diff options
Diffstat (limited to 'meta-app-framework/recipes-core')
4 files changed, 33 insertions, 5 deletions
diff --git a/meta-app-framework/recipes-core/applaunchd/applaunchd/agl-app@.service b/meta-app-framework/recipes-core/applaunchd/applaunchd/agl-app@.service new file mode 100644 index 000000000..c8361fa0a --- /dev/null +++ b/meta-app-framework/recipes-core/applaunchd/applaunchd/agl-app@.service @@ -0,0 +1,8 @@ +[Unit] +Description=Sandboxed %I + +[Service] +Type=simple +User=agl-driver +ExecStart=%i +Environment=XDG_RUNTIME_DIR=/run/user/1001/ diff --git a/meta-app-framework/recipes-core/applaunchd/applaunchd/no-network.conf b/meta-app-framework/recipes-core/applaunchd/applaunchd/no-network.conf new file mode 100644 index 000000000..c7c4f8a31 --- /dev/null +++ b/meta-app-framework/recipes-core/applaunchd/applaunchd/no-network.conf @@ -0,0 +1,2 @@ +[Service] +PrivateNetwork=true diff --git a/meta-app-framework/recipes-core/applaunchd/applaunchd/private-tmp.conf b/meta-app-framework/recipes-core/applaunchd/applaunchd/private-tmp.conf new file mode 100644 index 000000000..0bdba7c99 --- /dev/null +++ b/meta-app-framework/recipes-core/applaunchd/applaunchd/private-tmp.conf @@ -0,0 +1,2 @@ +[Service] +PrivateTmp=yes diff --git a/meta-app-framework/recipes-core/applaunchd/applaunchd_git.bb b/meta-app-framework/recipes-core/applaunchd/applaunchd_git.bb index 2457b67d1..5c2036a78 100644 --- a/meta-app-framework/recipes-core/applaunchd/applaunchd_git.bb +++ b/meta-app-framework/recipes-core/applaunchd/applaunchd_git.bb @@ -8,21 +8,37 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=ae6497158920d9524cf208c09cc4c984" DEPENDS = " \ glib-2.0 \ glib-2.0-native \ + systemd \ " -PV = "1.0+git${SRCPV}" +PV = "2.0+git${SRCPV}" SRC_URI = " \ - git://gerrit.automotivelinux.org/gerrit/src/applaunchd;protocol=https;branch=${AGL_BRANCH} \ - " -SRCREV = "c84836ec5ddaf2d0e91c46713475c35652bb540f" + git://gerrit.automotivelinux.org/gerrit/src/applaunchd;protocol=https;branch=${AGL_BRANCH} \ + file://agl-app@.service \ + file://no-network.conf \ + file://private-tmp.conf \ +" +SRCREV = "efbd734aca8b813710d7564d79696b1cf150a88c" -S = "${WORKDIR}/git" +S = "${WORKDIR}/git" inherit meson pkgconfig +do_install:append() { + # Install generic template for all agl-app services + mkdir -p ${D}${sysconfdir}/systemd/system/ + install -m 644 ${WORKDIR}/agl-app@.service ${D}${sysconfdir}/systemd/system/ + + # Install individual sandboxing overrides/drop-ins to be used by apps + mkdir -p ${D}${sysconfdir}/systemd/sandboxing/ + install -m 644 ${WORKDIR}/no-network.conf ${D}${sysconfdir}/systemd/sandboxing/ + install -m 644 ${WORKDIR}/private-tmp.conf ${D}${sysconfdir}/systemd/sandboxing/ +} + FILES:${PN} += " ${datadir}/dbus-1/" RDEPENDS:${PN} += " \ agl-session \ + polkit-rule-agl-app \ " |