Use system user: app_fw
Following capabilities are required:
- CAP_DAC_OVERRIDE, CAP_CHOWN, CAP_FOWNER
Change-Id: Id593a2e00f5c379f5b7e4facc86df6a118095c88
Signed-off-by: Sangyoon Jang <s89.jang@samsung.com>
%{_datarootdir}/app-installers/plugins_list.txt
%manifest app-installers.manifest
%{_libdir}/libapp-installers.so*
-%attr(0750,root,root) %{_bindir}/pkgdir-tool
+%{_bindir}/pkgdir-tool
%{_prefix}/share/dbus-1/system-services/org.tizen.pkgdir_tool.service
%{_sysconfdir}/dbus-1/system.d/org.tizen.pkgdir_tool.conf
%{_sysconfdir}/dbus-1/system.d/org.tizen.pkgdir_tool.conf
[D-BUS Service]
-User=root
Name=org.tizen.pkgdir_tool
Exec=/bin/false
SystemdService=pkgdir-tool.service
Description=User Directory Creator
[Service]
+User=app_fw
+Group=app_fw
ExecStart=/usr/bin/pkgdir-tool
-CapabilityBoundingSet=~CAP_MAC_ADMIN