Gaurav Gupta [Tue, 9 Apr 2024 04:16:03 +0000 (09:46 +0530)]
emul64: use public init method for gumd service
In 64-bit TV emulator gumd service is failed to launch.
So, webapps could not be installed.
Switch to public tizen gumd init mechanism for 64-bit emulator.
Change-Id: I05d0cb8ca76d0f3516a9a0685ad14c3cf8bffd95
Signed-off-by: Gaurav Gupta <g.gupta@samsung.com>
JinWang An [Wed, 13 Mar 2024 09:33:14 +0000 (18:33 +0900)]
Add python3-setuptools dependency for python 3.12
Change-Id: I2df0f8327733442c844a4f0f5e7b80f06a3be867
Signed-off-by: JinWang An <jinwang.an@samsung.com>
Michal Bloch [Thu, 14 Jul 2022 10:08:46 +0000 (12:08 +0200)]
Ensure proper lifetime for the dbus server handler
Change-Id: I01f4041eeb1ad4ba3f8139c13ff973183e6c3077
Signed-off-by: Michal Bloch <m.bloch@samsung.com>
Mateusz Majewski [Wed, 12 Jan 2022 07:34:20 +0000 (08:34 +0100)]
Add empty secret case
Change-Id: Ie692f40adc514c127e518e2c5699a4d45402ea72
INSUN PYO [Mon, 13 Dec 2021 04:39:17 +0000 (13:39 +0900)]
asan: fix build error on ASAN environment
Normal build : -lgmodule-2.0 -pthread -lglib-2.0 -lcrypt -ltzplatform-config-2.0
ASAN build : -lgmodule-2.0 -pthread -lglib-2.0 -l -ltzplatform-config-2.0
Ref: https://github.com/linux-pam/linux-pam/commit/
01e0038fa55581c4afc9d63b6180d2ea77ba2940
Change-Id: Ia73ef164f9b08d209171d44df54de2f69a414dd8
Yunmi Ha [Thu, 15 Jul 2021 09:46:03 +0000 (18:46 +0900)]
Fix memory leak
Change-Id: I4e9b27d5ffc193d4a614aaac8eb84e589023d46d
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
Yunmi Ha [Tue, 10 Nov 2020 11:23:06 +0000 (20:23 +0900)]
Allow get/add user evenif /opt/etc/passwd does not exist.
- If /opt/etc/passwd file does not exist
allow add_user
allow get_user_list
deny update_user
deny delete_user
Change-Id: I901c47e6d73efd64133b04874c6b7727d975215b
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
Yunmi Ha [Tue, 11 Feb 2020 06:46:35 +0000 (15:46 +0900)]
Fix svace issue
- Fix variable type for saving nagative return
Change-Id: I2b01f765c3830b54561bfdba4776368c4489d0f3
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
Adrian Szyndela [Mon, 3 Feb 2020 11:30:27 +0000 (12:30 +0100)]
rework deprecated g_type_class_add_private()
g_type_class_add_private() is deprecated in glib2 since 2.58.
Use G_ADD_PRIVATE() macro with the G_DEFINE_* family of macros instead.
Change-Id: Ie22c3603a9a3254e35b6e29965c14877f27d2aad
Signed-off-by: Adrian Szyndela <adrian.s@samsung.com>
Yunmi Ha [Thu, 2 Jan 2020 06:34:34 +0000 (15:34 +0900)]
Allow to use ':' character in user password
Change-Id: I3cbc9905d4834570c1635db62826696770419bb4
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
Yunmi Ha [Fri, 20 Sep 2019 08:24:42 +0000 (17:24 +0900)]
Skip chmod operation about symbolic link when copy the file attribute.
Change-Id: I3bd470e897004af30402b1d4c643f6552e85a875
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
INSUN PYO [Wed, 14 Aug 2019 07:11:22 +0000 (16:11 +0900)]
Remove duplicate dependency with implicit dependencies at "Type=dbus"
Refs: https://www.freedesktop.org/software/systemd/man/systemd.service.html
- Services with Type=dbus set automatically acquire dependencies of type Requires= and After= on dbus.socket.
Signed-off-by: INSUN PYO <insun.pyo@samsung.com>
Change-Id: I3a487122481c65d3c9a14e9448d8de60408bda54
INSUN PYO [Mon, 8 Jul 2019 11:44:12 +0000 (20:44 +0900)]
Delete meaningless configuration
Change-Id: I9a4ba06f2dc5109cf5d40e3d11aff01d7599a11c
INSUN PYO [Thu, 30 May 2019 01:52:07 +0000 (10:52 +0900)]
Change UID range for regular users from [5000 ~ 5999] to [5000 ~ 9999]
Change-Id: Ic78d1065c804ecc1838a2f334bf652ada4aa0809
Refs: https://wiki.tizen.org/Security/User_and_group_ID_assignment_policy
INSUN PYO [Wed, 29 May 2019 11:28:19 +0000 (20:28 +0900)]
Revert "Add security usertype"
Container feature is removed.
