block: Change external storage permission to 777

- Directory permission is 777, uid is root groupid is priv_externalstorage
- security-manager will handle access control for external storage
- When externalstorage privilege is configured as privacy,
security framework will enforce this privilege with different mechanism - per-application mount namespace.
In such case mount options must be different to allow all users and groups access to mount point.
If an application is not supposed to have access to externalstorage,
security-manager will mount a special directory over sdcard mount point.
In such case access control is no longer based on GID,
so mount options must allow application access regardless of its groups.

Change-Id: I1582d3afd70354cc81d7142fee4c9edf4c94ef30
Signed-off-by: pr.jung <pr.jung@samsung.com>

diff --git a/src/block/block.c b/src/block/block.c
index c30008d..10c3f56 100644 (file)
--- a/src/block/block.c
+++ b/src/block/block.c
@@ -899,15 +899,19 @@ void mmc_make_default_path(const char *mount_path)
                snprintf(mmc_path, sizeof(mmc_path), "%s/%s", mount_path, mmc_default_path[i]);
                if (!g_file_test(mmc_path, G_FILE_TEST_IS_DIR)) {
                        _D("%s path did not exist", mmc_path);
-                       ret = mkdir(mmc_path, 0770);
+                       ret = mkdir(mmc_path, 0777);
                        if (ret != 0)
                                _E("mkdir failed: %d", errno);
 
                        /*this fuction for emulator*/
                        /*at the first time, the directroies are made permission 755*/
-                       ret = chmod(mmc_path, 0770);
+                       ret = chmod(mmc_path, 0777);
                        if (ret != 0)
                                _E("chmod failed: %d", errno);
+
+                       ret = chown(mmc_path, 0, 10001);
+                       if (ret != 0)
+                               _E("chown failed: %d", errno);
                }
        }
 }

diff --git a/src/block/mmc-smack-label b/src/block/mmc-smack-label
index c206758..70337cc 100755 (executable)
--- a/src/block/mmc-smack-label
+++ b/src/block/mmc-smack-label
@@ -6,7 +6,7 @@ source /etc/tizen-platform.conf
 MOUNT_DIRECTORY=$1
 find $MOUNT_DIRECTORY -type d | xargs chsmack -a '*' -t
 find $MOUNT_DIRECTORY -type f | xargs chsmack -a '*'
-find $MOUNT_DIRECTORY -type d | xargs chmod 770
+find $MOUNT_DIRECTORY -type d | xargs chmod 777
 find $MOUNT_DIRECTORY -type f | xargs chmod 660
 find $MOUNT_DIRECTORY -type d | xargs chown root:priv_externalstorage
 find $MOUNT_DIRECTORY -type f | xargs chown root:priv_externalstorage

diff --git a/src/block/vfat.c b/src/block/vfat.c
index 19ddf39..6fed522 100644 (file)
--- a/src/block/vfat.c
+++ b/src/block/vfat.c
@@ -32,7 +32,7 @@
 #define FS_VFAT_NAME   "mkdosfs"
 
 /* guid 10001 - group priv_externalstorage */
-#define FS_VFAT_MOUNT_OPT  "uid=0,gid=10001,dmask=0007,fmask=0117,iocharset=iso8859-1,utf8,shortname=mixed"
+#define FS_VFAT_MOUNT_OPT  "uid=0,gid=10001,dmask=0000,fmask=0117,iocharset=iso8859-1,utf8,shortname=mixed"
 
 static const char *vfat_arg[] = {
        "/usr/bin/newfs_msdos",