From c95433b069c922c6f2c98b78d6f09a50abb3fdf5 Mon Sep 17 00:00:00 2001
From: INSUN PYO <insun.pyo@samsung.com>
Date: Fri, 15 Dec 2017 12:31:37 +0900
Subject: [PATCH] adjust the uid and secure_uid range

Signed-off-by: INSUN PYO <insun.pyo@samsung.com>
Change-Id: I0d34ced09bb8a949e7d70b29f848ba707069b4a0
---
 data/tizen/etc/gumd/gumd-tizen-common.conf | 68 +++++++++++++++++-------------
 src/common/gum-config.c                    | 16 +++----
 src/daemon/core/gumd-daemon-group.c        | 14 ++++--
 src/daemon/core/gumd-daemon-user.c         |  6 +++
 4 files changed, 63 insertions(+), 41 deletions(-)

diff --git a/data/tizen/etc/gumd/gumd-tizen-common.conf b/data/tizen/etc/gumd/gumd-tizen-common.conf
index 45461ca..c7345d4 100755
--- a/data/tizen/etc/gumd/gumd-tizen-common.conf
+++ b/data/tizen/etc/gumd/gumd-tizen-common.conf
@@ -69,51 +69,61 @@ SKEL_DIR=/opt/etc/skel
 # Path to user information folder.
 USERINFO_DIR=/var/lib/gumd/user/
 
-# Minimum value for the automatic uid selection. Default value is: 1000
-UID_MIN=5001
-
-# Maximum value for the automatic uid selection. Default value is: 60000
-UID_MAX=60000
-
-# Minimum value for the automatic uid selection for system user. Default
-# value is: 100
+# Minimum value for the automatic uid selection for system user.
+# Default value is: 100
+# Actual implementation: use min + 1 value in _get_default_uid_range
 SYS_UID_MIN=100
 
-# Maximum value for the automatic uid selection for system user. Default value
-# is: 999
+# Maximum value for the automatic uid selection for system user.
+# Default value is: 499
 SYS_UID_MAX=499
 
-# Minimum value for the automatic uid selection for security user. Default
-# value is: 60001
-SEC_UID_MIN=60001
+# Minimum value for the automatic uid selection.
+# Default value is: 5000
+# Actual implementation: use min + 1 value in _get_default_uid_range
+UID_MIN=5000
 
-# Maximum value for the automatic uid selection for security user. Default value
-# is: 60100
-SEC_UID_MAX=60100
+# Maximum value for the automatic uid selection.
+# Default value is: 5999
+UID_MAX=5999
 
-# Minimum value for the automatic gid selection. Default value is: 1000
-GID_MIN=5001
+# Minimum value for the automatic uid selection for security user.
+# Default value is: 6000
+# Actual implementation: use min + 1 value in _get_default_uid_range
+SEC_UID_MIN=6000
 
-# Maximum value for the automatic gid selection. Default value is: 60000
-GID_MAX=60000
+# Maximum value for the automatic uid selection for security user.
+# Default value is: 6999
+SEC_UID_MAX=6999
 
-# Minimum value for the automatic gid selection for system user. Default value
-# is: 100
+# Minimum value for the automatic gid selection for system user.
+# Default value is: 100
+# Actual implementation: use min + 1 value in _get_default_gid_range
 SYS_GID_MIN=100
 
-# Maximum value for the automatic gid selection for system user. Default value
-# is: 999
+# Maximum value for the automatic gid selection for system user.
+# Default value is: 499
 SYS_GID_MAX=499
 
-# Minimum number of days a password may be used. Default value is: 0
+# Minimum value for the automatic gid selection.
+# Default value is: 5000
+# Actual implementation: use min + 1 value in _get_default_gid_range
+GID_MIN=5000
+
+# Maximum value for the automatic gid selection.
+# Default value is: 59999
+GID_MAX=59999
+
+# Minimum number of days a password may be used.
+# Default value is: 0
 #PASS_MIN_DAYS=0
 
-# Maximum number of days allowed between password changes. Default value is:
-# 99999
+# Maximum number of days allowed between password changes.
+# Default value is: 99999
 #PASS_MAX_DAYS=99999
 
-# Number of days warning given before a password expires. Default value is:
-# 7
+# Number of days warning given before a password expires.
+# Default value is: 7
 #PASS_WARN_AGE=7
 
