Update check_new_service.sh

author jin-gyu.kim <jin-gyu.kim@samsung.com>

Mon, 25 Sep 2017 07:49:01 +0000 (16:49 +0900)

committer jin-gyu.kim <jin-gyu.kim@samsung.com>

Tue, 17 Oct 2017 06:15:06 +0000 (15:15 +0900)
author jin-gyu.kim <jin-gyu.kim@samsung.com>
Mon, 25 Sep 2017 07:49:01 +0000 (16:49 +0900)
committer jin-gyu.kim <jin-gyu.kim@samsung.com>
Tue, 17 Oct 2017 06:15:06 +0000 (15:15 +0900)
diff --git a/test/new_service_test/check_new_service.sh b/test/new_service_test/check_new_service.sh

index 275fe66eb9429fc7b59a8ff751400196a3b5f8c7..ae6620520b97c597a6d2aaf2d881b42b0fdd5286 100644 (file)
--- a/test/new_service_test/check_new_service.sh
+++ b/test/new_service_test/check_new_service.sh
@@ -6,18 +6,40 @@ result_file="/opt/share/security-config/result/new_service.result"
  log_file="/opt/share/security-config/log/new_service.log"
  dbus_service_list="/opt/share/security-config/test/new_service_test/dbus_service.list"
  systemd_service_list="/opt/share/security-config/test/new_service_test/systemd_service.list"
+not_permitted_service_path="/opt/share/security-config/not_permitted_service/"
  
  # function to check whether it is included in list files
  # args : $1 - service file, $2 - uid, $3 - gid, $4 - smacklabel, $5 - service list
  function check_service
  {
         service_name=$(echo $1 | rev | cut -f1 -d "/" | rev)
-       result=$(cat $5 | grep "$service_name$2$3$4")
+       if [ $2 == ";" ]
+       then
+               uid=";root"
+       else
+               uid="$2"
+       fi
+       if [ $3 == ";" ]
+       then
+               gid=";root"
+       else
+               gid="$3"
+       fi
+       result=$(cat $5 | grep "$service_name$uid$gid$4")
         if [ "$result" = "" ]
         then
                 echo "$1"
                 echo $service_name >> $log_file
-               # TODO : Move the service to another directory.
+               # Move the service file to another directory. This service cannot be launched by systemd or d-bus.
+               # TODO : This is temporary. Checking onlycap may need to be considered later.
+               if [ -e "/etc/smack/onlycap" ]
+               then
+                       if [ ! -d $not_permitted_service_path ]
+                       then
+                               mkdir $not_permitted_service_path
+                       fi
+                       mv "$1" "$not_permitted_service_path$service_name"
+               fi
         fi
  }
  
diff --git a/test/new_service_test/dbus_service.list b/test/new_service_test/dbus_service.list

