summaryrefslogtreecommitdiffstats
path: root/meta-app-framework
AgeCommit message (Collapse)AuthorFilesLines
2017-03-09shadow: 'useradd' copies root's extended attributesJosé Bollo3-0/+94
The copy of extended attributes is interesting for Smack systems because it allows to set the security template of the user's home directories without modifying the tools (useradd here). But the version of useradd that copies the extended attributes doesn't copy the extended attributes of the root. This can make use of homes impossible! This patch corrects the issue by copying the extended attributes of the root. This includes 2 patches to implement the behaviour: one for the target and one for the native. The patch for the target was submitted upstream (see below) The patch for the native couldn't be submitted upstream because it applies on a patch specific to open-embedded (that was refused upstream). Upstream-Status: Submitted (http://lists.alioth.debian.org/pipermail/pkg-shadow-commits/2017-March/003804.html) Change-Id: I7ced318a02206fd3f15a6995f59bb82b6c6453d5 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2017-03-08Removes systemd warningsJosé Bollo2-2/+2
Systemd was complaining that the service files were executable. This patch removes that issue. Change-Id: I77183bb142956fec84b3ca727f7084e8f652c292 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2017-03-07Add service dependency on run-agl-postinstsRonan Le Martret1-0/+1
* if we add meta-app-framework you should add dependency on afm-system-daemon for run-agl-postinsts service [SPEC-431] Change-Id: I17ac918c0880aa46ba01e78257aacac390a50aba Signed-off-by: Ronan Le Martret <ronan.lemartret@iot.bzh>
2017-03-03Merge "Add dependency to images"Jan-Simon Moeller1-0/+0
2017-02-25Merge "Fix the error of homescreen for QEMU x86-64"Jan-Simon Moeller1-0/+4
2017-02-23Fix the error of homescreen for QEMU x86-64Phong Tran1-0/+4
libEGL.so is not availabe in QEMU x86-64 env. This make the afm-user-daemon service is loaded failure. This make the homescreen fail to load. Remove LD_PRELOAD of libEGL.so for QEMU x86-64. Change-Id: Iba9a904cc7e4000861ec0e0d6f5c22f48428b954 Signed-off-by: Phong Tran <tranmanphong@gmail.com>
2017-02-23Update af-mainRonan Le Martret3-3/+3
* Fix wgtpkg-pack * Add json-c for native and nativesdk Change-Id: I9f2f6b55b729099a70e00f53c631e181d19cf1c9 Signed-off-by: Ronan Le Martret <ronan.lemartret@iot.bzh>
2017-02-17aglwgt.bbclass: fix bashismStephane Desneux1-1/+1
Depending on the host shell, the class may fail due to specific bash syntax. Change-Id: I59938b009b27e8fbdc533e8b58c80a36864723bb Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
2017-02-16Add dependency to imagesRonan Le Martret1-0/+0
* [SPEC-424] Change-Id: I50704658bd7970b5638d7f4f7fe6167e342e9b4b Signed-off-by: Ronan Le Martret <ronan.lemartret@iot.bzh>
2017-02-15Allowed wgt app to auto-install at the first bootRonan Le Martret1-3/+23
* link to gerrit review 8467 (meta-agl) Change-Id: I87832b52dde60134908d29261ca8f8049338e815 Signed-off-by: Ronan Le Martret <ronan.lemartret@iot.bzh>
2017-02-15Add afm-install used to install wgt at first bootRonan Le Martret2-0/+50
* afm-install can install wgt app like afm-util but use dbus "system" session instead of "user". #/usr/bin/afm-install install /usr/AGL/apps/$file.wgt Change-Id: Id7361350257347a8db32f539b3bdeb3f2d8f554c Signed-off-by: Ronan Le Martret <ronan.lemartret@iot.bzh>
2017-01-26Move feature code into the meta recipesRonan1-0/+12
* Having a minimlal local.conf serving the only purpose of user customization is the "Yocto" way of doing things * After a source synchronization (repo sync), feature code must be update without regenerate local.conf * move feature/agl-demo to meta-agl-demo Change-Id: I6db3956da8091bf583b20fce7dc184bfe622a85a Signed-off-by: Ronan <ronan.lemartret@iot.bzh>
2017-01-16Add missing DEPENDS to af-binderJan-Simon Möller1-1/+1
To fix WARNING: af-binder-1.0-r0 do_package_qa: QA Issue: af-binder rdepends on libcrypto, but it isn't a build dependency, missing openssl in DEPENDS or PACKAGECONFIG? [build-deps] openssl is added to DEPENDS. Change-Id: Ib1d38f8041e053f7c706fcb2cc187aad765aa9c4 Signed-off-by: Jan-Simon Möller <jsmoeller@linuxfoundation.org>
