From: Kim Gunsoo <gunsoo83.kim@samsung.com>
Date: Wed, 6 Apr 2016 06:21:49 +0000 (+0900)
Subject: Add permission of the log group to sdbd service.
X-Git-Tag: accepted/tizen/common/20160408.190312^0
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=5ebfb9fc5cb97861083cbdc9c553488708b3bd6c;p=sdk%2Ftarget%2Fsdbd.git

Add permission of the log group to sdbd service.

- To obtain permission to run the dlogutil, the log group
  permissions has been granted to sdbd service.

Change-Id: I739a3ab5dfb0b118939e2f809b32fee7d10fee04
Signed-off-by: Kim Gunsoo <gunsoo83.kim@samsung.com>
---

diff --git a/packaging/sdbd.spec b/packaging/sdbd.spec
index c9e22bf..4b562e1 100644
--- a/packaging/sdbd.spec
+++ b/packaging/sdbd.spec
@@ -2,7 +2,7 @@
 
 Name:       sdbd
 Summary:    SDB daemon
-Version:    3.0.7
+Version:    3.0.8
 Release:    0
 License:    Apache-2.0
 Summary:    SDB daemon
diff --git a/src/sdb.c b/src/sdb.c
index 57cbcb0..ac5f2ad 100644
--- a/src/sdb.c
+++ b/src/sdb.c
@@ -71,6 +71,15 @@ uid_t g_sdk_user_id;
 gid_t g_sdk_group_id;
 char* g_sdk_home_dir = NULL;
 char* g_sdk_home_dir_env = NULL;
+
+struct group_info
+{
+    const char *name;
+    gid_t gid;
+};
+struct group_info g_default_groups[] = { {"log", -1}, {NULL, -1}};
+#define SDB_DEFAULT_GROUPS_CNT  ((sizeof(g_default_groups)/sizeof(g_default_groups[0]))-1)
+
 int is_init_sdk_userinfo = 0;
 
 #if !SDB_HOST
@@ -1397,50 +1406,46 @@ void register_bootdone_cb() {
 }
 
 static int sdbd_set_groups() {
-    gid_t *groups = NULL;
+    gid_t *group_ids = NULL;
     int ngroups = 0;
-    int default_ngroups = 0;
     int i, j = 0;
     int group_match = 0;
     int added_group_cnt = 0;
-    gid_t default_groups[] = { SID_DEVELOPER, SID_APP_LOGGING, SID_SYS_LOGGING, SID_INPUT };
-
-    default_ngroups = sizeof(default_groups) / sizeof(default_groups[0]);
 
     getgrouplist(SDK_USER_NAME, g_sdk_group_id, NULL, &ngroups);
     D("group list : ngroups = %d\n", ngroups);
-    groups = malloc((ngroups + default_ngroups) * sizeof(gid_t));
-    if (groups == NULL) {
-        D("failed to allocate groups(%d)\n", (ngroups + default_ngroups) * sizeof(gid_t));
+    group_ids = malloc((ngroups + SDB_DEFAULT_GROUPS_CNT) * sizeof(gid_t));
+    if (group_ids == NULL) {
+        D("failed to allocate group_ids(%d)\n", (ngroups + SDB_DEFAULT_GROUPS_CNT) * sizeof(gid_t));
         return -1;
     }
-    if (getgrouplist(SDK_USER_NAME, g_sdk_group_id, groups, &ngroups) == -1) {
+    if (getgrouplist(SDK_USER_NAME, g_sdk_group_id, group_ids, &ngroups) == -1) {
         D("failed to getgrouplist(), ngroups = %d\n", ngroups);
-        free(groups);
+        free(group_ids);
         return -1;
     }
 
-    for (i = 0; i < default_ngroups; i++) {
+    for (i = 0; g_default_groups[i].name != NULL; i++) {
         for (j = 0; j < ngroups; j++) {
-            if (groups[j] == default_groups[i]) {
+            if (group_ids[j] == g_default_groups[i].gid) {
                 group_match = 1;
                 break;
             }
         }
         if (group_match == 0) {
-            groups[ngroups + added_group_cnt] = default_groups[i];
+            group_ids[ngroups + added_group_cnt] = g_default_groups[i].gid;
             added_group_cnt ++;
         }
         group_match = 0;
     }
 
-    if (setgroups(ngroups+added_group_cnt, groups) != 0) {
+    if (setgroups(ngroups+added_group_cnt, group_ids) != 0) {
         D("failed to setgroups().\n");
-        free(groups);
+        free(group_ids);
         return -1;
     }
 
