SET(DPM_LIBS ${PROJECT_SOURCE_DIR}/libs)
SET(DPM_SERVER ${PROJECT_SOURCE_DIR}/server)
SET(DPM_TOOLS ${PROJECT_SOURCE_DIR}/tools)
-SET(DPM_ZONE ${PROJECT_SOURCE_DIR}/zone)
SET(DPM_TESTS ${PROJECT_SOURCE_DIR}/tests)
IF("${CMAKE_CXX_COMPILER_ID}" STREQUAL "GNU" AND CMAKE_CXX_COMPILER_VERSION VERSION_LESS 4.7)
ADD_SUBDIRECTORY(${DPM_SERVER})
ADD_SUBDIRECTORY(${DPM_LIBS})
ADD_SUBDIRECTORY(${DPM_TOOLS})
-IF("${TIZEN_PROFILE_NAME}" STREQUAL "mobile")
-ADD_SUBDIRECTORY(${DPM_ZONE})
-ENDIF()
ADD_SUBDIRECTORY(${DPM_TESTS})
<domain name="_" />
</request>
<assign>
- <filesystem path="/opt/etc/dpm/zone" label="System::Shared" type="transmutable" />
- <filesystem path="/opt/etc/dpm/policy/PolicyManifest.xml" label="System" />
+ <filesystem path="/opt/etc/dpm/policy" label="System::Shared" type="transmutable" />
</assign>
</manifest>
SET(POLICY ${POLICY}
password.cpp
+ krate.cpp
dpm/password.cpp
+ dpm/zone.cpp
)
SET(CAPI ${CAPI}
dpm/password.h
+ dpm/zone.h
)
*/
#include "zone.h"
-#include "zone.hxx"
+#include "krate.hxx"
#include "array.h"
#include "debug.h"
RET_ON_FAILURE(pkgname, DPM_ERROR_INVALID_PARAMETER);
DevicePolicyContext &client = GetDevicePolicyContext(handle);
- ZonePolicy zone = client.createPolicyInterface<ZonePolicy>();
- return zone.createZone(name, pkgname);
+ KratePolicy krate = client.createPolicyInterface<KratePolicy>();
+ return krate.createKrate(name, pkgname);
}
EXPORT_API int dpm_zone_destroy(device_policy_manager_h handle, const char* name)
RET_ON_FAILURE(name, DPM_ERROR_INVALID_PARAMETER);
DevicePolicyContext &client = GetDevicePolicyContext(handle);
- ZonePolicy zone = client.createPolicyInterface<ZonePolicy>();
- return zone.removeZone(name);
+ KratePolicy krate = client.createPolicyInterface<KratePolicy>();
+ return krate.removeKrate(name);
}
EXPORT_API int dpm_zone_get_state(device_policy_manager_h handle, const char* name, dpm_zone_state_e *state)
RET_ON_FAILURE(state, DPM_ERROR_INVALID_PARAMETER);
DevicePolicyContext &client = GetDevicePolicyContext(handle);
- ZonePolicy zone = client.createPolicyInterface<ZonePolicy>();
+ KratePolicy krate = client.createPolicyInterface<KratePolicy>();
- int result = zone.getZoneState(name);
+ int result = krate.getKrateState(name);
if (result == 0) {
return DPM_ERROR_NO_DATA;
}
RET_ON_FAILURE(mask, DPM_ERROR_INVALID_PARAMETER);
DevicePolicyContext &client = GetDevicePolicyContext(handle);
- ZonePolicy zone = client.createPolicyInterface<ZonePolicy>();
- std::vector<std::string> list = zone.getZoneList(state);
+ KratePolicy krate = client.createPolicyInterface<KratePolicy>();
+ std::vector<std::string> list = krate.getKrateList(state);
for (const std::string& name : list) {
if (!callback(name.c_str(), user_data))
break;
SET(POLICY ${POLICY}
password.cpp
+ krate.cpp
dpm/password.cpp
+ dpm/zone.cpp
)
SET(CAPI ${CAPI}
dpm/password.h
+ dpm/zone.h
)
* See the License for the specific language governing permissions and
* limitations under the License
*/
-#include "zone.hxx"
+#include "krate.hxx"
namespace DevicePolicyManager {
-ZonePolicy::ZonePolicy(PolicyControlContext& ctx) :
+KratePolicy::KratePolicy(PolicyControlContext& ctx) :
context(ctx)
{
}
-ZonePolicy::~ZonePolicy()
+KratePolicy::~KratePolicy()
{
}
-int ZonePolicy::createZone(const std::string& name, const std::string& setupWizAppid)
+int KratePolicy::createKrate(const std::string& name, const std::string& setupWizAppid)
{
try {
- return context->methodCall<int>("ZonePolicy::createZone", name, setupWizAppid);
+ return context->methodCall<int>("KratePolicy::createKrate", name, setupWizAppid);
} catch (runtime::Exception& e) {
return -1;
}
}
-int ZonePolicy::removeZone(const std::string& name)
+int KratePolicy::removeKrate(const std::string& name)
{
try {
- return context->methodCall<int>("ZonePolicy::removeZone", name);
+ return context->methodCall<int>("KratePolicy::removeKrate", name);
} catch (runtime::Exception& e) {
return -1;
}
}
-int ZonePolicy::lockZone(const std::string& name)
+int KratePolicy::getKrateState(const std::string& name)
{
try {
- return context->methodCall<int>("ZonePolicy::lockZone", name);
+ return context->methodCall<int>("KratePolicy::getKrateState", name);
} catch (runtime::Exception& e) {
return -1;
}
}
-int ZonePolicy::unlockZone(const std::string& name)
-{
- try {
- return context->methodCall<int>("ZonePolicy::unlockZone", name);
- } catch (runtime::Exception& e) {
- return -1;
- }
-}
-
-int ZonePolicy::getZoneState(const std::string& name)
-{
- try {
- return context->methodCall<int>("ZonePolicy::getZoneState", name);
- } catch (runtime::Exception& e) {
- return -1;
- }
-}
-
-std::vector<std::string> ZonePolicy::getZoneList(int state)
+std::vector<std::string> KratePolicy::getKrateList(int state)
{
std::vector<std::string> empty;
try {
- return context->methodCall<std::vector<std::string>>("ZonePolicy::getZoneList", state);
+ return context->methodCall<std::vector<std::string>>("KratePolicy::getKrateList", state);
} catch (runtime::Exception& e) {
return empty;
}
BuildRequires: pkgconfig(capi-system-system-settings)
BuildRequires: pkgconfig(notification)
BuildRequires: pkgconfig(key-manager)
-BuildRequires: pkgconfig(libgum)
-BuildRequires: pkgconfig(cynara-client)
-BuildRequires: pkgconfig(cynara-session)
+BuildRequires: pkgconfig(cynara-client)
+BuildRequires: pkgconfig(cynara-session)
%if "%{profile}" != "tv"
BuildRequires: pkgconfig(capi-location-manager)
BuildRequires: pkgconfig(auth-fw-admin)
+%if "%{profile}" != "wearable"
+BuildRequires: pkgconfig(krate)
%endif
+%endif
+
%description
The device-policy-manager package provides a daemon which is responsible for
%attr(755,root,root) %{_bindir}/device-policy-manager
%attr(700,root,root) %{_bindir}/factory-reset
%attr(700,root,root) %{_bindir}/dpm-admin-cli
-%dir %{TZ_SYS_DATA}/dpm
-%dir %{TZ_SYS_ETC}/dpm/policy
-%{TZ_SYS_ETC}/dpm/policy/PolicyManifest.xml
+%attr(711,security_fw,security_fw) %dir %{TZ_SYS_DATA}/dpm
+%attr(711,security_fw,security_fw) %dir %{TZ_SYS_ETC}/dpm/policy
+%attr(644,security_fw,security_fw) %{TZ_SYS_ETC}/dpm/policy/PolicyManifest.xml
%{_unitdir}/device-policy-manager.service
%{_unitdir}/multi-user.target.wants/device-policy-manager.service
%{TZ_SYS_RO_APP}/org.tizen.dpm-syspopup/res/locale/*
%{TZ_SYS_RO_PACKAGES}/org.tizen.dpm-syspopup.xml
/usr/share/icons/default/small/org.tizen.dpm-syspopup.png
-
-## Begin of mobile feature ###################################################
-%if "%{profile}" == "mobile"
-
-## Zone Client Package ########################################################
-%package -n libzone
-Summary: Tizen Zone Client library
-Group: Development/Libraries
-BuildRequires: pkgconfig(capi-appfw-application)
-BuildRequires: pkgconfig(capi-appfw-app-manager)
-BuildRequires: pkgconfig(capi-appfw-package-manager)
-BuildRequires: pkgconfig(libtzplatform-config)
-Requires: %{name} = %{version}-%{release}
-Requires(post): /sbin/ldconfig
-Requires(postun): /sbin/ldconfig
-
-%description -n libzone
-The libzone package contains the libraries needed to control inside of the zone.
-
-%post -n libzone -p /sbin/ldconfig
-
-%postun -n libzone -p /sbin/ldconfig
-
-%files -n libzone
-%manifest device-policy-manager.manifest
-%defattr(644,root,root,755)
-%attr(755,root,root) %{_libdir}/libzone.so.%{version}
-%{_libdir}/libzone.so.0
-
-## Devel Package ##############################################################
-%package -n libzone-devel
-Summary: Libraries and header files for zone client development
-Group: Development/Libraries
-Requires: libzone = %{version}-%{release}
-
-%description -n libzone-devel
-The libzone-devel package includes the libraries and header files necessary for
-developing the zone client program.
-
-%files -n libzone-devel
-%manifest device-policy-manager.manifest
-%defattr(644,root,root,755)
-%{_libdir}/libzone.so
-%{_includedir}/zone
-%{_libdir}/pkgconfig/zone.pc
-
-## PAM Plugin Package ########################################################
-%package -n dpm-pam-zone
-Summary: PAM Plugin for zone policy in device policy manager
-Group: Development/Libraries
-Requires: systemd
-
-%description -n dpm-pam-zone
-PAM Plugin for zone policy in device policy manager and CLI tool
-
-%post -n dpm-pam-zone
-mv /etc/pam.d/systemd-user /etc/pam.d/systemd-user.keep
-cp /etc/pam.d/systemd-user-zone /etc/pam.d/systemd-user
-
-%postun -n dpm-pam-zone
-mv /etc/pam.d/systemd-user.keep /etc/pam.d/systemd-user
-
-%files -n dpm-pam-zone
-%manifest device-policy-manager.manifest
-%defattr(600,root,root,700)
-%attr(700,root,root) %{_libdir}/security/pam_*.so
-%attr(700,root,root) %{_sbindir}/zone-admin-cli
-%attr(700,root,root) %{_sbindir}/zone-volume-manager
-%attr(700,root,root) %dir %{TZ_SYS_ETC}/dpm/zone
-%attr(700,root,root) /etc/gumd/useradd.d/20_pam-zone-add.post
-%attr(700,root,root) /etc/gumd/userdel.d/20_pam-zone-remove.post
-%attr(600,root,root) %config %{TZ_SYS_ETC}/dpm/zone/owner.xml
-%attr(644,root,root) %{TZ_SYS_DATA}/dpm/zone_indicator_icon.png
-%attr(644,root,root) %{TZ_SYS_DATA}/dpm/zone_noti_list_sub_icon.png
-%config /etc/pam.d/*
-
-%endif
-# End of mobile feature
* limitations under the License
*/
-#ifndef __ZONE_POLICY__
-#define __ZONE_POLICY__
+#ifndef __KRATE_POLICY__
+#define __KRATE_POLICY__
#include "policy-context.hxx"
namespace DevicePolicyManager {
-class ZonePolicy {
+class KratePolicy {
public:
enum State {
Locked = 0x01,
Running = 0x02,
};
- ZonePolicy(PolicyControlContext& ctxt);
- ~ZonePolicy();
+ KratePolicy(PolicyControlContext& ctxt);
+ ~KratePolicy();
- int createZone(const std::string& name, const std::string& setupWizardAppid);
- int removeZone(const std::string& name);
- int lockZone(const std::string& name);
- int unlockZone(const std::string& name);
+ int createKrate(const std::string& name, const std::string& setupWizardAppid);
+ int removeKrate(const std::string& name);
- int getZoneState(const std::string& name);
+ int getKrateState(const std::string& name);
- std::vector<std::string> getZoneList(int state);
+ std::vector<std::string> getKrateList(int state);
private:
PolicyControlContext& context;
};
} // namespace DevicePolicyManager
-#endif // __ZONE_POLICY__
+#endif // __KRATE_POLICY__
+++ /dev/null
-/*
- * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License
- */
-
-#ifndef __ZONE_APP_PROXY__
-#define __ZONE_APP_PROXY__
-
-#include "policy-context.hxx"
-
-namespace DevicePolicyManager {
-
-/**
- * This class provides APIs to create/remove and manage names.
- */
-
-class ZoneAppProxy {
-public:
- ZoneAppProxy(PolicyControlContext& ctxt);
- ~ZoneAppProxy();
-
- //application information
- struct AppInfo {
- std::string zone;
- std::string id;
- std::string locale;
- std::string package;
- std::string type;
- std::string icon;
- std::string label;
- int componentType;
- bool isNoDisplayed;
- bool isTaskManaged;
-
- REFLECTABLE
- (
- zone, id, locale, package, type, icon, label,
- componentType, isNoDisplayed, isTaskManaged
- );
- };
-
- AppInfo getAppInfo(const std::string& name, const std::string& appid);
-
- int createIterator(const std::string& name);
- AppInfo getIteratorValue(int iterator);
- bool nextIterator(int iterator);
- int destroyIterator(int iterator);
-
- //application bundle
- struct Bundle {
- std::string operation;
- std::string uri;
- std::string mime;
- std::string category;
- std::string appId;
- struct Extra {
- std::string key;
- std::vector<std::string> value;
- REFLECTABLE(key, value);
- };
- std::vector<Extra> extraData;
-
- REFLECTABLE
- (
- operation, uri, mime, category, appId, extraData
- );
- };
-
- int launch(const std::string& name, const Bundle& bundle);
- int resume(const std::string& name, const std::string& appid);
- int terminate(const std::string& name, const std::string& appid);
- bool isRunning(const std::string& name, const std::string& appid);
-
-private:
- PolicyControlContext& context;
-};
-
-} // namespace DevicePolicyManager
-#endif // __ZONE_APP_PROXY__
+++ /dev/null
-/*
- * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License
- */
-
-#ifndef __ZONE_PACKAGE_PROXY__
-#define __ZONE_PACKAGE_PROXY__
-
-#include "policy-context.hxx"
-
-namespace DevicePolicyManager {
-
-/**
- * This class provides APIs to control packages in the zones.
- */
-
-class ZonePackageProxy {
-public:
- ZonePackageProxy(PolicyControlContext& ctxt);
- ~ZonePackageProxy();
-
- //package information
- struct PackageInfo {
- std::string zone;
- std::string id;
- std::string locale;
- std::string type;
- std::string icon;
- std::string label;
- std::string description;
- struct {
- std::string name;
- std::string email;
- std::string href;
- REFLECTABLE(name, email, href);
- } author;
- std::string version;
- std::string apiVersion;
- std::string mainAppId;
- bool isSystem;
- bool isRemovable;
- bool isPreload;
-
- REFLECTABLE
- (
- zone, id, locale, type, icon, label, description, author,
- version, apiVersion, mainAppId, isSystem, isRemovable, isPreload
- );
- };
-
- PackageInfo getPackageInfo(const std::string& name, const std::string& pkgid);
- std::vector<std::string> getPackageList(const std::string& name);
-
- //package manager request
- int install(const std::string& name, const std::string& pkgpath);
- int uninstall(const std::string& name, const std::string& pkgid);
-
-private:
- PolicyControlContext& context;
-};
-
-} // namespace DevicePolicyManager
-#endif // __ZONE_PACKAGE_PROXY__
+++ /dev/null
-/*
- * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License
- */
-
-#ifndef __ZONE_MANAGER__
-#define __ZONE_MANAGER__
-
-#include "policy-context.hxx"
-
-namespace DevicePolicyManager {
-
-class ZoneManager {
-public:
- enum State {
- Locked = 0x01,
- Running = 0x02,
- };
-
- ZoneManager(PolicyControlContext& ctxt);
- ~ZoneManager();
-
- int createZone(const std::string& name, const std::string& manifest);
- int removeZone(const std::string& name);
- int lockZone(const std::string& name);
- int unlockZone(const std::string& name);
-
- int getZoneState(const std::string& name);
-
- std::vector<std::string> getZoneList(int state);
-
- int resetZonePassword(const std::string& name, const std::string& newPassword);
-
-private:
- PolicyControlContext& context;
-};
-
-} // namespace DevicePolicyManager
-#endif // __ZONE_MANAGER__
wifi.cpp
)
-SET(DEPENDENCY glib-2.0
+SET(DEPENDENCY klay
+ glib-2.0
gio-2.0
- klay
libxml-2.0
sqlite3
bundle
capi-network-connection
capi-network-bluetooth
notification
- libgum
cynara-client
cynara-session
)
INSTALL(TARGETS ${TARGET} DESTINATION bin)
INSTALL(FILES systemd/device-policy-manager.service DESTINATION ${SYSTEMD_UNIT_INSTALL_DIR})
INSTALL(FILES data/PolicyManifest.xml DESTINATION ${CONF_INSTALL_DIR}/policy)
+INSTALL(DIRECTORY DESTINATION ${DATA_INSTALL_DIR})
bluetooth.cpp
location.cpp
password.cpp
+ krate.cpp
)
SET(DEPENDENCY ${DEPENDENCY}
capi-network-bluetooth
auth-fw-admin
bluetooth-api
+ krate
)
bluetooth.cpp
location.cpp
password.cpp
+ krate.cpp
)
SET(DEPENDENCY ${DEPENDENCY}
capi-network-bluetooth
auth-fw-admin
bluetooth-api
+ krate
)
#include <tzplatform_config.h>
#include <klay/auth/user.h>
#include <klay/audit/logger.h>
+#include <krate/krate.h>
-#include "zone.hxx"
-#include "zone/zone.hxx"
+#include "krate.hxx"
#include "launchpad.h"
#include "privilege.h"
namespace {
-namespace {
-std::regex zoneNamePattern(NAME_PATTERN);
-}
+krate_manager_h krate_manager;
+std::regex krateNamePattern(NAME_PATTERN);
bool isAllowedName(const std::string& name) {
- if (!std::regex_match(name, zoneNamePattern)) {
+ if (!std::regex_match(name, krateNamePattern)) {
return false;
}
return !exists;
}
+bool foreach_krate_cb(const char* name, void* user_data) {
+ auto pList = (std::vector<std::string>*)user_data;
+ pList->push_back(name);
+ return true;
+}
+
}
-ZonePolicy::ZonePolicy(PolicyControlContext& ctx) :
+KratePolicy::KratePolicy(PolicyControlContext& ctx) :
context(ctx)
{
- context.registerParametricMethod(this, DPM_PRIVILEGE_ZONE, (int)(ZonePolicy::createZone)(std::string, std::string));
- context.registerParametricMethod(this, DPM_PRIVILEGE_ZONE, (int)(ZonePolicy::removeZone)(std::string));
- context.registerParametricMethod(this, DPM_PRIVILEGE_ZONE, (int)(ZonePolicy::lockZone)(std::string));
- context.registerParametricMethod(this, DPM_PRIVILEGE_ZONE, (int)(ZonePolicy::unlockZone)(std::string));
- context.registerParametricMethod(this, "", (int)(ZonePolicy::getZoneState)(std::string));
- context.registerParametricMethod(this, "", (std::vector<std::string>)(ZonePolicy::getZoneList)(int));
-
- context.createNotification("ZonePolicy::created");
- context.createNotification("ZonePolicy::removed");
+ context.registerParametricMethod(this, DPM_PRIVILEGE_ZONE, (int)(KratePolicy::createKrate)(std::string, std::string));
+ context.registerParametricMethod(this, DPM_PRIVILEGE_ZONE, (int)(KratePolicy::removeKrate)(std::string));
+ context.registerParametricMethod(this, "", (int)(KratePolicy::getKrateState)(std::string));
+ context.registerParametricMethod(this, "", (std::vector<std::string>)(KratePolicy::getKrateList)(int));
+
+ context.createNotification("KratePolicy::created");
+ context.createNotification("KratePolicy::removed");
+
+ krate_manager_create(&krate_manager);
}
-ZonePolicy::~ZonePolicy()
+KratePolicy::~KratePolicy()
{
+ krate_manager_destroy(krate_manager);
}
-int ZonePolicy::createZone(const std::string& name, const std::string& setupWizAppid)
+int KratePolicy::createKrate(const std::string& name, const std::string& setupWizAppid)
{
- if (!std::regex_match(name, zoneNamePattern)) {
+ if (!std::regex_match(name, krateNamePattern)) {
return -1;
}
try {
std::vector<std::string> data = {"app-id", "org.tizen.krate-setup-wizard",
"mode", "create",
- "zone", name};
+ "krate", name};
Bundle bundle;
- bundle.add("id", "zone-create");
+ bundle.add("id", "krate-create");
bundle.add("user-data", data);
Launchpad launchpad(context.getPeerUid());
return 0;
}
-int ZonePolicy::removeZone(const std::string& name)
+int KratePolicy::removeKrate(const std::string& name)
{
- if (getZoneState(name) == 0) {
+ if (getKrateState(name) == 0) {
return -1;
}
try {
std::vector<std::string> data = {"app-id", "org.tizen.krate-setup-wizard",
"mode", "remove",
- "zone", name};
+ "krate", name};
Bundle bundle;
- bundle.add("id", "zone-remove");
+ bundle.add("id", "krate-remove");
bundle.add("user-data", data);
Launchpad launchpad(context.getPeerUid());
return 0;
}
-/* [TBD] remove dependency with zoneManager like this */
-extern ZoneManager* zoneManager;
-
-int ZonePolicy::lockZone(const std::string& name)
-{
- return zoneManager->lockZone(name);
-}
-
-int ZonePolicy::unlockZone(const std::string& name)
-{
- return zoneManager->unlockZone(name);
-}
-
-int ZonePolicy::getZoneState(const std::string& name)
+int KratePolicy::getKrateState(const std::string& name)
{
- return zoneManager->getZoneState(name);
+ krate_state_e state = (krate_state_e)0;
+ krate_manager_get_krate_state(krate_manager, name.c_str(), &state);
+ return (int)state;
}
-std::vector<std::string> ZonePolicy::getZoneList(int state)
+std::vector<std::string> KratePolicy::getKrateList(int state)
{
- return zoneManager->getZoneList(state);
+ std::vector<std::string> list;
+ krate_manager_foreach_name(krate_manager, (krate_state_e)state, foreach_krate_cb, &list);
+ return list;
}
-DEFINE_POLICY(ZonePolicy);
+DEFINE_POLICY(KratePolicy);
} // namespace DevicePolicyManager
bluetooth.cpp
location.cpp
password.cpp
- zone.cpp
- zone/zone.cpp
- zone/app-proxy.cpp
- zone/package-proxy.cpp
+ krate.cpp
)
SET(DEPENDENCY ${DEPENDENCY}
capi-network-bluetooth
auth-fw-admin
bluetooth-api
+ krate
)
[Service]
Type=simple
+User=security_fw
+Group=security_fw
SmackProcessLabel=System
ExecStart=${CMAKE_INSTALL_PREFIX}/bin/device-policy-manager
Restart=on-failure
+++ /dev/null
-/*
- * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License
- */
-
-#include <sys/stat.h>
-#include <sys/types.h>
-
-#include <unordered_map>
-
-#include <system_settings.h>
-#include <klay/auth/user.h>
-#include <klay/audit/logger.h>
-
-#include "packman.h"
-#include "launchpad.h"
-#include "policy-builder.h"
-
-#include "zone/app-proxy.hxx"
-
-namespace DevicePolicyManager {
-
-namespace {
-
-struct IteratorData {
- std::string zone;
- std::vector<ApplicationInfo> list;
- unsigned int current;
-};
-
-std::unordered_map<int, IteratorData> iteratorMap;
-int newIteratorId = 0;
-
-} // namespace
-
-ZoneAppProxy::ZoneAppProxy(PolicyControlContext& ctx) :
- context(ctx)
-{
- context.registerParametricMethod(this, "", (ZoneAppProxy::AppInfo)(ZoneAppProxy::getAppInfo)(std::string, std::string));
-
- context.registerParametricMethod(this, "", (int)(ZoneAppProxy::createIterator)(std::string));
- context.registerParametricMethod(this, "", (ZoneAppProxy::AppInfo)(ZoneAppProxy::getIteratorValue)(int));
- context.registerParametricMethod(this, "", (bool)(ZoneAppProxy::nextIterator)(int));
- context.registerParametricMethod(this, "", (int)(ZoneAppProxy::destroyIterator)(int));
