aboutsummaryrefslogtreecommitdiffstats
path: root/meta-app-framework
diff options
context:
space:
mode:
authorRonan Le Martret <ronan.lemartret@iot.bzh>2017-04-19 16:16:03 +0200
committerJan-Simon Moeller <jsmoeller@linuxfoundation.org>2017-05-16 04:51:29 +0000
commit6ca247d19f2a0d7cc0cb1beb8d26c99e7fac337b (patch)
tree33f4ff8ea9e3134bede9ff19ea2d596e437d0209 /meta-app-framework
parent7c227f30c8437d2f5a7b95622d97a86149a716c8 (diff)
Run weston with dedicated 'display' user and group
* Create a user/group display * Allow weston to start without mandatory root user * start weston-terminal for each user Bug-AGL: SPEC-546 Change-Id: Id50acdbf5f7c07d5e0440575d42998b8819b5547 Signed-off-by: Ronan Le Martret <ronan.lemartret@iot.bzh> Reviewed-on: https://gerrit.automotivelinux.org/gerrit/9135 Tested-by: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org> ci-image-build: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org> ci-image-boot-test: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org> Reviewed-by: Dominig ar Foll <dominig.arfoll@fridu.net> Reviewed-by: José Bollo <jobol@nonadev.net> Reviewed-by: Stéphane Desneux <stephane.desneux@iot.bzh> Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
Diffstat (limited to 'meta-app-framework')
-rw-r--r--meta-app-framework/recipes-config/agl-login-manager/agl-login-manager_0.1.bb47
-rw-r--r--meta-app-framework/recipes-config/agl-login-manager/files/agl-user-session.pamd3
-rw-r--r--meta-app-framework/recipes-config/agl-login-manager/files/agl-user-session@.service18
-rw-r--r--meta-app-framework/recipes-config/agl-login-manager/files/user-config.path8
-rw-r--r--meta-app-framework/recipes-config/agl-login-manager/files/user-config.service8
-rw-r--r--meta-app-framework/recipes-config/agl-users/agl-users_0.1.bb11
-rw-r--r--meta-app-framework/recipes-core/af-main/af-main_1.0.bb29
-rw-r--r--meta-app-framework/recipes-graphics/agl-desktop-config/agl-desktop-config_0.1.bb21
-rw-r--r--meta-app-framework/recipes-graphics/agl-desktop-config/files/user-weston-term.path8
-rw-r--r--meta-app-framework/recipes-graphics/agl-desktop-config/files/user-weston-term.service12
10 files changed, 149 insertions, 16 deletions
diff --git a/meta-app-framework/recipes-config/agl-login-manager/agl-login-manager_0.1.bb b/meta-app-framework/recipes-config/agl-login-manager/agl-login-manager_0.1.bb
new file mode 100644
index 000000000..c86838268
--- /dev/null
+++ b/meta-app-framework/recipes-config/agl-login-manager/agl-login-manager_0.1.bb
@@ -0,0 +1,47 @@
+SUMMARY = "AGL Login manager"
+
+LICENSE = "MIT"
+LIC_FILES_CHKSUM = "file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420"
+
+inherit agl-graphical
+
+SRC_URI += " \
