#include <gio/gio.h>
#include <vcore/Certificate.h>
#include <pkgmgr-info.h>
-#include <pwd.h>
-#include <grp.h>
#include <sys/types.h>
#include <unistd.h>
#include <fcntl.h>
#include <tzplatform_config.h>
#include <sys/xattr.h>
-#include <gum/gum-user.h>
-#include <gum/gum-user-service.h>
-#include <gum/common/gum-user-types.h>
#include <algorithm>
#include <cassert>
#include <vector>
#include <tuple>
-#include "common/paths.h"
+#include "common/utils/paths.h"
#include "common/security_registration.h"
-#include "common/pkgmgr_query.h"
+#include "common/utils/pkgmgr_query.h"
#include "common/utils/base64.h"
#include "common/utils/file_util.h"
+#include "common/utils/user_util.h"
#include "common/utils/glist_range.h"
namespace bf = boost::filesystem;
const uid_t kGlobalUserUid = tzplatform_getuid(TZ_SYS_GLOBALAPP_USER);
const utils::VersionNumber ver30("3.0");
+const char kDisableLegacySharedDataDirSupport[] =
+ "/usr/share/app-installers/disable_legacy_shareddata_support";
-typedef std::vector<std::tuple<uid_t, gid_t, bf::path>> user_list;
const std::vector<const char*> kEntries = {
- {"/"},
- {"cache/"},
- {"data/"},
- {"shared/"},
+ {"shared"},
+ {"cache"},
+ {"data"},
};
-const std::vector<const char*> kReadOnlyEntries = {
+const std::vector<std::string> kReadOnlyEntries = {
{"bin"},
{"lib"},
{"res"},
{"shared/res"},
};
+const std::vector<std::string> kSharedDataEntries = {
+ {".shared"},
+ {".shared_tmp"},
+};
const char kSharedResDir[] = "shared/res";
+const char kSharedCacheDir[] = "shared/cache";
const char kSharedDataDir[] = "shared/data";
+const char kShared[] = "shared";
+const char kData[] = "data";
+const char kCache[] = "cache";
+const char kSharedDir[] = ".shared";
+const char kSharedTmpDir[] = ".shared_tmp";
const char kSharedTrustedDir[] = "shared/trusted";
-const char kSkelAppDir[] = "/etc/skel/apps_rw";
+const char kSkelAppDir[] = "skel/apps_rw";
const char kExternalStoragePrivilege[] =
"http://tizen.org/privilege/externalstorage.appdata";
-
-const int32_t kPWBufSize = sysconf(_SC_GETPW_R_SIZE_MAX);
-const int32_t kGRBufSize = sysconf(_SC_GETGR_R_SIZE_MAX);
-
-bool SetFileOwner(const bf::path& subpath, uid_t uid, gid_t gid) {
- bs::error_code error;
- int fd = open(subpath.c_str(), O_RDONLY);
- if (fd < 0) {
- LOG(ERROR) << "Can't open directory : " << subpath;
- return false;
- }
- int ret = fchown(fd, uid, gid);
- close(fd);
- if (ret != 0) {
- LOG(ERROR) << "Failed to change owner of: " << subpath;
- return false;
- }
- return true;
-}
-
-bool SetOwnerAndPermissions(const bf::path& subpath, uid_t uid,
- gid_t gid, bf::perms perms) {
- bs::error_code error;
- bf::permissions(subpath, perms, error);
- if (error) {
- LOG(ERROR) << "Failed to set permissions for: " << subpath;
+const char kSystemShareGroupName[] = "system_share";
+const char kSubssesionDir[] = "subsession";
+// the input path should be root directory of package.
+// for example: "../apps_rw/pkgid" or "../.shared/pkgid"
+bool SetPackageDirectoryOwnerAndPermissions(const bf::path& path, uid_t uid) {
+ boost::optional<gid_t> gid = ci::GetGidByUid(uid);
+ if (!gid)
return false;
- }
- if (!SetFileOwner(subpath, uid, gid)) {
+ bf::perms perms755 = bf::all_all ^ bf::group_write ^ bf::others_write;
+ bf::perms perms644 =
+ bf::owner_read | bf::owner_write | bf::group_read | bf::others_read;
+ bf::perms perms_setgid = perms755 | bf::set_gid_on_exe;
+ boost::optional<gid_t> system_share =
+ ci::GetGidByGroupName(kSystemShareGroupName);
+ // root path
+ if (!ci::SetDirOwnershipAndPermissions(path, perms755, uid, *gid))
return false;
- }
- return true;
-}
-
-bool SetPackageDirectoryOwnerAndPermissions(const bf::path& subpath, uid_t uid,
- gid_t gid) {
- bs::error_code error;
- bf::perms perms = bf::owner_read |
- bf::owner_write |
- bf::group_read;
- // symlink will be skipped
- if (bf::is_symlink(symlink_status(subpath)))
- return true;
- // non directory will be skipped
- bool result = true;
- if (bf::is_directory(subpath)) {
- perms |= bf::owner_exe | bf::group_exe | bf::others_exe;
- result = SetOwnerAndPermissions(subpath, uid, gid, perms);
- }
-
- return result;
-}
-
-bool CreateDirectories(const bf::path& app_dir, const std::string& pkgid,
- uid_t uid, gid_t gid, const bool set_permissions) {
- bf::path base_dir = app_dir / pkgid;
- if (bf::exists(base_dir)) {
- LOG(DEBUG) << "Directory for user already exist: " << base_dir;
- return true;
- }
-
- bs::error_code error;
- std::vector<const char*> dirs(kEntries);
- // always trusted
- dirs.push_back(kSharedTrustedDir);
- for (auto& entry : dirs) {
- bf::path subpath = base_dir / entry;
- bf::create_directories(subpath, error);
- if (error) {
- LOG(ERROR) << "Failed to create directory: " << subpath;
- return false;
- }
-
- if (set_permissions) {
- if (!SetPackageDirectoryOwnerAndPermissions(subpath, uid, gid))
+ for (bf::recursive_directory_iterator iter(path);
+ iter != bf::recursive_directory_iterator(); ++iter) {
+ if (bf::is_symlink(symlink_status(iter->path()))) {
+ // skip symlink path
