It removes several classes such as PAM, Cgroup, Namespace, xml.
Change-Id: I359f00587a0df7e1c6499cd61d522b96c38bbbc9
Signed-off-by: Sungbae Yoo <sungbae.yoo@samsung.com>
+++ /dev/null
-/*
- * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License
- */
-
-#ifndef __RUNTIME_CGROUP_H__
-#define __RUNTIME_CGROUP_H__
-
-#include <string>
-#include <vector>
-
-#include <klay/klay.h>
-
-namespace klay {
-
-class KLAY_EXPORT Cgroup final {
-public:
- Cgroup() = delete;
-
- static bool existSubsystem(const std::string& name);
- static void createSubsystem(const std::string& name);
- static void destroySubsystem(const std::string& name);
-
- static bool exist(const std::string& subsystem, const std::string& path);
- static void create(const std::string& subsystem, const std::string& path);
- static void destroy(const std::string& subsystem, const std::string& path);
-
- static void addProcess(const std::string& subsystem,
- const std::string& path, const pid_t pid);
- static std::vector<pid_t> getProcessList(const std::string& subsystem,
- const std::string& path);
-
- static const std::string getPath(const std::string& subsystem, const pid_t pid);
-};
-
-} // namespace klay
-
-namespace runtime = klay;
-
-#endif //!__RUNTIME_CGROUP_H__
+++ /dev/null
-/*
- * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License
- */
-
-#ifndef __RUNTIME_NAMESPACE_H__
-#define __RUNTIME_NAMESPACE_H__
-
-#include <sched.h>
-
-#include <klay/klay.h>
-
-namespace klay {
-
-class KLAY_EXPORT Namespace final {
-public:
- Namespace() = delete;
-
- static void unshare(int flags);
- static void attach(const pid_t pid);
-};
-
-} // namespace klay
-
-namespace runtime = klay;
-
-#endif //!__RUNTIME_NAMESPACE_H__
+++ /dev/null
-/*
- * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License
- */
-
-#ifndef __RUNTIME_PAM_H__
-#define __RUNTIME_PAM_H__
-
-#include <string>
-#include <vector>
-#include <memory>
-
-#include <syslog.h>
-#include <security/pam_appl.h>
-
-namespace klay {
-
-class PAM final {
-public:
- PAM(PAM&&) = delete;
- PAM(const PAM&) = delete;
- PAM(const std::string& service, const std::string& user);
- ~PAM();
-
- PAM& operator=(const PAM&) = delete;
- PAM& operator=(PAM &&) = delete;
-
- void setData(const std::string &name, void* data, void (*cleanup)(pam_handle_t* pamh, void* data, int error));
- const void* getData(const std::string &name) const;
-
- void setItem(int item, void* data);
- const void* getItem(int item) const;
-
- const std::string getUser(const std::string &prompt = "") const;
-
- void putEnv(const std::string &name_value);
- const std::string getEnv(const std::string &name) const;
- const std::vector<std::string> getEnvList() const;
-
- void syslog(const std::string &log, int priority = LOG_ERR);
-
- int authenticate(int flags);
- int setCredential(int flags);
- int accountManagement(int flags);
- int changeAuthenticationToken(int flags);
- void openSession(int flags);
- void closeSession(int flags);
-
-private:
- pam_handle_t* pamh;
-};
-
-} // namespace klay
-
-namespace runtime = klay;
-
-#endif // __RUNTIME_PAM_H__
+++ /dev/null
-/*
- * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License
- */
-
-#ifndef __XML_DOCUMENT_H__
-#define __XML_DOCUMENT_H__
-
-#include <libxml/tree.h>
-#include <libxml/parser.h>
-
-#include <string>
-
-#include <klay/klay.h>
-#include <klay/xml/node.h>
-
-namespace klay {
-namespace xml {
-
-class KLAY_EXPORT Document {
-public:
- Document(const std::string& root, const std::string& version = XML_DEFAULT_VERSION);
- Document(xmlDoc* doc);
-
- ~Document();
-
- Node& getRootNode();
-
- Node::NodeList evaluate(const std::string& xpath);
- void write(const std::string& filename, const std::string& encoding, bool formatted);
-
-private:
- Node* rootNode;
- xmlDoc* implementation;
-};
-
-} // namespace xml
-} // namespace klay
-
-namespace xml = klay::xml;
-
-#endif //__XML_DOCUMENT_H__
+++ /dev/null
-/*
- * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License
- */
-
-#ifndef __XML_KEEPBLANKS_H__
-#define __XML_KEEPBLANKS_H__
-
-#include <libxml/globals.h>
-
-#include <klay/klay.h>
-
-namespace klay {
-namespace xml {
-
-class KLAY_EXPORT KeepBlanks {
-public:
- KeepBlanks(bool value);
- ~KeepBlanks();
-
- static const bool Default = true;
-
-private:
- int preservedKeepBlanksDefault;
- int preservedIndentTreeOutput;
-};
-
-} // namespace xml
