José Bollo [Wed, 10 Jun 2015 13:43:52 +0000 (15:43 +0200)]
remove dlog redundancy
Change-Id: I5103a960c3bdb6a1904b814d5526d897643a4ad5
Signed-off-by: José Bollo <jose.bollo@open.eurogiciel.org>
Vyacheslav Barinov [Thu, 5 Feb 2015 06:25:53 +0000 (09:25 +0300)]
Add a post script sqlite3 requirement
updater.sh script doesn't work without sqlite3.
Fixes
Creating database from scratch
/usr/share/privilege-control/db/updater.sh: line 34: sqlite3: command not found
/usr/share/privilege-control/db/updater.sh: line 35: sqlite3: command not found
during firmware build
Change-Id: I204096a145211421f83a848e60608a69014a227e
Signed-off-by: Vyacheslav Barinov <v.barinov@samsung.com>
Ronan Le Martret [Tue, 15 Jul 2014 13:01:25 +0000 (15:01 +0200)]
Clean spec file for yocto compliance.
Change-Id: Iae5d175789742703b61322ffc89124e92636df54
Signed-off-by: Ronan Le Martret <ronan@fridu.net>
Jacek Bukarewicz [Mon, 14 Jul 2014 14:33:56 +0000 (16:33 +0200)]
Use correct path for packaging systemd unit files
Change-Id: Ib4b0a03e24cf84dbd5fd191276ac2ce3592c4faf
Signed-off-by: Jacek Bukarewicz <j.bukarewicz@samsung.com>
Marcin Lis [Tue, 17 Jun 2014 10:54:08 +0000 (12:54 +0200)]
Fix rules updating after permissions reloading.
[Cause] Invalid data types used in SQLite queries for permission_id
causes libprivilege to malfunction on some architectures (arm).
[Solution] Change data types used in permission_id queries from int to int64
Add two debug traces.
[Verification] 1. Build and install on target.
2. Use the following test commit to verify this change:
https://review.tizen.org/gerrit/#/c/23383/
Change-Id: I8ec4b8735b1ae668a184bba03dd847b5c2437e3e
Signed-off-by: Marcin Lis <m.lis@samsung.com>
Marcin Niesluchowski [Thu, 26 Jun 2014 07:55:33 +0000 (09:55 +0200)]
Use cmake and spac variables instead of hardcoded paths.
Change-Id: I301e82c76b0eb2f49851f5bf0c3b0f59818ba26c
Jacek Bukarewicz [Mon, 23 Jun 2014 13:14:23 +0000 (15:14 +0200)]
Use correct librules-db-sql-udf.so library path for 64-bit build
Change-Id: Ie4d0d0ac4fce0928b748cd628466fb8bde9d1309
Signed-off-by: Jacek Bukarewicz <j.bukarewicz@samsung.com>
Jean-Benoit MARTIN [Tue, 13 May 2014 12:40:36 +0000 (14:40 +0200)]
Remove harcoded path for multi-user architecture
Bug-Tizen: PTREL-260
Change-Id: Ib30d3d49b50f607dc4b06c7b7c05acad27c34df5
Signed-off-by: Jean-Benoit MARTIN <jean-benoit.martin@open.eurogiciel.org>
Pawel Polawski [Wed, 14 May 2014 11:07:22 +0000 (13:07 +0200)]
perm_app_enable_permissions() always set persistent rules
Temporary we trade permissinos passed to this function always
as persistent. In fact last parameter of function is unused.
Change-Id: I35fab201a190c3d1129dc818068e4a7f493aeae3
Signed-off-by: Pawel Polawski <p.polawski@samsung.com>
Sebastian Grabowski [Thu, 8 May 2014 07:26:28 +0000 (09:26 +0200)]
Added APP_PATH_PUBLIC and APP_PATH_FLOOR types to perm_app_setup_path function.
Current functionality of perm_app_setup_path is not fully compatibile
with how Smack policy should look like in Tizen 3. For better
compatibility new APP_PATH_PUBLIC type has been added and implementation
of APP_PATH_GROUP_RW, APP_PATH_PUBLIC_RO and APP_PATH_SETTINGS_RW has
been changed to work exactly as APP_PATH_PUBLIC.
Moreover, APP_PATH_FLOOR type has been added that should be used to
label files and directories with "_" (floor) label. This label should be
used from now instead of APP_PATH_ANY_LABEL. APP_PATH_ANY_LABEL is still
supported but it behaves like APP_PATH_FLOOR - it just is for API
compatibility reasons.
Removed all path related tables, views, indexes etc. and code as well.
Verification may be done with the following:
security-tests.sh libprivilege-control --runignored --output=text
sqlite3 /opt/dbspace/.rules-db.db3 ".schema" | grep path
However, some test cases must be rewritten after this patch is accepted.
Change-Id: I6019ba67aa2d032acdee05a2e5c98f2dd6895fb3
Signed-off-by: Sebastian Grabowski <s.grabowski@samsung.com>
Lukasz Wojciechowski [Thu, 8 May 2014 12:03:53 +0000 (14:03 +0200)]
Adjust perm_app_has_permission API function to Tizen 3.0 model.
This function will be used by initial implementation of Cynara.
Cynara does not know anything about pkg_id of application.
It uses smack label for client (application) identification.
Function taking smack label as identifier is needed though.
Change-Id: Ib2fadd13c566b7f83879159a79d4b032862076ad
Signed-off-by: Lukasz Wojciechowski <l.wojciechow@partner.samsung.com>
Rafal Krypa [Wed, 30 Apr 2014 09:40:23 +0000 (11:40 +0200)]
Restore perm_app_has_permission API function.
Function can be used to query if an app has been granted a permission.
It will be used temporarily by initial implementation of Cynara.
Later Cynara will use it's own policy storage, but this is needed to setup
a prototype.
Change-Id: Idb5ea4eb904849f8c3694f4841052d495071a98c
Casey Schaufler [Mon, 12 May 2014 16:20:31 +0000 (09:20 -0700)]
Merge "Modification about smack label of db file belong to process." into tizen
Rafal Krypa [Fri, 11 Apr 2014 12:24:47 +0000 (14:24 +0200)]
Remove remaining parts of "partner" and "platform" application types.
Fix improper revert of commit "extended app_type_t by new
values" (
c7914a7f28). Parts of that were removed in commit "Adapt to
tizenorg" (
479d21a75f), but not all.
