for(const auto& c : negative) {
int result = smack_have_access(subject.c_str(), object.c_str(), std::string(1, c).c_str());
RUNNER_ASSERT_MSG(result >= 0, "smack_have_access failed");
- RUNNER_ASSERT_MSG(result == 0,
- "Unexpected smack access: " << subject << " " << object << " " << c);
+ RUNNER_ASSERT_MSG(result == 0, "Unexpected access for" <<
+ " subject:" << subject <<
+ " object:" << object <<
+ " right:" << std::string(1,c) <<
+ " result:" << result <<
+ " expected:0");
}
}
Api::install(app, SECURITY_MANAGER_ERROR_INPUT_PARAM);
}
+RUNNER_TEST(security_manager_45_test_authorId_identificator_creation)
+{
+ std::vector<AppInstallHelper> helper {{"a45"}, {"b45"}};
+ auto &trusted1 = helper[0];
+ auto &trusted2 = helper[1];
+
+ TestSecurityManagerDatabase dbtest;
+ const char *authorId1 = "custom_author_id_test a45";
+ const char *authorId2 = "custom_author_id_test b45";
+
+ // cleanup
+ for (auto &e : helper) {
+ e.revokeRules();
+ e.createInstallDir();
+ e.createTrustedDir();
+ }
+
+ // install app with shared/trusted dir
+ InstallRequest trustingApp;
+ trustingApp.setAppId(trusted1.getAppId());
+ trustingApp.setPkgId(trusted1.getPkgId());
+ trustingApp.setAuthorId(authorId1);
+ trustingApp.addPath(trusted1.getTrustedDir().c_str(), SECURITY_MANAGER_PATH_TRUSTED_RW);
+ Api::install(trustingApp);
+
+ int64_t authorDb1 = dbtest.get_author_id(authorId1);
+
+ // install trusted app
+ InstallRequest trustedApp;
+ trustedApp.setAppId(trusted2.getAppId());
+ trustedApp.setPkgId(trusted2.getPkgId());
+ trustedApp.setAuthorId(authorId2);
+ Api::install(trustedApp);
+
+ int64_t authorDb2 = dbtest.get_author_id(authorId2);
+ RUNNER_ASSERT(authorDb1 != authorDb2);
+}
+
+RUNNER_TEST(security_manager_46_pkgId_deinstalation_test)
+{
+ /* Description:
+ * Lets assume that app1 and app2 are part of pkg1.
+ * Deinstalation of app1 mustnot remove rules:
+ * System PKG1Label rwxatl
+ * User PKGLabel rwxatl
+ */
+
+ std::vector<AppInstallHelper> helper {{"a46"}, {"b46"}};
+ auto &trusted1 = helper[0];
+ auto &trusted2 = helper[1];
+
+ std::string authorId1 = "author46XYZ";
+
+ for (auto &e : helper) {
+ e.revokeRules();
+ e.createInstallDir();
+ e.createTrustedDir();
+ }
+
+ InstallRequest trustingApp;
+ trustingApp.setAppId(trusted1.getAppId());
+ trustingApp.setPkgId(trusted1.getPkgId());
+ trustingApp.setAuthorId(authorId1);
+ trustingApp.addPath(trusted1.getTrustedDir().c_str(), SECURITY_MANAGER_PATH_TRUSTED_RW);
+ Api::install(trustingApp);
+
+ InstallRequest trustingApp2;
+ trustingApp2.setAppId(trusted2.getAppId());
+ trustingApp2.setPkgId(trusted1.getPkgId()); // both apps will be part of same pkgId
+ trustingApp2.setAuthorId(authorId1);
+ Api::install(trustingApp2);
+
+ check_exact_access("System", generateAppLabel(trusted1.getAppId()), "rwxl");
+ check_exact_access("User", generateAppLabel(trusted1.getAppId()), "rwxl");
+ check_exact_access("System", generatePkgLabel(trusted1.getPkgId()), "rwxatl");
