From 4b4c0f15d1d2a52e636aa22e56cf864d1a8a656b Mon Sep 17 00:00:00 2001 From: Scott Murray Date: Mon, 5 Jun 2023 10:07:24 -0400 Subject: Remove systemd user session and clean up packagegroups and images Remove the use of a systemd user session to align with how upstream runs Weston, and to allow using all systemd sandboxing features with the compositor and homescreen, launcher, etc. applications. The changes for this touched enough packagegroups and images that further rework was done to address some of the cleanup described in SPEC-4813, see below for details. Changes: - Remove agl-session and update various recipes that were manually adding dependencies to the user session it created. The compositor (be it weston or agl-compositor) and Wayland clients now run in the system session as non-root users. - Revive agl-users recipe, this time living in meta-agl-core, with the purpose of creating the agl-driver user. For simplicity, agl-compositor is always run as the agl-driver user, as opposed to trying to wrangle running it as different users depending on build configuration. This can potentially be made more configurable if a downstream user has a usecase to be able to specify another user. - Fully split agl-compositor's systemd unit with a tweaked fork of the weston-init recipe and unit which lives in meta-agl-core. This will be easier to maintain than the attempt to reuse weston-init for builds without meta-app-framework that was done previously. - Create packagegroup-agl-graphical-compositor, distinct from the weston packagegroup. This should make it more straightforward for downstreams that want agl-compositor or weston. - Rename agl-image-agl-compositor to agl-image-compositor to remove redundancy. - Tweak the logic for the inclusion of a few debug packages (e.g. agl-shell-activator) to ensure they only show up in images when agl-devel is enabled. - Split weston-terminal and the required icon resources into separate packages in our weston bbappend to avoid pulling in weston just to get the terminal for testing. - Add a agl-core-image.bbclass to use as a base for images. - Move our cross-SDK configuration to a agl-crosssdk.bbclass to ease reuse. - Remove various empty packagegroups. - Unify image .inc files with their .bb files as a simplification, and to move towards more how upstream Yocto Project does things. - Split pipewire tools into their own -devel packagegroup. - Remove rcar3 additions to packagegroup-agl-graphical-multimedia, as that packagegroup is not machine-specific. They will be added back in via a change in meta-agl-demo. If a downstream user desires a platform-specific packagegroup for such packages in meta-agl-core, this can be revisited, though a different implementation should be used. - Replace some :append usage with += to avoid creating problems for downstream users. Bug-AGL: SPEC-4714, SPEC-4813 Change-Id: I55b29bf749f0d5d50993a362c665bce62b785f67 Signed-off-by: Scott Murray Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/28996 Tested-by: Jan-Simon Moeller Reviewed-by: Jan-Simon Moeller --- meta-app-framework/recipes-core/applaunchd/applaunchd_git.bb | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) (limited to 'meta-app-framework/recipes-core') diff --git a/meta-app-framework/recipes-core/applaunchd/applaunchd_git.bb b/meta-app-framework/recipes-core/applaunchd/applaunchd_git.bb index 3b2265df0..767c8bcc5 100644 --- a/meta-app-framework/recipes-core/applaunchd/applaunchd_git.bb +++ b/meta-app-framework/recipes-core/applaunchd/applaunchd_git.bb @@ -29,7 +29,14 @@ SRCREV = "7a3e870a8349d43a4838604db2c28140c2f76c9f" S = "${WORKDIR}/git" -inherit meson pkgconfig systemd +inherit meson pkgconfig systemd useradd + +USERADD_PACKAGES = "${PN}" +USERADDEXTENSION = "useradd-staticids" +GROUPADD_PARAM:${PN} = "-g 1003 applaunchd ; " +USERADD_PARAM:${PN} = "\ + -g 1003 -u 1003 -o -d / -K PASS_MAX_DAYS=-1 applaunchd ; \ +" SYSTEMD_SERVICE:${PN} = "applaunchd.service" @@ -58,7 +65,7 @@ FILES:${PN}-template-agl-app-web = "${systemd_system_unitdir}/agl-app-web@.servi FILES:${PN}-template-agl-app-flutter = "${systemd_system_unitdir}/agl-app-flutter@.service" RDEPENDS:${PN} += " \ - agl-session \ + agl-users \ polkit-rule-agl-app \ " -- cgit 1.2.3-korg