Change to run as multimedia_fw user/group instead of root

separate systemd service for gen_rm_msgq and rsc_mgr_server to apply a different setting.

gen_rm_msgq:
    Run as User::App::Shared to make message queue sharable with clients
    Change rsc_mgr_ready path (/run -> /tmp) because of User::App:Shared

rsc_mgr_server:
    Set user/group as multimedia_fw/multimedia_fw
    Set process label as System
    Add rscmgr-service.conf for dbus conf

Change-Id: I6c11fdd4f563ac3a3ea258879cdcc8b7f41e5ec6

diff --git a/include_internal/rms-dbus-interface.xml b/include_internal/rms-dbus-interface.xml
deleted file mode 100644 (file)
index 9a251e1..0000000
--- a/include_internal/rms-dbus-interface.xml
+++ /dev/null
@@ -1,45 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" ?>
-<node>
-       <interface name="com.samsung.rmservice">
-       <annotation name= "com.Samsung.Exportable" value= "true"/>
-       <method name="TestCall">
-               <arg type="i" name="in_data" direction="in"/>
-               <arg type="i" name="out_data" direction="out"/>
-       </method>
-       <method name="NotifyAllocation">
-               <arg type="i" name="cid" direction="in"/>
-               <arg type="i" name="pid" direction="in"/>
-               <arg type="ai" name="alloc_list" direction="in"/>
-               <arg type="i" name="ret" direction="out"/>
-               <arg type="ai" name="ret_list" direction="out"/>
-       </method>
-       <method name="NotifyConsumerTobeReturned">
-               <arg type="i" name="cid" direction="in"/>
-               <arg type="i" name="pid" direction="in"/>
-               <arg type="ai" name="alloc_list" direction="in"/>
-               <arg type="i" name="ret" direction="out"/>
-               <arg type="ai" name="cid_list" direction="out"/>
-               <arg type="ai" name="pid_list" direction="out"/>
-               <arg type="ai" name="conflict_rsc_num_list" direction="out"/>
-               <arg type="ai" name="devices" direction="out"/>
-               <arg type="ai" name="num_of_rsc" direction="out"/>
-       </method>
-       <method name="NotifyDeallocation">
-               <arg type="i" name="cid" direction="in"/>
-               <arg type="ai" name="dealloc_list" direction="in"/>
-               <arg type="i" name="ret_val" direction="out"/>
-       </method>
-       <method name="NotifyDeallocationByCid">
-               <arg type="i" name="cid" direction="in"/>
-               <arg type="i" name="ret_val" direction="out"/>
-       </method>
-       <method name="NotifyDeallocationByPid">
-               <arg type="i" name="pid" direction="in"/>
-               <arg type="i" name="ret_val" direction="out"/>
-       </method>
-       <method name="NotifyCallback">
-               <arg type="ai" name="list" direction="in"/>
-               <arg type="i" name="ret_val" direction="out"/>
-       </method>
-       </interface>
-</node>

diff --git a/packaging/rscmgr-msgq.service b/packaging/rscmgr-msgq.service
new file mode 100644 (file)
index 0000000..ddd0570
--- /dev/null
+++ b/packaging/rscmgr-msgq.service
@@ -0,0 +1,10 @@
+[Unit]
+Description=Generate RM Message Queue
+DefaultDependencies=no
+
+[Service]
+Type=oneshot
+ExecStart=/usr/bin/gen_rm_msgq
+
+[Install]
+WantedBy=rscmgr-service.service

diff --git a/packaging/rscmgr-service.conf b/packaging/rscmgr-service.conf
new file mode 100644 (file)
index 0000000..80f40cc
--- /dev/null
+++ b/packaging/rscmgr-service.conf
@@ -0,0 +1,20 @@
+<!DOCTYPE busconfig PUBLIC
+ "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
+ "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
+<busconfig>
+
+  <policy user="multimedia_fw">
+    <allow own="rscmgr.resource"/>
+    <allow send_destination="rscmgr.resource"/>
+  </policy>
+
+  <policy group="users">
+    <allow send_destination="rscmgr.resource"/>
+  </policy>
+
+  <policy context="default">
+    <deny own="rscmgr.resource"/>
+    <allow send_destination="rscmgr.resource"/>
+  </policy>
+
+</busconfig>

diff --git a/packaging/rscmgr-service.service b/packaging/rscmgr-service.service
index a3e4a3f380e55e855b6c8b894804a9fa9e1ff8ed..ea9a23793fe2b8e6fd980a60fad15e0016c8b2f9 100644 (file)
--- a/packaging/rscmgr-service.service
+++ b/packaging/rscmgr-service.service
@@ -1,12 +1,14 @@
 [Unit]
-Description=service for resource manager
-DefaultDependencies=no
+Description=Resource Manager Service
+Requires=rscmgr-msgq.service
+After=rscmgr-msgq.service
 
