platform/core/security/security-manager.git
8 years agoSupport for removing application. 34/58334/4
Bartlomiej Grzelewski [Fri, 29 Jan 2016 10:04:47 +0000 (11:04 +0100)]
Support for removing application.

Change-Id: Ic36c335fcd1f7e2f56f1db7d56cb1d1329e52823

8 years agoSupport SECURITY_MANAGER_PATH_TRUSTED_RW during installation. 17/58017/7
Bartlomiej Grzelewski [Tue, 26 Jan 2016 14:13:39 +0000 (15:13 +0100)]
Support SECURITY_MANAGER_PATH_TRUSTED_RW during installation.

All trusted paths should be properly labelled after package
installation.

Change-Id: I766aa029d1f1e85e84ebc388ded389620faa757c

8 years agoStore author information in database. 16/58016/6
Bartlomiej Grzelewski [Fri, 29 Jan 2016 13:47:54 +0000 (14:47 +0100)]
Store author information in database.

Change database schema. New schema will allow to store author
information. Change implementaion of privilege. It is able
to insert author information to database.

Change-Id: I5b16e76dd7d9a1896f63120fbe6928e634b08898

8 years agoAdd author id serialization 64/57364/5
Krzysztof Jackiewicz [Tue, 19 Jan 2016 11:25:55 +0000 (12:25 +0100)]
Add author id serialization

[Verification] Run tests

Change-Id: I07ffd72cc951ac669a9eac22f6cb72804392738c

8 years agoPrepare API stubs for trusted/shared path support 22/56922/10
Krzysztof Jackiewicz [Wed, 13 Jan 2016 13:31:13 +0000 (14:31 +0100)]
Prepare API stubs for trusted/shared path support

[Verification] Compile & run tests.

Change-Id: I8ba2d7fe641292b5d10d2eb90b71059690bde9a9

8 years agoshared folder backward compatibility 84/57984/8
Maciej J. Karpiuk [Tue, 26 Jan 2016 12:26:14 +0000 (13:26 +0100)]
shared folder backward compatibility

Added support for declaring specific shared folder for 2.X apps only.
Added support for installing apps with declared target tizen API type.

When installing app, the package shared folder gets specific label.
The owner application has RWX rules to it's shared folder.
All other applications get no access if are targetted to Tizen 3.0 version,
or RO access when are targetted to Tizen 2.X.
If the installed app is targetted to Tizen 2.X version, it get rules to shared
folders of other 2.X packages.

Change-Id: Ibffebc824176874e627c3f84e51718de1457357a

8 years agoIntroduce API for checking application privileges based on app_id 77/57177/3
Rafal Krypa [Fri, 15 Jan 2016 15:17:48 +0000 (16:17 +0100)]
Introduce API for checking application privileges based on app_id

New API security_manager_app_has_privilege() will enable privilege checks
against applications that are not running at the moment and cannot be
checked against a running process.
The function checks permission against Cynara database, while using a
proper application identifier (Smack label) derived from app_id.

Change-Id: I9ef82896fecf3ac7a20324155f9e7f130c2a071b
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
8 years agocynara: fix casting Cynara answer into bool type 65/57365/2
Rafal Krypa [Tue, 19 Jan 2016 11:26:38 +0000 (12:26 +0100)]
cynara: fix casting Cynara answer into bool type

Cynara check API returns either CYNARA_API_PERMISSION_DENIED (=1)
CYNARA_API_PERMISSION_ALLOWED (=2). This was badly cast in
SecurityManager::Cynara class to bool type, causing both return values
to be interpreted as true.

Change-Id: I5c96cfab5156e7aae81103cf8cf0d91d1b8293ab

8 years agoAdd 'socket/pid to appId and pkgId' functionality 75/48875/13
Adam Malinowski [Tue, 29 Sep 2015 06:16:11 +0000 (08:16 +0200)]
Add 'socket/pid to appId and pkgId' functionality

This patch introduces client functions for obtaining package Id
and application Id of an application with given socket descriptor
or process identifiers.
To test this functionality run tests added in patch:
https://review.tizen.org/gerrit/#/c/48887/

Change-Id: Ib9bd924563ea932ecf64d421f90bc3dde3bb38ec

8 years agosecurity-manager-cmd: adjust acceptable path types to supported values 49/57049/2
Rafal Krypa [Thu, 14 Jan 2016 16:29:33 +0000 (17:29 +0100)]
security-manager-cmd: adjust acceptable path types to supported values

Change-Id: Ife4354fd2b892ae46658fa8886f2c3599d3ed316

8 years agoFix issue with mutiple install the same app for different users 37/53837/3
Janusz Kozerski [Wed, 9 Dec 2015 15:29:43 +0000 (16:29 +0100)]
Fix issue with mutiple install the same app for different users

If the same application has been installed for more than one user,
then while uninstallation Smack rule file should remain in the system
until the last "instance" of application is present.

Change-Id: Ice8b1b7afe036028efcabf5a77732db0811763c4

8 years agoFix security-manager-policy-reload erasing existing entries 46/55346/2
Rafal Krypa [Wed, 23 Dec 2015 08:39:23 +0000 (09:39 +0100)]
Fix security-manager-policy-reload erasing existing entries

The policy reload script, while reloading user type buckets, used to
unintentionally erase existing entries mapping users to user types.
This was caused by the way in which user type buckets were reloaded:
by removing the bucket and recreating it with intended contents.
Erasing the bucket is wrong - it also erases all links to it.
Changing the reload mechanism to clean the bucket instead.

Change-Id: I6279b2f75d1b7136679edf228d89eb2b001bd76b
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
8 years agosecurity-manager-policy-reload: do not depend on GNU sed 77/50277/2
Patrick Ohly [Wed, 19 Aug 2015 13:02:32 +0000 (15:02 +0200)]
security-manager-policy-reload: do not depend on GNU sed

\U (= make replacement uppercase) is a GNU sed extension which is not
supported by other sed implementation's (like the one from
busybox). When using busybox, the bucket for user profiles became
USER_TYPE_Uadmin instead USER_TYPE_ADMIN.

To make SecurityManager more portable, better use tr to turn the
bucket name into uppercase.

Change-Id: I425256d3e9bd6619678763cbe1657e926116d48d
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
8 years agosystemd: stop using compat libs 76/50276/2
Patrick Ohly [Tue, 24 Mar 2015 11:54:03 +0000 (04:54 -0700)]
systemd: stop using compat libs

libsystemd-journal and libsystemd-daemon are considered obsolete
in systemd since 2.09 and may not be available (not compiled
by default).

