Age | Commit message (Collapse) | Author | Files | Lines |
|
The copy of extended attributes is interesting for
Smack systems because it allows to set the security
template of the user's home directories without
modifying the tools (useradd here). But the version
of useradd that copies the extended attributes doesn't
copy the extended attributes of the root. This can make
use of homes impossible! This patch corrects the issue
by copying the extended attributes of the root.
This includes 2 patches to implement the behaviour:
one for the target and one for the native.
The patch for the target was submitted upstream (see below)
The patch for the native couldn't be submitted upstream
because it applies on a patch specific to open-embedded
(that was refused upstream).
Upstream-Status: Submitted (http://lists.alioth.debian.org/pipermail/pkg-shadow-commits/2017-March/003804.html)
Change-Id: I7ced318a02206fd3f15a6995f59bb82b6c6453d5
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
Systemd was complaining that the service files were
executable. This patch removes that issue.
Change-Id: I77183bb142956fec84b3ca727f7084e8f652c292
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
* if we add meta-app-framework you should add
dependency on afm-system-daemon for run-agl-postinsts
service
[SPEC-431]
Change-Id: I17ac918c0880aa46ba01e78257aacac390a50aba
Signed-off-by: Ronan Le Martret <ronan.lemartret@iot.bzh>
|
|
|
|
|
|
libEGL.so is not availabe in QEMU x86-64 env.
This make the afm-user-daemon service is loaded failure.
This make the homescreen fail to load.
Remove LD_PRELOAD of libEGL.so for QEMU x86-64.
Change-Id: Iba9a904cc7e4000861ec0e0d6f5c22f48428b954
Signed-off-by: Phong Tran <tranmanphong@gmail.com>
|
|
* Fix wgtpkg-pack
* Add json-c for native and nativesdk
Change-Id: I9f2f6b55b729099a70e00f53c631e181d19cf1c9
Signed-off-by: Ronan Le Martret <ronan.lemartret@iot.bzh>
|
|
Depending on the host shell, the class may fail due to specific bash syntax.
Change-Id: I59938b009b27e8fbdc533e8b58c80a36864723bb
Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
|
|
* [SPEC-424]
Change-Id: I50704658bd7970b5638d7f4f7fe6167e342e9b4b
Signed-off-by: Ronan Le Martret <ronan.lemartret@iot.bzh>
|
|
* link to gerrit review 8467 (meta-agl)
Change-Id: I87832b52dde60134908d29261ca8f8049338e815
Signed-off-by: Ronan Le Martret <ronan.lemartret@iot.bzh>
|
|
* afm-install can install wgt app like afm-util but use
dbus "system" session instead of "user".
#/usr/bin/afm-install install /usr/AGL/apps/$file.wgt
Change-Id: Id7361350257347a8db32f539b3bdeb3f2d8f554c
Signed-off-by: Ronan Le Martret <ronan.lemartret@iot.bzh>
|
|
* Having a minimlal local.conf serving the only purpose
of user customization is the "Yocto" way of doing things
* After a source synchronization (repo sync), feature code
must be update without regenerate local.conf
* move feature/agl-demo to meta-agl-demo
Change-Id: I6db3956da8091bf583b20fce7dc184bfe622a85a
Signed-off-by: Ronan <ronan.lemartret@iot.bzh>
|
|
To fix
WARNING: af-binder-1.0-r0 do_package_qa: QA Issue: af-binder rdepends on libcrypto, but it isn't a build dependency, missing openssl in DEPENDS or PACKAGECONFIG? [build-deps]
openssl is added to DEPENDS.
Change-Id: Ib1d38f8041e053f7c706fcb2cc187aad765aa9c4
Signed-off-by: Jan-Simon Möller <jsmoeller@linuxfoundation.org>
|
|
Change-Id: Iea4f0ba83e1d93ea2e7cc5950dced714b65dd251
Signed-off-by: Ronan <ronan.lemartret@iot.bzh>
|
|
Change-Id: I49d42748c6dcb1927d1370b0706a085a17aa8a2b
Signed-off-by: Ronan Le Martret <ronan.lemartret@iot.bzh>
|
|
Activation of threading was delayed until
CES demo.
Now that CES demo is on, threading can be
activated and tested in real.
This also enables new features:
- Compiler fixes
- Hooking of requests (for debugging)
- Change in handling option --roothttp
- Documentation improvements
- Minor internal improvements and cleanup
Change-Id: I4c7052697a83c3d49a283970c502c62a5d3ddd64
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
* we need to have pseudo env when we deploy
agl app, if not developer id is use instead
of pseudo id (root), and a QA issue is rise
"host contamination".
