test: activation tests for send_destination_prefix

This adds a few tests for checking if activation is allowed
for names specified within send_destination_prefix namespaces.

Signed-off-by: Adrian Szyndela <adrian.s@samsung.com>
Change-Id: I7a5a66f82fc08ce6cb46e37de2c3dfae24d9ea67

diff --git a/test/Makefile.am b/test/Makefile.am
index fd16381cecddc95b6c1ce431e4a1122e7474ebdc..7547ea306b2d48dda140e7a35d373feef3be9a37 100644 (file)
--- a/test/Makefile.am
+++ b/test/Makefile.am
@@ -688,6 +688,9 @@ static_data = \
        data/systemd-activation/com.example.ReceiveDenied.service \
        data/systemd-activation/com.example.SendDenied.service \
        data/systemd-activation/com.example.SendDeniedByAppArmorName.service \
+       data/systemd-activation/com.example.SendPrefixDenied.service \
+       data/systemd-activation/com.example.SendPrefixDenied.internal.service \
+       data/systemd-activation/com.example.SendPrefixDenied.SendPrefixAllowed.internal.service \
        data/systemd-activation/com.example.SystemdActivatable1.service \
        data/systemd-activation/com.example.SystemdActivatable2.service \
        data/systemd-activation/org.freedesktop.systemd1.service \

diff --git a/test/data/systemd-activation/com.example.SendPrefixDenied.SendPrefixAllowed.internal.service b/test/data/systemd-activation/com.example.SendPrefixDenied.SendPrefixAllowed.internal.service
new file mode 100644 (file)
index 0000000..5aab8bf
--- /dev/null
+++ b/test/data/systemd-activation/com.example.SendPrefixDenied.SendPrefixAllowed.internal.service
@@ -0,0 +1,4 @@
+[D-BUS Service]
+Name=com.example.SendPrefixDenied.SendPrefixAllowed.internal
+Exec=/bin/false SendPrefixDenied.SendPrefixAllowed.internal
+SystemdService=dbus-com.example.SendPrefixDenied.SendPrefixAllowed.internal.service

diff --git a/test/data/systemd-activation/com.example.SendPrefixDenied.internal.service b/test/data/systemd-activation/com.example.SendPrefixDenied.internal.service
new file mode 100644 (file)
index 0000000..f9d6335
--- /dev/null
+++ b/test/data/systemd-activation/com.example.SendPrefixDenied.internal.service
@@ -0,0 +1,4 @@
+[D-BUS Service]
+Name=com.example.SendPrefixDenied.internal
+Exec=/bin/false SendPrefixDenied.internal
+SystemdService=dbus-com.example.SendPrefixDenied.internal.service

diff --git a/test/data/systemd-activation/com.example.SendPrefixDenied.service b/test/data/systemd-activation/com.example.SendPrefixDenied.service
new file mode 100644 (file)
index 0000000..3595ce1
--- /dev/null
+++ b/test/data/systemd-activation/com.example.SendPrefixDenied.service
@@ -0,0 +1,4 @@
+[D-BUS Service]
+Name=com.example.SendPrefixDenied
+Exec=/bin/false SendPrefixDenied
+SystemdService=dbus-com.example.SendPrefixDenied.service

diff --git a/test/data/valid-config-files/systemd-activation.conf.in b/test/data/valid-config-files/systemd-activation.conf.in
index 2c3d2c217a7129a2158f590da8789cb22d8d2d7d..499aaa59c13616cbe51e09c56c120583c607b167 100644 (file)
--- a/test/data/valid-config-files/systemd-activation.conf.in
+++ b/test/data/valid-config-files/systemd-activation.conf.in
@@ -14,6 +14,8 @@
 
   <policy context="mandatory">
     <deny send_destination="com.example.SendDenied"/>
+    <deny send_destination_prefix="com.example.SendPrefixDenied"/>
     <deny receive_interface="com.example.ReceiveDenied" receive_member="Call"/>
+    <allow send_destination_prefix="com.example.SendPrefixDenied.SendPrefixAllowed"/>
   </policy>
 </busconfig>

diff --git a/test/sd-activation.c b/test/sd-activation.c
index b60888aea1559c3ddf040a6db8149e075c3d11b5..e02e301325e08d883ef381a21b41cd9e410427cb 100644 (file)
--- a/test/sd-activation.c
+++ b/test/sd-activation.c
@@ -516,6 +516,37 @@ test_activation (Fixture *f,
     g_error ("OOM");
   dbus_connection_send (f->systemd, m, NULL);
   dbus_message_unref (m);
+
+  /* A fourth activation: for name from send_destination_prefix namespace */
+  m = dbus_message_new_signal ("/foo", "com.example.bar", "UnicastSignal4");
+  if (!dbus_message_set_destination (m, "com.example.SendPrefixDenied.SendPrefixAllowed.internal"))
+    g_error ("OOM");
+  dbus_connection_send (f->caller, m, NULL);
+  dbus_message_unref (m);
+
+  /* systemd is already ready for it. */
+  while (f->systemd_message == NULL)
+    test_main_context_iterate (f->ctx, TRUE);
+
+  m = f->systemd_message;
+  f->systemd_message = NULL;
+  assert_signal (m, DBUS_SERVICE_DBUS, DBUS_PATH_DBUS,
+      "org.freedesktop.systemd1.Activator", "ActivationRequest", "s",
+      "org.freedesktop.systemd1");
+
+  /* Check ActivationRequest for the required name. */
+  /* If it is correct, then it passed through policy checking, and the test is over. */
+  do
+    {
+      const char *name;
+      DBusError error;
+
+      dbus_error_init (&error);
+      dbus_message_get_args (m, &error, DBUS_TYPE_STRING, &name, DBUS_TYPE_INVALID);
+      test_assert_no_error (&error);
+      g_assert_cmpstr (name, ==, "dbus-com.example.SendPrefixDenied.SendPrefixAllowed.internal.service");
+    } while (0);
+  dbus_message_unref (m);
 }
 
 static void
@@ -1031,7 +1062,9 @@ static const Config deny_send_tests[] =
     { "com.example.SendDeniedByNonexistentAppArmorLabel" },
     { "com.example.SendDeniedByAppArmorName" },
 #endif
-    { "com.example.SendDenied" }
+    { "com.example.SendDenied" },
+    { "com.example.SendPrefixDenied" },
+    { "com.example.SendPrefixDenied.internal" }
 };
 
 static const Config deny_receive_tests[] =