Apply security

author youngman <yman.jung@samsung.com>

Fri, 25 Sep 2015 05:11:43 +0000 (14:11 +0900)

committer youngman <yman.jung@samsung.com>

Tue, 3 Nov 2015 11:08:20 +0000 (20:08 +0900)
author youngman <yman.jung@samsung.com>
Fri, 25 Sep 2015 05:11:43 +0000 (14:11 +0900)
committer youngman <yman.jung@samsung.com>
Tue, 3 Nov 2015 11:08:20 +0000 (20:08 +0900)
diff --git a/CMakeLists.txt b/CMakeLists.txt

index 946d8ac..5ec9cd6 100644 (file)
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -16,6 +16,11 @@ SET(OCLOGGER_CORE "oc_logger_core")
  SET(CA "connectivity_abstraction")
  SET(OCTBSTACK "octbstack")
  
+IF(${TZ_VER} EQUAL "3")
+CONFIGURE_FILE(${PROJECT_NAME}.conf.in ${PROJECT_NAME}.conf @ONLY)
+INSTALL(FILES ${PROJECT_NAME}.conf DESTINATION ${SYSCONF_INSTALL_DIR}/dbus-1/system.d/)
+ENDIF(${TZ_VER} EQUAL "3")
+
  ADD_SUBDIRECTORY(common)
  ADD_SUBDIRECTORY(lib)
  ADD_SUBDIRECTORY(daemon)
diff --git a/lib/icl-client-crud.c b/lib/icl-client-crud.c

index 122082e..61c7d8a 100644 (file)
--- a/lib/icl-client-crud.c
+++ b/lib/icl-client-crud.c
@@ -460,9 +460,9 @@ API int iotcon_observer_start(iotcon_client_h resource, int observe_type,
         unsigned int sub_id;
         GVariant *arg_client;
         GError *error = NULL;
-       icl_on_observe_s *cb_container;
-       int ret, signal_number;
         int64_t observe_handle;
+       icl_on_observe_s *cb_container;
+       int ret, signal_number, error_code;
         char signal_name[IC_DBUS_SIGNAL_LENGTH] = {0};
  
         RETV_IF(NULL == icl_dbus_get_object(), IOTCON_ERROR_DBUS);
@@ -478,10 +478,11 @@ API int iotcon_observer_start(iotcon_client_h resource, int observe_type,
                         arg_query, signal_number, &observe_handle, NULL, &error);
         if (error) {
                 ERR("ic_dbus_call_observer_start_sync() Fail(%s)", error->message);
+               error_code = icl_dbus_convert_dbus_error(error->code);
                 g_error_free(error);
                 g_variant_unref(arg_query);
                 g_variant_unref(arg_client);
-               return IOTCON_ERROR_DBUS;
+               return error_code;
         }
  
         if (0 == observe_handle) {
@@ -523,7 +524,7 @@ API int iotcon_observer_start(iotcon_client_h resource, int observe_type,
  
  API int iotcon_observer_stop(iotcon_client_h resource)
  {
-       int ret;
+       int ret, error_code;
         GError *error = NULL;
         GVariant *arg_options;
  
@@ -540,8 +541,9 @@ API int iotcon_observer_stop(iotcon_client_h resource)
                         arg_options, &ret, NULL, &error);
         if (error) {
                 ERR("ic_dbus_call_observer_stop_sync() Fail(%s)", error->message);
+               error_code = icl_dbus_convert_dbus_error(error->code);
                 g_error_free(error);
-               return IOTCON_ERROR_DBUS;
+               return error_code;
         }
         if (IOTCON_ERROR_NONE != ret) {
                 ERR("iotcon-daemon Fail(%d)", ret);
diff --git a/lib/icl-client.c b/lib/icl-client.c

index 8beb60e..72edbb7 100644 (file)
--- a/lib/icl-client.c
+++ b/lib/icl-client.c
@@ -79,10 +79,9 @@ static void _icl_found_resource_cb(GDBusConnection *connection,
  API int iotcon_find_resource(const char *host_address, const char *resource_type,
                 iotcon_found_resource_cb cb, void *user_data)
  {
-       int ret;
-       int signal_number;
         unsigned int sub_id;
         GError *error = NULL;
+       int ret, error_code, signal_number;
         icl_found_resource_s *cb_container;
         char signal_name[IC_DBUS_SIGNAL_LENGTH] = {0};
  
