#sbs-git:slp/pkgs/s/security-server security-server 0.0.37
Name: wrt-security
-Summary: Wrt security daemon.
-Version: 0.0.62
-Release: 4
-Group: TO_BE/FILLED_IN
-License: Apache License, Version 2.0
+Summary: Wrt security daemon
+Version: 0.0.67
+Release: 0
+Group: Security/Access Control
+License: Apache-2.0
URL: N/A
Source0: %{name}-%{version}.tar.gz
-Source1: wrt-security.manifest
+Source1001: %{name}.manifest
BuildRequires: cmake
BuildRequires: zip
BuildRequires: pkgconfig(dlog)
BuildRequires: pkgconfig(privacy-manager-server)
BuildRequires: pkgconfig(capi-security-privacy-manager)
BuildRequires: pkgconfig(dpl-wrt-dao-ro)
-BuildRequires: pkgconfig(libsystemd-daemon)
+BuildRequires: pkgconfig(libsystemd-daemon)
+BuildRequires: pkgconfig(libtzplatform-config)
+Requires: libtzplatform-config
%{?systemd_requires}
%description
Wrt security daemon and utilities.
%package -n wrt-security-devel
-Summary: Header files for client libraries.
+Summary: Header files for client libraries
Group: Development/Libraries
Requires: wrt-security = %{version}-%{release}
Developer files for client libraries.
%package -n security-server-certs
-Summary: Certificates for web applications.
+Summary: Certificates for web applications
Group: Development/Libraries
Requires: security-server
%prep
%setup -q
+cp %{SOURCE1001} .
%build
export LDFLAGS+="-Wl,--rpath=%{_libdir}"
%cmake . -DDPL_LOG="ON" \
-DVERSION=%{version} \
- -DCMAKE_BUILD_TYPE=%{?build_type:%build_type}
+ -DCMAKE_BUILD_TYPE=%{?build_type:%build_type} \
+ -DTZ_SYS_ACE_CONF=%{TZ_SYS_ACE_CONF} \
+ -DTZ_SYS_SHARE=%{TZ_SYS_SHARE}
make %{?jobs:-j%jobs}
cp LICENSE %{buildroot}/usr/share/license/%{name}
%make_install
-mkdir -p %{buildroot}%{_libdir}/systemd/system/multi-user.target.wants
-mkdir -p %{buildroot}%{_libdir}/systemd/system/sockets.target.wants
-ln -sf /usr/lib/systemd/system/wrt-security-daemon.service %{buildroot}%{_libdir}/systemd/system/multi-user.target.wants/wrt-security-daemon.service
-ln -sf /usr/lib/systemd/system/wrt-security-daemon.socket %{buildroot}%{_libdir}/systemd/system/sockets.target.wants/wrt-security-daemon.socket
+mkdir -p %{buildroot}%{_unitdir}/multi-user.target.wants
+mkdir -p %{buildroot}%{_unitdir}/sockets.target.wants
+ln -sf %{_unitdir}/wrt-security-daemon.service %{buildroot}%{_unitdir}/multi-user.target.wants/wrt-security-daemon.service
+ln -sf %{_unitdir}/wrt-security-daemon.socket %{buildroot}%{_unitdir}/sockets.target.wants/wrt-security-daemon.socket
%clean
rm -rf %{buildroot}
%post
-if [ -z ${2} ]; then
+if [ ! -e %TZ_SYS_DB"/.ace.db" ]; then
echo "This is new install of wrt-security"
echo "Calling /usr/bin/wrt_security_create_clean_db.sh"
- /usr/bin/wrt_security_create_clean_db.sh
+ %{_bindir}/wrt_security_create_clean_db.sh
else
# Find out old and new version of databases
- ACE_OLD_DB_VERSION=`sqlite3 /opt/dbspace/.ace.db ".tables" | grep "DB_VERSION_"`
- ACE_NEW_DB_VERSION=`cat /usr/share/wrt-engine/ace_db.sql | tr '[:blank:]' '\n' | grep DB_VERSION_`
+ ACE_OLD_DB_VERSION=`sqlite3 %TZ_SYS_DB/.ace.db ".tables" | grep "DB_VERSION_"`
+ ACE_NEW_DB_VERSION=`cat %TZ_SYS_RO_WRT_ENGINE/ace_db.sql | tr '[:blank:]' '\n' | grep DB_VERSION_`
echo "OLD ace database version ${ACE_OLD_DB_VERSION}"
echo "NEW ace database version ${ACE_NEW_DB_VERSION}"
echo "Equal database detected so db installation ignored"
else
echo "Calling /usr/bin/wrt_security_create_clean_db.sh"
- /usr/bin/wrt_security_create_clean_db.sh
+ %{_bindir}/wrt_security_create_clean_db.sh
fi
else
echo "Calling /usr/bin/wrt_security_create_clean_db.sh"
- /usr/bin/wrt_security_create_clean_db.sh
+ %{_bindir}/wrt_security_create_clean_db.sh
fi
fi
+chsmack -a 'User' /opt/dbspace/.ace.db*
+
/sbin/ldconfig
echo "[WRT] wrt-security postinst done ..."