-    free(groups);
+    free(group_ids);
     return 0;
 }
 
@@ -1456,7 +1461,6 @@ static int sdbd_get_user_pwd(const char* user_name, struct passwd* pwd, char* bu
             errno = ret;
             D("failed to getpwuid_r\n");
         }
-        free(buf);
         return -1;
     }
 
@@ -1471,11 +1475,7 @@ int set_sdk_user_privileges() {
 
     if (sdbd_set_groups() < 0) {
         D("set groups failed (errno: %d)\n", errno);
-
-        // set default group list
-        gid_t default_groups[] = { SID_DEVELOPER, SID_APP_LOGGING, SID_SYS_LOGGING, SID_INPUT };
-        int default_ngroups = sizeof(default_groups) / sizeof(default_groups[0]);
-        setgroups(default_ngroups, default_groups);
+        return -1;
     }
 
     if (setgid(g_sdk_group_id) != 0) {
@@ -1718,6 +1718,45 @@ static void load_sdbd_plugin() {
     D("using sdbd plugin interface.(%s)\n", SDBD_PLUGIN_PATH);
 }
 
+static long get_passwd_bufsize() {
+    long bufsize = 0;
+
+    bufsize = sysconf(_SC_GETPW_R_SIZE_MAX);
+    if(bufsize < 0) {
+        bufsize = (16*1024);
+    }
+
+    return bufsize;
+}
+
+static int init_sdb_default_groups() {
+    struct passwd pwd;
+    char *buf = NULL;
+    long bufsize = 0;
+    int i = 0;
+
+    bufsize = get_passwd_bufsize();
+    buf = malloc(bufsize);
+    if (buf == NULL) {
+        D("failed to allocate passwd buf(%ld)\n", bufsize);
+        return -1;
+    }
+
+    for (i = 0; g_default_groups[i].name != NULL; i++) {
+        memset(buf, 0, bufsize);
+        if (sdbd_get_user_pwd(g_default_groups[i].name, &pwd, buf, bufsize) == 0) {
+            g_default_groups[i].gid = pwd.pw_gid;
+        } else {
+            D("get user passwd info.(errno: %d)\n", errno);
+            free(buf);
+            return -1;
+        }
+    }
+
+    free(buf);
+    return 0;
+}
+
 static int init_sdk_userinfo() {
     struct passwd pwd;
     char *buf = NULL;
@@ -1727,14 +1766,10 @@ static int init_sdk_userinfo() {
         return 0;
     }
 
-    bufsize = sysconf(_SC_GETPW_R_SIZE_MAX);
-    if(bufsize < 0) {
-        bufsize = (16*1024);
-    }
-
+    bufsize = get_passwd_bufsize();
     buf = malloc(bufsize);
     if (buf == NULL) {
-        D("failed to allocate passwd buf(%d)\n", bufsize);
+        D("failed to allocate passwd buf(%ld)\n", bufsize);
         return -1;
     }
 
@@ -1751,6 +1786,13 @@ static int init_sdk_userinfo() {
 
     free(buf);
 
+    if (init_sdb_default_groups() < 0) {
+        D("failed to initialize default groups.\n");
+        free(g_sdk_home_dir);
+        g_sdk_home_dir = NULL;
+        return -1;
+    }
+
     int env_size = strlen("HOME=") + strlen(g_sdk_home_dir) + 1;
     g_sdk_home_dir_env = malloc(env_size);
     if(g_sdk_home_dir_env == 0) {
@@ -1920,7 +1962,6 @@ static void init_capabilities(void) {
     snprintf(g_capabilities.zone_support, sizeof(g_capabilities.zone_support),
                 "%s", ret == 1 ? ENABLED : DISABLED);
 
-
     // Multi-User support
     // XXX: There is no clear way to determine whether multi-user support.
     // Since TZ_SYS_DEFAULT_USER is set to "owner" for multi-user support,
diff --git a/src/sdb.h b/src/sdb.h
index 074d165..21056b6 100644
--- a/src/sdb.h
+++ b/src/sdb.h
@@ -382,12 +382,6 @@ int booting_done; // 0: platform booting is in progess 1: platform booting is do
 // This is the users and groups config for the platform
 
 #define SID_ROOT        0    /* traditional unix root user */
-#define SID_TTY         5    /* group for /dev/ptmx */
-#define SID_APP         tzplatform_getuid(TZ_USER_NAME) /* application */
-#define SID_DEVELOPER   tzplatform_getuid(TZ_SDK_USER_NAME) /* developer with SDK */
-#define SID_APP_LOGGING 6509
-#define SID_SYS_LOGGING 6527
-#define SID_INPUT       1004
 
 #define SDK_USER_NAME   tzplatform_getenv(TZ_SDK_USER_NAME)
 #define SDK_TOOL_PATH   tzplatform_getenv(TZ_SDK_TOOLS)