@@ -100,8 +99,9 @@ API int iotcon_find_resource(const char *host_address, const char *resource_type
                         ic_utils_dbus_encode_str(resource_type), signal_number, &ret, NULL, &error);
         if (error) {
                 ERR("ic_dbus_call_find_resource_sync() Fail(%s)", error->message);
+               error_code = icl_dbus_convert_dbus_error(error->code);
                 g_error_free(error);
-               return IOTCON_ERROR_DBUS;
+               return error_code;
         }
  
         if (IOTCON_ERROR_NONE != ret) {
diff --git a/lib/icl-dbus.c b/lib/icl-dbus.c

index c81dff3..ee4dfb8 100644 (file)
--- a/lib/icl-dbus.c
+++ b/lib/icl-dbus.c
@@ -220,6 +220,19 @@ inline int icl_dbus_convert_daemon_error(int error)
  }
  
  
+inline int icl_dbus_convert_dbus_error(int error)
+{
+       int ret;
+
+       if (G_DBUS_ERROR_ACCESS_DENIED == error)
+               ret = IOTCON_ERROR_PERMISSION_DENIED;
+       else
+               ret = IOTCON_ERROR_DBUS;
+
+       return ret;
+}
+
+
  int icl_dbus_start()
  {
         unsigned int id;
diff --git a/lib/icl-dbus.h b/lib/icl-dbus.h

index 36d8c17..9bdb1d1 100644 (file)
--- a/lib/icl-dbus.h
+++ b/lib/icl-dbus.h
@@ -30,6 +30,7 @@ int icl_dbus_remove_connection_changed_cb(iotcon_connection_changed_cb cb,
                 void *user_data);
  
  int icl_dbus_convert_daemon_error(int error);
+int icl_dbus_convert_dbus_error(int error);
  
  int icl_dbus_start();
  int icl_dbus_stop();
diff --git a/lib/icl-device.c b/lib/icl-device.c

index 7ed33ce..751686c 100644 (file)
--- a/lib/icl-device.c
+++ b/lib/icl-device.c
@@ -56,7 +56,7 @@ typedef struct {
  
  API int iotcon_register_device_info(const char *device_name)
  {
-       int ret;
+       int ret, error_code;
         GError *error = NULL;
         GVariant *arg_info;
  
@@ -68,9 +68,10 @@ API int iotcon_register_device_info(const char *device_name)
                         NULL, &error);
         if (error) {
                 ERR("ic_dbus_call_register_device_info_sync() Fail(%s)", error->message);
+               error_code = icl_dbus_convert_dbus_error(error->code);
                 g_error_free(error);
                 g_variant_unref(arg_info);
-               return IOTCON_ERROR_DBUS;
+               return error_code;
         }
  
         if (IOTCON_ERROR_NONE != ret) {
@@ -105,10 +106,9 @@ static void _icl_device_info_cb(GDBusConnection *connection,
  API int iotcon_get_device_info(const char *host_address, iotcon_device_info_cb cb,
                 void *user_data)
  {
-       int ret;
         GError *error = NULL;
         unsigned int sub_id;
-       int signal_number;
+       int ret, signal_number, error_code;
         char signal_name[IC_DBUS_SIGNAL_LENGTH] = {0};
         icl_device_info_s *cb_container;
  
@@ -122,8 +122,9 @@ API int iotcon_get_device_info(const char *host_address, iotcon_device_info_cb c
                         signal_number, &ret, NULL, &error);
         if (error) {
                 ERR("ic_dbus_call_get_device_info_sync() Fail(%s)", error->message);
+               error_code = icl_dbus_convert_dbus_error(error->code);
                 g_error_free(error);
-               return IOTCON_ERROR_DBUS;
+               return error_code;
         }
  
         if (IOTCON_ERROR_NONE != ret) {
@@ -160,7 +161,7 @@ API int iotcon_get_device_info(const char *host_address, iotcon_device_info_cb c
   * The length of manufacturer_url should be less than and equal to 32. */
  API int iotcon_register_platform_info(iotcon_platform_info_s *platform_info)
  {
-       int ret;
+       int ret, error_code;
         GError *error = NULL;
         GVariant *arg_info;
  
@@ -198,9 +199,10 @@ API int iotcon_register_platform_info(iotcon_platform_info_s *platform_info)
                         NULL, &error);
         if (error) {
                 ERR("ic_dbus_call_register_platform_info_sync() Fail(%s)", error->message);
+               error_code = icl_dbus_convert_dbus_error(error->code);
                 g_error_free(error);
                 g_variant_unref(arg_info);
-               return IOTCON_ERROR_DBUS;
+               return error_code;
         }
  
         if (IOTCON_ERROR_NONE != ret) {
@@ -249,10 +251,9 @@ static void _icl_platform_info_cb(GDBusConnection *connection,
  API int iotcon_get_platform_info(const char *host_address, iotcon_platform_info_cb cb,
                 void *user_data)
  {
-       int ret;
         GError *error = NULL;
         unsigned int sub_id;
-       int signal_number;
+       int ret, signal_number, error_code;
         char signal_name[IC_DBUS_SIGNAL_LENGTH] = {0};
         icl_platform_info_s *cb_container;
  
