UPS +Configuration

User Prompt Service (UPS) configuration component (\securityconfig\ups\) +includes a backup.xml file and a ROM stub SIS file for +configuring a UPS policy file. Device creators must modify the configuration +files of UPS and rebuild the securityconfig component, +to customise the behavior of the UPS component.

Installing and Configuring UPS Policy file

Installing +policy files

A policy file on the system drive eclipses a policy +file on the Z drive if it has the same filename. If the policy file on the +system drive is corrupt, the policy file on the Z drive (if it exists) is +used instead. The policy files should be installed (and upgraded) through +Software Install to the private directory of the UPS on the system drive. +The private directory is \private\10283558\policies.

Upgrading +package file

The SIS file must either contain the executable or +be an upgrade to the base package which supplied the executable, for delivering +files into the private directory of an executable.

The following is +a default implementation of a package file for UPS server ROM stub SIS file:

; Package file for User Prompt Service server ROM stub SIS file +; +; A ROM stub SIS file is required to allow UPS policy files to be +; provisioned post-manufacture because policy files are loaded from +; the policies subdirectory of the UPS server's private directory. + +&EN + +#{"User Prompt Service"}, (0x10285777), 1, 0 , 0, TYPE=SA + +%{"Nokia Corporation and/or its subsidiary(-ies)"} +:"Nokia Corporation and/or and/or its subsidiary(-ies)" + +; UPS policy files on the Z drive must also be included here if +; upgrades (eclipsing) is required post-manufacture. + +""-"z:\sys\bin\upsserver.exe" +

Device creators must create a ROM stub SIS file if they want +to allow policy files to be delivered after-market (since the UPS server is +delivered in the ROM).

To ensure that policy file upgrades are +approved by manufacturers or Symbian Signed, SIS files that modify the private +directory of the UPS must be signed by a certificate where CA has the AllFiles capability.

Verifying +hash of the policy

The VERIFY option must be +added to the line in the package file that installs the UPS policy file to +ensure that the Software Install checks the hash of the policy at restore +time. The following sample package file uses the VERIFY flag.

; tupspolicies1.pkg +; +; + +; Checks the installation of UPS policies files + +&EN +#{"UPS Policy Files"}, (0x10285777), 1, 0, 0, TYPE=SP +%{"Symbian Foundation"} +:"Symbian Foundation" + +; The VERIFY option is used to flag the files as non-modifiable so that SWI +; checks the hashes during restore + +"data\ups_01041000_01041001.rsc"-"$:\private\10283558\policies\ups_01041000_01041001.rsc", VERIFY +"data\ups_01041000_01041002.rsc"-"$:\private\10283558\policies\ups_01041000_01041002.rsc", VERIFY +"data\ups_01042000_01042001.rsc"-"$:\private\10283558\policies\ups_01042000_01042001.rsc", VERIFY +"data\ups_01043000_01043001.rsc"-"$:\private\10283558\policies\ups_01043000_01043001.rsc", VERIFY +

Version 5.1.0.1 or higher of makesis should be used because the VERIFY +flag is not supported in older versions.
The major and minor versions field in the policy header of the policy +file can be used to provide information that is used in upgrades. If the major +version number is changed when a policy file is upgraded, all decision records +for that policy file are deleted (because the major version number is stored +in the decision record).
Upgrading the plug-ins does not delete the decision records. If device +creators want to delete decision records with a plug-in upgrade they must +either update associated policy files or provide a run-on-install executable +that calls the management API to delete decision records.

Back up and restoring

UPS policy files may +be backed up and restored providing that a valid backup.xml file +is provided. The following is a sample backup file provided by Symbian.

<?xml version="1.0" standalone="yes" ?> +- <backup_registration> +- <passive_backup> + <include_directory name="policies" /> + </passive_backup> + <restore requires_reboot="no" /> + </backup_registration> +