Modification about smack label of db file belong to process.

[Problem]
Most db files have 'floor' label.  Because these are created when binary is built.
No process can write db (since 'floor' label allows only read and execute)

[Solution]
Modify smack label based on below condition and three domain model
Condition1. Assign domain of process creates db files
Condition2. Assign domain of process uses db files.

Change-Id: I44c9d2e8321ccd09345ef3be8c2b8a73bc7d96d4
Signed-off-by: jooseong.lee <jooseong.lee@samsung.com>

diff --git a/packaging/privilege-checker.manifest b/packaging/privilege-checker.manifest
index f50f58c8fa2f102695f78dbb1b9c6d76689a1323..37fba1702b3282abe5f1cf75c331b297a9289c70 100644 (file)
--- a/packaging/privilege-checker.manifest
+++ b/packaging/privilege-checker.manifest
@@ -1,11 +1,8 @@
 <manifest>
-        <define>
-                <domain name="privilege-checker" />
-                <provide>
-                        <label name="privilege-checker::db" />
-                </provide>
-        </define>
         <request>
                 <domain name="_" />
         </request>
+       <assign>
+               <filesystem path="/opt/dbspace/.privilegelist.db*" label="User" />
+       </assign>
 </manifest>