From 1ac5c704bb4b7fd72d9e382ccf23f4d186da0f86 Mon Sep 17 00:00:00 2001 From: Stephane Desneux Date: Thu, 23 Jun 2016 16:00:59 +0000 Subject: add layer meta-app-framework meta-app-framework is a layer containing the AGL App Framework recipes 4 new layers are added for application framework: * meta-intel-iot-security/meta-security-smack * meta-intel-iot-security/meta-security-framework * meta-agl/meta-agl-security * meta-agl/meta-app-framework Configuration file changes to support AppFw: * activation of Smack and Cynara * modify the tar command to be used to support Smack extended attributes Change-Id: Idc8abdc8869787feb4b534ee45bf7b5d3dde3632 Signed-off-by: Stephane Desneux --- .../recipes-example/afb-client/afb-client_1.0.bb | 29 ++++++++++++++++ .../recipes-example/afb-client/files/afb-client | 7 ++++ .../recipes-example/afm-client/afm-client_1.0.bb | 40 ++++++++++++++++++++++ .../recipes-example/afm-client/files/afm-client | 7 ++++ .../afm-client/files/afm-client.service | 11 ++++++ 5 files changed, 94 insertions(+) create mode 100644 meta-app-framework/recipes-example/afb-client/afb-client_1.0.bb create mode 100644 meta-app-framework/recipes-example/afb-client/files/afb-client create mode 100644 meta-app-framework/recipes-example/afm-client/afm-client_1.0.bb create mode 100644 meta-app-framework/recipes-example/afm-client/files/afm-client create mode 100644 meta-app-framework/recipes-example/afm-client/files/afm-client.service (limited to 'meta-app-framework/recipes-example') diff --git a/meta-app-framework/recipes-example/afb-client/afb-client_1.0.bb b/meta-app-framework/recipes-example/afb-client/afb-client_1.0.bb new file mode 100644 index 000000000..54a8216c4 --- /dev/null +++ b/meta-app-framework/recipes-example/afb-client/afb-client_1.0.bb @@ -0,0 +1,29 @@ +SUMMARY = "HTML5 demo template for AFB" +DESCRIPTION = "afb-client is a sample AngularJS/HTML5 application using \ +Application Framework Binder with token plugin." +HOMEPAGE = "http://www.iot.bzh" + +LICENSE = "GPLv3+" +LIC_FILES_CHKSUM = "file://LICENSE;md5=6cb04bdb88e11107e3af4d8e3f301be5" + +#DEPENDS = "nodejs-native" +RDEPENDS_${PN} = "af-binder af-binder-plugin-authlogin" + +SRC_URI_git = "git://gerrit.automotivelinux.org/gerrit/src/app-framework-demo;protocol=https;branch=1.0" +SRC_URI_files = "file://afb-client \ + " +SRC_URI = "${SRC_URI_git} \ + ${SRC_URI_files} \ + " +SRCREV = "9e9b459fa27d7a359a060024c9639b99b45813d5" +S = "${WORKDIR}/git/afb-client" + +do_install () { + mkdir -p ${D}/${datadir}/agl/afb-client + cp -ra ${S}/dist.prod/* ${D}/${datadir}/agl/afb-client/ + + mkdir -p ${D}/${bindir} + install -m 0755 ${WORKDIR}/afb-client ${D}/${bindir}/afb-client +} + +FILES_${PN} += "${datadir}" diff --git a/meta-app-framework/recipes-example/afb-client/files/afb-client b/meta-app-framework/recipes-example/afb-client/files/afb-client new file mode 100644 index 000000000..99e6aa968 --- /dev/null +++ b/meta-app-framework/recipes-example/afb-client/files/afb-client @@ -0,0 +1,7 @@ +#!/bin/sh + +if [ -z "${XDG_RUNTIME_DIR+1}" ]; then + export XDG_RUNTIME_DIR=/run/user/$UID +fi +LD_PRELOAD=/usr/lib/libEGL.so /usr/bin/qt5/qmlscene http://localhost:1234/opa /usr/share/agl/afb-viewer.qml + diff --git a/meta-app-framework/recipes-example/afm-client/afm-client_1.0.bb b/meta-app-framework/recipes-example/afm-client/afm-client_1.0.bb new file mode 100644 index 000000000..b624b6bab --- /dev/null +++ b/meta-app-framework/recipes-example/afm-client/afm-client_1.0.bb @@ -0,0 +1,40 @@ +SUMMARY = "Sample client for AFM to install/start/stop/remove applications" +DESCRIPTION = "afm-client is a sample AngularJS/HTML5 application using \ +Application Framework Manager to install, start, stop, or remove \ +applications provided as .wgt widget packages." +HOMEPAGE = "http://www.iot.bzh" + +inherit systemd + +LICENSE = "GPLv3+" +LIC_FILES_CHKSUM = "file://LICENSE;md5=6cb04bdb88e11107e3af4d8e3f301be5" + +#DEPENDS = "nodejs-native" +RDEPENDS_${PN} = "af-main af-binder af-main-afbplugin af-binder-plugin-demopost af-binder-plugin-authlogin" + +SRC_URI_git = "git://gerrit.automotivelinux.org/gerrit/src/app-framework-demo;protocol=https;branch=1.0" +SRC_URI_files = "file://afm-client \ + file://afm-client.service \ + " +SRC_URI = "${SRC_URI_git} \ + ${SRC_URI_files} \ + " +SRCREV = "9e9b459fa27d7a359a060024c9639b99b45813d5" +S = "${WORKDIR}/git/afm-client" + +do_install () { + mkdir -p ${D}/${datadir}/agl/afm-client + cp -ra ${S}/dist.prod/* ${D}/${datadir}/agl/afm-client/ + + mkdir -p ${D}/${bindir} + install -m 0755 ${WORKDIR}/afm-client ${D}/${bindir}/afm-client + + if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then + install -d ${D}${systemd_user_unitdir} + install -d ${D}${sysconfdir}/systemd/user/default.target.wants + install -m 0644 ${WORKDIR}/afm-client.service ${D}/${systemd_user_unitdir}/afm-client.service + ln -sf ${systemd_user_unitdir}/afm-client.service ${D}${sysconfdir}/systemd/user/default.target.wants + fi +} + +FILES_${PN} += "${datadir} ${systemd_user_unitdir}" diff --git a/meta-app-framework/recipes-example/afm-client/files/afm-client b/meta-app-framework/recipes-example/afm-client/files/afm-client new file mode 100644 index 000000000..ba868e93d --- /dev/null +++ b/meta-app-framework/recipes-example/afm-client/files/afm-client @@ -0,0 +1,7 @@ +#!/bin/sh + +if [ -z "${XDG_RUNTIME_DIR+1}" ]; then + export XDG_RUNTIME_DIR=/run/user/$UID +fi +LD_PRELOAD=/usr/lib/libEGL.so /usr/bin/web-runtime http://localhost:1236/opa + diff --git a/meta-app-framework/recipes-example/afm-client/files/afm-client.service b/meta-app-framework/recipes-example/afm-client/files/afm-client.service new file mode 100644 index 000000000..688c91fd8 --- /dev/null +++ b/meta-app-framework/recipes-example/afm-client/files/afm-client.service @@ -0,0 +1,11 @@ +[Unit] +Description=Simplest application manager + +[Service] +ExecStart=/usr/bin/afb-daemon --mode=remote --port=1234 --token='' --sessiondir=/home/root/.afb-daemon --rootdir=/usr/share/agl/afm-client --alias=/icons:/usr/share/afm/icons +Restart=on-failure +RestartSec=5 + +[Install] +WantedBy=default.target + -- cgit 1.2.3-korg From 511a65caab4172a1071b7814ebb1ea8d79a1108a Mon Sep 17 00:00:00 2001 From: José Bollo Date: Fri, 24 Jun 2016 11:01:25 +0200 Subject: upgrade to new namings and bug fixes MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Change-Id: If7481696d130859e87f3110af2d0c5dde25615d6 Signed-off-by: José Bollo Signed-off-by: Stephane Desneux --- .../recipes-core/af-binder/af-binder_1.0.bb | 18 +++++++++--------- meta-app-framework/recipes-core/af-main/af-main_1.0.bb | 10 +++++----- .../recipes-example/afb-client/afb-client_1.0.bb | 4 ++-- .../recipes-example/afm-client/afm-client_1.0.bb | 2 +- 4 files changed, 17 insertions(+), 17 deletions(-) (limited to 'meta-app-framework/recipes-example') diff --git a/meta-app-framework/recipes-core/af-binder/af-binder_1.0.bb b/meta-app-framework/recipes-core/af-binder/af-binder_1.0.bb index 4fcff66e7..3e4a8c6dc 100644 --- a/meta-app-framework/recipes-core/af-binder/af-binder_1.0.bb +++ b/meta-app-framework/recipes-core/af-binder/af-binder_1.0.bb @@ -1,6 +1,6 @@ SUMMARY = "HTTP REST interface to automotive backends for HTML5 UI support" DESCRIPTION = "Automotive-Framework-Binder Daemon provides a HTTP REST \ -interface to various automotive-oriented plugins (sound, radio...), \ +interface to various automotive-oriented bindings (sound, radio...), \ allowing HTML5 UIs to send platform-specific requests in a secure way." HOMEPAGE = "https://gerrit.automotivelinux.org/gerrit/#/admin/projects/src/app-framework-binder" @@ -16,7 +16,7 @@ SRC_URI = "${SRC_URI_git} \ ${SRC_URI_files} \ " -SRCREV = "897aa6a130eab1eb716fcc13e650fb5833a7ce32" +SRCREV = "7059e59cddc1c81321639875636e88895bc14309" S = "${WORKDIR}/git" inherit cmake pkgconfig @@ -30,21 +30,21 @@ PACKAGES += "${PN}-meta" ALLOW_EMPTY_${PN}-meta = "1" ############################################# -# setup sample plugin packages +# setup sample binding packages ############################################# -PACKAGES_DYNAMIC = "${PN}-plugin-*" +PACKAGES_DYNAMIC = "${PN}-binding-*" python populate_packages_prepend () { afb_libdir = d.expand('${libdir}/afb') - postinst = d.getVar('plugin_postinst', True) + postinst = d.getVar('binding_postinst', True) pkgs = [] pkgs_dbg = [] - pkgs += do_split_packages(d, afb_libdir, '(.