summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorStephane Desneux <stephane.desneux@iot.bzh>2017-03-27 15:37:07 +0200
committerStephane Desneux <stephane.desneux@iot.bzh>2017-03-27 17:43:10 +0200
commit497d7db5bfc71367c6393a09a2f768b812fce83f (patch)
treedf8ffe1b8e5f74f2cf6c535fba55cc2c331061a8
parenta72d5234e827756647c0fb78e70e2d8e4d6f2ab0 (diff)
Migrate meta-app-framework to meta-agl
Application Framework is now part of core AGL components and has been moved from meta-agl-extra to meta-agl. Bug-AGL: SPEC-448 The commit history has been kept and the following commits have been moved from meta-agl-extra to meta-agl: e08fc10 2017-03-14 13:07:12 +0100 jose.bollo@iot.bzh Move to AGL framework on top of systemd 8bdc96f 2017-03-24 16:15:04 +0100 ronan.lemartret@iot.bzh Rename webruntime DISTRO_FEATURES 02faef6 2017-03-14 12:50:03 +0100 jose.bollo@iot.bzh Upgrade application framework 9731d66 2017-03-08 14:19:42 +0100 jose.bollo@iot.bzh base-files for the framework ed214a2 2017-03-06 17:19:16 +0100 jose.bollo@iot.bzh Ensure that eXtended Attributes are managed 2969a9f 2017-03-07 17:30:18 +0100 jose.bollo@iot.bzh shadow: 'useradd' copies root's extended attributes e159294 2017-03-08 13:15:58 +0100 jose.bollo@iot.bzh Removes systemd warnings d19db32 2017-03-06 17:11:33 +0100 ronan.lemartret@iot.bzh Add service dependency on run-agl-postinsts d3a02ef 2017-02-23 23:41:45 +0700 tranmanphong@gmail.com Fix the error of homescreen for QEMU x86-64 913a263 2017-02-23 11:03:08 +0100 ronan.lemartret@iot.bzh Update af-main d36e635 2017-02-17 14:35:31 +0100 stephane.desneux@iot.bzh aglwgt.bbclass: fix bashism 72265ee 2017-02-16 18:03:32 +0100 ronan.lemartret@iot.bzh Add dependency to images f3292e8 2017-02-15 17:02:52 +0100 ronan.lemartret@iot.bzh Allowed wgt app to auto-install at the first boot 347aa4d 2017-02-15 16:54:11 +0100 ronan.lemartret@iot.bzh Add afm-install used to install wgt at first boot 9153078 2017-01-20 16:30:39 +0100 ronan.lemartret@iot.bzh Move feature code into the meta recipes b5ce617 2017-01-16 19:43:03 +0100 jsmoeller@linuxfoundation.org Add missing DEPENDS to af-binder ba2ad47 2016-10-25 16:11:27 +0200 ronan.lemartret@iot.bzh fix for gcc6 build 8f15654 2016-10-14 14:21:15 +0200 ronan.lemartret@iot.bzh fix libcap patch 24b96c4 2017-01-03 11:46:04 +0100 jose.bollo@iot.bzh Activates threading and hook features f518d36 2017-01-02 17:10:24 +0100 ronan.lemartret@iot.bzh add fakeroot to aglwgt_deploy task 4c81238 2016-12-28 20:45:11 +0100 jsmoeller@linuxfoundation.org Be more precise in addtask a930811 2016-12-28 19:15:54 +0100 jsmoeller@linuxfoundation.org Fix whitespace in aglwgt bbclass de41ad3 2016-12-28 14:54:42 +0100 jsmoeller@linuxfoundation.org Add aglwgt class 5999238 2016-12-20 15:45:34 +0100 jose.bollo@iot.bzh Authorize the requested permissions a79a010 2016-12-16 12:37:44 +0100 anton@advancedtelematic.com Don't override SYSTEMD_SERVICE of original recipe. b6960b3 2016-12-14 16:34:29 +0100 stephane.desneux@iot.bzh af-main: remove --roothttp option from afm-launch.conf 524e557 2016-12-14 14:08:16 +0100 anton@advancedtelematic.com Move all writable data used by security-manager and appfw to /var d32c40a 2016-12-14 11:26:23 +0100 jose.bollo@iot.bzh af-main: fix exec flag and case sensitive ids 9e930f5 2016-12-07 19:58:18 +0100 ronan.lemartret@iot.bzh add native build for af-main 5b8d3a4 2016-12-05 10:16:12 +0100 stephane.desneux@iot.bzh agl-appfw-smack: remove dependency on meta-agl-security f45014a 2016-11-21 15:37:32 +0100 jose.bollo@iot.bzh Improves places for QT_WAYLAND_SHELL_INTEGRATION d1c5151 2016-11-17 16:26:32 +0100 jose.bollo@iot.bzh smack: removed already applied patch f0d8be8 2016-11-16 13:27:36 +0100 jose.bollo@iot.bzh appfwk: improvements 1d8243b 2016-11-10 12:46:59 +0100 stephane.desneux@iot.bzh meta-app-framework: fix unpackaged files in nativesdk-af-main 4da956c 2016-11-03 11:30:25 +0100 jose.bollo@iot.bzh Smack: add audit when smack is active c6b0317 2016-11-08 11:38:51 +0100 jose.bollo@iot.bzh web-runtime: provide IVI tuning for porter c294b3a 2016-11-08 17:27:51 +0100 jose.bollo@iot.bzh af-main: update c50805d 2016-11-03 11:26:17 +0100 jose.bollo@iot.bzh Smack: fixup of bluetooth socket labelling ce583cd 2016-11-01 15:52:09 +0100 ronan.lemartret@iot.bzh Allow build without meta-agl-demo eadecc1 2016-10-14 13:25:07 +0200 jose.bollo@iot.bzh FWK: Adaptations for jethro 111007a 2016-09-20 14:40:51 +0200 jose.bollo@iot.bzh app-framework: Improvements 53ae34d 2016-09-05 17:13:10 +0200 jose.bollo@iot.bzh app-framework: improvements 8303ea3 2016-08-29 23:25:25 +0200 jose.bollo@iot.bzh Improves the handling of upgrade for websockets 2b33f74 2016-08-10 18:44:15 +0200 jose.bollo@iot.bzh app-framework: fix minor bugs 73771f1 2016-07-18 15:48:59 +0000 mbc@iot.bzh meta-app-framework: install missing libafbwsc library edf0c91 2016-07-15 11:56:18 +0000 stephane.desneux@iot.bzh meta-app-framework: sync with latest af-main sources f848612 2016-07-12 14:17:37 +0000 stephane.desneux@iot.bzh meta-app-framework: sync with latest af-binder sources d277fb2 2016-07-11 21:05:55 +0000 stephane.desneux@iot.bzh meta-app-framework: add missing dependency between af-binder-dev and libafbwsc-dev 17fd881 2016-07-10 17:53:06 +0000 stephane.desneux@iot.bzh meta-app-framework: af-binder must create ${libdir}/afb at postinst time c664012 2016-07-08 15:08:25 +0000 stephane.desneux@iot.bzh meta-app-framework: add af-main-tools and dependencies in nativesdk-packagegroup-sdk-host d7a5a54 2016-07-08 14:24:51 +0000 stephane.desneux@iot.bzh meta-app-framework: af-binder source code update 68dde03 2016-07-05 16:04:51 +0000 stephane.desneux@iot.bzh meta-app-framework: build master branch f3b34f5 2016-06-28 22:13:58 +0000 stephane.desneux@iot.bzh add features agl-demo, agl-appfw-smack and agl-localdev f4b76be 2016-06-28 21:34:29 +0000 stephane.desneux@iot.bzh add feature agl-appfw-smack e80d00c 2016-06-24 11:01:25 +0200 jose.bollo@iot.bzh upgrade to new namings and bug fixes 7cd29bd 2016-06-23 16:00:59 +0000 stephane.desneux@iot.bzh add layer meta-app-framework Change-Id: I4ee34dfd8810ae6f10435308b1005e11e03bd05a Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
-rw-r--r--meta-app-framework/classes/aglwgt.bbclass61
-rw-r--r--meta-app-framework/conf/include/agl-appfw-smack.inc16
-rw-r--r--meta-app-framework/conf/layer.conf11
-rw-r--r--meta-app-framework/recipes-config/agl-users/agl-users_0.1.bb21
-rw-r--r--meta-app-framework/recipes-core/af-binder/af-binder_1.0.bb78
-rw-r--r--meta-app-framework/recipes-core/af-main/af-main/Hack-to-allow-the-debugging.patch29
-rw-r--r--meta-app-framework/recipes-core/af-main/af-main/add-qt-wayland-shell-integration.patch12
-rwxr-xr-xmeta-app-framework/recipes-core/af-main/af-main/afm-install44
-rw-r--r--meta-app-framework/recipes-core/af-main/af-main_1.0.bb106
-rw-r--r--meta-app-framework/recipes-core/af-main/af-main_1.0.inc26
-rw-r--r--meta-app-framework/recipes-core/af-main/nativesdk-af-main_1.0.bb26
-rw-r--r--meta-app-framework/recipes-core/base-files/base-files_%.bbappend22
-rw-r--r--meta-app-framework/recipes-core/packagegroups/nativesdk-packagegroup-sdk-host.bbappend2
-rw-r--r--meta-app-framework/recipes-core/packagegroups/packagegroup-agl-app-framework-examples.bb16
-rw-r--r--meta-app-framework/recipes-core/packagegroups/packagegroup-agl-app-framework.bb20
-rw-r--r--meta-app-framework/recipes-core/packagegroups/packagegroup-agl-core-security.bbappend9
-rw-r--r--meta-app-framework/recipes-core/packagegroups/packagegroup-agl-image-minimal.bbappend3
-rw-r--r--meta-app-framework/recipes-core/security-manager/security-manager/0001-Adapt-rules-to-AGL.patch50
-rw-r--r--meta-app-framework/recipes-core/security-manager/security-manager/0001-Fix-Cmake-conf-for-gcc6-build.patch40
-rw-r--r--meta-app-framework/recipes-core/security-manager/security-manager/0001-Fix-gcc6-build.patch38
-rw-r--r--meta-app-framework/recipes-core/security-manager/security-manager/Removing-tizen-platform-config.patch196
-rw-r--r--meta-app-framework/recipes-core/security-manager/security-manager/init-security-manager-db.service15
-rw-r--r--meta-app-framework/recipes-core/security-manager/security-manager/init-security-manager-db.sh6
-rw-r--r--meta-app-framework/recipes-core/security-manager/security-manager_%.bbappend22
-rwxr-xr-xmeta-app-framework/recipes-core/web-runtime/web-runtime/web-runtime2
-rw-r--r--meta-app-framework/recipes-core/web-runtime/web-runtime/web-runtime-webkit.qml13
-rw-r--r--meta-app-framework/recipes-core/web-runtime/web-runtime/web-runtime.qml13
-rw-r--r--meta-app-framework/recipes-core/web-runtime/web-runtime_0.1.bb34
-rw-r--r--meta-app-framework/recipes-devtools/run-agl-postinsts/run-agl-postinsts_1.0.bbappend1
-rw-r--r--meta-app-framework/recipes-example/afb-client/afb-client_1.0.bb29
-rw-r--r--meta-app-framework/recipes-example/afb-client/files/afb-client7
-rw-r--r--meta-app-framework/recipes-example/afm-client/afm-client_1.0.bb40
-rw-r--r--meta-app-framework/recipes-example/afm-client/files/afm-client7
-rw-r--r--meta-app-framework/recipes-example/afm-client/files/afm-client.service11
-rw-r--r--meta-app-framework/recipes-extended/shadow/files/0001-useradd-copy-extended-attributes-of-home-native.patch45
-rw-r--r--meta-app-framework/recipes-extended/shadow/files/0001-useradd-copy-extended-attributes-of-home.patch45
-rw-r--r--meta-app-framework/recipes-extended/shadow/shadow_%.bbappend4
-rw-r--r--meta-app-framework/recipes-kernel/linux/linux-%.bbappend3
-rw-r--r--meta-app-framework/recipes-kernel/linux/linux-yocto_4.1.bbappend12
-rw-r--r--meta-app-framework/recipes-kernel/linux/linux-yocto_4.4.bbappend11
-rw-r--r--meta-app-framework/recipes-kernel/linux/linux/audit.cfg2
-rw-r--r--meta-app-framework/recipes-kernel/linux/linux/linux-yocto-4.1/0001-Smack-File-receive-for-sockets.patch62
-rw-r--r--meta-app-framework/recipes-kernel/linux/linux/linux-yocto-4.1/0002-smack-fix-cache-of-access-labels.patch43
-rw-r--r--meta-app-framework/recipes-kernel/linux/linux/linux-yocto-4.1/0003-Smack-ignore-null-signal-in-smack_task_kill.patch39
-rw-r--r--meta-app-framework/recipes-kernel/linux/linux/linux-yocto-4.1/0004-Smack-Assign-smack_known_web-label-for-kernel-thread.patch49
-rw-r--r--meta-app-framework/recipes-kernel/linux/linux/linux-yocto-4.4/0001-Smack-File-receive-for-sockets.patch65
-rw-r--r--meta-app-framework/recipes-kernel/linux/linux/linux-yocto-4.4/0002-smack-fix-cache-of-access-labels.patch43
-rw-r--r--meta-app-framework/recipes-kernel/linux/linux/linux-yocto-4.4/0003-Smack-ignore-null-signal-in-smack_task_kill.patch39
-rw-r--r--meta-app-framework/recipes-kernel/linux/linux/linux-yocto-4.4/0004-Smack-Assign-smack_known_web-label-for-kernel-thread.patch49
-rw-r--r--meta-app-framework/recipes-support/libcap/libcap/removing-capability-enforcement.patch87
-rw-r--r--meta-app-framework/recipes-support/libcap/libcap_%.bbappend5
-rw-r--r--meta-app-framework/recipes-support/libmicrohttpd/libmicrohttpd/allows-upgrade.patch81
-rw-r--r--meta-app-framework/recipes-support/libmicrohttpd/libmicrohttpd_0.9.49.bb25
-rw-r--r--meta-app-framework/recipes-support/libmicrohttpd/libmicrohttpd_0.9.49.bbappend5
-rw-r--r--meta-app-framework/recipes-support/libzip/libzip_1.1.1.bb32
-rw-r--r--meta-app-framework/recipes-support/xmlsec1/xmlsec1/Only-require-libxslt-in-.pc-files-when-necessary.patch115
-rw-r--r--meta-app-framework/recipes-support/xmlsec1/xmlsec1_1.%.bbappend6
-rw-r--r--templates/feature/agl-appfw-smack/50_bblayers.conf.inc6
-rw-r--r--templates/feature/agl-appfw-smack/50_local.conf.inc2
59 files changed, 0 insertions, 1901 deletions
diff --git a/meta-app-framework/classes/aglwgt.bbclass b/meta-app-framework/classes/aglwgt.bbclass
deleted file mode 100644
index afe9a55..0000000
--- a/meta-app-framework/classes/aglwgt.bbclass
+++ /dev/null
@@ -1,61 +0,0 @@
-#
-# aglwgt bbclass
-#
-# Jan-Simon Moeller, jsmoeller@linuxfoundation.org
-#
-# This class expects a "make package" target in the makefile
-# which creates the wgt files in the package/ subfolder.