-
- context.registerParametricMethod(this, "", (int)(ZoneAppProxy::launch)(std::string, ZoneAppProxy::Bundle));
- context.registerParametricMethod(this, "", (int)(ZoneAppProxy::resume)(std::string, std::string));
- context.registerParametricMethod(this, "", (int)(ZoneAppProxy::terminate)(std::string, std::string));
- context.registerParametricMethod(this, "", (int)(ZoneAppProxy::isRunning)(std::string, std::string));
-}
-
-ZoneAppProxy::~ZoneAppProxy()
-{
-}
-
-ZoneAppProxy::AppInfo ZoneAppProxy::getAppInfo(const std::string& name, const std::string& appid)
-{
- AppInfo appInfo;
-
- try {
- runtime::User user(name);
- ApplicationInfo appinfo(appid, user.getUid());
- char* locale;
-
- system_settings_get_value_string(SYSTEM_SETTINGS_KEY_LOCALE_LANGUAGE, &locale);
- if (locale == NULL) {
- appInfo.locale = "No locale";
- } else {
- appInfo.locale = locale;
- free(locale);
- }
-
- appInfo.zone = name;
- appInfo.id = appid;
- appInfo.package = appinfo.getPackage();
- appInfo.type = appinfo.getType();
- appInfo.icon = appinfo.getIcon();
- appInfo.label = appinfo.getLabel();
- appInfo.componentType = appinfo.getComponentType();
- appInfo.isNoDisplayed = appinfo.isNoDisplayed();
- appInfo.isTaskManaged = appinfo.isTaskManaged();
- } catch (runtime::Exception& e) {
- ERROR("Failed to retrieve application info installed in the zone: " + appid);
- }
-
- return appInfo;
-}
-
-int ZoneAppProxy::createIterator(const std::string& name)
-{
- int iteratorId = -1;
- try {
- PackageManager& packman = PackageManager::instance();
- runtime::User user(name);
- IteratorData data;
-
- iteratorId = newIteratorId;
-
- data.zone = name;
- data.list = packman.getAppList(user.getUid());
- data.current = 0;
-
- iteratorMap.insert(std::make_pair(iteratorId, data));
-
- if (++newIteratorId < 0) {
- newIteratorId = 0;
- }
- } catch (runtime::Exception& e) {
- ERROR("Failed to retrieve package info installed in the zone");
- }
- return iteratorId;
-}
-
-ZoneAppProxy::AppInfo ZoneAppProxy::getIteratorValue(int iterator)
-{
- AppInfo appInfo;
-
- auto it = iteratorMap.find(iterator);
- if (it == iteratorMap.end()) {
- return appInfo;
- }
- if (it->second.current >= it->second.list.size()) {
- return appInfo;
- }
-
- const ApplicationInfo& appinfo = it->second.list.at(it->second.current);
- char* locale;
-
- system_settings_get_value_string(SYSTEM_SETTINGS_KEY_LOCALE_LANGUAGE, &locale);
- if (locale == NULL) {
- appInfo.locale = "No locale";
- } else {
- appInfo.locale = locale;
- free(locale);
- }
-
- appInfo.zone = it->second.zone;
- appInfo.id = appinfo.getId();
- appInfo.package = appinfo.getPackage();
- appInfo.type = appinfo.getType();
- appInfo.icon = appinfo.getIcon();
- appInfo.label = appinfo.getLabel();
- appInfo.componentType = appinfo.getComponentType();
- appInfo.isNoDisplayed = appinfo.isNoDisplayed();
- appInfo.isTaskManaged = appinfo.isTaskManaged();
-
- return appInfo;
-}
-
-bool ZoneAppProxy::nextIterator(int iterator)
-{
- auto it = iteratorMap.find(iterator);
- if (it != iteratorMap.end()) {
- if (++it->second.current < it->second.list.size()) {
- return true;
- }
- }
- return false;
-}
-
-int ZoneAppProxy::destroyIterator(int iterator)
-{
- auto it = iteratorMap.find(iterator);
- if (it != iteratorMap.end()) {
- iteratorMap.erase(it);
- return 0;
- }
- return -1;
-}
-
-int ZoneAppProxy::launch(const std::string& name, const ZoneAppProxy::Bundle& bundle)
-{
- try {
- runtime::User user(name);
- ::Bundle b;
-
- if (!bundle.operation.empty()) {
- b.add("__APP_SVC_OP_TYPE__", bundle.operation);
- }
- if (!bundle.uri.empty()) {
- b.add("__APP_SVC_URI__", bundle.uri);
- }
- if (!bundle.mime.empty()) {
- b.add("__APP_SVC_MIME__", bundle.mime);
- }
- if (!bundle.category.empty()) {
- b.add("__APP_SVC_CATEGORY__", bundle.category);
- }
-
- for (Bundle::Extra extra : bundle.extraData) {
- if (extra.value.size() > 1) {
- b.add(extra.key, extra.value);
- } else if (extra.value.size() == 1) {
- b.add(extra.key, extra.value.at(0));
- }
- }
-
- Launchpad launchpad(user.getUid());
- launchpad.launch(bundle.appId, b);
- } catch (runtime::Exception& e) {
- ERROR("Failed to launch app in the zone");
- return -1;
- }
- return 0;
-}
-
-int ZoneAppProxy::resume(const std::string& name, const std::string& appid)
-{
- try {
- runtime::User user(name);
- Launchpad launchpad(user.getUid());
- launchpad.resume(appid);
- } catch (runtime::Exception& e) {
- ERROR("Failed to terminate app in the zone");
- return -1;
- }
- return 0;
-}
-
-int ZoneAppProxy::terminate(const std::string& name, const std::string& appid)
-{
- try {
- runtime::User user(name);
- Launchpad launchpad(user.getUid());
- launchpad.terminate(appid);
- } catch (runtime::Exception& e) {
- ERROR("Failed to terminate app in the zone");
- return -1;
- }
- return 0;
-}
-
-bool ZoneAppProxy::isRunning(const std::string& name, const std::string& appid)
-{
- try {
- runtime::User user(name);
- Launchpad launchpad(user.getUid());
- return launchpad.isRunning(appid);
- } catch (runtime::Exception& e) {
- ERROR("Failed to get app running state in the zone");
- }
- return false;
-}
-
-DEFINE_POLICY(ZoneAppProxy);
-
-} // namespace DevicePolicyManager
+++ /dev/null
-/*
- * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License
- */
-#include <sys/stat.h>
-#include <sys/types.h>
-
-#include <system_settings.h>
-#include <klay/auth/user.h>
-#include <klay/audit/logger.h>
-
-#include "packman.h"
-#include "policy-builder.h"
-
-#include "zone/package-proxy.hxx"
-
-namespace DevicePolicyManager {
-
-ZonePackageProxy::ZonePackageProxy(PolicyControlContext& ctx) :
- context(ctx)
-{
- context.registerParametricMethod(this, "", (ZonePackageProxy::PackageInfo)(ZonePackageProxy::getPackageInfo)(std::string, std::string));
- context.registerParametricMethod(this, "", (std::vector<std::string>)(ZonePackageProxy::getPackageList)(std::string));
-
- context.registerParametricMethod(this, "", (int)(ZonePackageProxy::install)(std::string, std::string));
- context.registerParametricMethod(this, "", (int)(ZonePackageProxy::uninstall)(std::string, std::string));
-}
-
-ZonePackageProxy::~ZonePackageProxy()
-{
-}
-
-ZonePackageProxy::PackageInfo ZonePackageProxy::getPackageInfo(const std::string& name, const std::string& pkgid)
-{
- ZonePackageProxy::PackageInfo package;
- char* locale = NULL;
-
- system_settings_get_value_string(SYSTEM_SETTINGS_KEY_LOCALE_LANGUAGE, &locale);
- if (locale == NULL) {
- locale = strdup("No locale");
- }
-
- package.zone = name;
- package.id = pkgid;
- package.locale = locale;
-
- free(locale);
-
- try {
- runtime::User user(name);
- ::PackageInfo pkginfo(pkgid, user.getUid());
-
- package.type = pkginfo.getType();
- package.icon = pkginfo.getIcon();
- package.label = pkginfo.getLabel();
- package.description = pkginfo.getDescription();
-
- package.author.name = pkginfo.getAuthorName();
- package.author.email = pkginfo.getAuthorEmail();
- package.author.href = pkginfo.getAuthorHref();
-
- package.version = pkginfo.getVersion();
- package.apiVersion = pkginfo.getApiVersion();
- package.mainAppId = pkginfo.getMainAppId();
-
- package.isSystem = pkginfo.isSystem();
- package.isRemovable = pkginfo.isRemovable();
- package.isPreload = pkginfo.isPreload();
- } catch (runtime::Exception& e) {
- ERROR("Failed to retrieve package info installed in the zone");
- }
-
- return package;
-}
-
-std::vector<std::string> ZonePackageProxy::getPackageList(const std::string& name)
-{
- try {
- runtime::User user(name);
- PackageManager& packman = PackageManager::instance();
- return packman.getPackageList(user.getUid());
- } catch (runtime::Exception& e) {
- ERROR("Failed to retrieve package info installed in the zone");
- }
- return std::vector<std::string>();
-}
-
-
-int ZonePackageProxy::install(const std::string& name, const std::string& pkgpath)
-{
- try {
- runtime::User user(name);
- PackageManager& packman = PackageManager::instance();
- packman.installPackage(pkgpath, user.getUid());
- } catch (runtime::Exception& e) {
- ERROR("Failed to install package in the zone");
- return -1;
- }
-
- return 0;
-}
-
-int ZonePackageProxy::uninstall(const std::string& name, const std::string& pkgid)
-{
- try {
- runtime::User user(name);
- PackageManager& packman = PackageManager::instance();
- packman.uninstallPackage(pkgid, user.getUid());
- } catch (runtime::Exception& e) {
- ERROR("Failed to uninstall package of pkgid in the zone");
- return -1;
- }
- return 0;
-}
-
-DEFINE_POLICY(ZonePackageProxy);
-
-} // namespace DevicePolicyManager
+++ /dev/null
-/*
- * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License
- */
-
-#include <sys/stat.h>
-#include <sys/types.h>
-#include <sys/mount.h>
-
-#include <algorithm>
-
-#include <notification.h>
-#include <notification_internal.h>
-#include <tzplatform_config.h>
-#include <auth-passwd-admin.h>
-#include <gum/gum-user.h>
-#include <gum/common/gum-user-types.h>
-#include <klay/error.h>
-#include <klay/process.h>
-#include <klay/filesystem.h>
-#include <klay/auth/user.h>
-#include <klay/xml/parser.h>
-#include <klay/xml/document.h>
-#include <klay/dbus/connection.h>
-#include <klay/audit/logger.h>
-
-#include "packman.h"
-#include "launchpad.h"
-#include "policy-builder.h"
-
-#include "zone/zone.hxx"
-
-#define ZONE_DELEGATOR_APP "org.tizen.keyguard"
-#define NOTIFICATION_SUB_ICON_PATH DATA_PATH "/zone_noti_list_sub_icon.png"
-
-namespace DevicePolicyManager {
-
-namespace {
-
-const std::vector<std::string> defaultGroups = {
- "audio",
- "video",
- "display",
- "log"
-};
-
-const std::vector<std::string> unitsToMask = {
- "starter.service",
- "scim.service"
-};
-
-const std::string ZONE_MANIFEST_DIR = CONF_PATH "/zone/";
-const std::string ZONE_SKEL_PATH = "/etc/skel";
-const std::string ZONE_CREATE_HOOK_PATH = "/etc/gumd/useradd.d";
-const std::string ZONE_REMOVE_HOOK_PATH = "/etc/gumd/userdel.d";
-
-const std::string ZONE_DEFAULT_OWNER = "owner";
-
-const std::string ZONE_GROUP = "users";
-
-std::list<std::string> createdZoneList;
-static std::atomic<bool> isZoneForeground(false);
-
-std::unordered_map<int, notification_h> notiHandleMap;
-
-inline void maskUserServices(const runtime::User& user)
-{
- ::tzplatform_set_user(user.getUid());
- std::string pivot(::tzplatform_getenv(TZ_USER_HOME));
- ::tzplatform_reset_user();
-
- runtime::File unitbase(pivot + "/.config/systemd/user");
- unitbase.makeDirectory(true);
- unitbase.chmod(S_IRUSR | S_IWUSR | S_IXUSR | S_IRGRP | S_IXGRP | S_IROTH | S_IXOTH);
-
- for (const std::string& unit : unitsToMask) {
- std::string target = unitbase.getPath() + "/" + unit;
- if (::symlink("/dev/null", target.c_str()) == -1) {
- throw runtime::Exception(runtime::GetSystemErrorMessage());
- }
- }
-}
-
-inline void setZoneState(uid_t id, int state)
-{
- dbus::Connection& systemDBus = dbus::Connection::getSystem();
- systemDBus.methodcall("org.freedesktop.login1",
- "/org/freedesktop/login1",
- "org.freedesktop.login1.Manager",
- "SetUserLinger",
- -1, "", "(ubb)", id, state, 1);
-}
-
-inline const std::string convertPathForOwner(const std::string& path, const runtime::User& user, const runtime::User& owner)
-{
- ::tzplatform_set_user(owner.getUid());
- std::string ownerHome(::tzplatform_getenv(TZ_USER_HOME));
- ::tzplatform_reset_user();
- ownerHome += "/.zone";
-
- ::tzplatform_set_user(user.getUid());
- std::string userHome(::tzplatform_getenv(TZ_USER_HOME));
- ::tzplatform_reset_user();
-
- std::string userHomeForOwner(ownerHome + "/" + user.getName());
-
- std::string convertedPath(path);
-
- if (convertedPath.compare(0, userHome.size(), userHome) == 0) {
- convertedPath.replace(0, userHome.size(), userHomeForOwner);
- }
-
- return convertedPath;
-}
-
-inline void prepareFileForOwner(const std::string path, const runtime::User& pkgUser, const runtime::User& owner)
-{
- std::string pathLink = convertPathForOwner(path, pkgUser, owner);
-
- if (path != pathLink) {
- runtime::File linkFile(pathLink);
- linkFile.makeBaseDirectory(pkgUser.getUid(), pkgUser.getGid());
- if (linkFile.exists()) {
- linkFile.remove();
- }
-
- int ret = ::link(path.c_str(), pathLink.c_str());
- if (ret != 0) {
- //TODO: copy the icon instead of linking
- throw runtime::Exception("Failed to link from " + path +
- " to " + pathLink);
- }
- }
-}
-
-int packageEventHandler(uid_t target_uid, int req_id,
- const char *pkg_type, const char *pkgid,
- const char *key, const char *val,
- const void *pmsg, void *data)
-{
- static std::string type;
- std::string keystr = key;
-
- if (target_uid == tzplatform_getuid(TZ_SYS_GLOBALAPP_USER)) {
- return 0;
- }
-
- std::transform(keystr.begin(), keystr.end(), keystr.begin(), ::tolower);
- if (keystr == "start") {
- type = val;
- std::transform(type.begin(), type.end(), type.begin(), ::tolower);
- return 0;
- } else if (keystr != "end" && keystr != "ok") {
- return 0;
- }
-
- try {
- runtime::User owner(ZONE_DEFAULT_OWNER), pkgUser(target_uid);
-
- if (type == "install" || type == "update") {
- PackageInfo pkg(pkgid, pkgUser.getUid());
- std::string icon = pkg.getIcon();
- prepareFileForOwner(icon, pkgUser, owner);
-
- for (const ApplicationInfo& app : pkg.getAppList()) {
- std::string icon = app.getIcon();
- prepareFileForOwner(icon, pkgUser, owner);
- }
- } else {
- ::tzplatform_set_user(pkgUser.getUid());
- std::string pkgPath(::tzplatform_getenv(TZ_USER_APP));
- pkgPath = pkgPath + "/" + pkgid;
- ::tzplatform_reset_user();
-
- runtime::File pkgDirForOwner(convertPathForOwner(pkgPath, pkgUser, owner));
- pkgDirForOwner.remove(true);
- }
- } catch (runtime::Exception &e) {
- ERROR(e.what());
- }
-
- return 0;
-}
-
-void initializeCreatedZoneList() {
- try {
- runtime::DirectoryIterator iter(ZONE_MANIFEST_DIR), end;
-
- while (iter != end) {
- const std::string& file = iter->getName();
- const std::string& name(file.substr(0, file.rfind(".xml")));
- createdZoneList.push_back(name);
- ++iter;
- }
- } catch (runtime::Exception& e) {}
-}
-
-#define NT_TITLE NOTIFICATION_TEXT_TYPE_TITLE
-#define NT_CONTENT NOTIFICATION_TEXT_TYPE_CONTENT
-#define NT_ICON NOTIFICATION_IMAGE_TYPE_ICON
-#define NT_INDICATOR NOTIFICATION_IMAGE_TYPE_ICON_FOR_INDICATOR
-#define NT_NONE NOTIFICATION_VARIABLE_TYPE_NONE
-#define NT_EVENT NOTIFICATION_LY_ONGOING_PROGRESS
-#define NT_APP NOTIFICATION_DISPLAY_APP_INDICATOR
-
-#define NT_ICON_PATH DATA_PATH "/zone_indicator_icon.png"
-#define NT_TEXT "Container Mode"
-#define NT_APPINFO "Zone Application"
-
-#define NT_ERROR_NONE NOTIFICATION_ERROR_NONE
-
-void zoneProcessCallback(GDBusConnection *connection,
- const gchar *sender, const gchar *objectPath,
- const gchar *interface, const gchar *signalName,
- GVariant *params, gpointer userData)
-{
- static runtime::User owner(ZONE_DEFAULT_OWNER);
- int pid, status;
-
-// notification_h noti = reinterpret_cast<notification_h>(userData);
-
- g_variant_get(params, "(ii)", &status, &pid);
-
- if (status != 5) {
- return;
- }
-
- struct stat st;
- std::string proc("/proc/" + std::to_string(pid));
- if (::stat(proc.c_str(), &st) != 0) {
- return;
- }
-
- // this will have been commented until notification_delete_for_uid can work
- /*
- if (owner.getUid() != st.st_uid) {
- if (!isZoneForeground) {
- notification_set_text(noti, NT_CONTENT, NT_APPINFO, NULL, NT_NONE);
- notification_post_for_uid(noti, owner.getUid());
- isZoneForeground = true;
- }
- } else {
- if (isZoneForeground) {
- notification_delete_for_uid(noti, owner.getUid());
- isZoneForeground = false;
- }
- }*/
-}
-
-notification_h createNotification()
-{
- notification_h noti = notification_create(NOTIFICATION_TYPE_ONGOING);
- if (noti == NULL) {
- return NULL;
- }
-
- if (notification_set_text(noti, NT_TITLE, NT_TEXT, NULL, NT_NONE) != NT_ERROR_NONE) {
- notification_free(noti);
- return NULL;
- }
- if (notification_set_image(noti, NT_ICON, NT_ICON_PATH) != NT_ERROR_NONE) {
- notification_free(noti);
- return NULL;
- }
-
- if (notification_set_image(noti, NT_INDICATOR, NT_ICON_PATH) != NT_ERROR_NONE) {
- notification_free(noti);
- return NULL;
- }
-
- if (notification_set_layout(noti, NT_EVENT) != NT_ERROR_NONE) {
- notification_free(noti);
- return NULL;
- }
-
- if (notification_set_display_applist(noti, NT_APP) != NT_ERROR_NONE) {
- notification_free(noti);
- return NULL;
- }
-
- return noti;
-}
-
-void zoneProcessMonitor()
-{
- GError *error = NULL;
- GDBusConnection* connection;
- connection = g_bus_get_sync(G_BUS_TYPE_SYSTEM, NULL, &error);
- if (connection == NULL) {
- ERROR("GBus Connection failed");
- g_error_free(error);
- return;
- }
-
- notification_h noti = createNotification();
- if (noti == NULL) {
- ERROR("Failed to created notification");
- return;
- }
-
- g_dbus_connection_signal_subscribe(connection,
- NULL,
- "org.tizen.resourced.process",
- "ProcStatus",
- "/Org/Tizen/ResourceD/Process",
- NULL,
- G_DBUS_SIGNAL_FLAGS_NONE,
- zoneProcessCallback,
- reinterpret_cast<gpointer>(noti),
- NULL);
-}
-
-void notiProxyInsert(const runtime::User& owner, const runtime::User& user, int privId, notification_h noti)
-{
- std::string zoneLauncherUri;
- notification_h newNoti;
- app_control_h appControl;
- char* pkgId;
-
- notification_clone(noti, &newNoti);
-
- notification_get_pkgname(noti, &pkgId);
- PackageInfo pkg(pkgId, user.getUid());
- notification_set_image(newNoti, NOTIFICATION_IMAGE_TYPE_ICON, pkg.getIcon().c_str());
- notification_set_image(newNoti, NOTIFICATION_IMAGE_TYPE_ICON_SUB, NOTIFICATION_SUB_ICON_PATH);
-
- notification_get_launch_option(newNoti, NOTIFICATION_LAUNCH_OPTION_APP_CONTROL, (void *)&appControl);
- if (appControl != NULL) {
- char* appId = NULL, *uri = NULL;
-
- app_control_get_app_id(appControl, &appId);
- if (appId == NULL) {
- appId = strdup("");
- }
-
- zoneLauncherUri = "zone://enter/" + user.getName() + "/" + appId;
-
- app_control_get_uri(appControl, &uri);
- if (uri != NULL) {
- zoneLauncherUri += "?uri=";
- zoneLauncherUri += uri;
- free(uri);
- }
-
- free(appId);
- app_control_set_app_id(appControl, ZONE_DELEGATOR_APP);
- app_control_set_uri(appControl, zoneLauncherUri.c_str());
- notification_set_launch_option(newNoti, NOTIFICATION_LAUNCH_OPTION_APP_CONTROL, appControl);
- }
-
- notification_post_for_uid(newNoti, owner.getUid());
- notiHandleMap.insert(std::make_pair(privId, newNoti));
-}
-
-void notiProxyDelete(const runtime::User& owner, int privId)
-{
- std::unordered_map<int, notification_h>::iterator it;
-
- it = notiHandleMap.find(privId);
- if (it == notiHandleMap.end()) {
- return;
- }
- notification_delete_for_uid(it->second, owner.getUid());
- notification_free(it->second);
- notiHandleMap.erase(it);
-}
-
-void notiProxyUpdate(const runtime::User& owner, const runtime::User& user, int privId, notification_h noti) {
- std::unordered_map<int, notification_h>::iterator it;
- double progress;
- char *str;
-
- it = notiHandleMap.find(privId);
- if (it == notiHandleMap.end()) {
- return;
- }
-
- notification_image_type_e imageTypes[] = {
- NOTIFICATION_IMAGE_TYPE_ICON,
- NOTIFICATION_IMAGE_TYPE_ICON_FOR_INDICATOR,
- NOTIFICATION_IMAGE_TYPE_ICON_FOR_LOCK,
- NOTIFICATION_IMAGE_TYPE_THUMBNAIL,
- NOTIFICATION_IMAGE_TYPE_THUMBNAIL_FOR_LOCK,
- NOTIFICATION_IMAGE_TYPE_ICON_SUB,
- NOTIFICATION_IMAGE_TYPE_BACKGROUND,
- NOTIFICATION_IMAGE_TYPE_LIST_1,
- NOTIFICATION_IMAGE_TYPE_LIST_2,
- NOTIFICATION_IMAGE_TYPE_LIST_3,
- NOTIFICATION_IMAGE_TYPE_LIST_4,
- NOTIFICATION_IMAGE_TYPE_LIST_5,
- NOTIFICATION_IMAGE_TYPE_BUTTON_1,
- NOTIFICATION_IMAGE_TYPE_BUTTON_2,
- NOTIFICATION_IMAGE_TYPE_BUTTON_3,
- NOTIFICATION_IMAGE_TYPE_BUTTON_4,
- NOTIFICATION_IMAGE_TYPE_BUTTON_5,
- NOTIFICATION_IMAGE_TYPE_BUTTON_6
- };
-
- for (notification_image_type_e type : imageTypes) {
- notification_get_image(noti, type, &str);
- notification_set_image(it->second, type, str);
- }
-
- notification_text_type_e textTypes[] = {
- NOTIFICATION_TEXT_TYPE_TITLE,
- NOTIFICATION_TEXT_TYPE_CONTENT,
- NOTIFICATION_TEXT_TYPE_CONTENT_FOR_DISPLAY_OPTION_IS_OFF,
- NOTIFICATION_TEXT_TYPE_EVENT_COUNT,
- NOTIFICATION_TEXT_TYPE_INFO_1,
- NOTIFICATION_TEXT_TYPE_INFO_SUB_1,
- NOTIFICATION_TEXT_TYPE_INFO_2,
- NOTIFICATION_TEXT_TYPE_INFO_SUB_2,
- NOTIFICATION_TEXT_TYPE_INFO_3,
- NOTIFICATION_TEXT_TYPE_INFO_SUB_3,
- NOTIFICATION_TEXT_TYPE_GROUP_TITLE,
- NOTIFICATION_TEXT_TYPE_GROUP_CONTENT,
- NOTIFICATION_TEXT_TYPE_GROUP_CONTENT_FOR_DISPLAY_OPTION_IS_OFF,
- NOTIFICATION_TEXT_TYPE_BUTTON_1,
- NOTIFICATION_TEXT_TYPE_BUTTON_2,
- NOTIFICATION_TEXT_TYPE_BUTTON_3,
- NOTIFICATION_TEXT_TYPE_BUTTON_4,
- NOTIFICATION_TEXT_TYPE_BUTTON_5,
- NOTIFICATION_TEXT_TYPE_BUTTON_6,
- };
-
- for (notification_text_type_e type : textTypes) {
- notification_get_text(noti, type, &str);
- notification_set_text(it->second, type, str, NULL, NOTIFICATION_VARIABLE_TYPE_NONE);
- }
-
- notification_get_size(noti, &progress);
- notification_set_size(it->second, progress);
-
- notification_get_progress(noti, &progress);
- notification_set_progress(it->second, progress);
-