*)-api\.so$', d.expand('${PN}-plugin-%s'), 'AFB plugin for %s', postinst=postinst, extra_depends=d.expand('${PN}')) - pkgs += do_split_packages(d, afb_libdir, '(.*(?!-api))\.so$', d.expand('${PN}-plugin-%s'), 'AFB plugin for %s', postinst=postinst, extra_depends=d.expand('${PN}')) + pkgs += do_split_packages(d, afb_libdir, '(.*)-api\.so$', d.expand('${PN}-binding-%s'), 'AFB binding for %s', postinst=postinst, extra_depends=d.expand('${PN}')) + pkgs += do_split_packages(d, afb_libdir, '(.*(?!-api))\.so$', d.expand('${PN}-binding-%s'), 'AFB binding for %s', postinst=postinst, extra_depends=d.expand('${PN}')) - pkgs_dbg += do_split_packages(d, oe.path.join(afb_libdir, ".debug"), '(.*)-api\.so$', d.expand('${PN}-plugin-%s-dbg'), 'AFB plugin for %s, debug info', postinst=postinst, extra_depends=d.expand('${PN}')) - pkgs_dbg += do_split_packages(d, oe.path.join(afb_libdir, ".debug"), '(.*(?!-api))\.so$', d.expand('${PN}-plugin-%s-dbg'), 'AFB plugin for %s, debug info', postinst=postinst, extra_depends=d.expand('${PN}')) + pkgs_dbg += do_split_packages(d, oe.path.join(afb_libdir, ".debug"), '(.*)-api\.so$', d.expand('${PN}-binding-%s-dbg'), 'AFB binding for %s, debug info', postinst=postinst, extra_depends=d.expand('${PN}')) + pkgs_dbg += do_split_packages(d, oe.path.join(afb_libdir, ".debug"), '(.*(?!-api))\.so$', d.expand('${PN}-binding-%s-dbg'), 'AFB binding for %s, debug info', postinst=postinst, extra_depends=d.expand('${PN}')) metapkg = d.getVar('PN', True) + '-meta' d.setVar('RDEPENDS_' + metapkg, ' '.join(pkgs)) diff --git a/meta-app-framework/recipes-core/af-main/af-main_1.0.bb b/meta-app-framework/recipes-core/af-main/af-main_1.0.bb index a29b071ac..dc030e25a 100644 --- a/meta-app-framework/recipes-core/af-main/af-main_1.0.bb +++ b/meta-app-framework/recipes-core/af-main/af-main_1.0.bb @@ -22,7 +22,7 @@ SRC_URI = "${SRC_URI_git} \ ${SRC_URI_files} \ " -SRCREV = "d0fdae3af6998efdce4c6ba0c5d650898c9c5b27" +SRCREV = "8753c48ed498805cec5fbc6096cd6fae3afa0da9" SECTION = "base" @@ -33,7 +33,7 @@ DEPENDS = "openssl libxml2 xmlsec1 systemd libzip json-c security-manager libcap afm_name = "afm" afm_confdir = "${sysconfdir}/${afm_name}" afm_datadir = "${datadir}/${afm_name}" -afb_plugin_dir = "${libdir}/afb" +afb_binding_dir = "${libdir}/afb" EXTRA_OECMAKE = "\ -DUSE_LIBZIP=1 \ @@ -83,9 +83,9 @@ pkg_postinst_${PN}_smack() { setcap cap_mac_override,cap_mac_admin,cap_setgid=ie $D${bindir}/afm-user-daemon } -PACKAGES =+ "${PN}-afbplugin ${PN}-afbplugin-dbg" -FILES_${PN}-afbplugin = " ${afb_plugin_dir}/afm-main-plugin.so " -FILES_${PN}-afbplugin-dbg = " ${afb_plugin_dir}/.debug/afm-main-plugin.so " +PACKAGES =+ "${PN}-binding ${PN}-binding-dbg" +FILES_${PN}-binding = " ${afb_binding_dir}/afm-main-binding.so " +FILES_${PN}-binding-dbg = " ${afb_binding_dir}/.debug/afm-main-binding.so " PACKAGES =+ "${PN}-tools ${PN}-tools-dbg" FILES_${PN}-tools = "${bindir}/wgtpkg-*" diff --git a/meta-app-framework/recipes-example/afb-client/afb-client_1.0.bb b/meta-app-framework/recipes-example/afb-client/afb-client_1.0.bb index 54a8216c4..6201cf485 100644 --- a/meta-app-framework/recipes-example/afb-client/afb-client_1.0.bb +++ b/meta-app-framework/recipes-example/afb-client/afb-client_1.0.bb @@ -1,13 +1,13 @@ SUMMARY = "HTML5 demo template for AFB" DESCRIPTION = "afb-client is a sample AngularJS/HTML5 application using \ -Application Framework Binder with token plugin." +Application Framework Binder with token binding." HOMEPAGE = "http://www.iot.bzh" LICENSE = "GPLv3+" LIC_FILES_CHKSUM = "file://LICENSE;md5=6cb04bdb88e11107e3af4d8e3f301be5" #DEPENDS = "nodejs-native" -RDEPENDS_${PN} = "af-binder af-binder-plugin-authlogin" +RDEPENDS_${PN} = "af-binder af-binder-binding-authlogin" SRC_URI_git = "git://gerrit.automotivelinux.org/gerrit/src/app-framework-demo;protocol=https;branch=1.0" SRC_URI_files = "file://afb-client \ diff --git a/meta-app-framework/recipes-example/afm-client/afm-client_1.0.bb b/meta-app-framework/recipes-example/afm-client/afm-client_1.0.bb index b624b6bab..78f525abe 100644 --- a/meta-app-framework/recipes-example/afm-client/afm-client_1.0.bb +++ b/meta-app-framework/recipes-example/afm-client/afm-client_1.0.bb @@ -10,7 +10,7 @@ LICENSE = "GPLv3+" LIC_FILES_CHKSUM = "file://LICENSE;md5=6cb04bdb88e11107e3af4d8e3f301be5" #DEPENDS = "nodejs-native" -RDEPENDS_${PN} = "af-main af-binder af-main-afbplugin af-binder-plugin-demopost af-binder-plugin-authlogin" +RDEPENDS_${PN} = "af-main af-binder af-main-binding af-binder-binding-demopost af-binder-binding-authlogin" SRC_URI_git = "git://gerrit.automotivelinux.org/gerrit/src/app-framework-demo;protocol=https;branch=1.0" SRC_URI_files = "file://afm-client \ -- cgit 1.2.3-korg From 97fbb5fae2c06b779576c7c9c3c0e1956e402994 Mon Sep 17 00:00:00 2001 From: Stephane Desneux Date: Tue, 5 Jul 2016 16:04:51 +0000 Subject: meta-app-framework: build master branch Change-Id: I3ce83d0a5cd018d4b77492e4237fc4d297ee312f Signed-off-by: Stephane Desneux --- meta-app-framework/recipes-core/af-binder/af-binder_1.0.bb | 4 ++-- meta-app-framework/recipes-core/af-main/af-main_1.0.bb | 4 ++-- meta-app-framework/recipes-example/afb-client/afb-client_1.0.bb | 2 +- meta-app-framework/recipes-example/afm-client/afm-client_1.0.bb | 2 +- 4 files changed, 6 insertions(+), 6 deletions(-) (limited to 'meta-app-framework/recipes-example') diff --git a/meta-app-framework/recipes-core/af-binder/af-binder_1.0.bb b/meta-app-framework/recipes-core/af-binder/af-binder_1.0.bb index 3e4a8c6dc..a8ede9c0a 100644 --- a/meta-app-framework/recipes-core/af-binder/af-binder_1.0.bb +++ b/meta-app-framework/recipes-core/af-binder/af-binder_1.0.bb @@ -10,13 +10,13 @@ LIC_FILES_CHKSUM = "file://LICENSE-2.0.txt;md5=3b83ef96387f14655fc854ddc3c6bd57" DEPENDS = "file json-c libmicrohttpd systemd util-linux" DEPENDS += "alsa-lib glib-2.0 gssdp gupnp gupnp-av pulseaudio" -SRC_URI_git = "git://gerrit.automotivelinux.org/gerrit/src/app-framework-binder;protocol=https;branch=1.0" +SRC_URI_git = "git://gerrit.automotivelinux.org/gerrit/src/app-framework-binder;protocol=https;branch=master" SRC_URI_files = "" SRC_URI = "${SRC_URI_git} \ ${SRC_URI_files} \ " -SRCREV = "7059e59cddc1c81321639875636e88895bc14309" +SRCREV = "836b3c0b74accc5494d7877a22b4a45b5450b6f3" S = "${WORKDIR}/git" inherit cmake pkgconfig diff --git a/meta-app-framework/recipes-core/af-main/af-main_1.0.bb b/meta-app-framework/recipes-core/af-main/af-main_1.0.bb index dc030e25a..5bcfdf9d5 100644 --- a/meta-app-framework/recipes-core/af-main/af-main_1.0.bb +++ b/meta-app-framework/recipes-core/af-main/af-main_1.0.bb @@ -16,13 +16,13 @@ HOMEPAGE = "https://gerrit.automotivelinux.org/gerrit/#/admin/projects/src/app-f LICENSE = "Apache-2.0" LIC_FILES_CHKSUM = "file://COPYING;md5=3b83ef96387f14655fc854ddc3c6bd57" -SRC_URI_git = "git://gerrit.automotivelinux.org/gerrit/src/app-framework-main;protocol=https;branch=1.0" +SRC_URI_git = "git://gerrit.automotivelinux.org/gerrit/src/app-framework-main;protocol=https;branch=master" SRC_URI_files = "" SRC_URI = "${SRC_URI_git} \ ${SRC_URI_files} \ " -SRCREV = "8753c48ed498805cec5fbc6096cd6fae3afa0da9" +SRCREV = "81df68c04dc5e32d5d6d06bc20a7030afdf45f59" SECTION = "base" diff --git a/meta-app-framework/recipes-example/afb-client/afb-client_1.0.bb b/meta-app-framework/recipes-example/afb-client/afb-client_1.0.bb index 6201cf485..21605d20b 100644 --- a/meta-app-framework/recipes-example/afb-client/afb-client_1.0.bb +++ b/meta-app-framework/recipes-example/afb-client/afb-client_1.0.bb @@ -9,7 +9,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=6cb04bdb88e11107e3af4d8e3f301be5" #DEPENDS = "nodejs-native" RDEPENDS_${PN} = "af-binder af-binder-binding-authlogin" -SRC_URI_git = "git://gerrit.automotivelinux.org/gerrit/src/app-framework-demo;protocol=https;branch=1.0" +SRC_URI_git = "git://gerrit.automotivelinux.org/gerrit/src/app-framework-demo;protocol=https;branch=master" SRC_URI_files = "file://afb-client \ " SRC_URI = "${SRC_URI_git} \ diff --git a/meta-app-framework/recipes-example/afm-client/afm-client_1.0.bb b/meta-app-framework/recipes-example/afm-client/afm-client_1.0.bb index 78f525abe..4cd80db64 100644 --- a/meta-app-framework/recipes-example/afm-client/afm-client_1.0.bb +++ b/meta-app-framework/recipes-example/afm-client/afm-client_1.0.bb @@ -12,7 +12,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=6cb04bdb88e11107e3af4d8e3f301be5" #DEPENDS = "nodejs-native" RDEPENDS_${PN} = "af-main af-binder af-main-binding af-binder-binding-demopost af-binder-binding-authlogin" -SRC_URI_git = "git://gerrit.automotivelinux.org/gerrit/src/app-framework-demo;protocol=https;branch=1.0" +SRC_URI_git = "git://gerrit.automotivelinux.org/gerrit/src/app-framework-demo;protocol=https;branch=master" SRC_URI_files = "file://afm-client \ file://afm-client.service \ " -- cgit 1.2.3-korg From ed0ec649f38a3044aaf3d36222be0391872cf2f5 Mon Sep 17 00:00:00 2001 From: Anton Gerasimov Date: Wed, 14 Dec 2016 14:08:16 +0100 Subject: Move all writable data used by security-manager and appfw to /var The purpose of these changes is to make OSTree and AppFw update domains compatible with each other. Some intergation code is also needed to deploy initial data to writable area (see SPEC-359 in Jira). Bug-AGL: SPEC-359 Change-Id: Iccba1e9916c569167df2922ad5e2d90cc33f06fe Signed-off-by: Anton Gerasimov Signed-off-by: Stephane Desneux --- .../af-main/af-main/init-afm-dirs.service | 15 ++ .../recipes-core/af-main/af-main/init-afm-dirs.sh | 7 + .../recipes-core/af-main/af-main_1.0.bb | 22 ++- .../recipes-core/af-main/nativesdk-af-main_1.0.bb | 2 +- .../Removing-tizen-platform-config.patch | 196 +++++++++++++++++++++ .../init-security-manager-db.service | 15 ++ .../security-manager/init-security-manager-db.sh | 6 + .../security-manager/security-manager_%.bbappend | 14 +- .../afm-client/files/afm-client.service | 2 +- 9 files changed, 270 insertions(+), 9 deletions(-) create mode 100644 meta-app-framework/recipes-core/af-main/af-main/init-afm-dirs.service create mode 100644 meta-app-framework/recipes-core/af-main/af-main/init-afm-dirs.sh create mode 100644 meta-app-framework/recipes-core/security-manager/security-manager/Removing-tizen-platform-config.patch create mode 100644 meta-app-framework/recipes-core/security-manager/security-manager/init-security-manager-db.service create mode 100644 meta-app-framework/recipes-core/security-manager/security-manager/init-security-manager-db.sh (limited to 'meta-app-framework/recipes-example') diff --git a/meta-app-framework/recipes-core/af-main/af-main/init-afm-dirs.service b/meta-app-framework/recipes-core/af-main/af-main/init-afm-dirs.service new file mode 100644 index 000000000..7e3b9e4e8 --- /dev/null +++ b/meta-app-framework/recipes-core/af-main/af-main/init-afm-dirs.service @@ -0,0 +1,15 @@ +# +# Install security-manager DB to /var + +[Unit] +Description=Deploy AFM directories to /var +After=sysinit.target +Before=afm-system-daemon.service +Before=afm-user-daemon.service + +[Install] +WantedBy=default.target + +[Service] +Type=oneshot +ExecStart=/usr/bin/init-afm-dirs.sh diff --git a/meta-app-framework/recipes-core/af-main/af-main/init-afm-dirs.sh b/meta-app-framework/recipes-core/af-main/af-main/init-afm-dirs.sh new file mode 100644 index 000000000..97cf272f2 --- /dev/null +++ b/meta-app-framework/recipes-core/af-main/af-main/init-afm-dirs.sh @@ -0,0 +1,7 @@ +#!/bin/sh + +if [ ! -e "/var/lib/afm" ]; then + mkdir -p /var/lib + cp -ra /usr/share/afm /var/lib +fi + diff --git a/meta-app-framework/recipes-core/af-main/af-main_1.0.bb b/meta-app-framework/recipes-core/af-main/af-main_1.0.bb index 611307fb0..834e293fa 100644 --- a/meta-app-framework/recipes-core/af-main/af-main_1.0.bb +++ b/meta-app-framework/recipes-core/af-main/af-main_1.0.bb @@ -16,7 +16,8 @@ DEPENDS_class-native = "openssl libxml2 xmlsec1 libzip" afm_name = "afm" afm_confdir = "${sysconfdir}/${afm_name}" -afm_datadir = "${datadir}/${afm_name}" +afm_datadir = "/var/lib/${afm_name}" +afm_init_datadir = "${datadir}/${afm_name}" afb_binding_dir = "${libdir}/afb" EXTRA_OECMAKE_class-native = "\ @@ -46,8 +47,12 @@ GROUPADD_PARAM_${PN} = "-r ${afm_name}" SYSTEMD_SERVICE_${PN} = "afm-system-daemon.service" SYSTEMD_AUTO_ENABLE = "enable" +SRC_URI_append = "file://init-afm-dirs.sh \ + ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'file://init-afm-dirs.service', '', d)}" + FILES_${PN} += "\ - ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '${systemd_user_unitdir}/afm-user-daemon.service', '', d)} \ + ${bindir}/init-afm-dirs.sh \ + ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '${systemd_user_unitdir}/afm-user-daemon.service ${systemd_unitdir}/system/init-afm-dirs.service', '', d)} \ " RDEPENDS_${PN}_append_smack = " smack-userspace" @@ -60,9 +65,14 @@ SRC_URI += "\ " do_install_append() { + install -d ${D}${bindir} + install -m 0755 ${WORKDIR}/init-afm-dirs.sh ${D}${bindir} if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then mkdir -p ${D}${sysconfdir}/systemd/user/default.target.wants + mkdir -p ${D}${sysconfdir}/systemd/system/default.target.wants ln -sf ${systemd_user_unitdir}/afm-user-daemon.service ${D}${sysconfdir}/systemd/user/default.target.wants + install -p -D ${WORKDIR}/init-afm-dirs.service ${D}${systemd_unitdir}/system/init-afm-dirs.service + ln -sf ${systemd_unitdir}/system/init-afm-dirs.service ${D}${sysconfdir}/systemd/system/default.target.wants fi } @@ -79,15 +89,15 @@ EOF } pkg_postinst_${PN}() { - mkdir -p $D${afm_datadir}/applications $D${afm_datadir}/icons + mkdir -p $D${afm_init_datadir}/applications $D${afm_init_datadir}/icons setcap cap_mac_override,cap_dac_override=ep $D${bindir}/afm-system-daemon setcap cap_mac_override,cap_mac_admin,cap_setgid=ep $D${bindir}/afm-user-daemon } pkg_postinst_${PN}_smack() { - mkdir -p $D${afm_datadir}/applications $D${afm_datadir}/icons - chown ${afm_name}:${afm_name} $D${afm_datadir} $D${afm_datadir}/applications $D${afm_datadir}/icons - chsmack -a 'System::Shared' -t $D${afm_datadir} $D${afm_datadir}/applications $D${afm_datadir}/icons + mkdir -p $D${afm_init_datadir}/applications $D${afm_init_datadir}/icons + chown ${afm_name}:${afm_name} $D${afm_init_datadir} $D${afm_init_datadir}/applications $D${afm_init_datadir}/icons + chsmack -a 'System::Shared' -t $D${afm_init_datadir} $D${afm_init_datadir}/applications $D${afm_init_datadir}/icons setcap cap_mac_override,cap_dac_override=ep $D${bindir}/afm-system-daemon setcap cap_mac_override,cap_mac_admin,cap_setgid=ep $D${bindir}/afm-user-daemon } diff --git a/meta-app-framework/recipes-core/af-main/nativesdk-af-main_1.0.bb b/meta-app-framework/recipes-core/af-main/nativesdk-af-main_1.0.bb index 0169e6b1a..ba70c59ab 100644 --- a/meta-app-framework/recipes-core/af-main/nativesdk-af-main_1.0.bb +++ b/meta-app-framework/recipes-core/af-main/nativesdk-af-main_1.0.bb @@ -8,7 +8,7 @@ DEPENDS = "nativesdk-openssl nativesdk-libxml2 nativesdk-xmlsec1 nativesdk-libzi afm_name = "afm" afm_confdir = "${sysconfdir}/${afm_name}" -afm_datadir = "${datadir}/${afm_name}" +afm_datadir = "/var/lib/${afm_name}" EXTRA_OECMAKE = "\ -DUSE_LIBZIP=1 \ diff --git a/meta-app-framework/recipes-core/security-manager/security-manager/Removing-tizen-platform-config.patch b/meta-app-framework/recipes-core/security-manager/security-manager/Removing-tizen-platform-config.patch new file mode 100644 index 000000000..4830db2a8 --- /dev/null +++ b/meta-app-framework/recipes-core/security-manager/security-manager/Removing-tizen-platform-config.patch @@ -0,0 +1,196 @@ +From 72e66d0e42f3bb6efd689ce33b1df407d94b3c60 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Jos=C3=A9=20Bollo?= +Date: Mon, 16 Nov 2015 14:26:25 +0100 +Subject: [PATCH] Removing tizen-platform-config + +Change-Id: Ic832a2b75229517b09faba969c27fb1a4b490121 +--- + policy/security-manager-policy-reload | 2 +- + src/common/file-lock.cpp | 4 +--- + src/common/include/file-lock.h | 1 - + src/common/include/privilege_db.h | 3 +-- + src/common/service_impl.cpp | 39 +++++++++++------------------------ + src/common/smack-rules.cpp | 12 ++++------- + 6 files changed, 19 insertions(+), 42 deletions(-) + +diff --git a/policy/security-manager-policy-reload b/policy/security-manager-policy-reload +index 6f211c6..ed8047a 100755 +--- a/policy/security-manager-policy-reload ++++ b/policy/security-manager-policy-reload +@@ -2,7 +2,7 @@ + + POLICY_PATH=/usr/share/security-manager/policy + PRIVILEGE_GROUP_MAPPING=$POLICY_PATH/privilege-group.list +-DB_FILE=`tzplatform-get TZ_SYS_DB | cut -d= -f2`/.security-manager.db ++DB_FILE=/var/db/security-manager/.security-manager.db + + # Create default buckets + while read bucket default_policy +diff --git a/src/common/file-lock.cpp