Age | Commit message (Collapse) | Author | Files | Lines |
|
Change-Id: Ie1ff83f007d9d8d819829540d51e576f088c97eb
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
|
|
* Remove, from recipes, reference to porter, gen2, krogoth.
* cleanup mardown from reference to porter.
* cleanup markdown (markdownlint score 0).
Change-Id: I70b9880fc52ef3c848da588d3a256fa8eee48606
Signed-off-by: Ronan Le Martret <ronan.lemartret@iot.bzh>
|
|
Allow widgets to be unsigned even in non-development mode. This is a temporary
workaround to let some time to setup the apps signing workflow.
This workaround can be disabled for smoother transition to the world where
all apps must be signed. For this, define AGL_FORBID_UNSIGNED_APPS="1" in
local.conf.
**IMPORTANT: THIS PATCH MUST BE REVERTED IN THE FUTURE AND ALL APPS MUST BE SIGNED**
This patch alters the correct behaviour that was introduced here:
https://gerrit.automotivelinux.org/gerrit/#/c/15527/1/meta-app-framework/recipes-core/af-main/af-main_1.0.bb
Bug-AGL: SPEC-1614
Change-Id: I6bf50b70905a00445598f42ef5f6d9326c6d4cfe
Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
|
|
- Fix issue in handling signature of widgets.
- Fix access to system API afm-main.
This change include the commits:
* 8c7132a Creates systemd service for APIs
* d8d819b wgtpkg-digsig: Add flag to accept/refuse a WGT without signature
* f97f8d2 wgtpkg-digsig: Fix digital signature check
Bug-AGL: SPEC-1592
Bug-AGL: SPEC-1590
Change-Id: I0ecc19466180799e23b7863eb85755d9e4c2894f
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
This changes how user session are started and handled
within systemd. This evolution add a tiny program to
start and handle user sessions: afm-user-session.
This is the first step of a serie because, actually,
due to platform restrictions, the common users if started
this way will not be able to run correctly (issues with
wayland/weston and with handling of CGROUP2 with Smack LSM)
Also fixes memory leaks and improves build process.
Bug-AGL: SPEC-545
Bug-AGL: SPEC-1016
Change-Id: Icaf7c575633fc663a3df0ffee683b22cc087bb16
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
smack user space library is provided by meta-security
Change-Id: Ifb5e88e5f5a1aab3e695ab91a56d8c55c33fd004
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
Using the OVERRIDE "smack" came with the use of
the layer meta-intel-iot-security.
When switching to meta-security, it conflicts with the
package name 'smack' that provide the smack user library.
Yocto was reporting the following error:
ERROR: .../meta-security/recipes-security/smack/smack_1.3.0.bb:
QA Issue: Recipe .../meta-security/recipes-security/smack/smack_1.3.0.bb
has PN of "smack" which is in OVERRIDES, this can result
in unexpected behaviour. [pn-overrides]
Change-Id: Id71b283bf1ce5682bd94bf96595eb32506acb1d5
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
The removed line remained from some previous abandonned work.
Change-Id: Ic4a56ed5aeae43a516f78711eb1aa684cbbe97e1
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
Reviewed-on: https://gerrit.automotivelinux.org/gerrit/12429
Tested-by: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org>
ci-image-build: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org>
Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
|
|
To simplify the management of users while keeping
systemd as launcher, this evolution anchors the
framework in the system level.
This also introduce a new version of afm-system-daemon
that is 100% a binding of the binder and that
consequently offers natively a websocket API.
Change-Id: I1bbb48d0c01d0f6fd3c8dfca90febbe8147cf204
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
Reviewed-on: https://gerrit.automotivelinux.org/gerrit/12139
Tested-by: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org>
ci-image-build: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org>
Reviewed-by: Stéphane Desneux <stephane.desneux@iot.bzh>
Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
|
|
* Since yocto pyro we need to declare PACKAGE_WRITE_DEPS, dependency
for post install script
http://www.yoctoproject.org/docs/2.3/mega-manual/mega-manual.html#var-PACKAGE_WRITE_DEPS
* we alsa need to explicit exit 1 if post script failed
Bug-AGL: SPEC-646
Bug-AGL: SPEC-825
Change-Id: Ic15f8af884895fecacceb9886de5bebe591a2be0
Signed-off-by: Ronan Le Martret <ronan.lemartret@iot.bzh>
Reviewed-on: https://gerrit.automotivelinux.org/gerrit/10883
Reviewed-by: Stéphane Desneux <stephane.desneux@iot.bzh>
Reviewed-by: Thomas Rini <trini@konsulko.com>
Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
Tested-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
|
|
When agl-devel is required, installs the debugging
feature needed by XDS.