-} // namespace klay
-
-namespace xml = klay::xml;
-
-#endif //__XML_KEEPBLANKS_H__
+++ /dev/null
-/*
- * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License
- */
-
-#ifndef __XML_NODE_H__
-#define __XML_NODE_H__
-
-#include <string>
-#include <vector>
-
-#include <libxml/tree.h>
-#include <libxml/parser.h>
-
-#include <klay/klay.h>
-
-namespace klay {
-namespace xml {
-
-class KLAY_EXPORT Node {
-public:
- typedef std::vector<Node> NodeList;
-
- explicit Node(xmlNode* node);
- Node(Node&&);
- Node(const Node&) = delete;
-
- ~Node();
-
- Node& operator=(const Node&) = delete;
-
- NodeList getChildren() const;
- Node addNewChild(const std::string& name);
-
- std::string getName() const;
- void setName(const std::string& name);
-
- std::string getContent() const;
- void setContent(const std::string& content);
-
- std::string getProp(const std::string& name) const;
- void setProp(const std::string& name, const std::string& val);
-
- bool isBlank() const;
-
-private:
- xmlNode* implementation;
-};
-
-} // namespace xml
-} // namespace klay
-
-namespace xml = klay::xml;
-
-#endif //__XML_NODE_H__
+++ /dev/null
-/*
- * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License
- */
-
-#ifndef __XML_DOMPARSER_H__
-#define __XML_DOMPARSER_H__
-
-#include <libxml/parser.h>
-
-#include <string>
-
-#include <klay/klay.h>
-#include <klay/xml/document.h>
-
-namespace klay {
-namespace xml {
-
-class KLAY_EXPORT Parser {
-public:
- static Document* parseFile(const std::string& filename, bool validate = false);
- static Document* parseString(const std::string& xml, bool validate = false);
-
-private:
- static Document* parseContext(xmlParserCtxt* context, bool validate = false);
-};
-
-} // namespace xml
-} // namespace klay
-
-namespace xml = klay::xml;
-
-#endif //__XML_DOMPARSER_H__
BuildRequires: pkgconfig(glib-2.0)
BuildRequires: pkgconfig(sqlite3)
BuildRequires: pkgconfig(dlog)
-BuildRequires: pkgconfig(libxml-2.0)
BuildRequires: pkgconfig(libsystemd-daemon)
BuildRequires: pkgconfig(libtzplatform-config)
Requires(post): /sbin/ldconfig
%defattr(644,root,root,755)
%attr(755,root,root) %{_bindir}/klay-test
%attr(755,root,root) %{TZ_SYS_DATA}/klay-test/test-proc.sh
-%{TZ_SYS_DATA}/klay-test/sample-policy.xml
SET (KLAY_SOURCES ${KLAY_SRC}/error.cpp
${KLAY_SRC}/exception.cpp
- ${KLAY_SRC}/cgroup.cpp
${KLAY_SRC}/process.cpp
${KLAY_SRC}/eventfd.cpp
${KLAY_SRC}/mainloop.cpp
- ${KLAY_SRC}/namespace.cpp
${KLAY_SRC}/testbench.cpp
${KLAY_SRC}/file-user.cpp
${KLAY_SRC}/filesystem.cpp
${KLAY_SRC}/db/column.cpp
${KLAY_SRC}/db/statement.cpp
${KLAY_SRC}/db/connection.cpp
- ${KLAY_SRC}/xml/node.cpp
- ${KLAY_SRC}/xml/parser.cpp
- ${KLAY_SRC}/xml/document.cpp
- ${KLAY_SRC}/xml/keepblanks.cpp
${KLAY_SRC}/rmi/socket.cpp
${KLAY_SRC}/rmi/client.cpp
${KLAY_SRC}/rmi/service.cpp
SET_TARGET_PROPERTIES(${PROJECT_NAME} PROPERTIES VERSION ${LIB_VERSION})
PKG_CHECK_MODULES(KLAY_DEPS REQUIRED gio-2.0
- libxml-2.0
sqlite3
dlog
libsystemd-daemon
+++ /dev/null
-/*
- * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License
- */
-#include <fcntl.h>
-#include <signal.h>
-#include <unistd.h>
-#include <sys/stat.h>
-#include <sys/types.h>
-#include <sys/mount.h>
-
-#include <regex>
-#include <fstream>
-
-#include <klay/cgroup.h>
-#include <klay/exception.h>
-#include <klay/filesystem.h>
-
-#define NAME_PATTERN "^[A-Za-z_][A-Za-z0-9_-]*"
-#define PATH_PATTERN "(/*[A-Za-z_][A-Za-z0-9_-]*)*"
-
-namespace klay {
-
-bool Cgroup::existSubsystem(const std::string& name)
-{
- try {
- if (!std::regex_match(name, std::regex(NAME_PATTERN))) {
- return false;
- }
- } catch (std::runtime_error &e) {
- throw klay::Exception("Unexpected regex error");
- }
-
- klay::File dir("/sys/fs/cgroup/" + name);
- if (dir.exists()) {
- if (dir.isDirectory()) {
- return true;
- }
- throw klay::Exception("Invalid subsystem name");
- }
-
- return false;
-}
-
-void Cgroup::createSubsystem(const std::string& name)
-{
- try {
- if (!std::regex_match(name, std::regex(NAME_PATTERN))) {
- throw klay::Exception("Invalid subsystem name");
- }
- } catch (std::runtime_error &e) {
- throw klay::Exception("Unexpected regex error");
- }
-
- if (existSubsystem(name)) {
- return;
- }
-
- klay::File subsystem("/sys/fs/cgroup/" + name);
- if (::mount(NULL, "/sys/fs/cgroup/", NULL, MS_REMOUNT |
- MS_NOSUID | MS_NOEXEC | MS_NODEV | MS_STRICTATIME,
- "mode=755")) {
