summaryrefslogtreecommitdiffstats
path: root/meta-app-framework/conf/include/agl-appfw-smack.inc
AgeCommit message (Collapse)AuthorFilesLines
2021-11-20Convert to new override syntaxScott Murray1-5/+5
This is effectively a manual cherry-pick and squash of commits: dd6fc5dcaa0a027b7651bb365d5dd0f623498f8f 917a82316bf53ead29d6345a39189d9e4efeef25 20e81c0a9d36660de671dd5ac2e006e31c0e621b from the master branch with additional review and fixups. The intent of these changes is to minimize the effort to backport fixes from the master branch, which has been updated in preparation for the switch to the next Yocto LTS release in early 2022. Bug-AGL: SPEC-4144 Signed-off-by: Scott Murray <scott.murray@konsulko.com> Change-Id: I91c1640c6335d7748a2531d2fe8bf86d2d2aee32 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/26876 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2020-12-17SPEC-3723: restructure meta-aglJan-Simon Moeller1-0/+5
Goal is to reach a minimal meta-agl-core as base for IVI and IC work at the same time. Trim dependencies and move most 'demo' related recipes to meta-agl-demo. v2: changed to bbapend + .inc , added description v3: testbuild of all images v4: restore -test packagegroup and -qa images, compare manifests and adapt packagegroups. v5: rebased v6: merged meta-agl-distro into meta-agl-core, due to dependency on meta-oe, moved -test packagegroup and -qa images to own layer meta-agl-core-test v7: Fixed comments from Paul Barker v8: Update the markdown files v9: restore wayland/weston/agl-compositor recipes/appends, reworked to move app f/w specific changes to bbappends in meta-app-framework and only demo specific weston-init changes to meta-agl-demo v10: fix s/agldemo/aglcore/ missed in weston-init.bbappend Description: This patch is part 1 out of 2 large patches that implement the layer rework discussed during the previous workshop. Essentially meta-agl-core is the small but versatile new core layer of AGL serving as basis for the work done by the IC and IVI EGs. All demo related work is moved to meta-agl-demo in the 2nd patchset. This should be applied together as atomic change. The resulting meta-agl/* follows these guidelines: - only bsp adaptations in meta-agl-bsp - remove the agl-profile-* layers for simplicity -- the packagegroup-agl(-profile)-graphical and so on have been kept in meta-agl-demo - meta-agl-profile-core is now meta-agl-core - meta-agl-core does pass yocto-check-layer -- therefore use the bbappend + conditional + .inc file construct found in meta-virtualization - meta-agl/meta-security has been merged into meta-agl/meta-app-framework - meta-netboot does pass yocto-check-layer - meta-pipewire does pass yocto-check-layer Migration: All packagegroups are preserved but they're now enabled by 'agl-demo'. Bug-AGL: SPEC-3723 Signed-off-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Signed-off-by: Scott Murray <scott.murray@konsulko.com> Change-Id: Ia6c6e5e6ce2b4ffa69ea94959cdc57c310ba7c53 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/25769
2020-04-27meta-app-framework: set DISTRO_FEATURES_NATIVEScott Murray1-0/+1
Add smack and xattr features to DISTRO_FEATURES_NATIVE to make base-files-native build happy in dunfell. Bug-AGL: SPEC-3302 Signed-off-by: Scott Murray <scott.murray@konsulko.com> Change-Id: I9f65c575b4a98c78dcbe1561a00d5d0b43e757fe
2019-11-07Cynagora: Replace cynara with cynagoraJosé Bollo1-1/+1
Shift from the permission database cynara to cynagora permission database with a compatibility library. The cache size required by dbus-cynara is updated because that size is now a count of bytes, not a count of entries. Bug-AGL: SPEC-2844 Change-Id: I9a81de6e3b8bcb94adc0bb05c63183c2eda3f310 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2019-08-16dbus-cynara: Simplifies build recipeJosé Bollo1-1/+1
Simplifies the way of building dbus-cynara by removing the specific recipes in favour of a recipe for dbus that handles the class-target build feature. It requires to remove fake dependencies of cynara. This is a suggestion of Tom Rini. Bug-AGL: SPEC-1839 Change-Id: Id7a736eb4b73cdb679fa9dde30e9ad8e56c2894e Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2018-04-04dbus-cynara: Avoid dependency loopJosé Bollo1-1/+1
The dependency loop appeared when compiling with DISTRO_FEATURE ptest. To avoid it, I restore the logic implemented before in meta-intel-iot-security. I also remove unless files. Bug-AGL: SPEC-1334 Change-Id: Ibe8b9359a65fec034df2534c5fceb4769e63aa99 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2018-02-13dbus-cynara: Upgrade to 1.10.20José Bollo1-1/+1
The main patches from dbus to make it cynara aware are cherry-picked on top of the dbus 1.10.20 that is the upstream version for rocko. Change-Id: Ib7b07f335543cb56c4c96ef8f55305e61bc69b5c Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2018-02-13Rename smack OVERRIDE to with-lsm-smackJosé Bollo1-1/+1