+ continue;
+ } else if (bf::is_directory(iter->path()) && iter.level() == 0 &&
+ (iter->path().filename() == ".mmc" ||
+ iter->path().filename() == ".pkg" ||
+ iter->path().filename() == "tep")) {
+ // skip path which is related to mount or directory installer creates
+ continue;
+ } else if (bf::is_directory(iter->path())) {
+ bool is_rw = false;
+ if (iter.level() == 0 &&
+ (iter->path().filename() == kData ||
+ iter->path().filename() == kCache))
+ is_rw = true;
+ if (!ci::SetDirOwnershipAndPermissions(
+ iter->path(), is_rw ? perms_setgid : perms755, uid,
+ is_rw ? *system_share : *gid))
+ return false;
+ } else {
+ bool is_bin = false;
+ if (iter.level() == 1 && iter->path().parent_path().filename() == "bin")
+ is_bin = true;
+ if (!ci::SetDirOwnershipAndPermissions(
+ iter->path(), is_bin ? perms755 : perms644, uid, *gid))
return false;
-
- // for content
- for (bf::recursive_directory_iterator iter(subpath);
- iter != bf::recursive_directory_iterator(); ++iter) {
- if (!SetPackageDirectoryOwnerAndPermissions(iter->path(), uid, gid))
- return false;
- }
}
}
-
return true;
}
bf::path GetDirectoryPathForStorage(uid_t user, std::string apps_prefix) {
- struct passwd pwd;
- struct passwd *pwd_result;
- char buf[kPWBufSize];
- int ret = getpwuid_r(user, &pwd, buf, sizeof(buf), &pwd_result);
- if (ret != 0 || pwd_result == nullptr)
+ std::string username = ci::GetUsernameByUid(user);
+ if (username.empty())
return {};
bf::path apps_rw;
- apps_rw = bf::path(apps_prefix.c_str()) / pwd.pw_name / "apps_rw";
-
+ apps_rw = bf::path(apps_prefix.c_str()) / username / "apps_rw";
return apps_rw;
}
-bool CreateUserDirectories(uid_t user, const std::string& pkgid,
- const std::string& apps_prefix, const bool set_permissions) {
- struct passwd pwd;
- struct passwd *pwd_result;
- char buf_pw[kPWBufSize];
- int ret = getpwuid_r(user, &pwd, buf_pw, sizeof(buf_pw), &pwd_result);
- if (ret != 0 || pwd_result == nullptr) {
- LOG(WARNING) << "Failed to get user for home directory: " << user;
+bool DeleteSharedDataDirectories(const bf::path& path,
+ const std::string& pkgid) {
+ if (!ci::RemoveAll(path / pkgid / kSharedDataDir))
return false;
- }
- struct group gr;
- struct group *gr_result;
- char buf_gr[kGRBufSize];
- ret = getgrgid_r(pwd.pw_gid, &gr, buf_gr, sizeof(buf_gr), &gr_result);
- if (ret != 0
- || strcmp(gr.gr_name, tzplatform_getenv(TZ_SYS_USER_GROUP)) != 0)
- return false;
+ std::vector<std::string> shared_dirs(kSharedDataEntries);
+ for (auto entry : shared_dirs) {
+ if (!ci::RemoveAll(path / entry / pkgid))
+ return false;
+ }
- LOG(DEBUG) << "Creating directories for uid: " << pwd.pw_uid << ", gid: "
- << pwd.pw_gid;
+ return true;
+}
- bf::path apps_rw = GetDirectoryPathForStorage(user, apps_prefix);
- if (apps_rw.empty()) {
- LOG(DEBUG) << "Directory not exists: " << apps_rw;
+bool CreateSharedDataDirectories(const bf::path& path,
+ const std::string& pkgid) {
+ if (!ci::CreateDir(path / kSharedDir / pkgid / kData) ||
+ !ci::CreateDir(path / kSharedTmpDir / pkgid) ||
+ !ci::CreateDir(path / pkgid / kShared))
return false;
- }
- if (!CreateDirectories(apps_rw, pkgid,
- pwd.pw_uid, pwd.pw_gid, set_permissions)) {
+ bf::current_path(path / pkgid / kShared);
+ if (bf::exists(path / pkgid / kShared / kData))
+ return true;
+ bf::path relative_path = ci::RelativePath(path / kSharedDir / pkgid / kData,
+ bf::current_path() / kData);
+ bs::error_code error;
+ bf::create_symlink(relative_path, kData, error);
+ if (error) {
+ LOG(ERROR) << "Failed to create symlink : " << error.message();
return false;
}
+
return true;
}
bool DeleteDirectories(const bf::path& app_dir, const std::string& pkgid) {
bf::path base_dir = app_dir / pkgid;
- bs::error_code error;
- bf::remove_all(base_dir, error);
- if (error) {
- LOG(ERROR) << "Failed to delete directory: " << base_dir;
+ if (!ci::RemoveAll(base_dir))
+ return false;
+ if (!DeleteSharedDataDirectories(app_dir, pkgid))
return false;
- }
return true;
}
-user_list GetUserList() {
- GumUserService* service =
- gum_user_service_create_sync((getuid() == 0) ? TRUE : FALSE);
- gchar** user_type_strv = gum_user_type_to_strv(
- GUM_USERTYPE_ADMIN | GUM_USERTYPE_GUEST | GUM_USERTYPE_NORMAL |
- GUM_USERTYPE_SECURITY);
- GumUserList* gum_user_list =
- gum_user_service_get_user_list_sync(service, user_type_strv);
- user_list list;
- for (GumUser* guser : GListRange<GumUser*>(gum_user_list)) {
- uid_t uid;
- g_object_get(G_OBJECT(guser), "uid", &uid, nullptr);
- gid_t gid;
- g_object_get(G_OBJECT(guser), "gid", &gid, nullptr);
- gchar* homedir = nullptr;
- g_object_get(G_OBJECT(guser), "homedir", &homedir, nullptr);
- if (homedir == nullptr) {
- LOG(WARNING) << "No homedir for uid: " << uid;
- continue;
- }
- list.emplace_back(uid, gid, bf::path(homedir));
- }
- g_strfreev(user_type_strv);
- gum_user_service_list_free(gum_user_list);
- return list;
-}
-
bool CreateSymlinkFiles(const bf::path& src_dir, const bf::path& dst_dir) {
- std::vector<char*> rofiles;
- for (auto& entry : kReadOnlyEntries)