-# The makefile needs to use wgtpkg-pack.
-#
-
-
-# 'wgtpkg-pack' in af-main-native is required.
-DEPENDS_append = " af-main-native"
-
-# for bindings af-binder is required.
-DEPENDS_append = " af-binder"
-
-do_aglwgt_package() {
- cd ${B}
- make package || ( \
- bbwarn "Your makefile must support the 'make package' target" ; \
- bbwarn "and generate a .wgt file using wgtpack in the"; \
- bbwarn "subfolder ./package/ !" ; \
- bbwarn "Fix your package as it will not work within the SDK" ; \
- bbwarn "See: https://wiki.automotivelinux.org/troubleshooting/app-recipes" \
- )
-}
-
-python () {
- d.setVarFlag('do_aglwgt_deploy', 'fakeroot', '1')
-}
-
-
-POST_INSTALL_LEVEL ?= "10"
-POST_INSTALL_SCRIPT ?= "${POST_INSTALL_LEVEL}-${PN}.sh"
-
-EXTRA_WGT_POSTINSTALL ?= ""
-
-do_aglwgt_deploy() {
- install -d ${D}/usr/AGL/apps
- install -m 0644 ${B}/package/*.wgt ${D}/usr/AGL/apps/
- APP_FILES=""
- for file in ${D}/usr/AGL/apps/*.wgt;do
- APP_FILES="${APP_FILES} $(basename $file)";
- done
- install -d ${D}/${sysconfdir}/agl-postinsts
- cat > ${D}/${sysconfdir}/agl-postinsts/${POST_INSTALL_SCRIPT} <<EOF
-#!/bin/sh -e
-for file in ${APP_FILES}; do
- /usr/bin/afm-install install /usr/AGL/apps/\$file
-done
-sync
-${EXTRA_WGT_POSTINSTALL}
-EOF
- chmod a+x ${D}/${sysconfdir}/agl-postinsts/${POST_INSTALL_SCRIPT}
-}
-
-FILES_${PN} += "/usr/AGL/apps/*.wgt ${sysconfdir}/agl-postinsts/${POST_INSTALL_SCRIPT}"
-
-addtask aglwgt_deploy before do_package after do_install
-addtask aglwgt_package before do_aglwgt_deploy after do_compile
diff --git a/meta-app-framework/conf/include/agl-appfw-smack.inc b/meta-app-framework/conf/include/agl-appfw-smack.inc
deleted file mode 100644
index 133f6b0..0000000
--- a/meta-app-framework/conf/include/agl-appfw-smack.inc
+++ /dev/null
@@ -1,16 +0,0 @@
-# enable security features (smack, cynara) - required by Application Framework
-OVERRIDES .= ":smack"
-DISTRO_FEATURES_append = " smack dbus-cynara xattr"
-
-# use tar-native to support SMACK extended attributes independently of host config
-IMAGE_CMD_TAR = "tar --xattrs --xattrs-include='*'"
-IMAGE_DEPENDS_tar_append = " tar-replacement-native"
-EXTRANATIVEPATH += "tar-native"
-
-# security: enable ssh server in place of dropbear to support PAM on user sessions
-IMAGE_FEATURES += "ssh-server-openssh"
-
-# enforce copy of xattrs (to be removed, see SPEC-475)
-PACKAGECONFIG_append_pn-shadow = " attr"
-PACKAGECONFIG_append_pn-shadow-native = " attr"
-
diff --git a/meta-app-framework/conf/layer.conf b/meta-app-framework/conf/layer.conf
deleted file mode 100644
index f74ebd6..0000000
--- a/meta-app-framework/conf/layer.conf
+++ /dev/null
@@ -1,11 +0,0 @@
-# We have a conf and classes directory, add to BBPATH
-BBPATH .= ":${LAYERDIR}"
-
-# We have recipes-* directories, add to BBFILES
-BBFILES += "${LAYERDIR}/recipes-*/*/*.bb \
- ${LAYERDIR}/recipes-*/*/*.bbappend"
-
-BBFILE_COLLECTIONS += "app-framework"
-BBFILE_PATTERN_app-framework = "^${LAYERDIR}/"
-BBFILE_PRIORITY_app-framework = "7"
-
diff --git a/meta-app-framework/recipes-config/agl-users/agl-users_0.1.bb b/meta-app-framework/recipes-config/agl-users/agl-users_0.1.bb
deleted file mode 100644
index 832c51c..0000000
--- a/meta-app-framework/recipes-config/agl-users/agl-users_0.1.bb
+++ /dev/null
@@ -1,21 +0,0 @@
-inherit allarch useradd
-
-SUMMARY = "AGL Users Seed"
-DESCRIPTION = "This is a core framework component that\
- defines how users are managed and who are the default users."
-
-LICENSE = "MIT"
-LIC_FILES_CHKSUM = "file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420"
-
-
-SRC_URI = ""
-
-ALLOW_EMPTY_${PN} = "1"
-
-USERADD_PACKAGES = "${PN}"
-
-USERADD_PARAM_${PN} = "\
- -g users -d /home/agl-driver -m -K PASS_MAX_DAYS=-1 agl-driver ; \
- -g users -d /home/agl-passenger -m -K PASS_MAX_DAYS=-1 agl-passenger \
-"
-
diff --git a/meta-app-framework/recipes-core/af-binder/af-binder_1.0.bb b/meta-app-framework/recipes-core/af-binder/af-binder_1.0.bb
deleted file mode 100644
index 2ecb2aa..0000000
--- a/meta-app-framework/recipes-core/af-binder/af-binder_1.0.bb
+++ /dev/null
@@ -1,78 +0,0 @@
-SUMMARY = "HTTP REST interface to automotive backends for HTML5 UI support"
-DESCRIPTION = "Automotive-Framework-Binder Daemon provides a HTTP REST \
-interface to various automotive-oriented bindings, \
-allowing HTML5 UIs to send platform-specific requests in a secure way."
-HOMEPAGE = "https://gerrit.automotivelinux.org/gerrit/#/admin/projects/src/app-framework-binder"
-
-LICENSE = "Apache-2.0"
-LIC_FILES_CHKSUM = "file://LICENSE-2.0.txt;md5=3b83ef96387f14655fc854ddc3c6bd57"
-
-DEPENDS = "file json-c libmicrohttpd systemd util-linux openssl"
-
-SRC_URI_git = "git://gerrit.automotivelinux.org/gerrit/src/app-framework-binder;protocol=https;branch=master"
-SRC_URI_files = ""
-SRC_URI = "${SRC_URI_git} \
- ${SRC_URI_files} \
- "
-
-SRCREV = "e85e5d8ffe242f826b5f98e2834407b5d4c46690"
-S = "${WORKDIR}/git"
-
-inherit cmake pkgconfig
-
-FILES_${PN} += "${datadir}"
-
-pkg_postinst_${PN}() {
- mkdir -p "$D${libdir}/afb"
-}
-
-#############################################
-# setup meta package
-#############################################
-PACKAGES += "${PN}-meta"
-ALLOW_EMPTY_${PN}-meta = "1"
-
-#############################################
-# setup sample binding packages
-#############################################
-PACKAGES_DYNAMIC = "${PN}-binding-*"
-
-python populate_packages_prepend () {
- afb_libdir = d.expand('${libdir}/afb')
- postinst = d.getVar('binding_postinst', True)
- pkgs = []
- pkgs_dbg = []
-
- pkgs += do_split_packages(d, afb_libdir, '(.*)-api\.so$', d.expand('${PN}-binding-%s'), 'AFB binding for %s', postinst=postinst, extra_depends=d.expand('${PN}'))
- pkgs += do_split_packages(d, afb_libdir, '(.*(?!-api))\.so$', d.expand('${PN}-binding-%s'), 'AFB binding for %s', postinst=postinst, extra_depends=d.expand('${PN}'))
-
- pkgs_dbg += do_split_packages(d, oe.path.join(afb_libdir, ".debug"), '(.*)-api\.so$', d.expand('${PN}-binding-%s-dbg'), 'AFB binding for %s, debug info', postinst=postinst, extra_depends=d.expand('${PN}'))
- pkgs_dbg += do_split_packages(d, oe.path.join(afb_libdir, ".debug"), '(.*(?!-api))\.so$', d.expand('${PN}-binding-%s-dbg'), 'AFB binding for %s, debug info', postinst=postinst, extra_depends=d.expand('${PN}'))
-
- metapkg = d.getVar('PN', True) + '-meta'
- d.setVar('RDEPENDS_' + metapkg, ' '.join(pkgs))
-}
-
-#############################################
-# setup libafbwsc package
-#############################################
-PACKAGES =+ "libafbwsc libafbwsc-dev libafbwsc-dbg"
-
-FILES_libafbwsc = "\
- ${libdir}/libafbwsc.so.* \
-"
-FILES_libafbwsc-dev = "\
- ${includedir}/afb/afb-wsj1.h \
- ${includedir}/afb/afb-ws-client.h \
- ${bindir}/afb-client-demo \
- ${libdir}/libafbwsc.so \
- ${libdir}/pkgconfig/libafbwsc.pc \
-"
-FILES_libafbwsc-dbg = "\
- ${libdir}/.debug/libafbwsc.so.* \
- ${bindir}/.debug/afb-client-demo \
-"
-RDEPENDS_libafbwsc-dbg += "${PN}-dbg libafbwsc-dev"
-
-RDEPENDS_${PN}-dev += "libafbwsc-dev"
-
diff --git a/meta-app-framework/recipes-core/af-main/af-main/Hack-to-allow-the-debugging.patch b/meta-app-framework/recipes-core/af-main/af-main/Hack-to-allow-the-debugging.patch
deleted file mode 100644
index 44e8bce..0000000
--- a/meta-app-framework/recipes-core/af-main/af-main/Hack-to-allow-the-debugging.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-From a4fbfb88f1b7c4f4287d9279767220fae80d26da Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Jos=C3=A9=20Bollo?= <jose.bollo@iot.bzh>
-Date: Thu, 21 Jan 2016 15:07:29 +0100
-Subject: [PATCH] Hack to allow the debugging
-
-This is a temporarily fix to continue debugging
-afm-main. This should be removed later.
-
-Change-Id: I2f10f0cb1fce2ee30bd0754ad2e7bc8e2f6513aa
----
- conf/afm-user-daemon.conf | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/conf/afm-user-daemon.conf b/conf/afm-user-daemon.conf
-index 801c7ae..98a3152 100644
---- a/conf/afm-user-daemon.conf
-+++ b/conf/afm-user-daemon.conf
-@@ -25,7 +25,7 @@
- </policy>
-
- <policy context="default">
-- <deny own="org.AGL.afm.user"/>
-+ <allow own="org.AGL.afm.user"/>
- <allow send_destination="org.AGL.afm.system"/>
- </policy>
-
---
-2.1.4
-
diff --git a/meta-app-framework/recipes-core/af-main/af-main/add-qt-wayland-shell-integration.patch b/meta-app-framework/recipes-core/af-main/af-main/add-qt-wayland-shell-integration.patch
deleted file mode 100644
index c92415b..0000000
--- a/meta-app-framework/recipes-core/af-main/af-main/add-qt-wayland-shell-integration.patch
+++ /dev/null
@@ -1,12 +0,0 @@
-diff --git a/conf/afm-unit.conf b/conf/afm-unit.conf
-index 82113ef..2fbc9e2 100644
---- a/conf/afm-unit.conf
-+++ b/conf/afm-unit.conf
-@@ -127,6 +127,7 @@ SuccessExitStatus=0 SIGKILL
- WorkingDirectory=-{{&#metadata.app-data-dir}}/{{id}}
- ExecStartPre=/bin/mkdir -p {{&#metadata.app-data-dir}}/{{id}}
- Environment=AFM_APP_INSTALL_DIR={{:#metadata.install-dir}}
-+Environment=QT_WAYLAND_SHELL_INTEGRATION=ivi-shell
-
- %systemd-unit user
- {{#required-permission.urn:AGL:permission::public:hidden}}\
diff --git a/meta-app-framework/recipes-core/af-main/af-main/afm-install b/meta-app-framework/recipes-core/af-main/af-main/afm-install
deleted file mode 100755
index 6d37bae..0000000
--- a/meta-app-framework/recipes-core/af-main/af-main/afm-install
+++ /dev/null
@@ -1,44 +0,0 @@
-#!/bin/sh
-
-pretty() {
- sed \
- -e '/^method return .*/d' \
- -e 's/^Error org.freedesktop.DBus.Error.Failed: "\?\(.*\)"\?$/ERROR: \1/' \
- -e 's/^ string "\(.*\)"/\1/' \
- -e 's/},/&\n/'
-}
-
-send() {
- dbus-send --system --print-reply \
- --dest=org.AGL.afm.system \
- /org/AGL/afm/system \
- org.AGL.afm.system.$1 \
- "string:$2" |
- pretty
-}
-
-case "$1" in
-
- add|install)
- f=$(realpath $2)
- send install '{"wgt":"'"$f"'","force":true}'
- ;;
-
- -h|--help|help)
- cat << EOC
-
-The commands are:
-
- add wgt
- install wgt install the wgt file
-
-EOC
- ;;
-
- *)
- echo "unknown command $1" >&2
- exit 1
- ;;
-esac
-
-
diff --git a/meta-app-framework/recipes-core/af-main/af-main_1.0.bb b/meta-app-framework/recipes-core/af-main/af-main_1.0.bb
deleted file mode 100644
index 3c1b692..0000000
--- a/meta-app-framework/recipes-core/af-main/af-main_1.0.bb
+++ /dev/null
@@ -1,106 +0,0 @@
-require af-main_${PV}.inc
-
-# NOTE: using libcap-native and setcap in install doesn't work
-# NOTE: there is no SYSTEMD_USER_SERVICE_...