+ file://user-config.service \
+ file://user-config.path \
+ file://agl-user-session.pamd \
+ file://agl-user-session@.service \
+"
+
+LOGIN_USER ??="agl-driver agl-passenger"
+
+do_install_append() {
+
+ install -d ${D}${sysconfdir}/pam.d/
+ install -m 0644 ${WORKDIR}/agl-user-session.pamd ${D}${sysconfdir}/pam.d/agl-user-session
+
+ install -d ${D}${systemd_user_unitdir}
+ install -d ${D}${systemd_user_unitdir}/default.target.wants
+ install -m 0644 ${WORKDIR}/user-config.service ${D}${systemd_user_unitdir}
+ install -m 0644 ${WORKDIR}/user-config.path ${D}${systemd_user_unitdir}
+
+ sed -e 's,@DISPLAY_XDG_RUNTIME_DIR@,${DISPLAY_XDG_RUNTIME_DIR},g' \
+ -i ${D}${systemd_user_unitdir}/user-config.service
+ sed -e 's,@DISPLAY_XDG_RUNTIME_DIR@,${DISPLAY_XDG_RUNTIME_DIR},g' \
+ -i ${D}${systemd_user_unitdir}/user-config.path
+
+ ln -sf ${systemd_user_unitdir}/user-config.path ${D}${systemd_user_unitdir}/default.target.wants
+
+ install -d ${D}${systemd_unitdir}/system/
+ install -d ${D}${systemd_unitdir}/system/multi-user.target.wants/
+ install -m 0644 ${WORKDIR}/agl-user-session@.service ${D}${systemd_unitdir}/system/
+
+ for AGL_USER in ${LOGIN_USER};do
+ ln -sf ${systemd_system_unitdir}/agl-user-session@.service ${D}${systemd_unitdir}/system/multi-user.target.wants/agl-user-session@${AGL_USER}.service;
+ done
+}
+
+FILES_${PN} += "${sysconfdir}/pam.d/agl-user-session"
+FILES_${PN} += "${systemd_user_unitdir}/*"
+FILES_${PN} += "${libdir}/systemd/user/default.target.wants/*"
+FILES_${PN} += "${systemd_unitdir}/system/agl-user-session@.service"
+FILES_${PN} += "${systemd_unitdir}/system/multi-user.target.wants/*"
diff --git a/meta-app-framework/recipes-config/agl-login-manager/files/agl-user-session.pamd b/meta-app-framework/recipes-config/agl-login-manager/files/agl-user-session.pamd
new file mode 100644
index 000000000..462c3648b
--- /dev/null
+++ b/meta-app-framework/recipes-config/agl-login-manager/files/agl-user-session.pamd
@@ -0,0 +1,3 @@
+account include common-account
+session required pam_loginuid.so
+session include common-session
diff --git a/meta-app-framework/recipes-config/agl-login-manager/files/agl-user-session@.service b/meta-app-framework/recipes-config/agl-login-manager/files/agl-user-session@.service
new file mode 100644
index 000000000..b128a40c8
--- /dev/null
+++ b/meta-app-framework/recipes-config/agl-login-manager/files/agl-user-session@.service
@@ -0,0 +1,18 @@
+# This file is part of systemd.
+#
+# systemd is free software; you can redistribute it and/or modify it
+# under the terms of the GNU Lesser General Public License as published by
+# the Free Software Foundation; either version 2.1 of the License, or
+# (at your option) any later version.