- notification_update_for_uid(it->second, owner.getUid());
-}
-
-void notiProxyCallback(void *data, notification_type_e type, notification_op *op_list, int num_op)
-{
- static runtime::User owner(ZONE_DEFAULT_OWNER);
- runtime::User user(*reinterpret_cast<std::string*>(data));
-
- if (user.getName() == owner.getName()) {
- // TODO : should remove noti in the zone when related-zone is removed
- // This will be imlemented when notification bug is fixed
- return;
- }
-
- for (int i = 0; i < num_op; i++) {
- notification_h noti = NULL;
- int opType, privId;
-
- notification_op_get_data(op_list + i, NOTIFICATION_OP_DATA_TYPE, &opType);
- notification_op_get_data(op_list + i, NOTIFICATION_OP_DATA_PRIV_ID, &privId);
-
- switch (opType) {
- case NOTIFICATION_OP_INSERT:
- notification_op_get_data(op_list + i, NOTIFICATION_OP_DATA_NOTI, ¬i);
- notiProxyInsert(owner, user, privId, noti);
- break;
- case NOTIFICATION_OP_DELETE:
- notiProxyDelete(owner, privId);
- break;
- case NOTIFICATION_OP_UPDATE:
- notification_op_get_data(op_list + i, NOTIFICATION_OP_DATA_NOTI, ¬i);
- notiProxyUpdate(owner, user, privId, noti);
- break;
- }
- }
-}
-
-} // namespace
-
-ZoneManager* zoneManager = nullptr;
-
-ZoneManager::ZoneManager(PolicyControlContext& ctx) :
- context(ctx)
-{
- context.registerParametricMethod(this, "", (int)(ZoneManager::createZone)(std::string, std::string));
- context.registerParametricMethod(this, "", (int)(ZoneManager::removeZone)(std::string));
- context.registerParametricMethod(this, "", (int)(ZoneManager::lockZone)(std::string));
- context.registerParametricMethod(this, "", (int)(ZoneManager::unlockZone)(std::string));
- context.registerParametricMethod(this, "", (int)(ZoneManager::getZoneState)(std::string));
- context.registerParametricMethod(this, "", (std::vector<std::string>)(ZoneManager::getZoneList)(int));
- context.registerParametricMethod(this, "", (int)(ZoneManager::resetZonePassword)(std::string, std::string));
-
- context.createNotification("ZoneManager::created");
- context.createNotification("ZoneManager::removed");
-
- PackageManager& packageManager = PackageManager::instance();
- packageManager.setEventCallback(packageEventHandler, this);
-
- zoneProcessMonitor();
-
- initializeCreatedZoneList();
- for (std::string& name : createdZoneList) {
- runtime::User zone(name);
- notification_register_detailed_changed_cb_for_uid(notiProxyCallback, &name, zone.getUid());
- }
-
- zoneManager = this;
-}
-
-ZoneManager::~ZoneManager()
-{
-}
-
-int ZoneManager::createZone(const std::string& name, const std::string& manifest)
-{
- auto provisioningWorker = [name, manifest, this]() {
- std::unique_ptr<xml::Document> manifestFile;
-
- try {
- //create zone user by gumd
- GumUser* guser = NULL;
- while (guser == NULL) {
- guser = gum_user_create_sync(FALSE);
- }
- g_object_set(G_OBJECT(guser), "username", name.c_str(),
- "usertype", GUM_USERTYPE_SECURITY, NULL);
- gboolean ret = gum_user_add_sync(guser);
- g_object_unref(guser);
-
- if (!ret) {
- throw runtime::Exception("Failed to remove user (" + name + ") by gumd");
- }
-
- runtime::User user(name);
-
- maskUserServices(user);
-
- manifestFile.reset(xml::Parser::parseString(manifest));
- manifestFile->write(ZONE_MANIFEST_DIR + name + ".xml", "UTF-8", true);
-
- //TODO: write container owner info
-
- //unlock the user
- setZoneState(user.getUid(), 1);
-
- //wait for launchpad in the zone
- sleep(1);
-
- auto it = createdZoneList.insert(createdZoneList.end(), name);
- notification_register_detailed_changed_cb_for_uid(notiProxyCallback, &(*it), user.getUid());
- context.notify("ZoneManager::created", name, "");
- } catch (runtime::Exception& e) {
- ERROR(e.what());
- context.notify("ZoneManager::created", name, "Error");
- }
- };
-
- std::thread asyncWork(provisioningWorker);
- asyncWork.detach();
-
- return 0;
-}
-
-int ZoneManager::removeZone(const std::string& name)
-{
- if (lockZone(name) != 0) {
- return -1;
- }
-
- auto remove = [name, this] {
- //wait for zone session close
- sleep(1);
-
- try {
- runtime::User user(name);
-
- //umount TZ_USER_CONTENT
- ::tzplatform_set_user(user.getUid());
- ::umount2(::tzplatform_getenv(TZ_USER_CONTENT), MNT_FORCE);
- ::tzplatform_reset_user();
-
- //remove zone user
- GumUser* guser = NULL;
- while (guser == NULL) {
- guser = gum_user_get_sync(user.getUid(), FALSE);
- }
- gboolean ret = gum_user_delete_sync(guser, TRUE);
- g_object_unref(guser);
-
- if (!ret) {
- throw runtime::Exception("Failed to remove user " + name + "(" + std::to_string(user.getUid()) + ") by gumd");
- }
-
- auto it = createdZoneList.begin();
- for (; it != createdZoneList.end(); it++) {
- if (*it == name) {
- break;
- }
- }
- createdZoneList.erase(it);
-
- notification_unregister_detailed_changed_cb_for_uid(notiProxyCallback, NULL, user.getUid());
- context.notify("ZoneManager::removed", name, "");
- } catch (runtime::Exception& e) {
- ERROR(e.what());
- context.notify("ZoneManager::removed", name, "Error");
- return;
- }
- };
-
- std::thread asyncWork(remove);
- asyncWork.detach();
-
- return 0;
-}
-
-int ZoneManager::lockZone(const std::string& name)
-{
- try {
- runtime::User user(name);
- setZoneState(user.getUid(), 0);
- } catch (runtime::Exception& e) {
- ERROR(e.what());
- return -1;
- }
-
- return 0;
-}
-
-int ZoneManager::unlockZone(const std::string& name)
-{
- try {
- runtime::User user(name);
- setZoneState(user.getUid(), 1);
- } catch (runtime::Exception& e) {
- ERROR(e.what());
- return -1;
- }
-
- return 0;
-}
-
-int ZoneManager::getZoneState(const std::string& name)
-{
- auto it = std::find(createdZoneList.begin(), createdZoneList.end(), name);
- if (it == createdZoneList.end()) {
- return 0;
- }
-
- try {
- runtime::User user(name);
- try {
- dbus::Connection& systemDBus = dbus::Connection::getSystem();
- const dbus::Variant& var = systemDBus.methodcall
- ("org.freedesktop.login1",
- "/org/freedesktop/login1",
- "org.freedesktop.login1.Manager",
- "GetUser",
- -1, "(o)", "(u)", user.getUid());
- return ZoneManager::State::Running;
- } catch (runtime::Exception& e) {
- return ZoneManager::State::Locked;
- }
- } catch (runtime::Exception& e) {
- ERROR(e.what());
- return 0;
- }
-
- return 0;
-}
-
-std::vector<std::string> ZoneManager::getZoneList(int state)
-{
- std::vector<std::string> list;
-
- for (const std::string& name : createdZoneList) {
- if (getZoneState(name) & state) {
- list.push_back(name);
- }
- }
- return list;
-}
-
-int ZoneManager::resetZonePassword(const std::string& name, const std::string& newPassword)
-{
- try {
- runtime::User user(name);
- int ret = auth_passwd_reset_passwd(AUTH_PWD_NORMAL, user.getUid(), newPassword.c_str());
- if (ret != AUTH_PASSWD_API_SUCCESS) {
- throw runtime::Exception("Failed to reset password for " + name);
- }
- } catch (runtime::Exception& e) {
- ERROR(e.what());
- return -1;
- }
-
- return 0;
-}
-
-DEFINE_POLICY(ZoneManager);
-
-} // namespace DevicePolicyManager
-msgid "IDS_DPM_NOTI_BODY_ZONE_REMOVE"
-msgstr "Tap here to delete Separated Zone."
+msgid "IDS_DPM_NOTI_BODY_KRATE_REMOVE"
+msgstr "Tap here to delete Separated Krate."
-msgid "IDS_DPM_NOTI_ZONE_REMOVE"
-msgstr "Separated Zone deletion"
+msgid "IDS_DPM_NOTI_KRATE_REMOVE"
+msgstr "Separated Krate deletion"
-msgid "IDS_DPM_BODY_ZONE_REMOVE"
-msgstr "Security policy prevent the use of the Separated Zone. Tap OK to remove Separated zone."
+msgid "IDS_DPM_BODY_KRATE_REMOVE"
+msgstr "Security policy prevent the use of the Separated Krate. Tap OK to remove Separated krate."
-msgid "IDS_DPM_ZONE_REMOVE"
-msgstr "Remove Separated Zone"
+msgid "IDS_DPM_KRATE_REMOVE"
+msgstr "Remove Separated Krate"
-msgid "IDS_DPM_NOTI_BODY_ZONE_CREATE"
-msgstr "Tap here to create Separated Zone."
+msgid "IDS_DPM_NOTI_BODY_KRATE_CREATE"
+msgstr "Tap here to create Separated Krate."
-msgid "IDS_DPM_NOTI_ZONE_CREATE"
-msgstr "Separated zone creation"
+msgid "IDS_DPM_NOTI_KRATE_CREATE"
+msgstr "Separated krate creation"
-msgid "IDS_DPM_BODY_ZONE_CREATE"
-msgstr "Security policy force to use of the Separated Zone. Tap OK to create Separated zone."
+msgid "IDS_DPM_BODY_KRATE_CREATE"
+msgstr "Security policy force to use of the Separated Krate. Tap OK to create Separated krate."
-msgid "IDS_DPM_ZONE_CREATE"
-msgstr "Create Separated Zone"
+msgid "IDS_DPM_KRATE_CREATE"
+msgstr "Create Separated Krate"
msgid "IDS_DPM_CANCEL"
msgstr "Cancel"
-msgid "IDS_DPM_NOTI_BODY_ZONE_REMOVE"
-msgstr "여기를 누르면 Separated Zone을 제거합니다."
+msgid "IDS_DPM_NOTI_BODY_KRATE_REMOVE"
+msgstr "여기를 누르면 Separated Krate을 제거합니다."
-msgid "IDS_DPM_NOTI_ZONE_REMOVE"
-msgstr "Separate Zone 제거"
+msgid "IDS_DPM_NOTI_KRATE_REMOVE"
+msgstr "Separate Krate 제거"
-msgid "IDS_DPM_BODY_ZONE_REMOVE"
-msgstr "보안정책에 따라 Separated Zone 사용을 제한합니다. OK 버튼을 누르면 Separated Zone을 제거합니다."
+msgid "IDS_DPM_BODY_KRATE_REMOVE"
+msgstr "보안정책에 따라 Separated Krate 사용을 제한합니다. OK 버튼을 누르면 Separated Krate을 제거합니다."
-msgid "IDS_DPM_ZONE_REMOVE"
-msgstr "Separate Zone 제거"
+msgid "IDS_DPM_KRATE_REMOVE"
+msgstr "Separate Krate 제거"
-msgid "IDS_DPM_NOTI_BODY_ZONE_CREATE"
-msgstr "여기를 누르면 Separated Zone을 생성합니다."
+msgid "IDS_DPM_NOTI_BODY_KRATE_CREATE"
+msgstr "여기를 누르면 Separated Krate을 생성합니다."
-msgid "IDS_DPM_NOTI_ZONE_CREATE"
-msgstr "Separate Zone 생성"
+msgid "IDS_DPM_NOTI_KRATE_CREATE"
+msgstr "Separate Krate 생성"
-msgid "IDS_DPM_BODY_ZONE_CREATE"
-msgstr "보안정책에 따라 Separated Zone을 사용합니다. OK 버튼을 누르면 Separated Zone을 생성합니다."
+msgid "IDS_DPM_BODY_KRATE_CREATE"
+msgstr "보안정책에 따라 Separated Krate을 사용합니다. OK 버튼을 누르면 Separated Krate을 생성합니다."
-msgid "IDS_DPM_ZONE_CREATE"
-msgstr "Separated Zone 생성"
+msgid "IDS_DPM_KRATE_CREATE"
+msgstr "Separated Krate 생성"
msgid "IDS_DPM_CANCEL"
msgstr "취소"
{"storage-decryption", true, "IDS_DPM_STORAGE_DECRYPTION", NULL, "toast", NULL, NULL, NULL, NULL},
{"wipe-data", true, "IDS_DPM_WIPE_DATA", NULL, "default", "IDS_DPM_CANCEL", "IDS_DPM_OK", NULL, NULL},
- /* Zone Policy */
- {"zone-create", false, "IDS_DPM_ZONE_CREATE", "IDS_DPM_BODY_ZONE_CREATE", "default", "IDS_DPM_CANCEL", "IDS_DPM_OK", "IDS_DPM_NOTI_ZONE_CREATE", "IDS_DPM_NOTI_BODY_ZONE_CREATE"},
- {"zone-remove", false, "IDS_DPM_ZONE_REMOVE", "IDS_DPM_BODY_ZONE_REMOVE", "default", "IDS_DPM_CANCEL", "IDS_DPM_OK", "IDS_DPM_NOTI_ZONE_REMOVE", "IDS_DPM_NOTI_BODY_ZONE_REMOVE"},
+ /* Krate Policy */
+ {"krate-create", false, "IDS_DPM_KRATE_CREATE", "IDS_DPM_BODY_KRATE_CREATE", "default", "IDS_DPM_CANCEL", "IDS_DPM_OK", "IDS_DPM_NOTI_KRATE_CREATE", "IDS_DPM_NOTI_BODY_KRATE_CREATE"},
+ {"krate-remove", false, "IDS_DPM_KRATE_REMOVE", "IDS_DPM_BODY_KRATE_REMOVE", "default", "IDS_DPM_CANCEL", "IDS_DPM_OK", "IDS_DPM_NOTI_KRATE_REMOVE", "IDS_DPM_NOTI_BODY_KRATE_REMOVE"},
};
popup_info_s *_get_popup_info(const char *id)
+++ /dev/null
-#
-# Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-
-SET(ZONE_MODULE ${DPM_ZONE}/module)
-SET(ZONE_LIBS ${DPM_ZONE}/libs)
-SET(ZONE_CLI ${DPM_ZONE}/cli)
-SET(ZONE_VOLUME ${DPM_ZONE}/volume)
-
-ADD_SUBDIRECTORY(${ZONE_MODULE})
-ADD_SUBDIRECTORY(${ZONE_LIBS})
-ADD_SUBDIRECTORY(${ZONE_CLI})
-ADD_SUBDIRECTORY(${ZONE_VOLUME})
-
-INSTALL(FILES gumd-scripts/20_pam-zone-add.post DESTINATION /etc/gumd/useradd.d)
-INSTALL(FILES gumd-scripts/20_pam-zone-remove.post DESTINATION /etc/gumd/userdel.d)
+++ /dev/null
-#
-# Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-
-PROJECT(zone-cli)
-
-FILE(GLOB ZONE_CLI_SRCS zone-admin-cli.cpp
- ${ZONE_MODULE}/session.cpp
- ${ZONE_MODULE}/zone-builder.cpp
-)
-
-SET(ZONE_CLI_NAME "zone-admin-cli")
-
-ADD_EXECUTABLE(${ZONE_CLI_NAME} ${ZONE_CLI_SRCS})
-SET_TARGET_PROPERTIES(${ZONE_CLI_NAME} PROPERTIES PREFIX ""
- COMPILE_DEFINITIONS PID_FILE_PATH="${RUN_INSTALL_DIR}/zone"
- COMPILE_FLAGS "-fPIE"
- LINK_FLAGS "-pie"
-)
-
-PKG_CHECK_MODULES(ZONE_CLI_DEPS REQUIRED
- klay
- glib-2.0
- libxml-2.0
- capi-appfw-package-manager
- capi-appfw-app-manager
-)
-
-INCLUDE_DIRECTORIES(SYSTEM ${ZONE_CLI_DEPS_INCLUDE_DIRS} ${ZONE_MODULE} ${ZONE_LIBS})
-TARGET_LINK_LIBRARIES(${ZONE_CLI_NAME} ${ZONE_CLI_DEPS_LIBRARIES} zone)
-
-INSTALL(TARGETS ${ZONE_CLI_NAME} DESTINATION sbin)
+++ /dev/null
-/*
- * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Contact: Sungbae Yoo <sungbae.yoo@samsung.com>
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- */
-
-/**
- * @file
- * @author Sungbae Yoo (sungbae.yoo@samsung.com)
- * @brief CLI tool to attach to existing namespace by pam-attach.so
- */
-
-#define _XOPEN_SOURCE
-#include <grp.h>
-#include <glib.h>
-#include <fcntl.h>
-#include <unistd.h>
-#include <getopt.h>
-#include <sys/wait.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <sys/param.h>
-
-#include <klay/exception.h>
-#include <klay/filesystem.h>
-#include <klay/auth/user.h>
-
-#include <zone/app-proxy.h>
-#include <zone/package-proxy.h>
-
-#include <cstring>
-#include <string>
-#include <vector>
-#include <utility>
-#include <iostream>
-
-#include "session.h"
-
-
-#define DEFAULT_SHELL "/bin/bash"
-
-typedef std::pair<std::string, int> NamespacePair;
-
-std::vector<NamespacePair> namespaces = {
- {"mnt", CLONE_NEWNS},
- {"net", CLONE_NEWNET},
- {"uts", CLONE_NEWUTS},
- {"user", CLONE_NEWUSER},
- {"ipc", CLONE_NEWIPC},
- {"pid", CLONE_NEWPID}
-};
-
-extern char** environ;
-
-static inline void usage(const std::string name)
-{
- std::cout << "Usage: " << name << " [Option] -- COMMAND" << std::endl
- << "Run a program in the zone" << std::endl
- << std::endl
- << "Options :" << std::endl
- << " -a, --attach=zone execute command in the zone" << std::endl
- << " -p, --pkginfo=zone show all packages in the zone" << std::endl
- << " -q, --appinfo=zone show all applications in the zone" << std::endl
- << " -m, --zone-monitor monitor all zone events" << std::endl
- << " -n, --pkg-monitor monitor all package events in the zone" << std::endl
- << " -l, --list show all zone instances" << std::endl
- << " -h, --help show this" << std::endl
- << std::endl;
-}
-
-int showZoneInstances()
-{
- try {
- runtime::DirectoryIterator iter("/var/run/zone"), end;
-
- while (iter != end) {
- const std::string& path = (*iter).getPath();
- size_t name = path.rfind('/') + 1;
- std::cout << path.substr(name) << std::endl;
- ++iter;
- }
- } catch (runtime::Exception& e) {
- std::cerr << e.what() << std::endl;
- return -1;
- }
-
- return 0;
-}
-
-void attachNamespaces(pid_t pid)
-{
- int fd;
- for (const NamespacePair& ns : namespaces) {
- std::string nspath = "/proc/" + std::to_string(pid) + "/ns/" + ns.first;
-
- do {
- fd = ::open(nspath.c_str(), O_RDONLY);
- } while (fd == -1 && errno == EINTR);
-
- if (fd == -1) {
- if (errno != ENOENT) {
- throw runtime::Exception("Failed to open namesapce: " + nspath);
- }
- } else {
- if (::setns(fd, ns.second)) {
- ::close(fd);
- throw runtime::Exception("Failed to attach namespace: " + nspath);
- }
- ::close(fd);
- }
- }
-}
-
-void launchProcess(runtime::User& user, char** args)
-{
- int status;
-
- pid_t pid = ::fork();
- if (pid == -1) {
- throw runtime::Exception("Failed to create child process");
- }
-
- if (pid != 0) {
- ::waitpid(pid, &status, 0);
- if (WEXITSTATUS(status) != EXIT_SUCCESS) {
- throw runtime::Exception("Child process terminated abnormally");
- }
- return;
- }
-
- if (::initgroups(user.getName().c_str(), user.getGid()) == -1) {
- std::cerr << "Failed to initgroups()" << std::endl;
- ::exit(EXIT_FAILURE);
- }
-
- if (::setgid(user.getGid()) == -1) {
- std::cerr << "Failed to setgid()" << std::endl;
- ::exit(EXIT_FAILURE);
- }
-
- if (::setuid(user.getUid()) == -1) {
- std::cerr << "Failed to setuid()" << std::endl;
- ::exit(EXIT_FAILURE);
- }
-
- char *default_args[2];
- default_args[0] = ::strdup(DEFAULT_SHELL);
- default_args[1] = NULL;
-
- if (args == NULL) {
- args = default_args;
- }
-
- ::execve(*args, args, environ);
- std::cerr << "Failed to execute " << args[0] << std::endl;
-
- ::free(default_args[0]);
-
- ::exit(EXIT_FAILURE);
-}
-
-int attachToZone(const std::string& name, char* args[])
-{
- try {
- runtime::User user(name);
-
- attachNamespaces(getSessionLeader(user));
- launchProcess(user, args);
- } catch (runtime::Exception& e) {
- std::cerr << e.what() << std::endl;
- return -1;
- }
-
- return 0;
-}
-
-bool packgeListCallback(package_info_h info, void *user_data)
-{
- bool checked;
- char *val;
-
- std::cout << "Package #" << (*(int*)user_data)++ << " :" << std::endl;
-
- package_info_get_package(info, &val);
- std::cout << val;
- free(val);
-
- package_info_get_version(info, &val);
- std::cout << " (" << val << ")" << std::endl;
- free(val);
-
- package_info_get_type(info, &val);
- std::cout << " Type : " << val << " (";
- free(val);
-
- package_info_is_system_package(info, &checked);
- if (checked) {
- std::cout <<" System ";
- }
- package_info_is_removable_package(info, &checked);
- if (checked) {
- std::cout <<" Removable ";
- }
- package_info_is_preload_package(info, &checked);
- if (checked) {
- std::cout <<" Preload ";
- }
- std::cout << ")" << std::endl;
-
- package_info_get_label(info, &val);
- std::cout << " Label : " << val << std::endl;
- free(val);
-
- package_info_get_icon(info, &val);
- std::cout << " Icon : " << val << std::endl;
- free(val);
-
- std::cout << std::endl;
-
- return true;
-}
-
-int showPkgInfo(const std::string& name)
-{
- int num = 0;
-
- zone_manager_h zoneMgr;
- zone_package_proxy_h pkgProxy;
-
- zone_manager_create(&zoneMgr);
- zone_package_proxy_create(zoneMgr, name.c_str(), &pkgProxy);
- zone_package_proxy_foreach_package_info(pkgProxy, packgeListCallback, &num);
- std::cout << num << " packages are found" << std::endl;
- zone_package_proxy_destroy(pkgProxy);
- zone_manager_destroy(zoneMgr);
-
- return 0;
-}
-
-bool applicationListCallback(app_info_h info, void *user_data)
-{
- bool checked;
- char *val;
-
- std::cout << "Application #" << (*(int*)user_data)++ << " :" << std::endl;
-
- app_info_get_app_id(info, &val);
- std::cout << val;
- free(val);
-
- app_info_get_package(info, &val);
- std::cout << " (" << val << ")" << std::endl;
- free(val);
-
- app_info_get_type(info, &val);
- std::cout << " Type : " << val << " (";
- free(val);
-
- app_info_is_nodisplay(info, &checked);
- if (checked) {
- std::cout <<" NoDisplay ";
- }
- std::cout << ")"<< std::endl;
-
- app_info_get_label(info, &val);
- std::cout << " Label : " << val << std::endl;
- free(val);
-
- if (app_info_get_icon(info, &val) == APP_MANAGER_ERROR_NONE) {
- std::cout << " Icon : " << val << std::endl;
- free(val);
- } else {
- std::cout << "App Manager error" << std::endl;
- }
-
- std::cout << std::endl;
-
- return true;
-}
-
-int showAppInfo(const std::string& name)
-{
- int num = 0;
-
- zone_manager_h zoneMgr;
- zone_app_proxy_h appMgr;
-
- zone_manager_create(&zoneMgr);
- zone_app_proxy_create(zoneMgr, name.c_str(), &appMgr);
- zone_app_proxy_foreach_app_info(appMgr, applicationListCallback, &num);
- std::cout << num << " applications are found" << std::endl;
- zone_app_proxy_destroy(appMgr);
- zone_manager_destroy(zoneMgr);
-
- return 0;
-}
-
-GMainLoop *gmainloop = NULL;
-
-void monitorSigHandler(int sig)
-{
- g_main_loop_quit(gmainloop);
-}
-
-void zoneCallback(const char* name, const char* object, void *user_data)
-{
- std::cout << "--- Zone event ---" << std::endl;
- std::cout << "Type : " << (char*)user_data << std::endl;
- std::cout << "Name : " << name <<std::endl;
- std::cout << std::endl;
-}
-
-int monitorEvent()
-{
- int zoneCallbackId[2];
- zone_manager_h zoneMgr;
- zone_manager_create(&zoneMgr);
-
- zone_manager_add_event_cb(zoneMgr, "created", zoneCallback,
- (void*)"created", &zoneCallbackId[0]);
- zone_manager_add_event_cb(zoneMgr, "removed", zoneCallback,
- (void*)"removed", &zoneCallbackId[1]);
-
- std::cout << "=== Monitoring start ===" << std::endl << std::endl;
-
- signal(SIGINT, monitorSigHandler);
-
- gmainloop = g_main_loop_new(NULL, FALSE);
- g_main_loop_run(gmainloop);
- g_main_loop_unref(gmainloop);
-
- zone_manager_remove_event_cb(zoneMgr, zoneCallbackId[0]);
- zone_manager_remove_event_cb(zoneMgr, zoneCallbackId[1]);
-
- std::cout << "=== Monitoring end ===" << std::endl;
-
- zone_manager_destroy(zoneMgr);
-
- return 0;
-}
-
-void packageEventCallback(const char *type,
- const char *package,
- package_manager_event_type_e event_type,
- package_manager_event_state_e event_state,
- int progress, package_manager_error_e error,
- void *user_data)
-{
- std::cout << "--- Package event ---" << std::endl;
- std::cout << "Pacakge : " << package << std::endl;
- std::cout << "Pacakge type : " << type << std::endl;
-
- std::cout << "Event state : ";
- switch (event_state) {
- case PACKAGE_MANAGER_EVENT_STATE_STARTED:
- std::cout << "started" << std::endl;
- std::cout << "Event type : ";
- switch (event_type) {
- case PACKAGE_MANAGER_EVENT_TYPE_INSTALL:
- std::cout << "install";
- break;
- case PACKAGE_MANAGER_EVENT_TYPE_UNINSTALL:
- std::cout << "uninstall";
- break;
- case PACKAGE_MANAGER_EVENT_TYPE_UPDATE:
- std::cout << "update";
- break;
- }
- break;
- case PACKAGE_MANAGER_EVENT_STATE_PROCESSING:
