Hi, In recent internal communication we have found an issue which affects application installation during image creation. It feels like the discussion should be moved here.
During image creation some tools work in so called "off-line" mode due to daemons not running. Security-framework (cynara, security-manager) support this by writing configuration directly in client libraries. Since this touches sensitive configs, like privilege databases and Smack rule files, it is required that client runs with root permissions. Package manager on the other hand implements multi-user by requiring that its tools are run by the user for whom the application is installed. In "on-line" mode it's not an issue, because request are handled by pkgmgr-server, running as root. But how is it going to work in "off-line" mode, during image creation? In Tizen:Common this wasn't an issue so far. User applications weren't installed during image creation, but on the first run.(wrt-widgetspackage). But this solution is not acceptable for some profiles. When the image is built, all preloaded applications should be properly installed and configured. I'm also not sure which tool should be used for registering applications in "off-line" mode. Is it pkg_initdb, pkg_initdb_user or simply pkgcmd? What's the purpose of pkg_initdb and should it handle security registration?
_______________________________________________ Dev mailing list [email protected] https://lists.tizen.org/listinfo/dev
