From b9407d9ac8c9d89d96dbf8a83d6da96a66bc1031 Mon Sep 17 00:00:00 2001
From: jongmyeongko <jongmyeong.ko@samsung.com>
Date: Wed, 24 Feb 2016 15:48:00 +0900
Subject: [PATCH] modification for seperation of RO/RW location

Change-Id: I1c6123fabe5dfedcceacd7962908f2536cc03b69
Signed-off-by: jongmyeongko <jongmyeong.ko@samsung.com>
---
 CMakeLists.txt             |  10 +-
 packaging/pkgmgr-tool.spec |   4 -
 src/pkg_initdb.c           |  23 ++++-
 src/pkg_install_ug.c       |  91 -----------------
 src/pkg_privilege.c        | 249 ---------------------------------------------
 5 files changed, 19 insertions(+), 358 deletions(-)
 delete mode 100644 src/pkg_install_ug.c
 delete mode 100644 src/pkg_privilege.c

diff --git a/CMakeLists.txt b/CMakeLists.txt
index 3e541e7..8123f61 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -29,7 +29,7 @@ FOREACH(flag ${pkgs_initdb_CFLAGS})
 	SET(EXTRA_CFLAGS "${EXTRA_CFLAGS} ${flag}")
 ENDFOREACH(flag)
 
-pkg_check_modules(pkgs_test REQUIRED dlog glib-2.0 libxml-2.0 bundle pkgmgr-parser pkgmgr-info libtzplatform-config security-manager pkgmgr security-privilege-manager)
+pkg_check_modules(pkgs_test REQUIRED dlog glib-2.0 libxml-2.0 bundle pkgmgr-parser pkgmgr-info libtzplatform-config)
 FOREACH(flag ${pkgs_test_CFLAGS})
 	SET(EXTRA_CFLAGS "${EXTRA_CFLAGS} ${flag}")
 ENDFOREACH(flag)
@@ -50,14 +50,6 @@ ADD_EXECUTABLE(pkginfo src/pkg_info.c)
 TARGET_LINK_LIBRARIES(pkginfo pkgmgr-client pkgmgr_installer ${pkgs_test_LDFLAGS})
 INSTALL(TARGETS pkginfo DESTINATION bin)
 
-ADD_EXECUTABLE(pkg_privilege src/pkg_privilege.c)
-TARGET_LINK_LIBRARIES(pkg_privilege ${pkgs_test_LDFLAGS})
-INSTALL(TARGETS pkg_privilege DESTINATION bin)
-
-ADD_EXECUTABLE(pkg_install_ug src/pkg_install_ug.c)
-TARGET_LINK_LIBRARIES(pkg_install_ug ${pkgs_test_LDFLAGS})
-INSTALL(TARGETS pkg_install_ug DESTINATION bin)
-
 ADD_EXECUTABLE(pkg_getsize src/pkg_getsize.c)
 TARGET_LINK_LIBRARIES(pkg_getsize pkgmgr-client pkgmgr_installer ${pkgs_test_LDFLAGS})
 INSTALL(TARGETS pkg_getsize DESTINATION bin)
diff --git a/packaging/pkgmgr-tool.spec b/packaging/pkgmgr-tool.spec
index 33b8f9f..24e84be 100644
--- a/packaging/pkgmgr-tool.spec
+++ b/packaging/pkgmgr-tool.spec
@@ -19,12 +19,10 @@ BuildRequires:  pkgconfig(bundle)
 BuildRequires:  pkgconfig(pkgmgr-info)
 BuildRequires:  pkgconfig(iniparser)
 BuildRequires:  pkgconfig(libtzplatform-config)
-BuildRequires:  pkgconfig(security-manager)
 BuildRequires:  pkgconfig(xdgmime)
 BuildRequires:  pkgconfig(db-util)
 BuildRequires:  pkgconfig(libsmack)
 BuildRequires:  pkgconfig(pkgmgr)
-BuildRequires:  pkgconfig(security-privilege-manager)
 BuildRequires:  pkgmgr-info-parser-devel
 BuildRequires:  pkgmgr-info-parser
 BuildRequires:  fdupes
@@ -70,8 +68,6 @@ pkg_initdb
 %attr(755,root,root) %{_sysconfdir}/gumd/useradd.d/10_package-manager-add.post
 %{_bindir}/pkg_getsize
 %{_bindir}/pkg_clearcache
-%{_bindir}/pkg_privilege
-%{_bindir}/pkg_install_ug
 %{_bindir}/pkginfo
 %{_datadir}/mime/packages/mime.wac.xml
 %{_datadir}/mime/packages/mime.tpk.xml
diff --git a/src/pkg_initdb.c b/src/pkg_initdb.c
index 419df75..9c0ecac 100644
--- a/src/pkg_initdb.c
+++ b/src/pkg_initdb.c
@@ -153,6 +153,7 @@ int main(int argc, char *argv[])
 {
 	int ret;
 	const char *dir;
+	const char *dir_rw;
 	uid_t uid = 0;
 
