Code Review / src / app-framework-main.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
afm-unit.conf: connect to systemd sockets
[src/app-framework-main.git] / conf / afm-unit.conf
diff --git a/conf/afm-unit.conf b/conf/afm-unit.conf
index 2dfa2f6..437d053 100644 (file)
--- a/conf/afm-unit.conf
+++ b/conf/afm-unit.conf
@@ -84,11 +84,11 @@ SmackProcessLabel=User::App::{{id}}
   {{^urn:AGL:permission::partner:real-time}}    RestrictRealtime=on             {{/urn:AGL:permission::partner:real-time}}
   {{#urn:AGL:permission::public:display}}       SupplementaryGroups=display     {{/urn:AGL:permission::public:display}}
   {{^urn:AGL:permission::public:syscall:clock}} SystemCallFilter=~@clock        {{/urn:AGL:permission::public:syscall:clock}}
-  {{^urn:AGL:permission::public:internet}}      RestrictAddressFamilies=AF_UNIX {{/urn:AGL:permission::public:internet}}
 {{/required-permission}}
 %nl
 
 WorkingDirectory={{&#metadata.app-data-dir}}
+SuccessExitStatus=0 SIGKILL
 
 ;---------------------------------------------------------------------------------
 {{#content.type=text/html}}
@@ -99,8 +99,13 @@ WorkingDirectory={{&#metadata.app-data-dir}}
 
 ExecStart=/usr/bin/afb-daemon --port={{:#metadata.http-port}} --random-token \
        --rootdir={{:#metadata.install-dir}} \
-       --workdir={{&#metadata.app-data-dir}} \
-       --roothttp=htdocs \
+       --workdir={{&#metadata.app-data-dir}}/{{id}} \
+       {{#required-permission.urn:AGL:permission::public:no-htdocs}}\
+               --roothttp=. \
+       {{/required-permission.urn:AGL:permission::public:no-htdocs}}\
+       {{^required-permission.urn:AGL:permission::public:no-htdocs}}\
+               --roothttp=htdocs \
+       {{/required-permission.urn:AGL:permission::public:no-htdocs}}\
        {{#required-permission.urn:AGL:permission::public:applications:read}}\
                --alias=/icons:{{:#metadata.icons-dir}} \
        {{/required-permission.urn:AGL:permission::public:applications:read}}\
@@ -133,14 +138,14 @@ ExecStart=/usr/bin/afb-daemon --port={{:#metadata.http-port}} --random-token \
 
 ExecStart=/usr/bin/afb-daemon \
        --rootdir={{:#metadata.install-dir}} \
-       --workdir={{&#metadata.install-dir}} \
+       --workdir={{&#metadata.install-dir}}/{{id}} \
        {{^required-permission.urn:AGL:permission::partner:service:no-ws}}\
-               --ws-server=unix:%t/bindings/{{:#target}} \
+               --ws-server=sd:{{:#target}} \
        {{/required-permission.urn:AGL:permission::partner:service:no-ws}}\
        {{^required-permission.urn:AGL:permission::partner:service:no-dbus}}\
                --dbus-server={{:#target}} \
        {{/required-permission.urn:AGL:permission::partner:service:no-dbus}}\
-       --no-httpd 
+       --no-httpd
 
 {{^required-permission.urn:AGL:permission::partner:service:no-ws}}
 
@@ -156,6 +161,7 @@ ExecStart=/usr/bin/afb-daemon \
 [socket]
 SmackLabel=*
 ListenStream=%t/bindings/{{:#target}}
+FileDescriptorName={{:#target}}
 
 {{/required-permission.urn:AGL:permission::partner:service:no-ws}}
 
Application Framework main service, maintained by iot.bzh team