summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authortaesub kim <taesub.kim@samsung.com>2016-06-09 10:46:02 (GMT)
committerGerrit Code Review <gerrit@review.vlan103.tizen.org>2016-06-09 10:46:02 (GMT)
commite7b943422d9aa28d5f6650c6b4ea27737de11057 (patch)
treef83533217c77b9eafa0b28144a85df41d0b5a38b
parentbae72c44f986bd48b7b3dcf77aad982466199eba (diff)
parentfe5392acf9111aed0f479a56d6953fbc7c6754da (diff)
downloadconnman-e7b943422d9aa28d5f6650c6b4ea27737de11057.zip
connman-e7b943422d9aa28d5f6650c6b4ea27737de11057.tar.gz
connman-e7b943422d9aa28d5f6650c6b4ea27737de11057.tar.bz2
Merge "Remove capability and Change from dbus to systemd for vpn service" into tizensubmit/tizen/20160609.105401accepted/tizen/common/20160609.150630
-rwxr-xr-xMakefile.am7
-rwxr-xr-xpackaging/connman.spec4
-rw-r--r--resources/usr/share/dbus-1/system-services/net.connman.service4
-rwxr-xr-xsrc/connman.service.in2
-rw-r--r--src/connman_tv.service.in2
-rwxr-xr-xsrc/net.connman.service.in2
-rwxr-xr-xvpn/connman-vpn.service.in2
-rwxr-xr-xvpn/net.connman.vpn.service.in3
8 files changed, 17 insertions, 9 deletions
diff --git a/Makefile.am b/Makefile.am
index 95761e2..5be7625 100755
--- a/Makefile.am
+++ b/Makefile.am
@@ -63,16 +63,15 @@ endif
if SYSTEMD
systemdunitdir = @SYSTEMD_UNITDIR@
-
-systemdunit_DATA = src/connman.service
+systemdunit_DATA = src/connman.service vpn/connman-vpn.service
endif
endif
service_files_sources = src/connman.service.in src/net.connman.service.in \
- vpn/net.connman.vpn.service.in
+ vpn/net.connman.vpn.service.in vpn/connman-vpn.service.in
service_files = src/connman.service src/net.connman.service \
- vpn/net.connman.vpn.service
+ vpn/net.connman.vpn.service vpn/connman-vpn.service
plugin_LTLIBRARIES =
diff --git a/packaging/connman.spec b/packaging/connman.spec
index 0753260..0dd57f4 100755
--- a/packaging/connman.spec
+++ b/packaging/connman.spec
@@ -4,7 +4,7 @@
Name: connman
Version: 1.29
-Release: 9
+Release: 10
License: GPL-2.0+
Summary: Connection Manager
Url: http://connman.net
@@ -193,9 +193,11 @@ systemctl daemon-reload
%{_sysconfdir}/dbus-1/system.d/*.conf
%attr(644,root,root) %{_libdir}/systemd/system/connman.service
%attr(644,root,root) %{_libdir}/systemd/system/multi-user.target.wants/connman.service
+%attr(644,root,root) %{_libdir}/systemd/system/connman-vpn.service
%if "%{?_lib}" == "lib64"
%attr(644,root,root) %{_unitdir}/connman.service
%attr(644,root,root) %{_unitdir}/multi-user.target.wants/connman.service
+%attr(644,root,root) %{_unitdir}/connman-vpn.service
%endif
%{_datadir}/license/connman
diff --git a/resources/usr/share/dbus-1/system-services/net.connman.service b/resources/usr/share/dbus-1/system-services/net.connman.service
index d7730d8..9679c1b 100644
--- a/resources/usr/share/dbus-1/system-services/net.connman.service
+++ b/resources/usr/share/dbus-1/system-services/net.connman.service
@@ -1,5 +1,5 @@
[D-BUS Service]
Name=net.connman
-Exec=@sbindir@/connmand -n
+Exec=/bin/false
User=root
-SystemdService=connman.service \ No newline at end of file
+SystemdService=connman.service
diff --git a/src/connman.service.in b/src/connman.service.in
index adf7a62..503ec45 100755
--- a/src/connman.service.in
+++ b/src/connman.service.in
@@ -9,6 +9,8 @@ BusName=net.connman
Restart=on-failure
ExecStart=@sbindir@/connmand -n --noplugin vpn
StandardOutput=null
+CapabilityBoundingSet=~CAP_MAC_ADMIN
+CapabilityBoundingSet=~CAP_MAC_OVERRIDE
[Install]
WantedBy=multi-user.target
diff --git a/src/connman_tv.service.in b/src/connman_tv.service.in
index 2922aa8..c032846 100644
--- a/src/connman_tv.service.in
+++ b/src/connman_tv.service.in
@@ -7,6 +7,8 @@ BusName=net.connman
RemainAfterExit=yes
ExecStartPre=/usr/bin/dbus-send --system --dest=net.netconfig / net.netconfig.auto.activate
ExecStart=/usr/sbin/connmand --noplugin vpn
+CapabilityBoundingSet=~CAP_MAC_ADMIN
+CapabilityBoundingSet=~CAP_MAC_OVERRIDE
[Install]
WantedBy=multi-user.target
diff --git a/src/net.connman.service.in b/src/net.connman.service.in
index f7f6a7c..9679c1b 100755
--- a/src/net.connman.service.in
+++ b/src/net.connman.service.in
@@ -1,5 +1,5 @@
[D-BUS Service]
Name=net.connman
-Exec=@sbindir@/connmand -n
+Exec=/bin/false
User=root
SystemdService=connman.service
diff --git a/vpn/connman-vpn.service.in b/vpn/connman-vpn.service.in
index de65a70..71abb57 100755
--- a/vpn/connman-vpn.service.in
+++ b/vpn/connman-vpn.service.in
@@ -8,6 +8,8 @@ Type=dbus
BusName=net.connman.vpn
ExecStart=@sbindir@/connman-vpnd -n
StandardOutput=null
+CapabilityBoundingSet=~CAP_MAC_ADMIN
+CapabilityBoundingSet=~CAP_MAC_OVERRIDE
[Install]
WantedBy=multi-user.target
diff --git a/vpn/net.connman.vpn.service.in b/vpn/net.connman.vpn.service.in
index 9487201..8dcf254 100755
--- a/vpn/net.connman.vpn.service.in
+++ b/vpn/net.connman.vpn.service.in
@@ -1,4 +1,5 @@
[D-BUS Service]
Name=net.connman.vpn
-Exec=@sbindir@/connman-vpnd -n
+Exec=/bin/false
User=root
+SystemdService=connman-vpn.service