tool/pkg_privilege.c

   1 #include <stdio.h>
   2 #include <unistd.h>
   3 #include <sys/types.h>
   4
   5 #include <tzplatform_config.h>
   6 #include <security-manager.h>
   7 #include <pkgmgr_parser.h>
   8
   9 #define BUFSIZE 4096
  10 #define OWNER_ROOT 0
  11 #define GLOBAL_USER tzplatform_getuid(TZ_SYS_GLOBALAPP_USER)
  12
  13 static const char *_get_path(const char *pkgid, const char *appid, uid_t uid)
  14 {
  15         char buf[BUFSIZE];
  16         const char *path;
  17
  18         /* TODO: unify application directory layout */
  19         if (uid == OWNER_ROOT || uid == GLOBAL_USER)
  20                 snprintf(buf, BUFSIZE - 1, "%s", pkgid);
  21         else
  22                 snprintf(buf, BUFSIZE - 1, "%s/%s", pkgid, appid);
  23
  24         tzplatform_set_user(uid);
  25         path = tzplatform_mkpath((uid == OWNER_ROOT || uid == GLOBAL_USER) ?
  26                         TZ_SYS_RO_APP : TZ_USER_APP, buf);
  27         tzplatform_reset_user();
  28
  29         return path;
  30 }
  31
  32 static app_inst_req *_prepare_request(manifest_x *mfx, uid_t uid)
  33 {
  34         app_inst_req *req;
  35         char *path;
  36         struct uiapplication_x *uiapp;
  37         struct serviceapplication_x *svcapp;
  38
  39         if (security_manager_app_inst_req_new(&req)) {
  40                 printf("security_manager_app_inst_req_new failed\n");
  41                 return NULL;
  42         }
  43
  44         security_manager_app_inst_req_set_pkg_id(req, mfx->package);
  45
  46         uiapp = mfx->uiapplication;
  47         while (uiapp) {
  48                 security_manager_app_inst_req_set_app_id(req, uiapp->appid);
  49                 path = _get_path(mfx->package, uiapp->appid, uid);
  50                 security_manager_app_inst_req_add_path(req, path,
  51                                 SECURITY_MANAGER_PATH_PRIVATE);
  52                 uiapp = uiapp->next;
  53         }
  54
  55         svcapp = mfx->serviceapplication;
  56         while (svcapp) {
  57                 security_manager_app_inst_req_set_app_id(req, svcapp->appid);
  58                 path = _get_path(mfx->package, svcapp->appid, uid);
  59                 security_manager_app_inst_req_add_path(req, path,
  60                                 SECURITY_MANAGER_PATH_PRIVATE);
  61                 svcapp = svcapp->next;
  62         }
  63
  64         return req;
  65 }
  66
  67 static int _insert_privilege(char *manifest, uid_t uid)
  68 {
  69         int ret;
  70         app_inst_req *req;
  71         manifest_x *mfx;
  72         privilege_x *priv;
  73
  74         mfx = pkgmgr_parser_process_manifest_xml(manifest);
  75         if (mfx == NULL) {
  76                 printf("Parse manifest failed\n");
  77                 return -1;
  78         }
  79
  80         req = _prepare_request(mfx, uid);
  81         if (req == NULL) {
  82                 pkgmgr_parser_free_manifest_xml(mfx);
  83                 return -1;
  84         }
  85
  86         if (mfx->privileges != NULL) {
  87                 for (priv = mfx->privileges->privilege; priv; priv = priv->next)
  88                         security_manager_app_inst_req_add_privilege(req,
  89                                         priv->text);
  90         }
  91
  92         ret = security_manager_app_install(req);
  93         if (ret != SECURITY_MANAGER_SUCCESS)
  94                 printf("security_manager_app_install failed: %d\n", ret);
  95
  96         security_manager_app_inst_req_free(req);
  97         pkgmgr_parser_free_manifest_xml(mfx);
  98
  99         return 0;
 100 }
 101
 102 static int _remove_privilege(char *manifest, uid_t uid)
 103 {
 104         int ret;
 105         app_inst_req *req;
 106         manifest_x *mfx;
 107         privilege_x *priv;
 108
 109         mfx = pkgmgr_parser_process_manifest_xml(manifest);
 110         if (mfx == NULL) {
 111                 printf("Parse manifest failed\n");
 112                 return -1;
 113         }
 114
 115         req = _prepare_request(mfx, uid);
 116         if (req == NULL) {
 117                 pkgmgr_parser_free_manifest_xml(mfx);
 118                 return -1;
 119         }
 120
 121         ret = security_manager_app_uninstall(req);
 122         if (ret != SECURITY_MANAGER_SUCCESS)
 123                 printf("security_manager_app_uninstall failed: %d\n", ret);
 124
 125         security_manager_app_inst_req_free(req);
 126         pkgmgr_parser_free_manifest_xml(mfx);
 127
 128         return 0;
 129 }
 130
 131 static void _print_usage(const char *cmd)
 132 {
 133         printf("usage: %s <option> <manifest>\n"
 134                "   -i \t\t install privilege\n"
 135                "   -u \t\t uninstall privilege\n", cmd);
 136 }
 137
 138 int main(int argc, char **argv)
 139 {
 140         int ret;
 141
 142         if (argc < 3) {
 143                 _print_usage(argv[0]);
 144                 return -1;
 145         }
 146
 147         if (!strcmp(argv[1], "-i")) {
 148                 ret = _insert_privilege(argv[2], getuid());
 149         } else if (!strcmp(argv[1], "-u")) {
 150                 ret = _remove_privilege(argv[2], getuid());
 151         } else {
 152                 _print_usage(argv[0]);
 153                 ret = -1;
 154         }
 155
 156         return ret;
 157 }