index 380f9196a65923be6eb3edc40a21d76158542e22..1513bd7f66451b863ca638957840219e371a62ff 100755 (executable)
--- a/test/new_service_test/dbus_service.list
+++ b/test/new_service_test/dbus_service.list
@@ -4,36 +4,41 @@ net.connman.vpn.service;network_fw;network_fw;;
  net.netconfig.service;network_fw;network_fw;;
  net.stc.service;root;;;
  net.wifidirect.service;network_fw;network_fw;;
-org.O1.SecurityAccounts.gUserManagement.service;root;;;
+net.wmesh.service;network_fw;network_fw;;
+org.O1.SecurityAccounts.gUserManagement.service;root;root;;
  org.bluez.ag_agent.service;network_fw;network_fw;;
-org.bluez.hf_agent.service;root;;;
-org.bluez.map_agent.service;;;;
+org.bluez.hid_agent.service;network_fw;network_fw;;
+org.bluez.hf_agent.service;root;root;;
+org.bluez.map_agent.service;root;root;;
  org.bluez.obex.service;network_fw;network_fw;;
-org.bluez.pb_agent.service;;;;
+org.bluez.pb_agent.service;root;root;;
  org.freedesktop.hostname1.service;root;;;
-org.freedesktop.locale1.service;root;;;
-org.freedesktop.login1.service;root;;;
-org.freedesktop.systemd1.service;root;;;
-org.projectx.bt.service;root;;;
-org.projectx.bt_core.service;root;;;
+org.freedesktop.locale1.service;root;root;;
+org.freedesktop.login1.service;root;root;;
+org.freedesktop.systemd1.service;root;root;;
+org.projectx.bt.service;root;root;;
+org.projectx.bt_core.service;root;root;;
  org.tizen.MobileapAgent.service;network_fw;network_fw;;
  org.tizen.PhonenumberUtils.dbus.service;service_fw;service_fw;;
  org.tizen.SmartcardService.service;network_fw;network_fw;;
-org.tizen.SoundServer.service;multimedia_fw;multimedia_fw;;
-org.tizen.account.manager.service;;;;
-org.tizen.alarm.manager.service;;;;
-org.tizen.app2sd.service;root;;;
+org.tizen.SoundServer.service;multimedia_fw;multimedia_fw;; # Need to check by SFV
+org.tizen.account.manager.service;root;root;;
+org.tizen.alarm.manager.service;root;root;;
+org.tizen.app2sd.service;root;root;;
  org.tizen.data-provider-master.service;app_fw;app_fw;;
+org.tizen.dpm.syspopup.service;security_fw;root;;
  org.tizen.dummyasm.service;service_fw;service_fw;;
+org.tizen.factory-reset.service;root;root;;
  org.tizen.fido-asm.service;service_fw;service_fw;;
  org.tizen.fido-bt-roaming.service;service_fw;service_fw;;
-org.tizen.fido.service;;;;
+org.tizen.fido.service;root;root;;
  org.tizen.lbs.Providers.LbsServer.service;location;location;;
  org.tizen.NetNfcService.service;network_fw;network_fw;;
-org.tizen.pkg_recovery.service;;;;
-org.tizen.pkgdir_tool.service;;;;
-org.tizen.pkgmgr.service;;;;
+org.tizen.pkg_recovery.service;root;root;;
+org.tizen.pkgdir_tool.service;root;root;;
+org.tizen.pkgmgr.service;root;root;;
  org.tizen.scmirroring.server.service;multimedia_fw;multimedia_fw;;
-org.tizen.smartreply.service;ui_fw;ui_fw;;
+org.tizen.smartreply.service;ui_fw;ui_fw;System;
  org.tizen.system.crash.service;root;root;;
-org.tizen.system.popup.service;system_fw;system_fw;;
+org.tizen.system.popup.service;root;root;;
+org.tizen.zigbee.service;network_fw;network_fw;;
diff --git a/test/new_service_test/systemd_service.list b/test/new_service_test/systemd_service.list

