From: Jihoon Chung <jihoon.chung@samsung.com>
Date: Tue, 23 Apr 2013 06:58:00 +0000 (+0900)
Subject: [Release] wrt-installer_0.1.37
X-Git-Tag: accepted/tizen_2.1/20130425.023916~3
X-Git-Url: http://review.tizen.org/git/?p=framework%2Fweb%2Fwrt-installer.git;a=commitdiff_plain;h=80392791b3b7919b59596326dd9fdd9b25a1be1e

[Release] wrt-installer_0.1.37
---

diff --git a/packaging/wrt-installer.spec b/packaging/wrt-installer.spec
index e55b3dc..a7619cc 100644
--- a/packaging/wrt-installer.spec
+++ b/packaging/wrt-installer.spec
@@ -1,7 +1,7 @@
-#git:framework/web/wrt-installer wrt-installer 0.1.36
+#git:framework/web/wrt-installer wrt-installer 0.1.37
 Name:       wrt-installer
 Summary:    Installer for tizen Webruntime
-Version:    0.1.36
+Version:    0.1.37
 Release:    1
 Group:      Development/Libraries
 License:    Apache License, Version 2.0
diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt
index 994b6ce..5e33b52 100644
--- a/src/CMakeLists.txt
+++ b/src/CMakeLists.txt
@@ -145,6 +145,7 @@ PKG_CHECK_MODULES(SYS_INSTALLER_STATIC_DEP
     capi-appfw-app-manager
     app2sd
     vconf
+    libprivilege-control
     REQUIRED
 )
 
diff --git a/src/jobs/widget_install/job_widget_install.cpp b/src/jobs/widget_install/job_widget_install.cpp
old mode 100755
new mode 100644
index 9e76928..e2b2086
--- a/src/jobs/widget_install/job_widget_install.cpp
+++ b/src/jobs/widget_install/job_widget_install.cpp
@@ -194,12 +194,6 @@ JobWidgetInstall::JobWidgetInstall(
         }
 
         AddTask(new TaskFileManipulation(m_installerContext));
-        // TODO: Update progress information for this task
-
-        //This is sort of quick solution, because ACE verdicts are based upon
-        //data from DAO (DB). So AceCheck for now has to be AFTER DbUpdate
-        //task.
-        AddTask(new TaskSmack(m_installerContext));
 
         AddTask(new TaskManifestFile(m_installerContext));
         if (m_installerContext.widgetConfig.packagingType ==
@@ -210,6 +204,7 @@ JobWidgetInstall::JobWidgetInstall(
         AddTask(new TaskCertificates(m_installerContext));
         AddTask(new TaskDatabase(m_installerContext));
         AddTask(new TaskAceCheck(m_installerContext));
+        AddTask(new TaskSmack(m_installerContext));
     } else if (result == ConfigureResult::Updated) {
         LogInfo("Configure installation updated");
         LogInfo("Widget Update");
@@ -249,9 +244,6 @@ JobWidgetInstall::JobWidgetInstall(
             AddTask(new TaskUpdateFiles(m_installerContext));
         }
 
-        /* TODO : To backup file, save md5 values */
-        AddTask(new TaskSmack(m_installerContext));
-
         AddTask(new TaskManifestFile(m_installerContext));
         if (m_installerContext.widgetConfig.packagingType ==
             PKG_TYPE_HYBRID_WEB_APP)
@@ -268,6 +260,7 @@ JobWidgetInstall::JobWidgetInstall(
         //TODO: remove widgetHandle from this task and move before database task
         // by now widget handle is needed in ace check
         // Any error in acecheck while update will break widget
+        AddTask(new TaskSmack(m_installerContext));
     } else if (result == ConfigureResult::Deferred) {
         // Installation is deferred
         LogInfo("Configure installation deferred");
@@ -588,14 +581,62 @@ ConfigureResult JobWidgetInstall::checkWidgetUpdate(
 
     // Check running state
     bool isRunning = false;
-    int retval =
+    int ret =
         app_manager_is_running(DPL::ToUTF8String(update.tzAppId).c_str(),
                                &isRunning);
-    if (APP_MANAGER_ERROR_NONE != retval || isRunning) {
+    if (APP_MANAGER_ERROR_NONE != ret) {
         LogError("Fail to get running state");
         return ConfigureResult::Failed_WidgetRunning;
     }
 
