Age | Commit message (Collapse) | Author | Files | Lines |
|
Before that change any application could browse
content of other application.
This change fixes that unintended behaviour by setting
the installed files as private to the application.
This affects the Smack labels of the files that after
the change become the label of the application.
Conversely, it will now be necessarily to explicit
shared files. It happens in situation of resource
widgets, the one that provide a binding using the
feature urn:AGL:widget:provided-binding in config.xml.
The typical example is the widget for testing: afbtest.
The exported binding must be accessible by its clients.
But because it also use files that it provides, these
files must also be accessible by clients.
For that reason, the feature urn:AGL:widget:public-files
is introduced to config files, allowing a widget to make
part of its installed files public.
The installation logic is changed to handle correctly the
security manager that applies rights of directories to
files it contains. So the declaring directories and files
using the order of increasing path length ensures that
the expected rights are applied.
Bug-AGL: SPEC-3489
Change-Id: I933446a8c155a03d9b66767f1dda63aeaeb21eb1
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
Add logic to the systemd unit template to add a dependency on the
weston@display.service if the widget has the display permission.
This fixes races with apps against weston / the new AGL compositor.
Bug-AGL: SPEC-3411
Signed-off-by: Scott Murray <scott.murray@konsulko.com>
Change-Id: Ib89da253933e7e34cfe5dfeb668c8d9df63f0e51
|
|
Trying to uninstall a widget without an icon would remove the widget
files, but report an error, and the widget would not be removed from
the database until a reboot, preventing installation of a new version.
To fix this, the error handling in uninstall_widget has been reworked
to only explicitly return an error when the unlink of the icon file
fails for reasons other than the file not being present. This then
allows some code cleanup by removing the extra rc2 variable and fixing
some error checks where rc and rc2 were being mixed.
Bug-AGL: SPEC-3401
Signed-off-by: Scott Murray <scott.murray@konsulko.com>
Change-Id: Ica4a91f41b2bd9e16e16dee4ce660f6fa1f7840b
|
|
A better handling of systemd state is need to treat
correctly transient states. That change includes:
- Management of states with numeric identifiers
instead of names
- Handling of the state "inactive" as a stable
state. Most of previous seen problems were coming
from that miss.
- Returning no error but also no info on the process
if it falled to "inactive" meaning that it stopped
quickly.
Bug-AGL: SPEC-3323
Change-Id: Ibf35eb6257c5583596d675cad0bec2869f5fd5f7
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
Ensure that there is no infinite loop when waiting
for the completion of a status.
Bug-AGL: SPEC-3323
Change-Id: I93537e9bbbe8ef357d112bea1cb6201e96d01ebf
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
|
|
When I switched AGL over to using upstream OE's template unit scheme for
running weston as non-root for the zeus upgrade, I missed the dependency
in afm-system-setup.service, update it to weston@display.service to
match the new configuration.
Bug-AGL: SPEC-3309
Signed-off-by: Scott Murray <scott.murray@konsulko.com>
Change-Id: Ifef4d63be3326fb6d36eb997cb2bc331c49a1250
|
|
This adds the ability to automatically sign the
widgets that are packaged.
This is done by defining in the environment of
the packaging process the variables
WGTPKG_AUTOSIGN_X=key-filepath[:cert-filepath]...
Where X is a number.
If such variable exist, signatures are generated
in the directory of the packaged or signed widget,
one for each variable, replacing any existing one.
Obviously, nothing is done if no such variable exist.
The generated signature file depends on X.
- 0 is for file author-signature.xml
- X is for file signature-X.xml
The program wgtpkg-pack automatically include that
behaviour by default. An option allows to remove it.
Bug-AGL: SPEC-2840
Change-Id: I00bc4a4d094f71b307e467f984f20d3d4cc3c7bd
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
Avoid installing any certificate or key.
But if requested, install the certificates and the keys
that are given as example.
Bug-AGL: SPEC-2840
Change-Id: I26aebd63fad842bb9746c3a004956d9dbafc091f
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
Fix a tiny bug and minor improvements
Bug-AGL: SPEC-2840
Change-Id: I9b74a8fd604980615d5669219cb5de801de61163
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
Also rename wgtpkg-installer tools as wgtpkg-install.
Shorter and obvious.
Bug-AGL: SPEC-2840
Change-Id: Ifed072bfef488700807613dd61875a30a4041d7a
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
Replacing BindsTo by Requires fix the start issue
of the homescreen that complained with the message
systemd[1]: afm-appli-homescreen--0.1--main@1001.service: ...
