summaryrefslogtreecommitdiffstats
path: root/meta-app-framework/recipes-core
AgeCommit message (Collapse)AuthorFilesLines
2022-10-08meta-app-framework: applaunchd: run under a separate userDenys Dmytriyenko1-1/+1
Since applaunchd needs to start/stop systemd units, the user is granted elevated systemd unit-management permissions via PolKit policy. If applaunchd and all the apps run under the same agl-driver user, all the apps have these elevated systemd permissions too. Separating them into different users allows removing elevated systemd unit-management permission from individual apps, but leaving such permission for applaunchd, which enhances overall security of the system. - add new applaunchd user and group - switch applaunchd (gRPC) service to be started under new user - since HTML5 apps haven't migrated to gRPC yet and still use D-Bus API, applaunchd-dbus gets activated by agl-session and runs under agl-driver - temporarily add agl-driver user into the applaunchd group and switch PolKit policy to check for applaunchd group, instead of the user - once D-Bus API is completely deprecated, agl-driver user can be removed from applaunchd group Bug-AGL: SPEC-4579 Signed-off-by: Denys Dmytriyenko <denys@konsulko.com> Change-Id: I75384177578bba6cb458a81df6a9dc1738c972e0 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/28039 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-09-21meta-app-framework: applaunchd: update for gRPC additionScott Murray2-2/+21
Changes to facilitate building gRPC enabled versionm of applaunchd: - Bump SRCREV to pick up gRPC changes - Add required protobuf and gRPC dependencies to DEPENDS - Add new systemd unit for standalone gRPC API daemon Bug-AGL: SPEC-4559 Signed-off-by: Scott Murray <scott.murray@konsulko.com> Change-Id: I21778f27b2eabd952e983b4571de05ad5d6c5af2 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27984 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-08-04meta-app-framework: update Flutter app templateScott Murray1-1/+1
Update systemd template unit for Flutter based applications for the embedder binary rename (to flutter-auto) and a required rename of the application id command-line option (to --xdg-shell-app-id). Bug-AGL: SPEC-4485 Signed-off-by: Scott Murray <scott.murray@konsulko.com> Change-Id: Icb03775f379929a852d3b270d52b3e88277aa3cc Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27862 Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> ci-image-boot-test: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Tested-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-07-29meta-app-framework: add Flutter app templateScott Murray2-1/+15
Add a systemd template unit for Flutter based applications to the applaunchd recipe. Bug-AGL: SPEC-4466 Signed-off-by: Scott Murray <scott.murray@konsulko.com> Change-Id: Ia7cb24d27beebf7c7e4bcfb7a256bd45ffa432ce Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27838 Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> ci-image-boot-test: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Tested-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-07-29meta-app-framework: Update app template schemeScott Murray3-9/+31
Changes to support the move to systemd unit based app enumeration in applaunchd: - Bump applaunchd SRCREV to pick up enumeration changes. - Tweak the polkit rule to match agl-app* instead of agl-app@* to allow more flexibility with respect to different app templates. - Tweak the Description field definition in the agl-app service template to just use the instance name, as that field is now used for the application display name by applaunchd. - Add a agl-app-web service template for web apps. - Add a agl-app.bbclass for use in application recipes to simplify installation of the now required systemd template instances and potential generation of override files to tweak application configuration. - Split the agl-app and agl-app-web templates into their own packages in the applaunchd recipe so they