const std::vector<const char*> kEntries = {
{"/"},
- {"cache/"},
- {"data/"},
- {"shared/"},
+ {"cache"},
+ {"data"},
+ {"shared"},
};
const std::vector<const char*> kReadOnlyEntries = {
{"bin"},
const char kSkelAppDir[] = "/etc/skel/apps_rw";
const char kExternalStoragePrivilege[] =
"http://tizen.org/privilege/externalstorage.appdata";
+const char kSystemShareGroupName[] = "system_share";
bool SetFileOwner(const bf::path& subpath, uid_t uid, gid_t gid) {
bs::error_code error;
bool result = true;
if (bf::is_directory(subpath)) {
perms |= bf::owner_exe | bf::group_exe | bf::others_exe;
+ if (subpath.filename() == "data") {
+ perms |= bf::group_write | bf::set_gid_on_exe;
+ boost::optional<gid_t> system_share =
+ ci::GetGidByGroupName(kSystemShareGroupName);
+ if (!system_share)
+ return false;
+ gid = *system_share;
+ }
result = SetOwnerAndPermissions(subpath, uid, gid, perms);
}
#include <vector>
#include "common/paths.h"
+#include "common/request.h"
#include "common/shared_dirs.h"
#include "common/utils/file_util.h"
#include "common/utils/glist_range.h"
namespace bf = boost::filesystem;
namespace ci = common_installer;
+namespace {
+
+const char kSystemShareGroupName[] = "system_share";
+const char kDataDir[] = "data";
+const char kSharedDataDir[] = "shared/data";
+
+bool ChangeDataDir(const bf::path& pkg_path, uid_t uid) {
+ if (ci::GetRequestMode(uid) == ci::RequestMode::GLOBAL)
+ return true;
+ boost::optional<gid_t> gid = ci::GetGidByGroupName(kSystemShareGroupName);
+ if (!gid) {
+ LOG(ERROR) << "Failed to get gid of " << kSystemShareGroupName;
+ return false;
+ }
+
+ bf::perms prms = bf::add_perms | bf::group_write | bf::group_exe |
+ bf::set_gid_on_exe;
+ bf::path data = pkg_path / kDataDir;
+ if (!ci::SetOwnership(data, uid, *gid)) {
+ LOG(ERROR) << "Failed to change owner: " << data
+ << "(" << uid << ", " << *gid << ")";
+ return false;
+ }
+ if (!ci::SetDirPermissions(data, prms)) {
+ LOG(ERROR) << "Failed to change permission: " << data
+ << std::oct << prms;
+ return false;
+ }
+ bf::path shareddata = pkg_path / kSharedDataDir;
+ if (!bf::exists(shareddata))
+ return true;
+ if (!ci::SetOwnership(shareddata, uid, *gid)) {
+ LOG(ERROR) << "Failed to change owner: " << shareddata
+ << "(" << uid << ", " << *gid << ")";
+ return false;
+ }
+ if (!ci::SetDirPermissions(shareddata, prms)) {
+ LOG(ERROR) << "Failed to change permission: " << shareddata
+ << std::oct << prms;
+ return false;
+ }
+
+ return true;
+}
+
+} // namespace
+
namespace common_installer {
namespace filesystem {
if (!ci::SetOwnershipAll(context_->pkg_path.get(), uid, *gid))
return Status::ERROR;
+ if (!ChangeDataDir(context_->pkg_path.get(), uid))
+ return Status::ERROR;
+
// For icon files
const char *iconpath = getIconPath(uid, context_->is_readonly_package.get());
if (iconpath) {