index 9ef4929004c4109155115c2eed124689abcac0c0..6613da2135295e48ff8c9c060b07dc8ea6b0ea6d 100755 (executable)
--- a/test/new_service_test/systemd_service.list
+++ b/test/new_service_test/systemd_service.list
@@ -1,17 +1,15 @@
-__user@.service;;;User;
  ac.service;app_fw;app_fw;System;
  accounts-service.service;service_fw;service_fw;System;
  alarm-server.service;app_fw;app_fw;System;
-app2sd-server.service;;;System;
-askuser.service;security_fw;security_fw;;
+app2sd-server.service;root;root;System;
  auth-fw.service;security_fw;security_fw;System;
-bluetooth-address.service;;;System;
+bluetooth-address.service;network_fw;network_fw;System;
  bluetooth-force-hci-logger.service;network_fw;network_fw;System;
  bluetooth-frwk.service;network_fw;network_fw;System;
-bluetooth-hci-device.service;;;System;
+bluetooth-hci-device.service;root;root;System;
  bluetooth-hci-dump@.service;network_fw;network_fw;System;
  bluetooth-hci-logger.service;network_fw;network_fw;System;
-bluetooth-hciattach@.service;;;System;
+bluetooth-hciattach@.service;root;root;System;
  bluetooth-map-agent.service;network_fw;network_fw;System;
  bluetooth-pbap-agent.service;network_fw;network_fw;System;
  bluetooth-share.service;network_fw;network_fw;System;
@@ -24,57 +22,64 @@ cert-checker.service;security_fw;security_fw;System;
  cert-server.service;security_fw;security_fw;System;
  connman-vpn.service;network_fw;network_fw;System;
  connman.service;network_fw;network_fw;System;
-console-getty.service;;;System;
-console-shell.service;;;System;
-container-getty@.service;;;System;
+console-getty.service;root;root;System;
+console-shell.service;root;root;System;
+container-getty@.service;root;root;System;
  contextd.service;service_fw;service_fw;System;
  csr.service;security_fw;security_fw;System;
  cynara.service;cynara;cynara;System;
  data-provider-master.service;app_fw;app_fw;System;
  dbus.service;dbus;dbus;System;
-debug-shell.service;;;System;
+debug-shell.service;root;root;System;
  device-policy-manager.service;security_fw;security_fw;System;
-deviced.service;;;System::Privileged;
-display-manager.service;;;System;
-dlog_logger.service;;;System;
+device-policy-syspopup.service;security_fw;security_fw;System;
+deviced.service;root;root;System::Privileged;
+display-manager.service;root;root;System;
+dlog_logger.service;root;root;System;
  download-provider.service;web_fw;web_fw;System;
-emergency.service;;;System;
-emuld.service;;;System::Privileged;
+emergency.service;root;root;System;
+emuld.service;root;root;System::Privileged;
  emul-common-preinit.service;service_fw;service_fw;System;
  emul-setup-audio-volume.service;service_fw;service_fw;System;
  esd.service;app_fw;app_fw;System;
-faultd.service;;;System;
+factory-reset.service;root;root;System; # under review SFV-71
+factory-reset-launch.service;root;root;System; # under review SFV-71
+faultd.service;root;root;System;
  feedbackd.service;system_fw;system_fw;System;
+fido.service;service_fw;service_fw;System;
  fido-asm.service;service_fw;service_fw;System;
  fido-bt-roaming-agent.service;service_fw;service_fw;System;
-focus-server.service;multimedia_fw;multimedia_fw;System;
-getty@.service;;;System;
-gumd.service;;;System::Privileged;
-init-update.service;;;;
-initrd-cleanup.service;;;System;
-initrd-parse-etc.service;;;System;
-initrd-switch-root.service;;;System;
-initrd-udevadm-cleanup-db.service;;;System;
-kmod-static-nodes.service;;;System;
-krate.service;;;System;
-lazy_mount.service;;;System::Privileged;
+focus-server.service;multimedia_fw;multimedia_fw;System; # need to check by SFV
+getty@.service;root;root;System;
+gumd.service;root;root;System::Privileged;
+gumd.service;root;root;System;
+init-update.service;root;root;System::Privileged;
+initrd-cleanup.service;root;root;System;
+initrd-parse-etc.service;root;root;System;
+initrd-switch-root.service;root;root;System;
+initrd-udevadm-cleanup-db.service;root;root;System;
