From: jiseob.jang <jiseob.jang@samsung.com>
Date: Wed, 29 Jun 2016 12:05:22 +0000 (+0900)
Subject: change permission of account.db for user(TSAM-5746).
X-Git-Tag: submit/tizen_mobile/20160630.020603^0
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=refs%2Fchanges%2F75%2F77375%2F1;p=platform%2Fcore%2Fapi%2Flibaccount-service.git

change permission of account.db for user(TSAM-5746).

Change-Id: I1c0955c47f0c679d8cb06254fec1ac39c875dbb0
Signed-off-by: jiseob.jang <jiseob.jang@samsung.com>
---

diff --git a/CMakeLists.txt b/CMakeLists.txt
index a65c82e..e9646c1 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -6,6 +6,6 @@ SET(EXEC_PREFIX ${_prefix})
 #SET(LIBDIR "\${prefix}/lib")
 #SET(INCLUDEDIR "\${prefix}/include ")
 SET(VERSION_MAJOR 0)
-SET(VERSION "${VERSION_MAJOR}.4.3")
+SET(VERSION "${VERSION_MAJOR}.4.4")
 
 ADD_SUBDIRECTORY(src)
diff --git a/packaging/libaccount-service.spec b/packaging/libaccount-service.spec
index ef700b7..dadd1e2 100644
--- a/packaging/libaccount-service.spec
+++ b/packaging/libaccount-service.spec
@@ -1,7 +1,7 @@
 
 Name:       libaccount-service
 Summary:    Account DB library
-Version:    0.4.3
+Version:    0.4.4
 Release:    1
 Group:      Social & Content/API
 License:    Apache-2.0
diff --git a/src/account_offline.c b/src/account_offline.c
index 26a2c17..01c9e8d 100644
--- a/src/account_offline.c
+++ b/src/account_offline.c
@@ -45,6 +45,8 @@
 
 #define APP_GID 100
 #define MIN_USER_UID 5000
+#define SERVICE_FW_UID 651
+#define SERVICE_FW_GID 651
 #define PW_BUF_LEN 4096
 
 typedef sqlite3_stmt * account_stmt;
@@ -93,13 +95,24 @@ static int _account_user_db_open(sqlite3 **p_hAccountDB, int mode, uid_t uid)
 		_account_user_db_close(*p_hAccountDB);
 
 	ACCOUNT_GET_USER_DB_DIR(account_db_dir, sizeof(account_db_dir), uid);
-	if ((-1 == access(account_db_dir, F_OK)) && uid != OWNER_ROOT)
-		mkdir(account_db_dir, 644);
-
-	if (mode == ACCOUNT_DB_OPEN_READWRITE)
+	if ((-1 == access(account_db_dir, F_OK)) && uid != OWNER_ROOT) {
+		int ret;
+		mkdir(account_db_dir, 777);
+		ret = chown(account_db_dir, SERVICE_FW_UID, SERVICE_FW_GID);
+		ACCOUNT_DEBUG("chown result = [%d]", ret);
+		ret = chmod(account_db_dir, S_IRUSR|S_IWUSR|S_IXUSR|S_IRGRP|S_IWGRP|S_IXGRP|S_IROTH|S_IWOTH|S_IXOTH);
+		ACCOUNT_DEBUG("chmod result = [%d]", ret);
 		rc = db_util_open(account_db_path, p_hAccountDB, DB_UTIL_REGISTER_HOOK_METHOD);
-	else
-		return ACCOUNT_ERROR_DB_NOT_OPENED;
+		ret = chown(account_db_path, SERVICE_FW_UID, SERVICE_FW_GID);
+		ACCOUNT_DEBUG("chown result = [%d]", ret);
+		ret = chmod(account_db_path, S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP);
+		ACCOUNT_DEBUG("chmod result = [%d]", ret);
+	} else {
+		if (mode == ACCOUNT_DB_OPEN_READWRITE)
+			rc = db_util_open(account_db_path, p_hAccountDB, DB_UTIL_REGISTER_HOOK_METHOD);
+		else
+			return ACCOUNT_ERROR_DB_NOT_OPENED;
+	}
 
 	if (_account_db_err_code(*p_hAccountDB) == SQLITE_PERM) {
 		ACCOUNT_ERROR("Access failed(%s)", _account_db_err_msg(*p_hAccountDB));
@@ -156,13 +169,24 @@ static int _account_global_db_open(int mode)
 
 	if (!g_hAccountGlobalDB) {
 		ACCOUNT_GET_USER_DB_DIR(account_db_dir, sizeof(account_db_dir), uid);
-		if ((-1 == access(account_db_dir, F_OK)) && uid != OWNER_ROOT)
-			mkdir(account_db_dir, 644);
-
-		if (mode == ACCOUNT_DB_OPEN_READWRITE)
+		if ((-1 == access(account_db_dir, F_OK)) && uid != OWNER_ROOT) {
+			int ret;
+			mkdir(account_db_dir, 777);
+			ret = chown(account_db_dir, SERVICE_FW_UID, SERVICE_FW_GID);
+			ACCOUNT_DEBUG("chown result = [%d]", ret);
+			ret = chmod(account_db_dir, S_IRUSR|S_IWUSR|S_IXUSR|S_IRGRP|S_IWGRP|S_IXGRP|S_IROTH|S_IWOTH|S_IXOTH);
+			ACCOUNT_DEBUG("chmod result = [%d]", ret);
 			rc = db_util_open(account_db_path, &g_hAccountGlobalDB, DB_UTIL_REGISTER_HOOK_METHOD);
-		else
-			return ACCOUNT_ERROR_DB_NOT_OPENED;
+			ret = chown(account_db_path, SERVICE_FW_UID, SERVICE_FW_GID);
+			ACCOUNT_DEBUG("chown result = [%d]", ret);
+			ret = chmod(account_db_path, S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP);
+			ACCOUNT_DEBUG("chmod result = [%d]", ret);
+		} else {
+			if (mode == ACCOUNT_DB_OPEN_READWRITE)
+				rc = db_util_open(account_db_path, &g_hAccountGlobalDB, DB_UTIL_REGISTER_HOOK_METHOD);
+			else
+				return ACCOUNT_ERROR_DB_NOT_OPENED;
+		}
 
 		if (_account_db_err_code(g_hAccountGlobalDB) == SQLITE_PERM) {
 			ACCOUNT_ERROR("Access failed(%s)", _account_db_err_msg(g_hAccountGlobalDB));