- rofiles.push_back(strdup(entry));
-
+ std::vector<std::string> rofiles(kReadOnlyEntries);
for (bf::directory_iterator file(src_dir);
file != bf::directory_iterator();
++file) {
bf::path current(file->path());
bf::path file_name = current.filename();
LOG(DEBUG) << "file_name: " << file_name;
- rofiles.push_back(strdup(file_name.c_str()));
+ rofiles.push_back(file_name.string());
}
}
for (auto& entry : rofiles) {
bf::path src_path = src_dir / entry;
bf::path dst_path = dst_dir / entry;
- free(const_cast<char*>(entry));
if (!bf::exists(src_path)) {
// check if symlink for .mmc/bin,lib,res, then do not skip
if (!bf::is_symlink(symlink_status(src_path))) {
- LOG(ERROR) << "src_path not exist : " << src_path;
+ LOG(INFO) << "src_path not exist : " << src_path;
continue;
}
}
- if (bf::exists(dst_path)) {
+ if (bf::exists(dst_path) || bf::is_symlink(symlink_status(dst_path))) {
LOG(WARNING) << "dst_path exist, skip : " << dst_path;
continue;
}
file != bf::directory_iterator();
++file) {
bf::path current(file->path());
- if (bf::is_symlink(symlink_status(current))) {
- bf::path resolved_path = bf::read_symlink(current, error);
- if (error) {
- LOG(ERROR) << "Getting resolved path of symlink: " << current;
- LOG(ERROR) << "resolved_path: " << resolved_path;
- LOG(ERROR) << "error: " << error.message();
- return false;
- }
- LOG(DEBUG) << "resolved_path: " << resolved_path;
- bf::path parent = resolved_path.parent_path();
- if (!parent.empty() && (parent == src_dir)) {
- bf::remove(current, error);
- LOG(DEBUG) << "removed: " << current;
- if (error) {
- LOG(ERROR) << "Symlink deletion failure for: " << current;
- LOG(ERROR) << "error: " << error.message();
- return false;
- }
- } else {
- LOG(WARNING) << "Parent is empty or not equal to src, parenet: ("
+ if (!bf::is_symlink(symlink_status(current)))
+ continue;
+ bf::path resolved_path = bf::read_symlink(current, error);
+ if (error) {
+ LOG(ERROR) << "Failed to get resolved path of symlink: " << current
+ << ", error: " << error.message();
+ return false;
+ }
+
+ LOG(DEBUG) << "resolved_path: " << resolved_path;
+ bf::path parent = resolved_path.parent_path();
+ if (parent.empty() || (parent != src_dir)) {
+ LOG(WARNING) << "Parent is empty or not equal to src, parent: ("
<< parent << ")";
- }
+ continue;
}
+ bf::remove(current, error);
+ if (error) {
+ LOG(ERROR) << "Symlink deletion failure for: " << current
+ << ", error: " << error.message();
+ return false;
+ }
+ LOG(DEBUG) << "removed: " << current;
}
bf::path shared_res = dst_dir / kSharedResDir;
if (bf::is_symlink(symlink_status(shared_res))) {
bf::remove(shared_res, error);
if (error) {
- LOG(ERROR) << "Symlink deletion failure for: " << shared_res;
- LOG(ERROR) << "error: " << error.message();
+ LOG(ERROR) << "Symlink deletion failure for: " << shared_res
+ << ", error: " << error.message();
return false;
}
}
return true;
}
+bool CreateStorageDirectories(const boost::filesystem::path& root_path,
+ const std::string& pkgid,
+ bool trusted, bool shareddata,
+ const std::vector<const char*> additional_dirs) {
+ bf::path path(root_path / pkgid);
+ if (!ci::CreateDir(path)) {
+ LOG(ERROR) << "Failed to create dir: " << path;
+ return false;
+ }
+
+ std::vector<const char*> dirs(kEntries);
+ dirs.insert(dirs.end(), additional_dirs.begin(), additional_dirs.end());
+ if (trusted)
+ dirs.push_back(kSharedTrustedDir);
+
+ bs::error_code error;
+ for (auto& entry : dirs) {
+ bf::path subpath = path / entry;
+ if (!ci::CreateDir(subpath)) {
+ LOG(ERROR) << "Failed to create directory: " << subpath;
+ return false;
+ }
+ }
+
+ if (shareddata) {
+ if (!CreateSharedDataDirectories(root_path, pkgid))
+ return false;
+ } else {
+ if (!DeleteSharedDataDirectories(root_path, pkgid))
+ return false;
+ }
+
+ bf::path shared_cache_path = path / kSharedCacheDir;
+ // remove shared/cache (do not support)
+ if (!ci::RemoveAll(shared_cache_path))
+ return false;
+
+ return true;
+}
+
+bool BackupSharedDataDirectories(const bf::path& apps_rw,
+ const std::string& pkgid) {
+ if (!ci::MakeBackup(apps_rw / pkgid / kSharedDataDir))
+ return false;
+ if (!ci::MakeBackup(apps_rw / kSharedDir / pkgid))
+ return false;
+ if (!ci::MakeBackup(apps_rw / kSharedTmpDir / pkgid))
+ return false;
+ return true;
+}
+
+bool RestoreSharedDataDirectories(const bf::path& apps_rw,
+ const std::string& pkgid) {
+ if (!ci::RestoreBackup(apps_rw / pkgid / kSharedDataDir))
+ return false;
+ if (!ci::RestoreBackup(apps_rw / kSharedDir / pkgid))
+ return false;
+ if (!ci::RestoreBackup(apps_rw / kSharedTmpDir / pkgid))
+ return false;
+ return true;
+}
+
+bool RemoveBackupSharedDataDirectories(const bf::path& apps_rw,
+ const std::string& pkgid) {
+ if (!ci::RemoveBackup(apps_rw / pkgid / kSharedDataDir))
+ return false;
+ if (!ci::RemoveBackup(apps_rw / kSharedDir / pkgid))
+ return false;
+ if (!ci::RemoveBackup(apps_rw / kSharedTmpDir / pkgid))
+ return false;
+ return true;
+}
+
+bool CreateExternalUserDirectories(uid_t user, const std::string& pkgid,
+ const std::string& apps_prefix) {
