]>
Commit | Line | Data |
---|---|---|
20725d92 DM |
1 | /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/ |
2 | ||
3 | /*** | |
4 | This file is part of systemd. | |
5 | ||
6 | Copyright 2014 Daniel Mack | |
7 | ||
8 | systemd is free software; you can redistribute it and/or modify it | |
9 | under the terms of the GNU Lesser General Public License as published by | |
10 | the Free Software Foundation; either version 2.1 of the License, or | |
11 | (at your option) any later version. | |
12 | ||
13 | systemd is distributed in the hope that it will be useful, but | |
14 | WITHOUT ANY WARRANTY; without even the implied warranty of | |
15 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
16 | Lesser General Public License for more details. | |
17 | ||
18 | You should have received a copy of the GNU Lesser General Public License | |
19 | along with systemd; If not, see <http://www.gnu.org/licenses/>. | |
20 | ***/ | |
21 | ||
22 | #include <sys/socket.h> | |
23 | #include <sys/un.h> | |
24 | #include <sys/types.h> | |
25 | #include <fcntl.h> | |
26 | #include <unistd.h> | |
27 | #include <string.h> | |
28 | #include <errno.h> | |
29 | #include <sys/poll.h> | |
30 | #include <stddef.h> | |
31 | #include <getopt.h> | |
32 | ||
33 | #include "log.h" | |
34 | #include "util.h" | |
35 | #include "sd-bus.h" | |
36 | #include "bus-internal.h" | |
37 | #include "bus-message.h" | |
38 | #include "bus-util.h" | |
39 | #include "bus-internal.h" | |
40 | #include "build.h" | |
41 | #include "strv.h" | |
42 | #include "def.h" | |
43 | #include "capability.h" | |
44 | ||
45 | #include <bus-proxyd/bus-policy.h> | |
46 | ||
45f1b67a DM |
47 | static int test_policy_load(Policy *p, const char *name) |
48 | { | |
49 | char *path; | |
50 | int r = 0; | |
51 | ||
52 | path = strjoin(TEST_DIR, "/bus-policy/", name, NULL); | |
53 | ||
54 | if (access(path, R_OK) == 0) | |
55 | policy_load(p, STRV_MAKE(path)); | |
56 | else | |
57 | r = -ENOENT; | |
58 | ||
59 | free(path); | |
60 | ||
61 | return r; | |
62 | } | |
63 | ||
20725d92 DM |
64 | int main(int argc, char *argv[]) { |
65 | ||
66 | Policy p = {}; | |
20725d92 | 67 | struct ucred ucred = {}; |
078ef7b8 DM |
68 | char **names_strv; |
69 | Hashmap *names_hash; | |
20725d92 DM |
70 | |
71 | /* Ownership tests */ | |
45f1b67a | 72 | assert_se(test_policy_load(&p, "ownerships.conf") == 0); |
20725d92 | 73 | |
20725d92 | 74 | ucred.uid = 0; |
078ef7b8 | 75 | assert_se(policy_check_own(&p, &ucred, "org.test.test1") == true); |
20725d92 | 76 | ucred.uid = 1; |
078ef7b8 | 77 | assert_se(policy_check_own(&p, &ucred, "org.test.test1") == true); |
20725d92 | 78 | |
20725d92 | 79 | ucred.uid = 0; |
078ef7b8 | 80 | assert_se(policy_check_own(&p, &ucred, "org.test.test2") == true); |
20725d92 | 81 | ucred.uid = 1; |
078ef7b8 | 82 | assert_se(policy_check_own(&p, &ucred, "org.test.test2") == false); |
20725d92 | 83 | |
20725d92 | 84 | ucred.uid = 0; |
