Is there a way for a sandbox application to have a writtable directory outside its sandbox, that wont delete after a restart?
Hello lazzox,
You must add this to your *.adef file:
requires: {
dir: {
"/etc/myDirExternal" "/myDirExternal"
}
}
/etc/myDirExternal must already exist when the Legato Application is started.
Default access rule is rx (SMACK label ββ):
# /legato/systems/current/bin/xattr get /etc/myDirExternal
name=security.SMACK64; value=
# /legato/systems/current/bin/xattr get /etc/myDirExternal/file.txt
name=security.SMACK64; value=_
Access to the directory content can be changed to rwx (SMACK label: ββ):
# /legato/systems/current/bin/xattr set security.SMACK64 "" β/etc/myDirExternal/file.txtβ
# /legato/systems/current/bin/xattr get /etc/myDirExternal/file.txt
name=security.SMACK64; value=*
KR.
1 Like
Thank you for your reply, output is a bit different.
I am using Legato 18.03 and WP76xx.
root@swi-mdm9x28:/etc/myDir# xattr get /etc/myDir/file.txt
name=security.SMACK64; value=_
root@swi-mdm9x28:/etc/myDir# xattr get /etc/myDir/
name=security.SMACK64; value=_
And I get this:
root@swi-mdm9x28:/etc/myDir# xattr set security.SMACK64 ββ β/etc/myDir/file.txtβ
Could not set extended attribute. Invalid argument
So I use instead the β*β
root@swi-mdm9x28:/etc/myDir# xattr set security.SMACK64 β*β file.txt
root@swi-mdm9x28:/etc/myDir# xattr get /etc/myDir/file.txt
name=security.SMACK64; value=*
But all of that leaves my directory still only readable. Sandbox application canβt make files in that directory.
root@swi-mdm9x28:/etc/myDir# xattr get /etc/myDir
name=security.SMACK64; value=_
I tried giving my directory * as SMACK label, but that didnβt still enable the sandbox app to write to the directory.
Looks like in addition to this setting chmod 777 on the file solved the problem I was having.
I am sure that not all of that from 777 is necessary .