--- /dev/null
+// Copyright (c) 2018 Samsung Electronics Co., Ltd All Rights Reserved
+// Use of this source code is governed by an apache 2.0 license that can be
+// found in the LICENSE file.
+
+#include "common/step/security/step_get_privilege_level.h"
+
+#include "common/certificate_validation.h"
+
+namespace common_installer {
+namespace security {
+
+Step::Status StepGetPrivilegeLevel::process() {
+ PrivilegeLevel level = PrivilegeLevel::UNTRUSTED;
+
+ if (!GetSignatureFromFile(context_->pkgid.get(),
+ context_->is_readonly_package.get(), &level,
+ &context_->certificate_info.get()))
+ LOG(INFO) << "Failed to get privilege level from file";
+
+ if (context_->is_readonly_package.get())
+ level = PrivilegeLevel::PLATFORM;
+
+ if (level == PrivilegeLevel::UNTRUSTED) {
+ std::string error_message =
+ "Failed to get privilege level from file";
+ on_error(Status::CERT_ERROR, error_message);
+ return Status::CERT_ERROR;
+ }
+
+ context_->privilege_level.set(level);
+ return Status::OK;
+}
+
+} // namespace security
+} // namespace common_installer
--- /dev/null
+// Copyright (c) 2018 Samsung Electronics Co., Ltd All Rights Reserved
+// Use of this source code is governed by an apache 2.0 license that can be
+// found in the LICENSE file.
+
+#ifndef COMMON_STEP_SECURITY_STEP_GET_PRIVILEGE_LEVEL_H_
+#define COMMON_STEP_SECURITY_STEP_GET_PRIVILEGE_LEVEL_H_
+
+#include <manifest_parser/utils/logging.h>
+
+#include <string>
+
+#include "common/installer_context.h"
+#include "common/step/step.h"
+
+namespace common_installer {
+namespace security {
+
+/**
+ * \brief Step responsible for getting privilege level of given package.
+ * Used by WGT and TPK backend
+ */
+class StepGetPrivilegeLevel : public Step {
+ public:
+ using Step::Step;
+
+ /**
+ * \brief main logic of getting privilege level
+ *
+ * \return Status::OK if retrieval has succeed, Status:ERROR otherwise
+ */
+ Status process() override;
+
+ Status undo() override { return Status::OK; }
+ Status clean() override { return Status::OK; }
+ Status precheck() override { return Status::OK; }
+
+ STEP_NAME(GetPrivilegeLevel)
+};
+
+} // namespace security
+} // namespace common_installer
+
+#endif // COMMON_STEP_SECURITY_STEP_GET_PRIVILEGE_LEVEL_H_
const char kPkgInstallManifestPath[] = "/usr/bin/pkg-install-manifest";
const char kBackendDirectoryPath[] = "/etc/package-manager/backend/";
+int RecoverDB(const std::string& pkgid,
+ const std::string& type,
+ uid_t uid, bool preload) {
+ bf::path backend_path(kBackendDirectoryPath);
+ backend_path /= type;
+ ci::Subprocess backend(backend_path.string());
+ if (preload) {
+ if (uid != kRootUserUid) {
+ std::cerr << "Preload request for non-root user" << std::endl;
+ return -1;
+ }
+ backend.Run("--recover-db", pkgid.c_str(), "--preload");
+ } else {
+ std::string str_uid = std::to_string(uid);
+ backend.Run("--recover-db", pkgid.c_str(), "-u", str_uid.c_str());
+ }
+ return backend.Wait();
+}
+
int InstallManifestOffline(const std::string& pkgid,
const std::string& type,
uid_t uid, bool preload,
- bool rw_only) {
+ bool rw_only, bool pkgdb_only) {
+ if (pkgdb_only)
+ return RecoverDB(pkgid, type, uid, preload);
+
bf::path backend_path(kBackendDirectoryPath);
backend_path /= type;
ci::Subprocess backend(backend_path.string());
}
void InitdbLoadDirectory(uid_t uid, const bf::path& directory,
- bool preload, bool rw_only) {
+ bool preload, bool rw_only, bool pkgdb_only) {
std::cerr << "Loading manifest files from " << directory << std::endl;
for (bf::directory_iterator iter(directory); iter != bf::directory_iterator();
++iter) {
type = "tpk";
InstallManifestOffline(package_info->package(), type, uid,
- preload, rw_only);
+ preload, rw_only, pkgdb_only);
}
}
bool ro_only = false;
bool rw_only = false;
bool keep_db = false;
+ bool recover_db = false;
try {
options.add_options()
("uid,u", bpo::value<int>()->default_value(kRootUserUid), "user id")
("ro", "readonly packages only")
("rw", "rw packages only")
("keep-db", "keep current database")
- ("help,h", "display this help message");
+ ("help,h", "display this help message")
+ ("recover-db", "register pkg db only");
bpo::store(bpo::parse_command_line(argc, argv, options), opt_map);
if (opt_map.count("help")) {
std::cerr << options << std::endl;
rw_only = true;
if (opt_map.count("keep-db"))
keep_db = true;
+ if (opt_map.count("recover-db"))
+ recover_db = true;
bpo::notify(opt_map);
uid = opt_map["uid"].as<int>();
} catch (...) {
std::cerr << "Conflicting options : 'rw' or 'partial-rw'"
<< " only affect on global user";
return -1;
+ } else if (recover_db && partial_rw) {
+ std::cerr << "Conflicting options : 'recover-db' and 'partial-rw'";
+ return -1;
}
if (!keep_db) {
// RO location
if (!rw_only) {
bf::path ro_dir(tzplatform_getenv(TZ_SYS_RO_PACKAGES));
- InitdbLoadDirectory(uid, ro_dir, true, partial_rw);
+ InitdbLoadDirectory(uid, ro_dir, true, partial_rw, recover_db);
}
if (ro_only)
// RW location
bf::path rw_dir(tzplatform_getenv(TZ_SYS_RW_PACKAGES));
- InitdbLoadDirectory(uid, rw_dir, false, false);
+ InitdbLoadDirectory(uid, rw_dir, false, false, recover_db);
} else {
// Specified user location
tzplatform_set_user(uid);
bf::path dir(tzplatform_getenv(TZ_USER_PACKAGES));
- InitdbLoadDirectory(uid, dir, false, false);
+ InitdbLoadDirectory(uid, dir, false, false, recover_db);
tzplatform_reset_user();
}
projects / platform / core / appfw / app-installers.git / commitdiff