app-framework-main - Application Framework main service, maintained by iot.bzh team

Age	Commit message (Collapse)	Author	Files	Lines
2018-12-18	afm-unit: Restore removal of capabilities	José Bollo	3	-6/+9
	This removes capabilities to any application installed and launched. Also applications are added by default to the display group, meaning that it can be displayed. Bug-AGL: SPEC-2006 Change-Id: Ia0b2d0df3ec1c74f37ca176fc9f0e8db96de3566 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2018-12-18	afm-unit: Fix http port multi allocation	José Bollo	3	-8/+8
	When serveral targets were set in the widget file, the framework allocated the same HTTP port to each. This lead to impossibility to run all targets or to a systemd conflict. This should fix the issue by allocating an HTTP port for each target installed by the widget. To achieves that goal, the afm-unit.conf tag for the port is moved from '#metadata.http-port' to '#metatarget.http-port'. Bug-AGL: SPEC-2068 Change-Id: I5376d6f052e0ffc5c77cc80041528637777aed1e Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2018-11-08	afm-unit: Export new variables	José Bollo	7	-6/+16
	Export the new variables: - AFM_ID: the identifier of the application - AFM_WORKDIR: the workdir of the application - AFM_WSAPI_DIR: the directory where APIs can be accessed Change-Id: I79b46754f84161a36d9a13dd79bc94e777c854fe Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2018-10-19	afm-unit.conf: Enforce starting after network	Jose Bollo	3	-0/+3
	This solves issues encountered when starting remote services. It delays all services until completion of network initialisation. Delaying every services is not selective. Further optimisation may improve that issue. Bug-AGL: SPEC-1650 Change-Id: I5742a4cd514c86c724a8e7a86c7e0a5dde6a8c67 Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
2018-10-19	afm-unit.conf: Restrict service for APIs	Jose Bollo	3	-3/+3
	Forbids exportation of service apis for apis that are not exported as 'ws' or 'auto'. Bug-AGL: SPEC-1650 Change-Id: I0681bdb0632d9f331036abc1ff1e1b2bb37933cd Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
2018-10-19	Add the ability to access binding through tcp	José Bollo	3	-0/+6
	This commit introduce "tcp", a new type of provided/required api. It appears in the config.xml as below: <urn:AGL:widget:provided-api> <param "name"="HOST:PORT/API" "value"="tcp"> <urn:AGL:widget:required-api> <param "name"="HOST:PORT/API" "value"="tcp"> This implementation is a draft. The service exposed can not start automatically. Use it with the permission urn:AGL:permission::system:run-by-default. Change-Id: Ic593f0d891692ca0c777c49057ec54c37fc55cc0 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2018-10-05	afm-unit.conf: force symbolic link on update	Romain Forlot	3	-3/+3
	Forcing symbolic link update ensures that if the value changes the link will be overwriten. Otherwise the link always keeps the old path until a system reboot or a manual removal of the link file. Change-Id: Ib9d8f267a8665edd75ce04f77eb70c4b0a4b8e9f Signed-off-by: Romain Forlot <romain.forlot@iot.bzh>
2018-08-16	Add the external binding featureflounder_5.99.3 flounder/5.99.3 5.99.3	José Bollo	9	-19/+118
	This commit introduce two new features: <urn:AGL:widget:provided-binding> <param "name"="public-name" "value"="relative-path-to-the-binding"/> <urn:AGL:widget:required-binding> <param "name"="public-name" "value"="extern"> <param "name"="relative-path-to-the-binding" "value"="local"> TODO: manage security by setting correct Smack label to the exported files Bugs-AGL: SPEC-1439 Bugs-AGL: SPEC-1663 Change-Id: I70aad7d523ece7a2ae0058b79708a02ef81144e2 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2018-07-19	Creates systemd service for APIs	José Bollo	7	-43/+142
	Before this change, APIs were only provided as binder's exported websockets. This forbade ability to use symbolic links. Allowing links is interesting for having platform sockets and for linked api (not using socket). The API afm-main is a platform API. It must run at system level and must be available for all user clients. To achieve it, we use a link. Bug-AGL: SPEC-1592 Change-Id: I8753f83373755eb7fc2d2cc50251b8f738b61b03 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2018-05-24	afm-system-daemon.service: Fix a typo	José Bollo	1	-1/+1
