Fix RecoverStorageDirectories

Because security has been registered again during recovery
security registration should also be performed for the shared data paths

Change-Id: Ic0ed4eca2bd0288fdc533ca4c4092344c918daee
Signed-off-by: Ilho Kim <ilho159.kim@samsung.com>

diff --git a/src/common/installer/app_installer.cc b/src/common/installer/app_installer.cc
index 53d7578..4f3f017 100644 (file)
--- a/src/common/installer/app_installer.cc
+++ b/src/common/installer/app_installer.cc
@@ -512,7 +512,6 @@ void AppInstaller::RecoverySteps() {
   AddStep<ci::pkgmgr::StepRecoverParserPlugin>();
   AddStep<ci::filesystem::StepRecoverManifest>();
   AddStep<ci::filesystem::StepRecoverExternalStorage>();
-  AddStep<ci::filesystem::StepRecoverStorageDirectories>();
   AddStep<ci::filesystem::StepRecoverGlobalAppSymlinks>();
   AddStep<ci::filesystem::StepRecoverFiles>();
   AddStep<ci::pkgmgr::StepRecoverPrivSharedres>();
@@ -521,6 +520,7 @@ void AppInstaller::RecoverySteps() {
   AddStep<ci::pkgmgr::StepRecoverApplication>();
   AddStep<ci::security::StepRecoverTrustAnchor>();
   AddStep<ci::security::StepRecoverSecurity>();
+  AddStep<ci::filesystem::StepRecoverStorageDirectories>();
 }
 
 void AppInstaller::MountInstallSteps() {

diff --git a/src/common/shared_dirs.cc b/src/common/shared_dirs.cc
index 8d64368..49f144a 100644 (file)
--- a/src/common/shared_dirs.cc
+++ b/src/common/shared_dirs.cc
@@ -875,7 +875,28 @@ bool BackupPerUserSharedDataDir(const std::string& pkgid) {
 
 bool RestoreSharedDataDir(const std::string& pkgid, uid_t uid) {
   bf::path apps_rw = ci::GetRootAppPath(false, uid);
-  return RestoreSharedDataDirectories(apps_rw, pkgid);
+  if (!RestoreSharedDataDirectories(apps_rw, pkgid))
+    return false;
+
+  if (!::SetPackageDirectoryOwnerAndPermissions(apps_rw / pkgid, uid))
+    return false;
+
+  std::vector<std::string> shared_dirs(kSharedDataEntries);
+  for (auto entry : shared_dirs) {
+    bf::path shared_dst = apps_rw / entry / pkgid;
+    if (!::SetPackageDirectoryOwnerAndPermissions(shared_dst, uid))
+      return false;
+  }
+
+  std::string error_message;
+  if (!RegisterSecurityContextForPath(pkgid, apps_rw / pkgid, uid, false,
+                                      &error_message)) {
+    LOG(ERROR) << "Failed to register security context for path: " << apps_rw
+               << ", error_message: " << error_message;
+    return false;
+  }
+
+  return true;
 }
 
 bool RestorePerUserSharedDataDir(const std::string& pkgid) {
@@ -884,11 +905,30 @@ bool RestorePerUserSharedDataDir(const std::string& pkgid) {
   if (!RestoreSharedDataDirectories(skel_apps_rw, pkgid))
     return false;
 
+  std::string error_message;
   ci::UserList list = ci::GetUserList();
   for (auto l : list) {
     uid_t uid = std::get<0>(l);
+    bf::path apps_rw = std::get<2>(l) / "apps_rw";
     if (!RestoreSharedDataDir(pkgid, uid))
       return false;
+
+    if (!::SetPackageDirectoryOwnerAndPermissions(apps_rw / pkgid, uid))
+      return false;
+
+    std::vector<std::string> shared_dirs(kSharedDataEntries);
+    for (auto entry : shared_dirs) {
+      bf::path shared_dst = apps_rw / entry / pkgid;
+      if (!::SetPackageDirectoryOwnerAndPermissions(shared_dst, uid))
+        return false;
+    }
+
+    if (!RegisterSecurityContextForPath(pkgid, apps_rw / pkgid, uid,
+            false, &error_message)) {
+      LOG(ERROR) << "Failed to register security context for path: "
+                 << apps_rw / pkgid << ", error_message: " << error_message;
+      return false;
+    }
   }
 
   return true;