can be depended on by applications as required. - Move applaunchd installed systemd units and override files to /lib/systemd/system since that matches the upstream recommendation for units installed as part of the system installation. Bug-AGL: SPEC-4466 Signed-off-by: Scott Murray <scott.murray@konsulko.com> Change-Id: I32ff6c9624850662856b79a2b14b33a05e7f9a65 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27835 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Jose Dapena Paz <jdapena@igalia.com> Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-07-13applaunchd: update and install agl-app@ template and sandboxing configsDenys Dmytriyenko4-5/+33
The new applaunchd adds systemd_manager that allows launching apps as systemd services in a sandboxed environment. And dbus_activation_manager is deprecated. * Update SRCREV for the new code * Bump version to indicate a major change * Install supporting config files * Add build dependency on systemd * Add runtime dependency on polkit rule to manage agl-app@ services Bug-AGL: SPEC-4466 Signed-off-by: Denys Dmytriyenko <denys@konsulko.com> Change-Id: I01b0247d18be8d97b4ea2866d161cffbda8f9155 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27752 Reviewed-by: Marius Vlad <marius.vlad@collabora.com> Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Reviewed-by: Scott Murray <scott.murray@konsulko.com> Tested-by: Jenkins Job builder account
2022-06-29Remove use of AGL_APP_REVISIONJan-Simon Moeller1-1/+1
We did use the variable AGL_APP_REVISION to change between the HEAD of the branch via to the fixed tag at release time (regs/tags/xyz) . While this worked well previously, it turns out that bitbake will query git every time it runs for either or tags likewise. For tags it cannot trust whatever is known locally is actually the latest tags as there can be force pushed tags. To fix this we use a well-defined SRCREV for apps/* in the same way as we do it for src/* . Bug-AGL: SPEC-4455 Signed-off-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Change-Id: I54bad2ef6c8b171b1ae1270b4adb951fb180b260 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27693 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account
2022-05-26applaunchd: Correct "HOMEPAGE" in applaunchd_git.bbduerpei1-1/+1
The originally link in homepage cannot be opened when copied to the browser. Replace it with link that can be opened Bug-AGL: SPEC-4368 Signed-off-by: duerpei <duep.fnst@fujitsu.com> Change-Id: I33fccf7711527a657b6b4a0170c85a6f4b6d3767 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27500 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2021-12-17meta-app-framework: recipes-core: add applaunchd recipeArnaud Ferraris1-0/+28
Bug-AGL: SPEC-4160 Signed-off-by: Arnaud Ferraris <arnaud.ferraris@collabora.com> Change-Id: I7b2d5e660625091d665727d48a45eb1b7958904e Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27015 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2021-11-04Prepare master for new framework integrationJan-Simon Moeller35-7937/+0
During the last workshop the transition to the new framework was presented. This change essentially deprecates the SMACK-based application framework. To prepare the integration of it, we remove the deprecated components: - meta-agl-core: remove Smack kernel patches - meta-app-framework - meta-pipewire/dynamic-layers/meta-app-framework/ v2: rebased Bug-AGL: SPEC-4121 Signed-off-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Change-Id: Icdaeadfb5d2193f3a4c535168c88da6073423e67 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/26752
2021-10-12meta-app-framework: bump version for dbus bbappendScott Murray1-0/+0
Rename the dbus bbappend to handle the upgrade to 1.12.20 in the poky 3.1.11 update. Bug-AGL: SPEC-4104 Signed-off-by: Scott Murray <scott.murray@konsulko.com> Change-Id: I2876920f0ac949f4dee0835af03c096c4e186973 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/26729 Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Tested-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2021-08-23Convert to new override syntaxScott Murray16-81/+80
