From 6ca247d19f2a0d7cc0cb1beb8d26c99e7fac337b Mon Sep 17 00:00:00 2001 From: Ronan Le Martret Date: Wed, 19 Apr 2017 16:16:03 +0200 Subject: Run weston with dedicated 'display' user and group MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Create a user/group display * Allow weston to start without mandatory root user * start weston-terminal for each user Bug-AGL: SPEC-546 Change-Id: Id50acdbf5f7c07d5e0440575d42998b8819b5547 Signed-off-by: Ronan Le Martret Reviewed-on: https://gerrit.automotivelinux.org/gerrit/9135 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Dominig ar Foll Reviewed-by: José Bollo Reviewed-by: Stéphane Desneux Reviewed-by: Jan-Simon Moeller --- .../recipes-graphics/wayland/weston-init.bbappend | 54 ++++++++++++++++++---- 1 file changed, 44 insertions(+), 10 deletions(-) (limited to 'meta-agl/recipes-graphics/wayland/weston-init.bbappend') diff --git a/meta-agl/recipes-graphics/wayland/weston-init.bbappend b/meta-agl/recipes-graphics/wayland/weston-init.bbappend index 9b0f434e5..359cb76e5 100644 --- a/meta-agl/recipes-graphics/wayland/weston-init.bbappend +++ b/meta-agl/recipes-graphics/wayland/weston-init.bbappend @@ -1,20 +1,54 @@ FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:" -WESTONTTY ??= "1" -WESTONUSER ??= "root" -WESTONARGS ?= "--idle-time=4294967" -WESTONLAUNCHARGS ??= "--tty /dev/tty${WESTONTTY} --user ${WESTONUSER}" +inherit agl-graphical + +WESTONSTART ??= "/usr/bin/weston --idle-time=4294967 --tty=${WESTONTTY}" +WESTONSTART_append = " ${@bb.utils.contains("IMAGE_FEATURES", "debug-tweaks", " --log=${DISPLAY_XDG_RUNTIME_DIR}/weston.log", "",d)}" + +SRC_URI += " \ + file://weston_tmpfiles.conf \ + file://weston.service.add \ +" do_install_append() { - sed -e 's,launcher="weston-launch.*--",launcher="weston-launch ${WESTONLAUNCHARGS} --",g' \ - -e 's,exec openvt $openvt_args --,exec ,g' \ - -i ${D}${bindir}/weston-start + sed -i "/\[Unit\]/aConflicts=getty@tty${WESTONTTY}.service" \ + ${D}${systemd_system_unitdir}/weston.service + + sed -i "/\[Service\]/r ${S}/weston.service.add" \ + ${D}${systemd_system_unitdir}/weston.service sed -e 's,User=root,User=${WESTONUSER},g' \ - -e 's,$OPTARGS,${WESTONARGS} $OPTARGS,g' \ + -e 's,ExecStart=.*,ExecStart=${WESTONSTART},g' \ + -e 's,@WESTONTTY@,${WESTONTTY},g' \ + -e 's,@XDG_RUNTIME_DIR@,${DISPLAY_XDG_RUNTIME_DIR},g' \ -i ${D}${systemd_system_unitdir}/weston.service - sed -i "/\[Unit\]/aConflicts=getty@tty${WESTONTTY}.service" \ - ${D}${systemd_system_unitdir}/weston.service + # Add a rule to ensure the 'display' user has permissions to + # open the graphics device + install -d ${D}${sysconfdir}/init.d + install -d ${D}${sysconfdir}/udev/rules.d + cat >${D}${sysconfdir}/udev/rules.d/zz-dri.rules <<'EOF' +SUBSYSTEM=="drm", MODE="0660", GROUP="${WESTONGROUP}", SECLABEL{smack}="*" +EOF + + # user 'display' must own /dev/tty${WESTONTTY} for weston to start correctly + cat >${D}${sysconfdir}/udev/rules.d/zz-tty.rules <<'EOF' +SUBSYSTEM=="tty", KERNEL=="tty${WESTONTTY}", OWNER="${WESTONUSER}", SECLABEL{smack}="^" +EOF + + # user 'display' must also be able to access /dev/input/* + cat >${D}${sysconfdir}/udev/rules.d/zz-input.rules <<'EOF' +SUBSYSTEM=="input", MODE="0660", GROUP="input", SECLABEL{smack}="^" +EOF + + install -d ${D}${sysconfdir}/tmpfiles.d + install -Dm755 ${WORKDIR}/weston_tmpfiles.conf ${D}/${libdir}/tmpfiles.d/weston.conf + + sed -e 's,@WESTONUSER@,${WESTONUSER},g' \ + -e 's,@WESTONGROUP@,${WESTONGROUP},g' \ + -i ${D}/${libdir}/tmpfiles.d/weston.conf } +FILES_${PN} += "${libdir}/tmpfiles.d/*.conf" + + -- cgit 1.2.3-korg