Define SMACK label for wrt-popup process

[Issue#] N/A
[Problem] N/A
[Cause] N/A
[Solution] Web Application denied connection with wrt-popup process
For create rule for wrt-popup, assign label to wrt-popup executable
binary. Also add rule for popup process
[SCMRequest] N/A

Change-Id: I03f791c31f868bd1c03452122ba5e4a3f83e3e22

diff --git a/CMakeLists.txt b/CMakeLists.txt
index 2b454dc..6d2eeb9 100644 (file)
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -159,6 +159,11 @@ set(PLATFORM "${PLATFORM}" CACHE STRING "Target platform" FORCE)
 set(CMAKE_CONFIG_FILE_NAME "${CMAKE_CONFIG_FILE_NAME}" CACHE
     STRING "CMake configuration file name." FORCE)
 
+################################################################################
+# SMACK rule
+
+INSTALL(FILES ${CMAKE_SOURCE_DIR}/wrt-popup-ace-runtime.rule DESTINATION /etc/smack/accesses2.d)
+INSTALL(FILES ${CMAKE_SOURCE_DIR}/wrt-popup-wrt-runtime.rule DESTINATION /etc/smack/accesses2.d)
 
 ################################################################################
 # Summary

diff --git a/packaging/wrt-plugins-common.spec b/packaging/wrt-plugins-common.spec
index 473b1a1..c8a70a6 100644 (file)
--- a/packaging/wrt-plugins-common.spec
+++ b/packaging/wrt-plugins-common.spec
@@ -76,7 +76,8 @@ touch /opt/share/widget/plugin-installation-required
 %attr(755,root,root) %{_bindir}/wrt-popup-wrt-runtime
 %attr(755,root,root) %{_bindir}/wrt-plugins-installer
 %{_datadir}/license/%{name}
-
+/etc/smack/accesses2.d/wrt-popup-ace-runtime.rule
+/etc/smack/accesses2.d/wrt-popup-wrt-runtime.rule
 %if %{with_tests}
     %attr(755,root,root) %{_bindir}/widgetdb_tests_prepare_db.sh
     %attr(755,root,root) %{_bindir}/wrt-plugins-common-tests-widgetdb

diff --git a/wrt-plugins-common.manifest b/wrt-plugins-common.manifest
index f717929..32dd898 100644 (file)
--- a/wrt-plugins-common.manifest
+++ b/wrt-plugins-common.manifest
@@ -1,11 +1,12 @@
 <manifest>
   <define>
-    <domain name="wrt-plugins-common" />
-    <provide>
-      <label name="wrt-plugins-common::wrt-plugins-installer" />
-    </provide>
+    <domain name="wrt-plugins-common"/>
   </define>
+  <assign>
+    <filesystem path="/usr/bin/wrt-popup-ace-runtime" label="wrt-popup-ace-runtime" exec_label="wrt-popup-ace-runtime"/>
+    <filesystem path="/usr/bin/wrt-popup-wrt-runtime" label="wrt-popup-wrt-runtime" exec_label="wrt-popup-wrt-runtime"/>
+  </assign>
   <request>
-    <domain name="_" />
+    <domain name="_"/>
   </request>
 </manifest>

diff --git a/wrt-popup-ace-runtime.rule b/wrt-popup-ace-runtime.rule
new file mode 100644 (file)
index 0000000..8b27008
--- /dev/null
+++ b/wrt-popup-ace-runtime.rule
@@ -0,0 +1,11 @@
+wrt-popup-ace-runtime system::homedir rwx
+wrt-popup-ace-runtime device::app_logging w
+wrt-popup-ace-runtime ail::db rw
+wrt-popup-ace-runtime xorg wx
+wrt-popup-ace-runtime isf rx
+wrt-popup-ace-runtime system::vconf rwx
+wrt-popup-ace-runtime sound_server rw
+e17 wrt-popup-ace-runtime w
+wrt-popup-ace-runtime system::share rwx
+wrt-popup-ace-runtime pulseaudio wx
+

diff --git a/wrt-popup-wrt-runtime.rule b/wrt-popup-wrt-runtime.rule
new file mode 100644 (file)
index 0000000..0667ebe
--- /dev/null
+++ b/wrt-popup-wrt-runtime.rule
@@ -0,0 +1,11 @@
+wrt-popup-wrt-runtime system::homedir rwx
+wrt-popup-wrt-runtime device::app_logging w
+wrt-popup-wrt-runtime ail::db rw
+wrt-popup-wrt-runtime xorg wx
+wrt-popup-wrt-runtime isf rx
+wrt-popup-wrt-runtime system::vconf rwx
+wrt-popup-wrt-runtime sound_server rw
+e17 wrt-popup-wrt-runtime w
+wrt-popup-wrt-runtime system::share rwx
+wrt-popup-wrt-runtime pulseaudio wx
+