+    if (true == isRunning) {
+        // get app_context for running application
+        // app_context must be released with app_context_destroy
+        app_context_h appCtx = NULL;
+        ret =
+            app_manager_get_app_context(
+                DPL::ToUTF8String(update.tzAppId).c_str(),
+                &appCtx);
+        if (APP_MANAGER_ERROR_NONE != ret) {
+            LogError("Fail to get app_context");
+            return ConfigureResult::Failed_WidgetRunning;
+        }
+
+        // terminate app_context_h
+        ret = app_manager_terminate_app(appCtx);
+        if (APP_MANAGER_ERROR_NONE != ret) {
+            LogError("Fail to terminate running application");
+            app_context_destroy(appCtx);
+            return ConfigureResult::Failed_WidgetRunning;
+        } else {
+            app_context_destroy(appCtx);
+            // app_manager_terminate_app isn't sync API
+            // wait until application isn't running (50ms * 100)
+            bool isStillRunning = true;
+            int checkingloop = 100;
+            struct timespec duration = { 0, 50 * 1000 * 1000 };
+            while (--checkingloop >= 0) {
+                nanosleep(&duration, NULL);
+                int ret =
+                    app_manager_is_running(
+                        DPL::ToUTF8String(update.tzAppId).c_str(),
+                        &isStillRunning);
+                if (APP_MANAGER_ERROR_NONE != ret) {
+                    LogError("Fail to get running state");
+                    return ConfigureResult::Failed_WidgetRunning;
+                }
+                if (!isStillRunning) {
+                    break;
+                }
+            }
+            if (isStillRunning) {
+                LogError("Fail to terminate running application");
+                return ConfigureResult::Failed_WidgetRunning;
+            }
+            LogInfo("terminate application");
+        }
+    }
+
     m_installerContext.widgetConfig.tzAppid = update.tzAppId;
 
     if (isUpperVersion(update.existingVersion, update.incomingVersion) ||
diff --git a/src/jobs/widget_install/task_smack.cpp b/src/jobs/widget_install/task_smack.cpp
index 75d0fc8..a9c285a 100644
--- a/src/jobs/widget_install/task_smack.cpp
+++ b/src/jobs/widget_install/task_smack.cpp
@@ -25,46 +25,154 @@
 #include <widget_install/widget_install_errors.h>
 #include <widget_install/job_widget_install.h>
 #include <dpl/foreach.h>
+#include <dpl/wrt-dao-ro/common_dao_types.h>
+#include <dpl/utils/bash_utils.h>
 #ifdef WRT_SMACK_ENABLED
 #include <privilege-control.h>
 #endif
 
 #include <sstream>
 
+namespace {
+const int MAX_BUF_SIZE = 128;
+const char* SMACK_RULE_STR = "/usr/bin/smackload-app.sh";
+}
+
 namespace Jobs {
 namespace WidgetInstall {
 TaskSmack::TaskSmack(InstallerContext& context) :
     DPL::TaskDecl<TaskSmack>(this),
     m_context(context)
 {
-    AddStep(&TaskSmack::Step);
+    AddStep(&TaskSmack::SmackFolderLabelingStep);
+    AddStep(&TaskSmack::SmackPrivilegeStep);
+    AddStep(&TaskSmack::SmackTemporaryStep);
+}
+
+void TaskSmack::SmackFolderLabelingStep()
+{
+    LogInfo(
+        "----------------> SMACK: \
+            Jobs::WidgetInstall::TaskSmack::SmackFolderLabelingStep()");
+
+#ifdef WRT_SMACK_ENABLED
+    /* /opt/usr/apps/[pkgid] directory's label is "_" */
+    std::string tzPkgid = DPL::ToUTF8String(m_context.widgetConfig.tzPkgid);
+    if (PC_OPERATION_SUCCESS != app_label_dir("_",
+                                              m_context.locations->
+                                                  getPackageInstallationDir().
+                                                  c_str()))
+    {
+        LogError("Set smack failure. Failed to add label for app root directory");
+        ThrowMsg(Exceptions::NotAllowed, "Instalation failure. "
+                                         "Add Label failure");
+    }
+
+    /* res directory */
+    std::string resDir = m_context.locations->getPackageInstallationDir() +
+        "/res";
+    if (PC_OPERATION_SUCCESS != app_label_dir(tzPkgid.c_str(),
+                                              resDir.c_str()))
+    {
+        LogError("Set smack failure. Failed to add label for resource directory");
+        ThrowMsg(Exceptions::NotAllowed, "Instalation failure. "
+                                         "Add Label failure");
+    }
+
+    /* bin directory */
+    if (PC_OPERATION_SUCCESS != app_label_dir(tzPkgid.c_str(),
+                                              m_context.locations->getBinaryDir()
+                                                  .c_str()))
+    {
+        LogError("Set smack failure. Failed to add label for binary directory");
+        ThrowMsg(Exceptions::NotAllowed, "Instalation failure. "
+                                         "Add Label failure");
+    }
+
+    /* data directory */
+    if (PC_OPERATION_SUCCESS != app_label_dir(tzPkgid.c_str(),
+                                              m_context.locations->
+                                                  getPrivateStorageDir().c_str()))
+    {
+        LogError("Set smack failure. Failed to add label for private storage directory");
+        ThrowMsg(Exceptions::NotAllowed, "Instalation failure. "
+                                         "Add Label failure");
+    }
+
+#endif
 }
 