/sbin/ldconfig
%files -n wrt-security
-%manifest packaging/wrt-security.manifest
+%manifest %{name}.manifest
%defattr(-,root,root,-)
-%attr(755,root,root) /usr/bin/wrt-security-daemon
+%attr(755,root,root) %{_bindir}/wrt-security-daemon
%{_libdir}/libace*.so
%{_libdir}/libace*.so.*
%{_libdir}/libwrt-ocsp.so
/usr/share/wrt-engine/*
%attr(755,root,root) %{_bindir}/wrt_security_create_clean_db.sh
%attr(755,root,root) %{_bindir}/wrt_security_change_policy.sh
-%attr(664,root,root) %{_datadir}/dbus-1/services/*
-%attr(664,root,root) /usr/etc/ace/bondixml*
-%attr(664,root,root) /usr/etc/ace/UnrestrictedPolicy.xml
-%attr(664,root,root) /usr/etc/ace/WAC2.0Policy.xml
-%attr(664,root,root) /usr/etc/ace/TizenPolicy.xml
-%attr(664,root,root) /opt/share/cert-svc/certs/code-signing/wac/wac.publisherid.pem
-%attr(664,root,root) /opt/share/cert-svc/certs/code-signing/tizen/tizen.root.preproduction.cert.pem
-%attr(664,root,root) /opt/share/cert-svc/certs/code-signing/wac/wac.root.production.pem
-%attr(664,root,root) /opt/share/cert-svc/certs/code-signing/wac/wac.root.preproduction.pem
-%attr(664,root,root) /opt/share/cert-svc/certs/code-signing/tizen/tizen-developer-root-ca.pem
-%attr(664,root,root) /opt/share/cert-svc/certs/code-signing/tizen/tizen-distributor-root-ca-partner.pem
-%attr(664,root,root) /opt/share/cert-svc/certs/code-signing/tizen/tizen-distributor-root-ca-public.pem
-%attr(664,root,root) /opt/share/cert-svc/certs/code-signing/tizen/tizen-distributor-root-ca-partner-manufacturer.pem
-%attr(664,root,root) /opt/share/cert-svc/certs/code-signing/tizen/tizen-distributor-root-ca-partner-operator.pem
-%attr(664,root,root) /opt/share/cert-svc/certs/code-signing/tizen/tizen-developers-root.pem
-%attr(664,root,root) /opt/share/cert-svc/certs/code-signing/tizen/tizen-partner-class-developer-root.pem
-%attr(664,root,root) /opt/share/cert-svc/certs/code-signing/tizen/tizen-partner-class-root-authority.pem
-%attr(664,root,root) /opt/share/cert-svc/certs/code-signing/tizen/tizen-platform-class-developer-root.pem
-%attr(664,root,root) /opt/share/cert-svc/certs/code-signing/tizen/tizen-platform-class-root-authority.pem
-%attr(664,root,root) /opt/share/cert-svc/certs/code-signing/tizen/tizen-public-class-developer-root.pem
-%attr(664,root,root) /opt/share/cert-svc/certs/code-signing/tizen/tizen-public-class-root-authority.pem
+%attr(664,root,root) %{_datadir}/dbus-1/system-services/*
+%attr(664,root,root) %TZ_SYS_ACE_CONF/bondixml*
+%attr(664,root,root) %TZ_SYS_ACE_CONF/UnrestrictedPolicy.xml
+%attr(664,root,root) %TZ_SYS_ACE_CONF/WAC2.0Policy.xml
+%attr(664,root,root) %TZ_SYS_ACE_CONF/TizenPolicy.xml
+%attr(664,root,root) %TZ_SYS_SHARE/cert-svc/certs/code-signing/wac/wac.publisherid.pem
+%attr(664,root,root) %TZ_SYS_SHARE/cert-svc/certs/code-signing/tizen/tizen.root.preproduction.cert.pem
+%attr(664,root,root) %TZ_SYS_SHARE/cert-svc/certs/code-signing/wac/wac.root.production.pem
+%attr(664,root,root) %TZ_SYS_SHARE/cert-svc/certs/code-signing/wac/wac.root.preproduction.pem
+%attr(664,root,root) %TZ_SYS_SHARE/cert-svc/certs/code-signing/tizen/tizen-developer-root-ca.pem
+%attr(664,root,root) %TZ_SYS_SHARE/cert-svc/certs/code-signing/tizen/tizen-distributor-root-ca-partner.pem
+%attr(664,root,root) %TZ_SYS_SHARE/cert-svc/certs/code-signing/tizen/tizen-distributor-root-ca-public.pem
+%attr(664,root,root) %TZ_SYS_SHARE/cert-svc/certs/code-signing/tizen/tizen-distributor-root-ca-partner-manufacturer.pem
+%attr(664,root,root) %TZ_SYS_SHARE/cert-svc/certs/code-signing/tizen/tizen-distributor-root-ca-partner-operator.pem
+%attr(664,root,root) %TZ_SYS_SHARE/cert-svc/certs/code-signing/tizen/tizen-developers-root.pem
+%attr(664,root,root) %TZ_SYS_SHARE/cert-svc/certs/code-signing/tizen/tizen-partner-class-developer-root.pem
+%attr(664,root,root) %TZ_SYS_SHARE/cert-svc/certs/code-signing/tizen/tizen-partner-class-root-authority.pem
+%attr(664,root,root) %TZ_SYS_SHARE/cert-svc/certs/code-signing/tizen/tizen-platform-class-developer-root.pem
+%attr(664,root,root) %TZ_SYS_SHARE/cert-svc/certs/code-signing/tizen/tizen-platform-class-root-authority.pem
+%attr(664,root,root) %TZ_SYS_SHARE/cert-svc/certs/code-signing/tizen/tizen-public-class-developer-root.pem
+%attr(664,root,root) %TZ_SYS_SHARE/cert-svc/certs/code-signing/tizen/tizen-public-class-root-authority.pem
%{_datadir}/license/%{name}
-%{_libdir}/systemd/*
+%{_unitdir}/*
%files -n wrt-security-devel
+%manifest %{name}.manifest
%defattr(-,root,root,-)
%{_includedir}/wrt-security/*
%{_includedir}/ace/*