Change-Id: Ice56f8b91a92c30fb070531eaa95662837bb2f66
Zofia Abramowska [Mon, 12 May 2014 10:48:50 +0000 (03:48 -0700)]
Merge "Remove remaining parts of "additional rules" feature." into tizen
jooseong.lee [Sat, 10 May 2014 06:22:56 +0000 (15:22 +0900)]
Modification about smack label of db file belong to process.
[Problem]
Most db files have 'floor' label. Because these are created during image creation time.
Therefore no process can write the dbs (since 'floor' label allows only read and execute)
[Solution]
Modify smack label of the db files based on condition below referring three domain model
Condition1. Assign domain of process which creates db files
Condition2. Assign domain of process accesses db files.
Change-Id: Ie1056fbc5758ffdcc1a429a0e5504bf3779648d5
Signed-off-by: jooseong.lee <jooseong.lee@samsung.com>
Marcin Lis [Thu, 8 May 2014 11:29:48 +0000 (13:29 +0200)]
Remove unnecessary defines.
These defines were mistakenly included before (during rebase).
Change-Id: Ibd3de18f3f3befe7e95deef29bb3072875db72ce
Signed-off-by: Marcin Lis <m.lis@samsung.com>
Rafal Krypa [Wed, 2 Apr 2014 16:50:07 +0000 (18:50 +0200)]
Remove remaining parts of "additional rules" feature.
Fix improper revert of commit "Adding additional rules" (
c7914a7f28).
Parts of that were removed in commit "Adapt to tizenorg" (
479d21a75f),
but not all.
Change-Id: Ie093158c887aad56790334072f5bc47cda0c0aab
Jacek Bukarewicz [Tue, 15 Apr 2014 12:06:50 +0000 (14:06 +0200)]
Fix boot-time smack rule loading
smack-rules.service assumed that /smack/ directory is the smackfs mount point,
which is not always the case. Fix by piping smack rules to smackload
command which will correctly load rules regardless of mount point used.
Change-Id: I8d5ddd97bb1bd3a1915e2446947f1d512d841567
Signed-off-by: Jacek Bukarewicz <j.bukarewicz@samsung.com>
Marcin Lis [Fri, 14 Mar 2014 12:41:34 +0000 (13:41 +0100)]
Adapt to tizenorg: Change implementation of exec labels for links to binaries
Change hardcoded Smack xattr names to those defined in <linux/attr.h>.
Use [l]<set|get>xattr() functions instead of libsmack labelling functions.
Change the logic of get_smack_from_binary() internal function so that it
now operates on new macros.
Additionally remove unused "verify_app_type" and "is_widget" functions.
Change-Id: I406a0baa94a9936130786a55a101cef617248a39
Signed-off-by: Marcin Lis <m.lis@samsung.com>
Casey Schaufler [Thu, 24 Apr 2014 15:05:42 +0000 (08:05 -0700)]
Merge "Adapt to tizenorg: Generate app label from pkg_id" into tizen
Zofia Abramowska [Mon, 14 Apr 2014 14:12:02 +0000 (16:12 +0200)]
Removing slp-su
Removing unused functionality of slp-su binary and source code.
Change-Id: I7bc2f62518a4ea3e3eaaccbb10aec402cd218aac
Marcin Lis [Thu, 13 Mar 2014 12:20:16 +0000 (13:20 +0100)]
Adapt to tizenorg: Generate app label from pkg_id
Add "generate_app_label" internal function, which is currently a stub that
always returns label: "User". This is temporary solution, the function will be
implemented for both Tizen IVI and Mobile profiles using preprocessor
directives and compilation macros.
Function is used in libprivilege API functions that use pkg_id,
app_name or equivalent parameter.
In addition, instructions in "perm_app_uninstall" and
"perm_app_revoke_permissions" are temporary commented out. These functions
will be restored when the libprivilege database is able to keep the same label
for all installed applications and uninstall/revoke them separately.
Change-Id: I1ee2f564f033536a672fe56110e10d507ad8f269
Signed-off-by: Marcin Lis <m.lis@samsung.com>
Marcin Niesluchowski [Wed, 26 Mar 2014 15:59:50 +0000 (16:59 +0100)]
Remove unused or redundant defines.
Those defines should be removed earlier with commits:
-> Remove legacy code for WRT, enable new WRT functionality.
-> Move appsetting and antivirus privileges to smack-privilege-conf
-> Revert "rollback because of rule database"
ACC_LEN already defined in common.h
Change-Id: I6b0945f47f3520272c4e41b4d12e5d9456513326
Marcin Niesluchowski [Wed, 12 Mar 2014 16:13:16 +0000 (17:13 +0100)]
Remove group_list variable from struct new_user.
group_list is unused. Functionality using it was removed before
(see: https://review.tizen.org/gerrit/#/c/5892/) but code
has not been cleaned completely. Cleaning it now.
Change-Id: I9fe2732230657c5d294d6cd76b67927fcf5cce3f
Lukasz Wojciechowski [Mon, 10 Mar 2014 09:13:07 +0000 (10:13 +0100)]
Fix integer types
[Issue#] N/A
[Feature/Bug] ssize_t, size_t and int are misused
[Problem] code does not compile on 64bit platforms
[Cause] N/A
[Solution] use proper types, check for integer overflow
[Verification] Succesfully build on 32 and 64 bit platforms
Change-Id: Ia1bee500ce312f8bfc9ecc7f0577274c2db75c5e
Signed-off-by: Lukasz Wojciechowski <l.wojciechow@partner.samsung.com>
Zofia Abramowska [Wed, 5 Mar 2014 15:15:03 +0000 (16:15 +0100)]
Adapt to tizenorg
Remove unused by tizenorg API and functionality
Change-Id: I6937dd7a0178cc8071fffef7e1474ac830b41e9c
Krzysztof Jackiewicz [Mon, 24 Feb 2014 10:31:16 +0000 (11:31 +0100)]
Merge branch 'sandbox/kjackiewicz/samsung_devel' into tizen
Update libprivilege implementation to sqlite database
Adapting to tizenorg in dependent commit
Change-Id: If0d208d595f4afe99a0edaa9e53119b4e51368be
Lukasz Wojciechowski [Thu, 13 Feb 2014 13:00:46 +0000 (14:00 +0100)]
Update comment in API header file.
[Issue#] N/A
[Feature/Bug] N/A
[Problem] newly recognized tokens were not mentioned in header
[Cause] N/A
[Solution] update header
[Verification] Succesfully build.
