From: Lukasz Wojciechowski Date: Thu, 15 May 2014 14:30:35 +0000 (+0200) Subject: Change socket paths from /tmp... to /run... X-Git-Tag: submit/tizen/20140521.102910~1^2 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=a24dcaab51fe2d235b196caa8799a55e74625d67;p=platform%2Fcore%2Fsecurity%2Fsecurity-server.git Change socket paths from /tmp... to /run... [Cause] Sockets should not be created in /tmp folder [Solution] Change systemd socket description and protocol defines [Verification] Build and install Security Server. Check if sockets created by systemd are placed in: /run/security-server and /run/security-manager Change-Id: I3f480808d2d3f1bd78b8713d795602da7ccc7dfb Signed-off-by: Lukasz Wojciechowski --- diff --git a/src/server/common/protocols.cpp b/src/server/common/protocols.cpp index 9bed7e3..42896f4 100644 --- a/src/server/common/protocols.cpp +++ b/src/server/common/protocols.cpp @@ -25,28 +25,34 @@ #include #include + namespace SecurityServer { +#define SOCKET_PATH_PREFIX "/run/" +#define SOCKET_PATH_PREFIX_SECURITY_SERVER SOCKET_PATH_PREFIX "security-server/" +#define SOCKET_PATH_PREFIX_SECURITY_MANAGER SOCKET_PATH_PREFIX "security-manager/" + char const * const SERVICE_SOCKET_SHARED_MEMORY = - "/tmp/.security-server-api-data-share.sock"; + SOCKET_PATH_PREFIX_SECURITY_SERVER "security-server-api-data-share.socket"; char const * const SERVICE_SOCKET_GET_GID = - "/tmp/.security-server-api-get-gid.sock"; + SOCKET_PATH_PREFIX_SECURITY_SERVER "security-server-api-get-gid.socket"; char const * const SERVICE_SOCKET_PRIVILEGE_BY_PID = - "/tmp/.security-server-api-privilege-by-pid.sock"; + SOCKET_PATH_PREFIX_SECURITY_SERVER "security-server-api-privilege-by-pid.socket"; char const * const SERVICE_SOCKET_APP_PRIVILEGE_BY_NAME = - "/tmp/.security-server-api-app-privilege-by-name.sock"; + SOCKET_PATH_PREFIX_SECURITY_SERVER "security-server-api-app-privilege-by-name.socket"; char const * const SERVICE_SOCKET_COOKIE_GET = - "/tmp/.security-server-api-cookie-get.sock"; + SOCKET_PATH_PREFIX_SECURITY_SERVER "security-server-api-cookie-get.socket"; char const * const SERVICE_SOCKET_COOKIE_CHECK = - "/tmp/.security-server-api-cookie-check.sock"; + SOCKET_PATH_PREFIX_SECURITY_SERVER "security-server-api-cookie-check.socket"; char const * const SERVICE_SOCKET_PASSWD_CHECK = - "/tmp/.security-server-api-password-check.sock"; + SOCKET_PATH_PREFIX_SECURITY_SERVER "security-server-api-password-check.socket"; char const * const SERVICE_SOCKET_PASSWD_SET = - "/tmp/.security-server-api-password-set.sock"; + SOCKET_PATH_PREFIX_SECURITY_SERVER "security-server-api-password-set.socket"; char const * const SERVICE_SOCKET_PASSWD_RESET = - "/tmp/.security-server-api-password-reset.sock"; + SOCKET_PATH_PREFIX_SECURITY_SERVER "security-server-api-password-reset.socket"; + char const * const SERVICE_SOCKET_INSTALLER = - "/tmp/.security-manager-installer.sock"; + SOCKET_PATH_PREFIX_SECURITY_MANAGER"/tmp/.security-manager-installer.socket"; const size_t COOKIE_SIZE = 20; diff --git a/systemd/security-manager-installer.socket b/systemd/security-manager-installer.socket index ac85faf..834a11f 100644 --- a/systemd/security-manager-installer.socket +++ b/systemd/security-manager-installer.socket @@ -1,5 +1,5 @@ [Socket] -ListenStream=/tmp/.security-manager-installer.sock +ListenStream=/run/security-manager/security-manager-installer.socket SocketMode=0777 SmackLabelIPIn=* SmackLabelIPOut=@ diff --git a/systemd/security-server-app-privilege-by-name.socket b/systemd/security-server-app-privilege-by-name.socket index da595c3..0b4e9f4 100644 --- a/systemd/security-server-app-privilege-by-name.socket +++ b/systemd/security-server-app-privilege-by-name.socket @@ -1,5 +1,5 @@ [Socket] -ListenStream=/tmp/.security-server-api-app-privilege-by-name.sock +ListenStream=/run/security-server/security-server-api-app-privilege-by-name.socket SocketMode=0777 SmackLabelIPIn=* SmackLabelIPOut=@ diff --git a/systemd/security-server-cookie-check.socket b/systemd/security-server-cookie-check.socket index 0f889a4..58d09a0 100644 --- a/systemd/security-server-cookie-check.socket +++ b/systemd/security-server-cookie-check.socket @@ -1,5 +1,5 @@ [Socket] -ListenStream=/tmp/.security-server-api-cookie-check.sock +ListenStream=/run/security-server/security-server-api-cookie-check.socket SocketMode=0777 SmackLabelIPIn=* SmackLabelIPOut=@ diff --git a/systemd/security-server-cookie-get.socket b/systemd/security-server-cookie-get.socket index 899501e..193b5f8 100644 --- a/systemd/security-server-cookie-get.socket +++ b/systemd/security-server-cookie-get.socket @@ -1,5 +1,5 @@ [Socket] -ListenStream=/tmp/.security-server-api-cookie-get.sock +ListenStream=/run/security-server/security-server-api-cookie-get.socket SocketMode=0777 SmackLabelIPIn=* SmackLabelIPOut=@ diff --git a/systemd/security-server-data-share.socket b/systemd/security-server-data-share.socket index bd858c6..82a8d36 100644 --- a/systemd/security-server-data-share.socket +++ b/systemd/security-server-data-share.socket @@ -1,5 +1,5 @@ [Socket] -ListenStream=/tmp/.security-server-api-data-share.sock +ListenStream=/run/security-server/security-server-api-data-share.socket SocketMode=0777 SmackLabelIPIn=* SmackLabelIPOut=@ diff --git a/systemd/security-server-get-gid.socket b/systemd/security-server-get-gid.socket index 0a0852c..3cca2c1 100644 --- a/systemd/security-server-get-gid.socket +++ b/systemd/security-server-get-gid.socket @@ -1,5 +1,5 @@ [Socket] -ListenStream=/tmp/.security-server-api-get-gid.sock +ListenStream=/run/security-server/security-server-api-get-gid.socket SocketMode=0777 SmackLabelIPIn=* SmackLabelIPOut=@ diff --git a/systemd/security-server-password-check.socket b/systemd/security-server-password-check.socket index d3ac5d5..be9c2fb 100644 --- a/systemd/security-server-password-check.socket +++ b/systemd/security-server-password-check.socket @@ -1,5 +1,5 @@ [Socket] -ListenStream=/tmp/.security-server-api-password-check.sock +ListenStream=/run/security-server/security-server-api-password-check.socket SocketMode=0777 SmackLabelIPIn=* SmackLabelIPOut=@ diff --git a/systemd/security-server-password-reset.socket b/systemd/security-server-password-reset.socket index 377d722..37caf4f 100644 --- a/systemd/security-server-password-reset.socket +++ b/systemd/security-server-password-reset.socket @@ -1,5 +1,5 @@ [Socket] -ListenStream=/tmp/.security-server-api-password-reset.sock +ListenStream=/run/security-server/security-server-api-password-reset.socket SocketMode=0777 SmackLabelIPIn=* SmackLabelIPOut=@ diff --git a/systemd/security-server-password-set.socket b/systemd/security-server-password-set.socket index 0dee1e7..1c0f2ed 100644 --- a/systemd/security-server-password-set.socket +++ b/systemd/security-server-password-set.socket @@ -1,5 +1,5 @@ [Socket] -ListenStream=/tmp/.security-server-api-password-set.sock +ListenStream=/run/security-server/security-server-api-password-set.socket SocketMode=0777 SmackLabelIPIn=* SmackLabelIPOut=@ diff --git a/systemd/security-server-privilege-by-pid.socket b/systemd/security-server-privilege-by-pid.socket index 8fd46f2..1b38aa5 100644 --- a/systemd/security-server-privilege-by-pid.socket +++ b/systemd/security-server-privilege-by-pid.socket @@ -1,5 +1,5 @@ [Socket] -ListenStream=/tmp/.security-server-api-privilege-by-pid.sock +ListenStream=/run/security-server/security-server-api-privilege-by-pid.socket SocketMode=0777 SmackLabelIPIn=* SmackLabelIPOut=@