dbusconf_DATA += vpn/connman-vpn-dbus.conf
dbusservicedir = @DBUS_DATADIR@
dbusservice_DATA = vpn/net.connman.vpn.service
-endif
if SYSTEMD
systemdunitdir = @SYSTEMD_UNITDIR@
systemdunit_DATA = src/connman.service vpn/connman-vpn.service
endif
-endif
service_files_sources = src/connman.service.in src/net.connman.service.in \
vpn/net.connman.vpn.service.in vpn/connman-vpn.service.in
service_files = src/connman.service src/net.connman.service \
vpn/net.connman.vpn.service vpn/connman-vpn.service
+else
+
+if SYSTEMD
+systemdunitdir = @SYSTEMD_UNITDIR@
+systemdunit_DATA = src/connman.service
+
+endif
+
+service_files_sources = src/connman.service.in src/net.connman.service.in
+service_files = src/connman.service src/net.connman.service
+endif
+endif
+
plugin_LTLIBRARIES =
plugin_objects =
builtin_cflags =
noinst_PROGRAMS =
+if TIZEN_EXT
+bin_PROGRAMS = src/connmand
+else
bin_PROGRAMS =
+endif
unit_objects =
MANUAL_PAGES =
+if TIZEN_EXT
+sbin_PROGRAMS =
+else
sbin_PROGRAMS = src/connmand
+endif
src_connmand_SOURCES = $(gdhcp_sources) $(gweb_sources) \
$(builtin_sources) $(shared_sources) src/connman.ver \
builtin_vpn_libadd =
builtin_vpn_cflags =
+if TIZEN_EXT
+bin_PROGRAMS += vpn/connman-vpnd
+else
sbin_PROGRAMS += vpn/connman-vpnd
+endif
vpn_connman_vpnd_SOURCES = $(gdhcp_sources) $(builtin_vpn_sources) \
$(gweb_sources) vpn/vpn.ver vpn/main.c vpn/vpn.h \
if CLIENT
bin_PROGRAMS += client/connmanctl
-MANUAL_PAGES = doc/connmanctl.1
+#MANUAL_PAGES = doc/connmanctl.1
client_connmanctl_SOURCES = client/dbus_helpers.h client/dbus_helpers.c \
client/services.h client/services.c \
EXTRA_DIST += src/main.conf \
src/eduroam.config
-MANUAL_PAGES += doc/connman.8 doc/connman.conf.5
+#MANUAL_PAGES += doc/connman.8 doc/connman.conf.5
dist_man_MANS = $(MANUAL_PAGES)
AM_CONDITIONAL(TELEPHONY, test "${enable_telephony}" != "no")
AM_CONDITIONAL(TELEPHONY_BUILTIN, test "${enable_telephony}" = "builtin")
+AC_ARG_ENABLE(tizen-ext,
+ AC_HELP_STRING([--enable-tizen-ext], [enable TIZEN extensions]),
+ [if (test "${enableval}" = "yes"); then
+ CFLAGS="$CFLAGS -DTIZEN_EXT"
+ LIBS="$LIBS -lsmack"
+ fi])
+AM_CONDITIONAL(TIZEN_EXT, test "${enable-tizen-ext}" != "no")
+
AC_ARG_WITH(openconnect, AC_HELP_STRING([--with-openconnect=PROGRAM],
[specify location of openconnect binary]), [path_openconnect=${withval}])
[enable_openconnect=${enableval}], [enable_openconnect="no"])
if (test "${enable_openconnect}" != "no"); then
if (test -z "${path_openconnect}"); then
- AC_PATH_PROG(OPENCONNECT, [openconnect], [], $PATH:/sbin:/usr/sbin)
+ AC_PATH_PROG(OPENCONNECT, [openconnect], [], $PATH:/bin:/usr/bin)
if (test -z "${OPENCONNECT}"); then
AC_MSG_ERROR(openconnect binary not found)
fi
[enable_openvpn=${enableval}], [enable_openvpn="no"])
if (test "${enable_openvpn}" != "no"); then
if (test -z "${path_openvpn}"); then
- AC_PATH_PROG(OPENVPN, [openvpn], [], $PATH:/sbin:/usr/sbin)
+ AC_PATH_PROG(OPENVPN, [openvpn], [], $PATH:/bin:/usr/bin)
if (test -z "${OPENVPN}"); then
AC_MSG_ERROR(openvpn binary not found)
fi