Change-Id: Ie0046436822a1b046a7f385c3e954cafde95973b
Kidong Kim [Thu, 13 Feb 2014 02:46:21 +0000 (11:46 +0900)]
fix package type
Change-Id: I7e86cadefea8ec76b5dd8d234dd26fc33bf59f35
Lukasz Wojciechowski [Thu, 30 Jan 2014 15:12:20 +0000 (16:12 +0100)]
Recognize all types of application (+OSP, +EFL)
[Issue#] N/A
[Feature/Bug] N/A
[Problem] OSP and EFL applications are not recognized (treated as OTHER)
[Cause] N/A
[Solution] Recognition added
[Verification] Succesfully build and run tests
Change-Id: I1cf4e81d19ce232db8bd94a8ce687105542b3469
Adam Malinowski [Thu, 30 Jan 2014 10:12:04 +0000 (11:12 +0100)]
Clean scriplet 'post' section.
[Issue#] SSDWSSP-531
[Feature] Removes unneeded file operations from 'post section'.
[Cause] Post section is intended for file operations.
[Solution] Unneeded operations are removed, other are moved to 'install'
and 'files' sections. Details are placed in CAM project.
[Verification] Two ways:
- build packages, install them on target and run tests,
- build image with previously built packages and run tests
Change-Id: I51ccc3dbb8a9b45c3b2da224470b60e2cc830d58
Conflicts:
packaging/libprivilege-control.spec
Pawel Broda [Thu, 16 Jan 2014 11:57:13 +0000 (12:57 +0100)]
New API for getting information about application privileges state
[Issue#] SSDWSSP-627.
[Feature] Introduce new API for getting information
about application privileges state.
[Cause] Privacy Manager uses another database to
get info about app priviliges state.
[Solution] Two API functions are added.
[Verification] Buid, install and run tests.
Change-Id: Ifd987c05442ebb103d2f3fdbf5acc59c6a0affeb
Pawel Broda [Wed, 4 Dec 2013 13:27:26 +0000 (14:27 +0100)]
API for transaction rollback in libprivilege
[Issue#] SSDWSSP-609
[Feature] Provides possibility to rollback transaction.
[Cause] N/A
[Solution] N/A
[Verification] Build and run on the target.
Change-Id: Ic347e8c26733014564ccbc7d024d350bc87391cb
Jan Olszak [Tue, 21 Jan 2014 14:41:41 +0000 (15:41 +0100)]
Correction in sqlite3_finalize error handling.
[Issue#] N/A
[Bug] Error codes in sqlite3 are positive.
[Cause] N/A
[Solution] N/A
[Verfication] Build, run tests.
Change-Id: I32ab59340d3143021ce0990f8d7d7c4c9131e78b
Damian Chromejko [Tue, 3 Dec 2013 11:30:37 +0000 (12:30 +0100)]
Implement perm_app_remove_path() for libprivilege-control API.
[Issue#] SSDWSSP-698
[Bug/Feature] Function used to remove paths along with all associated
rules.
[Cause] Extending libprivilege-control API.
[Solution] Implemented chain of functions exposing requested API.
[Verification] Build, install and run tests.
Change-Id: Idc0d7878d852056085649b698d6afa714a91ba83
Piotr Bartosiewicz [Tue, 21 Jan 2014 14:56:57 +0000 (15:56 +0100)]
Code cleanup
[Issue#] N/A
[Bug/Feature] Unused variables, minor warnings
[Cause] N/A
[Solution] N/A
[Verification] N/A
Change-Id: I5530e2459b402ef0625afe13a2e693cd3f415842
Jan Olszak [Mon, 20 Jan 2014 11:15:56 +0000 (12:15 +0100)]
Removed unused linker flags.
[Issue#] SSDWSSP-832
[Feature] Some linker flags were ignored previously and deleted
in gcc 4.8.
[Cause] N/A
[Solution] N/A
[Verification] Build, run tests and run dbuild.
Change-Id: I6fcc1d1d2e65c6c860065df88a1d86a68477540d
Pawel Broda [Wed, 8 Jan 2014 11:38:00 +0000 (12:38 +0100)]
Add some file names to api_feature_loader output
[Issue#] SSDWSSP-606
[Feature] Small change providing more informative output.
[Cause] N/A
[Solution] N/A
[Verification] Build, run on the target, see if api_feature_loader
prints out applied changes.
Pawel Broda [Wed, 8 Jan 2014 11:38:00 +0000 (12:38 +0100)]
Extend api_feature_loader options.
[Issue#] SSDWSSP-606
[Feature] Provides possibility to use globs like '*' or '?' in file names
(i.e. with '-f' option).
This feature is based on glob() function, please have a look at
documentation (man 3 glob) for more details.
For example, having following directory structure:
testfiles /
EFL_1.smack
EFL_2.smack
EFL_3.smack
EFL_5.smak // it's not a typo
GFL_6.smack // it's not a typo
would be possible to issue (quotes are not mandatory):
api_feature_loader --verbose -f"testfiles/*"
in order to load rules from the following files:
EFL_1.smack, EFL_2.smack and EFL_3.smack.
Please note, that EFL_5.smak matches pattern, but the extension
is wrong so it will not be loaded.
[Cause] N/A
[Solution] N/A
[Verification] Build, run od the target, see if /opt/dbspace/.rules-db.db3
is updated.
Change-Id: I6713f33b8e44cdb87659286bce513e68e4f5d98c
Damian Chromejko [Thu, 19 Dec 2013 09:31:30 +0000 (10:31 +0100)]
Add support for shared transaction in libprivilege-control DB.
[Issue#] SSDWSSP-722
[Feature] No redundant rules updating during shared read
transactions.
[Cause] Rules in the DB are unnecessarily updated during shared
read transactions.
[Solution] Rules in the DB are updated only if the current
transaction is not a shared read transaction.
[Verification] Although no additional tests were created, all previous tests
should pass.
Change-Id: I6738add767cf1b666680a956ad19572a99d693e5
Lukasz Wojciechowski [Thu, 19 Dec 2013 09:07:57 +0000 (10:07 +0100)]
Rule tokenizer fix
[Issue#] N/A
[Feature] tokenize_rule may cause Segmentation Fault due to improper use of sscanf.
[Cause] N/A
[Solution] tokenize_rule rewritten
[Verification] Build, install, run tests.
Change-Id: Ief5ef1910ab459d82035887cbc8cda9d8897c734
Damian Chromejko [Fri, 22 Nov 2013 11:49:10 +0000 (12:49 +0100)]
Implement perm_app_get_permissions() API in libprivilege-control.
[Issue#] SSDWSSP-669
[Bug/Feature] Add function to get a list of all permissions of a given
type for the specified application.
[Cause] Extending provided API.
[Solution] Added a chain of functions extending existing API with
necessary features.
[Verification] Build, install, run tests.