+ check_exact_access("User", generatePkgLabel(trusted1.getPkgId()), "rwxatl");
+ check_exact_access("System", generateAppLabel(trusted2.getAppId()), "rwxl");
+ check_exact_access("User", generateAppLabel(trusted2.getAppId()), "rwxl");
+
+ Api::uninstall(trustingApp2);
+
+ check_exact_access("System", generateAppLabel(trusted1.getAppId()), "rwxl");
+ check_exact_access("User", generateAppLabel(trusted1.getAppId()), "rwxl");
+ check_exact_access("System", generatePkgLabel(trusted1.getPkgId()), "rwxatl");
+ check_exact_access("User", generatePkgLabel(trusted1.getPkgId()), "rwxatl");
+ check_exact_access("System", generateAppLabel(trusted2.getAppId()), "");
+ check_exact_access("User", generateAppLabel(trusted2.getAppId()), "");
+
+ Api::uninstall(trustingApp);
+
+ check_exact_access("System", generateAppLabel(trusted1.getAppId()), "");
+ check_exact_access("User", generateAppLabel(trusted1.getAppId()), "");
+ check_exact_access("System", generatePkgLabel(trusted1.getPkgId()), "");
+ check_exact_access("User", generatePkgLabel(trusted1.getPkgId()), "");
+}
+
+RUNNER_TEST_GROUP_INIT(SECURITY_MANAGER_CREDENTIAL_API)
+
class ProcessCredentials {
public:
ProcessCredentials(const std::string &smackLabel) : m_label(smackLabel) {}
assertion(sock, pid);
}
-RUNNER_CHILD_TEST(security_manager_45a_get_id_by_socket)
+RUNNER_CHILD_TEST(security_manager_51a_get_id_by_socket)
{
- const char *const sm_app_id = "sm_test_45a_app";
- const char *const sm_pkg_id = "sm_test_45a_pkg";
+ const char *const sm_app_id = "sm_test_51a_app";
+ const char *const sm_pkg_id = "sm_test_51a_pkg";
InstallRequest requestInst;
requestInst.setAppId(sm_app_id);
Api::uninstall(requestUninst);
}
-RUNNER_CHILD_TEST(security_manager_45b_get_id_by_socket)
+RUNNER_CHILD_TEST(security_manager_51b_get_id_by_socket)
{
- const char *const sm_app_id = "sm_test_45b_app";
- const char *const sm_pkg_id = "sm_test_45b_pkg";
+ const char *const sm_app_id = "sm_test_51b_app";
+ const char *const sm_pkg_id = "sm_test_51b_pkg";
InstallRequest requestInst;
requestInst.setAppId(sm_app_id);
Api::uninstall(requestUninst);
}
-RUNNER_CHILD_TEST(security_manager_45c_get_id_by_socket)
+RUNNER_CHILD_TEST(security_manager_51c_get_id_by_socket)
{
- const char *const sm_app_id = "sm_test_45c_app";
- const char *const sm_pkg_id = "sm_test_45c_pkg";
+ const char *const sm_app_id = "sm_test_51c_app";
+ const char *const sm_pkg_id = "sm_test_51c_pkg";
InstallRequest requestInst;
requestInst.setAppId(sm_app_id);
Api::uninstall(requestUninst);
}
-RUNNER_CHILD_TEST(security_manager_45d_get_id_by_socket)
+RUNNER_CHILD_TEST(security_manager_51d_get_id_by_socket)
{
- const char *const sm_app_id = "sm_test_45d_app";
- const char *const sm_pkg_id = "sm_test_45d_pkg";
+ const char *const sm_app_id = "sm_test_51d_app";
+ const char *const sm_pkg_id = "sm_test_51d_pkg";
InstallRequest requestInst;
requestInst.setAppId(sm_app_id);