Change-Id: Icf85ad34343f4f383c025fb4039d15a9b68f95a9
INSUN PYO [Thu, 11 Apr 2019 07:31:57 +0000 (07:31 +0000)]
Merge "Revert "API: add gum_user_type_to_prefix ()"" into tizen
INSUN PYO [Wed, 13 Mar 2019 05:18:18 +0000 (05:18 +0000)]
Revert "API: add gum_user_type_to_prefix ()"
This reverts commit
2eb97b92556a7766d7cdfbbd445b85c359b40d54.
Change-Id: Ic01248577e21245fd7247783690fc7e60107f398
Hyotaek Shim [Mon, 17 Dec 2018 10:17:09 +0000 (19:17 +0900)]
Change the path of docs/gtk-doc.make for gtk-doc upgrade to 1.29
(Before) /usr/share/gtk-doc/data/gtk-doc.notmpl.make
(After) /usr/share/gtk-doc/data/gtk-doc.make
Change-Id: Ibdfd9bcfb11954cdd699366fa7167a6ce6a6e544
Signed-off-by: Hyotaek Shim <hyotaek.shim@samsung.com>
INSUN PYO [Tue, 13 Nov 2018 02:19:55 +0000 (11:19 +0900)]
Bug fix: revert wrong workround code(closing gdbus stream)
As comment(on Related fixes #1), glib reports bug on "https://bugzilla.gnome.org/show_bug.cgi?id=734281.
But it is wrong report and is fixed by https://gitlab.gnome.org/GNOME/glib/commit/
bf1a2d707928e129c96af365330b3ac26b04ad15
Related fixes #1
- commit :
94b01a47636b0787c9b39a5a1f3569edbdc593e9
- comment :"Release 0.0.3"
Related fixes #2
- commit :
1c25a3cfa328a407cd2f4af59d8fe3a2b0e59cb0
- comment : "Bug fix: do not close dbus io stream when group/user service was stopped."
Change-Id: I721040da87a97be87de454b670125db1d671ac2e
Signed-off-by: INSUN PYO <insun.pyo@samsung.com>
Karol Lewandowski [Mon, 19 Nov 2018 14:20:20 +0000 (15:20 +0100)]
Remove autotools generated files
This allows us to change license in spec to simple LGPL,
as the "autoconf exception" is added by autoconf itself.
In Tizen GPLv2 autoconf exception is used so this does
not apply anyway.
Change-Id: I2625aed6d365dfe87bb6494448666977ef0d1654
Karol Lewandowski [Tue, 18 Sep 2018 08:53:16 +0000 (10:53 +0200)]
Hack: always look in /etc/passwd when generating user list
Change-Id: I6c5947c5d67553f0e55ab8b7c506c801da67a9f4
Karol Lewandowski [Thu, 13 Sep 2018 12:32:49 +0000 (14:32 +0200)]
Hack: Always check /etc/{passwd,shadow} in addition to defined files
When some users (eg. owner) might be in /opt/etc/passwd and some
("non-stock") are added to /opt/etc/passwd it means we have to
check both files.
Please note group is taken from /etc/group only. Group membership
must not be managed by GUM due to the fact that assigning user to
given group requires altering file which defines the group. Eg.
to add new user to system group 'audio' we would need to modify
/etc/group. This breaks the requirement for rootfs to be read-only.
Change-Id: Ic63605b5f3964f166d3d5cf5332d5ee5175a7d18
Karol Lewandowski [Thu, 9 Aug 2018 10:45:01 +0000 (12:45 +0200)]
Do not assign supplementary groups
Due to splitting password and group database to read-only db (standard
/etc/) and read-writable (/opt/etc/) it might no longer be possible to
add newly created users to system groups. Precisely, adding user to
system given group requires appending user name to /etc/group, which
is on read only partition. It's not possible to add such entry to
/opt/etc/group because it would not only require group name (and id)
duplication, but also it would require changing all the supporting
code to look for multiple group definitions.
To handle above problem gumd will no longer assign group membership at
user creation. It will also use standard /etc/group (and gshadow).
Assiging users to correct groups will be handled by security-manager
nss plugin.