2017-01-10fix for gcc6 buildRonan3-1/+82
Change-Id: Iea4f0ba83e1d93ea2e7cc5950dced714b65dd251 Signed-off-by: Ronan <ronan.lemartret@iot.bzh>
2017-01-10fix libcap patchRonan Le Martret1-7/+15
Change-Id: I49d42748c6dcb1927d1370b0706a085a17aa8a2b Signed-off-by: Ronan Le Martret <ronan.lemartret@iot.bzh>
2017-01-03Activates threading and hook featuresJosé Bollo1-3/+2
Activation of threading was delayed until CES demo. Now that CES demo is on, threading can be activated and tested in real. This also enables new features: - Compiler fixes - Hooking of requests (for debugging) - Change in handling option --roothttp - Documentation improvements - Minor internal improvements and cleanup Change-Id: I4c7052697a83c3d49a283970c502c62a5d3ddd64 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2017-01-02add fakeroot to aglwgt_deploy taskRonan1-0/+4
* we need to have pseudo env when we deploy agl app, if not developer id is use instead of pseudo id (root), and a QA issue is rise "host contamination". BB-must-fix Change-Id: I65c61cf1f5318b9cb9afe942da662863389f28b9 Signed-off-by: Ronan <ronan.lemartret@iot.bzh>
2016-12-28Be more precise in addtaskJan-Simon Möller1-2/+2
This changeset fixes a timing issue on parallel builds when using the aglwgt bbclass. It turns out that we need to make sure our steps finish before do_package is being called. Change-Id: Ib3bc0d39562c6a0d9ba4c55352c61ce1b57d5409 Signed-off-by: Jan-Simon Möller <jsmoeller@linuxfoundation.org>
2016-12-28Fix whitespace in aglwgt bbclassJan-Simon Möller1-1/+1
This change fixes an issue in the aglwgt bbclass use of FILES_${PN} that lead to a missing inclusion of the *.wgt file. Change-Id: I4ec8485e9f375f3e9278310381b270b0d3647f62 Signed-off-by: Jan-Simon Möller <jsmoeller@linuxfoundation.org>
2016-12-28Add aglwgt classJan-Simon Möller1-0/+37
This change adds a aglwgt.bbclass which does: - simplify the application (wrapper) recipes within AGL - enforces that 'make package' is present to guarantee the SDK workflow works - places the wgt in the standard location of the AGL reference distro /usr/AGL/apps/ Later the following features will be added to the class: - automatic generation of a wrapper for smoke-test of install/uninstall operations (ptest script) - build-time format checks Change-Id: Ie4f8281061febf3495d33bb1483f8c64b54ed8e9 Signed-off-by: Jan-Simon Möller <jsmoeller@linuxfoundation.org>
2016-12-20Authorize the requested permissionsJosé Bollo1-1/+1
Normally, the permissions of installed applications are subject to authorization and filtering. This patch removes that control and allows to set the requested permissions. It will allow to write correct config.xml and start using permissions and cynara. Related to SPEC-367. Change-Id: I92b366eaeaf0d452062752296848c04833bc87b1 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2016-12-16Don't override SYSTEMD_SERVICE of original recipe.Anton Gerasimov1-3/+6
Latest change for compatibility with OSTree introduced this bug, fix. Change-Id: Ib9c7fe624fbbd722abe07ca08ff56f4334dbf13e Signed-off-by: Anton Gerasimov <anton@advancedtelematic.com>
2016-12-14Merge "Move all writable data used by security-manager and appfw to /var"Jan-Simon Moeller9-9/+270
2016-12-14af-main: remove --roothttp option from afm-launch.confStephane Desneux1-1/+1
For all application types except HTML5 (application/vnd.agl.html.hybrid), there's no need to specify a root http directory. Moreover, If such directory is not present in the packaging, launching the application will fail. Change-Id: Ib0b25f3d8bb9f63dde8610d96126639b846e245d Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
2016-12-14Move all writable data used by security-manager and appfw to /varAnton Gerasimov9-9/+270
The purpose of these changes is to make OSTree and AppFw update domains compatible with each other. Some intergation code is also needed to deploy initial data to writable area (see SPEC-359 in Jira). Bug-AGL: SPEC-359 Change-Id: Iccba1e9916c569167df2922ad5e2d90cc33f06fe Signed-off-by: Anton Gerasimov <anton@advancedtelematic.com>
