summaryrefslogtreecommitdiffstats
path: root/conf/unit
AgeCommit message (Collapse)AuthorFilesLines
2020-11-30Add network and bluetooth permissions to service templateScott Murray1-2/+10
Add new public:network and public:bluetooth permissions that currently drive adding dependencies on network.target and bluetooth.target, respectively. This allows related bindings to depend on those to avoid start up races. In the future, these permissions could perhaps be tied to configuring DBus access control of the related services. Bug-AGL: SPEC-3509 Signed-off-by: Scott Murray <scott.murray@konsulko.com> Change-Id: I582691bfe223a01ce80f04a4b0a1463d58287a9c
2020-06-16Add weston dependency for units with display permissionjellyfish_9.99.1jellyfish/9.99.19.99.1Scott Murray1-0/+5
Add logic to the systemd unit template to add a dependency on the weston@display.service if the widget has the display permission. This fixes races with apps against weston / the new AGL compositor. Bug-AGL: SPEC-3411 Signed-off-by: Scott Murray <scott.murray@konsulko.com> Change-Id: Ib89da253933e7e34cfe5dfeb668c8d9df63f0e51
2020-02-20Fix homescreen start on yocto/ZeusJosé Bollo1-2/+2
Replacing BindsTo by Requires fix the start issue of the homescreen that complained with the message systemd[1]: afm-appli-homescreen--0.1--main@1001.service: ... ... Bound to unit afm-api-vshl-core@1001.service, but unit isn't active. Bug-AGL: SPEC-3178 Change-Id: I8df50354128d319f3dfc93b4d10848ecafdb6773 Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
2020-01-08Update copyrightJosé Bollo1-1/+1
Change-Id: I1d68e07563d9f0f139d1bc8128e09a5da0a648af Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2019-12-17Use of cynagoauthJosé Bollo1-1/+1
The flow of HTML5 applications is adjusted to use the basic implementation of cynagoauth. Bug-AGL: SPEC-2968 Bug-AGL: SPEC-3032 Change-Id: Iabf7ebb39fe9ed87bf1fd5b6742fb512a6df19a7 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2019-12-16Introduce widget type application/vnd.agl.resourceJose Bollo1-2/+8
The widget type application/vnd.agl.resource doesn't brings service. It can be used to provide a binding to the system. Bug-AGL: SPEC-3057 Bug-AGL: SPEC-1663 Change-Id: I5c900865b8eeec494953942c8069dfefe254a85c Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2019-12-13Ensure home and workir to widget of scope-platformicefish_8.99.3icefish/8.99.38.99.3José Bollo1-2/+2
The widget requesting the permission to run at platform scope: urn:AGL:permission::partner:scope-platform should be able to record data and state. This change provides a default place to achieve it. Bug-AGL: SPEC-2998 Change-Id: I148a670d3e08e36603ebd318b533ea1e1a695750 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2019-12-03Introduce localuser interface for applicationsicefish_8.99.2icefish/8.99.28.99.2José Bollo2-1/+4
This change make use of nss-localuser hostname family (see https://git.automotivelinux.org/src/nss-localuser/) to separate applications and users, each running its own IP address and hostname. The intended behaviour is to use existing browser policy to ensure privacy of applications and users. Bug-AGL: SPEC-2968 Change-Id: Ie1a3c7331fd43e8747afae2cd338df461bac1454 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2019-12-03Enforce numeric application IDsJosé Bollo2-1/+3
This change allows to index applications numerically. This can be used for various purposes. One of it is to compute the HTTP port. Bug-AGL: SPEC-2968 Change-Id: I74531781f3a39d5d4b09eeb907f57f36822e38f0 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2019-12-03Remove tokensJosé Bollo1-2/+0
Tokens are no more managed by the binder. Bug-AGL: SPEC-2968 Change-Id: Iabcbc6e900811cd88729f007bb16ba493d0c0651 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2019-10-10Add discovery of APIicefish_8.99.1icefish/8.99.18.99.1José Bollo1-0/+1