BB-must-fix
Change-Id: I65c61cf1f5318b9cb9afe942da662863389f28b9
Signed-off-by: Ronan <ronan.lemartret@iot.bzh>
|
|
This changeset fixes a timing issue on parallel builds when
using the aglwgt bbclass. It turns out that we need to make sure
our steps finish before do_package is being called.
Change-Id: Ib3bc0d39562c6a0d9ba4c55352c61ce1b57d5409
Signed-off-by: Jan-Simon Möller <jsmoeller@linuxfoundation.org>
|
|
This change fixes an issue in the aglwgt bbclass use of
FILES_${PN} that lead to a missing inclusion of the *.wgt file.
Change-Id: I4ec8485e9f375f3e9278310381b270b0d3647f62
Signed-off-by: Jan-Simon Möller <jsmoeller@linuxfoundation.org>
|
|
This change adds a aglwgt.bbclass which does:
- simplify the application (wrapper) recipes within AGL
- enforces that 'make package' is present to guarantee the SDK workflow works
- places the wgt in the standard location of the AGL reference distro /usr/AGL/apps/
Later the following features will be added to the class:
- automatic generation of a wrapper for smoke-test of install/uninstall operations (ptest script)
- build-time format checks
Change-Id: Ie4f8281061febf3495d33bb1483f8c64b54ed8e9
Signed-off-by: Jan-Simon Möller <jsmoeller@linuxfoundation.org>
|
|
Normally, the permissions of installed applications
are subject to authorization and filtering.
This patch removes that control and allows to
set the requested permissions.
It will allow to write correct config.xml
and start using permissions and cynara.
Related to SPEC-367.
Change-Id: I92b366eaeaf0d452062752296848c04833bc87b1
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
Latest change for compatibility with OSTree introduced this bug, fix.
Change-Id: Ib9c7fe624fbbd722abe07ca08ff56f4334dbf13e
Signed-off-by: Anton Gerasimov <anton@advancedtelematic.com>
|
|
|
|
For all application types except HTML5 (application/vnd.agl.html.hybrid),
there's no need to specify a root http directory. Moreover, If such
directory is not present in the packaging, launching the application
will fail.
Change-Id: Ib0b25f3d8bb9f63dde8610d96126639b846e245d
Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
|
|
The purpose of these changes is to make OSTree and AppFw update domains
compatible with each other. Some intergation code is also needed to deploy
initial data to writable area (see SPEC-359 in Jira).
Bug-AGL: SPEC-359
Change-Id: Iccba1e9916c569167df2922ad5e2d90cc33f06fe
Signed-off-by: Anton Gerasimov <anton@advancedtelematic.com>
|
|
The execute flags is now set for widgets of type application/vnd.agl.native.
The ids of the applications are now enforced to lowercase for their storing
and their smack label. Conversely, the id is no more case sensitive for
launching or uninstalling widgets.
Change-Id: I8857b10860acf464cc56939b4acc026319d65736
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
Change-Id: If9765fa5dbb5229a511b36cda83505cab75e7785
Signed-off-by: Ronan <ronan.lemartret@iot.bzh>
|
|
This define is currently needed by all applications launched
by the framework. This commits allows that.
Change-Id: Ia56268c1bca58f2da7c0152fa735751603d799bc
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
This patch is already applied to linux-yocto_4.4.26
Change-Id: Icc58ac2f2d14589c5318286b487f0e13e5ff93f2
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
This commit adds the following improvements to the
application framework:
- "once" method to launch applications at most one time
- minor warning fixes when compiling
- allowing % substitution in environment variables
- export of the variable AFM_APP_INSTALL_DIR
- set the execute flag on installed binaries
Change-Id: I729d3b882089473c627e166c35bd0d96e70c9c53
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
Recent changes in af-main now generate .pc (pkgconfig) files. These files
shouldn't be packaged for nativesdk-af-main: they are just removed at the
end of the install task to avoid the 'unpackaged files' error.
Change-Id: I61364c430c0272e8e8a398e1e5640c856c668c1b
Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
|
|
|
|
|
|
It is important for developement process and for monitoring
hacking to track violations and to monitor wrong uses or problems.
By activating audit with Smack we ensure that detection and reporting
of hazardous or malicious violations will be possible.