[enable_vpnc=${enableval}], [enable_vpnc="no"])
if (test "${enable_vpnc}" != "no"); then
if (test -z "${path_vpnc}"); then
- AC_PATH_PROG(VPNC, [vpnc], [], $PATH:/sbin:/usr/sbin)
+ AC_PATH_PROG(VPNC, [vpnc], [], $PATH:/bin:/usr/bin)
if (test -z "${VPNC}"); then
AC_MSG_ERROR(vpnc binary not found)
fi
[enable_l2tp=${enableval}], [enable_l2tp="no"])
if (test "${enable_l2tp}" != "no"); then
if (test -z "${path_pppd}"); then
- AC_PATH_PROG(PPPD, [pppd], [/usr/sbin/pppd], $PATH:/sbin:/usr/sbin)
+ AC_PATH_PROG(PPPD, [pppd], [/usr/bin/pppd], $PATH:/bin:/usr/bin)
else
PPPD="${path_pppd}"
AC_SUBST(PPPD)
AC_CHECK_HEADERS(pppd/pppd.h, dummy=yes,
AC_MSG_ERROR(ppp header files are required))
if (test -z "${path_l2tp}"); then
- AC_PATH_PROG(L2TP, [xl2tpd], [/usr/sbin/xl2tpd], $PATH:/sbin:/usr/sbin)
+ AC_PATH_PROG(L2TP, [xl2tpd], [/usr/bin/xl2tpd], $PATH:/bin:/usr/bin)
else
L2TP="${path_l2tp}"
AC_SUBST(L2TP)
[enable_pptp=${enableval}], [enable_pptp="no"])
if (test "${enable_pptp}" != "no"); then
if (test -z "${path_pppd}"); then
- AC_PATH_PROG(PPPD, [pppd], [/usr/sbin/pppd], $PATH:/sbin:/usr/sbin)
+ AC_PATH_PROG(PPPD, [pppd], [/usr/bin/pppd], $PATH:/bin:/usr/bin)
else
PPPD="${path_pppd}"
AC_SUBST(PPPD)
AC_CHECK_HEADERS(pppd/pppd.h, dummy=yes,
AC_MSG_ERROR(ppp header files are required))
if (test -z "${path_pptp}"); then
- AC_PATH_PROG(PPTP, [pptp], [/usr/sbin/pptp], $PATH:/sbin:/usr/sbin)
+ AC_PATH_PROG(PPTP, [pptp], [/usr/bin/pptp], $PATH:/bin:/usr/bin)
else
PPTP="${path_pptp}"
AC_SUBST(PPTP)
if (test "${enable_tools}" != "no"); then
AC_PATH_PROGS(IPTABLES_SAVE, [iptables-save], [],
- $PATH:/sbin:/usr/sbin)
+ $PATH:/bin:/usr/bin)
IPTABLES_SAVE=$ac_cv_path_IPTABLES_SAVE
else
IPTABLES_SAVE=""
if (test "${enable_wifi}" != "no"); then
AC_PATH_PROG(WPASUPPLICANT, [wpa_supplicant], [],
- $PATH:/sbin:/usr/sbin)
+ $PATH:/bin:/usr/bin)
fi
AC_ARG_ENABLE(datafiles, AC_HELP_STRING([--disable-datafiles],
%build
-CFLAGS+=" -DTIZEN_EXT -lsmack -Werror"
+#CFLAGS+=" -DTIZEN_EXT -lsmack -Werror"
CFLAGS+=" -DTIZEN_SYS_CA_BUNDLE=\"%TZ_SYS_RO_CA_BUNDLE\""
%if %{with connman_vpnd}
%configure \
--sysconfdir=/etc \
--enable-client \
+ --enable-tizen-ext \
--enable-pacrunner \
--enable-wifi=builtin \
%if %{with connman_openconnect}
cp -f scripts/%{upgrade_script_filename} %{buildroot}%{upgrade_script_path}
%post
-chsmack -a 'System' /%{_localstatedir}/lib/connman
-chsmack -a 'System' /%{_localstatedir}/lib/connman/settings
+#chsmack -a 'System' /%{_localstatedir}/lib/connman
+#chsmack -a 'System' /%{_localstatedir}/lib/connman/settings
%preun
%files
%manifest connman.manifest
-%attr(500,root,root) %{_sbindir}/*
-%attr(500,root,root) %{_bindir}/connmanctl
-%attr(600,root,root) /%{_localstatedir}/lib/connman/settings
+%attr(500,network_fw,network_fw) %{_bindir}/*
+%attr(500,network_fw,network_fw) %{_bindir}/connmanctl
+%attr(755,network_fw,network_fw) /%{_localstatedir}/lib/connman
+%attr(600,network_fw,network_fw) /%{_localstatedir}/lib/connman/settings
#%{_libdir}/connman/plugins/*.so
-%attr(644,root,root) %{_datadir}/dbus-1/system-services/*
