1 From 6c96a39ba7a7763ccd47e379dbfd8d376164985f Mon Sep 17 00:00:00 2001
2 From: =?UTF-8?q?Jos=C3=A9=20Bollo?= <jose.bollo@iot.bzh>
3 Date: Mon, 16 Nov 2015 14:26:25 +0100
4 Subject: [PATCH 13/14] Removing tizen-platform-config
6 Change-Id: Ic832a2b75229517b09faba969c27fb1a4b490121
8 CMakeLists.txt | 16 +++++++-
9 db/CMakeLists.txt | 2 +-
10 policy/CMakeLists.txt | 1 +
11 ...load => security-manager-policy-reload.in} | 4 +-
12 src/common/file-lock.cpp | 4 +-
13 src/common/include/file-lock.h | 1 -
14 src/common/include/privilege_db.h | 3 +-
15 src/common/service_impl.cpp | 39 ++++++-------------
16 src/common/smack-rules.cpp | 12 ++----
17 9 files changed, 37 insertions(+), 45 deletions(-)
18 rename policy/{security-manager-policy-reload => security-manager-policy-reload.in} (94%)
20 diff --git a/CMakeLists.txt b/CMakeLists.txt
21 index 28790d8..37a43cc 100644
24 @@ -49,7 +49,7 @@ ADD_DEFINITIONS("-Wall") # Generate all warnings
25 ADD_DEFINITIONS("-Wextra") # Generate even more extra warnings
27 STRING(REGEX MATCH "([^.]*)" API_VERSION "${VERSION}")
28 -ADD_DEFINITIONS("-DAPI_VERSION=\"$(API_VERSION)\"")
29 +ADD_DEFINITIONS("-DAPI_VERSION=\"${API_VERSION}\"")
31 ADD_DEFINITIONS("-DSMACK_ENABLED")
33 @@ -58,6 +58,20 @@ IF (CMAKE_BUILD_TYPE MATCHES "DEBUG")
34 ADD_DEFINITIONS("-DBUILD_TYPE_DEBUG")
35 ENDIF (CMAKE_BUILD_TYPE MATCHES "DEBUG")
37 +SET(DATADIR "/usr/share/security-manager" CACHE STRING "path to data directory")
38 +SET(SMACKRULESDIR "/etc/smack/accesses.d" CACHE STRING "path to Smack rules directory")
39 +SET(LOCKDIR "/var/run/lock" CACHE STRING "path to lock directory")
40 +SET(DB_INSTALL_DIR "/var/db/security-manager" CACHE STRING "path to database directory")
41 +SET(DB_FILENAME ".security-manager.db" CACHE STRING "basename of database")
42 +SET(GLOBALUSER "userapp" CACHE STRING "name of the global user")
44 +ADD_DEFINITIONS("-DDATADIR=\"${DATADIR}\"")
45 +ADD_DEFINITIONS("-DSMACKRULESDIR=\"${SMACKRULESDIR}\"")
46 +ADD_DEFINITIONS("-DLOCKDIR=\"${LOCKDIR}\"")
47 +ADD_DEFINITIONS("-DDB_INSTALL_DIR=\"${DB_INSTALL_DIR}\"")
48 +ADD_DEFINITIONS("-DDB_FILENAME=\"${DB_FILENAME}\"")
49 +ADD_DEFINITIONS("-DGLOBALUSER=\"${GLOBALUSER}\"")
53 ADD_SUBDIRECTORY(systemd)
54 diff --git a/db/CMakeLists.txt b/db/CMakeLists.txt
55 index 9e8ffcc..d7af1a0 100644
56 --- a/db/CMakeLists.txt
57 +++ b/db/CMakeLists.txt
59 -SET(TARGET_DB ".security-manager.db")
60 +SET(TARGET_DB "$(DB_FILENAME)")
63 OUTPUT ${TARGET_DB} ${TARGET_DB}-journal
64 diff --git a/policy/CMakeLists.txt b/policy/CMakeLists.txt
65 index bd08edc..626a2bd 100644
66 --- a/policy/CMakeLists.txt
67 +++ b/policy/CMakeLists.txt
69 FILE(GLOB USERTYPE_POLICY_FILES usertype-*.profile)
70 +CONFIGURE_FILE(security-manager-policy-reload.in security-manager-policy-reload @ONLY)
71 INSTALL(FILES ${USERTYPE_POLICY_FILES} DESTINATION ${SHARE_INSTALL_PREFIX}/security-manager/policy)
72 INSTALL(FILES "app-rules-template.smack" DESTINATION ${SHARE_INSTALL_PREFIX}/security-manager/policy)