+ boost::optional<gid_t> gid = ci::GetGidByUid(user);
+ if (!gid)
+ return false;
+
+ std::string group_name = ci::GetGroupNameByGid(*gid);
+ if (group_name != tzplatform_getenv(TZ_SYS_USER_GROUP)) {
+ LOG(ERROR) << "Failed to get group name of gid: " << *gid;
+ return false;
+ }
+
+ LOG(DEBUG) << "Creating directories for uid: " << user << ", gid: "
+ << *gid;
+
+ bf::path apps_rw = GetDirectoryPathForStorage(user, apps_prefix);
+ if (apps_rw.empty()) {
+ LOG(DEBUG) << "Directory not exists: " << apps_rw;
+ return false;
+ }
+
+ if (!CreateStorageDirectories(apps_rw, pkgid, true, false,
+ std::vector<const char*>()))
+ return false;
+
+ if (!::SetPackageDirectoryOwnerAndPermissions(apps_rw / pkgid, user))
+ return false;
+
+ return true;
+}
+
} // namespace
namespace common_installer {
const std::string& pkgid) {
bf::path storage_path = GetExternalCardPath();
- const bool set_permissions = false;
if (!bf::exists(storage_path)) {
LOG(WARNING) << "External storage (SD Card) is not mounted.";
return false;
}
}
- if (CreateUserDirectories(user, pkgid,
- storage_apps_path.c_str(), set_permissions)) {
+ if (CreateExternalUserDirectories(user, pkgid, storage_apps_path.string()))
+ return false;
+
+ for (auto& lw_user : GetLightUserList(user)) {
+ bf::path storage_apps_lw_path = storage_apps_path
+ / kSubssesionDir / lw_user / "apps";
+ if (!bf::exists(storage_apps_lw_path)) {
+ bs::error_code error;
+ bf::create_directories(storage_apps_lw_path, error);
+ if (error) {
+ LOG(ERROR) << "Failed to create directory: "
+ << storage_apps_lw_path.c_str();
+ return false;
+ }
+ }
+
+ if (CreateExternalUserDirectories(user, pkgid,
+ storage_apps_lw_path.string()))
+ return false;
}
+
return true;
}
const std::string& pkgid) {
bf::path storage_path = GetExternalCardPath();
if (!bf::exists(storage_path)) {
- LOG(WARNING) << "External storage (SD Card) is not mounted.";
- return false;
+ LOG(WARNING) << "External storage (SD Card) is not mounted. "
+ << "It will be ignored";
+ return true;
}
bf::path storage_apps_path = bf::path(storage_path) / "apps";
- return DeleteDirectories(
- GetDirectoryPathForStorage(user, storage_apps_path.string()), pkgid);
+ if (!DeleteDirectories(
+ GetDirectoryPathForStorage(user, storage_apps_path.string()), pkgid))
+ return false;
+
+ for (auto& lw_user : GetLightUserList(user)) {
+ bf::path storage_apps_lw_path =
+ storage_apps_path / kSubssesionDir / lw_user / "apps";
+ if (!DeleteDirectories(
+ GetDirectoryPathForStorage(user, storage_apps_lw_path.string()),
+ pkgid))
+ return false;
+ }
+
+ return true;
}
bool PerformExternalDirectoryCreationForAllUsers(const std::string& pkgid) {
- user_list list = GetUserList();
+ UserList list = ci::GetUserList();
for (auto l : list) {
if (!PerformExternalDirectoryCreationForUser(std::get<0>(l),
pkgid))
return true;
}
-int PrivilegeCallback(const pkgmgrinfo_pkginfo_h handle, void* user_data) {
- uid_t uid = static_cast<uid_t>(reinterpret_cast<uintptr_t>(user_data));
- char* pkgid = nullptr;
-
- int ret = pkgmgrinfo_pkginfo_get_pkgid(handle, &pkgid);
- if (ret != PMINFO_R_OK)
- return -1;
- if (!PerformExternalDirectoryCreationForUser(uid, pkgid))
- return -1;
-
- return 0;
-}
-
bool PerformExternalDirectoryCreationForAllPkgs() {
- user_list list = GetUserList();
+ UserList list = ci::GetUserList();
for (auto l : list) {
uid_t uid = std::get<0>(l);
pkgmgrinfo_pkginfo_filter_h filter_handle = nullptr;
}
ret = pkgmgrinfo_pkginfo_filter_foreach_pkginfo(filter_handle,
- PrivilegeCallback,
+ [](const pkgmgrinfo_pkginfo_h handle, void* user_data) -> int {
+ uid_t u =
+ static_cast<uid_t>(reinterpret_cast<uintptr_t>(user_data));
+ char* pkgid = nullptr;
+
+ int r = pkgmgrinfo_pkginfo_get_pkgid(handle, &pkgid);
+ if (r != PMINFO_R_OK)
+ return -1;
+ if (!PerformExternalDirectoryCreationForUser(u, pkgid))
+ return -1;
+
+ return 0;
+ },
reinterpret_cast<void*>(static_cast<uintptr_t>(uid)));
if (ret != PMINFO_R_OK) {
LOG(DEBUG) << "Failed to create external directoy";
}
bool PerformExternalDirectoryDeletionForAllUsers(const std::string& pkgid) {
- user_list list = GetUserList();
+ UserList list = ci::GetUserList();
for (auto l : list) {
uid_t uid = std::get<0>(l);
+ ci::PkgQueryInterface pkg_query(pkgid, uid);
LOG(DEBUG) << "Deleting directories for user: " << uid;
- if (QueryIsPackageInstalled(pkgid, uid)) {
+ if (pkg_query.IsPackageInstalled()) {
LOG(DEBUG) << "Package: " << pkgid << " for uid: " << uid
<< " still exists. Skipping";
continue;
return true;
}
-bool CreateSkelDirectories(const std::string& pkgid,
- const std::string& api_version,
- bool trusted, bool is_preload) {
- bf::path path = bf::path(kSkelAppDir) / pkgid;
- LOG(DEBUG) << "Creating directories in: " << path;
-
- utils::VersionNumber api_ver(api_version);
-
- bs::error_code error;
- bf::create_directories(path, error);
- if (error) {
- LOG(ERROR) << "Failed to create directory: " << path;
+bool CreatePerUserStorageDirectories(const std::string& pkgid, bool trusted,
+ bool shareddata, bool is_readonly,
