From: jongmyeongko Date: Thu, 30 Jun 2016 07:58:07 +0000 (+0900) Subject: change user id of pkgmgr-server X-Git-Tag: accepted/tizen/common/20160706.141410^0 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=23bc9fa4ae4d9cc5cec53f1fade60748fe27e201;p=platform%2Fcore%2Fappfw%2Fpkgmgr-server.git change user id of pkgmgr-server Change-Id: I7ec7e544d0f9771ad457778ba1af072cc45964e7 Signed-off-by: jongmyeongko --- diff --git a/org.tizen.pkgmgr.conf.in b/org.tizen.pkgmgr.conf.in index bee2a29..637a054 100644 --- a/org.tizen.pkgmgr.conf.in +++ b/org.tizen.pkgmgr.conf.in @@ -9,6 +9,12 @@ + + + + + + diff --git a/org.tizen.pkgmgr.service.in b/org.tizen.pkgmgr.service.in index 9252ca2..46321cc 100644 --- a/org.tizen.pkgmgr.service.in +++ b/org.tizen.pkgmgr.service.in @@ -1,5 +1,4 @@ [D-BUS Service] -User=root Name=org.tizen.pkgmgr Exec=@PREFIX@/bin/false SystemdService=package-manager.service diff --git a/package-manager.service.in b/package-manager.service.in index 79a03d4..3e318ec 100644 --- a/package-manager.service.in +++ b/package-manager.service.in @@ -2,6 +2,6 @@ Description=Tizen Package Manager [Service] +User=app_fw +Group=app_fw ExecStart=@PREFIX@/bin/pkgmgr-server -CapabilityBoundingSet=~CAP_MAC_ADMIN -CapabilityBoundingSet=~CAP_MAC_OVERRIDE diff --git a/src/pkgmgr-server.c b/src/pkgmgr-server.c index 7742879..dbcbd37 100644 --- a/src/pkgmgr-server.c +++ b/src/pkgmgr-server.c @@ -65,6 +65,10 @@ typedef struct { gid_t gid; } user_ctx; +typedef struct { + uid_t uid; + char *cmd; +} pkgcmd_data; /* 8 bit value to represent maximum 8 backends. @@ -398,10 +402,16 @@ static int __pkgcmd_find_pid_by_cmdline(const char *dname, const char *cmdline, const char *apppath) { int pid = 0; + int pgid = 0; if (strcmp(cmdline, apppath) == 0) { pid = atoi(dname); - if (pid != getpgid(pid)) + pgid = getpgid(pid); + if (pgid < 0) { + ERR("getpgid failed, errno(%d)", errno); + pid = 0; + } + if (pid != pgid) pid = 0; } return pid; @@ -441,10 +451,12 @@ static int __pkgcmd_proc_iter_kill_cmdline(const char *apppath, int option) pgid = getpgid(pid); if (pgid <= 1) { closedir(dp); + ERR("getpgid failed, errno(%d)", errno); return -1; } if (killpg(pgid, SIGKILL) < 0) { closedir(dp); + ERR("killpg failed, errno(%d)", errno); return -1; } closedir(dp); @@ -455,16 +467,26 @@ static int __pkgcmd_proc_iter_kill_cmdline(const char *apppath, int option) return 0; } -static void __make_pid_info_file(char *req_key, int pid) +static void __make_pid_info_file(char *req_key, int pid, uid_t uid) { FILE* file; int fd; + int ret; char buf[MAX_PKG_TYPE_LEN] = {0}; char info_file[PATH_MAX] = {'\0'}; + struct passwd pwd; + struct passwd *pwd_result; if(req_key == NULL) return; + ret = getpwuid_r(uid, &pwd, buf, sizeof(buf), &pwd_result); + if (ret != 0 || pwd_result == NULL) { + ERR("get uid failed(%d) for