projects / platform / framework / web / download-provider.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 8bfa7e9)
change the download-provider permission from root to web_fw 49/74149/1 accepted/tizen/mobile/20160613.074329 accepted/tizen/tv/20160613.074458 accepted/tizen/wearable/20160613.074543 submit/tizen_common/20160613.042738 submit/tizen_mobile/20160613.042704 submit/tizen_tv/20160613.042715 submit/tizen_wearable/20160613.042726
authorjaekuk, lee <juku1999@samsung.com>
Mon, 13 Jun 2016 04:18:14 +0000 (13:18 +0900)
committerjaekuk, lee <juku1999@samsung.com>
Mon, 13 Jun 2016 04:18:14 +0000 (13:18 +0900)
Change-Id: I8f54848443c6a4e0b59ea9c56b2c565b847fd203
Signed-off-by: jaekuk, lee <juku1999@samsung.com>
packaging/download-provider.spec patch | blob | history
provider/download-provider-plugin-download-agent.c patch | blob | history
systemd/download-provider.service [changed mode: 0644->0755] patch | blob | history

diff --git a/packaging/download-provider.spec b/packaging/download-provider.spec
index ccf9113..01d4c67 100755 (executable)
--- a/packaging/download-provider.spec
+++ b/packaging/download-provider.spec
@@ -1,7 +1,7 @@
 %define _ux_define tizen2.3
 Name:       download-provider
 Summary:    Download the contents in background
-Version:    2.1.55
+Version:    2.1.56
 Release:    0
 Group:      Development/Libraries
 License:    Apache-2.0
@@ -9,6 +9,7 @@ Source0:    %{name}-%{version}.tar.gz
 Requires(post): libdevice-node
 Requires(post): sqlite
 Requires(post): connman
+Requires: security-config
 BuildRequires:  cmake
 BuildRequires:  pkgconfig(dlog)
 BuildRequires:  pkgconfig(gobject-2.0)
@@ -195,12 +196,16 @@ ln -s ../download-provider.socket %{buildroot}/lib/systemd/system/sockets.target
 #make notify dir in post section for smack
 mkdir %{TZ_SYS_DATA}/download-provider
 mkdir -p %{_notifydir}
+chown -R web_fw:web_fw %{_notifydir}
 chsmack -a 'System::Shared' %{_notifydir}
-chsmack -t %{_notifydir}                                        
+chsmack -t %{_notifydir}
 mkdir -p --mode=0700 %{_databasedir}
+chown -R web_fw:web_fw %{_databasedir}
 #chsmack -a 'download-provider' %{_databasedir}
 mkdir -p --mode=0700 %{_database_client_dir}
 #chsmack -a 'download-provider' %{_database_client_dir}
+chown -R web_fw:web_fw %{_database_client_dir}
+chown -R web_fw:web_fw %{_data_install_path}
 
 %files
 %defattr(-,root,root,-)
diff --git a/provider/download-provider-plugin-download-agent.c b/provider/download-provider-plugin-download-agent.c
index abba454..f65f86b 100755 (executable)
--- a/provider/download-provider-plugin-download-agent.c
+++ b/provider/download-provider-plugin-download-agent.c
@@ -216,9 +216,7 @@ static int __set_file_permission_to_client(dp_client_slots_fmt *slot, dp_request
                                if (lstat_info.st_mode == fstat_info.st_mode &&
                                        lstat_info.st_ino == fstat_info.st_ino &&
                                        lstat_info.st_dev == fstat_info.st_dev) {
-                                       if ((fchown(fd, cred.uid, cred.gid) != 0) ||
-                                               (fchmod(fd, S_IRUSR | S_IWUSR |
-                                                       S_IRGRP | S_IROTH) != 0)) {
+                                       if (fchown(fd, cred.uid, cred.gid) != 0) {
                                                TRACE_ERROR("[ERROR][%d] permission user:%d group:%d",
                                                        request->id, cred.uid, cred.gid);
                                                errorcode = DP_ERROR_PERMISSION_DENIED;
@@ -240,26 +238,6 @@ static int __set_file_permission_to_client(dp_client_slots_fmt *slot, dp_request
                TRACE_ERROR("lstat call failed");
                errorcode = DP_ERROR_PERMISSION_DENIED;
        }
-       if (errorcode == DP_ERROR_NONE && dp_smack_is_mounted() == 1) {
-               // get smack_label from sql
-               char *smack_label = dp_db_get_client_smack_label(slot->pkgname);
-               if (smack_label == NULL) {
-                       TRACE_SECURE_ERROR("[SMACK][%d] no label", request->id);
-                       errorcode = DP_ERROR_PERMISSION_DENIED;
-               } else {
-                       size_t len = str - (saved_path);
-                       char *dir_path = (char *)calloc(len + 1, sizeof(char));
-                       if (dir_path != NULL) {
-                               strncpy(dir_path, saved_path, len);
-                               errorcode = dp_smack_set_label(smack_label, dir_path, saved_path);
-                               free(dir_path);
-                       } else {
-                               TRACE_ERROR("[ERROR] calloc");
-                               errorcode = DP_ERROR_OUT_OF_MEMORY;
-                       }
-                       free(smack_label);
-               }
-       }
        return errorcode;
 }
 
diff --git a/systemd/download-provider.service b/systemd/download-provider.service
old mode 100644 (file)
new mode 100755 (executable)
index 4286283..732d017
--- a/systemd/download-provider.service
+++ b/systemd/download-provider.service
@@ -3,6 +3,9 @@ Description=Download provider service
 After=check-mount.service
 
 [Service]
+User=web_fw
+Group=web_fw
+SupplementaryGroups=priv_mediastorage
 Type=simple
 ExecStart=/usr/bin/download-provider
 MemoryLimit=100M
Domain: Network & Connectivity / Data Network; Licenses: Apache-2.0;