summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorhyunuktak <hyunuk.tak@samsung.com>2016-06-09 15:43:58 +0900
committerhyunuktak <hyunuk.tak@samsung.com>2016-06-09 15:44:00 +0900
commitfe5392acf9111aed0f479a56d6953fbc7c6754da (patch)
treeabe4155d826d2a39ae2749a0d0c433e0721c9be7
parent0ea98e0cff37f5a63783a65c84cc5945466b9024 (diff)
downloadconnman-fe5392acf9111aed0f479a56d6953fbc7c6754da.tar.gz
connman-fe5392acf9111aed0f479a56d6953fbc7c6754da.tar.bz2
connman-fe5392acf9111aed0f479a56d6953fbc7c6754da.zip
Remove capability and Change from dbus to systemd for vpn service
Change-Id: I7ef5583cfc148b4835abec4bf57ad76369ed9b8e Signed-off-by: hyunuktak <hyunuk.tak@samsung.com>
-rwxr-xr-xMakefile.am7
-rwxr-xr-xpackaging/connman.spec4
-rw-r--r--resources/usr/share/dbus-1/system-services/net.connman.service4
-rwxr-xr-xsrc/connman.service.in2
-rw-r--r--src/connman_tv.service.in2
-rwxr-xr-xsrc/net.connman.service.in2
-rwxr-xr-xvpn/connman-vpn.service.in2
-rwxr-xr-xvpn/net.connman.vpn.service.in3
8 files changed, 17 insertions, 9 deletions
diff --git a/Makefile.am b/Makefile.am
index 95761e24..5be7625f 100755
--- a/Makefile.am
+++ b/Makefile.am
@@ -63,16 +63,15 @@ endif
if SYSTEMD
systemdunitdir = @SYSTEMD_UNITDIR@
-
-systemdunit_DATA = src/connman.service
+systemdunit_DATA = src/connman.service vpn/connman-vpn.service
endif
endif
service_files_sources = src/connman.service.in src/net.connman.service.in \
- vpn/net.connman.vpn.service.in
+ vpn/net.connman.vpn.service.in vpn/connman-vpn.service.in
service_files = src/connman.service src/net.connman.service \
- vpn/net.connman.vpn.service
+ vpn/net.connman.vpn.service vpn/connman-vpn.service
plugin_LTLIBRARIES =
diff --git a/packaging/connman.spec b/packaging/connman.spec
index 2ad02f67..6b59745f 100755
--- a/packaging/connman.spec
+++ b/packaging/connman.spec
@@ -4,7 +4,7 @@
Name: connman
Version: 1.29
-Release: 9
+Release: 10
License: GPL-2.0+
Summary: Connection Manager
Url: http://connman.net
@@ -193,9 +193,11 @@ systemctl daemon-reload
%{_sysconfdir}/dbus-1/system.d/*.conf
%attr(644,root,root) %{_libdir}/systemd/system/connman.service
%attr(644,root,root) %{_libdir}/systemd/system/multi-user.target.wants/connman.service
+%attr(644,root,root) %{_libdir}/systemd/system/connman-vpn.service
%if "%{?_lib}" == "lib64"
%attr(644,root,root) %{_unitdir}/connman.service
%attr(644,root,root) %{_unitdir}/multi-user.target.wants/connman.service
+%attr(644,root,root) %{_unitdir}/connman-vpn.service
%endif
%{_datadir}/license/connman
diff --git a/resources/usr/share/dbus-1/system-services/net.connman.service b/resources/usr/share/dbus-1/system-services/net.connman.service
index d7730d8a..9679c1be 100644
--- a/resources/usr/share/dbus-1/system-services/net.connman.service
+++ b/resources/usr/share/dbus-1/system-services/net.connman.service
@@ -1,5 +1,5 @@
[D-BUS Service]
Name=net.connman
-Exec=@sbindir@/connmand -n
+Exec=/bin/false
User=root
-SystemdService=connman.service \ No newline at end of file
+SystemdService=connman.service
diff --git a/src/connman.service.in b/src/connman.service.in
index adf7a62a..503ec455 100755
--- a/src/connman.service.in
+++ b/src/connman.service.in
@@ -9,6 +9,8 @@ BusName=net.connman
Restart=on-failure
ExecStart=@sbindir@/connmand -n --noplugin vpn
StandardOutput=null
+CapabilityBoundingSet=~CAP_MAC_ADMIN
+CapabilityBoundingSet=~CAP_MAC_OVERRIDE
[Install]
WantedBy=multi-user.target
diff --git a/src/connman_tv.service.in b/src/connman_tv.service.in
index 2922aa86..c0328467 100644
--- a/src/connman_tv.service.in
+++ b/src/connman_tv.service.in
@@ -7,6 +7,8 @@ BusName=net.connman
RemainAfterExit=yes
ExecStartPre=/usr/bin/dbus-send --system --dest=net.netconfig / net.netconfig.auto.activate
ExecStart=/usr/sbin/connmand --noplugin vpn
+CapabilityBoundingSet=~CAP_MAC_ADMIN
+CapabilityBoundingSet=~CAP_MAC_OVERRIDE
[Install]
WantedBy=multi-user.target
diff --git a/src/net.connman.service.in b/src/net.connman.service.in
index f7f6a7c0..9679c1be 100755
--- a/src/net.connman.service.in
+++ b/src/net.connman.service.in
@@ -1,5 +1,5 @@
[D-BUS Service]
Name=net.connman
-Exec=@sbindir@/connmand -n
+Exec=/bin/false
User=root
SystemdService=connman.service
diff --git a/vpn/connman-vpn.service.in b/vpn/connman-vpn.service.in
index de65a70d..71abb570 100755
--- a/vpn/connman-vpn.service.in
+++ b/vpn/connman-vpn.service.in
@@ -8,6 +8,8 @@ Type=dbus
BusName=net.connman.vpn
ExecStart=@sbindir@/connman-vpnd -n
StandardOutput=null
+CapabilityBoundingSet=~CAP_MAC_ADMIN
+CapabilityBoundingSet=~CAP_MAC_OVERRIDE
[Install]
WantedBy=multi-user.target
diff --git a/vpn/net.connman.vpn.service.in b/vpn/net.connman.vpn.service.in
index 94872013..8dcf2544 100755
--- a/vpn/net.connman.vpn.service.in
+++ b/vpn/net.connman.vpn.service.in
@@ -1,4 +1,5 @@
[D-BUS Service]
Name=net.connman.vpn
-Exec=@sbindir@/connman-vpnd -n
+Exec=/bin/false
User=root
+SystemdService=connman-vpn.service