1 // Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved
2 // Use of this source code is governed by an apache-2.0 license that can be
3 // found in the LICENSE file.
5 #include "common/shared_dirs.h"
7 #include <manifest_parser/utils/logging.h>
8 #include <manifest_parser/utils/version_number.h>
10 #include <boost/filesystem/operations.hpp>
11 #include <boost/filesystem/path.hpp>
12 #include <boost/program_options.hpp>
13 #include <boost/system/error_code.hpp>
17 #include <vcore/Certificate.h>
18 #include <pkgmgr-info.h>
19 #include <sys/types.h>
22 #include <tzplatform_config.h>
23 #include <sys/xattr.h>
38 #include "common/paths.h"
39 #include "common/security_registration.h"
40 #include "common/pkgmgr_query.h"
41 #include "common/utils/base64.h"
42 #include "common/utils/file_util.h"
43 #include "common/utils/user_util.h"
44 #include "common/utils/glist_range.h"
46 namespace bf = boost::filesystem;
47 namespace bpo = boost::program_options;
48 namespace bs = boost::system;
49 namespace ci = common_installer;
53 const uid_t kGlobalUserUid = tzplatform_getuid(TZ_SYS_GLOBALAPP_USER);
54 const utils::VersionNumber ver30("3.0");
56 const std::vector<const char*> kEntries = {
62 const std::vector<const char*> kReadOnlyEntries = {
69 const char kSharedResDir[] = "shared/res";
70 const char kSharedDataDir[] = "shared/data";
71 const char kSharedTrustedDir[] = "shared/trusted";
72 const char kSkelAppDir[] = "/etc/skel/apps_rw";
73 const char kExternalStoragePrivilege[] =
74 "http://tizen.org/privilege/externalstorage.appdata";
75 const char kSystemShareGroupName[] = "system_share";
77 bool SetFileOwner(const bf::path& subpath, uid_t uid, gid_t gid) {
79 int fd = open(subpath.c_str(), O_RDONLY);
81 LOG(ERROR) << "Can't open directory : " << subpath;
84 int ret = fchown(fd, uid, gid);
87 LOG(ERROR) << "Failed to change owner of: " << subpath;
93 bool SetOwnerAndPermissions(const bf::path& subpath, uid_t uid,
94 gid_t gid, bf::perms perms) {
96 bf::permissions(subpath, perms, error);
98 LOG(ERROR) << "Failed to set permissions for: " << subpath;
102 if (!SetFileOwner(subpath, uid, gid)) {
108 bool SetPackageDirectoryOwnerAndPermissions(const bf::path& subpath, uid_t uid,
110 bs::error_code error;
111 bf::perms perms = bf::owner_read |
114 // symlink will be skipped
115 if (bf::is_symlink(symlink_status(subpath)))
118 // non directory will be skipped
120 if (bf::is_directory(subpath)) {
121 perms |= bf::owner_exe | bf::group_exe | bf::others_exe;
122 if (subpath.filename() == "data") {
123 perms |= bf::group_write | bf::set_gid_on_exe;
124 boost::optional<gid_t> system_share =
125 ci::GetGidByGroupName(kSystemShareGroupName);
130 result = SetOwnerAndPermissions(subpath, uid, gid, perms);
136 bool CreateDirectories(const bf::path& app_dir, const std::string& pkgid,
137 uid_t uid, gid_t gid, const bool set_permissions) {
138 bf::path base_dir = app_dir / pkgid;
139 if (bf::exists(base_dir)) {
140 LOG(DEBUG) << "Directory for user already exist: " << base_dir;
144 bs::error_code error;
145 std::vector<const char*> dirs(kEntries);
147 dirs.push_back(kSharedTrustedDir);
148 for (auto& entry : dirs) {
149 bf::path subpath = base_dir / entry;
