Update set_capability and capability test.

author jin-gyu.kim <jin-gyu.kim@samsung.com>

Wed, 20 Dec 2017 05:50:08 +0000 (14:50 +0900)

committer jin-gyu.kim <jin-gyu.kim@samsung.com>

Wed, 20 Dec 2017 05:50:12 +0000 (14:50 +0900)
author jin-gyu.kim <jin-gyu.kim@samsung.com>
Wed, 20 Dec 2017 05:50:08 +0000 (14:50 +0900)
committer jin-gyu.kim <jin-gyu.kim@samsung.com>
Wed, 20 Dec 2017 05:50:12 +0000 (14:50 +0900)
diff --git a/config/set_capability b/config/set_capability

index 592c8f2b0879689fe73f24336eefdb5ed688f806..0aebb58800cb3617c0c4a678eafbbf663f04ae48 100755 (executable)
--- a/config/set_capability
+++ b/config/set_capability
@@ -19,7 +19,7 @@ PATH=/bin:/usr/bin:/sbin:/usr/sbin
  # cap_sys_admin                remount at rpm installation
  
  if [ -e "/usr/sbin/sdbd" ]
-then /usr/sbin/setcap cap_setuid,cap_setgid,cap_dac_override,cap_sys_admin=eip /usr/sbin/sdbd
+then /usr/sbin/setcap cap_setuid,cap_setgid,cap_dac_override,cap_sys_admin=ei /usr/sbin/sdbd
  fi
  
  # Package              alarm-server
@@ -135,7 +135,7 @@ fi
  # cap_fowner           use chmod API
  
  if [ -e "/usr/bin/tpk-backend" ]
-then /usr/sbin/setcap cap_dac_override,cap_chown,cap_fowner=eip /usr/bin/tpk-backend
+then /usr/sbin/setcap cap_dac_override,cap_chown,cap_fowner=ei /usr/bin/tpk-backend
  fi
  
  # Package              wgt-backend
@@ -147,7 +147,7 @@ fi
  # cap_fowner           use chmod API
  
  if [ -e "/usr/bin/wgt-backend" ]
-then /usr/sbin/setcap cap_dac_override,cap_chown,cap_fowner=eip /usr/bin/wgt-backend
+then /usr/sbin/setcap cap_dac_override,cap_chown,cap_fowner=ei /usr/bin/wgt-backend
  fi
  
  # Package              xdelta3
@@ -367,7 +367,7 @@ fi
  # cap_dac_read_search   to access pkg directory
  
  if [ -e "/usr/bin/pkg_getsize" ]
-then /usr/sbin/setcap cap_dac_read_search=eip /usr/bin/pkg_getsize
+then /usr/sbin/setcap cap_dac_read_search=ei /usr/bin/pkg_getsize
  fi
  
  # Package              platform/core/messaging/email-service
@@ -388,7 +388,7 @@ fi
  # TODO: REMOVED IN TIZEN 4.0
  
  if [ -e "/usr/bin/pkg_cleardata" ]
-then /usr/sbin/setcap cap_dac_override=eip /usr/bin/pkg_cleardata
+then /usr/sbin/setcap cap_dac_override=ei /usr/bin/pkg_cleardata
  fi
  
  # Package               platform/core/appfw/launchpad
diff --git a/test/capability_test/new_capabilities_exception.list b/test/capability_test/new_capabilities_exception.list