 [Service]
 Type=simple
+User=multimedia_fw
+Group=multimedia_fw
 SmackProcessLabel=System
 Environment=LD_USE_LOAD_BIAS=1
-ExecStartPre=/usr/bin/gen_rm_msgq
 ExecStart=/usr/bin/rscmgr-service
 Restart=always
 MemoryMax=10M

diff --git a/packaging/rscmgr-service.spec b/packaging/rscmgr-service.spec
index 6dcebb9fb89bb7bea0b94740840df04b51fccbcb..3cf969941e6bb16d8809d3eda28ccd73d283ff78 100644 (file)
--- a/packaging/rscmgr-service.spec
+++ b/packaging/rscmgr-service.spec
@@ -1,12 +1,14 @@
 Name: rscmgr-service
 Summary: Daemon for resource manager
 Version: 0.1
-Release: 7
+Release: 8
 Group:   Multimedia/Libraries
 License: Apache-2.0
 Source0: %{name}-%{version}.tar.gz
 Source1: rscmgr-service.service
-Source2: rscmgr-service-asan.conf
+Source2: rscmgr-msgq.service
+Source3: rscmgr-service-asan.conf
+Source4: rscmgr-service.conf
 BuildRequires: cmake >= 2.8.12
 BuildRequires: pkgconfig(dlog)
 BuildRequires: pkgconfig(glib-2.0)
@@ -16,6 +18,7 @@ BuildRequires: pkgconfig(capi-system-info)
 BuildRequires: pkgconfig(resource-information)
 BuildRequires: pkgconfig(capi-system-info)
 BuildRequires: pkgconfig(aul)
+BuildRequires: pkgconfig(dbus-1)
 BuildRequires: python
 BuildRequires: python-xml
 BuildRequires: pkgconfig(libtzplatform-config)
@@ -23,6 +26,7 @@ BuildRequires: pkgconfig(ttrace)
 BuildRequires: pkgconfig(syspopup)
 BuildRequires: pkgconfig(syspopup-caller)
 BuildRequires: pkgconfig(wayland-client)
+Requires: security-config
 
 %description
 This package provides service for vconf key usage
@@ -56,32 +60,38 @@ rm -rf %{buildroot}
 %make_install
 mkdir -p %{buildroot}%{_unitdir}/basic.target.wants
 mkdir -p %{buildroot}%{_sbindir}
-install -m 0644 %SOURCE1 %{buildroot}%{_unitdir}/rscmgr-service.service
-%install_service basic.target.wants rscmgr-service.service
-ln -sf ../rscmgr-service.service %{buildroot}%{_unitdir}/basic.target.wants/
+mkdir -p %{buildroot}%{_sysconfdir}/dbus-1/system.d
+cp %SOURCE4 %{buildroot}%{_sysconfdir}/dbus-1/system.d
+
+install -m 0644 %SOURCE2 %{buildroot}%{_unitdir}/rscmgr-msgq.service
+%install_service basic.target.wants rscmgr-msgq.service
+ln -sf ../rscmgr-msgq.service %{buildroot}%{_unitdir}/basic.target.wants/
+
+install -m 0644 %SOURCE1 %{buildroot}%{_unitdir}/%{name}.service
+%install_service basic.target.wants %{name}.service
+ln -sf ../rscmgr-msgq.service %{buildroot}%{_unitdir}/basic.target.wants/
+
 %if "%{asan}" == "1"
-mkdir -p %{buildroot}%{_unitdir}/rscmgr-service.service.d
-install -m 644 %SOURCE2 %{buildroot}%{_unitdir}/rscmgr-service.service.d/rscmgr-service-asan.conf
+mkdir -p %{buildroot}%{_unitdir}/%{name}.service.d
+install -m 644 %SOURCE3 %{buildroot}%{_unitdir}/%{name}.service.d/%{name}-asan.conf
 %endif
+cp %SOURCE4 %{buildroot}%{_sysconfdir}/dbus-1/system.d
 