-# NOTE: maybe setting afm_name to agl-framework is cleaner but has implications
-# NOTE: there is a hack of security for using groups and dbus (to be checked)
-# NOTE: using ZIP programs creates directories with mode 777 (very bad)
-
-inherit cmake pkgconfig useradd systemd
-BBCLASSEXTEND = "native"
-
-SECTION = "base"
-
-DEPENDS = "openssl libxml2 xmlsec1 systemd libzip json-c systemd security-manager libcap-native af-binder"
-DEPENDS_class-native = "openssl libxml2 xmlsec1 libzip json-c"
-
-EXTRA_OECMAKE_class-native = "\
- -DUSE_LIBZIP=1 \
- -DUSE_SIMULATION=1 \
- -DUSE_SDK=1 \
- -Dafm_name=${afm_name} \
- -Dafm_confdir=${afm_confdir} \
- -Dafm_datadir=${afm_datadir} \
-"
-
-EXTRA_OECMAKE = "\
- -DUSE_LIBZIP=1 \
- -DUSE_SIMULATION=0 \
- -DUSE_SDK=0 \
- -Dafm_name=${afm_name} \
- -Dafm_confdir=${afm_confdir} \
- -Dafm_datadir=${afm_datadir} \
- -Dsystemd_units_root=${systemd_units_root} \
- -DUNITDIR_USER=${systemd_user_unitdir} \
- -DUNITDIR_SYSTEM=${systemd_system_unitdir} \
-"
-
-USERADD_PACKAGES = "${PN}"
-USERADD_PARAM_${PN} = "-g ${afm_name} -d ${afm_datadir} -r ${afm_name}"
-GROUPADD_PARAM_${PN} = "-r ${afm_name}"
-
-SYSTEMD_SERVICE_${PN} = "afm-system-daemon.service"
-SYSTEMD_AUTO_ENABLE = "enable"
-
-FILES_${PN} += "\
- ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '${systemd_user_unitdir}/afm-user-daemon.service', '', d)} \
-"
-RDEPENDS_${PN}_append_smack = " smack-userspace"
-DEPENDS_append_smack = " smack-userspace-native"
-
-# short hacks here
-SRC_URI += "\
- file://Hack-to-allow-the-debugging.patch \
-"
-
-# tools used to install wgt at first boot
-SRC_URI += "\
- file://afm-install \
- file://add-qt-wayland-shell-integration.patch \
-"
-
-do_install_append() {
- install -d ${D}${bindir}
- install -d -m 0775 ${D}${systemd_units_root}/{system,user}
- install -d -m 0775 ${D}${systemd_units_root}/{system,user}/default.target.wants
- install -d ${D}${afm_datadir}/{applications,icons}
- if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then
- mkdir -p ${D}${sysconfdir}/systemd/{system,user}/default.target.wants
- ln -sf ${systemd_user_unitdir}/afm-user-daemon.service ${D}${sysconfdir}/systemd/user/default.target.wants
- fi
- install -m 0755 ${WORKDIR}/afm-install ${D}${bindir}
-}
-
-do_install_append_qemux86-64() {
- sed -i -e '/LD_PRELOAD=\/usr\/lib\/libEGL.so/d' ${D}${systemd_user_unitdir}/afm-user-daemon.service
-}
-
-pkg_postinst_${PN}() {
- if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then
- chgrp ${afm_name} $D${systemd_units_root}/{system,user}/{default.target.wants,.}
- fi
- chown ${afm_name}:${afm_name} $D${afm_datadir}/{applications,icons,.}
- setcap cap_mac_override,cap_dac_override=ep $D${bindir}/afm-system-daemon
- setcap cap_mac_override,cap_mac_admin,cap_setgid=ep $D${bindir}/afm-user-daemon
-}
-
-pkg_postinst_${PN}_smack() {
- if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then
- chgrp ${afm_name} $D${systemd_units_root}/{system,user}/{default.target.wants,.}
- chsmack -a 'System::Shared' -t $D${systemd_units_root}/{system,user}/{default.target.wants,.}
- fi
- chown ${afm_name}:${afm_name} $D${afm_datadir}/{applications,icons,.}
- chsmack -a 'System::Shared' -t $D${afm_datadir}/{applications,icons,.}
- setcap cap_mac_override,cap_dac_override=ep $D${bindir}/afm-system-daemon
- setcap cap_mac_override,cap_mac_admin,cap_setgid=ep $D${bindir}/afm-user-daemon
-}
-FILES_${PN} += " ${systemd_units_root} "
-
-PACKAGES =+ "${PN}-binding ${PN}-binding-dbg"
-FILES_${PN}-binding = " ${afb_binding_dir}/afm-main-binding.so "
-FILES_${PN}-binding-dbg = " ${afb_binding_dir}/.debug/afm-main-binding.so "
-
-PACKAGES =+ "${PN}-tools ${PN}-tools-dbg"
-FILES_${PN}-tools = "${bindir}/wgtpkg-*"
-FILES_${PN}-tools-dbg = "${bindir}/.debug/wgtpkg-*"
-
diff --git a/meta-app-framework/recipes-core/af-main/af-main_1.0.inc b/meta-app-framework/recipes-core/af-main/af-main_1.0.inc
deleted file mode 100644
index 6ce87ed..0000000
--- a/meta-app-framework/recipes-core/af-main/af-main_1.0.inc
+++ /dev/null
@@ -1,26 +0,0 @@
-SUMMARY = "AGL Framework Main part"
-DESCRIPTION = "\
-This is a core framework component for managing \
-applications, widgets, and components. \
-"
-
-HOMEPAGE = "https://gerrit.automotivelinux.org/gerrit/#/admin/projects/src/app-framework-main"
-LICENSE = "Apache-2.0"
-LIC_FILES_CHKSUM = "file://COPYING;md5=3b83ef96387f14655fc854ddc3c6bd57"
-
-SRC_URI_git = "git://gerrit.automotivelinux.org/gerrit/src/app-framework-main;protocol=https;branch=master"
-SRC_URI_files = ""
-SRC_URI = "${SRC_URI_git} \
- ${SRC_URI_files} \
- "
-
-SRCREV = "255c83029f56e8d90e7ce185b007c4ca65afec1e"
-
-S = "${WORKDIR}/git"
-
-afm_name = "afm"
-afm_confdir = "${sysconfdir}/${afm_name}"
-afm_datadir = "/var/local/lib/${afm_name}"
-afb_binding_dir = "${libdir}/afb"
-systemd_units_root = "/usr/local/lib/systemd"
-
diff --git a/meta-app-framework/recipes-core/af-main/nativesdk-af-main_1.0.bb b/meta-app-framework/recipes-core/af-main/nativesdk-af-main_1.0.bb
deleted file mode 100644
index 8d04434..0000000
--- a/meta-app-framework/recipes-core/af-main/nativesdk-af-main_1.0.bb
+++ /dev/null
@@ -1,26 +0,0 @@
-require af-main_${PV}.inc
-
-inherit nativesdk cmake pkgconfig
-
-SECTION = "base"
-
-DEPENDS = "nativesdk-openssl nativesdk-libxml2 nativesdk-xmlsec1 nativesdk-libzip nativesdk-json-c"
-
-EXTRA_OECMAKE = "\
- -DUSE_LIBZIP=1 \
- -DUSE_SIMULATION=1 \
- -DUSE_SDK=1 \
- -Dafm_name=${afm_name} \
- -Dafm_confdir=${afm_confdir} \
- -Dafm_datadir=${afm_datadir} \
-"
-
-do_install_append() {
- # remove unused .pc file we don't want to package
- rm -rf ${D}/${libdir}
-}
-
-PACKAGES = "${PN}-tools ${PN}-tools-dbg"
-FILES_${PN}-tools = "${bindir}/wgtpkg-* ${afm_confdir}/*"
-FILES_${PN}-tools-dbg = "${bindir}/.debug/wgtpkg-*"
-
diff --git a/meta-app-framework/recipes-core/base-files/base-files_%.bbappend b/meta-app-framework/recipes-core/base-files/base-files_%.bbappend
deleted file mode 100644
index 7e12bc8..0000000
--- a/meta-app-framework/recipes-core/base-files/base-files_%.bbappend
+++ /dev/null
@@ -1,22 +0,0 @@
-DEPENDS_append_smack = " smack-userspace-native"
-RDEPENDS_${PN}_append_smack = " smack-userspace"
-
-do_install_append() {
- install -d ${D}/${sysconfdir}/skel/app-data
- install -d ${D}/${sysconfdir}/skel/.config
-}
-
-do_install_append_smack () {
- install -d ${D}/${sysconfdir}/smack/accesses.d
- cat > ${D}/${sysconfdir}/smack/accesses.d/default-access-domains-no-user <<EOF
-System User::App-Shared rwxat
-System User::Home rwxat
-EOF
- chmod 0644 ${D}/${sysconfdir}/smack/accesses.d/default-access-domains-no-user
-}
-
-pkg_postinst_${PN}_append_smack() {
- chsmack -r -a 'User::Home' -t -D $D/${sysconfdir}/skel
- chsmack -a 'User::App-Shared' -D $D/${sysconfdir}/skel/app-data
-}
-
diff --git a/meta-app-framework/recipes-core/packagegroups/nativesdk-packagegroup-sdk-host.bbappend b/meta-app-framework/recipes-core/packagegroups/nativesdk-packagegroup-sdk-host.bbappend
deleted file mode 100644
index ca0b54f..0000000
--- a/meta-app-framework/recipes-core/packagegroups/nativesdk-packagegroup-sdk-host.bbappend
+++ /dev/null
@@ -1,2 +0,0 @@
-RDEPENDS_${PN} =+ "nativesdk-af-main-tools"
-
diff --git a/meta-app-framework/recipes-core/packagegroups/packagegroup-agl-app-framework-examples.bb b/meta-app-framework/recipes-core/packagegroups/packagegroup-agl-app-framework-examples.bb
deleted file mode 100644
index e95b754..0000000
--- a/meta-app-framework/recipes-core/packagegroups/packagegroup-agl-app-framework-examples.bb
+++ /dev/null
@@ -1,16 +0,0 @@
-SUMMARY = "AGL Application Framework examples"
-DESCRIPTION = "The set of examples associated to the AGL Application Framework"
-LICENSE = "MIT"
-
-inherit packagegroup
-
-PACKAGES = "\
- packagegroup-agl-app-framework-examples \
- "
-
-ALLOW_EMPTY_${PN} = "1"
-
-RDEPENDS_${PN} += "\
- afm-client \
- afb-client \
- "
diff --git a/meta-app-framework/recipes-core/packagegroups/packagegroup-agl-app-framework.bb b/meta-app-framework/recipes-core/packagegroups/packagegroup-agl-app-framework.bb
deleted file mode 100644
index 0fdaabc..0000000
--- a/meta-app-framework/recipes-core/packagegroups/packagegroup-agl-app-framework.bb
+++ /dev/null
@@ -1,20 +0,0 @@
-SUMMARY = "AGL Application Framework core packages"
-DESCRIPTION = "The set of packages required by the AGL Application Framework"
-LICENSE = "MIT"
-
-inherit packagegroup
-
-PACKAGES = "\
- packagegroup-agl-app-framework \
- "
-
-ALLOW_EMPTY_${PN} = "1"
-
-RDEPENDS_${PN} += "\
- af-binder \
- af-binder-binding-afb-dbus-binding \
- af-binder-binding-authlogin \
- libafbwsc \
- af-main \
- ${@bb.utils.contains('DISTRO_FEATURES', 'webruntime', 'virtual/webruntime', '', d)} \
- "
diff --git a/meta-app-framework/recipes-core/packagegroups/packagegroup-agl-core-security.bbappend b/meta-app-framework/recipes-core/packagegroups/packagegroup-agl-core-security.bbappend
deleted file mode 100644
index 0c9efe4..0000000
--- a/meta-app-framework/recipes-core/packagegroups/packagegroup-agl-core-security.bbappend
+++ /dev/null
@@ -1,9 +0,0 @@
-RDEPENDS_${PN} += "\
- xmlsec1 \
- cynara \
- dbus-cynara \
- security-manager \
- security-manager-policy \
- agl-users \
- "
-
diff --git a/meta-app-framework/recipes-core/packagegroups/packagegroup-agl-image-minimal.bbappend b/meta-app-framework/recipes-core/packagegroups/packagegroup-agl-image-minimal.bbappend
deleted file mode 100644
index ad09e5d..0000000
--- a/meta-app-framework/recipes-core/packagegroups/packagegroup-agl-image-minimal.bbappend
+++ /dev/null
@@ -1,3 +0,0 @@
-RDEPENDS_${PN} += "\
- packagegroup-agl-app-framework \
- "
diff --git a/meta-app-framework/recipes-core/security-manager/security-manager/0001-Adapt-rules-to-AGL.patch b/meta-app-framework/recipes-core/security-manager/security-manager/0001-Adapt-rules-to-AGL.patch
deleted file mode 100644
index 4c91f7f..0000000
--- a/meta-app-framework/recipes-core/security-manager/security-manager/0001-Adapt-rules-to-AGL.patch
+++ /dev/null
@@ -1,50 +0,0 @@
-From 935e4e4e746b5ffcda80c80097dc75c2581c1a89 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Jos=C3=A9=20Bollo?= <jose.bollo@iot.bzh>
-Date: Wed, 19 Oct 2016 13:45:54 +0200
-Subject: [PATCH] Adapt rules to AGL
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-AGL distribution uses the repository https://github.com/01org/meta-intel-iot-security.git
-as basis for the integration of security framework. The security framework
-that it provides is an evolution of the security framework of tizen refited
-to the distribution Ostro of Intel. This refit took the decision to simplify
-the model by removing the running label "User". More can be viewed here:
-https://github.com/01org/meta-intel-iot-security/pull/116
-
-This commits adapt the template to the rules that are now needed
-after this evolution.
-
-It also integrates one other evolutions: the shared label becomes User::App-Shared instead
-of User::App::Shared to avoid collision with application of id "Shared".