- std::cout << "processing" << std::endl;
- std::cout << "Progress : " << std::to_string(progress) << "%";
- break;
- case PACKAGE_MANAGER_EVENT_STATE_FAILED:
- std::cout << "failed";
- break;
- case PACKAGE_MANAGER_EVENT_STATE_COMPLETED:
- std::cout << "completed";
- break;
- }
- std::cout << std::endl;
-
- std::cout << std::endl;
-}
-
-int monitorPkgEvent(const std::string& name)
-{
- zone_manager_h zoneMgr;
- zone_package_proxy_h pkgProxy;
-
- zone_manager_create(&zoneMgr);
- zone_package_proxy_create(zoneMgr, name.c_str(), &pkgProxy);
-
- zone_package_proxy_set_event_cb(pkgProxy, packageEventCallback, NULL);
-
- std::cout << "=== Monitoring start ===" << std::endl << std::endl;
-
- signal(SIGINT, monitorSigHandler);
-
- gmainloop = g_main_loop_new(NULL, FALSE);
- g_main_loop_run(gmainloop);
- g_main_loop_unref(gmainloop);
-
- zone_package_proxy_unset_event_cb(pkgProxy);
-
- std::cout << "=== Monitoring end ===" << std::endl;
-
- zone_package_proxy_destroy(pkgProxy);
- zone_manager_destroy(zoneMgr);
-
- return 0;
-}
-
-int main(int argc, char* argv[])
-{
- int opt = 0, index, ret = 0;
-
- struct option options[] = {
- {"attach", required_argument, 0, 'a'},
- {"list", no_argument, 0, 'l'},
- {"pkginfo", required_argument, 0, 'p'},
- {"appinfo", required_argument, 0, 'q'},
- {"zone-monitor", no_argument, 0, 'm'},
- {"pkg-monitor", no_argument, 0, 'n'},
- {"help", no_argument, 0, 'h'},
- {0, 0, 0, 0}
- };
-
- if (argc <= 1) {
- usage(argv[0]);
- return EXIT_SUCCESS;
- }
-
- while ((opt = getopt_long(argc, argv, "a:p:q:mn:lh", options, &index)) != -1) {
- switch (opt) {
- case 'a':
- ret = attachToZone(optarg, optind >= argc ? NULL : argv + optind);
- break;
- case 'p':
- ret = showPkgInfo(optarg);
- break;
- case 'q':
- ret = showAppInfo(optarg);
- break;
- case 'm':
- ret = monitorEvent();
- break;
- case 'n':
- ret = monitorPkgEvent(optarg);
- break;
- case 'l':
- ret = showZoneInstances();
- break;
- case 'h':
- usage(argv[0]);
- break;
- default:
- usage(argv[0]);
- ret = -1;
- }
- }
-
- return ret == 0 ? EXIT_SUCCESS : EXIT_FAILURE;
-}
+++ /dev/null
-PATH=/bin:/usr/bin:/sbin:/usr/sbin
-
-export `tzplatform-get TZ_SYS_ETC`
-cp ${TZ_SYS_ETC}/dpm/zone/owner.xml ${TZ_SYS_ETC}/dpm/zone/${1}.xml
+++ /dev/null
-PATH=/bin:/usr/bin:/sbin:/usr/sbin
-
-export `tzplatform-get TZ_SYS_ETC`
-rm ${TZ_SYS_ETC}/dpm/zone/${1}.xml
+++ /dev/null
-#
-# Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-
-PROJECT(zone)
-SET(LIB_VERSION "${VERSION}")
-SET(LIB_SOVERSION "0")
-
-SET(PC_FILE "${PROJECT_NAME}.pc")
-
-SET(SOURCES ${DPM_LIBS}/policy-client.cpp
- zone.cpp
- package-proxy.cpp
- app-proxy.cpp
- zone/zone.cpp
- zone/package-proxy.cpp
- zone/app-proxy.cpp
-)
-
-SET(CAPI_INCLUDE_FILES zone/zone.h
- zone/package-proxy.h
- zone/app-proxy.h
-)
-
-
-SET (CMAKE_SHARED_LINKER_FLAGS "${CMAKE_SHARED_LINKER_FLAGS} -Wl,-z,noexecstack")
-
-PKG_CHECK_MODULES(ZONE_LIBS_DEPS REQUIRED
- klay
- glib-2.0
- capi-appfw-package-manager
- capi-appfw-app-manager
- capi-appfw-app-control
- libtzplatform-config
-)
-
-ADD_LIBRARY(${PROJECT_NAME} SHARED ${SOURCES})
-SET_TARGET_PROPERTIES(${PROJECT_NAME} PROPERTIES COMPILE_FLAGS "-fvisibility=hidden")
-SET_TARGET_PROPERTIES(${PROJECT_NAME} PROPERTIES SOVERSION ${LIB_SOVERSION})
-SET_TARGET_PROPERTIES(${PROJECT_NAME} PROPERTIES VERSION ${LIB_VERSION})
-
-INCLUDE_DIRECTORIES(SYSTEM ${ZONE_LIBS_DEPS_INCLUDE_DIRS} ${DPM_POLICY} ${DPM_LIBS} ${ZONE_LIBS})
-TARGET_LINK_LIBRARIES(${PROJECT_NAME} ${ZONE_LIBS_DEPS_LIBRARIES} pthread)
-
-CONFIGURE_FILE(${PC_FILE}.in ${CMAKE_BINARY_DIR}/${PC_FILE} @ONLY)
-
-INSTALL(FILES ${CMAKE_BINARY_DIR}/${PC_FILE} DESTINATION ${LIB_INSTALL_DIR}/pkgconfig)
-INSTALL(TARGETS ${PROJECT_NAME} DESTINATION ${LIB_INSTALL_DIR} COMPONENT RuntimeLibraries)
-INSTALL(FILES ${CAPI_INCLUDE_FILES} DESTINATION ${INCLUDE_INSTALL_DIR}/zone)
+++ /dev/null
-/*
- * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License
- */
-
-#include "zone/app-proxy.hxx"
-
-namespace DevicePolicyManager {
-
-ZoneAppProxy::ZoneAppProxy(PolicyControlContext& ctx)
- : context(ctx)
-{
-}
-
-ZoneAppProxy::~ZoneAppProxy()
-{
-}
-
-ZoneAppProxy::AppInfo ZoneAppProxy::getAppInfo(const std::string& name, const std::string& appid)
-{
- try {
- return context->methodCall<ZoneAppProxy::AppInfo>("ZoneAppProxy::getAppInfo", name, appid);
- } catch (runtime::Exception& e) {}
- return ZoneAppProxy::AppInfo();
-}
-
-int ZoneAppProxy::createIterator(const std::string& zone)
-{
- try {
- return context->methodCall<int>("ZoneAppProxy::createIterator", zone);
- } catch (runtime::Exception& e) {}
- return -1;
-}
-
-ZoneAppProxy::AppInfo ZoneAppProxy::getIteratorValue(int iterator)
-{
- try {
- return context->methodCall<ZoneAppProxy::AppInfo>("ZoneAppProxy::getIteratorValue", iterator);
- } catch (runtime::Exception& e) {}
- return ZoneAppProxy::AppInfo();
-}
-
-bool ZoneAppProxy::nextIterator(int iterator)
-{
- try {
- return context->methodCall<bool>("ZoneAppProxy::nextIterator", iterator);
- } catch (runtime::Exception& e) {}
- return false;
-}
-
-int ZoneAppProxy::destroyIterator(int iterator)
-{
- try {
- return context->methodCall<int>("ZoneAppProxy::destroyIterator", iterator);
- } catch (runtime::Exception& e) {}
- return -1;
-}
-
-int ZoneAppProxy::launch(const std::string& name, const ZoneAppProxy::Bundle& bundle)
-{
- try {
- return context->methodCall<int>("ZoneAppProxy::launch", name, bundle);
- } catch (runtime::Exception& e) {
- return -1;
- }
-}
-
-int ZoneAppProxy::resume(const std::string& name, const std::string& appid)
-{
- try {
- return context->methodCall<int>("ZoneAppProxy::resume", name, appid);
- } catch (runtime::Exception& e) {
- return -1;
- }
-}
-
-int ZoneAppProxy::terminate(const std::string& name, const std::string& appid)
-{
- try {
- return context->methodCall<int>("ZoneAppProxy::terminate", name, appid);
- } catch (runtime::Exception& e) {
- return -1;
- }
-}
-
-bool ZoneAppProxy::isRunning(const std::string& name, const std::string& appid)
-{
- try {
- return context->methodCall<bool>("ZoneAppProxy::isRunning", name, appid);
- } catch (runtime::Exception& e) {
- return -1;
- }
-}
-
-} // namespace DevicePolicyManager
+++ /dev/null
-/*
- * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License
- */
-#include "zone/package-proxy.hxx"
-
-namespace DevicePolicyManager {
-
-ZonePackageProxy::ZonePackageProxy(PolicyControlContext& ctx) :
- context(ctx)
-{
-}
-
-ZonePackageProxy::~ZonePackageProxy()
-{
-}
-
-ZonePackageProxy::PackageInfo ZonePackageProxy::getPackageInfo(const std::string& name, const std::string& pkgid)
-{
- try {
- return context->methodCall<ZonePackageProxy::PackageInfo>("ZonePackageProxy::getPackageInfo", name, pkgid);
- } catch (runtime::Exception& e) {}
- return ZonePackageProxy::PackageInfo();
-}
-
-std::vector<std::string> ZonePackageProxy::getPackageList(const std::string& zone)
-{
- try {
- return context->methodCall<std::vector<std::string>>("ZonePackageProxy::getPackageList", zone);
- } catch (runtime::Exception& e) {}
- return std::vector<std::string>();;
-}
-
-int ZonePackageProxy::install(const std::string& name, const std::string& pkgid)
-{
- try {
- return context->methodCall<int>("ZonePackageProxy::install", name, pkgid);
- } catch (runtime::Exception& e) {
- return -1;
- }
-}
-
-int ZonePackageProxy::uninstall(const std::string& name, const std::string& pkgid)
-{
- try {
- return context->methodCall<int>("ZonePackageProxy::uninstall", name, pkgid);
- } catch (runtime::Exception& e) {
- return -1;
- }
-}
-
-} // namespace DevicePolicyManager
+++ /dev/null
-/*
- * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License
- */
-
-#include "zone/zone.hxx"
-
-namespace DevicePolicyManager {
-
-ZoneManager::ZoneManager(PolicyControlContext& ctx) :
- context(ctx)
-{
-}
-
-ZoneManager::~ZoneManager()
-{
-}
-
-int ZoneManager::createZone(const std::string& name, const std::string& setupWizAppid)
-{
- try {
- return context->methodCall<int>("ZoneManager::createZone", name, setupWizAppid);
- } catch (runtime::Exception& e) {
- return -1;
- }
-}
-
-int ZoneManager::removeZone(const std::string& name)
-{
- try {
- return context->methodCall<int>("ZoneManager::removeZone", name);
- } catch (runtime::Exception& e) {
- return -1;
- }
-}
-
-int ZoneManager::lockZone(const std::string& name)
-{
- try {
- return context->methodCall<int>("ZoneManager::lockZone", name);
- } catch (runtime::Exception& e) {
- return -1;
- }
-}
-
-int ZoneManager::unlockZone(const std::string& name)
-{
- try {
- return context->methodCall<int>("ZoneManager::unlockZone", name);
- } catch (runtime::Exception& e) {
- return -1;
- }
-}
-
-int ZoneManager::getZoneState(const std::string& name)
-{
- try {
- return context->methodCall<int>("ZoneManager::getZoneState", name);
- } catch (runtime::Exception& e) {
- return -1;
- }
-}
-
-std::vector<std::string> ZoneManager::getZoneList(int state)
-{
- std::vector<std::string> empty;
- try {
- return context->methodCall<std::vector<std::string>>("ZoneManager::getZoneList", state);
- } catch (runtime::Exception& e) {
- return empty;
- }
-}
-
-int ZoneManager::resetZonePassword(const std::string& name, const std::string& newPassword)
-{
- try {
- return context->methodCall<int>("ZoneManager::resetZonePassword", name, newPassword);
- } catch (runtime::Exception& e) {
- return -1;
- }
-}
-
-} // namespace DevicePolicyManager
+++ /dev/null
-# Package Information for pkg-config
-
-prefix=@CMAKE_INSTALL_PREFIX@
-exec_prefix=@CMAKE_INSTALL_PREFIX@
-libdir=@LIB_INSTALL_DIR@
-includedir=@INCLUDE_INSTALL_DIR@
-
-Name: zone
-Description: Tizen Zone Client library
-Version: @VERSION@
-Libs: -L${libdir} -lzone
-Cflags: -I${includedir}/zone
+++ /dev/null
-/*
- * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License
- */
-
-#ifndef __DPM_APP_INFO_INTERNAL_H__
-#define __DPM_APP_INFO_INTERNAL_H__
-
-#include <glib.h>
-
-// pkgmgr-info : include/pkgmgrinfo_basic.h
-typedef struct icon_x {
- char *text;
- char *lang;
- char *section;
- char *size;
- char *resolution;
- char *dpi;
-} icon_x;
-
-// pkgmgr-info : include/pkgmgrinfo_basic.h
-typedef struct label_x {
- char *name;
- char *text;
- char *lang;
-} label_x;
-
-// pkgmgr-info : include/pkgmgrinfo_basic.h
-typedef struct application_x {
- char *appid; /*attr*/
- char *exec; /*attr*/
- char *nodisplay; /*attr, default: "false"*/
- char *multiple; /*attr, default: "false"*/
- char *taskmanage; /*attr, default: "true"*/
- char *enabled; /*attr, default: "true"*/
- char *type; /*attr*/
- char *categories; /*attr*/
- char *extraid; /*attr*/
- char *hwacceleration; /*attr, default: "default"*/
- char *screenreader; /*attr, default: "use-system-setting"*/
- char *mainapp; /*attr, default: "false"*/
- char *package; /*set from package_x*/
- char *recentimage; /*attr, default: "false"*/
- char *launchcondition; /*attr, default: "false"*/
- char *indicatordisplay; /*attr, default: "true"*/
- char *portraitimg; /*attr*/
- char *landscapeimg; /*attr*/
- char *effectimage_type; /*attr, default: "image"*/
- char *guestmode_visibility; /*attr, default: "true"*/
- char *component; /*no xml part*/
- char *permission_type; /*attr, default: "normal"*/
- char *component_type; /*attr, default: "uiapp"*/
- char *preload; /*no xml part*/
- char *submode; /*attr, default: "false"*/
- char *submode_mainid; /*attr, default: "false"*/
- char *process_pool; /*attr, default: "false"*/
- char *installed_storage;
- char *autorestart; /*attr, default: "false"*/
- char *onboot; /*attr, default: "false"*/
- char *support_disable; /*set from package_x*/
- char *ui_gadget; /*attr, default: "false"*/
- char *launch_mode; /*attr, default: "single"*/
- char *ambient_support; /*attr, default: "false"*/
- char *alias_appid; /*attr*/
- char *effective_appid; /*attr*/
- char *package_type; /*set from package_x*/
- char *tep_name; /*set from package_x*/
- char *zip_mount_file; /*set from package_x*/
- char *root_path; /*set from package_x*/
- char *api_version; /*set from package_x*/
- char *for_all_users; /**< Flag that indicates if the package is available for everyone or for current user only, no xml part*/
- char *is_disabled; /**< Flag that indicates if the application is disabled or not, no xml part*/
- char *splash_screen_display; /*attr, default: "true"*/
- GList *label; /*element*/
- GList *icon; /*element*/
- GList *image; /*element*/
- GList *category; /*element*/
- GList *metadata; /*element*/
- GList *permission; /*element*/
- GList *launchconditions; /*element*/
- GList *notification; /*element*/
- GList *datashare; /*element*/
- GList *datacontrol; /*element*/
- GList *background_category; /*element*/
- GList *appcontrol; /*element*/
- GList *splashscreens; /*element*/
-} application_x;
-
-// pkgmgr-info : include/pkgmgrinfo_private.h
-typedef struct _pkgmgr_appinfo_x {
- const char *package;
- char *locale;
- int app_component;
- application_x *app_info;
-} pkgmgr_appinfo_x;
-
-// app-manager : src/app_info.c
-typedef struct app_info_s {
- char *app_id;
- pkgmgr_appinfo_x *pkg_app_info;
-} app_info_s;
-
-
-#endif //__DPM_APP_INFO_INTERNAL_H__
+++ /dev/null
-/*
- * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License
- */
-
-#include <cstdlib>
-#include <cstring>
-
-#include "zone.h"
-#include "debug.h"
-#include "app-proxy.h"
-#include "app-info-internal.h"
-
-#include "policy-client.h"
-#include "zone/app-proxy.hxx"
-
-using namespace DevicePolicyManager;
-
-struct zone_app_proxy_s {
- ZoneAppProxy proxy;
- std::string zoneName;
-};
-
-static inline zone_app_proxy_s* getInstance(zone_app_proxy_h handle)
-{
- return reinterpret_cast<zone_app_proxy_s *>(handle);
-}
-
-static app_info_h make_app_info_handle(const ZoneAppProxy::AppInfo& info)
-{
- if (info.id.empty()) {
- return NULL;
- }
-
- application_x* app = (application_x*)::malloc(sizeof(application_x));
- pkgmgr_appinfo_x* pkgappinfo = (pkgmgr_appinfo_x*)::malloc(sizeof(pkgmgr_appinfo_x));
- app_info_s* appinfo = (app_info_s*)::malloc(sizeof(struct app_info_s));
-
- ::memset(appinfo, 0, sizeof(app_info_s));
- appinfo->app_id = ::strdup(info.id.c_str());
- appinfo->pkg_app_info = pkgappinfo;
-
- ::memset(pkgappinfo, 0, sizeof(pkgmgr_appinfo_x));
- pkgappinfo->package = ::strdup(info.package.c_str());
- pkgappinfo->locale = ::strdup(info.locale.c_str());
- pkgappinfo->app_component = info.componentType;
- pkgappinfo->app_info = app;
-
- ::memset(app, 0, sizeof(application_x));
- app->appid = ::strdup(info.id.c_str());
- app->nodisplay = ::strdup(info.isNoDisplayed? "true":"false");
- app->taskmanage = ::strdup(info.isTaskManaged? "true":"false");
- app->type = ::strdup(info.type.c_str());
-
- icon_x* icon = (icon_x*)::calloc(1, sizeof(icon_x));
- icon->text = ::strdup(info.icon.c_str());
- icon->lang = ::strdup(info.locale.c_str());
- app->icon = ::g_list_append(NULL, icon);
-
- label_x* label = (label_x*)::calloc(1, sizeof(label_x));
- label->text = ::strdup(info.label.c_str());
- label->lang = ::strdup(info.locale.c_str());
- app->label = ::g_list_append(NULL, label);
-
- return reinterpret_cast<app_info_h>(appinfo);
-}
-
-int zone_app_proxy_create(zone_manager_h manager, const char* name, zone_app_proxy_h *handle)
-{
- RET_ON_FAILURE(manager, ZONE_ERROR_INVALID_PARAMETER);
- RET_ON_FAILURE(name, ZONE_ERROR_INVALID_PARAMETER);
- RET_ON_FAILURE(handle, ZONE_ERROR_INVALID_PARAMETER);
-
- zone_app_proxy_s* instance = new zone_app_proxy_s {
- GetDevicePolicyContext(manager).createPolicyInterface<ZoneAppProxy>(),
- name
- };
-
- *handle = reinterpret_cast<zone_app_proxy_h>(instance);
- return ZONE_ERROR_NONE;
-}
-
-int zone_app_proxy_destroy(zone_app_proxy_h handle)
-{
- RET_ON_FAILURE(handle, ZONE_ERROR_INVALID_PARAMETER);
-
- delete reinterpret_cast<ZoneAppProxy*>(handle);
-
- return ZONE_ERROR_NONE;
-}
-
-int zone_app_proxy_get_app_info(zone_app_proxy_h handle, const char* app_id, app_info_h* app_info)
-{
- RET_ON_FAILURE(handle, ZONE_ERROR_INVALID_PARAMETER);
- RET_ON_FAILURE(app_id, ZONE_ERROR_INVALID_PARAMETER);
- RET_ON_FAILURE(app_info, ZONE_ERROR_INVALID_PARAMETER);
-
- auto instance = getInstance(handle);
- auto& proxy = instance->proxy;
- const std::string& name = instance->zoneName;
-
- const auto info = proxy.getAppInfo(name, app_id);
- app_info_h ret = make_app_info_handle(info);
- if (ret == NULL) {
- return ZONE_ERROR_INVALID_PARAMETER;
- }
-
- *app_info = ret;
-
- return ZONE_ERROR_NONE;
-}
-
-int zone_app_proxy_foreach_app_info(zone_app_proxy_h handle, app_manager_app_info_cb callback, void *user_data)
-{
- RET_ON_FAILURE(handle, ZONE_ERROR_INVALID_PARAMETER);
- RET_ON_FAILURE(callback, ZONE_ERROR_INVALID_PARAMETER);
-
- auto instance = getInstance(handle);
- auto& proxy = instance->proxy;
- const std::string& name = instance->zoneName;
-
- int iter = proxy.createIterator(name);
- do {
- app_info_h info = make_app_info_handle(proxy.getIteratorValue(iter));
- int ret = callback(info, user_data);
- app_info_destroy(info);
- if (!ret) {
- break;
- }
- } while (proxy.nextIterator(iter));
- proxy.destroyIterator(iter);
-
- return ZONE_ERROR_NONE;
-}
-
-static bool appExtraCallback(app_control_h app_control, const char *key, void *user_data)
-{
- ZoneAppProxy::Bundle *bundle = reinterpret_cast<ZoneAppProxy::Bundle*>(user_data);
- ZoneAppProxy::Bundle::Extra extra;
- bool isArray;
-
- extra.key = key;
-
- app_control_is_extra_data_array(app_control, key, &isArray);
- if (isArray) {
- char **values;
- int length = 0;
- app_control_get_extra_data_array(app_control, key, &values, &length);
- for (int i = 0; i < length; i++) {
- extra.value.push_back(values[i]);
- free(values[i]);
- }
- free(values);
- } else {
- char *value;
- app_control_get_extra_data(app_control, key, &value);
- extra.value.push_back(value);
- free(value);
- }
- bundle->extraData.push_back(extra);
-
- return true;
-}
-
-int zone_app_proxy_send_launch_request(zone_app_proxy_h handle, app_control_h app_control)
-{
- RET_ON_FAILURE(handle, ZONE_ERROR_INVALID_PARAMETER);
- RET_ON_FAILURE(app_control, ZONE_ERROR_INVALID_PARAMETER);
-
- auto instance = getInstance(handle);
- auto& proxy = instance->proxy;
- const std::string& name = instance->zoneName;
- char *str;
-
- ZoneAppProxy::Bundle bundle;
- app_control_get_operation(app_control, &str);
- if (str != NULL) {
- bundle.operation = str;
- free(str);
- str = NULL;
- }
- app_control_get_uri(app_control, &str);
- if (str != NULL) {
- bundle.uri = str;
- free(str);
- str = NULL;
- }
- app_control_get_mime(app_control, &str);
- if (str != NULL) {
- bundle.mime = str;
- free(str);
- str = NULL;
- }
- app_control_get_category(app_control, &str);
- if (str != NULL) {
- bundle.category = str;
- free(str);
- str = NULL;
- }
- app_control_get_app_id(app_control, &str);
- if (str != NULL) {
- bundle.appId = str;
- free(str);
- str = NULL;
- }
- app_control_foreach_extra_data(app_control, appExtraCallback, &bundle);
-
- return proxy.launch(name, bundle);
-}
-
-int zone_app_proxy_terminate(zone_app_proxy_h handle, const char* app_id)
-{
- RET_ON_FAILURE(handle, ZONE_ERROR_INVALID_PARAMETER);
- RET_ON_FAILURE(app_id, ZONE_ERROR_INVALID_PARAMETER);
-
- auto instance = getInstance(handle);
- auto& proxy = instance->proxy;
- const std::string& name = instance->zoneName;
-
- return proxy.terminate(name, app_id);
-}
-
-int zone_app_proxy_resume(zone_app_proxy_h handle, const char* app_id)
-{
- RET_ON_FAILURE(handle, ZONE_ERROR_INVALID_PARAMETER);
- RET_ON_FAILURE(app_id, ZONE_ERROR_INVALID_PARAMETER);
-
- auto instance = getInstance(handle);
- auto& proxy = instance->proxy;
- const std::string& name = instance->zoneName;
-
- return proxy.resume(name, app_id);
-}
-
-int zone_app_proxy_is_running(zone_app_proxy_h handle, const char* app_id, int *result)
-{
- RET_ON_FAILURE(handle, ZONE_ERROR_INVALID_PARAMETER);
- RET_ON_FAILURE(app_id, ZONE_ERROR_INVALID_PARAMETER);
- RET_ON_FAILURE(result, ZONE_ERROR_INVALID_PARAMETER);
-
- auto instance = getInstance(handle);
- auto& proxy = instance->proxy;
- const std::string& name = instance->zoneName;
-
- *result = proxy.isRunning(name, app_id);
- return ZONE_ERROR_NONE;
-}
+++ /dev/null
-/*
- * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License
- */
-
-#ifndef __CAPI_ZONE_APP_INFO_H__
-#define __CAPI_ZONE_APP_INFO_H__
-
-#include <app_info.h>
-#include <app_control.h>
-#include <app_manager.h>
-
-#include <zone/zone.h>
-
-/**
- * @file app-info.h
- * @brief This file provides APIs to get the information of applications in the zone
- */
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/**
- * @addtogroup CAPI_ZONE_APPLICATION_INFO_MODULE
- * @{
- */
-
-/**
- * @brief The zone application manager handle
- * @since_tizen 3.0
- * @see zone_app_proxy_create()
- * @see zone_app_proxy_destroy()
- */
-typedef void* zone_app_proxy_h;
-
-/**
- * @brief Acquires the zone application manager handle
- * @details This API acquires zone application manager handle required to call
- * the zone application manager APIs.