@@ -266,8 +267,9 @@ API int iotcon_get_platform_info(const char *host_address, iotcon_platform_info_
                         signal_number, &ret, NULL, &error);
         if (error) {
                 ERR("ic_dbus_call_get_platform_info_sync() Fail(%s)", error->message);
+               error_code = icl_dbus_convert_dbus_error(error->code);
                 g_error_free(error);
-               return IOTCON_ERROR_DBUS;
+               return error_code;
         }
  
         if (IOTCON_ERROR_NONE != ret) {
diff --git a/lib/icl-presence.c b/lib/icl-presence.c

index 2458189..50578f4 100644 (file)
--- a/lib/icl-presence.c
+++ b/lib/icl-presence.c
@@ -37,8 +37,7 @@ typedef struct icl_presence {
  
  API int iotcon_start_presence(unsigned int time_to_live)
  {
-       FN_CALL;
-       int ret;
+       int ret, error_code;
         GError *error = NULL;
  
         RETV_IF(NULL == icl_dbus_get_object(), IOTCON_ERROR_DBUS);
@@ -48,8 +47,9 @@ API int iotcon_start_presence(unsigned int time_to_live)
                         &error);
         if (error) {
                 ERR("ic_dbus_call_start_presence_sync() Fail(%s)", error->message);
+               error_code = icl_dbus_convert_dbus_error(error->code);
                 g_error_free(error);
-               return IOTCON_ERROR_DBUS;
+               return error_code;
         }
  
         if (IOTCON_ERROR_NONE != ret) {
@@ -64,7 +64,7 @@ API int iotcon_start_presence(unsigned int time_to_live)
  API int iotcon_stop_presence(void)
  {
         FN_CALL;
-       int ret;
+       int ret, error_code;
         GError *error = NULL;
  
         RETV_IF(NULL == icl_dbus_get_object(), IOTCON_ERROR_DBUS);
@@ -72,8 +72,9 @@ API int iotcon_stop_presence(void)
         ic_dbus_call_stop_presence_sync(icl_dbus_get_object(), &ret, NULL, &error);
         if (error) {
                 ERR("ic_dbus_call_stop_presence_sync() Fail(%s)", error->message);
+               error_code = icl_dbus_convert_dbus_error(error->code);
                 g_error_free(error);
-               return IOTCON_ERROR_DBUS;
+               return error_code;
         }
  
         if (IOTCON_ERROR_NONE != ret) {
@@ -129,7 +130,7 @@ API int iotcon_subscribe_presence(const char *host_address, const char *resource
         FN_CALL;
         GError *error = NULL;
         unsigned int sub_id;
-       int signal_number;
+       int signal_number, error_code;
         char signal_name[IC_DBUS_SIGNAL_LENGTH] = {0};
         icl_presence_s *presence_container;
  
@@ -156,9 +157,10 @@ API int iotcon_subscribe_presence(const char *host_address, const char *resource
                         resource_type, signal_number, &(presence_container->handle), NULL, &error);
         if (error) {
                 ERR("ic_dbus_call_subscribe_presence_sync() Fail(%s)", error->message);
+               error_code = icl_dbus_convert_dbus_error(error->code);
                 g_error_free(error);
                 free(presence_container);
-               return IOTCON_ERROR_DBUS;
+               return error_code;
         }
  
         if (0 == presence_container->handle) {
@@ -192,7 +194,7 @@ API int iotcon_subscribe_presence(const char *host_address, const char *resource
  API int iotcon_unsubscribe_presence(iotcon_presence_h presence)
  {
         FN_CALL;
-       int ret;
+       int ret, error_code;
         GError *error = NULL;
  