2016-12-14af-main: fix exec flag and case sensitive idsJosé Bollo2-14/+1
The execute flags is now set for widgets of type application/vnd.agl.native. The ids of the applications are now enforced to lowercase for their storing and their smack label. Conversely, the id is no more case sensitive for launching or uninstalling widgets. Change-Id: I8857b10860acf464cc56939b4acc026319d65736 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2016-12-07add native build for af-mainRonan1-0/+11
Change-Id: If9765fa5dbb5229a511b36cda83505cab75e7785 Signed-off-by: Ronan <ronan.lemartret@iot.bzh>
2016-11-21Improves places for QT_WAYLAND_SHELL_INTEGRATIONJosé Bollo3-3/+29
This define is currently needed by all applications launched by the framework. This commits allows that. Change-Id: Ia56268c1bca58f2da7c0152fa735751603d799bc Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2016-11-17smack: removed already applied patchJosé Bollo1-1/+0
This patch is already applied to linux-yocto_4.4.26 Change-Id: Icc58ac2f2d14589c5318286b487f0e13e5ff93f2 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2016-11-16appfwk: improvementsJosé Bollo1-1/+1
This commit adds the following improvements to the application framework: - "once" method to launch applications at most one time - minor warning fixes when compiling - allowing % substitution in environment variables - export of the variable AFM_APP_INSTALL_DIR - set the execute flag on installed binaries Change-Id: I729d3b882089473c627e166c35bd0d96e70c9c53 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2016-11-10meta-app-framework: fix unpackaged files in nativesdk-af-mainStephane Desneux1-0/+5
Recent changes in af-main now generate .pc (pkgconfig) files. These files shouldn't be packaged for nativesdk-af-main: they are just removed at the end of the install task to avoid the 'unpackaged files' error. Change-Id: I61364c430c0272e8e8a398e1e5640c856c668c1b Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
2016-11-09Merge "af-main: update"Jan-Simon Moeller1-1/+1
2016-11-09Merge "Smack: add audit when smack is active"Jan-Simon Moeller2-0/+5
2016-11-09Smack: add audit when smack is activeJosé Bollo2-0/+5
It is important for developement process and for monitoring hacking to track violations and to monitor wrong uses or problems. By activating audit with Smack we ensure that detection and reporting of hazardous or malicious violations will be possible. Change-Id: I7808ff17b5b8ba1fb09742fd273f46f06917d26b Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2016-11-09web-runtime: provide IVI tuning for porterJosé Bollo2-1/+2
Added to the environment: export QT_WAYLAND_SHELL_INTEGRATION="ivi-shell" This allows HTML5 applications to run on top of the IVI-shell. Note to AGL integrators: this is a temporary patch that can be removed at the end. Change-Id: Ic2b5f75327af6cbd1af4c7bd1eeb5cc3a2b743fd Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2016-11-09af-main: updateJosé Bollo1-1/+1
Include features for HomeScreen: - returns pids - renamed verbs: stop -> pause & continue -> resume - dbus manifests Change-Id: I24ea59f376f57182c7060aca1c96539866cdcaba Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2016-11-04Smack: fixup of bluetooth socket labellingJosé Bollo10-0/+413
The sockets created by kernel thread will now be tagged @ instead of _. This problem was occuring during creation of AF_BLUETOOTH (but is also latent AF_ALG, AF_IUCV, AF_SCTP, AF_TIPC as they don't go through the normal socket creation process within linux). Having the tag @ allows read/write to sockets without special rules and tus solve the problem. This solution from upstream linux patches backported and from a patch made by Samsung for Tizen and that is currently discussed within kernel lists. Also add some improvements of the LSM Smack (valid caching and signal 0). These improvements are backports of patches already available for linux 4.9-rc3. AGL-bug: SPEC-293 (https://jira.automotivelinux.org/browse/SPEC-293) Change-Id: I5999a951a4bbeba7947ebfe5df091de07d59e57e Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2016-11-02Allow build without meta-agl-demoRonan1-1/+1