- throw klay::Exception("Failed to remount cgroupfs as the writable");
- }
-
- if (!subsystem.exists()) {
- subsystem.makeDirectory(true);
- }
-
- if (::mount(name.c_str(), subsystem.getPath().c_str(),
- "cgroup", MS_NODEV | MS_NOSUID | MS_NOEXEC,
- ("none,name=" + name).c_str())) {
- subsystem.remove(false);
- throw klay::Exception("Failed to mount cgroup subsystem");
- }
-
- if (::mount(NULL, "/sys/fs/cgroup/", NULL, MS_REMOUNT | MS_RDONLY |
- MS_NOSUID | MS_NOEXEC | MS_NODEV | MS_STRICTATIME,
- "mode=755")) {
- throw klay::Exception("Failed to remount cgroupfs as the read-only");
- }
-}
-
-void Cgroup::destroySubsystem(const std::string& name)
-{
- if (!existSubsystem(name)) {
- throw klay::Exception("No such subsystem");
- }
-
- if (::mount(NULL, "/sys/fs/cgroup/", NULL, MS_REMOUNT |
- MS_NOSUID | MS_NOEXEC | MS_NODEV | MS_STRICTATIME,
- "mode=755")) {
- throw klay::Exception("Failed to remount cgroupfs as the writable");
- }
-
- klay::File subsystem("/sys/fs/cgroup/" + name);
- ::umount2(subsystem.getPath().c_str(), MNT_EXPIRE);
-
- subsystem.remove(false);
-
- if (::mount(NULL, "/sys/fs/cgroup/", NULL, MS_REMOUNT | MS_RDONLY |
- MS_NOSUID | MS_NOEXEC | MS_NODEV | MS_STRICTATIME,
- "mode=755")) {
- throw klay::Exception("Failed to remount cgroupfs as the read-only");
- }
-}
-
-bool Cgroup::exist(const std::string& subsystem, const std::string& path)
-{
- try {
- if (!std::regex_match(path, std::regex(PATH_PATTERN))) {
- return false;
- }
- } catch (std::runtime_error &e) {
- throw klay::Exception("Unexpected regex error");
- }
-
- klay::File dir("/sys/fs/cgroup/" + subsystem + "/" + path);
- if (dir.exists()) {
- if (dir.isDirectory()) {
- return true;
- }
- throw klay::Exception("Invalid path");
- }
-
- return false;
-}
-
-void Cgroup::create(const std::string& subsystem, const std::string& path)
-{
- try {
- if (!std::regex_match(path, std::regex(PATH_PATTERN))) {
- throw klay::Exception("Invalid path");
- }
- } catch (std::runtime_error &e) {
- throw klay::Exception("Unexpected regex error");
- }
-
- if (exist(subsystem, path)) {
- return;
- }
-
- klay::File dir("/sys/fs/cgroup/" + subsystem + "/" + path);
- dir.makeDirectory(true);
-}
-
-void Cgroup::destroy(const std::string& subsystem, const std::string& path)
-{
- if (!exist(subsystem, path)) {
- throw klay::Exception("No such path in subsystem");
- }
-
- klay::File dir("/sys/fs/cgroup/" + subsystem + "/" + path);
- dir.remove(false);
-}
-
-void Cgroup::addProcess(const std::string& subsystem, const std::string& path, const pid_t pid)
-{
- if (!exist(subsystem, path)) {
- throw klay::Exception("No such path in subsystem");
- }
-
- std::ofstream ofs("/sys/fs/cgroup/" + subsystem + "/" + path +
- "/tasks");
-
- ofs << pid << std::endl;
-}
-
-std::vector<pid_t> Cgroup::getProcessList(const std::string& subsystem, const std::string& path)
-{
- std::vector<pid_t> ret;
- std::ifstream ifs("/sys/fs/cgroup/" + subsystem + "/" + path +
- "/tasks");
-
- pid_t pid;
-
- ifs >> pid;
-
- while (ifs.good()) {
- ret.push_back(pid);
- ifs >> pid;
- }
-
- return ret;
-}
-
-const std::string Cgroup::getPath(const std::string& subsystem, const pid_t pid)
-{
- std::ifstream ifs("/proc/" + std::to_string(pid) + "/cgroup");
- std::string ret = "/", line;
-
- while (std::getline(ifs, line)) {
- std::stringstream lineStream(line);
- std::string name;
-
- //the first getline is for removing the first argument
- std::getline(lineStream, name, ':');
- std::getline(lineStream, name, ':');
-
- if (name == subsystem || name == "name=" + subsystem) {
- ret = line.substr(line.find('/'));
- }
- }
- return ret;
-}
-
-} // namespace klay
+++ /dev/null
-/*
- * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License
- */
-#include <vector>
-
-#include <fcntl.h>
-#include <unistd.h>
-#include <sys/mount.h>
-
-#include <klay/exception.h>
-#include <klay/namespace.h>
-
-namespace klay {
-
-namespace {
-
-typedef std::pair<std::string, int> NamespacePair;
-std::vector<NamespacePair> namespaces = {
- {"mnt", CLONE_NEWNS},
- {"net", CLONE_NEWNET},
- {"ipc", CLONE_NEWIPC},
- {"pid", CLONE_NEWPID},
- {"uts", CLONE_NEWUTS},
- {"user", CLONE_NEWUSER},
-#ifdef CLONE_NEWCGROUP
- {"cgroup", CLONE_NEWCGROUP},
-#endif
-};
-
-} // namespace
-
-void Namespace::attach(const pid_t pid)
-{
- for (const NamespacePair& ns : namespaces) {
- std::string nspath = "/proc/" + std::to_string(pid) + "/ns/" + ns.first;
