From: jin-gyu.kim Date: Wed, 29 Apr 2020 02:08:13 +0000 (+0900) Subject: Add IoT headed / IoT headless profiles. X-Git-Tag: submit/tizen/20200507.072454~1 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=b6710f10f4f912c62f97b50dfcd5c075343f55bc;p=platform%2Fcore%2Fsecurity%2Fsecurity-config.git Add IoT headed / IoT headless profiles. - IoT headed : Enable askuser, Install IoT service lists - IoT headless : Disable askuser, Install IoT service lists TODO : Check IoT specific service lists later. Change-Id: I759cea1b85a18b7b750a08d5927ce17dcc7d7c81 --- diff --git a/config/mount_list/emulator/iot/additional_mount_list b/config/mount_list/emulator/iot/additional_mount_list new file mode 100644 index 0000000..e69de29 diff --git a/config/mount_list/target/iot/additional_mount_list b/config/mount_list/target/iot/additional_mount_list new file mode 100644 index 0000000..e69de29 diff --git a/packaging/security-config.spec b/packaging/security-config.spec index e00d810..853f742 100755 --- a/packaging/security-config.spec +++ b/packaging/security-config.spec @@ -38,6 +38,20 @@ Requires: security-config = %{version} %description profile_tv additional security tests and settings for tv profile +%package profile_iot_headed +Summary: Additional package for IoT headed Profile +Requires: security-config = %{version} + +%description profile_iot_headed +additional security tests and settings for tv profile + +%package profile_iot_headless +Summary: Additional package for IoT headless Profile +Requires: security-config = %{version} + +%description profile_iot_headless +additional security tests and settings for IoT headless profile + %prep %setup -q @@ -102,6 +116,21 @@ rm -r %{SECURITY_TEST_DIR}/new_service_test/list/ mv /usr/share/security-config/mount_list/tv/additional_mount_list /usr/share/security-config/additional_mount_list rm -r /usr/share/security-config/mount_list/ +%post profile_iot_headed +mv %{SECURITY_TEST_DIR}/new_service_test/list/iot/* %{SECURITY_TEST_DIR}/new_service_test/ +rm -rf %{SECURITY_TEST_DIR}/new_service_test/list/ +rm -f /opt/share/askuser_disable +chsmack -a "System::NoUse" /etc/smack/onlycap +mv /usr/share/security-config/mount_list/iot/additional_mount_list /usr/share/security-config/additional_mount_list +rm -r /usr/share/security-config/mount_list/ + +%post profile_iot_headless +mv %{SECURITY_TEST_DIR}/new_service_test/list/iot/* %{SECURITY_TEST_DIR}/new_service_test/ +rm -rf %{SECURITY_TEST_DIR}/new_service_test/list/ +chsmack -a "System::NoUse" /etc/smack/onlycap +mv /usr/share/security-config/mount_list/iot/additional_mount_list /usr/share/security-config/additional_mount_list +rm -r /usr/share/security-config/mount_list/ + %files %manifest %{_datadir}/%{name}.manifest %license LICENSE @@ -152,3 +181,22 @@ rm -r /usr/share/security-config/mount_list/ %license LICENSE %attr(755,root,root) %{SECURITY_TEST_DIR}/new_service_test/list/tv/* %attr(644,root,root) /usr/share/security-config/mount_list/tv/* + +%files profile_iot_headed +%license LICENSE +%attr(-,root,root) %{_unitdir}/security-config.service +%attr(-,root,root) %{_unitdir}/multi-user.target.wants/security-config.service +%attr(755,root,root) /usr/share/security-config/smack_default_labeling +%attr(644,root,root) /etc/smack/onlycap +%attr(755,root,root) %{SECURITY_TEST_DIR}/new_service_test/list/iot/* +%attr(644,root,root) /usr/share/security-config/mount_list/iot/* + +%files profile_iot_headless +%license LICENSE +%attr(-,root,root) %{_unitdir}/security-config.service +%attr(-,root,root) %{_unitdir}/multi-user.target.wants/security-config.service +%attr(755,root,root) /usr/share/security-config/smack_default_labeling +%attr(644,root,root) /etc/smack/onlycap +%attr(755,root,root) %{SECURITY_TEST_DIR}/new_service_test/list/iot/* +%attr(644,root,root) /usr/share/security-config/mount_list/iot/* + diff --git a/test/new_service_test/emulator/iot/dbus_service.list b/test/new_service_test/emulator/iot/dbus_service.list new file mode 100644 index 0000000..05efe4b --- /dev/null +++ b/test/new_service_test/emulator/iot/dbus_service.list @@ -0,0 +1,4 @@ +org.tizen.voice.ttsnotiserver.service +org.tizen.voice.ttssrserver.service +org.tizen.voice.ttsinterruptserver.service +org.tizen.voice.ttsserver.service diff --git a/test/new_service_test/emulator/iot/system_socket.list b/test/new_service_test/emulator/iot/system_socket.list new file mode 100644 index 0000000..dbef325 --- /dev/null +++ b/test/new_service_test/emulator/iot/system_socket.list @@ -0,0 +1,49 @@ +;sdbd_tcp.socket;;;;*;@; +;connman.socket;;;;*;@; +;systemd-udevd-kernel.socket;;;;;; +;device-certificate-manager.socket;;;0777;*;@; +;nfc-manager.socket;;;0777;*;@; +;cynara-admin.socket;;;0700;@;@; +;auth-fw-passwd-reset.socket;security_fw;security_fw;0777;*;@; +;central-key-manager-api-ocsp.socket;;;0777;*;@; +;msg-server.socket;messaging;messaging;;;; +;buxton2.socket;;;0777;*;@; +;device-policy-manager.socket;security_fw;security_fw;0777;*;@; +;ac.socket;;;0777;;; +;csr-cs.socket;;;0777;*;@; +;auth-fw-passwd-check.socket;security_fw;security_fw;0777;*;@; +;systemd-journald-audit.socket;;;;;; +;tef-simulator-debugproxy.socket;sdk;security_fw;0660;System::TEF;@; +;browser-provider.socket;;;0777;;; +;auth-fw-passwd-policy.socket;security_fw;security_fw;0777;*;@; +;systemd-udevd-control.socket;;;0600;;; +;download-provider.socket;;;0777;;; +;cert-server.socket;security_fw;security_fw;0777;;; +;ode.socket;;;;*;@; +;csr-admin.socket;;;0777;*;@; +;swap_manager.socket;owner;users;;*;@; +;syslog.socket;;;0666;;; +;security-manager.socket;;;0777;*;@; +;tef-simulator.socket;;priv_tee_client;0060;System;@; +;tef-simulator.socket;;;0770;*;@; +;systemd-journald-dev-log.socket;;;0666;;; +;audit-trail.socket;security_fw;security_fw;0755;*;@; +;auth-fw-passwd-set.socket;security_fw;security_fw;0777;*;@; +;central-key-manager-api-encryption.socket;;;0777;*;@; +;sdbd.socket;;;;;; +;csr-wp.socket;;;0777;*;@; +;cynara.socket;;;0777;*;@; +;mediacontroller.socket;multimedia_fw;multimedia_fw;;;; +;central-key-manager-api-control.socket;;;0777;*;@; +;usb-host-test.socket;;;;;; +;systemd-journald.socket;;;0666;;; +;privacy-guard-server.socket;security_fw;security_fw;0777;;; +;cynara-monitor-get.socket;;security_fw;0060;@;@; +;dbus.socket;;;;*;@; +;cynara-agent.socket;;security_fw;0060;*;@; +;central-key-manager-api-storage.socket;;;0777;*;@; +;sensord.socket;sensor;input;0777;*;@; +;systemd-initctl.socket;;;0600;;; +;cert-checker.socket;security_fw;security_fw;0777;;; +;mtp-responder-dummy.socket;;;;;; + diff --git a/test/new_service_test/emulator/iot/systemd_service.list b/test/new_service_test/emulator/iot/systemd_service.list new file mode 100755 index 0000000..d36e3fe --- /dev/null +++ b/test/new_service_test/emulator/iot/systemd_service.list @@ -0,0 +1,197 @@ +;ac.service;app_fw;app_fw;System; +;accounts-service.service;service_fw;service_fw;System; +;actd.service;root;root;System; +;alarm-server.service;app_fw;app_fw;System; +;app2sd-server.service;root;root;System; +;asp-manager.service;network_fw;network_fw;System; +;audit-trail.service;security_fw;security_fw;System; +;auth-fw.service;security_fw;security_fw;System; +;bluetooth-address.service;network_fw;network_fw;System; +;bluetooth-force-hci-logger.service;network_fw;network_fw;System; +;bluetooth-frwk.service;network_fw;network_fw;System; +;bluetooth-frwk-core.service;network_fw;network_fw;System; +;bluetooth-hci-down.service;network_fw;network_fw;System; +;bluetooth-hci-dump@.service;network_fw;network_fw;System; +;bluetooth-hci-logger.service;network_fw;network_fw;System