privilege: Replace the code that accesses the attr with the cynara API

Replace the code that directly accesses /proc/self/attr/current
with a cynara API called cynara_creds_self_get_client.
This is because, direct accessing to /proc/self/attr/current is invalid when SMACK is disabled.

Change-Id: I5b99e5af4ad6be446a52ea6f0caa03720826e2ed
Signed-off-by: Unsung Lee <unsung.lee@samsung.com>

diff --git a/lib/CMakeLists.txt b/lib/CMakeLists.txt
index fd2f3d12a78df532683d4529cc95f581dc7ff8d4..7026c2ea2addf0aacf023ab4f5846ba658f13883 100644 (file)
--- a/lib/CMakeLists.txt
+++ b/lib/CMakeLists.txt
@@ -19,6 +19,7 @@ SET(PKG_MODULES
        glib-2.0
        cynara-client
        cynara-session
+       cynara-creds-self
 )
 
 INCLUDE(FindPkgConfig)

diff --git a/packaging/pass.spec b/packaging/pass.spec
index 4fb2a866eb39f7b904f41913ef4f2c6767509e3c..fd5caf3a58491bcf332ee524648311383ee5a599 100644 (file)
--- a/packaging/pass.spec
+++ b/packaging/pass.spec
@@ -31,6 +31,7 @@ BuildRequires:  pkgconfig(json-c)
 BuildRequires:  pkgconfig(hal-api-power)
 BuildRequires:  pkgconfig(cynara-client)
 BuildRequires:  pkgconfig(cynara-session)
+BuildRequires:  pkgconfig(cynara-creds-self)
 
 %description
 PASS  (Power-Aware System Service)

diff --git a/src/util/privilege.c b/src/util/privilege.c
index 59d8dc94aa523354728edbf940d2a47803acd3dd..43259e60362aea76d142b65c4392547d3f3140af 100644 (file)
--- a/src/util/privilege.c
+++ b/src/util/privilege.c
@@ -23,6 +23,7 @@
 
 #include <cynara-client.h>
 #include <cynara-session.h>
+#include <cynara-creds-self.h>
 
 #include <util/log.h>
 #include <util/common.h>
@@ -33,10 +34,9 @@ extern char *program_invocation_name;
 int privilege_get_privilege_supported(const char *privilege_name, bool *privilege_supported)
 {
        cynara *cynara = NULL;
-       FILE *fp = NULL;
        char uid[16];
        char *session = NULL;
-       char smack_label[BUFF_MAX] = {0, };
+       char *smack_label = NULL;
        int ret;
 
        if (!privilege_supported)
@@ -48,15 +48,10 @@ int privilege_get_privilege_supported(const char *privilege_name, bool *privileg
                return -EPERM;
        }
 
-       fp = fopen("/proc/self/attr/current", "r");
-       if (fp != NULL) {
-               int ch = 0;
-               int idx = 0;
-               while (EOF != (ch = fgetc(fp))) {
-                       smack_label[idx] = ch;
-                       idx++;
-               }
-               fclose(fp);
+       if (cynara_creds_self_get_client(CLIENT_METHOD_DEFAULT, &smack_label) != CYNARA_API_SUCCESS) {
+               _E("Failed to get smack label by cynara_creds_self_get_client()");
+               *privilege_supported = false;
+               return -EPERM;
        }
 
        pid_t pid = getpid();
@@ -69,6 +64,8 @@ int privilege_get_privilege_supported(const char *privilege_name, bool *privileg
                free(session);
        if (cynara)
                cynara_finish(cynara);
+       if (smack_label)
+               free(smack_label);
        if (ret != CYNARA_API_ACCESS_ALLOWED) {
                _W("'%s' privilege is not supported on %s",
                                privilege_name, program_invocation_name);

diff --git a/tests/integration-test/CMakeLists.txt b/tests/integration-test/CMakeLists.txt
index 2918a863cafb3afe2762f8eab08dc59dd01400fd..c407c972f099bbcdbf6221f7ff31d04fbe719157 100644 (file)
--- a/tests/integration-test/CMakeLists.txt
+++ b/tests/integration-test/CMakeLists.txt
@@ -27,6 +27,7 @@ pkg_check_modules(gtest_pkgs REQUIRED
        hal-api-power
        cynara-client
        cynara-session
+       cynara-creds-self
        libudev
 )
 

diff --git a/tools/resource-monitor/CMakeLists.txt b/tools/resource-monitor/CMakeLists.txt
index 8746e13bb95a15e5b876cfcaba7bd3a297eabb5d..2abd4c67f314ac2aa33f3f6ebd39debc71e14110 100644 (file)
--- a/tools/resource-monitor/CMakeLists.txt
+++ b/tools/resource-monitor/CMakeLists.txt
@@ -20,6 +20,7 @@ pkg_check_modules(gtest_pkgs REQUIRED
        json-c
        cynara-client
        cynara-session
+       cynara-creds-self
 )
 
 FOREACH(flag ${gtest_pkgs_CFLAGS})