Change-Id: I86af2d41f07f13f0d0e6904cfb7b45fe84594ea7
sanghyeok.oh [Thu, 17 May 2018 05:00:05 +0000 (14:00 +0900)]
dbus-policy: change to default deny policy
Change-Id: Idb3d21a9fc46e1d2450b172af4333642b8d1997d
Signed-off-by: sanghyeok.oh <sanghyeok.oh@samsung.com>
sanghyeok.oh [Tue, 3 Apr 2018 11:46:37 +0000 (20:46 +0900)]
Coverity Fix
Change-Id: I706846a4d3481fe609e30cb4aa35041a376f0e68
Signed-off-by: sanghyeok.oh <sanghyeok.oh@samsung.com>
sanghyeok.oh [Mon, 16 Oct 2017 11:23:50 +0000 (20:23 +0900)]
dbus: add allow rule for org.freedesktop.DBus.Peer.Ping
Change-Id: Iabeaa2d9bcbee9ff2dd67613cd487a7b5376e50b
Signed-off-by: sanghyeok.oh <sanghyeok.oh@samsung.com>
INSUN PYO [Tue, 2 Jan 2018 05:43:05 +0000 (14:43 +0900)]
API: add gum_user_type_to_prefix ()
Signed-off-by: INSUN PYO <insun.pyo@samsung.com>
Change-Id: Idcab8cfec27c8aec1bda66c718bc405b46d38ced
INSUN PYO [Fri, 15 Dec 2017 03:31:37 +0000 (12:31 +0900)]
adjust the uid and secure_uid range
Signed-off-by: INSUN PYO <insun.pyo@samsung.com>
Change-Id: I0d34ced09bb8a949e7d70b29f848ba707069b4a0
sanghyeok.oh [Mon, 11 Dec 2017 02:59:35 +0000 (11:59 +0900)]
Coverity Fix
Change-Id: I3c8da6926230ff3e4e53f2fcc449b0e73c521cca
Signed-off-by: sanghyeok.oh <sanghyeok.oh@samsung.com>
(cherry picked from commit
e8fc72d02063c99ae14b4847a096fd2c9353ae7e)
INSUN PYO [Wed, 22 Nov 2017 07:40:33 +0000 (16:40 +0900)]
spec: Change groupadd to handle in security-manager.
I left groupadd to make this package available from an open source without security-mager.
Signed-off-by: INSUN PYO <insun.pyo@samsung.com>
Change-Id: Id7e1fa341a8588c23bfe4785c9d529e6c81d3b5c
INSUN PYO [Tue, 24 Oct 2017 22:46:30 +0000 (22:46 +0000)]
Coverity fixes.
Signed-off-by: INSUN PYO <insun.pyo@samsung.com>
Change-Id: Ib2991d5795ae915a76c2bf26f2848b997926de42
Signed-off-by: INSUN PYO <insun.pyo@samsung.com>
INSUN PYO [Tue, 24 Oct 2017 22:56:14 +0000 (22:56 +0000)]
Coverity fixes.
Signed-off-by: INSUN PYO <insun.pyo@samsung.com>
Change-Id: I67956e80952b2b1808022807d88bb14ee08cff1b
sanghyeok.oh [Tue, 17 Oct 2017 11:11:14 +0000 (20:11 +0900)]
Coverity Fix
Change-Id: I98f936ca8a91d3465ec24064053030b97f535e56
Signed-off-by: sanghyeok.oh <sanghyeok.oh@samsung.com>
Yunmi Ha [Wed, 27 Sep 2017 05:28:58 +0000 (14:28 +0900)]
Modify create home directory logic
If user's home directory already exists, try to delete it.
And copy files from skel folder.
Change-Id: I68ab2ea9fc603893fced5383ecbae147bef81a4c
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
Yunmi Ha [Fri, 18 Aug 2017 02:27:15 +0000 (11:27 +0900)]
Remove upgrade script file from package.
It is for 2.4 to 3.0 upgrade.
So remove it from 4.0 package.
Change-Id: Ida64af949432df07943b587bfa77904aa7844b15
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
Yunmi Ha [Fri, 11 Aug 2017 05:20:01 +0000 (14:20 +0900)]
Enable ASLR feature
Change-Id: I315f6b1d137f40ade05cfe27e579b5139bf0b3cd
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
Yunmi Ha [Wed, 19 Jul 2017 08:22:39 +0000 (17:22 +0900)]
Change build flag for tv product
%{TIZEN_PRODUCT_TV} will be removed.
So use %{tizen_profile_name} or %{profile} macros instead of it.
%{tizen_profile_name} is for optional features that are not built in Tizen Public OBS.