+
+[Unit]
+Description=User Manager for UID %i
+After=systemd-user-sessions.service
+
+[Service]
+User=%i
+PAMName=agl-user-session
+ExecStart=-/bin/sleep 2147483648
+KillMode=mixed
+Delegate=yes
+TasksMax=infinity
diff --git a/meta-app-framework/recipes-config/agl-login-manager/files/user-config.path b/meta-app-framework/recipes-config/agl-login-manager/files/user-config.path
new file mode 100644
index 000000000..07f61f646
--- /dev/null
+++ b/meta-app-framework/recipes-config/agl-login-manager/files/user-config.path
@@ -0,0 +1,8 @@
+[Unit]
+Description=AGL user config unit path
+
+[Path]
+PathExists=@DISPLAY_XDG_RUNTIME_DIR@/wayland-0
+
+[Install]
+WantedBy=default.target
diff --git a/meta-app-framework/recipes-config/agl-login-manager/files/user-config.service b/meta-app-framework/recipes-config/agl-login-manager/files/user-config.service
new file mode 100644
index 000000000..0bf37fb4b
--- /dev/null
+++ b/meta-app-framework/recipes-config/agl-login-manager/files/user-config.service
@@ -0,0 +1,8 @@
+[Unit]
+Description=AGL user config
+
+[Service]
+ExecStart=/bin/ln -sf @DISPLAY_XDG_RUNTIME_DIR@/wayland-0 %t/
+
+[Install]
+WantedBy=default.target
diff --git a/meta-app-framework/recipes-config/agl-users/agl-users_0.1.bb b/meta-app-framework/recipes-config/agl-users/agl-users_0.1.bb
index 832c51c99..f98888d28 100644
--- a/meta-app-framework/recipes-config/agl-users/agl-users_0.1.bb
+++ b/meta-app-framework/recipes-config/agl-users/agl-users_0.1.bb
@@ -7,15 +7,14 @@ DESCRIPTION = "This is a core framework component that\
LICENSE = "MIT"
LIC_FILES_CHKSUM = "file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420"
-
-SRC_URI = ""
-
ALLOW_EMPTY_${PN} = "1"
USERADD_PACKAGES = "${PN}"
+GROUPADD_PARAM_${PN} = " --system display ; --system weston-launch"
+
USERADD_PARAM_${PN} = "\
- -g users -d /home/agl-driver -m -K PASS_MAX_DAYS=-1 agl-driver ; \
- -g users -d /home/agl-passenger -m -K PASS_MAX_DAYS=-1 agl-passenger \
+ -g users -G display -d /home/agl-driver -m -K PASS_MAX_DAYS=-1 agl-driver ; \
+ -g users -G display -d /home/agl-passenger -m -K PASS_MAX_DAYS=-1 agl-passenger ; \
+ --gid display --groups weston-launch,video,input --home-dir /run/platform/display --shell /bin/false --comment \"Display daemon\" --key PASS_MAX_DAYS=-1 display \
"
-
diff --git a/meta-app-framework/recipes-core/af-main/af-main_1.0.bb b/meta-app-framework/recipes-core/af-main/af-main_1.0.bb
index 153be3acf..5cc574086 100644
--- a/meta-app-framework/recipes-core/af-main/af-main_1.0.bb
+++ b/meta-app-framework/recipes-core/af-main/af-main_1.0.bb
@@ -76,27 +76,37 @@ do_install_append_class-target() {
}
do_install_append_porter() {
- echo "LD_PRELOAD=/usr/lib/libEGL.so" > ${D}${afm_confdir}/unit.env.d/preload-libEGL
+ echo "LD_PRELOAD=/usr/lib/libEGL.so" > ${D}${afm_confdir}/unit.env.d/preload-libEGL
}
pkg_postinst_${PN}() {
if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then
- chgrp ${afm_name} $D${systemd_units_root}/{system,user}/{default.target.wants,.}
+ for SYS in "system" "user";do
+ for DEST in "default.target.wants" ".";do
+ chgrp ${afm_name} $D${systemd_units_root}/${SYS}/${DEST};
+ done
+ done
fi
- chown ${afm_name}:${afm_name} $D${afm_datadir}/{applications,icons,.}
+ for DEST in "applications" "icons" ".";do
+ chown ${afm_name}:${afm_name} $D${afm_datadir}/${DEST};
+ done
setcap cap_mac_override,cap_dac_override=ep $D${bindir}/afm-system-daemon
