aboutsummaryrefslogtreecommitdiffstats
path: root/doc/afm-system-daemon.html
blob: 96c622783a5104cc88385275100acdcac22145eb (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
<html>
<head>
  <link rel="stylesheet" type="text/css" href="doc.css">
  <meta charset="UTF-8">
</head>
<body>
<a name="The.afm-system-daemon"></a>
<h1>The afm-system-daemon</h1>

<pre><code>version: 1
Date:    14 March 2016
Author:  José Bollo
</code></pre>

<a name="Organisation.of.directory.of.applications"></a>
<h1>Organisation of directory of applications</h1>

<p>The main path for applivcations are: APPDIR/PKGID/VER.</p>

<p>Where:</p>

<ul>
<li>APPDIR is as defined above</li>
<li>PKGID is a directory whose name is the package identifier</li>
<li>VER is the version of the package MAJOR.MINOR</li>
</ul>


<p>This organisation has the advantage to allow several versions to leave together.
This is needed for some good reasons (rolling back) and also for less good reasons (user habits).</p>

<a name="Identity.of.installed.files"></a>
<h2>Identity of installed files</h2>

<p>All the files are installed as the user &ldquo;userapp&rdquo; and group &ldquo;userapp&rdquo;.
All files have rw(x) for user and r-(x) for group and others.</p>

<p>This allows any user to read the files.</p>

<a name="Labelling.the.directories.of.applications"></a>
<h2>Labelling the directories of applications</h2>

<a name="Organisation.of.data"></a>
<h1>Organisation of data</h1>

<p>The data of a user are in its directory and are labelled using the labels of the application</p>

<a name="Setting.Smack.rules.for.the.application"></a>
<h1>Setting Smack rules for the application</h1>

<p>For Tizen, the following rules are set by the security manager for each application.</p>

<pre><code>System ~APP~             rwx
System ~PKG~             rwxat
System ~PKG~::RO         rwxat
~APP~  System            wx
~APP~  System::Shared    rxl
~APP~  System::Run       rwxat
~APP~  System::Log       rwxa
~APP~  _                 l
User   ~APP~             rwx
User   ~PKG~             rwxat
User   ~PKG~::RO         rwxat
~APP~  User              wx
~APP~  User::Home        rxl
~APP~  User::App::Shared rwxat
~APP~  ~PKG~             rwxat
~APP~  ~PKG~::RO         rxl
</code></pre>

<p>Here, ~PKG~ is the identifier of the package and ~APP~ is the identifier of the application.</p>

<a name="What.user.can.run.an.application."></a>
<h1>What user can run an application?</h1>

<p>Not all user are able to run all applications.
How to manage that?</p>
</body>
</html>