From 491d35dab07f14229b6d63477fb439fa39f2c869 Mon Sep 17 00:00:00 2001 From: Stephane Desneux Date: Fri, 8 Jul 2016 15:08:25 +0000 Subject: meta-app-framework: add af-main-tools and dependencies in nativesdk-packagegroup-sdk-host This is required to install app framework sdk tools. Change-Id: Iad407420fa734c063926d1883c288af387155668 Signed-off-by: Stephane Desneux --- .../recipes-core/af-main/nativesdk-af-main_1.0.bb | 25 ++++++++++++++++++++++ 1 file changed, 25 insertions(+) create mode 100644 meta-app-framework/recipes-core/af-main/nativesdk-af-main_1.0.bb (limited to 'meta-app-framework/recipes-core/af-main/nativesdk-af-main_1.0.bb') diff --git a/meta-app-framework/recipes-core/af-main/nativesdk-af-main_1.0.bb b/meta-app-framework/recipes-core/af-main/nativesdk-af-main_1.0.bb new file mode 100644 index 000000000..426e99911 --- /dev/null +++ b/meta-app-framework/recipes-core/af-main/nativesdk-af-main_1.0.bb @@ -0,0 +1,25 @@ +require af-main_${PV}.inc + +inherit nativesdk cmake pkgconfig + +SECTION = "base" + +DEPENDS = "nativesdk-openssl nativesdk-libxml2 nativesdk-xmlsec1 nativesdk-libzip" + +afm_name = "afm" +afm_confdir = "${sysconfdir}/${afm_name}" +afm_datadir = "${datadir}/${afm_name}" + +EXTRA_OECMAKE = "\ + -DUSE_LIBZIP=1 \ + -DUSE_SIMULATION=1 \ + -DUSE_SDK=1 \ + -Dafm_name=${afm_name} \ + -Dafm_confdir=${afm_confdir} \ + -Dafm_datadir=${afm_datadir} \ +" + +PACKAGES = "${PN}-tools ${PN}-tools-dbg" +FILES_${PN}-tools = "${bindir}/wgtpkg-* ${afm_confdir}/*" +FILES_${PN}-tools-dbg = "${bindir}/.debug/wgtpkg-*" + -- cgit 1.2.3-korg From b4ab95010b9d8deedbd3b2b369a214a9fe4065b7 Mon Sep 17 00:00:00 2001 From: Stephane Desneux Date: Thu, 10 Nov 2016 12:46:59 +0100 Subject: meta-app-framework: fix unpackaged files in nativesdk-af-main Recent changes in af-main now generate .pc (pkgconfig) files. These files shouldn't be packaged for nativesdk-af-main: they are just removed at the end of the install task to avoid the 'unpackaged files' error. Change-Id: I61364c430c0272e8e8a398e1e5640c856c668c1b Signed-off-by: Stephane Desneux --- meta-app-framework/recipes-core/af-main/nativesdk-af-main_1.0.bb | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'meta-app-framework/recipes-core/af-main/nativesdk-af-main_1.0.bb') diff --git a/meta-app-framework/recipes-core/af-main/nativesdk-af-main_1.0.bb b/meta-app-framework/recipes-core/af-main/nativesdk-af-main_1.0.bb index 426e99911..0169e6b1a 100644 --- a/meta-app-framework/recipes-core/af-main/nativesdk-af-main_1.0.bb +++ b/meta-app-framework/recipes-core/af-main/nativesdk-af-main_1.0.bb @@ -19,6 +19,11 @@ EXTRA_OECMAKE = "\ -Dafm_datadir=${afm_datadir} \ " +do_install_append() { + # remove unused .pc file we don't want to package + rm -rf ${D}/${libdir} +} + PACKAGES = "${PN}-tools ${PN}-tools-dbg" FILES_${PN}-tools = "${bindir}/wgtpkg-* ${afm_confdir}/*" FILES_${PN}-tools-dbg = "${bindir}/.debug/wgtpkg-*" -- cgit 1.2.3-korg From ed0ec649f38a3044aaf3d36222be0391872cf2f5 Mon Sep 17 00:00:00 2001 From: Anton Gerasimov Date: Wed, 14 Dec 2016 14:08:16 +0100 Subject: Move all writable data used by security-manager and appfw to /var The purpose of these changes is to make OSTree and AppFw update domains compatible with each other. Some intergation code is also needed to deploy initial data to writable area (see SPEC-359 in Jira). Bug-AGL: SPEC-359 Change-Id: Iccba1e9916c569167df2922ad5e2d90cc33f06fe Signed-off-by: Anton Gerasimov Signed-off-by: Stephane Desneux --- .../af-main/af-main/init-afm-dirs.service | 15 ++ .../recipes-core/af-main/af-main/init-afm-dirs.sh | 7 + .../recipes-core/af-main/af-main_1.0.bb | 22 ++- .../recipes-core/af-main/nativesdk-af-main_1.0.bb | 2 +- .../Removing-tizen-platform-config.patch | 196 +++++++++++++++++++++ .../init-security-manager-db.service | 15 ++ .../security-manager/init-security-manager-db.sh | 6 + .../security-manager/security-manager_%.bbappend | 14 +- .../afm-client/files/afm-client.service | 2 +- 9 files changed, 270 insertions(+), 9 deletions(-) create mode 100644 meta-app-framework/recipes-core/af-main/af-main/init-afm-dirs.service create mode 100644 meta-app-framework/recipes-core/af-main/af-main/init-afm-dirs.sh create mode 100644 meta-app-framework/recipes-core/security-manager/security-manager/Removing-tizen-platform-config.patch create mode 100644 meta-app-framework/recipes-core/security-manager/security-manager/init-security-manager-db.service create mode 100644 meta-app-framework/recipes-core/security-manager/security-manager/init-security-manager-db.sh (limited to 'meta-app-framework/recipes-core/af-main/nativesdk-af-main_1.0.bb') diff --git a/meta-app-framework/recipes-core/af-main/af-main/init-afm-dirs.service b/meta-app-framework/recipes-core/af-main/af-main/init-afm-dirs.service new file mode 100644 index 000000000..7e3b9e4e8 --- /dev/null +++ b/meta-app-framework/recipes-core/af-main/af-main/init-afm-dirs.service @@ -0,0 +1,15 @@ +# +# Install security-manager DB to /var + +[Unit] +Description=Deploy AFM directories to /var +After=sysinit.target +Before=afm-system-daemon.service +Before=afm-user-daemon.service + +[Install] +WantedBy=default.target + +[Service] +Type=oneshot +ExecStart=/usr/bin/init-afm-dirs.sh diff --git a/meta-app-framework/recipes-core/af-main/af-main/init-afm-dirs.sh b/meta-app-framework/recipes-core/af-main/af-main/init-afm-dirs.sh new file mode 100644 index 000000000..97cf272f2 --- /dev/null +++ b/meta-app-framework/recipes-core/af-main/af-main/init-afm-dirs.sh @@ -0,0 +1,7 @@ +#!/bin/sh + +if [ ! -e "/var/lib/afm" ]; then + mkdir -p /var/lib + cp -ra /usr/share/afm /var/lib +fi + diff --git a/meta-app-framework/recipes-core/af-main/af-main_1.0.bb b/meta-app-framework/recipes-core/af-main/af-main_1.0.bb index 611307fb0..834e293fa 100644 --- a/meta-app-framework/recipes-core/af-main/af-main_1.0.bb +++ b/meta-app-framework/recipes-core/af-main/af-main_1.0.bb @@ -16,7 +16,8 @@ DEPENDS_class-native = "openssl libxml2 xmlsec1 libzip" afm_name = "afm" afm_confdir = "${sysconfdir}/${afm_name}" -afm_datadir = "${datadir}/${afm_name}" +afm_datadir = "/var/lib/${afm_name}" +afm_init_datadir = "${datadir}/${afm_name}" afb_binding_dir = "${libdir}/afb" EXTRA_OECMAKE_class-native = "\ @@ -46,8 +47,12 @@ GROUPADD_PARAM_${PN} = "-r ${afm_name}" SYSTEMD_SERVICE_${PN} = "afm-system-daemon.service" SYSTEMD_AUTO_ENABLE = "enable" +SRC_URI_append = "file://init-afm-dirs.sh \ + ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'file://init-afm-dirs.service', '', d)}" + FILES_${PN} += "\ - ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '${systemd_user_unitdir}/afm-user-daemon.service', '', d)} \ + ${bindir}/init-afm-dirs.sh \ + ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '${systemd_user_unitdir}/afm-user-daemon.service ${systemd_unitdir}/system/init-afm-dirs.service', '', d)} \ " RDEPENDS_${PN}_append_smack = " smack-userspace" @@ -60,9 +65,14 @@ SRC_URI += "\ " do_install_append() { + install -d ${D}${bindir} + install -m 0755 ${WORKDIR}/init-afm-dirs.sh ${D}${bindir} if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then mkdir -p ${D}${sysconfdir}/systemd/user/default.target.wants + mkdir -p ${D}${sysconfdir}/systemd/system/default.target.wants ln -sf ${systemd_user_unitdir}/afm-user-daemon.service ${D}${sysconfdir}/systemd/user/default.target.wants + install -p -D ${WORKDIR}/init-afm-dirs.service ${D}${systemd_unitdir}/system/init-afm-dirs.service + ln -sf ${systemd_unitdir}/system/init-afm-dirs.service ${D}${sysconfdir}/systemd/system/default.target.wants fi } @@ -79,15 +89,15 @@ EOF } pkg_postinst_${PN}() { - mkdir -p $D${afm_datadir}/applications $D${afm_datadir}/icons + mkdir -p $D${afm_init_datadir}/applications $D${afm_init_datadir}/icons setcap cap_mac_override,cap_dac_override=ep $D${bindir}/afm-system-daemon setcap cap_mac_override,cap_mac_admin,cap_setgid=ep $D${bindir}/afm-user-daemon } pkg_postinst_${PN}_smack() { - mkdir -p $D${afm_datadir}/applications $D${afm_datadir}/icons - chown ${afm_name}:${afm_name} $D${afm_datadir} $D${afm_datadir}/applications $D${afm_datadir}/icons - chsmack -a 'System::Shared' -t $D${afm_datadir} $D${afm_datadir}/applications $D${afm_datadir}/icons + mkdir -p $D${afm_init_datadir}/applications $D${afm_init_datadir}/icons + chown ${afm_name}:${afm_name} $D${afm_init_datadir} $D${afm_init_datadir}/applications $D${afm_init_datadir}/icons + chsmack -a 'System::Shared' -t $D${afm_init_datadir} $D${afm_init_datadir}/applications $D${afm_init_datadir}/icons setcap cap_mac_override,cap_dac_override=ep $D${bindir}/afm-system-daemon setcap cap_mac_override,cap_mac_admin,cap_setgid=ep $D${bindir}/afm-user-daemon } diff --git a/meta-app-framework/recipes-core/af-main/nativesdk-af-main_1.0.bb b/meta-app-framework/recipes-core/af-main/nativesdk-af-main_1.0.bb index 0169e6b1a..ba70c59ab 100644 --- a/meta-app-framework/recipes-core/af-main/nativesdk-af-main_1.0.bb +++ b/meta-app-framework/recipes-core/af-main/nativesdk-af-main_1.0.bb @@ -8,7 +8,7 @@ DEPENDS = "nativesdk-openssl nativesdk-libxml2 nativesdk-xmlsec1 nativesdk-libzi afm_name = "afm" afm_confdir = "${sysconfdir}/${afm_name}" -afm_datadir = "${datadir}/${afm_name}" +afm_datadir = "/var/lib/${afm_name}" EXTRA_OECMAKE = "\ -DUSE_LIBZIP=1 \ diff --git a/meta-app-framework/recipes-core/security-manager/security-manager/Removing-tizen-platform-config.patch b/meta-app-framework/recipes-core/security-manager/security-manager/Removing-tizen-platform-config.patch new file mode 100644 index 000000000..4830db2a8 --- /dev/null +++ b/meta-app-framework/recipes-core/security-manager/security-manager/Removing-tizen-platform-config.patch @@ -0,0 +1,196 @@ +From 72e66d0e42f3bb6efd689ce33b1df407d94b3c60 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Jos=C3=A9=20Bollo?= +Date: Mon, 16 Nov 2015 14:26:25 +0100 +Subject: [PATCH] Removing tizen-platform-config + +Change-Id: Ic832a2b75229517b09faba969c27fb1a4b490121 +--- + policy/security-manager-policy-reload | 2 +- + src/common/file-lock.cpp | 4 +--- + src/common/include/file-lock.h | 1 - + src/common/include/privilege_db.h | 3 +-- + src/common/service_impl.cpp | 39 +++++++++++------------------------ + src/common/smack-rules.cpp | 12 ++++------- + 6 files changed, 19 insertions(+), 42 deletions(-) + +diff --git a/policy/security-manager-policy-reload b/policy/security-manager-policy-reload +index 6f211c6..ed8047a 100755 +--- a/policy/security-manager-policy-reload ++++ b/policy/security-manager-policy-reload +@@ -2,7 +2,7 @@ + + POLICY_PATH=/usr/share/security-manager/policy + PRIVILEGE_GROUP_MAPPING=$POLICY_PATH/privilege-group.list +-DB_FILE=`tzplatform-get TZ_SYS_DB | cut -d= -f2`/.security-manager.db ++DB_FILE=/var/db/security-manager/.security-manager.db + + # Create default buckets + while read bucket default_policy +diff --git a/src/common/file-lock.cpp b/src/common/file-lock.cpp +index 6f3996c..1dada17 100644 +--- a/src/common/file-lock.cpp ++++ b/src/common/file-lock.cpp +@@ -30,9 +30,7 @@ + + namespace SecurityManager { + +-char const * const SERVICE_LOCK_FILE = tzplatform_mkpath3(TZ_SYS_RUN, +- "lock", +- "security-manager.lock"); ++char const * const SERVICE_LOCK_FILE = "/var/run/lock/security-manager.lock"; + + FileLocker::FileLocker(const std::string &lockFile, bool blocking) + { +diff --git a/src/common/include/file-lock.h b/src/common/include/file-lock.h +index 604b019..21a86a0 100644 +--- a/src/common/include/file-lock.h ++++ b/src/common/include/file-lock.h +@@ -29,7 +29,6 @@ + + #include + #include +-#include + + namespace SecurityManager { + +diff --git a/src/common/include/privilege_db.h b/src/common/include/privilege_db.h +index 4d73d90..03c6680 100644 +--- a/src/common/include/privilege_db.h ++++ b/src/common/include/privilege_db.h +@@ -34,14 +34,13 @@ + #include + + #include +-#include + + #ifndef PRIVILEGE_DB_H_ + #define PRIVILEGE_DB_H_ + + namespace SecurityManager { + +-const char *const PRIVILEGE_DB_PATH = tzplatform_mkpath(TZ_SYS_DB, ".security-manager.db"); ++const char *const PRIVILEGE_DB_PATH = "/var/db/security-manager/.security-manager.db"; + + enum class QueryType { + EGetPkgPrivileges, +diff --git a/src/common/service_impl.cpp b/src/common/service_impl.cpp +index ae305d3..65cc8b5 100644 +--- a/src/common/service_impl.cpp ++++ b/src/common/service_impl.cpp +@@ -32,7 +32,6 @@ + #include + + #include +-#include + + #include "protocols.h" + #include "privilege_db.h" +@@ -131,7 +130,13 @@ static inline int validatePolicy(policy_entry &policyEntry, std::string uidStr, + + static uid_t getGlobalUserId(void) + { +- static uid_t globaluid = tzplatform_getuid(TZ_SYS_GLOBALAPP_USER); ++ static uid_t globaluid = 0; ++ if (!globaluid) { ++ struct passwd pw, *p; ++ char buf[4096]; ++ int rc = getpwnam_r("userapp", &pw, buf, sizeof buf, &p); ++ globaluid = (rc || p == NULL) ? 555 : p->pw_uid; ++ } + return globaluid; + } + +@@ -161,37 +166,17 @@ static inline bool isSubDir(const char *parent, const char *subdir) + + static bool getUserAppDir(const uid_t &uid, std::string &userAppDir) + { +- struct tzplatform_context *tz_ctx = nullptr; +- +- if (tzplatform_context_create(&tz_ctx)) +- return false; +- +- if (tzplatform_context_set_user(tz_ctx, uid)) { +- tzplatform_context_destroy(tz_ctx); +- tz_ctx = nullptr; ++ struct passwd pw, *p; ++ char buf[4096]; ++ int rc = getpwuid_r(uid, &pw, buf, sizeof buf, &p); ++ if (rc || p == NULL) + return false; +- } +- +- enum tzplatform_variable id = +- (uid == getGlobalUserId()) ? TZ_SYS_RW_APP : TZ_USER_APP; +- const char *appDir = tzplatform_context_getenv(tz_ctx, id); +- if (!appDir) { +- tzplatform_context_destroy(tz_ctx); +- tz_ctx = nullptr; +- return false; +- } +- +- userAppDir = appDir; +- +- tzplatform_context_destroy(tz_ctx); +- tz_ctx = nullptr; +- ++ userAppDir = p->pw_dir; + return true; + } + + static inline bool installRequestAuthCheck(const app_inst_req &req, uid_t uid, bool &isCorrectPath, std::string &appPath) + { +- std::string userHome; + std::string userAppDir; + std::stringstream correctPath; + +diff --git a/src/common/smack-rules.cpp b/src/common/smack-rules.cpp +index d834e42..8b5728b 100644 +--- a/src/common/smack-rules.cpp ++++ b/src/common/smack-rules.cpp +@@ -34,7 +34,6 @@ + #include + + #include +-#include + + #include "smack-labels.h" + #include "smack-rules.h" +@@ -43,7 +42,7 @@ namespace SecurityManager { + + const char *const SMACK_APP_LABEL_TEMPLATE = "~APP~"; + const char *const SMACK_PKG_LABEL_TEMPLATE = "~PKG~"; +-const char *const APP_RULES_TEMPLATE_FILE_PATH = tzplatform_mkpath4(TZ_SYS_SHARE, "security-manager", "policy", "app-rules-template.smack"); ++const char *const APP_RULES_TEMPLATE_FILE_PATH = "/usr/share/security-manager/policy/app-rules-template.smack"; + const char *const SMACK_APP_IN_PACKAGE_PERMS = "rwxat"; + + SmackRules::SmackRules() +@@ -237,14 +236,12 @@ void SmackRules::generatePackageCrossDeps(const std::vector &pkgCon + + std::string SmackRules::getPackageRulesFilePath(const std::string &pkgId) + { +- std::string path(tzplatform_mkpath3(TZ_SYS_SMACK, "accesses.d", ("pkg_" + pkgId).c_str())); +- return path; ++ return "/etc/smack/accesses.d/pkg_" + pkgId; + } + + std::string SmackRules::getApplicationRulesFilePath(const std::string &appId) + { +- std::string path(tzplatform_mkpath3(TZ_SYS_SMACK, "accesses.d", ("app_" + appId).c_str())); +- return path; ++ return "/etc/smack/accesses.d/app_" + appId; + } + void SmackRules::installApplicationPrivilegesRules(const std::string &appId, const std::string &pkgId, + const std::vector &pkgContents, const std::vector &privileges) +@@ -256,8 +253,7 @@ void SmackRules::installApplicationPrivilegesRules(const std::string &appId, con + for (auto privilege : privileges) { + if (privilege.empty()) + continue; +- std::string fprivilege ( privilege + "-template.smack"); +- std::string path(tzplatform_mkpath4(TZ_SYS_SHARE, "security-manager", "policy", fprivilege.c_str())); ++ std::string path = "/usr/share/security-manager/policy/" + privilege + "-template.smack"; + if( stat(path.c_str(), &buffer) == 0) + smackRules.addFromTemplateFile(appId, pkgId, path); + } +-- +2.1.4 + diff --git a/meta-app-framework/recipes-core/security-manager/security-manager/init-security-manager-db.service b/meta-app-framework/recipes-core/security-manager/security-manager/init-security-manager-db.service new file mode 100644 index 000000000..8ed5e8601 --- /dev/null +++ b/meta-app-framework/recipes-core/security-manager/security-manager/init-security-manager-db.service @@ -0,0 +1,15 @@ +# +# Install security-manager DB to /var + +[Unit] +Description=Install Security Manager database +After=sysinit.target +Before=security-manager.service + +[Install] +WantedBy=default.target + +[Service] +Type=oneshot +User=root +ExecStart=/usr/bin/init-security-manager-db.sh diff --git a/meta-app-framework/recipes-core/security-manager/security-manager/init-security-manager-db.sh b/meta-app-framework/recipes-core/security-manager/security-manager/init-security-manager-db.sh new file mode 100644 index 000000000..ef41286c8 --- /dev/null +++ b/meta-app-framework/recipes-core/security-manager/security-manager/init-security-manager-db.sh @@ -0,0 +1,6 @@ +#!/bin/sh + +if [ ! -e "/var/db/security-manager" ]; then + mkdir -p /var/db + cp -ra /usr/dbspace/ /var/db/security-manager +fi diff --git a/meta-app-framework/recipes-core/security-manager/security-manager_%.bbappend b/meta-app-framework/recipes-core/security-manager/security-manager_%.bbappend index d3a110de5..b4b5e01c4 100644 --- a/meta-app-framework/recipes-core/security-manager/security-manager_%.bbappend +++ b/meta-app-framework/recipes-core/security-manager/security-manager_%.bbappend @@ -1,4 +1,16 @@ FILESEXTRAPATHS_prepend := "${THISDIR}/security-manager:" -SRC_URI += " file://0001-Adapt-rules-to-AGL.patch " +SRC_URI += " file://0001-Adapt-rules-to-AGL.patch \ + file://init-security-manager-db.service \ + file://init-security-manager-db.sh" +SYSTEMD_SERVICE_${PN} = "init-security-manager-db.service" + +FILES_${PN}_append = "${bindir}/init-security-manager-db.sh" + +do_install_append () { + install -p -D ${WORKDIR}/init-security-manager-db.sh ${D}${bindir}/init-security-manager-db.sh + if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then + install -p -D ${WORKDIR}/init-security-manager-db.service ${D}${systemd_unitdir}/system/init-security-manager-db.service + fi +} diff --git a/meta-app-framework/recipes-example/afm-client/files/afm-client.service b/meta-app-framework/recipes-example/afm-client/files/afm-client.service index 688c91fd8..735717439 100644 --- a/meta-app-framework/recipes-example/afm-client/files/afm-client.service +++ b/meta-app-framework/recipes-example/afm-client/files/afm-client.service @@ -2,7 +2,7 @@ Description=Simplest application manager [Service] -ExecStart=/usr/bin/afb-daemon --mode=remote --port=1234 --token='' --sessiondir=/home/root/.afb-daemon --rootdir=/usr/share/agl/afm-client --alias=/icons:/usr/share/afm/icons +ExecStart=/usr/bin/afb-daemon --mode=remote --port=1234 --token='' --sessiondir=/home/root/.afb-daemon --rootdir=/usr/share/agl/afm-client --alias=/icons:/var/lib/afm/icons Restart=on-failure RestartSec=5 -- cgit 1.2.3-korg From 2645ceca2399368af20c1b1222575bcb7c6cb613 Mon Sep 17 00:00:00 2001 From: Ronan Le Martret Date: Thu, 23 Feb 2017 11:03:08 +0100 Subject: Update af-main * Fix wgtpkg-pack * Add json-c for native and nativesdk Change-Id: I9f2f6b55b729099a70e00f53c631e181d19cf1c9 Signed-off-by: Ronan Le Martret Signed-off-by: Stephane Desneux --- meta-app-framework/recipes-core/af-main/af-main_1.0.bb | 2 +- meta-app-framework/recipes-core/af-main/af-main_1.0.inc | 2 +- meta-app-framework/recipes-core/af-main/nativesdk-af-main_1.0.bb | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) (limited to 'meta-app-framework/recipes-core/af-main/nativesdk-af-main_1.0.bb') diff --git a/meta-app-framework/recipes-core/af-main/af-main_1.0.bb b/meta-app-framework/recipes-core/af-main/af-main_1.0.bb index 7819bfadf..c7b8ba440 100644 --- a/meta-app-framework/recipes-core/af-main/af-main_1.0.bb +++ b/meta-app-framework/recipes-core/af-main/af-main_1.0.bb @@ -12,7 +12,7 @@ BBCLASSEXTEND = "native" SECTION = "base" DEPENDS = "openssl libxml2 xmlsec1 systemd libzip json-c security-manager libcap-native af-binder" -DEPENDS_class-native = "openssl libxml2 xmlsec1 libzip" +DEPENDS_class-native = "openssl libxml2 xmlsec1 libzip json-c" afm_name = "afm" afm_confdir = "${sysconfdir}/${afm_name}" diff --git a/meta-app-framework/recipes-core/af-main/af-main_1.0.inc b/meta-app-framework/recipes-core/af-main/af-main_1.0.inc index 0d07fc2da..c04661a0e 100644 --- a/meta-app-framework/recipes-core/af-main/af-main_1.0.inc +++ b/meta-app-framework/recipes-core/af-main/af-main_1.0.inc @@ -14,7 +14,7 @@ SRC_URI = "${SRC_URI_git} \ ${SRC_URI_files} \ " -SRCREV = "c6b2074e18ce7a37a59bc1c3831407b42b18c889" +SRCREV = "7cf2890d871e76c082528565f59e1d0d1055b7f9" S = "${WORKDIR}/git" diff --git a/meta-app-framework/recipes-core/af-main/nativesdk-af-main_1.0.bb b/meta-app-framework/recipes-core/af-main/nativesdk-af-main_1.0.bb index ba70c59ab..021c9ac00 100644 --- a/meta-app-framework/recipes-core/af-main/nativesdk-af-main_1.0.bb +++ b/meta-app-framework/recipes-core/af-main/nativesdk-af-main_1.0.bb @@ -4,7 +4,7 @@ inherit nativesdk cmake pkgconfig SECTION = "base" -DEPENDS = "nativesdk-openssl nativesdk-libxml2 nativesdk-xmlsec1 nativesdk-libzip" +DEPENDS = "nativesdk-openssl nativesdk-libxml2 nativesdk-xmlsec1 nativesdk-libzip nativesdk-json-c" afm_name = "afm" afm_confdir = "${sysconfdir}/${afm_name}" -- cgit 1.2.3-korg From 685a4613bcfc3231066d66263e198399d78cea44 Mon Sep 17 00:00:00 2001 From: José Bollo Date: Tue, 14 Mar 2017 13:07:12 +0100 Subject: Move to AGL framework on top of systemd MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This new version of the framework leverages systemd features to launch its applications. Some of the advantages are: - possible use of systemd features (namespace, cgroups, autostart, dependency resolution, socket activation, ...) - more feature are let open to integrator's design Some of the drawbacks are: - not more possible to launch an other instance of an application already launched - pause/resume is no more available by the framework - the remote mode is to be redefined This commit integrates the first version of the framework on top of systemd. More work is to come. None of the current drawback is definitive. Bug-AGL: SPEC-138, SPEC-425, SPEC-426, SPEC-427 Change-Id: Idfb98761c0db23562bb783bed1b03aeb956fc587 Signed-off-by: José Bollo Signed-off-by: Stephane Desneux --- .../af-main/add-qt-wayland-shell-integration.patch | 21 +++++------ .../af-main/af-main/init-afm-dirs.service | 15 -------- .../recipes-core/af-main/af-main/init-afm-dirs.sh | 7 ---- .../recipes-core/af-main/af-main_1.0.bb | 42 ++++++++++------------ .../recipes-core/af-main/af-main_1.0.inc | 8 ++++- .../recipes-core/af-main/nativesdk-af-main_1.0.bb | 4 --- 6 files changed, 37 insertions(+), 60 deletions(-) delete mode 100644 meta-app-framework/recipes-core/af-main/af-main/init-afm-dirs.service delete mode 100644 meta-app-framework/recipes-core/af-main/af-main/init-afm-dirs.sh (limited to 'meta-app-framework/recipes-core/af-main/nativesdk-af-main_1.0.bb') diff --git a/meta-app-framework/recipes-core/af-main/af-main/add-qt-wayland-shell-integration.patch b/meta-app-framework/recipes-core/af-main/af-main/add-qt-wayland-shell-integration.patch index 8e21678be..c92415b80 100644 --- a/meta-app-framework/recipes-core/af-main/af-main/add-qt-wayland-shell-integration.patch +++ b/meta-app-framework/recipes-core/af-main/af-main/add-qt-wayland-shell-integration.patch @@ -1,11 +1,12 @@ -diff --git a/conf/afm-user-daemon.service b/conf/afm-user-daemon.service -index 6b5c1d8..e0f6799 100644 ---- a/conf/afm-user-daemon.service -+++ b/conf/afm-user-daemon.service -@@ -7,6 +7,7 @@ BusName=org.AGL.afm.user - ExecStart=/usr/bin/afm-user-daemon --user-dbus=unix:path=%t/bus - Environment=AFM_APP_INSTALL_DIR=%%r - Environment=LD_PRELOAD=/usr/lib/libEGL.so +diff --git a/conf/afm-unit.conf b/conf/afm-unit.conf +index 82113ef..2fbc9e2 100644 +--- a/conf/afm-unit.conf ++++ b/conf/afm-unit.conf +@@ -127,6 +127,7 @@ SuccessExitStatus=0 SIGKILL + WorkingDirectory=-{{&#metadata.app-data-dir}}/{{id}} + ExecStartPre=/bin/mkdir -p {{&#metadata.app-data-dir}}/{{id}} + Environment=AFM_APP_INSTALL_DIR={{:#metadata.install-dir}} +Environment=QT_WAYLAND_SHELL_INTEGRATION=ivi-shell - Restart=on-failure - RestartSec=5 + + %systemd-unit user + {{#required-permission.urn:AGL:permission::public:hidden}}\ diff --git a/meta-app-framework/recipes-core/af-main/af-main/init-afm-dirs.service b/meta-app-framework/recipes-core/af-main/af-main/init-afm-dirs.service deleted file mode 100644 index 7e3b9e4e8..000000000 --- a/meta-app-framework/recipes-core/af-main/af-main/init-afm-dirs.service +++ /dev/null @@ -1,15 +0,0 @@ -# -# Install security-manager DB to /var - -[Unit] -Description=Deploy AFM directories to /var -After=sysinit.target -Before=afm-system-daemon.service -Before=afm-user-daemon.service - -[Install] -WantedBy=default.target - -[Service] -Type=oneshot -ExecStart=/usr/bin/init-afm-dirs.sh diff --git a/meta-app-framework/recipes-core/af-main/af-main/init-afm-dirs.sh b/meta-app-framework/recipes-core/af-main/af-main/init-afm-dirs.sh deleted file mode 100644 index 97cf272f2..000000000 --- a/meta-app-framework/recipes-core/af-main/af-main/init-afm-dirs.sh +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/sh - -if [ ! -e "/var/lib/afm" ]; then - mkdir -p /var/lib - cp -ra /usr/share/afm /var/lib -fi - diff --git a/meta-app-framework/recipes-core/af-main/af-main_1.0.bb b/meta-app-framework/recipes-core/af-main/af-main_1.0.bb index 86b5d34e2..3c1b692f3 100644 --- a/meta-app-framework/recipes-core/af-main/af-main_1.0.bb +++ b/meta-app-framework/recipes-core/af-main/af-main_1.0.bb @@ -11,15 +11,9 @@ BBCLASSEXTEND = "native" SECTION = "base" -DEPENDS = "openssl libxml2 xmlsec1 systemd libzip json-c security-manager libcap-native af-binder" +DEPENDS = "openssl libxml2 xmlsec1 systemd libzip json-c systemd security-manager libcap-native af-binder" DEPENDS_class-native = "openssl libxml2 xmlsec1 libzip json-c" -afm_name = "afm" -afm_confdir = "${sysconfdir}/${afm_name}" -afm_datadir = "/var/lib/${afm_name}" -afm_init_datadir = "${datadir}/${afm_name}" -afb_binding_dir = "${libdir}/afb" - EXTRA_OECMAKE_class-native = "\ -DUSE_LIBZIP=1 \ -DUSE_SIMULATION=1 \ @@ -36,6 +30,7 @@ EXTRA_OECMAKE = "\ -Dafm_name=${afm_name} \ -Dafm_confdir=${afm_confdir} \ -Dafm_datadir=${afm_datadir} \ + -Dsystemd_units_root=${systemd_units_root} \ -DUNITDIR_USER=${systemd_user_unitdir} \ -DUNITDIR_SYSTEM=${systemd_system_unitdir} \ " @@ -47,37 +42,31 @@ GROUPADD_PARAM_${PN} = "-r ${afm_name}" SYSTEMD_SERVICE_${PN} = "afm-system-daemon.service" SYSTEMD_AUTO_ENABLE = "enable" -SRC_URI_append = "file://init-afm-dirs.sh \ - ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'file://init-afm-dirs.service', '', d)}" - FILES_${PN} += "\ - ${bindir}/init-afm-dirs.sh \ - ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '${systemd_user_unitdir}/afm-user-daemon.service ${systemd_unitdir}/system/init-afm-dirs.service', '', d)} \ + ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '${systemd_user_unitdir}/afm-user-daemon.service', '', d)} \ " - RDEPENDS_${PN}_append_smack = " smack-userspace" DEPENDS_append_smack = " smack-userspace-native" # short hacks here SRC_URI += "\ file://Hack-to-allow-the-debugging.patch \ - file://add-qt-wayland-shell-integration.patch \ " # tools