diff options
author | Sunmin Lee <sunm.lee@samsung.com> | 2017-09-05 10:03:43 +0900 |
---|---|---|
committer | Dong Sun Lee <ds73.lee@samsung.com> | 2017-09-18 00:51:08 +0000 |
commit | a6bd375fc5c5130d983705dae0c52955e6f029f2 (patch) | |
tree | 2195f1330f6c9882c0da99f43d7daa923ac78112 | |
parent | 46fbb8839d707f0f9c3189e4974bcae37fe7b70f (diff) | |
download | key-manager-a6bd375fc5c5130d983705dae0c52955e6f029f2.tar.gz key-manager-a6bd375fc5c5130d983705dae0c52955e6f029f2.tar.bz2 key-manager-a6bd375fc5c5130d983705dae0c52955e6f029f2.zip |
Remove old update script
RW update script for Tizen 2.4 (to 3.0) is not necessary in Tizen 4.0.
Remove this file to avoid being executed during Tizen 4.0 update.
Change-Id: I3eef635dec6a8712d74d83fb6dce96e604dd1bb4
(cherry picked from commit a8a5076372d8473663ed565eac3a14503f4c99b2)
-rw-r--r-- | CMakeLists.txt | 1 | ||||
-rw-r--r-- | data/CMakeLists.txt | 1 | ||||
-rwxr-xr-x | data/scripts/230.key-manager-change-data-dir.patch.sh.in | 30 | ||||
-rwxr-xr-x | data/scripts/231.key-manager-migrate-dkek.patch.sh.in | 84 | ||||
-rwxr-xr-x | data/scripts/232.key-manager-change-user.patch.sh.in | 35 | ||||
-rwxr-xr-x | data/scripts/233.key-manager-move-ss-migratable-data.patch.sh.in | 40 | ||||
-rwxr-xr-x | data/scripts/234.key-manager-move-certsvc-migratable-data.patch.sh.in | 36 | ||||
-rw-r--r-- | data/scripts/235.key-manager-move-rw-from-upgrade-dir.patch.sh.in | 31 | ||||
-rw-r--r-- | data/scripts/CMakeLists.txt | 37 | ||||
-rw-r--r-- | packaging/key-manager.spec | 15 |
10 files changed, 1 insertions, 309 deletions
diff --git a/CMakeLists.txt b/CMakeLists.txt index a5b73207..d345f010 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -63,7 +63,6 @@ ADD_DEFINITIONS("-DBIN_DIR=\"${BIN_DIR}\"") ADD_DEFINITIONS("-DINITIAL_VALUES_DIR=\"${INITIAL_VALUES_DIR}\"") ADD_DEFINITIONS("-DCA_CERTS_DIR=\"${CA_CERTS_DIR}\"") ADD_DEFINITIONS("-DSYSTEMD_ENV_FILE=\"${SYSTEMD_ENV_FILE}\"") -ADD_DEFINITIONS("-DUPGRADE_DATA_DIR=\"${UPGRADE_DATA_DIR}\"") IF (DEFINED WATCHDOG_ENABLED) MESSAGE("WATCHDOG ENABELD!") diff --git a/data/CMakeLists.txt b/data/CMakeLists.txt index 00acf2ff..d6d9f4ab 100644 --- a/data/CMakeLists.txt +++ b/data/CMakeLists.txt @@ -20,4 +20,3 @@ ADD_SUBDIRECTORY(gumd) ADD_SUBDIRECTORY(scripts) INSTALL(DIRECTORY DESTINATION ${INITIAL_VALUES_DIR}) -INSTALL(DIRECTORY DESTINATION ${UPGRADE_DATA_DIR}/key-manager/initial_values) diff --git a/data/scripts/230.key-manager-change-data-dir.patch.sh.in b/data/scripts/230.key-manager-change-data-dir.patch.sh.in deleted file mode 100755 index fef9c62d..00000000 --- a/data/scripts/230.key-manager-change-data-dir.patch.sh.in +++ /dev/null @@ -1,30 +0,0 @@ -#!/bin/bash -PATH=/bin:/usr/bin:/sbin:/usr/sbin - -# Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# @file 230.key-manager-change-data-dir.patch.sh.in -# @author Krzysztof Jackiewicz (k.jackiewicz@samsung.com) -# @brief Moves key-manager data to a location specified at compilation time -# - -# move data from old path to new one -if [ -d "@OLD_RW_DATA_DIR@" ] && [ "@RW_DATA_DIR@" != "@OLD_RW_DATA_DIR@" ] -then - mkdir -p @RW_DATA_DIR@ - chmod 770 @RW_DATA_DIR@ - - cp -a @OLD_RW_DATA_DIR@/. @RW_DATA_DIR@ && rm -rf @OLD_RW_DATA_DIR@ -fi diff --git a/data/scripts/231.key-manager-migrate-dkek.patch.sh.in b/data/scripts/231.key-manager-migrate-dkek.patch.sh.in deleted file mode 100755 index b9d952f4..00000000 --- a/data/scripts/231.key-manager-migrate-dkek.patch.sh.in +++ /dev/null @@ -1,84 +0,0 @@ -#!