- * @since_tizen 3.0
- * @param[in] manager The zone manager handle
- * @param[in] name The zone name
- * @param[out] handle The zone app proxy handle
- * @return #ZONE_ERROR_NONE on success, otherwise a negative value
- * @retval #ZONE_ERROR_NONE Successful
- * @retval #ZONE_ERROR_CONNECTION_REFUSED Connection refused
- * @retval #ZONE_ERROR_TIMED_OUT Time out
- * @see zone_manager_create()
- * @see zone_app_proxy_create()
- * @see get_last_result()
- */
-ZONE_API int zone_app_proxy_create(zone_manager_h manager, const char* name, zone_app_proxy_h* handle);
-
-/**
- * @brief Releases the zone application manager handle
- * @details This API must be called if interaction with the zone application
- * manager handle is no longer required.
- * @since_tizen 3.0
- * @param[in] context The device policy manager context
- * @param[in] handle The zone application manager handle
- * @return #ZONE_ERROR_NONE on success, otherwise a negative value
- * @retval #ZONE_ERROR_NONE Successful
- * @retval #ZONE_ERROR_INVALID_PARAMETER Invalid parameter
- * @retval #ZONE_ERROR_TIMED_OUT Time out
- * @pre The handle must be created by zone_app_proxy_create()
- * @see zone_app_proxy_create()
- */
-ZONE_API int zone_app_proxy_destroy(zone_app_proxy_h handle);
-
-/**
- * @brief Gets the application information for the given application in the zone.
- * @details This API gets application information handle required to get
- * information of the application in the zone
- * @since_tizen 3.0
- * @param[in] handle The zone application manager handle
- * @param[in] appid The application ID
- * @return Zone application handle on success, otherwise NULL
- * @remark The specific error code can be obtained by using the
- * get_last_result() method. Error codes are described in
- * exception section.
- * @exception #ZONE_ERROR_NONE No error
- * @exception #ZONE_ERROR_INVALID_PARAMETER Invalid parameter
- * @exception #ZONE_ERROR_TIMED_OUT Time out
- * @see zone_app_proxy_create()
- * @see zone_app_proxy_create()
- * @see zone_application_release()
- * @see application_manager_get_application_info()
- * @see get_last_result()
- */
-ZONE_API int zone_app_proxy_get_app_info(zone_app_proxy_h handle, const char* appid, app_info_h* app_info);
-
-/**
- * @brief Retrieves all the handles of the application in the zone.
- * @details This API calls app_manager_app_info_cb() once for each application
- * ID with traversing the installed application list in the zone.
- * @since_tizen 3.0
- * @param[in] handle The zone application manager handle
- * @param[in] callback The iteration callback function
- * @param[in] user_data The user data passed to the callback function
- * @return #ZONE_ERROR_NONE on success, otherwise a negative value
- * @retval #ZONE_ERROR_NONE Successful
- * @retval #ZONE_ERROR_TIMED_OUT Time out
- * @retval #ZONE_ERROR_INVALID_PARAMETER Invalid parameter
- * @pre The handle must be created by zone_app_proxy_create().
- * @see zone_app_proxy_create()
- * @see zone_app_proxy_create()
- * @see application_manager_foreach_app_info()
- */
-ZONE_API int zone_app_proxy_foreach_app_info(zone_app_proxy_h handle, app_manager_app_info_cb callback, void *user_data);
-
-/**
- * @brief Launch the application located at the given path into the zone.
- * @details Administrator can use this API to launch the application in the
- * zone.
- * @since_tizen 3.0
- * @param[in] handle The zone application manager handle
- * @param[in] app_control The app_control handle
- * @return #ZONE_ERROR_NONE on success, otherwise a negative value
- * @retval #ZONE_ERROR_NONE Successful
- * @retval #ZONE_ERROR_INVALID_PARAMETER Invalid parameter
- * @retval #ZONE_ERROR_TIMED_OUT Time out
- * @retval #ZONE_ERROR_NO_SUCH_FILE No such application file
- * @retval #ZONE_ERROR_PERMISSION_DENIED The application does not have
- * the privilege to call this API or the caller is not the owner
- * of the zone
- * @pre The handle must be created by zone_app_proxy_create().
- * @pre The zone corresponding to the given name must be
- * created before use of this API.
- * @see zone_app_proxy_create()
- * @see zone_app_proxy_destroy()
- * @see zone_app_proxy_resume()
- * @see zone_app_proxy_terminate()
- * @see zone_is_running_app()
- * @see app_control_send_launch_request()
- */
-ZONE_API int zone_app_proxy_send_launch_request(zone_app_proxy_h handle, app_control_h app_control);
-
-/**
- * @brief Terminate the application located at the given path into the zone.
- * @details Administrator can use this API to terminate the application in
- * the zone.
- * @since_tizen 3.0
- * @param[in] handle The zone application manager handle
- * @param[in] appid The application ID to be terminated
- * @return #ZONE_ERROR_NONE on success, otherwise a negative value
- * @retval #ZONE_ERROR_NONE Successful
- * @retval #ZONE_ERROR_INVALID_PARAMETER Invalid parameter
- * @retval #ZONE_ERROR_TIMED_OUT Time out
- * @retval #ZONE_ERROR_NO_SUCH_FILE No such application file
- * @retval #ZONE_ERROR_PERMISSION_DENIED The application does not have
- * the privilege to call this API or the caller is not the owner
- * of the zone
- * @pre The handle must be created by zone_app_proxy_create().
- * @pre The zone corresponding to the given name must be
- * created before use of this API.
- * @see zone_app_proxy_create()
- * @see zone_app_proxy_destroy()
- * @see zone_app_proxy_resume()
- * @see zone_app_proxy_send_launch_request()
- * @see zone_is_running_app()
- * @see app_control_send_terminate_request()
- * @see app_manager_send_terminate_bt_app()
- */
-ZONE_API int zone_app_proxy_terminate(zone_app_proxy_h handle, const char* appid);
-
-/**
- * @brief Resume the application located at the given path into the zone.
- * @details Administrator can use this API to resume the application in the
- * zone.
- * @since_tizen 3.0
- * @param[in] handle The zone application manager handle
- * @param[in] appid The application ID to be resumed
- * @return #ZONE_ERROR_NONE on success, otherwise a negative value
- * @retval #ZONE_ERROR_NONE Successful
- * @retval #ZONE_ERROR_INVALID_PARAMETER Invalid parameter
- * @retval #ZONE_ERROR_TIMED_OUT Time out
- * @retval #ZONE_ERROR_NO_SUCH_FILE No such application file
- * @retval #ZONE_ERROR_PERMISSION_DENIED The application does not have
- * the privilege to call this API or the caller is not the owner
- * of the zone
- * @pre The handle must be created by zone_app_proxy_create().
- * @pre The zone corresponding to the given name must be
- * created before use of this API.
- * @see zone_app_proxy_create()
- * @see zone_app_proxy_destroy()
- * @see zone_app_proxy_send_launch_request()
- * @see zone_app_proxy_terminate()
- * @see app_manager_resume_app()
- */
-ZONE_API int zone_app_proxy_resume(zone_app_proxy_h handle, const char* appid);
-
-/**
- * @brief Checks whether the application in the zone is running.
- * @details This API can be used to check whether the application in the zone
- * is running.
- * @since_tizen 3.0
- * @param[in] handle The zone application manager handle
- * @param[in] appid The application ID
- * @param[out] result true if the application is running,
- * otherwise false if the application is not running
- * @return #ZONE_ERROR_NONE on success, otherwise a negative value
- * @retval #ZONE_ERROR_NONE Successful
- * @retval #ZONE_ERROR_NO_DATA No such pacakge to check
- * @retval #ZONE_ERROR_INVALID_PARAMETER Invalid parameter
- * @retval #ZONE_ERROR_TIMED_OUT Time out
- * @pre The handle must be created by zone_app_proxy_create().
- * @see zone_app_proxy_create()
- * @see zone_app_proxy_destroy()
- * @see zone_app_proxy_send_launch_request()
- * @see zone_app_proxy_terminate()
- * @see app_manager_is_running_app()
- */
-ZONE_API int zone_app_proxy_is_running(zone_app_proxy_h handle, const char* appid, int* result);
-
-/**
- * @}
- */
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* __CAPI_ZONE_APP_INFO_H__ */
+++ /dev/null
-/*
- * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License
- */
-
-#ifndef __RUNTIME_ARRAY_H__
-#define __RUNTIME_ARRAY_H__
-
-#include <vector>
-#include <utility>
-
-namespace runtime {
-
-template <typename T>
-class Array final {
-public:
- Array() = delete;
- Array(std::vector<T> &&list) :
- list(std::move(list)), it(this->list.begin())
- {
- }
-
- Array(const std::vector<T> &list) :
- list(list), it(this->list.begin())
- {
- }
-
- T *next()
- {
- if (it != list.end()) {
- return &(*it++);
- }
- return NULL;
- }
-
- bool isEnd()
- {
- return it == list.end();
- }
-
-private:
- std::vector<T> list;
- typename std::vector<T>::iterator it;
-};
-
-} // namespace runtime
-
-#endif // __RUNTIME_ARRAY_H__
+++ /dev/null
-/*
- * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License
- */
-
-#ifndef __CAPI_ZONE_ASSERT_H__
-#define __CAPI_ZONE_ASSERT_H__
-
-#define RET_ON_FAILURE(cond, ret) \
-{ \
- if (!(cond)) \
- return (ret); \
-}
-
-#endif //! __CAPI_ZONE_ASSERT_H__
+++ /dev/null
-/*
- * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License
- */
-
-#ifndef __ZONE_PACKAGE_INFO_INTERNAL_H__
-#define __ZONE_PACKAGE_INFO_INTERNAL_H__
-
-#include <glib.h>
-
-// pkgmgr-info : include/pkgmgrinfo_basic.h
-typedef struct icon_x {
- char *text;
- char *lang;
- char *section;
- char *size;
- char *resolution;
- char *dpi;
-} icon_x;
-
-// pkgmgr-info : include/pkgmgrinfo_basic.h
-typedef struct description_x {
- char *name;
- char *text;
- char *lang;
-} description_x;
-
-// pkgmgr-info : include/pkgmgrinfo_basic.h
-typedef struct label_x {
- char *name;
- char *text;
- char *lang;
-} label_x;
-
-// pkgmgr-info : include/pkgmgrinfo_basic.h
-typedef struct author_x {
- char *email;
- char *href;
- char *text;
- char *lang;
-} author_x;
-
-// pkgmgr-info : include/pkgmgrinfo_basic.h
-typedef struct package_x {
- char *for_all_users; /**< Flag that indicates if the package is available for everyone or for current user only, no xml part*/
- char *package; /**< package name, attr*/
- char *version; /**< package version, attr*/
- char *installlocation; /**< package install location, attr, default: "internal-only"*/
- char *ns; /**<name space, attr*/
- char *removable; /**< package removable flag, no xml part*/
- char *preload; /**< package preload flag, no xml part*/
- char *readonly; /**< package readonly flag, no xml part*/
- char *update; /**< package update flag, no xml part*/
- char *appsetting; /**< package app setting flag, attr, default: "false"*/
- char *system; /**< package system flag, no xml part*/
- char *type; /**< package type, attr*/
- char *package_size; /**< package size for external installation, attr*/
- char *installed_time; /**< installed time after finishing of installation, no xml part*/
- char *installed_storage; /**< package currently installed storage, no xml part*/
- char *storeclient_id; /**< id of store client for installed package, attr*/
- char *mainapp_id; /**< app id of main application, no xml part*/
- char *package_url; /**< app id of main application, attr*/
- char *root_path; /**< package root path, attr*/
- char *csc_path; /**< package csc path, attr*/
- char *nodisplay_setting; /**< package no display setting menu, attr, default: "false"*/
- char *support_disable; /**< package support disable flag, attr, default: "false"*/
- char *api_version; /**< minimum version of API package using, attr, default: patch_version trimmed version from tizen_full_version*/
- char *tep_name; /*no xml part*/
- char *zip_mount_file; /*no xml part*/
- char *backend_installer; /**< package backend installer, attr*/
- GList *icon; /**< package icon, element*/
- GList *label; /**< package label, element*/
- GList *author; /**< package author, element*/
- GList *description; /**< package description, element*/
- GList *license; /**< package license, no xml part*/
- GList *privileges; /**< package privileges, element*/
- GList *application; /**< package's application, element*/
- GList *compatibility; /**< package compatibility, element*/
- GList *deviceprofile; /**< package device profile, element*/
-} package_x;
-
-// pkgmgr-info : include/pkgmgrinfo_private.h
-typedef struct _pkgmgr_pkginfo_x {
- uid_t uid;
- package_x *pkg_info;
- char *locale;
-} pkgmgr_pkginfo_x;
-
-// package-manager : src/package_info.c
-typedef struct package_info_s {
- char *package;
- pkgmgr_pkginfo_x *pkgmgr_pkginfo;
-} package_info_s;
-
-#endif //__ZONE_PACKAGE_INFO_INTERNAL_H__
+++ /dev/null
-/*
- * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License
- */
-
-#include <cstdlib>
-#include <cstring>
-#include <algorithm>
-
-#include <pkgmgr-info.h>
-#include <package-manager.h>
-#include <tzplatform_config.h>
-#include <klay/auth/user.h>
-
-#include "zone.h"
-#include "debug.h"
-#include "package-proxy.h"
-#include "package-info-internal.h"
-
-#include "policy-client.h"
-#include "zone/package-proxy.hxx"
-
-using namespace DevicePolicyManager;
-
-struct zone_package_proxy_s {
- ZonePackageProxy proxy;
- std::string zoneName;
- pkgmgr_client* pNativeHandle;
- package_manager_event_cb pCallback;
- void *pCallbackUserData;
-};
-
-static inline zone_package_proxy_s* getInstance(zone_package_proxy_h handle)
-{
- return reinterpret_cast<zone_package_proxy_s *>(handle);
-}
-
-static int packageEventHandler(uid_t target_uid, int req_id,
- const char *pkg_type, const char *pkg_name,
- const char *key, const char *val,
- const void *pmsg, void *data)
-{
- static auto event_type = (package_manager_event_type_e)-1;
- auto event_state = PACKAGE_MANAGER_EVENT_STATE_FAILED;
- auto instance = getInstance(data);
- std::string keystr = key;
- int progress = 0;
-
- if (target_uid != tzplatform_getuid(TZ_SYS_GLOBALAPP_USER)) {
- try {
- runtime::User pkgOwner(target_uid);
- if (pkgOwner.getName() != instance->zoneName) {
- return PACKAGE_MANAGER_ERROR_NONE;
- }
- } catch (runtime::Exception &e) {
- return PACKAGE_MANAGER_ERROR_NONE;
- }
- }
-
- std::transform(keystr.begin(), keystr.end(), keystr.begin(), ::tolower);
-
- if (keystr == "start") {
- if (val == NULL) {
- return PACKAGE_MANAGER_ERROR_INVALID_PARAMETER;
- }
-
- std::string valstr = val;
- std::transform(valstr.begin(), valstr.end(), valstr.begin(), ::tolower);
- if (valstr == "install") {
- event_type = PACKAGE_MANAGER_EVENT_TYPE_INSTALL;
- } else if (valstr == "uninstall") {
- event_type = PACKAGE_MANAGER_EVENT_TYPE_UNINSTALL;
- } else if (valstr == "update") {
- event_type = PACKAGE_MANAGER_EVENT_TYPE_UPDATE;
- } else {
- return PACKAGE_MANAGER_ERROR_INVALID_PARAMETER;
- }
-
- event_state = PACKAGE_MANAGER_EVENT_STATE_STARTED;
- } else if (keystr == "install_percent" ||
- keystr == "progress_percent") {
- event_state = PACKAGE_MANAGER_EVENT_STATE_PROCESSING;
- progress = std::stoi(val);
- } else if (keystr == "error") {
- event_state = PACKAGE_MANAGER_EVENT_STATE_FAILED;
- } else if (keystr == "end" ||
- keystr == "ok") {
- event_state = PACKAGE_MANAGER_EVENT_STATE_COMPLETED;
- progress = 100;
- }
-
- instance->pCallback(pkg_type, pkg_name,
- event_type, event_state, progress,
- PACKAGE_MANAGER_ERROR_NONE,
- instance->pCallbackUserData);
-
-
- return PACKAGE_MANAGER_ERROR_NONE;
-}
-
-static package_info_h make_package_info_handle(const ZonePackageProxy::PackageInfo& info)
-{
- uid_t zone_uid;
-
- if (info.id.empty()) {
- return NULL;
- }
-
- try {
- runtime::User pkgOwner(info.zone);
- zone_uid = pkgOwner.getUid();
- } catch (runtime::Exception &e) {
- return NULL;
- }
-
- package_x* package = (package_x*)::calloc(1, sizeof(package_x));
- pkgmgr_pkginfo_x* pkginfo = (pkgmgr_pkginfo_x*)::calloc(1, sizeof(pkgmgr_pkginfo_x));
- package_info_s* packageinfo = (package_info_s*)::calloc(1, sizeof(package_info_s));
-
- packageinfo->package = ::strdup(info.id.c_str());
- packageinfo->pkgmgr_pkginfo = pkginfo;
-
- pkginfo->uid = zone_uid;
- pkginfo->locale = ::strdup(info.locale.c_str());
- pkginfo->pkg_info = package;
-
- package->for_all_users = ::strdup("false");
- package->package = ::strdup(info.id.c_str());
- package->version = ::strdup(info.version.c_str());
- package->removable = ::strdup(info.isRemovable? "true":"false");
- package->preload = ::strdup(info.isPreload? "true":"false");
- package->system = ::strdup(info.isSystem? "true":"false");
- package->type = ::strdup(info.type.c_str());
- package->mainapp_id = ::strdup(info.mainAppId.c_str());
- package->api_version = ::strdup(info.apiVersion.c_str());
-
- icon_x* icon = (icon_x*)::calloc(1, sizeof(icon_x));
- icon->text = ::strdup(info.icon.c_str());
- icon->lang = ::strdup(info.locale.c_str());
- package->icon = ::g_list_append(NULL, icon);
-
- label_x* label = (label_x*)::calloc(1, sizeof(label_x));
- label->text = ::strdup(info.label.c_str());
- label->lang = ::strdup(info.locale.c_str());
- package->label = ::g_list_append(NULL, label);
-
- description_x* desc = (description_x*)::calloc(1, sizeof(description_x));
- desc->text = ::strdup(info.description.c_str());
- desc->lang = ::strdup(info.locale.c_str());
- package->description = ::g_list_append(NULL, desc);
-
- author_x* author = (author_x*)::calloc(1, sizeof(author_x));
- author->text = ::strdup(info.author.name.c_str());
- author->email = ::strdup(info.author.email.c_str());
- author->href = ::strdup(info.author.href.c_str());
- author->lang = ::strdup(info.locale.c_str());
- package->author = ::g_list_append(NULL, author);
-
- return reinterpret_cast<package_info_h>(packageinfo);
-}
-
-int zone_package_proxy_create(zone_manager_h manager, const char* name, zone_package_proxy_h *handle)
-{
- RET_ON_FAILURE(manager, ZONE_ERROR_INVALID_PARAMETER);
- RET_ON_FAILURE(name, ZONE_ERROR_INVALID_PARAMETER);
- RET_ON_FAILURE(handle, ZONE_ERROR_INVALID_PARAMETER);
-
- zone_package_proxy_s* instance = new zone_package_proxy_s {
- GetDevicePolicyContext(manager).
