service file: apply service permission

author wansuyoo <wansu.yoo@samsung.com>

Wed, 17 Apr 2019 08:33:15 +0000 (17:33 +0900)

committer wansuyoo <wansu.yoo@samsung.com>

Wed, 17 Apr 2019 08:40:54 +0000 (17:40 +0900)
author wansuyoo <wansu.yoo@samsung.com>
Wed, 17 Apr 2019 08:33:15 +0000 (17:33 +0900)
committer wansuyoo <wansu.yoo@samsung.com>
Wed, 17 Apr 2019 08:40:54 +0000 (17:40 +0900)
diff --git a/Makefile b/Makefile

index eceb323..ce985fe 100644 (file)
--- a/Makefile
+++ b/Makefile
@@ -87,6 +87,7 @@ install:
         -rm -rf $(DESTDIR)
         install -d $(DESTDIR)/usr/bin
         install -d $(DESTDIR)/etc/$(PKG_NAME)
+       install -d $(DESTDIR)/var/log/$(PKG_NAME)
         install -d $(DESTDIR)/usr/lib/systemd/system/multi-user.target.wants
         install -d $(DESTDIR)/usr/share/dbus-1/system-services
         install -d $(DESTDIR)/etc/dbus-1/system.d
diff --git a/packaging/edge-orchestration.service b/packaging/edge-orchestration.service

index 1391479..cc6dadc 100755 (executable)
--- a/packaging/edge-orchestration.service
+++ b/packaging/edge-orchestration.service
@@ -4,6 +4,8 @@ After=dbus.socket connman.service
  Requires=dbus.socket
  
  [Service]
+User=system_fw
+Group=system_fw
  Type=dbus
  BusName=org.tizen.orchestration
  SmackProcessLabel=System
diff --git a/packaging/edge-orchestration.spec b/packaging/edge-orchestration.spec

index 736ebd3..87aaadf 100755 (executable)
--- a/packaging/edge-orchestration.spec
+++ b/packaging/edge-orchestration.spec
@@ -22,6 +22,7 @@ BuildRequires:  pkgconfig(glib-2.0)
  BuildRequires:  pkgconfig(gio-2.0)
  BuildRequires:  pkgconfig(gio-unix-2.0)
  
+Requires: security-config
  Requires(post): dbus
  Requires(post):     /sbin/ldconfig, /usr/bin/systemctl
  Requires(postun):   /sbin/ldconfig, /usr/bin/systemctl
@@ -100,26 +101,23 @@ ln -sf %{_sysconfdir}/%{name}/myscoring/libmyscoring.so.1.0.1 %{_sysconfdir}/%{n
  %files
  %manifest %{name}.manifest
  %license LICENSE.Apache-2.0
-%defattr(-,root,root,-)
-%{_bindir}/%{name}
-%{_unitdir}/%{name}.service
-%{_unitdir}/multi-user.target.wants/%{name}.service
-%{_datadir}/dbus-1/system-services/org.tizen.orchestration.service
-%{_sysconfdir}/dbus-1/system.d/org.tizen.orchestration.conf
-#%dir %{_sysconfdir}/%{name}
+%attr(755,system_fw,system_fw)%{_bindir}/%{name}
+%attr(644,root,root)%{_unitdir}/%{name}.service
+%attr(644,root,root)%{_unitdir}/multi-user.target.wants/%{name}.service
+%attr(644,root,root)%{_datadir}/dbus-1/system-services/org.tizen.orchestration.service
+%attr(644,root,root)%{_sysconfdir}/dbus-1/system.d/org.tizen.orchestration.conf
+%attr(755,system_fw,system_fw)%dir /var/log/%{name}
  
