From: Sangyoon Jang <s89.jang@samsung.com>
Date: Mon, 7 Sep 2015 05:34:04 +0000 (+0900)
Subject: Fix labeling rule on preloaded pkgs
X-Git-Tag: accepted/tizen/mobile/20150907.123205~1
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=c741cc3560ee6addd43eeb174440dd69d24f3567;p=platform%2Fcore%2Fappfw%2Fslp-pkgmgr.git

Fix labeling rule on preloaded pkgs

the rules which are same with private pkgs:
<pkgid>/ -> User::Home
<pkgid>/shared -> User::Home
<pkgid>/data -> User::Pkg::<pkgid>
<pkgid>/cache -> User::Pkg::<pkgid>
<pkgid>/(others) -> User::Pkg::<pkgid>::RO

Change-Id: I26bb1b27df408cc089ec50608d156e54a2bcb310
Signed-off-by: Sangyoon Jang <s89.jang@samsung.com>
---

diff --git a/tool/pkg_privilege.c b/tool/pkg_privilege.c
index 194083b..03098d3 100644
--- a/tool/pkg_privilege.c
+++ b/tool/pkg_privilege.c
@@ -2,36 +2,51 @@
 #include <string.h>
 #include <unistd.h>
 #include <sys/types.h>
+#include <linux/limits.h>
 
 #include <tzplatform_config.h>
 #include <security-manager.h>
 #include <pkgmgr_parser.h>
 
-#define BUFSIZE 4096
 #define OWNER_ROOT 0
 #define GLOBAL_USER tzplatform_getuid(TZ_SYS_GLOBALAPP_USER)
 
-static const char *_get_path(const char *pkgid, uid_t uid)
+static const char *_get_pkg_root_path(const char *pkgid, uid_t uid)
 {
-	char buf[BUFSIZE];
 	const char *path;
 
-	snprintf(buf, sizeof(buf), "%s", pkgid);
-
 	tzplatform_set_user(uid);
 	path = tzplatform_mkpath((uid == OWNER_ROOT || uid == GLOBAL_USER) ?
-			TZ_SYS_RO_APP : TZ_USER_APP, buf);
+			TZ_SYS_RO_APP : TZ_USER_APP, pkgid);
 	tzplatform_reset_user();
 
 	return path;
 }
 
+struct path_type {
+	const char *path;
+	enum app_install_path_type type;
+};
+
+struct path_type path_type_map[] = {
+	{"/", SECURITY_MANAGER_PATH_PUBLIC_RO},
+	{"/bin", SECURITY_MANAGER_PATH_RO},
+	{"/data", SECURITY_MANAGER_PATH_RW},
+	{"/cache", SECURITY_MANAGER_PATH_RW},
+	{"/lib", SECURITY_MANAGER_PATH_RO},
+	{"/res", SECURITY_MANAGER_PATH_RO},
+	{"/shared", SECURITY_MANAGER_PATH_PUBLIC_RO},
+	{NULL, SECURITY_MANAGER_ENUM_END}
+};
+
 static app_inst_req *_prepare_request(const char *pkgid, const char *appid,
 		uid_t uid)
 {
 	int ret;
 	app_inst_req *req;
-	const char *path;
+	const char *root_path;
+	char buf[PATH_MAX];
+	int i;
 
 	if (security_manager_app_inst_req_new(&req)) {
 		printf("security_manager_app_inst_req_new failed\n");
@@ -52,20 +67,26 @@ static app_inst_req *_prepare_request(const char *pkgid, const char *appid,
 		return NULL;
 	}
 
-	path = _get_path(pkgid, uid);
+	root_path = _get_pkg_root_path(pkgid, uid);
 	/* TODO: should be fixed */
-	if (access(path, F_OK) == -1) {
+	if (access(root_path, F_OK) == -1) {
 		printf("cannot find %s, but the smack rule for %s "
-				"will be installed\n", path, appid);
+				"will be installed\n", root_path, appid);
 		return req;
 	}
 
-	ret = security_manager_app_inst_req_add_path(req, path,
-			SECURITY_MANAGER_PATH_RO);
-	if (ret != SECURITY_MANAGER_SUCCESS) {
-		printf("set path failed: %d\n", ret);
-		security_manager_app_inst_req_free(req);
-		return NULL;
+	for (i = 0; path_type_map[i].path; i++) {
+		snprintf(buf, sizeof(buf), "%s%s", root_path,
+				path_type_map[i].path);
+		if (access(buf, F_OK) == -1)
+			continue;
+		ret = security_manager_app_inst_req_add_path(req, buf,
+				path_type_map[i].type);
+		if (ret != SECURITY_MANAGER_SUCCESS) {
+			printf("set path failed: %d\n", ret);
+			security_manager_app_inst_req_free(req);
+			return NULL;
+		}
 	}
 
 	return req;