INSUN PYO [Tue, 13 Nov 2018 02:19:55 +0000 (11:19 +0900)]
Bug fix: revert wrong workround code(closing gdbus stream)
As comment(on Related fixes #1), glib reports bug on "https://bugzilla.gnome.org/show_bug.cgi?id=734281.
But it is wrong report and is fixed by https://gitlab.gnome.org/GNOME/glib/commit/
bf1a2d707928e129c96af365330b3ac26b04ad15
Related fixes #1
- commit :
94b01a47636b0787c9b39a5a1f3569edbdc593e9
- comment :"Release 0.0.3"
Related fixes #2
- commit :
1c25a3cfa328a407cd2f4af59d8fe3a2b0e59cb0
- comment : "Bug fix: do not close dbus io stream when group/user service was stopped."
Change-Id: I721040da87a97be87de454b670125db1d671ac2e
Signed-off-by: INSUN PYO <insun.pyo@samsung.com>
Karol Lewandowski [Mon, 19 Nov 2018 14:20:20 +0000 (15:20 +0100)]
Remove autotools generated files
This allows us to change license in spec to simple LGPL,
as the "autoconf exception" is added by autoconf itself.
In Tizen GPLv2 autoconf exception is used so this does
not apply anyway.
Change-Id: I2625aed6d365dfe87bb6494448666977ef0d1654
Karol Lewandowski [Tue, 18 Sep 2018 08:53:16 +0000 (10:53 +0200)]
Hack: always look in /etc/passwd when generating user list
Change-Id: I6c5947c5d67553f0e55ab8b7c506c801da67a9f4
Karol Lewandowski [Thu, 13 Sep 2018 12:32:49 +0000 (14:32 +0200)]
Hack: Always check /etc/{passwd,shadow} in addition to defined files
When some users (eg. owner) might be in /opt/etc/passwd and some
("non-stock") are added to /opt/etc/passwd it means we have to
check both files.
Please note group is taken from /etc/group only. Group membership
must not be managed by GUM due to the fact that assigning user to
given group requires altering file which defines the group. Eg.
to add new user to system group 'audio' we would need to modify
/etc/group. This breaks the requirement for rootfs to be read-only.
Change-Id: Ic63605b5f3964f166d3d5cf5332d5ee5175a7d18
Karol Lewandowski [Thu, 9 Aug 2018 10:45:01 +0000 (12:45 +0200)]
Do not assign supplementary groups
Due to splitting password and group database to read-only db (standard
/etc/) and read-writable (/opt/etc/) it might no longer be possible to
add newly created users to system groups. Precisely, adding user to
system given group requires appending user name to /etc/group, which
is on read only partition. It's not possible to add such entry to
/opt/etc/group because it would not only require group name (and id)
duplication, but also it would require changing all the supporting
code to look for multiple group definitions.
To handle above problem gumd will no longer assign group membership at
user creation. It will also use standard /etc/group (and gshadow).
Assiging users to correct groups will be handled by security-manager
nss plugin.
Change-Id: I86af2d41f07f13f0d0e6904cfb7b45fe84594ea7
sanghyeok.oh [Thu, 17 May 2018 05:00:05 +0000 (14:00 +0900)]
dbus-policy: change to default deny policy
Change-Id: Idb3d21a9fc46e1d2450b172af4333642b8d1997d
Signed-off-by: sanghyeok.oh <sanghyeok.oh@samsung.com>
sanghyeok.oh [Tue, 3 Apr 2018 11:46:37 +0000 (20:46 +0900)]
Coverity Fix
Change-Id: I706846a4d3481fe609e30cb4aa35041a376f0e68
Signed-off-by: sanghyeok.oh <sanghyeok.oh@samsung.com>
sanghyeok.oh [Mon, 16 Oct 2017 11:23:50 +0000 (20:23 +0900)]
dbus: add allow rule for org.freedesktop.DBus.Peer.Ping
Change-Id: Iabeaa2d9bcbee9ff2dd67613cd487a7b5376e50b
Signed-off-by: sanghyeok.oh <sanghyeok.oh@samsung.com>
INSUN PYO [Tue, 2 Jan 2018 05:43:05 +0000 (14:43 +0900)]
API: add gum_user_type_to_prefix ()
Signed-off-by: INSUN PYO <insun.pyo@samsung.com>
Change-Id: Idcab8cfec27c8aec1bda66c718bc405b46d38ced
INSUN PYO [Fri, 15 Dec 2017 03:31:37 +0000 (12:31 +0900)]
adjust the uid and secure_uid range
Signed-off-by: INSUN PYO <insun.pyo@samsung.com>
Change-Id: I0d34ced09bb8a949e7d70b29f848ba707069b4a0
sanghyeok.oh [Mon, 11 Dec 2017 02:59:35 +0000 (11:59 +0900)]
Coverity Fix
Change-Id: I3c8da6926230ff3e4e53f2fcc449b0e73c521cca
Signed-off-by: sanghyeok.oh <sanghyeok.oh@samsung.com>
(cherry picked from commit
e8fc72d02063c99ae14b4847a096fd2c9353ae7e)
INSUN PYO [Wed, 22 Nov 2017 07:40:33 +0000 (16:40 +0900)]
spec: Change groupadd to handle in security-manager.
