|
1 <?xml version="1.0" encoding="utf-8"?> |
|
2 <!-- Copyright (c) 2007-2010 Nokia Corporation and/or its subsidiary(-ies) All rights reserved. --> |
|
3 <!-- This component and the accompanying materials are made available under the terms of the License |
|
4 "Eclipse Public License v1.0" which accompanies this distribution, |
|
5 and is available at the URL "http://www.eclipse.org/legal/epl-v10.html". --> |
|
6 <!-- Initial Contributors: |
|
7 Nokia Corporation - initial contribution. |
|
8 Contributors: |
|
9 --> |
|
10 <!DOCTYPE concept |
|
11 PUBLIC "-//OASIS//DTD DITA Concept//EN" "concept.dtd"> |
|
12 <concept id="GUID-6849E256-6719-5788-BCB2-7557F09AAAD0" xml:lang="en"><title>UPS |
|
13 Configuration</title><prolog><metadata><keywords/></metadata></prolog><conbody> |
|
14 <p>User Prompt Service (UPS) configuration component (<codeph>\securityconfig\ups\</codeph>) |
|
15 includes a <filepath>backup.xml</filepath> file and a ROM stub SIS file for |
|
16 configuring a UPS policy file. Device creators must modify the configuration |
|
17 files of UPS and rebuild the <filepath>securityconfig</filepath> component, |
|
18 to customise the behavior of the UPS component. </p> |
|
19 <section><title> Introduction</title> <p>UPS policy files are resource files |
|
20 that specify whether application requests to access services are silently |
|
21 accepted or denied or whether they require the user to be prompted. Each service |
|
22 has a policy file. The policy file lists policies for various applications. |
|
23 The configuration of policy file involves configuring ROM stub package file |
|
24 and backup XML file. </p> </section> |
|
25 <section><title> Installing and Configuring UPS Policy file</title> <p><b>Installing |
|
26 policy files</b> </p> <p>A policy file on the system drive eclipses a policy |
|
27 file on the Z drive if it has the same filename. If the policy file on the |
|
28 system drive is corrupt, the policy file on the Z drive (if it exists) is |
|
29 used instead. The policy files should be installed (and upgraded) through |
|
30 Software Install to the private directory of the UPS on the system drive. |
|
31 The private directory is <filepath>\private\10283558\policies</filepath>. </p> <p><b>Upgrading |
|
32 package file</b> </p> <p>The SIS file must either contain the executable or |
|
33 be an upgrade to the base package which supplied the executable, for delivering |
|
34 files into the private directory of an executable. </p> <p>The following is |
|
35 a default implementation of a package file for UPS server ROM stub SIS file: </p> <codeblock id="GUID-51117852-B051-5E7F-8216-44A8B7EFF6A1" xml:space="preserve">; Package file for User Prompt Service server ROM stub SIS file |
|
36 ; |
|
37 ; A ROM stub SIS file is required to allow UPS policy files to be |
|
38 ; provisioned post-manufacture because policy files are loaded from |
|
39 ; the policies subdirectory of the UPS server's private directory. |
|
40 |
|
41 &EN |
|
42 |
|
43 #{"User Prompt Service"}, (0x10285777), 1, 0 , 0, TYPE=SA |
|
44 |
|
45 %{"Nokia Corporation and/or its subsidiary(-ies)"} |
|
46 :"Nokia Corporation and/or and/or its subsidiary(-ies)" |
|
47 |
|
48 ; UPS policy files on the Z drive must also be included here if |
|
49 ; upgrades (eclipsing) is required post-manufacture. |
|
50 |
|
51 ""-"z:\sys\bin\upsserver.exe" |
|
52 </codeblock> <p>Device creators must create a ROM stub SIS file if they want |
|
53 to allow policy files to be delivered after-market (since the UPS server is |
|
54 delivered in the ROM). </p> <note>To ensure that policy file upgrades are |
|
55 approved by manufacturers or Symbian Signed, SIS files that modify the private |
|
56 directory of the UPS must be signed by a certificate where CA has the <codeph>AllFiles</codeph> capability. </note> <p><b>Verifying |
|
57 hash of the policy</b> </p> <p>The <codeph>VERIFY</codeph> option must be |
|
58 added to the line in the package file that installs the UPS policy file to |
|
59 ensure that the Software Install checks the hash of the policy at restore |
|
60 time. The following sample package file uses the <codeph>VERIFY</codeph> flag. </p> <codeblock id="GUID-E62C7BEF-A0C8-5BD2-B011-2E1ED211FE61" xml:space="preserve">; tupspolicies1.pkg |
|
61 ; |
|
62 ; |
|
63 |
|
64 ; Checks the installation of UPS policies files |
|
65 |
|
66 &EN |
|
67 #{"UPS Policy Files"}, (0x10285777), 1, 0, 0, TYPE=SP |
|
68 %{"Symbian Foundation"} |
|
69 :"Symbian Foundation" |
|
70 |
|
71 ; The VERIFY option is used to flag the files as non-modifiable so that SWI |
|
72 ; checks the hashes during restore |
|
73 |
|
74 "data\ups_01041000_01041001.rsc"-"$:\private\10283558\policies\ups_01041000_01041001.rsc", VERIFY |
|
75 "data\ups_01041000_01041002.rsc"-"$:\private\10283558\policies\ups_01041000_01041002.rsc", VERIFY |
|
76 "data\ups_01042000_01042001.rsc"-"$:\private\10283558\policies\ups_01042000_01042001.rsc", VERIFY |
|
77 "data\ups_01043000_01043001.rsc"-"$:\private\10283558\policies\ups_01043000_01043001.rsc", VERIFY |
|
78 </codeblock><note><ul> |
|
79 <li><p>Version 5.1.0.1 or higher of makesis should be used because the VERIFY |
|
80 flag is not supported in older versions. </p></li> |
|
81 <li><p>The major and minor versions field in the policy header of the policy |
|
82 file can be used to provide information that is used in upgrades. If the major |
|
83 version number is changed when a policy file is upgraded, all decision records |
|
84 for that policy file are deleted (because the major version number is stored |
|
85 in the decision record). </p></li> |
|
86 <li><p>Upgrading the plug-ins does not delete the decision records. If device |
|
87 creators want to delete decision records with a plug-in upgrade they must |
|
88 either update associated policy files or provide a run-on-install executable |
|
89 that calls the management API to delete decision records. </p></li> |
|
90 </ul></note> <p><b>Back up and restoring</b> </p> <p>UPS policy files may |
|
91 be backed up and restored providing that a valid <filepath>backup.xml</filepath> file |
|
92 is provided. The following is a sample backup file provided by Symbian. </p> <codeblock id="GUID-3BFD715C-68FB-5F87-9557-DB95D18168FB" xml:space="preserve"><?xml version="1.0" standalone="yes" ?> |
|
93 - <backup_registration> |
|
94 - <passive_backup> |
|
95 <include_directory name="policies" /> |
|
96 </passive_backup> |
|
97 <restore requires_reboot="no" /> |
|
98 </backup_registration> |
|
99 </codeblock> </section> |
|
100 </conbody></concept> |