Change-Id: I0b3335191e50e954f95804463a2e073f1715e9db
Damian Chromejko [Tue, 26 Nov 2013 15:47:23 +0000 (16:47 +0100)]
Implement perm_app_get_paths() API in libprivilege-control.
[Issue#] SSDWSSP-670
[Bug/Feature] Add a function that retrieves a list of paths of a specified
type for a given application.
[Cause] Extending libprivilege-control API
[Solution] Added a chain of functions extending existing API.
[Verification] Build, install, run tests.
Change-Id: I225668e57030d1bc32cee8e2169fc5070138eec0
Sebastian Grabowski [Mon, 4 Nov 2013 07:18:17 +0000 (08:18 +0100)]
New API for registering app permissions.
[Issue#] SSDWSSP-620
[Bug/Feature] Add new API in libprivilege-control and use it in
security-server.
[Cause] There is a need to prepare changes for installers team
regarding usage of perm_app_setup_permissions function.
[Solution] Function perm_app_setup_permissions (former
perm_app_register_permissions) is intended to
add persistent permissions during installation process.
Function perm_app_enable_permissions from now on should
not be used for initial addition of app permissions.
Dependencies:
security-tests:
I18ddd5d286988584cd822a4b929419c8bc1c6102
[Verification] Build, install, run tests.
Change-Id: I4a14b0f91a5bc7e358339cacb5b93fcf234935eb
Jan Olszak [Mon, 16 Dec 2013 10:14:27 +0000 (11:14 +0100)]
Corrected marking additional rules as modified.
[Issue#] N/A
[Bug/Feature] Smack rules didn't change when additional rules
were deleted.
[Cause] N/A
[Solution] Marked all aditional rules as modiefied.
[Verification] Build, install, run tests.
Change-Id: Idba8c5b2253ee4fa718434567afbc6bce0d30e87
Krzysztof Jackiewicz [Thu, 30 Jan 2014 11:47:43 +0000 (12:47 +0100)]
During package installation there is no test for /opt/dbspace existence.
[Issue#] N/A
[Bug/Feature] When creating databse from scratch during depedencies
installation for gbs build process error occurs:
Error: unable to open database "/opt/dbspace/.rules-db.db3":
unable to open database file.
[Cause] Missing /opt/dbspace directory.
[Solution] Add checking for /opt/dbspace existence. Create directory
if missing.
[Verification] Delete /opt/dbspace, install libprivilege-control, check if
/opt/dbspace and "/opt/dbspace/.rules-db.db3" exists.
Change-Id: I216b75caf63ac69d08b0d3b07981860606dcb6b8
Conflicts:
packaging/libprivilege-control.spec
Lukasz Wojciechowski [Thu, 12 Dec 2013 19:09:01 +0000 (20:09 +0100)]
Store temporary tables in memory instead of in files.
[Issue#] N/A
[Bug/Feature] Temporary tables are being kept in files,
but storing them in memory might speed up
a little bit access to them.
[Cause] N/A
[Solution] Store temporary tables in memory.
[Verification] Build, install, run libprivilege-control
stress tests with time measure and compare
result from before and from after patch.
time libprivilege-control-test --output=text\
--group=libprivilegecontrol_stress
Change-Id: I66408b1b2a17b8e3ff10add7c8bb6abaddbbb019
Piotr Bartosiewicz [Mon, 9 Dec 2013 15:45:55 +0000 (16:45 +0100)]
FOTA/FUS update script for libprivilege
[Issue#] SSDWSSP-711
[Bug] Database schema is not updated after FOTA/FUSE system update.
[Cause] FOTA updates only RO partitions, every RW modifications
(which are usually done in rmp %post) should be done in
a dedicated FOTA script.
[Solution] Added an update script to /etc/opt/upgrade/
[Verification] Use image with database in version 2 (eg.
20131202).
(sqlite3 .rules-db.db3 "PRAGMA user_version;")
Quick verification:
- build
- install
- run /etc/opt/upgrade/220.libprivilege-updater.patch.sh
Full FOTA verification:
- follow instructions from CAM task
- database should be upgraded from 2 to 3
Change-Id: Ia6a707443a83bc776545a079bc550b06a5108d44
Jan Olszak [Fri, 22 Nov 2013 19:32:42 +0000 (20:32 +0100)]
Removed a spell mistake form defines.
[Issue#] N/A
[Bug/Feature] Spell mistake in three defines
[Solution] Renamed *WGT* macros to *WRT*
[Veryfication] Build, install, run tests.
Change-Id: I66b7974e86352020c34fca9ef901664f11b24d87
Krzysztof Jackiewicz [Tue, 21 Jan 2014 13:26:37 +0000 (14:26 +0100)]
Merge remote-tracking branch 'rsa/master' into tizen
Conflicts:
CMakeLists.txt
include/privilege-control.h
packaging/libprivilege-control-conf.manifest
packaging/libprivilege-control.changes
packaging/libprivilege-control.manifest
packaging/libprivilege-control.spec
packaging/smack-default-labeling.service
smack_default_labeling
src/privilege-control.c
Change-Id: I8d0a785c405f9b0df698143e5fa4792c2ac3caef
Casey Schaufler [Tue, 21 Jan 2014 01:45:08 +0000 (17:45 -0800)]
Clean out obsolete Smack configuration files
The Tuzen 3 Smack configuration does not use files
out of /opt/etc/smack. That's just as well, as the files
installed there do not reflect the three domain model.
This change removes the files defined in libprivilege-control.
Change-Id: Id9914ed8ff604ceff59d1faa5e51a9c399c3e8b7
Signed-off-by: Casey Schaufler <casey.schaufler@intel.com>
Jan Olszak [Mon, 2 Dec 2013 17:05:50 +0000 (18:05 +0100)]
Full deletion of previous definition of permission.
[Issue#] N/A
[Bug/Feature] Rules with wildcards were not deleted.
[Cause] N/A
[Solution] Deleteing records from other tables as well.
[Verification] Build, install, run tests.
Change-Id: I5c401829a4b92a903c1eb68351605ef2bb2803f0
Damian Chromejko [Tue, 19 Nov 2013 08:53:24 +0000 (09:53 +0100)]
Add strerror equivalent in libprivilege for more informative error logging.
[Issue#] SSDWSSP-646
[Bug/Feature] Add strerror equivalent in libprivilege for more informative
error logging.
[Cause] Currently there is no way to check the reason for the
error apart from looking directly into the code.
[Solution] An strerror equivalent was created to convert error code
to human-readable error description.
[Verfication] Build, install, run tests.