This is mostly the result of running a slightly customized version of the convert-overrides.py script from poky with additional overrides added. A few minor fixups were done by hand afterwards during a review of the changes. The intent of these changes is to minimize the effort to keep the "next" branch that builds against poky master up to date and tested in preparation for the switch to the next Yocto LTS release in early 2022. Bug-AGL: SPEC-4052 Signed-off-by: Scott Murray <scott.murray@konsulko.com> Change-Id: Ia3bf63b7cb1aa1d95ada373d1a3ab56def0a125d Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/26564 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2021-07-27af-binder: update SRCREVScott Murray1-1/+1
Update SRCREV to pick up: c5c15f8 gcc 11.x fixes 9a8aea1 CMake: Link with -latomic Bug-AGL: SPEC-3819 Signed-off-by: Scott Murray <scott.murray@konsulko.com> Change-Id: I41a1aa7c38eceb1ca10904a060d52deba6dac6ff Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/26539 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2020-12-17SPEC-3723: restructure meta-aglJan-Simon Moeller31-168/+7542
Goal is to reach a minimal meta-agl-core as base for IVI and IC work at the same time. Trim dependencies and move most 'demo' related recipes to meta-agl-demo. v2: changed to bbapend + .inc , added description v3: testbuild of all images v4: restore -test packagegroup and -qa images, compare manifests and adapt packagegroups. v5: rebased v6: merged meta-agl-distro into meta-agl-core, due to dependency on meta-oe, moved -test packagegroup and -qa images to own layer meta-agl-core-test v7: Fixed comments from Paul Barker v8: Update the markdown files v9: restore wayland/weston/agl-compositor recipes/appends, reworked to move app f/w specific changes to bbappends in meta-app-framework and only demo specific weston-init changes to meta-agl-demo v10: fix s/agldemo/aglcore/ missed in weston-init.bbappend Description: This patch is part 1 out of 2 large patches that implement the layer rework discussed during the previous workshop. Essentially meta-agl-core is the small but versatile new core layer of AGL serving as basis for the work done by the IC and IVI EGs. All demo related work is moved to meta-agl-demo in the 2nd patchset. This should be applied together as atomic change. The resulting meta-agl/* follows these guidelines: - only bsp adaptations in meta-agl-bsp - remove the agl-profile-* layers for simplicity -- the packagegroup-agl(-profile)-graphical and so on have been kept in meta-agl-demo - meta-agl-profile-core is now meta-agl-core - meta-agl-core does pass yocto-check-layer -- therefore use the bbappend + conditional + .inc file construct found in meta-virtualization - meta-agl/meta-security has been merged into meta-agl/meta-app-framework - meta-netboot does pass yocto-check-layer - meta-pipewire does pass yocto-check-layer Migration: All packagegroups are preserved but they're now enabled by 'agl-demo'. Bug-AGL: SPEC-3723 Signed-off-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Signed-off-by: Scott Murray <scott.murray@konsulko.com> Change-Id: Ia6c6e5e6ce2b4ffa69ea94959cdc57c310ba7c53 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/25769
2020-12-04meta-app-framework: update app-framework-main SRCREVScott Murray1-1/+1
Pick up changes: 3ea6f4a Merge "Add network and bluetooth permissions to service template" 0a24bbd Add network and bluetooth permissions to service template ad47803 deal with extra quotes Bug-AGL: SPEC-2714, SPEC-3509 Signed-off-by: Scott Murray <scott.murray@konsulko.com> Change-Id: Ie1c9bcb958aa5bda810a68c4e579e81321d55dda Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/25706 ci-image-build: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org> ci-image-boot-test: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org> Tested-by: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org>
