Relabel database files when offline admin API modifies database

Change-Id: I5226adcbc969114773bb40c129ecf11b270418e5

diff --git a/packaging/cynara.spec b/packaging/cynara.spec
index 778e718..e0282cf 100644 (file)
--- a/packaging/cynara.spec
+++ b/packaging/cynara.spec
@@ -30,6 +30,7 @@ BuildRequires: cmake
 BuildRequires: zip
 BuildRequires: pkgconfig(libsystemd-daemon)
 BuildRequires: pkgconfig(libsystemd-journal)
+BuildRequires: pkgconfig(libsmack)
 %{?systemd_requires}
 
 %global user_name %{name}
@@ -199,7 +200,8 @@ export LDFLAGS+="-Wl,--rpath=%{_libdir}"
 %cmake . \
         -DBUILD_TESTS=ON \
         -DCMAKE_BUILD_TYPE=%{?build_type} \
-        -DCMAKE_VERBOSE_MAKEFILE=ON
+        -DCMAKE_VERBOSE_MAKEFILE=ON \
+        -DDB_FILES_SMACK_LABEL="System"
 make %{?jobs:-j%jobs}
 
 %install

diff --git a/src/admin/CMakeLists.txt b/src/admin/CMakeLists.txt
index 42e6b9e..773126b 100644 (file)
--- a/src/admin/CMakeLists.txt
+++ b/src/admin/CMakeLists.txt
@@ -19,6 +19,17 @@
 SET(LIB_CYNARA_ADMIN_VERSION_MAJOR 0)
 SET(LIB_CYNARA_ADMIN_VERSION ${LIB_CYNARA_ADMIN_VERSION_MAJOR}.6.0)
 
+IF (DB_FILES_SMACK_LABEL)
+   SET(SMACK "smack")
+   SET(LIBSMACK "libsmack")
+   ADD_DEFINITIONS("-DDB_FILES_SMACK_LABEL=\"${DB_FILES_SMACK_LABEL}\"")
+ENDIF (DB_FILES_SMACK_LABEL)
+
+PKG_CHECK_MODULES(CYNARA_ADMIN_API_DEP
+    REQUIRED
+    ${LIBSMACK}
+    )
+
 SET(CYNARA_LIB_CYNARA_ADMIN_PATH ${CYNARA_PATH}/admin)
 
 SET(LIB_CYNARA_ADMIN_SOURCES
@@ -47,6 +58,7 @@ TARGET_LINK_LIBRARIES(${TARGET_LIB_CYNARA_ADMIN}
     ${CYNARA_DEP_LIBRARIES}
     ${TARGET_CYNARA_COMMON}
     ${TARGET_LIB_CYNARA_STORAGE}
+    ${SMACK}
     )
 
 INSTALL(TARGETS ${TARGET_LIB_CYNARA_ADMIN} DESTINATION ${LIB_INSTALL_DIR})

diff --git a/src/admin/logic/OfflineLogic.cpp b/src/admin/logic/OfflineLogic.cpp
index 98721bc..fc0b6a7 100644 (file)
--- a/src/admin/logic/OfflineLogic.cpp
+++ b/src/admin/logic/OfflineLogic.cpp
@@ -21,6 +21,11 @@
  * @version     1.0
  * @brief       This file contains implementation of OfflineLogic class
  */
+#ifdef DB_FILES_SMACK_LABEL
+#include <dirent.h>
+#include <linux/xattr.h>
+#include <sys/smack.h>
+#endif
 
 #include <common.h>
 #include <config/PathConfig.h>
@@ -32,6 +37,7 @@
 #include <exceptions/DefaultBucketSetNoneException.h>
 #include <exceptions/InvalidBucketIdException.h>
 #include <exceptions/UnknownPolicyTypeException.h>
+#include <log/log.h>
 #include <plugin/PluginManager.h>
 #include <types/PolicyDescription.h>
 
@@ -193,8 +199,29 @@ int OfflineLogic::erasePolicies(const PolicyBucketId &startBucket, bool recursiv
     return CYNARA_API_SUCCESS;
 }
 
+
+void OfflineLogic::labelDatabaseFiles(void)
+{
+#ifdef DB_FILES_SMACK_LABEL
+   DIR           *dbDirectory;
+   struct dirent *directoryEntry;
+
+   dbDirectory = opendir(PathConfig::StoragePath::dbDir.c_str());
+   if (dbDirectory) {
+       while ((directoryEntry = readdir(dbDirectory)) != NULL) {
+           std::string f = PathConfig::StoragePath::dbDir + directoryEntry->d_name;
+           if (smack_set_label_for_path(f.c_str(), XATTR_NAME_SMACK, 1, DB_FILES_SMACK_LABEL) < 0) {
+               LOGE("Failed to set label for database file: " << f);
+           }
+       }
+       closedir(dbDirectory);
+   }
+#endif
+}
+
 void OfflineLogic::onPoliciesChanged(void) {
     m_storage->save();
+    labelDatabaseFiles();
 }
 
 } /* namespace Cynara */

diff --git a/src/admin/logic/OfflineLogic.h b/src/admin/logic/OfflineLogic.h
index 6dc2a7e..e378930 100644 (file)
--- a/src/admin/logic/OfflineLogic.h
+++ b/src/admin/logic/OfflineLogic.h
@@ -67,6 +67,8 @@ private:
     typedef std::unique_ptr<StorageBackend> StorageBackendUniquePtr;
     typedef std::unique_ptr<PluginManager> PluginManagerUniquePtr;
 
+    void labelDatabaseFiles(void);
+
     StorageUniquePtr m_storage;
     StorageBackendUniquePtr m_storageBackend;
     PluginManagerUniquePtr m_pluginManager;