; +;bluetooth-hci-logger-stop.service;network_fw;network_fw;System; +;bluetooth-hci-up.service;network_fw;network_fw;System; +;bluetooth-map-agent.service;network_fw;network_fw;System; +;bluetooth-pbap-agent.service;network_fw;network_fw;System; +;bluetooth-share.service;network_fw;network_fw;System; +;bluetooth-share-start.service;network_fw;network_fw;System; +;bluetooth-stack-down.service;root;root;System; +;bluetooth-stack-down-with-radio.service;network_fw;network_fw;System; +;bluetooth-stack-up.service;network_fw;network_fw;System; +;bluez-start.service;network_fw;network_fw;System; +;booting-done.service;system_fw;system_fw;System; +;boot-animation.service;application;application;System; +;browser-provider.service;web_fw;web_fw;System; +;buxton2.service;buxton;buxton;System; +;callmgr.service;telephony;telephony;System; +;capi-ui-sticker.service;ui_fw;ui_fw;System; +;capmgr.service;app_fw;app_fw;System; +;central-key-manager.service;key-manager;security_fw;System; +;cert-checker.service;security_fw;security_fw;System; +;cert-server.service;security_fw;security_fw;System; +;chromium-efl.service;root;root;System::Privileged; +;chromium-efl-install.service;web_fw;web_fw;System; +;chromium-efl-update.service;root;root;System::Privileged; +;connman-vpn.service;network_fw;network_fw;System; +;connman.service;network_fw;network_fw;System; +;console-getty.service;root;root;System; +;console-shell.service;root;root;System; +;container-getty@.service;root;root;System; +;contextd.service;service_fw;service_fw;System; +;crash-service.service;crash_worker;crash_worker;System; +;csr.service;security_fw;security_fw;System; +;cynara.service;cynara;cynara;System; +;data-provider-master.service;app_fw;app_fw;System; +;dbus.service;dbus;dbus;System; +;debug-shell.service;root;root;System; +;device-certificate-manager.service;security_fw;security_fw;System; +;device-policy-manager.service;security_fw;security_fw;System; +;device-policy-syspopup.service;security_fw;security_fw;System; +;deviced.service;root;root;System::Privileged; +;display-manager.service;root;root;System; +;display-manager-monitor.service;graphic_fw;graphic_fw;System; +;dlog_cleanup.service;log;log;System; +;dlog_logger.service;log;log;System; +;download-provider.service;web_fw;web_fw;System; +;dummyasm.service;service_fw;service_fw;System; +;dumpsys-service.service;log;log;System; +;edge-orchestration.service;system_fw;system_fw;System; +;emergency.service;root;root;System; +;emuld.service;root;root;System::Privileged; +;emul-common-preinit.service;service_fw;service_fw;System; +;emul-setup-audio-volume.service;service_fw;service_fw;System; +;esd.service;app_fw;app_fw;System; +;faultd.service;root;root;System; +;feedbackd.service;system_fw;system_fw;System; +;fido.service;service_fw;service_fw;System; +;fido-asm.service;service_fw;service_fw;System; +;fido-bt-roaming-agent.service;service_fw;service_fw;System; +;focus-server.service;multimedia_fw;multimedia_fw;System; +;getty@.service;root;root;User::Shell; +;gumd.service;root;root;System::Privileged; +;gumd.service;root;root;System; +;init-update.service;root;root;System::Privileged; +;initrd-cleanup.service;root;root;System; +;initrd-parse-etc.service;root;root;System; +;initrd-switch-root.service;root;root;System; +;initrd-udevadm-cleanup-db.service;root;root;System; +;inm-manager.service;network_fw;network_fw;System; +;kmod-static-nodes.service;root;root;System; +;krate.service;root;root;System; +;lbs-server.service;location;location;System; +;ldconfig.service;root;root;System; +;license-manager-agent.service;security_fw;security_fw;System; +;log_dump.service;root;root;System; +;log_dump.service;system_fw;system_fw;System; # conditionaly used +;mdgd.service;network_fw;network_fw;System; +;media-server.service;multimedia_fw;multimedia_fw;System; +;mediacontroller.service;multimedia_fw;multimedia_fw;System; +;mm-resource-managerd.service;multimedia_fw;multimedia_fw;System; +;mobileap-agent.service;network_fw;network_fw;System; +;modes.service;system_fw;system_fw;System; +;msg-server.service;messaging;messaging;System; +;mtp-responder-dummy.service;network_fw;network_fw;System; +;murphyd.service;multimedia_fw;multimedia_fw;System; +;muse-server.service;multimedia_fw;multimedia_fw;System; +;net-config.service;network_fw;network_fw;System; +;nether.service;security_fw;security_fw;System; +;nfc-manager.service;network_fw;network_fw;System; +;ode.service;root;root;System::Privileged; +;ode-progress-ui@.service;application;application;System; +;offline-update.service;root;root;System::Privileged; +;opt-usr-fsck.service;system_fw;disk;System; +;package-manager.service;app_fw;app_fw;System; +;package-recovery.service;app_fw;app_fw;System; +;pass.service;system_fw;system_fw;System; +;phonenumber-utils.service;service_fw;service_fw;System; +;pkg-db-recovery.service;root;root;System; +;pkgdir-tool.service;app_fw;app_fw;System; +;privacy-guard-server.service;security_fw;security_fw;System; +;pulseaudio.service;root;root;System; +;pushd.service;service_fw;service_fw;System; +;quotaon.service;root;root;System; +;rescue.service;root;root;System; +;resize2fs@.service;root;root;System; +;resourced.service;root;root;System; +;rndis.service;network_fw;network_fw;System; +;scmirroring.server.service;multimedia_fw;multimedia_fw;System; +;sdbd.service;sdk;sdk;System; +;sdbd_tcp.service;sdk;sdk;System; +;security-config.service;root;root;System::Privileged; +;security-manager-cleanup.service;root;root;System::Privileged; +;security-manager-rules-loader.service;root;root;System::Privileged; +;security-manager.service;root;root;System::Privileged; +;sensord.service;sensor;input;System; +;serial-getty@.service;root;root;User::Shell; +;shutdown-animation.service;application;application;System; +;sound-server.service;multimedia_fw;multimedia_fw;System; +;stability-monitor.service;stability_monitor;stability_monitor;System; +;stc-iptables.service;network_fw;network_fw;System; +;stc-manager.service;root;root;System; +;storaged.service;root;root;System::Privileged; +;swap_manager.service;system_fw;system_fw;System; +;sys-kernel-tracing.service;system_fw;system_fw;System; +;system-default-target-done.service;system_fw;system_fw;System; +;system-delayed-target-done.service;system_fw;system_fw;System; +;system-delayed-target-trigger.service;root;root;System; +;system-popup.service;system_fw;system_fw;System; +;systemd-ask-password-console.service;root;root;System; +;systemd-ask-password-wall.service;root;root;System; +;systemd-binfmt.service;root;root;System; +;systemd-exit.service;root;root;System; +;systemd-fsck-root.service;root;root;System; +;systemd-fsck@.service;root;root;System; +;systemd-halt.service;root;root;System; +;systemd-hibernate-resume@.service;root;root;System; +;systemd-hibernate.service;root;root;System; +;systemd-hwdb-update.service;root;root;System; +;systemd-hybrid-sleep.service;root;root;System; +;systemd-initctl.service;root;root;System; +;systemd-journal-catalog-update.service;root;root;System; +;systemd-journal-flush.service;root;root;System; +;systemd-journald.service;root;root;System; +;systemd-kexec.service;root;root;System; +;systemd-localed.service;root;root;System; +;systemd-logind.service;root;root;System::Privileged; +;systemd-machine-id-commit.service;root;root;System; +;systemd-modules-load.service;root;root;System; +;systemd-nspawn@.service;root;root;System; +;systemd-poweroff.service;root;root;System; +;systemd-quotacheck.service;root;root;System; +;systemd-reboot.service;root;root;System; +;systemd-remount-fs.service