ADD_SUBDIRECTORY(include)
ADD_SUBDIRECTORY(tests)
ADD_SUBDIRECTORY(systemd)
+ADD_SUBDIRECTORY(scripts)
<request>
<domain name="_" />
</request>
+ <assign>
+ <filesystem path="@RW_SHARE_DIR@/wae" label="@SMACK_DOMAIN@" />
+ <filesystem path="@RW_SHARE_DIR@/wae/app_dek" label="@SMACK_DOMAIN@" />
+ <filesystem path="@RW_SHARE_DIR@/wae/app_dek/*" label="@SMACK_DOMAIN@" />
+ </assign>
</manifest>
%description test
Web application encryption and decryption service (test)
-%define bin_dir %TZ_SYS_BIN
-%define rw_share_dir %TZ_SYS_SHARE
+%define user_name security_fw
+%define group_name security_fw
+%define smack_domain System
+%define bin_dir %TZ_SYS_BIN
+%define rw_share_dir %TZ_SYS_SHARE
+%define upgrade_dir %TZ_SYS_RO_SHARE/upgrade
+%define upgrade_script_dir %{upgrade_dir}/scripts
+%define upgrade_data_dir %{upgrade_dir}/data
%prep
%setup -q
-DSYSTEMD_UNIT_DIR=%{_unitdir} \
-DCMAKE_BUILD_TYPE=%{build_type} \
-DRW_SHARE_DIR=%rw_share_dir \
+ -DUPGRADE_DATA_DIR=%upgrade_data_dir \
+ -DUPGRADE_SCRIPT_DIR=%upgrade_script_dir \
+ -DUSER_NAME=%user_name \
+ -DGROUP_NAME=%group_name \
+ -DSMACK_DOMAIN=%smack_domain \
-DBINDIR=%bin_dir
make %{?jobs:-j%jobs}
%{_unitdir}/webappenc-initializer.service
%{_unitdir}/multi-user.target.wants/webappenc-initializer.service
%{bin_dir}/wae_initializer
-%{rw_share_dir}/wae/app_dek/WAE_APPDEK_KEK_PrivateKey.pem
-%{rw_share_dir}/wae/app_dek/WAE_APPDEK_KEK_PublicKey.pem
+%dir %attr(770, %user_name, %group_name) %{rw_share_dir}/wae
+%dir %attr(770, %user_name, %group_name) %{rw_share_dir}/wae/app_dek
+%attr(660, %user_name, %group_name) %{rw_share_dir}/wae/app_dek/*
+
+%attr(775,root,root) %{upgrade_script_dir}/wae-upgrade.sh
+%{upgrade_data_dir}/wae/app_dek/*
%files devel
%{_includedir}/*
-################################################################################
-# for resource install
-################################################################################
-
+# Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# @file CMakeLists.txt
+# @author Dongsun Lee (ds73.lee@samsung.com)
+# @brief Resource install cmake
+#
INSTALL(FILES
- ${PROJECT_SOURCE_DIR}/resources/WAE_APPDEK_KEK_PublicKey.pem
- ${PROJECT_SOURCE_DIR}/resources/WAE_APPDEK_KEK_PrivateKey.pem
- DESTINATION ${RW_SHARE_DIR}/wae/app_dek/
+ WAE_APPDEK_KEK_PublicKey.pem
+ WAE_APPDEK_KEK_PrivateKey.pem
+ DESTINATION ${RW_SHARE_DIR}/wae/app_dek
PERMISSIONS OWNER_READ
OWNER_WRITE
)
+INSTALL(FILES
+ WAE_APPDEK_KEK_PublicKey.pem
+ WAE_APPDEK_KEK_PrivateKey.pem
+ DESTINATION ${UPGRADE_DATA_DIR}/wae/app_dek
+ PERMISSIONS OWNER_READ
+ OWNER_WRITE
+)
--- /dev/null
+# Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+CONFIGURE_FILE(wae-upgrade.sh.in wae-upgrade.sh @ONLY)
+INSTALL(FILES wae-upgrade.sh DESTINATION ${UPGRADE_SCRIPT_DIR})
--- /dev/null
+#!/bin/bash
+PATH=/bin:/usr/bin:/sbin:/usr/sbin
+
+# Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# @file wae-upgrade.sh.in
+# @author Kyungwook Tak (k.tak@samsung.com)
+# @brief Platform upgrade support
+
+WAE_DIR=@RW_SHARE_DIR@/wae
+
+mv @UPGRADE_DATA_DIR@/wae $WAE_DIR
+
+chsmack -a "@SMACK_DOMAIN@" $WAE_DIR -r
+chown -R @USER_NAME@:@GROUP_NAME@ $WAE_DIR
+chmod 770 $WAE_DIR
+chmod 770 $WAE_DIR/app_dek
+chmod 660 $WAE_DIR/app_dek/*
-CONFIGURE_FILE(${CMAKE_SOURCE_DIR}/systemd/webappenc-initializer.service.in
- ${CMAKE_SOURCE_DIR}/systemd/webappenc-initializer.service @ONLY)
-
-INSTALL(FILES
- ${CMAKE_SOURCE_DIR}/systemd/webappenc-initializer.service
- DESTINATION
- ${SYSTEMD_UNIT_DIR}
-)
+# Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+CONFIGURE_FILE(webappenc-initializer.service.in webappenc-initializer.service @ONLY)
+INSTALL(FILES webappenc-initializer.service DESTINATION ${SYSTEMD_UNIT_DIR})
After=central-key-manager.service
[Service]
-User=security_fw
-Group=security_fw
+User=@USER_NAME@
+Group=@GROUP_NAME@
Type=oneshot
-ExecStart=/usr/bin/wae_initializer
-SmackProcessLabel=System
+ExecStart=@BINDIR@/wae_initializer
+SmackProcessLabel=@SMACK_DOMAIN@
[Install]
WantedBy=multi-user.target
projects / platform / core / security / libwebappenc.git / commitdiff