 	if (!_is_authorized()) {
@@ -171,11 +172,23 @@ int main(int argc, char *argv[])
 		return -1;
 	}
 
-	if (!_is_global(uid))
+	if (_is_global(uid)) {
+		/* first, RO location */
+		dir = tzplatform_getenv(TZ_SYS_RO_PACKAGES);
+		ret = _initdb_load_directory(uid, dir);
+
+		/* second, RW location */
+		dir_rw = tzplatform_getenv(TZ_SYS_RW_PACKAGES);
+		if (dir && dir_rw)
+			if (strcmp(dir, dir_rw))
+				ret = _initdb_load_directory(uid, dir);
+	} else {
+		/* specified user location */
 		tzplatform_set_user(uid);
-	dir = tzplatform_getenv(
-			_is_global(uid) ? TZ_SYS_RW_PACKAGES : TZ_USER_PACKAGES);
-	tzplatform_reset_user();
+		dir = tzplatform_getenv(TZ_USER_PACKAGES);
+		ret = _initdb_load_directory(uid, dir);
+		tzplatform_reset_user();
+	}
 
-	return _initdb_load_directory(uid, dir);
+	return ret;
 }
diff --git a/src/pkg_install_ug.c b/src/pkg_install_ug.c
deleted file mode 100644
index 7b3bb48..0000000
--- a/src/pkg_install_ug.c
+++ /dev/null
@@ -1,91 +0,0 @@
-#include <stdio.h>
-#include <string.h>
-#include <errno.h>
-#include <unistd.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <linux/limits.h>
-
-#include <glib.h>
-
-#include <pkgmgr_parser.h>
-#include <tzplatform_config.h>
-
-#define OWNER_ROOT 0
-#define GLOBAL_USER tzplatform_getuid(TZ_SYS_GLOBALAPP_USER)
-#define UG_CLIENT tzplatform_mkpath(TZ_SYS_BIN, "ug-client")
-
-static int _check_bin_directory(const char *pkgid)
-{
-	const char *path;
-	char buf[PATH_MAX];
-
-	path = tzplatform_mkpath(TZ_SYS_RO_APP, pkgid);
-	snprintf(buf, sizeof(buf), "%s/bin", path);
-
-	if (access(buf, F_OK) == 0)
-		return 0;
-
-	if (mkdir(buf, S_IRWXU | S_IRGRP | S_IXGRP | S_IXOTH)) {
-		printf("create bin directory(%s) failed: %s\n", buf,
-				strerror(errno));
-		return -1;
-	}
-
-	return 0;
-}
-
-static void _application_cb(gpointer data, gpointer user_data)
-{
-	int ret;
-	application_x *app = (application_x *)data;
-	package_x *pkg = (package_x *)user_data;
-
-	if (app->exec == NULL || app->ui_gadget == NULL ||
-			strcasecmp(app->ui_gadget, "true") != 0)
-		return;
-
-	if (_check_bin_directory(pkg->package))
-		return;
-
-	ret = symlink(UG_CLIENT, app->exec);
-	if (ret != 0)
-		printf("failed to install ug %s: %s\n", app->exec,
-				strerror(errno));
-}
-
-static int _install_ug(char *manifest)
-{
-	package_x *pkg;
-
-	pkg = pkgmgr_parser_process_manifest_xml(manifest);
-	if (pkg == NULL) {
-		printf("Parse manifest failed\n");
-		return -1;
-	}
-
-	g_list_foreach(pkg->application, _application_cb, pkg);
-	pkgmgr_parser_free_manifest_xml(pkg);
-
-	return 0;
-}
-
-static void _print_usage(const char *cmd)
-{
-	printf("usage: %s <manifest>\n", cmd);
-}
-
-int main(int argc, char *argv[])
-{
-	if (getuid() != OWNER_ROOT && getuid() != GLOBAL_USER) {
-		printf("Only root or tizenglobalapp user is allowed\n");
-		return -1;
-	}
-
-	if (argc < 2) {
-		_print_usage(argv[0]);
-		return -1;
-	}
-
-	return _install_ug(argv[1]);
-}
diff --git a/src/pkg_privilege.c b/src/pkg_privilege.c
deleted file mode 100644
index abac983..0000000
--- a/src/pkg_privilege.c
+++ /dev/null
@@ -1,249 +0,0 @@
-#include <stdio.h>
-#include <string.h>
-#include <unistd.h>
