meta-agl-security/recipes-security/security-manager/security-manager/Removing-tizen-platform-config.patch

   1 From 72e66d0e42f3bb6efd689ce33b1df407d94b3c60 Mon Sep 17 00:00:00 2001
   2 From: =?UTF-8?q?Jos=C3=A9=20Bollo?= <jose.bollo@iot.bzh>
   3 Date: Mon, 16 Nov 2015 14:26:25 +0100
   4 Subject: [PATCH] Removing tizen-platform-config
   5
   6 Change-Id: Ic832a2b75229517b09faba969c27fb1a4b490121
   7 ---
   8  policy/security-manager-policy-reload |  2 +-
   9  src/common/file-lock.cpp              |  4 +---
  10  src/common/include/file-lock.h        |  1 -
  11  src/common/include/privilege_db.h     |  3 +--
  12  src/common/service_impl.cpp           | 39 +++++++++++------------------------
  13  src/common/smack-rules.cpp            | 12 ++++-------
  14  6 files changed, 19 insertions(+), 42 deletions(-)
  15
  16 diff --git a/policy/security-manager-policy-reload b/policy/security-manager-policy-reload
  17 index 6f211c6..ed8047a 100755
  18 --- a/policy/security-manager-policy-reload
  19 +++ b/policy/security-manager-policy-reload
  20 @@ -2,7 +2,7 @@
  21
  22  POLICY_PATH=/usr/share/security-manager/policy
  23  PRIVILEGE_GROUP_MAPPING=$POLICY_PATH/privilege-group.list
  24 -DB_FILE=`tzplatform-get TZ_SYS_DB | cut -d= -f2`/.security-manager.db
  25 +DB_FILE=/usr/dbspace/.security-manager.db
  26
  27  # Create default buckets
  28  while read bucket default_policy
  29 diff --git a/src/common/file-lock.cpp b/src/common/file-lock.cpp
  30 index 6f3996c..1dada17 100644
  31 --- a/src/common/file-lock.cpp
  32 +++ b/src/common/file-lock.cpp
  33 @@ -30,9 +30,7 @@
  34
  35  namespace SecurityManager {
  36
  37 -char const * const SERVICE_LOCK_FILE = tzplatform_mkpath3(TZ_SYS_RUN,
  38 -                                                         "lock",
  39 -                                                         "security-manager.lock");
  40 +char const * const SERVICE_LOCK_FILE = "/var/run/lock/security-manager.lock";
  41
  42  FileLocker::FileLocker(const std::string &lockFile, bool blocking)
  43  {
  44 diff --git a/src/common/include/file-lock.h b/src/common/include/file-lock.h
  45 index 604b019..21a86a0 100644
  46 --- a/src/common/include/file-lock.h
  47 +++ b/src/common/include/file-lock.h
  48 @@ -29,7 +29,6 @@
  49
  50  #include <dpl/exception.h>
  51  #include <dpl/noncopyable.h>
  52 -#include <tzplatform_config.h>
  53
  54  namespace SecurityManager {
  55
  56 diff --git a/src/common/include/privilege_db.h b/src/common/include/privilege_db.h
  57 index 4d73d90..03c6680 100644
  58 --- a/src/common/include/privilege_db.h
  59 +++ b/src/common/include/privilege_db.h
  60 @@ -34,14 +34,13 @@
  61  #include <string>
  62
  63  #include <dpl/db/sql_connection.h>
  64 -#include <tzplatform_config.h>
  65
  66  #ifndef PRIVILEGE_DB_H_
  67  #define PRIVILEGE_DB_H_
  68
  69  namespace SecurityManager {
  70
  71 -const char *const PRIVILEGE_DB_PATH = tzplatform_mkpath(TZ_SYS_DB, ".security-manager.db");
  72 +const char *const PRIVILEGE_DB_PATH = "/usr/dbspace/.security-manager.db";
  73
  74  enum class QueryType {
  75      EGetPkgPrivileges,
  76 diff --git a/src/common/service_impl.cpp b/src/common/service_impl.cpp
  77 index ae305d3..65cc8b5 100644
  78 --- a/src/common/service_impl.cpp
  79 +++ b/src/common/service_impl.cpp
  80 @@ -32,7 +32,6 @@
  81  #include <algorithm>
  82
  83  #include <dpl/log/log.h>
  84 -#include <tzplatform_config.h>
  85
  86  #include "protocols.h"
  87  #include "privilege_db.h"
  88 @@ -131,7 +130,13 @@ static inline int validatePolicy(policy_entry &policyEntry, std::string uidStr,
  89
  90  static uid_t getGlobalUserId(void)
  91  {
  92 -    static uid_t globaluid = tzplatform_getuid(TZ_SYS_GLOBALAPP_USER);
  93 +    static uid_t globaluid = 0;
  94 +    if (!globaluid) {
  95 +        struct passwd pw, *p;
  96 +        char buf[4096];
  97 +        int rc = getpwnam_r("userapp", &pw, buf, sizeof buf, &p);
  98 +        globaluid = (rc || p == NULL) ? 555 : p->pw_uid;