I left groupadd to make this package available from an open source without security-mager.
Signed-off-by: INSUN PYO <insun.pyo@samsung.com>
Change-Id: Id7e1fa341a8588c23bfe4785c9d529e6c81d3b5c
INSUN PYO [Tue, 24 Oct 2017 22:46:30 +0000 (22:46 +0000)]
Coverity fixes.
Signed-off-by: INSUN PYO <insun.pyo@samsung.com>
Change-Id: Ib2991d5795ae915a76c2bf26f2848b997926de42
Signed-off-by: INSUN PYO <insun.pyo@samsung.com>
INSUN PYO [Tue, 24 Oct 2017 22:56:14 +0000 (22:56 +0000)]
Coverity fixes.
Signed-off-by: INSUN PYO <insun.pyo@samsung.com>
Change-Id: I67956e80952b2b1808022807d88bb14ee08cff1b
sanghyeok.oh [Tue, 17 Oct 2017 11:11:14 +0000 (20:11 +0900)]
Coverity Fix
Change-Id: I98f936ca8a91d3465ec24064053030b97f535e56
Signed-off-by: sanghyeok.oh <sanghyeok.oh@samsung.com>
Yunmi Ha [Wed, 27 Sep 2017 05:28:58 +0000 (14:28 +0900)]
Modify create home directory logic
If user's home directory already exists, try to delete it.
And copy files from skel folder.
Change-Id: I68ab2ea9fc603893fced5383ecbae147bef81a4c
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
Yunmi Ha [Fri, 18 Aug 2017 02:27:15 +0000 (11:27 +0900)]
Remove upgrade script file from package.
It is for 2.4 to 3.0 upgrade.
So remove it from 4.0 package.
Change-Id: Ida64af949432df07943b587bfa77904aa7844b15
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
Yunmi Ha [Fri, 11 Aug 2017 05:20:01 +0000 (14:20 +0900)]
Enable ASLR feature
Change-Id: I315f6b1d137f40ade05cfe27e579b5139bf0b3cd
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
Yunmi Ha [Wed, 19 Jul 2017 08:22:39 +0000 (17:22 +0900)]
Change build flag for tv product
%{TIZEN_PRODUCT_TV} will be removed.
So use %{tizen_profile_name} or %{profile} macros instead of it.
%{tizen_profile_name} is for optional features that are not built in Tizen Public OBS.
Change-Id: I3d40fe24d2108467319f820b915649be0aa422f0
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
Hyotaek Shim [Wed, 5 Jul 2017 01:30:46 +0000 (10:30 +0900)]
Use geteuid() to check the current privilege instead of getuid() in gum_utils_gain_privileges()
Change-Id: Ibfaa0091bf5882043e4a01ef87455398d02fef5e
Signed-off-by: Hyotaek Shim <hyotaek.shim@samsung.com>
Yunmi Ha [Tue, 4 Jul 2017 07:27:35 +0000 (16:27 +0900)]
Add warning log: Home directory already exists.