-
- int fd;
- do {
- fd = ::open(nspath.c_str(), O_RDONLY);
- } while (fd == -1 && errno == EINTR);
-
- if (fd == -1) {
- if (errno != ENOENT) {
- throw klay::Exception("Failed to open namesapce: " + nspath);
- }
- } else {
- if (::setns(fd, ns.second)) {
- ::close(fd);
- throw klay::Exception("Failed to set namespace: " + nspath);
- }
- ::close(fd);
- }
- }
-}
-
-void Namespace::unshare(int flags)
-{
- if (::unshare(flags)) {
- throw klay::Exception("Failed to unshare namespace");
- }
-
- if (flags & CLONE_NEWNS &&
- ::mount(NULL, "/", NULL, MS_SLAVE | MS_REC, NULL) == -1) {
- throw klay::Exception("Failed to mount root filesystem");
- }
-}
-
-} // namespace klay
+++ /dev/null
-/*
- * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License
- */
-
-#include <string>
-#include <vector>
-
-#include <security/pam_ext.h>
-#include <security/pam_modules.h>
-
-#include <klay/pam.h>
-#include <klay/exception.h>
-
-namespace klay {
-
-PAM::PAM(const std::string& service, const std::string& user)
-{
- struct pam_conv pamc;
-
- int error = ::pam_start(service.c_str(), user.c_str(), &pamc, &pamh);
- if (error != PAM_SUCCESS) {
- throw klay::Exception("PAM Error");
- }
-}
-
-PAM::~PAM()
-{
- int error = ::pam_end(pamh, PAM_SUCCESS);
- if (error != PAM_SUCCESS) {
- throw klay::Exception("PAM Error");
- }
-}
-
-void PAM::setData(const std::string &name, void* data, void (*cleanup)(pam_handle_t* pamh, void* data, int error))
-{
- int error = ::pam_set_data(pamh, name.c_str(), data, cleanup);
- if (error != PAM_SUCCESS) {
- throw klay::Exception("PAM Error");
- }
-}
-
-const void* PAM::getData(const std::string &name) const
-{
- const void* ret;
- int error = ::pam_get_data(pamh, name.c_str(), &ret);
- if (error != PAM_SUCCESS) {
- throw klay::Exception("PAM Error");
- }
- return ret;
-}
-
-void PAM::setItem(int item, void* data)
-{
- int error = ::pam_set_item(pamh, item, data);
- if (error != PAM_SUCCESS) {
- throw klay::Exception("PAM Error");
- }
-}
-
-const void* PAM::getItem(int item) const
-{
- const void* ret;
- int error = ::pam_get_item(pamh, item, &ret);
- if (error != PAM_SUCCESS) {
- throw klay::Exception("PAM Error");
- }
- return ret;
-}
-
-const std::string PAM::getUser(const std::string &prompt) const
-{
- const char* user;
- int error = ::pam_get_user(pamh, &user, prompt.c_str());
- if (error != PAM_SUCCESS) {
- throw klay::Exception("PAM Error");
- }
- return std::string(user);
-}
-
-void PAM::putEnv(const std::string &name_value)
-{
- int error = ::pam_putenv(pamh, name_value.c_str());
- if (error != PAM_SUCCESS) {
- throw klay::Exception("PAM Error");
- }
-}
-
-const std::string PAM::getEnv(const std::string &name) const
-{
- const char* value = ::pam_getenv(pamh, name.c_str());
- if (value == NULL) {
- throw klay::Exception("PAM Error");
- }
- return value;
-}
-
-const std::vector<std::string> PAM::getEnvList() const
-{
- std::vector<std::string> ret;
- char** array = ::pam_getenvlist(pamh);
- if (array == NULL) {
- throw klay::Exception("PAM Error");
- }
- for (int i = 0; array[i] != NULL; i++) {
- ret.push_back(array[i]);
- }
- return ret;
-}
-
-void PAM::syslog(const std::string &log, int priority)
-{
- ::pam_syslog(pamh, priority, "%s", log.c_str());
-}
-
-
-int PAM::authenticate(int flags)
-{
- return ::pam_authenticate(pamh, flags);
-}
-
-int PAM::setCredential(int flags)
-{
- return ::pam_setcred(pamh, flags);
-}
-
-int PAM::accountManagement(int flags)
-{
- return ::pam_acct_mgmt(pamh, flags);
-}
-
-int PAM::changeAuthenticationToken(int flags)
-{
- return ::pam_chauthtok(pamh, flags);
-}
-
-void PAM::openSession(int flags)
-{
- int error = ::pam_open_session(pamh, flags);
- if (error != PAM_SUCCESS) {
- throw klay::Exception("PAM Error");
- }
-}
-
-void PAM::closeSession(int flags)
-{
- int error = ::pam_close_session(pamh, flags);
- if (error != PAM_SUCCESS) {
- throw klay::Exception("PAM Error");
- }
-}
-
-} // namespace klay
+++ /dev/null
-/*
- * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License
- */
-
-#include <libxml/xpath.h>
-
-#include <iostream>
-
-#include <klay/exception.h>
-#include <klay/xml/document.h>
-#include <klay/xml/keepblanks.h>
-
-namespace klay {
-namespace xml {
-
-Document::Document(const std::string& root, const std::string& version) :
- implementation(xmlNewDoc((const xmlChar*)version.c_str()))
-{
