summaryrefslogtreecommitdiffstats
path: root/conf
diff options
context:
space:
mode:
authorJosé Bollo <jose.bollo@iot.bzh>2017-03-14 10:33:29 +0100
committerJosé Bollo <jose.bollo@iot.bzh>2017-03-14 10:35:46 +0100
commit39d36dfadc1de6a2063e2928f8f8a00683b14a07 (patch)
treef468fe83022a7d085d52a743612bf7fde22b31e2 /conf
parent6506c0c80b7542ca97149d9a53d88f5f0b7a0d2d (diff)
afm-unit.conf: connect to systemd sockets
Change-Id: I45d4ae48d47d8690f41222df4d05c04cd241ce37 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
Diffstat (limited to 'conf')
-rw-r--r--conf/afm-unit.conf13
1 files changed, 9 insertions, 4 deletions
diff --git a/conf/afm-unit.conf b/conf/afm-unit.conf
index 0853d11..437d053 100644
--- a/conf/afm-unit.conf
+++ b/conf/afm-unit.conf
@@ -84,7 +84,6 @@ SmackProcessLabel=User::App::{{id}}
{{^urn:AGL:permission::partner:real-time}} RestrictRealtime=on {{/urn:AGL:permission::partner:real-time}}
{{#urn:AGL:permission::public:display}} SupplementaryGroups=display {{/urn:AGL:permission::public:display}}
{{^urn:AGL:permission::public:syscall:clock}} SystemCallFilter=~@clock {{/urn:AGL:permission::public:syscall:clock}}
- {{^urn:AGL:permission::public:internet}} RestrictAddressFamilies=AF_UNIX {{/urn:AGL:permission::public:internet}}
{{/required-permission}}
%nl
@@ -101,7 +100,12 @@ SuccessExitStatus=0 SIGKILL
ExecStart=/usr/bin/afb-daemon --port={{:#metadata.http-port}} --random-token \
--rootdir={{:#metadata.install-dir}} \
--workdir={{&#metadata.app-data-dir}}/{{id}} \
- --roothttp=htdocs \
+ {{#required-permission.urn:AGL:permission::public:no-htdocs}}\
+ --roothttp=. \
+ {{/required-permission.urn:AGL:permission::public:no-htdocs}}\
+ {{^required-permission.urn:AGL:permission::public:no-htdocs}}\
+ --roothttp=htdocs \
+ {{/required-permission.urn:AGL:permission::public:no-htdocs}}\
{{#required-permission.urn:AGL:permission::public:applications:read}}\
--alias=/icons:{{:#metadata.icons-dir}} \
{{/required-permission.urn:AGL:permission::public:applications:read}}\
@@ -136,12 +140,12 @@ ExecStart=/usr/bin/afb-daemon \
--rootdir={{:#metadata.install-dir}} \
--workdir={{&#metadata.install-dir}}/{{id}} \
{{^required-permission.urn:AGL:permission::partner:service:no-ws}}\
- --ws-server=unix:%t/bindings/{{:#target}} \
+ --ws-server=sd:{{:#target}} \
{{/required-permission.urn:AGL:permission::partner:service:no-ws}}\
{{^required-permission.urn:AGL:permission::partner:service:no-dbus}}\
--dbus-server={{:#target}} \
{{/required-permission.urn:AGL:permission::partner:service:no-dbus}}\
- --no-httpd
+ --no-httpd
{{^required-permission.urn:AGL:permission::partner:service:no-ws}}
@@ -157,6 +161,7 @@ ExecStart=/usr/bin/afb-daemon \
[socket]
SmackLabel=*
ListenStream=%t/bindings/{{:#target}}
+FileDescriptorName={{:#target}}
{{/required-permission.urn:AGL:permission::partner:service:no-ws}}