+ const std::vector<const char*> additional_dirs) {
+ // create skel dir
+ bf::path skel_apps_rw = bf::path(tzplatform_getenv(TZ_SYS_ETC)) /
+ bf::path(kSkelAppDir);
+ if (!::CreateStorageDirectories(skel_apps_rw, pkgid, trusted, shareddata,
+ additional_dirs)) {
+ LOG(ERROR) << "Failed to create skeleton storage directories";
return false;
}
- std::vector<const char*> dirs(kEntries);
- if (trusted)
- dirs.push_back(kSharedTrustedDir);
- if (api_ver < ver30) {
- dirs.push_back(kSharedDataDir);
- }
- for (auto& entry : dirs) {
- bf::path subpath = path / entry;
- bf::create_directories(subpath, error);
- if (error && !bf::exists(subpath)) {
- LOG(ERROR) << "Failed to create directory: " << subpath;
- return false;
- }
- }
-
std::string error_message;
- if (!RegisterSecurityContextForPath(pkgid, path, kGlobalUserUid,
- &error_message)) {
- LOG(ERROR) << "Failed to register security context for path: " << path
- << ", error_message: " << error_message;
+ if (!RegisterSecurityContextForPath(pkgid, skel_apps_rw / pkgid,
+ kGlobalUserUid, is_readonly, &error_message)) {
+ LOG(ERROR) << "Failed to register security context for path: "
+ << skel_apps_rw / pkgid << ", error_message: " << error_message;
return false;
}
- bool result = true;
- if (!is_preload) {
+ if (!is_readonly) {
bf::path src_dir = bf::path(tzplatform_getenv(TZ_SYS_RW_APP)) / pkgid;
- result = CreateSymlinkFiles(src_dir, path);
+ if (!CreateSymlinkFiles(src_dir, skel_apps_rw / pkgid))
+ return false;
}
- return result;
-}
+ // create per user dir
+ UserList list = ci::GetUserList();
+ for (auto l : list) {
+ uid_t uid = std::get<0>(l);
+ bf::path owner_apps_rw = std::get<2>(l) / "apps_rw";
+ std::vector<bf::path> apps_rw_paths;
+ apps_rw_paths.push_back(std::move(owner_apps_rw));
+
+ for (auto& lw_user : GetLightUserList(uid))
+ apps_rw_paths.push_back(std::get<2>(l)
+ / kSubssesionDir / lw_user / "apps_rw");
+
+ LOG(DEBUG) << "Creating directories for user: " << uid;
+ for (auto& apps_rw : apps_rw_paths) {
+ if (!::CreateStorageDirectories(apps_rw, pkgid, trusted, shareddata,
+ additional_dirs)) {
+ LOG(ERROR) << "Failed to create storage directory for user: " << uid;
+ return false;
+ }
+
+ if (!::SetPackageDirectoryOwnerAndPermissions(apps_rw / pkgid, uid))
+ return false;
+ if (shareddata) {
+ std::vector<std::string> shared_dirs(kSharedDataEntries);
+ for (auto entry : shared_dirs) {
+ bf::path shared_dst = apps_rw / entry / pkgid;
+ if (!::SetPackageDirectoryOwnerAndPermissions(shared_dst, uid))
+ return false;
+ }
+ }
+
+ if (!RegisterSecurityContextForPath(pkgid, apps_rw / pkgid, uid, false,
+ &error_message)) {
+ LOG(ERROR) << "Failed to register security context for path: "
+ << apps_rw / pkgid << ", error_message: " << error_message;
+ return false;
+ }
+ }
+ }
-bool DeleteSkelDirectories(const std::string& pkgid) {
- return DeleteDirectories(bf::path(kSkelAppDir), pkgid);
+ return true;
}
+bool DeletePerUserStorageDirectories(const std::string& pkgid,
+ bool keep_rwdata) {
+ // delete skel dir
+ bf::path skel_apps_rw = bf::path(tzplatform_getenv(TZ_SYS_ETC)) /
+ bf::path(kSkelAppDir);
+ if (!ci::RemoveAll(skel_apps_rw / pkgid)) {
+ LOG(ERROR) << "Failed to delete skeleton storage directories";
+ return false;
+ }
-bool DeleteUserDirectories(const std::string& pkgid) {
- user_list list = GetUserList();
+ if (keep_rwdata)
+ return true;
+
+ // delete per user dir
+ UserList list = ci::GetUserList();
for (auto l : list) {
- if (ci::QueryIsPackageInstalled(pkgid, std::get<0>(l))) {
- LOG(INFO) << pkgid << " is installed for user " << std::get<0>(l);
- continue;
+ uid_t uid = std::get<0>(l);
+ bf::path owner_apps_rw = std::get<2>(l) / "apps_rw";
+ std::vector<bf::path> apps_rw_paths;
+ apps_rw_paths.push_back(std::move(owner_apps_rw));
+
+ for (auto& lw_user : GetLightUserList(uid))
+ apps_rw_paths.push_back(std::get<2>(l) / kSubssesionDir / lw_user /
+ "apps_rw");
+
+ LOG(DEBUG) << "Deleting directories for user: " << uid;
+ for (auto& apps_rw : apps_rw_paths) {
+ if (!ci::RemoveAll(apps_rw / pkgid)) {
+ LOG(ERROR) << "Failed to delete storage directory for user: " << uid;
+ return false;
+ }
}
+ }
- LOG(DEBUG) << "Deleting directories of " << pkgid
- << ", for uid: " << std::get<0>(l);
- bf::path apps_rw(std::get<2>(l) / "apps_rw");
- if (!DeleteDirectories(apps_rw, pkgid)) {
- return false;
+ if (!ci::DeletePerUserSharedDataDir(pkgid)) {
+ LOG(ERROR) << "Failed to delete per user shared data dir";
+ return false;
+ }
+
+ return true;
+}
+
+bool CreateStorageDirectories(const boost::filesystem::path& path,
+ const std::string& pkgid, uid_t uid,
+ bool trusted, bool shareddata) {
+ if (!::CreateStorageDirectories(path, pkgid, trusted,
+ shareddata, std::vector<const char*>())) {
+ LOG(ERROR) << "Failed to create storage directory for path: " << path;
+ return false;
+ }
+
+ if (!::SetPackageDirectoryOwnerAndPermissions(path / pkgid, uid))
+ return false;
+
+ if (shareddata) {
+ std::vector<std::string> shared_dirs(kSharedDataEntries);
+ for (auto entry : shared_dirs) {
