From: jin-gyu.kim <jin-gyu.kim@samsung.com>
Date: Mon, 29 Apr 2019 04:56:03 +0000 (+0900)
Subject: Updating UID column of policy DB in upgrade script.
X-Git-Tag: submit/tizen_5.0/20190620.044749~1
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=8a19a39ed97854bc16948f10f927c1331e6909f5;p=platform%2Fcore%2Fsecurity%2Fsecurity-config.git

Updating UID column of policy DB in upgrade script.

- Global UID could be different while upgrading the image.
- Get global UID by referring tizen-platform.conf.

Change-Id: Ic42c503bb82987dcbc2eb69e5585e68f7a1286fd
---

diff --git a/upgrade/201.security_upgrade.sh b/upgrade/201.security_upgrade.sh
index 144e7ea..c8d3c4c 100644
--- a/upgrade/201.security_upgrade.sh
+++ b/upgrade/201.security_upgrade.sh
@@ -1,6 +1,7 @@
 #!/bin/sh
 
 PATH=/bin:/usr/bin:/sbin:/usr/sbin
+. /etc/tizen-platform.conf
 
 # Init security-configuration
 /usr/share/security-config/group_id_setting
@@ -15,8 +16,12 @@ PATH=/bin:/usr/bin:/sbin:/usr/sbin
 # Migration of security-manager DB
 /usr/share/security-manager/db/update.sh
 
-# update global uid in security-manager DB (old : 376, new : 201)
-sqlite3 /opt/dbspace/.security-manager.db "UPDATE user_app SET uid="201" WHERE uid="376";"
+# update global uid in security-manager DB & policy DB (old : 376, new : 201)
+# assume that uid < 2000 in security-manager db indicates global user
+global_uid=$(getent passwd $TZ_SYS_GLOBALAPP_USER  | cut -d ":" -f 3)
+sqlite3 /opt/dbspace/.security-manager.db "UPDATE user_app SET uid=$global_uid WHERE uid<2000;"
+sqlite3 /opt/dbspace/.policy.db "UPDATE disable_list SET UID=$global_uid WHERE UID<2000;"
+sqlite3 /opt/dbspace/.policy.db "UPDATE prevent_list SET UID=$global_uid WHERE UID<2000;"
 
 # start cynara & security-manager
 systemctl start cynara