;root;root;System; +;systemd-suspend.service;root;root;System; +;systemd-sysctl.service;root;root;System; +;systemd-tmpfiles-setup-dev.service;root;root;System::Privileged; +;systemd-tmpfiles-setup.service;root;root;System::Privileged; +;systemd-udev-settle.service;root;root;System; +;systemd-udev-trigger.service;root;root;System; +;systemd-udevd.service;root;root;System::Privileged; +;systemd-update-done.service;root;root;System; +;systemd-update-utmp-runlevel.service;root;root;System; +;systemd-update-utmp.service;root;root;System; +;systemd-user-sessions.service;root;root;System; +;systemd-vconsole-setup.service;root;root;System; +;tef-simulator.service;security_fw;security_fw;System::TEF; +;telephony-daemon.service;telephony;telephony;System; +;tizen-system-env.service;root;root;System; +;tizenid.service;system_fw;system_fw;System; +;tlm.service;root;root;User; +;ttrace-marker.service;system_fw;system_fw;System; +;ua-manager.service;network_fw;network_fw;System; +;udev-sdb-init.service;root;root;System; +;usb-host-ffs-test-daemon.service;system_fw;system_fw;System; +;user@.service;%i;users;User; +;user-runtime-dir@.service;root;root;System::Privileged; +;__user@.service;%i;;User; +;vmodem-x86.service;root;root;System::Privileged; +;wait-mount@.service;system_fw;system_fw;System; +;wait-mount@opt-usr.service;system_fw;system_fw;System; +;webappenc-initializer.service;security_fw;security_fw;System; +;wifi-direct-manager.service;network_fw;network_fw;System; +;wmeshd.service;network_fw;network_fw;System; +;zigbee-daemon.service;network_fw;network_fw;System; diff --git a/test/new_service_test/target/iot/dbus_service.list b/test/new_service_test/target/iot/dbus_service.list new file mode 100644 index 0000000..05efe4b --- /dev/null +++ b/test/new_service_test/target/iot/dbus_service.list @@ -0,0 +1,4 @@ +org.tizen.voice.ttsnotiserver.service +org.tizen.voice.ttssrserver.service +org.tizen.voice.ttsinterruptserver.service +org.tizen.voice.ttsserver.service diff --git a/test/new_service_test/target/iot/system_socket.list b/test/new_service_test/target/iot/system_socket.list new file mode 100644 index 0000000..e48fc5a --- /dev/null +++ b/test/new_service_test/target/iot/system_socket.list @@ -0,0 +1,46 @@ +;ac.socket;;;0777;;; +;central-key-manager-api-control.socket;;;0777;*;@; +;systemd-journald-audit.socket;;;;;; +;systemd-udevd-control.socket;;;0600;;; +;systemd-udevd-kernel.socket;;;;;; +;systemd-initctl.socket;;;0600;;; +;cynara-monitor-get.socket;;security_fw;0060;@;@; +;cynara.socket;;;0777;*;@; +;audit-trail.socket;security_fw;security_fw;0755;*;@; +;central-key-manager-api-ocsp.socket;;;0777;*;@; +;usb-host-test.socket;;;;;; +;download-provider.socket;;;0777;;; +;browser-provider.socket;;;0777;;; +;central-key-manager-api-encryption.socket;;;0777;*;@; +;auth-fw-passwd-policy.socket;security_fw;security_fw;0777;*;@; +;msg-server.socket;messaging;messaging;;;; +;cynara-agent.socket;;security_fw;0060;*;@; +;cert-checker.socket;security_fw;security_fw;0777;;; +;security-manager.socket;;;0777;*;@; +;swap_manager.socket;owner;users;;*;@; +;csr-admin.socket;;;0777;*;@; +;sensord.socket;sensor;input;0777;*;@; +;syslog.socket;;;0666;;; +;connman.socket;;;;*;@; +;dbus.socket;;;;*;@; +;trm.socket;system_fw;system_fw;;*;@; +;auth-fw-passwd-check.socket;security_fw;security_fw;0777;*;@; +;ode.socket;;;;*;@; +;device-certificate-manager.socket;;;0777;*;@; +;sdbd_tcp.socket;;;;*;@; +;sdbd.socket;;;;;; +;cynara-admin.socket;;;0700;@;@; +;auth-fw-passwd-set.socket;security_fw;security_fw;0777;*;@; +;buxton2.socket;;;0777;*;@; +;csr-cs.socket;;;0777;*;@; +;mediacontroller.socket;multimedia_fw;multimedia_fw;;;; +;auth-fw-passwd-reset.socket;security_fw;security_fw;0777;*;@; +;privacy-guard-server.socket;security_fw;security_fw;0777;;; +;systemd-journald-dev-log.socket;;;0666;;; +;central-key-manager-api-storage.socket;;;0777;*;@; +;csr-wp.socket;;;0777;*;@; +;mtp-responder.socket;;;;;; +;cert-server.socket;security_fw;security_fw;0777;;; +;device-policy-manager.socket;security_fw;security_fw;0777;*;@; +;systemd-journald.socket;;;0666;;; +;mtp-responder-dummy.socket;;;;;; diff --git a/test/new_service_test/target/iot/systemd_service.list b/test/new_service_test/target/iot/systemd_service.list new file mode 100644 index 0000000..0e8f122 --- /dev/null +++ b/test/new_service_test/target/iot/systemd_service.list @@ -0,0 +1,210 @@ +;ac.service;app_fw;app_fw;System; +;accounts-service.service;service_fw;service_fw;System; +;actd.service;root;root;System; +;alarm-server.service;app_fw;app_fw;System; +;app2sd-server.service;root;root;System; +;asp-manager.service;network_fw;network_fw;System; +;audit-trail.service;security_fw;security_fw;System; +;auth-fw.service;security_fw;security_fw;System; +;bluetooth-address.service;network_fw;network_fw;System; +;bluetooth-ag-agent.service;network_fw;network_fw;System; +;bluetooth-force-hci-logger.service;network_fw;network_fw;System; +;bluetooth-frwk.service;network_fw;network_fw;System; +;bluetooth-frwk-core.service;network_fw;network_fw;System; +;bluetooth-hci-device.service;root;root;System; +;bluetooth-hci-down.service;network_fw;network_fw;System; +;bluetooth-hci-dump@.service;network_fw;network_fw;System; +;bluetooth-hci-logger.service;network_fw;network_fw;System; +;bluetooth-hci-logger-stop.service;network_fw;network_fw;System; +;bluetooth-hci-up.service;network_fw;network_fw;System; +;bluetooth-hciattach@.service;root;root;System; +;bluetooth-map-agent.service;network_fw;network_fw;System; +;bluetooth-pbap-agent.service;network_fw;network_fw;System; +;bluetooth-share.service;network_fw;network_fw;System; +;bluetooth-share-start.service;network_fw;network_fw;System; +;bluetooth-stack-down.service;root;root;System; +;bluetooth-stack-down-with-radio.service;network_fw;network_fw;System; +;bluetooth-stack-up.service;network_fw;network_fw;System; +;bluez-start.service;network_fw;network_fw;System; +;booting-done.service;system_fw;system_fw;System; +;boot-animation.service;application;application;System; +;browser-provider.service;web_fw;web_fw;System; +;buxton2.service;buxton;buxton;System; +;callmgr.service;telephony;telephony;System; +;capi-ui-sticker.service;ui_fw;ui_fw;System; +;capmgr.service;app_fw;app_fw;System; +;central-key-manager.service;key-manager;security_fw;System; +;cert-checker.service;security_fw;security_fw;System; +;cert-server.service;security_fw;security_fw;System; +;chromium-efl.service;root;root;System::Privileged; +;chromium-efl-install.service;web_fw;web_fw;System; +;chromium-efl-update.service;root;root;System::Privileged; +;clat.service;network_fw;network_fw;System; +;connman-vpn.service;network_fw;network_fw;System; +;connman.service;network_fw;network_fw;System; +;console-getty.service;root;root;System; +;console-shell.service;root;root;System; +;container-getty@.service;root;root;System; +;contextd.service;service_fw;service_fw;System; +;crash-service.service;crash_worker;crash_worker;System; +;csr.service;security_fw;security_fw;System; +;cynara.service;cynara;cynara;System; +;data-provider-master.service;app_fw;app_fw;System; +;dbus.service;dbus;dbus;System; +;debug-shell.service;root;root;System; +;device-certificate-manager.service;security_fw;security_fw;System; +;device-policy-manager.service;security_fw;security_fw;System; +;device-policy-syspopup.service;security_fw;security_fw;System; +;deviced.service;root;root;System::Privileged; +;display-manager.service;root;root;System; +;display-manager-monitor.service;graphic_fw;graphic_fw;System; +;dlog_cleanup.service;log;log