Change-Id: I9cd4416133e782d52cf9a8488e7b10fcf82546f2
Jan Olszak [Mon, 2 Dec 2013 16:09:39 +0000 (17:09 +0100)]
Delete of a possible unnecessary transaction rollback.
[Issue#] N/A
[Bug/Feature] Error before transaction open
was not PC_ERR_DB_CONNECTION
[Cause] N/A
[Solution] Changed error code.
[Verification] Build, install, run tests.
Marcin Niesluchowski [Thu, 21 Nov 2013 16:43:35 +0000 (17:43 +0100)]
Changing functions' descriptions to be consistent with their content and usage.
[Issue#] SSDWSSP-655
[Bug/Feature] Description is incorrect. Some functions hasn't been marked as
DEPRECATED.
[Cause] Libprivilege-control structure and funcionality change.
[Solution] Descriptions change.
[Verification] N/A
Change-Id: I52318a60e4fbc4edf7a61aedf25d3e7760ca5418
Lukasz Wojciechowski [Tue, 19 Nov 2013 12:56:40 +0000 (13:56 +0100)]
Fix const struct fields change by base_name_from_perm function.
[Issue#] derived from SSDWSSP-644
[Feature] base_name_from_perm changes consts
[Cause] It may cause memory access problems.
[Solution] Change local variables not const struct fields.
[Verification] Build security-tests, run tests on target
Change-Id: I5a2cb62b67243673ae1f8db399d2b6e3cd00e94b
Marek Smolinski [Tue, 26 Nov 2013 10:02:02 +0000 (11:02 +0100)]
Removed internal call perm_begin() inside perm_app_install()
Call perm_begin() inside app_install() function is redundant,
internal call rdb_add_appliaction() makes rdb_begin()
[Issue#] SSDWSSP-673
[Bug/Feature] N/A
[Cause] N/A
[Solution] N/A
[Verification] build platform via dbuild,
run osp, wrt installer:
wrt-installer --install
/usr/bin/TestMisiuPysiu123.wgt
wrt-installer --install
/usr/bin/MisiuPysiu123Partner.wgt
wrt-installer --install
/usr/bin/MisiuPysiu123Platform.wgt
osp-installer -i /usr/bin/uqNfgEjqc7-1.0.0-arm.tpk
osp-installer -i /usr/bin/j4RuPsZrNt-1.0.0-arm.tpk
osp-installer -i /usr/bin/V5LKqDFBXm-1.0.0-arm.tpk
wrt-installer --uninstall-name QwCqJ0ttyS
wrt-installer --uninstall-name 7btsV1Y0sX
wrt-installer --uninstall-name G4DE3U2vmW
osp-installer -u uqNfgEjqc7
osp-installer -u j4RuPsZrNt
osp-installer -u V5LKqDFBXm
Change-Id: I154a5424eff562d4a2cb4026a3087208991f6d19
Piotr Bartosiewicz [Wed, 27 Nov 2013 15:10:25 +0000 (16:10 +0100)]
Optimize perm_begin and perm_end
[Issue#] SSDWSSP-596
[Bug/Feature] Database operations executed in perm_begin and perm_end
are very slow.
[Cause] All the rules were calculated every perm_end.
[Solution] Calculate only modified rules.
[Verification] Build, install, run tests - to check correctness.
Compare speed of application installation and
deinstallation before and after library update.
Make sure a database is exactly the same as in new
image (running our tests adds a lot of new rules).
I've notices 2x - 7x speedup (depending on the number of
modified rules).
Change-Id: Ifba86c1c8b09230458482c9c31468245bf3edbbb
Zbigniew Jasinski [Fri, 29 Nov 2013 10:31:22 +0000 (11:31 +0100)]
Change debug flag from TIZEN_ENGINEER_MODE to TIZEN_DEBUG_ENABLE
Also changes in spec file reflecting flag change.
[Issue#] SSDWSSP-697
[Feature/Bug] N/A
[Problem] Many issues in user binaries.
[Cause] N/A
[Solution] Add debug not only for engineering packages.
[Verification] Build with debug flag, run tests.
Change-Id: I50581bf7d0601156059cb8698123ba3dbaffc845
Radoslaw Bartosiak [Mon, 25 Nov 2013 17:42:49 +0000 (18:42 +0100)]
Elimination of relative command paths ambiguity
[Issue#] SSDWSSP-684
[Bug/Feature] A security vulnerability to attacks fixed.
[Cause] Malicious change of PATH variable might be used to an exploit (change of commands).
[Solution] The correct PATH variable set in the script.
[Verification] Build, install and run tests.
Change-Id: I85753bfe4fdf8b5cb9fe7cab1caa5b88725a04a0
Conflicts:
smack_default_labeling
Radoslaw Bartosiak [Tue, 26 Nov 2013 16:37:41 +0000 (17:37 +0100)]
Elimination of floor (_) labeled executables
[Issue#] SSDWSSP-684
[Bug/Feature] A security vulnerability to attacks fixed.
[Cause] Using a floor labeled exec, a malicious process can pollute the floor labeled resources.
[Solution] The floor labeled executables were eliminated.
[Verification] 1) Build, install and run tests.
2) Verify that no executables from the package has the floor label.
Change-Id: I3999cb71c01a29fbe1a2e0e86b0991d21528beb3
Conflicts:
packaging/libprivilege-control.manifest
Casey Schaufler [Fri, 22 Nov 2013 22:23:01 +0000 (14:23 -0800)]
Remove obsolete systemd smack-default-labeling.service
Smack rules are now set directly by systemd. This service
is no longer required.
Change-Id: I7e5b1852efbe1170b4deee8ba411b087c7272af0
Signed-off-by: Casey Schaufler <casey.schaufler@intel.com>
Jan Cybulski [Fri, 22 Nov 2013 07:29:52 +0000 (08:29 +0100)]
Move all sql files to a separate directory
[Issue#] SSDWSSP-615
[Bug/Feature] Sql scripts were added to /usr/share/privilege-control,
which is not the best place, as lots of .rule files are
located in that directory.
[Solution] Move them to subdirectory db.
[Veryfication] Build, install, run tests.
Change-Id: I4f9db8b8fe2a7e3bbf1d37cc2df4ca650493ce3d
Jan Cybulski [Fri, 8 Nov 2013 13:42:04 +0000 (14:42 +0100)]
Add database versioning and upgrading.
[Issue#] SSDWSSP-615
[Bug/Feature] Database upgrade was not possible without data loss.
[Cause] N/A
[Solution] Enable database upgrading by sequential calling upgrade
sql scripts.
Also, move all sql files to /usr/share/privilege-control/.
