. /etc/tizen-platform.conf
-systemctl stop security-manager.service security-manager.socket
-
+### In case there is no systemd or no systemd configuration on image (ie. some TV images)
+### this can be still run...
+set +e
+systemctl stop security-manager.service security-manager.socket || echo "Problem with systemd (no .service/.socket files?), continuing"
+set -e
+
+### ...but we have to be sure that the daemon is not running;
+### manually choosing file descriptor number (9) as sh on some images is quite old
+### doesn't seem to support the exec {fd_var}>/path/to/file syntax
+exec 9>"$TZ_SYS_RUN/lock/security-manager.lock"
+flock -n 9 || { echo "ERROR: flock() failed, security-manager daemon is probably running, exiting from update" >&2; exit 1; }
label_mapping=`mktemp`
cat rules/* | tee rules-merged/rules.merged | smackload
-systemctl start security-manager.service security-manager.socket
+### Still needed in case systemd is managing service, otherwise systemctl will fail to start daemon
+flock -u 9
+
+### +/-e needed as systemd can be unavailable or purposedly lacking configuration on some images (ie. TV)
+set +e
+systemctl start security-manager.service security-manager.socket || echo "Problem with systemd (no .service/.socket files?), continuing"
+set -e
echo "Migration successful"
rm -f $label_mapping
. /etc/tizen-platform.conf
-systemctl stop security-manager.service security-manager.socket
+### In case there is no systemd or no systemd configuration on image (ie. some TV images)
+### this can be still run...
+set +e
+systemctl stop security-manager.service security-manager.socket || echo "Problem with systemd (no .service/.socket files?), continuing"
+set -e
+### ...but we have to be sure that the daemon is not running;
+### manually choosing file descriptor number (9) as sh on some images is quite old
+### doesn't seem to support the exec {fd_var}>/path/to/file syntax
+exec 9>"$TZ_SYS_RUN/lock/security-manager.lock"
+flock -n 9 || { echo "ERROR: flock() failed, security-manager daemon is probably running, exiting from update" >&2; exit 1; }
app_label_nonhybrid=`mktemp`
cat rules/* | tee rules-merged/rules.merged | smackload
-systemctl start security-manager.service security-manager.socket
+### Still needed in case systemd is managing service, otherwise systemctl will fail to start daemon
+flock -u 9
+
+### +/-e needed as systemd can be unavailable or purposedly lacking configuration on some images (ie. TV)
+set +e
+systemctl start security-manager.service security-manager.socket || echo "Problem with systemd (no .service/.socket files?), continuing"
+set -e
echo "Migration successful"
rm -f $app_label_nonhybrid
. /etc/tizen-platform.conf
-systemctl stop security-manager.service security-manager.socket
+### In case there is no systemd or no systemd configuration on image (ie. some TV images)
+### this can be still run...
+set +e
+systemctl stop security-manager.service security-manager.socket || echo "Problem with systemd (no .service/.socket files?), continuing"
+set -e
+
+### ...but we have to be sure that the daemon is not running;
+### manually choosing file descriptor number (9) as sh on some images is quite old
+### doesn't seem to support the exec {fd_var}>/path/to/file syntax
+exec 9>"$TZ_SYS_RUN/lock/security-manager.lock"
+flock -n 9 || { echo "ERROR: flock() failed, security-manager daemon is probably running, exiting from update" >&2; exit 1; }
+
sed -r '/^\s*$/d' -i $TZ_SYS_VAR/security-manager/rules/* $TZ_SYS_VAR/security-manager/rules-merged/*
-systemctl start security-manager.service security-manager.socket
+
+### Still needed in case systemd is managing service, otherwise systemctl will fail to start daemon
+flock -u 9
+
+### +/-e needed as systemd can be unavailable or purposedly lacking configuration on some images (ie. TV)
+set +e
+systemctl start security-manager.service security-manager.socket || echo "Problem with systemd (no .service/.socket files?), continuing"
+set -e
\ No newline at end of file
. /etc/tizen-platform.conf
-systemctl stop security-manager.service security-manager.socket
+### In case there is no systemd or no systemd configuration on image (ie. some TV images)
+### this can be still run...