This change allows binders to use API not declared in the config.xml file. This behaviour is allowed by the platform permission urn:AGL:permission::platform:apis:auto-ws It allows a binding to use started bindings not listed in their config.xml file. But it does not allow to start them or to discover them. Bug-AGL: SPEC-2871 Change-Id: Iff0ec8417541171d446254e538201b7f6c7887ea Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2019-10-08Add WAIT_FOR_HOST_SERVICE envvar to unit files for webappsJacobo Aragunde Pérez1-0/+1
This envvar will make the application launcher wait for the WebAppMgr service to be fully running before attempting to launch the app. Otherwise, launcher would resort to running the app in standalone mode, which would conflict with the WebAppMgr service when it's finally running. It will be useful for webapps that are auto-started, like the future homescreen or the html5-launcher. Bug-AGL: SPEC-2793 Signed-off-by: Jacobo Aragunde Pérez <jaragunde@igalia.com> Change-Id: I97f927c856b0dd2643f8b7492dff06b2c459761d
2019-06-14Introduce platform servicesJosé Bollo8-40/+234
The platform services are services that run at the global platform scope as opposite to services that run in the context of the user. Bug-AGL: SPEC-1015 Change-Id: I08c2d47715cbc7436e67781d5e638386be531520 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2019-06-04afm-unit.conf: Refactor its generationJosé Bollo10-611/+21
The process of generating the file /etc/afm-unit.conf had be reworked to be more straight forward. Before that commit, a manual operation (a "make") had to be done before committing the repository. This was not efficient, error prone and kept temporary files in conf. That commit changes it by calling m4 through cmake. Bug-AGL: SPEC-2436 Change-Id: Ia32a810286471dde8a01387d157e33277d67411d Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
2019-05-23afm-unit.conf: cleanup of generationJosé Bollo8-138/+144
The generation files are reworked to improve their evolution and maintainability: - the Makefile now refers to any .inc file - the macros are isolated from the skeleton - main iterators are managed in the skeleton - improve management of UNIT_NAME_BASE Bug-AGL: SPEC-2436 Change-Id: I0877eb0149c9362be3290ed2c146cc69fc6bf718 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2019-05-23afm-unit: Simplify the MakefileJosé Bollo2-9/+4
The use of AFM_CONFIG_DIR brings nothing except confusion. Bug-AGL: SPEC-2436 Change-Id: I21a18ad98349bf6799b72061523bc353ad3d6c3f Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2019-05-23afm-unit conf: Remove useless testsJosé Bollo3-13/+0
The tests were not needed because they were in the body of a conditional part ruled by the same test. Bug-AGL: SPEC-2436 Change-Id: Ia5cd1157dde6fc2b5aa1153aa375568b39639caf Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2019-05-23Use definition of afm_prefixJosé Bollo3-23/+23
The prefix of the URN for AGL features should be settable. Bug-AGL: SPEC-2436 Change-Id: I49e9634ebc6a280c28caa6e6764e543a7e78253c Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2019-04-26afm-unit: Restore removal of capabilitiesJosé Bollo3-3/+3
This removes capabilities to any application installed and launched. Also fixes a tiny bug in setup of user environment. Bug-AGL: SPEC-2006 Change-Id: I2c0d85cc2c2d389247ad9ce728f4d9e8e3d74616 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2019-03-28afm-unit.conf: Add widget specific environmentJosé Bollo4-0/+4
This change allow to set environment specific to a widget in ${afm_confdir}/widget.env.d/ID/* files where ID is the ID of the widget. Setting specific environment for a given widget was not possible (except in devel/debug) before. Change-Id: I8ef9349fda9adb8eecf330ce97cc7ebcd21bf399 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2019-03-21Add ability to manage all widget/applicationsJosé Bollo3-0/+3