Using the OVERRIDE "smack" came with the use of the layer meta-intel-iot-security. When switching to meta-security, it conflicts with the package name 'smack' that provide the smack user library. Yocto was reporting the following error: ERROR: .../meta-security/recipes-security/smack/smack_1.3.0.bb: QA Issue: Recipe .../meta-security/recipes-security/smack/smack_1.3.0.bb has PN of "smack" which is in OVERRIDES, this can result in unexpected behaviour. [pn-overrides] Change-Id: Id71b283bf1ce5682bd94bf96595eb32506acb1d5 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2018-02-13agl-appfw-smack.inc: remove IMAGE_DEPENDSChanghyeok Bae1-1/+1
IMAGE_DEPENDS is removed in oe-core. (Poky rev: f93d58378fb4095a18c1403de03ca0e13ce465cd) (OE-Core rev: c5f33d466122e53be910fa448af60ef3937eb828) Bug-AGL: SPEC-1181 Change-Id: Id2605ac13b80f8096261f186c3d28eb1d165e2c4 Signed-off-by: Changhyeok Bae <changhyeok.bae@gmail.com>
2017-11-30agl-users: Use UID for HOME directories and loginsJosé Bollo1-0/+2
While dealing with systemd as a launcher, it appeared a limitation. If the template argument of units is used to designate the user it can not be different that the UID as a number because systemd enforce XDG_RUNTIME_DIR to be /run/user/<UID>. Thus using UID is the way to go to use template mechanic of systemd and use systemd as launcher. This is of importance because we don't expect systemd user to have full capabilities. Instead the framework will continue to leverage systemd launching mechanism but at a system level, with full capabilities but wil only allow user applications to deal with systemd --user. This impose to use UID as template parameters. The problem is then to set the user directory to the correct value knowing only the UID and using only possibilities of units. The only way is to have user home directories of the form /SOMETHING/<UID> (where SOMETHING is merely "home"). This can be achieved either by setting a symbolic link (hard link tto directories are forbidden) or by simply using the scheme /home/UID in all cases. At the end, users within AGL will not receive nick names but will receive allocated UID. So, at the end, it is not a problem to use the regular naming scheme /home/UID, a scheme that will probably never be seen except by tools or experts. This patch implement this choice. Change-Id: I225958fa627894cb966f52a06ebd8a914058d429 Signed-off-by: José Bollo <jose.bollo@iot.bzh> Reviewed-on: https://gerrit.automotivelinux.org/gerrit/12137 Tested-by: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org> ci-image-build: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org> Reviewed-by: Stéphane Desneux <stephane.desneux@iot.bzh> Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2017-10-13Revert "app-framework/conf: Remove PACKAGECONFIG of shadow"José Bollo1-0/+4
This reverts commit 48de89fbf1c66370d15c87b9dcab5371f180e5a4. Bug-AGL: SPEC-475 Change-Id: I28cd41391d207b59d74d2ff661e5981b9947c715 Signed-off-by: José Bollo <jose.bollo@iot.bzh> Reviewed-on: https://gerrit.automotivelinux.org/gerrit/11287 Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Tested-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2017-10-11app-framework/conf: Remove PACKAGECONFIG of shadowJosé Bollo1-4/+0
Setting of 'attr' isn't needed since AGL switched to version "pyro" of poky. Bug-AGL: SPEC-475 Change-Id: Ifcc1d62c5f0ef4472b2bd43680f31bc09c44191d Signed-off-by: José Bollo <jose.bollo@iot.bzh> Reviewed-on: https://gerrit.automotivelinux.org/gerrit/11221 ci-image-build: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org> Tested-by: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org> ci-image-boot-test: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org> Reviewed-by: Stéphane Desneux <stephane.desneux@iot.bzh> Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2017-03-27Ensure that eXtended Attributes are managedJosé Bollo1-2/+6
Common tools like 'useradd' work better in a Smacked context when the extended attributes are correctly managed. This is achieved by enforcing extended attributes "xattr" to be in DISTRO_FEATURES. When the commit 1c3eae5e654b7942b3ffd0b53426ca77219cec03 of poky will be integrated in the upstream of AGL (pyro), it will be possible to removes the 3 last lines of meta-app-framework/conf/include/agl-appfw-smack.inc that explicitely activate the handling of extended attributes for the package "shadow". See SPEC-475. Change-Id: I299e68a34e7e49b33f1046aa99d255655fa2ffcc Signed-off-by: José Bollo <jose.bollo@iot.bzh> Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
2017-03-27Move feature code into the meta recipesRonan1-0/+12
* Having a minimlal local.conf serving the only purpose of user customization is the "Yocto" way of doing things * After a source synchronization (repo sync), feature code must be update without regenerate local.conf * move feature/agl-demo to meta-agl-demo Change-Id: I6db3956da8091bf583b20fce7dc184bfe622a85a Signed-off-by: Ronan <ronan.lemartret@iot.bzh> Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>