150 bf::create_directories(subpath, error);
152 LOG(ERROR) << "Failed to create directory: " << subpath;
156 if (set_permissions) {
157 if (!SetPackageDirectoryOwnerAndPermissions(subpath, uid, gid))
161 for (bf::recursive_directory_iterator iter(subpath);
162 iter != bf::recursive_directory_iterator(); ++iter) {
163 if (!SetPackageDirectoryOwnerAndPermissions(iter->path(), uid, gid))
172 bf::path GetDirectoryPathForStorage(uid_t user, std::string apps_prefix) {
173 std::string username = ci::GetUsernameByUid(user);
174 if (username.empty())
178 apps_rw = bf::path(apps_prefix.c_str()) / username / "apps_rw";
182 bool CreateUserDirectories(uid_t user, const std::string& pkgid,
183 const std::string& apps_prefix, const bool set_permissions) {
184 boost::optional<gid_t> gid = ci::GetGidByUid(user);
188 std::string group_name = ci::GetGroupNameByGid(*gid);
189 if (group_name != tzplatform_getenv(TZ_SYS_USER_GROUP))
192 LOG(DEBUG) << "Creating directories for uid: " << user << ", gid: "
195 bf::path apps_rw = GetDirectoryPathForStorage(user, apps_prefix);
196 if (apps_rw.empty()) {
197 LOG(DEBUG) << "Directory not exists: " << apps_rw;
201 if (!CreateDirectories(apps_rw, pkgid,
202 user, *gid, set_permissions)) {
208 bool DeleteDirectories(const bf::path& app_dir, const std::string& pkgid) {
209 bf::path base_dir = app_dir / pkgid;
210 bs::error_code error;
211 bf::remove_all(base_dir, error);
213 LOG(ERROR) << "Failed to delete directory: " << base_dir;
220 bool CreateSymlinkFiles(const bf::path& src_dir, const bf::path& dst_dir) {
221 std::vector<char*> rofiles;
222 for (auto& entry : kReadOnlyEntries)
223 rofiles.push_back(strdup(entry));
225 for (bf::directory_iterator file(src_dir);
226 file != bf::directory_iterator();
228 if (bf::is_regular_file(file->path())) {
229 bf::path current(file->path());
230 bf::path file_name = current.filename();
231 LOG(DEBUG) << "file_name: " << file_name;
232 rofiles.push_back(strdup(file_name.c_str()));
236 bs::error_code error;
237 for (auto& entry : rofiles) {
238 bf::path src_path = src_dir / entry;
239 bf::path dst_path = dst_dir / entry;
240 free(const_cast<char*>(entry));
241 if (!bf::exists(src_path)) {
242 // check if symlink for .mmc/bin,lib,res, then do not skip
243 if (!bf::is_symlink(symlink_status(src_path))) {
244 LOG(ERROR) << "src_path not exist : " << src_path;
248 if (bf::exists(dst_path)) {
249 LOG(WARNING) << "dst_path exist, skip : " << dst_path;
252 bf::create_symlink(src_path, dst_path, error);
254 LOG(ERROR) << "Symlink creation failure src_path: " << src_path
255 << " dst_path: " << dst_path;
256 LOG(ERROR) << "error: " << error.message();
263 bool DeleteSymlinkFiles(const bf::path& src_dir, const bf::path& dst_dir) {
264 bs::error_code error;
265 for (bf::directory_iterator file(dst_dir);
266 file != bf::directory_iterator();
268 bf::path current(file->path());
269 if (bf::is_symlink(symlink_status(current))) {
270 bf::path resolved_path = bf::read_symlink(current, error);
272 LOG(ERROR) << "Getting resolved path of symlink: " << current;
273 LOG(ERROR) << "resolved_path: " << resolved_path;
274 LOG(ERROR) << "error: " << error.message();