+kmod-static-nodes.service;root;root;System;
+krate.service;root;root;System;
+lazy_mount.service;root;root;System::Privileged;
  lbs-server.service;location;location;System;
-ldconfig.service;;;System;
+ldconfig.service;root;root;System;
  license-manager-agent.service;security_fw;security_fw;System;
+log_dump.service;root;root;System;
+log_dump.service;system_fw;system_fw;System; # conditionaly used
  media-server.service;multimedia_fw;multimedia_fw;System;
  mediacontroller.service;multimedia_fw;multimedia_fw;System;
  mobileap-agent.service;network_fw;network_fw;System;
  msg-server.service;messaging;messaging;System;
  mtp-initiator.service;network_fw;network_fw;System;
-mtp-responder.service;owner;users;System;
+mtp-responder.service;network_fw;network_fw;System;
  murphyd.service;multimedia_fw;multimedia_fw;System;
  muse-server.service;multimedia_fw;multimedia_fw;System;
  net-config.service;network_fw;network_fw;System;
  nether.service;security_fw;security_fw;System;
  nfc-manager.service;network_fw;network_fw;System;
  obex.service;network_fw;network_fw;;
-ode.service;;;System::Privileged;
-offline-update.service;;;;
+ode.service;root;root;System::Privileged;
+offline-update.service;root;root;System::Privileged;
  package-manager.service;app_fw;app_fw;System;
  package-recovery.service;app_fw;app_fw;System;
  pass.service;system_fw;system_fw;System;
@@ -82,75 +87,76 @@ phonenumber-utils.service;service_fw;service_fw;System;
  pkg-db-recovery.service;app_fw;app_fw;System;
  pkgdir-tool.service;app_fw;app_fw;System;
  privacy-guard-server.service;security_fw;security_fw;System;
-pulseaudio.service;;;System;
+pulseaudio.service;root;root;System;
  pushd.service;service_fw;service_fw;System;
-quotaon.service;;;System;
-rescue.service;;;System;
-resize2fs@.service;;;System;
-resourced.service;;;System;
+quotaon.service;root;root;System;
+rescue.service;root;root;System;
+resize2fs@.service;root;root;System;
+resourced.service;root;root;System;
  sdbd.service;sdk;sdk;System;
-sdbd_tcp.service;;;System;
-security-config.service;;;System::Privileged;
-security-manager-cleanup.service;;;System::Privileged;
-security-manager-rules-loader.service;;;System::Privileged;
-security-manager.service;;;System::Privileged;
+sdbd_tcp.service;sdk;sdk;System;
+security-config.service;root;root;System::Privileged;
+security-manager-cleanup.service;root;root;System::Privileged;
+security-manager-rules-loader.service;root;root;System::Privileged;
+security-manager.service;root;root;System::Privileged;
  sensord.service;sensor;input;System;
-serial-getty@.service;;;System;
+serial-getty@.service;root;root;System;
  shutdown-animation.service;application;application;System;
-stc-manager.service;;;System;
-storaged.service;;;System::Privileged;
-sys-kernel-tracing.service;;;System;
-systemd-ask-password-console.service;;;System;
-systemd-ask-password-wall.service;;;System;
-systemd-binfmt.service;;;System;
-systemd-exit.service;;;;
-systemd-fsck-root.service;;;System;
-systemd-fsck@.service;;;System;
-systemd-halt.service;;;System;
-systemd-hibernate-resume@.service;;;System;
-systemd-hibernate.service;;;System;
-systemd-hostnamed.service;;;System;
-systemd-hwdb-update.service;;;System;
-systemd-hybrid-sleep.service;;;System;
-systemd-initctl.service;;;System;
-systemd-journal-catalog-update.service;;;System;
-systemd-journal-flush.service;;;System;
-systemd-journald.service;;;;
-systemd-kexec.service;;;System;
-systemd-localed.service;;;System;
-systemd-logind.service;;;System::Privileged;
-systemd-machine-id-commit.service;;;System;
-systemd-modules-load.service;;;System;
-systemd-nspawn@.service;;;System;
-systemd-poweroff.service;;;System;
-systemd-quotacheck.service;;;System;
-systemd-reboot.service;;;System;
-systemd-remount-fs.service;;;System;
-systemd-suspend.service;;;System;
-systemd-sysctl.service;;;System;
-systemd-tmpfiles-clean.service;;;System::Privileged;
-systemd-tmpfiles-setup-dev.service;;;System::Privileged;