         RETV_IF(NULL == icl_dbus_get_object(), IOTCON_ERROR_DBUS);
@@ -208,8 +210,9 @@ API int iotcon_unsubscribe_presence(iotcon_presence_h presence)
                         &ret, NULL, &error);
         if (error) {
                 ERR("ic_dbus_call_unsubscribe_presence_sync() Fail(%s)", error->message);
+               error_code = icl_dbus_convert_dbus_error(error->code);
                 g_error_free(error);
-               return IOTCON_ERROR_DBUS;
+               return error_code;
         }
  
         if (IOTCON_ERROR_NONE != ret) {
diff --git a/lib/icl-resource.c b/lib/icl-resource.c

index b12ba34..4c0e5bf 100644 (file)
--- a/lib/icl-resource.c
+++ b/lib/icl-resource.c
@@ -154,12 +154,12 @@ API int iotcon_register_resource(const char *uri_path,
                 void *user_data,
                 iotcon_resource_h *resource_handle)
  {
-       int signal_number;
         unsigned int sub_id;
         GError *error = NULL;
         const gchar **types;
-       char sig_name[IC_DBUS_SIGNAL_LENGTH];
         iotcon_resource_h resource;
+       int signal_number, error_code;
+       char sig_name[IC_DBUS_SIGNAL_LENGTH];
  
         RETV_IF(NULL == icl_dbus_get_object(), IOTCON_ERROR_INVALID_PARAMETER);
         RETV_IF(NULL == uri_path, IOTCON_ERROR_INVALID_PARAMETER);
@@ -187,10 +187,11 @@ API int iotcon_register_resource(const char *uri_path,
                         properties, signal_number, &(resource->handle), NULL, &error);
         if (error) {
                 ERR("ic_dbus_call_register_resource_sync() Fail(%s)", error->message);
+               error_code = icl_dbus_convert_dbus_error(error->code);
                 g_error_free(error);
                 free(types);
                 free(resource);
-               return IOTCON_ERROR_DBUS;
+               return error_code;
         }
         free(types);
  
@@ -230,7 +231,7 @@ API int iotcon_register_resource(const char *uri_path,
  API int iotcon_unregister_resource(iotcon_resource_h resource)
  {
         FN_CALL;
-       int ret;
+       int ret, error_code;
         GError *error = NULL;
  
         RETV_IF(NULL == icl_dbus_get_object(), IOTCON_ERROR_DBUS);
@@ -248,8 +249,9 @@ API int iotcon_unregister_resource(iotcon_resource_h resource)
                         &ret, NULL, &error);
         if (error) {
                 ERR("ic_dbus_call_unregister_resource_sync() Fail(%s)", error->message);
+               error_code = icl_dbus_convert_dbus_error(error->code);
                 g_error_free(error);
-               return IOTCON_ERROR_DBUS;
+               return error_code;
         }
  
         if (IOTCON_ERROR_NONE != ret) {
@@ -267,7 +269,7 @@ API int iotcon_unregister_resource(iotcon_resource_h resource)
  API int iotcon_resource_bind_interface(iotcon_resource_h resource, int iface)
  {
         FN_CALL;
-       int ret;
+       int ret, error_code;
         GError *error = NULL;
  
         RETV_IF(NULL == icl_dbus_get_object(), IOTCON_ERROR_DBUS);
@@ -281,8 +283,9 @@ API int iotcon_resource_bind_interface(iotcon_resource_h resource, int iface)
                         iface, &ret, NULL, &error);
         if (error) {
                 ERR("ic_dbus_call_bind_interface_sync() Fail(%s)", error->message);
+               error_code = icl_dbus_convert_dbus_error(error->code);
                 g_error_free(error);
-               return IOTCON_ERROR_DBUS;
+               return error_code;
         }
  
         if (IOTCON_ERROR_NONE != ret) {
@@ -297,7 +300,7 @@ API int iotcon_resource_bind_interface(iotcon_resource_h resource, int iface)
  API int iotcon_resource_bind_type(iotcon_resource_h resource, const char *resource_type)
  {
         FN_CALL;
-       int ret;
+       int ret, error_code;
         GError *error = NULL;
  
         RETV_IF(NULL == icl_dbus_get_object(), IOTCON_ERROR_DBUS);
@@ -317,8 +320,9 @@ API int iotcon_resource_bind_type(iotcon_resource_h resource, const char *resour
                         &ret, NULL, &error);
         if (error) {
                 ERR("ic_dbus_call_bind_type_sync() Fail(%s)", error->message);
+               error_code = icl_dbus_convert_dbus_error(error->code);
                 g_error_free(error);
-               return IOTCON_ERROR_DBUS;
+               return error_code;
         }
  
         if (IOTCON_ERROR_NONE != ret) {
@@ -346,10 +350,8 @@ API int iotcon_resource_bind_request_handler(iotcon_resource_h resource,
  API int iotcon_resource_bind_child_resource(iotcon_resource_h parent,
                 iotcon_resource_h child)
  {
-       FN_CALL;
-       int ret;
-       int i;
         GError *error = NULL;
+       int i, ret, error_code;
  