-void TaskSmack::Step()
+void TaskSmack::SmackPrivilegeStep()
 {
-    LogInfo("----------------> SMACK: Jobs::WidgetInstall::TaskSmack::Step()");
+    LogInfo(
+        "----------------> SMACK: \
+            Jobs::WidgetInstall::TaskSmack::SmackPrivilegeStep()");
 #ifdef WRT_SMACK_ENABLED
-    std::stringstream devcaps;
+    WrtDB::TizenPkgId tzPkgid = m_context.widgetConfig.tzPkgid;
+#if 0
+    char** perm_list = new char*[m_context.staticPermittedDevCaps.size()];
+
+    int index = 0;
     FOREACH(it, m_context.staticPermittedDevCaps) {
         if (it->second) {
-            std::string utf8 = DPL::ToUTF8String(it->first);
-            if (it != m_context.staticPermittedDevCaps.begin()) {
-                devcaps << ",";
-            }
-            devcaps << utf8;
+            LogInfo("Permission : " << it->first);
+            perm_list[index++] =
+                const_cast<char*>(DPL::ToUTF8String(it->first).c_str());
+        }
+    }
+    perm_list[index] = NULL;
+
+    int result = app_add_permissions(
+            DPL::ToUTF8String(tzPkgid).c_str(),
+            const_cast<const char**>(perm_list));
+
+#else
+    const char* perm_list[0];
+    perm_list[0] = NULL;
+#endif
+    if (m_context.job->getInstallerStruct().m_installMode
+            != InstallMode::INSTALL_MODE_PRELOAD)
+    {
+        int result = app_add_permissions(
+                DPL::ToUTF8String(tzPkgid).c_str(), perm_list);
+        if (PC_OPERATION_SUCCESS != result) {
+            LogError("Failed to add permission to privilege");
+            ThrowMsg(Exceptions::NotAllowed, "Instalation failure. "
+                    "SMACK check failure");
         }
     }
-    TizenAppId tzAppid = m_context.widgetConfig.tzAppid;
-    int result = handle_access_control_conf_forWAC(
-            DPL::ToUTF8String(tzAppid).c_str(),
-            devcaps.str().c_str(),
-            OPERATION_INSTALL);
-    Assert(result == PC_OPERATION_SUCCESS && "access control setup failed");
+
     m_context.job->UpdateProgress(
-        UninstallerContext::INSTALL_SMACK_ENABLE,
+        InstallerContext::INSTALL_SMACK_ENABLE,
         "Widget SMACK Enabled");
 #endif
 }
 