Change-Id: Ibe7afd37ed515588fb2046a2c813d3126a107e6c
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
Signed-off-by: Hyotaek Shim <hyotaek.shim@samsung.com>
INSUN PYO [Wed, 14 Jun 2017 07:59:43 +0000 (16:59 +0900)]
Remove unnecessary privilege change codes (Bypass seteuid(0) when the calling process is root)
While MIC-building a Tizen image, /usr/bin/tpk-backend with libgum calls gum_utils_gain_privileges() and is crashed.
void gum_utils_gain_privileges ()
{
if (seteuid(0)) WARN ("seteuid() failed");
}
It is found that seteuid(0) system calls with created threads
result in Segmentation Fault (SIGSEGV) in qemu-arm 2.7 and even in up-to-date qemu-arm 2.9
void *thread_main(void *);
int main(void) {
int status;
pthread_t thread;
pthread_create(&thread, NULL, &thread_main, NULL); <-- After creating a thread
sleep(1);
seteuid(0); <-- Call seteuid(0)
pthread_join(thread, (void **)&status);
return 0;
}
void *thread_main(void *arg) {
printf ("Thread.\n");
pause();
}
$) armv7l-tizen-linux-gnueabi-c++ -static -o test test.cc -lpthread
$) qemu-arm test
Segmentation fault (core dumped)
It seems a kind of QEMU bug.
When this patch (https://bugs.launchpad.net/qemu/+bug/1594394) is applied to QEMU 2.9, the problem is resolved.
To avoid the crash during MIC build without the qemu patch, this workaround patch needs to be submitted.
Signed-off-by: INSUN PYO <insun.pyo@samsung.com>
Change-Id: I59a3d37a43864e0f4147c8088fe21db3ad692df5
Signed-off-by: Hyotaek Shim <hyotaek.shim@samsung.com>
Yunmi Ha [Fri, 7 Apr 2017 06:59:28 +0000 (23:59 -0700)]
Merge "Modify gumd.conf to support read-only rootfs" into tizen
Yunmi Ha [Mon, 3 Apr 2017 02:17:53 +0000 (11:17 +0900)]
Add license file to wearable package
Need to install license file per each rpm package.
Add license file to separated profile package.
Change-Id: I677707c039ec0f5427e18ace5c2dc8b52d4f9203
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
Yunmi Ha [Tue, 28 Mar 2017 06:28:25 +0000 (15:28 +0900)]
Merge branch 'tizen_3.0' into tizen
Change-Id: I2747a894466e30fd2a2d8b12cb4cf8964e0afa2a
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
Yunmi Ha [Mon, 27 Mar 2017 07:49:13 +0000 (16:49 +0900)]
Install license file to /usr/share/licenses
Need to install license file per each rpm package.
Add this logic for gum-utils/ libgum package.
Change-Id: I5544b115fb9494d97e048122061463be9a6ddca0
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
Yunmi Ha [Mon, 20 Mar 2017 08:12:19 +0000 (17:12 +0900)]
Install license file to /usr/share/license
Need to install license file to /usr/share/license.
So add install logic and add it to rpm package.
Change-Id: Ie8ec4a99951cb2dc0364a95ac00494facb0c0c09
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
Silas Jeon [Mon, 27 Feb 2017 10:43:28 +0000 (19:43 +0900)]
Fix error when built with TIZEN_PRODUCT_TV = 1
It makes error with TIZEN_PRODUCT_TV = 1 condition. The cause of the
error is that it does not copy gumd.service.wearable file but it
still needs that. Spec file is modified so that it always copies that
file. Removing wearable rpm when TIZEN_PRODUCT_TV is set seems more
reasonable, so that can be applied later.
Change-Id: I4c2511b6bdf7ccdae9892d23cf6815143b1f0e1f
silas jeon [Wed, 18 Jan 2017 09:22:35 +0000 (18:22 +0900)]
Modify gumd.conf to support read-only rootfs
Root filesystem will be mounted as read-only soon, so some files and directori-
s in /etc are moved to /opt/etc. skel, passwd, shadow, group, gshadow are the
objects, so gumd should handle them directly on /opt/etc
Change-Id: Ic8f38f223f8b28d5d59b80860fd959ae600bd64d
Yunmi Ha [Mon, 9 Jan 2017 06:36:21 +0000 (22:36 -0800)]
Merge "[4.0] Remove profile build dependency of wearble" into tizen
Yunmi Ha [Wed, 4 Jan 2017 06:28:19 +0000 (15:28 +0900)]
Merge branch 'tizen_3.0' into tizen
Change-Id: I4dcad5bc8df8dd76f147395ef9de002876802e44
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
Yunmi Ha [Mon, 2 Jan 2017 05:50:42 +0000 (21:50 -0800)]
Merge "Fix logic for set Home directory's smack label" into tizen_3.0
Sunmin Lee [Tue, 13 Dec 2016 06:19:50 +0000 (15:19 +0900)]
Upgrade: exclude upgrade script directory
The upgrade script directory (/usr/share/upgrade/scripts) is
part of filesystem, thus it doesn't need to be in this package.