Also, improves AGL_DEVEL setting of af-binder.
Bug-AGL: SPEC-659
Change-Id: I90a1ecbaf78b860ded4f3a70d81ab6312d40772e
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
Reviewed-on: https://gerrit.automotivelinux.org/gerrit/10333
Tested-by: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org>
ci-image-build: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org>
Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
|
|
Currently, we get a file-rdeps QA warning because afm-install has a
/bin/bash shebang line but does not RDEPENDS on bash. We could also use
/bin/sh instead, but I'm not sure if we have some bashisms built-in to
the script. For now, add RDEPENDS to fix the warning.
Change-Id: I368da5e9e5c2d57d7bc2a1b674eb84c1147be5c1
Signed-off-by: Martin Kelly <mkelly@xevo.com>
Reviewed-on: https://gerrit.automotivelinux.org/gerrit/10217
Reviewed-by: José Bollo <jobol@nonadev.net>
Tested-by: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org>
ci-image-build: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org>
Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
|
|
Bug-AGL: SPEC-726
Change-Id: I8cb62fb6353e3985d1f7c9efc141bc35f4fa6d4b
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
Reviewed-on: https://gerrit.automotivelinux.org/gerrit/10087
Tested-by: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org>
ci-image-build: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org>
Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
|
|
The method to create shared services using websockets
was buggy. This patch correct it. It creates the directories
'sockets.target.wants' were the socket activations units
will be linked. It also makes correct reload and improves
the used paths.
Also fixes a masty infinite loop (spec-663).
AGL-Bug: SPEC-670
AGL-Bug: SPEC-663
Change-Id: I39d93f669498354a1c2f96bd735c0318a2f0e93a
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
Reviewed-on: https://gerrit.automotivelinux.org/gerrit/9787
Tested-by: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org>
ci-image-build: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org>
Reviewed-by: Romain Forlot <romain.forlot@iot.bzh>
Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
|
|
* Create a user/group display
* Allow weston to start without mandatory root user
* start weston-terminal for each user
Bug-AGL: SPEC-546
Change-Id: Id50acdbf5f7c07d5e0440575d42998b8819b5547
Signed-off-by: Ronan Le Martret <ronan.lemartret@iot.bzh>
Reviewed-on: https://gerrit.automotivelinux.org/gerrit/9135
Tested-by: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org>
ci-image-build: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org>
ci-image-boot-test: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org>
Reviewed-by: Dominig ar Foll <dominig.arfoll@fridu.net>
Reviewed-by: José Bollo <jobol@nonadev.net>
Reviewed-by: Stéphane Desneux <stephane.desneux@iot.bzh>
Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
|
|
Some environment variable were set in the configuration files.
This wasn't a valuable solution. Allowing now system tuning to
put environment variables in files of /etc/afm/unit.env.d
is much more flexible.
This patch is introduced also to solve the folowing issue
Bug-AGL: SPEC-547
Change-Id: I41183735b707a9d5d30805504c2676afe12c3b8d
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
* remove bashism
* do not install service for native build
Change-Id: I53f9c06b3638f568058bfef3955230c63b935801
Signed-off-by: Ronan Le Martret <ronan.lemartret@iot.bzh>
|
|
This new version of the framework leverages systemd
features to launch its applications.
Some of the advantages are:
- possible use of systemd features (namespace, cgroups, autostart,
dependency resolution, socket activation, ...)
- more feature are let open to integrator's design
Some of the drawbacks are:
- not more possible to launch an other instance of an application
already launched
- pause/resume is no more available by the framework
- the remote mode is to be redefined
This commit integrates the first version of the framework on
top of systemd. More work is to come.
None of the current drawback is definitive.
Bug-AGL: SPEC-138, SPEC-425, SPEC-426, SPEC-427
Change-Id: Idfb98761c0db23562bb783bed1b03aeb956fc587
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
|
|
This setting is introduced primarily to allow the
recipe agl-users to run in a correct environment.
