Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
The dependency loop appeared when compiling
with DISTRO_FEATURE ptest.
To avoid it, I restore the logic implemented before in
meta-intel-iot-security. I also remove unless files.
Bug-AGL: SPEC-1334
Change-Id: Ibe8b9359a65fec034df2534c5fceb4769e63aa99
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
The profiles need a clear priorization of the layers.
Especially the core layers need a high prio in this context.
Apply a prio of 70 to core/essential layers and of 60 to BSP, netboot and smack.
Change-Id: I24a59daadab4c98ffbcb799cc784e84e87ac7d23
Signed-off-by: Jan-Simon Möller <jsmoeller@linuxfoundation.org>
|
|
The main patches from dbus to make it cynara aware are
cherry-picked on top of the dbus 1.10.20 that is the
upstream version for rocko.
Change-Id: Ib7b07f335543cb56c4c96ef8f55305e61bc69b5c
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
Using the OVERRIDE "smack" came with the use of
the layer meta-intel-iot-security.
When switching to meta-security, it conflicts with the
package name 'smack' that provide the smack user library.
Yocto was reporting the following error:
ERROR: .../meta-security/recipes-security/smack/smack_1.3.0.bb:
QA Issue: Recipe .../meta-security/recipes-security/smack/smack_1.3.0.bb
has PN of "smack" which is in OVERRIDES, this can result
in unexpected behaviour. [pn-overrides]
Change-Id: Id71b283bf1ce5682bd94bf96595eb32506acb1d5
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
IMAGE_DEPENDS is removed in oe-core.
(Poky rev: f93d58378fb4095a18c1403de03ca0e13ce465cd)
(OE-Core rev: c5f33d466122e53be910fa448af60ef3937eb828)
Bug-AGL: SPEC-1181
Change-Id: Id2605ac13b80f8096261f186c3d28eb1d165e2c4
Signed-off-by: Changhyeok Bae <changhyeok.bae@gmail.com>
|
|
While dealing with systemd as a launcher, it appeared
a limitation. If the template argument of units is used
to designate the user it can not be different that the
UID as a number because systemd enforce XDG_RUNTIME_DIR
to be /run/user/<UID>.
Thus using UID is the way to go to use template mechanic
of systemd and use systemd as launcher. This is of
importance because we don't expect systemd user to have
full capabilities. Instead the framework will continue
to leverage systemd launching mechanism but at a system
level, with full capabilities but wil only allow user
applications to deal with systemd --user. This impose to
use UID as template parameters.
The problem is then to set the user directory to the
correct value knowing only the UID and using only
possibilities of units. The only way is to have user
home directories of the form /SOMETHING/<UID> (where
SOMETHING is merely "home").
This can be achieved either by setting a symbolic link
(hard link tto directories are forbidden) or by simply
using the scheme /home/UID in all cases.
At the end, users within AGL will not receive nick names
but will receive allocated UID. So, at the end, it is
not a problem to use the regular naming scheme /home/UID,
a scheme that will probably never be seen except by tools
or experts.
This patch implement this choice.
Change-Id: I225958fa627894cb966f52a06ebd8a914058d429
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
Reviewed-on: https://gerrit.automotivelinux.org/gerrit/12137
Tested-by: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org>
ci-image-build: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org>
Reviewed-by: Stéphane Desneux <stephane.desneux@iot.bzh>
Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
|
|
This reverts commit 48de89fbf1c66370d15c87b9dcab5371f180e5a4.
Bug-AGL: SPEC-475
Change-Id: I28cd41391d207b59d74d2ff661e5981b9947c715
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
Reviewed-on: https://gerrit.automotivelinux.org/gerrit/11287
Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
Tested-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
|
|
Setting of 'attr' isn't needed since AGL switched to
version "pyro" of poky.
Bug-AGL: SPEC-475
Change-Id: Ifcc1d62c5f0ef4472b2bd43680f31bc09c44191d
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
Reviewed-on: https://gerrit.automotivelinux.org/gerrit/11221
ci-image-build: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org>
Tested-by: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org>
ci-image-boot-test: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org>
Reviewed-by: Stéphane Desneux <stephane.desneux@iot.bzh>
Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
|
|
Common tools like 'useradd' work better in a Smacked
context when the extended attributes are correctly
managed. This is achieved by enforcing extended
attributes "xattr" to be in DISTRO_FEATURES.
When the commit 1c3eae5e654b7942b3ffd0b53426ca77219cec03
of poky will be integrated in the upstream of AGL (pyro),
it will be possible to removes the 3 last lines of
meta-app-framework/conf/include/agl-appfw-smack.inc
that explicitely activate the handling of extended
attributes for the package "shadow". See SPEC-475.
Change-Id: I299e68a34e7e49b33f1046aa99d255655fa2ffcc
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
|
|
* Having a minimlal local.conf serving the only purpose
of user customization is the "Yocto" way of doing things
* After a source synchronization (repo sync), feature code
must be update without regenerate local.conf
* move feature/agl-demo to meta-agl-demo
Change-Id: I6db3956da8091bf583b20fce7dc184bfe622a85a
Signed-off-by: Ronan <ronan.lemartret@iot.bzh>
Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
|
|
meta-app-framework is a layer containing the AGL App Framework recipes
4 new layers are added for application framework:
* meta-intel-iot-security/meta-security-smack
* meta-intel-iot-security/meta-security-framework
* meta-agl/meta-agl-security
* meta-agl/meta-app-framework
Configuration file changes to support AppFw:
* activation of Smack and Cynara
* modify the tar command to be used to support Smack extended attributes
Change-Id: Idc8abdc8869787feb4b534ee45bf7b5d3dde3632
Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
|
|
This reverts commit 80f4d503fc5bb2564b72b72daedebf74612c30f3.
Change-Id: I94605d4c0ef80433fa6eaa05e63a9c6cf69baea4
Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
|
|
meta-app-framework is a layer containing the AGL App Framework recipes
4 new layers are added for application framework:
* meta-intel-iot-security/meta-security-smack
* meta-intel-iot-security/meta-security-framework
* meta-agl/meta-agl-security
* meta-agl/meta-app-framework
In the templates files, the following changes were done:
* activation of Smack and Cynara
* modify the tar command to be used to support Smack extended attributes
Change-Id: If369221ca7614fe0072f2a0f99a5051ef2af831d
Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
|