73 INSTALL(FILES "privilege-group.list" DESTINATION ${SHARE_INSTALL_PREFIX}/security-manager/policy)
74 diff --git a/policy/security-manager-policy-reload b/policy/security-manager-policy-reload.in
76 rename from policy/security-manager-policy-reload
77 rename to policy/security-manager-policy-reload.in
78 index 6f211c6..c1bc4e2 100755
79 --- a/policy/security-manager-policy-reload
80 +++ b/policy/security-manager-policy-reload.in
84 -POLICY_PATH=/usr/share/security-manager/policy
85 +POLICY_PATH=@DATADIR@/policy
86 PRIVILEGE_GROUP_MAPPING=$POLICY_PATH/privilege-group.list
87 -DB_FILE=`tzplatform-get TZ_SYS_DB | cut -d= -f2`/.security-manager.db
88 +DB_FILE=@DB_INSTALL_DIR@/@DB_FILENAME@
90 # Create default buckets
91 while read bucket default_policy
92 diff --git a/src/common/file-lock.cpp b/src/common/file-lock.cpp
93 index 6f3996c..88d2092 100644
94 --- a/src/common/file-lock.cpp
95 +++ b/src/common/file-lock.cpp
98 namespace SecurityManager {
100 -char const * const SERVICE_LOCK_FILE = tzplatform_mkpath3(TZ_SYS_RUN,
102 - "security-manager.lock");
103 +char const * const SERVICE_LOCK_FILE = LOCKDIR "/security-manager.lock";
105 FileLocker::FileLocker(const std::string &lockFile, bool blocking)
107 diff --git a/src/common/include/file-lock.h b/src/common/include/file-lock.h
108 index 604b019..21a86a0 100644
109 --- a/src/common/include/file-lock.h
110 +++ b/src/common/include/file-lock.h
113 #include <dpl/exception.h>
114 #include <dpl/noncopyable.h>
115 -#include <tzplatform_config.h>
117 namespace SecurityManager {
119 diff --git a/src/common/include/privilege_db.h b/src/common/include/privilege_db.h
120 index 08fb9d6..3344987 100644
121 --- a/src/common/include/privilege_db.h
122 +++ b/src/common/include/privilege_db.h
126 #include <dpl/db/sql_connection.h>
127 -#include <tzplatform_config.h>
129 #ifndef PRIVILEGE_DB_H_
130 #define PRIVILEGE_DB_H_
132 namespace SecurityManager {
134 -const char *const PRIVILEGE_DB_PATH = tzplatform_mkpath(TZ_SYS_DB, ".security-manager.db");
135 +const char *const PRIVILEGE_DB_PATH = DB_INSTALL_DIR "/" DB_FILENAME;
137 enum class QueryType {
139 diff --git a/src/common/service_impl.cpp b/src/common/service_impl.cpp
140 index ae305d3..42150fe 100644
141 --- a/src/common/service_impl.cpp
142 +++ b/src/common/service_impl.cpp
146 #include <dpl/log/log.h>
147 -#include <tzplatform_config.h>
149 #include "protocols.h"
150 #include "privilege_db.h"
151 @@ -131,7 +130,13 @@ static inline int validatePolicy(policy_entry &policyEntry, std::string uidStr,
153 static uid_t getGlobalUserId(void)
155 - static uid_t globaluid = tzplatform_getuid(TZ_SYS_GLOBALAPP_USER);
156 + static uid_t globaluid = 0;
158 + struct passwd pw, *p;
160 + int rc = getpwnam_r(GLOBALUSER, &pw, buf, sizeof buf, &p);
161 + globaluid = (rc || p == NULL) ? 555 : p->pw_uid;
166 @@ -161,37 +166,17 @@ static inline bool isSubDir(const char *parent, const char *subdir)