Change-Id: Ic321fdb2112274421ae151681ca674acd50b9f23
Signed-off-by: Sunmin Lee <sunm.lee@samsung.com>
Yunmi Ha [Mon, 2 Jan 2017 04:12:32 +0000 (13:12 +0900)]
Support RO rootfs for all profiles
Before this patch, RO rootfs was supported only for TV profile.
So remove the profile checking logic, and support RO mount for all profiles.
Change-Id: Id802fc8843ea8e346c6dc85910705adfad0cff1a
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
Yunmi Ha [Mon, 26 Dec 2016 09:09:28 +0000 (18:09 +0900)]
Fix logic for set Home directory's smack label
Home directory's smack should be different with skel folder.
After copy file attributes from skel folder,
set home directory's own smack label.
(This can be set using gumd.config)
Change-Id: Ie9532f3e011968d32a05947eeb4d3ab4987ec75f
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
Yunmi Ha [Wed, 28 Dec 2016 08:13:53 +0000 (17:13 +0900)]
Change /etc/.pwd.lock file's path for RO mount
If mount /etc directory as readonly, lckpwdf API always return fail.
(Because lckpwdf API try to access /etc/.pwd.lock file as writable permition)
So almost gumd API return fail also.
For this, gumd makes /opt/etc/.pwd.lock and make symbolic link in /etc.
(Now..this is only for TV profile.)
Change-Id: I19f5f9fba0512bcc24c7fecde0bf4a8541df5d28
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
Sunmin Lee [Tue, 13 Dec 2016 06:19:50 +0000 (15:19 +0900)]
Upgrade: exclude upgrade script directory
The upgrade script directory (/usr/share/upgrade/scripts) is
part of filesystem, thus it doesn't need to be in this package.
Change-Id: Ic321fdb2112274421ae151681ca674acd50b9f23
Signed-off-by: Sunmin Lee <sunm.lee@samsung.com>
Yunmi Ha [Fri, 9 Dec 2016 02:06:58 +0000 (11:06 +0900)]
Merge branch 'tizen_3.0' into tizen
Change-Id: I29db5357fcaed8dd78c8a10d923c030b14615c0b
wchang kim [Fri, 2 Dec 2016 07:57:37 +0000 (16:57 +0900)]
Adding the priority numner to the filename of gumd_upgrade.sh
Change-Id: Idaab36de2eecb5fe2e6bc8e1e29ea4bfeea051e6
Signed-off-by: Woochang Kim <wchang.kim@samsung.com>
Yunmi Ha [Thu, 1 Dec 2016 09:12:51 +0000 (18:12 +0900)]
Fix memory leak
Dynamic memory referenced by 'key' was allocated.
But it was not freed when error was occured at other side.
Change-Id: I18dde46af50f94c5113d102e445711c0083946c0
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
lokilee73 [Wed, 23 Nov 2016 11:27:27 +0000 (20:27 +0900)]
merge 99588
Change-Id: I4008f170f67533525a6e1df593dd7db05468f554
Signed-off-by: lokilee73 <changjoo.lee@samsung.com>
Yunmi Ha [Wed, 23 Nov 2016 09:54:09 +0000 (18:54 +0900)]
Add audio group to DEFAULT_USR_GROUPS config.
If user is not member of audio group, all audio/radio API returns fail.
So add audio group to user's default group.
Change-Id: If17ddc5bc2071ce46ffcedb12552cf66711e97cd
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
Yunmi Ha [Tue, 22 Nov 2016 01:55:33 +0000 (10:55 +0900)]
Bug fix: do not close dbus io stream when group/user service was stopped.
Reason:
group/user services are run each other and share same parents connection.
However, when one service terminates, close a common IO stream.
So remained service has a problem with that IO stream.
Fix:
When main dbus service(usermanagement) is stopped, close IO stream.
(Move logic)
Change-Id: Iac30465b2c8a927934f9b3595a204833098168a1
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
MyungJoo Ham [Tue, 27 Sep 2016 04:36:37 +0000 (04:36 +0000)]
[4.0] Remove profile build dependency of wearble
- This is for Tizen 4.0 (tizen branch only)
- When this is SR'ed, you need to create JIRA-TRE issue:
Add gumd-profile_wearable for wearable profile.