- if (implementation == nullptr) {
- throw klay::Exception("Failed to create document");
- }
-
- implementation->_private = this;
-
- xmlNode* rootPtr = xmlNewNode(NULL, xmlStrdup((const xmlChar*)root.c_str()));
- xmlDocSetRootElement(implementation, rootPtr);
-
- rootNode = new Node(rootPtr);
-}
-
-Document::Document(xmlDoc* doc)
- : implementation(doc)
-{
- implementation->_private = this;
-
- rootNode = new Node(xmlDocGetRootElement(implementation));
-}
-
-Document::~Document()
-{
- if (rootNode != nullptr) {
- delete rootNode;
- }
-
- xmlFreeDoc(implementation);
-}
-
-Node& Document::getRootNode()
-{
- if (rootNode == nullptr) {
- throw klay::Exception("Empty document");
- }
-
- return *rootNode;
-}
-
-Node::NodeList Document::evaluate(const std::string& xpath)
-{
- auto ctxt = xmlXPathNewContext(implementation);
- if (ctxt == nullptr) {
- throw klay::Exception("Failed to create XPath context for " + xpath);
- }
-
- auto result = xmlXPathEval((const xmlChar*)xpath.c_str(), ctxt);
- if (result == nullptr) {
- xmlXPathFreeContext(ctxt);
- throw klay::Exception("Invalid XPath: " + xpath);
- }
-
- if (result ->type != XPATH_NODESET) {
- xmlXPathFreeObject(result);
- xmlXPathFreeContext(ctxt);
-
- throw klay::Exception("Only nodeset result types are supported");
- }
-
- auto nodeset = result->nodesetval;
-
- Node::NodeList nodes;
- if ((nodeset == nullptr) || (xmlXPathNodeSetIsEmpty(nodeset))) {
- xmlXPathFreeContext(ctxt);
- return nodes;
- }
-
- const int count = xmlXPathNodeSetGetLength(nodeset);
-
- nodes.reserve(count);
- for (int i = 0; i != count; i++) {
- auto cnode = xmlXPathNodeSetItem(nodeset, i);
- if (!cnode) {
- continue;
- }
-
- if (cnode->type == XML_NAMESPACE_DECL) {
- continue;
- }
-
- nodes.emplace_back(cnode);
- }
-
- xmlXPathFreeObject(result);
- xmlXPathFreeContext(ctxt);
-
- return nodes;
-}
-
-void Document::write(const std::string& filename, const std::string& encoding, bool formatted)
-{
- KeepBlanks keepBlanks(KeepBlanks::Default);
- xmlIndentTreeOutput = formatted;
-
- xmlResetLastError();
-
- const int result = xmlSaveFormatFileEnc(filename.c_str(),
- implementation,
- encoding.c_str(),
- formatted);
- if (result == 0) {
- throw klay::Exception("Failed to write XML document");
- }
-}
-
-} // namespace xml
-} // namespace klay
+++ /dev/null
-/*
- * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License
- */
-#include <klay/xml/keepblanks.h>
-
-namespace klay {
-namespace xml {
-
-KeepBlanks::KeepBlanks(bool value)
-{
- preservedIndentTreeOutput = xmlIndentTreeOutput;
- preservedKeepBlanksDefault = xmlKeepBlanksDefault(value ? 1 : 0);
-}
-
-KeepBlanks::~KeepBlanks()
-{
- xmlKeepBlanksDefault(preservedKeepBlanksDefault);
- xmlIndentTreeOutput = preservedIndentTreeOutput;
-}
-
-} // namespace xml
-} // namespace klay
+++ /dev/null
-/*
- * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License
- */
-#include <klay/exception.h>
-#include <klay/xml/node.h>
-
-namespace klay {
-namespace xml {
-
-Node::Node(xmlNode* node) :
- implementation(node)
-{
-}
-
-Node::Node(Node&& node) :
- implementation(node.implementation)
-{
-}
-
-Node::~Node()
-{
-}
-
-Node::NodeList Node::getChildren() const
-{
- NodeList nodeList;
-
- auto child = implementation->xmlChildrenNode;
- while (child != nullptr) {
- nodeList.emplace_back(child);
- child = child->next;
- }
-
- return nodeList;
-}
-
-Node Node::addNewChild(const std::string& name)
-{
- xmlNode* nodePtr = xmlNewNode(NULL, xmlStrdup((const xmlChar*)name.c_str()));
- if (nodePtr == nullptr) {
- throw klay::Exception("Can not create a new node");
- }
- xmlAddChild(implementation, nodePtr);
-
- return Node(nodePtr);
-}
-
-std::string Node::getName() const
-{
- return implementation->name ? (const char*)implementation->name : "";
-}
-
-void Node::setName(const std::string& name)
-{
- xmlNodeSetName(implementation, (const xmlChar*)name.c_str());
-}
-
-std::string Node::getContent() const
-{
- xmlChar* content = xmlNodeGetContent(implementation);
- if (content == NULL) {
- return "";
- }
- std::string ret((const char*)content);
- xmlFree(content);
- return ret;
-}
-
-void Node::setContent(const std::string& content)
-{
- xmlNodeSetContent(implementation, (xmlChar*)content.c_str());
-}
-
-std::string Node::getProp(const std::string& name) const
-{
- if (implementation->type != XML_ELEMENT_NODE) {
- throw klay::Exception("This node type does not have properties");
