-DCYNARA_DB_DIR=%{_localstatedir}/cynara/db \
-DAPP_USER="security_test_user" \
-DCKM_TEST_DIR=%{ckm_test_dir} \
- -DCKM_RW_DATA_DIR=%{ckm_rw_data_dir}
+ -DCKM_RW_DATA_DIR=%{ckm_rw_data_dir} \
+ -DGLOBAL_APP_DIR=%{TZ_SYS_RW_APP}
make %{?jobs:-j%jobs}
%install
/usr/bin/security-manager-tests
/etc/smack/test_smack_rules
/etc/smack/test_smack_rules_lnk
-/opt/usr/globalapps/*
+%{TZ_SYS_RW_APP}*
/usr/bin/cynara-test
/usr/bin/ckm-tests
/usr/bin/ckm-integration-tests
INSTALL(DIRECTORY
${PROJECT_SOURCE_DIR}/src/security-manager-tests/app_files/
- DESTINATION /opt/usr/globalapps/
+ DESTINATION ${GLOBAL_APP_DIR}
)
#include <sys/smack.h>
#include <dpl/test/test_runner.h>
+#include <tzplatform.h>
struct AppInstallHelper {
AppInstallHelper(const std::string &name)
{}
std::string getInstallDir() const {
- return "/opt/usr/globalapps/" + getPkgId();
+ return TzPlatformConfig::globalAppDir() + "/" + getPkgId();
}
std::string getTrustedDir(int i = 0) const {
static std::string genPath(int app_num, const char *postfix) {
char buf[16];
sprintf(buf, "%02d", app_num);
- return std::string("/opt/usr/globalapps/sm_test_") + std::string(buf) + std::string("_pkg_id_full/") + std::string(postfix);
+ return TzPlatformConfig::globalAppDir() + "/sm_test_" + std::string(buf) + "_pkg_id_full/" + std::string(postfix);
}
std::string genRWPath(int app_num) {
return 0;
}
-static const char *const SM_DENIED_PATH = "/opt/usr/globalapps/non_app_dir";
+static const std::string SM_DENIED_PATH = TzPlatformConfig::globalAppDir() + "/non_app_dir";
void check_app_permissions(const char *const app_id, const char *const pkg_id,
const char *const user, const privileges_t &allowed_privs,
result = nftw(SM_PUBLIC_RO_PATH.c_str(), &nftw_check_sm_labels, FTW_MAX_FDS, FTW_PHYS);
RUNNER_ASSERT_MSG(result == 0, "Unable to check Smack labels for " << SM_PUBLIC_RO_PATH);
- result = nftw(SM_DENIED_PATH, &nftw_check_labels_non_app_dir, FTW_MAX_FDS, FTW_PHYS);
+ result = nftw(SM_DENIED_PATH.c_str(), &nftw_check_labels_non_app_dir, FTW_MAX_FDS, FTW_PHYS);
RUNNER_ASSERT_MSG(result == 0, "Unable to check Smack labels for " << SM_DENIED_PATH);
// owner RW, others RO
RUNNER_ASSERT_MSG(result == 0, "Unable to clean Smack labels in " << SM_OWNER_RW_OTHERS_RO_PATH);
}
- result = nftw(SM_DENIED_PATH, &nftw_set_labels_non_app_dir, FTW_MAX_FDS, FTW_PHYS);
+ result = nftw(SM_DENIED_PATH.c_str(), &nftw_set_labels_non_app_dir, FTW_MAX_FDS, FTW_PHYS);
RUNNER_ASSERT_MSG(result == 0, "Unable to set Smack labels in " << SM_DENIED_PATH);
}
#include <memory.h>
#include <sm_db.h>
#include <temp_test_user.h>
+#include <tzplatform.h>
DEFINE_SMARTPTR(cap_free, _cap_struct, CapsSetsUniquePtr);
extern const privileges_t SM_DENIED_PRIVILEGES;
extern const privileges_t SM_NO_PRIVILEGES;
extern const std::vector<std::string> SM_ALLOWED_GROUPS;
-static const char *const SM_RW_PATH = "/opt/usr/globalapps/sm_test_02_pkg_id_full/app_dir";
+const std::string SM_RW_PATH =
+ TzPlatformConfig::globalAppDir() + "/sm_test_02_pkg_id_full/app_dir";
const std::string uidToStr(const uid_t uid);
namespace SecurityManagerTest {
void prepare_request(InstallRequest &request,
- const char *const app_id,
- const char *const pkg_id,
+ const std::string &app_id,
+ const std::string &pkg_id,
app_install_path_type pathType,
- const char *const path,
+ const std::string &path,
uid_t uid)
{
request.setAppId(app_id);
namespace SecurityManagerTest {
class InstallRequest;
void prepare_request(InstallRequest &request,
- const char *const app_id,
- const char *const pkg_id,
+ const std::string &app_id,
+ const std::string &pkg_id,
app_install_path_type pathType,
- const char *const path,
+ const std::string &path,
uid_t uid);
class InstallRequest
{
return std::string(appDir) + "/" + pkgId + "/" + appId;
}
+const std::string globalAppDir()
+{
+ struct tzplatform_context *tzCtxPtr = nullptr;
+
+ RUNNER_ASSERT_MSG(0 == tzplatform_context_create(&tzCtxPtr), "Couldn't create tzplatform context");
+ TzPlatformContextPtr tzCtxPtrSmart(tzCtxPtr);
+
+ const char *appDir = tzplatform_context_getenv(tzCtxPtr, TZ_SYS_RW_APP);
+ RUNNER_ASSERT_MSG(nullptr != appDir,
+ "tzplatform_context_getenv failed for getting sys rw app");
+ return appDir;
+}
+
}
const std::string appDirPath(const TemporaryTestUser &user, const std::string &appId,
const std::string &pkgId);
+const std::string globalAppDir();
}
#include <sm_db.h>
#include <sm_request.h>
#include <tests_common.h>
+#include <tzplatform.h>
using namespace SecurityManagerTest;
-static const char *const SM_TRUSTED_PATH = "/opt/usr/globalapps/sm_test_02_pkg_id_full/app_dir_trusted";
+static const std::string SM_TRUSTED_PATH =
+ TzPlatformConfig::globalAppDir() + "/sm_test_02_pkg_id_full/app_dir_trusted";
static void check_exact_access(const std::string& subject, const std::string& object, const std::string& access)
{