+ bf::path shared_dst = path / entry / pkgid;
+ if (!::SetPackageDirectoryOwnerAndPermissions(shared_dst, uid))
+ return false;
}
}
+
+ std::string error_message;
+ if (!RegisterSecurityContextForPath(pkgid, path / pkgid, uid, false,
+ &error_message)) {
+ LOG(ERROR) << "Failed to register security context for path: " << path
+ << ", error_message: " << error_message;
+ return false;
+ }
+
return true;
}
+void RemoveRWDirectories(const boost::filesystem::path& root) {
+ if (!RemoveAll(root / kCache))
+ LOG(ERROR) << "Failed to remove packaged cache directory";
+ if (!RemoveAll(root / kData))
+ LOG(ERROR) << "Failed to remove packaged data directory";
+ if (!RemoveAll(root / kSharedCacheDir))
+ LOG(ERROR) << "Failed to remove packaged shared/cache directory";
+ if (!RemoveAll(root / kSharedDataDir))
+ LOG(ERROR) << "Failed to remove packaged shared/data directory";
+ if (!RemoveAll(root / kSharedTrustedDir))
+ LOG(ERROR) << "Failed to remove packaged shared/trusted directory";
+}
+
+bool DeleteSharedDirectories(const bf::path& path,
+ const std::string& pkgid) {
+ return DeleteSharedDataDirectories(path, pkgid);
+}
+
bool DeleteUserExternalDirectories(const std::string& pkgid) {
- user_list list = GetUserList();
+ UserList list = ci::GetUserList();
for (auto l : list) {
- if (ci::QueryIsPackageInstalled(pkgid, std::get<0>(l))) {
- LOG(INFO) << pkgid << " is installed for user " << std::get<0>(l);
+ uid_t uid = std::get<0>(l);
+ ci::PkgQueryInterface pkg_query(pkgid, uid);
+ if (pkg_query.IsPackageInstalled()) {
+ LOG(INFO) << pkgid << " is installed for user " << uid;
continue;
}
LOG(DEBUG) << "Deleting external directories of " << pkgid
- << ", for uid: " << std::get<0>(l);
+ << ", for uid: " << uid;
bf::path apps_rw(std::get<2>(l) / "apps_rw");
if (!DeleteDirectories(apps_rw, pkgid)) {
return false;
}
- }
- return true;
-}
-
-bool CopyUserDirectories(const std::string& pkgid) {
- user_list list = GetUserList();
- for (auto l : list) {
- uid_t uid = std::get<0>(l);
- LOG(DEBUG) << "Copying directories for uid: " << uid;
- bf::path apps_rw(std::get<2>(l) / "apps_rw");
- bf::path src = bf::path(kSkelAppDir) / pkgid;
- bf::path dst = apps_rw / pkgid;
- if (!ci::CopyDir(src, dst, FSFlag::FS_NONE, true))
- continue;
- gid_t gid = std::get<1>(l);
- if (!SetPackageDirectoryOwnerAndPermissions(dst, uid, gid))
- return false;
- for (bf::recursive_directory_iterator iter(dst);
- iter != bf::recursive_directory_iterator(); ++iter) {
- if (!SetPackageDirectoryOwnerAndPermissions(iter->path(),
- uid, gid))
+ for (auto& lw_user : GetLightUserList(uid)) {
+ bf::path apps_rw_lw(std::get<2>(l) / kSubssesionDir / lw_user / "apps_rw");
+ if (!DeleteDirectories(apps_rw_lw, pkgid))
return false;
}
- std::string error_message;
- if (!RegisterSecurityContextForPath(pkgid, dst, std::get<0>(l),
- &error_message)) {
- LOG(ERROR) << "Failed to register security context for path: " << dst
- << ", error_message: " << error_message;
- return false;
- }
}
+
return true;
}
return false;
}
- bool result = true;
- user_list list = GetUserList();
+ UserList list = ci::GetUserList();
for (auto l : list) {
uid_t uid = std::get<0>(l);
LOG(DEBUG) << "Creating symlinks for uid: " << uid;
// check installed user private app.
- if (QueryIsPackageInstalled(pkgid, uid))
- continue;
- bf::path apps_rw(std::get<2>(l) / "apps_rw");
- bf::path dst_dir = apps_rw / pkgid;
- if (!bf::exists(dst_dir)) {
- LOG(WARNING) << "dst_dir not exists";
+ ci::PkgQueryInterface pkg_query(pkgid, uid);
+ if (pkg_query.IsPackageInstalled())
continue;
+
+ bf::path owner_apps_rw = std::get<2>(l) / "apps_rw";
+ std::vector<bf::path> apps_rw_paths;
+ apps_rw_paths.push_back(std::move(owner_apps_rw));
+
+ for (auto& lw_user : GetLightUserList(uid))
+ apps_rw_paths.push_back(std::get<2>(l) / kSubssesionDir / lw_user /
+ "apps_rw");
+
+ for (auto& apps_rw : apps_rw_paths) {
+ bf::path dst_dir = apps_rw / pkgid;
+ if (!bf::exists(dst_dir)) {
+ LOG(WARNING) << "dst_dir not exists";
+ continue;
+ }
+
+ if (!CreateSymlinkFiles(src_dir, dst_dir))
+ return false;
}
- result = CreateSymlinkFiles(src_dir, dst_dir);
}
- return result;
+
+ return true;
}
bool CreateGlobalAppSymlinksForUser(const std::string& pkgid, uid_t uid) {
bf::path src_dir = bf::path(tzplatform_getenv(TZ_SYS_RW_APP)) / pkgid;
if (!bf::exists(src_dir)) {
- LOG(ERROR) << "src_dir not exists";
- return false;
+ LOG(WARNING) << "src_dir(" << src_dir << ") not exists";
+ return true;
}
tzplatform_set_user(uid);
bool DeleteGlobalAppSymlinksForAllUsers(const std::string& pkgid) {
bf::path src_dir = bf::path(tzplatform_getenv(TZ_SYS_RW_APP)) / pkgid;
if (!bf::exists(src_dir)) {
- LOG(ERROR) << "src_dir not exists";
- return false;
+ LOG(WARNING) << "src_dir(" << src_dir << ") not exists";
+ return true;
}
- bool result = true;
- user_list list = GetUserList();
+ UserList list = ci::GetUserList();
for (auto l : list) {
uid_t uid = std::get<0>(l);
LOG(DEBUG) << "Deleting symlinks for uid: " << uid;
+
// check installed user private app.
