{
const char *subject = "abc345v34sfa";
const char *object = "efg678x2lkjz";
+ const char *server_api = "security-server::api-data-share";
smack_accesses *tmp = NULL;
RUNNER_ASSERT(0 == smack_accesses_new(&tmp));
smack(tmp, smack_accesses_free);
RUNNER_ASSERT(0 == smack_accesses_add(smack.get(), subject, object, "-----"));
+ RUNNER_ASSERT(0 == smack_accesses_add(smack.get(), object, server_api, "rw"));
RUNNER_ASSERT(0 == smack_accesses_apply(smack.get()));
smack_set_label_for_self(object);
RUNNER_ASSERT(0 == smack_have_access(subject, object, "----t"));
}
+RUNNER_CHILD_TEST(tc01c_security_server_app_give_access_no_access)
+{
+ const char *subject = "xxx45v34sfa";
+ const char *object = "yyy78x2lkjz";
+ smack_accesses *tmp = NULL;
+
+ RUNNER_ASSERT(0 == smack_accesses_new(&tmp));
+
+ std::unique_ptr<smack_accesses,std::function<void(smack_accesses*)>>
+ smack(tmp, smack_accesses_free);
+
+ RUNNER_ASSERT(0 == smack_accesses_add(smack.get(), subject, object, "-----"));
+ RUNNER_ASSERT(0 == smack_accesses_apply(smack.get()));
+
+ smack_set_label_for_self(object);
+ RUNNER_ASSERT(SECURITY_SERVER_API_ERROR_ACCESS_DENIED == security_server_app_give_access(subject, getpid()));
+
+ RUNNER_ASSERT(0 == smack_have_access(subject, object, "r"));
+}
+
RUNNER_TEST(tc02_check_privilege_by_pid)
{
int ret;