168 static bool getUserAppDir(const uid_t &uid, std::string &userAppDir)
170 - struct tzplatform_context *tz_ctx = nullptr;
172 - if (tzplatform_context_create(&tz_ctx))
175 - if (tzplatform_context_set_user(tz_ctx, uid)) {
176 - tzplatform_context_destroy(tz_ctx);
178 + struct passwd pw, *p;
180 + int rc = getpwuid_r(uid, &pw, buf, sizeof buf, &p);
181 + if (rc || p == NULL)
185 - enum tzplatform_variable id =
186 - (uid == getGlobalUserId()) ? TZ_SYS_RW_APP : TZ_USER_APP;
187 - const char *appDir = tzplatform_context_getenv(tz_ctx, id);
189 - tzplatform_context_destroy(tz_ctx);
194 - userAppDir = appDir;
196 - tzplatform_context_destroy(tz_ctx);
199 + userAppDir = p->pw_dir;
203 static inline bool installRequestAuthCheck(const app_inst_req &req, uid_t uid, bool &isCorrectPath, std::string &appPath)
205 - std::string userHome;
206 std::string userAppDir;
207 std::stringstream correctPath;
209 diff --git a/src/common/smack-rules.cpp b/src/common/smack-rules.cpp
210 index 922a56f..c2e0041 100644
211 --- a/src/common/smack-rules.cpp
212 +++ b/src/common/smack-rules.cpp
216 #include <dpl/log/log.h>
217 -#include <tzplatform_config.h>
219 #include "smack-labels.h"
220 #include "smack-rules.h"
221 @@ -43,7 +42,7 @@ namespace SecurityManager {
223 const char *const SMACK_APP_LABEL_TEMPLATE = "~APP~";
224 const char *const SMACK_PKG_LABEL_TEMPLATE = "~PKG~";
225 -const char *const APP_RULES_TEMPLATE_FILE_PATH = tzplatform_mkpath4(TZ_SYS_SHARE, "security-manager", "policy", "app-rules-template.smack");
226 +const char *const APP_RULES_TEMPLATE_FILE_PATH = DATADIR "/policy/app-rules-template.smack";
227 const char *const SMACK_APP_IN_PACKAGE_PERMS = "rwxat";
229 SmackRules::SmackRules()
230 @@ -237,14 +236,12 @@ void SmackRules::generatePackageCrossDeps(const std::vector<std::string> &pkgCon
232 std::string SmackRules::getPackageRulesFilePath(const std::string &pkgId)
234 - std::string path(tzplatform_mkpath3(TZ_SYS_SMACK, "accesses.d", ("pkg_" + pkgId).c_str()));
236 + return SMACKRULESDIR "/pkg_" + pkgId;
239 std::string SmackRules::getApplicationRulesFilePath(const std::string &appId)
241 - std::string path(tzplatform_mkpath3(TZ_SYS_SMACK, "accesses.d", ("app_" + appId).c_str()));
243 + return SMACKRULESDIR "/app_" + appId;
245 void SmackRules::installApplicationPrivilegesRules(const std::string &appId, const std::string &pkgId,
246 const std::vector<std::string> &pkgContents, const std::vector<std::string> &privileges)
247 @@ -256,8 +253,7 @@ void SmackRules::installApplicationPrivilegesRules(const std::string &appId, con
248 for (auto privilege : privileges) {
249 if (privilege.empty())
251 - std::string fprivilege ( privilege + "-template.smack");
252 - std::string path(tzplatform_mkpath4(TZ_SYS_SHARE, "security-manager", "policy", fprivilege.c_str()));
253 + std::string path = DATADIR "/policy/" + privilege + "-template.smack";
254 if( stat(path.c_str(), &buffer) == 0)
255 smackRules.addFromTemplateFile(appId, pkgId, path);