2020-08-19meta-app-framework/recipes-core/af-binder: bump to latest revisionLi, Xiaoming1-1/+1
pickup changes: 1b62498 fix(migration-to-binding-v3.sed): add a legacy call replacing rule 53228dc Fix typo Change-Id: Ie090ad3b81047352fb002dc5cb4ec10e82418e01 Signed-off-by: Li, Xiaoming <lixm.fnst@cn.fujitsu.com> Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/25132 Tested-by: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org> ci-image-build: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org> ci-image-boot-test: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org> Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2020-07-24meta-app-framework: update app-framework-main SRCREVScott Murray1-1/+1
Pick up changes: af8db35 Fix native compilation 3a2efc3 Merge "Add wait for start jobs" 55e6be4 Add wait for start jobs 70d6c64 Fix labelling of files of widgets Bug-AGL: SPEC-3365, SPEC-3427, SPEC-3457, SPEC-3489 Signed-off-by: Scott Murray <scott.murray@konsulko.com> Change-Id: I5be593e8e3e91f461dfa3db8063b21839ed6460d Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/25051 Tested-by: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org> ci-image-build: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org> ci-image-boot-test: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org> Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2020-06-24af-main: update SRCREVScott Murray1-1/+1
Update app-framework-main SRCREV in af-main recipe, picking up changes: ac6f7ed Add weston dependency for units with display permission Bug-AGL: SPEC-3411 Signed-off-by: Scott Murray <scott.murray@konsulko.com> Change-Id: Iecb3cec7674e5c0a634925067cf66a27581536a3 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/24788 Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Tested-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2020-05-30meta-app-framework: update af-main SRCREVScott Murray1-1/+1
Update app-framework-main SRCREV in af-main recipe to pick up: f8cee78 Fix uninstall of widgets without icons f8f2338 Improve use of systemd's states Bug-AGL: SPEC-3323, SPEC-3401 Signed-off-by: Scott Murray <scott.murray@konsulko.com> Change-Id: I35f6fcb8677bd3d5d49e588d03f5868249532baa Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/24584 Tested-by: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org> ci-image-build: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org> ci-image-boot-test: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org> Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2020-05-22Fix nss-localuser postinst scriptlet to run only on the targetJan-Simon Möller1-1/+1
Otherwise we fail on do_rootfs now. Bug-AGL: SPEC-3385 Signed-off-by: Jan-Simon Möller <jsmoeller@linuxfoundation.org> Change-Id: I47be059b77a79e7f6414ea233f591b4957db4818 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/24530 Tested-by: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org> ci-image-build: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org> ci-image-boot-test: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org> Reviewed-by: Scott Murray <scott.murray@konsulko.com>
2020-05-13qtwayland_%.bbappend: Migrate the qt shell integration to the properMarius Vlad1-3/+0
place The proper place to choose the qtshell integration is with qtwayland so migrate it there. While at it, upgrade to xdg-shell stable instead of using the unstable v6. Bug-AGL: SPEC-3133 Signed-off-by: Marius Vlad <marius.vlad@collabora.com> Change-Id: I67b92cd744c4e34c9a603b9535823d9562d4bdf8
2020-05-07af-main & af-binder: Fix infinite loop and C++José Bollo2-2/+2
af-main: Fix an infinite loop when starting applications * e7ac328 afm-urun: Fix infinite loop on start status af-binder: Fix a missing header when compiling C++ * 33ddfb5 Fix includes of C++ header Bug-AGL: SPEC-3323 Bug-AGL: SPEC-3358 Change-Id: I06a05427b33791a242038d278e452fd73806d2f5 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2020-04-14meta-app-framework: update af-main SRCREVScott Murray1-1/+1