+void TaskSmack::SmackTemporaryStep()
+{
+#ifdef WRT_SMACK_ENABLED
+    //This step is temporary for smack
+
+    LogInfo("----------------> SMACK: \
+            Jobs::WidgetInstall::TaskSmack::SmackTemporaryStep()");
+    std::ostringstream commStr;
+    std::string tzPkgid = DPL::ToUTF8String(m_context.widgetConfig.tzPkgid);
+    commStr << SMACK_RULE_STR << " " << BashUtils::escape_arg(tzPkgid);
+    LogDebug("set smack rule command : " << commStr.str());
+
+    char readBuf[MAX_BUF_SIZE];
+    memset(readBuf, 0x00, MAX_BUF_SIZE);
+
+    FILE *fd;
+    fd = popen(commStr.str().c_str(), "r");
+    if (NULL == fd) {
+        LogError("Set smack rule failure. Failed to call script.");
+        ThrowMsg(Exceptions::NotAllowed, "Instalation failure. "
+                "SMACK check failure");
+    }
+    pclose(fd);
+#endif
+}
+
 } //namespace WidgetInstall
 } //namespace Jobs
diff --git a/src/jobs/widget_install/task_smack.h b/src/jobs/widget_install/task_smack.h
index ce05d29..b602819 100644
--- a/src/jobs/widget_install/task_smack.h
+++ b/src/jobs/widget_install/task_smack.h
@@ -36,7 +36,9 @@ class TaskSmack :
   private:
     InstallerContext& m_context;
 
-    void Step();
+    void SmackFolderLabelingStep();
+    void SmackPrivilegeStep();
+    void SmackTemporaryStep();
 
   public:
     TaskSmack(InstallerContext& context);
diff --git a/src/jobs/widget_uninstall/task_check.cpp b/src/jobs/widget_uninstall/task_check.cpp
index 09d9116..bb6a73b 100644
--- a/src/jobs/widget_uninstall/task_check.cpp
+++ b/src/jobs/widget_uninstall/task_check.cpp
@@ -19,7 +19,7 @@
  * @version 1.0
  * @brief   Header file for widget uninstall task check
  */
-#include <time.h>
+#include <ctime>
 #include <dpl/sstream.h>
 #include <widget_uninstall/task_check.h>
 #include <widget_uninstall/job_widget_uninstall.h>
diff --git a/src/jobs/widget_uninstall/task_smack.cpp b/src/jobs/widget_uninstall/task_smack.cpp
index d437ed1..be66932 100644
--- a/src/jobs/widget_uninstall/task_smack.cpp
+++ b/src/jobs/widget_uninstall/task_smack.cpp
@@ -21,6 +21,7 @@
  */
 
 #include <widget_uninstall/task_smack.h>
+#include <widget_uninstall/job_widget_uninstall.h>
 #include <widget_uninstall/uninstaller_context.h>
 #include <dpl/log/log.h>
 #include <dpl/optional_typedefs.h>
@@ -42,20 +43,13 @@ void TaskSmack::Step()
     LogInfo(
         "------------------------> SMACK: Jobs::WidgetUninstall::TaskSmack::Step()");
 #ifdef WRT_SMACK_ENABLED
-    try {
-        WrtDB::WidgetDAOReadOnly dao(m_context.widgetConfig.tzAppid);
-        TizenAppId tzAppid = dao.getTzAppId();
-        int result = handle_access_control_conf_forWAC(
-                DPL::ToUTF8String(tzAppid).c_str(),
-                NULL,
-                OPERATION_UNINSTALL);
-        Assert(result == PC_OPERATION_SUCCESS && "access control setup failed");
-    } catch (WrtDB::WidgetDAOReadOnly::Exception) {
-        Assert(false && "can't access widget data");
+    int result = app_revoke_permissions(m_context.tzPkgid.c_str());
+    if (PC_OPERATION_SUCCESS != result) {
+        LogError("Revoke permissions failure : " << result);
     }
 
     m_context.job->UpdateProgress(
-        UninstallerContext::INSTALL_SMACK_ENABLE,
+        UninstallerContext::UNINSTALL_SMACK_ENABLE,
         "Widget SMACK Enabled");
 #endif
 }
diff --git a/src/pkg-manager/backendlib.cpp b/src/pkg-manager/backendlib.cpp
index b342b1a..497bf3f 100644
--- a/src/pkg-manager/backendlib.cpp
+++ b/src/pkg-manager/backendlib.cpp
@@ -457,7 +457,7 @@ pkgmgr_info *pkgmgr_client_check_pkginfo_from_file(const char *pkg_path)
     LogDebug("pkgmgr_client_check_pkginfo_from_file() is called");
     package_manager_pkg_detail_info_t *pkg_detail_info;
     pkg_detail_info = (package_manager_pkg_detail_info_t*)malloc(
-            sizeof(package_manager_pkg_info_t));
+            sizeof(package_manager_pkg_detail_info_t));
     int ret = getWidgetDetailInfoFromPackage(pkg_path, pkg_detail_info);
     if (FALSE == ret) {
         LogError("Failed to get package detail info ");