#include <widget_install/widget_install_context.h>
#include <widget_install/widget_install_errors.h>
#include <widget_install/job_widget_install.h>
+#include <dpl/wrt-dao-ro/common_dao_types.h>
#include <dpl/foreach.h>
#include <dpl/wrt-dao-ro/common_dao_types.h>
#include <dpl/utils/bash_utils.h>
#ifdef WRT_SMACK_ENABLED
#include <privilege-control.h>
+#include <sys/smack.h>
#endif
#include <sstream>
namespace {
const int MAX_BUF_SIZE = 128;
-const char* SMACK_RULE_STR = "/usr/bin/smackload-app.sh";
}
namespace Jobs {
{
AddStep(&TaskSmack::SmackFolderLabelingStep);
AddStep(&TaskSmack::SmackPrivilegeStep);
- AddStep(&TaskSmack::SmackTemporaryStep);
AddStep(&TaskSmack::SetEndofInstallation);
+
+ AddAbortStep(&TaskSmack::StepAbortSmack);
}
void TaskSmack::SmackFolderLabelingStep()
{
- LogInfo(
- "----------------> SMACK: \
+ LogInfo("----------------> SMACK:\
Jobs::WidgetInstall::TaskSmack::SmackFolderLabelingStep()");
-
#ifdef WRT_SMACK_ENABLED
+ std::string pkg = DPL::ToUTF8String(m_context.widgetConfig.tzPkgid);
+ char* pkgId = NULL;
+ pkgId = (char*)calloc(1, pkg.length() + 1);
+ snprintf(pkgId, pkg.length() + 1, "%s", pkg.c_str());
+
+ if (m_context.widgetConfig.packagingType !=
+ WrtDB::PkgType::PKG_TYPE_HYBRID_WEB_APP)
+ {
+ if (PC_OPERATION_SUCCESS != app_install(pkgId)) {
+ free(pkgId);
+ ThrowMsg(Exceptions::NotAllowed, "Instalation failure. "
+ "failure in creating smack rules file.");
+ }
+ }
+
/* /opt/usr/apps/[pkgid] directory's label is "_" */
- std::string tzPkgid = DPL::ToUTF8String(m_context.widgetConfig.tzPkgid);
if (PC_OPERATION_SUCCESS != app_label_dir("_",
- m_context.locations->
- getPackageInstallationDir().
- c_str()))
- {
- LogError("Set smack failure. Failed to add label for app root directory");
+ m_context.locations->getPackageInstallationDir().c_str())) {
+ free(pkgId);
ThrowMsg(Exceptions::NotAllowed, "Instalation failure. "
- "Add Label failure");
+ "Add Label failure");
}
/* res directory */
std::string resDir = m_context.locations->getPackageInstallationDir() +
"/res";
- if (PC_OPERATION_SUCCESS != app_label_dir(tzPkgid.c_str(),
- resDir.c_str()))
+ if (PC_OPERATION_SUCCESS != app_label_dir(pkgId,
+ resDir.c_str())) {
+ free(pkgId);
+ ThrowMsg(Exceptions::NotAllowed, "Instalation failure. "
+ "Add Label failure");
+ }
+
+ /* for prealod */
+ if (m_context.job->getInstallerStruct().m_installMode
+ == InstallMode::INSTALL_MODE_PRELOAD)
{
- LogError("Set smack failure. Failed to add label for resource directory");
+ if (PC_OPERATION_SUCCESS != app_label_dir("_",
+ m_context.locations->getUserDataRootDir().c_str())) {
+ free(pkgId);
+ ThrowMsg(Exceptions::NotAllowed, "Instalation failure. "
+ "Add Label failure");
+ }
+ }
+
+ /* data directory */
+ if (PC_OPERATION_SUCCESS != app_label_dir(pkgId,
+ m_context.locations->getPrivateStorageDir().c_str())) {
+ free(pkgId);
ThrowMsg(Exceptions::NotAllowed, "Instalation failure. "
- "Add Label failure");
+ "Add Label failure");
}
/* bin directory */
- if (PC_OPERATION_SUCCESS != app_label_dir(tzPkgid.c_str(),
- m_context.locations->getBinaryDir()
- .c_str()))
- {
- LogError("Set smack failure. Failed to add label for binary directory");
+ if (PC_OPERATION_SUCCESS != app_label_dir(pkgId,
+ m_context.locations->getBinaryDir().c_str())) {
+ free(pkgId);
ThrowMsg(Exceptions::NotAllowed, "Instalation failure. "
- "Add Label failure");
+ "Add Label failure");
}
- /* data directory */
- if (PC_OPERATION_SUCCESS != app_label_dir(tzPkgid.c_str(),
- m_context.locations->
- getPrivateStorageDir().c_str()))
- {
- LogError("Set smack failure. Failed to add label for private storage directory");
+ free(pkgId);
+
+ /* TODO : set label at wrt-client
+
+ std::string app = DPL::ToUTF8String(m_context.widgetConfig.tzAppid);
+ char* appId = NULL;
+ appId = (char*)calloc(1, app.length() + 1);
+ snprintf(appId, app.length() + 1, "%s", app.c_str());
+
+ if (0 != smack_lsetlabel(m_context.locations->getExecFile().c_str(),
+ appId, SMACK_LABEL_ACCESS)) {
+ free(pkgId);
+ free(appId);
+ ThrowMsg(Exceptions::NotAllowed, "Instalation failure. "
+ "Add ACESS Label for binary failure");
+ }
+
+ if (0 != smack_lsetlabel(m_context.locations->getExecFile().c_str(),
+ appId, SMACK_LABEL_EXEC)) {
+ free(pkgId);
+ free(appId);
ThrowMsg(Exceptions::NotAllowed, "Instalation failure. "
