4 * Copyright (c) 2000 - 2011 Samsung Electronics Co., Ltd. All rights reserved.
6 * Contact: Jayoun Lee <airjany@samsung.com>, Sewook Park <sewook7.park@samsung.com>,
7 * Jaeho Lee <jaeho81.lee@samsung.com>, Shobhit Srivastava <shobhit.s@samsung.com>
9 * Licensed under the Apache License, Version 2.0 (the "License");
10 * you may not use this file except in compliance with the License.
11 * You may obtain a copy of the License at
13 * http://www.apache.org/licenses/LICENSE-2.0
15 * Unless required by applicable law or agreed to in writing, software
16 * distributed under the License is distributed on an "AS IS" BASIS,
17 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18 * See the License for the specific language governing permissions and
19 * limitations under the License.
34 #include <pkgmgr-info.h>
36 static int __pkg_list_cb (const pkgmgrinfo_pkginfo_h handle, void *user_data);
42 #define _E(fmt, arg...) fprintf(stderr, "[PKG_SMACK][E][%s,%d] "fmt"\n", __FUNCTION__, __LINE__, ##arg);
47 #define _D(fmt, arg...) fprintf(stderr, "[PKG_SMACK][D][%s,%d] "fmt"\n", __FUNCTION__, __LINE__, ##arg);
49 #define LIB_PRIVILEGE_CONTROL "libprivilege-control.so.0"
50 #define LIB_SMACK "libsmack.so.1"
53 #define APP_OWNER_ID 5000
54 #define APP_GROUP_ID 5000
65 static int __is_dir(char *dirname)
67 struct stat stFileInfo;
68 stat(dirname, &stFileInfo);
69 if (S_ISDIR(stFileInfo.st_mode)) {
75 int __pkg_smack_register_package(const char *pkgid)
80 int (*app_install)(const char*) = NULL;
85 handle = dlopen(LIB_PRIVILEGE_CONTROL, RTLD_LAZY | RTLD_GLOBAL);
87 _E( "register package: dlopen() failed. [%s]", dlerror());
91 app_install = dlsym(handle, "app_install");
93 if ((errmsg != NULL) || (app_install == NULL)) {
94 _E( "register package: dlsym() failed. [%s]", errmsg);
99 _E( "[smack] app_install(%s)", pkgid);
100 ret = app_install(pkgid);
101 _E( "[smack] app_install(%s), result = [%d]", pkgid, ret);
107 int __pkg_smack_unregister_package(const char *pkgid)
112 int (*app_uninstall)(const char*) = NULL;
117 handle = dlopen(LIB_PRIVILEGE_CONTROL, RTLD_LAZY | RTLD_GLOBAL);
119 _E( "unregister package: dlopen() failed. [%s]", dlerror());
123 app_uninstall = dlsym(handle, "app_uninstall");
125 if ((errmsg != NULL) || (app_uninstall == NULL)) {
126 _E( "unregister package: dlsym() failed. [%s]", errmsg);
131 _E( "[smack] app_uninstall(%s)", pkgid);
132 ret = app_uninstall(pkgid);
133 _E( "[smack] app_uninstall(%s), result = [%d]", pkgid, ret);
139 int __pkg_smack_revoke_permissions(const char *pkgid)
144 int (*app_revoke_permissions)(const char*) = NULL;
149 handle = dlopen(LIB_PRIVILEGE_CONTROL, RTLD_LAZY | RTLD_GLOBAL);
151 _E( "revoke permissions: dlopen() failed. [%s][%s]", pkgid, dlerror());
155 app_revoke_permissions = dlsym(handle, "app_revoke_permissions");
157 if ((errmsg != NULL) || (app_revoke_permissions == NULL)) {
158 _E( "revoke permissions(): dlsym() failed. [%s][%s]", pkgid, errmsg);
163 _E( "[smack] app_revoke_permissions(%s)", pkgid);
164 ret = app_revoke_permissions(pkgid);
165 _E( "[smack] app_revoke_permissions(%s), result = [%d]", pkgid, ret);
171 int __pkg_smack_enable_permissions(const char *pkgid, int apptype,
172 const char **perms, int persistent)
177 int (*app_enable_permissions)(const char*, int, const char**, bool) = NULL;