-systemd-tmpfiles-setup.service;;;System::Privileged;
-systemd-udev-settle.service;;;System;
-systemd-udev-trigger.service;;;System;
-systemd-udevd.service;;;System::Privileged;
-systemd-update-done.service;;;System;
-systemd-update-utmp-runlevel.service;;;System;
-systemd-update-utmp.service;;;System;
-systemd-user-sessions.service;;;System;
-systemd-vconsole-setup.service;;;System;
+stc-manager.service;root;root;System;
+storaged.service;root;root;System::Privileged;
+swap_manager.service;system_fw;system_fw;System;
+sys-kernel-tracing.service;system_fw;system_fw;System;
+system-popup.service;system_fw;system_fw;System;
+systemd-ask-password-console.service;root;root;System;
+systemd-ask-password-wall.service;root;root;System;
+systemd-binfmt.service;root;root;System;
+systemd-exit.service;root;root;System;
+systemd-fsck-root.service;root;root;System;
+systemd-fsck@.service;root;root;System;
+systemd-halt.service;root;root;System;
+systemd-hibernate-resume@.service;root;root;System;
+systemd-hibernate.service;root;root;System;
+systemd-hostnamed.service;root;root;System;
+systemd-hwdb-update.service;root;root;System;
+systemd-hybrid-sleep.service;root;root;System;
+systemd-initctl.service;root;root;System;
+systemd-journal-catalog-update.service;root;root;System;
+systemd-journal-flush.service;root;root;System;
+systemd-journald.service;root;root;System;
+systemd-kexec.service;root;root;System;
+systemd-localed.service;root;root;System;
+systemd-logind.service;root;root;System::Privileged;
+systemd-machine-id-commit.service;root;root;System;
+systemd-modules-load.service;root;root;System;
+systemd-nspawn@.service;root;root;System;
+systemd-poweroff.service;root;root;System;
+systemd-quotacheck.service;root;root;System;
+systemd-reboot.service;root;root;System;
+systemd-remount-fs.service;root;root;System;
+systemd-suspend.service;root;root;System;
+systemd-sysctl.service;root;root;System;
+systemd-tmpfiles-setup-dev.service;root;root;System::Privileged;
+systemd-tmpfiles-setup.service;root;root;System::Privileged;
+systemd-udev-settle.service;root;root;System;
+systemd-udev-trigger.service;root;root;System;
+systemd-udevd.service;root;root;System::Privileged;
+systemd-update-done.service;root;root;System;
+systemd-update-utmp-runlevel.service;root;root;System;
+systemd-update-utmp.service;root;root;System;
+systemd-user-sessions.service;root;root;System;
+systemd-vconsole-setup.service;root;root;System;
  telephony-daemon.service;telephony;telephony;System;
-tizen-debug-off.service;;;System;
-tizen-debug-on.service;;;System;
-tizen-fstrim-user.service;;;System;
-tizen-system-env.service;;;System;
+tizen-fstrim-user.service;root;root;System;
+tizen-system-env.service;root;root;System;
  tizenid.service;system_fw;system_fw;System;
-tlm.service;;;System;
-ttrace-marker.service;;;;
-udev-sdb-init.service;;;System;
-usb-host-ffs-test-daemon.service;;;;
-user@.service;%i;;User;
-__user@.service;%i;;User;
-vmodem-x86.service;;;System::Privileged;
+tlm.service;root;root;System;
+ttrace-marker.service;root;root;System;
+udev-sdb-init.service;root;root;System;
+usb-host-ffs-test-daemon.service;system_fw;system_fw;System;
+user@.service;%i;users;User; # Need to be defined group
+__user@.service;%i;;User; # Need to be defined group
+vmodem-x86.service;root;root;System::Privileged;
  webappenc-initializer.service;security_fw;security_fw;System;
  wifi-direct-manager.service;network_fw;network_fw;System;
+wmeshd.service;network_fw;network_fw;System
+zigbee-daemon.service;network_fw;network_fw;System
author	jin-gyu.kim <jin-gyu.kim@samsung.com>
	Mon, 25 Sep 2017 07:49:01 +0000 (16:49 +0900)
committer	jin-gyu.kim <jin-gyu.kim@samsung.com>
	Tue, 17 Oct 2017 06:15:06 +0000 (15:15 +0900)
test/new_service_test/check_new_service.sh		patch \| blob \| history
test/new_service_test/dbus_service.list		patch \| blob \| history
test/new_service_test/systemd_service.list		patch \| blob \| history