The code works fine with the current libsystemd, so just
use that.

Change-Id: I5a272bc3ad1e93dd3bb5001b537a134a4ef856bc
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
8 years agosocket-manager: removes tizen specific call 07/56507/1
José Bollo [Fri, 8 Jan 2016 15:53:46 +0000 (16:53 +0100)]
socket-manager: removes tizen specific call

The function 'smack_fgetlabel' is specific to Tizen
and is no more maintained upstream.

Change-Id: I3802742b1758efe37b33e6d968ff727d68f2fd1f
Signed-off-by: José Bollo <jobol@nonadev.net>
8 years agoAdd new native privileges(d2d.admin, d2d.appcontrol, d2d.datasharing) 63/54963/1 accepted/tizen/ivi/20160218.023847 accepted/tizen/mobile/20151221.101048 accepted/tizen/tv/20151221.101041 accepted/tizen/wearable/20151221.101159 submit/tizen/20151221.050505 submit/tizen_common/20151229.142028 submit/tizen_common/20151229.144031 submit/tizen_common/20151229.154718 submit/tizen_ivi/20160217.000000 submit/tizen_ivi/20160217.000003
jooseong.lee [Mon, 21 Dec 2015 04:50:33 +0000 (13:50 +0900)]
Add new native privileges(d2d.admin, d2d.appcontrol, d2d.datasharing)

Refers to: https://review.tizen.org/gerrit/#/c/54954/

Change-Id: I967d6ee7045854a7621212ee42e72a78bd26fdad
Signed-off-by: jooseong.lee <jooseong.lee@samsung.com>
8 years agoAdd privilege-group mapping for message.read privilege 95/54695/1 accepted/tizen/mobile/20151217.223736 accepted/tizen/tv/20151217.223753 accepted/tizen/wearable/20151217.223813 submit/tizen/20151217.075828
jooseong.lee [Thu, 17 Dec 2015 07:52:25 +0000 (16:52 +0900)]
Add privilege-group mapping for message.read privilege

Refer to :
 https://review.tizen.org/gerrit/#/c/54684/

Change-Id: Ida34724ac3ad1eece34110ef56de17c855b1757a
Signed-off-by: jooseong.lee <jooseong.lee@samsung.com>
8 years agoApply ASLR on security-manager 79/53479/1 accepted/tizen/mobile/20151210.023747 accepted/tizen/tv/20151210.014508 accepted/tizen/wearable/20151210.013645 submit/tizen/20151209.005153
Yunjin Lee [Mon, 7 Dec 2015 07:53:49 +0000 (16:53 +0900)]
Apply ASLR on security-manager

Change-Id: I80bc8cb24195db96f98dd7d50fa71fa1ce315fc4
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
8 years agoFix getting a zone name from gid 42/52742/2 accepted/tizen/mobile/20151127.070358 accepted/tizen/tv/20151127.070403 accepted/tizen/wearable/20151127.070408 submit/tizen/20151127.042132
jooseong.lee [Thu, 26 Nov 2015 10:21:53 +0000 (19:21 +0900)]
Fix getting a zone name from gid

Assume there are no containers if cpuset dosen't present

Change-Id: If97fd885595a3ace9691fe2ad88ec4219f43909f
Signed-off-by: jooseong.lee <jooseong.lee@samsung.com>
8 years agoFix klocwork issues 78/52178/2
Oskar Świtalski [Thu, 19 Nov 2015 13:26:55 +0000 (14:26 +0100)]
Fix klocwork issues

Change-Id: I3f3df9132638e4690ebd6b133c5458867fd52404
Signed-off-by: Oskar Świtalski <o.switalski@samsung.com>
9 years agoAdd privilege-group mapping for four privileges 21/49121/2
Radoslaw Bartosiak [Tue, 6 Oct 2015 15:37:30 +0000 (17:37 +0200)]
Add privilege-group mapping for four privileges

According to Tizen security policy, services might be allowed to check
access to resources using DAC groups corresponding to privileges
https://wiki.tizen.org/wiki/Security/User_and_group_ID_assignment_policy.

This commit introduces mapping between groups and privileges needed by
libmm-camcorder and media-content projects.

Change-Id: I8763bb83a8b294c05b4623c0a921e739d3be7bc5
Signed-off-by: Radoslaw Bartosiak <r.bartosiak@samsung.com>
9 years agoAdded internal/buxton privilege for internal keys. 99/49599/1 accepted/tizen/mobile/20151016.043603 accepted/tizen/tv/20151016.043615 accepted/tizen/wearable/20151016.043624 submit/tizen/20151015.122946 tizen_3.0.m2.a1_mobile_release tizen_3.0.m2.a1_tv_release
jooseong.lee [Thu, 15 Oct 2015 09:35:36 +0000 (18:35 +0900)]
Added internal/buxton privilege for internal keys.

Only trusted system service is accessible to internal key.

Change-Id: Ibe49685a836ab194cfdbff54ff0608627fa7c2a8
Signed-off-by: jooseong.lee <jooseong.lee@samsung.com>
9 years agoAdd internal privileges and update mapping table for 'vconf to buxton2' 66/49266/4 submit/tizen/20151015.090000
jooseong.lee [Mon, 12 Oct 2015 07:34:47 +0000 (16:34 +0900)]
Add internal privileges and update mapping table for 'vconf to buxton2'

We have been using vconf key since Tizen2.x and
recommend to converting a Tizen vconf-based app over to Buxton now.
 https://wiki.tizen.org/wiki/Buxton

Buxton uses 'cynara check' to enforce security unlike vconf using Smack.
This patch add some internal privileges to support compatibilites
for 2.x vconf-based app as below:

* http://tizen.org/privilege/internal/default/public
* http://tizen.org/privilege/internal/default/partner
* http://tizen.org/privilege/internal/default/platform
* http://tizen.org/privilege/internal/buxton/account.read
* http://tizen.org/privilege/internal/buxton/camcorder
* http://tizen.org/privilege/internal/buxton/contact.read
* http://tizen.org/privilege/internal/buxton/location
* http://tizen.org/privilege/internal/buxton/message.read
* http://tizen.org/privilege/internal/buxton/network.get
* http://tizen.org/privilege/internal/buxton/nfc
* http://tizen.org/privilege/internal/buxton/nfc.cardemulation
* http://tizen.org/privilege/internal/buxton/readonly
* http://tizen.org/privilege/internal/buxton/telephony
* http://tizen.org/privilege/internal/webappdefault