-#include <sys/types.h>
-#include <linux/limits.h>
-
-#include <glib.h>
-
-#include <tzplatform_config.h>
-#include <security-manager.h>
-#include <privilege_manager.h>
-#include <pkgmgr_parser.h>
-
-#define OWNER_ROOT 0
-#define GLOBAL_USER tzplatform_getuid(TZ_SYS_GLOBALAPP_USER)
-
-static int _convert_privilege_for_compatibility(const char *api_version,
-		GList *in_priv, GList **out_priv)
-{
-	int ret;
-
-	if (g_list_length(in_priv) == 0)
-		return 0;
-
-	ret = privilege_manager_get_mapped_privilege_list(api_version,
-			PRVMGR_PACKAGE_TYPE_CORE, in_priv, out_priv);
-	if (ret != PRVMGR_ERR_NONE) {
-		printf("privilege_manager_get_mapped_privilege_list error: "
-				"%d\n",	ret);
-		return -1;
-	}
-
-	return 0;
-}
-
-static const char *_get_pkg_root_path(const char *pkgid)
-{
-	const char *path;
-	uid_t uid = getuid();
-
-	tzplatform_set_user(uid);
-	path = tzplatform_mkpath((uid == OWNER_ROOT || uid == GLOBAL_USER) ?
-			TZ_SYS_RO_APP : TZ_USER_APP, pkgid);
-	tzplatform_reset_user();
-
-	return path;
-}
-
-struct path_type {
-	const char *path;
-	enum app_install_path_type type;
-};
-
-struct path_type path_type_map[] = {
-	{"/", SECURITY_MANAGER_PATH_PUBLIC_RO},
-	{"/bin", SECURITY_MANAGER_PATH_RO},
-	{"/data", SECURITY_MANAGER_PATH_RW},
-	{"/cache", SECURITY_MANAGER_PATH_RW},
-	{"/lib", SECURITY_MANAGER_PATH_RO},
-	{"/res", SECURITY_MANAGER_PATH_RO},
-	{"/shared", SECURITY_MANAGER_PATH_PUBLIC_RO},
-	{NULL, SECURITY_MANAGER_ENUM_END}
-};
-
-static app_inst_req *_prepare_request(const char *pkgid, const char *appid)
-{
-	int ret;
-	app_inst_req *req;
-	const char *root_path;
-	char buf[PATH_MAX];
-	int i;
-
-	if (security_manager_app_inst_req_new(&req)) {
-		printf("security_manager_app_inst_req_new failed\n");
-		return NULL;
-	}
-
-	ret = security_manager_app_inst_req_set_pkg_id(req, pkgid);
-	if (ret != SECURITY_MANAGER_SUCCESS) {
-		printf("set pkgid failed: %d\n", ret);
-		security_manager_app_inst_req_free(req);
-		return NULL;
-	}
-
-	ret = security_manager_app_inst_req_set_app_id(req, appid);
-	if (ret != SECURITY_MANAGER_SUCCESS) {
-		printf("set appid failed: %d\n", ret);
-		security_manager_app_inst_req_free(req);
-		return NULL;
-	}
-
-	root_path = _get_pkg_root_path(pkgid);
-	/* TODO: should be fixed */
-	if (access(root_path, F_OK) == -1) {
-		printf("cannot find %s, but the smack rule for %s "
-				"will be installed\n", root_path, appid);
-		return req;
-	}
-
-	for (i = 0; path_type_map[i].path; i++) {
-		snprintf(buf, sizeof(buf), "%s%s", root_path,
-				path_type_map[i].path);
-		if (access(buf, F_OK) == -1)
-			continue;
-		ret = security_manager_app_inst_req_add_path(req, buf,
-				path_type_map[i].type);
-		if (ret != SECURITY_MANAGER_SUCCESS) {
-			printf("set path failed: %d\n", ret);
-			security_manager_app_inst_req_free(req);
-			return NULL;
-		}
-	}
-
-	return req;
-}
-
-static void _insert_privilege_cb(gpointer data, gpointer user_data)
-{
-	const char *privilege = (const char *)data;
-	app_inst_req *req = (app_inst_req *)user_data;
-
-	security_manager_app_inst_req_add_privilege(req, privilege);
-}
-
-/* NOTE: We cannot use cert-svc api which checks signature level in this tool,