  %files -n libedge-orchestration
  %manifest lib%{name}.manifest
  %license LICENSE.Apache-2.0
-%defattr(-,root,root,-)
-%{_libdir}/liborchestration-client.so
+%attr(755,system_fw,system_fw)%{_libdir}/liborchestration-client.so
  # orchestration sample
-%{_bindir}/orchestration_sample
-%{_sysconfdir}/%{name}/myscoring/*
+%attr(755,system_fw,system_fw)%{_bindir}/orchestration_sample
+%attr(755,system_fw,system_fw)%{_sysconfdir}/%{name}/myscoring/*
  
  %files -n libedge-orchestration-devel
  %manifest lib%{name}.manifest
  %license LICENSE.Apache-2.0
-%defattr(-,root,root,-)
-%{_libdir}/liborchestration-client.so
-%{_includedir}/%{name}/orchestration_client.h
-\ No newline at end of file
+%attr(755,system_fw,system_fw)%{_libdir}/liborchestration-client.so
+%attr(755,system_fw,system_fw)%{_includedir}/%{name}/orchestration_client.h
+\ No newline at end of file
diff --git a/packaging/org.tizen.orchestration.conf b/packaging/org.tizen.orchestration.conf

index 6c8fd06..6df4ab8 100755 (executable)
--- a/packaging/org.tizen.orchestration.conf
+++ b/packaging/org.tizen.orchestration.conf
@@ -11,6 +11,10 @@
                 <allow own="org.tizen.orchestration"/>
                 <allow send_destination="org.tizen.orchestration"/>
         </policy>
+       <policy user="system_fw">
+               <allow own="org.tizen.orchestration"/>
+               <allow send_destination="org.tizen.orchestration"/>
+       </policy>
         <policy group="users">
                 <check send_destination="org.tizen.orchestration" send_interface="org.tizen.orchestration.agent"
                         send_member="request_service" privilege="http://tizen.org/privilege/appmanager.launch"/>
diff --git a/packaging/org.tizen.orchestration.service b/packaging/org.tizen.orchestration.service

index 9b26b9a..1763a74 100755 (executable)
--- a/packaging/org.tizen.orchestration.service
+++ b/packaging/org.tizen.orchestration.service
@@ -1,6 +1,6 @@
  [D-BUS Service]
  Name=org.tizen.orchestration
-User=root
+User=system_fw
+Group=system_fw
  Exec=/bin/false
  SystemdService=edge-orchestration.service
-
diff --git a/src/CMain/lib/linux_arm/liborchestration.a b/src/CMain/lib/linux_arm/liborchestration.a

index c41cf87..8791337 100644 (file)

Binary files a/src/CMain/lib/linux_arm/liborchestration.a and b/src/CMain/lib/linux_arm/liborchestration.a differ
diff --git a/src/logmgr/logmgr.go b/src/logmgr/logmgr.go

index a01c4e7..aa132e7 100755 (executable)
--- a/src/logmgr/logmgr.go
+++ b/src/logmgr/logmgr.go
@@ -22,8 +22,8 @@ import (
         "github.com/leemcloughlin/logfile"\r
  )\r
  \r
-var logFilePath = "/var/log"\r
-var logFileName = "orchestration.log"\r
+var logFilePath = "/var/log/edge-orchestration"\r
+var logFileName = "logmgr.log"\r
  \r
  // Init for initializing logmgr\r
  func Init() {\r
author	wansuyoo <wansu.yoo@samsung.com>
	Wed, 17 Apr 2019 08:33:15 +0000 (17:33 +0900)
committer	wansuyoo <wansu.yoo@samsung.com>
	Wed, 17 Apr 2019 08:40:54 +0000 (17:40 +0900)
Makefile		patch \| blob \| history
packaging/edge-orchestration.service		patch \| blob \| history
packaging/edge-orchestration.spec		patch \| blob \| history
packaging/org.tizen.orchestration.conf		patch \| blob \| history
packaging/org.tizen.orchestration.service		patch \| blob \| history
src/CMain/lib/linux_arm/liborchestration.a		patch \| blob \| history
src/logmgr/logmgr.go		patch \| blob \| history