From: jin-gyu.kim <jin-gyu.kim@samsung.com>
Date: Wed, 6 Jul 2016 05:37:35 +0000 (+0900)
Subject: Install smack_default_labeling
X-Git-Tag: submit/tizen/20160706.111307~8
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=c1648e9295a074712c7fbae335e4ba2578eaec47;p=platform%2Fcore%2Fsecurity%2Fsecurity-config.git

Install smack_default_labeling
- It sets smack label for the specific folder.
- It is executed by security-config.service

Change-Id: Ica179a7282bd18978ba22f8ad477a664106ceb84
---

diff --git a/CMakeLists.txt b/CMakeLists.txt
index 024af48..fcd7f2a 100755
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -14,6 +14,7 @@ INSTALL(FILES ${CMAKE_SOURCE_DIR}/config/set_capability DESTINATION /usr/share/s
 INSTALL(FILES ${CMAKE_SOURCE_DIR}/config/security-config.conf DESTINATION /usr/lib/tmpfiles.d/)
 INSTALL(FILES ${CMAKE_SOURCE_DIR}/config/90_user-content-permissions.post DESTINATION ${SYSCONF_INSTALL_DIR}/gumd/useradd.d)
 INSTALL(FILES ${CMAKE_SOURCE_DIR}/config/91_user-dbspace-permissions.post DESTINATION ${SYSCONF_INSTALL_DIR}/gumd/useradd.d)
+INSTALL(FILES ${CMAKE_SOURCE_DIR}/smack/smack_default_labeling DESTINATION /usr/share/security-config)
 
 INSTALL(FILES
     ${CMAKE_SOURCE_DIR}/packaging/security-config.manifest
diff --git a/packaging/security-config.spec b/packaging/security-config.spec
index f4d7ca2..7e524c6 100755
--- a/packaging/security-config.spec
+++ b/packaging/security-config.spec
@@ -61,3 +61,4 @@ mkdir -p /usr/share/security-config/log
 %attr(755,root,root) %{_sysconfdir}/gumd/useradd.d/91_user-dbspace-permissions.post
 %attr(-,root,root) %{_unitdir}/security-config.service
 %attr(-,root,root) %{_unitdir}/multi-user.target.wants/security-config.service
+%attr(755,root,root) /usr/share/security-config/smack_default_labeling
diff --git a/smack/smack_default_labeling b/smack/smack_default_labeling
new file mode 100644
index 0000000..a529390
--- /dev/null
+++ b/smack/smack_default_labeling
@@ -0,0 +1,27 @@
+#!/bin/bash
+
+PATH=/bin:/usr/bin:/sbin:/usr/sbin
+
+# check initial boot
+function check_init_boot
+{
+	if [ ! -e /usr/share/security-config/.smack_pre_labeling ]
+	then
+		touch /usr/share/security-config/.smack_pre_labeling
+		return 1
+	fi
+	return 0
+}
+
+# Set default smack label for the specific file or folder
+function set_smack_label
+{
+	chsmack -r -a "_" /csa
+}
+
+check_init_boot
+
+if [ "$?" == 1 ] # Init boot case
+then
+	set_smack_label
+fi
diff --git a/systemd/security-config.service b/systemd/security-config.service
index e13d562..ed8c8b9 100644
--- a/systemd/security-config.service
+++ b/systemd/security-config.service
@@ -3,7 +3,7 @@ Description=security-config service
 
 [Service]
 Type=simple
-ExecStart=/usr/bin/chsmack -r -a "_" /csa
+ExecStart=/usr/share/security-config/smack_default_labeling
 
 [Install]
 WantedBy=multi-user.target