Add security-manager policy for user types

Change-Id: I1c5ea026fe3b69ec0d2ba1338ded1033ad5db6b2

diff --git a/packaging/security-manager.spec b/packaging/security-manager.spec
index cd68faa..817bc3d 100644 (file)
--- a/packaging/security-manager.spec
+++ b/packaging/security-manager.spec
@@ -44,6 +44,14 @@ Requires:   libsecurity-manager-client = %{version}-%{release}
 %description -n libsecurity-manager-client-devel
 Development files needed for using the security manager client
 
+%package -n security-manager-policy
+Summary:    Security manager policy
+Group:      Security/Development
+Requires:   security-manager = %{version}-%{release}
+
+%description -n security-manager-policy
+Set of security rules that constitute security policy in the system
+
 %prep
 %setup -q
 cp %{SOURCE1} .
@@ -73,6 +81,8 @@ cp LICENSE %{buildroot}/usr/share/license/%{name}
 cp LICENSE %{buildroot}/usr/share/license/libsecurity-manager-client
 mkdir -p %{buildroot}/%{TZ_SYS_SMACK}
 cp app-rules-template.smack %{buildroot}/%{TZ_SYS_SMACK}
+mkdir -p %{buildroot}/usr/share/security-manager
+cp -rf policy %{buildroot}/usr/share/security-manager
 %make_install
 
 mkdir -p %{buildroot}/%{_unitdir}/multi-user.target.wants
@@ -144,3 +154,7 @@ fi
 %{_libdir}/libsecurity-manager-commons.so
 %{_includedir}/security-manager/security-manager.h
 %{_libdir}/pkgconfig/security-manager.pc
+
+%files -n security-manager-policy
+%manifest %{name}.manifest
+/usr/share/security-manager/policy

diff --git a/policy/usertype-admin.profile b/policy/usertype-admin.profile
new file mode 100644 (file)
index 0000000..40c43e1
--- /dev/null
+++ b/policy/usertype-admin.profile
@@ -0,0 +1,60 @@
+'Admin usertype permissions
+'app   permission
+*      http://tizen.org/privilege/account.read
+*      http://tizen.org/privilege/account.write
+*      http://tizen.org/privilege/alarm.get
+*      http://tizen.org/privilege/alarm.set
+*      http://tizen.org/privilege/appmanager.kill
+*      http://tizen.org/privilege/appmanager.launch
+*      http://tizen.org/privilege/bluetooth
+*      http://tizen.org/privilege/bluetooth.admin
+*      http://tizen.org/privilege/bookmark.admin
+*      http://tizen.org/privilege/calendar.read
+*      http://tizen.org/privilege/calendar.write
+*      http://tizen.org/privilege/call
+*      http://tizen.org/privilege/callhistory.read
+*      http://tizen.org/privilege/callhistory.write
+*      http://tizen.org/privilege/camera
+*      http://tizen.org/privilege/contact.read
+*      http://tizen.org/privilege/contact.write
+*      http://tizen.org/privilege/content.write
+*      http://tizen.org/privilege/datasharing
+*      http://tizen.org/privilege/display
+*      http://tizen.org/privilege/download
+*      http://tizen.org/privilege/email
+*      http://tizen.org/privilege/email.admin
+*      http://tizen.org/privilege/externalstorage
+*      http://tizen.org/privilege/externalstorage.appdata
+*      http://tizen.org/privilege/haptic
+*      http://tizen.org/privilege/internet
+*      http://tizen.org/privilege/keymanager
+*      http://tizen.org/privilege/keymanager.admin
+*      http://tizen.org/privilege/led
+*      http://tizen.org/privilege/location
+*      http://tizen.org/privilege/location.enable
+*      http://tizen.org/privilege/mediastorage
+*      http://tizen.org/privilege/message.read
+*      http://tizen.org/privilege/message.write
+*      http://tizen.org/privilege/network.get
+*      http://tizen.org/privilege/network.profile
+*      http://tizen.org/privilege/network.set
+*      http://tizen.org/privilege/nfc
+*      http://tizen.org/privilege/nfc.admin
+*      http://tizen.org/privilege/nfc.cardemulation
+*      http://tizen.org/privilege/notification
+*      http://tizen.org/privilege/packagemanager.admin
+*      http://tizen.org/privilege/packagemanager.info
+*      http://tizen.org/privilege/power
+*      http://tizen.org/privilege/push
+*      http://tizen.org/privilege/recorder
+*      http://tizen.org/privilege/screenshot
+*      http://tizen.org/privilege/shortcut
+*      http://tizen.org/privilege/systemsettings
+*      http://tizen.org/privilege/systemsettings.admin
+*      http://tizen.org/privilege/telephony
+*      http://tizen.org/privilege/telephony.admin
+*      http://tizen.org/privilege/tethering.admin
+*      http://tizen.org/privilege/volume.set
+*      http://tizen.org/privilege/web-history.admin
+*      http://tizen.org/privilege/wifidirect
+*      http://tizen.org/privilege/window.priority.set