I will update a detailed history for internal privilges soon.
 https://wiki.tizen.org/wiki/Security/Tizen_3.X_Internal_Privilege_Mapping

Change-Id: Ifadada7299873e42f26b35bfc4d526c04041c0b7
Signed-off-by: jooseong.lee <jooseong.lee@samsung.com>
9 years agoUpdate webappdefault privilege mapping 50/48650/1 accepted/tizen/mobile/20150930.115147 accepted/tizen/tv/20150930.115203 accepted/tizen/wearable/20150930.115213 submit/tizen/20150930.043220
Yunjin Lee [Thu, 24 Sep 2015 07:00:26 +0000 (16:00 +0900)]
Update webappdefault privilege mapping

Change-Id: I44d9058f15651cb097cc65c8cbdad80bab966a30
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
9 years agoAdded access to internal/usermanagement privilege for admin user type 37/48637/1 accepted/tizen/mobile/20150925.012347 accepted/tizen/tv/20150925.012400 accepted/tizen/wearable/20150925.012424 submit/tizen/20150924.051224 submit/tizen_common/20151015.190624 submit/tizen_common/20151019.135620
jooseong.lee [Thu, 24 Sep 2015 05:06:46 +0000 (14:06 +0900)]
Added access to internal/usermanagement privilege for admin user type

(https://review.tizen.org/gerrit/#/c/48086/).

Change-Id: I714de6763b6f75e5f5c8bbc6f505abe7c0fa278d
Signed-off-by: jooseong.lee <jooseong.lee@samsung.com>
9 years agoRewrite and fix CynaraAdmin::SetPolicies 94/48094/6 accepted/tizen/mobile/20150920.232640 accepted/tizen/tv/20150920.232654 accepted/tizen/wearable/20150920.232713 submit/tizen/20150918.090201
Rafal Krypa [Wed, 16 Sep 2015 09:03:51 +0000 (11:03 +0200)]
Rewrite and fix CynaraAdmin::SetPolicies

Method CynaraAdmin::Setpolicies, updating Cynara policy for an application,
was previously written to accept two vectors of privileges:
previously enabled privileges and privileges that should be enabled.
Vectors were used to calculate privileges to disable and privileges to
enable in Cynara. It required that both vectors are sorted and without
duplicates. Callers of this method fetched privileges from data base, which
provides sorting and unification.

This was broken in commit 626f947e0bb6fd90d4c20fd914981d5b752ab1e6
(Change smack labeling to be appId based). The second vector was taken
directly from application installation request, that wasn't necessarily
sorted or unique.

This method can be simplified now withot the need for sorted vectors. In
fact only one vector is necessarry now, because cynara-admin provides
support for listing policies (it didn't when the method was initially
written). Now it only takes vector of privileges that should be enabled,
in arbitrary order, that may contain duplicates. It lists previously enabled
privileges directly from Cynara, calculates the difference and sends
updated policies back to Cynara.

Change-Id: I15ca331cf5f46ae43c7665977df7eb4d3c7e986c
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
9 years agoAdded access to internal DBus privilege for all user types 40/48040/1
Tomasz Swierczek [Fri, 11 Sep 2015 10:07:03 +0000 (12:07 +0200)]
Added access to internal DBus privilege for all user types
(the privielge: http://tizen.org/privilege/internal/dbus).

This is needed for user-level services to access dbus session bus.
Applications will not be given access to the privilege because
their manifests should not contain that privilege.

Change-Id: Ibaed2522f96b6d99c139e333540618ee3f91b4ad
Signed-off-by: Tomasz Swierczek <t.swierczek@samsung.com>
9 years agoUpdate privilege list: Add missing privileges to mapping 86/47886/3 tizen_3.0.m1_mobile tizen_3.0.m1_tv accepted/tizen/mobile/20150910.110049 accepted/tizen/tv/20150910.110059 accepted/tizen/wearable/20150910.110105 submit/tizen/20150910.050309 submit/tizen_common/20151023.083358 submit/tizen_common/20151026.085049 tizen_3.0.m1_mobile_release tizen_3.0.m1_tv_release
jooseong.lee [Wed, 9 Sep 2015 14:04:04 +0000 (23:04 +0900)]
Update privilege list: Add missing privileges to mapping

Change-Id: If63103f7ab8c5b96c4ca122765388acbb2e635e8
Signed-off-by: jooseong.lee <jooseong.lee@samsung.com>
9 years agoRelease version 1.1.0 79/47479/2 accepted/tizen/mobile/20150903.233747 accepted/tizen/tv/20150903.233800 accepted/tizen/wearable/20150903.233809 submit/tizen/20150903.160942
Rafal Krypa [Thu, 3 Sep 2015 15:13:59 +0000 (17:13 +0200)]
Release version 1.1.0

Change-Id: Idf0c77468200bea93b28b8d12ca4970cfdbe9b9d

9 years agoAdd missing Smack rules from System to ~PKG~ and ~PKG~::RO 74/47474/1 submit/tizen/20150903.151748
Rafal Krypa [Thu, 3 Sep 2015 14:31:30 +0000 (16:31 +0200)]
Add missing Smack rules from System to ~PKG~ and ~PKG~::RO

System domain must also access files labeled with pkgId-based label.

Change-Id: I35ec4c092945b12480caae035055a4b00659d013
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
9 years agoFix labeling of SECURITY_MANAGER_PATH_RW paths 63/47463/1
Rafal Krypa [Thu, 3 Sep 2015 12:20:49 +0000 (14:20 +0200)]
Fix labeling of SECURITY_MANAGER_PATH_RW paths

- Don't set exec label on executables. Smack label should be set only by
  launcher. Also that exec label was wrong. Apps run with appId-based label,
  not pkgId-based.
- Set transmute attribute. To keep all files in SECURITY_MANAGER_PATH_RW
  labeled with pkgId-based label, directories must be transmutable.

Change-Id: I3ce69ae70796d2d591b57c75bd175c9c3ea99028
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
9 years agoAlways print warning log messages 80/47180/4 accepted/tizen/mobile/20150903.053522 accepted/tizen/tv/20150903.053645 accepted/tizen/wearable/20150903.053733 submit/tizen/20150903.001243
Rafal Krypa [Mon, 31 Aug 2015 16:07:06 +0000 (18:07 +0200)]
Always print warning log messages

Several types of log messages are printed only when the code is build in DEBUG
mode. This includes warning messages, but they should be printed always.
Warning logs are generated in erroneous situation and they should not be lost
int RELEASE builds.