Update app-framework-main SRCREV in af-main recipe to pick up: 6c44e65 Merge "Update weston dependency in afm-system-setup.service" f86501b Update weston dependency in afm-system-setup.service Bug-AGL: SPEC-3309 Signed-off-by: Scott Murray <scott.murray@konsulko.com> Change-Id: I62317a543ceba7bced2f40e512bfdaca01202b5f
2020-04-10af-main: Sign widgets when agl-develJosé Bollo3-3/+10
This change introduce signature of widgets with sample keys and certificates of app-framework-main when the feature agl-devel is selected. It also shows how to sign widgets in yocto build environment, using WGTPKG_AUTOSIGN_X environment variables. v2: Use an own agl feature for the signing and not agl-devel This allows us to switch it on selectively. Bug-AGL: SPEC-2840 Change-Id: I8f66c25a2ae62ad2365c7cdb995049c00b7c780a Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2020-03-19af-main: remove widget versions and fixes for zeusJosé Bollo1-1/+1
This removes the distinction between versions of widgets. This change can fix issue in starting of applications due to systemd changes (SPEC-3178) Includes changes: * dee2725 Update .gitreview file * 7f53b81 Merge "system setup: Fix settings on /run/user" * a855d14 Remove distinction of widget's version * 4f88827 Fix homescreen start on yocto/Zeus Bug-AGL: SPEC-3178 Bug-AGL: SPEC-2538 Change-Id: Ibce8316dd9513ad2f5d6d4f1fbea3119d78d0417 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2020-03-13af-binder: fix bug in reconnectionJose Bollo1-1/+1
When the client reconnected, it used the wrong type and reconnected as server leading to unexpected state with faults. Include: * 7901c6d afb-stub-ws: fix bug in reconnection Bug-AGL: SPEC-3272 Change-Id: I3ad0987be094527f2a3a980a3a99f397b704f3ee Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
2020-03-11af-binder: bump and fixesJose Bollo1-1/+1
Includes: * 862fb68b Fix globset compilation warning * 4848ec20 Update .gitreview file * 2f38d2ea Improves compatibility with AddressSanitizers * 693249aa Fix bug in session and token removal * 26b09b0d Fix a tiny issue in the protocol * 9cab553d Fix bug in C++ wrapper Bug-AGL: SPEC-3040 Bug-AGL: SPEC-3134 Bug-AGL: SPEC-3162 Bug-AGL: SPEC-3220 Change-Id: I5f96ac20a824df3f6cb73be2e41ef79cd3f2be04 Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
2020-02-21Merge remote-tracking branch 'agl/next'Jan-Simon Möller1-0/+2
* agl/next: meta-agl-bsp: Add CONFIG_LSM workaround for 5.1+ kernels meta-agl-profile-cluster-qt5: disable qtbase patches zeus updates for dragonboard-410c meta-security: activates dbus-cynagora recipes-graphics/wayland/weston: Expose weston_output_damage() meta-agl-profile-core: tweak udisks2 configuration for AGL meta-agl-bsp/meta-arago: update weston bbappend [RCAR] Update rcar driver weston 7 bsp 3.21.0 [RCAR] Update rcar driver weston 7 bsp 3.21.0 [RCAR] Split ADSP path for ulcb and ulcb-kf Fix nss-localuser post install meta-agl-bsp: meta-raspberrypi: handle zeus upgrade meta-agl-profile-core: add patch for systemd-udevd SECLABEL crash meta-security: disable dbus-cynara patches meta-agl-bsp: handle ptest-runner upgrade meta-agl-distro: Add inc file for next branch over-rides meta-agl-distro: BBMASK problematic upstream meta-security bbappend meta-agl-distro: prefer linux-yocto 4.19 LTS kernel meta-agl-profile-graphical-qt5: enable qt5location services meta-agl-profile-core: update most recipe meta-agl-profile-core: update neardal recipe Update base local.conf.sample meta-agl-profile-graphical: don't always build agl-compositor meta-agl-profile-graphical: update weston and weston-init meta-agl-profile-graphical: update wayland-ivi-extension for weston 7.0.0 meta-agl-distro: add polkit to DISTRO_FEATURES meta-agl-profile-core: update fontconfig bbappend meta-agl-profile-core: switch to udisks2 meta-security: handle systemd upgrade meta-agl-profile-graphical-qt5: handle qtwayland upgrade meta-agl-profile-core: handle freetype upgrade meta-agl-bsp meta-agl-profile-core: upgrade to opencv 4.x meta-agl-profile-core: update rtl-sdr recipe for zeus meta-security meta-app-framework: handle xmlsec1 upgrade meta-agl-profile-graphical: upgrade to gstreamer 1.16 meta-agl-profile-core: remove libmicrohttpd backport meta-agl-profile-core: remove backported curl and nghttp2 recipes meta-agl-profile-core: remove libnfc recipe meta-agl-profile-core: remove connman backport meta-agl-profile-graphical: remove weston 5.0.0 patches meta-agl-profile-core: remove old glibc patch meta-agl-bsp/meta-intel: remove linux-firmware_git.bbappend meta-agl-bsp: remove weston and wayland-protocols backports meta-app-framework: remove libzip recipe meta-security: remove keyutils recipe Declare layer compatibility with zeus Change-Id: Ie8ee1e37958279e7cf2d503c54ffacb46ba0c31c
2020-02-14af-main: Fix setting of /run/userJosé Bollo1-1/+1
Includes: * ab26673 system setup: Fix settings on /run/user Bug-AGL: SPEC-3175 Change-Id: I41f7d3665ec161b7ae6bdbc19ad4ac3616b375c1 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2020-01-30Fix nss-localuser post installRonan Le Martret1-0/+2
-post install script need to have ${sysconfdir}/nsswitch.conf available. This file is provides by base-files. Change-Id: I4767341c442ab8242afa9fb7ed75c2ad8c6a6cc0 Signed-off-by: Ronan Le Martret <ronan.lemartret@iot.bzh>
2020-01-28af-main: Improve Smack setupJosé Bollo1-1/+1
Improve setup for solving access issues While developping the binding afb-test, the export of the binding afm-test, using "provided-binding" feature revealed to be broken because of security setup. Bug-AGL: SPEC-2795 Change-Id: I0af4a46aaa191cad167a332ebb2d14ebbfe04c6a Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2020-01-28af-main: Use xdg-shell-v6 for agl-compositorMarius Vlad1-1/+3
As we're using xdg-shell-v6 instead of ivi-shell for agl-compositor and applications, make the transition much easier (that is, having a fully bootable workable image) by making it default when the DISTRO_FEATURES specify it. Bug-AGL: SPEC-3128 Signed-off-by: Marius Vlad <marius.vlad@collabora.com> Change-Id: I1bf1546d3cfab14b1b4b76199ba60207c984d69f
2020-01-10af-binder: UpgradeJose Bollo1-1/+1
This upgrade of the binder includes improvement in event handling (SPEC-3069) and minor fixes. Unscription should now be immediately effective as expected, no matter how many subscribe was done. Included commits: * 8828c6be main-afb-client-demo: Fix typo * f3d1f19a afb-apiset: Fix start of apis * 18d28239 AFB.js: pass event name * ca0f859d afb-proto-ws: Improve comment and names * f40979c7 afb-proto-ws: Add message for unexpected event * c6fcbec3 afb-evt: Improve name of listening functions * 36ed9d2e afb-evt: Ensure unsubscribe works * 164f1414 afb-ws-client: Improve direct URI * 65353dce Update copyright dates Bug-AGL: SPEC-3066 Bug-AGL: SPEC-3069 Bug-AGL: SPEC-3087 Bug-AGL: SPEC-3094 Change-Id: I499643564a1026f54b7cfd68f73352561e1d8649 Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
2019-12-20af-main: Fix allocation of idsJose Bollo1-1/+1
The allocation of ids and ports was broken because ids was not well scanned since commit 6008a3e Bug-AGL: SPEC-3068 Change-Id: Ia92a9c05e99ba1b62856d1610d2a91c9693c35e2 Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
2019-12-20af-binder: Fix a critical bugJose Bollo1-1/+1
This fix a critical bug of the binder that lead to memory crash and instabilities. Bug-AGL: SPEC-3066 Change-Id: Ied3756fb7cf0dea423cda1c8367510fc175ab447 Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
2019-12-19af-main: OAuth client credentials and localuser namesJosé Bollo3-36/+2
This includes: - the basic OAuth client credential server - the token logic for WAM apps - the use of localuser names WAM apps Bug-AGL: SPEC-2968 Bug-AGL: SPEC-3032 Bug-AGL: SPEC-3033 Bug-AGL: SPEC-3014 Change-Id: I37588d4a4f9b74bb0ab0da70c7fbae1f8979f25e Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2019-12-19af-binder: Fix issue when no port definedJosé Bollo1-1/+1