[Verification] -Remove one of the update files *-to-v2.sql in /db/updates,
build and check if %check script properly detects lack of
that file (build should stop with error).
-Add that file again.
-Build newest libprivilege-control (this)
and libprivilege-control-0.0.58
and libprivilege-control-0.0.59.
-Install libprivilege-control-0.0.58, and then install newest.
-Should install without problems. Run tests.
-Remove database, install V59, and then install newest.
-Should install without problems, Run tests.
-Remove database, install newest.
-Should install without problems, Run tests.
Change-Id: I5b232cba86c252d3ba2ac2e5432dcad816790823
Sebastian Grabowski [Thu, 7 Nov 2013 12:16:18 +0000 (13:16 +0100)]
Move appsetting and antivirus privileges to smack-privilege-conf
[Issue#] SSDWSSP-607
[Bug/Feature] Move appsetting and antivirus privileges to
smack-privilege-conf repository
[Cause] Since wildcards implementation in smack rule templates
appsetting and antivirus privileges no longer needs to
be added with rules-db-data.sql script.
[Solution] Removed obsolete sql statements.
Dependency from smack-privilege-config:
Ife85ad691fe036d1dfb9cfdb489d9e24ecba1947
[Verification] Test content of permission,
permission_app_path_type_rule_view and
permission_app_path_type_rule_view tables/views in
.rules-db.db3 after libprivilege-control installation
and after smack-privilege-config:
Delete rules db:
rm /opt/dbspace/.rules-db.db3
Delete smack rules:
rm /usr/share/privilege-control/*.smack
Install libprivilege-control with this change:
rpm -Uvh --force --nodeps /tmp/rpm/libprivilege-control-*
Run the following sqlite3 commands:
sqlite3 -column /opt/dbspace/.rules-db.db3 "select * from permission;"
sqlite3 -column /opt/dbspace/.rules-db.db3 "select * from permission_permission_rule_view;"
sqlite3 -column /opt/dbspace/.rules-db.db3 "select * from permission_app_path_type_rule_view;"
After these commands there should be no
org.tizen.privilege.appsetting nor
org.tizen.privilege.antivirus entries.
Next, install smack-privilege-config (with
Ife85ad691fe036d1dfb9cfdb489d9e24ecba1947 changes):
rpm -Uvh --force --nodeps /tmp/rpm/smack-privilege-config-*
Run the following sqlite3 commands (the same like above):
sqlite3 -column /opt/dbspace/.rules-db.db3 "select * from permission;"
sqlite3 -column /opt/dbspace/.rules-db.db3 "select * from permission_permission_rule_view;"
sqlite3 -column /opt/dbspace/.rules-db.db3 "select * from permission_app_path_type_rule_view;"
After these commands proper org.tizen.privilege.appsetting and
org.tizen.privilege.antivirus entries should be in the
database.
Change-Id: I329fb361ea57b6cc86650b00074439eedad1c0d3
Ossama Othman [Thu, 21 Nov 2013 00:31:17 +0000 (16:31 -0800)]
Fixed smack default label unit file ordering problem.
Change-Id: Ie1ad6afbf8308706040dc65386ec580a82854b75
Signed-off-by: Ossama Othman <ossama.othman@intel.com>
Jan Olszak [Tue, 12 Nov 2013 15:51:57 +0000 (16:51 +0100)]
Correction in marking labels as modified.
[Issue#] N/A
[Bug/Feature] After uninstalling rules with app's paths stayed.
[Cause] Wrong order of delete - mark as modified.
[Solution] Changed the order.
[Verification] Build, install, run tests.
Change-Id: I3c61c552f845b1bf9e02e76c7b837eb7e59b7634
Jan Olszak [Tue, 12 Nov 2013 10:58:10 +0000 (11:58 +0100)]
Removed a memory leak.
[Issue#] N/A
[Bug/Feature] Memmory leak.
[Cause] N/A
[Solution] Added free at the end.
[Verification] Build, install, run tests.
Change-Id: If90f80a2c60f586628834b0ad5ea06a53aa62488
Krzysztof Jackiewicz [Tue, 12 Nov 2013 08:38:43 +0000 (09:38 +0100)]
Duplicated path error ignored
[Issue#] N/A
[Feature/Bug] N/A
[Problem] Path related rules are not correctly generated after application
upgrade (adding settings folder)
[Cause] Adding existing path to and application causes error and results in a
rollback during perm_end.
[Solution] INSERT in path_view_insert_trigger changed to INSERT OR IGNORE.
[Verification] Upgrade an application. It should succeed despite of registering
paths that already exist in db
Change-Id: Ia0ddfdcac906e44401e6152f839321be967bcb76
Marcin Lis [Tue, 8 Oct 2013 09:41:06 +0000 (11:41 +0200)]
New API for permission checking
[Issue#] SSDWSSP-527
[Feature] Introduce new API function.
[Cause] New API will improve the performance while checking
app permissions. It is also needed by Security Server.
[Solution] One new API function is added, which enables user to check
whether an app with given label has enabled permission
specified by name.
[Verification] Build, install & run tests.
Change-Id: I4c068f593c585d5a16e2ca9f72666aea79fafcab
Sebastian Grabowski [Mon, 4 Nov 2013 13:49:32 +0000 (14:49 +0100)]
Add perm_app_register_permissions function.
[Issue#] SSDWSSP-620
[Bug/Feature] Add new API in libprivilege-control and use it in
installators (perm_app_register_permissions)
[Cause] There is a need that only installators could add
persistent rules
[Solution] Added new perm_app_register_permissions function
[Verification] Just built and run tests
Change-Id: I6703579756a806dcb1b38ccb9d730bd361dd6ab6
Jan Olszak [Mon, 4 Nov 2013 12:07:47 +0000 (13:07 +0100)]
Changed schema_version to user_version.
[Issue#] N/A
[Bug/Feature] N/A
[Cause] N/A
[Solution] Changed schema_version to user_version
[Verification] Build, install.
Change-Id: Ife7d18247d54a89c0cd00460f8b37f7e86579fad
Jan Olszak [Thu, 31 Oct 2013 15:16:15 +0000 (16:16 +0100)]
Correction in schema_version.
[Issue#] N/A
[Bug/Feature] Wrong schema version number.
[Cause] N/A
[Solution] Changed 1.1 to 2.
[Verification] Build, install.
Change-Id: I5dde4094f04d62010d81b4220d79b7df698dd6c0
Jan Olszak [Thu, 17 Oct 2013 17:50:32 +0000 (19:50 +0200)]
Modified perm_end and rdb_end so they return error code.