index 8192a5d4c9dd4156ace83f3ad50f0ac2199f35ac..5286538a54fc58f7b1ac5ec0ef1126aa5f6602fe 100644 (file)
--- a/test/capability_test/new_capabilities_exception.list
+++ b/test/capability_test/new_capabilities_exception.list
@@ -1,52 +1,52 @@
-/usr/sbin/tayga = cap_net_bind_service,cap_net_broadcast,cap_net_admin,cap_net_raw+ei
-/usr/sbin/xtables-multi = cap_net_admin,cap_net_raw+ei
-/usr/sbin/named = cap_fowner,cap_net_bind_service,cap_net_admin,cap_sys_chroot+eip
-/usr/sbin/lwresd = cap_fowner,cap_net_bind_service,cap_net_admin,cap_sys_chroot+eip
-/usr/sbin/sdbd = cap_dac_override,cap_setgid,cap_setuid,cap_sys_admin+eip
-/usr/bin/hostapd = cap_fowner,cap_net_bind_service,cap_net_admin,cap_net_raw+eip
-/usr/sbin/ip = cap_net_admin+ei
-/usr/bin/wpa_supplicant = cap_net_admin,cap_net_raw+ei
-/usr/bin/focus_server = cap_chown,cap_fowner,cap_lease+eip
-/usr/bin/touch = cap_dac_override+ei
-/usr/bin/pkgdir-tool = cap_chown,cap_dac_override,cap_fowner+eip
-/usr/bin/msg-server = cap_chown,cap_net_admin,cap_net_raw,cap_lease+eip
-/usr/bin/media-server = cap_dac_read_search+eip
-/usr/bin/alarm-server = cap_sys_time+eip
-/usr/bin/systemd-user-helper = cap_dac_override,cap_setgid,cap_sys_admin,cap_mac_admin+ei
-/usr/bin/csr-server = cap_dac_override,cap_fowner+eip
-/usr/bin/pkgmgr-server = cap_chown,cap_dac_override,cap_fsetid,cap_kill,cap_setgid,cap_setuid+eip
-/usr/bin/muse-server = cap_dac_override+eip
-/usr/bin/amd = cap_dac_override,cap_kill+ep
-/usr/bin/wrt-loader = cap_setgid+ei
-/usr/bin/tpk-backend = cap_chown,cap_dac_override,cap_fowner+eip
-/usr/bin/launchpad-loader = cap_setgid+ei
-/usr/bin/email-service = cap_chown+eip
-/usr/bin/wgt-backend = cap_chown,cap_dac_override,cap_fowner+eip
-/usr/bin/download-provider = cap_chown,cap_dac_override+eip
-/usr/bin/chmod = cap_fowner+ei
-/usr/bin/sound_server = cap_chown,cap_fowner,cap_lease+eip
+/usr/libexec/bluetooth/bluetoothd = cap_dac_override+ei
+/usr/bin/launchpad-process-pool = cap_dac_override,cap_setgid,cap_sys_admin,cap_sys_nice,cap_mac_admin+ei
+/usr/bin/pkg_cleardata = cap_dac_override+ei
+/usr/bin/pkill = cap_kill+ei
+/usr/bin/telephony-daemon = cap_dac_override,cap_net_admin,cap_net_raw+ei
  /usr/bin/dnsmasq = cap_net_bind_service,cap_net_broadcast,cap_net_admin,cap_net_raw+ei
-/usr/bin/feedbackd = cap_dac_override+eip
-/usr/bin/data-provider-master = cap_dac_override+ei
-/usr/bin/amixer = cap_dac_override+ei
-/usr/bin/pkg_getsize = cap_dac_read_search+eip
-/usr/bin/pkg_cleardata = cap_dac_override+eip
-/usr/bin/launchpad-process-pool = cap_dac_override,cap_setgid,cap_mac_admin+ei
-/usr/bin/mobileap-agent = cap_fowner,cap_net_bind_service,cap_net_admin+eip
+/usr/bin/amd = cap_dac_override,cap_kill+ep
+/usr/bin/connmand = cap_dac_override,cap_net_bind_service,cap_net_broadcast,cap_net_admin,cap_net_raw+ei
+/usr/bin/tpk-backend = cap_chown,cap_dac_override,cap_fowner+ei
  /usr/bin/chgrp = cap_chown+ei
+/usr/bin/sound_server = cap_chown,cap_fowner,cap_lease+eip
+/usr/bin/wgt-backend = cap_chown,cap_dac_override,cap_fowner+ei
+/usr/bin/media-server = cap_dac_read_search+ei
  /usr/bin/xdelta3 = cap_dac_override+ei
-/usr/bin/telephony-daemon = cap_net_admin,cap_net_raw+ei
-/usr/bin/telephony-daemon.tv = cap_net_admin,cap_net_raw+ei
-/usr/bin/telephony-daemon.ivi = cap_net_admin,cap_net_raw+ei
-/usr/bin/nether = cap_net_admin+eip