For system uses -like automatic testing-, it is needed to include tha ability to list ALL installed widgets and ALL running instance of installed widgets. This change adds the option -a or --all to the commands 'list' and 'runners' for the purpose of listing any installed widgets, even those requiring to be hidden. Example: afm-util ps -a Bug-AGL: SPEC-2272 Bug-AGL: SPEC-1850 Change-Id: I216ec9c63efea1b3af58e1d2d7723d986e04551e Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
2019-02-07Update date in copyrightssandbox/scottrif29/scottdocsJosé Bollo1-1/+1
Change-Id: Ie2ff321f78c59913373e2ffb2820297fd423d6f4 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2019-02-06Revert "afm-unit: Restore removal of capabilities"halibut_7.90.0halibut/7.90.07.90.0Stephane Desneux3-9/+6
This reverts commit f2a2f1357a5268b614528feeba0a91f4ea04a7aa. Change-Id: I7ff68f27b75c9ddb887470c5579e7b9277aa3613 Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
2018-12-20Merge "Revert "afm-unit: add autoapi in required-api feature""guppy_6.99.3guppy/6.99.36.99.3Jan-Simon Moeller3-3/+0
2018-12-20Revert "afm-unit: add autoapi in required-api feature"José Bollo3-3/+0
This reverts commit 2b6e13bd5812dc1d7efe338a163f6dd253bbe15b. Change-Id: I5e2493669da8d45150ed46257b06a5dae005e0bd
2018-12-20Merge "afm-unit: add autoapi in required-api feature"Jan-Simon Moeller3-0/+3
2018-12-18afm-unit: Restore removal of capabilitiesJosé Bollo3-6/+9
This removes capabilities to any application installed and launched. Also applications are added by default to the display group, meaning that it can be displayed. Bug-AGL: SPEC-2006 Change-Id: Ia0b2d0df3ec1c74f37ca176fc9f0e8db96de3566 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2018-12-18afm-unit: Fix http port multi allocationJosé Bollo3-8/+8
When serveral targets were set in the widget file, the framework allocated the same HTTP port to each. This lead to impossibility to run all targets or to a systemd conflict. This should fix the issue by allocating an HTTP port for each target installed by the widget. To achieves that goal, the afm-unit.conf tag for the port is moved from '#metadata.http-port' to '#metatarget.http-port'. Bug-AGL: SPEC-2068 Change-Id: I5376d6f052e0ffc5c77cc80041528637777aed1e Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2018-12-14afm-unit: add autoapi in required-api featureClément Bénier3-0/+3
- required-api feature: add autoapi value - start the daemon with --auto-api option to the websocket directory Change-Id: Ia36d0edb4bfa22d07feafed580373cda21dd5b35 Signed-off-by: Clément Bénier <clement.benier@iot.bzh>
2018-11-08afm-unit: Export new variablesJosé Bollo7-6/+16
Export the new variables: - AFM_ID: the identifier of the application - AFM_WORKDIR: the workdir of the application - AFM_WSAPI_DIR: the directory where APIs can be accessed Change-Id: I79b46754f84161a36d9a13dd79bc94e777c854fe Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2018-10-19afm-unit.conf: Enforce starting after networkJose Bollo3-0/+3
This solves issues encountered when starting remote services. It delays all services until completion of network initialisation. Delaying every services is not selective. Further optimisation may improve that issue. Bug-AGL: SPEC-1650 Change-Id: I5742a4cd514c86c724a8e7a86c7e0a5dde6a8c67 Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
2018-10-19afm-unit.conf: Restrict service for APIsJose Bollo3-3/+3
Forbids exportation of service apis for apis that are not exported as 'ws' or 'auto'. Bug-AGL: SPEC-1650 Change-Id: I0681bdb0632d9f331036abc1ff1e1b2bb37933cd Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
2018-10-19Add the ability to access binding through tcpJosé Bollo3-0/+6
This commit introduce "tcp", a new type of provided/required api. It appears in the config.xml as below: <urn:AGL:widget:provided-api> <param "name"="HOST:PORT/API" "value"="tcp"> <urn:AGL:widget:required-api> <param "name"="HOST:PORT/API" "value"="tcp"> This implementation is a draft. The service exposed can not start automatically. Use it with the permission urn:AGL:permission::system:run-by-default. Change-Id: Ic593f0d891692ca0c777c49057ec54c37fc55cc0 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2018-10-05afm-unit.conf: force symbolic link on updateRomain Forlot3-3/+3