Change-Id: I9e9934c13b066492294cb5bd76d94030b6ee43c7
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
9 years agoAdapt application file labeling to new requirements 41/46841/7
Rafal Krypa [Mon, 31 Aug 2015 18:07:21 +0000 (20:07 +0200)]
Adapt application file labeling to new requirements

The following changes has been made:
- application base path must now be APPS_ROOT/$pkgID, not
  APPS_ROOT/$pkgID/$appID
- application base path is now enforced, no files outside base path allowed
- application base path will be labeled with User::Pkg::$pkgID, no transmute
- SECURITY_MANAGER_PATH_TYPE_RO will be labeled with User::Pkg::$pkgID::RO
- applications get a Smack rule for RO access to User::Pkg::$pkgID::RO
- SECURITY_MANAGER_PATH_PUBLIC_RO will be labeled with User::Home
- SECURITY_MANAGER_PATH_PRIVATE and SECURITY_MANAGER_PATH_PUBLIC path types

Change-Id: I2d0260effcbe8da0c0e9130b89b4b34e7e104d29
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
9 years agoConvert ServiceImpl namespace to a class 21/39221/5
Rafal Krypa [Mon, 31 Aug 2015 08:50:03 +0000 (10:50 +0200)]
Convert ServiceImpl namespace to a class

This class will be used in future patches:
- to hold ownership of Cynara and PrivilegeDb objects
- to polymorph into basic, slave and off-line versions
- to synchronize multiple concurrent clients (multi-threading is coming)

Change-Id: I54f0ecda081db17350209c3e56debd91927e364e
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
9 years agoImplement and use template methods for serialization of multiple variables 12/45112/5
Rafal Krypa [Thu, 30 Jul 2015 16:19:12 +0000 (18:19 +0200)]
Implement and use template methods for serialization of multiple variables

Change-Id: I84f0deaa1a8623d1f3cc1039f6b8689a4d9b4ae1

9 years agoAdd security_manager_groups_get() API 82/41882/7
Aleksander Zdyb [Fri, 31 Jul 2015 11:05:55 +0000 (13:05 +0200)]
Add security_manager_groups_get() API

This function returns array of groups bound to privileges.
It's needed by nice-lad to identify resources to be subject
of auditing.

Change-Id: Ie7a195507a02a30d54f93ffbc351c403f2c83000

9 years agoUpdate privilege list: Add missing privileges to user buckets and mapping list 95/47295/1
Yunjin Lee [Wed, 2 Sep 2015 04:57:50 +0000 (13:57 +0900)]
Update privilege list: Add missing privileges to user buckets and mapping list

Change-Id: Ic47dfa9255b4bb5fe3e8e98a2e2d9c06dc475877
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
9 years agoUpdate privilege mapping list 57/47157/2 accepted/tizen/mobile/20150901.002339 accepted/tizen/tv/20150901.002351 accepted/tizen/wearable/20150901.002404 submit/tizen/20150831.130911
Yunjin Lee [Mon, 31 Aug 2015 09:06:00 +0000 (18:06 +0900)]
Update privilege mapping list

Change-Id: If17b3aedf5abc9041eb033973a2b9e3b8596b9ef
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
9 years agoRevert "Revert "Update privilege list according to the latest privilege set in 2.x"" 33/46833/2
Yunjin Lee [Wed, 26 Aug 2015 10:45:48 +0000 (03:45 -0700)]
Revert "Revert "Update privilege list according to the latest privilege set in 2.x""

This reverts commit e7f796f63565ffbcef91b4bdba6a0a6d112ecabb.

Change-Id: I5d14578100bd0631679eba84936ce1d8bca8f93e

9 years agoRevert "Update privilege list according to the latest privilege set in 2.x" 31/46831/1
Kim Kidong [Wed, 26 Aug 2015 10:32:22 +0000 (03:32 -0700)]
Revert "Update privilege list according to the latest privilege set in 2.x"

This reverts commit 8014cacc52f716ec424d43938967c21164ea3854.

Change-Id: I0c3df1d8c99986adc87ab9a6546efecf34629613

9 years agoUpdate privilege list according to the latest privilege set in 2.x 05/46805/2
Yunjin Lee [Wed, 26 Aug 2015 08:48:00 +0000 (17:48 +0900)]
Update privilege list according to the latest privilege set in 2.x

Remove deprecated privileges and Add new privileges.

Change-Id: I385a61e02bb86a112da1be730e17f4461cf4d049
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
9 years agoFix potential buffer overflow error CID: 40674 78/31778/4
Krzysztof Jackiewicz [Thu, 28 Aug 2014 15:44:08 +0000 (17:44 +0200)]
Fix potential buffer overflow error CID: 40674

Change backported from security-server repository.

Change-Id: Ifcbd8ebe4ddfa4c04dd000639cab2c60648c3943
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
9 years agoAdd script and config for privilege mapping setting 38/45838/2 accepted/tizen/mobile/20150813.012102 accepted/tizen/tv/20150813.012115 accepted/tizen/wearable/20150813.012128 submit/tizen/20150812.114250
Zofia Abramowska [Tue, 11 Aug 2015 15:25:28 +0000 (17:25 +0200)]
Add script and config for privilege mapping setting

Change-Id: I28d9b62547c5415f7cfc3c5934b75d4b6b6c020f

9 years agoFix tzplatform-config linkage 98/43598/2
Lukasz Wojciechowski [Fri, 10 Jul 2015 11:54:21 +0000 (13:54 +0200)]
Fix tzplatform-config linkage

tzplatform-config was linked with cmd and service,
but wasn't with common and client libraries.

In fact it's used only by common library.

This patch makes, only common library links with libtzplatform-config.
Linkage with binaries is removed.

Change-Id: Ia6bee0c47d1e5496c36a5479e19be198e4e1ab9b

9 years agoFix resetting prepared statement 30/45030/8
Oskar Świtalski [Thu, 30 Jul 2015 12:14:12 +0000 (14:14 +0200)]
Fix resetting prepared statement

Prepared statement should be reset/finalized
after making new one, otherwise database will
be in BUSY state and locked.