Change-Id: I3d40fe24d2108467319f820b915649be0aa422f0
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
Hyotaek Shim [Wed, 5 Jul 2017 01:30:46 +0000 (10:30 +0900)]
Use geteuid() to check the current privilege instead of getuid() in gum_utils_gain_privileges()
Change-Id: Ibfaa0091bf5882043e4a01ef87455398d02fef5e
Signed-off-by: Hyotaek Shim <hyotaek.shim@samsung.com>
Yunmi Ha [Tue, 4 Jul 2017 07:27:35 +0000 (16:27 +0900)]
Add warning log: Home directory already exists.
Change-Id: Ibe7afd37ed515588fb2046a2c813d3126a107e6c
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
Signed-off-by: Hyotaek Shim <hyotaek.shim@samsung.com>
INSUN PYO [Wed, 14 Jun 2017 07:59:43 +0000 (16:59 +0900)]
Remove unnecessary privilege change codes (Bypass seteuid(0) when the calling process is root)
While MIC-building a Tizen image, /usr/bin/tpk-backend with libgum calls gum_utils_gain_privileges() and is crashed.
void gum_utils_gain_privileges ()
{
if (seteuid(0)) WARN ("seteuid() failed");
}
It is found that seteuid(0) system calls with created threads
result in Segmentation Fault (SIGSEGV) in qemu-arm 2.7 and even in up-to-date qemu-arm 2.9
void *thread_main(void *);
int main(void) {
int status;
pthread_t thread;
pthread_create(&thread, NULL, &thread_main, NULL); <-- After creating a thread
sleep(1);
seteuid(0); <-- Call seteuid(0)
pthread_join(thread, (void **)&status);
return 0;
}
void *thread_main(void *arg) {
printf ("Thread.\n");
pause();
}
$) armv7l-tizen-linux-gnueabi-c++ -static -o test test.cc -lpthread
$) qemu-arm test
Segmentation fault (core dumped)
It seems a kind of QEMU bug.
When this patch (https://bugs.launchpad.net/qemu/+bug/1594394) is applied to QEMU 2.9, the problem is resolved.
To avoid the crash during MIC build without the qemu patch, this workaround patch needs to be submitted.
Signed-off-by: INSUN PYO <insun.pyo@samsung.com>
Change-Id: I59a3d37a43864e0f4147c8088fe21db3ad692df5
Signed-off-by: Hyotaek Shim <hyotaek.shim@samsung.com>
Yunmi Ha [Fri, 7 Apr 2017 06:59:28 +0000 (23:59 -0700)]
Merge "Modify gumd.conf to support read-only rootfs" into tizen
Yunmi Ha [Mon, 3 Apr 2017 02:17:53 +0000 (11:17 +0900)]
Add license file to wearable package
Need to install license file per each rpm package.
Add license file to separated profile package.
Change-Id: I677707c039ec0f5427e18ace5c2dc8b52d4f9203
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
Yunmi Ha [Tue, 28 Mar 2017 06:28:25 +0000 (15:28 +0900)]
Merge branch 'tizen_3.0' into tizen
Change-Id: I2747a894466e30fd2a2d8b12cb4cf8964e0afa2a
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
Yunmi Ha [Mon, 27 Mar 2017 07:49:13 +0000 (16:49 +0900)]
Install license file to /usr/share/licenses
Need to install license file per each rpm package.
Add this logic for gum-utils/ libgum package.
Change-Id: I5544b115fb9494d97e048122061463be9a6ddca0
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
Yunmi Ha [Mon, 20 Mar 2017 08:12:19 +0000 (17:12 +0900)]
Install license file to /usr/share/license
Need to install license file to /usr/share/license.
So add install logic and add it to rpm package.
Change-Id: Ie8ec4a99951cb2dc0364a95ac00494facb0c0c09
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
Silas Jeon [Mon, 27 Feb 2017 10:43:28 +0000 (19:43 +0900)]
Fix error when built with TIZEN_PRODUCT_TV = 1
It makes error with TIZEN_PRODUCT_TV = 1 condition. The cause of the
error is that it does not copy gumd.service.wearable file but it
still needs that. Spec file is modified so that it always copies that
file. Removing wearable rpm when TIZEN_PRODUCT_TV is set seems more
reasonable, so that can be applied later.