- createPolicyInterface<ZonePackageProxy>(),
- name, ::pkgmgr_client_new(PC_LISTENING), NULL, NULL
- };
-
- *handle = reinterpret_cast<zone_package_proxy_h>(instance);
- return ZONE_ERROR_NONE;
-}
-
-int zone_package_proxy_destroy(zone_package_proxy_h handle)
-{
- RET_ON_FAILURE(handle, ZONE_ERROR_INVALID_PARAMETER);
-
- zone_package_proxy_s* instance = getInstance(handle);
-
- ::pkgmgr_client_free(instance->pNativeHandle);
-
- delete instance;
-
- return ZONE_ERROR_NONE;
-}
-
-int zone_package_proxy_get_package_info(zone_package_proxy_h handle, const char* package_id, package_info_h* package_info)
-{
- RET_ON_FAILURE(handle, ZONE_ERROR_INVALID_PARAMETER);
- RET_ON_FAILURE(package_id, ZONE_ERROR_INVALID_PARAMETER);
- RET_ON_FAILURE(package_info, ZONE_ERROR_INVALID_PARAMETER);
-
- auto instance = getInstance(handle);
- auto& proxy = instance->proxy;
- const std::string& name = instance->zoneName;
-
- const auto& info = proxy.getPackageInfo(name, package_id);
- package_info_h ret = make_package_info_handle(info);
-
- if (ret == NULL) {
- return ZONE_ERROR_INVALID_PARAMETER;
- }
-
- *package_info = ret;
-
- return ZONE_ERROR_NONE;
-}
-
-int zone_package_proxy_foreach_package_info(zone_package_proxy_h handle, package_manager_package_info_cb callback, void *user_data)
-{
- RET_ON_FAILURE(handle, ZONE_ERROR_INVALID_PARAMETER);
- RET_ON_FAILURE(callback, ZONE_ERROR_INVALID_PARAMETER);
-
- auto instance = getInstance(handle);
- auto& proxy = instance->proxy;
- const std::string& name = instance->zoneName;
-
- for (const auto& pkgid : proxy.getPackageList(name)) {
- package_info_h info_h = make_package_info_handle(proxy.getPackageInfo(name, pkgid));
- int ret = callback(info_h, user_data);
- package_info_destroy(info_h);
- if (!ret) {
- break;
- }
- }
-
- return ZONE_ERROR_NONE;
-}
-
-int zone_package_proxy_set_event_status(zone_package_proxy_h handle, int status_type)
-{
- RET_ON_FAILURE(handle, ZONE_ERROR_INVALID_PARAMETER);
-
- auto instance = getInstance(handle);
-
- int ret;
- ret = pkgmgrinfo_client_set_status_type(instance->pNativeHandle, status_type);
-
- if (ret != PACKAGE_MANAGER_ERROR_NONE)
- return ZONE_ERROR_INVALID_PARAMETER;
-
- return ZONE_ERROR_NONE;
-}
-
-int zone_package_proxy_set_event_cb(zone_package_proxy_h handle, package_manager_event_cb callback, void *user_data)
-{
- RET_ON_FAILURE(handle, ZONE_ERROR_INVALID_PARAMETER);
- RET_ON_FAILURE(callback, ZONE_ERROR_INVALID_PARAMETER);
-
- auto instance = getInstance(handle);
-
- instance->pCallback = callback;
- instance->pCallbackUserData = user_data;
-
- int ret;
- ret = pkgmgr_client_listen_status(instance->pNativeHandle, packageEventHandler, handle);
-
- if (ret < 0)
- return ZONE_ERROR_INVALID_PARAMETER;
-
- return ZONE_ERROR_NONE;
-}
-
-int zone_package_proxy_unset_event_cb(zone_package_proxy_h handle)
-{
- RET_ON_FAILURE(handle, ZONE_ERROR_INVALID_PARAMETER);
-
- auto instance = getInstance(handle);
-
- int ret;
- ret = pkgmgr_client_remove_listen_status(instance->pNativeHandle);
-
- if (ret < 0)
- return ZONE_ERROR_INVALID_PARAMETER;
-
- return ZONE_ERROR_NONE;
-}
-
-int zone_package_proxy_install(zone_package_proxy_h handle, const char* package_path)
-{
- RET_ON_FAILURE(handle, ZONE_ERROR_INVALID_PARAMETER);
- RET_ON_FAILURE(package_path, ZONE_ERROR_INVALID_PARAMETER);
-
- auto instance = getInstance(handle);
- auto& proxy = instance->proxy;
- const std::string& name = instance->zoneName;
-
- return proxy.install(name, package_path);
-}
-
-int zone_package_proxy_uninstall(zone_package_proxy_h handle, const char* package_id)
-{
- RET_ON_FAILURE(handle, ZONE_ERROR_INVALID_PARAMETER);
- RET_ON_FAILURE(package_id, ZONE_ERROR_INVALID_PARAMETER);
-
- auto instance = getInstance(handle);
- auto& proxy = instance->proxy;
- const std::string& name = instance->zoneName;
-
- return proxy.uninstall(name, package_id);
-}
+++ /dev/null
-/*
- * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License
- */
-
-#ifndef __CAPI_ZONE_PACKAGE_INFO_H__
-#define __CAPI_ZONE_PACKAGE_INFO_H__
-
-#include <package_info.h>
-#include <package_manager.h>
-
-#include <zone/zone.h>
-
-/**
- * @file package-info.h
- * @brief This file provides APIs to get the information of packages in the zone
- */
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/**
- * @addtogroup CAPI_ZONE_ZONE_PACKAGE_INFO_MODULE
- * @{
- */
-
-/**
- * @brief The zone package proxy handle
- * @since_tizen 3.0
- * @see zone_package_proxy_create()
- * @see zone_package_proxy_destroy()
- */
-typedef void* zone_package_proxy_h;
-
-/**
- * @brief Acquires the zone package proxy handle.
- * @details This API acquires zone package proxy handle required to call
- * the zone package_manager APIs.
- * @since_tizen 3.0
- * @param[in] manager The zone manager handle
- * @param[in] name The zone name
- * @param[out] handle The zone package proxy handle
- * @return #ZONE_ERROR_NONE on success, otherwise a negative value
- * @retval #ZONE_ERROR_NONE Successful
- * @retval #ZONE_ERROR_CONNECTION_REFUSED Connection refused
- * @retval #ZONE_ERROR_TIMED_OUT Time out
- * @see zone_manager_create()
- * @see zone_package_proxy_destroy()
- * @see get_last_result()
- */
-ZONE_API int zone_package_proxy_create(zone_manager_h manager, const char* name, zone_package_proxy_h *handle);
-
-/**
- * @brief Releases the zone package proxy handle.
- * @details This API must be called if interaction with the zone package
- * manager handle is no longer required.
- * @since_tizen 3.0
- * @param[in] handle The zone package proxy handle
- * @return #ZONE_ERROR_NONE on success, otherwise a negative value
- * @retval #ZONE_ERROR_NONE Successful
- * @retval #ZONE_ERROR_INVALID_PARAMETER Invalid parameter
- * @retval #ZONE_ERROR_TIMED_OUT Time out
- * @pre The handle must be created by zone_package_proxy_create()
- * @see zone_package_proxy_create()
- */
-ZONE_API int zone_package_proxy_destroy(zone_package_proxy_h handle);
-
-/**
- * @brief Gets the package information for the given package in the zone.
- * @details This API gets package information handle required to get
- * information of the pacakge in the zone.
- * @since_tizen 3.0
- * @param[in] handle The zone package proxy handle
- * @param[in] pakcage_id The package ID
- * @return Zone package information handle on success, otherwise NULL
- * @remark The specific error code can be obtained by using the
- * get_last_result() method. Error codes are described in
- * exception section.
- * @remark The handle should be destroyed using package_info_destroy().
- * @exception #ZONE_ERROR_NONE No error
- * @exception #ZONE_ERROR_INVALID_PARAMETER Invalid parameter
- * @exception #ZONE_ERROR_TIMED_OUT Time out
- * @see zone_package_proxy_create()
- * @see zone_package_proxy_destroy()
- * @see package_manager_get_package_info()
- * @see package_manager_destroy()
- * @see get_last_result()
- */
-ZONE_API int zone_package_proxy_get_package_info(zone_package_proxy_h handle, const char* pakcage_id, package_info_h* package_info);
-
-/**
- * @brief Retrieves all the IDs of the installed package in the zone.
- * @details This API calls package_manager_package_info_cb() once for
- * each package information handle with traversing the installed
- * package list in the zone.
- * @since_tizen 3.0
- * @param[in] handle The zone package proxy handle
- * @param[in] callback The iteration callback function
- * @param[in] user_data The user data passed to the callback function
- * @return #ZONE_ERROR_NONE on success, otherwise a negative value
- * @retval #ZONE_ERROR_NONE Successful
- * @retval #ZONE_ERROR_TIMED_OUT Time out
- * @retval #ZONE_ERROR_INVALID_PARAMETER Invalid parameter
- * @pre The handle must be created by zone_package_proxy_create().
- * @see zone_package_proxy_create()
- * @see zone_package_proxy_destroy()
- * @see package_manager_foreach_package_info()
- */
-ZONE_API int zone_package_proxy_foreach_package_info(zone_package_proxy_h handle, package_manager_package_info_cb callback, void *user_data);
-
-/**
- * @brief Installs the package located at the given path into the zone.
- * @details Administrator can use this API to install the package into the
- * zone.
- * @since_tizen 3.0
- * @param[in] handle The zone package proxy handle
- * @param[in] name The zone name
- * @param[in] package_path The absolute path to the package to be installed
- * @return #ZONE_ERROR_NONE on success, otherwise a negative value
- * @retval #ZONE_ERROR_NONE Successful
- * @retval #ZONE_ERROR_INVALID_PARAMETER Invalid parameter
- * @retval #ZONE_ERROR_TIMED_OUT Time out
- * @retval #ZONE_ERROR_NO_SUCH_FILE No such package file
- * @retval #ZONE_ERROR_PERMISSION_DENIED The application does not have
- * the privilege to call this API or the caller is not the owner
- * of the zone
- * @pre The handle must be created by zone_package_proxy_create().
- * @pre The zone corresponding to the given name must be
- * created before use of this API.
- * @see zone_package_proxy_create()
- * @see zone_package_proxy_destroy()
- * @see zone_package_proxy_uninstall()
- * @see package_manager_request_install()
- */
-ZONE_API int zone_package_proxy_install(zone_package_proxy_h handle, const char* package_path);
-
-/**
- * @brief Uinstalls the package with the given ID from the zone.
- * @details Administrator can use this API to uninstall the package from the
- * zone.
- * @since_tizen 3.0
- * @param[in] handle The zone package proxy handle
- * @param[in] name The zone name
- * @param[in] pakcage_id The pakcage ID
- * @return #ZONE_ERROR_NONE on success, otherwise a negative value
- * @retval #ZONE_ERROR_NONE Successful
- * @retval #ZONE_ERROR_INVALID_PARAMETER Invalid parameter
- * @retval #ZONE_ERROR_TIMED_OUT Time out
- * @retval #ZONE_ERROR_NO_DATA No such pacakge to unintall
- * @retval #ZONE_ERROR_PERMISSION_DENIED The application does not have
- * the privilege to call this API or the caller is not the owner
- * of the zone
- * @pre The handle must be created by zone_package_proxy_create().
- * @pre The zone corresponding to the given name must be
- * created before use of this API.
- * @see zone_package_proxy_create()
- * @see zone_package_proxy_destroy()
- * @see zone_package_proxy_install()
- * @see package_manager_request_uninstall()
- */
-ZONE_API int zone_package_proxy_uninstall(zone_package_proxy_h handle, const char* pakcage_id);
-
-/**
- * @brief Sets the event status that presents the package has been
- * installed, uninstalled or updated in the zone.
- * @details This API sets the event status of the package for monitoring
- * whether the package has been installed, uninstalled or updated.
- * event status can be combined multiple status using OR operation.
- * @since_tizen 3.0
- * @param[in] handle The zone package proxy handle
- * @param[in] status_type The status of the package
- * @return #ZONE_ERROR_NONE on success, otherwise a negative value
- * @retval #ZONE_ERROR_NONE Successful
- * @retval #ZONE_ERROR_INVALID_PARAMETER Invalid parameter
- * @retval #ZONE_ERROR_TIMED_OUT Time out
- * @pre The handle must be created by zone_package_proxy_create().
- * @pre the zone corresponding to the given name must be
- * created before use of this api.
- * @see zone_package_proxy_create()
- * @see zone_package_proxy_destroy()
- * @see zone_package_proxy_uninstall()
- * @see zone_package_proxy_set_event_cb()
- * @see zone_package_proxy_unset_event_cb()
- * @see package_manager_set_event_status()
- */
-ZONE_API int zone_package_proxy_set_event_status(zone_package_proxy_h handle, int status_type);
-
-/**
- * @brief Registers a callback function for package event.
- * @details This API sets a callback function to be invoked when the package
- * has been installed, uninstalled or updated.
- * @since_tizen 3.0
- * @param[in] handle the zone package proxy handle
- * @param[in] callback The callback function to be registered
- * @param[in] user_data The user data to be passed to the callback function
- * @return #ZONE_ERROR_NONE on success, otherwise a negative value
- * @retval #ZONE_ERROR_NONE Successful
- * @retval #ZONE_ERROR_INVALID_PARAMETER Invalid parameter
- * @retval #ZONE_ERROR_TIMED_OUT Time out
- * @pre the handle must be created by zone_package_proxy_create().
- * @see zone_package_proxy_create()
- * @see zone_package_proxy_destroy()
- * @see zone_package_proxy_uninstall()
- * @see zone_package_proxy_set_event_status()
- * @see zone_package_proxy_unset_event_cb()
- * @see package_manager_event_cb()
- * @see package_manager_set_event_cb()
- */
-ZONE_API int zone_package_proxy_set_event_cb(zone_package_proxy_h handle, package_manager_event_cb callback, void *user_data);
-
-/**
- * @brief Unregisters the callback function.
- * @details This API unsets the callback funtion not to be invoked by
- * package event status
- * @since_tizen 3.0
- * @param[in] handle the zone package proxy handle
- * @param[in] name the zone name
- * @return #ZONE_ERROR_NONE on success, otherwise a negative value
- * @retval #ZONE_ERROR_NONE Successful
- * @retval #ZONE_ERROR_INVALID_PARAMETER Invalid parameter
- * @retval #ZONE_ERROR_TIMED_OUT Time out
- * @pre the handle must be created by zone_package_proxy_create().
- * created before use of this api.
- * @see zone_package_proxy_create()
- * @see zone_package_proxy_destroy()
- * @see zone_package_proxy_uninstall()
- * @see zone_package_proxy_set_event_status()
- * @see zone_package_proxy_set_event_cb()
- * @see package_manager_unset_event_cb()
- */
-ZONE_API int zone_package_proxy_unset_event_cb(zone_package_proxy_h handle);
-
-
-/**
- * @}
- */
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* __CAPI_ZONE_PACKAGE_INFO_H__ */
+++ /dev/null
-/*
- * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License
- */
-
-#include "zone/zone.h"
-
-#include "debug.h"
-#include "array.h"
-
-#include "policy-client.h"
-#include "zone/zone.hxx"
-
-using namespace DevicePolicyManager;
-
-DevicePolicyContext& GetDevicePolicyContext(void* handle)
-{
- return *reinterpret_cast<DevicePolicyContext*>(handle);
-}
-
-int zone_manager_create(zone_manager_h* handle)
-{
- RET_ON_FAILURE(handle, ZONE_ERROR_INVALID_PARAMETER);
-
- DevicePolicyContext* client = new(std::nothrow) DevicePolicyContext();
-
- RET_ON_FAILURE(handle, ZONE_ERROR_CONNECTION_REFUSED);
-
- if (client->connect() < 0) {
- delete client;
- RET_ON_FAILURE(handle, ZONE_ERROR_CONNECTION_REFUSED);
- }
-
- *handle = reinterpret_cast<zone_manager_h>(client);
-
- return ZONE_ERROR_NONE;
-}
-
-int zone_manager_destroy(zone_manager_h handle)
-{
- RET_ON_FAILURE(handle, ZONE_ERROR_INVALID_PARAMETER);
-
- delete &GetDevicePolicyContext(handle);
-
- return ZONE_ERROR_NONE;
-}
-
-int zone_manager_add_event_cb(zone_manager_h handle, const char* event, zone_event_cb callback, void* user_data, int *id)
-{
- RET_ON_FAILURE(handle, ZONE_ERROR_INVALID_PARAMETER);
- RET_ON_FAILURE(event, ZONE_ERROR_INVALID_PARAMETER);
- RET_ON_FAILURE(callback, ZONE_ERROR_INVALID_PARAMETER);
-
- DevicePolicyContext &context = GetDevicePolicyContext(handle);
- int ret = context.subscribeSignal(std::string("ZoneManager::") + event,
- callback, user_data);
- if (ret < 0)
- return ZONE_ERROR_INVALID_PARAMETER;
-
- *id = ret;
- return ZONE_ERROR_NONE;
-}
-
-int zone_manager_remove_event_cb(zone_manager_h handle, int callback_id)
-{
- RET_ON_FAILURE(handle, ZONE_ERROR_INVALID_PARAMETER);
- RET_ON_FAILURE(callback_id >= 0, ZONE_ERROR_INVALID_PARAMETER);
-
- DevicePolicyContext &context = GetDevicePolicyContext(handle);
- int ret = context.unsubscribeSignal(callback_id);
- if (ret)
- return ZONE_ERROR_INVALID_PARAMETER;
-
- return ZONE_ERROR_NONE;
-}
-
-int zone_manager_create_zone(zone_manager_h handle, const char* name, const char* manifest)
-{
- RET_ON_FAILURE(handle, ZONE_ERROR_INVALID_PARAMETER);
- RET_ON_FAILURE(name, ZONE_ERROR_INVALID_PARAMETER);
- RET_ON_FAILURE(manifest, ZONE_ERROR_INVALID_PARAMETER);
-
- DevicePolicyContext &client = GetDevicePolicyContext(handle);
- ZoneManager zone = client.createPolicyInterface<ZoneManager>();
- return zone.createZone(name, manifest);
-}
-
-int zone_manager_destroy_zone(zone_manager_h handle, const char* name)
-{
- RET_ON_FAILURE(handle, ZONE_ERROR_INVALID_PARAMETER);
- RET_ON_FAILURE(name, ZONE_ERROR_INVALID_PARAMETER);
-
- DevicePolicyContext &client = GetDevicePolicyContext(handle);
- ZoneManager zone = client.createPolicyInterface<ZoneManager>();
- return zone.removeZone(name);
-}
-
-int zone_manager_get_zone_state(zone_manager_h handle, const char* name, zone_state_e *state)
-{
- RET_ON_FAILURE(handle, ZONE_ERROR_INVALID_PARAMETER);
- RET_ON_FAILURE(name, ZONE_ERROR_INVALID_PARAMETER);
-
- DevicePolicyContext &client = GetDevicePolicyContext(handle);
- ZoneManager zone = client.createPolicyInterface<ZoneManager>();
-
- int result = zone.getZoneState(name);
- if (result == 0) {
- return ZONE_ERROR_NO_DATA;
- }
-
- *state = (zone_state_e)result;
- return ZONE_ERROR_NONE;
-}
-
-int zone_manager_foreach_name(zone_manager_h handle, zone_state_e state,
- zone_manager_foreach_cb callback, void* user_data)
-{
- RET_ON_FAILURE(handle, ZONE_ERROR_INVALID_PARAMETER);
- RET_ON_FAILURE(callback, ZONE_ERROR_INVALID_PARAMETER);
-
- DevicePolicyContext &client = GetDevicePolicyContext(handle);
- ZoneManager zone = client.createPolicyInterface<ZoneManager>();
- std::vector<std::string> list = zone.getZoneList(state);
- for (std::vector<std::string>::iterator it = list.begin();
- it != list.end(); it++) {
- if (!callback((*it).c_str(), user_data))
- break;
- }
-
- return ZONE_ERROR_NONE;
-}
-
-int zone_manager_reset_zone_password(zone_manager_h handle, const char* name, const char* new_password)
-{
- RET_ON_FAILURE(handle, ZONE_ERROR_INVALID_PARAMETER);
- RET_ON_FAILURE(name, ZONE_ERROR_INVALID_PARAMETER);
-
- if (new_password == NULL) {
- new_password = "";
- }
-
- DevicePolicyContext &client = GetDevicePolicyContext(handle);
- ZoneManager zone = client.createPolicyInterface<ZoneManager>();
-
- return zone.resetZonePassword(name, new_password);
-}
+++ /dev/null
-/*
- * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License
- */
-
-#ifndef __ZONE_ZONE_H__
-#define __ZONE_ZONE_H__
-
-#include <tizen.h>
-
-/**
- * @file zone.h
- * @brief This file defines common data types required to zone APIs.
- */
-
-#ifndef ZONE_API
-#define ZONE_API __attribute__((visibility("default")))
-#endif // API
-
-#ifndef TRUE
-#define TRUE 1
-#endif
-
-#ifndef FALSE
-#define FALSE 0
-#endif
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/**
- * @addtogroup CAPI_ZONE_ZONE_MODULE
- * @{
- */
-
-/**
- * @brief Enumeration of device policy API errors
- * @since_tizen 3.0
- */
-typedef enum {
- ZONE_ERROR_NONE = TIZEN_ERROR_NONE, /**< The operation was successful */
- ZONE_ERROR_INVALID_PARAMETER = TIZEN_ERROR_INVALID_PARAMETER, /**< Invalid parameter */
- ZONE_ERROR_CONNECTION_REFUSED = TIZEN_ERROR_CONNECTION_REFUSED, /**< Connection refused */
- ZONE_ERROR_TIMED_OUT = TIZEN_ERROR_TIMED_OUT, /**< Time out */
- ZONE_ERROR_PERMISSION_DENIED = TIZEN_ERROR_PERMISSION_DENIED, /**< Access privilege is not sufficient */
- ZONE_ERROR_NOT_SUPPORTED = TIZEN_ERROR_NOT_SUPPORTED, /**< Operation is not supported */
- ZONE_ERROR_NO_SUCH_FILE = TIZEN_ERROR_NO_SUCH_FILE, /**< No such file or directory */
- ZONE_ERROR_FILE_EXISTS = TIZEN_ERROR_FILE_EXISTS, /**< File exists */
- ZONE_ERROR_OUT_OF_MEMORY = TIZEN_ERROR_OUT_OF_MEMORY, /**< Out of memory */
- ZONE_ERROR_NO_DATA = TIZEN_ERROR_NO_DATA /**< No Data */
-} zone_error_type_e;
-
-/**
- * @brief The zone manager handle
- * @details The zone manager handle is an abstraction of the
- * logical connection between the zone manager and it's client.
- * The zone manager handle must be created by using
- * zone_manager_create() before attempting to use almost any of
- * the zone related APIs, and it should be freed when interaction
- * with the zone manager is no longer required.
- * To release the handle, use zone_manager_destroy().
- * @since_tizen 3.0
- * @see zone_manager_create()
- * @see zone_manager_destroy()
- */
-typedef void* zone_manager_h;
-
-/**
- * @brief Creates the zone manager handle.
- * @details This API creates zone manager handle required to
- * the zone related APIs.
- * This API is also used to verify whether caller is authorized
- * or not.
- * @since_tizen 3.0
- * @param[out] handle The zone manager handle
- * @return #ZONE_ERROR_NONE on success, otherwise a negative value
- * @retval #ZONE_ERROR_NONE Successful
- * @retval #ZONE_ERROR_CONNECTION_REFUSED Connection refused
- * @retval #ZONE_ERROR_TIMED_OUT Time out
- * @see zone_manager_destroy()
- * @see get_last_result()
- */
-ZONE_API int zone_manager_create(zone_manager_h *handle);
-
-/**
- * @brief Releases the zone manager handle.
- * @details This API must be called if interaction with the zone manager is
- * no longer required.
- * @since_tizen 3.0
- * @param[in] handle The zone manager handle
- * @return #ZONE_ERROR_NONE on success, otherwise a negative value
- * @retval #ZONE_ERROR_NONE Successful
- * @retval #ZONE_ERROR_INVALID_PARAMETER Invalid parameter
- * @pre The handle must be created by zone_manager_create()
- * @see zone_manager_create()
- */
-ZONE_API int zone_manager_destroy(zone_manager_h handle);
-
-/**
- * @brief Called when a zone raises a event.
- * @since_tizen 3.0
- * @param[in] name The zone name
- * @param[in] object The object name triggered the event
- * @param[in] user_data The user data passed from zone_manager_add_event_cb
- * @see zone_manager_add_event_cb()
- * @see zone_manager_remove_event_cb()
- */
-typedef void(*zone_event_cb)(const char* name, const char* object, void* user_data);
-
-/**
- * @brief Adds zone event callback.
- * @details This API can be used to receive events sent by zone
- * The callback specified to this function is automatically called when
- * the zone is created or removed.
- * @since_tizen 3.0
- * @param[in] context The zone_manager handle
- * @param[in] event The event name to receive
- * @param[in] callback The event callback
- * @param[in] user_data The user data passed to the callback function
- * @param[out] id Signal identifier
- * @return #ZONE_ERROR_NONE on success, otherwise a negative value
- * @retval #ZONE_ERROR_NONE Successful
- * @retval #ZONE_ERROR_INVALID_PARAMETER Invalid parameter
- * @retval #ZONE_ERROR_TIMED_OUT Time out
- * @pre The handle must be created by zone_manager_create().
- * @see zone_manager_create()
- * @see zone_manager_destroy()
- * @see zone_manager_remove_event_cb()
- */
-ZONE_API int zone_manager_add_event_cb(zone_manager_h handle,
- const char* event,
- zone_event_cb callback, void* user_data,
- int* id);
-
-/**
- * @brief Removes zone event callback.
- * @details This API removes zone event callback
- * @since_tizen 3.0
- * @param[in] context The zone manager handle
- * @param[in] id Signal identifier
- * @return #ZONE_ERROR_NONE on success, otherwise a negative value
- * @retval #ZONE_ERROR_NONE Successful
- * @retval #ZONE_ERROR_INVALID_PARAMETER Invalid parameter
- * @retval #ZONE_ERROR_TIMED_OUT Time out
- * @pre The context must be created by zone_manager_create().
