[Problem]
Most db files have 'floor' label. Because these are created when binary is built.
No process can write db (since 'floor' label allows only read and execute)
[Solution]
Modify smack label based on below condition and three domain model
Condition1. Assign domain of process creates db files
Condition2. Assign domain of process uses db files.
Change-Id: Ie9febb019833c04b4f634cb2751dec3a6bc31bdb
Signed-off-by: jooseong.lee <jooseong.lee@samsung.com>
<request>
<domain name="_" />
</request>
+ <assign>
+ <filesystem path="/opt/dbspace/.privacylist.db*" label="User" />
+ </assign>
</manifest>
echo "Create privacy DB"
%{_bindir}/privacy_manager_create_clean_db.sh
fi
+chsmack -a 'User' %{TZ_SYS_DB}/.privacy.db*
%postun -p /sbin/ldconfig