Change-Id: I4c2511b6bdf7ccdae9892d23cf6815143b1f0e1f
silas jeon [Wed, 18 Jan 2017 09:22:35 +0000 (18:22 +0900)]
Modify gumd.conf to support read-only rootfs
Root filesystem will be mounted as read-only soon, so some files and directori-
s in /etc are moved to /opt/etc. skel, passwd, shadow, group, gshadow are the
objects, so gumd should handle them directly on /opt/etc
Change-Id: Ic8f38f223f8b28d5d59b80860fd959ae600bd64d
Yunmi Ha [Mon, 9 Jan 2017 06:36:21 +0000 (22:36 -0800)]
Merge "[4.0] Remove profile build dependency of wearble" into tizen
Yunmi Ha [Wed, 4 Jan 2017 06:28:19 +0000 (15:28 +0900)]
Merge branch 'tizen_3.0' into tizen
Change-Id: I4dcad5bc8df8dd76f147395ef9de002876802e44
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
Yunmi Ha [Mon, 2 Jan 2017 05:50:42 +0000 (21:50 -0800)]
Merge "Fix logic for set Home directory's smack label" into tizen_3.0
Sunmin Lee [Tue, 13 Dec 2016 06:19:50 +0000 (15:19 +0900)]
Upgrade: exclude upgrade script directory
The upgrade script directory (/usr/share/upgrade/scripts) is
part of filesystem, thus it doesn't need to be in this package.
Change-Id: Ic321fdb2112274421ae151681ca674acd50b9f23
Signed-off-by: Sunmin Lee <sunm.lee@samsung.com>
Yunmi Ha [Mon, 2 Jan 2017 04:12:32 +0000 (13:12 +0900)]
Support RO rootfs for all profiles
Before this patch, RO rootfs was supported only for TV profile.
So remove the profile checking logic, and support RO mount for all profiles.
Change-Id: Id802fc8843ea8e346c6dc85910705adfad0cff1a
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
Yunmi Ha [Mon, 26 Dec 2016 09:09:28 +0000 (18:09 +0900)]
Fix logic for set Home directory's smack label
Home directory's smack should be different with skel folder.
After copy file attributes from skel folder,
set home directory's own smack label.
(This can be set using gumd.config)
Change-Id: Ie9532f3e011968d32a05947eeb4d3ab4987ec75f
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
Yunmi Ha [Wed, 28 Dec 2016 08:13:53 +0000 (17:13 +0900)]
Change /etc/.pwd.lock file's path for RO mount
If mount /etc directory as readonly, lckpwdf API always return fail.
(Because lckpwdf API try to access /etc/.pwd.lock file as writable permition)
So almost gumd API return fail also.
For this, gumd makes /opt/etc/.pwd.lock and make symbolic link in /etc.
(Now..this is only for TV profile.)
Change-Id: I19f5f9fba0512bcc24c7fecde0bf4a8541df5d28
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
Sunmin Lee [Tue, 13 Dec 2016 06:19:50 +0000 (15:19 +0900)]
Upgrade: exclude upgrade script directory
The upgrade script directory (/usr/share/upgrade/scripts) is
part of filesystem, thus it doesn't need to be in this package.
Change-Id: Ic321fdb2112274421ae151681ca674acd50b9f23
Signed-off-by: Sunmin Lee <sunm.lee@samsung.com>
Yunmi Ha [Fri, 9 Dec 2016 02:06:58 +0000 (11:06 +0900)]
Merge branch 'tizen_3.0' into tizen
Change-Id: I29db5357fcaed8dd78c8a10d923c030b14615c0b
wchang kim [Fri, 2 Dec 2016 07:57:37 +0000 (16:57 +0900)]
Adding the priority numner to the filename of gumd_upgrade.sh
Change-Id: Idaab36de2eecb5fe2e6bc8e1e29ea4bfeea051e6
Signed-off-by: Woochang Kim <wchang.kim@samsung.com>
Yunmi Ha [Thu, 1 Dec 2016 09:12:51 +0000 (18:12 +0900)]
Fix memory leak
Dynamic memory referenced by 'key' was allocated.
But it was not freed when error was occured at other side.
Change-Id: I18dde46af50f94c5113d102e445711c0083946c0
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
lokilee73 [Wed, 23 Nov 2016 11:27:27 +0000 (20:27 +0900)]
merge 99588
Change-Id: I4008f170f67533525a6e1df593dd7db05468f554
Signed-off-by: lokilee73 <changjoo.lee@samsung.com>
Yunmi Ha [Wed, 23 Nov 2016 09:54:09 +0000 (18:54 +0900)]
Add audio group to DEFAULT_USR_GROUPS config.
If user is not member of audio group, all audio/radio API returns fail.
So add audio group to user's default group.
Change-Id: If17ddc5bc2071ce46ffcedb12552cf66711e97cd
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
Yunmi Ha [Tue, 22 Nov 2016 01:55:33 +0000 (10:55 +0900)]
Bug fix: do not close dbus io stream when group/user service was stopped.
Reason:
group/user services are run each other and share same parents connection.
