Change GID of key-manager

Key-manager main group ID was changed to security_fw
to workaround the issue with TrustZone backend - client
application created shared memory segments inaccessible
by TEF Simulator Daemon.

Change-Id: I8da3dacfb5001cc4b230219820acc53b287f6cfb

diff --git a/packaging/key-manager.spec b/packaging/key-manager.spec
index 09a5a19..cf9518b 100644 (file)
--- a/packaging/key-manager.spec
+++ b/packaging/key-manager.spec
@@ -40,7 +40,8 @@ Requires: libkey-manager-common = %{version}-%{release}
 %{?systemd_requires}
 
 %global user_name key-manager
-%global group_name key-manager
+%global group_name security_fw
+%global supplementary_group_names key-manager
 %global service_name key-manager
 %global smack_domain_name System
 %global old_rw_data_dir /opt/data/ckm
@@ -144,6 +145,7 @@ export LDFLAGS+="-Wl,--rpath=%{_libdir},-Bsymbolic-functions "
         -DSERVICE_NAME=%{service_name} \
         -DUSER_NAME=%{user_name} \
         -DGROUP_NAME=%{group_name} \
+        -DSUPPLEMENTARY_GROUP_NAMES="%{supplementary_group_names}" \
         -DSMACK_DOMAIN_NAME=%{smack_domain_name} \
         -DOLD_RW_DATA_DIR=%{old_rw_data_dir} \
         -DRW_DATA_DIR=%{rw_data_dir} \

diff --git a/systemd/central-key-manager.service.in b/systemd/central-key-manager.service.in
index 201bcb9..bd9c130 100644 (file)
--- a/systemd/central-key-manager.service.in
+++ b/systemd/central-key-manager.service.in
@@ -5,6 +5,7 @@ DefaultDependencies=no
 [Service]
 User=@USER_NAME@
 Group=@GROUP_NAME@
+SupplementaryGroups=@SUPPLEMENTARY_GROUP_NAMES@
 SmackProcessLabel=@SMACK_DOMAIN_NAME@
 Type=notify
 ExecStart=@BIN_DIR@/key-manager