return SECURITY_MANAGER_SUCCESS;
}
++static int fetchLabelForProcess(const std::string &appName, std::string &label)
++{
++ using namespace SecurityManager;
++
++ MessageBuffer send, recv;
++ Serialization::Serialize(send, (int) SecurityModuleCall::LABEL_FOR_PROCESS, appName);
++ int retval = sendToServer(SERVICE_SOCKET, send.Pop(), recv);
++ if (retval != SECURITY_MANAGER_SUCCESS) {
++ LogError("Error in sendToServer. Error code: " << retval);
++ return retval;
++ }
++
++ Deserialization::Deserialize(recv, retval);
++ if (retval != SECURITY_MANAGER_SUCCESS) {
++ LogError("Couldn't get label for process: " << retval);
++ return retval;
++ }
++ Deserialization::Deserialize(recv, label);
++ return SECURITY_MANAGER_SUCCESS;
++}
++
SECURITY_MANAGER_API
int security_manager_set_process_label_from_appid(const char *app_name)
{
void updatePermissibleFile(uid_t uid, int installationType)
{
std::string nameFile = getPerrmissibleFileLocation(uid, installationType);
- filePtr file = openAndLockNameFile(nameFile, "w");
- markPermissibleFileValid(fileno(file.get()), nameFile, false);
+ std::ofstream fstream;
+ openAndLockNameFile(nameFile, fstream);
+ markPermissibleFileValid(getFd(fstream), nameFile, false);
+
std::vector<std::string> appNames;
PrivilegeDb::getInstance().GetUserApps(uid, appNames);
- for (auto &name : appNames) {
- if (fprintf(file.get(), "%s\n", name.c_str()) < 0) {
- LogError("Unable to fprintf() to file " << nameFile << ": " << GetErrnoString(errno));
+ for (auto &appName : appNames) {
- fstream << SmackLabels::generateAppLabel(appName) << '\n';
++ std::string pkgName;
++ PrivilegeDb::getInstance().GetAppPkgName(appName, pkgName);
++ bool isPkgHybrid = PrivilegeDb::getInstance().IsPackageHybrid(pkgName);
++
++ fstream << SmackLabels::generateProcessLabel(appName, pkgName, isPkgHybrid) << '\n';
+ if (fstream.bad()) {
+ LogError("Unable to write to file " << nameFile << ": " << GetErrnoString(errno));
ThrowMsg(PermissibleSetException::PermissibleSetException::FileWriteError,
- "Unable to fprintf() to file");
+ "Unable to write to file");
}
}
- if (fflush(file.get()) != 0) {
+ if (fstream.flush().fail()) {
LogError("Error at fflush " << nameFile << ": " << GetErrnoString(errno));
ThrowMsg(PermissibleSetException::FileWriteError, "Error at fflush");
}