Give capabilities to audit-trail

- audit-trail needs cap_audit_control and cap_audit_write
- update service list for audit-trail

Change-Id: I2ccc8feb19994293c890ad343bb5c94d910739f4

diff --git a/config/set_capability b/config/set_capability
index 8cad27185ae0a7687db49563e61fcdf5ecb174b6..337d8045f410e7b64447afed95edf9343b8980bd 100755 (executable)
--- a/config/set_capability
+++ b/config/set_capability
@@ -596,6 +596,17 @@ if [ -e "/usr/bin/stc-iptables" ]
 then /usr/sbin/setcap cap_net_bind_service,cap_net_raw,cap_net_admin=ei /usr/bin/stc-iptables
 fi
 
+# Package               platform/core/security/audit-trail
+# Owner                 Jaemin Ryu(jm77.ryu@samsung.com)
+# Date                  May 3, 2018
+# Required              cap_audit_control,cap_audit_write
+# cap_audit_control    To change auditing filter rules
+# cap_audit_write      To record the kernel auditing log
+
+if [ -e "/usr/bin/audit-trail-daemon" ]
+then /usr/sbin/setcap cap_audit_control,cap_audit_write=ei /usr/bin/audit-trail-daemon
+fi
+
 # TODO: MOVE TO OTHER SCRIPT OR REMOVE
 # Requested by sooyeon.kim@samsung.com
 if [ -e "/etc/skel/share/.voice" ]

diff --git a/test/new_service_test/emulator/mobile/systemd_service.list b/test/new_service_test/emulator/mobile/systemd_service.list
index 93686bc792619a4347e04a1ce3bdf22f100765e8..d602817ad7351a986711dd9bc2bd531fe6eec035 100644 (file)
--- a/test/new_service_test/emulator/mobile/systemd_service.list
+++ b/test/new_service_test/emulator/mobile/systemd_service.list
@@ -2,6 +2,7 @@ ac.service;app_fw;app_fw;System;
 accounts-service.service;service_fw;service_fw;System;
 alarm-server.service;app_fw;app_fw;System;
 app2sd-server.service;root;root;System;
+audit-trail.service;security_fw;security_fw;System;
 auth-fw.service;security_fw;security_fw;System;
 bluetooth-address.service;network_fw;network_fw;System;
 bluetooth-force-hci-logger.service;network_fw;network_fw;System;

diff --git a/test/new_service_test/emulator/tv/systemd_service.list b/test/new_service_test/emulator/tv/systemd_service.list
index d32509f04a56495fbc63b77349967769e38564ed..db375a4a1942593910dc8ddddcf85757485af207 100644 (file)
--- a/test/new_service_test/emulator/tv/systemd_service.list
+++ b/test/new_service_test/emulator/tv/systemd_service.list
@@ -1,5 +1,6 @@
 ac.service;app_fw;app_fw;System;
 alarm-server.service;app_fw;app_fw;System;
+audit-trail.service;security_fw;security_fw;System;
 auth-fw.service;security_fw;security_fw;System;
 bluetooth.service;network_fw;network_fw;System;
 bluetooth-address.service;network_fw;network_fw;System;

diff --git a/test/new_service_test/emulator/wearable/systemd_service.list b/test/new_service_test/emulator/wearable/systemd_service.list
index c3340c63f35c9bb62a4d6071ec5013da76bd96e9..ff34ee1f0832d53db625b2695ce8cd85db6c7e65 100644 (file)
--- a/test/new_service_test/emulator/wearable/systemd_service.list
+++ b/test/new_service_test/emulator/wearable/systemd_service.list
@@ -1,6 +1,7 @@
 ac.service;app_fw;app_fw;System;
 accounts-service.service;service_fw;service_fw;System;
 alarm-server.service;app_fw;app_fw;System;
+audit-trail.service;security_fw;security_fw;System;
 auth-fw.service;security_fw;security_fw;System;
 bluetooth-address.service;network_fw;network_fw;System;
 bluetooth-force-hci-logger.service;network_fw;network_fw;System;

diff --git a/test/new_service_test/target/mobile/systemd_service.list b/test/new_service_test/target/mobile/systemd_service.list
index b80c67b72d213dbff0f547a0fa265e34dc19a451..9a7c55104c1b614eaa4513a1dd2d151a3f621151 100644 (file)
--- a/test/new_service_test/target/mobile/systemd_service.list
+++ b/test/new_service_test/target/mobile/systemd_service.list
@@ -2,6 +2,7 @@ ac.service;app_fw;app_fw;System;
 accounts-service.service;service_fw;service_fw;System;
 alarm-server.service;app_fw;app_fw;System;
 app2sd-server.service;root;root;System;
+audit-trail.service;security_fw;security_fw;System;
 auth-fw.service;security_fw;security_fw;System;
 bluetooth-address.service;network_fw;network_fw;System;
 bluetooth-force-hci-logger.service;network_fw;network_fw;System;

diff --git a/test/new_service_test/target/tv/systemd_service.list b/test/new_service_test/target/tv/systemd_service.list
index f861195a47f80597fed1f8e5989ec1e0507a2972..f451f6ed62cc21f5ca339802f99542f865364787 100644 (file)
--- a/test/new_service_test/target/tv/systemd_service.list
+++ b/test/new_service_test/target/tv/systemd_service.list
@@ -1,5 +1,6 @@
 ac.service;app_fw;app_fw;System;
 alarm-server.service;app_fw;app_fw;System;
+audit-trail.service;security_fw;security_fw;System;
 auth-fw.service;security_fw;security_fw;System;
 bluetooth.service;network_fw;network_fw;System;
 bluetooth-address.service;network_fw;network_fw;System;

diff --git a/test/new_service_test/target/wearable/systemd_service.list b/test/new_service_test/target/wearable/systemd_service.list
index a451d73cd2729f953fcec517f7ee4a223d384963..fb807617511d3f31e7e3313b4304781e1cfa5a87 100644 (file)
--- a/test/new_service_test/target/wearable/systemd_service.list
+++ b/test/new_service_test/target/wearable/systemd_service.list
@@ -1,6 +1,7 @@
 ac.service;app_fw;app_fw;System;
 accounts-service.service;service_fw;service_fw;System;
 alarm-server.service;app_fw;app_fw;System;
+audit-trail.service;security_fw;security_fw;System;
 auth-fw.service;security_fw;security_fw;System;
 bluetooth-address.service;network_fw;network_fw;System;
 bluetooth-force-hci-logger.service;network_fw;network_fw;System;