From: Changyeon Lee <cyeon.lee@samsung.com>
Date: Mon, 22 May 2017 14:14:41 +0000 (+0900)
Subject: tbm_drm_helper: set permission and group to tbm-drm-auth socket when it is added
X-Git-Tag: accepted/tizen/3.0/common/20170523.125959~1
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=3db156a20f5f78c62d70a314c90bc89350dd1c6f;p=platform%2Fcore%2Fuifw%2Flibtbm.git

tbm_drm_helper: set permission and group to tbm-drm-auth socket when it is added

Change-Id: I2baf207a54347e8175a829fc6b063e9ffa783114
---

diff --git a/packaging/libtbm.spec b/packaging/libtbm.spec
index c2e9642..030a856 100644
--- a/packaging/libtbm.spec
+++ b/packaging/libtbm.spec
@@ -67,10 +67,6 @@ make -C ut check
 rm -rf %{buildroot}
 %make_install
 
-
-%__mkdir_p %{buildroot}%{_unitdir}
-install -m 644 service/tbm-drm-auth.service %{buildroot}%{_unitdir}
-install -m 644 service/tbm-drm-auth.path %{buildroot}%{_unitdir}
 %__mkdir_p %{buildroot}%{_unitdir_user}
 install -m 644 service/tbm-drm-auth-user.service %{buildroot}%{_unitdir_user}
 install -m 644 service/tbm-drm-auth-user.path %{buildroot}%{_unitdir_user}
@@ -79,16 +75,11 @@ install -m 644 service/tbm-drm-auth-user.path %{buildroot}%{_unitdir_user}
 rm -rf %{buildroot}
 
 %pre
-%__mkdir_p %{_unitdir}/graphical.target.wants
-ln -sf ../tbm-drm-auth.path %{_unitdir}/graphical.target.wants/
-
 %__mkdir_p %{_unitdir_user}/basic.target.wants
 ln -sf ../tbm-drm-auth-user.path %{_unitdir_user}/basic.target.wants/
 
 %post -p /sbin/ldconfig
 %postun -p /sbin/ldconfig
-rm -f %{_unitdir}/graphical.target.wants/tbm-drm-auth.path
-
 rm -f %{_unitdir_user}/basic.target.wants/tbm-drm-auth-user.path
 
 %files
@@ -96,8 +87,6 @@ rm -f %{_unitdir_user}/basic.target.wants/tbm-drm-auth-user.path
 %defattr(-,root,root,-)
 %license COPYING
 %{_libdir}/libtbm.so.*
-%{_unitdir}/tbm-drm-auth.path
-%{_unitdir}/tbm-drm-auth.service
 %{_unitdir_user}/tbm-drm-auth-user.path
 %{_unitdir_user}/tbm-drm-auth-user.service
 %if %{with utest}
diff --git a/service/tbm-drm-auth.path b/service/tbm-drm-auth.path
deleted file mode 100644
index eaa5251..0000000
--- a/service/tbm-drm-auth.path
+++ /dev/null
@@ -1,5 +0,0 @@
-[Unit]
-Description=Wait for tbm-drm-auth daemon socket
-
-[Path]
-PathExists=/run/tbm-drm-auth
diff --git a/service/tbm-drm-auth.service b/service/tbm-drm-auth.service
deleted file mode 100644
index 37c4313..0000000
--- a/service/tbm-drm-auth.service
+++ /dev/null
@@ -1,15 +0,0 @@
-[Unit]
-Description= tbm-drm-auth setup service
-
-[Service]
-User=ui_fw
-Group=ui_fw
-Capabilities=cap_fowner,cap_chown=i
-SecureBits=keep-caps
-Type=oneshot
-SmackProcessLabel=System
-ExecStart=/usr/bin/chmod g+w /run/tbm-drm-auth
-ExecStart=/usr/bin/chgrp display /run/tbm-drm-auth
-
-[Install]
-WantedBy=graphical.target
diff --git a/src/tbm_drm_helper_server.c b/src/tbm_drm_helper_server.c
index 65a9c45..ed92b96 100644
--- a/src/tbm_drm_helper_server.c
+++ b/src/tbm_drm_helper_server.c
@@ -34,6 +34,7 @@ SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 #include "config.h"
 