However, when one service terminates, close a common IO stream.
So remained service has a problem with that IO stream.
Fix:
When main dbus service(usermanagement) is stopped, close IO stream.
(Move logic)
Change-Id: Iac30465b2c8a927934f9b3595a204833098168a1
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
MyungJoo Ham [Tue, 27 Sep 2016 04:36:37 +0000 (04:36 +0000)]
[4.0] Remove profile build dependency of wearble
- This is for Tizen 4.0 (tizen branch only)
- When this is SR'ed, you need to create JIRA-TRE issue:
Add gumd-profile_wearable for wearable profile.
Change-Id: Ia8bd0328f1a075ff7df9fb68e3344fae28f829af
Signed-off-by: MyungJoo Ham <myungjoo.ham@samsung.com>
Yunmi Ha [Wed, 21 Sep 2016 06:58:23 +0000 (15:58 +0900)]
Remove "GPL-3.0+" from spec file.
Only need to be applied GPL-3.0 license for autoconf file. (m4)
Change-Id: Ia3f14480c15e7f31adb052b096a7d4ec072a59e0
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
Yunmi Ha [Mon, 12 Sep 2016 01:13:26 +0000 (10:13 +0900)]
Add gumd_upgrade.sh for 3.0 migration.
gumd_upgrade.sh script will be excuted when flatform upgrade to 3.0 from 2.4.
This script only create default user's info file.
Change-Id: Ia08de528e3c90e4abe5a285d604725882852321b
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
Yunmi Ha [Thu, 8 Sep 2016 01:28:29 +0000 (10:28 +0900)]
Update: remove type and serverdir from dbus config file.
Dbus determines the type and serverdir base on location of config file.
Change-Id: I52ec5ff9d240cba41abbb272f33ff30d565f773c
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
Yunmi Ha [Thu, 1 Sep 2016 03:39:59 +0000 (12:39 +0900)]
Update: Not install gumd.service file with TV profile.
gumd.service file istallation was failed cause of security policy.
So when build TV profile, package doesn't install gumd.service.
And gumd will works as dbus service.
Change-Id: I35bcc43f3c9f8e93515bb072b4e020d348db6d2b
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
Yunmi Ha [Wed, 24 Aug 2016 07:49:39 +0000 (16:49 +0900)]
Update: add checking home directory logic
When update user data, check home directory.
If home directory is not exists, create home directory
and run user add post scripts.
(This is for tizen 3.0 migration)
Change-Id: If609186d8a0c154eac05b38a01903ad08e78dce6
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
Yunmi Ha [Fri, 29 Jul 2016 01:14:41 +0000 (10:14 +0900)]
Change chown to lchown
For dereferencing symbolic link when copy home(skel) directory,
change the api.
Change-Id: Ibc67cab8dc3ca91afdd0d27f631e206ce961c9c6
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
Yunjin Lee [Wed, 20 Jul 2016 12:31:32 +0000 (21:31 +0900)]
Set SmackProcessLabel in service file according to the profile
Change-Id: I2228ad4a335ee9b06f0a2f088cec0bc6afaf0a9a
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunmi Ha [Mon, 18 Jul 2016 08:50:56 +0000 (17:50 +0900)]
Change daemon timeout to 30sec
There are several timing issue was occured caused by short daemon timeout.
So change timeout : 7sec to 30sec.
Change-Id: I5db74a3e51b6536d6ecf479724c7faaba3556720
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
Yunmi Ha [Thu, 7 Jul 2016 02:48:00 +0000 (11:48 +0900)]
Appy ASLR
For security, apply ASLR
Change-Id: I4a71027eca245126616c388280f3c18d2168f64f
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
Yunmi Ha [Tue, 5 Jul 2016 23:30:35 +0000 (16:30 -0700)]
Merge "Fix bug - add daemon timeout" into tizen
Yunmi Ha [Tue, 5 Jul 2016 08:10:03 +0000 (17:10 +0900)]
Fix bug - add daemon timeout
Now, gumd daemon is not ended. (daemon timeout does not work.)
Add release reference logic for dbus adapter, and set timeout to 7 sec.
Change-Id: I43ae1605a2cfabce008beec6ad93bd24345e41ea
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
Yunmi Ha [Tue, 5 Jul 2016 04:40:16 +0000 (13:40 +0900)]
Remove smack capability
with wearable profile, CAP_MAC_ADMIN and CAP_MAC_OVERRIDE capabilities are removed.
(can't use useradd/del/modify function without offline option.)
with other profile, only CAP_MAC_OVERRIDE capability is removed.
For this, gumd launcher was changed to systemd.