-#%{_datadir}/dbus-1/services/*
+%attr(644,network_fw,network_fw) %{_datadir}/dbus-1/system-services/*
%{_sysconfdir}/dbus-1/system.d/*
-%attr(644,root,root) %{_sysconfdir}/connman/main.conf
+%attr(644,network_fw,network_fw) %{_sysconfdir}/connman/main.conf
%{_sysconfdir}/dbus-1/system.d/*.conf
-%attr(644,root,root) %{_libdir}/systemd/system/connman.service
-%attr(644,root,root) %{_libdir}/systemd/system/multi-user.target.wants/connman.service
-%attr(644,root,root) %{_libdir}/systemd/system/connman-vpn.service
+%attr(644,network_fw,network_fw) %{_libdir}/systemd/system/connman.service
+%attr(644,network_fw,network_fw) %{_libdir}/systemd/system/multi-user.target.wants/connman.service
+%attr(644,network_fw,network_fw) %{_libdir}/systemd/system/connman-vpn.service
%if "%{?_lib}" == "lib64"
-%attr(644,root,root) %{_unitdir}/connman.service
-%attr(644,root,root) %{_unitdir}/multi-user.target.wants/connman.service
-%attr(644,root,root) %{_unitdir}/connman-vpn.service
-%attr(644,root,root) %{_unitdir}/connman.socket
-%attr(644,root,root) %{_unitdir}/sockets.target.wants/connman.socket
+%attr(644,network_fw,network_fw) %{_unitdir}/connman.service
+%attr(644,network_fw,network_fw) %{_unitdir}/multi-user.target.wants/connman.service
+%attr(644,network_fw,network_fw) %{_unitdir}/connman-vpn.service
+%attr(644,network_fw,network_fw) %{_unitdir}/connman.socket
+%attr(644,network_fw,network_fw) %{_unitdir}/sockets.target.wants/connman.socket
%else
-%attr(644,root,root) %{_libdir}/systemd/system/connman.socket
-%attr(644,root,root) %{_libdir}/systemd/system/sockets.target.wants/connman.socket
+%attr(644,network_fw,network_fw) %{_libdir}/systemd/system/connman.socket
+%attr(644,network_fw,network_fw) %{_libdir}/systemd/system/sockets.target.wants/connman.socket
%endif
%license COPYING
%{upgrade_script_path}/%{upgrade_script_filename}
%{_libdir}/connman/scripts/openconnect-script
%{_datadir}/dbus-1/system-services/net.connman.vpn.service
%license COPYING
+%if "%{?_lib}" == "lib64"
+%attr(644,network_fw,network_fw) %{_unitdir}/connman-vpn.service
+%else
+%attr(644,network_fw,network_fw) %{_libdir}/systemd/system/connman-vpn.service
+%endif
%endif
%if %{with connman_openvpn}
%{_libdir}/%{name}/scripts/openvpn-script
%{_datadir}/dbus-1/system-services/net.connman.vpn.service
%license COPYING
+%if "%{?_lib}" == "lib64"
+%attr(644,network_fw,network_fw) %{_unitdir}/connman-vpn.service
+%else
+%attr(644,network_fw,network_fw) %{_libdir}/systemd/system/connman-vpn.service
+%endif
%endif
%if %{with connman_ipsec}
%{_libdir}/%{name}/plugins-vpn/ipsec.so
%{_libdir}/%{name}/scripts/ipsec-script
%{_datadir}/dbus-1/system-services/net.connman.vpn.service
+%license COPYING
+%if "%{?_lib}" == "lib64"
+%attr(644,network_fw,network_fw) %{_unitdir}/connman-vpn.service
+%else
+%attr(644,network_fw,network_fw) %{_libdir}/systemd/system/connman-vpn.service
+%endif
%endif
%if %{with connman_vpnd}
%files connman-vpnd
%manifest %{name}.manifest
-#%{_sbindir}/connman-vpnd
+#%{_bindir}/connman-vpnd
