BuildRequires: pkgconfig(iniparser)
BuildRequires: pkgconfig(notification)
BuildRequires: pkgconfig(libtzplatform-config)
+BuildRequires: pkgconfig(security-manager)
BuildRequires: pkgconfig(db-util)
BuildRequires: pkgmgr-info-parser-devel
BuildRequires: pkgmgr-info-parser
%attr(755,root,root) %{_bindir}/pkg_initdb_user
%{_bindir}/pkg_getsize
%{_bindir}/pkg_clearcache
+%{_bindir}/pkg_privilege
%{_bindir}/pkginfo
%{_bindir}/pkgmgr-install
%attr(-,tizenglobalapp,root) %dir %{TZ_SYS_RW_PACKAGES}
ENDFOREACH(flag)
-pkg_check_modules(pkgs_test REQUIRED ecore dbus-1 ail libxml-2.0 bundle pkgmgr-parser vconf pkgmgr-info libtzplatform-config)
+pkg_check_modules(pkgs_test REQUIRED ecore dbus-1 ail libxml-2.0 bundle pkgmgr-parser vconf pkgmgr-info libtzplatform-config security-manager)
FOREACH(flag ${pkgs_test_CFLAGS})
SET(EXTRA_CFLAGS "${EXTRA_CFLAGS} ${flag}")
ENDFOREACH(flag)
target_link_libraries(pkginfo pkgmgr-client pkgmgr_installer ${pkgs_test_LDFLAGS})
INSTALL(TARGETS pkginfo DESTINATION bin)
+add_executable(pkg_privilege
+ pkg_privilege.c)
+target_link_libraries(pkg_privilege ${pkgs_test_LDFLAGS})
+INSTALL(TARGETS pkg_privilege DESTINATION bin)
+
add_executable(pkg_getsize
pkg_getsize.c)
target_link_libraries(pkg_getsize pkgmgr-client pkgmgr_installer ${pkgs_test_LDFLAGS})
-int initdb_load_directory(const char *directory)
+static int __initdb_load_directory(const char *directory, const char *cmd)
{
DIR *dir;
struct dirent entry, *result;
// pkgmgr_parser_parse_manifest_for_installation(buf, NULL);
char buf2[BUFSZE];
- snprintf(buf2, sizeof(buf2), "/usr/bin/pkginfo --imd %s", buf);
+ snprintf(buf2, sizeof(buf2), "%s %s", cmd, buf);
system(buf2);
free(manifest);
return 0;
}
+static int initdb_install_manifest(void)
+{
+ return __initdb_load_directory(SYS_MANIFEST_DIRECTORY, "/usr/bin/pkginfo --imd");
+}
+static int initdb_install_privilege(void)
+{
+ return __initdb_load_directory(SYS_MANIFEST_DIRECTORY, "/usr/bin/pkg_privilege");
+}
static int initdb_change_perm(const char *db_file)
{
_D("Some Packages in the Package Info DB.");
return 0;
}
- ret = initdb_load_directory(SYS_MANIFEST_DIRECTORY);
+ ret = initdb_install_manifest();
if (ret == -1) {
- _E("cannot load opt manifest directory.");
+ _E("cannot install manifest.");
}
ret = initdb_change_perm(PACKAGE_INFO_DB_FILE);
return -1;
}
- setuid(OWNER_ROOT);
-
+ setresuid(OWNER_ROOT, OWNER_ROOT, OWNER_ROOT);
+
SET_DEFAULT_LABEL(PACKAGE_INFO_DB_FILE);
SET_DEFAULT_LABEL(PACKAGE_INFO_DB_FILE_JOURNAL);
SET_DEFAULT_LABEL(PKG_CERT_DB_FILE);
SET_DEFAULT_LABEL(PKG_CERT_DB_FILE_JOURNAL);
+ ret = initdb_install_privilege();
+ if (ret == -1) {
+ _E("cannot install priveilge.");
+ return -1;
+ }
+
return 0;
}
--- /dev/null
+#include <stdio.h>
+#include <unistd.h>
+#include <sys/types.h>
+
+#include <tzplatform_config.h>
+#include <security-manager.h>
+#include <pkgmgr_parser.h>
+
+#define BUFSIZE 4096
+#define OWNER_ROOT 0
+#define GLOBAL_USER tzplatform_getuid(TZ_SYS_GLOBALAPP_USER)
+
+static const char *__get_path(char *pkgid, char *appid, uid_t uid)
+{
+ char buf[BUFSIZE];
+ char *path;
+
+ /* TODO: unify application directory layout */
+ if (uid == OWNER_ROOT || uid == GLOBAL_USER)
+ snprintf(buf, BUFSIZE - 1, "%s", pkgid);
+ else
+ snprintf(buf, BUFSIZE - 1, "%s/%s", pkgid, appid);
+
+ tzplatform_set_user(uid);
+ path = tzplatform_mkpath((uid == OWNER_ROOT || uid == GLOBAL_USER) ?
+ TZ_SYS_RO_APP : TZ_USER_APP, buf);
+ tzplatform_reset_user();
+
+ return path;
+}
+
+static int __insert_privilege(char *manifest, uid_t uid)
+{
+ int ret;
+ manifest_x *mfx;
+ struct uiapplication_x *uiapp;
+ struct serviceapplication_x *svcapp;
+ char *path;
+
+ privilege_x *priv;
+ app_inst_req *req;
+
+ mfx = pkgmgr_parser_process_manifest_xml(manifest);
+ if (mfx == NULL) {
+ printf("Parse manifest failed\n");
+ return -1;
+ }
+ if (security_manager_app_inst_req_new(&req)) {
+ printf("security_manager_app_inst_req_new failed\n");
+ pkgmgr_parser_free_manifest_xml(mfx);
+ return -1;
+ }
+
+ security_manager_app_inst_req_set_pkg_id(req, mfx->package);
+
+ uiapp = mfx->uiapplication;
+ while (uiapp) {
+ security_manager_app_inst_req_set_app_id(req, uiapp->appid);
+ path = __get_path(mfx->package, uiapp->appid, uid);
+ security_manager_app_inst_req_add_path(req, path,
+ SECURITY_MANAGER_PATH_PUBLIC_RO);
+ uiapp = uiapp->next;
+ }
+
+ svcapp = mfx->serviceapplication;
+ while (svcapp) {
+ security_manager_app_inst_req_set_app_id(req, svcapp->appid);
+ path = __get_path(mfx->package, svcapp->appid, uid);
+ security_manager_app_inst_req_add_path(req, path,
+ SECURITY_MANAGER_PATH_PUBLIC_RO);
+ svcapp = svcapp->next;
+ }
+
+ if (mfx->privileges != NULL) {
+ for (priv = mfx->privileges->privilege; priv; priv = priv->next)
+ security_manager_app_inst_req_add_privilege(req,
+ priv->text);
+ }
+
+ ret = security_manager_app_install(req);
+ if (ret != SECURITY_MANAGER_SUCCESS)
+ printf("security_manager_app_install failed: %d\n", ret);
+
+ security_manager_app_inst_req_free(req);
+ pkgmgr_parser_free_manifest_xml(mfx);
+
+ return 0;
+}
+
+int main(int argc, char **argv)
+{
+ if (argc < 2) {
+ printf("missing operand\n");
+ return -1;
+ }
+
+ return __insert_privilege(argv[1], getuid());
+}