 %clean
 rm -rf %{buildroot}
 
-%post
-
-%{TZ_SYS_BIN}/chsmack -e "System::Run" %{TZ_SYS_BIN}/gen_rm_msgq
-
 %files
 %manifest rscmgr-service.manifest
 %license LICENSE.APLv2
-%defattr(-,root,root,-)
-%{TZ_SYS_BIN}/rscmgr-service
 %{TZ_SYS_BIN}/gen_rm_msgq
-%{_unitdir}/rscmgr-service.service
-%{_unitdir}/basic.target.wants/rscmgr-service.service
+%{TZ_SYS_BIN}/%{name}
+%{_unitdir}/rscmgr-msgq.service
+%{_unitdir}/basic.target.wants/rscmgr-msgq.service
+%{_unitdir}/%{name}.service
+%{_unitdir}/basic.target.wants/%{name}.service
 %if "%{asan}" == "1"
-%{_unitdir}/rscmgr-service.service.d/rscmgr-service-asan.conf
+%{_unitdir}/%{name}.service.d/${name}-asan.conf
 %endif
+%{_sysconfdir}/dbus-1/system.d/%{name}.conf
 
 %files devel
-%defattr(-,root,root,-)

diff --git a/rscmgr-service.manifest b/rscmgr-service.manifest
index 75b0fa5e340c47c7c1bf0b35b42e2a57c0a5228d..78b47320aa7acd4109d3f9afdb4365a77108de38 100644 (file)
--- a/rscmgr-service.manifest
+++ b/rscmgr-service.manifest
@@ -2,4 +2,7 @@
     <request>
         <domain name="_"/>
     </request>
+       <assign>
+               <filesystem path="/usr/bin/gen_rm_msgq" exec_label="User::App::Shared" />
+       </assign>
 </manifest>

diff --git a/src/CMessageQueue.cpp b/src/CMessageQueue.cpp
index afccaf160ccadcc5fb82a8fd21619d8bcd66666a..846f28d6c35489f6f3d4224dba5ac995e9c0bb50 100644 (file)
--- a/src/CMessageQueue.cpp
+++ b/src/CMessageQueue.cpp
@@ -77,7 +77,7 @@ int CMessageQueue::send(rms_msg_response *response)
        while (msgsnd(msgq_id, (void*) response, sizeof(rms_msg_response) - sizeof(long), 0) == -1) {
                SERVER_ERR("failed to send response message (%d), retry(%d) - type(%d)/cid(%d)", errno, retry, response->type, response->handle);
 
-               if (errno == EIDRM) { // errno 43 : identifier removed
+               if (errno == EIDRM) { /* errno 43 : identifier removed */
                        SERVER_ERR("msgid removed from system");
                        if (recover() != RMS_OK)
                                return RMS_ERROR;
@@ -88,11 +88,11 @@ int CMessageQueue::send(rms_msg_response *response)
                        }
                }
 
-               if (retry >= 5) { //timeout
+               if (retry >= 5) { /* timeout */
                        return RMS_ERROR;
                }
 
-               usleep(20*1000); // 20ms
+               usleep(20 * 1000); /* 20ms */
                retry++;
        }
 

diff --git a/src/gen_rm_msgq.cpp b/src/gen_rm_msgq.cpp
index 4efd82ec27ea0f775f5d83a6204e3787be42f549..03d806faf7b7fe911beef14ec4e58b2beb56df37 100644 (file)
--- a/src/gen_rm_msgq.cpp
+++ b/src/gen_rm_msgq.cpp
@@ -89,7 +89,7 @@ int main()
        SERVER_INFO("msgq_tx (%d), msgq_rx(%d)", msgq_tx, msgq_rx);
 
        FILE *fp = NULL;
-       const char *flag_path = "/run/rsc_mgr_ready";
+       const char *flag_path = "/tmp/rsc_mgr_ready";
 
        fp = fopen(flag_path,"w");