 # Value used to set the mode of home directories created for new users.
diff --git a/src/common/gum-config.c b/src/common/gum-config.c
index 9e8e4b3..ecc5562 100755
--- a/src/common/gum-config.c
+++ b/src/common/gum-config.c
@@ -109,17 +109,17 @@ struct _GumConfigPrivate
 
 G_DEFINE_TYPE (GumConfig, gum_config, G_TYPE_OBJECT);
 
-#define UID_MIN      1000
-#define UID_MAX      60000
 #define SYS_UID_MIN  100
-#define SYS_UID_MAX  999
-#define SEC_UID_MIN  60001
-#define SEC_UID_MAX  60100
+#define SYS_UID_MAX  499
+#define UID_MIN      5000
+#define UID_MAX      5999
+#define SEC_UID_MIN  6000
+#define SEC_UID_MAX  6999
 
-#define GID_MIN      1000
-#define GID_MAX      60000
 #define SYS_GID_MIN  100
-#define SYS_GID_MAX  999
+#define SYS_GID_MAX  499
+#define GID_MIN      5000
+#define GID_MAX      59999
 
 /* shadow */
 #define PASS_MAX_DAYS  99999
diff --git a/src/daemon/core/gumd-daemon-group.c b/src/daemon/core/gumd-daemon-group.c
index 9ae3274..6b1213e 100644
--- a/src/daemon/core/gumd-daemon-group.c
+++ b/src/daemon/core/gumd-daemon-group.c
@@ -359,19 +359,25 @@ _get_default_gid_range (
         gid_t *min,
         gid_t *max)
 {
+    *min = *max = GUM_GROUP_INVALID_GID;
+
     if (self->priv->group_type == GUM_GROUPTYPE_SYSTEM)
         *min = (gid_t) gum_config_get_uint (self->priv->config,
-                GUM_CONFIG_GENERAL_SYS_GID_MIN, G_MAXUINT);
+                GUM_CONFIG_GENERAL_SYS_GID_MIN, GUM_GROUP_INVALID_GID);
     else
         *min = (gid_t) gum_config_get_uint (self->priv->config,
-                GUM_CONFIG_GENERAL_GID_MIN, G_MAXUINT);
+                GUM_CONFIG_GENERAL_GID_MIN, GUM_GROUP_INVALID_GID);
+
+    /* When creating a GID, uid starts at min + 1. */
+    if (*min != GUM_GROUP_INVALID_GID)
+        *min = *min + (uid_t)1;
 
     if (self->priv->group_type == GUM_GROUPTYPE_SYSTEM)
         *max = (gid_t) gum_config_get_uint (self->priv->config,
-                GUM_CONFIG_GENERAL_SYS_GID_MAX, G_MAXUINT);
+                GUM_CONFIG_GENERAL_SYS_GID_MAX, GUM_GROUP_INVALID_GID);
     else
         *max = (gid_t) gum_config_get_uint (self->priv->config,
-                GUM_CONFIG_GENERAL_GID_MAX, G_MAXUINT);
+                GUM_CONFIG_GENERAL_GID_MAX, GUM_GROUP_INVALID_GID);
 
     return (*min < *max);
 }
diff --git a/src/daemon/core/gumd-daemon-user.c b/src/daemon/core/gumd-daemon-user.c
index bf1211d..d92c4b1 100755
--- a/src/daemon/core/gumd-daemon-user.c
+++ b/src/daemon/core/gumd-daemon-user.c
@@ -782,6 +782,8 @@ _get_default_uid_range (
         uid_t *min,
         uid_t *max)
 {
+    *min = *max = GUM_USER_INVALID_UID;
+
     if (ut == GUM_USERTYPE_SYSTEM)
         *min = (uid_t) gum_config_get_uint (config,
                 GUM_CONFIG_GENERAL_SYS_UID_MIN, GUM_USER_INVALID_UID);
@@ -792,6 +794,10 @@ _get_default_uid_range (
         *min = (uid_t) gum_config_get_uint (config,
                 GUM_CONFIG_GENERAL_UID_MIN, GUM_USER_INVALID_UID);
 
+    /* When creating a UID, uid starts at min + 1. */
+    if (*min != GUM_USER_INVALID_UID)
+        *min = *min + (uid_t)1;
+
     if (ut == GUM_USERTYPE_SYSTEM)
         *max = (uid_t) gum_config_get_uint (config,
                 GUM_CONFIG_GENERAL_SYS_UID_MAX, GUM_USER_INVALID_UID);
-- 
2.7.4