... Bound to unit afm-api-vshl-core@1001.service, but unit isn't active.
Bug-AGL: SPEC-3178
Change-Id: I8df50354128d319f3dfc93b4d10848ecafdb6773
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
|
|
This removes the distinction between the different
versions of a widget. The boolean CMAKE option
DISTINCT_VERSIONS allows to switch between the two
possibilities:
DISTINCT_VERSIONS=OFF (default)
Widget installed in {afm_appdir}/{id}
Ids of applications have no version part: {id}
DISTINCT_VERSIONS=ON (legacy, old default)
Widget installed in {afm_appdir}/{id}/{ver}
Ids of applications have no version part: {id}@{ver}
Bug-AGL: SPEC-2538
Change-Id: I7cb54d4b296b740c553be8a627e66175107e5a4b
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
|
|
|
|
This updates the gitreview file in the project
.
Change-Id: Iba40cae90f43e6aeded464b8dd1e8b6bdc65aacf
Signed-off-by: Jan-Simon Möller <jsmoeller@linuxfoundation.org>
|
|
The setting made fail the 'service user-runtime-dir@.service'.
It also had bad effect on starting of dashboard application.
Bug-AGL: SPEC-3175
Change-Id: Ic937c707fce4b3d2c03616055e140b65e4b29cfb
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
While developping the binding afb-test, the export of
the binding afm-test, using "provided-binding" feature
reavealed to be broken because of security setup.
Bug-AGL: SPEC-2795
Change-Id: Ifc11a8b6a0f20b25d34a8f6b2f81f4c8b5f98238
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
|
|
Change-Id: I1d68e07563d9f0f139d1bc8128e09a5da0a648af
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
The framework wasn't correctly attributing application ids
because scanning existing applications was broken.
Bug-AGL: SPEC-3068
Change-Id: I01aa736c0ea072b5e4141fb5faa1981be81048ce
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
|
|
The flow of HTML5 applications is adjusted to use
the basic implementation of cynagoauth.
Bug-AGL: SPEC-2968
Bug-AGL: SPEC-3032
Change-Id: Iabf7ebb39fe9ed87bf1fd5b6742fb512a6df19a7
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
The widget type application/vnd.agl.resource doesn't
brings service. It can be used to provide a binding
to the system.
Bug-AGL: SPEC-3057
Bug-AGL: SPEC-1663
Change-Id: I5c900865b8eeec494953942c8069dfefe254a85c
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
The widget requesting the permission to run at
platform scope: urn:AGL:permission::partner:scope-platform
should be able to record data and state.
This change provides a default place to achieve it.
Bug-AGL: SPEC-2998
Change-Id: I148a670d3e08e36603ebd318b533ea1e1a695750
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
This change make use of nss-localuser hostname
family (see https://git.automotivelinux.org/src/nss-localuser/)
to separate applications and users, each running its
own IP address and hostname.
The intended behaviour is to use existing browser policy to
ensure privacy of applications and users.
Bug-AGL: SPEC-2968
Change-Id: Ie1a3c7331fd43e8747afae2cd338df461bac1454
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
This change allows to index applications numerically.
This can be used for various purposes. One of it is
to compute the HTTP port.
Bug-AGL: SPEC-2968
Change-Id: I74531781f3a39d5d4b09eeb907f57f36822e38f0
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
Tokens are no more managed by the binder.
Bug-AGL: SPEC-2968
Change-Id: Iabcbc6e900811cd88729f007bb16ba493d0c0651
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
Only one default permission is used now:
"urn:AGL:token:valid" that is used to check
token validity.
This adds in the cynagora database the rule
SMACKID * * urn:AGL:token:valid yes forever
That means that applications having a smack label
installed by the framework behave as if they have
a valid token, a token without any scope/permission
but just valid.
This is needed during the transition to token based
permission policy.
Bug-AGL: SPEC-2968
Change-Id: Ia5b1cc50e8308bfc29906346c5b159dca889519b
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
This change allows binders to use API not declared in
the config.xml file.
This behaviour is allowed by the platform permission
urn:AGL:permission::platform:apis:auto-ws
It allows a binding to use started bindings not listed
in their config.xml file. But it does not allow to start
them or to discover them.
Bug-AGL: SPEC-2871
Change-Id: Iff0ec8417541171d446254e538201b7f6c7887ea
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
This envvar will make the application launcher wait for the WebAppMgr
service to be fully running before attempting to launch the app.