+set +e
+systemctl stop security-manager.service security-manager.socket || echo "Problem with systemd (no .service/.socket files?), continuing"
+set -e
+
+### ...but we have to be sure that the daemon is not running;
+### manually choosing file descriptor number (9) as sh on some images is quite old
+### doesn't seem to support the exec {fd_var}>/path/to/file syntax
+exec 9>"$TZ_SYS_RUN/lock/security-manager.lock"
+flock -n 9 || { echo "ERROR: flock() failed, security-manager daemon is probably running, exiting from update" >&2; exit 1; }
cyad --set-bucket=MANIFESTS_GLOBAL --type=DENY
cyad --set-bucket=MANIFESTS_LOCAL --type=DENY
cyad --delete-bucket=MANIFESTS
-systemctl start security-manager.service security-manager.socket
+### Still needed in case systemd is managing service, otherwise systemctl will fail to start daemon
+flock -u 9
+
+### +/-e needed as systemd can be unavailable or purposedly lacking configuration on some images (ie. TV)
+set +e
+systemctl start security-manager.service security-manager.socket || echo "Problem with systemd (no .service/.socket files?), continuing"
+set -e
\ No newline at end of file
. /etc/tizen-platform.conf
-systemctl stop security-manager.service security-manager.socket
+### In case there is no systemd or no systemd configuration on image (ie. some TV images)
+### this can be still run...
+set +e
+systemctl stop security-manager.service security-manager.socket || echo "Problem with systemd (no .service/.socket files?), continuing"
+set -e
+
+### ...but we have to be sure that the daemon is not running;
+### manually choosing file descriptor number (9) as sh on some images is quite old
+### doesn't seem to support the exec {fd_var}>/path/to/file syntax
+exec 9>"$TZ_SYS_RUN/lock/security-manager.lock"
+flock -n 9 || { echo "ERROR: flock() failed, security-manager daemon is probably running, exiting from update" >&2; exit 1; }
rm -rf "$TZ_SYS_VAR"/security-manager/rules{,-merged}
-systemctl start security-manager.service security-manager.socket
+### Still needed in case systemd is managing service, otherwise systemctl will fail to start daemon
+flock -u 9
+
+### +/-e needed as systemd can be unavailable or purposedly lacking configuration on some images (ie. TV)
+set +e
+systemctl start security-manager.service security-manager.socket || echo "Problem with systemd (no .service/.socket files?), continuing"
+set -e
\ No newline at end of file
. /etc/tizen-platform.conf
-systemctl stop security-manager.service security-manager.socket
+### In case there is no systemd or no systemd configuration on image (ie. some TV images)
+### this can be still run...
+set +e
+systemctl stop security-manager.service security-manager.socket || echo "Problem with systemd (no .service/.socket files?), continuing"
+set -e
+
+### ...but we have to be sure that the daemon is not running;
+### manually choosing file descriptor number (9) as sh on some images is quite old
+### doesn't seem to support the exec {fd_var}>/path/to/file syntax
+exec 9>"$TZ_SYS_RUN/lock/security-manager.lock"
+flock -n 9 || { echo "ERROR: flock() failed, security-manager daemon is probably running, exiting from update" >&2; exit 1; }
temp_dir=`mktemp -d`
rmdir $temp_dir
-systemctl start security-manager.service security-manager.socket
+### Still needed in case systemd is managing service, otherwise systemctl will fail to start daemon
+flock -u 9
+
+### +/-e needed as systemd can be unavailable or purposedly lacking configuration on some images (ie. TV)
+set +e
+systemctl start security-manager.service security-manager.socket || echo "Problem with systemd (no .service/.socket files?), continuing"
+set -e
\ No newline at end of file
. /etc/tizen-platform.conf
-systemctl stop security-manager.service security-manager.socket
+### In case there is no systemd or no systemd configuration on image (ie. some TV images)
+### this can be still run...
+set +e
+systemctl stop security-manager.service security-manager.socket || echo "Problem with systemd (no .service/.socket files?), continuing"
+set -e
+
+### ...but we have to be sure that the daemon is not running;
+### manually choosing file descriptor number (9) as sh on some images is quite old
+### doesn't seem to support the exec {fd_var}>/path/to/file syntax
+exec 9>"$TZ_SYS_RUN/lock/security-manager.lock"
+flock -n 9 || { echo "ERROR: flock() failed, security-manager daemon is probably running, exiting from update" >&2; exit 1; }
trusted_dirs=`find "$TZ_SYS_OPT" -name trusted | grep apps_rw`
fi
done
-systemctl start security-manager-rules-loader.service
-systemctl start security-manager.service security-manager.socket
+### Still needed in case systemd is managing service, otherwise systemctl will fail to start daemon
+flock -u 9
+
+### +/-e needed as systemd can be unavailable or purposedly lacking configuration on some images (ie. TV)
+set +e
+systemctl start security-manager-rules-loader.service || echo "Problem with systemd (no .service/.socket files?), continuing"
+systemctl start security-manager.service security-manager.socket || echo "Problem with systemd (no .service/.socket files?), continuing"
+set -e
\ No newline at end of file
projects / platform / core / security / security-manager.git / commitdiff