- if (QueryIsPackageInstalled(pkgid, uid))
- continue;
- bf::path apps_rw(std::get<2>(l) / "apps_rw");
- bf::path dst_dir = apps_rw / pkgid;
- if (!bf::exists(dst_dir)) {
- LOG(WARNING) << "dst_dir not exists";
+ ci::PkgQueryInterface pkg_query(pkgid, uid);
+ if (pkg_query.IsPackageInstalled())
continue;
+
+ bf::path owner_apps_rw = std::get<2>(l) / "apps_rw";
+ std::vector<bf::path> apps_rw_paths;
+ apps_rw_paths.push_back(std::move(owner_apps_rw));
+ for (auto& lw_user : GetLightUserList(uid))
+ apps_rw_paths.push_back(std::get<2>(l) / kSubssesionDir / lw_user /
+ "apps_rw");
+
+ for (auto& apps_rw : apps_rw_paths) {
+ bf::path dst_dir = apps_rw / pkgid;
+ if (!bf::exists(dst_dir)) {
+ LOG(WARNING) << "dst_dir not exists";
+ continue;
+ }
+
+ if (!DeleteSymlinkFiles(src_dir, dst_dir))
+ return false;
}
- result = DeleteSymlinkFiles(src_dir, dst_dir);
}
- return result;
+
+ return true;
}
bool DeleteGlobalAppSymlinksForUser(const std::string& pkgid, uid_t uid) {
return result;
}
+bool SetPackageDirectoryOwnerAndPermissions(const bf::path& path, uid_t uid) {
+ return ::SetPackageDirectoryOwnerAndPermissions(path, uid);
+}
+
+bool ShouldSupportLegacySharedDataDir(const std::string& api_version) {
+ if (bf::exists(kDisableLegacySharedDataDirSupport))
+ return false;
+ utils::VersionNumber api_ver(api_version);
+ if (api_ver < ver30)
+ return true;
+ else
+ return false;
+}
+
+bool CreateSharedDataDir(const std::string& pkgid, uid_t uid) {
+ bf::path apps_rw = ci::GetRootAppPath(false, uid);
+ if (!CreateSharedDataDirectories(apps_rw, pkgid))
+ return false;
+
+ bf::path path = apps_rw / pkgid;
+ std::string error_message;
+ if (!ci::RegisterSecurityContextForPath(pkgid, path, uid, false,
+ &error_message)) {
+ LOG(ERROR) << "Failed to register security context for path: " << path
+ << ", error_message: " << error_message;
+ return false;
+ }
+
+ return true;
+}
+
+bool CreatePerUserSharedDataDir(const std::string& pkgid) {
+ // create skel dir
+ bf::path skel_apps_rw = bf::path(tzplatform_getenv(TZ_SYS_ETC)) /
+ bf::path(kSkelAppDir);
+ LOG(DEBUG) << "Creating directory : " << skel_apps_rw;
+ if (!CreateSharedDataDirectories(skel_apps_rw, pkgid))
+ return false;
+
+ std::string error_message;
+ if (!ci::RegisterSecurityContextForPath(pkgid, skel_apps_rw / pkgid,
+ kGlobalUserUid, false, &error_message)) {
+ LOG(ERROR) << "Failed to register security context for path: "
+ << skel_apps_rw / pkgid << ", error_message: " << error_message;
+ return false;
+ }
+
+ // create per user dir
+ ci::UserList list = ci::GetUserList();
+ for (auto l : list) {
+ uid_t uid = std::get<0>(l);
+ LOG(DEBUG) << "Adding shareddata directory for uid: " << uid;
+
+ bf::path owner_apps_rw = ci::GetRootAppPath(false, uid);
+ std::vector<bf::path> apps_rw_paths;
+ apps_rw_paths.push_back(std::move(owner_apps_rw));
+ for (auto& lw_user : GetLightUserList(uid))
+ apps_rw_paths.push_back(std::get<2>(l) / kSubssesionDir / lw_user /
+ "apps_rw");
+
+ for (auto& apps_rw : apps_rw_paths) {
+ if (!CreateSharedDataDirectories(apps_rw, pkgid))
+ return false;
+
+ std::vector<std::string> shared_dirs(kSharedDataEntries);
+ for (auto entry : shared_dirs) {
+ bf::path shared_dst = apps_rw / entry / pkgid;
+ if (!::SetPackageDirectoryOwnerAndPermissions(shared_dst, uid))
+ return false;
+ }
+
+ if (!ci::RegisterSecurityContextForPath(pkgid, apps_rw / pkgid, uid,
+ false, &error_message)) {
+ LOG(ERROR) << "Failed to register security context for path: "
+ << apps_rw / pkgid << ", error_message: " << error_message;
+ return false;
+ }
+ }
+ }
+
+ return true;
+}
+
+bool DeleteSharedDataDir(const std::string& pkgid, uid_t uid) {
+ bf::path apps_rw = ci::GetRootAppPath(false, uid);
+ return DeleteSharedDataDirectories(apps_rw, pkgid);
+}
+
+bool DeletePerUserSharedDataDir(const std::string& pkgid) {
+ bf::path skel_apps_rw = bf::path(tzplatform_getenv(TZ_SYS_ETC)) /
+ bf::path(kSkelAppDir);
+ if (!DeleteSharedDataDirectories(skel_apps_rw, pkgid))
+ return false;
+
+ ci::UserList list = ci::GetUserList();
+ for (auto l : list) {
+ uid_t uid = std::get<0>(l);
+
+ bf::path owner_apps_rw = ci::GetRootAppPath(false, uid);
+ std::vector<bf::path> apps_rw_paths;
+ apps_rw_paths.push_back(std::move(owner_apps_rw));
+ for (auto& lw_user : GetLightUserList(uid))