Change-Id: I679d3d41b1de406112a93c6d0c73ff0d0aae5d63

9 years agoImplement service side of privileges mapping 69/43969/5
Zofia Abramowska [Wed, 15 Jul 2015 16:03:41 +0000 (18:03 +0200)]
Implement service side of privileges mapping

Change-Id: I9e737fc0fd15a3eb248612f84b202d0a397bd35f

9 years agoImplement serialization of privilege mapping API 68/43968/6
Zofia Abramowska [Tue, 7 Jul 2015 10:15:09 +0000 (12:15 +0200)]
Implement serialization of privilege mapping API

Change-Id: Ic57758eca88b97485d748ff73267ba23e04efd45

9 years agoRemove libprivilege leftover 73/44473/5
Zofia Abramowska [Thu, 16 Jul 2015 11:53:12 +0000 (13:53 +0200)]
Remove libprivilege leftover

Change-Id: I8613ab6312eed889138652f5c89e55845e884b82

9 years agoAdd privilege mappings to PrivilegeDb 67/43967/6
Zofia Abramowska [Tue, 7 Jul 2015 12:47:19 +0000 (14:47 +0200)]
Add privilege mappings to PrivilegeDb

Change-Id: I8ff2a6fd7db7bd61d8d3b43ad3f2e033536843fe

9 years agoUse sql bind with std::string 66/43966/5
Zofia Abramowska [Tue, 7 Jul 2015 13:02:21 +0000 (15:02 +0200)]
Use sql bind with std::string

Change-Id: I23b3dc715cfb760cd1c84364aae8d2132d7f853a

9 years agoSupport std::string in SqlConnection binding 65/43965/5
Zofia Abramowska [Tue, 7 Jul 2015 12:57:07 +0000 (14:57 +0200)]
Support std::string in SqlConnection binding

Change-Id: I24bc608cfece4849639fcf529148cfdcf4af27a7

9 years agoPrepare db for privilege mapping 43/43043/6
Zofia Abramowska [Mon, 6 Jul 2015 15:38:44 +0000 (17:38 +0200)]
Prepare db for privilege mapping

Change-Id: I21d85830d97c250048c1c24b777897d2a9da5d13

9 years agoAdd API for privilege mapping between versions 42/43042/5
Zofia Abramowska [Mon, 6 Jul 2015 15:38:30 +0000 (17:38 +0200)]
Add API for privilege mapping between versions

Change-Id: Id61c2e4d8ff0252f6269ba3c6756170bdca38295

9 years agoAdd lock permission to 'System::Shared' label in app-rules-template.smack 89/45189/1 accepted/tizen/mobile/20150804.235159 accepted/tizen/tv/20150804.235210 accepted/tizen/wearable/20150804.235223 submit/tizen/20150804.091501
jooseong [Mon, 3 Aug 2015 11:03:16 +0000 (20:03 +0900)]
Add lock permission to 'System::Shared' label in app-rules-template.smack

Change-Id: I168785779c19a9d79c8baf96b188934db9beb019

9 years agoAdd 'sed' dependency to fix a image creation error 30/41830/1 accepted/tizen/mobile/20150618.080857 accepted/tizen/tv/20150618.080913 accepted/tizen/wearable/20150618.080929 submit/tizen/20150618.054009
jooseong.lee [Thu, 18 Jun 2015 05:37:04 +0000 (14:37 +0900)]
Add 'sed' dependency to fix a image creation error

Change-Id: I2a20f7cdd16e3b4d18fb8497c0e51f66604d1935
Signed-off-by: jooseong.lee <jooseong.lee@samsung.com>
9 years agoAdd missing dependency to tzplatform 85/40985/1 accepted/tizen/3.0.2015.q2/common/20150615.160020 accepted/tizen/common/20150615.075616 accepted/tizen/mobile/20150616.010258 accepted/tizen/tv/20150616.010321 accepted/tizen/wearable/20150616.010400 submit/tizen/20150611.121111 submit/tizen_3.0.2015.q2_common/20150615.075539
José Bollo [Wed, 10 Jun 2015 13:03:48 +0000 (15:03 +0200)]
Add missing dependency to tzplatform

Change-Id: Ifdf742b820a4cf7b76ef1dc6f8c831a24bfb55ef
Signed-off-by: José Bollo <jose.bollo@open.eurogiciel.org>
9 years agoImplement master and slave mode 44/32044/10
Lukasz Kostyra [Thu, 27 Nov 2014 16:14:08 +0000 (17:14 +0100)]
Implement master and slave mode

Final patch with master and slave mode implementation. Every container should
have its own privilege DB - slave will delegate calls to SMACK and to Cynara
Administrative Socket to master.

[Verification]  Build, install, run tests on hosts - no changes should occur.
                Run tests in containers:
                  * Run a container
                  * bind-mount /run/security-manager-master.socket and
                    /run/cynara/cynara.socket to container
                  * Run tests
                Keep in mind, some might fail due to tests not being
                container-aware.

Change-Id: Ibd1d884ad7dba6a15ebaa068c2c216a88562eb50

9 years agocynara: rewrite class using cynara async API for parallel processing 51/38351/6
Rafal Krypa [Fri, 17 Apr 2015 09:17:02 +0000 (11:17 +0200)]
cynara: rewrite class using cynara async API for parallel processing

Cynara class method check() can now be called in parallel by multiple
threads. Each call blocks until it gets a response.

This is a first step toward making security-manager multi-threaded, for
processing multiple requests in parallel.

Cynara class remains a singleton for now, but eventually there will be
single instance constructed (and destructed) from the main thread and
called for checks from separate threads processing user requests.

Change-Id: Ie1f55b9610caf45dc0df06dbd713070d39ccac07
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
9 years agocynara: handle additional error codes from Cynara API 50/38350/1
Rafal Krypa [Fri, 17 Apr 2015 09:18:32 +0000 (11:18 +0200)]
cynara: handle additional error codes from Cynara API

These error codes appeared in Cynara API after security-manager was
integrated with it.

Change-Id: Iba495040bd8bbb9a879a0fd27e880bb7547ed583
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
9 years agoExtract communication functions to common library 09/30809/16
Lukasz Kostyra [Mon, 17 Nov 2014 11:48:55 +0000 (12:48 +0100)]
Extract communication functions to common library

Since slave service will use the same functions as client library to send data,
these are extracted in this commit and will be used in the next change.

[Verification]  Build, install, run tests.

Change-Id: I4b9e11015c657066657f493e87d68958283bb947

9 years agoPrepare security-manager for master-slave mode 73/30173/22
Rafal Krypa [Fri, 6 Feb 2015 17:25:11 +0000 (18:25 +0100)]
Prepare security-manager for master-slave mode

This commit prepares security-manager for work in master/slave mode.
In order to properly install/uninstall applications inside containers,
security-manager inside container (slave) must delegate calls related to
SMACK to security-manager outside a container (master).
Since entire master/slave mode is a huge change, it is divided into two
commits - this is the first one. Logic for master service and changes in
service to work as slave are left for second commit.