- * @see zone_manager_create()
- * @see zone_manager_destroy()
- * @see zone_manager_add_event_cb()
- */
-ZONE_API int zone_manager_remove_event_cb(zone_manager_h handle, int id);
-
-/**
- * @brief Creates a new zone.
- * @details This API creates a container. All file system objects neeeded
- * will be also created. manifest XML passed by parameter will be
- * used when the zone is running.
- * @since_tizen 3.0
- * @param[in] handle The zone manager handle
- * @param[in] name The zone name to be created
- * @param[in] manifest The manifest XML to be used when the zone is runned.
- * @return #ZONE_ERROR_NONE on success, otherwise a negative value
- * @retval #ZONE_ERROR_NONE Successful
- * @retval #ZONE_ERROR_INVALID_PARAMETER Invalid parameter
- * @retval #ZONE_ERROR_TIMED_OUT Time out
- * @retval #ZONE_ERROR_PERMISSION_DENIED The application does not have
- * the privilege to call this API
- * @pre The handle must be created by zone_manager_create().
- * @see zone_manager_create()
- * @see zone_manager_destroy()
- * @see zone_manager_destroy_zone()
- * @see zone_manager_create_zone_iterator()
- */
-ZONE_API int zone_manager_create_zone(zone_manager_h handle, const char* name, const char* manifest);
-
-/**
- * @brief Removes existing zone.
- * @details This removes zone. All file system objects created for the zone
- * will be also erased.
- * @since_tizen 3.0
- * @param[in] handle The zone manager handle
- * @param[in] name The zone name to be removed
- * @return #ZONE_ERROR_NONE on success, otherwise a negative value
- * @retval #ZONE_ERROR_NONE Successful
- * @retval #ZONE_ERROR_INVALID_PARAMETER Invalid parameter
- * @retval #ZONE_ERROR_TIMED_OUT Time out
- * @retval #ZONE_ERROR_PERMISSION_DENIED The application does not have
- * the privilege to call this API or the caller is not the owner
- * of the zone
- * @pre The handle must be created by zone_manager_create().
- * @pre The zone corresponding to the given name must be
- * created before use of this API.
- * @see zone_manager_create()
- * @see zone_manager_destroy()
- * @see zone_manager_create_zone()
- * @see zone_manager_create_zone_iterator()
- */
-ZONE_API int zone_manager_destroy_zone(zone_manager_h handle, const char* name);
-
-/*
- * @brief Enumeration for zone state
- * @since_tizen 3.0
- */
-typedef enum {
- ZONE_STATE_LOCKED = 0x01, /**< Zone has been defined, but it can not start. */
- ZONE_STATE_RUNNING = 0x02, /**< Zone has been started. */
- ZONE_STATE_ALL = 0xff /**< This presents all of the state */
-} zone_state_e;
-
-/**
- * @brief Gets the zone state.
- * @details This API can be used to get the state of the zone. The zone can
- * have one of the three states(running, locked).
- * @since_tizen 3.0
- * @param[in] handle The zone policy handle
- * @param[in] name The zone name
- * @param[out] state The zone state
- * @return #ZONE_ERROR_NONE on success, otherwise a negative value
- * @retval #ZONE_ERROR_NONE Successful
- * @retval #ZONE_ERROR_NO_DATA No such zone to get state
- * @retval #ZONE_ERROR_INVALID_PARAMETER Invalid parameter
- * @retval #ZONE_ERROR_TIMED_OUT Time out
- * @pre The handle must be created by zone_manager_create().
- * @see zone_manager_create()
- * @see zone_manager_destroy()
- * @see zone_manager_create_zone()
- * @see zone_manager_destroy_zone()
- */
-ZONE_API int zone_manager_get_zone_state(zone_manager_h handle, const char* name, zone_state_e* state);
-
-/**
- * @brief Called to get all the name of created zones.
- * @since_tizen 3.0
- * @param[in] name The zone name
- * @param[in] user_data The user data passed from zone_manager_foreach_name
- * @return true to continue with the next iteration of the loop, otherwise false to break out out the loop
- * @see zone_manager_foreach_name()
- */
-typedef bool(*zone_manager_foreach_cb)(const char* name, void* user_data);
-
-/**
- * @brief Retrieves all the name of created zones
- * @details This API calls zone_manager_foreach_cb() once for each zone name
- * with traversing the created zones list.
- * @since_tizen 3.0
- * @param[in] handle The zone policy handle
- * @param[in] state a combination of the zone state to look
- * @param[in] callback The iteration callback function
- * @param[in] user_data The user data passed to the callback function
- * @return #ZONE_ERROR_NONE on success, otherwise a negative value
- * @retval #ZONE_ERROR_NONE Successful
- * @retval #ZONE_ERROR_TIMED_OUT Time out
- * @retval #ZONE_ERROR_INVALID_PARAMETER Invalid parameter
- * @pre The handle must be created by zone_manager_create().
- * @see zone_manager_create()
- * @see zone_manager_destroy()
- * @see zone_manager_create_zone()
- * @see zone_manager_destroy_zone()
- */
-ZONE_API int zone_manager_foreach_name(zone_manager_h handle,
- zone_state_e state,
- zone_manager_foreach_cb callback,
- void* user_data);
-
-/**
- * @brief Reset password for the zone.
- * @details This API can be used to set password for the zone. The password
- * of the zone can be used for authenticating user.
- * @since_tizen 3.0
- * @param[in] handle The zone policy handle
- * @param[in] name The zone name
- * @param[out] new_password new password if NULL, existing password will be removed
- * @return #ZONE_ERROR_NONE on success, otherwise a negative value
- * @retval #ZONE_ERROR_NONE Successful
- * @retval #ZONE_ERROR_NO_DATA No such zone to get state
- * @retval #ZONE_ERROR_INVALID_PARAMETER Invalid parameter
- * @retval #ZONE_ERROR_TIMED_OUT Time out
- * @pre The handle must be created by zone_manager_create().
- * @see zone_manager_create()
- * @see zone_manager_destroy()
- */
-ZONE_API int zone_manager_reset_zone_password(zone_manager_h handle, const char* name, const char* new_password);
-
-/**
- * @}
- */
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* __ZONE_ZONE_H__ */
+++ /dev/null
-#
-# Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-
-PROJECT(zone-provider)
-
-FILE(GLOB ZONE_PAM_SRCS zone-builder.cpp
- session.cpp
- zone.cpp
-)
-
-SET (CMAKE_SHARED_LINKER_FLAGS "${CMAKE_SHARED_LINKER_FLAGS} -Wl,-z,noexecstack")
-
-SET(ZONE_PAM_NAME "pam_zone")
-ADD_LIBRARY(${ZONE_PAM_NAME} MODULE ${ZONE_PAM_SRCS})
-SET_TARGET_PROPERTIES(${ZONE_PAM_NAME} PROPERTIES PREFIX ""
- COMPILE_DEFINITIONS PID_FILE_PATH="${RUN_INSTALL_DIR}/zone"
- COMPILE_FLAGS "-fvisibility=hidden"
-)
-
-FIND_PATH(PAM_INCLUDE_DIR NAMES security/pam_appl.h security/pam_ext.h security/pam_modules.h
- HINTS ${PAM_ROOT_DIR} PATH_SUFFIXES include)
-FIND_LIBRARY(PAM_LIBRARY pam HINTS ${PAM_ROOT_DIR} PATH_SUFFIXES ${LIB_INSTALL_DIR})
-MARK_AS_ADVANCED(PAM_INCLUDE_DIR PAM_LIBRARY)
-
-INCLUDE(FindPackageHandleStandardArgs)
-FIND_PACKAGE_HANDLE_STANDARD_ARGS(PAM DEFAULT_MSG PAM_LIBRARY PAM_INCLUDE_DIR)
-
-PKG_CHECK_MODULES(ZONE_PAM_DEPS REQUIRED
- klay
- libxml-2.0
-)
-
-INCLUDE_DIRECTORIES(${PAM_INCLUDE_DIR} ${ZONE_PAM_DEPS_INCLUDE_DIRS})
-TARGET_LINK_LIBRARIES(${ZONE_PAM_NAME} ${PAM_LIBRARY} ${ZONE_PAM_DEPS_LIBRARIES} pthread)
-
-TARGET_COMPILE_DEFINITIONS(${ZONE_PAM_NAME} PRIVATE
- CONF_PATH="${CONF_INSTALL_DIR}"
-)
-
-INSTALL(TARGETS ${ZONE_PAM_NAME} DESTINATION ${LIB_INSTALL_DIR}/security)
-INSTALL(FILES data/DefaultZoneManifest.xml DESTINATION ${CONF_INSTALL_DIR}/zone RENAME owner.xml)
-INSTALL(FILES data/zone_indicator_icon.png DESTINATION /opt/data/dpm)
-INSTALL(FILES data/zone_noti_list_sub_icon.png DESTINATION /opt/data/dpm)
-INSTALL(FILES pam.d/systemd-user-zone DESTINATION ${PAMD_INSTALL_DIR})
+++ /dev/null
-<?xml version="1.0" encoding="utf-8"?>
-<manifest version="0.1.0">
- <capability></capability>
- <filesystem>
- <!--<entry source="" target="" type="none" option="rw,bind" />-->
- </filesystem>
- <network>
- <!--<interface name="eth0" address="10.254.34.232" netmask="" gateway="" />-->
- </network>
-</manifest>
+++ /dev/null
-account include system-auth
-session include system-auth
-session optional pam_systemd.so
-session required pam_zone.so
+++ /dev/null
-/*
- * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License
- */
-
-#include <stdio.h>
-#include <unistd.h>
-#include <sys/stat.h>
-#include <sys/file.h>
-#include <string.h>
-#include <errno.h>
-#include <signal.h>
-
-#include "session.h"
-#include "exception.h"
-#include "filesystem.h"
-
-bool isValidSessionLeader(pid_t pid)
-{
- runtime::File proc("/proc/" + std::to_string(pid));
- return proc.exists();
-}
-
-void createSession(const runtime::User& user, const SessionBuilder& sessionBuilder)
-{
- runtime::File file("/var/run/zone/" + user.getName());
- if (file.exists()) {
- if (isValidSessionLeader(getSessionLeader(user))) {
- throw runtime::Exception("Session already opened");
- }
- file.remove();
- } else {
- file.makeBaseDirectory();
- }
-
- sessionBuilder(user);
-
- file.create(0600);
- file.lock();
- file.chown(user.getUid(), user.getGid());
- pid_t pid = ::getpid();
- file.write(&pid, sizeof(pid_t));
- file.unlock();
-}
-
-pid_t getSessionLeader(const runtime::User& user)
-{
- runtime::File file("/var/run/zone/" + user.getName(), O_RDONLY);
- file.lock();
- pid_t pid = -1;
- file.read(&pid, sizeof(pid_t));
- file.unlock();
-
- return pid;
-}
-
-void destroySession(const runtime::User& user)
-{
- std::string path = "/var/run/zone/" + user.getName();
- ::unlink(path.c_str());
-}
+++ /dev/null
-/*
- * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License
- */
-
-#ifndef __ZONE_SESSION_ENV_H__
-#define __ZONE_SESSION_ENV_H__
-
-#include <sys/types.h>
-#include <unistd.h>
-
-#include <string>
-#include <functional>
-
-#include "auth/user.h"
-
-typedef std::function<void(const runtime::User& user)> SessionBuilder;
-
-bool isValidSessionLeader(pid_t pid);
-void createSession(const runtime::User& user, const SessionBuilder& sessionBuilder);
-pid_t getSessionLeader(const runtime::User& user);
-void destroySession(const runtime::User& user);
-
-#endif //!__ZONE_SESSION_ENV_H__
+++ /dev/null
-/*
- * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License
- */
- #include <sys/types.h>
- #include <sys/stat.h>
- #include <sys/mount.h>
- #include <unistd.h>
- #include <fcntl.h>
- #include <stdio.h>
-
-#include "zone-builder.h"
-
-#include "exception.h"
-#include "filesystem.h"
-
-ZoneBuilder::ZoneBuilder(const runtime::User& user, const std::string& manifestPath) :
- name(user.getName()), uid(user.getUid()), gid(user.getGid())
-{
- manifest.reset(xml::Parser::parseFile(manifestPath));
-}
-
-ZoneBuilder::~ZoneBuilder()
-{
-}
-
-void ZoneBuilder::bindFilesystemNode(const std::string& source, const std::string& target,
- const std::string& type, const std::string& options,
- bool create)
-{
- if (create) {
- runtime::File dir(target);
- if (!dir.exists()) {
- dir.makeDirectory(true, uid, gid);
- }
- }
-
- runtime::Mount::mountEntry(source, target, type, options);
-}
-
-void ZoneBuilder::containerize(bool create)
-{
- int nsFlags = CLONE_NEWIPC | CLONE_NEWNS;
-
- if (::unshare(nsFlags)) {
- throw runtime::Exception("Failed to unshare namespace");
- }
-
- if (::mount(NULL, "/", NULL, MS_SLAVE | MS_REC, NULL) == -1) {
- throw runtime::Exception("Failed to mount root filesystem");
- }
-
- xml::Node::NodeList entries = manifest->evaluate("/manifest/filesystem/entry");
- for (const xml::Node& entry : entries) {
- bindFilesystemNode(entry.getProp("source"), entry.getProp("target"),
- entry.getProp("type"), entry.getProp("options"));
- }
-
- bindFilesystemNode("/home/" + name,
- "/home/" + name + "/.zone/" + name,
- "none", "rw,bind");
-
- bindFilesystemNode("/home/" + name + "/.zone", "/home",
- "none", "rw,rbind");
-}
+++ /dev/null
-/*
- * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License
- */
-
- #ifndef __ZONE_BUILDER_H__
- #define __ZONE_BUILDER_H__
-
-#include <string>
-#include <vector>
-#include <memory>
-
-#include "xml/parser.h"
-#include "xml/document.h"
-#include "auth/user.h"
-
-class ZoneBuilder {
-public:
- ZoneBuilder(const runtime::User& user, const std::string& manifestPath);
- virtual ~ZoneBuilder();
-
- void containerize(bool create = true);
-
-protected:
- void bindFilesystemNode(const std::string& source, const std::string& target,
- const std::string& type, const std::string& options,
- bool create = true);
-private:
- std::string name;
- uid_t uid;
- gid_t gid;
- std::unique_ptr<xml::Document> manifest;
-};
-
- #endif //!__ZONE_BUILDER_H__
+++ /dev/null
-/*
- * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- */
-
-#ifndef __ZONE_GUARD_H__
-#define __ZONE_GUARD_H__
-
-#include <sys/stat.h>
-#include <fcntl.h>
-#include <unistd.h>
-#include <semaphore.h>
-
-#include <string>
-
-#include "exception.h"
-
-class ZoneGuard {
-public:
- ZoneGuard(const std::string& name) :
- zoneName(name), semaphore(nullptr)
- {
- semaphore = ::sem_open(zoneName.c_str(), O_CREAT, 0700, 1);
- if (semaphore == nullptr) {
- throw runtime::Exception("Filed to create semaphore for zone guard");
- }
- }
-
- ~ZoneGuard()
- {
- if (semaphore == nullptr) {
- return;
- }
-
- ::sem_post(semaphore);
- ::sem_close(semaphore);
- ::sem_unlink(zoneName.c_str());
- }
-
- void wait()
- {
- while ((::sem_wait(semaphore) == -1) && (errno == EINTR));
- }
-
-private:
- std::string zoneName;
- sem_t* semaphore;
-};
-
-#endif //!__ZONE_GUARD_H__
+++ /dev/null
-/*
- * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License
- */
-
-#include <security/pam_ext.h>
-#include <security/pam_modules.h>
-#include <syslog.h>
-
-#include <string>
-#include <vector>
-
-#include "zone-guard.h"
-#include "zone-builder.h"
-#include "session.h"
-
-#include "exception.h"
-#include "filesystem.h"
-#include "xml/parser.h"
-#include "xml/document.h"
-
-#define ZONE_MANIFEST_DIR CONF_PATH "/zone/"
-
-std::string buildZoneManifestPath(const std::string& name)
-{
- return ZONE_MANIFEST_DIR + name + ".xml";
-}
-
-std::string getZoneName(pam_handle_t* handle)
-{
- const void* retItem;
- int error = ::pam_get_item(handle, PAM_USER, &retItem);
- if (error != PAM_SUCCESS) {
- throw runtime::Exception("Failed to get user");
- }
-
- return static_cast<const char*>(retItem);
-}
-
-void openZoneSession(const std::string& name)
-{
- auto sessionBuilder = [](const runtime::User& user) {
- ZoneBuilder builder(user, buildZoneManifestPath(user.getName()));
- builder.containerize();
- };
-
- createSession(runtime::User(name), sessionBuilder);
-}
-
-void closeZoneSession(const std::string& name)
-{
- destroySession(runtime::User(name));
-}
-
-extern "C" {
-PAM_EXTERN __attribute__((visibility("default")))
-int pam_sm_open_session(pam_handle_t* pamh, int flags, int argc, const char* argv[])
-{
- try {
- std::string name = getZoneName(pamh);
- ZoneGuard zoneGuard(name);
- zoneGuard.wait();
-
- openZoneSession(name);
- } catch (runtime::Exception& e) {
- ::pam_syslog(pamh, LOG_ERR, "%s", e.what());
- return PAM_SESSION_ERR;
- }
-
- return PAM_SUCCESS;
-}
-
-PAM_EXTERN __attribute__((visibility("default")))
-int pam_sm_close_session(pam_handle_t* pamh, int flags, int argc, const char* argv[])
-{
- try {
- std::string name = getZoneName(pamh);
- ZoneGuard zoneGuard(name);
- zoneGuard.wait();
-
- closeZoneSession(name);
- } catch (runtime::Exception& e) {
- ::pam_syslog(pamh, LOG_ERR, "%s", e.what());
- return PAM_SESSION_ERR;
- }
-
- return PAM_SUCCESS;
-}
-
-#ifdef PAM_MODULE_ENTRY
-PAM_MODULE_ENTRY("pam_zone");
-#endif
-
-}
+++ /dev/null
-#
-# Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-SET(ZONE_VOLUME_MANAGER_TARGET "zone-volume-manager")
-
-SET(ZONE_VOLUME_MANAGER_SOURCES key-manager.cpp
- key-generator.cpp
- kernel-keyring.cpp
- main.cpp
-)
-
-PKG_CHECK_MODULES(ZONE_VOLUME_MANAGER_DEPS REQUIRED
- klay
- key-manager
-)
-
-ADD_EXECUTABLE(${ZONE_VOLUME_MANAGER_TARGET} ${ZONE_VOLUME_MANAGER_SOURCES})
-
-INCLUDE_DIRECTORIES(SYSTEM ${ZONE_VOLUME_MANAGER_DEPS_INCLUDE_DIRS} ${ZONE_LIBS})
-
-TARGET_LINK_LIBRARIES(${ZONE_VOLUME_MANAGER_TARGET} ${ZONE_VOLUME_MANAGER_DEPS_LIBRARIES})
-
-INSTALL(TARGETS ${ZONE_VOLUME_MANAGER_TARGET} DESTINATION sbin)
+++ /dev/null
-/*
- * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License
- */
-
-#ifndef __ECRYPTFS_H__
-#define __ECRYPTFS_H__
-
-#include <sys/types.h>
-#include <errno.h>
-
-// this is versions of ecryptfs module
-#define ECRYPTFS_MAJOR_VERSION 0x00
-#define ECRYPTFS_MINOR_VERSION 0x04
-#define ECRYPTFS_VERSION ((ECRYPTFS_MAJOR_VERSION << 8) | ECRYPTFS_MINOR_VERSION)
-
-#define ECRYPTFS_MAX_PKI_NAME_BYTES 16
-#define ECRYPTFS_SESSION_KEY_ENCRYPTION_KEY_SET 0x02
-
-#define PGP_DIGEST_ALGO_SHA512 10
-
-#define ECRYPTFS_FEK_CIPHER "aes"
-#define ECRYPTFS_MOUNT_DEVICE "ecryptfs"
-
-#define ECRYPTFS_MAX_OPTIONS 1024
-
-#define ECRYPTFS_MAX_SIG_SIZE 8
-#define ECRYPTFS_MAX_SIG_HEX (ECRYPTFS_MAX_SIG_SIZE*2)
-#define ECRYPTFS_PASSWORD_SIG_SIZE ECRYPTFS_MAX_SIG_HEX
-
-#define ECRYPTFS_MAX_KEY_SIZE 32
-#define ECRYPTFS_MAX_KEY_HEX (ECRYPTFS_MAX_KEY_SIZE * 2)
-
-#define ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES 512
-#define ECRYPTFS_MAX_PKI_NAME_BYTES 16
-
-#define ECRYPTFS_MAX_SALT_SIZE 4
-#define ECRYPTFS_MAX_SALT_HEX 8
-
-#define ECRYPTFS_PWD_PAYLOAD_TYPE 0 // password
-
-struct ecryptfs_session_key {
-#define ECRYPTFS_USERSPACE_SHOULD_TRY_TO_DECRYPT 0x00000001
-#define ECRYPTFS_USERSPACE_SHOULD_TRY_TO_ENCRYPT 0x00000002
-#define ECRYPTFS_CONTAINS_DECRYPTED_KEY 0x00000004
-#define ECRYPTFS_CONTAINS_ENCRYPTED_KEY 0x00000008
- int32_t flags;
- int32_t encrypted_key_size;
- int32_t decrypted_key_size;
- u_int8_t encrypted_key[ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES];
- u_int8_t decrypted_key[ECRYPTFS_MAX_KEY_HEX];
-};
-
-struct ecryptfs_password {
- int32_t password_bytes;
- int32_t hash_algo;
- int32_t hash_iterations;
- int32_t session_key_encryption_key_bytes;
-#define ECRYPTFS_PERSISTENT_PASSWORD 0x01
-#define ECRYPTFS_SESSION_KEY_ENCRYPTION_KEY_SET 0x02
- u_int32_t flags;
- /* Iterated-hash concatenation of salt and passphrase */
- u_int8_t session_key_encryption_key[ECRYPTFS_MAX_KEY_HEX];
- u_int8_t signature[ECRYPTFS_PASSWORD_SIG_SIZE + 1];
- /* Always in expanded hex */
- u_int8_t salt[ECRYPTFS_MAX_SALT_SIZE];
-};
-
-enum ecryptfs_token_types {
- ECRYPTFS_PASSWORD,
- ECRYPTFS_PRIVATE_KEY
-};
-
-struct ecryptfs_private_key {
- u_int32_t key_size;
- u_int32_t data_len;
- u_int8_t signature[ECRYPTFS_PASSWORD_SIG_SIZE + 1];
- char pki_type[ECRYPTFS_MAX_PKI_NAME_BYTES + 1];
- u_int8_t data[];
-};
-
-struct ecryptfs_auth_tok {
- u_int16_t version; /* 8-bit major and 8-bit minor */
- u_int16_t token_type;
-#define ECRYPTFS_ENCRYPT_ONLY 0x00000001
- u_int32_t flags;
- struct ecryptfs_session_key session_key;
- u_int8_t reserved[32];
- union {
- struct ecryptfs_password password;
- struct ecryptfs_private_key private_key;
- } token;
-} __attribute__((packed));
-
-typedef struct ecryptfs_auth_tok ecryptfs_payload;
-#endif
+++ /dev/null
-/*
- * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License
- */
-
-#include <unistd.h>
-#include <sys/mount.h>
-#include <sys/syscall.h>
-#include <linux/limits.h>
-
-#include "kernel-keyring.h"
-
-#ifndef KEYCTL_SEARCH
-#define KEYCTL_SEARCH 10
-#endif
-
-KeySerial KernelKeyRing::add(const char *type, const char* description, const void* payload, size_t plen, KeySerial ringid)
-{
- return ::syscall(__NR_add_key, type, description, payload, plen, ringid);
-}
-
-long KernelKeyRing::search(KeySerial ringid, const char* type, const char* description, KeySerial destringid)