- * because cert-svc does not provide c apis in Tizen 3.0.
- * So we set default privilege as platform level temporarily.
- */
-#define DEFAULT_PRIVILEGE_PUBLIC "http://tizen.org/privilege/internal/default/public"
-#define DEFAULT_PRIVILEGE_PARTNER "http://tizen.org/privilege/internal/default/partner"
-#define DEFAULT_PRIVILEGE_PLATFORM "http://tizen.org/privilege/internal/default/platform"
-static void _insert_application_cb(gpointer data, gpointer user_data)
-{
-	int ret;
-	app_inst_req *req;
-	application_x *app = (application_x *)data;
-	package_x *pkg = (package_x *)user_data;
-	GList *priv = NULL;
-
-	req = _prepare_request(pkg->package, app->appid);
-	if (req == NULL) {
-		printf("out of memory\n");
-		return;
-	}
-
-	if (getuid() == OWNER_ROOT) {
-		security_manager_app_inst_req_add_privilege(req,
-				DEFAULT_PRIVILEGE_PUBLIC);
-		security_manager_app_inst_req_add_privilege(req,
-				DEFAULT_PRIVILEGE_PARTNER);
-		security_manager_app_inst_req_add_privilege(req,
-				DEFAULT_PRIVILEGE_PLATFORM);
-	}
-
-	if (_convert_privilege_for_compatibility(pkg->api_version,
-				pkg->privileges, &priv)) {
-		printf("convert privilege failed\n");
-		return;
-	}
-
-	g_list_foreach(priv, _insert_privilege_cb, (gpointer)req);
-
-	g_list_free_full(priv, free);
-
-	ret = security_manager_app_install(req);
-	if (ret != SECURITY_MANAGER_SUCCESS)
-		printf("app install failed: %d\n", ret);
-	security_manager_app_inst_req_free(req);
-}
-
-static int _insert_privilege(char *manifest)
-{
-	package_x *pkg;
-
-	pkg = pkgmgr_parser_process_manifest_xml(manifest);
-	if (pkg == NULL) {
-		printf("Parse manifest failed\n");
-		return -1;
-	}
-
-	g_list_foreach(pkg->application, _insert_application_cb, (gpointer)pkg);
-	pkgmgr_parser_free_manifest_xml(pkg);
-
-	return 0;
-}
-
-static void _remove_application_cb(gpointer data, gpointer user_data)
-{
-	int ret;
-	app_inst_req *req;
-	application_x *app = (application_x *)data;
-	package_x *pkg = (package_x *)user_data;
-
-	req = _prepare_request(pkg->package, app->appid);
-	if (req == NULL) {
-		printf("out of memory\n");
-		return;
-	}
-
-	ret = security_manager_app_uninstall(req);
-	if (ret != SECURITY_MANAGER_SUCCESS)
-		printf("app uninstall failed: %d\n", ret);
-
-	security_manager_app_inst_req_free(req);
-}
-
-static int _remove_privilege(char *manifest)
-{
-	package_x *pkg;
-
-	pkg = pkgmgr_parser_process_manifest_xml(manifest);
-	if (pkg == NULL) {
-		printf("Parse manifest failed\n");
-		return -1;
-	}
-
-	g_list_foreach(pkg->application, _remove_application_cb, (gpointer)pkg);
-	pkgmgr_parser_free_manifest_xml(pkg);
-
-	return 0;
-}
-
-static void _print_usage(const char *cmd)
-{
-	printf("usage: %s <option> <manifest>\n"
-	       "   -i \t\t install privilege\n"
-	       "   -u \t\t uninstall privilege\n", cmd);
-}
-
-int main(int argc, char **argv)
-{
-	int ret;
-
-	if (argc < 3) {
-		_print_usage(argv[0]);
-		return -1;
-	}
-
-	if (!strcmp(argv[1], "-i")) {
-		ret = _insert_privilege(argv[2]);
-	} else if (!strcmp(argv[1], "-u")) {
-		ret = _remove_privilege(argv[2]);
-	} else {
-		_print_usage(argv[0]);
-		ret = -1;
-	}
-
-	return ret;
-}
-- 
2.7.4