With this change security-manager launched without additional arguments should
work as it did.

Change-Id: If05cdeb2d2c35c046bf4cb46d884a3689dab57ad

9 years agoRelease version 1.0.2 77/37377/2 accepted/tizen_3.0.2015.q1_common tizen_3.0.2015.q1_common accepted/tizen/3.0.2015.q1/common/20150325.124700 accepted/tizen/common/20150325.124639 accepted/tizen/mobile/20150326.005007 accepted/tizen/tv/20150326.004946 accepted/tizen/wearable/20150326.005025 submit/tizen/20150325.111947 submit/tizen_3.0.2015.q1_common/20150325.124454
Jacek Bukarewicz [Wed, 25 Mar 2015 10:44:33 +0000 (11:44 +0100)]
Release version 1.0.2

Change-Id: Ia46e9cf268fe0a7302066ee014e5d44c393fb587

9 years agoDon't call Cynara if there are no policies to set 78/37378/1
Lukasz Wojciechowski [Wed, 25 Mar 2015 10:50:36 +0000 (11:50 +0100)]
Don't call Cynara if there are no policies to set

Change-Id: I3a25cbc0cdbf5ee4cb82890fbd40ea4e51b8a08d

9 years agoRaise socket inactivity timeout to 300s 76/37376/1 accepted/tizen/3.0.2015.q1/common/20150325.104647 accepted/tizen/common/20150325.104357 submit/tizen_3.0.2015.q1_common/20150325.104201 submit/tizen_common/20150325.104133
Stephane Desneux [Wed, 25 Mar 2015 10:27:38 +0000 (11:27 +0100)]
Raise socket inactivity timeout to 300s

This is a quick workaround to installation problems on slow targets.

Bug-Tizen: TC-2483

Change-Id: I6515438e7fdc02ba6c6de6efba32cfcaaa030f7f
Signed-off-by: Stephane Desneux <stephane.desneux@open.eurogiciel.org>
9 years agoRelease version 1.0.1 04/37204/2 accepted/tizen/common/20150324.113641 accepted/tizen/mobile/20150325.005945 accepted/tizen/tv/20150325.011415 accepted/tizen/wearable/20150325.010616 submit/tizen/20150324.094020
Rafal Krypa [Fri, 20 Mar 2015 15:19:44 +0000 (16:19 +0100)]
Release version 1.0.1

Change-Id: Ied8852ec3ed3e8dc3ea3457a99ee4a9822349f55

9 years agoFix advisory locking in client library 36/37136/2 accepted/tizen/3.0.2015.q1/common/20150323.083237 accepted/tizen/common/20150323.084005 submit/tizen_3.0.2015.q1_common/20150320.155011 submit/tizen_common/20150320.152106
Rafal Krypa [Thu, 19 Mar 2015 16:53:03 +0000 (17:53 +0100)]
Fix advisory locking in client library

Enhance off-line mode detection based on lock:
- don't use exceptions for non-exceptional code paths
- only attempt off-line mode if caller is root

Also fix misleading logs informing about lock failures (that doesn't
lead to actual security-mnanager failures) caused by lock attempt on a
lock file without proper permissions.

Change-Id: Ie7fca37154a1993cd46c59a0204837904593e5db
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
9 years agosecurity-manager-policy: add missing dependencies on required tools 37/37137/2
Rafal Krypa [Wed, 18 Mar 2015 10:27:47 +0000 (11:27 +0100)]
security-manager-policy: add missing dependencies on required tools

The policy loading script uses sqlite3 and tzplatform-get programs. The
package should depend on them.

Change-Id: I16d5b3b9d4914ba791a493305fbdf4a57c2f37a7
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
9 years agoRemoved timeout for poll. 00/32200/2
Sebastian Grabowski [Tue, 16 Dec 2014 13:37:46 +0000 (14:37 +0100)]
Removed timeout for poll.

Security-server in many cases may need much more time than just 2s to
accomplish given client request. It seems to be reasonable to just
remove the timeout by changing it to be infinite.

Change-Id: Iae8074b3bb5bfa134fd6dc324907ad3bba6f3b9b
Signed-off-by: Sebastian Grabowski <s.grabowski@samsung.com>
9 years agoRemove references to non-existing security-manager.target 59/36859/1
Jacek Bukarewicz [Wed, 11 Mar 2015 15:07:14 +0000 (16:07 +0100)]
Remove references to non-existing security-manager.target

Change-Id: I57a6d196be2d87b51d63c3226a40480e21e91e9f

9 years agoRelease version 1.0.0 68/36468/4 accepted/tizen/3.0.2015.q1/common/20150320.110433 accepted/tizen/common/20150311.085808 accepted/tizen/tv/20150310.225759 accepted/tizen/tv/20150312.010512 accepted/tizen/wearable/20150323.005705 submit/tizen/20150310.164700 submit/tizen_3.0.2015.q1_common/20150320.103259 submit/tizen_mobile/20150310.164700 submit/tizen_tv/20150310.164700 submit/tizen_wearable/20150320.000000 submit/tizen_wereable/20150310.164700
Rafal Krypa [Fri, 6 Mar 2015 17:46:38 +0000 (18:46 +0100)]
Release version 1.0.0

Change-Id: I11bb09f16e150b4a95f7385084f3f8c08ce94790
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
9 years agoFix grant all privileges to programs with "User" and "System" Smack labels 85/36585/1
Rafal Krypa [Tue, 10 Mar 2015 09:48:08 +0000 (10:48 +0100)]
Fix grant all privileges to programs with "User" and "System" Smack labels

Cynara rules for granting said policy was added to the wrong bucket.
Another bucket, with default "Deny" policy was shadowing them.
Adding the rules to the proper bucket now.

Change-Id: Iec6b3bd093e89c8b3629994681871c94f797187b
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
9 years agoDrop workaround for all applications labeled with "User" label 71/36471/1
Rafal Krypa [Fri, 6 Mar 2015 17:52:20 +0000 (18:52 +0100)]
Drop workaround for all applications labeled with "User" label

Because every app used to have the same label, special fixes were needed for
app uninstallation not to break Smack policy for "User" label. Now with final
application labels this is no longer needed. Dropping the workaround.

Change-Id: I83d3df1499f8c0eb21d2c954c2fcba3283938a5e
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
9 years agoProvide support for loading privilege-group mapping 67/36467/1
Rafal Krypa [Fri, 6 Mar 2015 17:22:14 +0000 (18:22 +0100)]
Provide support for loading privilege-group mapping

A mapping file in policy/privilege-group.list will be contained in
security-manager-policy package. All mappings from that file will be loaded
during package installation by security-manager-policy-reload tool.
For development purposes it is also possible to modify the mapping file
on the image and re-run security-manager-policy-reload.

