From b414b8f4279c35183168494439ed717ce967c8a7 Mon Sep 17 00:00:00 2001 From: Sungbae Yoo Date: Mon, 27 Jun 2016 22:07:29 +0900 Subject: [PATCH] Change zone-provisioning to run hook scripts instead of including Signed-off-by: Sungbae Yoo Change-Id: I4b2195fe8d265efa1beb683092cb8148140e3355 --- server/zone/zone.cpp | 76 +++++++++++++++++++++++++++++++--------------------- 1 file changed, 46 insertions(+), 30 deletions(-) diff --git a/server/zone/zone.cpp b/server/zone/zone.cpp index 6ec860a..8c443df 100644 --- a/server/zone/zone.cpp +++ b/server/zone/zone.cpp @@ -40,6 +40,8 @@ #define ZONE_UID_MIN 60001 #define ZONE_UID_MAX 65000 +#define DEFAULT_SHELL "/bin/bash" + #define ZONE_LAUNCHER_APP "org.tizen.kaskit" #define NOTIFICATION_SUB_ICON_PATH DATA_PATH "/zone_noti_list_sub_icon.png" @@ -61,6 +63,8 @@ const std::vector unitsToMask = { const std::string ZONE_MANIFEST_DIR = CONF_PATH "/zone/"; const std::string ZONE_SKEL_PATH = "/etc/skel"; +const std::string ZONE_CREATE_HOOK_PATH = "/etc/gumd/useradd.d"; +const std::string ZONE_REMOVE_HOOK_PATH = "/etc/gumd/userdel.d"; const std::string ZONE_DEFAULT_OWNER = "owner"; @@ -105,6 +109,43 @@ inline void maskUserServices(const std::string& pivot, const runtime::User& user } } +inline void executeHookScripts(const runtime::User& user, const std::string& path, const std::string& pivot) +{ + std::vector scripts; + char currentDirectory[PATH_MAX]; + + try { + runtime::DirectoryIterator iter(path), end; + + while (iter != end) { + scripts.push_back(iter->getPath()); + ++iter; + } + } catch (runtime::Exception& e) {} + + if (getcwd(currentDirectory, PATH_MAX) == NULL) { + snprintf(currentDirectory, PATH_MAX, "/"); + } + + ::tzplatform_set_user(user.getUid()); + if (chdir(::tzplatform_getenv(TZ_SYS_HOME)) != 0) { + throw runtime::Exception(runtime::GetSystemErrorMessage()); + } + ::tzplatform_reset_user(); + + std::sort(scripts.begin(), scripts.end()); + + for (const std::string& script : scripts) { + execute(DEFAULT_SHELL, script, script, user.getName(), + std::to_string(user.getUid()), + std::to_string(user.getGid()), pivot, "normal"); + } + + if (chdir(currentDirectory) != 0) { + throw runtime::Exception(runtime::GetSystemErrorMessage()); + } +} + inline void setZoneState(uid_t id, int state) { dbus::Connection& systemDBus = dbus::Connection::getSystem(); @@ -540,28 +581,7 @@ int ZoneManager::createZone(const std::string& name, const std::string& manifest std::string pivot = prepareDirectories(user); maskUserServices(pivot, user); - - //initialize package db - execute("/usr/bin/pkg_initdb", "pkg_initdb", - "--uid", std::to_string(user.getUid())); - - //initialize security-manager - execute("/usr/bin/security-manager-cmd", - "security-manager-cmd", "--manage-users=add", - "--uid=" + std::to_string(user.getUid()), - "--usertype=normal"); - - //change group to system_share - runtime::Group systemShareGroup("system_share"); - ::tzplatform_set_user(user.getUid()); - runtime::File appRootDir(::tzplatform_getenv(TZ_USER_APPROOT)); - runtime::File dbDir(::tzplatform_getenv(TZ_USER_DB)); - ::tzplatform_reset_user(); - - appRootDir.chown(user.getUid(), systemShareGroup.getGid()); - appRootDir.chmod(0750); - dbDir.chown(user.getUid(), systemShareGroup.getGid()); - dbDir.chmod(0770); + executeHookScripts(user, ZONE_CREATE_HOOK_PATH, pivot); manifestFile.reset(xml::Parser::parseString(manifest)); ::umask(0077); @@ -607,15 +627,11 @@ int ZoneManager::removeZone(const std::string& name) try { runtime::User user(name); - //remove notification for ckm-tool - execute("/usr/bin/ckm_tool", - "ckm_tool", "-d", std::to_string(user.getUid())); + ::tzplatform_set_user(user.getUid()); + std::string pivot(::tzplatform_getenv(TZ_USER_HOME)); + ::tzplatform_reset_user(); - //initialize security-manager - execute("/usr/bin/security-manager-cmd", - "security-manager-cmd", - "--manage-users=remove", - "--uid=" + std::to_string(user.getUid())); + executeHookScripts(user, ZONE_REMOVE_HOOK_PATH, pivot); //remove zone user user.remove(); -- 2.7.4