Since introduction of interfaces, it is no more needed to define a port. But the binder was still complaining that no port were defined. Bug-AGL: SPEC-2968 Bug-AGL: SPEC-3014 Change-Id: Ia3d748615641db5f467c3313ff7b02c16608d0ac Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2019-12-16af-main: Ensure home and workdir to platform's appJose Bollo1-1/+1
The widget requesting the permission to run at platform scope: urn:AGL:permission::partner:scope-platform should be able to record data and state. This change provides a default place to achieve it. Bug-AGL: SPEC-2998 Change-Id: I1278375591716d18ce1346acc0f63fb073e4556a Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
2019-12-06af-main & af-binder: Partial shift to token logicJose Bollo2-2/+2
This commit includes changes related to integration of token security logic and use of nss-localuser. Changes from af-main are: * 581f99c wgtpkg-install: Add default permissions * 50ab763 Remove tokens * 6008a3e Enforce numeric application IDs * 653562e Introduce localuser interface for applications Changes from af-binder are: * 5026e71 docs(func-service.md): typo * 2243df1 afb-api-dbus: Fix broken broadcast in dbus apis * ff5446e afb-proto-ws: Fix crash on event to disconnected * 1b240e6 afb-hreq: Handle HTTP header Authorization * 29ae81f Introduce object for tokens * 6f59158 coverage: Fix regression * 9a623c3 monitoring: Fix display on connection error * e6908a2 afb-hreq: Handle access_token query parameter * 0d3dc97 Remove refreshing token * 7c67e96 Remove returning token * e08d57c Don't return the uuid * b4da3b7 Move tokens from sessions to requests * e80c1a7 Use afb_token in contexts * d735ff8 afb-session: Expose a local id for sessions * 5ac7bb0 afb-session: remove initial token * 0fd887b u16id: Add maps for identifiers id of 16 bits * eaf5670 afb-evt: Use 16 bits for ids * b55f3cd afb-stub-ws: Enforce asynchronous describe * 7386e1c afb-proto-ws: Change the protocol WSAPI * 74a7ebb afb-error-text: Introduce standard error text * af003cd afb-auth: Increase and improve use of afb-auth * 98b214e afb-hswitch: Update websocket policy * b70caad afb-context: Move credentials to context * d8aff62 afb-context & afb-token: rework token validation * 36094f9 afb-supervision: Improve messages * 354dfe5 afb-perm: separate access to permission db * 93483c5 AFB.js: Enforce single code * c79b6ba Relax constraint on aliases * 7a28ebb afb-socket: Add ability to set a default scheme * 82a9d79 main-afb-daemon: manage listening interfaces Bug-AGL: SPEC-2968 Change-Id: If4751144595c38a69608a962c92b54ae1a976ac8 Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
2019-12-03nss-localuser: Add application to localuser familyJosé Bollo1-1/+1
This allows to use separate hostnames for separate applications and separate users. Bug-AGL: SPEC-2968 Change-Id: Iac139e3cda57c67796bbdacceceb39fe57c46591 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2019-12-03security-manager: Improve integrationJosé Bollo7-367/+3
This fixes some issues encountered by the current integration of the security-manager: - its recipes is spread in too much directories (see SPEC-2092) - its initialization should be checked (see SPEC-2091) - the location of the database has to be changed (see SPEC-1717 that provided a workaround) All in one, I decided to create that ticket that summarize the work that can be quickly achieved to answer all this issues that are tightly coupled. Bug-AGL: SPEC-2972 Bug-AGL: SPEC-2092 Bug-AGL: SPEC-2091 Bug-AGL: SPEC-1717 Change-Id: I7af941c25cfa1624d76c2e8f512f6535918912f0 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2019-11-14af-binder: Fix callsync hangingJosé Bollo1-1/+1
This bump includes the following changes: * 6f42df1e Improve detection of the bindings * b612db21 sig-monitor: Fix exit in signal handler * 355db4b7 jobs: Fix callsync hanging Bug-AGL: SPEC-2937, SPEC-2907, SPEC-2841 Change-Id: If45bd10e66d3db32790acc4f1c3f57948325c859 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2019-10-11af-main: Starting of HTML, API discovery, fixJosé Bollo1-1/+1
