From 4b4c0f15d1d2a52e636aa22e56cf864d1a8a656b Mon Sep 17 00:00:00 2001 From: Scott Murray Date: Mon, 5 Jun 2023 10:07:24 -0400 Subject: Remove systemd user session and clean up packagegroups and images Remove the use of a systemd user session to align with how upstream runs Weston, and to allow using all systemd sandboxing features with the compositor and homescreen, launcher, etc. applications. The changes for this touched enough packagegroups and images that further rework was done to address some of the cleanup described in SPEC-4813, see below for details. Changes: - Remove agl-session and update various recipes that were manually adding dependencies to the user session it created. The compositor (be it weston or agl-compositor) and Wayland clients now run in the system session as non-root users. - Revive agl-users recipe, this time living in meta-agl-core, with the purpose of creating the agl-driver user. For simplicity, agl-compositor is always run as the agl-driver user, as opposed to trying to wrangle running it as different users depending on build configuration. This can potentially be made more configurable if a downstream user has a usecase to be able to specify another user. - Fully split agl-compositor's systemd unit with a tweaked fork of the weston-init recipe and unit which lives in meta-agl-core. This will be easier to maintain than the attempt to reuse weston-init for builds without meta-app-framework that was done previously. - Create packagegroup-agl-graphical-compositor, distinct from the weston packagegroup. This should make it more straightforward for downstreams that want agl-compositor or weston. - Rename agl-image-agl-compositor to agl-image-compositor to remove redundancy. - Tweak the logic for the inclusion of a few debug packages (e.g. agl-shell-activator) to ensure they only show up in images when agl-devel is enabled. - Split weston-terminal and the required icon resources into separate packages in our weston bbappend to avoid pulling in weston just to get the terminal for testing. - Add a agl-core-image.bbclass to use as a base for images. - Move our cross-SDK configuration to a agl-crosssdk.bbclass to ease reuse. - Remove various empty packagegroups. - Unify image .inc files with their .bb files as a simplification, and to move towards more how upstream Yocto Project does things. - Split pipewire tools into their own -devel packagegroup. - Remove rcar3 additions to packagegroup-agl-graphical-multimedia, as that packagegroup is not machine-specific. They will be added back in via a change in meta-agl-demo. If a downstream user desires a platform-specific packagegroup for such packages in meta-agl-core, this can be revisited, though a different implementation should be used. - Replace some :append usage with += to avoid creating problems for downstream users. Bug-AGL: SPEC-4714, SPEC-4813 Change-Id: I55b29bf749f0d5d50993a362c665bce62b785f67 Signed-off-by: Scott Murray Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/28996 Tested-by: Jan-Simon Moeller Reviewed-by: Jan-Simon Moeller --- .../wayland/agl-compositor-init.bb | 42 +++++++++---- .../agl-compositor-init/agl-compositor-autologin | 11 ++++ .../agl-compositor-init/agl-compositor.service | 68 ++++++++++++++++++++++ .../agl-compositor-init/agl-compositor.socket | 10 ++++ .../recipes-graphics/wayland/weston-ini-conf.bb | 6 -- .../wayland/weston_10.0_aglcore.inc | 23 +++++++- 6 files changed, 141 