From: Igor Kotrasinski <i.kotrasinsk@partner.samsung.com>
Date: Tue, 10 Jul 2018 09:50:11 +0000 (+0200)
Subject: Put debugproxy in a systemd service
X-Git-Tag: submit/tizen/20180828.110226~13
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=7bf57381d26c68d4fb1e29437dd87a53e1536c63;p=platform%2Fcore%2Fsecurity%2Ftef-simulator.git

Put debugproxy in a systemd service

Change-Id: I3813e9a2727333d3d7f8bd8f025bf262f1eda28f
Signed-off-by: Igor Kotrasinski <i.kotrasinsk@partner.samsung.com>
---

diff --git a/packaging/tef-simulator.spec b/packaging/tef-simulator.spec
index 7d301a6..08a9162 100644
--- a/packaging/tef-simulator.spec
+++ b/packaging/tef-simulator.spec
@@ -106,6 +106,10 @@ cp include/include/LICENSE LICENSE.BSD
 if [ $1 -gt 1 ] ; then
     systemctl stop tef-simulator.socket
     systemctl stop tef-simulator.service
+    if systemctl list-unit-files tef-simulator-debugproxy.service | grep tef-simulator ; then
+        systemctl stop tef-simulator-debugproxy.socket
+        systemctl stop tef-simulator-debugproxy.service
+    fi
 fi
 
 %post
@@ -127,6 +131,9 @@ if [ $1 -eq 0 ] ; then
     systemctl stop tef-simulator.socket
     systemctl stop tef-simulator.service
     systemctl disable tef-simulator.socket
+    systemctl stop tef-simulator-debugproxy.socket
+    systemctl stop tef-simulator-debugproxy.service
+    systemctl disable tef-simulator-debugproxy.socket
 fi
 
 %postun
@@ -149,6 +156,8 @@ fi
 %attr(770,root,security_fw) %{tastore_dir}
 %attr(444,security_fw,security_fw) %{_unitdir}/tef-simulator.service
 %attr(444,security_fw,security_fw) %{_unitdir}/tef-simulator.socket
+%attr(444,security_fw,security_fw) %{_unitdir}/tef-simulator-debugproxy.service
+%attr(444,security_fw,security_fw) %{_unitdir}/tef-simulator-debugproxy.socket
 %attr(755,security_fw,security_fw) %{lib_dir}/tef/simulator/libteec.so
 %attr(770,root,security_fw) %{talog_dir}
 %attr(770,root,security_fw) %{storage_dir}
diff --git a/simulatordaemon/debugproxy/README b/simulatordaemon/debugproxy/README
index 7e10580..bebf36a 100644
--- a/simulatordaemon/debugproxy/README
+++ b/simulatordaemon/debugproxy/README
@@ -26,7 +26,7 @@ Solution
 ==================
 - Make a new daemon - tef-simulator-debugproxy
 - Runs with `System` label, as `security_fw` user, exposes a
-  `/var/run/tef-simulator-debugproxy` socket
+  `/var/run/simdaemon-debugproxy` socket
 - The socket has a `security_fw` owner and group, `0660` permissions
 - When launching a TA in debug mode, tef-simulator opens the debugproxy socket
   and tells the debugproxy which port it should listen to
diff --git a/simulatordaemon/debugproxy/src/main.cpp b/simulatordaemon/debugproxy/src/main.cpp
index cb3f748..ab7c69f 100644
--- a/simulatordaemon/debugproxy/src/main.cpp
+++ b/simulatordaemon/debugproxy/src/main.cpp
@@ -1,3 +1,6 @@
+#include <unistd.h>
+
 int main() {
-	return 0;
+	while (true)
+		sleep(1);
 }
diff --git a/systemd/CMakeLists.txt b/systemd/CMakeLists.txt
index 57f288d..1120edb 100644
--- a/systemd/CMakeLists.txt
+++ b/systemd/CMakeLists.txt
@@ -19,10 +19,14 @@
 
 CONFIGURE_FILE(${CMAKE_SOURCE_DIR}/systemd/tef-simulator.service.in
                ${CMAKE_SOURCE_DIR}/systemd/tef-simulator.service @ONLY)
+CONFIGURE_FILE(${CMAKE_SOURCE_DIR}/systemd/tef-simulator-debugproxy.service.in
+               ${CMAKE_SOURCE_DIR}/systemd/tef-simulator-debugproxy.service @ONLY)
 
 INSTALL(FILES
     ${CMAKE_SOURCE_DIR}/systemd/tef-simulator.service
     ${CMAKE_SOURCE_DIR}/systemd/tef-simulator.socket
+    ${CMAKE_SOURCE_DIR}/systemd/tef-simulator-debugproxy.service
+    ${CMAKE_SOURCE_DIR}/systemd/tef-simulator-debugproxy.socket
     DESTINATION
     ${SYSTEMD_UNIT_DIR}
 )
diff --git a/systemd/tef-simulator-debugproxy.service.in b/systemd/tef-simulator-debugproxy.service.in
new file mode 100644
index 0000000..a16917d
--- /dev/null
+++ b/systemd/tef-simulator-debugproxy.service.in
@@ -0,0 +1,15 @@
+[Unit]
+Description=TEF Simulator Daemon debug proxy
+Requires=tef-simulator-debugproxy.socket
+DefaultDependencies=no
+
+[Service]
+User=security_fw
+Group=security_fw
+CapabilityBoundingSet=
+SmackProcessLabel=System
+ExecStart=@SYSTEMD_CFG_BIN_DIR@/tef-simulator-debugproxy
+RuntimeDirectory=@SERVICE_NAME@
+
+[Install]
+WantedBy=multi-user.target
diff --git a/systemd/tef-simulator-debugproxy.socket b/systemd/tef-simulator-debugproxy.socket
new file mode 100644
index 0000000..42f1a4b
--- /dev/null
+++ b/systemd/tef-simulator-debugproxy.socket
@@ -0,0 +1,10 @@
+[Socket]
+ListenStream=/var/run/simdaemon-debugproxy
+SocketMode=0660
+SocketGroup=security_fw
+SocketUser=sdk
+SmackLabelIPIn=System::TEF
+SmackLabelIPOut=@
+
+[Install]
+WantedBy=sockets.target
diff --git a/systemd/tef-simulator.service.in b/systemd/tef-simulator.service.in
index 47f33af..6078ce7 100644
--- a/systemd/tef-simulator.service.in
+++ b/systemd/tef-simulator.service.in
@@ -1,6 +1,7 @@
 [Unit]
 Description=TEF Simulator Daemon
 DefaultDependencies=no
+Requires=tef-simulator-debugproxy.socket
 
 [Service]
 User=security_fw