- }
-
- xmlChar* prop = xmlGetProp(implementation, (xmlChar*)name.c_str());
- if (prop) {
- std::string ret((const char*)prop);
- xmlFree(prop);
- return ret;
- }
-
- return "";
-}
-
-void Node::setProp(const std::string& name, const std::string& val)
-{
- if (implementation->type != XML_ELEMENT_NODE) {
- throw klay::Exception("Can not set properties for this node type");
- }
-
- xmlSetProp(implementation, (xmlChar*)name.c_str(), (xmlChar*)val.c_str());
-}
-
-bool Node::isBlank() const
-{
- return xmlIsBlankNode(const_cast<xmlNode*>(implementation));
-}
-
-} // namespace xml
-} // namespace klay
+++ /dev/null
-/*
- * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License
- */
-#include <libxml/parserInternals.h>
-
-#include <klay/exception.h>
-#include <klay/xml/parser.h>
-#include <klay/xml/keepblanks.h>
-
-namespace klay {
-namespace xml {
-
-Document* Parser::parseContext(xmlParserCtxt* context, bool validate)
-{
- if (context == nullptr) {
- throw klay::Exception("Could not create parser context");
- }
-
- KeepBlanks(false);
-
- int options = 0;
-
- if (validate) {
- options |= XML_PARSE_DTDVALID;
- } else {
- options &= ~XML_PARSE_DTDVALID;
- }
-
- xmlCtxtUseOptions(context, options);
-
- if (xmlParseDocument(context) < 0) {
- xmlFreeParserCtxt(context);
- throw klay::Exception("Parsing failed");
- }
-
- xmlDoc* document = context->myDoc;
-
- // We took the ownership on the doc
- context->myDoc = nullptr;
-
- xmlFreeParserCtxt(context);
-
- return new Document(document);
-}
-
-Document* Parser::parseFile(const std::string& filename, bool validate)
-{
- xmlParserCtxt* context = xmlCreateFileParserCtxt(filename.c_str());
- if (context == nullptr) {
- throw klay::Exception("Could not create parser context");
- }
-
- if (context->directory == nullptr) {
- context->directory = xmlParserGetDirectory(filename.c_str());
- }
-
- return parseContext(context, validate);
-}
-
-Document* Parser::parseString(const std::string& xml, bool validate)
-{
- xmlParserCtxt* context = xmlCreateMemoryParserCtxt(xml.c_str(), xml.size() + 1);
-
- if (context == nullptr) {
- throw klay::Exception("Could not create parser context");
- }
-
- return parseContext(context, validate);
-}
-
-} // namespace xml
-} // namespace klay
SET(TEST_SRC main.cpp
rmi.cpp
- xml.cpp
auth.cpp
dbus.cpp
proc.cpp
TARGET_LINK_LIBRARIES(${PROJECT_NAME} ${TEST_DEPS_LIBRARIES} ${LFS_LDFLAGS} ${LFS_LIBS} klay pthread)
INSTALL(TARGETS ${PROJECT_NAME} DESTINATION bin)
-INSTALL(FILES data/sample-policy.xml DESTINATION ${TEST_DATA_INSTALL_DIR})
INSTALL(FILES data/test-proc.sh DESTINATION ${TEST_DATA_INSTALL_DIR})
+++ /dev/null
-<?xml version="1.0" encoding="utf-8"?>
-<manifest>
- <policy-version>0.1.0</policy-version>
- <policy-group name="APPLICATION">
- <policy name="SET_APP_INSTALLATION_MODE" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_APP_UNINSTALLATION_MODE" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- </policy-group>
-
- <policy-group name="ROAMING">
- <policy name="ALLOW_SYNC" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="ALLOW_DATA" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="ALLOW_PUSH" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- </policy-group>
-
- <policy-group name="PASSWORD">
- <policy name="SET_PASSWORD_QUALITY" status="OFF" retry="DEFAULT" priority="DEFAULT">0</policy>
- <policy name="SET_PASSWORD_MINIMUM_LENGTH" status="OFF" retry="DEFAULT" priority="DEFAULT">0</policy>
- <policy name="SET_PASSWORD_MAXIMUM_FAILED_FOR_WIPE" status="OFF" retry="DEFAULT" priority="DEFAULT">0</policy>
- <policy name="SET_PASSWORD_EXPIRE" status="OFF" retry="DEFAULT" priority="DEFAULT">0</policy>
- <policy name="SET_PASSWORD_MINIMUM_COMPLEX" status="OFF" retry="DEFAULT" priority="DEFAULT">0</policy>
- <policy name="SET_PASSWORD_PATTERN" status="OFF" retry="DEFAULT" priority="DEFAULT">empty</policy>
- <policy name="SET_HISTORY" status="OFF" retry="DEFAULT" priority="DEFAULT">0</policy>
- <policy name="SET_PASSWORD_RECOVERY" status="OFF" retry="DEFAULT" priority="DEFAULT">0</policy>
- <policy name="SET_PASSWORD_LOCK_DELAY" status="OFF" retry="DEFAULT" priority="DEFAULT">0</policy>
- <policy name="SET_INACTIVITY_TIME_DEVICE_LOCK" status="OFF" retry="DEFAULT" priority="DEFAULT">0</policy>
- <policy name="SET_PASSWORD_CHANGE_TIMEOUT" status="OFF" retry="DEFAULT" priority="DEFAULT">0</policy>
