diff options
author | Stephane Desneux <stephane.desneux@iot.bzh> | 2016-06-23 16:00:59 +0000 |
---|---|---|
committer | Stephane Desneux <stephane.desneux@iot.bzh> | 2017-03-27 15:33:39 +0200 |
commit | 1ac5c704bb4b7fd72d9e382ccf23f4d186da0f86 (patch) | |
tree | f5df879594fb92d3c02c05ed240cbcfcc0e70c39 /meta-app-framework/recipes-core/af-main | |
parent | 5875cc45a671b1a3e7671ec84ec6ebb1ab17696a (diff) |
add layer meta-app-framework
meta-app-framework is a layer containing the AGL App Framework recipes
4 new layers are added for application framework:
* meta-intel-iot-security/meta-security-smack
* meta-intel-iot-security/meta-security-framework
* meta-agl/meta-agl-security
* meta-agl/meta-app-framework
Configuration file changes to support AppFw:
* activation of Smack and Cynara
* modify the tar command to be used to support Smack extended attributes
Change-Id: Idc8abdc8869787feb4b534ee45bf7b5d3dde3632
Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
Diffstat (limited to 'meta-app-framework/recipes-core/af-main')
-rw-r--r-- | meta-app-framework/recipes-core/af-main/af-main/Hack-to-allow-the-debugging.patch | 29 | ||||
-rw-r--r-- | meta-app-framework/recipes-core/af-main/af-main_1.0.bb | 95 |
2 files changed, 124 insertions, 0 deletions
diff --git a/meta-app-framework/recipes-core/af-main/af-main/Hack-to-allow-the-debugging.patch b/meta-app-framework/recipes-core/af-main/af-main/Hack-to-allow-the-debugging.patch new file mode 100644 index 000000000..44e8bce1e --- /dev/null +++ b/meta-app-framework/recipes-core/af-main/af-main/Hack-to-allow-the-debugging.patch @@ -0,0 +1,29 @@ +From a4fbfb88f1b7c4f4287d9279767220fae80d26da Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Jos=C3=A9=20Bollo?= <jose.bollo@iot.bzh> +Date: Thu, 21 Jan 2016 15:07:29 +0100 +Subject: [PATCH] Hack to allow the debugging + +This is a temporarily fix to continue debugging +afm-main. This should be removed later. + +Change-Id: I2f10f0cb1fce2ee30bd0754ad2e7bc8e2f6513aa +--- + conf/afm-user-daemon.conf | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/conf/afm-user-daemon.conf b/conf/afm-user-daemon.conf +index 801c7ae..98a3152 100644 +--- a/conf/afm-user-daemon.conf ++++ b/conf/afm-user-daemon.conf +@@ -25,7 +25,7 @@ + </policy> + + <policy context="default"> +- <deny own="org.AGL.afm.user"/> ++ <allow own="org.AGL.afm.user"/> + <allow send_destination="org.AGL.afm.system"/> + </policy> + +-- +2.1.4 + diff --git a/meta-app-framework/recipes-core/af-main/af-main_1.0.bb b/meta-app-framework/recipes-core/af-main/af-main_1.0.bb new file mode 100644 index 000000000..a29b071ac --- /dev/null +++ b/meta-app-framework/recipes-core/af-main/af-main_1.0.bb @@ -0,0 +1,95 @@ +# NOTE: using libcap-native and setcap in install doesn't work +# NOTE: there is no SYSTEMD_USER_SERVICE_... +# NOTE: maybe setting afm_name to agl-framework is cleaner but has implications +# NOTE: there is a hack of security for using groups and dbus (to be checked) +# NOTE: using ZIP programs creates directories with mode 777 (very bad) + +inherit cmake