From d3bbb380ecac6e2a690f13bbea64bd046aaed2cb Mon Sep 17 00:00:00 2001 From: cheng_jinsong Date: Tue, 27 Sep 2022 15:29:31 +0800 Subject: [PATCH] decode group by file Signed-off-by: cheng_jinsong --- services/etc/group | 2 +- services/init/standard/init_cmdexecutor.c | 2 +- services/param/adapter/param_dac.c | 137 ++++++++++++++---- services/param/base/BUILD.gn | 5 +- services/param/base/param_comm.c | 4 +- services/param/include/param_osadp.h | 2 +- test/unittest/BUILD.gn | 1 + test/unittest/param/dac_unittest.cpp | 4 +- test/unittest/param/param_stub.cpp | 20 ++- test/unittest/param/param_stub.h | 2 +- test/unittest/param/paramservice_unittest.cpp | 33 +---- test/unittest/param/selinux_unittest.cpp | 5 +- test/unittest/param/trigger_unittest.cpp | 5 +- .../unittest/param/watcher_agent_unittest.cpp | 29 ++-- test/unittest/syspara/syspara_unittest.cpp | 6 +- 15 files changed, 181 insertions(+), 76 deletions(-) diff --git a/services/etc/group b/services/etc/group index 96f074093..a6a1688e6 100644 --- a/services/etc/group +++ b/services/etc/group @@ -84,7 +84,7 @@ huks_server:x:3510: cert_manager_server:x:3515: dms:x:5522: foundation:x:5523: -quickfixserver:x:5524; +quickfixserver:x:5524: samgr:x:5555: update:x:6666: charger:x:6667: diff --git a/services/init/standard/init_cmdexecutor.c b/services/init/standard/init_cmdexecutor.c index 689dc48ce..1dd2e3ae0 100644 --- a/services/init/standard/init_cmdexecutor.c +++ b/services/init/standard/init_cmdexecutor.c @@ -123,7 +123,7 @@ int PluginExecCmd(const char *name, int argc, const char **argv) return -1; } PluginCmd *cmd = groupNode->data.cmd; - INIT_LOGI("PluginExecCmd index %s", cmd->name); + INIT_LOGV("PluginExecCmd index %s", cmd->name); int ret = 0; ListNode *node = cmd->cmdExecutor.next; while (node != &cmd->cmdExecutor) { diff --git a/services/param/adapter/param_dac.c b/services/param/adapter/param_dac.c index 9872839bc..6e063dfae 100644 --- a/services/param/adapter/param_dac.c +++ b/services/param/adapter/param_dac.c @@ -28,8 +28,11 @@ #define USER_BUFFER_LEN 64 #define MAX_BUF_SIZE 1024 #define GROUP_FORMAT "const.group" - +#define INVALID_MODE 0550 +#define GROUP_FILE_PATH "/etc/group" #define OCT_BASE 8 +#define INVALID_UID(uid) ((uid) == (uid_t)-1) + static void GetUserIdByName(uid_t *uid, const char *name, uint32_t nameLen) { *uid = -1; @@ -210,7 +213,6 @@ static int CheckFilePermission(const ParamSecurityLabel *localLabel, const char static int CheckUserInGroup(WorkSpace *space, gid_t groupId, uid_t uid) { -#ifdef __MUSL__ char buffer[USER_BUFFER_LEN] = {0}; uint32_t labelIndex = 0; int ret = ParamSprintf(buffer, sizeof(buffer), "%s.%d.%d", GROUP_FORMAT, groupId, uid); @@ -218,14 +220,11 @@ static int CheckUserInGroup(WorkSpace *space, gid_t groupId, uid_t uid) (void)FindTrieNode(space, buffer, strlen(buffer), &labelIndex); ParamSecurityNode *node = (ParamSecurityNode *)GetTrieNode(space, labelIndex); PARAM_CHECK(node != NULL, return DAC_RESULT_FORBIDED, "Can not get security label %d", labelIndex); - PARAM_LOGV("CheckUserInGroup %s groupid %d uid %d", buffer, groupId, uid); + PARAM_LOGV("CheckUserInGroup %s groupid %d uid %d", buffer, node->gid, node->uid); if (node->gid == groupId && node->uid == uid) { return 0; } return -1; -#else - return 0; -#endif } static int DacCheckParamPermission(const ParamSecurityLabel *srcLabel, const char *name, uint32_t mode) @@ -265,9 +264,6 @@ static int