> -----Original Message----- > From: [email protected] [mailto:[email protected]] On > Behalf Of Krzysztof Jackiewicz > Sent: Monday, February 24, 2014 9:50 AM > To: 'dev' > Subject: [Dev] Update of security framework repositories > > Dear All, > > In order to get mobile profile working we (the Samsung Security Framework > Team) have to update several security framework repositories with changes > developed by us in parallel with tizen.org. All these commits went through > Samsung's gerrit code review and were continuously tested (with tests from > security-tests repo). We have also successfully compiled and tested them on > tizen.org image. Our changes have been already pushed to sandbox > branches in corresponding tizen.org repositories. > > Please find the list of affected repositories with changes summary and > proposed merge strategy: > > > *platform/upstream/smack* > There's one major update in smack code - smackload-fast utility for multiline > loading startup rules. In addition we have few bug fixes and few modification > in systemd's startup scripts for smack service. And last but not least - > switching from 'smackctl apply' to 'smackload-fast' in systemd's smack > service.
NAK. Systemd takes care of loading the Smack rules. The three domain model eliminates the need for "fast" rule loading. > We have cherry-picked our changes on top of tizen branch and pushed them > to sandbox: > https://review.tizen.org/gerrit/gitweb?p=platform%2Fupstream%2Fsmack.g > it;a=shortlog;h=refs%2Fheads%2Fsandbox%2Fzjasinski%2Fsamsung_devel > > We'd like to do a fast-forward merge of sandbox and tizen branch. Do not do this. > *platform/core/security/libprivilege-control* > One major internal change - use of sqlite3 database instead of plain files for > privileges & apps associations. > Extended and updated API: new naming convention, new app permission > querying & management functions. > > Our branch and tizen.org one have a common history but there were a lot of > changes on both sides since they diverged so we decided to merge them. > The merge have been submitted to gerrit for review: > https://review.tizen.org/gerrit/#/c/16834/ I have -2ed this review. > *platform/core/security/security-server* > - Rewriten all code, removed unused api > - Split code into modules (like: cookies, password, open_for, data_share). > - Each module has own socket > - Each socket may have different label All labels and rules need to be documented in https://wiki.tizen.org/wiki/Security:SmackThreeDomainModel and conform to the "peer" domain scheme. > - Add support for systemd (systemd creates socket and set up labels). > Please note: currently all labels for sockets are set to "*" because of > "policy > reset" made on tizen.org We need to talk about this in the context of the three domain model. > Security-server changes have been cherry-picked on top of tizen.org/tizen > branch. It's available on sandbox branch: > https://review.tizen.org/gerrit/gitweb?p=platform%2Fcore%2Fsecurity%2Fs > ecurity- > server.git;a=shortlog;h=refs%2Fheads%2Fsandbox%2Fade%2Fsamsung_dev > el > > We'd like to perform a fast-forward merge of sandbox and tizen branch. No. Do not do this. > *platform/core/test/security-tests* > This is a new repo that covers tests for three repos above. We'd like to do a > fast-forward merge of sandbox and tizen branch: > https://review.tizen.org/gerrit/gitweb?p=platform%2Fcore%2Ftest%2Fsecur > ity- > tests.git;a=shortlog;h=refs%2Fheads%2Fsandbox%2Fmniesluchow%2Fsams > ung_devel > > > Please let us know if you have any objections or comments. Done! > Best regards, > > -- > Krzysztof Jackiewicz > Samsung R&D Institute Poland > Samsung Electronics > [email protected] > > _______________________________________________ > Dev mailing list > [email protected] > https://lists.tizen.org/listinfo/dev _______________________________________________ Dev mailing list [email protected] https://lists.tizen.org/listinfo/dev