insertions(+), 19 deletions(-) create mode 100644 meta-agl-core/recipes-graphics/wayland/agl-compositor-init/agl-compositor-autologin create mode 100644 meta-agl-core/recipes-graphics/wayland/agl-compositor-init/agl-compositor.service create mode 100644 meta-agl-core/recipes-graphics/wayland/agl-compositor-init/agl-compositor.socket (limited to 'meta-agl-core/recipes-graphics/wayland') diff --git a/meta-agl-core/recipes-graphics/wayland/agl-compositor-init.bb b/meta-agl-core/recipes-graphics/wayland/agl-compositor-init.bb index 0cdf4d5d6..a3127a3e5 100644 --- a/meta-agl-core/recipes-graphics/wayland/agl-compositor-init.bb +++ b/meta-agl-core/recipes-graphics/wayland/agl-compositor-init.bb @@ -1,10 +1,16 @@ -SUMMARY = "Startup systemd unit drop-in file for the AGL Wayland compositor" +SUMMARY = "Startup systemd unit for the AGL Wayland compositor" LICENSE = "MIT" LIC_FILES_CHKSUM = "file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420" +inherit systemd + PACKAGE_ARCH = "${MACHINE_ARCH}" -SRC_URI = "file://agl-compositor.conf.in" +SRC_URI = "file://agl-compositor.service \ + file://agl-compositor.socket \ + file://agl-compositor-autologin \ + file://agl-compositor.conf.in \ +" S = "${WORKDIR}" @@ -15,7 +21,14 @@ AGL_COMPOSITOR_ARGS:append = " ${@bb.utils.contains("DISTRO_FEATURES", "agl-deve AGL_COMPOSITOR_ARGS:append = " ${@bb.utils.contains("WESTON_USE_PIXMAN", "1", " --use-pixman", "",d)}" do_install() { - # Process ".in" files + # Install systemd service + install -D -p -m0644 ${WORKDIR}/agl-compositor.service ${D}${systemd_system_unitdir}/agl-compositor.service + install -D -p -m0644 ${WORKDIR}/agl-compositor.socket ${D}${systemd_system_unitdir}/agl-compositor.socket + if [ "${@bb.utils.filter('DISTRO_FEATURES', 'pam', d)}" ]; then + install -D -p -m0644 ${WORKDIR}/agl-compositor-autologin ${D}${sysconfdir}/pam.d/agl-compositor-autologin + fi + + # Install systemd service drop-in with extra configuration files=agl-compositor.conf.in for f in ${files}; do g=${f%.in} @@ -24,17 +37,22 @@ do_install() { ${WORKDIR}/${f} > ${WORKDIR}/${g} fi done - - # Install Weston systemd service drop-in - install -d ${D}${systemd_system_unitdir}/weston.service.d - install -m644 ${WORKDIR}/agl-compositor.conf ${D}/${systemd_system_unitdir}/weston.service.d/agl-compositor.conf + install -d ${D}${systemd_system_unitdir}/agl-compositor.service.d + install -m644 ${WORKDIR}/agl-compositor.conf ${D}/${systemd_system_unitdir}/agl-compositor.service.d/agl-compositor.conf } FILES:${PN} += "\ - ${systemd_system_unitdir}/weston.service.d \ + ${systemd_system_unitdir}/agl-compositor.service \ + ${systemd_system_unitdir}/agl-compositor.socket \ + ${systemd_system_unitdir}/agl-compositor.service.d \ + ${sysconfdir}/default/agl-compositor \ + ${sysconfdir}/pam.d/ \ " -RDEPENDS:${PN} = " \ - agl-compositor \ - weston-init \ -" +CONFFILES:${PN} += "${sysconfdir}/default/agl-compositor" + +RDEPENDS:${PN} = "agl-users agl-compositor weston-ini" + +RCONFLICTS:${PN} = "weston-init" + +SYSTEMD_SERVICE:${PN} = "agl-compositor.service agl-compositor.socket" diff --git a/meta-agl-core/recipes-graphics/wayland/agl-compositor-init/agl-compositor-autologin b/meta-agl-core/recipes-graphics/wayland/agl-compositor-init/agl-compositor-autologin new file mode 100644 index 000000000..f6e6d106d --- /dev/null +++ b/meta-agl-core/recipes-graphics/wayland/agl-compositor-init/agl-compositor-autologin @@ -0,0 +1,11 @@ +auth