summaryrefslogtreecommitdiffstats
path: root/conf/system
AgeCommit message (Collapse)AuthorFilesLines
2020-01-30Improve setup for solving access issuesJose Bollo2-36/+29
While developping the binding afb-test, the export of the binding afm-test, using "provided-binding" feature reavealed to be broken because of security setup. Bug-AGL: SPEC-2795 Change-Id: Ifc11a8b6a0f20b25d34a8f6b2f81f4c8b5f98238 Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
2019-12-15Ensure home and workir to widget of scope-platformhalibut_8.0.5halibut_8.0.4halibut/8.0.5halibut/8.0.48.0.58.0.4José Bollo1-1/+8
The widget requesting the permission to run at platform scope: urn:AGL:permission::partner:scope-platform should be able to record data and state. This change provides a default place to achieve it. Bug-AGL: SPEC-2998 Change-Id: I148a670d3e08e36603ebd318b533ea1e1a695750 Signed-off-by: José Bollo <jose.bollo@iot.bzh> (cherry picked from commit b65d4e0061d77718ee6c04c6cd1d41f6940b5a03)
2019-10-10conf/system: fix shebang not absolute.Romain Forlot2-2/+2
Wrong shebang in some shell script prevents packaging to ends correctly. Bugs-AGL: SPEC-2863 Change-Id: I63ae56ddc88f9f9dfa0734efff69c26c87800a07 Signed-off-by: Romain Forlot <romain.forlot@iot.bzh>
2019-06-14Fix synchronisation of user setupJosé Bollo4-7/+25
The user setup takes care of populating correctly the directory /run/user/UID with needed items BEFORE user services start. Bug-AGL: SPEC-1015 Change-Id: I6f942d73bf241d593c960dbf3bc6a038f1746fe0 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2019-06-14Introduce platform servicesJosé Bollo2-1/+5
The platform services are services that run at the global platform scope as opposite to services that run in the context of the user. Bug-AGL: SPEC-1015 Change-Id: I08c2d47715cbc7436e67781d5e638386be531520 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2019-05-23afm-user-session: moves in libexec directoryJosé Bollo3-3/+4
Having the binary 'afm-user-session' in /usr/bin brings nothing. It is better to keep it in private area. Bug-AGL: SPEC-2367 Change-Id: I8ef517f599c02e18d8987278a6652a065ee6f0b6 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2019-05-14Refactor of system and user setuphalibut_7.99.1halibut/7.99.17.99.1José Bollo7-26/+71
Since a long time, the creation of the user and system run environment was made by a sub-optimal, hardly maintainable and false-error generating. This change puts the user and system setup in separate shell scripts. This makes them more easy to maintain, update or tune. This facility will useful for further evolution. Bug-AGL: SPEC-1016 Change-Id: Iede81a659eacf4e5c21c561a33d300408e1bd058 Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
2019-04-30Allow setting of libexec locationJosé Bollo1-1/+1
The location of the framework binding could not be tuned but is fixed. The default location is good but it is important to be able to tune that location. This at least has the good effect that the location is set at one point in the build system instead of at multiple points as today. Bug-AGL: SPEC-2367 Change-Id: Ib06fdff56d1828eacd0d1f82c2e1308d0b36fa5e Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2019-04-26afm-unit: Restore removal of capabilitiesJosé Bollo1-1/+1
This removes capabilities to any application installed and launched. Also fixes a tiny bug in setup of user environment. Bug-AGL: SPEC-2006 Change-Id: I2c0d85cc2c2d389247ad9ce728f4d9e8e3d74616 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2019-02-07Update date in copyrightssandbox/scottrif29/scottdocsJosé Bollo1-1/+1
Change-Id: Ie2ff321f78c59913373e2ffb2820297fd423d6f4 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2019-01-06afm-user-setup service: disable start rate limitguppy_6.99.4guppy/6.99.46.99.4Stephane Desneux1-0/+2
The service afm-user-setup is invoked each time an app is started. If the user starts apps too quickly (3 apps in less than 10secs by default), then afm-user-setup will fail and the last app is not started. This patch removes the rate limitation coming from systemd default config. Change-Id: Ief6af726c58866e2fc6d3fa170e5f6c6afbee987 Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
2018-08-16Add the external binding featureflounder_5.99.3flounder/5.99.35.99.3José Bollo1-0/+1
This commit introduce two new features: <urn:AGL:widget:provided-binding> <param "name"="public-name" "value"="relative-path-to-the-binding"/> <urn:AGL:widget:required-binding> <param "name"="public-name" "value"="extern"> <param "name"="relative-path-to-the-binding" "value"="local"> TODO: manage security by setting correct Smack label to the exported files Bugs-AGL: SPEC-1439 Bugs-AGL: SPEC-1663 Change-Id: I70aad7d523ece7a2ae0058b79708a02ef81144e2 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2018-07-19Creates systemd service for APIsJosé Bollo2-0/+15
Before this change, APIs were only provided as binder's exported websockets. This forbade ability to use symbolic links. Allowing links is interesting for having platform sockets and for linked api (not using socket). The API afm-main is a platform API. It must run at system level and must be available for all user clients. To achieve it, we use a link. Bug-AGL: SPEC-1592 Change-Id: I8753f83373755eb7fc2d2cc50251b8f738b61b03 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2018-05-24afm-system-daemon.service: Fix a typoJosé Bollo1-1/+1
Change-Id: If9dcd49edad5a34ea9c7bdfcba7d7bc44bbafbeb Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2018-02-28Refactor user session managementJosé Bollo5-12/+17
Change-Id: Ib6ba886df110d8a23e3760e1818263ec757b9c7c Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2018-02-28afm-user-session: Start target from user sessionJosé Bollo2-0/+17
Start the afm-user-session@%i.target from the user session after pam_sytemd session started. Change-Id: I5aeb8f01426b3cee2cbfad6ba30ecf37fe21abca Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2018-02-28Update date of copyright noticesJosé Bollo1-1/+1
Change-Id: Ia4ef2a6e3c07616ccd756933a82f0806844c4faf Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2018-02-28Add configuration variables for runtime socket dirsJosé Bollo1-1/+1
2 new configuration variables: - afm_platform_rundir (default /run/platform) Path to location of platform runtime sockets - afm_users_rundir (default /run/user) Path to location of users runtime sockets Change-Id: I65007fee1ca2ce6f1247a67ba0b121f97c08f209 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2017-11-24simplify afm-user-session processJosé Bollo5-29/+4
Change-Id: If2739fd2c5a19d7cd31e117e1e79c0b51451552b Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2017-11-24Improve afm-user-session setupJosé Bollo2-9/+3
Change-Id: I4dfb0939afc871e93874cf021548db2e85d3656c Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2017-11-24Config for afm-user-sessionJosé Bollo4-6/+6
Change-Id: I6567b58fa0a6dd17deba4c7cccbf3b9f441730eb Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2017-11-24afm-user-startup.service: Fix typeJosé Bollo1-0/+1
Change-Id: I8ecddbc5be346441f002ef8c50dd733fec0e6ef2 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2017-11-24Add a PAM config fileJosé Bollo3-2/+8
Change-Id: I27f726cd3cec7c0e499086c5ac3de1a736ef108c Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2017-11-24Rework on systemd start of user sessionsJosé Bollo8-0/+134
Change-Id: Iad46596435eebdc5c521b572fd8320b52a61d197 Signed-off-by: José Bollo <jose.bollo@iot.bzh>