summaryrefslogtreecommitdiffstats
path: root/meta-app-framework/recipes-core/security-manager/security-manager
AgeCommit message (Collapse)AuthorFilesLines
2018-01-23security-manager: Fix build error that causes gcc v7.0Changhyeok Bae1-0/+51
gcc v7 requires include <functional> for std::function. Bug-AGL: SPEC-1181 Change-Id: Id5deb6f5ea5c2c82ae4a26889f209e1d7619000e Signed-off-by: Changhyeok Bae <changhyeok.bae@gmail.com>
2017-05-25Security-manager: update of global user nameJosé Bollo1-1/+1
The global user name is 'afm' AGL-Bug: SPEC-617 Change-Id: I8b129afb333fdf0e90fde5e364ce6b56ceb5d712 Signed-off-by: José Bollo <jose.bollo@iot.bzh> Reviewed-on: https://gerrit.automotivelinux.org/gerrit/9503 Reviewed-by: Scott Murray <scott.murray@konsulko.com> Tested-by: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org> ci-image-build: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org> Reviewed-by: Matt Porter <mporter@konsulko.com> Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2017-03-27fix for gcc6 buildRonan2-0/+78
Change-Id: Iea4f0ba83e1d93ea2e7cc5950dced714b65dd251 Signed-off-by: Ronan <ronan.lemartret@iot.bzh> Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
2017-03-27Move all writable data used by security-manager and appfw to /varAnton Gerasimov3-0/+217
The purpose of these changes is to make OSTree and AppFw update domains compatible with each other. Some intergation code is also needed to deploy initial data to writable area (see SPEC-359 in Jira). Bug-AGL: SPEC-359 Change-Id: Iccba1e9916c569167df2922ad5e2d90cc33f06fe Signed-off-by: Anton Gerasimov <anton@advancedtelematic.com> Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
2017-03-27FWK: Adaptations for jethroJosé Bollo1-0/+50
Since introduction of ambient capabilities, systemd deprecated the use of Capabilities. With systemd 229 activated with krogoth, the use of Capabilities does nothing. This commits avoids to use SecureBits and Capabilities. It now relies on the fact that post installations are setting the capabilities to the file: - setcap cap_mac_override,cap_dac_override=ep afm-system-daemon - setcap cap_mac_override,cap_mac_admin,cap_setgid=ep afm-user-daemon Using p (permitted) instead of i (inherited) that was previously used. It also includes evolutions of the security model to be synchronized with the deletion of 'User'. The recommended version to use now is the commit 20bbb97f6d5400b126ae96ef446c3e60c7e16285. Change-Id: Id24ce7c7651e2fdf8d66b6e8286268e7d88508a0 Signed-off-by: José Bollo <jose.bollo@iot.bzh> Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>