Change-Id: I9a7d5b16888de98013da281978e299c5b19750ce
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
9 years agoMove template for application Smack rules to security-manager-policy 49/36349/2
Rafal Krypa [Thu, 5 Mar 2015 11:36:02 +0000 (12:36 +0100)]
Move template for application Smack rules to security-manager-policy

Change-Id: If323c8d8e8a930291d2db348e5a375711345707a
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
9 years agoGrant all privileges to programs with "User" and "System" Smack labels 48/36348/3
Rafal Krypa [Thu, 5 Mar 2015 11:46:04 +0000 (12:46 +0100)]
Grant all privileges to programs with "User" and "System" Smack labels

Now with application labels no longer hardcoded to "User", it's time to
work on actual policy enforcment in services. Platform components that are
not downloadabla applications will run with "User" and "System" labels (for
User and System domains). They should not be restricted by Cynara.

Change-Id: I62ea8295804f3ad04b1a538642d2098aab45cb48
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
9 years agoFix getting application groups 67/36067/5
Rafal Krypa [Tue, 17 Feb 2015 13:00:04 +0000 (14:00 +0100)]
Fix getting application groups

When fetching application groups, Cynara checks are made to verify whether
application actually has the privilege. Since recently, application identifier
in Cynara policy is appId-based. This function wasn't properly adapted to
that change and still used pkgId-based identifier. This would break after
introduction of proper Smack labels in security-manager.

Change-Id: Ifeed83b6ab9f920a2c0dc769d0d3de60887bdcd6
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
9 years agoGenerate distinct Smack labels for appId and pkgId 42/35042/10
Rafal Krypa [Fri, 27 Feb 2015 16:37:22 +0000 (17:37 +0100)]
Generate distinct Smack labels for appId and pkgId

Stop hard-wiring Smack labels to "User".
Proper unique labels will be generated:
- "User::App::$appid" for appId
- "User::Pkg::$pkgid" for pkgId

Generated rules are also validated against Smack restrictions for labels.
This imposes the following limitations on appId and pkgId values:
- length up to 244 characters (255 minus prefix length)
- non-printable ASCII characters and space are not allowed
- other prohibited characters: slash, backslash, single quote, double quote

Change-Id: Ib60b1f6fae785919542b2e749bceabbea0b9a89b
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
9 years agoRefactoring Smack-related code for exception-based error handling 66/36066/4
Rafal Krypa [Mon, 2 Mar 2015 11:43:48 +0000 (12:43 +0100)]
Refactoring Smack-related code for exception-based error handling

Smack functions were incoherent with rest of security-manager with regard
to error handling. Functions and methods returned bool value to indicate
their success. This patch changes this schema to use exceptions for error
handling.

Change-Id: If4ec3cac6b63bb411b13a4eb8d9b553e7b5d1c86
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
9 years agofix dependencies against security-manager-policy 65/36065/3
Rafal Krypa [Mon, 16 Feb 2015 11:12:27 +0000 (12:12 +0100)]
fix dependencies against security-manager-policy

Make security-manager package depend on security-manager-policy to ensure that
policy configuration will be installed on the image.

Change-Id: I80f5671a4ba855b871ab63f06a707e1f1ea73b88
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
9 years agoUse proper delete[] operator in security_manager_get_policy_internal 77/35077/4
Rafal Krypa [Fri, 6 Feb 2015 16:52:35 +0000 (17:52 +0100)]
Use proper delete[] operator in security_manager_get_policy_internal

Freeing of array, previously allocated with new[], was incorrectly done by
delete operator.

Change-Id: Iec17c68ad9e6e42f199c0a3b4cb9dc6b65a1a5a1
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
9 years agoNew structure of application file paths 85/34985/17
Zbigniew Jasinski [Mon, 2 Feb 2015 15:16:53 +0000 (16:16 +0100)]
New structure of application file paths

Application paths should be structures as:

<ROOT_APP>/<pkg_id>/<app_id>

where ROOT_APP should equlas to:

- TZ_USER_APP in single user's installation
- TZ_SYS_RW_APP in common/global installation

Change-Id: I4a407551d28401a2b94a80c34da690e0c91cfee7

9 years agoNew path types for application installation in security-manager 51/33051/19
Zbigniew Jasinski [Fri, 2 Jan 2015 10:36:40 +0000 (11:36 +0100)]
New path types for application installation in security-manager

security-manager now provides two path types:
- writable, accessible for writing to the app and all apps within its package
- readable, accessible to all apps for reading

Change-Id: I87a0dfbd4bc7b9e59d1ed97dc8332e7df20b139f

9 years agoService backend implementation for getting policies levels 12/34712/26
Michal Eljasiewicz [Sat, 31 Jan 2015 13:44:12 +0000 (14:44 +0100)]
Service backend implementation for getting policies levels

Change-Id: I58b7dff5b91dac5162477a3742398a04f4faebd6
Signed-off-by: Michal Eljasiewicz <m.eljasiewic@samsung.com>
9 years agoList policies: server side implementation 30/33930/38
Krzysztof Sasiak [Wed, 11 Feb 2015 11:37:05 +0000 (12:37 +0100)]
List policies: server side implementation

Change-Id: Ic771c46851a46847c007a06ecd65107465957bf8
Signed-off-by: Krzysztof Sasiak <k.sasiak@samsung.com>
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
9 years agoChanges in getters functions for security manager policy entries 53/35253/3
Sebastian Grabowski [Wed, 11 Feb 2015 08:31:28 +0000 (09:31 +0100)]
Changes in getters functions for security manager policy entries

In order to get rid of resources duplication strdup has been removed
from functions that get values from a struct policy_entry. So no longer
any additional free is required after using security_manager_policy_entry_get
family functions.

Change-Id: I8070dcd098f9049082da08cb4a640d70a127e5e1
Signed-off-by: Sebastian Grabowski <s.grabowski@samsung.com>
9 years agoList all users registered in Cynara 04/35204/8
Krzysztof Sasiak [Tue, 10 Feb 2015 08:28:33 +0000 (09:28 +0100)]
List all users registered in Cynara

Change-Id: I2b167b39106368ad1808739956bd55e444b3ab5a

9 years agoFix to list policies descriptions lowest to highest 73/35573/3
Michal Eljasiewicz [Wed, 18 Feb 2015 12:57:27 +0000 (13:57 +0100)]
Fix to list policies descriptions lowest to highest

Change-Id: I8eaa21c94a64d882a0e9045ede18521e66b52651
Signed-off-by: Michal Eljasiewicz <m.eljasiewic@samsung.com>
9 years agoWrapper for cynara_admin_check. 52/32752/39
Michal Eljasiewicz [Tue, 23 Dec 2014 12:43:48 +0000 (13:43 +0100)]
Wrapper for cynara_admin_check.