[Issue#] SSDWSSP-183
[Bug/Feature] Return code when finishing transaction.
[Cause] N/A
[Solution] Added return code
[Verification] Build, install, run tests.
Change-Id: I649bf4b8a1b0313e969ffd5428650fae0a1fb9ff
Krzysztof Jackiewicz [Mon, 28 Oct 2013 14:19:08 +0000 (15:19 +0100)]
Prevent fix - NULL check after dereference.
[Issue#] N/A
[Feature/Bug] N/A
[Problem] Pervent issue CID 34517
[Cause] Variable was checked against NULL after dereferencing.
[Solution] NULL check removed
[Verification] Successfull compilation
Change-Id: Ie8f878c79c2d0e8fe97e8cfa5f2b116e4cb2fd22
Krzysztof Jackiewicz [Fri, 25 Oct 2013 12:47:49 +0000 (14:47 +0200)]
Merge rsa/tizen_2.2 into rsa/master
Change-Id: Id5b7c2f8b3b8f8d6ebda4cb97927e873f1c71449
Krzysztof Jackiewicz [Fri, 25 Oct 2013 12:47:00 +0000 (14:47 +0200)]
[Release] libprivilege-control_0.0.43.TIZEN
* Revert "add API definition"
* Implement new wildcard ~NPRUNTIME_PATH~ +fix workaround
* Implement adding new WRT rules in libprivilege-control
* add API definition
* Correction in enabling permissions.
* Renamed enums and deleted unused defines
* Modified checking labels and deleted unused checking.
* Change in setup path.
* Change in boot script.
* Adding additional rules.
* Implementation of cross-app rule patterns in *.smack files
* Corrected a mistake in deleting paths.
* Deleting paths on revoking permissions.
* Deleted volatile rules on boot and corrected permission format.
* Modified boot script, added deleting volatile rules.
* Made marking labels as modified beautiful.
* Changed new API names.
* Loading api-features from a file.
* Revert "rollback because of rule database"
* add systemd options
* Add README file
* Compilation flags 'verbose' mode
* Unused function smack_get_access_new removed
* Libprivilege API cleanup
* Add missing information about APP_PATH_ANY_LABEL in header
* Takes compilation profile from command line.
* Add for all anti viruses RWX access to all public-RO and group-RW shared folder
* Simple corrections in api-feature handling. +Fix
Change-Id: I0749261e11e71463e48ec5978cc2e824e6278309
Krzysztof Jackiewicz [Fri, 25 Oct 2013 12:14:23 +0000 (14:14 +0200)]
Revert "add API definition"
This reverts commit
2cc85c9c19921c0421eeddce164431cc162db254.
Marcin Lis [Thu, 24 Oct 2013 09:52:42 +0000 (11:52 +0200)]
Implement new wildcard ~NPRUNTIME_PATH~ +fix workaround
[Issue#] SSDWSSP-599
[Feature] N/A
[Cause] It was impossible to add reverse type rules from
smack-privilege-config additional rules file.
Also there was a need to add rules associated with new path_type
NPRUNTIME_PATH.
[Solution] New wildcard has been introduced, temp workaround fixed.
[Verification] Build, install and run tests including the smack-privilege-config
rpm built from the following commit:
https://review.tizendev.org/gerrit/#/c/245166/
Change-Id: I14cf28ebb3ca9be80d35073db19fe53127cc744d
Marcin Lis [Tue, 22 Oct 2013 18:14:55 +0000 (20:14 +0200)]
Implement adding new WRT rules in libprivilege-control
[Issue#] SSDWSSP-599
[Feature] Introduce new option in perm_app_setup_path which comes
with new enumeration literal to parameter.
[Cause] There is a need for WRT applications to label their own symbolic
link to PluginProcess with label: "<wrt_app_label>.npruntime".
This newly created label should have such smack accesses granted:
<wrt_app_label>.npruntime system::homedir rxat
<wrt_app_label>.npruntime xorg rw
<wrt_app_label>.npruntime <wrt_app_label> rxat
Also app should have the following access also:
<wrt_app_label> <wrt_app_label>.npruntime rw
[Solution] API change: PERM_APP_PATH_NPRUNTIME literal added to enum
"app_path_type_t". Also, middleware can now use it in
perm_app_setup_path to give special EXEC label to executable file
or symbolic link and enable all required accesses.
IMPORTANT: after installing any WRT (WGT) application use:
// ------------------------------------------------
perm_app_setup_path(<wrt_app_id>,
<path_to_symlink>,
PERM_APP_PATH_NPRUNTIME);
// ------------------------------------------------
This will enable required permissions permanently.
[Verification] Build, install on target, run commands:
# sqlite3 /opt/dbspace/.rules-db.db3
sqlite> select * from app_path_type;
sqlite> select * from label_app_path_type_rule_view;
After that verify that there is a row with "NPRUNTIME_PATH" in
the first query result (in app_path_type table), and both
"system::homedir|NPRUNTIME_PATH" and "xorg|NPRUNTIME_PATH"
in the second result.
Also run tests.
Change-Id: I2a3c396c5d8ef38fb49f78fb4c77ec0ec12af57f
Kidong Kim [Thu, 24 Oct 2013 00:30:42 +0000 (09:30 +0900)]
add API definition
Jan Olszak [Fri, 4 Oct 2013 17:00:09 +0000 (19:00 +0200)]
Correction in enabling permissions.
[Issue#] SSDWSSP-183
[Bug/Feature] WRT_platform ect. permissions added as WRT
[Cause] N/A
[Solution] Correction in enabling permissions.
[Verification] Build, install, run tests.
Change-Id: I9c7202615550da2d152c6909b773e4a7d12d0641
Jan Olszak [Fri, 4 Oct 2013 11:03:26 +0000 (13:03 +0200)]
Renamed enums and deleted unused defines
[Issue#] SSDWSSP-479
[Bug/Feature] N/A
[Cause] N/A
[Solution] Renamed enums ect..
[Verification] Build.
Change-Id: Id7d691ae6aecfef3c5f46e6e36ae3ad188f6222c
Jan Olszak [Thu, 3 Oct 2013 14:22:27 +0000 (16:22 +0200)]
Modified checking labels and deleted unused checking.
[Issue#] SSDWSSP-183
[Bug/Feature] Little speed-up in checking application label.
[Cause] N/A
[Solution] Changed the select stmt. Deleted two unused functions.
[Verification] Build, install, run tests.
Change-Id: I69685bed16c7b1bc955bc4695f341e969714a7d1
Jan Olszak [Tue, 1 Oct 2013 16:55:44 +0000 (18:55 +0200)]
Change in setup path.