b/src/common/file-lock.cpp +index 6f3996c..1dada17 100644 +--- a/src/common/file-lock.cpp ++++ b/src/common/file-lock.cpp +@@ -30,9 +30,7 @@ + + namespace SecurityManager { + +-char const * const SERVICE_LOCK_FILE = tzplatform_mkpath3(TZ_SYS_RUN, +- "lock", +- "security-manager.lock"); ++char const * const SERVICE_LOCK_FILE = "/var/run/lock/security-manager.lock"; + + FileLocker::FileLocker(const std::string &lockFile, bool blocking) + { +diff --git a/src/common/include/file-lock.h b/src/common/include/file-lock.h +index 604b019..21a86a0 100644 +--- a/src/common/include/file-lock.h ++++ b/src/common/include/file-lock.h +@@ -29,7 +29,6 @@ + + #include + #include +-#include + + namespace SecurityManager { + +diff --git a/src/common/include/privilege_db.h b/src/common/include/privilege_db.h +index 4d73d90..03c6680 100644 +--- a/src/common/include/privilege_db.h ++++ b/src/common/include/privilege_db.h +@@ -34,14 +34,13 @@ + #include + + #include +-#include + + #ifndef PRIVILEGE_DB_H_ + #define PRIVILEGE_DB_H_ + + namespace SecurityManager { + +-const char *const PRIVILEGE_DB_PATH = tzplatform_mkpath(TZ_SYS_DB, ".security-manager.db"); ++const char *const PRIVILEGE_DB_PATH = "/var/db/security-manager/.security-manager.db"; + + enum class QueryType { + EGetPkgPrivileges, +diff --git a/src/common/service_impl.cpp b/src/common/service_impl.cpp +index ae305d3..65cc8b5 100644 +--- a/src/common/service_impl.cpp ++++ b/src/common/service_impl.cpp +@@ -32,7 +32,6 @@ + #include + + #include +-#include + + #include "protocols.h" + #include "privilege_db.h" +@@ -131,7 +130,13 @@ static inline int validatePolicy(policy_entry &policyEntry, std::string uidStr, + + static uid_t getGlobalUserId(void) + { +- static uid_t globaluid = tzplatform_getuid(TZ_SYS_GLOBALAPP_USER); ++ static uid_t globaluid = 0; ++ if (!globaluid) { ++ struct passwd pw, *p; ++ char buf[4096]; ++ int rc = getpwnam_r("userapp", &pw, buf, sizeof buf, &p); ++ globaluid = (rc || p == NULL) ? 555 : p->pw_uid; ++ } + return globaluid; + } + +@@ -161,37 +166,17 @@ static inline bool isSubDir(const char *parent, const char *subdir) + + static bool getUserAppDir(const uid_t &uid, std::string &userAppDir) + { +- struct tzplatform_context *tz_ctx = nullptr; +- +- if (tzplatform_context_create(&tz_ctx)) +- return false; +- +- if (tzplatform_context_set_user(tz_ctx, uid)) { +- tzplatform_context_destroy(tz_ctx); +- tz_ctx = nullptr; ++ struct passwd pw, *p; ++ char buf[4096]; ++ int rc = getpwuid_r(uid, &pw, buf, sizeof buf, &p); ++ if (rc || p == NULL) + return false; +- } +- +- enum tzplatform_variable id = +- (uid == getGlobalUserId()) ? TZ_SYS_RW_APP : TZ_USER_APP; +- const char *appDir = tzplatform_context_getenv(tz_ctx, id); +- if (!appDir) { +- tzplatform_context_destroy(tz_ctx); +- tz_ctx = nullptr; +- return false; +- } +- +- userAppDir = appDir; +- +- tzplatform_context_destroy(tz_ctx); +- tz_ctx = nullptr; +- ++ userAppDir = p->pw_dir; + return true; + } + + static inline bool installRequestAuthCheck(const app_inst_req &req, uid_t uid, bool &isCorrectPath, std::string &appPath) + { +- std::string userHome; + std::string userAppDir; + std::stringstream correctPath; + +diff --git a/src/common/smack-rules.cpp b/src/common/smack-rules.cpp +index d834e42..8b5728b 100644 +--- a/src/common/smack-rules.cpp ++++ b/src/common/smack-rules.cpp +@@ -34,7 +34,6 @@ + #include + + #include +-#include + + #include "smack-labels.h" + #include "smack-rules.h" +@@ -43,7 +42,7 @@ namespace SecurityManager { + + const char *const SMACK_APP_LABEL_TEMPLATE = "~APP~"; + const char *const SMACK_PKG_LABEL_TEMPLATE = "~PKG~"; +-const char *const APP_RULES_TEMPLATE_FILE_PATH = tzplatform_mkpath4(TZ_SYS_SHARE, "security-manager", "policy", "app-rules-template.smack"); ++const char *const APP_RULES_TEMPLATE_FILE_PATH = "/usr/share/security-manager/policy/app-rules-template.smack"; + const char *const SMACK_APP_IN_PACKAGE_PERMS = "rwxat"; + + SmackRules::SmackRules() +@@ -237,14 +236,12 @@ void SmackRules::generatePackageCrossDeps(const std::vector &pkgCon + + std::string SmackRules::getPackageRulesFilePath(const std::string &pkgId) + { +- std::string