projects / platform / core / security / security-manager.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 5b9a7c2)
Add policy migration infrastructure 10/89910/1
authorRafal Krypa <r.krypa@samsung.com>
Mon, 19 Sep 2016 08:24:38 +0000 (10:24 +0200)
committerRafal Krypa <r.krypa@samsung.com>
Tue, 27 Sep 2016 11:17:32 +0000 (13:17 +0200)
Add support for migrating policy configuration. We already have policy version
information (current version is 1). When a change happens, appropriate script
should be provided for migration and bumping the version.

Change-Id: Iee5bdcc368a879053cd20e8feb37b67931218ad3

packaging/security-manager.spec patch | blob | history
policy/CMakeLists.txt patch | blob | history
policy/update.sh [new file with mode: 0755] patch | blob
policy/updates/update-policy-to-v1.sh [new file with mode: 0755] patch | blob

diff --git a/packaging/security-manager.spec b/packaging/security-manager.spec
index ae8db41..2022149 100644 (file)
--- a/packaging/security-manager.spec
+++ b/packaging/security-manager.spec
@@ -167,6 +167,7 @@ fi
 %postun -n libnss-security-manager -p /sbin/ldconfig
 
 %post policy
+%{_datadir}/security-manager/policy/update.sh
 %{_bindir}/security-manager-policy-reload
 
 %files -n security-manager
diff --git a/policy/CMakeLists.txt b/policy/CMakeLists.txt
index 60f3540..4d2123e 100644 (file)
--- a/policy/CMakeLists.txt
+++ b/policy/CMakeLists.txt
@@ -7,5 +7,7 @@ INSTALL(FILES "app-rules-template.smack" DESTINATION ${POLICY_DIR})
 INSTALL(FILES "pkg-rules-template.smack" DESTINATION ${POLICY_DIR})
 INSTALL(FILES "author-rules-template.smack" DESTINATION ${POLICY_DIR})
 INSTALL(FILES "privilege-group.list" DESTINATION ${POLICY_DIR})
+INSTALL(PROGRAMS "update.sh" DESTINATION ${POLICY_DIR})
+INSTALL(DIRECTORY "updates" USE_SOURCE_PERMISSIONS DESTINATION ${POLICY_DIR})
 INSTALL(FILES "policy-version" DESTINATION ${LOCAL_STATE_DIR}/security-manager/)
 INSTALL(PROGRAMS security-manager-policy-reload DESTINATION ${BIN_INSTALL_DIR})
diff --git a/policy/update.sh b/policy/update.sh
new file mode 100755 (executable)
index 0000000..d265f87
--- /dev/null
+++ b/policy/update.sh
@@ -0,0 +1,21 @@
+#!/bin/sh -e
+
+export PATH=/bin:/usr/bin:/sbin:/usr/sbin
+
+. /etc/tizen-platform.conf
+
+policy_version_file=$TZ_SYS_VAR/security-manager/policy-version
+updates_dir=$TZ_SYS_RO_SHARE/security-manager/policy/updates
+
+current_version=`cat $policy_version_file`
+for file in `ls -v $updates_dir/update-policy-to-v*.sh`
+do
+    version=`echo $file | sed -r 's/.*-v([0-9]+)\.sh$/\1/'`
+    if [ $version -gt $current_version ]
+    then
+        echo Updating policy to v$version
+        $file
+        current_version=$version
+        echo $current_version >$policy_version_file
+    fi
+done
diff --git a/policy/updates/update-policy-to-v1.sh b/policy/updates/update-policy-to-v1.sh
new file mode 100755 (executable)
index 0000000..e705cad
--- /dev/null
+++ b/policy/updates/update-policy-to-v1.sh
@@ -0,0 +1,7 @@
+#!/bin/sh -e
+
+export PATH=/sbin:/usr/sbin:/bin:/usr/bin
+
+. /etc/tizen-platform.conf
+
+echo "Initial version, nothing to do"
Domain: Security / Access Control;