%dir %{_libdir}/%{name}
%dir %{_libdir}/%{name}/scripts
%dir %{_libdir}/%{name}/plugins-vpn
%config %{_sysconfdir}/dbus-1/system.d/connman-vpn-dbus.conf
%{_datadir}/dbus-1/system-services/net.connman.vpn.service
%license COPYING
+%if "%{?_lib}" == "lib64"
+%attr(644,network_fw,network_fw) %{_unitdir}/connman-vpn.service
+%else
+%attr(644,network_fw,network_fw) %{_libdir}/systemd/system/connman-vpn.service
+%endif
%endif
%post extension-tv
mv -f %{_libdir}/systemd/system/connman.service.tv %{_libdir}/systemd/system/connman.service
mv -f %{_sysconfdir}/connman/main.conf.tv %{_sysconfdir}/connman/main.conf
%files extension-tv
-%attr(644,root,root) %{_sysconfdir}/connman/main.conf.tv
+%attr(644,network_fw,network_fw) %{_sysconfdir}/connman/main.conf.tv
%license COPYING
%if "%{?_lib}" == "lib64"
-%attr(644,root,root) %{_unitdir}/connman.service.tv
+%attr(644,network_fw,network_fw) %{_unitdir}/connman.service.tv
%else
-%attr(644,root,root) %{_libdir}/systemd/system/connman.service.tv
+%attr(644,network_fw,network_fw) %{_libdir}/systemd/system/connman.service.tv
%endif
%post extension-ivi
mv -f %{_sysconfdir}/connman/main.conf.ivi %{_sysconfdir}/connman/main.conf
%files extension-ivi
-%attr(644,root,root) %{_sysconfdir}/connman/main.conf.ivi
+%attr(644,network_fw,network_fw) %{_sysconfdir}/connman/main.conf.ivi
%license COPYING
<allow own="org.freedesktop.NetworkManager"/>
<allow send_destination="org.freedesktop.NetworkManager"/>
</policy>
+ <policy user="network_fw">
+ <allow own="org.freedesktop.NetworkManager"/>
+ <allow send_destination="org.freedesktop.NetworkManager"/>
+ </policy>
<policy at_console="true">
<allow send_destination="org.freedesktop.NetworkManager"/>
</policy>
[D-BUS Service]
Name=net.connman
Exec=/bin/false
-User=root
+User=network_fw
+Group=network_fw
SystemdService=connman.service
#!/bin/sh
-DAEMON=@sbindir@/connmand
+DAEMON=@bindir@/connmand
DESC="Connection Manager"
. /lib/lsb/init-functions
<allow send_destination="net.connman"/>
<allow send_interface="net.connman.Agent"/>
<allow send_interface="net.connman.Counter"/>
+ <allow send_interface="net.connman.Manager"/>
+ <allow send_interface="net.connman.Service"/>
+ <allow send_interface="net.connman.Technology"/>
+ <allow send_interface="net.connman.Notification"/>
+ </policy>
+ <policy user="network_fw">
+ <allow own="net.connman"/>
+ <allow send_destination="net.connman"/>
+ <allow send_interface="net.connman.Agent"/>
+ <allow send_interface="net.connman.Counter"/>
+ <allow send_interface="net.connman.Manager"/>
+ <allow send_interface="net.connman.Service"/>
+ <allow send_interface="net.connman.Technology"/>
<allow send_interface="net.connman.Notification"/>
</policy>
<policy at_console="true">
<allow send_interface="net.connman.Counter"/>
<allow send_interface="net.connman.Notification"/>
</policy>
+ <policy user="network_fw">
+ <allow own="net.connman"/>
+ <allow send_interface="net.connman.Agent"/>
+ <allow send_interface="net.connman.Counter"/>
+ <allow send_interface="net.connman.Notification"/>
