Database write permissions


#1

I have an app that stores some data in database. When app starts database is created and app is able to write into it.
Problem begins when I power off my board and power it back on. Database gets deleted and new one is made. So I tried to make database outside sandbox and give app access to it in adef file in requires but it is says it’s read only.

requires:
{
    file:
   {
        /mnt/flash/database.db /data/
   }
}

I also tried to put it in bundles with [w] and [rw] permission:

 bundles:
 {
     file:
     { 
           [w] /bins/data/database.db /data/
           //[rw] /bins/data/database.db /data/
     }
 }

but it still says it’s read only.
I also tried chmod 777 database.db.
So my general question is how to preserve my database is sandboxed app after power off?
Thank you


#2

Hello

Move your your database to /home/root

It will work.

BR
Francis


#3

Can you provide more information about your sandboxed attempt? What is the file location that you are trying to write? Are you sure that you successfully close() the file before you power off? Otherwise, I believe it’s possible that the file contents are cached and not actually written yet.

When trying to use requires file to get access to a file outside of the sandbox, I think you may be running into this issue described in the Legato docs

Note
Even though the file system object appears in the app’s sandbox it still needs permissions settings on the file. File permissions (both DAC and MAC) and ownership (group and user) on the original file in the target system remain in effect inside the sandbox. Within a sandbox files can only be read and writen to, new files can not be created.

So in addition to the regular UNIX file permissions, you also need to have the write smack label on the file. I think you can set this with: xattr set security.SMACK64 app.yourAppName /path/to/the/file.db. Once you do that, then I believe you will be able to read/write the file from within your sandboxed application.


#4

@dfrey Thank you for answering. My code works fine on my Ubuntu PC, so I don’t think it’s code problem… My file is in/mnt/flash/database/database.db and I gave it write smack label. When I type xattr get, I get name=security.SMACK64, value=app.MyApprwx. My .adef file looks like this:

requires:
{
    file:
   {
        /mnt/flash/database.db /data/
   }
}

When I run my app, file in /mnt/flash/legato/systems/current/appsWriteable/MyApp/data/database.db gets name=security.SMACK64; value=_. I than give this file write smack label. and when I restart my app, it agains says statement:Read only: attempt to write a readonly database
I’ ve also tried to move database.db to /home/root.
Again, app is working fine when I don’t give it any extern database, when app creates database in runtime. Then it writes everything fine and all is good. But that database gets deleted after power off.
Thank you


#5

Solution was to add write smack label and to chmod 666 on /mnt/flash/database/database.db