Change-Id: Ia8bd0328f1a075ff7df9fb68e3344fae28f829af
Signed-off-by: MyungJoo Ham <myungjoo.ham@samsung.com>
Yunmi Ha [Wed, 21 Sep 2016 06:58:23 +0000 (15:58 +0900)]
Remove "GPL-3.0+" from spec file.
Only need to be applied GPL-3.0 license for autoconf file. (m4)
Change-Id: Ia3f14480c15e7f31adb052b096a7d4ec072a59e0
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
Yunmi Ha [Mon, 12 Sep 2016 01:13:26 +0000 (10:13 +0900)]
Add gumd_upgrade.sh for 3.0 migration.
gumd_upgrade.sh script will be excuted when flatform upgrade to 3.0 from 2.4.
This script only create default user's info file.
Change-Id: Ia08de528e3c90e4abe5a285d604725882852321b
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
Yunmi Ha [Thu, 8 Sep 2016 01:28:29 +0000 (10:28 +0900)]
Update: remove type and serverdir from dbus config file.
Dbus determines the type and serverdir base on location of config file.
Change-Id: I52ec5ff9d240cba41abbb272f33ff30d565f773c
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
Yunmi Ha [Thu, 1 Sep 2016 03:39:59 +0000 (12:39 +0900)]
Update: Not install gumd.service file with TV profile.
gumd.service file istallation was failed cause of security policy.
So when build TV profile, package doesn't install gumd.service.
And gumd will works as dbus service.
Change-Id: I35bcc43f3c9f8e93515bb072b4e020d348db6d2b
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
Yunmi Ha [Wed, 24 Aug 2016 07:49:39 +0000 (16:49 +0900)]
Update: add checking home directory logic
When update user data, check home directory.
If home directory is not exists, create home directory
and run user add post scripts.
(This is for tizen 3.0 migration)
Change-Id: If609186d8a0c154eac05b38a01903ad08e78dce6
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
Yunmi Ha [Fri, 29 Jul 2016 01:14:41 +0000 (10:14 +0900)]
Change chown to lchown
For dereferencing symbolic link when copy home(skel) directory,
change the api.
Change-Id: Ibc67cab8dc3ca91afdd0d27f631e206ce961c9c6
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
Yunjin Lee [Wed, 20 Jul 2016 12:31:32 +0000 (21:31 +0900)]
Set SmackProcessLabel in service file according to the profile
Change-Id: I2228ad4a335ee9b06f0a2f088cec0bc6afaf0a9a
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunmi Ha [Mon, 18 Jul 2016 08:50:56 +0000 (17:50 +0900)]
Change daemon timeout to 30sec
There are several timing issue was occured caused by short daemon timeout.
So change timeout : 7sec to 30sec.
Change-Id: I5db74a3e51b6536d6ecf479724c7faaba3556720
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
Yunmi Ha [Thu, 7 Jul 2016 02:48:00 +0000 (11:48 +0900)]
Appy ASLR
For security, apply ASLR
Change-Id: I4a71027eca245126616c388280f3c18d2168f64f
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
Yunmi Ha [Tue, 5 Jul 2016 23:30:35 +0000 (16:30 -0700)]
Merge "Fix bug - add daemon timeout" into tizen
Yunmi Ha [Tue, 5 Jul 2016 08:10:03 +0000 (17:10 +0900)]
Fix bug - add daemon timeout
Now, gumd daemon is not ended. (daemon timeout does not work.)
Add release reference logic for dbus adapter, and set timeout to 7 sec.
Change-Id: I43ae1605a2cfabce008beec6ad93bd24345e41ea
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
Yunmi Ha [Tue, 5 Jul 2016 04:40:16 +0000 (13:40 +0900)]
Remove smack capability
with wearable profile, CAP_MAC_ADMIN and CAP_MAC_OVERRIDE capabilities are removed.
(can't use useradd/del/modify function without offline option.)
with other profile, only CAP_MAC_OVERRIDE capability is removed.
For this, gumd launcher was changed to systemd.
Change-Id: Ic95fceed41afc41e37e93606c3abf830536ac7d6
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
Yunmi Ha [Sun, 3 Jul 2016 23:53:19 +0000 (08:53 +0900)]
Add security usertype
For security-container user, add new usertype.
This usertype has indivisual uid range, and can't listup to any normal user.