277 LOG(DEBUG) << "resolved_path: " << resolved_path;
278 bf::path parent = resolved_path.parent_path();
279 if (!parent.empty() && (parent == src_dir)) {
280 bf::remove(current, error);
281 LOG(DEBUG) << "removed: " << current;
283 LOG(ERROR) << "Symlink deletion failure for: " << current;
284 LOG(ERROR) << "error: " << error.message();
288 LOG(WARNING) << "Parent is empty or not equal to src, parenet: ("
293 bf::path shared_res = dst_dir / kSharedResDir;
294 if (bf::is_symlink(symlink_status(shared_res))) {
295 bf::remove(shared_res, error);
297 LOG(ERROR) << "Symlink deletion failure for: " << shared_res;
298 LOG(ERROR) << "error: " << error.message();
307 namespace common_installer {
309 std::string GetDirectoryPathForInternalStorage() {
310 const char* internal_storage_prefix = tzplatform_getenv(TZ_SYS_HOME);
311 if (internal_storage_prefix)
312 return std::string(internal_storage_prefix);
313 return tzplatform_getenv(TZ_SYS_HOME);
316 std::string GetDirectoryPathForExternalStorage() {
317 return GetExternalCardPath().string();
320 bool PerformExternalDirectoryCreationForUser(uid_t user,
321 const std::string& pkgid) {
322 bf::path storage_path = GetExternalCardPath();
324 const bool set_permissions = false;
325 if (!bf::exists(storage_path)) {
326 LOG(WARNING) << "External storage (SD Card) is not mounted.";
330 bf::path storage_apps_path = storage_path / "apps";
331 if (!bf::exists(storage_apps_path)) {
332 bs::error_code error;
333 bf::create_directories(storage_apps_path, error);
335 LOG(ERROR) << "Failed to create directory: "
336 << storage_apps_path.c_str();
341 if (CreateUserDirectories(user, pkgid,
342 storage_apps_path.c_str(), set_permissions)) {
347 bool PerformExternalDirectoryDeletionForUser(uid_t user,
348 const std::string& pkgid) {
349 bf::path storage_path = GetExternalCardPath();
350 if (!bf::exists(storage_path)) {
351 LOG(WARNING) << "External storage (SD Card) is not mounted.";
355 bf::path storage_apps_path = bf::path(storage_path) / "apps";
356 return DeleteDirectories(
357 GetDirectoryPathForStorage(user, storage_apps_path.string()), pkgid);
360 bool PerformExternalDirectoryCreationForAllUsers(const std::string& pkgid) {
361 UserList list = ci::GetUserList();
362 for (auto l : list) {
363 if (!PerformExternalDirectoryCreationForUser(std::get<0>(l),
365 LOG(WARNING) << "Could not create external storage directories for user: "
371 int PrivilegeCallback(const pkgmgrinfo_pkginfo_h handle, void* user_data) {
372 uid_t uid = static_cast<uid_t>(reinterpret_cast<uintptr_t>(user_data));
373 char* pkgid = nullptr;
375 int ret = pkgmgrinfo_pkginfo_get_pkgid(handle, &pkgid);
376 if (ret != PMINFO_R_OK)
378 if (!PerformExternalDirectoryCreationForUser(uid, pkgid))
384 bool PerformExternalDirectoryCreationForAllPkgs() {
385 UserList list = ci::GetUserList();
386 for (auto l : list) {
387 uid_t uid = std::get<0>(l);
388 pkgmgrinfo_pkginfo_filter_h filter_handle = nullptr;
389 int ret = pkgmgrinfo_pkginfo_filter_create(&filter_handle);
390 if (ret != PMINFO_R_OK)
392 ret = pkgmgrinfo_pkginfo_filter_add_string(filter_handle,
393 PMINFO_PKGINFO_PROP_PACKAGE_PRIVILEGE, kExternalStoragePrivilege);
394 if (ret != PMINFO_R_OK) {