- "Add Label failure");
+ "Add EXEC Label for binary failure");
}
+ if (PC_OPERATION_SUCCESS != app_add_friend(pkgId, appId)) {
+ free(pkgId);
+ free(appId);
+ ThrowMsg(Exceptions::NotAllowed, "Instalation failure. "
+ "Add friend failure");
+ }
+
+ if (PC_OPERATION_SUCCESS != app_label_shared_dir(appId, pkgId,
+ m_context.locations->getBinaryDir().c_str())) {
+ free(pkgId);
+ free(appId);
+ ThrowMsg(Exceptions::NotAllowed, "Instalation failure. "
+ "Add Label failure");
+ }
+ */
#endif
}
void TaskSmack::SmackPrivilegeStep()
{
- LogInfo(
- "----------------> SMACK: \
+ LogInfo("----------------> SMACK:\
Jobs::WidgetInstall::TaskSmack::SmackPrivilegeStep()");
#ifdef WRT_SMACK_ENABLED
- WrtDB::TizenPkgId tzPkgid = m_context.widgetConfig.tzPkgid;
-#if 0
- char** perm_list = new char*[m_context.staticPermittedDevCaps.size()];
-
+ /* TODO :
+ std::string id = DPL::ToUTF8String(m_context.widgetConfig.tzAppid);
+ */
+ std::string id = DPL::ToUTF8String(m_context.widgetConfig.tzPkgid);
+ char* appId = NULL;
+ appId = (char*)calloc(1, id.length() + 1);
+ snprintf(appId, id.length() + 1, "%s", id.c_str());
+
+ WrtDB::ConfigParserData::PrivilegeList privileges =
+ m_context.widgetConfig.configInfo.privilegeList;
+
+ const char** perm_list = new const char*[privileges.size() + 1];
int index = 0;
- FOREACH(it, m_context.staticPermittedDevCaps) {
- if (it->second) {
- LogInfo("Permission : " << it->first);
- perm_list[index++] =
- const_cast<char*>(DPL::ToUTF8String(it->first).c_str());
- }
+ FOREACH(it, privileges) {
+ LogInfo("Permission : " << it->name);
+ int length = DPL::ToUTF8String(it->name).length();
+ char *priv = (char*) calloc(1, (sizeof(char) * length) + 1);
+ snprintf(priv, length + 1, "%s",
+ DPL::ToUTF8String(it->name).c_str());
+ perm_list[index++] = priv;
}
perm_list[index] = NULL;
- int result = app_add_permissions(
- DPL::ToUTF8String(tzPkgid).c_str(),
- const_cast<const char**>(perm_list));
-
-#else
- const char* perm_list[0];
- perm_list[0] = NULL;
-#endif
- if (m_context.job->getInstallerStruct().m_installMode
- != InstallMode::INSTALL_MODE_PRELOAD)
- {
- int result = app_add_permissions(
- DPL::ToUTF8String(tzPkgid).c_str(), perm_list);
- if (PC_OPERATION_SUCCESS != result) {
- LogError("Failed to add permission to privilege");
- ThrowMsg(Exceptions::NotAllowed, "Instalation failure. "
- "SMACK check failure");
- }
+ if (PC_OPERATION_SUCCESS != app_enable_permissions(appId, APP_TYPE_WGT,
+ perm_list, "true")) {
+ LogError("failure in contructing smack rules based on perm_list");
}
m_context.job->UpdateProgress(
#endif
}
-void TaskSmack::SmackTemporaryStep()
+void TaskSmack::StepAbortSmack()
{
+ LogInfo("----------------> SMACK:\
+ Jobs::WidgetInstall::TaskSmack::StepAbortSmack()");
#ifdef WRT_SMACK_ENABLED
- //This step is temporary for smack
-
- LogInfo("----------------> SMACK: \
- Jobs::WidgetInstall::TaskSmack::SmackTemporaryStep()");
- std::ostringstream commStr;
- std::string tzPkgid = DPL::ToUTF8String(m_context.widgetConfig.tzPkgid);
- commStr << SMACK_RULE_STR << " " << BashUtils::escape_arg(tzPkgid);
- LogDebug("set smack rule command : " << commStr.str());
-
- char readBuf[MAX_BUF_SIZE];
- memset(readBuf, 0x00, MAX_BUF_SIZE);
-
- FILE *fd;
- fd = popen(commStr.str().c_str(), "r");
- if (NULL == fd) {
- LogError("Set smack rule failure. Failed to call script.");
- ThrowMsg(Exceptions::NotAllowed, "Instalation failure. "
- "SMACK check failure");
+ /* TODO :
+ std::string id = DPL::ToUTF8String(m_context.widgetConfig.tzAppid);
+ std::string id = DPL::ToUTF8String(m_context.widgetConfig.tzPkgid);
+ char* appId = NULL;
+ appId = (char*)calloc(1, id.length() + 1);
+ snprintf(appId, id.length() + 1, "%s", id.c_str());
+ */
+
+ std::string pkg = DPL::ToUTF8String(m_context.widgetConfig.tzPkgid);
+ char* pkgId = NULL;
+ pkgId = (char*)calloc(1, pkg.length() + 1);
+ snprintf(pkgId, pkg.length() + 1, "%s", pkg.c_str());
+
+ if (PC_OPERATION_SUCCESS != app_revoke_permissions(pkgId)) {
+ LogError("failure in revoking smack permissions");
+ }
+
+ if (PC_OPERATION_SUCCESS != app_uninstall(pkgId)) {
+ LogError("failure in removing smack rules file");
}
- pclose(fd);
+ free(pkgId);
#endif
}
projects / platform / framework / web / wrt-installer.git / commitdiff