Change-Id: Ic78464d6e9c07e205b222b3f0f3d49ed1b928ed6 Signed-off-by: Ronan <ronan.lemartret@iot.bzh>
2016-10-24FWK: Adaptations for jethroJosé Bollo4-5/+71
Since introduction of ambient capabilities, systemd deprecated the use of Capabilities. With systemd 229 activated with krogoth, the use of Capabilities does nothing. This commits avoids to use SecureBits and Capabilities. It now relies on the fact that post installations are setting the capabilities to the file: - setcap cap_mac_override,cap_dac_override=ep afm-system-daemon - setcap cap_mac_override,cap_mac_admin,cap_setgid=ep afm-user-daemon Using p (permitted) instead of i (inherited) that was previously used. It also includes evolutions of the security model to be synchronized with the deletion of 'User'. The recommended version to use now is the commit 20bbb97f6d5400b126ae96ef446c3e60c7e16285. Change-Id: Id24ce7c7651e2fdf8d66b6e8286268e7d88508a0 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2016-09-20app-framework: ImprovementsJosé Bollo2-2/+2
Within app-framework-binder: - fixes read and write lock (EAGAIN) - fixes SIGPIPE handling - improves the documentation Within app-framework-main: - improves documentation (for config.xml) - fixes setting of permissions Signed-off-by: José Bollo <jose.bollo@iot.bzh> Change-Id: If860d00204f82ee85ed1fd4ca9ac9820b844085f
2016-09-05app-framework: improvementsJosé Bollo2-2/+2
- Adds the handling of a root for HTTP files with the option --roothttp - Improves API for openning localized data - Adds the handling of language Change-Id: Ia0c6e840265595b6e0415e8ea7a9e6585d8bb88d Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2016-08-29Improves the handling of upgrade for websocketsJosé Bollo3-19/+84
The previous implmentation wasn't enough good to allow the websocket handshake by any client. In particular, the Qt client wasn't able to connect to binder's websockets. Also upgrade to MHD 0.9.49 (compatible with krogoth) Change-Id: Ib5800a4ff6c3d5e6bb11359266867fde52c06dce Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2016-08-10app-framework: fix minor bugsJosé Bollo2-2/+2
- fix event propagation to services - fix memory leaks Change-Id: I73432fd9f4a144d2790a7a67d471045048b5e537 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2016-07-18meta-app-framework: install missing libafbwsc libraryManuel Bachmann1-2/+3
libafbwsc is a C WebSockets helper library needed for most native apffw clients, such as the default provided one, "afb-client-demo". Change-Id: I321f62cbd6a04bc3e4b91e4de544865c83397979 Signed-off-by: Manuel Bachmann <mbc@iot.bzh>
2016-07-15meta-app-framework: sync with latest af-main sourcesStephane Desneux2-1/+3
also add base bindings needed for most appfw clients: * af-binder-binding-afb-dbus-binding * af-binder-binding-authlogin Change-Id: I19e5da9490ad9316ed172591f4ebd5755934143a Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
2016-07-12meta-app-framework: sync with latest af-binder sourcesStephane Desneux1-1/+1
This solves a problem with libafbwsc (Websocket Client library) when used from SDK to build clients (internal dependency fixed). Change-Id: I137931c72d895679892523a6bd66cc4ecd4ea1a0 Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
2016-07-11meta-app-framework: add missing dependency between af-binder-dev and ↵Stephane Desneux1-0/+2
libafbwsc-dev Change-Id: If0ce85a3a6ef1e715681c1011e12dad278735e04 Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
2016-07-10meta-app-framework: af-binder must create ${libdir}/afb at postinst timeStephane Desneux1-0/+4
Change-Id: I8d2c85d67eec3c697c6abb072955d5e2de8c5e5f Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
2016-07-10meta-app-framework: add af-main-tools and dependencies in ↵Stephane Desneux5-22/+52
nativesdk-packagegroup-sdk-host This is required to install app framework sdk tools. Change-Id: Iad407420fa734c063926d1883c288af387155668 Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
2016-07-08meta-app-framework: af-binder source code updateStephane Desneux1-1/+1
Change-Id: Ia9c5d33defc23612fda34c01a1f1e7d789c961ad Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>