Api::uninstall(requestUninst);
}
-RUNNER_CHILD_TEST(security_manager_45e_get_id_by_socket)
+RUNNER_CHILD_TEST(security_manager_51e_get_id_by_socket)
{
- const char *const sm_app_id = "sm_test_45e_app";
- const char *const sm_pkg_id = "sm_test_45e_pkg";
+ const char *const sm_app_id = "sm_test_51e_app";
+ const char *const sm_pkg_id = "sm_test_51e_pkg";
InstallRequest requestInst;
requestInst.setAppId(sm_app_id);
Api::uninstall(requestUninst);
}
-RUNNER_CHILD_TEST(security_manager_46a_get_id_by_pid)
+RUNNER_CHILD_TEST(security_manager_52a_get_id_by_pid)
{
- const char *const sm_app_id = "sm_test_46a_app";
- const char *const sm_pkg_id = "sm_test_46a_pkg";
+ const char *const sm_app_id = "sm_test_52a_app";
+ const char *const sm_pkg_id = "sm_test_52a_pkg";
InstallRequest requestInst;
requestInst.setAppId(sm_app_id);
Api::uninstall(requestUninst);
}
-RUNNER_CHILD_TEST(security_manager_46b_get_id_by_pid)
+RUNNER_CHILD_TEST(security_manager_52b_get_id_by_pid)
{
- const char *const sm_app_id = "sm_test_46b_app";
- const char *const sm_pkg_id = "sm_test_46b_pkg";
+ const char *const sm_app_id = "sm_test_52b_app";
+ const char *const sm_pkg_id = "sm_test_52b_pkg";
InstallRequest requestInst;
requestInst.setAppId(sm_app_id);
Api::uninstall(requestUninst);
}
-RUNNER_CHILD_TEST(security_manager_46c_get_id_by_pid)
+RUNNER_CHILD_TEST(security_manager_52c_get_id_by_pid)
{
- const char *const sm_app_id = "sm_test_46c_app";
- const char *const sm_pkg_id = "sm_test_46c_pkg";
+ const char *const sm_app_id = "sm_test_52c_app";
+ const char *const sm_pkg_id = "sm_test_52c_pkg";
InstallRequest requestInst;
requestInst.setAppId(sm_app_id);
Api::uninstall(requestUninst);
}
-RUNNER_CHILD_TEST(security_manager_46d_get_id_by_pid)
+RUNNER_CHILD_TEST(security_manager_52d_get_id_by_pid)
{
- const char *const sm_app_id = "sm_test_46d_app";
- const char *const sm_pkg_id = "sm_test_46d_pkg";
+ const char *const sm_app_id = "sm_test_52d_app";
+ const char *const sm_pkg_id = "sm_test_52d_pkg";
InstallRequest requestInst;
requestInst.setAppId(sm_app_id);
Api::uninstall(requestUninst);
}
-RUNNER_CHILD_TEST(security_manager_46e_get_id_by_pid)
+RUNNER_CHILD_TEST(security_manager_52e_get_id_by_pid)
{
- const char *const sm_app_id = "sm_test_46e_app";
- const char *const sm_pkg_id = "sm_test_46e_pkg";
+ const char *const sm_app_id = "sm_test_52e_app";
+ const char *const sm_pkg_id = "sm_test_52e_pkg";
InstallRequest requestInst;
requestInst.setAppId(sm_app_id);
Api::uninstall(requestUninst);
}
-RUNNER_CHILD_TEST(security_manager_47_app_has_privilege)
+RUNNER_CHILD_TEST(security_manager_53_app_has_privilege)
{
- const char *const sm_app_id = "sm_test_47_app";
- const char *const sm_pkg_id = "sm_test_47_pkg";
+ const char *const sm_app_id = "sm_test_53_app";
+ const char *const sm_pkg_id = "sm_test_53_pkg";
const std::string new_user_name = "sm_test_47_user_name";
InstallRequest requestInst;