Include empty rules.merged file in the package

This is to fix startup of security-manager-rules-loader.service systemd
unit in case when no applications are registered in security-manager.

This is a rare scenario, that wasn't considered until now, because there
were always some preloaded applications on snapshot images. But IoT images
are actually built with no preloaded applications, triggering the bug.

Empty file with aggregated Smack rules is provided to handle such case.
In case of package upgrade, existing file will not be overwritten thanks
to %config(noreplace) directive.

Change-Id: I1743672547abcdd42f520b34eba45c67402b37b1
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>

diff --git a/packaging/security-manager.spec b/packaging/security-manager.spec
index 8f63247..43f913c 100644 (file)
--- a/packaging/security-manager.spec
+++ b/packaging/security-manager.spec
@@ -137,6 +137,8 @@ touch %{buildroot}/%{TZ_SYS_DB}/.security-manager.db
 touch %{buildroot}/%{TZ_SYS_DB}/.security-manager.db-journal
 
 install -m 0755 -d %{buildroot}%{TZ_SYS_VAR}/security-manager
+install -m 0700 -d %{buildroot}%{TZ_SYS_VAR}/security-manager/rules-merged/
+install -m 0600 /dev/null %{buildroot}%{TZ_SYS_VAR}/security-manager/rules-merged/rules.merged
 install -m 0444 /dev/null %{buildroot}%{TZ_SYS_VAR}/security-manager/apps-labels
 install -m 0444 /dev/null %{buildroot}%{TZ_SYS_VAR}/security-manager/policy-version
 
@@ -248,6 +250,7 @@ chsmack -a System %{db_test_dir}/.security-manager-test.db-journal
 %dir %attr(711,root,root) %{TZ_SYS_VAR}/security-manager/
 %dir %attr(700,root,root) %{TZ_SYS_VAR}/security-manager/rules
 %dir %attr(700,root,root) %{TZ_SYS_VAR}/security-manager/rules-merged
+%config(noreplace) %attr(600,root,root) %{TZ_SYS_VAR}/security-manager/rules-merged/rules.merged
 
 %{_libdir}/libsecurity-manager-commons.so.*
 %attr(-,root,root) %{_unitdir}/security-manager.*