summaryrefslogtreecommitdiffstats
path: root/meta-app-framework/conf/include/agl-appfw-smack.inc
AgeCommit message (Collapse)AuthorFilesLines
2018-04-04dbus-cynara: Avoid dependency loopJosé Bollo1-1/+1
The dependency loop appeared when compiling with DISTRO_FEATURE ptest. To avoid it, I restore the logic implemented before in meta-intel-iot-security. I also remove unless files. Bug-AGL: SPEC-1334 Change-Id: Ibe8b9359a65fec034df2534c5fceb4769e63aa99 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2018-02-13dbus-cynara: Upgrade to 1.10.20José Bollo1-1/+1
The main patches from dbus to make it cynara aware are cherry-picked on top of the dbus 1.10.20 that is the upstream version for rocko. Change-Id: Ib7b07f335543cb56c4c96ef8f55305e61bc69b5c Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2018-02-13Rename smack OVERRIDE to with-lsm-smackJosé Bollo1-1/+1
Using the OVERRIDE "smack" came with the use of the layer meta-intel-iot-security. When switching to meta-security, it conflicts with the package name 'smack' that provide the smack user library. Yocto was reporting the following error: ERROR: .../meta-security/recipes-security/smack/smack_1.3.0.bb: QA Issue: Recipe .../meta-security/recipes-security/smack/smack_1.3.0.bb has PN of "smack" which is in OVERRIDES, this can result in unexpected behaviour. [pn-overrides] Change-Id: Id71b283bf1ce5682bd94bf96595eb32506acb1d5 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2018-02-13agl-appfw-smack.inc: remove IMAGE_DEPENDSChanghyeok Bae1-1/+1
IMAGE_DEPENDS is removed in oe-core. (Poky rev: f93d58378fb4095a18c1403de03ca0e13ce465cd) (OE-Core rev: c5f33d466122e53be910fa448af60ef3937eb828) Bug-AGL: SPEC-1181 Change-Id: Id2605ac13b80f8096261f186c3d28eb1d165e2c4 Signed-off-by: Changhyeok Bae <changhyeok.bae@gmail.com>
2017-11-30agl-users: Use UID for HOME directories and loginsJosé Bollo1-0/+2
While dealing with systemd as a launcher, it appeared a limitation. If the template argument of units is used to designate the user it can not be different that the UID as a number because systemd enforce XDG_RUNTIME_DIR to be /run/user/<UID>. Thus using UID is the way to go to use template mechanic of systemd and use systemd as launcher. This is of importance because we don't expect systemd user to have full capabilities. Instead the framework will continue to leverage systemd launching mechanism but at a system level, with full capabilities but wil only allow user applications to deal with systemd --user. This impose to use UID as template parameters. The problem is then to set the user directory to the correct value knowing only the UID and using only possibilities of units. The only way is to have user home directories of the form /SOMETHING/<UID> (where SOMETHING is merely "home"). This can be achieved either by setting a symbolic link (hard link tto directories are forbidden) or by simply using the scheme /home/UID in all cases. At the end, users within AGL will not receive nick names but will receive allocated UID. So, at the end, it is not a problem to use the regular naming scheme /home/UID, a scheme that will probably never be seen except by tools or experts. This patch implement this choice. Change-Id: I225958fa627894cb966f52a06ebd8a914058d429 Signed-off-by: José Bollo <jose.bollo@iot.bzh> Reviewed-on: https://gerrit.automotivelinux.org/gerrit/12137 Tested-by: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org> ci-image-build: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org> Reviewed-by: Stéphane Desneux <stephane.desneux@iot.bzh> Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2017-10-13Revert "app-framework/conf: Remove PACKAGECONFIG of shadow"José Bollo1-0/+4
This reverts commit 48de89fbf1c66370d15c87b9dcab5371f180e5a4. Bug-AGL: SPEC-475 Change-Id: I28cd41391d207b59d74d2ff661e5981b9947c715 Signed-off-by: José Bollo <jose.bollo@iot.bzh> Reviewed-on: https://gerrit.automotivelinux.org/gerrit/11287 Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Tested-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2017-10-11app-framework/conf: Remove PACKAGECONFIG of shadowJosé Bollo1-4/+0
Setting of 'attr' isn't needed since AGL switched to version "pyro" of poky. Bug-AGL: SPEC-475 Change-Id: Ifcc1d62c5f0ef4472b2bd43680f31bc09c44191d Signed-off-by: José Bollo <jose.bollo@iot.bzh> Reviewed-on: https://gerrit.automotivelinux.org/gerrit/11221 ci-image-build: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org> Tested-by: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org> ci-image-boot-test: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org> Reviewed-by: Stéphane Desneux <stephane.desneux@iot.bzh> Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2017-03-27Ensure that eXtended Attributes are managedJosé Bollo1-2/+6
Common tools like 'useradd' work better in a Smacked context when the extended attributes are correctly managed. This is achieved by enforcing extended attributes "xattr" to be in DISTRO_FEATURES. When the commit 1c3eae5e654b7942b3ffd0b53426ca77219cec03 of poky will be integrated in the upstream of AGL (pyro), it will be possible to removes the 3 last lines of meta-app-framework/conf/include/agl-appfw-smack.inc that explicitely activate the handling of extended attributes for the package "shadow". See SPEC-475. Change-Id: I299e68a34e7e49b33f1046aa99d255655fa2ffcc Signed-off-by: José Bollo <jose.bollo@iot.bzh> Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
2017-03-27Move feature code into the meta recipesRonan1-0/+12
* Having a minimlal local.conf serving the only purpose of user customization is the "Yocto" way of doing things * After a source synchronization (repo sync), feature code must be update without regenerate local.conf * move feature/agl-demo to meta-agl-demo Change-Id: I6db3956da8091bf583b20fce7dc184bfe622a85a Signed-off-by: Ronan <ronan.lemartret@iot.bzh> Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>