src/jobs/widget_install/task_smack.cpp

   1 /*
   2  * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
   3  *
   4  *    Licensed under the Apache License, Version 2.0 (the "License");
   5  *    you may not use this file except in compliance with the License.
   6  *    You may obtain a copy of the License at
   7  *
   8  *        http://www.apache.org/licenses/LICENSE-2.0
   9  *
  10  *    Unless required by applicable law or agreed to in writing, software
  11  *    distributed under the License is distributed on an "AS IS" BASIS,
  12  *    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13  *    See the License for the specific language governing permissions and
  14  *    limitations under the License.
  15  */
  16 /*
  17  * @file    task_smack.cpp
  18  * @author  Piotr Kozbial (p.kozbial@samsung.com)
  19  * @version 1.0
  20  * @brief   Implementation file for installer task smack
  21  */
  22
  23 #include <widget_install/task_smack.h>
  24 #include <widget_install/widget_install_context.h>
  25 #include <widget_install/widget_install_errors.h>
  26 #include <widget_install/job_widget_install.h>
  27 #include <dpl/foreach.h>
  28 #include <dpl/wrt-dao-ro/common_dao_types.h>
  29 #include <dpl/utils/bash_utils.h>
  30 #ifdef WRT_SMACK_ENABLED
  31 #include <privilege-control.h>
  32 #endif
  33
  34 #include <sstream>
  35
  36 namespace {
  37 const int MAX_BUF_SIZE = 128;
  38 const char* SMACK_RULE_STR = "/usr/bin/smackload-app.sh";
  39 }
  40
  41 namespace Jobs {
  42 namespace WidgetInstall {
  43 TaskSmack::TaskSmack(InstallerContext& context) :
  44     DPL::TaskDecl<TaskSmack>(this),
  45     m_context(context)
  46 {
  47     AddStep(&TaskSmack::SmackFolderLabelingStep);
  48     AddStep(&TaskSmack::SmackPrivilegeStep);
  49     AddStep(&TaskSmack::SmackTemporaryStep);
  50     AddStep(&TaskSmack::SetEndofInstallation);
  51 }
  52
  53 void TaskSmack::SmackFolderLabelingStep()
  54 {
  55     LogInfo(
  56         "----------------> SMACK: \
  57             Jobs::WidgetInstall::TaskSmack::SmackFolderLabelingStep()");
  58
  59 #ifdef WRT_SMACK_ENABLED
  60     /* /opt/usr/apps/[pkgid] directory's label is "_" */
  61     std::string tzPkgid = DPL::ToUTF8String(m_context.widgetConfig.tzPkgid);
  62     if (PC_OPERATION_SUCCESS != app_label_dir("_",
  63                                               m_context.locations->
  64                                                   getPackageInstallationDir().
  65                                                   c_str()))
  66     {
  67         LogError("Set smack failure. Failed to add label for app root directory");
  68         ThrowMsg(Exceptions::NotAllowed, "Instalation failure. "
  69                                          "Add Label failure");
  70     }
  71
  72     /* res directory */
  73     std::string resDir = m_context.locations->getPackageInstallationDir() +
  74         "/res";
  75     if (PC_OPERATION_SUCCESS != app_label_dir(tzPkgid.c_str(),
  76                                               resDir.c_str()))
  77     {
  78         LogError("Set smack failure. Failed to add label for resource directory");
  79         ThrowMsg(Exceptions::NotAllowed, "Instalation failure. "
  80                                          "Add Label failure");
  81     }
  82
  83     /* bin directory */
  84     if (PC_OPERATION_SUCCESS != app_label_dir(tzPkgid.c_str(),
  85                                               m_context.locations->getBinaryDir()
  86                                                   .c_str()))
  87     {
  88         LogError("Set smack failure. Failed to add label for binary directory");
  89         ThrowMsg(Exceptions::NotAllowed, "Instalation failure. "
  90                                          "Add Label failure");
  91     }
  92
  93     /* data directory */
  94     if (PC_OPERATION_SUCCESS != app_label_dir(tzPkgid.c_str(),
  95                                               m_context.locations->
  96                                                   getPrivateStorageDir().c_str()))
  97     {
  98         LogError("Set smack failure. Failed to add label for private storage directory");
  99         ThrowMsg(Exceptions::NotAllowed, "Instalation failure. "
 100                                          "Add Label failure");
 101     }
 102
 103 #endif
 104 }
 105
 106 void TaskSmack::SmackPrivilegeStep()
 107 {
 108     LogInfo(
 109         "----------------> SMACK: \
 110             Jobs::WidgetInstall::TaskSmack::SmackPrivilegeStep()");
 111 #ifdef WRT_SMACK_ENABLED
 112     WrtDB::TizenPkgId tzPkgid = m_context.widgetConfig.tzPkgid;
 113 #if 0
 114     char** perm_list = new char*[m_context.staticPermittedDevCaps.size()];
 115
 116     int index = 0;
 117     FOREACH(it, m_context.staticPermittedDevCaps) {
 118         if (it->second) {
 119             LogInfo("Permission : " << it->first);
 120             perm_list[index++] =
 121                 const_cast<char*>(DPL::ToUTF8String(it->first).c_str());
 122         }
 123     }
 124     perm_list[index] = NULL;
 125
 126     int result = app_add_permissions(
 127             DPL::ToUTF8String(tzPkgid).c_str(),
 128             const_cast<const char**>(perm_list));
 129
 130 #else
 131     const char* perm_list[0];
 132     perm_list[0] = NULL;
 133 #endif
 134     if (m_context.job->getInstallerStruct().m_installMode
 135             != InstallMode::INSTALL_MODE_PRELOAD)
 136     {
 137         int result = app_add_permissions(
 138                 DPL::ToUTF8String(tzPkgid).c_str(), perm_list);
 139         if (PC_OPERATION_SUCCESS != result) {
 140             LogError("Failed to add permission to privilege");
 141             ThrowMsg(Exceptions::NotAllowed, "Instalation failure. "
 142                     "SMACK check failure");
 143         }
 144     }
 145
 146     m_context.job->UpdateProgress(
 147         InstallerContext::INSTALL_SMACK_ENABLE,
 148         "Widget SMACK Enabled");
 149 #endif
 150 }
 151
 152 void TaskSmack::SmackTemporaryStep()
 153 {
 154 #ifdef WRT_SMACK_ENABLED
 155     //This step is temporary for smack
 156
 157     LogInfo("----------------> SMACK: \
 158             Jobs::WidgetInstall::TaskSmack::SmackTemporaryStep()");
 159     std::ostringstream commStr;
 160     std::string tzPkgid = DPL::ToUTF8String(m_context.widgetConfig.tzPkgid);
 161     commStr << SMACK_RULE_STR << " " << BashUtils::escape_arg(tzPkgid);
 162     LogDebug("set smack rule command : " << commStr.str());
 163
 164     char readBuf[MAX_BUF_SIZE];
 165     memset(readBuf, 0x00, MAX_BUF_SIZE);
 166
 167     FILE *fd;
 168     fd = popen(commStr.str().c_str(), "r");
 169     if (NULL == fd) {
 170         LogError("Set smack rule failure. Failed to call script.");
 171         ThrowMsg(Exceptions::NotAllowed, "Instalation failure. "
 172                 "SMACK check failure");
 173     }
 174     pclose(fd);
 175 #endif
 176 }
 177
 178 void TaskSmack::SetEndofInstallation()
 179 {
 180     m_context.job->UpdateProgress(
 181         InstallerContext::INSTALL_END,
 182         "End installation");
 183 }
 184 } //namespace WidgetInstall
 185 } //namespace Jobs