review.tizen.org Git - platform/core/security/security-manager.git/commit

Implement API for managing list of permitted labels for launcher

Four new API functions:
- security_manager_app_labels_monitor_init
- security_manager_app_labels_monitor_finish
- security_manager_app_labels_monitor_get_fd
- security_manager_app_labels_monitor_process

They provide functionality needed for the launcher to run without
CAP_MAC_ADMIN. It will rely on new feature of Smack:
relabel-self list of labels, that a process can change its label
to without special capabilities.
The new APIs will enable the launcher to wait for changes of
apps labels list (when an app is installed or uninstalled) and
to update its relabel-list with a separate, dedicated function.

Change-Id: I1d8a7bce8c081ba27e7c388ee096c7c07005d92d
Signed-off-by: Radoslaw Bartosiak <r.bartosiak@samsung.com>

author	Radoslaw Bartosiak <r.bartosiak@samsung.com>
	Fri, 29 Apr 2016 14:16:22 +0000 (16:16 +0200)
committer	Radoslaw Bartosiak <r.bartosiak@samsung.com>
	Mon, 23 May 2016 14:00:26 +0000 (16:00 +0200)
commit	47647b392d78be429f765ec7f5c85e0968298710
tree	7f8737a6c605b5e560470a463b22cb8609961b4c	tree \| snapshot
parent	a1f04212d1db38d1e32ddcf9c045f5d09ec8ef50	commit \| diff

packaging/security-manager.spec		diff \| blob \| history
src/client/CMakeLists.txt		diff \| blob \| history
src/client/client-label-monitor.cpp	[new file with mode: 0644]	blob
src/common/CMakeLists.txt		diff \| blob \| history
src/common/config.cpp		diff \| blob \| history
src/common/include/config.h		diff \| blob \| history
src/common/include/permissible-set.h	[new file with mode: 0644]	blob
src/common/include/service_impl.h		diff \| blob \| history
src/common/permissible-set.cpp	[new file with mode: 0644]	blob
src/common/service_impl.cpp		diff \| blob \| history
src/include/CMakeLists.txt		diff \| blob \| history
src/include/label-monitor.h	[new file with mode: 0644]	blob
src/include/security-manager-types.h		diff \| blob \| history
src/include/security-manager.h		diff \| blob \| history