DacCheckParamPermission(const ParamSecurityLabel *srcLabel, const cha PARAM_LOGW("Cfg label %d gid:%d uid:%d mode 0%o ", labelIndex, node->gid, node->uid, node->mode); #ifndef STARTUP_INIT_TEST ret = DAC_RESULT_PERMISSION; -#endif -#ifndef __MUSL__ // for wgr, return permission - ret = DAC_RESULT_PERMISSION; #endif } return ret; @@ -288,45 +284,136 @@ INIT_LOCAL_API int RegisterSecurityDacOps(ParamSecurityOps *ops, int isInit) return ret; } -static void AddGroupUser(unsigned int uid, unsigned int gid, int mode, const char *format) +static void AddGroupUser(const char *userName, gid_t gid) { + if (userName == NULL || strlen(userName) == 0) { + return; + } + uid_t uid = 0; + GetUserIdByName(&uid, userName, strlen(userName)); + PARAM_LOGV("Add group user '%s' gid %d uid %d", userName, gid, uid); + if (INVALID_UID(gid) || INVALID_UID(uid)) { + PARAM_LOGW("Invalid user for '%s' gid %d uid %d", userName, gid, uid); + return; + } ParamAuditData auditData = {0}; char buffer[USER_BUFFER_LEN] = {0}; - int ret = ParamSprintf(buffer, sizeof(buffer), "%s.%u.%u", format, gid, uid); - PARAM_CHECK(ret >= 0, return, "Failed to format name for %s.%d.%d", format, gid, uid); + int ret = ParamSprintf(buffer, sizeof(buffer), "%s.%u.%u", GROUP_FORMAT, gid, uid); + PARAM_CHECK(ret >= 0, return, "Failed to format name for %d.%d", gid, uid); auditData.name = buffer; auditData.dacData.uid = uid; auditData.dacData.gid = gid; - auditData.dacData.mode = mode; + auditData.dacData.mode = INVALID_MODE; AddSecurityLabel(&auditData); } -INIT_LOCAL_API void LoadGroupUser(void) +#ifdef PARAM_DECODE_GROUPID_FROM_FILE +static char *UserNameTrim(char *str) { -#ifndef __MUSL__ + if (str == NULL) { + return NULL; + } + size_t len = strlen(str); + if (str == NULL || len == 0) { + return NULL; + } + char *end = str + len - 1; + while (end >= str && (*end == ' ' || *end == '\t' || *end == '\n' || *end == '\r')) { + *end = '\0'; + end--; + } + len = strlen(str); + char *head = str; + end = str + strlen(str); + while (head < end && (*head == ' ' || *head == '\t' || *head == '\n' || *head == '\r')) { + *head = '\0'; + head++; + } + if (strlen(str) == 0) { + return NULL; + } + return head; +} + +static void LoadGroupUser_(void) +{ + // decode group file + FILE *fp = fopen(GROUP_FILE_PATH, "r"); + const uint32_t buffSize = 1024; // 1024 max buffer for decode + char *buff = (char *)calloc(1, buffSize); + while (fp != NULL && buff != NULL && fgets(buff, buffSize, fp) != NULL) { + buff[buffSize - 1] = '\0'; + // deviceprivate:x:1053:root,shell,system,samgr,hdf_devmgr,deviceinfo,dsoftbus,dms,account + char *buffer = UserNameTrim(buff); + PARAM_CHECK(buffer != NULL, continue, "Invalid buffer %s", buff); + + PARAM_LOGV("LoadGroupUser_ '%s'", buffer); + // group name + char *groupName = strtok(buffer, ":"); + groupName = UserNameTrim(groupName); + PARAM_CHECK(groupName != NULL, continue, "Invalid group name %s", buff); + + // skip x + (void)strtok(NULL, ":"); + char *strGid = strtok(NULL, ":"); + strGid = UserNameTrim(strGid); + PARAM_CHECK(strGid != NULL, continue, "Invalid gid %s", buff); + + errno = 0; + gid_t gid = (gid_t)strtoul(strGid, 0, 10); // 10 base + PARAM_CHECK(errno == 0, continue, "Invalid gid %s", strGid); + + char *userName = strGid + strlen(strGid) + 1; + userName = UserNameTrim(userName); + PARAM_LOGV("LoadGroupUser_ %s userName '%s'", groupName, userName); + if (userName == NULL) { + AddGroupUser(groupName, gid); + continue; + } + char *tmp = strtok(userName, ","); + while (tmp != NULL) { + PARAM_LOGV("LoadGroupUser_ %s userName '%s'", groupName, tmp); + AddGroupUser(UserNameTrim(tmp), gid); + userName = tmp + strlen(tmp) + 1; + tmp = strtok(NULL, ","); + } + // last username + if (userName != NULL) { + AddGroupUser(UserNameTrim(userName), gid); + } + } + if (fp != NULL) { + (void)fclose(fp); + } + if (buff != NULL) { + free(buff); + } return; -#endif - PARAM_LOGV("LoadGroupUser "); - uid_t uid = 0; +} +#else +static void LoadGroupUser_(void) +{ struct group *data = NULL; while ((data = getgrent()) != NULL) { if (data->gr_name == NULL || data->gr_mem == NULL) { continue; } if (data->gr_mem[0] == NULL) { // default user in group - GetUserIdByName(&uid, data->gr_name, strlen(data->gr_name)); - PARAM_LOGV("LoadGroupUser %s gid %d uid %d", data->gr_name, data->gr_gid, uid); - AddGroupUser(uid, data->gr_gid, 0550, GROUP_FORMAT); // 0550 read and watch + AddGroupUser(data->gr_name, data->gr_gid); continue; } int index = 0; while (data->gr_mem[index]) { // user in this group - GetUserIdByName(&uid, data->gr_mem[index], strlen(data->gr_mem[index])); - PARAM_LOGV("LoadGroupUser %s gid %d uid %d user %s", data->gr_name, data->gr_gid, uid, data->gr_mem[index]); - AddGroupUser(uid, data->gr_gid, 0550, GROUP_FORMAT); // 0550 read and watch + AddGroupUser(data->gr_mem[index], data->gr_gid); index++; } } - PARAM_LOGV("LoadGroupUser getgrent fail errnor %d ", errno); endgrent(); } +#endif + +INIT_LOCAL_API void LoadGroupUser(void) +{ + PARAM_LOGV("LoadGroupUser "); + LoadGroupUser_(); +} diff --git a/services/param/base/BUILD.gn b/services/param/base/BUILD.gn index 1706c28e5..b1aadaae6 100644 --- a/services/param/base/BUILD.gn +++ b/services/param/base/BUILD.gn @@ -102,7 +102,10 @@ if (defined(ohos_lite)) { cflags = [ "-fPIC" ] include_dirs = base_include_dirs public_configs = [ ":exported_header_files" ] - defines = [ "_GNU_SOURCE" ] + defines = [ + "_GNU_SOURCE", + "PARAM_DECODE_GROUPID_FROM_FILE", + ] deps = [] if (use_musl) { diff --git a/services/param/base/param_comm.c b/services/param/base/param_comm.c index 3afe0e3c3..17763666a 100644 --- a/services/param/base/param_comm.c +++ b/services/param/base/param_comm.c @@ -531,8 +531,8 @@ INIT_LOCAL_API int CheckParamPermission(const ParamSecurityLabel *srcLabel, cons ParamWorkSpace *paramSpace = GetParamWorkSpace(); PARAM_CHECK(paramSpace != NULL, return DAC_RESULT_FORBIDED, "Invalid workspace"); int ret = DAC_RESULT_PERMISSION; - PARAM_LOGV("CheckParamPermission mode 0x%x name: %s uid:%d pid:%d", - mode, name, (int)srcLabel->cred.uid, (int)srcLabel->cred.pid); + PARAM_LOGV("CheckParamPermission mode 0x%x name: %s uid:%d gid:%d pid:%d", + mode, name, (int)srcLabel->cred.uid, (int)srcLabel->cred.gid, (int)srcLabel->cred.pid); // for root, all permission, but for appspawn must to check if (srcLabel->cred.uid == 0 && srcLabel->cred.pid == 1) { return DAC_RESULT_PERMISSION; diff --git a/services/param/include/param_osadp.h b/services/param/include/param_osadp.h index 831166cf7..43c8c2173 100755 --- a/services/param/include/param_osadp.h +++ b/services/param/include/param_osadp.h @@ -67,7 +67,7 @@ extern "C" { #define DAC_DEFAULT_MODE 0774 #define PARAM_WORKSPACE_DEF (1024 * 30) #endif -#define DAC_DEFAULT_GROUP 2000 +#define DAC_DEFAULT_GROUP 0 #define DAC_DEFAULT_USER 0 #endif diff --git a/test/unittest/BUILD.gn b/test/unittest/BUILD.gn