1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
|
The afm-system-daemon
=====================
version: 1
Date: 15 March 2016
Author: José Bollo
Foreword
--------
This document describes what we intend to do. It may happen that our
current implementation and the content of this document differ.
In case of differences, it is assumed that this document is right
and the implementation is wrong.
Introduction
------------
The daemon **afm-system-daemon** is in charge of installing
applications on the system. Its main tasks are:
- installs the applications and setup the security framework
to include it
- uninstall the applications
The **afm-system-daemon** takes its orders from the system
instance of D-Bus.
The figure below summarizes the situation of the
**afm-system-daemon** in the system.
+------------------------------------------------------------+
| User |
| |
| +-------------------------------------------------+ |
| | | |
| | afm-user-daemon | |
| | | |
| +----------+----------------------+----------+----+ |
| | | : |
| | | : |
:================|======================|==========:=========:
| | | : |
| +----------+----------+ +-----+-----+ : |
| | D-Bus system +-----+ CYNARA | : |
| +----------+----------+ +-----+-----+ : |
| | | : |
| +----------+---------+ +-------+----------+----+ |
| | afm-system-daemon +----+ SECURITY-MANAGER | |
| +--------------------+ +-----------------------+ |
| |
| System |
+------------------------------------------------------------+
Starting **afm-system-daemon**
------------------------------
**afm-system-daemon** is launched as a **systemd** service
attached to system. Normally, the service file is
located at /lib/systemd/system/afm-system-daemon.service.
The options for launching **afm-system-daemon** are:
-r
--root directory
Set the root application directory.
Note that the default root directory is defined
to be /usr/share/afm/applications (may change).
-d
--daemon
Daemonizes the process. It is not needed by sytemd.
-q
--quiet
Reduces the verbosity (can be repeated).
-v
--verbose
Increases the verbosity (can be repeated).
-h
--help
Prints a short help.
The D-Bus interface
-------------------
### Overview of the dbus interface
***afm-system-daemon*** takes its orders from the session instance
of D-Bus. The use of D-Bus is great because it allows to implement
discovery and signaling.
The **afm-system-daemon** is listening with the destination name
***org.AGL.afm.system*** at the object of path ***/org/AGL/afm/system***
on the interface ***org.AGL.afm.system*** for the below detailed
members ***install*** and ***uninstall***.
D-Bus is mainly used for signaling and discovery. Its optimized
typed protocol is not used except for transmitting only one string
in both directions.
The client and the service are using JSON serialisation to
exchange data.
The D-Bus interface is defined by:
* DESTINATION: **org.AGL.afm.system**
* PATH: **/org/AGL/afm/system**
* INTERFACE: **org.AGL.afm.system**
The signature of any member of the interface is ***string -> string***
for ***JSON -> JSON***.
This is the normal case. In case of error, the current implmentation
returns a dbus error that is a string.
Here is an example that use *dbus-send* to query data on
installed applications.
dbus-send --session --print-reply \
--dest=org.AGL.afm.system \
/org/AGL/afm/system \
org.AGL.afm.system.install 'string:"/tmp/appli.wgt"'
### The protocol over D-Bus
---
#### Method org.AGL.afm.system.install
**Description**: Install an application from its widget file.
If an application of the same *id* and *version* exists, it is not
reinstalled except if *force=true*.
Applications are installed in the subdirectories of the common directory
of applications.
If *root* is specified, the application is installed under the
sub-directories of the *root* defined.
Note that this methods is a simple accessor to the method
***org.AGL.afm.system.install*** of ***afm-system-daemon***.
After the installation and before returning to the sender,
***afm-system-daemon*** sends the signal ***org.AGL.afm.system.changed***.
**Input**: The *path* of the widget file to install and, optionaly,
a flag to *force* reinstallation, and, optionaly, a *root* directory.
Either just a string being the absolute path of the widget file:
"/a/path/driving/to/the/widget"
Or an object:
{
"wgt": "/a/path/to/the/widget",
"force": false,
"root": "/a/path/to/the/root"
}
"wgt" and "root" must be absolute paths.
**output**: An object with the field "added" being the string for
the id of the added application.
{"added":"appli@x.y"}
---
#### Method org.AGL.afm.system.uninstall
**Description**: Uninstall an application from its id.
Note that this methods is a simple accessor to the method
***org.AGL.afm.system.uninstall*** of ***afm-system-daemon***.
After the uninstallation and before returning to the sender,
***afm-system-daemon*** sends the signal ***org.AGL.afm.system.changed***.
**Input**: the *id* of the application and, otpionaly, the path to
*root* of the application.
Either a string:
"appli@x.y"
Or an object:
{
"id": "appli@x.y",
"root": "/a/path/to/the/root"
}
**output**: the value 'true'.
[meta-intel]: https://github.com/01org/meta-intel-iot-security "A collection of layers providing security technologies"
[widgets]: http://www.w3.org/TR/widgets "Packaged Web Apps"
[widgets-digsig]: http://www.w3.org/TR/widgets-digsig "XML Digital Signatures for Widgets"
[libxml2]: http://xmlsoft.org/html/index.html "libxml2"
[openssl]: https://www.openssl.org "OpenSSL"
[xmlsec]: https://www.aleksey.com/xmlsec "XMLSec"
[json-c]: https://github.com/json-c/json-c "JSON-c"
[d-bus]: http://www.freedesktop.org/wiki/Software/dbus "D-Bus"
[libzip]: http://www.nih.at/libzip "libzip"
[cmake]: https://cmake.org "CMake"
[security-manager]: https://wiki.tizen.org/wiki/Security/Tizen_3.X_Security_Manager "Security-Manager"
[app-manifest]: http://www.w3.org/TR/appmanifest "Web App Manifest"
[tizen-security]: https://wiki.tizen.org/wiki/Security "Tizen security home page"
[tizen-secu-3]: https://wiki.tizen.org/wiki/Security/Tizen_3.X_Overview "Tizen 3 security overview"
|