  99 +    }
 100      return globaluid;
 101  }
 102
 103 @@ -161,37 +166,17 @@ static inline bool isSubDir(const char *parent, const char *subdir)
 104
 105  static bool getUserAppDir(const uid_t &uid, std::string &userAppDir)
 106  {
 107 -    struct tzplatform_context *tz_ctx = nullptr;
 108 -
 109 -    if (tzplatform_context_create(&tz_ctx))
 110 -            return false;
 111 -
 112 -    if (tzplatform_context_set_user(tz_ctx, uid)) {
 113 -        tzplatform_context_destroy(tz_ctx);
 114 -        tz_ctx = nullptr;
 115 +    struct passwd pw, *p;
 116 +    char buf[4096];
 117 +    int rc = getpwuid_r(uid, &pw, buf, sizeof buf, &p);
 118 +    if (rc || p == NULL)
 119          return false;
 120 -    }
 121 -
 122 -    enum tzplatform_variable id =
 123 -            (uid == getGlobalUserId()) ? TZ_SYS_RW_APP : TZ_USER_APP;
 124 -    const char *appDir = tzplatform_context_getenv(tz_ctx, id);
 125 -    if (!appDir) {
 126 -        tzplatform_context_destroy(tz_ctx);
 127 -        tz_ctx = nullptr;
 128 -        return false;
 129 -    }
 130 -
 131 -    userAppDir = appDir;
 132 -
 133 -    tzplatform_context_destroy(tz_ctx);
 134 -    tz_ctx = nullptr;
 135 -
 136 +    userAppDir = p->pw_dir;
 137      return true;
 138  }
 139
 140  static inline bool installRequestAuthCheck(const app_inst_req &req, uid_t uid, bool &isCorrectPath, std::string &appPath)
 141  {
 142 -    std::string userHome;
 143      std::string userAppDir;
 144      std::stringstream correctPath;
 145
 146 diff --git a/src/common/smack-rules.cpp b/src/common/smack-rules.cpp
 147 index d834e42..8b5728b 100644
 148 --- a/src/common/smack-rules.cpp
 149 +++ b/src/common/smack-rules.cpp
 150 @@ -34,7 +34,6 @@
 151  #include <memory>
 152
 153  #include <dpl/log/log.h>
 154 -#include <tzplatform_config.h>
 155
 156  #include "smack-labels.h"
 157  #include "smack-rules.h"
 158 @@ -43,7 +42,7 @@ namespace SecurityManager {
 159
 160  const char *const SMACK_APP_LABEL_TEMPLATE     = "~APP~";
 161  const char *const SMACK_PKG_LABEL_TEMPLATE     = "~PKG~";
 162 -const char *const APP_RULES_TEMPLATE_FILE_PATH = tzplatform_mkpath4(TZ_SYS_SHARE, "security-manager", "policy", "app-rules-template.smack");
 163 +const char *const APP_RULES_TEMPLATE_FILE_PATH = "/usr/share/security-manager/policy/app-rules-template.smack";
 164  const char *const SMACK_APP_IN_PACKAGE_PERMS   = "rwxat";
 165
 166  SmackRules::SmackRules()
 167 @@ -237,14 +236,12 @@ void SmackRules::generatePackageCrossDeps(const std::vector<std::string> &pkgCon
 168
 169  std::string SmackRules::getPackageRulesFilePath(const std::string &pkgId)
 170  {
 171 -    std::string path(tzplatform_mkpath3(TZ_SYS_SMACK, "accesses.d", ("pkg_" + pkgId).c_str()));
 172 -    return path;
 173 +    return "/etc/smack/accesses.d/pkg_" + pkgId;
 174  }
 175
 176  std::string SmackRules::getApplicationRulesFilePath(const std::string &appId)
 177  {
 178 -    std::string path(tzplatform_mkpath3(TZ_SYS_SMACK, "accesses.d", ("app_" +  appId).c_str()));
 179 -    return path;
 180 +    return "/etc/smack/accesses.d/app_" + appId;
 181  }
 182  void SmackRules::installApplicationPrivilegesRules(const std::string &appId, const std::string &pkgId,
 183          const std::vector<std::string> &pkgContents, const std::vector<std::string> &privileges)
 184 @@ -256,8 +253,7 @@ void SmackRules::installApplicationPrivilegesRules(const std::string &appId, con
 185      for (auto privilege : privileges) {
 186          if (privilege.empty())
 187              continue;
 188 -        std::string fprivilege ( privilege + "-template.smack");
 189 -        std::string path(tzplatform_mkpath4(TZ_SYS_SHARE, "security-manager", "policy", fprivilege.c_str()));
 190 +        std::string path = "/usr/share/security-manager/policy/" + privilege + "-template.smack";
 191          if( stat(path.c_str(), &buffer) == 0)
 192              smackRules.addFromTemplateFile(appId, pkgId, path);
 193      }
 194 --
 195 2.1.4
 196