pkgconfig useradd systemd + +SUMMARY = "AGL Framework Main part" +DESCRIPTION = "\ +This is a core framework component for managing \ +applications, widgets, and components. \ +" + +HOMEPAGE = "https://gerrit.automotivelinux.org/gerrit/#/admin/projects/src/app-framework-main" +LICENSE = "Apache-2.0" +LIC_FILES_CHKSUM = "file://COPYING;md5=3b83ef96387f14655fc854ddc3c6bd57" + +SRC_URI_git = "git://gerrit.automotivelinux.org/gerrit/src/app-framework-main;protocol=https;branch=1.0" +SRC_URI_files = "" +SRC_URI = "${SRC_URI_git} \ + ${SRC_URI_files} \ + " + +SRCREV = "d0fdae3af6998efdce4c6ba0c5d650898c9c5b27" + +SECTION = "base" + +S = "${WORKDIR}/git" + +DEPENDS = "openssl libxml2 xmlsec1 systemd libzip json-c security-manager libcap-native af-binder" + +afm_name = "afm" +afm_confdir = "${sysconfdir}/${afm_name}" +afm_datadir = "${datadir}/${afm_name}" +afb_plugin_dir = "${libdir}/afb" + +EXTRA_OECMAKE = "\ + -DUSE_LIBZIP=1 \ + -DUSE_SIMULATION=0 \ + -Dafm_name=${afm_name} \ + -Dafm_confdir=${afm_confdir} \ + -Dafm_datadir=${afm_datadir} \ + -DUNITDIR_USER=${systemd_user_unitdir} \ + -DUNITDIR_SYSTEM=${systemd_system_unitdir} \ +" + +USERADD_PACKAGES = "${PN}" +USERADD_PARAM_${PN} = "-g ${afm_name} -d ${afm_datadir} -r ${afm_name}" +GROUPADD_PARAM_${PN} = "-r ${afm_name}" + +SYSTEMD_SERVICE_${PN} = "afm-system-daemon.service" +SYSTEMD_AUTO_ENABLE = "enable" + +FILES_${PN} += "\ + ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '${systemd_user_unitdir}/afm-user-daemon.service', '', d)} \ +" + +RDEPENDS_${PN}_append_smack = " smack-userspace" +DEPENDS_append_smack = " smack-userspace-native" + +# short hack here +SRC_URI += " file://Hack-to-allow-the-debugging.patch" + +do_install_append() { + if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then + mkdir -p ${D}${sysconfdir}/systemd/user/default.target.wants + ln -sf ${systemd_user_unitdir}/afm-user-daemon.service ${D}${sysconfdir}/systemd/user/default.target.wants + fi +} + +pkg_postinst_${PN}() { + mkdir -p $D${afm_datadir}/applications $D${afm_datadir}/icons + setcap cap_mac_override,cap_dac_override=ie $D${bindir}/afm-system-daemon + setcap cap_mac_override,cap_mac_admin,cap_setgid=ie $D${bindir}/afm-user-daemon +} + +pkg_postinst_${PN}_smack() { + mkdir -p $D${afm_datadir}/applications $D${afm_datadir}/icons + chown ${afm_name}:${afm_name} $D${afm_datadir} $D${afm_datadir}/applications $D${afm_datadir}/icons + chsmack -a 'System::Shared' -t $D${afm_datadir} $D${afm_datadir}/applications $D${afm_datadir}/icons + setcap cap_mac_override,cap_dac_override=ie $D${bindir}/afm-system-daemon + setcap cap_mac_override,cap_mac_admin,cap_setgid=ie $D${bindir}/afm-user-daemon +} + +PACKAGES =+ "${PN}-afbplugin ${PN}-afbplugin-dbg" +FILES_${PN}-afbplugin = " ${afb_plugin_dir}/afm-main-plugin.so " +FILES_${PN}-afbplugin-dbg = " ${afb_plugin_dir}/.debug/afm-main-plugin.so " + +PACKAGES =+ "${PN}-tools ${PN}-tools-dbg" +FILES_${PN}-tools = "${bindir}/wgtpkg-*" +FILES_${PN}-tools-dbg = "${bindir}/.debug/wgtpkg-*" + +BBCLASSEXTEND = "native nativesdk" + |