summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--meta-app-framework/recipes-core/applaunchd/applaunchd/agl-app@.service8
-rw-r--r--meta-app-framework/recipes-core/applaunchd/applaunchd/no-network.conf2
-rw-r--r--meta-app-framework/recipes-core/applaunchd/applaunchd/private-tmp.conf2
-rw-r--r--meta-app-framework/recipes-core/applaunchd/applaunchd_git.bb26
4 files changed, 33 insertions, 5 deletions
diff --git a/meta-app-framework/recipes-core/applaunchd/applaunchd/agl-app@.service b/meta-app-framework/recipes-core/applaunchd/applaunchd/agl-app@.service
new file mode 100644
index 000000000..c8361fa0a
--- /dev/null
+++ b/meta-app-framework/recipes-core/applaunchd/applaunchd/agl-app@.service
@@ -0,0 +1,8 @@
+[Unit]
+Description=Sandboxed %I
+
+[Service]
+Type=simple
+User=agl-driver
+ExecStart=%i
+Environment=XDG_RUNTIME_DIR=/run/user/1001/
diff --git a/meta-app-framework/recipes-core/applaunchd/applaunchd/no-network.conf b/meta-app-framework/recipes-core/applaunchd/applaunchd/no-network.conf
new file mode 100644
index 000000000..c7c4f8a31
--- /dev/null
+++ b/meta-app-framework/recipes-core/applaunchd/applaunchd/no-network.conf
@@ -0,0 +1,2 @@
+[Service]
+PrivateNetwork=true
diff --git a/meta-app-framework/recipes-core/applaunchd/applaunchd/private-tmp.conf b/meta-app-framework/recipes-core/applaunchd/applaunchd/private-tmp.conf
new file mode 100644
index 000000000..0bdba7c99
--- /dev/null
+++ b/meta-app-framework/recipes-core/applaunchd/applaunchd/private-tmp.conf
@@ -0,0 +1,2 @@
+[Service]
+PrivateTmp=yes
diff --git a/meta-app-framework/recipes-core/applaunchd/applaunchd_git.bb b/meta-app-framework/recipes-core/applaunchd/applaunchd_git.bb
index 2457b67d1..5c2036a78 100644
--- a/meta-app-framework/recipes-core/applaunchd/applaunchd_git.bb
+++ b/meta-app-framework/recipes-core/applaunchd/applaunchd_git.bb
@@ -8,21 +8,37 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=ae6497158920d9524cf208c09cc4c984"
DEPENDS = " \
glib-2.0 \
glib-2.0-native \
+ systemd \
"
-PV = "1.0+git${SRCPV}"
+PV = "2.0+git${SRCPV}"
SRC_URI = " \
- git://gerrit.automotivelinux.org/gerrit/src/applaunchd;protocol=https;branch=${AGL_BRANCH} \
- "
-SRCREV = "c84836ec5ddaf2d0e91c46713475c35652bb540f"
+ git://gerrit.automotivelinux.org/gerrit/src/applaunchd;protocol=https;branch=${AGL_BRANCH} \
+ file://agl-app@.service \
+ file://no-network.conf \
+ file://private-tmp.conf \
+"
+SRCREV = "efbd734aca8b813710d7564d79696b1cf150a88c"
-S = "${WORKDIR}/git"
+S = "${WORKDIR}/git"
inherit meson pkgconfig
+do_install:append() {
+ # Install generic template for all agl-app services
+ mkdir -p ${D}${sysconfdir}/systemd/system/
+ install -m 644 ${WORKDIR}/agl-app@.service ${D}${sysconfdir}/systemd/system/
+
+ # Install individual sandboxing overrides/drop-ins to be used by apps
+ mkdir -p ${D}${sysconfdir}/systemd/sandboxing/
+ install -m 644 ${WORKDIR}/no-network.conf ${D}${sysconfdir}/systemd/sandboxing/
+ install -m 644 ${WORKDIR}/private-tmp.conf ${D}${sysconfdir}/systemd/sandboxing/
+}
+
FILES:${PN} += " ${datadir}/dbus-1/"
RDEPENDS:${PN} += " \
agl-session \
+ polkit-rule-agl-app \
"