block: Change external storage permission to 777

- Directory permission is 777, uid is root groupid is priv_externalstorage
- security-manager will handle access control for external storage
- When externalstorage privilege is configured as privacy,
security framework will enforce this privilege with different mechanism - per-application mount namespace.
In such case mount options must be different to allow all users and groups access to mount point.
If an application is not supposed to have access to externalstorage,
security-manager will mount a special directory over sdcard mount point.
In such case access control is no longer based on GID,
so mount options must allow application access regardless of its groups.

Change-Id: I1582d3afd70354cc81d7142fee4c9edf4c94ef30
Signed-off-by: pr.jung <pr.jung@samsung.com>

diff --git a/src/block/block.c b/src/block/block.c
index c30008d24d5a0792787c4bedf6edf99385a3e64a..10c3f566ed5a3292b8dd2041b6f50522e8305e89 100644 (file)
--- a/src/block/block.c
+++ b/src/block/block.c
@@ -899,15 +899,19 @@ void mmc_make_default_path(const char *mount_path)
                snprintf(mmc_path, sizeof(mmc_path), "%s/%s", mount_path, mmc_default_path[i]);
                if (!g_file_test(mmc_path, G_FILE_TEST_IS_DIR)) {
                        _D("%s path did not exist", mmc_path);
-                       ret = mkdir(mmc_path, 0770);
+                       ret = mkdir(mmc_path, 0777);
                        if (ret != 0)
                                _E("mkdir failed: %d", errno);
 
                        /*this fuction for emulator*/
                        /*at the first time, the directroies are made permission 755*/
-                       ret = chmod(mmc_path, 0770);
+                       ret = chmod(mmc_path, 0777);
                        if (ret != 0)
                                _E("chmod failed: %d", errno);
+
+                       ret = chown(mmc_path, 0, 10001);
+                       if (ret != 0)
+                               _E("chown failed: %d", errno);
                }
        }
 }

diff --git a/src/block/mmc-smack-label b/src/block/mmc-smack-label
index c20675854e55d12af53b12027de33bd2009b7d1b..70337cc50e02be41a3627333df11f31dfaf89d5e 100755 (executable)
--- a/src/block/mmc-smack-label
+++ b/src/block/mmc-smack-label
@@ -6,7 +6,7 @@ source /etc/tizen-platform.conf
 MOUNT_DIRECTORY=$1
 find $MOUNT_DIRECTORY -type d | xargs chsmack -a '*' -t
 find $MOUNT_DIRECTORY -type f | xargs chsmack -a '*'
-find $MOUNT_DIRECTORY -type d | xargs chmod 770
+find $MOUNT_DIRECTORY -type d | xargs chmod 777
 find $MOUNT_DIRECTORY -type f | xargs chmod 660
 find $MOUNT_DIRECTORY -type d | xargs chown root:priv_externalstorage
 find $MOUNT_DIRECTORY -type f | xargs chown root:priv_externalstorage

diff --git a/src/block/vfat.c b/src/block/vfat.c
index 19ddf39ed93fb8d5c126d553344c9ffc1f58f3ca..6fed5225e9b8063e764a2096d7a9a72318fe217c 100644 (file)
--- a/src/block/vfat.c
+++ b/src/block/vfat.c
@@ -32,7 +32,7 @@
 #define FS_VFAT_NAME   "mkdosfs"
 
 /* guid 10001 - group priv_externalstorage */
-#define FS_VFAT_MOUNT_OPT  "uid=0,gid=10001,dmask=0007,fmask=0117,iocharset=iso8859-1,utf8,shortname=mixed"
+#define FS_VFAT_MOUNT_OPT  "uid=0,gid=10001,dmask=0000,fmask=0117,iocharset=iso8859-1,utf8,shortname=mixed"
 
 static const char *vfat_arg[] = {
        "/usr/bin/newfs_msdos",