-
-Change-Id: Ieb566b63f8c8e691b5f75e06499a3b576d042546
-Signed-off-by: José Bollo <jose.bollo@iot.bzh>
----
- policy/app-rules-template.smack | 8 ++++----
- 1 file changed, 4 insertions(+), 4 deletions(-)
-
-diff --git a/policy/app-rules-template.smack b/policy/app-rules-template.smack
-index 1311169..b4cd2e3 100644
---- a/policy/app-rules-template.smack
-+++ b/policy/app-rules-template.smack
-@@ -1,12 +1,10 @@
--System ~APP~ rwx
-+System ~APP~ rwxa
-+System ~PKG~ rwxat
- ~APP~ System wx
- ~APP~ System::Shared rx
- ~APP~ System::Run rwxat
- ~APP~ System::Log rwxa
- ~APP~ _ l
--User ~APP~ rwxa
--User ~PKG~ rwxat
--~APP~ User wx
- ~APP~ User::Home rxl
--~APP~ User::App::Shared rwxat
-+~APP~ User::App-Shared rwxat
- ~APP~ ~PKG~ rwxat
---
-2.7.4
-
diff --git a/meta-app-framework/recipes-core/security-manager/security-manager/0001-Fix-Cmake-conf-for-gcc6-build.patch b/meta-app-framework/recipes-core/security-manager/security-manager/0001-Fix-Cmake-conf-for-gcc6-build.patch
deleted file mode 100644
index 43a3ee1..0000000
--- a/meta-app-framework/recipes-core/security-manager/security-manager/0001-Fix-Cmake-conf-for-gcc6-build.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-From 19c99315a5dcba3b696c30d1fdd42a1dcd574a80 Mon Sep 17 00:00:00 2001
-From: Ronan <ronan.lemartret@iot.bzh>
-Date: Thu, 13 Oct 2016 11:37:47 +0200
-Subject: [PATCH] Fix Cmake conf for gcc6 build
-
-Signed-off-by: Ronan <ronan.lemartret@iot.bzh>
----
- src/cmd/CMakeLists.txt | 4 +---
- src/server/CMakeLists.txt | 1 -
- 2 files changed, 1 insertion(+), 4 deletions(-)
-
-diff --git a/src/cmd/CMakeLists.txt b/src/cmd/CMakeLists.txt
-index ee9a160..aa7a12c 100644
---- a/src/cmd/CMakeLists.txt
-+++ b/src/cmd/CMakeLists.txt
-@@ -1,8 +1,6 @@
- FIND_PACKAGE(Boost REQUIRED COMPONENTS program_options)
-
--INCLUDE_DIRECTORIES(SYSTEM
-- ${Boost_INCLUDE_DIRS}
-- )
-+
-
- INCLUDE_DIRECTORIES(
- ${INCLUDE_PATH}
-diff --git a/src/server/CMakeLists.txt b/src/server/CMakeLists.txt
-index 753eb96..8eef25d 100644
---- a/src/server/CMakeLists.txt
-+++ b/src/server/CMakeLists.txt
-@@ -8,7 +8,6 @@ FIND_PACKAGE(Threads REQUIRED)
-
- INCLUDE_DIRECTORIES(SYSTEM
- ${SERVER_DEP_INCLUDE_DIRS}
-- ${Boost_INCLUDE_DIRS}
- ${Threads_INCLUDE_DIRS}
- )
-
---
-2.6.6
-
diff --git a/meta-app-framework/recipes-core/security-manager/security-manager/0001-Fix-gcc6-build.patch b/meta-app-framework/recipes-core/security-manager/security-manager/0001-Fix-gcc6-build.patch
deleted file mode 100644
index 1b3c8c4..0000000
--- a/meta-app-framework/recipes-core/security-manager/security-manager/0001-Fix-gcc6-build.patch
+++ /dev/null
@@ -1,38 +0,0 @@
-From cb9acc2b723b297ee373bf814282711f02657aa5 Mon Sep 17 00:00:00 2001
-From: Ronan <ronan.lemartret@iot.bzh>
-Date: Wed, 12 Oct 2016 17:48:55 +0200
-Subject: [PATCH] Fix gcc6 build
-
-Signed-off-by: ronan <ronan@ot.bzh>
----
- src/client/client-security-manager.cpp | 1 +
- src/common/include/privilege_db.h | 1 +
- 2 files changed, 2 insertions(+)
-
-diff --git a/src/client/client-security-manager.cpp b/src/client/client-security-manager.cpp
-index 74a6b30..347cddd 100644
---- a/src/client/client-security-manager.cpp
-+++ b/src/client/client-security-manager.cpp
-@@ -46,6 +46,7 @@
- #include <service_impl.h>
- #include <security-manager.h>
- #include <client-offline.h>
-+#include <linux/xattr.h>
-
- static const char *EMPTY = "";
-
-diff --git a/src/common/include/privilege_db.h b/src/common/include/privilege_db.h
-index 03c6680..8dd39a1 100644
---- a/src/common/include/privilege_db.h
-+++ b/src/common/include/privilege_db.h
-@@ -32,6 +32,7 @@
- #include <map>
- #include <stdbool.h>
- #include <string>
-+#include <vector>
-
- #include <dpl/db/sql_connection.h>
-
---
-2.6.6
-
diff --git a/meta-app-framework/recipes-core/security-manager/security-manager/Removing-tizen-platform-config.patch b/meta-app-framework/recipes-core/security-manager/security-manager/Removing-tizen-platform-config.patch
deleted file mode 100644
index 4830db2..0000000
--- a/meta-app-framework/recipes-core/security-manager/security-manager/Removing-tizen-platform-config.patch
+++ /dev/null
@@ -1,196 +0,0 @@
-From 72e66d0e42f3bb6efd689ce33b1df407d94b3c60 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Jos=C3=A9=20Bollo?= <jose.bollo@iot.bzh>
-Date: Mon, 16 Nov 2015 14:26:25 +0100
-Subject: [PATCH] Removing tizen-platform-config
-
-Change-Id: Ic832a2b75229517b09faba969c27fb1a4b490121
----
- policy/security-manager-policy-reload | 2 +-
- src/common/file-lock.cpp | 4 +---
- src/common/include/file-lock.h | 1 -
- src/common/include/privilege_db.h | 3 +--
- src/common/service_impl.cpp | 39 +++++++++++------------------------
- src/common/smack-rules.cpp | 12 ++++-------
- 6 files changed, 19 insertions(+), 42 deletions(-)
-
-diff --git a/policy/security-manager-policy-reload b/policy/security-manager-policy-reload
-index 6f211c6..ed8047a 100755
---- a/policy/security-manager-policy-reload
-+++ b/policy/security-manager-policy-reload
-@@ -2,7 +2,7 @@
-
- POLICY_PATH=/usr/share/security-manager/policy
- PRIVILEGE_GROUP_MAPPING=$POLICY_PATH/privilege-group.list
--DB_FILE=`tzplatform-get TZ_SYS_DB | cut -d= -f2`/.security-manager.db
-+DB_FILE=/var/db/security-manager/.security-manager.db
-
- # Create default buckets
- while read bucket default_policy
-diff --git a/src/common/file-lock.cpp b/src/common/file-lock.cpp
-index 6f3996c..1dada17 100644
---- a/src/common/file-lock.cpp
-+++ b/src/common/file-lock.cpp
-@@ -30,9 +30,7 @@
-
- namespace SecurityManager {
-
--char const * const SERVICE_LOCK_FILE = tzplatform_mkpath3(TZ_SYS_RUN,
-- "lock",
-- "security-manager.lock");
-+char const * const SERVICE_LOCK_FILE = "/var/run/lock/security-manager.lock";
-
- FileLocker::FileLocker(const std::string &lockFile, bool blocking)
- {
-diff --git a/src/common/include/file-lock.h b/src/common/include/file-lock.h
-index 604b019..21a86a0 100644
---- a/src/common/include/file-lock.h
-+++ b/src/common/include/file-lock.h
-@@ -29,7 +29,6 @@
-
- #include <dpl/exception.h>
- #include <dpl/noncopyable.h>
--#include <tzplatform_config.h>
-
- namespace SecurityManager {
-
-diff --git a/src/common/include/privilege_db.h b/src/common/include/privilege_db.h
-index 4d73d90..03c6680 100644
---- a/src/common/include/privilege_db.h
-+++ b/src/common/include/privilege_db.h
-@@ -34,14 +34,13 @@
- #include <string>
-
- #include <dpl/db/sql_connection.h>
--#include <tzplatform_config.h>
-
- #ifndef PRIVILEGE_DB_H_
- #define PRIVILEGE_DB_H_
-
- namespace SecurityManager {
-
--const char *const PRIVILEGE_DB_PATH = tzplatform_mkpath(TZ_SYS_DB, ".security-manager.db");
-+const char *const PRIVILEGE_DB_PATH = "/var/db/security-manager/.security-manager.db";
-
- enum class QueryType {
- EGetPkgPrivileges,
-diff --git a/src/common/service_impl.cpp b/src/common/service_impl.cpp
-index ae305d3..65cc8b5 100644
---- a/src/common/service_impl.cpp
-+++ b/src/common/service_impl.cpp
-@@ -32,7 +32,6 @@
- #include <algorithm>
-
- #include <dpl/log/log.h>
--#include <tzplatform_config.h>
-
- #include "protocols.h"
- #include "privilege_db.h"
-@@ -131,7 +130,13 @@ static inline int validatePolicy(policy_entry &policyEntry, std::string uidStr,
-
- static uid_t getGlobalUserId(void)
- {
-- static uid_t globaluid = tzplatform_getuid(TZ_SYS_GLOBALAPP_USER);
-+ static uid_t globaluid = 0;
-+ if (!globaluid) {
-+ struct passwd pw, *p;
-+ char buf[4096];
-+ int rc = getpwnam_r("userapp", &pw, buf, sizeof buf, &p);
-+ globaluid = (rc || p == NULL) ? 555 : p->pw_uid;
-+ }
- return globaluid;
- }
-
-@@ -161,37 +166,17 @@ static inline bool isSubDir(const char *parent, const char *subdir)
-
- static bool getUserAppDir(const uid_t &uid, std::string &userAppDir)
- {
-- struct tzplatform_context *tz_ctx = nullptr;
--
-- if (tzplatform_context_create(&tz_ctx))
-- return false;
--
-- if (tzplatform_context_set_user(tz_ctx, uid)) {
-- tzplatform_context_destroy(tz_ctx);
-- tz_ctx = nullptr;
-+ struct passwd pw, *p;
-+ char buf[4096];
-+ int rc = getpwuid_r(uid, &pw, buf, sizeof buf, &p);
-+ if (rc || p == NULL)
- return false;
-- }
--
-- enum tzplatform_variable id =
-- (uid == getGlobalUserId()) ? TZ_SYS_RW_APP : TZ_USER_APP;
-- const char *appDir = tzplatform_context_getenv(tz_ctx, id);
-- if (!appDir) {
-- tzplatform_context_destroy(tz_ctx);
-- tz_ctx = nullptr;
-- return false;
-- }
--
-- userAppDir = appDir;
--
-- tzplatform_context_destroy(tz_ctx);
-- tz_ctx = nullptr;
--
-+ userAppDir = p->pw_dir;
- return true;
- }
-
- static inline bool installRequestAuthCheck(const app_inst_req &req, uid_t uid, bool &isCorrectPath, std::string &appPath)
- {
-- std::string userHome;
- std::string userAppDir;
- std::stringstream correctPath;
-
-diff --git a/src/common/smack-rules.cpp b/src/common/smack-rules.cpp
-index d834e42..8b5728b 100644
---- a/src/common/smack-rules.cpp
-+++ b/src/common/smack-rules.cpp
-@@ -34,7 +34,6 @@
- #include <memory>
-
- #include <dpl/log/log.h>
--#include <tzplatform_config.h>
-
- #include "smack-labels.h"
- #include "smack-rules.h"
-@@ -43,7 +42,7 @@ namespace SecurityManager {
-
- const char *const SMACK_APP_LABEL_TEMPLATE = "~APP~";
- const char *const SMACK_PKG_LABEL_TEMPLATE = "~PKG~";
--const char *const APP_RULES_TEMPLATE_FILE_PATH = tzplatform_mkpath4(TZ_SYS_SHARE, "security-manager", "policy", "app-rules-template.smack");
-+const char *const APP_RULES_TEMPLATE_FILE_PATH = "/usr/share/security-manager/policy/app-rules-template.smack";
- const char *const SMACK_APP_IN_PACKAGE_PERMS = "rwxat";
-
- SmackRules::SmackRules()
-@@ -237,14 +236,12 @@ void SmackRules::generatePackageCrossDeps(const std::vector<std::string> &pkgCon
-
- std::string SmackRules::getPackageRulesFilePath(const std::string &pkgId)
- {
-- std::string path(tzplatform_mkpath3(TZ_SYS_SMACK, "accesses.d", ("pkg_" + pkgId).c_str()));
-- return path;
-+ return "/etc/smack/accesses.d/pkg_" + pkgId;
- }
-
- std::string SmackRules::getApplicationRulesFilePath(const std::string &appId)
- {
-- std::string path(tzplatform_mkpath3(TZ_SYS_SMACK, "accesses.d", ("app_" + appId).c_str()));
-- return path;
-+ return "/etc/smack/accesses.d/app_" + appId;
- }
- void SmackRules::installApplicationPrivilegesRules(const std::string &appId, const std::string &pkgId,
- const std::vector<std::string> &pkgContents, const std::vector<std::string> &privileges)
-@@ -256,8 +253,7 @@ void SmackRules::installApplicationPrivilegesRules(const std::string &appId, con
- for (auto privilege : privileges) {
- if (privilege.empty())
- continue;
-- std::string fprivilege ( privilege + "-template.smack");
-- std::string path(tzplatform_mkpath4(TZ_SYS_SHARE, "security-manager", "policy", fprivilege.c_str()));
-+ std::string path = "/usr/share/security-manager/policy/" + privilege + "-template.smack";
- if( stat(path.c_str(), &buffer) == 0)
- smackRules.addFromTemplateFile(appId, pkgId, path);
- }
---
-2.1.4
-
diff --git a/meta-app-framework/recipes-core/security-manager/security-manager/init-security-manager-db.service b/meta-app-framework/recipes-core/security-manager/security-manager/init-security-manager-db.service
deleted file mode 100644
index 8ed5e86..0000000
--- a/meta-app-framework/recipes-core/security-manager/security-manager/init-security-manager-db.service
+++ /dev/null
@@ -1,15 +0,0 @@
-#
-# Install security-manager DB to /var
-
-[Unit]
-Description=Install Security Manager database
-After=sysinit.target
-Before=security-manager.service
-
-[Install]
-WantedBy=default.target
-
-[Service]
-Type=oneshot
-User=root
-ExecStart=/usr/bin/init-security-manager-db.sh
diff --git a/meta-app-framework/recipes-core/security-manager/security-manager/init-security-manager-db.sh b/meta-app-framework/recipes-core/security-manager/security-manager/init-security-manager-db.sh
deleted file mode 100644
index ef41286..0000000
--- a/meta-app-framework/recipes-core/security-manager/security-manager/init-security-manager-db.sh
+++ /dev/null
@@ -1,6 +0,0 @@
-#!/bin/sh
-
-if [ ! -e "/var/db/security-manager" ]; then
- mkdir -p /var/db
