Fix smack labeling for lib rpk

[platform/core/appfw/app-installers.git] / src / common / security_registration.cc

diff --git a/src/common/security_registration.cc b/src/common/security_registration.cc
index c08992b..56447e8 100644 (file)
--- a/src/common/security_registration.cc
+++ b/src/common/security_registration.cc
@@ -382,6 +382,19 @@ class SecurityContextPathRequest {
         SetErrorMessage(&error_message_, error);
         return false;
       }
+
+      // this is for lib rpk installation. set public RO for contents only.
+      if (pkg_type == "rpk" && std::string(policy.first) == "lib") {
+        for (bf::directory_iterator iter(subpath);
+            iter != bf::directory_iterator(); ++iter) {
+          error = security_manager_path_req_add_path(req_,
+              iter->path().string().c_str(), SECURITY_MANAGER_PATH_PUBLIC_RO);
+          if (error!= SECURITY_MANAGER_SUCCESS) {
+            SetErrorMessage(&error_message_, error);
+            return false;
+          }
+        }
+      }
     }
     return true;
   }
@@ -549,8 +562,8 @@ bool UnregisterSecurityContextForPkgId(const std::string &pkg_id,
 }
 
 bool RegisterSecurityContextForPath(const std::string &pkg_id,
-    const boost::filesystem::path& path, uid_t uid, bool is_readonly_pkg,
-    std::string* error_message) {
+    const std::string& pkg_type, const boost::filesystem::path& path,
+    uid_t uid, bool is_readonly_pkg, std::string* error_message) {
   SecurityContextPathRequest req;
   if (!req.IsValid()) {
     *error_message = req.ErrorMessage();
@@ -560,7 +573,7 @@ bool RegisterSecurityContextForPath(const std::string &pkg_id,
     *error_message = req.ErrorMessage();
     return false;
   }
-  if (!req.PreparePath({}, path, is_readonly_pkg, false)) {
+  if (!req.PreparePath(pkg_type, path, is_readonly_pkg, false)) {
     *error_message = req.ErrorMessage();
     return false;
   }