	Change-Id: If9dcd49edad5a34ea9c7bdfcba7d7bc44bbafbeb Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2018-02-28	Refactor user session management	José Bollo	9	-15/+70
	Change-Id: Ib6ba886df110d8a23e3760e1818263ec757b9c7c Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2018-02-28	provided.inc: Fix smack label of sockets	José Bollo	3	-6/+6
	Change-Id: I53d3cac7136e4d169acd8e3e3de5ea8439dd0192 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2018-02-28	afm-user-session: Start target from user session	José Bollo	3	-0/+27
	Start the afm-user-session@%i.target from the user session after pam_sytemd session started. Change-Id: I5aeb8f01426b3cee2cbfad6ba30ecf37fe21abca Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2018-02-28	Update date of copyright notices	José Bollo	4	-4/+4
	Change-Id: Ia4ef2a6e3c07616ccd756933a82f0806844c4faf Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2018-02-28	Add configuration variables for runtime socket dirs	José Bollo	7	-19/+20
	2 new configuration variables: - afm_platform_rundir (default /run/platform) Path to location of platform runtime sockets - afm_users_rundir (default /run/user) Path to location of users runtime sockets Change-Id: I65007fee1ca2ce6f1247a67ba0b121f97c08f209 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2017-12-11	unit.conf: Fix Smack permission on api ws	José Bollo	3	-0/+6
	The Smack permission to write on the websocket of the API must be set to something that allows the communication! Here the chosen value is * Change-Id: Ia276219b232e33bd35353d8feb333513b340e75c Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2017-12-07	unit.cont: Refactor PATH and LD_LIBRARY_PATH	jobol	3	-6/+6
	Change-Id: Ic6da02c0039421fd5656238f5fa812574af1c268 Signed-off-by: jobol <jose.bollo@iot.bzh>
2017-11-24	simplify afm-user-session process	José Bollo	11	-50/+10
	Change-Id: If2739fd2c5a19d7cd31e117e1e79c0b51451552b Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2017-11-24	Improve afm-user-session setup	José Bollo	2	-9/+3
	Change-Id: I4dfb0939afc871e93874cf021548db2e85d3656c Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2017-11-24	Avoid implicit Before socket.target	José Bollo	4	-0/+22
	Change-Id: I493c49a80ebb1fa85f586d0b0704b5682f0c3613 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2017-11-24	Config for afm-user-session	José Bollo	8	-9/+15
	Change-Id: I6567b58fa0a6dd17deba4c7cccbf3b9f441730eb Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2017-11-24	afm-user-startup.service: Fix type	José Bollo	1	-0/+1
	Change-Id: I8ecddbc5be346441f002ef8c50dd733fec0e6ef2 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2017-11-24	unit.conf: Fix target name	José Bollo	4	-12/+12
	Change-Id: I144bcd47b65b86dd07ca5de71514a0032166b3a6 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2017-11-24	Add a PAM config file	José Bollo	3	-2/+8
	Change-Id: I27f726cd3cec7c0e499086c5ac3de1a736ef108c Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2017-11-24	Rework on systemd start of user sessions	José Bollo	21	-55/+189
	Change-Id: Iad46596435eebdc5c521b572fd8320b52a61d197 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2017-11-24	unit.conf: Bound start to agl-user-session	José Bollo	4	-6/+6
	Change-Id: Ic9731dbc9ee71872198ad70995dbaced8a7aa683 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2017-11-24	unit.conf: Remove unset of capabilities	José Bollo	3	-6/+6
	Remove the unsetting of capabilities because it currently breaks the image. To be reworked. Change-Id: I69a1d9c23f463a36edebb7993aa94fae14fb60e8 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2017-11-24	unit.conf: binder's service of type notify	José Bollo	3	-0/+3
	Change-Id: Ibb80974c65f48d7473b8aa56604154bf70a49e14 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2017-11-24	unit.conf: Fix remaining %t	José Bollo	5	-9/+12
	Change-Id: If9c1c0d8b805e7de6490c75f0465d3455e84eb36 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2017-11-24	genconf: set filetype and syntax	José Bollo	4	-0/+4
	Change-Id: Ibcff5a513c4559c84ddfca1ef9449b1eff544006 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2017-11-24	afm-unit.conf: Fix missing @ in service name	José Bollo	4	-20/+9
	Regression introduced by commit: c7db705 Generate afm-unit.conf using m4 Change-Id: Ibeeaf14b697e79cb2a95154b50b2ac775f93d529 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2017-11-24	wgtpkg-unit: remove metadata.app-data-dir variable	José Bollo	5	-21/+22
