summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorKyungwook Tak <k.tak@samsung.com>2016-09-06 15:55:08 +0900
committerKyungwook Tak <k.tak@samsung.com>2016-09-06 17:39:43 +0900
commit8ccec6785ee30fb7c9e06a3421f5b460364b2968 (patch)
treec78588e97cdd932123774d7fbed9be45be4bcb24
parentf327e9fca40ad1cf62ac18e052f09c65debac72b (diff)
downloadlibwebappenc-8ccec6785ee30fb7c9e06a3421f5b460364b2968.tar.gz
libwebappenc-8ccec6785ee30fb7c9e06a3421f5b460364b2968.tar.bz2
libwebappenc-8ccec6785ee30fb7c9e06a3421f5b460364b2968.zip
Add upgrade script
Change-Id: I4d38443cf3880b50215aa36e084445cc8bbb60be Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
-rw-r--r--CMakeLists.txt1
-rw-r--r--packaging/libwebappenc.manifest.in5
-rw-r--r--packaging/libwebappenc.spec23
-rw-r--r--resources/CMakeLists.txt35
-rw-r--r--scripts/CMakeLists.txt16
-rwxr-xr-xscripts/wae-upgrade.sh.in30
-rw-r--r--systemd/CMakeLists.txt24
-rw-r--r--systemd/webappenc-initializer.service.in8
8 files changed, 119 insertions, 23 deletions
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 436eb74..96efdbe 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -93,3 +93,4 @@ ADD_SUBDIRECTORY(resources)
ADD_SUBDIRECTORY(include)
ADD_SUBDIRECTORY(tests)
ADD_SUBDIRECTORY(systemd)
+ADD_SUBDIRECTORY(scripts)
diff --git a/packaging/libwebappenc.manifest.in b/packaging/libwebappenc.manifest.in
index 86dbb26..5451c22 100644
--- a/packaging/libwebappenc.manifest.in
+++ b/packaging/libwebappenc.manifest.in
@@ -2,4 +2,9 @@
<request>
<domain name="_" />
</request>
+ <assign>
+ <filesystem path="@RW_SHARE_DIR@/wae" label="@SMACK_DOMAIN@" />
+ <filesystem path="@RW_SHARE_DIR@/wae/app_dek" label="@SMACK_DOMAIN@" />
+ <filesystem path="@RW_SHARE_DIR@/wae/app_dek/*" label="@SMACK_DOMAIN@" />
+ </assign>
</manifest>
diff --git a/packaging/libwebappenc.spec b/packaging/libwebappenc.spec
index 7d796f9..9f8faef 100644
--- a/packaging/libwebappenc.spec
+++ b/packaging/libwebappenc.spec
@@ -37,8 +37,14 @@ Requires: %{name} = %{version}-%{release}
%description test
Web application encryption and decryption service (test)
-%define bin_dir %TZ_SYS_BIN
-%define rw_share_dir %TZ_SYS_SHARE
+%define user_name security_fw
+%define group_name security_fw
+%define smack_domain System
+%define bin_dir %TZ_SYS_BIN
+%define rw_share_dir %TZ_SYS_SHARE
+%define upgrade_dir %TZ_SYS_RO_SHARE/upgrade
+%define upgrade_script_dir %{upgrade_dir}/scripts
+%define upgrade_data_dir %{upgrade_dir}/data
%prep
%setup -q
@@ -52,6 +58,11 @@ Web application encryption and decryption service (test)
-DSYSTEMD_UNIT_DIR=%{_unitdir} \
-DCMAKE_BUILD_TYPE=%{build_type} \
-DRW_SHARE_DIR=%rw_share_dir \
+ -DUPGRADE_DATA_DIR=%upgrade_data_dir \
+ -DUPGRADE_SCRIPT_DIR=%upgrade_script_dir \
+ -DUSER_NAME=%user_name \
+ -DGROUP_NAME=%group_name \
+ -DSMACK_DOMAIN=%smack_domain \
-DBINDIR=%bin_dir
make %{?jobs:-j%jobs}
@@ -88,8 +99,12 @@ fi
%{_unitdir}/webappenc-initializer.service
%{_unitdir}/multi-user.target.wants/webappenc-initializer.service
%{bin_dir}/wae_initializer
-%{rw_share_dir}/wae/app_dek/WAE_APPDEK_KEK_PrivateKey.pem
-%{rw_share_dir}/wae/app_dek/WAE_APPDEK_KEK_PublicKey.pem
+%dir %attr(770, %user_name, %group_name) %{rw_share_dir}/wae
+%dir %attr(770, %user_name, %group_name) %{rw_share_dir}/wae/app_dek
+%attr(660, %user_name, %group_name) %{rw_share_dir}/wae/app_dek/*