Change-Id: Ic95fceed41afc41e37e93606c3abf830536ac7d6
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
Yunmi Ha [Sun, 3 Jul 2016 23:53:19 +0000 (08:53 +0900)]
Add security usertype
For security-container user, add new usertype.
This usertype has indivisual uid range, and can't listup to any normal user.
Change-Id: Ib48aa4715439639bb879732d943f2444fb1362e1
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
Yunmi Ha [Wed, 29 Jun 2016 08:10:06 +0000 (17:10 +0900)]
Change user default home directory
before: user default directory = /home
After: user default directory = $TZ_SYS_HOME$
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
Change-Id: I1e4900b8a97544f3eff12a71346a9fee21ffe304
Yunmi Ha [Thu, 16 Jun 2016 05:22:29 +0000 (14:22 +0900)]
Fix static-analyze issues (adding validation code)
gumd-dbus-server-p2p.c: fix bug - compare operation was incorrect.
gumd-dbus-server-msg-bus.c: Add null check logic.
gum-crypt.c: Add initialize code.
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
Change-Id: I5aec55c14b9312c42451f94ed996435af5bedc52
Yunmi Ha [Tue, 24 May 2016 01:48:56 +0000 (10:48 +0900)]
Fix --offline option bug - missing condition check
There is missed 'offline' option checking when create user service.
If 'offline' mode was given, should be processed without any dbus connection.
Change-Id: Ibd36985cb5fe444a4e82c93e8b565ef64bdddb89
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
Yunmi Ha [Tue, 17 May 2016 04:22:55 +0000 (13:22 +0900)]
Add license info
GPL-3.0-with-autoconf-exception
GPL-3.0+
Change-Id: I3710b745ce2368e7c0607e1f555f6148ac3c4aae
Yunmi Ha [Thu, 24 Mar 2016 08:16:25 +0000 (17:16 +0900)]
Fix svace issues for Tizen_3.0_TV_Prebeta
replace thread unsafe function- strerror
and change function call order
Change-Id: I8d49b3df607788110538553af57c186df04ed52c
Suchang Woo [Thu, 18 Feb 2016 00:38:26 +0000 (09:38 +0900)]
Remove a profile specific configuration
Signed-off-by: Suchang Woo <suchang.woo@samsung.com>
Change-Id: Ife2486e6ebf5b3fc00207e967b9c066eb6a92d2f
Lukasz Kostyra [Thu, 11 Feb 2016 13:42:28 +0000 (14:42 +0100)]
Remove audio group from normal users
Assigning normal users to group audio allows them to modify sound
related configuration using ALSA library, which bypasses privilege
checking. Removal of audio supplementary group fixes the issue.
Change-Id: I8f418480bca0a5d90e25842bbe9d94dcbe148f7c
Signed-off-by: Lukasz Kostyra <l.kostyra@samsung.com>
Youmin Ha [Thu, 24 Sep 2015 05:27:25 +0000 (14:27 +0900)]
Fix privilege name from usermanagement to internal/usermanagement
According to the commit https://review.tizen.org/gerrit/#/c/48637, the
privilege is changed to
http://tizen.org/privilege/internal/usermanagement
Change-Id: I7e709da6516b5c6256f2d5d247f114a979563e83
Signed-off-by: Youmin Ha <youmin.ha@samsung.com>
Hurnjoo Lee [Mon, 14 Sep 2015 07:11:31 +0000 (16:11 +0900)]
Change dbus service polivcy
* remove http://tizen.org/privilege/usermanagement.get privilege. This patch will allow all users to use get apis.
* remove .temp suffix of privilege.
Change-Id: Ia66e3cf98364332a6db470eaeafe64ebcb01be2b
Signed-off-by: Hurnjoo Lee <hurnjoo.lee@samsung.com>
Suchang Woo [Wed, 20 May 2015 05:29:28 +0000 (14:29 +0900)]
Add ".temp" suffix to non-public privileges
The following privileges are not public ones.
- http://tizen.org/privilege/usermanagement.set
- http://tizen.org/privilege/usermanagement.get
These privileges will be changed. To separate non-public and public
privileges, ".temp" suffix is added.
Signed-off-by: Suchang Woo <suchang.woo@samsung.com>
Change-Id: I262676f363ca751fea3d6fc47ece1883ffbbc3f2
Suchang Woo [Wed, 20 May 2015 07:54:30 +0000 (16:54 +0900)]
Fix gum-utils segfault when getting user list without usertypes
If usertypes argument is not specified, NULL is passed to g_strsplit().
It makes a segmentation fault.