	Change-Id: I51cbbad8ecdc371f457a008808c8c0f63501ac2b Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2017-11-24	Generate afm-unit.conf using m4	José Bollo	7	-239/+431
	The use of m4 to generate the afm-unit.conf and afm-unit-debug.conf files has benefits: - the sync between debug versus not debug is mechanical - it allows easier maintainance by improving readability and writability (ex: macros TARGET or UNIT_NAME_BASE) Change-Id: Ic0427bedf4f8a5b174318562336603077f174fa5 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2017-11-24	afm-unit.conf: remove invocation of PAM	José Bollo	2	-2/+2
	Change-Id: I2b446907b0c68b3bdb1c59227427e237f429ed8e Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2017-11-24	afm-unit.conf: Add XDG dirs definitions	José Bollo	2	-0/+6
	Change-Id: I40d73de059e955256d90ca7831870815c7d90481 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2017-11-24	afm-unit.conf: Add slice indication	José Bollo	2	-0/+2
	Change-Id: I50c2166ffab106988fa4ac1e68c14ea56c5b3145 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2017-11-24	Don't rely on features available for user units	José Bollo	2	-0/+4
	Change-Id: I117b8de2eec6cba9f475e18b794f90347bc184f8 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2017-11-24	Avoid polkit and bug	José Bollo	1	-2/+2
	Accessing systemd/system with DBUS from a user not root make systemd use polkit. It doesn't work for us because: - at the end systemd crashes (sigsegv) - we don't want polkit here Change-Id: I206edd108b8b659c8c6a3a68f61500cb114995d4 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2017-11-24	remove secure-bit directives	José Bollo	2	-2/+0
	Doesn't work after dropping capabilities! Change-Id: I748a8de9bb04006c14cba09cc6c4469da06c1b5d Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2017-11-24	bug fixes and improvements	José Bollo	2	-2/+3
	Change-Id: I2fc3de0a84e471e8e87f43170c20f8d6d0d05fdc Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2017-11-24	provide access to systemd system	José Bollo	2	-9/+6
	Change-Id: I1e3d2dc780a1449f2bfc894baa1f26a94be61cd8 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2017-11-24	Remove afm-system-daemon	José Bollo	3	-4/+16
	Change-Id: I1e6c0488b7183724a65fcc06fd3cf6909e0efd53 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2017-11-24	afm-unit.conf: Removes capabilities of applications	José Bollo	2	-0/+8
	Change-Id: I081e8a8f9ea344d47ae007a4d6c9e72663f82fcf Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2017-11-24	Start user units at the system level	José Bollo	2	-18/+24
	When service name end with @ it means that the user UID must be provided. Change-Id: I6707df0151b7cab985cfc53a81fccf6a7150c9a3 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2017-11-24	afm-unit.conf: Rename generated systemd units	José Bollo	2	-32/+48
	Uses a more uniform naming for units and allows to use templating for some other purpose. Change-Id: Ia99f84a8f4436fcce6cecf3b3720870d27e9e303 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2017-09-19	Remove legacy mode without systemd	José Bollo	2	-59/+0
	Change-Id: Id26322a1a46baa8b53b6d3c214477ae50a7c99f6 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2017-09-01	afm-unit-debug.conf: Move monitoring option	José Bollo	1	-1/+1
	Put it in the same place that other unconditionnal options Change-Id: I75fc5503db6fd9776299564b4a559a5bbf889952 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2017-09-01	afm-unit-debug.conf: Increase the verbosity in debug	José Bollo	1	-0/+1
	Latest version of the binder separated the verbosity levels of WARNING and NOTICE. This commits asks for notice report by default in debug. Change-Id: Ibdaf16560384c7f2576066250e42c44074501ebb Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2017-08-31	afm-unit.conf: improve setting of names	José Bollo	2	-4/+4
	The names are now prefixed by "afbd-" to clearly identify the binder daemon. Change-Id: I0dbd0a5dd68260a6315599e18e3e2f4a6be3efc5 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2017-08-29	afm-unit.conf: use option --name for setting binder name	José Bollo	2	-7/+17
	Also enforce output to journal Change-Id: I85957cfb8cc7e2264c9146ca18c352a0af347934 Signed-off-by: José Bollo <jose.bollo@iot.bzh>