- cp -ra /usr/dbspace/ /var/db/security-manager
-fi
diff --git a/meta-app-framework/recipes-core/security-manager/security-manager_%.bbappend b/meta-app-framework/recipes-core/security-manager/security-manager_%.bbappend
deleted file mode 100644
index 23ceb29..0000000
--- a/meta-app-framework/recipes-core/security-manager/security-manager_%.bbappend
+++ /dev/null
@@ -1,22 +0,0 @@
-FILESEXTRAPATHS_prepend := "${THISDIR}/security-manager:"
-
-SRC_URI += " file://0001-Adapt-rules-to-AGL.patch \
- file://init-security-manager-db.service \
- file://init-security-manager-db.sh \
- file://0001-Fix-gcc6-build.patch \
- file://0001-Fix-Cmake-conf-for-gcc6-build.patch \
-"
-
-FILES_${PN}_append = "${bindir}/init-security-manager-db.sh \
- ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '${systemd_unitdir}/system/init-security-manager-db.service', '', d)} \
-"
-
-do_install_append () {
- install -p -D ${WORKDIR}/init-security-manager-db.sh ${D}${bindir}/init-security-manager-db.sh
- if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then
- mkdir -p ${D}${systemd_unitdir}/system
- mkdir -p ${D}${sysconfdir}/systemd/system/default.target.wants
- install -m 644 -p -D ${WORKDIR}/init-security-manager-db.service ${D}${systemd_unitdir}/system/init-security-manager-db.service
- ln -sf ${systemd_unitdir}/system/init-security-manager-db.service ${D}${sysconfdir}/systemd/system/default.target.wants
- fi
-}
diff --git a/meta-app-framework/recipes-core/web-runtime/web-runtime/web-runtime b/meta-app-framework/recipes-core/web-runtime/web-runtime/web-runtime
deleted file mode 100755
index ca712e1..0000000
--- a/meta-app-framework/recipes-core/web-runtime/web-runtime/web-runtime
+++ /dev/null
@@ -1,2 +0,0 @@
-#!/bin/sh
-exec /usr/bin/qt5/qmlscene "$1" /usr/bin/web-runtime-webkit.qml
diff --git a/meta-app-framework/recipes-core/web-runtime/web-runtime/web-runtime-webkit.qml b/meta-app-framework/recipes-core/web-runtime/web-runtime/web-runtime-webkit.qml
deleted file mode 100644
index d18b672..0000000
--- a/meta-app-framework/recipes-core/web-runtime/web-runtime/web-runtime-webkit.qml
+++ /dev/null
@@ -1,13 +0,0 @@
-import QtQuick 2.1
-import QtQuick.Controls 1.1
-import QtWebKit 3.0
-
-ApplicationWindow {
- width: 1024
- height: 768
- visible: true
- WebView {
- url: Qt.application.arguments[1]
- anchors.fill: parent
- }
-}
diff --git a/meta-app-framework/recipes-core/web-runtime/web-runtime/web-runtime.qml b/meta-app-framework/recipes-core/web-runtime/web-runtime/web-runtime.qml
deleted file mode 100644
index afe8a77..0000000
--- a/meta-app-framework/recipes-core/web-runtime/web-runtime/web-runtime.qml
+++ /dev/null
@@ -1,13 +0,0 @@
-import QtQuick 2.1
-import QtQuick.Controls 1.1
-import QtWebEngine 1.1
-
-ApplicationWindow {
- width: 1024
- height: 768
- visible: true
- WebEngineView {
- url: Qt.application.arguments[1]
- anchors.fill: parent
- }
-}
diff --git a/meta-app-framework/recipes-core/web-runtime/web-runtime_0.1.bb b/meta-app-framework/recipes-core/web-runtime/web-runtime_0.1.bb
deleted file mode 100644
index fa14987..0000000
--- a/meta-app-framework/recipes-core/web-runtime/web-runtime_0.1.bb
+++ /dev/null
@@ -1,34 +0,0 @@
-inherit allarch
-
-SUMMARY = "Provides the 'web-runtime' command"
-DESCRIPTION = "The command 'web-runtime' is an abstraction that allows to "
-
-LICENSE = "MIT"
-LIC_FILES_CHKSUM = "file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420"
-
-SRC_URI = "\
- file://web-runtime;md5sum=6114c0bdd20290912a423fa01beb50f0 \
- file://web-runtime.qml;md5sum=5d6a379e9b7e5654319e5ba638824a58 \
- file://web-runtime-webkit.qml;md5sum=4daf9df39078634c27a7923d37e82e3d \
-"
-
-RDEPENDS_${PN} = "qtwebkit-qmlplugins"
-
-do_configure() {
- :
-}
-
-do_install() {
- install -d ${D}${bindir}
- install -m 0755 ${WORKDIR}/web-runtime ${D}${bindir}/web-runtime
- install -m 0644 ${WORKDIR}/web-runtime.qml ${D}${bindir}/web-runtime.qml
- install -m 0644 ${WORKDIR}/web-runtime-webkit.qml ${D}${bindir}/web-runtime-webkit.qml
-}
-
-do_install_append_rcar-gen2() {
- # workaround for porter board: force the use of libEGL provided by mesa at runtime
- # otherwise, the proprietary libEGL is used and a problem then occurs due to a missing EGL function
- sed -i 's|^\(exec /usr/bin/qt5/qmlscene\)|LD_PRELOAD=/usr/lib/libEGL.so \1|g' ${D}${bindir}/web-runtime
-}
-
-
diff --git a/meta-app-framework/recipes-devtools/run-agl-postinsts/run-agl-postinsts_1.0.bbappend b/meta-app-framework/recipes-devtools/run-agl-postinsts/run-agl-postinsts_1.0.bbappend
deleted file mode 100644
index 590ab70..0000000
--- a/meta-app-framework/recipes-devtools/run-agl-postinsts/run-agl-postinsts_1.0.bbappend
+++ /dev/null
@@ -1 +0,0 @@
-SYSTEMD_SERVICE_AFTER_append = " afm-system-daemon.service"
diff --git a/meta-app-framework/recipes-example/afb-client/afb-client_1.0.bb b/meta-app-framework/recipes-example/afb-client/afb-client_1.0.bb
deleted file mode 100644
index 21605d2..0000000
--- a/meta-app-framework/recipes-example/afb-client/afb-client_1.0.bb
+++ /dev/null
@@ -1,29 +0,0 @@
-SUMMARY = "HTML5 demo template for AFB"
-DESCRIPTION = "afb-client is a sample AngularJS/HTML5 application using \
-Application Framework Binder with token binding."
-HOMEPAGE = "http://www.iot.bzh"
-
-LICENSE = "GPLv3+"
-LIC_FILES_CHKSUM = "file://LICENSE;md5=6cb04bdb88e11107e3af4d8e3f301be5"
-
-#DEPENDS = "nodejs-native"
-RDEPENDS_${PN} = "af-binder af-binder-binding-authlogin"
-
-SRC_URI_git = "git://gerrit.automotivelinux.org/gerrit/src/app-framework-demo;protocol=https;branch=master"
-SRC_URI_files = "file://afb-client \
- "
-SRC_URI = "${SRC_URI_git} \
- ${SRC_URI_files} \
- "
-SRCREV = "9e9b459fa27d7a359a060024c9639b99b45813d5"
-S = "${WORKDIR}/git/afb-client"
-
-do_install () {
- mkdir -p ${D}/${datadir}/agl/afb-client
- cp -ra ${S}/dist.prod/* ${D}/${datadir}/agl/afb-client/
-
- mkdir -p ${D}/${bindir}
- install -m 0755 ${WORKDIR}/afb-client ${D}/${bindir}/afb-client
-}
-
-FILES_${PN} += "${datadir}"
diff --git a/meta-app-framework/recipes-example/afb-client/files/afb-client b/meta-app-framework/recipes-example/afb-client/files/afb-client
deleted file mode 100644
index 99e6aa9..0000000
--- a/meta-app-framework/recipes-example/afb-client/files/afb-client
+++ /dev/null
@@ -1,7 +0,0 @@
-#!/bin/sh
-
-if [ -z "${XDG_RUNTIME_DIR+1}" ]; then
- export XDG_RUNTIME_DIR=/run/user/$UID
-fi
-LD_PRELOAD=/usr/lib/libEGL.so /usr/bin/qt5/qmlscene http://localhost:1234/opa /usr/share/agl/afb-viewer.qml
-
diff --git a/meta-app-framework/recipes-example/afm-client/afm-client_1.0.bb b/meta-app-framework/recipes-example/afm-client/afm-client_1.0.bb
deleted file mode 100644
index 4cd80db..0000000
--- a/meta-app-framework/recipes-example/afm-client/afm-client_1.0.bb
+++ /dev/null
@@ -1,40 +0,0 @@
-SUMMARY = "Sample client for AFM to install/start/stop/remove applications"
-DESCRIPTION = "afm-client is a sample AngularJS/HTML5 application using \
-Application Framework Manager to install, start, stop, or remove \
-applications provided as .wgt widget packages."
-HOMEPAGE = "http://www.iot.bzh"
-
-inherit systemd
-
-LICENSE = "GPLv3+"
-LIC_FILES_CHKSUM = "file://LICENSE;md5=6cb04bdb88e11107e3af4d8e3f301be5"
-
-#DEPENDS = "nodejs-native"
-RDEPENDS_${PN} = "af-main af-binder af-main-binding af-binder-binding-demopost af-binder-binding-authlogin"
-
-SRC_URI_git = "git://gerrit.automotivelinux.org/gerrit/src/app-framework-demo;protocol=https;branch=master"
-SRC_URI_files = "file://afm-client \
- file://afm-client.service \
- "
-SRC_URI = "${SRC_URI_git} \
- ${SRC_URI_files} \
- "
-SRCREV = "9e9b459fa27d7a359a060024c9639b99b45813d5"
-S = "${WORKDIR}/git/afm-client"
-
-do_install () {
- mkdir -p ${D}/${datadir}/agl/afm-client
- cp -ra ${S}/dist.prod/* ${D}/${datadir}/agl/afm-client/
-
- mkdir -p ${D}/${bindir}
- install -m 0755 ${WORKDIR}/afm-client ${D}/${bindir}/afm-client
-
- if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then
- install -d ${D}${systemd_user_unitdir}
- install -d ${D}${sysconfdir}/systemd/user/default.target.wants
- install -m 0644 ${WORKDIR}/afm-client.service ${D}/${systemd_user_unitdir}/afm-client.service
- ln -sf ${systemd_user_unitdir}/afm-client.service ${D}${sysconfdir}/systemd/user/default.target.wants
- fi
-}
-
-FILES_${PN} += "${datadir} ${systemd_user_unitdir}"
diff --git a/meta-app-framework/recipes-example/afm-client/files/afm-client b/meta-app-framework/recipes-example/afm-client/files/afm-client
deleted file mode 100644
index ba868e9..0000000
--- a/meta-app-framework/recipes-example/afm-client/files/afm-client
+++ /dev/null
@@ -1,7 +0,0 @@
-#!/bin/sh
-
-if [ -z "${XDG_RUNTIME_DIR+1}" ]; then
- export XDG_RUNTIME_DIR=/run/user/$UID
-fi
-LD_PRELOAD=/usr/lib/libEGL.so /usr/bin/web-runtime http://localhost:1236/opa
-
diff --git a/meta-app-framework/recipes-example/afm-client/files/afm-client.service b/meta-app-framework/recipes-example/afm-client/files/afm-client.service
deleted file mode 100644
index 7357174..0000000
--- a/meta-app-framework/recipes-example/afm-client/files/afm-client.service
+++ /dev/null
@@ -1,11 +0,0 @@
-[Unit]
-Description=Simplest application manager
-
-[Service]
-ExecStart=/usr/bin/afb-daemon --mode=remote --port=1234 --token='' --sessiondir=/home/root/.afb-daemon --rootdir=/usr/share/agl/afm-client --alias=/icons:/var/lib/afm/icons
-Restart=on-failure
-RestartSec=5
-
-[Install]
-WantedBy=default.target
-
diff --git a/meta-app-framework/recipes-extended/shadow/files/0001-useradd-copy-extended-attributes-of-home-native.patch b/meta-app-framework/recipes-extended/shadow/files/0001-useradd-copy-extended-attributes-of-home-native.patch
deleted file mode 100644
index ff420d8..0000000
--- a/meta-app-framework/recipes-extended/shadow/files/0001-useradd-copy-extended-attributes-of-home-native.patch
+++ /dev/null
@@ -1,45 +0,0 @@
-From 008637fc8bd7f601eb6554d572bba025613913b7 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Jos=C3=A9=20Bollo?= <jose.bollo@iot.bzh>
-Date: Wed, 8 Mar 2017 14:10:10 +0100
-Subject: [PATCH] useradd: copy extended attributes of home (native)
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-The Home directory wasn't getting the extended attributes
-of /etc/skel. This patch fixes that issue and adds the copy
-of the extended attributes of the root of the home directory.
-
-Change-Id: Ib6836e1b18c4c7f73e02c1f1fc9558dc749ba9da
-Signed-off-by: José Bollo <jose.bollo@iot.bzh>
----
- src/useradd.c | 6 ++++++
- 1 file changed, 6 insertions(+)
-
-diff --git a/src/useradd.c b/src/useradd.c
-index 4c418af..8ba8af6 100644
---- a/src/useradd.c
-+++ b/src/useradd.c
-@@ -55,6 +55,9 @@
- #include <sys/stat.h>
- #include <sys/types.h>
- #include <time.h>
-+#ifdef WITH_ATTR
-+#include <attr/libattr.h>
-+#endif
- #include "chkname.h"
- #include "defines.h"
- #include "faillog.h"
-@@ -1950,6 +1953,9 @@ static void create_home (void)
- chown (user_home, user_id, user_gid);
- chmod (user_home,
- 0777 & ~getdef_num ("UMASK", GETDEF_DEFAULT_UMASK));
-+#ifdef WITH_ATTR
-+ attr_copy_file (def_template, user_home, NULL, NULL);
-+#endif
- home_added = true;
- #ifdef WITH_AUDIT
- audit_logger (AUDIT_ADD_USER, Prog,
---
-2.9.3
-
diff --git a/meta-app-framework/recipes-extended/shadow/files/0001-useradd-copy-extended-attributes-of-home.patch b/meta-app-framework/recipes-extended/shadow/files/0001-useradd-copy-extended-attributes-of-home.patch
deleted file mode 100644
index f231c3c..0000000
--- a/meta-app-framework/recipes-extended/shadow/files/0001-useradd-copy-extended-attributes-of-home.patch
+++ /dev/null
@@ -1,45 +0,0 @@
-From acec93540eba6899661c607408498ac72ab07a47 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Jos=C3=A9=20Bollo?= <jose.bollo@iot.bzh>
-Date: Tue, 7 Mar 2017 16:03:03 +0100
-Subject: [PATCH] useradd: copy extended attributes of home
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-The Home directory wasn't getting the extended attributes
-of /etc/skel. This patch fixes that issue and adds the copy
-of the extended attributes of the root of the home directory.