+ apps_rw_paths.push_back(std::get<2>(l) / kSubssesionDir / lw_user /
+ "apps_rw");
+
+ for (auto& apps_rw : apps_rw_paths) {
+ if (!DeleteSharedDataDirectories(apps_rw, pkgid))
+ return false;
+ }
+ }
+ return true;
+}
+
+bool BackupSharedDataDir(const std::string& pkgid, uid_t uid) {
+ bf::path apps_rw = ci::GetRootAppPath(false, uid);
+ return BackupSharedDataDirectories(apps_rw, pkgid);
+}
+
+bool BackupPerUserSharedDataDir(const std::string& pkgid) {
+ bf::path skel_apps_rw = bf::path(tzplatform_getenv(TZ_SYS_ETC)) /
+ bf::path(kSkelAppDir);
+ if (!BackupSharedDataDirectories(skel_apps_rw, pkgid))
+ return false;
+
+ ci::UserList list = ci::GetUserList();
+ for (auto l : list) {
+ uid_t uid = std::get<0>(l);
+ bf::path owner_apps_rw = ci::GetRootAppPath(false, uid);
+ std::vector<bf::path> apps_rw_paths;
+ apps_rw_paths.push_back(std::move(owner_apps_rw));
+ for (auto& lw_user : GetLightUserList(uid))
+ apps_rw_paths.push_back(std::get<2>(l) / kSubssesionDir / lw_user /
+ "apps_rw");
+
+ for (auto& apps_rw : apps_rw_paths) {
+ if (!BackupSharedDataDirectories(apps_rw, pkgid))
+ return false;
+ }
+ }
+
+ return true;
+}
+
+bool RestoreSharedDataDir(const std::string& pkgid, uid_t uid) {
+ bf::path apps_rw = ci::GetRootAppPath(false, uid);
+ if (!RestoreSharedDataDirectories(apps_rw, pkgid))
+ return false;
+
+ if (!::SetPackageDirectoryOwnerAndPermissions(apps_rw / pkgid, uid))
+ return false;
+
+ std::vector<std::string> shared_dirs(kSharedDataEntries);
+ for (auto entry : shared_dirs) {
+ bf::path shared_dst = apps_rw / entry / pkgid;
+ if (!::SetPackageDirectoryOwnerAndPermissions(shared_dst, uid))
+ return false;
+ }
+
+ std::string error_message;
+ if (!RegisterSecurityContextForPath(pkgid, apps_rw / pkgid, uid, false,
+ &error_message)) {
+ LOG(ERROR) << "Failed to register security context for path: " << apps_rw
+ << ", error_message: " << error_message;
+ return false;
+ }
+
+ return true;
+}
+
+bool RestorePerUserSharedDataDir(const std::string& pkgid) {
+ bf::path skel_apps_rw = bf::path(tzplatform_getenv(TZ_SYS_ETC)) /
+ bf::path(kSkelAppDir);
+ if (!RestoreSharedDataDirectories(skel_apps_rw, pkgid))
+ return false;
+
+ std::string error_message;
+ ci::UserList list = ci::GetUserList();
+ for (auto l : list) {
+ uid_t uid = std::get<0>(l);
+ bf::path owner_apps_rw = ci::GetRootAppPath(false, uid);
+ std::vector<bf::path> apps_rw_paths;
+ apps_rw_paths.push_back(std::move(owner_apps_rw));
+ for (auto& lw_user : GetLightUserList(uid))
+ apps_rw_paths.push_back(std::get<2>(l) / kSubssesionDir / lw_user /
+ "apps_rw");
+
+ for (auto& apps_rw : apps_rw_paths) {
+ if (!RestoreSharedDataDirectories(apps_rw, pkgid))
+ return false;
+
+ if (!::SetPackageDirectoryOwnerAndPermissions(apps_rw / pkgid, uid))
+ return false;
+
+ std::vector<std::string> shared_dirs(kSharedDataEntries);
+ for (auto entry : shared_dirs) {
+ bf::path shared_dst = apps_rw / entry / pkgid;
+ if (!::SetPackageDirectoryOwnerAndPermissions(shared_dst, uid))
+ return false;
+ }
+
+ if (!RegisterSecurityContextForPath(pkgid, apps_rw / pkgid, uid,
+ false, &error_message)) {
+ LOG(ERROR) << "Failed to register security context for path: "
+ << apps_rw / pkgid << ", error_message: " << error_message;
+ return false;
+ }
+ }
+ }
+
+ return true;
+}
+
+bool RemoveBackupSharedDataDir(const std::string& pkgid, uid_t uid) {
+ bf::path apps_rw = ci::GetRootAppPath(false, uid);
+ return RemoveBackupSharedDataDirectories(apps_rw, pkgid);
+}
+
+bool RemoveBackupPerUserSharedDataDir(const std::string& pkgid) {
+ bf::path skel_apps_rw = bf::path(tzplatform_getenv(TZ_SYS_ETC)) /
+ bf::path(kSkelAppDir);
+ if (!RemoveBackupSharedDataDirectories(skel_apps_rw, pkgid))
+ return false;
+
+ ci::UserList list = ci::GetUserList();
+ for (auto l : list) {
+ uid_t uid = std::get<0>(l);
+ bf::path owner_apps_rw = ci::GetRootAppPath(false, uid);
+ std::vector<bf::path> apps_rw_paths;
+ apps_rw_paths.push_back(std::move(owner_apps_rw));
+ for (auto& lw_user : GetLightUserList(uid))
+ apps_rw_paths.push_back(std::get<2>(l) / kSubssesionDir / lw_user /
+ "apps_rw");
+
+ for (auto& apps_rw : apps_rw_paths) {
+ if (!RemoveBackupSharedDataDirectories(apps_rw, pkgid))
+ return false;
+ }
+ }
+
+ return true;
+}
+
} // namespace common_installer