/bin/bash -PATH=/bin:/usr/bin:/sbin:/usr/sbin - -# Copyright (c) 2015-2016 Samsung Electronics Co., Ltd All Rights Reserved -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# @file 231.key-manager-migrate-dkek.patch.sh.in -# @author Kyungwook Tak (k.tak@samsung.com) -# @author Krzysztof Jackiewicz (k.jackiewicz@samsung.com) -# @brief Changes ckm key files naming convention -# - -VERSION_INFO_PATH=@RW_DATA_DIR@/version-info -CURRENT_VERSION=1 - -migrate_from_0_to_1() -{ - ARR_UID=() - ARR_IDX=() - - # Extract uids from DKEK files - for uid in `ls @RW_DATA_DIR@ | grep "^key-[0-9]*-[0-9]*$" | awk 'BEGIN { FS = "-" }; { print $2 }' | awk '!x[$0]++'` - do - ARR_UID+=($uid) - done - - for (( i = 0; i < ${#ARR_UID[@]}; i++ )) - do - idx_max=0 - idx_submax=0 - - uid=${ARR_UID[$i]} - ARR_IDX=() - # Extract autoincremented index per uids - for file in `ls @RW_DATA_DIR@ | grep "^key-${uid}-[0-9]*$"` - do - idx=`echo $file | awk 'BEGIN { FS = "-" }; { print $3 }'` - ARR_IDX+=($idx) - done - - # Find max index(for key-<uid>) and submax index(for key-backup-<uid>) - for idx in ${ARR_IDX[@]} - do - if [ $idx -gt $idx_max ] - then - idx_submax=$idx_max - idx_max=$idx - fi - done - - # Rename file - # smack label setting isn't needed. - # (Because not remove/add new file, but just rename file) - mv "@RW_DATA_DIR@/key-${uid}-${idx_max}" "@RW_DATA_DIR@/key-${uid}" - if [ -f "@RW_DATA_DIR@/key-${uid}-${idx_submax}" ] - then - mv "@RW_DATA_DIR@/key-${uid}-${idx_submax}" "@RW_DATA_DIR@/key-backup-${uid}" - fi - - # [Optional] Remove other key-<uid>-<numeric> files. - for file in `ls @RW_DATA_DIR@ | grep "^key-${uid}-[0-9]*$"` - do - rm @RW_DATA_DIR@/${file} - done - done -} - -if [ ! -f ${VERSION_INFO_PATH} ] -then - echo "CKM VERSION_INFO NOT EXIST." - echo "$CURRENT_VERSION" > $VERSION_INFO_PATH - migrate_from_0_to_1 -fi diff --git a/data/scripts/232.key-manager-change-user.patch.sh.in b/data/scripts/232.key-manager-change-user.patch.sh.in deleted file mode 100755 index 430eb7f2..00000000 --- a/data/scripts/232.key-manager-change-user.patch.sh.in +++ /dev/null @@ -1,35 +0,0 @@ -#!/bin/bash -PATH=/bin:/usr/bin:/sbin:/usr/sbin - -# Copyright (c) 2015-2016 Samsung Electronics Co., Ltd All Rights Reserved -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# @file 232.key-manager-change-user.patch.sh.in -# @author Bartlomiej Grzelewski (b.grzelewski@samsung.com) -# @author Krzysztof Jackiewicz (k.jackiewicz@samsung.com) -# @brief Changes ckm data owner to key-manager:key-manager and smack label to "System" -# -id -g @GROUP_NAME@ > /dev/null 2>&1 -if [ $? -eq 1 ]; then - groupadd @GROUP_NAME@ -r > /dev/null 2>&1 -fi - -id -u @USER_NAME@ > /dev/null 2>&1 -if [ $? -eq 1 ]; then - useradd -d /var/lib/empty -s @SBIN_DIR@/nologin -r -g @GROUP_NAME@ @USER_NAME@ > /dev/null 2>&1 -fi - -# In ckm version <= 0.1.18 all files were owned by root. -find @RW_DATA_DIR@ -exec chsmack -a @SMACK_DOMAIN_NAME@ {} \; -chown @USER_NAME@:@GROUP_NAME@ -R @RW_DATA_DIR@ diff --git a/data/scripts/233.key-manager-move-ss-migratable-data.patch.sh.in b/data/scripts/233.key-manager-move-ss-migratable-data.patch.sh.in deleted file mode 100755 index c0f3fcca..00000000 --- a/data/scripts/233.key-manager-move-ss-migratable-data.patch.sh.in +++ /dev/null @@ -1,40 +0,0 @@ -#!