diff options
| author | Sunmin Lee <sunm.lee@samsung.com> | 2016-12-27 02:48:51 -0800 |
|---|---|---|
| committer | Gerrit Code Review <gerrit@review.vlan103.tizen.org> | 2016-12-27 02:48:51 -0800 |
| commit | a36a20da92b997ca50b30efdfba651b7965eb26c (patch) | |
| tree | 676c9e27b905f8524256cfef517b48a9029023ab | |
| parent | 19a4af3a67bdaaf2987c318d02e9fb0260fb7c57 (diff) | |
| parent | 01688ae10a3769975b8e51d01d4345285547ed5b (diff) | |
| download | crash-worker-a36a20da92b997ca50b30efdfba651b7965eb26c.tar.gz crash-worker-a36a20da92b997ca50b30efdfba651b7965eb26c.tar.bz2 crash-worker-a36a20da92b997ca50b30efdfba651b7965eb26c.zip | |
Merge "log_dump: Restrict dbus permission" into tizen_3.0
| -rw-r--r-- | packaging/crash-worker.spec | 5 | ||||
| -rw-r--r-- | src/log_dump/CMakeLists.txt | 2 | ||||
| -rw-r--r-- | src/log_dump/log_dump.conf | 31 |
3 files changed, 36 insertions, 2 deletions
diff --git a/packaging/crash-worker.spec b/packaging/crash-worker.spec index 8a8735b..d2a83e3 100644 --- a/packaging/crash-worker.spec +++ b/packaging/crash-worker.spec @@ -169,8 +169,9 @@ sed -i "/${pattern}/D" %{_sysconfdir}/ld.so.preload %attr(0644,root,system) %{_unitdir}/tizen-debug-on.service %attr(0644,root,system) %{_unitdir}/tizen-debug-off.service %{TZ_SYS_ETC}/crash-manager.conf -%{_prefix}/lib/sysctl.d/99-crash-manager.conf -%{_datadir}/dbus-1/system-services/org.tizen.system.crash.service +%attr(-,root,root) %{_sysconfdir}/dbus-1/system.d/log_dump.conf +%attr(-,root,root) %{_prefix}/lib/sysctl.d/99-crash-manager.conf +%attr(-,root,root) %{_datadir}/dbus-1/system-services/org.tizen.system.crash.service %if %{with sys_assert} %{_libdir}/libsys-assert.so diff --git a/src/log_dump/CMakeLists.txt b/src/log_dump/CMakeLists.txt index 7fa6891..20202b6 100644 --- a/src/log_dump/CMakeLists.txt +++ b/src/log_dump/CMakeLists.txt @@ -28,6 +28,8 @@ TARGET_LINK_LIBRARIES(${PROJECT_NAME} ${log_dump_pkgs_LDFLAGS} -pie) INSTALL(FILES ${CMAKE_CURRENT_SOURCE_DIR}/org.tizen.system.crash.service DESTINATION /usr/share/dbus-1/system-services) +INSTALL(FILES ${CMAKE_CURRENT_SOURCE_DIR}/log_dump.conf + DESTINATION /etc/dbus-1/system.d) INSTALL(TARGETS ${PROJECT_NAME} DESTINATION bin PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) diff --git a/src/log_dump/log_dump.conf b/src/log_dump/log_dump.conf new file mode 100644 index 0000000..3d3e8e0 --- /dev/null +++ b/src/log_dump/log_dump.conf @@ -0,0 +1,31 @@ +<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-Bus Bus Configuration 1.0//EN" + "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd"> +<busconfig> + <policy user="root"> + <allow own="org.tizen.system.crash"/> + <allow send_destination="org.tizen.system.crash" + send_interface="org.tizen.system.crash.Crash" + send_member="dump_log"/> + <allow send_destination="org.tizen.system.crash" + send_interface="org.tizen.system.crash.Crash" + send_member="delete_dump"/> + </policy> + <policy user="system"> + <allow own="org.tizen.system.crash"/> + <allow send_destination="org.tizen.system.crash" + send_interface="org.tizen.system.crash.Crash" + send_member="dump_log"/> + <allow send_destination="org.tizen.system.crash" + send_interface="org.tizen.system.crash.Crash" + send_member="delete_dump"/> + </policy> + + <policy context="default"> + <deny send_destination="org.tizen.system.crash" + send_interface="org.tizen.system.crash.Crash" + send_member="dump_log"/> + <deny send_destination="org.tizen.system.crash" + send_interface="org.tizen.system.crash.Crash" + send_member="delete_dump"/> + </policy> +</busconfig> |