projects / platform / upstream / filesystem.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 7f5248c)
Set the Smack labels on /etc and /var/log so they are shared properly. 48/14948/1 accepted/tizen/generic accepted/tizen/ivi accepted/tizen/mobile accepted/tizen_generic accepted/tizen/generic/20140116.093209 accepted/tizen/generic/20140312.100544 accepted/tizen/ivi/20140117.175619 accepted/tizen/ivi/panda/20140312.104550 accepted/tizen/ivi/release/20140312.122830 accepted/tizen/mobile/20140116.012153 submit/tizen/20140115.200225 submit/tizen/20140312.070752 submit/tizen_ivi_release/20140312.071225
authorCasey Schaufler <casey@schaufler-ca.com>
Mon, 13 Jan 2014 20:44:06 +0000 (12:44 -0800)
committerCasey Schaufler <casey@schaufler-ca.com>
Mon, 13 Jan 2014 20:44:06 +0000 (12:44 -0800)
The /etc directory contains files (e.g. resolv.conf) that are
updated by System processes but that are read by User processes.
Setting /etc to transmutable System::Shared allows this.

The /var/log directory is used for log files from System and
User services. It gets labeled transmutable System::Log. Note
that the access by System and User are not transmutable. It is
possible that he transmuting will be required by some other
domain in the future.

Change-Id: Iefb0ccce462764415258166e167e1de1d3c6460a
Signed-off-by: Casey Schaufler <casey.schaufler@intel.com>
packaging/filesystem.manifest patch | blob | history

diff --git a/packaging/filesystem.manifest b/packaging/filesystem.manifest
index 017d22d..ec4253b 100644 (file)
--- a/packaging/filesystem.manifest
+++ b/packaging/filesystem.manifest
@@ -2,4 +2,8 @@
  <request>
     <domain name="_"/>
  </request>
+ <assign>
+    <filesystem path=”/etc” label=”System::Shared” type=”transmutable”/>
+    <filesystem path=”/var/log” label=”System::Log” type=”transmutable”/>
+ </assign>
 </manifest>
Domain: System / System Framework;