- <policy name="SET_MAXIMUM_CHARACTER_OCCURRENCES" status="OFF" retry="DEFAULT" priority="DEFAULT">0</policy>
- <policy name="SET_MAXIMUM_NUMERIC_SEQUENCES_LENGTH" status="OFF" retry="DEFAULT" priority="DEFAULT">0</policy>
- <policy name="SET_FORBIDDEN_STRINGS" status="OFF" retry="DEFAULT" priority="DEFAULT">empty</policy>
- </policy-group>
-
- <policy-group name="SECURITY">
- <policy name="INTERNAL_STORAGE_ENCRYPTION" status="OFF" retry="DEFAULT" priority="DEFAULT"/>
- <policy name="EXTERNAL_STORAGE_ENCRYPTION" status="OFF" retry="DEFAULT" priority="DEFAULT"/>
- <policy name="ALLOW_INTERNET_SHARING" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="ALLOW_DESKTOP_SYNC" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_REQUIRE_DEVICE_ENCRYPTION" status="OFF" retry="DEFAULT" priority="DEFAULT"/>
- <policy name="SET_REQUIRE_STORAGE_CARD_ENCRYPTION" status="OFF" retry="DEFAULT" priority="DEFAULT"/>
- </policy-group>
-
- <policy-group name="WIFI">
- <policy name="SET_ALLOW_WIFI" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_MINIMUM_REQUIRED_SECURITY" status="OFF" retry="DEFAULT" priority="DEFAULT">none</policy>
- <policy name="SET_TLS_CERTIFICATE_SECURITY_LEVEL" status="OFF" retry="DEFAULT" priority="DEFAULT">none</policy>
- <policy name="SET_PASSWORD_HIDDEN" status="OFF" retry="DEFAULT" priority="DEFAULT">disabled</policy>
- <policy name="SET_ALLOW_USER_POLICY_CHANGES" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="ALLOW_WIFI_AP_SETTING_USER_MODIFICATION" status="OFF" retry="DEFAULT" priority="DEFAULT">enabled</policy>
- <policy name="ACTIVATE_WIFI_SSID_RESTRICTION" status="OFF" retry="DEFAULT" priority="DEFAULT">disabled</policy>
- </policy-group>
-
- <policy-group name="BLUETOOTH">
- <policy name="SET_ALLOW_BLUETOOTH" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_ALLOW_BLUETOOTH_OUTGOING_CALL" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_BLUETOOTH_A2DP_PROFILE_STATE" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_BLUETOOTH_AVRCP_PROFILE_STATE" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_BLUETOOTH_BPP_PROFILE_STATE" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_BLUETOOTH_DUN_PROFILE_STATE" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_BLUETOOTH_FTP_PROFILE_STATE" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_BLUETOOTH_HFP_PROFILE_STATE" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_BLUETOOTH_HSP_PROFILE_STATE" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_BLUETOOTH_PBAP_PROFILE_STATE" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_BLUETOOTH_SAP_PROFILE_STATE" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_BLUETOOTH_SPP_PROFILE_STATE" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_BLUETOOTH_DESKTOP_CONNECTIVITY_STATE" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_BLUETOOTH_DISCOVERABLE_STATE" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_BLUETOOTH_PARINIG_STATE" satus="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_BLUETOOTH_LIMITED_DISCOVERABLE_STATE" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_BLUETOOTH_DATA_TRANSFER" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="ACTIVATE_BLUETOOTH_UUID_RESTRICTION" status="OFF" retry="DEFAULT" priority="DEFAULT">disabled</policy>
- <policy name="ACTIVATE_BLUETOOTH_DEVICE_RESTRICTION" status="OFF" retry="DEFAULT" priority="DEFAULT">disabled</policy>
- </policy-group>
-
- <policy-group name="MISC">
- <policy name="SET_ALLOW_CAMERA" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_ALLOW_MIC" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_ALLOW_LOCATION" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_ALLOW_SD_CARD" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_ALLOW_TEXT_MESSAGING" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_ALLOW_POP_IMAP_EMAIL" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_ALLOW_BROWSER" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- </policy-group>
-
- <policy-group name="DEVICE_INVENTORY">
- <policy name="ENABLE_CALL_CAPTURE" status="OFF" retry="DEFAULT" priority="DEFAULT">disabled</policy>
- <policy name="ENABLE_SMS_CAPTURE" status="OFF" retry="DEFAULT" priority="DEFAULT">disabled</policy>
- <policy name="ENABLE_WIFI_STATISTICS" status="OFF" retry="DEFAULT" priority="DEFAULT">enabled</policy>
- </policy-group>
-
- <policy-group name="PHONE_RESTRICTION">