Otherwise, launcher would resort to running the app in standalone
mode, which would conflict with the WebAppMgr service when it's
finally running.
It will be useful for webapps that are auto-started, like the future
homescreen or the html5-launcher.
Bug-AGL: SPEC-2793
Signed-off-by: Jacobo Aragunde Pérez <jaragunde@igalia.com>
Change-Id: I97f927c856b0dd2643f8b7492dff06b2c459761d
|
|
Wrong shebang in some shell script prevents packaging to ends correctly.
Bugs-AGL: SPEC-2863
Change-Id: I63ae56ddc88f9f9dfa0734efff69c26c87800a07
Signed-off-by: Romain Forlot <romain.forlot@iot.bzh>
|
|
This reverts commit 37d9652ee0011eff9346a54c33bd459b53e29d0f.
Revert looks good because the issue has to be adressed by
the build environment.
Bug-AGL: SPEC-2801
Change-Id: I51cd51344fc6c6d602f6636c2ffe3af094a78c52
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
It is intended to enhance reproducibility
of produced binaries as unmeaning prefixes
are removed.
Bug-AGL: SPEC-2801
Change-Id: Ic406e4477e47c313757c00932db0f129e1d3d01f
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
|
|
The user setup takes care of populating correctly the
directory /run/user/UID with needed items BEFORE
user services start.
Bug-AGL: SPEC-1015
Change-Id: I6f942d73bf241d593c960dbf3bc6a038f1746fe0
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
The platform services are services that run
at the global platform scope as opposite to
services that run in the context of the user.
Bug-AGL: SPEC-1015
Change-Id: I08c2d47715cbc7436e67781d5e638386be531520
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
The files conf/dbus/afm-permissions-*.conf
are introduced to grant the permission to
access specific services.
At the moment the same permission is used:
http://tizen.org/privilege/internal/dbus
But the idea is to replace it by a set of
different permissions.
Bug-AGL: SPEC-1016
Change-Id: Ide54e7fd9ae328ff17a877e4ec04b18ad32fb899
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
The daemon afm-user-daemon is deprecated.
To be cleaner, it is removed from the compilation
and the installation.
It is still kept a again for little time in the
unexpected case where it could be useful to compile
it.
Bug-AGL: SPEC-2437
Change-Id: Ifccee49eb14ceff5f7a78fb299260918a585bf93
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
The daemon afm-user-daemon is deprecated.
To be cleaner, it is removed from the compilation
and the installation.
It is still kept a again for little time in the
unexpected case where it could be useful to compile
it.
Bug-AGL: SPEC-2437
Change-Id: I164de87dd006570671543204dab5233fca40e538
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
The process of generating the file /etc/afm-unit.conf
had be reworked to be more straight forward.
Before that commit, a manual operation (a "make") had
to be done before committing the repository. This was
not efficient, error prone and kept temporary files in
conf.
That commit changes it by calling m4 through cmake.
Bug-AGL: SPEC-2436
Change-Id: Ia32a810286471dde8a01387d157e33277d67411d
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
This tiny change allows to use EXTERNALSRC when
building debugging images without having its
git status polluted.
Bug-AGL: SPEC-2006
Change-Id: Ic6556a34c487012471ed456c6b4467d686fee816
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
The generation files are reworked to improve
their evolution and maintainability:
- the Makefile now refers to any .inc file
- the macros are isolated from the skeleton
- main iterators are managed in the skeleton
- improve management of UNIT_NAME_BASE
Bug-AGL: SPEC-2436
Change-Id: I0877eb0149c9362be3290ed2c146cc69fc6bf718
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
The use of AFM_CONFIG_DIR brings nothing except confusion.
Bug-AGL: SPEC-2436
Change-Id: I21a18ad98349bf6799b72061523bc353ad3d6c3f
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
Having the binary 'afm-user-session' in /usr/bin
brings nothing. It is better to keep it in private
area.
Bug-AGL: SPEC-2367
Change-Id: I8ef517f599c02e18d8987278a6652a065ee6f0b6
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
The tests were not needed because they
were in the body of a conditional part
ruled by the same test.
Bug-AGL: SPEC-2436
Change-Id: Ia5cd1157dde6fc2b5aa1153aa375568b39639caf
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
The prefix of the URN for AGL features should be
settable.
Bug-AGL: SPEC-2436
Change-Id: I49e9634ebc6a280c28caa6e6764e543a7e78253c
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|