diff --git a/policy/usertype-guest.profile b/policy/usertype-guest.profile
new file mode 100644 (file)
index 0000000..3d40722
--- /dev/null
+++ b/policy/usertype-guest.profile
@@ -0,0 +1,60 @@
+'Guest usertype permissions
+'app   permission
+*      http://tizen.org/privilege/account.read
+*      http://tizen.org/privilege/account.write
+*      http://tizen.org/privilege/alarm.get
+*      http://tizen.org/privilege/alarm.set
+*      http://tizen.org/privilege/appmanager.kill
+*      http://tizen.org/privilege/appmanager.launch
+*      http://tizen.org/privilege/bluetooth
+*      http://tizen.org/privilege/bluetooth.admin
+*      http://tizen.org/privilege/bookmark.admin
+*      http://tizen.org/privilege/calendar.read
+*      http://tizen.org/privilege/calendar.write
+*      http://tizen.org/privilege/call
+*      http://tizen.org/privilege/callhistory.read
+*      http://tizen.org/privilege/callhistory.write
+*      http://tizen.org/privilege/camera
+*      http://tizen.org/privilege/contact.read
+*      http://tizen.org/privilege/contact.write
+*      http://tizen.org/privilege/content.write
+*      http://tizen.org/privilege/datasharing
+*      http://tizen.org/privilege/display
+*      http://tizen.org/privilege/download
+*      http://tizen.org/privilege/email
+*      http://tizen.org/privilege/email.admin
+*      http://tizen.org/privilege/externalstorage
+*      http://tizen.org/privilege/externalstorage.appdata
+*      http://tizen.org/privilege/haptic
+*      http://tizen.org/privilege/internet
+*      http://tizen.org/privilege/keymanager
+*      http://tizen.org/privilege/keymanager.admin
+*      http://tizen.org/privilege/led
+*      http://tizen.org/privilege/location
+*      http://tizen.org/privilege/location.enable
+*      http://tizen.org/privilege/mediastorage
+*      http://tizen.org/privilege/message.read
+*      http://tizen.org/privilege/message.write
+*      http://tizen.org/privilege/network.get
+*      http://tizen.org/privilege/network.profile
+*      http://tizen.org/privilege/network.set
+*      http://tizen.org/privilege/nfc
+*      http://tizen.org/privilege/nfc.admin
+*      http://tizen.org/privilege/nfc.cardemulation
+*      http://tizen.org/privilege/notification
+*      http://tizen.org/privilege/packagemanager.admin
+*      http://tizen.org/privilege/packagemanager.info
+*      http://tizen.org/privilege/power
+*      http://tizen.org/privilege/push
+*      http://tizen.org/privilege/recorder
+*      http://tizen.org/privilege/screenshot
+*      http://tizen.org/privilege/shortcut
+*      http://tizen.org/privilege/systemsettings
+*      http://tizen.org/privilege/systemsettings.admin
+*      http://tizen.org/privilege/telephony
+*      http://tizen.org/privilege/telephony.admin
+*      http://tizen.org/privilege/tethering.admin
+*      http://tizen.org/privilege/volume.set
+*      http://tizen.org/privilege/web-history.admin
+*      http://tizen.org/privilege/wifidirect
+*      http://tizen.org/privilege/window.priority.set