395 pkgmgrinfo_pkginfo_filter_destroy(filter_handle);
399 ret = pkgmgrinfo_pkginfo_filter_foreach_pkginfo(filter_handle,
401 reinterpret_cast<void*>(static_cast<uintptr_t>(uid)));
402 if (ret != PMINFO_R_OK) {
403 LOG(DEBUG) << "Failed to create external directoy";
404 pkgmgrinfo_pkginfo_filter_destroy(filter_handle);
407 pkgmgrinfo_pkginfo_filter_destroy(filter_handle);
413 bool PerformExternalDirectoryDeletionForAllUsers(const std::string& pkgid) {
414 UserList list = ci::GetUserList();
415 for (auto l : list) {
416 uid_t uid = std::get<0>(l);
417 LOG(DEBUG) << "Deleting directories for user: " << uid;
418 if (QueryIsPackageInstalled(pkgid, uid)) {
419 LOG(DEBUG) << "Package: " << pkgid << " for uid: " << uid
420 << " still exists. Skipping";
424 if (!PerformExternalDirectoryDeletionForUser(uid, pkgid))
425 LOG(WARNING) << "Could not delete external storage directories for user: "
431 bool CreateSkelDirectories(const std::string& pkgid,
432 const std::string& api_version,
433 bool trusted, bool shareddata, bool is_readonly) {
434 bf::path path = bf::path(kSkelAppDir) / pkgid;
435 LOG(DEBUG) << "Creating directories in: " << path;
437 utils::VersionNumber api_ver(api_version);
439 bs::error_code error;
440 bf::create_directories(path, error);
442 LOG(ERROR) << "Failed to create directory: " << path;
446 std::vector<const char*> dirs(kEntries);
448 dirs.push_back(kSharedTrustedDir);
449 if (api_ver < ver30 || shareddata) {
450 dirs.push_back(kSharedDataDir);
452 for (auto& entry : dirs) {
453 bf::path subpath = path / entry;
454 bf::create_directories(subpath, error);
455 if (error && !bf::exists(subpath)) {
456 LOG(ERROR) << "Failed to create directory: " << subpath;
461 std::string error_message;
462 if (!RegisterSecurityContextForPath(pkgid, path, kGlobalUserUid,
463 is_readonly, &error_message)) {
464 LOG(ERROR) << "Failed to register security context for path: " << path
465 << ", error_message: " << error_message;
471 bf::path src_dir = bf::path(tzplatform_getenv(TZ_SYS_RW_APP)) / pkgid;
472 result = CreateSymlinkFiles(src_dir, path);
479 bool DeleteSkelDirectories(const std::string& pkgid) {
480 return DeleteDirectories(bf::path(kSkelAppDir), pkgid);
484 bool DeleteUserDirectories(const std::string& pkgid) {
485 UserList list = ci::GetUserList();
486 for (auto l : list) {
487 if (ci::QueryIsPackageInstalled(pkgid, std::get<0>(l))) {
488 LOG(INFO) << pkgid << " is installed for user " << std::get<0>(l);
492 LOG(DEBUG) << "Deleting directories of " << pkgid
493 << ", for uid: " << std::get<0>(l);
494 bf::path apps_rw(std::get<2>(l) / "apps_rw");
495 if (!DeleteDirectories(apps_rw, pkgid)) {
502 bool DeleteUserExternalDirectories(const std::string& pkgid) {
503 UserList list = ci::GetUserList();
504 for (auto l : list) {
505 if (ci::QueryIsPackageInstalled(pkgid, std::get<0>(l))) {
506 LOG(INFO) << pkgid << " is installed for user " << std::get<0>(l);
510 LOG(DEBUG) << "Deleting external directories of " << pkgid
511 << ", for uid: " << std::get<0>(l);
512 bf::path apps_rw(std::get<2>(l) / "apps_rw");
513 if (!DeleteDirectories(apps_rw, pkgid)) {
521 bool CopyUserDirectories(const std::string& pkgid) {
522 UserList list = ci::GetUserList();