182 handle = dlopen(LIB_PRIVILEGE_CONTROL, RTLD_LAZY | RTLD_GLOBAL);
184 _E( "enable permissions(): dlopen() failed. [%s]", dlerror());
188 app_enable_permissions = dlsym(handle, "app_enable_permissions");
190 if ((errmsg != NULL) || (app_enable_permissions == NULL)) {
191 _E( "enable permissions(): dlsym() failed. [%s]", errmsg);
196 _E( "[smack] app_enable_permissions(%s, %d)", pkgid, apptype);
197 ret = app_enable_permissions(pkgid, apptype, perms, persistent);
198 _E( "[smack] app_enable_permissions(%s, %d), result = [%d]", pkgid, apptype, ret);
204 int __pkg_smack_setup_path(const char *pkgid, const char *dirpath,
205 int apppathtype, const char *groupid)
210 int (*app_setup_path)(const char*, const char*, int, ...) = NULL;
212 if (pkgid == NULL || dirpath == NULL)
215 handle = dlopen(LIB_PRIVILEGE_CONTROL, RTLD_LAZY | RTLD_GLOBAL);
217 _E( "setup path: dlopen() failed. [%s]", dlerror());
221 app_setup_path = dlsym(handle, "app_setup_path");
223 if ((errmsg != NULL) || (app_setup_path == NULL)) {
224 _E( "setup path: dlsym() failed. [%s]", errmsg);
229 if (groupid == NULL) {
230 _E( "[smack] app_setup_path(%s, %s, %d)", pkgid, dirpath, apppathtype);
231 ret = app_setup_path(pkgid, dirpath, apppathtype);
232 _E( "[smack] app_setup_path(), result = [%d]", ret);
234 _E( "[smack] app_setup_path(%s, %s, %d, %s)", pkgid, dirpath, apppathtype, groupid);
235 ret = app_setup_path(pkgid, dirpath, apppathtype, groupid);
236 _E( "[smack] app_setup_path(), result = [%d]", ret);
243 int __pkg_smack_add_friend(const char *pkgid1, const char *pkgid2)
248 int (*app_add_friend)(const char*, const char*) = NULL;
250 if (pkgid1 == NULL || pkgid2 == NULL)
253 handle = dlopen(LIB_PRIVILEGE_CONTROL, RTLD_LAZY | RTLD_GLOBAL);
255 _E( "add friend: dlopen() failed. [%s]", dlerror());
259 app_add_friend = dlsym(handle, "app_add_friend");
261 if ((errmsg != NULL) || (app_add_friend == NULL)) {
262 _E( "add friend: dlsym() failed. [%s]", errmsg);
267 _E( "[smack] app_add_friend(%s, %s)", pkgid1, pkgid2);
268 ret = app_add_friend(pkgid1, pkgid2);
269 _E( "[smack] app_add_friend(%s, %s), result = [%d]", pkgid1, pkgid2, ret);
275 int __pkg_smack_change_smack_label(const char *path, const char *label,
278 if (path == NULL || label == NULL)
283 int (*smack_lsetlabel)(const char*, const char*, int) = NULL;
285 handle = dlopen(LIB_SMACK, RTLD_LAZY | RTLD_GLOBAL);
287 _E( "change smack label: dlopen() failed. [%s]", dlerror());
291 smack_lsetlabel = dlsym(handle, "smack_lsetlabel");
293 if ((errmsg != NULL) || (smack_lsetlabel == NULL)) {
294 _E( "change smack label: dlsym() failed. [%s]", errmsg);
299 _E( "[smack] smack_lsetlabel(%s, %s, %d)", path, label, label_type);
300 ret = smack_lsetlabel(path, label, label_type);
301 _E( "[smack] smack_lsetlabel(%s, %s, %d), result = [%d]", path, label, label_type, ret);
307 static void __apply_shared_privileges(char *pkgname, int flag)
309 char dirpath[BUFF_SIZE] = {'\0'};
310 /*execute privilege APIs. The APIs should not fail*/
311 __pkg_smack_register_package(pkgname);
314 /*home dir. Dont setup path but change smack access to "_" */
315 snprintf(dirpath, BUFF_SIZE, "/usr/apps/%s", pkgname);
316 if (__is_dir(dirpath))
317 __pkg_smack_change_smack_label(dirpath, "_", 0);/*0 is SMACK_LABEL_ACCESS*/