-
-Change-Id: Icd633f7c6c494efd2a30cb8f04c306f749ad0c3b
-Signed-off-by: José Bollo <jose.bollo@iot.bzh>
----
- src/useradd.c | 6 ++++++
- 1 file changed, 6 insertions(+)
-
-diff --git a/src/useradd.c b/src/useradd.c
-index a8a1f76..8aefb9c 100644
---- a/src/useradd.c
-+++ b/src/useradd.c
-@@ -52,6 +52,9 @@
- #include <sys/stat.h>
- #include <sys/types.h>
- #include <time.h>
-+#ifdef WITH_ATTR
-+#include <attr/libattr.h>
-+#endif
- #include "chkname.h"
- #include "defines.h"
- #include "faillog.h"
-@@ -1915,6 +1918,9 @@ static void create_home (void)
- chown (user_home, user_id, user_gid);
- chmod (user_home,
- 0777 & ~getdef_num ("UMASK", GETDEF_DEFAULT_UMASK));
-+#ifdef WITH_ATTR
-+ attr_copy_file (def_template, user_home, NULL, NULL);
-+#endif
- home_added = true;
- #ifdef WITH_AUDIT
- audit_logger (AUDIT_ADD_USER, Prog,
---
-2.9.3
-
diff --git a/meta-app-framework/recipes-extended/shadow/shadow_%.bbappend b/meta-app-framework/recipes-extended/shadow/shadow_%.bbappend
deleted file mode 100644
index f084355..0000000
--- a/meta-app-framework/recipes-extended/shadow/shadow_%.bbappend
+++ /dev/null
@@ -1,4 +0,0 @@
-FILESEXTRAPATHS_prepend := "${THISDIR}/files:"
-
-SRC_URI_append_class-target = " file://0001-useradd-copy-extended-attributes-of-home.patch "
-SRC_URI_append_class-native = " file://0001-useradd-copy-extended-attributes-of-home-native.patch "
diff --git a/meta-app-framework/recipes-kernel/linux/linux-%.bbappend b/meta-app-framework/recipes-kernel/linux/linux-%.bbappend
deleted file mode 100644
index 02595ef..0000000
--- a/meta-app-framework/recipes-kernel/linux/linux-%.bbappend
+++ /dev/null
@@ -1,3 +0,0 @@
-FILESEXTRAPATHS_prepend := "${THISDIR}/linux:"
-SRC_URI_append_smack = " file://audit.cfg"
-
diff --git a/meta-app-framework/recipes-kernel/linux/linux-yocto_4.1.bbappend b/meta-app-framework/recipes-kernel/linux/linux-yocto_4.1.bbappend
deleted file mode 100644
index c1c6572..0000000
--- a/meta-app-framework/recipes-kernel/linux/linux-yocto_4.1.bbappend
+++ /dev/null
@@ -1,12 +0,0 @@
-FILESEXTRAPATHS_prepend := "${THISDIR}/linux/linux-yocto-4.1:"
-
-#-------------------------------------------------------------------------
-# smack patches for handling bluetooth
-
-SRC_URI_append_smack = "\
- file://0001-Smack-File-receive-for-sockets.patch \
- file://0002-smack-fix-cache-of-access-labels.patch \
- file://0003-Smack-ignore-null-signal-in-smack_task_kill.patch \
- file://0004-Smack-Assign-smack_known_web-label-for-kernel-thread.patch \
-"
-
diff --git a/meta-app-framework/recipes-kernel/linux/linux-yocto_4.4.bbappend b/meta-app-framework/recipes-kernel/linux/linux-yocto_4.4.bbappend
deleted file mode 100644
index 51df087..0000000
--- a/meta-app-framework/recipes-kernel/linux/linux-yocto_4.4.bbappend
+++ /dev/null
@@ -1,11 +0,0 @@
-FILESEXTRAPATHS_prepend := "${THISDIR}/linux/linux-yocto-4.4:"
-
-#-------------------------------------------------------------------------
-# smack patches for handling bluetooth
-
-SRC_URI_append_smack = "\
- file://0002-smack-fix-cache-of-access-labels.patch \
- file://0003-Smack-ignore-null-signal-in-smack_task_kill.patch \
- file://0004-Smack-Assign-smack_known_web-label-for-kernel-thread.patch \
-"
-
diff --git a/meta-app-framework/recipes-kernel/linux/linux/audit.cfg b/meta-app-framework/recipes-kernel/linux/linux/audit.cfg
deleted file mode 100644
index 214dbe3..0000000
--- a/meta-app-framework/recipes-kernel/linux/linux/audit.cfg
+++ /dev/null
@@ -1,2 +0,0 @@
-CONFIG_AUDIT=y
-CONFIG_AUDITSYSCALL=y
diff --git a/meta-app-framework/recipes-kernel/linux/linux/linux-yocto-4.1/0001-Smack-File-receive-for-sockets.patch b/meta-app-framework/recipes-kernel/linux/linux/linux-yocto-4.1/0001-Smack-File-receive-for-sockets.patch
deleted file mode 100644
index b0c5ee8..0000000
--- a/meta-app-framework/recipes-kernel/linux/linux/linux-yocto-4.1/0001-Smack-File-receive-for-sockets.patch
+++ /dev/null
@@ -1,62 +0,0 @@
-From 2e65b888820ea372984d412cee3bd7dcba05d7d2 Mon Sep 17 00:00:00 2001
-From: Casey Schaufler <casey@schaufler-ca.com>
-Date: Mon, 7 Dec 2015 14:34:32 -0800
-Subject: [PATCH 1/4] Smack: File receive for sockets
-
-The existing file receive hook checks for access on
-the file inode even for UDS. This is not right, as
-the inode is not used by Smack to make access checks
-for sockets. This change checks for an appropriate
-access relationship between the receiving (current)
-process and the socket. If the process can't write
-to the socket's send label or the socket's receive
-label can't write to the process fail.
-
-This will allow the legitimate cases, where the
-socket sender and socket receiver can freely communicate.
-Only strangly set socket labels should cause a problem.
-
-Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
----
- security/smack/smack_lsm.c | 22 ++++++++++++++++++++++
- 1 file changed, 22 insertions(+)
-
-diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
-index b644757..487b2f3 100644
---- a/security/smack/smack_lsm.c
-+++ b/security/smack/smack_lsm.c
-@@ -1672,9 +1672,31 @@ static int smack_file_receive(struct file *file)
- int may = 0;
- struct smk_audit_info ad;
- struct inode *inode = file_inode(file);
-+ struct socket *sock;
-+ struct task_smack *tsp;
-+ struct socket_smack *ssp;
-
- smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_PATH);
- smk_ad_setfield_u_fs_path(&ad, file->f_path);
-+
-+ if (S_ISSOCK(inode->i_mode)) {
-+ sock = SOCKET_I(inode);
-+ ssp = sock->sk->sk_security;
-+ tsp = current_security();
-+ /*
-+ * If the receiving process can't write to the
-+ * passed socket or if the passed socket can't
-+ * write to the receiving process don't accept
-+ * the passed socket.
-+ */
-+ rc = smk_access(tsp->smk_task, ssp->smk_out, MAY_WRITE, &ad);
-+ rc = smk_bu_file(file, may, rc);
-+ if (rc < 0)
-+ return rc;
-+ rc = smk_access(ssp->smk_in, tsp->smk_task, MAY_WRITE, &ad);
-+ rc = smk_bu_file(file, may, rc);
-+ return rc;
-+ }
- /*
- * This code relies on bitmasks.
- */
---
-2.7.4
-
diff --git a/meta-app-framework/recipes-kernel/linux/linux/linux-yocto-4.1/0002-smack-fix-cache-of-access-labels.patch b/meta-app-framework/recipes-kernel/linux/linux/linux-yocto-4.1/0002-smack-fix-cache-of-access-labels.patch
deleted file mode 100644
index 51c3b31..0000000
--- a/meta-app-framework/recipes-kernel/linux/linux/linux-yocto-4.1/0002-smack-fix-cache-of-access-labels.patch
+++ /dev/null
@@ -1,43 +0,0 @@
-From 5bcea0fc4e5360deca133e211fdc76717a1693a4 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Jos=C3=A9=20Bollo?= <jobol@nonadev.net>
-Date: Tue, 12 Jan 2016 21:23:40 +0100
-Subject: [PATCH 2/4] smack: fix cache of access labels
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Before this commit, removing the access property of
-a file, aka, the extended attribute security.SMACK64
-was not effictive until the cache had been cleaned.
-
-This patch fixes that problem.
-
-Signed-off-by: José Bollo <jobol@nonadev.net>
-Acked-by: Casey Schaufler <casey@schaufler-ca.com>
----
- security/smack/smack_lsm.c | 8 ++++++--
- 1 file changed, 6 insertions(+), 2 deletions(-)
-
-diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
-index 487b2f3..b9393e3 100644
---- a/security/smack/smack_lsm.c
-+++ b/security/smack/smack_lsm.c
-@@ -1256,9 +1256,13 @@ static int smack_inode_removexattr(struct dentry *dentry, const char *name)
- * Don't do anything special for these.
- * XATTR_NAME_SMACKIPIN
- * XATTR_NAME_SMACKIPOUT
-- * XATTR_NAME_SMACKEXEC
- */
-- if (strcmp(name, XATTR_NAME_SMACK) == 0)
-+ if (strcmp(name, XATTR_NAME_SMACK) == 0) {
-+ struct super_block *sbp = d_backing_inode(dentry)->i_sb;
-+ struct superblock_smack *sbsp = sbp->s_security;
-+
-+ isp->smk_inode = sbsp->smk_default;
-+ } else if (strcmp(name, XATTR_NAME_SMACKEXEC) == 0)
- isp->smk_task = NULL;
- else if (strcmp(name, XATTR_NAME_SMACKMMAP) == 0)
- isp->smk_mmap = NULL;
---
-2.7.4
-
diff --git a/meta-app-framework/recipes-kernel/linux/linux/linux-yocto-4.1/0003-Smack-ignore-null-signal-in-smack_task_kill.patch b/meta-app-framework/recipes-kernel/linux/linux/linux-yocto-4.1/0003-Smack-ignore-null-signal-in-smack_task_kill.patch
deleted file mode 100644
index 67761ae..0000000
--- a/meta-app-framework/recipes-kernel/linux/linux/linux-yocto-4.1/0003-Smack-ignore-null-signal-in-smack_task_kill.patch
+++ /dev/null
@@ -1,39 +0,0 @@
-From aa63c4f8ece0c54a9be735ac38667f11fcd6f44a Mon Sep 17 00:00:00 2001
-From: Rafal Krypa <r.krypa@samsung.com>
-Date: Mon, 4 Apr 2016 11:14:53 +0200
-Subject: [PATCH 3/4] Smack: ignore null signal in smack_task_kill
-
-Kill with signal number 0 is commonly used for checking PID existence.
-Smack treated such cases like any other kills, although no signal is
-actually delivered when sig == 0.
-
-Checking permissions when sig == 0 didn't prevent an unprivileged caller
-from learning whether PID exists or not. When it existed, kernel returned
-EPERM, when it didn't - ESRCH. The only effect of policy check in such
-case is noise in audit logs.
-
-This change lets Smack silently ignore kill() invocations with sig == 0.
-
-Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
-Acked-by: Casey Schaufler <casey@schaufler-ca.com>
----
- security/smack/smack_lsm.c | 3 +++
- 1 file changed, 3 insertions(+)
-
-diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
-index b9393e3..c916f58 100644
---- a/security/smack/smack_lsm.c
-+++ b/security/smack/smack_lsm.c
-@@ -2056,6 +2056,9 @@ static int smack_task_kill(struct task_struct *p, struct siginfo *info,
- struct smack_known *tkp = smk_of_task_struct(p);
- int rc;
-
-+ if (!sig)
-+ return 0; /* null signal; existence test */
-+
- smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_TASK);
- smk_ad_setfield_u_tsk(&ad, p);
- /*
---
-2.7.4
-
diff --git a/meta-app-framework/recipes-kernel/linux/linux/linux-yocto-4.1/0004-Smack-Assign-smack_known_web-label-for-kernel-thread.patch b/meta-app-framework/recipes-kernel/linux/linux/linux-yocto-4.1/0004-Smack-Assign-smack_known_web-label-for-kernel-thread.patch
deleted file mode 100644
index 4281c20..0000000
--- a/meta-app-framework/recipes-kernel/linux/linux/linux-yocto-4.1/0004-Smack-Assign-smack_known_web-label-for-kernel-thread.patch
+++ /dev/null
@@ -1,49 +0,0 @@
-From b2b9e7ec8e79ede841104f76464f4b77c057b011 Mon Sep 17 00:00:00 2001
-From: jooseong lee <jooseong.lee@samsung.com>
-Date: Thu, 3 Nov 2016 10:55:43 +0100
-Subject: [PATCH 4/4] Smack: Assign smack_known_web label for kernel thread's
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Assign smack_known_web label for kernel thread's socket in the sk_alloc_security hook
-
-Creating struct sock by sk_alloc function in various kernel subsystems
-like bluetooth dosen't call smack_socket_post_create(). In such case,
-received sock label is the floor('_') label and makes access deny.
-
-Refers-to: https://review.tizen.org/gerrit/#/c/80717/4
-
-Change-Id: I2e5c9359bfede84a988fd4d4d74cdb9dfdfc52d8
-Signed-off-by: jooseong lee <jooseong.lee@samsung.com>
-Signed-off-by: José Bollo <jose.bollo@iot.bzh>
----
- security/smack/smack_lsm.c | 12 ++++++++++--
- 1 file changed, 10 insertions(+), 2 deletions(-)
-
-diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
-index c916f58..cc6769b 100644
---- a/security/smack/smack_lsm.c
-+++ b/security/smack/smack_lsm.c
-@@ -2138,8 +2138,16 @@ static int smack_sk_alloc_security(struct sock *sk, int family, gfp_t gfp_flags)
- if (ssp == NULL)
- return -ENOMEM;
-
-- ssp->smk_in = skp;
-- ssp->smk_out = skp;
-+ /*
-+ * Sockets created by kernel threads receive web label.
-+ */
-+ if (unlikely(current->flags & PF_KTHREAD)) {
-+ ssp->smk_in = &smack_known_web;
-+ ssp->smk_out = &smack_known_web;
-+ } else {
-+ ssp->smk_in = skp;
-+ ssp->smk_out = skp;
-+ }
- ssp->smk_packet = NULL;
-
- sk->sk_security = ssp;
---
-2.7.4
-
diff --git a/meta-app-framework/recipes-kernel/linux/linux/linux-yocto-4.4/0001-Smack-File-receive-for-sockets.patch b/meta-app-framework/recipes-kernel/linux/linux/linux-yocto-4.4/0001-Smack-File-receive-for-sockets.patch
deleted file mode 100644
index 4021e5d..0000000
--- a/meta-app-framework/recipes-kernel/linux/linux/linux-yocto-4.4/0001-Smack-File-receive-for-sockets.patch
+++ /dev/null
@@ -1,65 +0,0 @@
-From 2b206c36b16e72cfe41cd22448d8527359ffd962 Mon Sep 17 00:00:00 2001
-From: Casey Schaufler <casey@schaufler-ca.com>
-Date: Mon, 7 Dec 2015 14:34:32 -0800
-Subject: [PATCH 1/4] Smack: File receive for sockets
-
-The existing file receive hook checks for access on
-the file inode even for UDS. This is not right, as
-the inode is not used by Smack to make access checks
-for sockets. This change checks for an appropriate
-access relationship between the receiving (current)
-process and the socket. If the process can't write
-to the socket's send label or the socket's receive
-label can't write to the process fail.
-
-This will allow the legitimate cases, where the
-socket sender and socket receiver can freely communicate.
-Only strangly set socket labels should cause a problem.
