Setting smack labels to User with vconftool option

[platform/core/appfw/ail.git] / tool / src / initdb.c

diff --git a/tool/src/initdb.c b/tool/src/initdb.c
index 2743b34..75d5788 100755 (executable)
--- a/tool/src/initdb.c
+++ b/tool/src/initdb.c
@@ -28,9 +28,11 @@
 #include <unistd.h>
 #include <sys/stat.h>
 #include <errno.h>
+#include <sys/smack.h>
 
 #include "ail.h"
 #include "ail_private.h"
+#include "ail_db.h"
 
 
 #ifdef _E
@@ -43,6 +45,10 @@
 #endif
 #define _D(fmt, arg...) fprintf(stderr, "[AIL_INITDB][D][%s,%d] "fmt"\n", __FUNCTION__, __LINE__, ##arg);
 
+#define SET_DEFAULT_LABEL(x) \
+       if(smack_setlabel((x), "*", SMACK_LABEL_ACCESS)) _E("failed chsmack -a \"*\" %s", x) \
+       else _D("chsmack -a \"*\" %s", x)
+
 static int initdb_count_app(void)
 {
        ail_filter_h filter;
@@ -166,7 +172,7 @@ static int initdb_change_perm(const char *db_file)
        snprintf(journal_file, sizeof(journal_file), "%s%s", db_file, "-journal");
 
        for (i = 0; files[i]; i++) {
-               ret = chown(files[i], OWNER_ROOT, OWNER_ROOT);
+               ret = chown(files[i], GLOBAL_USER, OWNER_ROOT);
                if (ret == -1) {
                        strerror_r(errno, buf, sizeof(buf));
                        _E("FAIL : chown %s %d.%d, because %s", db_file, OWNER_ROOT, OWNER_ROOT, buf);
@@ -190,7 +196,9 @@ static int __is_authorized()
        /* ail_init db should be called by as root privilege. */
 
        uid_t uid = getuid();
-       if ((uid_t) 0 == uid)
+       uid_t euid = geteuid();
+       //euid need to be root to allow smack label changes during initialization
+       if ((uid_t) OWNER_ROOT == uid)
                return 1;
        else
                return 0;
@@ -236,42 +244,35 @@ int main(int argc, char *argv[])
        if (!__is_authorized()) {
                fprintf(stderr, "You are not an authorized user!\n");
                _D("You are not root user!\n");
-    }
-    else {
-       const char *argv_rm[] = { "/bin/rm", APP_INFO_DB_FILE, NULL };
-       xsystem(argv_rm);
-       const char *argv_rmjn[] = { "/bin/rm", APP_INFO_DB_FILE_JOURNAL, NULL };
-       xsystem(argv_rmjn);
-    }
-
+               return -1;
+       }
+       else {
+               if(remove(APP_INFO_DB_FILE))
+                       _E(" %s is not removed",APP_INFO_DB_FILE);
+               if(remove(APP_INFO_DB_FILE_JOURNAL))
+                       _E(" %s is not removed",APP_INFO_DB_FILE_JOURNAL);
+       }
        ret = setenv("AIL_INITDB", "1", 1);
        _D("AIL_INITDB : %d", ret);
+       setresuid(GLOBAL_USER, GLOBAL_USER, OWNER_ROOT);
 
-       ret = initdb_count_app();
-       if (ret > 0) {
-               _D("Some Apps in the App Info DB.");
-       }
-
-       ret = initdb_load_directory(OPT_DESKTOP_DIRECTORY);
-       if (ret == AIL_ERROR_FAIL) {
-               _E("cannot load opt desktop directory.");
+       if (db_open(DB_OPEN_RW, GLOBAL_USER) != AIL_ERROR_OK) {
+               _E("Fail to create system databases");
+               return AIL_ERROR_DB_FAILED;
        }
-
        ret = initdb_load_directory(USR_DESKTOP_DIRECTORY);
        if (ret == AIL_ERROR_FAIL) {
                _E("cannot load usr desktop directory.");
        }
 
-       if (__is_authorized()) {
-               ret = initdb_change_perm(APP_INFO_DB_FILE);
-               if (ret == AIL_ERROR_FAIL) {
-                       _E("cannot chown.");
-               }
-               const char *argv_smack[] = { "/usr/bin/chsmack", "-a", APP_INFO_DB_LABEL, APP_INFO_DB_FILE, NULL };
-               xsystem(argv_smack);
-               const char *argv_smackjn[] = { "/usr/bin/chsmack", "-a", APP_INFO_DB_LABEL, APP_INFO_DB_FILE_JOURNAL, NULL };
-               xsystem(argv_smackjn);
+       setuid(OWNER_ROOT);
+       ret = initdb_change_perm(APP_INFO_DB_FILE);
+       if (ret == AIL_ERROR_FAIL) {
+               _E("cannot chown.");
        }
+       SET_DEFAULT_LABEL(APP_INFO_DB_FILE);
+       SET_DEFAULT_LABEL(APP_INFO_DB_FILE_JOURNAL);
+
        return AIL_ERROR_OK;
 }