This upgrade includes the 2 fixes and one evolution below: * conf/system: fix shebang not absolute * Add WAIT_FOR_HOST_SERVICE envvar to unit files for webapps * Add discovery of API Bug-AGL: SPEC-2793 Bug-AGL: SPEC-2863 Bug-AGL: SPEC-2871 Change-Id: I0b9fb30b580be04d2f22c0daf3b21f4c4c0a2087 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2019-09-16af-binder: Fix event sending regressionJosé Bollo1-1/+1
This fix a regression described by the jira ticket below: events wasn't sent as expected. Bug-AGL: SPEC-2809 Include the following changes: * 8744669 Fix binding example path & update afb-daemon options * 45a4e69 Make source files relative * 7129df4 jobs: Wake up an event loop if needed * 84d1859 Revert "Make source files relative" Change-Id: If93c26bba71350b4499d54feaebdebb71ad816f5 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2019-09-05af-platform-setup: fix installation modeJosé Bollo1-1/+1
The file systemd-udevd.service.d/udev-shared.conf was installed with default rigths meaning rwxr-xr-x. Systemd complains about it: Configuration file /lib/systemd/system/systemd-udevd.service.d/udev-shared.conf is marked executable. Please remove executable permission bits. Proceeding anyway. This commit fix that issue. Bug-AGL: SPEC-2798 Change-Id: I90a2b0f538416b5e8e6f8e1aaf552530150c8103 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2019-08-20af-binder: fixesJosé Bollo1-1/+1
This integrates the following fixes * 3343b4d Fix outdated documents * 6f13ad1 Avoid lock when child dies * ac2ab69 Replace obsolete argument "sessiondir" with "workdir" * 0ea0734 jobs: Add starting mode for jobs * 6599a89 Fix client disconnection close Bug-AGL: SPEC-2714 Bug-AGL: SPEC-2720 Bug-AGL: SPEC-2759 Change-Id: I962f310cf69e72d01c78c0620115cd2d66586e2c Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2019-08-20afs-supervisor: Start the service on needJosé Bollo1-1/+1
afs-supervisor.service failed to start the supervisor due to a non available activation socket. This change start the api socket and will activate the service on need. Bug-AGL: SPEC-2753 Change-Id: I2fd3c2d2d29bce8d70becaba0792918d6f6c0769 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2019-08-01af-binder: Fix error in synchronous callsJosé Bollo1-1/+1
There fixes a bug with an inversion between info and error in implementation of synchronous calls, leading to bad detection of errors. Includes: * 6bb714c afb-xreq: Remove field 'listener' * d325856 afb-binding.h: Ensure json-c/json.h is sourced * 056c53d AFB.js: Improve default token discovery * daecef1 supervisor: Setup services for local API use * 687d90d Fix detection of error in call synchronous Bug-AGL: SPEC-2697 Change-Id: I20cf2d5219e7cc962862b604e642610b0f8a75b1 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2019-07-23af-binder: Fix circular broadcast of eventsJosé Bollo1-1/+1
Include changes: * 6fe59e2 uuid: Add module for UUID generation * 5b59688 afb-evt: Refactor processing of broadcasted events * 6dfeafe Tag broadcasted events with UUID and hop * 51ab7c2 Fix bad memory access at client disconnection Bug-AGL: SPEC-2625 Change-Id: Ifa81293a783d5119d7a3d4c33598e1eb865e703c Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2019-07-13af-binder: Fix of subscribe issueJosé Bollo1-1/+1
Enforce serialization of messages, makes event really asynchronous, and enforce (un)subscribe in living request. Include the following changes: * 909893e afb-evt: Improve compatibility to guppy * 248ec5d afb-evt: send events in separate job * c8cc0d6 Revert "afb-stub-ws: Allow unordered process of messages" * bc38af3 afb-xreq: Forbids (un)subscribes after reply * 0342cd1 afb-client-demo: Allow pipe of messages Bug-AGL: SPEC-2215 Bug-AGL: SPEC-2219 Bug-AGL: SPEC-2542 Bug-AGL: SPEC-2599 Change-Id: I357aeb852e2041ac6056dd563dac42f29dadb52d Signed-off-by: José Bollo <jose.bollo@iot.bzh>