Change-Id: Ib48aa4715439639bb879732d943f2444fb1362e1
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
Yunmi Ha [Wed, 29 Jun 2016 08:10:06 +0000 (17:10 +0900)]
Change user default home directory
before: user default directory = /home
After: user default directory = $TZ_SYS_HOME$
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
Change-Id: I1e4900b8a97544f3eff12a71346a9fee21ffe304
Yunmi Ha [Thu, 16 Jun 2016 05:22:29 +0000 (14:22 +0900)]
Fix static-analyze issues (adding validation code)
gumd-dbus-server-p2p.c: fix bug - compare operation was incorrect.
gumd-dbus-server-msg-bus.c: Add null check logic.
gum-crypt.c: Add initialize code.
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
Change-Id: I5aec55c14b9312c42451f94ed996435af5bedc52
Yunmi Ha [Tue, 24 May 2016 01:48:56 +0000 (10:48 +0900)]
Fix --offline option bug - missing condition check
There is missed 'offline' option checking when create user service.
If 'offline' mode was given, should be processed without any dbus connection.
Change-Id: Ibd36985cb5fe444a4e82c93e8b565ef64bdddb89
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
Yunmi Ha [Tue, 17 May 2016 04:22:55 +0000 (13:22 +0900)]
Add license info
GPL-3.0-with-autoconf-exception
GPL-3.0+
Change-Id: I3710b745ce2368e7c0607e1f555f6148ac3c4aae
Yunmi Ha [Thu, 24 Mar 2016 08:16:25 +0000 (17:16 +0900)]
Fix svace issues for Tizen_3.0_TV_Prebeta
replace thread unsafe function- strerror
and change function call order
Change-Id: I8d49b3df607788110538553af57c186df04ed52c
Suchang Woo [Thu, 18 Feb 2016 00:38:26 +0000 (09:38 +0900)]
Remove a profile specific configuration
Signed-off-by: Suchang Woo <suchang.woo@samsung.com>
Change-Id: Ife2486e6ebf5b3fc00207e967b9c066eb6a92d2f
Lukasz Kostyra [Thu, 11 Feb 2016 13:42:28 +0000 (14:42 +0100)]
Remove audio group from normal users
Assigning normal users to group audio allows them to modify sound
related configuration using ALSA library, which bypasses privilege
checking. Removal of audio supplementary group fixes the issue.
Change-Id: I8f418480bca0a5d90e25842bbe9d94dcbe148f7c
Signed-off-by: Lukasz Kostyra <l.kostyra@samsung.com>
Youmin Ha [Thu, 24 Sep 2015 05:27:25 +0000 (14:27 +0900)]
Fix privilege name from usermanagement to internal/usermanagement
According to the commit https://review.tizen.org/gerrit/#/c/48637, the
privilege is changed to
http://tizen.org/privilege/internal/usermanagement
Change-Id: I7e709da6516b5c6256f2d5d247f114a979563e83
Signed-off-by: Youmin Ha <youmin.ha@samsung.com>
Hurnjoo Lee [Mon, 14 Sep 2015 07:11:31 +0000 (16:11 +0900)]
Change dbus service polivcy
* remove http://tizen.org/privilege/usermanagement.get privilege. This patch will allow all users to use get apis.
* remove .temp suffix of privilege.
Change-Id: Ia66e3cf98364332a6db470eaeafe64ebcb01be2b
Signed-off-by: Hurnjoo Lee <hurnjoo.lee@samsung.com>
Suchang Woo [Wed, 20 May 2015 05:29:28 +0000 (14:29 +0900)]
Add ".temp" suffix to non-public privileges
The following privileges are not public ones.
- http://tizen.org/privilege/usermanagement.set
- http://tizen.org/privilege/usermanagement.get
These privileges will be changed. To separate non-public and public
privileges, ".temp" suffix is added.
Signed-off-by: Suchang Woo <suchang.woo@samsung.com>
Change-Id: I262676f363ca751fea3d6fc47ece1883ffbbc3f2
Suchang Woo [Wed, 20 May 2015 07:54:30 +0000 (16:54 +0900)]
Fix gum-utils segfault when getting user list without usertypes
If usertypes argument is not specified, NULL is passed to g_strsplit().
It makes a segmentation fault.
