Fix policy versioning mechanism

The policy versioning must properly handle two scenarios:
- initial install of security-manager-policy package - mostly happening during
  image build
- upgrade of security-manager-policy package - mostly happening during
  development

To keep information about policy version, we have the file in
%{TZ_SYS_VAR}/security-manager/policy-version. Update script will check the
current value of policy version and apply appropriate update.
But during image build, the entire policy will be provided in desired version
at once, so the package must provide final version value to the configuration
file.

Previous mechanism had a flaw that preveted update scripts from running in both
scenarios. Configuration files marked as %config(noreplace) in RPM spec file
aren't overwritten with a new version during package upgrade, but there is an
exception for that rule. If the configuration file wasn't modified on disk, the
new file from upgraded package will overwrite the old one. And the policy update
script is run from %post section, when all files from the new package are
already unpacked.

To solve the above problem, a modified version upgrade is provided:
- security-manager-policy will provide an empty policy-version file as
  %config(noreplace). The contents of this file in the package will not change
- policy update script will check the version file:
  * if it's not empty, the script will apply relevant migration updates and
    write higher version to the file (supporting package upgrade scenario)
  * if it's empty, the script will write there latest available version number,
    without actually applying the updates (supporting image build scenario)

Additionally, to fix the previous versioning schema, if the policy-version file
exists and is not-empty (package upgrade) and equal to 1, special actions will
be taken to handle security-manager-policy upgrade from version 1:
- the policy-version file will be modified by %pre script to put "0" value in it
Thanks to this step, an upgrade from policy version 1 will be performed as
expected. This is needed as workaround move from non-working upgrade mechanism
to a working one.

Change-Id: I4bcdcd2d6db63e25711b6bd25b03531f13e5d1da

3 files changed, 11 insertions, 7 deletions

diff --git a/policy/CMakeLists.txt b/policy/CMakeLists.txt
index 4d2123e0..c560af19 100644
--- a/policy/CMakeLists.txt
+++ b/policy/CMakeLists.txt
@@ -9,5 +9,4 @@ INSTALL(FILES "author-rules-template.smack" DESTINATION ${POLICY_DIR})
 INSTALL(FILES "privilege-group.list" DESTINATION ${POLICY_DIR})
 INSTALL(PROGRAMS "update.sh" DESTINATION ${POLICY_DIR})
 INSTALL(DIRECTORY "updates" USE_SOURCE_PERMISSIONS DESTINATION ${POLICY_DIR})
-INSTALL(FILES "policy-version" DESTINATION ${LOCAL_STATE_DIR}/security-manager/)
 INSTALL(PROGRAMS security-manager-policy-reload DESTINATION ${BIN_INSTALL_DIR})
diff --git a/policy/policy-version b/policy/policy-version
deleted file mode 100644
index 0cfbf088..00000000
--- a/policy/policy-version
+++ /dev/null
@@ -1 +0,0 @@
-2
diff --git a/policy/update.sh b/policy/update.sh
index d265f879..442d1e27 100755
--- a/policy/update.sh
+++ b/policy/update.sh
@@ -11,11 +11,17 @@ current_version=`cat $policy_version_file`
 for file in `ls -v $updates_dir/update-policy-to-v*.sh`
 do
     version=`echo $file | sed -r 's/.*-v([0-9]+)\.sh$/\1/'`
-    if [ $version -gt $current_version ]
+    if [ -z $current_version ]
     then
-        echo Updating policy to v$version
-        $file
-        current_version=$version
-        echo $current_version >$policy_version_file
+        ### No need to for an update
+        echo $version >$policy_version_file
+    else
+        if [ $version -gt $current_version ]
+        then
+            echo Updating policy to v$version
+            $file
+            current_version=$version
+            echo $current_version >$policy_version_file
+        fi
     fi
 done