+
+%attr(775,root,root) %{upgrade_script_dir}/wae-upgrade.sh
+%{upgrade_data_dir}/wae/app_dek/*
%files devel
%{_includedir}/*
diff --git a/resources/CMakeLists.txt b/resources/CMakeLists.txt
index ae2bc8b..030553c 100644
--- a/resources/CMakeLists.txt
+++ b/resources/CMakeLists.txt
@@ -1,12 +1,33 @@
-################################################################################
-# for resource install
-################################################################################
-
+# Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# @file CMakeLists.txt
+# @author Dongsun Lee (ds73.lee@samsung.com)
+# @brief Resource install cmake
+#
INSTALL(FILES
- ${PROJECT_SOURCE_DIR}/resources/WAE_APPDEK_KEK_PublicKey.pem
- ${PROJECT_SOURCE_DIR}/resources/WAE_APPDEK_KEK_PrivateKey.pem
- DESTINATION ${RW_SHARE_DIR}/wae/app_dek/
+ WAE_APPDEK_KEK_PublicKey.pem
+ WAE_APPDEK_KEK_PrivateKey.pem
+ DESTINATION ${RW_SHARE_DIR}/wae/app_dek
PERMISSIONS OWNER_READ
OWNER_WRITE
)
+INSTALL(FILES
+ WAE_APPDEK_KEK_PublicKey.pem
+ WAE_APPDEK_KEK_PrivateKey.pem
+ DESTINATION ${UPGRADE_DATA_DIR}/wae/app_dek
+ PERMISSIONS OWNER_READ
+ OWNER_WRITE
+)
diff --git a/scripts/CMakeLists.txt b/scripts/CMakeLists.txt
new file mode 100644
index 0000000..c73467e
--- /dev/null
+++ b/scripts/CMakeLists.txt
@@ -0,0 +1,16 @@
+# Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+CONFIGURE_FILE(wae-upgrade.sh.in wae-upgrade.sh @ONLY)
+INSTALL(FILES wae-upgrade.sh DESTINATION ${UPGRADE_SCRIPT_DIR})
diff --git a/scripts/wae-upgrade.sh.in b/scripts/wae-upgrade.sh.in
new file mode 100755
index 0000000..652962b
--- /dev/null
+++ b/scripts/wae-upgrade.sh.in
@@ -0,0 +1,30 @@
+#!/bin/bash
+PATH=/bin:/usr/bin:/sbin:/usr/sbin
+
+# Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# @file wae-upgrade.sh.in
+# @author Kyungwook Tak (k.tak@samsung.com)
+# @brief Platform upgrade support
+
+WAE_DIR=@RW_SHARE_DIR@/wae
+
+mv @UPGRADE_DATA_DIR@/wae $WAE_DIR
+
+chsmack -a "@SMACK_DOMAIN@" $WAE_DIR -r
+chown -R @USER_NAME@:@GROUP_NAME@ $WAE_DIR
+chmod 770 $WAE_DIR
+chmod 770 $WAE_DIR/app_dek
+chmod 660 $WAE_DIR/app_dek/*
diff --git a/systemd/CMakeLists.txt b/systemd/CMakeLists.txt
index bf7bb79..99eafd5 100644
--- a/systemd/CMakeLists.txt
+++ b/systemd/CMakeLists.txt
@@ -1,8 +1,16 @@
-CONFIGURE_FILE(${CMAKE_SOURCE_DIR}/systemd/webappenc-initializer.service.in
- ${CMAKE_SOURCE_DIR}/systemd/webappenc-initializer.service @ONLY)
-
-INSTALL(FILES
- ${CMAKE_SOURCE_DIR}/systemd/webappenc-initializer.service
- DESTINATION
- ${SYSTEMD_UNIT_DIR}
-)
+# Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+CONFIGURE_FILE(webappenc-initializer.service.in webappenc-initializer.service @ONLY)
+INSTALL(FILES webappenc-initializer.service DESTINATION ${SYSTEMD_UNIT_DIR})
diff --git a/systemd/webappenc-initializer.service.in b/systemd/webappenc-initializer.service.in
index 768552e..ed0bebe 100644
--- a/systemd/webappenc-initializer.service.in
+++ b/systemd/webappenc-initializer.service.in
@@ -5,11 +5,11 @@ Requires=central-key-manager.service
After=central-key-manager.service
[Service]
-User=security_fw
-Group=security_fw
+User=@USER_NAME@
+Group=@GROUP_NAME@
Type=oneshot
-ExecStart=/usr/bin/wae_initializer
-SmackProcessLabel=System
+ExecStart=@BINDIR@/wae_initializer
+SmackProcessLabel=@SMACK_DOMAIN@
[Install]
WantedBy=multi-user.target