Change-Id: Ib0bd7c8e6520bd87dbb26d9c011f5cb4672f44c7
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
|
|
Systemd was complaining that the service files were
executable. This patch removes that issue.
Change-Id: I77183bb142956fec84b3ca727f7084e8f652c292
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
|
|
libEGL.so is not availabe in QEMU x86-64 env.
This make the afm-user-daemon service is loaded failure.
This make the homescreen fail to load.
Remove LD_PRELOAD of libEGL.so for QEMU x86-64.
Change-Id: Iba9a904cc7e4000861ec0e0d6f5c22f48428b954
Signed-off-by: Phong Tran <tranmanphong@gmail.com>
Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
|
|
* Fix wgtpkg-pack
* Add json-c for native and nativesdk
Change-Id: I9f2f6b55b729099a70e00f53c631e181d19cf1c9
Signed-off-by: Ronan Le Martret <ronan.lemartret@iot.bzh>
Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
|
|
* afm-install can install wgt app like afm-util but use
dbus "system" session instead of "user".
#/usr/bin/afm-install install /usr/AGL/apps/$file.wgt
Change-Id: Id7361350257347a8db32f539b3bdeb3f2d8f554c
Signed-off-by: Ronan Le Martret <ronan.lemartret@iot.bzh>
Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
|
|
The purpose of these changes is to make OSTree and AppFw update domains
compatible with each other. Some intergation code is also needed to deploy
initial data to writable area (see SPEC-359 in Jira).
Bug-AGL: SPEC-359
Change-Id: Iccba1e9916c569167df2922ad5e2d90cc33f06fe
Signed-off-by: Anton Gerasimov <anton@advancedtelematic.com>
Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
|
|
Change-Id: If9765fa5dbb5229a511b36cda83505cab75e7785
Signed-off-by: Ronan <ronan.lemartret@iot.bzh>
Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
|
|
This define is currently needed by all applications launched
by the framework. This commits allows that.
Change-Id: Ia56268c1bca58f2da7c0152fa735751603d799bc
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
|
|
Since introduction of ambient capabilities,
systemd deprecated the use of Capabilities.
With systemd 229 activated with krogoth,
the use of Capabilities does nothing.
This commits avoids to use SecureBits and Capabilities.
It now relies on the fact that post installations are
setting the capabilities to the file:
- setcap cap_mac_override,cap_dac_override=ep afm-system-daemon
- setcap cap_mac_override,cap_mac_admin,cap_setgid=ep afm-user-daemon
Using p (permitted) instead of i (inherited) that was
previously used.
It also includes evolutions of the security model to be synchronized
with the deletion of 'User'. The recommended version to use now
is the commit 20bbb97f6d5400b126ae96ef446c3e60c7e16285.
Change-Id: Id24ce7c7651e2fdf8d66b6e8286268e7d88508a0
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
|
|
nativesdk-packagegroup-sdk-host
This is required to install app framework sdk tools.
Change-Id: Iad407420fa734c063926d1883c288af387155668
Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
|
|
Change-Id: I3ce83d0a5cd018d4b77492e4237fc4d297ee312f
Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
|
|
Change-Id: If7481696d130859e87f3110af2d0c5dde25615d6
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
|
|
meta-app-framework is a layer containing the AGL App Framework recipes
4 new layers are added for application framework:
* meta-intel-iot-security/meta-security-smack
* meta-intel-iot-security/meta-security-framework
* meta-agl/meta-agl-security
* meta-agl/meta-app-framework
Configuration file changes to support AppFw:
* activation of Smack and Cynara
* modify the tar command to be used to support Smack extended attributes
Change-Id: Idc8abdc8869787feb4b534ee45bf7b5d3dde3632
Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
|
|
This reverts commit 80f4d503fc5bb2564b72b72daedebf74612c30f3.
Change-Id: I94605d4c0ef80433fa6eaa05e63a9c6cf69baea4
Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
|
|
meta-app-framework is a layer containing the AGL App Framework recipes
4 new layers are added for application framework:
* meta-intel-iot-security/meta-security-smack
* meta-intel-iot-security/meta-security-framework
* meta-agl/meta-agl-security
* meta-agl/meta-app-framework
In the templates files, the following changes were done:
* activation of Smack and Cynara
* modify the tar command to be used to support Smack extended attributes
Change-Id: If369221ca7614fe0072f2a0f99a5051ef2af831d
Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
|