Refactoring smack labels of Homes

This evolution bring major changes to the architecture
of the home directories. The smack labels are chenged
to allow applications to run with their own label.

1. The directories TZ_USER_APP, TZ_USER_DESKTOP,
TZ_USER_DB and TZ_USER_ICONS are now labelled System::Shared
because they are managed by the framework-system with some
read access rights for users.

2. Two new directories are set up: TZ_USER_HOME/.pki/nssdb
and TZ_USER_APP/xwalk-service. They both are needed and
used by the WRT crosswalk.

Change-Id: I5bd0f50e44f85395968e83d760095df45acaf8e0
Signed-off-by: José Bollo <jose.bollo@open.eurogiciel.org>

diff --git a/packaging/tizen-platform-config.spec b/packaging/tizen-platform-config.spec
index 19e47a8..6c161a8 100644 (file)
--- a/packaging/tizen-platform-config.spec
+++ b/packaging/tizen-platform-config.spec
@@ -78,7 +78,6 @@ MODE 700
 SMACK User::Home true
 $TZ_USER_HOME
 $TZ_USER_APPROOT
-$TZ_USER_ICONS
 $TZ_USER_CONTENT
 
 SMACK User::App::Shared true
@@ -93,11 +92,16 @@ $TZ_USER_MUSIC
 $TZ_USER_VIDEOS
 $TZ_USER_SHARE
 $TZ_USER_CACHE
+$TZ_USER_HOME/.pki/nssdb
+$TZ_USER_APP/xwalk-service
 
-SMACK User false
-$TZ_USER_APP
+SMACK System::Shared true
 $TZ_USER_DB
 $TZ_USER_DESKTOP
+$TZ_USER_APP
+$TZ_USER_ICONS
+
+SMACK User false
 $TZ_USER_PACKAGES
 ENDOFCAT
 while read s1 s2 s3; do
@@ -112,9 +116,9 @@ LANG=C sort |
 while read dirname mode context transmute; do
         mkdir -p -m "$mode" "$dirname"
         if [ "$transmute" = true ]; then
-                chsmack -a "$context" "$dirname"
+                chsmack -a "$context" -t "$dirname"
         else
-                chsmack -t -a "$context" "$dirname"
+                chsmack -a "$context" "$dirname"
         fi >&2
 done
 HOME="$saveHOME"