Signed-off-by: Suchang Woo <suchang.woo@samsung.com>
Change-Id: I56d35a0afe9afadb5cdb592c546ca88554fa4951
Suchang Woo [Fri, 15 May 2015 05:26:45 +0000 (14:26 +0900)]
Add default admin groups
Admin user should be added to the groups that the normal user is added to
Signed-off-by: Suchang Woo <suchang.woo@samsung.com>
Change-Id: I9365d9884379f48667b5dc43eeebf59a3981f673
Hurnjoo Lee [Wed, 29 Apr 2015 12:03:59 +0000 (21:03 +0900)]
Apply D-bus service policy
* Apply D-bus service policy.
* Add privilege checks.
Change-Id: I4603e710e8aaf863bb51f0a42487fc31386080c6
Signed-off-by: Hurnjoo Lee <hurnjoo.lee@samsung.com>
Hurnjoo Lee [Thu, 23 Apr 2015 04:28:06 +0000 (13:28 +0900)]
Fix the bug that create abnormal user
In case there was wrong group in DEFAULT_USR_GROUP, user home directory was not created.
This patch will prevent abnormal termination of creating user by wrong default groups.
Change-Id: I74176fbce066ec160d518b228a2f7bd019de4d52
Signed-off-by: Hurnjoo Lee <hurnjoo.lee@samsung.com>
Minkyu Kang [Mon, 16 Feb 2015 06:00:01 +0000 (15:00 +0900)]
daemon: remove unknown user when getting normal user list
If user does not have any types then gumd will give normal user type forced
So there were included so many noise users
This patch will collect absolute normal type users
Change-Id: Id178dd9591eeef68948f946b46c16aedc96153e9
Signed-off-by: Minkyu Kang <mk7.kang@samsung.com>
Minkyu Kang [Mon, 16 Feb 2015 05:58:07 +0000 (14:58 +0900)]
Adds support the icon property
The Icon property will be saved at /var/lib/gumd/user/[uid] file
This file follow .ini file format
[User]
Icon=/usr/share/icons/user.png
So if we need to add new properties, this file can be expanded easily
Change-Id: I17f8ce3eb5f8a0e834678c3cca74a2a69cd87a97
Signed-off-by: Minkyu Kang <mk7.kang@samsung.com>
Imran Zaman [Tue, 17 Feb 2015 14:37:22 +0000 (16:37 +0200)]
Merge branch 'upstream' into tizen
Change-Id: I1d16ba303f254641f6f4a6657440c7aea5e21714
Signed-off-by: Imran Zaman <imran.zaman@intel.com>
Imran Zaman [Tue, 17 Feb 2015 13:00:53 +0000 (15:00 +0200)]
Merge branch 'devel' into upstream
Change-Id: Id66c04b2dbf7712805df5bdb8e19f36ef20edc28
Imran Zaman [Tue, 17 Feb 2015 13:29:12 +0000 (15:29 +0200)]
tizen: release 1.0.8
Change-Id: Ib5c30accb8aad2e825a29b87411cc7473f4af8bf
Signed-off-by: Imran Zaman <imran.zaman@intel.com>
Imran Zaman [Tue, 17 Feb 2015 13:00:53 +0000 (15:00 +0200)]
Merge branch 'devel' into upstream
Change-Id: Id66c04b2dbf7712805df5bdb8e19f36ef20edc28
Imran Zaman [Tue, 17 Feb 2015 12:30:25 +0000 (14:30 +0200)]
Renamed dbus interface with prefix org.O1
Change-Id: Ie9b82ef0604a39f6421f0a341c2e751345576cae
Imran Zaman [Tue, 10 Feb 2015 13:44:15 +0000 (15:44 +0200)]
Setting explicit values for Tizen:Common
This values are best suited for the current state of Tizen:Common.