523 for (auto l : list) {
524 uid_t uid = std::get<0>(l);
525 LOG(DEBUG) << "Copying directories for uid: " << uid;
526 bf::path apps_rw(std::get<2>(l) / "apps_rw");
527 bf::path src = bf::path(kSkelAppDir) / pkgid;
528 bf::path dst = apps_rw / pkgid;
529 if (!ci::CopyDir(src, dst, FSFlag::FS_NONE, true))
531 gid_t gid = std::get<1>(l);
532 if (!SetPackageDirectoryOwnerAndPermissions(dst, uid, gid))
534 for (bf::recursive_directory_iterator iter(dst);
535 iter != bf::recursive_directory_iterator(); ++iter) {
536 if (!SetPackageDirectoryOwnerAndPermissions(iter->path(),
540 std::string error_message;
541 if (!RegisterSecurityContextForPath(pkgid, dst, std::get<0>(l),
542 false, &error_message)) {
543 LOG(ERROR) << "Failed to register security context for path: " << dst
544 << ", error_message: " << error_message;
551 bool CreateGlobalAppSymlinksForAllUsers(const std::string& pkgid) {
552 bf::path src_dir = bf::path(tzplatform_getenv(TZ_SYS_RW_APP)) / pkgid;
553 if (!bf::exists(src_dir)) {
554 LOG(ERROR) << "src_dir not exists";
559 UserList list = ci::GetUserList();
560 for (auto l : list) {
561 uid_t uid = std::get<0>(l);
562 LOG(DEBUG) << "Creating symlinks for uid: " << uid;
563 // check installed user private app.
564 if (QueryIsPackageInstalled(pkgid, uid))
566 bf::path apps_rw(std::get<2>(l) / "apps_rw");
567 bf::path dst_dir = apps_rw / pkgid;
568 if (!bf::exists(dst_dir)) {
569 LOG(WARNING) << "dst_dir not exists";
572 result = CreateSymlinkFiles(src_dir, dst_dir);
577 bool CreateGlobalAppSymlinksForUser(const std::string& pkgid, uid_t uid) {
578 bf::path src_dir = bf::path(tzplatform_getenv(TZ_SYS_RW_APP)) / pkgid;
579 if (!bf::exists(src_dir)) {
580 LOG(ERROR) << "src_dir not exists";
584 tzplatform_set_user(uid);
585 bf::path dst_dir = bf::path(tzplatform_getenv(TZ_USER_APP)) / pkgid;
586 tzplatform_reset_user();
587 if (!bf::exists(dst_dir)) {
588 LOG(WARNING) << "dst_dir not exists";
591 bool result = CreateSymlinkFiles(src_dir, dst_dir);
596 bool DeleteGlobalAppSymlinksForAllUsers(const std::string& pkgid) {
597 bf::path src_dir = bf::path(tzplatform_getenv(TZ_SYS_RW_APP)) / pkgid;
598 if (!bf::exists(src_dir)) {
599 LOG(ERROR) << "src_dir not exists";
604 UserList list = ci::GetUserList();
605 for (auto l : list) {
606 uid_t uid = std::get<0>(l);
607 LOG(DEBUG) << "Deleting symlinks for uid: " << uid;
608 // check installed user private app.
609 if (QueryIsPackageInstalled(pkgid, uid))
611 bf::path apps_rw(std::get<2>(l) / "apps_rw");
612 bf::path dst_dir = apps_rw / pkgid;
613 if (!bf::exists(dst_dir)) {
614 LOG(WARNING) << "dst_dir not exists";
617 result = DeleteSymlinkFiles(src_dir, dst_dir);
622 bool DeleteGlobalAppSymlinksForUser(const std::string& pkgid, uid_t uid) {
623 bf::path src_dir = bf::path(tzplatform_getenv(TZ_SYS_RW_APP)) / pkgid;
624 if (!bf::exists(src_dir)) {
625 LOG(ERROR) << "src_dir not exists";
629 tzplatform_set_user(uid);
630 bf::path dst_dir = bf::path(tzplatform_getenv(TZ_USER_APP)) / pkgid;
631 tzplatform_reset_user();
632 if (!bf::exists(dst_dir)) {
633 LOG(WARNING) << "dst_dir not exists";
636 bool result = DeleteSymlinkFiles(src_dir, dst_dir);
640 } // namespace common_installer