| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Shift from the permission database cynara
to cynagora permission database with a compatibility
library.
The cache size required by dbus-cynara is updated
because that size is now a count of bytes, not a count
of entries.
Bug-AGL: SPEC-2844
Change-Id: I9a81de6e3b8bcb94adc0bb05c63183c2eda3f310
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
Simplifies the way of building dbus-cynara by removing
the specific recipes in favour of a recipe for dbus that
handles the class-target build feature.
It requires to remove fake dependencies of cynara.
This is a suggestion of Tom Rini.
Bug-AGL: SPEC-1839
Change-Id: Id7a736eb4b73cdb679fa9dde30e9ad8e56c2894e
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
The dependency loop appeared when compiling
with DISTRO_FEATURE ptest.
To avoid it, I restore the logic implemented before in
meta-intel-iot-security. I also remove unless files.
Bug-AGL: SPEC-1334
Change-Id: Ibe8b9359a65fec034df2534c5fceb4769e63aa99
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
The main patches from dbus to make it cynara aware are
cherry-picked on top of the dbus 1.10.20 that is the
upstream version for rocko.
Change-Id: Ib7b07f335543cb56c4c96ef8f55305e61bc69b5c
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
Using the OVERRIDE "smack" came with the use of
the layer meta-intel-iot-security.
When switching to meta-security, it conflicts with the
package name 'smack' that provide the smack user library.
Yocto was reporting the following error:
ERROR: .../meta-security/recipes-security/smack/smack_1.3.0.bb:
QA Issue: Recipe .../meta-security/recipes-security/smack/smack_1.3.0.bb
has PN of "smack" which is in OVERRIDES, this can result
in unexpected behaviour. [pn-overrides]
Change-Id: Id71b283bf1ce5682bd94bf96595eb32506acb1d5
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
IMAGE_DEPENDS is removed in oe-core.
(Poky rev: f93d58378fb4095a18c1403de03ca0e13ce465cd)
(OE-Core rev: c5f33d466122e53be910fa448af60ef3937eb828)
Bug-AGL: SPEC-1181
Change-Id: Id2605ac13b80f8096261f186c3d28eb1d165e2c4
Signed-off-by: Changhyeok Bae <changhyeok.bae@gmail.com>
|
|
While dealing with systemd as a launcher, it appeared
a limitation. If the template argument of units is used
to designate the user it can not be different that the
UID as a number because systemd enforce XDG_RUNTIME_DIR
to be /run/user/<UID>.
Thus using UID is the way to go to use template mechanic
of systemd and use systemd as launcher. This is of
importance because we don't expect systemd user to have
full capabilities. Instead the framework will continue
to leverage systemd launching mechanism but at a system
level, with full capabilities but wil only allow user
applications to deal with systemd --user. This impose to
use UID as template parameters.
The problem is then to set the user directory to the
correct value knowing only the UID and using only
possibilities of units. The only way is to have user
home directories of the form /SOMETHING/<UID> (where
SOMETHING is merely "home").
This can be achieved either by setting a symbolic link
(hard link tto directories are forbidden) or by simply
using the scheme /home/UID in all cases.
At the end, users within AGL will not receive nick names
but will receive allocated UID. So, at the end, it is
not a problem to use the regular naming scheme /home/UID,
a scheme that will probably never be seen except by tools
or experts.
This patch implement this choice.
Change-Id: I225958fa627894cb966f52a06ebd8a914058d429
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
Reviewed-on: https://gerrit.automotivelinux.org/gerrit/12137
Tested-by: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org>
ci-image-build: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org>
Reviewed-by: Stéphane Desneux <stephane.desneux@iot.bzh>
Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
|
|
This reverts commit 48de89fbf1c66370d15c87b9dcab5371f180e5a4.
Bug-AGL: SPEC-475
Change-Id: I28cd41391d207b59d74d2ff661e5981b9947c715
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
Reviewed-on: https://gerrit.automotivelinux.org/gerrit/11287
Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
Tested-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
|
|
Setting of 'attr' isn't needed since AGL switched to
version "pyro" of poky.
Bug-AGL: SPEC-475
Change-Id: Ifcc1d62c5f0ef4472b2bd43680f31bc09c44191d
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
Reviewed-on: https://gerrit.automotivelinux.org/gerrit/11221
ci-image-build: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org>
Tested-by: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org>
ci-image-boot-test: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org>
Reviewed-by: Stéphane Desneux <stephane.desneux@iot.bzh>
Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
|
|
Common tools like 'useradd' work better in a Smacked
context when the extended attributes are correctly
managed. This is achieved by enforcing extended
attributes "xattr" to be in DISTRO_FEATURES.
When the commit 1c3eae5e654b7942b3ffd0b53426ca77219cec03
of poky will be integrated in the upstream of AGL (pyro),
it will be possible to removes the 3 last lines of
meta-app-framework/conf/include/agl-appfw-smack.inc
that explicitely activate the handling of extended
attributes for the package "shadow". See SPEC-475.
Change-Id: I299e68a34e7e49b33f1046aa99d255655fa2ffcc
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
|
|
* Having a minimlal local.conf serving the only purpose
of user customization is the "Yocto" way of doing things
* After a source synchronization (repo sync), feature code
must be update without regenerate local.conf
* move feature/agl-demo to meta-agl-demo
Change-Id: I6db3956da8091bf583b20fce7dc184bfe622a85a
Signed-off-by: Ronan <ronan.lemartret@iot.bzh>
Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
|
José Bollo
Changhyeok Bae
Ronan