Signed-off-by: Suchang Woo <suchang.woo@samsung.com>
Change-Id: I56d35a0afe9afadb5cdb592c546ca88554fa4951
Suchang Woo [Fri, 15 May 2015 05:26:45 +0000 (14:26 +0900)]
Add default admin groups
Admin user should be added to the groups that the normal user is added to
Signed-off-by: Suchang Woo <suchang.woo@samsung.com>
Change-Id: I9365d9884379f48667b5dc43eeebf59a3981f673
Hurnjoo Lee [Wed, 29 Apr 2015 12:03:59 +0000 (21:03 +0900)]
Apply D-bus service policy
* Apply D-bus service policy.
* Add privilege checks.
Change-Id: I4603e710e8aaf863bb51f0a42487fc31386080c6
Signed-off-by: Hurnjoo Lee <hurnjoo.lee@samsung.com>
Hurnjoo Lee [Thu, 23 Apr 2015 04:28:06 +0000 (13:28 +0900)]
Fix the bug that create abnormal user
In case there was wrong group in DEFAULT_USR_GROUP, user home directory was not created.
This patch will prevent abnormal termination of creating user by wrong default groups.
Change-Id: I74176fbce066ec160d518b228a2f7bd019de4d52
Signed-off-by: Hurnjoo Lee <hurnjoo.lee@samsung.com>
Minkyu Kang [Mon, 16 Feb 2015 06:00:01 +0000 (15:00 +0900)]
daemon: remove unknown user when getting normal user list
If user does not have any types then gumd will give normal user type forced
So there were included so many noise users
This patch will collect absolute normal type users
Change-Id: Id178dd9591eeef68948f946b46c16aedc96153e9
Signed-off-by: Minkyu Kang <mk7.kang@samsung.com>
Minkyu Kang [Mon, 16 Feb 2015 05:58:07 +0000 (14:58 +0900)]
Adds support the icon property
The Icon property will be saved at /var/lib/gumd/user/[uid] file
This file follow .ini file format
[User]
Icon=/usr/share/icons/user.png
So if we need to add new properties, this file can be expanded easily
Change-Id: I17f8ce3eb5f8a0e834678c3cca74a2a69cd87a97
Signed-off-by: Minkyu Kang <mk7.kang@samsung.com>
Imran Zaman [Tue, 17 Feb 2015 14:37:22 +0000 (16:37 +0200)]
Merge branch 'upstream' into tizen
Change-Id: I1d16ba303f254641f6f4a6657440c7aea5e21714
Signed-off-by: Imran Zaman <imran.zaman@intel.com>
Imran Zaman [Tue, 17 Feb 2015 13:00:53 +0000 (15:00 +0200)]
Merge branch 'devel' into upstream
Change-Id: Id66c04b2dbf7712805df5bdb8e19f36ef20edc28
Imran Zaman [Tue, 17 Feb 2015 13:29:12 +0000 (15:29 +0200)]
tizen: release 1.0.8
Change-Id: Ib5c30accb8aad2e825a29b87411cc7473f4af8bf
Signed-off-by: Imran Zaman <imran.zaman@intel.com>
Imran Zaman [Tue, 17 Feb 2015 13:00:53 +0000 (15:00 +0200)]
Merge branch 'devel' into upstream
Change-Id: Id66c04b2dbf7712805df5bdb8e19f36ef20edc28
Imran Zaman [Tue, 17 Feb 2015 12:30:25 +0000 (14:30 +0200)]
Renamed dbus interface with prefix org.O1
Change-Id: Ie9b82ef0604a39f6421f0a341c2e751345576cae
Imran Zaman [Tue, 10 Feb 2015 13:44:15 +0000 (15:44 +0200)]
Setting explicit values for Tizen:Common
This values are best suited for the current state of Tizen:Common.
Signed-off-by: José Bollo <jose.bollo@open.eurogiciel.org>
Imran Zaman [Mon, 9 Feb 2015 15:19:49 +0000 (17:19 +0200)]
Fixed copying of extended attributes from skel folder
Signed-off-by: Imran Zaman <imran.zaman@intel.com>
Imran Zaman [Mon, 9 Feb 2015 15:46:03 +0000 (17:46 +0200)]
Fixed copying of extended attributes from skel folder
Change-Id: I0fe8012baab1ce593820043323ec4042dc32dc28
Signed-off-by: Imran Zaman <imran.zaman@intel.com>
Imran Zaman [Thu, 5 Feb 2015 17:45:43 +0000 (19:45 +0200)]
Fixed gum-utils documentation
Change-Id: Ibd36e8d518ce3f5f547d1caadbb1397c6eff4629
Signed-off-by: Imran Zaman <imran.zaman@intel.com>
projects / platform / upstream / gumd.git / log