-{
- return ::syscall(__NR_keyctl, KEYCTL_SEARCH, ringid, type, description, destringid);
-}
-
-long KernelKeyRing::link(KeySerial keyid, KeySerial ringid)
-{
- return ::syscall(__NR_keyctl, KEYCTL_LINK, keyid, ringid);
-}
-
-long KernelKeyRing::unlink(KeySerial keyid, KeySerial ringid)
-{
- return ::syscall(__NR_keyctl, KEYCTL_UNLINK, keyid, ringid);
-}
+++ /dev/null
-/*
- * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License
- */
-
-#ifndef __KERNEL_KEY_RING_H__
-#define __KERNEL_KEY_RING_H__
-
-#include <sys/types.h>
-#include <linux/keyctl.h>
-
-#include <string>
-
-typedef int32_t KeySerial;
-
-class KernelKeyRing {
-public:
- KernelKeyRing() = delete;
- KernelKeyRing(const KernelKeyRing&) = delete;
- KernelKeyRing(KernelKeyRing&&) = delete;
-
- KernelKeyRing& operator=(const KernelKeyRing&) = delete;
- KernelKeyRing& operator=(KernelKeyRing&&) = delete;
-
- static KeySerial add(const char* type, const char* description, const void* payload, size_t plen, KeySerial ringid);
- static long search(KeySerial ringid, const char* type, const char* description, KeySerial destringid);
- static long link(KeySerial keyid, KeySerial ringid);
- static long unlink(KeySerial keyid, KeySerial ringid);
-};
-
-#endif //!__KERNEL_KEY_RING_H__
+++ /dev/null
-/*
- * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License
- */
-
-
-#include <fcntl.h>
-#include <unistd.h>
-#include <sys/stat.h>
-#include <sys/types.h>
-
-#include <cstring>
-#include <cstdlib>
-#include <string>
-#include <iomanip>
-#include <sstream>
-#include <iostream>
-
-#include <klay/error.h>
-#include <klay/exception.h>
-
-#include "key-generator.h"
-
-#define RAND_READ_BYTES 8
-#define PBKDF2_ITERATION 1000
-#define SHA_BLOCKSIZE 64
-
-#define rol(value, bits) (((value) << (bits)) | ((value) >> (32 - (bits))))
-
-#if defined (BYTE_ORDER) && defined(BIG_ENDIAN) && (BYTE_ORDER == BIG_ENDIAN)
-#define WORDS_BIGENDIAN 1
-#endif
-#ifdef _BIG_ENDIAN
-#define WORDS_BIGENDIAN 1
-#endif
-
-#ifdef WORDS_BIGENDIAN
-#define blk0(i) block->l[i]
-#else
-#define blk0(i) (block->l[i] = (rol(block->l[i], 24)&0xff00ff00) \
- |(rol(block->l[i], 8)&0x00ff00ff))
-#endif
-#define blk(i) (block->l[i&15] = rol(block->l[(i+13)&15]^block->l[(i+8)&15] \
- ^block->l[(i+2)&15]^block->l[i&15], 1))
-
-/* (R0+R1), R2, R3, R4 are the different operations used in SHA1 */
-#define R0(v, w, x, y, z, i) \
- z+=((w&(x^y))^y)+blk0(i)+0x5a827999+rol(v, 5);w=rol(w, 30);
-#define R1(v, w, x, y, z, i) \
- z+=((w&(x^y))^y)+blk(i)+0x5a827999+rol(v, 5);w=rol(w, 30);
-#define R2(v, w, x, y, z, i) \
- z+=(w^x^y)+blk(i)+0x6ed9eba1+rol(v, 5);w=rol(w, 30);
-#define R3(v, w, x, y, z, i) \
- z+=(((w|x)&y)|(w&x))+blk(i)+0x8f1bbcdc+rol(v, 5);w=rol(w, 30);
-#define R4(v, w, x, y, z, i) \
- z+=(w^x^y)+blk(i)+0xca62c1d6+rol(v, 5);w=rol(w, 30);
-
-#define __min__(a, b) (((a) < (b)) ? (a) : (b))
-
-std::string KeyGenerator::hexConvert(unsigned char* src, int srcLen)
-{
- std::ostringstream ss;
-
- for (int i = 0; i <srcLen; i++) {
- ss << std::hex << std::setfill('0') << std::setw(2);
- ss << (src[i] & 0xffffffff);
- }
-
- return ss.str();
-}
-
-std::string KeyGenerator::generateKey(int len)
-{
- int randomLen = 0;
- unsigned char buf[len];
- int randomDev;
-
- while (((randomDev = ::open("/dev/urandom", O_RDONLY)) == -1) && (errno == EINTR));
-
- if (randomDev == -1) {
- throw runtime::Exception(runtime::GetSystemErrorMessage());
- }
-
- while (randomLen < len) {
- ssize_t result = ::read(randomDev, buf + randomLen, len - randomLen);
- if (result == -1) {
- if (errno != EINTR) {
- throw runtime::Exception(runtime::GetSystemErrorMessage());
- } else {
- continue;
- }
- }
-
- randomLen += result;
- }
-
- std::string ret = hexConvert(buf, len);
-
- while (::close(randomDev) == -1 && errno == EINTR);
-
- return ret;
-}
-
-std::string KeyGenerator::wrapKey(const std::string& decrypted, const std::string& salt, int len)
-{
- unsigned char encrypted[len];
- int ret;
-
- ret = pbkdf2(decrypted.c_str(), decrypted.size(),
- (const unsigned char *)salt.c_str(), salt.size(),
- PBKDF2_ITERATION, len,
- encrypted);
- if (ret < 0) {
- throw runtime::Exception("Failed to wrap key");
- }
-
- return hexConvert(encrypted, len);
-}
-
-void KeyGenerator::sha1Init(SHA1_CTX* context)
-{
- /* SHA1 initialization constants */
- context->state[0] = 0x67452301;
- context->state[1] = 0xefcdab89;
- context->state[2] = 0x98badcfe;
- context->state[3] = 0x10325476;
- context->state[4] = 0xc3d2e1f0;
- context->count[0] = context->count[1] = 0;
-}
-
-void KeyGenerator::sha1Update(SHA1_CTX* context, const void* p, unsigned int len)
-{
- const unsigned char* data = (unsigned char*)p;
- unsigned int i, j;
-
- j = (context->count[0] >> 3) & 63;
- if ((context->count[0] += (len << 3)) < (len << 3)) {
- context->count[1]++;
- }
- context->count[1] += (len >> 29);
- if ((j + len) > 63) {
- ::memcpy(&context->buffer[j], data, (i = 64 - j));
- sha1Transform(context->state, context->buffer);
- for (; i + 63 < len; i += 64) {
- sha1Transform(context->state, data + i);
- }
- j = 0;
- } else {
- i = 0;
- }
-
- ::memcpy(&context->buffer[j], &data[i], len - i);
-}
-
-void KeyGenerator::sha1Final(unsigned char digest[SHA1_DIGEST_SIZE], SHA1_CTX* context)
-{
- unsigned int i;
- unsigned char finalcount[8];
- for (i = 0; i < 8; i++) {
- finalcount[i] = (unsigned char) ((context->count[(i >= 4 ? 0 : 1)]
- >> ((3 - (i & 3)) * 8)) & 255);
- }
- sha1Update(context, (unsigned char*) "\200", 1);
- while ((context->count[0] & 504) != 448) {
- sha1Update(context, (unsigned char*) "\0", 1);
- }
- sha1Update(context, finalcount, 8);
- /* Should cause SHA1_Transform */
- for (i = 0; i < SHA1_DIGEST_SIZE; i++) {
- digest[i] = (unsigned char)
- ((context->state[i >> 2] >> ((3 - (i & 3)) * 8)) & 255);
- }
- /* Wipe variables */
- i = 0;
- ::memset(context->buffer, 0, 64);
- ::memset(context->state, 0, 20);
- ::memset(context->count, 0, 8);
- ::memset(finalcount, 0, 8); /* SWR */
-
-#ifdef SHA1HANDSOFF /* make SHA1Transform overwrite its own static vars */
- transform(context->state, context->buffer);
-#endif
-}
-
-void KeyGenerator::sha1Transform(unsigned int state[5], const unsigned char buffer[64])
-{
- uint32_t a, b, c, d, e;
- typedef union {
- unsigned char c[64];
- unsigned int l[16];
- } CHAR64LONG16;
- CHAR64LONG16 *block;
-
-#ifdef SHA1HANDSOFF
- CHAR64LONG16 workspace;
- block = &workspace;
- ::memcpy(block, buffer, 64);
-#else
- block = (CHAR64LONG16*)buffer;
-#endif
-
- a = state[0];
- b = state[1];
- c = state[2];
- d = state[3];
- e = state[4];
-
- /* 4 rounds of 20 operations each. Loop unrolled. */
- R0(a, b, c, d, e, 0); R0(e, a, b, c, d, 1); R0(d, e, a, b, c, 2); R0(c, d, e, a, b, 3);
- R0(b, c, d, e, a, 4); R0(a, b, c, d, e, 5); R0(e, a, b, c, d, 6); R0(d, e, a, b, c, 7);
- R0(c, d, e, a, b, 8); R0(b, c, d, e, a, 9); R0(a, b, c, d, e, 10); R0(e, a, b, c, d, 11);
- R0(d, e, a, b, c, 12); R0(c, d, e, a, b, 13); R0(b, c, d, e, a, 14); R0(a, b, c, d, e, 15);
- R1(e, a, b, c, d, 16); R1(d, e, a, b, c, 17); R1(c, d, e, a, b, 18); R1(b, c, d, e, a, 19);
- R2(a, b, c, d, e, 20); R2(e, a, b, c, d, 21); R2(d, e, a, b, c, 22); R2(c, d, e, a, b, 23);
- R2(b, c, d, e, a, 24); R2(a, b, c, d, e, 25); R2(e, a, b, c, d, 26); R2(d, e, a, b, c, 27);
- R2(c, d, e, a, b, 28); R2(b, c, d, e, a, 29); R2(a, b, c, d, e, 30); R2(e, a, b, c, d, 31);
- R2(d, e, a, b, c, 32); R2(c, d, e, a, b, 33); R2(b, c, d, e, a, 34); R2(a, b, c, d, e, 35);
- R2(e, a, b, c, d, 36); R2(d, e, a, b, c, 37); R2(c, d, e, a, b, 38); R2(b, c, d, e, a, 39);
- R3(a, b, c, d, e, 40); R3(e, a, b, c, d, 41); R3(d, e, a, b, c, 42); R3(c, d, e, a, b, 43);
- R3(b, c, d, e, a, 44); R3(a, b, c, d, e, 45); R3(e, a, b, c, d, 46); R3(d, e, a, b, c, 47);
- R3(c, d, e, a, b, 48); R3(b, c, d, e, a, 49); R3(a, b, c, d, e, 50); R3(e, a, b, c, d, 51);
- R3(d, e, a, b, c, 52); R3(c, d, e, a, b, 53); R3(b, c, d, e, a, 54); R3(a, b, c, d, e, 55);
- R3(e, a, b, c, d, 56); R3(d, e, a, b, c, 57); R3(c, d, e, a, b, 58); R3(b, c, d, e, a, 59);
- R4(a, b, c, d, e, 60); R4(e, a, b, c, d, 61); R4(d, e, a, b, c, 62); R4(c, d, e, a, b, 63);
- R4(b, c, d, e, a, 64); R4(a, b, c, d, e, 65); R4(e, a, b, c, d, 66); R4(d, e, a, b, c, 67);
- R4(c, d, e, a, b, 68); R4(b, c, d, e, a, 69); R4(a, b, c, d, e, 70); R4(e, a, b, c, d, 71);
- R4(d, e, a, b, c, 72); R4(c, d, e, a, b, 73); R4(b, c, d, e, a, 74); R4(a, b, c, d, e, 75);
- R4(e, a, b, c, d, 76); R4(d, e, a, b, c, 77); R4(c, d, e, a, b, 78); R4(b, c, d, e, a, 79);
-
- /* Add the working vars back into context.state[] */
- state[0] += a;
- state[1] += b;
- state[2] += c;
- state[3] += d;
- state[4] += e;
-
- /* Wipe variables */
- a = b = c = d = e = 0;
-}
-
-void KeyGenerator::sha1Hmac(const unsigned char* key, int keyLen, const unsigned char* data, int dataLen, unsigned char out[SHA1_DIGEST_SIZE])
-{
- SHA1_CTX ctx;
- unsigned char buf[SHA_BLOCKSIZE], outPad[SHA_BLOCKSIZE], inPad[SHA_BLOCKSIZE];
- unsigned char tempKey[SHA1_DIGEST_SIZE];
- int i;
-
- ::memset(buf, 0, SHA_BLOCKSIZE);
-
- if (keyLen > SHA_BLOCKSIZE) {
- sha1Init(&ctx);
- sha1Update(&ctx, key, keyLen);
- sha1Final(tempKey, &ctx);
- key = tempKey;
- keyLen = SHA1_DIGEST_SIZE;
- }
-
- ::memcpy(buf, key, keyLen);
- ::memset(inPad, 0, SHA_BLOCKSIZE);
- ::memset(outPad, 0, SHA_BLOCKSIZE);
-
- for (i = 0; i < SHA_BLOCKSIZE; i++) {
- outPad[i] = buf[i] ^ 0x5c;
- inPad[i]= buf[i] ^ 0x36;
- }
-
- sha1Init(&ctx);
- sha1Update(&ctx, inPad, SHA_BLOCKSIZE);
- sha1Update(&ctx, data, dataLen);
- sha1Final(out, &ctx);
-
- sha1Init(&ctx);
- sha1Update(&ctx, outPad, SHA_BLOCKSIZE);
- sha1Update(&ctx, out, SHA1_DIGEST_SIZE);
- sha1Final(out, &ctx);
-}
-
-int KeyGenerator::pbkdf2(const char * pass, int passLen, const unsigned char* salt, int saltLen, int iter, int keyLen, unsigned char* out)
-{
- unsigned char digtmp1[SHA1_DIGEST_SIZE], digtmp2[SHA1_DIGEST_SIZE], itmp[saltLen + 4];
- int j, k;
- int genKeyLen = 0, toWriteLen;
- unsigned long i = 1;
-
- if (passLen <= 0 || saltLen <= 0 || iter <= 0 || keyLen <= 0)
- return -1;
-
- ::memcpy(itmp, salt, saltLen);
- while (genKeyLen < keyLen) {
- itmp[saltLen + 0] = (unsigned char)((i >> 24) & 0xff);
- itmp[saltLen + 1] = (unsigned char)((i >> 16) & 0xff);
- itmp[saltLen + 2] = (unsigned char)((i >> 8) & 0xff);
- itmp[saltLen + 3] = (unsigned char)(i & 0xff);
-
- sha1Hmac((unsigned char*)pass, passLen, itmp, saltLen+4, digtmp1);
- ::memcpy(digtmp2, digtmp1, SHA1_DIGEST_SIZE);
-
- for (j = 1; j < iter; j++) {
- sha1Hmac((unsigned char*)pass, passLen, digtmp1, SHA1_DIGEST_SIZE, digtmp1);
- for (k = 0; k < SHA1_DIGEST_SIZE; k++) {
- digtmp2[k] ^= digtmp1[k];
- }
- }
- toWriteLen = __min__((keyLen - genKeyLen), SHA1_DIGEST_SIZE);
- ::memcpy(out+genKeyLen, digtmp2, toWriteLen);
- genKeyLen += toWriteLen;
- ++i;
- }
-
- return 1;
-}
+++ /dev/null
-/*
- * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License
- */
-
-#ifndef __VOLUME_MANAGER_KEY_GENERATOR_H__
-#define __VOLUME_MANAGER_KEY_GENERATOR_H__
-
-#include "ecryptfs.h"
-
-#define SHA1_DIGEST_SIZE 20
-
-typedef struct {
- unsigned int state[5];
- unsigned int count[2];
- unsigned char buffer[64];
-} SHA1_CTX;
-
-class KeyGenerator {
-public:
- KeyGenerator() = delete;
- KeyGenerator(const KeyGenerator&) = delete;
- KeyGenerator(KeyGenerator&&) = delete;
-
- KeyGenerator& operator=(const KeyGenerator&) = delete;
- KeyGenerator& operator=(KeyGenerator&&) = delete;
-
- static std::string wrapKey(const std::string& decrypted, const std::string& salt, int len);
- static std::string generateKey(int len);
- static void generateToken(char* key, ecryptfs_payload** outToken);
-
-private:
- static void sha1Init(SHA1_CTX* context);
- static void sha1Update(SHA1_CTX* context, const void* p, unsigned int len);
- static void sha1Final(unsigned char digsest[SHA1_DIGEST_SIZE], SHA1_CTX* context);
- static void sha1Transform(unsigned int state[5], const unsigned char buffer[64]);
- static void sha1Hmac(const unsigned char* key, int keyLen, const unsigned char* data, int dataLen, unsigned char out[SHA1_DIGEST_SIZE]);
-
- static int pbkdf2(const char* pass, int passLen, const unsigned char* salt, int saltLen, int iter, int keyLen, unsigned char* out);
- static std::string hexConvert(unsigned char* src, int srcLen);
-};
-
-#endif //!__VOLUME_MANAGER_KEY_GENERATOR_H__
+++ /dev/null
-/*
- * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License
- */
-
-#include <string>
-
-#include <klay/exception.h>
-#include <ckmc/ckmc-manager.h>
-
-#include "key-manager.h"
-
-
-#define addAliasPrefix(alias) \
- (ckmcIdSystem + ckmcIdSeperator + alias)
-
-namespace {
-
-const std::string ckmcIdSystem = ckmc_owner_id_system;
-const std::string ckmcIdSeperator = ckmc_owner_id_separator;
-
-} //namespace
-
-bool KeyManager::isKeyExist(const std::string& keyName)
-{
- int ret;
- ckmc_raw_buffer_s* keyData = NULL;
- std::string ckmAlias = addAliasPrefix(keyName);
-
- ret = ::ckmc_get_data(ckmAlias.c_str(), NULL, &keyData);
- ::ckmc_buffer_free(keyData);
-
- return (ret != CKMC_ERROR_DB_ALIAS_UNKNOWN);
-}
-
-void KeyManager::addKey(const std::string& keyName, const std::string& data)
-{
- int ret;
- const std::string ckmAlias = addAliasPrefix(keyName);
- ckmc_raw_buffer_s keyData;
- ckmc_policy_s keyPolicy;
-
- keyData.data = (unsigned char*)data.c_str();
- keyData.size = data.size();
-
- keyPolicy.password = NULL;
- keyPolicy.extractable = true;
-
- ret = ::ckmc_save_data(ckmAlias.c_str(), keyData, keyPolicy);
- if (ret != 0) {
- throw runtime::Exception("Failed to add key data");
- }
-}
-
-std::string KeyManager::getKey(const std::string& keyName)
-{
- int ret;
- const std::string ckmAlias = addAliasPrefix(keyName);
- ckmc_raw_buffer_s* keyData;
- std::string result;
-
- ret = ::ckmc_get_data(ckmAlias.c_str(), NULL, &keyData);
- if (ret != CKMC_ERROR_NONE) {
- throw runtime::Exception("Failed to get key data");
- }
-
- result = std::string(reinterpret_cast<char*>(keyData->data), keyData->size);
-
- ::ckmc_buffer_free(keyData);
-
- return result;
-}
-
-void KeyManager::removeKey(const std::string& keyName)
-{
- const std::string ckmAlias = addAliasPrefix(keyName);
-
- if (::ckmc_remove_data(ckmAlias.c_str()) != 0) {
- throw runtime::Exception("Failed to remove key data");
- }
-}
+++ /dev/null
-/*
- * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License
- */
-
-#ifndef __ZONE_KEY_MANAGER_H__
-#define __ZONE_KEY_MANAGER_H__
-
-class KeyManager {
-public:
- KeyManager() = delete;
- KeyManager(const KeyManager&) = delete;
- KeyManager(KeyManager&&) = delete;
-
- KeyManager& operator=(const KeyManager&) = delete;
- KeyManager& operator=(KeyManager&&) = delete;
-
- static bool isKeyExist(const std::string& keyName);
- static void addKey(const std::string& keyName, const std::string& data);
- static std::string getKey(const std::string& keyName);
- static void removeKey(const std::string& keyName);
-};
-
-#endif //!__ZONE_KEY_MANAGER_H__*/
+++ /dev/null
-/*
- * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License
- */
-
-#include <fcntl.h>
-#include <unistd.h>
-#include <getopt.h>
-#include <sys/stat.h>
-#include <sys/mount.h>
-#include <sys/types.h>
-
-#include <cstring>
-#include <string>
-#include <vector>
-#include <iostream>
-
-#include <klay/error.h>
-#include <klay/exception.h>
-#include <klay/audit/logger.h>
-
-#include "ecryptfs.h"
-#include "kernel-keyring.h"
-#include "key-manager.h"
-#include "key-generator.h"
-
-int generateKey(const std::string& keyName)
-{
- if (KeyManager::isKeyExist(keyName)) {
- ERROR("Key already registered");
- return -1;
- }
-
- try {
- std::string pass = KeyGenerator::generateKey(ECRYPTFS_MAX_KEY_SIZE);
- std::string salt = KeyGenerator::generateKey(ECRYPTFS_MAX_SALT_SIZE);
- std::string wrappedKey = KeyGenerator::wrapKey(pass, salt, ECRYPTFS_MAX_KEY_SIZE);
-
- KeyManager::addKey(keyName, wrappedKey);
- } catch (runtime::Exception& e) {
- ERROR(e.what());
- return -1;
- }
-
- return 0;
-}
-
-ecryptfs_payload* generateToken(char* key)
-{
- struct ecryptfs_password* tokenKey;
-
- unsigned char keyBuffer[ECRYPTFS_MAX_KEY_SIZE+1];
-
- ecryptfs_payload* authToken = (ecryptfs_payload *)::malloc(sizeof(ecryptfs_payload));
- if (authToken == NULL) {
- return NULL;
- }
-
- ::memset(authToken, 0, sizeof(ecryptfs_payload));
- ::strncpy((char*)keyBuffer, key, ECRYPTFS_MAX_KEY_SIZE);
- keyBuffer[ECRYPTFS_MAX_KEY_SIZE] = '\0';
-
- tokenKey = &authToken->token.password;
-
- authToken->version = ECRYPTFS_VERSION;
- authToken->token_type = ECRYPTFS_PWD_PAYLOAD_TYPE;
- tokenKey->session_key_encryption_key_bytes = ECRYPTFS_MAX_KEY_SIZE;
- tokenKey->flags = ECRYPTFS_SESSION_KEY_ENCRYPTION_KEY_SET;
- ::memcpy(tokenKey->session_key_encryption_key, keyBuffer, ECRYPTFS_MAX_KEY_SIZE);
- ::memcpy(tokenKey->signature, keyBuffer, ECRYPTFS_MAX_SIG_HEX);
-
- return authToken;
-}
-
-int mountEcryptfs(const std::string& src, const std::string& keyName)
-{
- int rc;
- char ecryptfsOpts[1024];
- ecryptfs_payload* authTok = NULL;
-
- std::string key;
- try {
- key = KeyManager::getKey(keyName);
- } catch (runtime::Exception& e) {
- ERROR(e.what());
- return -1;
- }
-
- if (KernelKeyRing::link(KEY_SPEC_USER_KEYRING, KEY_SPEC_SESSION_KEYRING) != 0) {
- ERROR("Failed to link key");
- return -1;
- }
-
- if ((authTok = generateToken((char*)key.c_str())) == NULL) {
- ERROR("Failed to generate Token");
- return -1;
- }
-
- const char* signature = (const char*)authTok->token.password.signature;
- rc = KernelKeyRing::search(KEY_SPEC_USER_KEYRING,
- "user",
- signature,
- 0);
- if (rc == -1 && errno != ENOKEY) {
- ERROR("Failed to find key");
- return -1;
- }
- if (rc == -1) {
- rc = KernelKeyRing::add("user",
- signature,
- (void*)authTok,
- sizeof(ecryptfs_payload),
- KEY_SPEC_USER_KEYRING);
- if (rc == -1) {
- ERROR("Failed to add key");
- return -1;
- }
- }
-
- ::snprintf(ecryptfsOpts, 1024,
- "ecryptfs_passthrough,"
- "ecryptfs_cipher=aes,"
- "ecryptfs_key_bytes=%d,"
- "ecryptfs_sig=%s,"
- "smackfsroot=*,smackfsdef=*",
- ECRYPTFS_MAX_KEY_SIZE, signature);
-
- rc = ::mount(src.c_str(), src.c_str(), "ecryptfs", MS_NODEV, ecryptfsOpts);
- if (rc != 0) {
- ERROR(runtime::GetSystemErrorMessage());
- return -1;
- }
-
- return 0;
-}
-
-int mountEcryptfsToAll()
-{
- return 0;
-}
-
-void usage(const std::string& prog)
-{
- std::cout << "Usage: " << prog << std::endl
- << "-a : Automount" << std::endl
- << "-g name : Generate key for zone" << std::endl
- << "-m name : Apply filesystem encrytion to zone" << std::endl;
-}
-
-int main(int argc, char* argv[])
-{
- int opt, index, ret = -1;
- struct option options[] = {
- {"automount", no_argument, 0, 'a'},
- {"generate", required_argument, 0, 'g'},
- {"mount", required_argument, 0, 'm'},
- {0, 0, 0, 0}
- };
-
- while ((opt = getopt_long(argc, argv, "ag:m:", options, &index)) != -1) {
- switch (opt) {
- case 'a':
- ret = mountEcryptfsToAll();
- break;
- case 'g':
- ret = generateKey(optarg);
- break;
- case 'm':
- ret = mountEcryptfs("/home/" + std::string(optarg), optarg);
- break;
- default:
- std::cerr << "unknown" << std::endl;
- usage(argv[0]);
- break;
- }
- }
-
- if (ret != 0) {
- return EXIT_FAILURE;
- }
-
- return EXIT_SUCCESS;
-}
projects / platform / core / security / device-policy-manager.git / commitdiff