         RETV_IF(NULL == icl_dbus_get_object(), IOTCON_ERROR_DBUS);
         RETV_IF(NULL == parent, IOTCON_ERROR_INVALID_PARAMETER);
@@ -378,8 +380,9 @@ API int iotcon_resource_bind_child_resource(iotcon_resource_h parent,
                                         child->handle, &ret, NULL, &error);
                         if (error) {
                                 ERR("ic_dbus_call_bind_resource_sync() Fail(%s)", error->message);
+                               error_code = icl_dbus_convert_dbus_error(error->code);
                                 g_error_free(error);
-                               return IOTCON_ERROR_DBUS;
+                               return error_code;
                         }
  
                         if (IOTCON_ERROR_NONE != ret) {
@@ -401,9 +404,8 @@ API int iotcon_resource_bind_child_resource(iotcon_resource_h parent,
  API int iotcon_resource_unbind_child_resource(iotcon_resource_h parent,
                 iotcon_resource_h child)
  {
-       int ret;
-       int i;
         GError *error = NULL;
+       int i, ret, error_code;
  
         RETV_IF(NULL == icl_dbus_get_object(), IOTCON_ERROR_DBUS);
         RETV_IF(NULL == parent, IOTCON_ERROR_INVALID_PARAMETER);
@@ -422,8 +424,9 @@ API int iotcon_resource_unbind_child_resource(iotcon_resource_h parent,
                         child->handle, &ret, NULL, &error);
         if (error) {
                 ERR("ic_dbus_call_unbind_resource_sync() Fail(%s)", error->message);
+               error_code = icl_dbus_convert_dbus_error(error->code);
                 g_error_free(error);
-               return IOTCON_ERROR_DBUS;
+               return error_code;
         }
  
         if (IOTCON_ERROR_NONE != ret) {
@@ -556,7 +559,7 @@ API void iotcon_notimsg_destroy(iotcon_notimsg_h msg)
  API int iotcon_notify_list_of_observers(iotcon_resource_h resource, iotcon_notimsg_h msg,
                 iotcon_observers_h observers)
  {
-       int ret;
+       int ret, error_code;
         GError *error = NULL;
         GVariant *noti_msg;
         GVariant *obs;
@@ -581,10 +584,11 @@ API int iotcon_notify_list_of_observers(iotcon_resource_h resource, iotcon_notim
                         noti_msg, obs, &ret, NULL, &error);
         if (error) {
                 ERR("ic_dbus_call_notify_list_of_observers_sync() Fail(%s)", error->message);
+               error_code = icl_dbus_convert_dbus_error(error->code);
                 g_error_free(error);
                 g_variant_unref(obs);
                 g_variant_unref(noti_msg);
-               return IOTCON_ERROR_DBUS;
+               return error_code;
         }
  
         if (IOTCON_ERROR_NONE != ret) {
@@ -598,7 +602,7 @@ API int iotcon_notify_list_of_observers(iotcon_resource_h resource, iotcon_notim
  
  API int iotcon_resource_notify_all(iotcon_resource_h resource)
  {
-       int ret;
+       int ret, error_code;
         GError *error = NULL;
  
         RETV_IF(NULL == icl_dbus_get_object(), IOTCON_ERROR_DBUS);
@@ -612,8 +616,9 @@ API int iotcon_resource_notify_all(iotcon_resource_h resource)
                         &error);
         if (error) {
                 ERR("ic_dbus_call_notify_all_sync() Fail(%s)", error->message);
+               error_code = icl_dbus_convert_dbus_error(error->code);
                 g_error_free(error);
-               return IOTCON_ERROR_DBUS;
+               return error_code;
         }
  
         if (IOTCON_ERROR_NONE != ret) {
diff --git a/lib/icl-response.c b/lib/icl-response.c

index 884b074..b78c721 100644 (file)
--- a/lib/icl-response.c
+++ b/lib/icl-response.c
@@ -209,7 +209,7 @@ static int _icl_response_check_representation_visibility(iotcon_response_h resp)
  API int iotcon_response_send(iotcon_response_h resp)
  {
         FN_CALL;
-       int ret;
+       int ret, error_code;
         GError *error = NULL;
         GVariant *arg_response;
  