/bin/bash -PATH=/bin:/usr/bin:/sbin:/usr/sbin - -# Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# @file 233.key-manager-move-ss-migratable-data.patch.sh.in -# @author Kyungwook Tak (k.tak@samsung.com) -# @brief Moves old secure-storage data to key-manager dir to be -# readable/writable/removable - -OLD_SS_PATH="/opt/share/secure-storage" -MIGRATED_SS_PATH="@RW_DATA_DIR@/secure-storage" - -mv ${OLD_SS_PATH} ${MIGRATED_SS_PATH} - -for d in `ls ${MIGRATED_SS_PATH}` -do - chsmack -a "@SMACK_DOMAIN_NAME@" "${MIGRATED_SS_PATH}/${d}" - chmod 770 ${MIGRATED_SS_PATH}/${d} - - for f in `ls ${MIGRATED_SS_PATH}/${d}` - do - chsmack -a "@SMACK_DOMAIN_NAME@" "${MIGRATED_SS_PATH}/${d}/${f}" - done -done - -chown -R @USER_NAME@:@GROUP_NAME@ ${MIGRATED_SS_PATH} -chmod 770 ${MIGRATED_SS_PATH} diff --git a/data/scripts/234.key-manager-move-certsvc-migratable-data.patch.sh.in b/data/scripts/234.key-manager-move-certsvc-migratable-data.patch.sh.in deleted file mode 100755 index 1126c707..00000000 --- a/data/scripts/234.key-manager-move-certsvc-migratable-data.patch.sh.in +++ /dev/null @@ -1,36 +0,0 @@ -#!/bin/bash -PATH=/bin:/usr/bin:/sbin:/usr/sbin - -# Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# @file 234.key-manager-move-certsvc-migratable-data.patch.sh.in -# @author Kyungwook Tak (k.tak@samsung.com) -# @brief Moves old cert-svc CAPI store to key-manager dir - -CERTSVC_STORE_PATH="/opt/share/cert-svc/certs" -MIGRATED_CERTSVC_PATH="@RW_DATA_DIR@/certsvc" - -mv $CERTSVC_STORE_PATH $MIGRATED_CERTSVC_PATH - -if [[ -d ${MIGRATED_CERTSVC_PATH}/ssl ]] && [[ -h ${MIGRATED_CERTSVC_PATH}/ssl ]]; then - rm ${MIGRATED_CERTSVC_PATH}/ssl -fi - -chsmack -a "@SMACK_DOMAIN_NAME@" $MIGRATED_CERTSVC_PATH -r -chown -R @USER_NAME@:@GROUP_NAME@ $MIGRATED_CERTSVC_PATH -chmod 770 $MIGRATED_CERTSVC_PATH - -# TODO: read migrated certsvc certs and store in key-manager system db if needed -rm -rf $MIGRATED_CERTSVC_PATH diff --git a/data/scripts/235.key-manager-move-rw-from-upgrade-dir.patch.sh.in b/data/scripts/235.key-manager-move-rw-from-upgrade-dir.patch.sh.in deleted file mode 100644 index e635de6f..00000000 --- a/data/scripts/235.key-manager-move-rw-from-upgrade-dir.patch.sh.in +++ /dev/null @@ -1,31 +0,0 @@ -#!/bin/bash -PATH=/bin:/usr/bin:/sbin:/usr/sbin - -# Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# @file 235.key-manager-move-rw-from-upgrade-dir.patch.sh.in -# @author Kyungwook Tak (k.tak@samsung.com) -# @brief Moves newly added directory / file from upgrade dir -# - -RW_DATA_DIR=@RW_DATA_DIR@ -UPGRADE_DATA_DIR=@UPGRADE_DATA_DIR@/key-manager - -if [ ! -d "${RW_DATA_DIR}/initial_values" ]; then - cp -rf ${UPGRADE_DATA_DIR}/initial_values ${RW_DATA_DIR}/ - chmod -R 770 ${RW_DATA_DIR}/initial_values - chown -R @USER_NAME@:@GROUP_NAME@ ${RW_DATA_DIR}/initial_values - chsmack -r -a "@SMACK_DOMAIN_NAME@" ${RW_DATA_DIR}/initial_values -fi diff --git a/data/scripts/CMakeLists.txt b/data/scripts/CMakeLists.txt index 