summaryrefslogtreecommitdiffstats
path: root/meta-app-framework/recipes-core/security-manager
AgeCommit message (Collapse)AuthorFilesLines
2017-03-27fix for gcc6 buildRonan3-1/+82
Change-Id: Iea4f0ba83e1d93ea2e7cc5950dced714b65dd251 Signed-off-by: Ronan <ronan.lemartret@iot.bzh> Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
2017-03-27Don't override SYSTEMD_SERVICE of original recipe.Anton Gerasimov1-3/+6
Latest change for compatibility with OSTree introduced this bug, fix. Change-Id: Ib9c7fe624fbbd722abe07ca08ff56f4334dbf13e Signed-off-by: Anton Gerasimov <anton@advancedtelematic.com> Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
2017-03-27Move all writable data used by security-manager and appfw to /varAnton Gerasimov4-1/+230
The purpose of these changes is to make OSTree and AppFw update domains compatible with each other. Some intergation code is also needed to deploy initial data to writable area (see SPEC-359 in Jira). Bug-AGL: SPEC-359 Change-Id: Iccba1e9916c569167df2922ad5e2d90cc33f06fe Signed-off-by: Anton Gerasimov <anton@advancedtelematic.com> Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
2017-03-27FWK: Adaptations for jethroJosé Bollo2-0/+54
Since introduction of ambient capabilities, systemd deprecated the use of Capabilities. With systemd 229 activated with krogoth, the use of Capabilities does nothing. This commits avoids to use SecureBits and Capabilities. It now relies on the fact that post installations are setting the capabilities to the file: - setcap cap_mac_override,cap_dac_override=ep afm-system-daemon - setcap cap_mac_override,cap_mac_admin,cap_setgid=ep afm-user-daemon Using p (permitted) instead of i (inherited) that was previously used. It also includes evolutions of the security model to be synchronized with the deletion of 'User'. The recommended version to use now is the commit 20bbb97f6d5400b126ae96ef446c3e60c7e16285. Change-Id: Id24ce7c7651e2fdf8d66b6e8286268e7d88508a0 Signed-off-by: José Bollo <jose.bollo@iot.bzh> Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>