diff options
author | José Bollo <jose.bollo@iot.bzh> | 2017-03-14 10:33:29 +0100 |
---|---|---|
committer | José Bollo <jose.bollo@iot.bzh> | 2017-03-14 10:35:46 +0100 |
commit | 39d36dfadc1de6a2063e2928f8f8a00683b14a07 (patch) | |
tree | f468fe83022a7d085d52a743612bf7fde22b31e2 /conf | |
parent | 6506c0c80b7542ca97149d9a53d88f5f0b7a0d2d (diff) |
afm-unit.conf: connect to systemd sockets
Change-Id: I45d4ae48d47d8690f41222df4d05c04cd241ce37
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
Diffstat (limited to 'conf')
-rw-r--r-- | conf/afm-unit.conf | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/conf/afm-unit.conf b/conf/afm-unit.conf index 0853d11..437d053 100644 --- a/conf/afm-unit.conf +++ b/conf/afm-unit.conf @@ -84,7 +84,6 @@ SmackProcessLabel=User::App::{{id}} {{^urn:AGL:permission::partner:real-time}} RestrictRealtime=on {{/urn:AGL:permission::partner:real-time}} {{#urn:AGL:permission::public:display}} SupplementaryGroups=display {{/urn:AGL:permission::public:display}} {{^urn:AGL:permission::public:syscall:clock}} SystemCallFilter=~@clock {{/urn:AGL:permission::public:syscall:clock}} - {{^urn:AGL:permission::public:internet}} RestrictAddressFamilies=AF_UNIX {{/urn:AGL:permission::public:internet}} {{/required-permission}} %nl @@ -101,7 +100,12 @@ SuccessExitStatus=0 SIGKILL ExecStart=/usr/bin/afb-daemon --port={{:#metadata.http-port}} --random-token \ --rootdir={{:#metadata.install-dir}} \ --workdir={{&#metadata.app-data-dir}}/{{id}} \ - --roothttp=htdocs \ + {{#required-permission.urn:AGL:permission::public:no-htdocs}}\ + --roothttp=. \ + {{/required-permission.urn:AGL:permission::public:no-htdocs}}\ + {{^required-permission.urn:AGL:permission::public:no-htdocs}}\ + --roothttp=htdocs \ + {{/required-permission.urn:AGL:permission::public:no-htdocs}}\ {{#required-permission.urn:AGL:permission::public:applications:read}}\ --alias=/icons:{{:#metadata.icons-dir}} \ {{/required-permission.urn:AGL:permission::public:applications:read}}\ @@ -136,12 +140,12 @@ ExecStart=/usr/bin/afb-daemon \ --rootdir={{:#metadata.install-dir}} \ --workdir={{&#metadata.install-dir}}/{{id}} \ {{^required-permission.urn:AGL:permission::partner:service:no-ws}}\ - --ws-server=unix:%t/bindings/{{:#target}} \ + --ws-server=sd:{{:#target}} \ {{/required-permission.urn:AGL:permission::partner:service:no-ws}}\ {{^required-permission.urn:AGL:permission::partner:service:no-dbus}}\ --dbus-server={{:#target}} \ {{/required-permission.urn:AGL:permission::partner:service:no-dbus}}\ - --no-httpd + --no-httpd {{^required-permission.urn:AGL:permission::partner:service:no-ws}} @@ -157,6 +161,7 @@ ExecStart=/usr/bin/afb-daemon \ [socket] SmackLabel=* ListenStream=%t/bindings/{{:#target}} +FileDescriptorName={{:#target}} {{/required-permission.urn:AGL:permission::partner:service:no-ws}} |