager-tests/test_DIR/app_dir_public/link_to_non_exec b/tests/security-manager-tests/test_DIR/app_dir_public/link_to_non_exec
deleted file mode 120000
index 5ae0346..0000000
--- a/tests/security-manager-tests/test_DIR/app_dir_public/link_to_non_exec
+++ /dev/null
@@ -1 +0,0 @@
-normal
\ No newline at end of file
diff --git a/tests/security-manager-tests/test_DIR/app_dir_public/normal b/tests/security-manager-tests/test_DIR/app_dir_public/normal
deleted file mode 100644
index e69de29..0000000
-- 
2.7.4