Change /run/dlog/filters.d permission

(Before)
drwxr-xr-x  2 log  log          System::Run

(After)
drwxrwxr-x  2 log  log          System::Shared

...
User::Pkg::org.tizen.privacy-setting System::Run rwxat
^ System::Run rwxat
User System::Run rwxat
User::Shell System::Run rxl
System::TEF System::Run rwxat
System::Privileged System::Run rwxat
_ System::Run rwxat
System System::Run rwxat

...
User::Pkg::org.tizen.privacy-setting System::Shared rxl
User System::Shared rxl
User::Shell System::Shared rxl
System::TEF System::Shared rwxat
System::Privileged System::Shared rwxat
System System::Shared rwxat

/run/dlog/filters.d can only be updated by
1) 'root' shell (System::Privileged)
2) sdbd-forked processes ('log' gid + System)

Change-Id: I25875e09da720ca2d7be08216e1d7b60ee999b36
Signed-off-by: Hyotaek Shim <hyotaek.shim@samsung.com>
[ Added Smack's transmute xattr to ensure files under filters.d receive appropriate label. ]
Signed-off-by: Karol Lewandowski <k.lewandowsk@samsung.com>

diff --git a/configs/dlog-run.conf b/configs/dlog-run.conf
index ea0b15e..4e27091 100644 (file)
--- a/configs/dlog-run.conf
+++ b/configs/dlog-run.conf
@@ -1,5 +1,7 @@
 d      /run/dlog       0755    log     log     -       -
-d      /run/dlog/filters.d     0755    log     log     -       -
+d      /run/dlog/filters.d     0775    log     log     -       -
+t      /run/dlog/filters.d     0775    log     log     -       security.SMACK64TRANSMUTE=TRUE
+t      /run/dlog/filters.d     0775    log     log     -       security.SMACK64=System::Shared
 d      /run/dlog/priv  0700    log     log     -       -
 t      /run/dlog/priv  0700    log     log     -       security.SMACK64=System
 d      /run/dlog/priv/fifo     0700    log     log     -       -