index a6eaf29f8..cd4597690 100755 --- a/test/unittest/BUILD.gn +++ b/test/unittest/BUILD.gn @@ -241,6 +241,7 @@ ohos_unittest("init_unittest") { "_GNU_SOURCE", "PARAM_SUPPORT_TRIGGER", "USE_MBEDTLS", + "PARAM_DECODE_GROUPID_FROM_FILE", ] defines += [ "_GNU_SOURCE" ] diff --git a/test/unittest/param/dac_unittest.cpp b/test/unittest/param/dac_unittest.cpp index 9cece869c..bd287d69b 100644 --- a/test/unittest/param/dac_unittest.cpp +++ b/test/unittest/param/dac_unittest.cpp @@ -124,7 +124,7 @@ HWTEST_F(DacUnitTest, TestDacCheckFilePermission, TestSize.Level0) DacUnitTest test; test.TestDacCheckFilePermission(STARTUP_INIT_UT_PATH "/trigger_test.cfg"); } -#ifdef __MUSL__ + HWTEST_F(DacUnitTest, TestDacCheckUserParaPermission, TestSize.Level0) { // 相同用户 @@ -247,7 +247,7 @@ HWTEST_F(DacUnitTest, TestDacCheckOtherParaPermission, TestSize.Level0) ret = test.TestDacCheckParaPermission("test.permission.watch.aaa", &dacData, DAC_WATCH); EXPECT_EQ(ret, 0); } -#endif + HWTEST_F(DacUnitTest, TestClientDacCheckFilePermission, TestSize.Level0) { DacUnitTest test; diff --git a/test/unittest/param/param_stub.cpp b/test/unittest/param/param_stub.cpp index 11c1d0735..f3179eb41 100644 --- a/test/unittest/param/param_stub.cpp +++ b/test/unittest/param/param_stub.cpp @@ -55,7 +55,7 @@ static int TestGenHashCode(const char *buff) static void TestSetSelinuxLogCallback(void) {} -static const char *forbitWriteParamName[] = { +static const char *forbidWriteParamName[] = { "ohos.servicectrl.", "test.permission.read", "test.persmission.watch" @@ -64,9 +64,9 @@ static const char *forbitWriteParamName[] = { static int TestSetParamCheck(const char *paraName, const char *context, const SrcInfo *info) { // forbid to read ohos.servicectrl. - for (size_t i = 0; i < ARRAY_LENGTH(forbitWriteParamName); i++) { - if (strncmp(paraName, forbitWriteParamName[i], strlen(forbitWriteParamName[i])) == 0) { - return 1; + for (size_t i = 0; i < ARRAY_LENGTH(forbidWriteParamName); i++) { + if (strncmp(paraName, forbidWriteParamName[i], strlen(forbidWriteParamName[i])) == 0) { + return g_testPermissionResult; } } return g_testPermissionResult; @@ -147,6 +147,18 @@ void TestSetSelinuxOps(void) selinuxSpace->destroyParamList = TestDestroyParamList; #endif } + +void TestSetParamCheckResult(const char *prefix, uint16_t mode, int result) +{ + ParamAuditData auditData = {}; + auditData.name = prefix; + auditData.dacData.gid = 202; // 202 test dac gid + auditData.dacData.uid = 202; // 202 test dac uid + auditData.dacData.mode = mode; + AddSecurityLabel(&auditData); + SetTestPermissionResult(result); +} + static void CreateTestFile(const char *fileName, const char *data) { CheckAndCreateDir(fileName); diff --git a/test/unittest/param/param_stub.h b/test/unittest/param/param_stub.h index 1e69b3a1d..fb413729b 100644 --- a/test/unittest/param/param_stub.h +++ b/test/unittest/param/param_stub.h @@ -33,7 +33,7 @@ extern "C" { void PrepareInitUnitTestEnv(void); void TestSetSelinuxOps(void); void SetTestPermissionResult(int result); - +void TestSetParamCheckResult(const char *prefix, uint16_t mode, int result); int TestCheckParamPermission(const ParamSecurityLabel *srcLabel, const char *name, uint32_t mode); int TestFreeLocalSecurityLabel(ParamSecurityLabel *srcLabel); diff --git a/test/unittest/param/paramservice_unittest.cpp b/test/unittest/param/paramservice_unittest.cpp index fd5295391..f577f9586 100644 --- a/test/unittest/param/paramservice_unittest.cpp +++ b/test/unittest/param/paramservice_unittest.cpp @@ -445,27 +445,17 @@ public: return 0; } - int TestServiceCtrl(const char *serviceName, int mode) + int TestServiceCtrl(const char *serviceName, uint16_t mode) { // service forbid - ParamAuditData auditData = {}; - auditData.name = "ohos.servicectrl."; - auditData.dacData.gid = 202; // 202 test dac gid - auditData.dacData.uid = 202; // 202 test dac uid - auditData.dacData.mode = mode; - AddSecurityLabel(&auditData); + TestSetParamCheckResult("ohos.servicectrl.", mode, 1); return SystemWriteParam("ohos.ctl.start", serviceName); } - int TestPowerCtrl(const char *reboot, int mode) + int TestPowerCtrl(const char *reboot, uint16_t mode) { // service forbid - ParamAuditData auditData = {}; - auditData.name = "ohos.servicectrl.reboot"; - auditData.dacData.gid = 202; // 202 test dac gid - auditData.dacData.uid = 202; // 202 test dac uid - auditData.dacData.mode = mode; - AddSecurityLabel(&auditData); + TestSetParamCheckResult("ohos.servicectrl.reboot", mode, 1); return SystemWriteParam("ohos.startup.powerctrl", reboot); } }; @@ -528,9 +518,7 @@ HWTEST_F(ParamServiceUnitTest, TestServiceCtrl, TestSize.Level0) { ParamServiceUnitTest test; int ret = test.TestServiceCtrl("server1", 0770); -#ifdef __MUSL__ EXPECT_NE(ret, 0); -#endif #ifdef PARAM_SUPPORT_SELINUX // selinux forbid ret = test.TestServiceCtrl("server2", 0772); @@ -543,36 +531,29 @@ HWTEST_F(ParamServiceUnitTest, TestPowerCtrl, TestSize.Level0) { ParamServiceUnitTest test; int ret = test.TestPowerCtrl("reboot,shutdown", 0770); -#ifdef __MUSL__ EXPECT_NE(ret, 0); -#endif + #ifdef PARAM_SUPPORT_SELINUX ret = test.TestPowerCtrl("reboot,shutdown", 0772); // selinux forbid EXPECT_NE(ret, 0); #endif ret = test.TestPowerCtrl("reboot,updater", 0770); -#ifdef __MUSL__ EXPECT_NE(ret, 0); -#endif #ifdef PARAM_SUPPORT_SELINUX ret = test.TestPowerCtrl("reboot,updater", 0772); // selinux forbid EXPECT_NE(ret, 0); #endif - ret = test.TestPowerCtrl("reboot,flash", 0770); -#ifdef __MUSL__ + ret = test.TestPowerCtrl("reboot,flashd", 0770); EXPECT_NE(ret, 0); -#endif #ifdef PARAM_SUPPORT_SELINUX - ret = test.TestPowerCtrl("reboot,flash", 0772); + ret = test.TestPowerCtrl("reboot,flashd", 0772); // selinux forbid EXPECT_NE(ret, 0); #endif ret = test.TestPowerCtrl("reboot", 0770); -#ifdef __MUSL__ EXPECT_NE(ret, 0); -#endif #ifdef PARAM_SUPPORT_SELINUX ret = test.TestPowerCtrl("reboot", 0772); // selinux forbid diff --git a/test/unittest/param/selinux_unittest.cpp b/test/unittest/param/selinux_unittest.cpp index 87a153583..53c026920 100644 --- a/test/unittest/param/selinux_unittest.cpp +++ b/test/unittest/param/selinux_unittest.cpp @@ -29,7 +29,10 @@ public: SelinuxUnitTest() {} virtual ~SelinuxUnitTest() {} - void SetUp() {} + void SetUp() + { + SetTestPermissionResult(0); + } void TearDown() {} void TestBody() {} diff --git a/test/unittest/param/trigger_unittest.cpp b/test/unittest/param/trigger_unittest.cpp index ab91015d3..009adb44e 100644 --- a/test/unittest/param/trigger_unittest.cpp +++ b/test/unittest/param/trigger_unittest.cpp @@ -68,7 +68,10 @@ public: TriggerUnitTest() {} virtual ~TriggerUnitTest() {} - void SetUp() {} + void SetUp() + { + SetTestPermissionResult(0); + } void TearDown() {} void TestBody() {} diff --git a/test/unittest/param/watcher_agent_unittest.cpp b/test/unittest/param/watcher_agent_unittest.cpp index