-/usr/bin/dotnet-launcher = cap_setgid,cap_mac_admin+ei
+/usr/bin/wpa_supplicant = cap_dac_override,cap_net_admin,cap_net_raw+ei
+/usr/bin/gpsd = cap_dac_override+eip
+/usr/bin/muse-server = cap_dac_override+ei
+/usr/bin/pkgmgr-server = cap_chown,cap_dac_override,cap_fsetid,cap_kill,cap_setgid,cap_setuid+ei
+/usr/bin/hostapd = cap_dac_override,cap_fowner,cap_net_bind_service,cap_net_admin,cap_net_raw+eip
+/usr/bin/download-provider = cap_chown,cap_dac_override+ei
+/usr/bin/chmod = cap_fowner+ei
+/usr/bin/pkg_getsize = cap_dac_read_search+ei
+/usr/bin/toybox = cap_net_bind_service,cap_net_broadcast,cap_net_admin,cap_net_raw+ei
+/usr/bin/csr-server = cap_dac_override,cap_fowner+ei
+/usr/bin/cp2-downloader = cap_dac_override,cap_sys_admin+eip
+/usr/bin/modemd = cap_dac_override+eip
+/usr/bin/data-provider-master = cap_dac_override+ei
+/usr/bin/msg-server = cap_chown,cap_net_admin,cap_net_raw,cap_lease+ei
+/usr/bin/systemd-user-helper = cap_dac_override,cap_setgid,cap_sys_admin,cap_mac_admin+ei
+/usr/bin/wifi-loader = cap_dac_override,cap_sys_module,cap_sys_admin+eip
+/usr/bin/pkgdir-tool = cap_chown,cap_dac_override,cap_fowner+ei
+/usr/bin/nether = cap_net_admin+ei
  /usr/bin/wfd-manager = cap_net_bind_service,cap_net_broadcast,cap_net_admin,cap_net_raw+ei
-/usr/bin/wfd-manager.tm1 = cap_net_bind_service,cap_net_broadcast,cap_net_admin,cap_net_raw+ei
-/usr/bin/wfd-manager.mobile = cap_net_bind_service,cap_net_broadcast,cap_net_admin,cap_net_raw+ei
-/usr/bin/wfd-manager.wearable = cap_net_bind_service,cap_net_broadcast,cap_net_admin,cap_net_raw+ei
-/usr/bin/wfd-manager.tv = cap_net_bind_service,cap_net_broadcast,cap_net_admin,cap_net_raw+ei
-/usr/bin/net-config = cap_net_admin,cap_net_raw+ei
-/usr/bin/connmand = cap_net_bind_service,cap_net_broadcast,cap_net_admin,cap_net_raw+ei
+/usr/bin/connman-vpnd = cap_dac_override,cap_net_bind_service,cap_net_broadcast,cap_net_admin,cap_net_raw+ei
+/usr/bin/mobileap-agent = cap_net_bind_service,cap_net_admin+ei
+/usr/bin/alarm-server = cap_sys_time+ei
+/usr/bin/launchpad-loader = cap_setgid,cap_sys_admin,cap_sys_nice+ei
+/usr/bin/dotnet-launcher = cap_setgid,cap_sys_admin+ei
+/usr/bin/net-config = cap_dac_override,cap_net_admin,cap_net_raw+ei
+/usr/bin/touch = cap_dac_override+ei
+/usr/bin/wrt-loader = cap_setgid,cap_sys_admin+ei
+/usr/bin/focus_server = cap_chown,cap_fowner,cap_lease+eip
+/usr/bin/email-service = cap_chown+eip
+/usr/sbin/named = cap_fowner,cap_net_bind_service,cap_net_admin,cap_sys_chroot+eip
+/usr/sbin/xtables-multi = cap_net_admin,cap_net_raw+ei
  /usr/sbin/ifconfig = cap_net_admin+ei
-/usr/bin/pkill = cap_kill+ei
-/usr/bin/toybox = cap_net_bind_service,cap_net_broadcast,cap_net_admin,cap_net_raw+ei
+/usr/sbin/lwresd = cap_fowner,cap_net_bind_service,cap_net_admin,cap_sys_chroot+eip
+/usr/sbin/ip = cap_net_admin+ei
+/usr/sbin/route = cap_net_admin+ei
+/usr/sbin/tayga = cap_net_bind_service,cap_net_broadcast,cap_net_admin,cap_net_raw+ei
+/usr/sbin/sdbd = cap_dac_override,cap_setgid,cap_setuid,cap_sys_admin+ei
+/usr/bin/lhd = cap_dac_override+eip
author	jin-gyu.kim <jin-gyu.kim@samsung.com>
	Wed, 20 Dec 2017 05:50:08 +0000 (14:50 +0900)
committer	jin-gyu.kim <jin-gyu.kim@samsung.com>
	Wed, 20 Dec 2017 05:50:12 +0000 (14:50 +0900)
config/set_capability		patch \| blob \| history
test/capability_test/new_capabilities_exception.list		patch \| blob \| history