318 memset(dirpath, '\0', BUFF_SIZE);
319 snprintf(dirpath, BUFF_SIZE, "/opt/usr/apps/%s", pkgname);
320 if (__is_dir(dirpath))
321 __pkg_smack_change_smack_label(dirpath, "_", 0);/*0 is SMACK_LABEL_ACCESS*/
322 memset(dirpath, '\0', BUFF_SIZE);
324 /*/shared dir. Dont setup path but change smack access to "_" */
325 snprintf(dirpath, BUFF_SIZE, "/usr/apps/%s/shared", pkgname);
326 if (__is_dir(dirpath))
327 __pkg_smack_change_smack_label(dirpath, "_", 0);/*0 is SMACK_LABEL_ACCESS*/
328 memset(dirpath, '\0', BUFF_SIZE);
329 snprintf(dirpath, BUFF_SIZE, "/opt/usr/apps/%s/shared", pkgname);
330 if (__is_dir(dirpath))
331 __pkg_smack_change_smack_label(dirpath, "_", 0);/*0 is SMACK_LABEL_ACCESS*/
332 memset(dirpath, '\0', BUFF_SIZE);
334 /*/shared/res dir. Dont setup path but change smack access to "_" */
336 snprintf(dirpath, BUFF_SIZE, "/usr/apps/%s/shared/res", pkgname);
338 snprintf(dirpath, BUFF_SIZE, "/opt/usr/apps/%s/shared/res", pkgname);
339 if (__is_dir(dirpath))
340 __pkg_smack_setup_path(pkgname, dirpath, RPM_PATH_ANY_LABEL, "_");
341 memset(dirpath, '\0', BUFF_SIZE);
343 /*/shared/data dir. setup path and change group to 'app'*/
345 snprintf(dirpath, BUFF_SIZE, "/usr/apps/%s/shared/data", pkgname);
347 snprintf(dirpath, BUFF_SIZE, "/opt/usr/apps/%s/shared/data", pkgname);
348 if (__is_dir(dirpath)) {
349 chown(dirpath, APP_OWNER_ID, APP_GROUP_ID);
350 __pkg_smack_setup_path(pkgname, dirpath, RPM_PATH_PUBLIC_RO, NULL);
352 memset(dirpath, '\0', BUFF_SIZE);
354 snprintf(dirpath, BUFF_SIZE, "/opt/usr/apps/%s/shared/data", pkgname);
356 snprintf(dirpath, BUFF_SIZE, "/usr/apps/%s/shared/data", pkgname);
357 if (__is_dir(dirpath))
358 chown(dirpath, APP_OWNER_ID, APP_GROUP_ID);
359 __pkg_smack_setup_path(pkgname, dirpath, RPM_PATH_PUBLIC_RO, NULL);
364 static int __is_authorized()
366 /* pkg_init db should be called by as root privilege. */
368 uid_t uid = getuid();
369 if ((uid_t) 0 == uid)
375 static int __pkg_list_cb (const pkgmgrinfo_pkginfo_h handle, void *user_data)
380 ret = pkgmgrinfo_pkginfo_get_pkgid(handle, &pkgid);
382 printf("pkgmgrinfo_pkginfo_get_pkgid() failed\n");
385 __apply_shared_privileges(pkgid, 0);
390 static int __additional_rpm_for_smack()
392 char *pkgid = "ui-gadget::client";
393 char *perm[] = {"http://tizen.org/privilege/appsetting", NULL};
395 __apply_shared_privileges(pkgid, 0);
396 __pkg_smack_enable_permissions(pkgid, 1, perm, 1);
400 static int __find_rpm_for_smack()
403 pkgmgrinfo_pkginfo_filter_h handle = NULL;
405 ret = pkgmgrinfo_pkginfo_filter_create(&handle);
407 printf("pkginfo filter handle create failed\n");
411 ret = pkgmgrinfo_pkginfo_filter_add_string(handle,
412 PMINFO_PKGINFO_PROP_PACKAGE_TYPE, "rpm");
414 printf("pkgmgrinfo_pkginfo_filter_add_string() failed\n");
418 ret = pkgmgrinfo_pkginfo_filter_foreach_pkginfo(handle, __pkg_list_cb, NULL);
420 printf("pkgmgrinfo_pkginfo_filter_foreach_pkginfo() failed\n");
424 pkgmgrinfo_pkginfo_filter_destroy(handle);
428 int main(int argc, char *argv[])
432 if (!__is_authorized()) {
433 _E("You are not an authorized user!\n");
437 ret = __find_rpm_for_smack();
439 printf("__find_rpm_for_smack() failed\n");
441 ret = __additional_rpm_for_smack();
443 printf("__additional_rpm_for_smack() failed\n");