- setcap cap_mac_override,cap_mac_admin,cap_setgid=ep $D${bindir}/afm-user-daemon
}
pkg_postinst_${PN}_smack() {
if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then
- chgrp ${afm_name} $D${systemd_units_root}/{system,user}/{default.target.wants,.}
- chsmack -a 'System::Shared' -t $D${systemd_units_root}/{system,user}/{default.target.wants,.}
+ for SYS in "system" "user";do
+ for DEST in "default.target.wants" ".";do
+ chgrp ${afm_name} $D${systemd_units_root}/${SYS}/${DEST};
+ chsmack -a 'System::Shared' -t $D${systemd_units_root}/${SYS}/${DEST};
+ done
+ done
fi
- chown ${afm_name}:${afm_name} $D${afm_datadir}/{applications,icons,.}
- chsmack -a 'System::Shared' -t $D${afm_datadir}/{applications,icons,.}
+ for DEST in "applications" "icons" ".";do
+ chown ${afm_name}:${afm_name} $D${afm_datadir}/${DEST};
+ chsmack -a 'System::Shared' -t $D${afm_datadir}/${DEST};
+ done
setcap cap_mac_override,cap_dac_override=ep $D${bindir}/afm-system-daemon
- setcap cap_mac_override,cap_mac_admin,cap_setgid=ep $D${bindir}/afm-user-daemon
}
FILES_${PN} += " ${systemd_units_root} "
@@ -107,4 +117,3 @@ FILES_${PN}-binding-dbg = " ${afb_binding_dir}/.debug/afm-main-binding.so "
PACKAGES =+ "${PN}-tools ${PN}-tools-dbg"
FILES_${PN}-tools = "${bindir}/wgtpkg-*"
FILES_${PN}-tools-dbg = "${bindir}/.debug/wgtpkg-*"
-
diff --git a/meta-app-framework/recipes-graphics/agl-desktop-config/agl-desktop-config_0.1.bb b/meta-app-framework/recipes-graphics/agl-desktop-config/agl-desktop-config_0.1.bb
new file mode 100644
index 000000000..e0358d615
--- /dev/null
+++ b/meta-app-framework/recipes-graphics/agl-desktop-config/agl-desktop-config_0.1.bb
@@ -0,0 +1,21 @@
+SUMMARY = "AGL desktop config"
+
+LICENSE = "MIT"
+LIC_FILES_CHKSUM = "file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420"
+
+SRC_URI += " \
+ file://user-weston-term.service \
+ file://user-weston-term.path \
+"
+
+do_install_append() {
+ install -d ${D}${systemd_user_unitdir}
+ install -m 0644 ${WORKDIR}/user-weston-term.service ${D}${systemd_user_unitdir}
+ install -m 0644 ${WORKDIR}/user-weston-term.path ${D}${systemd_user_unitdir}
+
+ install -d ${D}${systemd_user_unitdir}/default.target.wants
+ ln -sf ${systemd_user_unitdir}/user-weston-term.path ${D}${libdir}/systemd/user/default.target.wants
+}
+
+FILES_${PN} += "${systemd_user_unitdir}/*"
+FILES_${PN} += "${systemd_user_unitdir}/default.target.wants/default.target.wants"
diff --git a/meta-app-framework/recipes-graphics/agl-desktop-config/files/user-weston-term.path b/meta-app-framework/recipes-graphics/agl-desktop-config/files/user-weston-term.path
new file mode 100644
index 000000000..9481840e5
--- /dev/null
+++ b/meta-app-framework/recipes-graphics/agl-desktop-config/files/user-weston-term.path
@@ -0,0 +1,8 @@
+[Unit]
+Description=Terminal for weston user unit path
+
+[Path]
+PathExists=%t/wayland-0
+
+[Install]
+WantedBy=default.target
diff --git a/meta-app-framework/recipes-graphics/agl-desktop-config/files/user-weston-term.service b/meta-app-framework/recipes-graphics/agl-desktop-config/files/user-weston-term.service
new file mode 100644
index 000000000..ad8b9583b
--- /dev/null
+++ b/meta-app-framework/recipes-graphics/agl-desktop-config/files/user-weston-term.service
@@ -0,0 +1,12 @@
+[Unit]
+Description=Terminal for weston user
+After=user-config.service
+Requires=user-config.service
+
+[Service]
+Type=simple
+ExecStart=/usr/bin/weston-terminal
+Restart=always
+
+[Install]
+WantedBy=multi-user.target