-
-Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
----
- security/smack/smack_lsm.c | 22 ++++++++++++++++++++++
- 1 file changed, 22 insertions(+)
-
-diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
-index ff81026..b20ef06 100644
---- a/security/smack/smack_lsm.c
-+++ b/security/smack/smack_lsm.c
-@@ -1860,12 +1860,34 @@ static int smack_file_receive(struct file *file)
- int may = 0;
- struct smk_audit_info ad;
- struct inode *inode = file_inode(file);
-+ struct socket *sock;
-+ struct task_smack *tsp;
-+ struct socket_smack *ssp;
-
- if (unlikely(IS_PRIVATE(inode)))
- return 0;
-
- smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_PATH);
- smk_ad_setfield_u_fs_path(&ad, file->f_path);
-+
-+ if (S_ISSOCK(inode->i_mode)) {
-+ sock = SOCKET_I(inode);
-+ ssp = sock->sk->sk_security;
-+ tsp = current_security();
-+ /*
-+ * If the receiving process can't write to the
-+ * passed socket or if the passed socket can't
-+ * write to the receiving process don't accept
-+ * the passed socket.
-+ */
-+ rc = smk_access(tsp->smk_task, ssp->smk_out, MAY_WRITE, &ad);
-+ rc = smk_bu_file(file, may, rc);
-+ if (rc < 0)
-+ return rc;
-+ rc = smk_access(ssp->smk_in, tsp->smk_task, MAY_WRITE, &ad);
-+ rc = smk_bu_file(file, may, rc);
-+ return rc;
-+ }
- /*
- * This code relies on bitmasks.
- */
---
-2.7.4
-
diff --git a/meta-app-framework/recipes-kernel/linux/linux/linux-yocto-4.4/0002-smack-fix-cache-of-access-labels.patch b/meta-app-framework/recipes-kernel/linux/linux/linux-yocto-4.4/0002-smack-fix-cache-of-access-labels.patch
deleted file mode 100644
index c516f3a..0000000
--- a/meta-app-framework/recipes-kernel/linux/linux/linux-yocto-4.4/0002-smack-fix-cache-of-access-labels.patch
+++ /dev/null
@@ -1,43 +0,0 @@
-From 99267706991ab84bd44ceaea9a7ec886bbdd58e0 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Jos=C3=A9=20Bollo?= <jobol@nonadev.net>
-Date: Tue, 12 Jan 2016 21:23:40 +0100
-Subject: [PATCH 2/4] smack: fix cache of access labels
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Before this commit, removing the access property of
-a file, aka, the extended attribute security.SMACK64
-was not effictive until the cache had been cleaned.
-
-This patch fixes that problem.
-
-Signed-off-by: José Bollo <jobol@nonadev.net>
-Acked-by: Casey Schaufler <casey@schaufler-ca.com>
----
- security/smack/smack_lsm.c | 8 ++++++--
- 1 file changed, 6 insertions(+), 2 deletions(-)
-
-diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
-index b20ef06..b2bcb14 100644
---- a/security/smack/smack_lsm.c
-+++ b/security/smack/smack_lsm.c
-@@ -1444,9 +1444,13 @@ static int smack_inode_removexattr(struct dentry *dentry, const char *name)
- * Don't do anything special for these.
- * XATTR_NAME_SMACKIPIN
- * XATTR_NAME_SMACKIPOUT
-- * XATTR_NAME_SMACKEXEC
- */
-- if (strcmp(name, XATTR_NAME_SMACK) == 0)
-+ if (strcmp(name, XATTR_NAME_SMACK) == 0) {
-+ struct super_block *sbp = d_backing_inode(dentry)->i_sb;
-+ struct superblock_smack *sbsp = sbp->s_security;
-+
-+ isp->smk_inode = sbsp->smk_default;
-+ } else if (strcmp(name, XATTR_NAME_SMACKEXEC) == 0)
- isp->smk_task = NULL;
- else if (strcmp(name, XATTR_NAME_SMACKMMAP) == 0)
- isp->smk_mmap = NULL;
---
-2.7.4
-
diff --git a/meta-app-framework/recipes-kernel/linux/linux/linux-yocto-4.4/0003-Smack-ignore-null-signal-in-smack_task_kill.patch b/meta-app-framework/recipes-kernel/linux/linux/linux-yocto-4.4/0003-Smack-ignore-null-signal-in-smack_task_kill.patch
deleted file mode 100644
index c9180bb..0000000
--- a/meta-app-framework/recipes-kernel/linux/linux/linux-yocto-4.4/0003-Smack-ignore-null-signal-in-smack_task_kill.patch
+++ /dev/null
@@ -1,39 +0,0 @@
-From ec4eb03af07b0fbc330aecca6ac4ebd6accd8825 Mon Sep 17 00:00:00 2001
-From: Rafal Krypa <r.krypa@samsung.com>
-Date: Mon, 4 Apr 2016 11:14:53 +0200
-Subject: [PATCH 3/4] Smack: ignore null signal in smack_task_kill
-
-Kill with signal number 0 is commonly used for checking PID existence.
-Smack treated such cases like any other kills, although no signal is
-actually delivered when sig == 0.
-
-Checking permissions when sig == 0 didn't prevent an unprivileged caller
-from learning whether PID exists or not. When it existed, kernel returned
-EPERM, when it didn't - ESRCH. The only effect of policy check in such
-case is noise in audit logs.
-
-This change lets Smack silently ignore kill() invocations with sig == 0.
-
-Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
-Acked-by: Casey Schaufler <casey@schaufler-ca.com>
----
- security/smack/smack_lsm.c | 3 +++
- 1 file changed, 3 insertions(+)
-
-diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
-index b2bcb14..cf8a93f 100644
---- a/security/smack/smack_lsm.c
-+++ b/security/smack/smack_lsm.c
-@@ -2239,6 +2239,9 @@ static int smack_task_kill(struct task_struct *p, struct siginfo *info,
- struct smack_known *tkp = smk_of_task_struct(p);
- int rc;
-
-+ if (!sig)
-+ return 0; /* null signal; existence test */
-+
- smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_TASK);
- smk_ad_setfield_u_tsk(&ad, p);
- /*
---
-2.7.4
-
diff --git a/meta-app-framework/recipes-kernel/linux/linux/linux-yocto-4.4/0004-Smack-Assign-smack_known_web-label-for-kernel-thread.patch b/meta-app-framework/recipes-kernel/linux/linux/linux-yocto-4.4/0004-Smack-Assign-smack_known_web-label-for-kernel-thread.patch
deleted file mode 100644
index a1eeac3..0000000
--- a/meta-app-framework/recipes-kernel/linux/linux/linux-yocto-4.4/0004-Smack-Assign-smack_known_web-label-for-kernel-thread.patch
+++ /dev/null
@@ -1,49 +0,0 @@
-From c8bbb0f916de54610513e376070aea531af19dd6 Mon Sep 17 00:00:00 2001
-From: jooseong lee <jooseong.lee@samsung.com>
-Date: Thu, 3 Nov 2016 10:55:43 +0100
-Subject: [PATCH 4/4] Smack: Assign smack_known_web label for kernel thread's
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Assign smack_known_web label for kernel thread's socket in the sk_alloc_security hook
-
-Creating struct sock by sk_alloc function in various kernel subsystems
-like bluetooth dosen't call smack_socket_post_create(). In such case,
-received sock label is the floor('_') label and makes access deny.
-
-Refers-to: https://review.tizen.org/gerrit/#/c/80717/4
-
-Change-Id: I2e5c9359bfede84a988fd4d4d74cdb9dfdfc52d8
-Signed-off-by: jooseong lee <jooseong.lee@samsung.com>
-Signed-off-by: José Bollo <jose.bollo@iot.bzh>
----
- security/smack/smack_lsm.c | 12 ++++++++++--
- 1 file changed, 10 insertions(+), 2 deletions(-)
-
-diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
-index cf8a93f..21651bc 100644
---- a/security/smack/smack_lsm.c
-+++ b/security/smack/smack_lsm.c
-@@ -2321,8 +2321,16 @@ static int smack_sk_alloc_security(struct sock *sk, int family, gfp_t gfp_flags)
- if (ssp == NULL)
- return -ENOMEM;
-
-- ssp->smk_in = skp;
-- ssp->smk_out = skp;
-+ /*
-+ * Sockets created by kernel threads receive web label.
-+ */
-+ if (unlikely(current->flags & PF_KTHREAD)) {
-+ ssp->smk_in = &smack_known_web;
-+ ssp->smk_out = &smack_known_web;
-+ } else {
-+ ssp->smk_in = skp;
-+ ssp->smk_out = skp;
-+ }
- ssp->smk_packet = NULL;
-
- sk->sk_security = ssp;
---
-2.7.4
-
diff --git a/meta-app-framework/recipes-support/libcap/libcap/removing-capability-enforcement.patch b/meta-app-framework/recipes-support/libcap/libcap/removing-capability-enforcement.patch
deleted file mode 100644
index fa359fa..0000000
--- a/meta-app-framework/recipes-support/libcap/libcap/removing-capability-enforcement.patch
+++ /dev/null
@@ -1,87 +0,0 @@
-From c34b2725817d4fd1fd6878bbb16617cb9e3e3a70 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Jos=C3=A9=20Bollo?= <jose.bollo@iot.bzh>
-Date: Fri, 22 Jan 2016 16:23:59 +0100
-Subject: [PATCH] removing capability enforcement
-
-Signed-off-by: ronan <ronan@iot.bzh>
-
-Change-Id: Idb724192ceab176a611bbed45c0ebc9c8eb5dd30
----
- progs/setcap.c | 45 +--------------------------------------------
- 1 file changed, 1 insertion(+), 44 deletions(-)
-
-diff --git a/progs/setcap.c b/progs/setcap.c
-index 7304343..71999b6 100644
---- a/progs/setcap.c
-+++ b/progs/setcap.c
-@@ -58,11 +58,9 @@ static int read_caps(int quiet, const char *filename, char *buffer)
-
- int main(int argc, char **argv)
- {
-- int tried_to_cap_setfcap = 0;
- char buffer[MAXCAP+1];
- int retval, quiet=0, verify=0;
- cap_t mycaps;
-- cap_value_t capflag;
-
- if (argc < 3) {
- usage();
-@@ -150,54 +148,13 @@ int main(int argc, char **argv)
- printf("%s: OK\n", *argv);
- }
- } else {
-- if (!tried_to_cap_setfcap) {
-- capflag = CAP_SETFCAP;
--
-- /*
-- * Raise the effective CAP_SETFCAP.
-- */
-- if (cap_set_flag(mycaps, CAP_EFFECTIVE, 1, &capflag, CAP_SET)
-- != 0) {
-- perror("unable to manipulate CAP_SETFCAP - "
-- "try a newer libcap?");
-- exit(1);
-- }
-- if (cap_set_proc(mycaps) != 0) {
-- perror("unable to set CAP_SETFCAP effective capability");
-- exit(1);
-- }
-- tried_to_cap_setfcap = 1;
-- }
- retval = cap_set_file(*++argv, cap_d);
- if (retval != 0) {
-- int explained = 0;
- int oerrno = errno;
--#ifdef linux
-- cap_value_t cap;
-- cap_flag_value_t per_state;
--
-- for (cap = 0;
-- cap_get_flag(cap_d, cap, CAP_PERMITTED, &per_state) != -1;
-- cap++) {
-- cap_flag_value_t inh_state, eff_state;
--
-- cap_get_flag(cap_d, cap, CAP_INHERITABLE, &inh_state);
-- cap_get_flag(cap_d, cap, CAP_EFFECTIVE, &eff_state);
-- if ((inh_state | per_state) != eff_state) {
-- fprintf(stderr, "NOTE: Under Linux, effective file capabilities must either be empty, or\n"
-- " exactly match the union of selected permitted and inheritable bits.\n");
-- explained = 1;
-- break;
-- }
-- }
--#endif /* def linux */
--
- fprintf(stderr,
- "Failed to set capabilities on file `%s' (%s)\n",
- argv[0], strerror(oerrno));
-- if (!explained) {
-- usage();
-- }
-+
- }
- }
- if (cap_d) {
---
-2.6.6
-
diff --git a/meta-app-framework/recipes-support/libcap/libcap_%.bbappend b/meta-app-framework/recipes-support/libcap/libcap_%.bbappend
deleted file mode 100644
index fbe8935..0000000
--- a/meta-app-framework/recipes-support/libcap/libcap_%.bbappend
+++ /dev/null
@@ -1,5 +0,0 @@
-FILESEXTRAPATHS_append_class-native := ":${THISDIR}/${PN}"
-SRC_URI_append_class-native = " file://removing-capability-enforcement.patch"
-PACKAGECONFIG_class-native ?= "attr"
-DEPENDS_append_class-native = " attr-native"
-
diff --git a/meta-app-framework/recipes-support/libmicrohttpd/libmicrohttpd/allows-upgrade.patch b/meta-app-framework/recipes-support/libmicrohttpd/libmicrohttpd/allows-upgrade.patch
deleted file mode 100644
index 19601a5..0000000
--- a/meta-app-framework/recipes-support/libmicrohttpd/libmicrohttpd/allows-upgrade.patch
+++ /dev/null
@@ -1,81 +0,0 @@
-diff -Naur a/src/microhttpd/connection.c b/src/microhttpd/connection.c
---- a/src/microhttpd/connection.c 2016-04-08 21:02:26.000000000 +0200
-+++ b/src/microhttpd/connection.c 2016-08-29 22:41:53.790560238 +0200
-@@ -708,6 +708,8 @@
- * "keep-alive", we proceed to use the default for the respective HTTP
- * version (which is conservative for HTTP 1.0, but might be a bit
- * optimistic for HTTP 1.1).
-+ * In the case of Upgrade, the header Connection should not be set
-+ * to keep-alive.
- *
- * @param connection the connection to check for keepalive
- * @return #MHD_YES if (based on the request), a keepalive is
-@@ -750,6 +752,59 @@
-
-
- /**
-+ * Should we try to keep the given connection alive? We can use the
-+ * TCP stream for a second request if the connection is HTTP 1.1 and
-+ * the "Connection" header either does not exist or is not set to
-+ * "close", or if the connection is HTTP 1.0 and the "Connection"
-+ * header is explicitly set to "keep-alive". If no HTTP version is
-+ * specified (or if it is not 1.0 or 1.1), we definitively close the
-+ * connection. If the "Connection" header is not exactly "close" or
-+ * "keep-alive", we proceed to use the default for the respective HTTP
-+ * version (which is conservative for HTTP 1.0, but might be a bit
-+ * optimistic for HTTP 1.1).
-+ * In the case of Upgrade, the connection should be kept alive even if
-+ * the header Connection is not keep-alive.
-+ *
-+ * @param connection the connection to check for keepalive
-+ * @return #MHD_YES if (based on the request), a keepalive is
-+ * legal
-+ */
-+static int
-+should_keepalive (struct MHD_Connection *connection)
-+{
-+ const char *end;
-+
-+ if (NULL == connection->version)
-+ return MHD_NO;
-+ if ( (NULL != connection->response) &&
-+ (0 != (connection->response->flags & MHD_RF_HTTP_VERSION_1_0_ONLY) ) )
-+ return MHD_NO;
-+ end = MHD_lookup_connection_value (connection,
-+ MHD_HEADER_KIND,
-+ MHD_HTTP_HEADER_CONNECTION);
-+ if (MHD_str_equal_caseless_(connection->version,
-+ MHD_HTTP_VERSION_1_1))
-+ {
-+ if (NULL == end)
-+ return MHD_YES;
-+ if ( (MHD_str_equal_caseless_ (end, "close")) )
-+ return MHD_NO;
-+ return MHD_YES;
-+ }
-+ if (MHD_str_equal_caseless_(connection->version,
-+ MHD_HTTP_VERSION_1_0))
-+ {
-+ if (NULL == end)
-+ return MHD_NO;
-+ if (MHD_str_equal_caseless_(end, "Keep-Alive"))
-+ return MHD_YES;
-+ return MHD_NO;
-+ }
-+ return MHD_NO;
-+}
-+
-+
-+/**
- * Produce HTTP "Date:" header.