user(%d)", ret, uid); + return; + } + DBG("uid(%d), gid(%d)", uid, pwd.pw_gid); + snprintf(info_file, PATH_MAX, "/tmp/pkgmgr/%s", req_key); DBG("info_path(%s)", info_file); @@ -479,6 +501,10 @@ static void __make_pid_info_file(char *req_key, int pid) fflush(file); fd = fileno(file); + if (fchmod(fd, 0777) < 0) + ERR("chmod failed, errno(%d)", errno); + if (fchown(fd, uid, pwd.pw_gid) < 0) + ERR("chown failed, errno(%d)", errno); fsync(fd); fclose(file); } @@ -514,6 +540,7 @@ static int __pkgcmd_app_cb(const pkgmgrinfo_appinfo_h handle, void *user_data) char *exec; int ret; int pid = -1; + pkgcmd_data *pdata = (pkgcmd_data *)user_data; if (handle == NULL) { perror("appinfo handle is NULL\n"); @@ -530,12 +557,12 @@ static int __pkgcmd_app_cb(const pkgmgrinfo_appinfo_h handle, void *user_data) exit(1); } - if (strcmp(user_data, "kill") == 0) + if (strcmp(pdata->cmd, "kill") == 0) pid = __pkgcmd_proc_iter_kill_cmdline(exec, 1); - else if(strcmp(user_data, "check") == 0) + else if(strcmp(pdata->cmd, "check") == 0) pid = __pkgcmd_proc_iter_kill_cmdline(exec, 0); - __make_pid_info_file(pkgid, pid); + __make_pid_info_file(pkgid, pid, pdata->uid); return 0; } @@ -1098,6 +1125,7 @@ static int __process_kill(pm_dbus_msg *item) { int ret; pkgmgrinfo_pkginfo_h handle; + pkgcmd_data *pdata = NULL; ret = pkgmgrinfo_pkginfo_get_usr_pkginfo(item->pkgid, item->uid, &handle); @@ -1106,8 +1134,24 @@ static int __process_kill(pm_dbus_msg *item) return -1; } + pdata = calloc(1, sizeof(pkgcmd_data)); + if (pdata == NULL) { + ERR("memory alloc failed"); + return -1; + } + pdata->cmd = strdup("kill"); + if (pdata->cmd == NULL) { + ERR("out of memory"); + free(pdata); + pdata = NULL; + return -1; + } + pdata->uid = item->uid; ret = pkgmgrinfo_appinfo_get_usr_list(handle, PMINFO_ALL_APP, - __pkgcmd_app_cb, "kill", item->uid); + __pkgcmd_app_cb, pdata, item->uid); + free(pdata->cmd); + free(pdata); + pdata = NULL; pkgmgrinfo_pkginfo_destroy_pkginfo(handle); if (ret < 0) { ERR("pkgmgrinfo_appinfo_get_list() failed"); @@ -1121,6 +1165,7 @@ static int __process_check(pm_dbus_msg *item) { int ret; pkgmgrinfo_pkginfo_h handle; + pkgcmd_data *pdata = NULL; ret = pkgmgrinfo_pkginfo_get_usr_pkginfo(item->pkgid, item->uid, &handle); @@ -1129,8 +1174,24 @@ static int __process_check(pm_dbus_msg *item) return -1; } + pdata = calloc(1, sizeof(pkgcmd_data)); + if (pdata == NULL) { + ERR("memory alloc failed"); + return -1; + } + pdata->cmd = strdup("check"); + if (pdata->cmd == NULL) { + ERR("out of memory"); + free(pdata); + pdata = NULL; + return -1; + } + pdata->uid = item->uid; ret = pkgmgrinfo_appinfo_get_usr_list(handle, PMINFO_ALL_APP, - __pkgcmd_app_cb, "check", item->uid); + __pkgcmd_app_cb, pdata, item->uid); + free(pdata->cmd); + free(pdata); + pdata = NULL; pkgmgrinfo_pkginfo_destroy_pkginfo(handle); if (ret < 0) { ERR("pkgmgrinfo_appinfo_get_list() failed");