required pam_nologin.so +auth required pam_unix.so try_first_pass nullok + +account required pam_nologin.so +account required pam_unix.so + +session required pam_env.so +session required pam_unix.so +-session optional pam_systemd.so type=wayland class=user desktop=weston +-session optional pam_loginuid.so + diff --git a/meta-agl-core/recipes-graphics/wayland/agl-compositor-init/agl-compositor.service b/meta-agl-core/recipes-graphics/wayland/agl-compositor-init/agl-compositor.service new file mode 100644 index 000000000..b064b1ef3 --- /dev/null +++ b/meta-agl-core/recipes-graphics/wayland/agl-compositor-init/agl-compositor.service @@ -0,0 +1,68 @@ +# This is a system unit for launching AGL compositor with auto-login as the +# user configured here. +# +# AGL compositor and Weston must be built with systemd support, and your +# weston.ini must load the plugin systemd-notify.so. +[Unit] +Description=AGL compositor +Documentation=man:weston(1) man:weston.ini(5) +Documentation=http://wayland.freedesktop.org/ + +# Make sure we are started after logins are permitted. +Requires=systemd-user-sessions.service +After=systemd-user-sessions.service + +# D-Bus is necessary for contacting logind. Logind is required. +Wants=dbus.socket +After=dbus.socket + +# Ensure the socket is present +Requires=agl-compositor.socket + +# Since we are part of the graphical session, make sure we are started before +# it is complete. +Before=graphical.target + +# Prevent starting on systems without virtual consoles, Weston requires one +# for now. +ConditionPathExists=/dev/tty0 + +[Service] +# Requires systemd-notify.so Weston plugin. +Type=notify +EnvironmentFile=-/etc/default/agl-compositor +ExecStart=/usr/bin/agl-compositor --modules=systemd-notify.so + +# Watchdog setup +TimeoutStartSec=60 +WatchdogSec=20 + +# The user to run as. +User=agl-driver +Group=agl-driver + +# Make sure the working directory is the users home directory +WorkingDirectory=/home/agl-driver + +# Set up a full user session for the user +PAMName=agl-compositor-autologin + +# A virtual terminal is needed. +TTYPath=/dev/tty7 +TTYReset=yes +TTYVHangup=yes +TTYVTDisallocate=yes + +# Fail to start if not controlling the tty. +StandardInput=tty-fail +StandardOutput=journal +StandardError=journal + +# Log this user with utmp, letting it show up with commands 'w' and 'who'. +UtmpIdentifier=tty7 +UtmpMode=user + +[Install] +# Note: If you only want weston to start on-demand, remove this line with a +# service drop file +WantedBy=graphical.target diff --git a/meta-agl-core/recipes-graphics/wayland/agl-compositor-init/agl-compositor.socket b/meta-agl-core/recipes-graphics/wayland/agl-compositor-init/agl-compositor.socket new file mode 100644 index 000000000..ef9769ff7 --- /dev/null +++ b/meta-agl-core/recipes-graphics/wayland/agl-compositor-init/agl-compositor.socket @@ -0,0 +1,10 @@ +# +# Weston must be built with systemd support, and your weston.ini must load +# the plugin systemd-notify.so. + +[Unit] +Description=agl-compositor, a Wayland compositor, as a systemd user service +Documentation=https://docs.automotivelinux.org/en/master/#5_Component_Documentation/1_agl-compositor/ + +[Socket] +ListenStream=%t/wayland-0 diff --git a/meta-agl-core/recipes-graphics/wayland/weston-ini-conf.bb b/meta-agl-core/recipes-graphics/wayland/weston-ini-conf.bb index 2f5185dd4..4c4748eec 100644 --- a/meta-agl-core/recipes-graphics/wayland/weston-ini-conf.bb +++ b/meta-agl-core/recipes-graphics/wayland/weston-ini-conf.bb @@ -117,7 +117,6 @@ PACKAGE_ARCH = "${MACHINE_ARCH}" ALTERNATIVE_LINK_NAME[weston.ini] = "${weston_ini_dir}/weston.ini" -RDEPENDS:${PN} = "weston-init" RPROVIDES:${PN} = "weston-ini" RCONFLICTS:${PN} = "${PN}-landscape" ALTERNATIVE:${PN} = "weston.ini" @@ -127,7 +126,6 @@ PACKAGE_BEFORE_PN += "${PN}-landscape" FILES:${PN}-landscape = "${weston_ini_dir}/weston.ini.landscape" -RDEPENDS:${PN}-landscape = "weston-init" RPROVIDES:${PN}-landscape = "weston-ini" RCONFLICTS:${PN}-landscape = "${PN}" ALTERNATIVE:${PN}-landscape = "weston.ini" @@ -137,7 +135,6 @@ PACKAGE_BEFORE_PN += "${PN}-landscape-inverted" FILES:${PN}-landscape-inverted = "${weston_ini_dir}/weston.ini.landscape-inverted" -RDEPENDS:${PN}-landscape-inverted = "weston-init" RPROVIDES:${PN}-landscape-inverted = "weston-ini" RCONFLICTS:${PN}-landscape-inverted = "${PN}" ALTERNATIVE:${PN}-landscape-inverted = "weston.ini" @@ -148,7 +145,6 @@ PACKAGE_BEFORE_PN += "${PN}-no-activate" FILES:${PN}-no-activate = "${weston_ini_dir}/weston.ini.default-no-activate" -RDEPENDS:${PN}-no-activate = "weston-init" RPROVIDES:${PN}-no-activate = "weston-ini" RCONFLICTS:${PN}-no-activate = "${PN}" ALTERNATIVE:${PN}-no-activate = "weston.ini" @@ -159,13 +155,11 @@ PACKAGE_BEFORE_PN += "${PN}-landscape-no-activate" FILES:${PN}-landscape-no-activate = "${weston_ini_dir}/weston.ini.landscape-no-activate" -RDEPENDS:${PN}-landscape-no-activate = "weston-init" RPROVIDES:${PN}-landscape-no-activate = "weston-ini" RCONFLICTS:${PN}-landscape-no-activate = "${PN}" ALTERNATIVE:${PN}-landscape-no-activate = "weston.ini" ALTERNATIVE_TARGET_${PN}-landscape-no-activate = "${weston_ini_dir}/weston.ini.landscape-no-activate" - # This is a settings-only package, we do not need a development package # (and its fixed dependency to ${PN} being installed) PACKAGES:remove = "${PN}-dev ${PN}-staticdev" diff --git a/meta-agl-core/recipes-graphics/wayland/weston_10.0_aglcore.inc b/meta-agl-core/recipes-graphics/wayland/weston_10.0_aglcore.inc index 41ec612ee..648d17b2f 100644 --- a/meta-agl-core/recipes-graphics/wayland/weston_10.0_aglcore.inc +++ b/meta-agl-core/recipes-graphics/wayland/weston_10.0_aglcore.inc @@ -9,4 +9,25 @@ SRC_URI:append = "file://0001-libweston-Send-name-description-update-wl_output-t file://0001-libweston-desktop-xdg-shell-Add-tiled-orientation-st.patch \ file://0001-simple-touch-Add-maximized-fullscreen-states.patch \ file://0001-libweston-weston-log-Add-an-iterator-for-going-over-.patch \ - file://0001-backend-drm-make-sure-all-buffers-are-released-when-.patch " + file://0001-backend-drm-make-sure-all-buffers-are-released-when-.patch \ +" + +# Split weston-terminal out of the main package to allow installing it +# separately for use with other compositors. The icons, etc. that end +# up in /usr/share/weston are also split out into a separate package +# since they are required for weston-terminal and some of the programs +# packaged in weston-examples in addition to ivi-shell in the main +# package. + +PACKAGE_BEFORE_PN += "${PN}-data ${PN}-terminal" + +FILES:${PN}-data = "${datadir}/weston" + +FILES:${PN}-terminal = "${bindir}/weston-terminal" +RDEPENDS:${PN}-terminal += "weston-data liberation-fonts" + +RDEPENDS:${PN}-examples += "weston-data" + +FILES:${PN}:remove = "weston-terminal" +RDEPENDS:${PN}:remove = "liberation-fonts" +RDEPENDS:${PN} += "weston-data weston-terminal" -- cgit 1.2.3-korg