Forcing symbolic link update ensures that if the value changes the link will be overwriten. Otherwise the link always keeps the old path until a system reboot or a manual removal of the link file. Change-Id: Ib9d8f267a8665edd75ce04f77eb70c4b0a4b8e9f Signed-off-by: Romain Forlot <romain.forlot@iot.bzh>
2018-08-16Add the external binding featureflounder_5.99.3flounder/5.99.35.99.3José Bollo8-19/+117
This commit introduce two new features: <urn:AGL:widget:provided-binding> <param "name"="public-name" "value"="relative-path-to-the-binding"/> <urn:AGL:widget:required-binding> <param "name"="public-name" "value"="extern"> <param "name"="relative-path-to-the-binding" "value"="local"> TODO: manage security by setting correct Smack label to the exported files Bugs-AGL: SPEC-1439 Bugs-AGL: SPEC-1663 Change-Id: I70aad7d523ece7a2ae0058b79708a02ef81144e2 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2018-07-19Creates systemd service for APIsJosé Bollo5-43/+127
Before this change, APIs were only provided as binder's exported websockets. This forbade ability to use symbolic links. Allowing links is interesting for having platform sockets and for linked api (not using socket). The API afm-main is a platform API. It must run at system level and must be available for all user clients. To achieve it, we use a link. Bug-AGL: SPEC-1592 Change-Id: I8753f83373755eb7fc2d2cc50251b8f738b61b03 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2018-02-28Refactor user session managementJosé Bollo3-3/+6
Change-Id: Ib6ba886df110d8a23e3760e1818263ec757b9c7c Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2018-02-28provided.inc: Fix smack label of socketsJosé Bollo3-6/+6
Change-Id: I53d3cac7136e4d169acd8e3e3de5ea8439dd0192 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2018-02-28Update date of copyright noticesJosé Bollo1-1/+1
Change-Id: Ia4ef2a6e3c07616ccd756933a82f0806844c4faf Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2018-02-28Add configuration variables for runtime socket dirsJosé Bollo4-15/+16
2 new configuration variables: - afm_platform_rundir (default /run/platform) Path to location of platform runtime sockets - afm_users_rundir (default /run/user) Path to location of users runtime sockets Change-Id: I65007fee1ca2ce6f1247a67ba0b121f97c08f209 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2017-12-11unit.conf: Fix Smack permission on api wsJosé Bollo3-0/+6
The Smack permission to write on the websocket of the API must be set to something that allows the communication! Here the chosen value is * Change-Id: Ia276219b232e33bd35353d8feb333513b340e75c Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2017-12-07unit.cont: Refactor PATH and LD_LIBRARY_PATHjobol3-6/+6
Change-Id: Ic6da02c0039421fd5656238f5fa812574af1c268 Signed-off-by: jobol <jose.bollo@iot.bzh>
2017-11-24simplify afm-user-session processJosé Bollo4-12/+6
Change-Id: If2739fd2c5a19d7cd31e117e1e79c0b51451552b Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2017-11-24Avoid implicit Before socket.targetJosé Bollo4-0/+22
Change-Id: I493c49a80ebb1fa85f586d0b0704b5682f0c3613 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2017-11-24Config for afm-user-sessionJosé Bollo4-3/+9
Change-Id: I6567b58fa0a6dd17deba4c7cccbf3b9f441730eb Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2017-11-24unit.conf: Fix target nameJosé Bollo4-12/+12
Change-Id: I144bcd47b65b86dd07ca5de71514a0032166b3a6 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2017-11-24Rework on systemd start of user sessionsJosé Bollo8-0/+852
Change-Id: Iad46596435eebdc5c521b572fd8320b52a61d197 Signed-off-by: José Bollo <jose.bollo@iot.bzh>