- <policy name="ENABLE_LIMIT_NUMBER_OF_CALLS" status="OFF" retry="DEFAULT" priority="DEFAULT">0</policy>
- <policy name="ENALBE_LIMIT_NUMBER_OF_SMS" status="OFF" retry="DEFAULT" priority="DEFAULT">0</policy>
- <policy name="ENABLE_LIMIT_USAGE_OF_DATA_CALL" status="OFF" retry="DEFAULT" priority="DEFAULT">0</policy>
- <policy name="ENABLE_EMERGENCY_CALL_ONLY" status="OFF" retry="DEFAULT" priority="DEFAULT">0</policy>
- <policy name="SET_INCOMING_CALL_RESTRICTION" status="OFF" retry="DEFAULT" priority="DEFAULT">0</policy>
- <policy name="SET_INCOMING_SMS_RESTRICTION" status="OFF" retry="DEFAULT" priority="DEFAULT">0</policy>
- <policy name="SET_LIMIT_OF_DATA_CALLS" status="OFF" retry="DEFAULT" priority="DEFAULT">0,0,0</policy>
- <policy name="SET_LIMIT_OF_INCOMING_CALLS" status="OFF" retry="DEFAULT" priority="DEFAULT">0,0,0</policy>
- <policy name="SET_LIMIT_OF_INCOMING_SMS" status="OFF" retry="DEFAULT" priority="DEFAULT">0,0,0</policy>
- <policy name="SET_LIMIT_OF_OUTGOING_CALLS" status="OFF" retry="DEFAULT" priority="DEFAULT">0,0,0</policy>
- <policy name="SET_LIMIT_OF_OUTGOING_SMS" status="OFF" retry="DEFAULT" priority="DEFAULT">0,0,0</policy>
- <policy name="SET_OUTGOING_CALL_RESTRICTION" status="OFF" retry="DEFAULT" priority="DEFAULT">0</policy>
- <policy name="SET_OUTGOING_SMS_RESTRICTION" status="OFF" retry="DEFAULT" priority="DEFAULT">0</policy>
- </policy-group>
-
- <policy-group name="RESTRICTION">
- <policy name="SET_ALLOW_LOCATION_METHOD_NETWORK" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_ALLOW_LOCATION_METHOD_GPS" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_ALLOW_FACTORY_RESET" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_ALLOW_SETTINGS_CHANGES" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_ALLOW_NONMARKET_APPS" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_ALLOW_BACKGROUND_DATA" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_ALLOW_BACKUP" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_ALLOW_BLUETOOTH_TETHERING" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_ALLOW_CELLULAR_DATA" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_ALLOW_CLIPBOARD_ENABLED" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_ALLOW_ENABLE_NFC" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_ALLOW_HOME_KEY" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_ALLOW_MOCK_LOCATION" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_ALLOW_SCREEN_CAPTURE" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_ALLOW_SDCARD" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_ALLOW_TETHERING" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_ALLOW_USB_DEBUGGING" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_ALLOW_USB_KIES_AVAILABILITY" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_ALLOW_USB_MASS_STORAGE" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_ALLOW_USB_MEDIA_PLAYER_AVAILABILITY" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_ALLOW_USB_TETHERING" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_ALLOW_WIFI_TETHERING" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_ALLOW_VPN" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- </policy-group>
-
- <policy-group name="BROWSER">
- <policy name="SET_AUTOFILL_SETTING" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_COOKIES_SETTING" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_FORCE_FRAUD_WARNING_SETTING" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_JAVASCRIPT_SETTING" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_POPUP_S_SETTING" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- </policy-group>
-
- <policy-group name="FIREWALL">
- <policy name="SET_IPTABLES_ALLOW_RULES" status="OFF" retry="DEFAULT" priority="DEFAULT">empty</policy>
- <policy name="SET_IPTABLES_DENY_RULES" status="OFF" retry="DEFAULT" priority="DEFAULT">empty</policy>
- <policy name="SET_IPTABLES_OPTION" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_IPTABLES_PROXY_OPTION" status="OFF" retry="DEFAULT" priority="DEFAULT">allowed</policy>
- <policy name="SET_IPTABLES_PROXY_RULES" status="OFF" retry="DEFAULT" priority="DEFAULT">empty</policy>
- <policy name="SET_IPTABLES_REROUTE_RULES" status="OFF" retry="DEFAULT" priority="DEFAULT">empty</policy>
- </policy-group>
-</manifest>
projects / platform / core / security / klay.git / commitdiff