Signed-off-by: José Bollo <jose.bollo@open.eurogiciel.org>
Imran Zaman [Mon, 9 Feb 2015 15:19:49 +0000 (17:19 +0200)]
Fixed copying of extended attributes from skel folder
Signed-off-by: Imran Zaman <imran.zaman@intel.com>
Imran Zaman [Mon, 9 Feb 2015 15:46:03 +0000 (17:46 +0200)]
Fixed copying of extended attributes from skel folder
Change-Id: I0fe8012baab1ce593820043323ec4042dc32dc28
Signed-off-by: Imran Zaman <imran.zaman@intel.com>
Imran Zaman [Thu, 5 Feb 2015 17:45:43 +0000 (19:45 +0200)]
Fixed gum-utils documentation
Change-Id: Ibd36e8d518ce3f5f547d1caadbb1397c6eff4629
Signed-off-by: Imran Zaman <imran.zaman@intel.com>
José Bollo [Thu, 5 Feb 2015 15:27:13 +0000 (16:27 +0100)]
Adding default groups for Tizen:Common
Change-Id: I5930b84c0f47a5ebdae02d50d5ef259061e79901
Signed-off-by: José Bollo <jose.bollo@open.eurogiciel.org>
jlaako [Thu, 29 Jan 2015 13:08:27 +0000 (15:08 +0200)]
Merge pull request #23 from 01org/devel
Added APIs for fetching users based on the type
Imran Zaman [Wed, 28 Jan 2015 12:11:16 +0000 (14:11 +0200)]
Added APIs for fetching users based on the user type
Change-Id: Ica95501ea531f68a0b228709b807078f580836e6
Signed-off-by: Imran Zaman <imran.zaman@intel.com>
Imran Zaman [Wed, 28 Jan 2015 17:22:25 +0000 (19:22 +0200)]
Convert types to array of strings for fetching user list
Imran Zaman [Thu, 15 Jan 2015 14:36:53 +0000 (16:36 +0200)]
Added APIs for fetching users based on the user type
jlaako [Fri, 16 Jan 2015 17:01:43 +0000 (19:01 +0200)]
Merge pull request #22 from 01org/devel
Devel
Imran Zaman [Fri, 16 Jan 2015 15:31:06 +0000 (17:31 +0200)]
Add new user to audio and video groups on creation
Signed-off-by: Imran Zaman <imran.zaman@intel.com>
Imran Zaman [Thu, 15 Jan 2015 15:46:22 +0000 (17:46 +0200)]
Added separate configuration file Tizen IVI
Newly created users are added to weston-launch group for Tizen IVI
Change-Id: Ie979a002872ebee5b1369ce2c1bddbbf4edd7f54
Fixed Bug TC-2342
Signed-off-by: Imran Zaman <imran.zaman@intel.com>
Imran Zaman [Thu, 15 Jan 2015 15:38:39 +0000 (17:38 +0200)]
Added separate configuration file Tizen IVI
Newly created users are added to weston-launch group for Tizen IVI
Signed-off-by: Imran Zaman <imran.zaman@intel.com>
Imran Zaman [Tue, 16 Dec 2014 17:25:53 +0000 (19:25 +0200)]
fix spec file for yocto complaiance
jlaako [Thu, 27 Nov 2014 14:45:21 +0000 (16:45 +0200)]
Merge pull request #21 from 01org/devel
Updated inputs for scripts e.g. usertype to useradd script
Imran Zaman [Thu, 27 Nov 2014 14:19:49 +0000 (16:19 +0200)]
tizen: release 1.0.3
Change-Id: I62d64ca7375add3a1aefe095a30fa62f33984796
Signed-off-by: Imran Zaman <imran.zaman@intel.com>
Imran Zaman [Thu, 27 Nov 2014 13:34:32 +0000 (15:34 +0200)]
Updated inputs for scripts e.g. usertype to useradd script
Change-Id: Id91ac7876fab38dd28f87322e63bad42c544abb1
Signed-off-by: Imran Zaman <imran.zaman@intel.com>
Imran Zaman [Thu, 27 Nov 2014 13:32:48 +0000 (15:32 +0200)]
Updated inputs for scripts e.g. usertype to useradd script
jlaako [Wed, 19 Nov 2014 16:00:37 +0000 (18:00 +0200)]
Merge pull request #20 from 01org/devel
Devel
Imran Zaman [Wed, 19 Nov 2014 15:55:23 +0000 (17:55 +0200)]
Fixed bug TC-2131
Change-Id: I2f942c810a129901821048a29e2000fdbbeb3a0b
Signed-off-by: Imran Zaman <imran.zaman@intel.com>
Imran Zaman [Wed, 19 Nov 2014 15:49:06 +0000 (17:49 +0200)]
Fixed bug TC-2131, where gumd was not able to handle config changes
Change-Id: I8d67d4d2ee42864301bc8feba34f04d5a4483a77
Signed-off-by: Imran Zaman <imran.zaman@intel.com>
Imran Zaman [Wed, 19 Nov 2014 15:44:14 +0000 (17:44 +0200)]
Fixed bug TC-2131, where gumd was not able to handle config changes