Change-Id: I7808ff17b5b8ba1fb09742fd273f46f06917d26b
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
Added to the environment:
export QT_WAYLAND_SHELL_INTEGRATION="ivi-shell"
This allows HTML5 applications to run on top of the
IVI-shell.
Note to AGL integrators: this is a temporary patch
that can be removed at the end.
Change-Id: Ic2b5f75327af6cbd1af4c7bd1eeb5cc3a2b743fd
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
Include features for HomeScreen:
- returns pids
- renamed verbs: stop -> pause & continue -> resume
- dbus manifests
Change-Id: I24ea59f376f57182c7060aca1c96539866cdcaba
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
The sockets created by kernel thread will now be
tagged @ instead of _.
This problem was occuring during creation of AF_BLUETOOTH (but is
also latent AF_ALG, AF_IUCV, AF_SCTP, AF_TIPC as they don't go
through the normal socket creation process within linux).
Having the tag @ allows read/write to sockets without special
rules and tus solve the problem.
This solution from upstream linux patches backported and from
a patch made by Samsung for Tizen and that is currently
discussed within kernel lists.
Also add some improvements of the LSM Smack (valid caching and signal 0).
These improvements are backports of patches already available for
linux 4.9-rc3.
AGL-bug: SPEC-293 (https://jira.automotivelinux.org/browse/SPEC-293)
Change-Id: I5999a951a4bbeba7947ebfe5df091de07d59e57e
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
Change-Id: Ic78464d6e9c07e205b222b3f0f3d49ed1b928ed6
Signed-off-by: Ronan <ronan.lemartret@iot.bzh>
|
|
Since introduction of ambient capabilities,
systemd deprecated the use of Capabilities.
With systemd 229 activated with krogoth,
the use of Capabilities does nothing.
This commits avoids to use SecureBits and Capabilities.
It now relies on the fact that post installations are
setting the capabilities to the file:
- setcap cap_mac_override,cap_dac_override=ep afm-system-daemon
- setcap cap_mac_override,cap_mac_admin,cap_setgid=ep afm-user-daemon
Using p (permitted) instead of i (inherited) that was
previously used.
It also includes evolutions of the security model to be synchronized
with the deletion of 'User'. The recommended version to use now
is the commit 20bbb97f6d5400b126ae96ef446c3e60c7e16285.
Change-Id: Id24ce7c7651e2fdf8d66b6e8286268e7d88508a0
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
Within app-framework-binder:
- fixes read and write lock (EAGAIN)
- fixes SIGPIPE handling
- improves the documentation
Within app-framework-main:
- improves documentation (for config.xml)
- fixes setting of permissions
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
Change-Id: If860d00204f82ee85ed1fd4ca9ac9820b844085f
|
|
- Adds the handling of a root for HTTP files with the option --roothttp
- Improves API for openning localized data
- Adds the handling of language
Change-Id: Ia0c6e840265595b6e0415e8ea7a9e6585d8bb88d
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
The previous implmentation wasn't enough good to allow
the websocket handshake by any client. In particular,
the Qt client wasn't able to connect to binder's websockets.
Also upgrade to MHD 0.9.49 (compatible with krogoth)
Change-Id: Ib5800a4ff6c3d5e6bb11359266867fde52c06dce
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
- fix event propagation to services
- fix memory leaks
Change-Id: I73432fd9f4a144d2790a7a67d471045048b5e537
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
libafbwsc is a C WebSockets helper library needed for most
native apffw clients, such as the default provided one,
"afb-client-demo".
Change-Id: I321f62cbd6a04bc3e4b91e4de544865c83397979
Signed-off-by: Manuel Bachmann <mbc@iot.bzh>
|
|
also add base bindings needed for most appfw clients:
* af-binder-binding-afb-dbus-binding
* af-binder-binding-authlogin
Change-Id: I19e5da9490ad9316ed172591f4ebd5755934143a
Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
|
|
This solves a problem with libafbwsc (Websocket Client library)
when used from SDK to build clients (internal dependency fixed).
Change-Id: I137931c72d895679892523a6bd66cc4ecd4ea1a0
Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
|
|
libafbwsc-dev
Change-Id: If0ce85a3a6ef1e715681c1011e12dad278735e04
Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
|
|
Change-Id: I8d2c85d67eec3c697c6abb072955d5e2de8c5e5f
Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
|
|
nativesdk-packagegroup-sdk-host
This is required to install app framework sdk tools.
Change-Id: Iad407420fa734c063926d1883c288af387155668
Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
|
|
Change-Id: Ia9c5d33defc23612fda34c01a1f1e7d789c961ad
Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
|