Convert privileges for compatibility

convert privileges for compatibility before security context
installation.
it also filters wrong privileges.

Change-Id: I22b03f6493e9b56122919d3a7512180643b74b36
Signed-off-by: Sangyoon Jang <s89.jang@samsung.com>

diff --git a/CMakeLists.txt b/CMakeLists.txt
index 2f902ad7332fe19b6ace70fe408e766da7455d33..23ca2d2f77ec8421aa27dd4186f91067a27e16be 100644 (file)
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -29,7 +29,7 @@ FOREACH(flag ${pkgs_initdb_CFLAGS})
        SET(EXTRA_CFLAGS "${EXTRA_CFLAGS} ${flag}")
 ENDFOREACH(flag)
 
-pkg_check_modules(pkgs_test REQUIRED dlog glib-2.0 libxml-2.0 bundle pkgmgr-parser pkgmgr-info libtzplatform-config security-manager pkgmgr)
+pkg_check_modules(pkgs_test REQUIRED dlog glib-2.0 libxml-2.0 bundle pkgmgr-parser pkgmgr-info libtzplatform-config security-manager pkgmgr capi-security-privilege-manager)
 FOREACH(flag ${pkgs_test_CFLAGS})
        SET(EXTRA_CFLAGS "${EXTRA_CFLAGS} ${flag}")
 ENDFOREACH(flag)

diff --git a/packaging/pkgmgr-tool.spec b/packaging/pkgmgr-tool.spec
index a869486183df571fbd792ed40def0043f0ac7bfb..9b5c1bae83aeeb361101b9514861ebd453cff5cb 100644 (file)
--- a/packaging/pkgmgr-tool.spec
+++ b/packaging/pkgmgr-tool.spec
@@ -23,6 +23,7 @@ BuildRequires:  pkgconfig(xdgmime)
 BuildRequires:  pkgconfig(db-util)
 BuildRequires:  pkgconfig(libsmack)
 BuildRequires:  pkgconfig(pkgmgr)
+BuildRequires:  pkgconfig(capi-security-privilege-manager)
 BuildRequires:  pkgmgr-info-parser-devel
 BuildRequires:  pkgmgr-info-parser
 BuildRequires:  fdupes

diff --git a/src/pkg_privilege.c b/src/pkg_privilege.c
index 5eb411c7a130746397dbf294ab38886bbecb20a7..abac983d426ef173e70ef66e2e5a17b2daf586c7 100644 (file)
--- a/src/pkg_privilege.c
+++ b/src/pkg_privilege.c
@@ -8,11 +8,31 @@
 
 #include <tzplatform_config.h>
 #include <security-manager.h>
+#include <privilege_manager.h>
 #include <pkgmgr_parser.h>
 
 #define OWNER_ROOT 0
 #define GLOBAL_USER tzplatform_getuid(TZ_SYS_GLOBALAPP_USER)
 
+static int _convert_privilege_for_compatibility(const char *api_version,
+               GList *in_priv, GList **out_priv)
+{
+       int ret;
+
+       if (g_list_length(in_priv) == 0)
+               return 0;
+
+       ret = privilege_manager_get_mapped_privilege_list(api_version,
+                       PRVMGR_PACKAGE_TYPE_CORE, in_priv, out_priv);
+       if (ret != PRVMGR_ERR_NONE) {
+               printf("privilege_manager_get_mapped_privilege_list error: "
+                               "%d\n", ret);
+               return -1;
+       }
+
+       return 0;
+}
+
 static const char *_get_pkg_root_path(const char *pkgid)
 {
        const char *path;
@@ -115,6 +135,7 @@ static void _insert_application_cb(gpointer data, gpointer user_data)
        app_inst_req *req;
        application_x *app = (application_x *)data;
        package_x *pkg = (package_x *)user_data;
+       GList *priv = NULL;
 
        req = _prepare_request(pkg->package, app->appid);
        if (req == NULL) {
@@ -131,7 +152,15 @@ static void _insert_application_cb(gpointer data, gpointer user_data)
                                DEFAULT_PRIVILEGE_PLATFORM);
        }
 
-       g_list_foreach(pkg->privileges, _insert_privilege_cb, (gpointer)req);
+       if (_convert_privilege_for_compatibility(pkg->api_version,
+                               pkg->privileges, &priv)) {
+               printf("convert privilege failed\n");
+               return;
+       }
+
+       g_list_foreach(priv, _insert_privilege_cb, (gpointer)req);
+
+       g_list_free_full(priv, free);
 
        ret = security_manager_app_install(req);
        if (ret != SECURITY_MANAGER_SUCCESS)