diff --git a/policy/usertype-normal.profile b/policy/usertype-normal.profile
new file mode 100644 (file)
index 0000000..365b3f2
--- /dev/null
+++ b/policy/usertype-normal.profile
@@ -0,0 +1,60 @@
+'Normal usertype permissions
+'app   permission
+*      http://tizen.org/privilege/account.read
+*      http://tizen.org/privilege/account.write
+*      http://tizen.org/privilege/alarm.get
+*      http://tizen.org/privilege/alarm.set
+*      http://tizen.org/privilege/appmanager.kill
+*      http://tizen.org/privilege/appmanager.launch
+*      http://tizen.org/privilege/bluetooth
+*      http://tizen.org/privilege/bluetooth.admin
+*      http://tizen.org/privilege/bookmark.admin
+*      http://tizen.org/privilege/calendar.read
+*      http://tizen.org/privilege/calendar.write
+*      http://tizen.org/privilege/call
+*      http://tizen.org/privilege/callhistory.read
+*      http://tizen.org/privilege/callhistory.write
+*      http://tizen.org/privilege/camera
+*      http://tizen.org/privilege/contact.read
+*      http://tizen.org/privilege/contact.write
+*      http://tizen.org/privilege/content.write
+*      http://tizen.org/privilege/datasharing
+*      http://tizen.org/privilege/display
+*      http://tizen.org/privilege/download
+*      http://tizen.org/privilege/email
+*      http://tizen.org/privilege/email.admin
+*      http://tizen.org/privilege/externalstorage
+*      http://tizen.org/privilege/externalstorage.appdata
+*      http://tizen.org/privilege/haptic
+*      http://tizen.org/privilege/internet
+*      http://tizen.org/privilege/keymanager
+*      http://tizen.org/privilege/keymanager.admin
+*      http://tizen.org/privilege/led
+*      http://tizen.org/privilege/location
+*      http://tizen.org/privilege/location.enable
+*      http://tizen.org/privilege/mediastorage
+*      http://tizen.org/privilege/message.read
+*      http://tizen.org/privilege/message.write
+*      http://tizen.org/privilege/network.get
+*      http://tizen.org/privilege/network.profile
+*      http://tizen.org/privilege/network.set
+*      http://tizen.org/privilege/nfc
+*      http://tizen.org/privilege/nfc.admin
+*      http://tizen.org/privilege/nfc.cardemulation
+*      http://tizen.org/privilege/notification
+*      http://tizen.org/privilege/packagemanager.admin
+*      http://tizen.org/privilege/packagemanager.info
+*      http://tizen.org/privilege/power
+*      http://tizen.org/privilege/push
+*      http://tizen.org/privilege/recorder
+*      http://tizen.org/privilege/screenshot
+*      http://tizen.org/privilege/shortcut
+*      http://tizen.org/privilege/systemsettings
+*      http://tizen.org/privilege/systemsettings.admin
+*      http://tizen.org/privilege/telephony
+*      http://tizen.org/privilege/telephony.admin
+*      http://tizen.org/privilege/tethering.admin
+*      http://tizen.org/privilege/volume.set
+*      http://tizen.org/privilege/web-history.admin
+*      http://tizen.org/privilege/wifidirect
+*      http://tizen.org/privilege/window.priority.set

diff --git a/policy/usertype-system.profile b/policy/usertype-system.profile
new file mode 100644 (file)
index 0000000..2cd6360
--- /dev/null
+++ b/policy/usertype-system.profile
@@ -0,0 +1,60 @@
+'System usertype permissions
+'app   permission
+*      http://tizen.org/privilege/account.read
+*      http://tizen.org/privilege/account.write
+*      http://tizen.org/privilege/alarm.get
+*      http://tizen.org/privilege/alarm.set
+*      http://tizen.org/privilege/appmanager.kill
+*      http://tizen.org/privilege/appmanager.launch
+*      http://tizen.org/privilege/bluetooth
+*      http://tizen.org/privilege/bluetooth.admin
+*      http://tizen.org/privilege/bookmark.admin
+*      http://tizen.org/privilege/calendar.read
+*      http://tizen.org/privilege/calendar.write
+*      http://tizen.org/privilege/call
+*      http://tizen.org/privilege/callhistory.read
+*      http://tizen.org/privilege/callhistory.write
+*      http://tizen.org/privilege/camera
+*      http://tizen.org/privilege/contact.read
+*      http://tizen.org/privilege/contact.write
+*      http://tizen.org/privilege/content.write
+*      http://tizen.org/privilege/datasharing
+*      http://tizen.org/privilege/display
+*      http://tizen.org/privilege/download
+*      http://tizen.org/privilege/email
+*      http://tizen.org/privilege/email.admin
+*      http://tizen.org/privilege/externalstorage
+*      http://tizen.org/privilege/externalstorage.appdata
+*      http://tizen.org/privilege/haptic
+*      http://tizen.org/privilege/internet
+*      http://tizen.org/privilege/keymanager
+*      http://tizen.org/privilege/keymanager.admin
+*      http://tizen.org/privilege/led
+*      http://tizen.org/privilege/location
+*      http://tizen.org/privilege/location.enable
+*      http://tizen.org/privilege/mediastorage
+*      http://tizen.org/privilege/message.read
+*      http://tizen.org/privilege/message.write
+*      http://tizen.org/privilege/network.get
+*      http://tizen.org/privilege/network.profile
+*      http://tizen.org/privilege/network.set
+*      http://tizen.org/privilege/nfc
+*      http://tizen.org/privilege/nfc.admin
+*      http://tizen.org/privilege/nfc.cardemulation
+*      http://tizen.org/privilege/notification
+*      http://tizen.org/privilege/packagemanager.admin
+*      http://tizen.org/privilege/packagemanager.info
+*      http://tizen.org/privilege/power
+*      http://tizen.org/privilege/push
+*      http://tizen.org/privilege/recorder
+*      http://tizen.org/privilege/screenshot
+*      http://tizen.org/privilege/shortcut
+*      http://tizen.org/privilege/systemsettings
+*      http://tizen.org/privilege/systemsettings.admin
+*      http://tizen.org/privilege/telephony
+*      http://tizen.org/privilege/telephony.admin
+*      http://tizen.org/privilege/tethering.admin
+*      http://tizen.org/privilege/volume.set
+*      http://tizen.org/privilege/web-history.admin
+*      http://tizen.org/privilege/wifidirect
+*      http://tizen.org/privilege/window.priority.set