login: Rename /var/lib/whitelist
Replace /var/lib/whitelist with /var/lib/devicesettings. Currently,
/var/lib/devicesettings is just a bind mount pointing to
/var/lib/whitelist. That means any saved policy/owner key still ends up
in /var/lib/whitelist and it can be read from both folders. This is to
make migration easier.
Once all code is updated to only use /var/lib/devicesettings, we will
remove the bind mount and move content to devicesettings to finish the
migration.
BUG=b:187793661
TEST=1) FEATURES=test emerge-volteer chromeos-base/chromeos-login
2) Deploy on device, enroll and visit chrome://policy.
Change-Id: I03bac2fc95e2c3fa488fab9d5a19d44209c27ac4
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform2/+/3084881
Reviewed-by: Hidehiko Abe <hidehiko@chromium.org>
Reviewed-by: Igor <igorcov@chromium.org>
Commit-Queue: Miriam Polzer <mpolzer@google.com>
Tested-by: Miriam Polzer <mpolzer@google.com>
diff --git a/login_manager/chrome_setup.cc b/login_manager/chrome_setup.cc
index ae5e9bd..455c1c5 100644
--- a/login_manager/chrome_setup.cc
+++ b/login_manager/chrome_setup.cc
@@ -349,6 +349,8 @@
// content of known files inside the directory. The policy-readers group is
// composed of the chronos user and other daemon accessing the device policies
// but not anything else.
+ // TODO(b/187793661) Change to /var/lib/devicesettings once it's a folder
+ // and not a bind mount anymore.
gid_t policy_readers_gid;
CHECK(brillo::userdb::GetGroupInfo("policy-readers", &policy_readers_gid));
CHECK(EnsureDirectoryExists(base::FilePath("/var/lib/whitelist"), kRootUid,
diff --git a/login_manager/device_policy_service.cc b/login_manager/device_policy_service.cc
index 5a9975e..79ebdcf 100644
--- a/login_manager/device_policy_service.cc
+++ b/login_manager/device_policy_service.cc
@@ -81,7 +81,7 @@
// files. Any change in format or location of those files that is not backwards
// compatible might break rollback.
// static
-const char DevicePolicyService::kPolicyDir[] = "/var/lib/whitelist";
+const char DevicePolicyService::kPolicyDir[] = "/var/lib/devicesettings";
// static
const char DevicePolicyService::kDevicePolicyType[] = "google/chromeos/device";
// static
diff --git a/login_manager/nss_util.cc b/login_manager/nss_util.cc
index e262c45..5672bde 100644
--- a/login_manager/nss_util.cc
+++ b/login_manager/nss_util.cc
@@ -41,7 +41,7 @@
namespace {
// This should match the same constant in Chrome tree:
// chromeos/dbus/constants/dbus_paths.cc
-const char kOwnerKeyFile[] = "/var/lib/whitelist/owner.key";
+const char kOwnerKeyFile[] = "/var/lib/devicesettings/owner.key";
// TODO(hidehiko): Move this to scoped_nss_types.h.
struct CERTSubjectPublicKeyInfoDeleter {