projects / platform / core / appfw / pkgmgr-server.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: cc8e03e)
Remove smack related capabilities 52/73752/6
authorSangyoon Jang <s89.jang@samsung.com>
Thu, 9 Jun 2016 10:16:44 +0000 (19:16 +0900)
committerSemun Lee <sm79.lee@samsung.com>
Mon, 13 Jun 2016 01:15:15 +0000 (18:15 -0700)
Remove capabilities using systemd service.

Change-Id: Ie8fc2a588744c62433455039f89eaf4a8c656bab
Signed-off-by: Sangyoon Jang <s89.jang@samsung.com>
CMakeLists.txt patch | blob | history
org.tizen.pkgmgr.service.in patch | blob | history
package-manager.service.in [new file with mode: 0644] patch | blob
packaging/pkgmgr-server.spec patch | blob | history

diff --git a/CMakeLists.txt b/CMakeLists.txt
index 77121f2..5a14e57 100644 (file)
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -48,7 +48,9 @@ TARGET_LINK_LIBRARIES(${PKGMGR_SERVER} ${SERVER_DEPS_LDFLAGS} -lgdbm)
 
 CONFIGURE_FILE(org.tizen.pkgmgr.service.in org.tizen.pkgmgr.service @ONLY)
 CONFIGURE_FILE(org.tizen.pkgmgr.conf.in org.tizen.pkgmgr.conf @ONLY)
+CONFIGURE_FILE(package-manager.service.in package-manager.service @ONLY)
 
 INSTALL(TARGETS ${PKGMGR_SERVER} DESTINATION bin)
 INSTALL(FILES ${CMAKE_CURRENT_BINARY_DIR}/org.tizen.pkgmgr.service DESTINATION ${PREFIX}/share/dbus-1/system-services/)
 INSTALL(FILES ${CMAKE_CURRENT_BINARY_DIR}/org.tizen.pkgmgr.conf DESTINATION ${SYSCONF_INSTALL_DIR}/dbus-1/system.d/)
+INSTALL(FILES ${CMAKE_CURRENT_BINARY_DIR}/package-manager.service DESTINATION ${UNITDIR})
diff --git a/org.tizen.pkgmgr.service.in b/org.tizen.pkgmgr.service.in
index 38c9534..9252ca2 100644 (file)
--- a/org.tizen.pkgmgr.service.in
+++ b/org.tizen.pkgmgr.service.in
@@ -1,4 +1,5 @@
 [D-BUS Service]
 User=root
 Name=org.tizen.pkgmgr
-Exec=@PREFIX@/bin/pkgmgr-server
+Exec=@PREFIX@/bin/false
+SystemdService=package-manager.service
diff --git a/package-manager.service.in b/package-manager.service.in
new file mode 100644 (file)
index 0000000..79a03d4
--- /dev/null
+++ b/package-manager.service.in
@@ -0,0 +1,7 @@
+[Unit]
+Description=Tizen Package Manager
+
+[Service]
+ExecStart=@PREFIX@/bin/pkgmgr-server
+CapabilityBoundingSet=~CAP_MAC_ADMIN
+CapabilityBoundingSet=~CAP_MAC_OVERRIDE
diff --git a/packaging/pkgmgr-server.spec b/packaging/pkgmgr-server.spec
index b1b6201..7cd5191 100644 (file)
--- a/packaging/pkgmgr-server.spec
+++ b/packaging/pkgmgr-server.spec
@@ -40,7 +40,7 @@ cp %{SOURCE1001} .
 %define backend_dir %{_sysconfdir}/package-manager/backend
 
 %build
-%cmake . -DRUN_DIR=%{run_dir} -DBACKEND_DIR=%{backend_dir}
+%cmake . -DRUN_DIR=%{run_dir} -DBACKEND_DIR=%{backend_dir} -DUNITDIR=%{_unitdir}
 
 %__make %{?_smp_mflags}
 
@@ -59,6 +59,7 @@ mkdir -p %{buildroot}%{_sysconfdir}/package-manager/server
 %files
 %manifest %{name}.manifest
 %defattr(-,root,root,-)
+%{_unitdir}/package-manager.service
 %{_datadir}/dbus-1/system-services/org.tizen.pkgmgr.service
 %config %{_sysconfdir}/dbus-1/system.d/org.tizen.pkgmgr.conf
 %{_bindir}/pkgmgr-server
Domain: App Framework / Application Installer;