@@ -228,9 +228,10 @@ API int iotcon_response_send(iotcon_response_h resp)
                         &error);
         if (error) {
                 ERR("ic_dbus_call_send_response_sync() Fail(%s)", error->message);
+               error_code = icl_dbus_convert_dbus_error(error->code);
                 g_error_free(error);
                 g_variant_unref(arg_response);
-               return IOTCON_ERROR_DBUS;
+               return error_code;
         }
  
         if (IOTCON_ERROR_NONE != ret) {
diff --git a/packaging/iotcon-test-v2.manifest b/packaging/iotcon-test-v2.manifest

new file mode 100644 (file)

index 0000000..cb964c2
--- /dev/null
+++ b/packaging/iotcon-test-v2.manifest
@@ -0,0 +1,13 @@
+<manifest>
+       <define>
+               <domain name="iotcon-test" />
+               <request>
+                       <smack request="iotcon" type="rw" />
+                       <smack request="device::app_logging" type="w" />
+                       <smack request="device::sys_logging" type="w" />
+               </request>
+       </define>
+       <request>
+               <domain name="iotcon-test" />
+       </request>
+</manifest>
diff --git a/packaging/iotcon-v2.manifest b/packaging/iotcon-v2.manifest

new file mode 100644 (file)

index 0000000..64f37e8
--- /dev/null
+++ b/packaging/iotcon-v2.manifest
@@ -0,0 +1,31 @@
+<manifest>
+       <define>
+               <domain name="iotcon" />
+               <permit>
+                       <smack permit="system::use_internet" type="w" />
+                       <smack permit="dbus" type="rwx" />
+               </permit>
+               <request>
+                       <smack request="system::use_internet" type="w" />
+                       <smack request="connman::get" type="w" />
+                       <smack request="dbus" type="rwx" />
+                       <smack request="device::app_logging" type="w" />
+                       <smack request="device::sys_logging" type="w" />
+               </request>
+       </define>
+       <assign>
+               <filesystem path="/usr/share/license/iotcon" label="_" />
+               <filesystem path="/usr/share/dbus-1/services/org.tizen.iotcon.dbus.service" label="_" />
+
+               <dbus name="org.tizen.iotcon.dbus" own="iotcon" bus="system">
+                       <node name="/org/tizen/iotcon/dbus">
+                               <interface name="org.tizen.iotcon.dbus">
+                                       <annotation name="com.tizen.smack" value="iotcon"/>
+                               </interface>
+                       </node>
+               </dbus>
+       </assign>
+       <request>
+               <domain name="iotcon" />
+       </request>
+</manifest>
diff --git a/packaging/iotcon-v3.manifest b/packaging/iotcon-v3.manifest

new file mode 100644 (file)

index 0000000..a76fdba
--- /dev/null
+++ b/packaging/iotcon-v3.manifest
@@ -0,0 +1,5 @@
+<manifest>
+       <request>
+               <domain name="_" />
+       </request>
+</manifest>
diff --git a/packaging/iotcon.conf.in b/packaging/iotcon.conf.in

new file mode 100644 (file)