Asks Cynara for permission and allows to specify in
which policy bucket to start search.

Change-Id: I127057249437c8aa2c719e498239f8f0ef3f8ed9
Signed-off-by: Michal Eljasiewicz <m.eljasiewic@samsung.com>
9 years agoPolicy update: server side implementation 64/32764/31
Krzysztof Sasiak [Tue, 23 Dec 2014 14:53:09 +0000 (15:53 +0100)]
Policy update: server side implementation

Change-Id: I920cc940b541c21607dd836d1f426c1f622ffbb2
Signed-off-by: Krzysztof Sasiak <k.sasiak@samsung.com>
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
9 years agoElaborating documentation and some client fixes 81/35281/8
Krzysztof Sasiak [Wed, 11 Feb 2015 10:28:03 +0000 (11:28 +0100)]
Elaborating documentation and some client fixes

Change-Id: I64101b26a185706f42b621e7c04512ace8141c76
Signed-off-by: Krzysztof Sasiak <k.sasiak@samsung.com>
9 years agoFix for API: added missing dereference operator in get_policy* functions 66/35066/4 accepted/tizen/tv/20150217.004257 submit/tizen_tv/20150216.113520
Rafal Krypa [Fri, 6 Feb 2015 16:42:01 +0000 (17:42 +0100)]
Fix for API: added missing dereference operator in get_policy* functions

policy_entry is an incomplete type, hence the need of three dereference operators

Change-Id: Ib7489e6e0f03419784af01d1a1c4c823791815f7
Signed-off-by: Krzysztof Sasiak <k.sasiak@samsung.com>
9 years agoObtain smack label from socket during getting peer id by service 13/34713/16
Jan Cybulski [Sat, 31 Jan 2015 14:29:34 +0000 (15:29 +0100)]
Obtain smack label from socket during getting peer id by service

This will be needed to validate peer application's privileges in cynara

Change-Id: Id5c2dab311d3707a9c4cccf38623496bb5111826
Signed-off-by: Jan Cybulski <j.cybulski@samsung.com>
9 years agoFix build break on x86_64 introduced in commit ed455f0c98 43/35043/2
Rafal Krypa [Fri, 6 Feb 2015 11:05:19 +0000 (12:05 +0100)]
Fix build break on x86_64 introduced in commit ed455f0c98

DPL has methods for deserializing int, but not long int. Changing size_t
to plain int.

Change-Id: If4d0e6c9d73e125f82a11f9ef0535f7e1968ca0d
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
9 years agoWrapper for cynara_admin_list_policies_descriptions 10/34710/20
Michal Eljasiewicz [Mon, 26 Jan 2015 11:27:03 +0000 (12:27 +0100)]
Wrapper for cynara_admin_list_policies_descriptions

Change-Id: I6b07e4fb0b8e1395a3d867bcdecf1e79b3839772
Signed-off-by: Michal Eljasiewicz <m.eljasiewic@samsung.com>
9 years agoIgnore errors in supplementary group setup during app launch preparation 51/33451/2
Rafal Krypa [Fri, 9 Jan 2015 16:15:30 +0000 (17:15 +0100)]
Ignore errors in supplementary group setup during app launch preparation

Such errors might happen when launcher tries to launch an application that
wasn't properly setup by the installer before. This should be supported to
allow easier integration of security-manager into platform.
Ignoring these errors won't cause any privilege escalation. Actually it
might cause giving less privileges than necessary to the application.

Change-Id: Ib8ba02a28404a25c541ba6daede9f68c864583cc
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
9 years agoAdd missing rules for pkgId label 50/33450/2
Rafal Krypa [Fri, 9 Jan 2015 17:16:28 +0000 (18:16 +0100)]
Add missing rules for pkgId label

Commit 626f947e0b changed labeling scheme to be appId based and introduced
a new "~PKG~" template in the rules file. But the actual rules were not
included in the template file.

Change-Id: Idd5ababfb5b484811b75f2f764f6f7d77a77da1f
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
9 years agoBefore running client in off-line mode, attempt to socket-activate the server 69/34469/4
Rafal Krypa [Wed, 4 Feb 2015 16:58:14 +0000 (17:58 +0100)]
Before running client in off-line mode, attempt to socket-activate the server

Security-manager is started by systemd on socket-activation basis. This
means that it won't start unless a client connects to its socket. But
client library attempts to detect off-line mode by checking whether the
service is already running. This leads to erroneous off-line runs when in
fact a message should be sent over socket to activate the service.

This change adds one more step to off-line mode detection. When the service
isn't running, client will send a special NOOP message over socket.
If systemd manages to activate security-manager service, normal on-line
operation is then performed.

Change-Id: I94b1b10af24e3b90d048fe1b96b8d870da785d8b
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
9 years agoRefactor off-line mode detection in client library 59/34459/5
Rafal Krypa [Tue, 27 Jan 2015 15:28:48 +0000 (16:28 +0100)]
Refactor off-line mode detection in client library

Extract the detection into separate class for easy re-use in client library.
The detection method will get additional logic soon, so having it in one
place will be useful.

Change-Id: I561b582eb044bf8f6aa71f090d790c00b7bb3273
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
9 years agoDon't start the service on system boot, rely on socket activation 58/34458/4
Rafal Krypa [Tue, 27 Jan 2015 11:09:14 +0000 (12:09 +0100)]
Don't start the service on system boot, rely on socket activation

Security-manager doesn't need to be started immediately on system boot.
Systemd socket activation is already in place for lazy startup. Also previous
configuration wrongly started security-manager.target, which caused the
service to be launched without sockets passed from systemd.

Change-Id: I7bff7b58a4e016119e651edfefb85a2335b8b31f
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
9 years agoImplementation of client stubs for updating and fetching policy 11/34711/11
Krzysztof Sasiak [Sat, 31 Jan 2015 11:25:19 +0000 (12:25 +0100)]
Implementation of client stubs for updating and fetching policy

Change-Id: I75089fb79488a1660f2270a7140ffc00778e7b7c