078ef7b8 | 85 | assert_se(policy_check_own(&p, &ucred, "org.test.test3") == false); |
20725d92 | 86 | ucred.uid = 1; |
078ef7b8 | 87 | assert_se(policy_check_own(&p, &ucred, "org.test.test3") == false); |
20725d92 | 88 | |
20725d92 | 89 | ucred.uid = 0; |
078ef7b8 | 90 | assert_se(policy_check_own(&p, &ucred, "org.test.test4") == false); |
20725d92 | 91 | ucred.uid = 1; |
078ef7b8 | 92 | assert_se(policy_check_own(&p, &ucred, "org.test.test4") == true); |
20725d92 DM |
93 | |
94 | policy_free(&p); | |
95 | ||
078ef7b8 | 96 | /* Signaltest */ |
45f1b67a | 97 | assert_se(test_policy_load(&p, "signals.conf") == 0); |
078ef7b8 | 98 | names_strv = STRV_MAKE("bli.bla.blubb"); |
20725d92 | 99 | |
20725d92 | 100 | ucred.uid = 0; |
078ef7b8 | 101 | assert_se(policy_check_send(&p, &ucred, names_strv, SD_BUS_MESSAGE_SIGNAL, NULL, "/an/object/path", NULL) == true); |
20725d92 DM |
102 | |
103 | ucred.uid = 1; | |
078ef7b8 | 104 | assert_se(policy_check_send(&p, &ucred, names_strv, SD_BUS_MESSAGE_SIGNAL, NULL, "/an/object/path", NULL) == false); |
20725d92 DM |
105 | |
106 | policy_free(&p); | |
107 | ||
108 | /* Method calls */ | |
45f1b67a | 109 | assert_se(test_policy_load(&p, "methods.conf") == 0); |
078ef7b8 DM |
110 | names_strv = STRV_MAKE("org.test.test1"); |
111 | policy_dump(&p); | |
20725d92 DM |
112 | |
113 | ucred.uid = 0; | |
20725d92 | 114 | |
078ef7b8 DM |
115 | assert_se(policy_check_send(&p, &ucred, names_strv, SD_BUS_MESSAGE_METHOD_CALL, "/an/object/path", "bli.bla.blubb", "Member") == false); |
116 | assert_se(policy_check_send(&p, &ucred, names_strv, SD_BUS_MESSAGE_METHOD_CALL, "/an/object/path", "bli.bla.blubb", "Member") == false); | |
117 | assert_se(policy_check_send(&p, &ucred, names_strv, SD_BUS_MESSAGE_METHOD_CALL, "/an/object/path", "org.test.int1", "Member") == true); | |
118 | assert_se(policy_check_send(&p, &ucred, names_strv, SD_BUS_MESSAGE_METHOD_CALL, "/an/object/path", "org.test.int2", "Member") == true); | |
20725d92 | 119 | |
078ef7b8 DM |
120 | names_hash = hashmap_new(&string_hash_ops); |
121 | assert(names_hash != NULL); | |
122 | assert_se(hashmap_put(names_hash, "org.test.test3", NULL) >= 0); | |
123 | assert_se(policy_check_recv(&p, &ucred, names_hash, SD_BUS_MESSAGE_METHOD_CALL, "/an/object/path", "org.test.int3", "Member111") == true); | |
20725d92 DM |
124 | |
125 | policy_free(&p); | |
126 | ||
127 | /* User and groups */ | |
45f1b67a | 128 | assert_se(test_policy_load(&p, "hello.conf") == 0); |
20725d92 DM |
129 | policy_dump(&p); |
130 | ||
131 | ucred.uid = 0; | |
078ef7b8 | 132 | assert_se(policy_check_hello(&p, &ucred) == true); |
20725d92 DM |
133 | |
134 | ucred.uid = 1; | |
078ef7b8 | 135 | assert_se(policy_check_hello(&p, &ucred) == false); |
20725d92 DM |
136 | |
137 | ucred.uid = 0; | |
138 | ucred.gid = 1; | |
078ef7b8 | 139 | assert_se(policy_check_hello(&p, &ucred) == false); |
20725d92 DM |
140 | |
141 | policy_free(&p); | |
142 | ||
20725d92 DM |
143 | return EXIT_SUCCESS; |
144 | } |