index 0000000..113f5b5
--- /dev/null
+++ b/packaging/iotcon.conf.in
@@ -0,0 +1,78 @@
+<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
+               "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
+
+<busconfig>
+       <policy user="root">
+               <allow own="@DBUS_INTERFACE@"/>
+               <allow send_destination="@DBUS_INTERFACE@" send_interface="@DBUS_INTERFACE@"/>
+       </policy>
+
+       <policy context="default">
+               <check send_destination="@DBUS_INTERFACE@"
+                               send_interface="@DBUS_INTERFACE@" send_member="registerResource"
+                               privilege="http://tizen.org/privilege/internet"/>
+               <check send_destination="@DBUS_INTERFACE@"
+                               send_interface="@DBUS_INTERFACE@" send_member="unregisterResource"
+                               privilege="http://tizen.org/privilege/internet"/>
+               <check send_destination="@DBUS_INTERFACE@"
+                               send_interface="@DBUS_INTERFACE@" send_member="bindInterface"
+                               privilege="http://tizen.org/privilege/internet"/>
+               <check send_destination="@DBUS_INTERFACE@"
+                               send_interface="@DBUS_INTERFACE@" send_member="bindType"
+                               privilege="http://tizen.org/privilege/internet"/>
+               <check send_destination="@DBUS_INTERFACE@"
+                               send_interface="@DBUS_INTERFACE@" send_member="bindResource"
+                               privilege="http://tizen.org/privilege/internet"/>
+               <check send_destination="@DBUS_INTERFACE@"
+                               send_interface="@DBUS_INTERFACE@" send_member="unbindResource"
+                               privilege="http://tizen.org/privilege/internet"/>
+               <check send_destination="@DBUS_INTERFACE@"
+                               send_interface="@DBUS_INTERFACE@" send_member="notifyListOfObservers"
+                               privilege="http://tizen.org/privilege/internet"/>
+               <check send_destination="@DBUS_INTERFACE@"
+                               send_interface="@DBUS_INTERFACE@" send_member="notifyAll"
+                               privilege="http://tizen.org/privilege/internet"/>
+               <check send_destination="@DBUS_INTERFACE@"
+                               send_interface="@DBUS_INTERFACE@" send_member="sendResponse"
+                               privilege="http://tizen.org/privilege/internet"/>
+               <check send_destination="@DBUS_INTERFACE@"
+                               send_interface="@DBUS_INTERFACE@" send_member="findResource"
+                               privilege="http://tizen.org/privilege/internet"/>
+               <check send_destination="@DBUS_INTERFACE@"
+                               send_interface="@DBUS_INTERFACE@" send_member="get"
+                               privilege="http://tizen.org/privilege/internet"/>
+               <check send_destination="@DBUS_INTERFACE@"
+                               send_interface="@DBUS_INTERFACE@" send_member="put"
+                               privilege="http://tizen.org/privilege/internet"/>
+               <check send_destination="@DBUS_INTERFACE@"
+                               send_interface="@DBUS_INTERFACE@" send_member="post"
+                               privilege="http://tizen.org/privilege/internet"/>
+               <check send_destination="@DBUS_INTERFACE@"
+                               send_interface="@DBUS_INTERFACE@" send_member="delete"
+                               privilege="http://tizen.org/privilege/internet"/>
+               <check send_destination="@DBUS_INTERFACE@"
+                               send_interface="@DBUS_INTERFACE@" send_member="observerStart"
+                               privilege="http://tizen.org/privilege/internet"/>
+               <check send_destination="@DBUS_INTERFACE@"
+                               send_interface="@DBUS_INTERFACE@" send_member="observerStop"
+                               privilege="http://tizen.org/privilege/internet"/>
+               <check send_destination="@DBUS_INTERFACE@"
+                               send_interface="@DBUS_INTERFACE@" send_member="getDeviceInfo"
+                               privilege="http://tizen.org/privilege/internet"/>
+               <check send_destination="@DBUS_INTERFACE@"
+                               send_interface="@DBUS_INTERFACE@" send_member="getPlatformInfo"
+                               privilege="http://tizen.org/privilege/internet"/>
+               <check send_destination="@DBUS_INTERFACE@"
+                               send_interface="@DBUS_INTERFACE@" send_member="subscribePresence"
+                               privilege="http://tizen.org/privilege/internet"/>
+               <check send_destination="@DBUS_INTERFACE@"
+                               send_interface="@DBUS_INTERFACE@" send_member="unsubscribePresence"
+                               privilege="http://tizen.org/privilege/internet"/>
+               <check send_destination="@DBUS_INTERFACE@"
+                               send_interface="@DBUS_INTERFACE@" send_member="startPresence"
+                               privilege="http://tizen.org/privilege/internet"/>
+               <check send_destination="@DBUS_INTERFACE@"
+                               send_interface="@DBUS_INTERFACE@" send_member="stopPresence"
+                               privilege="http://tizen.org/privilege/internet"/>
+       </policy>
+</busconfig>
diff --git a/packaging/iotcon.manifest b/packaging/iotcon.manifest

deleted file mode 100644 (file)

index 9df4ef5..0000000
--- a/packaging/iotcon.manifest
+++ /dev/null
@@ -1,24 +0,0 @@
-<manifest>
-       <define>
-               <domain name="iotcon" />
-               <permit>
-                       <smack permit="_" type="rw" />
-                       <smack permit="net-config" type="rwx"/>
-                       <smack permit="dbus" type="rwx" />
-                       <smack permit="system::use_internet" type="rw" />
-                       <smack permit="connman::get" type="rw" />
-                       <smack permit="libiotcon" type="rwx" />
-               </permit>
-               <request>
-                       <smack request="net-config" type="rwx"/>
-                       <smack request="connman::get" type="rw" />
-                       <smack request="dbus" type="rwx" />
-                       <smack request="libiotcon" type="rwxt" />
-                       <smack request="_" type="rw" />
-                       <smack request="system::use_internet" type="rw" />
-               </request>
-       </define>
-       <request>
-               <domain name="iotcon" />
-       </request>
-</manifest>
diff --git a/packaging/iotcon.spec b/packaging/iotcon.spec

index 40ca96a..e28604c 100644 (file)
--- a/packaging/iotcon.spec
+++ b/packaging/iotcon.spec
@@ -6,8 +6,11 @@ Group:      Network & Connectivity/Other
  License:    Apache-2.0
  Source0:    %{name}-%{version}.tar.gz
  Source1:    %{name}.service
-Source1001: %{name}.manifest
-Source1002: lib%{name}.manifest
+Source1001: %{name}-v3.manifest
+Source1002: %{name}-v2.manifest
+Source1003: lib%{name}-v2.manifest
+Source1004: %{name}-test-v2.manifest
+Source2001: %{name}.conf.in
  BuildRequires:  cmake
  BuildRequires:  boost-devel
  BuildRequires:  iotivity-devel
@@ -53,13 +56,22 @@ IoT Connectivity Manager Test Programs
  
