SetErrorMessage(&error_message_, error);
return false;
}
+
+ // this is for lib rpk installation. set public RO for contents only.
+ if (pkg_type == "rpk" && std::string(policy.first) == "lib") {
+ for (bf::directory_iterator iter(subpath);
+ iter != bf::directory_iterator(); ++iter) {
+ error = security_manager_path_req_add_path(req_,
+ iter->path().string().c_str(), SECURITY_MANAGER_PATH_PUBLIC_RO);
+ if (error!= SECURITY_MANAGER_SUCCESS) {
+ SetErrorMessage(&error_message_, error);
+ return false;
+ }
+ }
+ }
}
return true;
}
}
bool RegisterSecurityContextForPath(const std::string &pkg_id,
- const boost::filesystem::path& path, uid_t uid, bool is_readonly_pkg,
- std::string* error_message) {
+ const std::string& pkg_type, const boost::filesystem::path& path,
+ uid_t uid, bool is_readonly_pkg, std::string* error_message) {
SecurityContextPathRequest req;
if (!req.IsValid()) {
*error_message = req.ErrorMessage();
*error_message = req.ErrorMessage();
return false;
}
- if (!req.PreparePath({}, path, is_readonly_pkg, false)) {
+ if (!req.PreparePath(pkg_type, path, is_readonly_pkg, false)) {
*error_message = req.ErrorMessage();
return false;
}