02ab5523..b4dd0d17 100644 --- a/data/scripts/CMakeLists.txt +++ b/data/scripts/CMakeLists.txt @@ -17,43 +17,6 @@ # @brief # -CONFIGURE_FILE(230.key-manager-change-data-dir.patch.sh.in - 230.key-manager-change-data-dir.patch.sh - @ONLY) - -CONFIGURE_FILE(231.key-manager-migrate-dkek.patch.sh.in - 231.key-manager-migrate-dkek.patch.sh - @ONLY) - -CONFIGURE_FILE(232.key-manager-change-user.patch.sh.in - 232.key-manager-change-user.patch.sh - @ONLY) - -CONFIGURE_FILE(233.key-manager-move-ss-migratable-data.patch.sh.in - 233.key-manager-move-ss-migratable-data.patch.sh - @ONLY) - -CONFIGURE_FILE(234.key-manager-move-certsvc-migratable-data.patch.sh.in - 234.key-manager-move-certsvc-migratable-data.patch.sh - @ONLY) - -CONFIGURE_FILE(235.key-manager-move-rw-from-upgrade-dir.patch.sh.in - 235.key-manager-move-rw-from-upgrade-dir.patch.sh - @ONLY) - -INSTALL(FILES - 230.key-manager-change-data-dir.patch.sh - 231.key-manager-migrate-dkek.patch.sh - 232.key-manager-change-user.patch.sh - 233.key-manager-move-ss-migratable-data.patch.sh - 234.key-manager-move-certsvc-migratable-data.patch.sh - 235.key-manager-move-rw-from-upgrade-dir.patch.sh - DESTINATION ${UPGRADE_SCRIPT_DIR} - PERMISSIONS - OWNER_READ - OWNER_WRITE - OWNER_EXECUTE) - INSTALL(FILES create_schema.sql drop_all.sql diff --git a/packaging/key-manager.spec b/packaging/key-manager.spec index a74c7034..480510ba 100644 --- a/packaging/key-manager.spec +++ b/packaging/key-manager.spec @@ -55,10 +55,6 @@ Requires: libkey-manager-common = %{version}-%{release} %global initial_values_dir %{rw_data_dir}/initial_values %global ca_certs_dir %{?TZ_SYS_CA_CERTS:%TZ_SYS_CA_CERTS}%{!?TZ_SYS_CA_CERTS:%ro_etc_dir/ssl/certs} -%global upgrade_dir %{?TZ_SYS_RO_SHARE:%TZ_SYS_RO_SHARE}%{!?TZ_SYS_RO_SHARE:%_datadir}/upgrade -%global upgrade_script_dir %{upgrade_dir}/scripts -%global upgrade_data_dir %{upgrade_dir}/data - %description Central Key Manager daemon could be used as secure storage for certificate and private/public keys. It gives API for @@ -155,15 +151,13 @@ export LDFLAGS+="-Wl,--rpath=%{_libdir},-Bsymbolic-functions " -DRO_ETC_DIR=%{ro_etc_dir} \ -DBIN_DIR=%{bin_dir} \ -DINITIAL_VALUES_DIR=%{initial_values_dir} \ - -DTEST_DIR=%{test_dir} \ -DCA_CERTS_DIR=%{ca_certs_dir} \ %if 0%{?watchdog_enabled} -DWATCHDOG_ENABLED=%{watchdog_enabled} \ -DWATCHDOG_TIMEOUT_SEC=%{watchdog_timeout_sec} \ -DWATCHDOG_NOTIFY_SEC=%{watchdog_notify_sec} \ %endif - -DUPGRADE_DATA_DIR=%{upgrade_data_dir} \ - -DUPGRADE_SCRIPT_DIR=%{upgrade_script_dir} + -DTEST_DIR=%{test_dir} make %{?jobs:-j%jobs} @@ -266,13 +260,6 @@ fi %dir %attr(770, %{user_name}, %{group_name}) %{rw_data_dir} %dir %attr(770, %{user_name}, %{group_name}) %{initial_values_dir} -%dir %{upgrade_data_dir}/key-manager/initial_values -%{upgrade_script_dir}/230.key-manager-change-data-dir.patch.sh -%{upgrade_script_dir}/231.key-manager-migrate-dkek.patch.sh -%{upgrade_script_dir}/232.key-manager-change-user.patch.sh -%{upgrade_script_dir}/233.key-manager-move-ss-migratable-data.patch.sh -%{upgrade_script_dir}/234.key-manager-move-certsvc-migratable-data.patch.sh -%{upgrade_script_dir}/235.key-manager-move-rw-from-upgrade-dir.patch.sh %{ro_etc_dir}/gumd/userdel.d/10_key-manager.post %{bin_dir}/ckm_tool |