[Issue#] SSDWSSP-183
[Bug/Feature] N/A
[Cause] N/A
[Solution] N/A
[Verification] N/A
Change-Id: I299003f07c06230ce16e229bd525de1e9bc94218
Jan Olszak [Tue, 1 Oct 2013 08:55:34 +0000 (10:55 +0200)]
Change in boot script.
[Issue#] SSDWSSP-183
[Bug/Feature] N/A
[Cause] N/A
[Solution] Used redirection to write rules to kernel.
[Verification] Build, install, reboot,
run systemctl status smack-rules.service
Change-Id: I7034823ba6f124a9793657078ada70fc175f53e6
Jan Olszak [Thu, 26 Sep 2013 16:26:19 +0000 (18:26 +0200)]
Adding additional rules.
[Issue#] N/A
[Bug/Feature] New rule patterns in templates.
[Cause] N/A
[Solution] Loading rules from ADDITIONAL_RULES.smack
[Verification] Build, install,
run api_feature_loader --verbose
confirm rules are in /smack/load2
reboot
confirm rules are in /smack/load2
Change-Id: I4cc5a7d0ddd83d9bdff45b61f5ec242d7a9860d6
Jan Olszak [Fri, 13 Sep 2013 15:34:48 +0000 (17:34 +0200)]
Implementation of cross-app rule patterns in *.smack files
[Issue#] N/A
[Bug/Feature] New rule patterns in templates.
[Cause] N/A
[Solution] Implemented wildcards for apps with same privilege
and folder types.
[Verification]Build, install, run tests.
Change-Id: Ia3ea6a66fa627d501202ab703b6796c7c6a34f11
Jan Olszak [Wed, 25 Sep 2013 17:00:19 +0000 (19:00 +0200)]
Corrected a mistake in deleting paths.
[Issue#] SSDWSSP-183
[Bug/Feature] N/A
[Cause] N/A
[Solution] Corrected build brake.
[Verification] Build
Change-Id: I9628305aa22996f152d2ed776552119ab06dccdc
Jan Olszak [Wed, 25 Sep 2013 16:38:46 +0000 (18:38 +0200)]
Deleting paths on revoking permissions.
[Issue#] SSDWSSP-183
[Bug/Feature] Some paths left in the database, but not present.
[Cause] N/A
[Solution] Deleteing app's paths on permission revoke
[Verification] Build, install, run tests.
Change-Id: I8afe30e8e8fb150c49b0d156e7b276359570b8c3
Jan Olszak [Mon, 23 Sep 2013 17:51:28 +0000 (19:51 +0200)]
Deleted volatile rules on boot and corrected permission format.
[Issue#] SSDWSSP-183
[Bug/Feature] Volatile rules were not deleted.
[Cause] N/A
[Solution] Deleteing volatile rules from the database.
[Verification] Build, install, run tests.
Change-Id: Ic5352c1d8f94a78e379b91325dbdbdd25f8428bf
Jan Olszak [Fri, 20 Sep 2013 09:40:10 +0000 (11:40 +0200)]
Modified boot script, added deleting volatile rules.
[Issue#] SSDWSSP-183
[Bug/Feature] Volatile rules were not deleted.
[Cause] N/A
[Solution] Deleteing volatile rules from the database.
[Verification] Build, install, run tests.
Change-Id: Ia7b2667177f5d95b838d8c891d02ecddfaa4a554
Jan Olszak [Tue, 17 Sep 2013 13:59:28 +0000 (15:59 +0200)]
Made marking labels as modified beautiful.
[Issue#] SSDWSSP-183
[Bug/Feature] Marking labels as modified.
[Cause] N/A
[Solution] Moved marking to SQL code and used USING on joins.
[Verification] Build, install, run tests.
Change-Id: I26dc6c6e5fcbccdf7c2a473b111224bba2cfa391
Jan Olszak [Tue, 17 Sep 2013 11:23:44 +0000 (13:23 +0200)]
Changed new API names.
[Issue#] SSDWSSP-183
[Bug/Feature] Renamed new API names.
[Cause] N/A
[Solution] Better api names: perm_begin, perm_end.
[Verification] Build
Change-Id: I3ccadb18292314a5a6f9d636d359a36014135633
Jan Olszak [Fri, 13 Sep 2013 14:43:50 +0000 (16:43 +0200)]
Loading api-features from a file.
[Issue#] SSDWSSP-183
[Bug/Feature] Loading permission from a file.
[Cause] N/A
[Solution] Added option to api_feature_loader.
[Verification] Build, install, use api_feature_loader --file=file_path
run sqlite3 /opt/dbspace/.rules-db.db3 'select * from permission_view;'
and confirm permission is loaded
Change-Id: I662ee3ee116b66f4730251be37ff85206c4276e8
Jan Olszak [Tue, 17 Sep 2013 08:33:20 +0000 (10:33 +0200)]
Revert "rollback because of rule database"
Conflicts:
packaging/libprivilege-control.changes
packaging/libprivilege-control.spec
rule_loader/smack-early-rules.service
rule_loader/smack-late-rules.service
Change-Id: I80d42cdb1ed442db40646b4d5eb8ec0bac1ec0a0
Kidong Kim [Thu, 10 Oct 2013 12:01:47 +0000 (21:01 +0900)]
add systemd options
Change-Id: I7f76391d9b2fe09eda237af057a2b6e1d40e76eb
Bartlomiej Grzelewski [Tue, 15 Oct 2013 12:19:42 +0000 (14:19 +0200)]
Fix build break in osp-installer.
Libprivilege-control did not contain definitions of
* perm_app_setup_path
* app_setup_path
functions.
Change-Id: Iea127337b88d1ba72dcf456828bcfd051d83b2bc
Signed-off-by: Bartlomiej Grzelewski <b.grzelewski@samsung.com>
Bartlomiej Grzelewski [Tue, 8 Oct 2013 12:29:12 +0000 (14:29 +0200)]
Fix build break in osp-installer.
This commit adds mockups for functions required by osp-installer:
* perm_app_set_privilege
* perm_app_id_from_socket
* perm_app_install
* perm_app_uninstall
* perm_app_enable_permissions
* perm_app_disable_permissions
* perm_app_revoke_permissions
* perm_app_reset_permissions
* perm_app_setup_path
* app_setup_path
* perm_app_add_friend
* perm_add_api_feature
Change-Id: I1b9abf5f7c05379089741b288240ebc630326fe4
Signed-off-by: Bartlomiej Grzelewski <b.grzelewski@samsung.com>
projects / platform / core / security / libprivilege-control.git / log