- *
- * @param date where to write the header, with
-@@ -2795,7 +2850,7 @@
- }
- if (((MHD_YES == connection->read_closed) &&
- (0 == connection->read_buffer_offset)) ||
-- (MHD_NO == keepalive_possible (connection)))
-+ (MHD_NO == should_keepalive (connection)))
- {
- /* have to close for some reason */
- MHD_connection_close_ (connection,
diff --git a/meta-app-framework/recipes-support/libmicrohttpd/libmicrohttpd_0.9.49.bb b/meta-app-framework/recipes-support/libmicrohttpd/libmicrohttpd_0.9.49.bb
deleted file mode 100644
index 9abb200..0000000
--- a/meta-app-framework/recipes-support/libmicrohttpd/libmicrohttpd_0.9.49.bb
+++ /dev/null
@@ -1,25 +0,0 @@
-DESCRIPTION = "A small C library that is supposed to make it easy to run an HTTP server as part of another application"
-HOMEPAGE = "http://www.gnu.org/software/libmicrohttpd/"
-LICENSE = "LGPL-2.1+"
-LIC_FILES_CHKSUM = "file://COPYING;md5=9331186f4f80db7da0e724bdd6554ee5"
-SECTION = "net"
-DEPENDS = "libgcrypt gnutls file"
-
-SRC_URI = "http://ftp.gnu.org/gnu/libmicrohttpd/${BPN}-${PV}.tar.gz"
-SRC_URI[md5sum] = "3209aa2ac6199b874a6325342b86edbc"
-SRC_URI[sha256sum] = "9407d8252548ab97ace3276e0032f073820073c0599d43baff832902a8dab11c"
-
-inherit autotools lib_package pkgconfig
-
-EXTRA_OECONF += "--disable-static --with-gnutls=${STAGING_LIBDIR}/../"
-
-PACKAGECONFIG ?= "curl"
-PACKAGECONFIG_append_class-target = "\
- ${@bb.utils.contains('DISTRO_FEATURES', 'largefile', 'largefile', '', d)} \
-"
-PACKAGECONFIG[largefile] = "--enable-largefile,--disable-largefile,,"
-PACKAGECONFIG[curl] = "--enable-curl,--disable-curl,curl,"
-
-do_compile_append() {
- sed -i s:-L${STAGING_LIBDIR}::g libmicrohttpd.pc
-}
diff --git a/meta-app-framework/recipes-support/libmicrohttpd/libmicrohttpd_0.9.49.bbappend b/meta-app-framework/recipes-support/libmicrohttpd/libmicrohttpd_0.9.49.bbappend
deleted file mode 100644
index c26b811..0000000
--- a/meta-app-framework/recipes-support/libmicrohttpd/libmicrohttpd_0.9.49.bbappend
+++ /dev/null
@@ -1,5 +0,0 @@
-
-FILESEXTRAPATHS_append := ":${THISDIR}/${PN}"
-SRC_URI += " file://allows-upgrade.patch"
-
-
diff --git a/meta-app-framework/recipes-support/libzip/libzip_1.1.1.bb b/meta-app-framework/recipes-support/libzip/libzip_1.1.1.bb
deleted file mode 100644
index 4509711..0000000
--- a/meta-app-framework/recipes-support/libzip/libzip_1.1.1.bb
+++ /dev/null
@@ -1,32 +0,0 @@
-inherit autotools
-
-SUMMARY = "Library providing support for handling zip files"
-DESCRIPTION = "\
- This library is wrapping zlib and allows \
- to easily create, browse, inflate of deflate \
- the zip files. \
- It also provides tools for zip comparing, merging or browsing.\
-"
-
-HOMEPAGE = "http://nih.at/libzip/index.html"
-LICENSE = "BSD"
-LIC_FILES_CHKSUM = "file://LICENSE;md5=23ebf7ca347ed9703b4ef40824d0ef66"
-
-SRC_URI = "http://nih.at/libzip/libzip-1.1.1.tar.xz;md5sum=0c86a1a94fbc3ec6724801036726ae1f"
-
-#SRC_URI = "hg://hg.nih.at/libzip;module=libzip;protocol=http"
-#SRCREV = "5895e34af7f9"
-#S = "${HGDIR}"
-
-SECTION = "base"
-
-DEPENDS = "zlib"
-
-RDEPENDS_${PN} = "zlib"
-
-PROVIDES += "${PN}-tools"
-RDEPENDS_${PN}-tools = "${PN}"
-FILES_${PN}-tools = "${bindir}/zipcmp ${bindir}/zipmerge ${bindir}/ziptool"
-
-BBCLASSEXTEND = "native nativesdk"
-
diff --git a/meta-app-framework/recipes-support/xmlsec1/xmlsec1/Only-require-libxslt-in-.pc-files-when-necessary.patch b/meta-app-framework/recipes-support/xmlsec1/xmlsec1/Only-require-libxslt-in-.pc-files-when-necessary.patch
deleted file mode 100644
index c92df77..0000000
--- a/meta-app-framework/recipes-support/xmlsec1/xmlsec1/Only-require-libxslt-in-.pc-files-when-necessary.patch
+++ /dev/null
@@ -1,115 +0,0 @@
-From 1e39acf581ef47876b058da41774cbc92560d797 Mon Sep 17 00:00:00 2001
-From: Manuel Bachmann <manuel.bachmann@iot.bzh>
-Date: Wed, 27 Jan 2016 14:16:40 +0100
-Subject: [PATCH] Only require libxslt in .pc files when necessary
-
-If we build xmlsec without libxslt ("--without-libxslt" at
-configure time), dependent packages will still require it
-because it is unconditionally mentioned in .pc files (used
-by pkg-config).
-
-We now make sure that this dependency is mentioned only if
-the configure script validates libxslt presence.
-
-Signed-off-by: Manuel Bachmann <manuel.bachmann@iot.bzh>
----
- configure.in | 4 ++++
- xmlsec-gcrypt.pc.in | 2 +-
- xmlsec-gnutls.pc.in | 2 +-
- xmlsec-nss.pc.in | 2 +-
- xmlsec-openssl.pc.in | 2 +-
- xmlsec.pc.in | 2 +-
- 6 files changed, 9 insertions(+), 5 deletions(-)
-
-diff --git a/configure.in b/configure.in
-index 7d976d0..a8350a9 100644
---- a/configure.in
-+++ b/configure.in
-@@ -255,6 +255,7 @@ dnl ==========================================================================
- dnl find libxslt
- dnl ==========================================================================
- XMLSEC_NO_LIBXSLT="1"
-+LIBXSLT_COND="libxslt >="
- LIBXSLT_MIN_VERSION=1.0.20
- LIBXSLT_CONFIG="xslt-config"
- LIBXSLT_CFLAGS=""
-@@ -324,6 +325,8 @@ fi
- if test "z$LIBXSLT_FOUND" = "zyes" ; then
- XMLSEC_NO_LIBXSLT="0"
- else
-+ LIBXSLT_COND=""
-+ LIBXSLT_MIN_VERSION=""
- XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_NO_XSLT=1"
- fi
-
-@@ -332,6 +335,7 @@ AC_SUBST(LIBXSLT_CFLAGS)
- AC_SUBST(LIBXSLT_LIBS)
- AC_SUBST(LIBXSLT_CONFIG)
- AC_SUBST(LIBXSLT_MIN_VERSION)
-+AC_SUBST(LIBXSLT_COND)
-
- dnl ==========================================================================
- dnl See if we can find a crypto library
-diff --git a/xmlsec-gcrypt.pc.in b/xmlsec-gcrypt.pc.in
-index 1c00496..33bc2ff 100644
---- a/xmlsec-gcrypt.pc.in
-+++ b/xmlsec-gcrypt.pc.in
-@@ -6,6 +6,6 @@ includedir=@includedir@
- Name: xmlsec1-gcrypt
- Version: @VERSION@
- Description: XML Security Library implements XML Signature and XML Encryption standards
--Requires: libxml-2.0 >= @LIBXML_MIN_VERSION@ libxslt >= @LIBXSLT_MIN_VERSION@
-+Requires: libxml-2.0 >= @LIBXML_MIN_VERSION@ @LIBXSLT_COND@ @LIBXSLT_MIN_VERSION@
- Cflags: -DXMLSEC_CRYPTO=\"gcrypt\" @XMLSEC_GCRYPT_CFLAGS@
- Libs: @XMLSEC_GCRYPT_LIBS@
-diff --git a/xmlsec-gnutls.pc.in b/xmlsec-gnutls.pc.in
-index e538cd4..d01cf82 100644
---- a/xmlsec-gnutls.pc.in
-+++ b/xmlsec-gnutls.pc.in
-@@ -6,6 +6,6 @@ includedir=@includedir@
- Name: xmlsec1-gnutls
- Version: @VERSION@
- Description: XML Security Library implements XML Signature and XML Encryption standards
--Requires: libxml-2.0 >= @LIBXML_MIN_VERSION@ libxslt >= @LIBXSLT_MIN_VERSION@
-+Requires: libxml-2.0 >= @LIBXML_MIN_VERSION@ @LIBXSLT_COND@ @LIBXSLT_MIN_VERSION@
- Cflags: -DXMLSEC_CRYPTO=\"gnutls\" @XMLSEC_GNUTLS_CFLAGS@
- Libs: @XMLSEC_GNUTLS_LIBS@
-diff --git a/xmlsec-nss.pc.in b/xmlsec-nss.pc.in
-index a6d6c5c..75f0232 100644
---- a/xmlsec-nss.pc.in
-+++ b/xmlsec-nss.pc.in
-@@ -6,6 +6,6 @@ includedir=@includedir@
- Name: xmlsec1-nss
- Version: @VERSION@
- Description: XML Security Library implements XML Signature and XML Encryption standards
--Requires: libxml-2.0 >= @LIBXML_MIN_VERSION@ libxslt >= @LIBXSLT_MIN_VERSION@ @NSPR_PACKAGE@ >= @MOZILLA_MIN_VERSION@ @NSS_PACKAGE@ >= @MOZILLA_MIN_VERSION@
-+Requires: libxml-2.0 >= @LIBXML_MIN_VERSION@ @LIBXSLT_COND@ @LIBXSLT_MIN_VERSION@ @NSPR_PACKAGE@ >= @MOZILLA_MIN_VERSION@ @NSS_PACKAGE@ >= @MOZILLA_MIN_VERSION@
- Cflags: -DXMLSEC_CRYPTO=\"nss\" -DXMLSEC_CRYPTO_NSS=1 @XMLSEC_CORE_CFLAGS@
- Libs: -L${libdir} -lxmlsec1-nss @XMLSEC_CORE_LIBS@
-diff --git a/xmlsec-openssl.pc.in b/xmlsec-openssl.pc.in
-index 85ee2b0..e9d0651 100644
---- a/xmlsec-openssl.pc.in
-+++ b/xmlsec-openssl.pc.in
-@@ -6,6 +6,6 @@ includedir=@includedir@
- Name: xmlsec1-openssl
- Version: @VERSION@
- Description: XML Security Library implements XML Signature and XML Encryption standards
--Requires: libxml-2.0 >= @LIBXML_MIN_VERSION@ libxslt >= @LIBXSLT_MIN_VERSION@
-+Requires: libxml-2.0 >= @LIBXML_MIN_VERSION@ @LIBXSLT_COND@ @LIBXSLT_MIN_VERSION@
- Cflags: -DXMLSEC_CRYPTO=\"openssl\" @XMLSEC_OPENSSL_CFLAGS@
- Libs: @XMLSEC_OPENSSL_LIBS@
-diff --git a/xmlsec.pc.in b/xmlsec.pc.in
-index a750ab8..14ea670 100644
---- a/xmlsec.pc.in
-+++ b/xmlsec.pc.in
-@@ -6,6 +6,6 @@ includedir=@includedir@
- Name: xmlsec1
- Version: @VERSION@
- Description: XML Security Library implements XML Signature and XML Encryption standards
--Requires: libxml-2.0 >= @LIBXML_MIN_VERSION@ libxslt >= @LIBXSLT_MIN_VERSION@
-+Requires: libxml-2.0 >= @LIBXML_MIN_VERSION@ @LIBXSLT_COND@ @LIBXSLT_MIN_VERSION@
- Cflags: -DXMLSEC_CRYPTO=\"@XMLSEC_CRYPTO@\" -DXMLSEC_CRYPTO_DYNAMIC_LOADING=1 @XMLSEC_CORE_CFLAGS@
- Libs: -L${libdir} @XMLSEC_CORE_LIBS@
---
-2.6.2
-
diff --git a/meta-app-framework/recipes-support/xmlsec1/xmlsec1_1.%.bbappend b/meta-app-framework/recipes-support/xmlsec1/xmlsec1_1.%.bbappend
deleted file mode 100644
index 8f1972f..0000000
--- a/meta-app-framework/recipes-support/xmlsec1/xmlsec1_1.%.bbappend
+++ /dev/null
@@ -1,6 +0,0 @@
-FILESEXTRAPATHS_append := ":${THISDIR}/${PN}"
-SRC_URI += "file://Only-require-libxslt-in-.pc-files-when-necessary.patch"
-
-DEPENDS += "libxml2"
-
-BBCLASSEXTEND = "native nativesdk"
diff --git a/templates/feature/agl-appfw-smack/50_bblayers.conf.inc b/templates/feature/agl-appfw-smack/50_bblayers.conf.inc
deleted file mode 100644
index db6858f..0000000
--- a/templates/feature/agl-appfw-smack/50_bblayers.conf.inc
+++ /dev/null
@@ -1,6 +0,0 @@
-BBLAYERS =+ " \
- ${METADIR}/meta-intel-iot-security/meta-security-smack \
- ${METADIR}/meta-intel-iot-security/meta-security-framework \
- ${METADIR}/meta-agl-extra/meta-app-framework \
- "
-
diff --git a/templates/feature/agl-appfw-smack/50_local.conf.inc b/templates/feature/agl-appfw-smack/50_local.conf.inc
deleted file mode 100644
index add62a3..0000000
--- a/templates/feature/agl-appfw-smack/50_local.conf.inc
+++ /dev/null
@@ -1,2 +0,0 @@
-#see meta-agl-extra/meta-app-framework/conf/include/agl-appfw-smack.inc
-require conf/include/agl-appfw-smack.inc