From: Sungbae Yoo <sungbae.yoo@samsung.com>
Date: Fri, 5 Jan 2018 07:18:53 +0000 (+0900)
Subject: Change to attach a gumd prefix to user id
X-Git-Tag: accepted/tizen/unified/20180326.075209~1
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=refs%2Fchanges%2F51%2F166051%2F2;p=platform%2Fcore%2Fsecurity%2Fkrate.git

Change to attach a gumd prefix to user id

This commit has dependency with gumd commit
(https://review.tizen.org/gerrit/#/c/165550/2)

Change-Id: I4173ac0d8f9eb2a8a496d13319cde2ad8f4d5b31
Signed-off-by: Sungbae Yoo <sungbae.yoo@samsung.com>
---

diff --git a/server/manager.cpp b/server/manager.cpp
index ea3ac09..643deb1 100755
--- a/server/manager.cpp
+++ b/server/manager.cpp
@@ -70,6 +70,7 @@ const std::string KRATE_CREATE_HOOK_PATH = "/etc/gumd/useradd.d";
 const std::string KRATE_REMOVE_HOOK_PATH = "/etc/gumd/userdel.d";
 
 std::string KRATE_DEFAULT_OWNER;
+std::string KRATE_ID_PREFIX;
 
 std::list<std::string> createdKrateList;
 static std::atomic<bool> isKrateForeground(false);
@@ -217,8 +218,12 @@ void initializeCreatedKrateList()
 		user = (GumUser*) src_list->data;
 		if (user) {
 			g_object_get(G_OBJECT(user), "username", &username, NULL);
-			createdKrateList.push_back(username);
+			std::string name = username;
 			g_free(username);
+
+			name = name.substr(KRATE_ID_PREFIX.size());
+
+			createdKrateList.push_back(name);
 		}
 	}
 
@@ -507,6 +512,7 @@ Manager::Manager(KrateControlContext& ctx) :
 	runtime::Cgroup::create(CGROUP_SUBSYSTEM, CGROUP_SUBSYSTEM);
 
 	KRATE_DEFAULT_OWNER = ::tzplatform_getenv(TZ_SYS_DEFAULT_USER);
+	KRATE_ID_PREFIX = gum_user_type_to_prefix(GUM_USERTYPE_SECURITY);
 
 	PackageManager& packageManager = PackageManager::instance();
 	packageManager.setEventCallback(packageEventHandler, this);
@@ -517,7 +523,7 @@ Manager::Manager(KrateControlContext& ctx) :
 
 	initializeCreatedKrateList();
 	for (std::string& name : createdKrateList) {
-		runtime::User krate(name);
+		runtime::User krate(KRATE_ID_PREFIX + name);
 		notification_register_detailed_changed_cb_for_uid(notiProxyCallback, &name, krate.getUid());
 	}
 }
@@ -551,7 +557,7 @@ int Manager::createKrate(const std::string& name, const std::string& manifest)
 				throw runtime::Exception("Failed to remove user (" + name + ") by gumd");
 			}
 
-			runtime::User user(name);
+			runtime::User user(name + KRATE_ID_PREFIX);
 
 			maskUserServices(user);
 
@@ -598,7 +604,7 @@ int Manager::removeKrate(const std::string& name)
 	std::unique_ptr<xml::Document> manifestFile;
 	bool canRemove = false;
 
-	runtime::User user(name);
+	runtime::User user(KRATE_ID_PREFIX + name);
     ::tzplatform_set_user(user.getUid());
 	std::string confPath(::tzplatform_getenv(TZ_USER_HOME));
 	confPath += "/.config/krate";
@@ -621,17 +627,14 @@ int Manager::removeKrate(const std::string& name)
 		return -1;
 	}
 
-	if (lockKrate(name) != 0) {
-		return -1;
-	}
+	//lock the user
+	setKrateState(user.getUid(), 0);
 
-	auto remove = [name, this] {
+	auto remove = [name, user, this] {
 		//wait for krate session close
 		sleep(1);
 
 		try {
-			runtime::User user(name);
-
 	        //umount TZ_USER_CONTENT
 			::tzplatform_set_user(user.getUid());
 			if (::umount2(::tzplatform_getenv(TZ_USER_CONTENT), MNT_FORCE) != 0) {
@@ -680,7 +683,7 @@ int Manager::removeKrate(const std::string& name)
 int Manager::lockKrate(const std::string& name)
 {
 	try {
-		runtime::User user(name);
+		runtime::User user(KRATE_ID_PREFIX + name);
 		setKrateState(user.getUid(), 0);
 	} catch (runtime::Exception& e) {
 		ERROR(e.what());
@@ -693,7 +696,7 @@ int Manager::lockKrate(const std::string& name)
 int Manager::unlockKrate(const std::string& name)
 {
 	try {
-		runtime::User user(name);
+		runtime::User user(KRATE_ID_PREFIX + name);
 		setKrateState(user.getUid(), 1);
 	} catch (runtime::Exception& e) {
 		ERROR(e.what());
@@ -711,7 +714,7 @@ int Manager::getKrateState(const std::string& name)
 	}
 
 	try {
-		runtime::User user(name);
+		runtime::User user(KRATE_ID_PREFIX + name);
 		try {
 			dbus::Connection& systemDBus = dbus::Connection::getSystem();
 			const dbus::Variant& var = systemDBus.methodcall
@@ -747,7 +750,7 @@ std::vector<std::string> Manager::getKrateList(int state)
 int Manager::resetKratePassword(const std::string& name, const std::string& newPassword)
 {
 	try {
-		runtime::User user(name);
+		runtime::User user(KRATE_ID_PREFIX + name);
 		int ret = auth_passwd_reset_passwd(AUTH_PWD_NORMAL, user.getUid(), newPassword.c_str());
 		if (ret != AUTH_PASSWD_API_SUCCESS) {
 			throw runtime::Exception("Failed to reset password for " + name);