 #include <xf86drm.h>
+#include <grp.h>
 
 #include "tbm_bufmgr_int.h"
 
@@ -144,6 +145,109 @@ _wayland_tbm_drm_auth_server_bind_cb(struct wl_client *client, void *data,
 				       NULL);
 }
 
+static int
+_tbm_getgrnam_r(const char *name)
+{
+	struct group *grp = NULL;
+	struct group *grp_res = NULL;
+	char* buf = NULL;
+	size_t buf_len;
+	int ret;
+	int id;
+
+	buf_len = sysconf(_SC_GETGR_R_SIZE_MAX);
+	if (buf_len == -1)
+		buf_len = 2048;
+
+	buf = calloc(1, buf_len * sizeof(char));
+	if (!buf) {
+		TBM_LOG_E("creating buffer failed\n");
+		goto failed;
+	}
+
+	grp = calloc(1, sizeof(struct group));
+	if (!grp) {
+		TBM_LOG_E("creating group failed\n");
+		goto failed;
+	}
+
+	ret = getgrnam_r(name, grp, buf, buf_len, &grp_res);
+	if (ret < 0) {
+		TBM_LOG_E("getgrnam_r failed errno:%d(%m)\n", ret);
+		goto failed;
+	}
+
+	if (grp_res == NULL) {
+		TBM_LOG_E("finding name:%s group failed\n", name);
+		goto failed;
+	}
+
+	id = grp->gr_gid;
+	free(buf);
+	free(grp);
+
+	return id;
+
+failed:
+	if (buf)
+		free(buf);
+	if (grp)
+		free(grp);
+
+	return -1;
+}
+
+static int
+_tbm_drm_auth_socket_init(struct wayland_tbm_drm_auth_server *tbm_drm_auth_srv)
+{
+	const char *dir = NULL;
+	char socket_path[128];
+	int ret = -1;
+	uid_t uid;
+	gid_t gid;
+
+	if (wl_display_add_socket(tbm_drm_auth_srv->display, "tbm-drm-auth")) {
+		TBM_LOG_E("createing a tdm-socket failed\n");
+		return 0;
+	}
+
+	dir = getenv("XDG_RUNTIME_DIR");
+	if (!dir) {
+		TBM_LOG_E("getting XDG_RUNTIME_DIR failed\n");
+		return 0;
+	}
+
+	snprintf(socket_path, sizeof(socket_path), "%s/%s", dir, "tbm-drm-auth");
+
+	ret = chmod(socket_path, 509);
+	if (ret < 0) {
+		TBM_LOG_E("changing modes of socket file failed:%s (%m)\n", socket_path);
+		return 0;
+	}
+
+	ret = _tbm_getgrnam_r("root");
+	if (ret < 0) {
+		TBM_LOG_E("getting uid failed\n");
+		return 0;
+	}
+	uid = ret;
+
+	ret = _tbm_getgrnam_r("display");
+	if (ret < 0) {
+		TBM_LOG_E("getting gid failed\n");
+		return 0;
+	}
+	gid = ret;
+
+	ret = chown(socket_path, uid, gid);
+	if (ret < 0) {
+		TBM_LOG_E("changing owner of socket file failed:%s (%m)\n", socket_path);
+		return 0;
+	}
+
+	return 1;
+}
+
 int
 tbm_drm_helper_wl_auth_server_init(void *wl_display,   int fd, const char *device_name, uint32_t flags)
 {
@@ -158,8 +262,8 @@ tbm_drm_helper_wl_auth_server_init(void *wl_display,   int fd, const char *devic
 		tbm_drm_auth_srv->fd = fd;
 		tbm_drm_auth_srv->flags = flags;
 
-		if (wl_display_add_socket(tbm_drm_auth_srv->display, "tbm-drm-auth")) {
-			TBM_LOG_E("[TBM_DRM] fail to add socket\n");
+		if (!_tbm_drm_auth_socket_init(tbm_drm_auth_srv)) {
+			TBM_LOG_E("[TBM_DRM] fail to _tbm_drm_auth_socket_init\n");
 
 			if (tbm_drm_auth_srv->device_name)
 				free(tbm_drm_auth_srv->device_name);