change service's user from root to service_fw & remove smack capability.

author jiseob.jang <jiseob.jang@samsung.com>

Mon, 13 Jun 2016 10:03:14 +0000 (19:03 +0900)

committer jiseob.jang <jiseob.jang@samsung.com>

Mon, 13 Jun 2016 10:03:14 +0000 (19:03 +0900)
author jiseob.jang <jiseob.jang@samsung.com>
Mon, 13 Jun 2016 10:03:14 +0000 (19:03 +0900)
committer jiseob.jang <jiseob.jang@samsung.com>
Mon, 13 Jun 2016 10:03:14 +0000 (19:03 +0900)
diff --git a/packaging/account-manager.spec b/packaging/account-manager.spec

index 52fb43b..84992a3 100644 (file)
--- a/packaging/account-manager.spec
+++ b/packaging/account-manager.spec
@@ -1,7 +1,7 @@
  
  Name:       account-manager
  Summary:    Account Manager
-Version:    0.1.4
+Version:    0.1.5
  Release:    1
  Group:      Social & Content/Other
  License:    Apache-2.0
@@ -93,8 +93,8 @@ then
  '
  fi
  
-#chown system:system %{TZ_SYS_DB}/.account.db
-#chown system:system %{TZ_SYS_DB}/.account.db-journal
+chown service_fw:service_fw %{TZ_SYS_DB}/.account.db
+chown service_fw:service_fw %{TZ_SYS_DB}/.account.db-journal
  
  #chmod 600 %{TZ_SYS_DB}/.account.db
  #chmod 600 %{TZ_SYS_DB}/.account.db-journal
diff --git a/packaging/accounts-service.service b/packaging/accounts-service.service

index 41eabef..d537c5d 100644 (file)
--- a/packaging/accounts-service.service
+++ b/packaging/accounts-service.service
@@ -1,16 +1,16 @@
  [Unit]
  Description=Accounts service
-After=tizen-runtime.target
-Requires=tizen-runtime.target
+After=dbus.socket
+Requires=dbus.socket
  
  [Service]
-#User=system
-#Gruop=system
  Type=dbus
  BusName=org.tizen.account.manager
  ExecStart=/usr/bin/account-svcd
-#Restart=always
-#RestartSec=1
+CapabilityBoundSet=~CAP_MAC_ADMIN
+CapabilityBoundSet=~CAP_MAC_OVERRIDE
+User=service_fw
+Group=service_fw
  
  [Install]
  WantedBy=multi-user.target
diff --git a/packaging/org.tizen.account.manager.service b/packaging/org.tizen.account.manager.service

index 50e4af2..c6108fa 100644 (file)
--- a/packaging/org.tizen.account.manager.service
+++ b/packaging/org.tizen.account.manager.service
@@ -3,6 +3,5 @@ Description=Account Service D-BUS
  
  [D-BUS Service]
  Name=org.tizen.account.manager
-Exec=/usr/bin/account-svcd
-User=root
-Group=root
+Exec=/bin/false
+SystemdService=accounts-service.service
diff --git a/server/src/account-server-db.c b/server/src/account-server-db.c

index 807837d..1ef550b 100644 (file)
--- a/server/src/account-server-db.c
+++ b/server/src/account-server-db.c
@@ -351,7 +351,7 @@ int _account_db_open(int mode, int pid, uid_t uid)
  
         ACCOUNT_GET_USER_DB_DIR(account_db_dir, sizeof(account_db_dir), uid);
  
-       if (mkdir(account_db_dir, 644) != 0)
+       if (mkdir(account_db_dir, 0775) != 0)
                 ACCOUNT_DEBUG("mkdir \"%s\" fail", account_db_dir);
author	jiseob.jang <jiseob.jang@samsung.com>
	Mon, 13 Jun 2016 10:03:14 +0000 (19:03 +0900)
committer	jiseob.jang <jiseob.jang@samsung.com>
	Mon, 13 Jun 2016 10:03:14 +0000 (19:03 +0900)
packaging/account-manager.spec		patch \| blob \| history
packaging/accounts-service.service		patch \| blob \| history
packaging/org.tizen.account.manager.service		patch \| blob \| history
server/src/account-server-db.c		patch \| blob \| history