[platform/core/appfw/app-installers.git] / src / common / step / filesystem / step_recover_change_owner.cc

// Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved
// Use of this source code is governed by an apache-2.0 license that can be
// found in the LICENSE file.

#include "common/step/filesystem/step_recover_change_owner.h"

#include <boost/filesystem/path.hpp>
#include <boost/optional/optional.hpp>

#include <unistd.h>
#include <sys/types.h>
#include <fcntl.h>
#include <pkgmgr-info.h>
#include <tzplatform_config.h>

#include <cassert>
#include <cstring>
#include <string>
#include <utility>
#include <vector>

#include "common/utils/paths.h"
#include "common/shared_dirs.h"
#include "common/utils/file_util.h"
#include "common/utils/glist_range.h"
#include "common/utils/user_util.h"

namespace bf = boost::filesystem;
namespace ci = common_installer;

namespace {

const char kSkelAppDir[] = "skel/apps_rw";
const char kData[] = "data";
const char kShared[] = ".shared";
const char kSharedTmp[] = ".shared_tmp";
const char kSystemShareGroupName[] = "system_share";
const char kSubssesionDir[] = "subsession";
const uid_t kGlobalUserUid = tzplatform_getuid(TZ_SYS_GLOBALAPP_USER);
const gid_t kGlobalUserGid = tzplatform_getgid(TZ_SYS_GLOBALAPP_USER);

bool SetSharedDirOwnershipAndPermissions(const bf::path& apps_rw,
    const std::string& pkgid, uid_t uid, gid_t gid) {
  bf::perms perms = (bf::all_all | bf::set_uid_on_exe) ^ bf::others_write;
  bf::path shared = apps_rw / kShared / pkgid / kData;
  if (!bf::exists(shared))
    return true;
  boost::optional<gid_t> system_share =
      ci::GetGidByGroupName(kSystemShareGroupName);
  if (!system_share)
    return false;

  if (!ci::SetDirOwnershipAndPermissions(shared, perms, uid, *system_share))
    return false;

  perms = bf::all_all ^ bf::group_write ^ bf::others_write;
  bf::path shared_tmp = apps_rw / kSharedTmp / pkgid;
  if (!ci::SetDirOwnershipAndPermissions(shared_tmp, perms, uid, gid))
    return false;

  return true;
}

}  // namespace

namespace common_installer {
namespace filesystem {

Step::Status StepRecoverChangeOwner::RecoveryUpdate() {
  uid_t uid = context_->uid.get();
  // Change owner of files at root path
  if (!ci::SetPackageDirectoryOwnerAndPermissions(context_->GetPkgPath(),
      uid))
    return Step::Status::ERROR;

  boost::optional<gid_t> gid = ci::GetGidByUid(uid);
  if (!gid)
    return Step::Status::ERROR;

  if (context_->request_mode.get() == RequestMode::GLOBAL) {
    bf::path skel_apps_rw = bf::path(tzplatform_getenv(TZ_SYS_ETC)) /
        bf::path(kSkelAppDir);
    if (!SetSharedDirOwnershipAndPermissions(skel_apps_rw,
            context_->pkgid.get(), kGlobalUserUid, kGlobalUserGid))
      return Step::Status::ERROR;

    ci::UserList list = ci::GetUserList();
    for (auto l : list) {
      uid_t lu = std::get<0>(l);
      gid_t lg = std::get<1>(l);
      bf::path owner_apps_rw = ci::GetRootAppPath(false, lu);
      std::vector<bf::path> apps_rw_paths;
      apps_rw_paths.push_back(std::move(owner_apps_rw));
      for (auto& lw_user : GetLightUserList(uid))
        apps_rw_paths.push_back(std::get<2>(l) / kSubssesionDir / lw_user /
                                "apps_rw");

      for (auto& apps_rw : apps_rw_paths) {
        bf::path pkg_root = apps_rw / context_->pkgid.get();
        if (!ci::SetPackageDirectoryOwnerAndPermissions(pkg_root, lu))
          return Step::Status::ERROR;

        if (!SetSharedDirOwnershipAndPermissions(apps_rw,
                context_->pkgid.get(), lu, lg))
          return Step::Status::ERROR;
      }
    }
  } else {
    ci::UserList list = ci::GetUserList();
    for (auto& l : list) {
      uid_t lu = std::get<0>(l);
      if (lu != uid)
        continue;

      bf::path owner_apps_rw = ci::GetRootAppPath(false, uid);
      std::vector<bf::path> apps_rw_paths;
      apps_rw_paths.push_back(std::move(owner_apps_rw));
      for (auto& lw_user : GetLightUserList(uid))
        apps_rw_paths.push_back(std::get<2>(l) / kSubssesionDir / lw_user /
                                "apps_rw");

      for (auto& apps_rw : apps_rw_paths) {
        if (!SetSharedDirOwnershipAndPermissions(apps_rw,
                context_->pkgid.get(), context_->uid.get(), *gid))
          return Step::Status::ERROR;
      }
    }
  }

  return ChangeOwnershipIconsAndManifest(gid, uid);
}

Step::Status StepRecoverChangeOwner::ChangeOwnershipIconsAndManifest(
    const boost::optional<gid_t> gid, const uid_t uid) {
  if (!gid)
    return Step::Status::ERROR;

  // For icon files
  const char *iconpath = getIconPath(uid, context_->is_readonly_package.get());
  if (iconpath) {
    for (application_x* app :
        GListRange<application_x*>(
        context_->manifest_data.get()->application)) {
      if (!app->icon)
        continue;

      icon_x* icon = reinterpret_cast<icon_x*>(app->icon->data);
      bf::path icon_path = icon->text;
      //  bf::path base_path = iconpath;
      bf::path found_icon_path = GetIconPath(iconpath,
          context_->pkgid.get(), icon_path.filename(),
          context_->root_application_path.get());
      if (!found_icon_path.empty()) {
        if (!ci::SetOwnership(found_icon_path, uid, *gid))
          return Step::Status::ERROR;
      }
    }
  }

  // Manifest files for global apps
  if (!context_->xml_path.get().empty()) {
    if (!ci::SetOwnership(context_->xml_path.get(), uid, *gid))
      return Step::Status::ERROR;
  }

  return Step::Status::OK;
}

}  // namespace filesystem
}  // namespace common_installer