used to install wgt at first boot SRC_URI += "\ file://afm-install \ + file://add-qt-wayland-shell-integration.patch \ " do_install_append() { install -d ${D}${bindir} - install -m 0755 ${WORKDIR}/init-afm-dirs.sh ${D}${bindir} + install -d -m 0775 ${D}${systemd_units_root}/{system,user} + install -d -m 0775 ${D}${systemd_units_root}/{system,user}/default.target.wants + install -d ${D}${afm_datadir}/{applications,icons} if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then - mkdir -p ${D}${sysconfdir}/systemd/user/default.target.wants - mkdir -p ${D}${sysconfdir}/systemd/system/default.target.wants + mkdir -p ${D}${sysconfdir}/systemd/{system,user}/default.target.wants ln -sf ${systemd_user_unitdir}/afm-user-daemon.service ${D}${sysconfdir}/systemd/user/default.target.wants - install -m 644 -p -D ${WORKDIR}/init-afm-dirs.service ${D}${systemd_unitdir}/system/init-afm-dirs.service - ln -sf ${systemd_unitdir}/system/init-afm-dirs.service ${D}${sysconfdir}/systemd/system/default.target.wants fi install -m 0755 ${WORKDIR}/afm-install ${D}${bindir} } @@ -87,18 +76,25 @@ do_install_append_qemux86-64() { } pkg_postinst_${PN}() { - mkdir -p $D${afm_init_datadir}/applications $D${afm_init_datadir}/icons + if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then + chgrp ${afm_name} $D${systemd_units_root}/{system,user}/{default.target.wants,.} + fi + chown ${afm_name}:${afm_name} $D${afm_datadir}/{applications,icons,.} setcap cap_mac_override,cap_dac_override=ep $D${bindir}/afm-system-daemon setcap cap_mac_override,cap_mac_admin,cap_setgid=ep $D${bindir}/afm-user-daemon } pkg_postinst_${PN}_smack() { - mkdir -p $D${afm_init_datadir}/applications $D${afm_init_datadir}/icons - chown ${afm_name}:${afm_name} $D${afm_init_datadir} $D${afm_init_datadir}/applications $D${afm_init_datadir}/icons - chsmack -a 'System::Shared' -t $D${afm_init_datadir} $D${afm_init_datadir}/applications $D${afm_init_datadir}/icons + if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then + chgrp ${afm_name} $D${systemd_units_root}/{system,user}/{default.target.wants,.} + chsmack -a 'System::Shared' -t $D${systemd_units_root}/{system,user}/{default.target.wants,.} + fi + chown ${afm_name}:${afm_name} $D${afm_datadir}/{applications,icons,.} + chsmack -a 'System::Shared' -t $D${afm_datadir}/{applications,icons,.} setcap cap_mac_override,cap_dac_override=ep $D${bindir}/afm-system-daemon setcap cap_mac_override,cap_mac_admin,cap_setgid=ep $D${bindir}/afm-user-daemon } +FILES_${PN} += " ${systemd_units_root} " PACKAGES =+ "${PN}-binding ${PN}-binding-dbg" FILES_${PN}-binding = " ${afb_binding_dir}/afm-main-binding.so " diff --git a/meta-app-framework/recipes-core/af-main/af-main_1.0.inc b/meta-app-framework/recipes-core/af-main/af-main_1.0.inc index c38dad4d4..6ce87ed71 100644 --- a/meta-app-framework/recipes-core/af-main/af-main_1.0.inc +++ b/meta-app-framework/recipes-core/af-main/af-main_1.0.inc @@ -14,7 +14,13 @@ SRC_URI = "${SRC_URI_git} \ ${SRC_URI_files} \ " -SRCREV = "863bf1c6b4e10176edf8b26a9703109ab8db2c43" +SRCREV = "255c83029f56e8d90e7ce185b007c4ca65afec1e" S = "${WORKDIR}/git" +afm_name = "afm" +afm_confdir = "${sysconfdir}/${afm_name}" +afm_datadir = "/var/local/lib/${afm_name}" +afb_binding_dir = "${libdir}/afb" +systemd_units_root = "/usr/local/lib/systemd" + diff --git a/meta-app-framework/recipes-core/af-main/nativesdk-af-main_1.0.bb b/meta-app-framework/recipes-core/af-main/nativesdk-af-main_1.0.bb index 021c9ac00..8d044345f 100644 --- a/meta-app-framework/recipes-core/af-main/nativesdk-af-main_1.0.bb +++ b/meta-app-framework/recipes-core/af-main/nativesdk-af-main_1.0.bb @@ -6,10 +6,6 @@ SECTION = "base" DEPENDS = "nativesdk-openssl nativesdk-libxml2 nativesdk-xmlsec1 nativesdk-libzip nativesdk-json-c" -afm_name = "afm" -afm_confdir = "${sysconfdir}/${afm_name}" -afm_datadir = "/var/lib/${afm_name}" - EXTRA_OECMAKE = "\ -DUSE_LIBZIP=1 \ -DUSE_SIMULATION=1 \ -- cgit 1.2.3-korg