  %prep
  %setup -q
-cp %{SOURCE1001} .
-cp %{SOURCE1002} .
+%if %tizen_version_major == 3
+cp %{SOURCE1001} ./%{name}.manifest
+cp %{SOURCE1001} ./lib%{name}.manifest
+cp %{SOURCE1001} ./%{name}-test.manifest
+cp %{SOURCE2001} .
+%else
+cp %{SOURCE1002} ./%{name}.manifest
+cp %{SOURCE1003} ./lib%{name}.manifest
+cp %{SOURCE1004} ./%{name}-test.manifest
+%endif
  
  
  %build
  MAJORVER=`echo %{version} | awk 'BEGIN {FS="."}{print $1}'`
-%cmake . -DMAJORVER=${MAJORVER} -DFULLVER=%{version} -DBIN_INSTALL_DIR:PATH=%{_bindir}
+%cmake . -DMAJORVER=${MAJORVER} -DFULLVER=%{version} -DBIN_INSTALL_DIR:PATH=%{_bindir} \
+               -DTZ_VER=%{tizen_version_major}
  
  
  %install
@@ -105,6 +117,7 @@ systemctl daemon-reload
  %if 0%{?tizen_version_major} < 3
  %{_datadir}/license/%{name}
  %else
+%config %{_sysconfdir}/dbus-1/system.d/%{name}.conf
  %license LICENSE.APLv2
  %endif
  
@@ -125,6 +138,7 @@ systemctl daemon-reload
  %{_includedir}/%{name}/*.h
  
  %files test
+%manifest %{name}-test.manifest
  %defattr(-,root,root,-)
  %{_bindir}/crud-test-client
  %{_bindir}/crud-test-server
diff --git a/packaging/libiotcon-v2.manifest b/packaging/libiotcon-v2.manifest

new file mode 100644 (file)

index 0000000..a76fdba
--- /dev/null
+++ b/packaging/libiotcon-v2.manifest
@@ -0,0 +1,5 @@
+<manifest>
+       <request>
+               <domain name="_" />
+       </request>
+</manifest>
diff --git a/packaging/libiotcon.manifest b/packaging/libiotcon.manifest

deleted file mode 100644 (file)

index edee8ae..0000000
--- a/packaging/libiotcon.manifest
+++ /dev/null
@@ -1,19 +0,0 @@
-<manifest>
-       <define>
-               <domain name="libiotcon" />
-               <permit>
-                       <smack permit="_" type="rw" />
-                       <smack permit="dbus" type="rwx" />
-               </permit>
-               <request>
-                       <smack request="dbus" type="rwx" />
-                       <smack request="_" type="rw" />
-               </request>
-       </define>
-       <assign>
-               <filesystem path="/usr/lib/libiotcon.so*" label="_" exec_label="none"/>
-       </assign>
-       <request>
-               <domain name="libiotcon" />
-       </request>
-</manifest>
author	youngman <yman.jung@samsung.com>
	Fri, 25 Sep 2015 05:11:43 +0000 (14:11 +0900)
committer	youngman <yman.jung@samsung.com>
	Tue, 3 Nov 2015 11:08:20 +0000 (20:08 +0900)
CMakeLists.txt		patch \| blob \| history
lib/icl-client-crud.c		patch \| blob \| history
lib/icl-client.c		patch \| blob \| history
lib/icl-dbus.c		patch \| blob \| history
lib/icl-dbus.h		patch \| blob \| history
lib/icl-device.c		patch \| blob \| history
lib/icl-presence.c		patch \| blob \| history
lib/icl-resource.c		patch \| blob \| history
lib/icl-response.c		patch \| blob \| history
packaging/iotcon-test-v2.manifest	[new file with mode: 0644]	patch \| blob
packaging/iotcon-v2.manifest	[new file with mode: 0644]	patch \| blob
packaging/iotcon-v3.manifest	[new file with mode: 0644]	patch \| blob
packaging/iotcon.conf.in	[new file with mode: 0644]	patch \| blob
packaging/iotcon.manifest	[deleted file]	patch \| blob \| history
packaging/iotcon.spec		patch \| blob \| history
packaging/libiotcon-v2.manifest	[new file with mode: 0644]	patch \| blob
packaging/libiotcon.manifest	[deleted file]	patch \| blob \| history