path(tzplatform_mkpath3(TZ_SYS_SMACK, "accesses.d", ("pkg_" + pkgId).c_str())); +- return path; ++ return "/etc/smack/accesses.d/pkg_" + pkgId; + } + + std::string SmackRules::getApplicationRulesFilePath(const std::string &appId) + { +- std::string path(tzplatform_mkpath3(TZ_SYS_SMACK, "accesses.d", ("app_" + appId).c_str())); +- return path; ++ return "/etc/smack/accesses.d/app_" + appId; + } + void SmackRules::installApplicationPrivilegesRules(const std::string &appId, const std::string &pkgId, + const std::vector &pkgContents, const std::vector &privileges) +@@ -256,8 +253,7 @@ void SmackRules::installApplicationPrivilegesRules(const std::string &appId, con + for (auto privilege : privileges) { + if (privilege.empty()) + continue; +- std::string fprivilege ( privilege + "-template.smack"); +- std::string path(tzplatform_mkpath4(TZ_SYS_SHARE, "security-manager", "policy", fprivilege.c_str())); ++ std::string path = "/usr/share/security-manager/policy/" + privilege + "-template.smack"; + if( stat(path.c_str(), &buffer) == 0) + smackRules.addFromTemplateFile(appId, pkgId, path); + } +-- +2.1.4 + diff --git a/meta-app-framework/recipes-core/security-manager/security-manager/init-security-manager-db.service b/meta-app-framework/recipes-core/security-manager/security-manager/init-security-manager-db.service new file mode 100644 index 000000000..8ed5e8601 --- /dev/null +++ b/meta-app-framework/recipes-core/security-manager/security-manager/init-security-manager-db.service @@ -0,0 +1,15 @@ +# +# Install security-manager DB to /var + +[Unit] +Description=Install Security Manager database +After=sysinit.target +Before=security-manager.service + +[Install] +WantedBy=default.target + +[Service] +Type=oneshot +User=root +ExecStart=/usr/bin/init-security-manager-db.sh diff --git a/meta-app-framework/recipes-core/security-manager/security-manager/init-security-manager-db.sh b/meta-app-framework/recipes-core/security-manager/security-manager/init-security-manager-db.sh new file mode 100644 index 000000000..ef41286c8 --- /dev/null +++ b/meta-app-framework/recipes-core/security-manager/security-manager/init-security-manager-db.sh @@ -0,0 +1,6 @@ +#!/bin/sh + +if [ ! -e "/var/db/security-manager" ]; then + mkdir -p /var/db + cp -ra /usr/dbspace/ /var/db/security-manager +fi diff --git a/meta-app-framework/recipes-core/security-manager/security-manager_%.bbappend b/meta-app-framework/recipes-core/security-manager/security-manager_%.bbappend index d3a110de5..b4b5e01c4 100644 --- a/meta-app-framework/recipes-core/security-manager/security-manager_%.bbappend +++ b/meta-app-framework/recipes-core/security-manager/security-manager_%.bbappend @@ -1,4 +1,16 @@ FILESEXTRAPATHS_prepend := "${THISDIR}/security-manager:" -SRC_URI += " file://0001-Adapt-rules-to-AGL.patch " +SRC_URI += " file://0001-Adapt-rules-to-AGL.patch \ + file://init-security-manager-db.service \ + file://init-security-manager-db.sh" +SYSTEMD_SERVICE_${PN} = "init-security-manager-db.service" + +FILES_${PN}_append = "${bindir}/init-security-manager-db.sh" + +do_install_append () { + install -p -D ${WORKDIR}/init-security-manager-db.sh ${D}${bindir}/init-security-manager-db.sh + if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then + install -p -D ${WORKDIR}/init-security-manager-db.service ${D}${systemd_unitdir}/system/init-security-manager-db.service + fi +} diff --git a/meta-app-framework/recipes-example/afm-client/files/afm-client.service b/meta-app-framework/recipes-example/afm-client/files/afm-client.service index 688c91fd8..735717439 100644 --- a/meta-app-framework/recipes-example/afm-client/files/afm-client.service +++ b/meta-app-framework/recipes-example/afm-client/files/afm-client.service @@ -2,7 +2,7 @@ Description=Simplest application manager [Service] -ExecStart=/usr/bin/afb-daemon --mode=remote --port=1234 --token='' --sessiondir=/home/root/.afb-daemon --rootdir=/usr/share/agl/afm-client --alias=/icons:/usr/share/afm/icons +ExecStart=/usr/bin/afb-daemon --mode=remote --port=1234 --token='' --sessiondir=/home/root/.afb-daemon --rootdir=/usr/share/agl/afm-client --alias=/icons:/var/lib/afm/icons Restart=on-failure RestartSec=5 -- cgit 1.2.3-korg