effd73a00..4b3245b3d 100644 --- a/test/unittest/param/watcher_agent_unittest.cpp +++ b/test/unittest/param/watcher_agent_unittest.cpp @@ -22,6 +22,7 @@ #include "message_parcel.h" #include "parameter.h" #include "param_manager.h" +#include "param_stub.h" #include "param_utils.h" #include "system_ability_definition.h" #include "watcher.h" @@ -53,6 +54,7 @@ public: GetParamSecurityLabel()->cred.uid = 1000; // 1000 test uid GetParamSecurityLabel()->cred.gid = 1000; // 1000 test gid } + SetTestPermissionResult(0); } void TearDown() {} void TestBody() {} @@ -60,30 +62,39 @@ public: int TestAddWatcher() { size_t index = 1; - int ret = SystemWatchParameter("test.permission.watcher.test1", TestParameterChange, (void *)index); + int ret = SystemWatchParameter("test.permission.watcher.test1", + TestParameterChange, reinterpret_cast(index)); EXPECT_EQ(ret, 0); - ret = SystemWatchParameter("test.permission.watcher.test1*", TestParameterChange, (void *)index); + ret = SystemWatchParameter("test.permission.watcher.test1*", + TestParameterChange,reinterpret_cast(index)); EXPECT_EQ(ret, 0); // repeat add, return fail - ret = SystemWatchParameter("test.permission.watcher.test1", TestParameterChange, (void *)index); + ret = SystemWatchParameter("test.permission.watcher.test1", + TestParameterChange, reinterpret_cast(index)); EXPECT_NE(ret, 0); index++; - ret = SystemWatchParameter("test.permission.watcher.test1", TestParameterChange, (void *)index); + ret = SystemWatchParameter("test.permission.watcher.test1", + TestParameterChange, reinterpret_cast(index)); EXPECT_EQ(ret, 0); index++; - ret = SystemWatchParameter("test.permission.watcher.test1", TestParameterChange, (void *)index); + ret = SystemWatchParameter("test.permission.watcher.test1", + TestParameterChange, reinterpret_cast(index)); EXPECT_EQ(ret, 0); // delete - ret = RemoveParameterWatcher("test.permission.watcher.test1", TestParameterChange, (void *)index); + ret = RemoveParameterWatcher("test.permission.watcher.test1", + TestParameterChange, reinterpret_cast(index)); EXPECT_EQ(ret, 0); index--; - ret = RemoveParameterWatcher("test.permission.watcher.test1", TestParameterChange, (void *)index); + ret = RemoveParameterWatcher("test.permission.watcher.test1", + TestParameterChange, reinterpret_cast(index)); EXPECT_EQ(ret, 0); index--; - ret = RemoveParameterWatcher("test.permission.watcher.test1", TestParameterChange, (void *)index); + ret = RemoveParameterWatcher("test.permission.watcher.test1", + TestParameterChange, reinterpret_cast(index)); EXPECT_EQ(ret, 0); - ret = RemoveParameterWatcher("test.permission.watcher.test1", TestParameterChange, (void *)index); + ret = RemoveParameterWatcher("test.permission.watcher.test1", + TestParameterChange, reinterpret_cast(index)); EXPECT_EQ(ret, 0); // 非法 diff --git a/test/unittest/syspara/syspara_unittest.cpp b/test/unittest/syspara/syspara_unittest.cpp index c04837635..16fd456c0 100644 --- a/test/unittest/syspara/syspara_unittest.cpp +++ b/test/unittest/syspara/syspara_unittest.cpp @@ -20,6 +20,7 @@ #include "parameter.h" #include "sysparam_errno.h" #include "param_comm.h" +#include "param_stub.h" #include "param_wrapper.h" #include "sysversion.h" @@ -32,7 +33,10 @@ class SysparaUnitTest : public testing::Test { public: static void SetUpTestCase() {} static void TearDownTestCase() {} - void SetUp() {} + void SetUp() + { + SetTestPermissionResult(0); + } void TearDown() {} };