+ </policy>
<policy context="default">
<allow send_destination="net.connman"/>
</policy>
<policy user="root">
<allow own="net.connman"/>
<allow send_destination="net.connman"/>
+ <allow send_type="signal"/>
+ </policy>
+ <policy user="network_fw">
+ <allow own="net.connman"/>
+ <allow send_destination="net.connman"/>
+ <allow send_type="signal"/>
</policy>
<policy context="default">
<check send_destination="net.connman" send_interface="net.connman.Manager" send_member="GetTechnologies" privilege="http://tizen.org/privilege/network.get" />
[Service]
Type=dbus
+User=network_fw
+Group=network_fw
BusName=net.connman
Restart=on-failure
SmackProcessLabel=System
-ExecStart=@sbindir@/connmand -n --noplugin vpn
+ExecStart=@bindir@/connmand -n --noplugin vpn
StandardOutput=null
-CapabilityBoundingSet=~CAP_MAC_ADMIN
-CapabilityBoundingSet=~CAP_MAC_OVERRIDE
+Capabilities=cap_net_admin,cap_net_bind_service,cap_net_broadcast,cap_net_raw=i
+SecureBits=keep-caps
[Install]
WantedBy=multi-user.target
[Service]
Type=dbus
+User=network_fw
+Group=network_fw
BusName=net.connman
Restart=on-failure
SmackProcessLabel=System
-ExecStart=@sbindir@/connmand -n --noplugin vpn
+ExecStart=@bindir@/connmand -n --noplugin vpn
StandardOutput=null
-CapabilityBoundingSet=~CAP_MAC_ADMIN
-CapabilityBoundingSet=~CAP_MAC_OVERRIDE
+Capabilities=cap_net_admin,cap_net_bind_service,cap_net_broadcast,cap_net_raw=i
+SecureBits=keep-caps
[Install]
WantedBy=multi-user.target
#include <sys/stat.h>
#include <sys/time.h>
-#define LOG_FILE_PATH "/var/log/connman.log"
+#define LOG_FILE_PATH "/opt/usr/data/network/connman.log"
#define MAX_LOG_SIZE 1 * 1024 * 1024
#define MAX_LOG_COUNT 1
[D-BUS Service]
Name=net.connman
Exec=/bin/false
-User=root
+User=network_fw
+Group=network_fw
SystemdService=connman.service
[Service]
Type=dbus
+User=network_fw
+Group=network_fw
BusName=net.connman.vpn
SmackProcessLabel=System
-ExecStart=@sbindir@/connman-vpnd -n
+ExecStart=@bindir@/connman-vpnd -n
StandardOutput=null
-CapabilityBoundingSet=~CAP_MAC_ADMIN
-CapabilityBoundingSet=~CAP_MAC_OVERRIDE
+Capabilities=cap_net_admin,cap_net_bind_service,cap_net_broadcast,cap_net_raw=i
+SecureBits=keep-caps
[Install]
WantedBy=multi-user.target
[D-BUS Service]
Name=net.connman.vpn
Exec=/bin/false
-User=root
+User=network_fw
+Group=network_fw
SystemdService=connman-vpn.service
<policy user="root">
<allow own="net.connman.vpn"/>
<allow send_destination="net.connman.vpn"/>
+ <allow send_interface="net.connman.vpn.Agent"/>
+ </policy>
+ <policy user="network_fw">
+ <allow own="net.connman.vpn"/>
+ <allow send_destination="net.connman.vpn"/>
+ <allow send_interface="net.connman.vpn.Agent"/>
</policy>
<policy at_console="true">
<allow send_destination="net.connman.vpn"/>
<allow own="net.connman.vpn"/>
<allow send_interface="net.connman.vpn.Agent"/>
</policy>
+ <policy user="network_fw">
+ <allow own="net.connman.vpn"/>
+ <allow send_interface="net.connman.vpn.Agent"/>
+ </policy>
<policy context="default">
<allow send_destination="net.connman.vpn"/>
</policy>