;System; +;dlog_logger.service;log;log;System; +;download-provider.service;web_fw;web_fw;System; +;dummyasm.service;service_fw;service_fw;System; +;dumpsys-service.service;log;log;System; +;edge-orchestration.service;system_fw;system_fw;System; +;emergency.service;root;root;System; +;esd.service;app_fw;app_fw;System; +;factory-reset.service;root;root;System::Privileged; +;factory-reset-launch.service;root;root;System::Privileged; +;faultd.service;root;root;System; +;feedbackd.service;system_fw;system_fw;System; +;fido.service;service_fw;service_fw;System; +;fido-asm.service;service_fw;service_fw;System; +;fido-bt-roaming-agent.service;service_fw;service_fw;System; +;focus-server.service;multimedia_fw;multimedia_fw;System; # need to check by SFV +;getty@.service;root;root;User::Shell; +;gumd.service;root;root;System::Privileged; +;gumd.service;root;root;System; +;init-update.service;root;root;System::Privileged; +;initrd-cleanup.service;root;root;System; +;initrd-parse-etc.service;root;root;System; +;initrd-switch-root.service;root;root;System; +;initrd-udevadm-cleanup-db.service;root;root;System; +;inm-manager.service;network_fw;network_fw;System; +;kmod-static-nodes.service;root;root;System; +;krate.service;root;root;System; +;lbs-server.service;location;location;System; +;ldconfig.service;root;root;System; +;license-manager-agent.service;security_fw;security_fw;System; +;log_dump.service;root;root;System; +;log_dump.service;system_fw;system_fw;System; # conditionaly used +;mdgd.service;network_fw;network_fw;System; +;media-server.service;multimedia_fw;multimedia_fw;System; +;mediacontroller.service;multimedia_fw;multimedia_fw;System; +;mm-resource-managerd.service;multimedia_fw;multimedia_fw;System; +;mobileap-agent.service;network_fw;network_fw;System; +;modemd.service;telephony;telephony;System; +;modes.service;system_fw;system_fw;System; +;msg-server.service;messaging;messaging;System; +;mtp-initiator.service;network_fw;network_fw;System; +;mtp-responder.service;network_fw;network_fw;System; +;mtp-responder-dummy.service;network_fw;network_fw;System; +;murphyd.service;multimedia_fw;multimedia_fw;System; +;muse-server.service;multimedia_fw;multimedia_fw;System; +;net-config.service;network_fw;network_fw;System; +;nether.service;security_fw;security_fw;System; +;nvitemd.service;telephony;telephony;System; +;obex.service;network_fw;network_fw;System; +;ode.service;root;root;System::Privileged; +;ode-progress-ui@.service;application;application;System; +;offline-update.service;root;root;System::Privileged; +;opt-usr-fsck.service;system_fw;disk;System; +;package-manager.service;app_fw;app_fw;System; +;package-recovery.service;app_fw;app_fw;System; +;pass.service;system_fw;system_fw;System; +;phonenumber-utils.service;service_fw;service_fw;System; +;pkg-db-recovery.service;root;root;System; +;pkgdir-tool.service;app_fw;app_fw;System; +;privacy-guard-server.service;security_fw;security_fw;System; +;pulseaudio.service;root;root;System; +;pushd.service;service_fw;service_fw;System; +;quotaon.service;root;root;System; +;radio-bt-off.service;network_fw;network_fw;System; +;radio-bt-on.service;network_fw;network_fw;System; +;radio-bt-on-stop.service;root;root;System; +;rescue.service;root;root;System; +;resize2fs@.service;root;root;System; +;resourced.service;root;root;System; +;rndis.service;network_fw;network_fw;System; +;scmirroring.server.service;multimedia_fw;multimedia_fw;System; +;sdbd.service;sdk;sdk;System; +;sdbd_tcp.service;sdk;sdk;System; +;security-config.service;root;root;System::Privileged; +;security-manager-cleanup.service;root;root;System::Privileged; +;security-manager-rules-loader.service;root;root;System::Privileged; +;security-manager.service;root;root;System::Privileged; +;sensord.service;sensor;input;System; +;serial-getty@.service;root;root;User::Shell; +;shutdown-animation.service;application;application;System; +;smartcard-service.service;network_fw;network_fw;System; +;smartreply.service;ui_fw;ui_fw;System; +;sound-server.service;multimedia_fw;multimedia_fw;System; +;stability-monitor.service;stability_monitor;stability_monitor;System; +;stc-iptables.service;network_fw;network_fw;System; +;stc-manager.service;root;root;System; +;storaged.service;root;root;System::Privileged; +;swap_manager.service;system_fw;system_fw;System; +;sys-kernel-tracing.service;system_fw;system_fw;System; +;system-default-target-done.service;system_fw;system_fw;System; +;system-delayed-target-done.service;system_fw;system_fw;System; +;system-delayed-target-trigger.service;root;root;System; +;system-popup.service;system_fw;system_fw;System; +;systemd-ask-password-console.service;root;root;System; +;systemd-ask-password-wall.service;root;root;System; +;systemd-binfmt.service;root;root;System; +;systemd-exit.service;root;root;System; +;systemd-fsck-root.service;root;root;System; +;systemd-fsck@.service;root;root;System; +;systemd-halt.service;root;root;System; +;systemd-hibernate-resume@.service;root;root;System; +;systemd-hibernate.service;root;root;System; +;systemd-hostnamed.service;root;root;System; # need to be checked whether it is existed +;systemd-hwdb-update.service;root;root;System; +;systemd-hybrid-sleep.service;root;root;System; +;systemd-initctl.service;root;root;System; +;systemd-journal-catalog-update.service;root;root;System; +;systemd-journal-flush.service;root;root;System; +;systemd-journald.service;root;root;System; +;systemd-kexec.service;root;root;System; +;systemd-localed.service;root;root;System; +;systemd-logind.service;root;root;System::Privileged; +;systemd-machine-id-commit.service;root;root;System; +;systemd-modules-load.service;root;root;System; +;systemd-nspawn@.service;root;root;System; +;systemd-poweroff.service;root;root;System; +;systemd-quotacheck.service;root;root;System; +;systemd-reboot.service;root;root;System; +;systemd-remount-fs.service;root;root;System; +;systemd-suspend.service;root;root;System; +;systemd-sysctl.service;root;root;System; +;systemd-tmpfiles-setup-dev.service;root;root;System::Privileged; +;systemd-tmpfiles-setup.service;root;root;System::Privileged; +;systemd-udev-settle.service;root;root;System; +;systemd-udev-trigger.service;root;root;System; +;systemd-udevd.service;root;root;System::Privileged; +;systemd-update-done.service;root;root;System; +;systemd-update-utmp-runlevel.service;root;root;System; +;systemd-update-utmp.service;root;root;System; +;systemd-user-sessions.service;root;root;System; +;systemd-vconsole-setup.service;root;root;System; +;telephony-daemon.service;telephony;telephony;System; +;tizen-fstrim-user.service;root;root;System; +;tizen-system-env.service;root;root;System; +;tizenid.service;system_fw;system_fw;System; +;tlm.service;root;root;User; +;trm.service;system_fw;system_fw;System; +;ttrace-marker.service;system_fw;system_fw;System; +;ua-manager.service;network_fw;network_fw;System; +;udev-sdb-init.service;root;root;System; +;usb-host-ffs-test-daemon.service;system_fw;system_fw;System; +;user@.service;%i;users;User; # Need to be defined group +;user-runtime-dir@.service;root;root;System::Privileged; +;__user@.service;%i;;User; # Need to be defined group +;wait-mount@.service;system_fw;system_fw;System; +;webappenc-initializer.service;security_fw;security_fw;System; +;wifi-direct-manager.service;network_fw;network_fw;System; +;wifi-ready.service;network_fw;network_fw;System; +;wmeshd.service;network_fw;network_fw;System; # need to be checked whether it is existed +;zigbee-daemon.service;network_fw;network_fw;System; # need to be checked whether it is existed