+<!DOCTYPE html>
<html>
<head>
- <link rel="stylesheet" type="text/css" href="doc.css">
- <meta charset="UTF-8">
+ <meta charset="utf-8">
+ <meta name="generator" content="pandoc">
+ <meta name="viewport" content="width=device-width, initial-scale=1.0, user-scalable=yes">
+ <meta name="author" content="José Bollo">
+ <meta name="author" content="Fulup Ar Foll">
+ <title>The afm-system-daemon</title>
+ <style type="text/css">code{white-space: pre;}</style>
+ <link rel="stylesheet" href="doc.css">
+ <!--[if lt IE 9]>
+ <script src="//cdnjs.cloudflare.com/ajax/libs/html5shiv/3.7.3/html5shiv-printshiv.min.js"></script>
+ <![endif]-->
</head>
<body>
-<a name="The.afm-system-daemon"></a>
-<h1>The afm-system-daemon</h1>
-
-<pre><code>version: 1
-Date: 14 March 2016
-Author: José Bollo
-</code></pre>
-
-<a name="Organisation.of.directory.of.applications"></a>
-<h1>Organisation of directory of applications</h1>
-
-<p>The main path for applivcations are: APPDIR/PKGID/VER.</p>
-
-<p>Where:</p>
-
+<header>
+<h1 class="title">The afm-system-daemon</h1>
+<h2 class="author">José Bollo</h2>
+<h2 class="author">Fulup Ar Foll</h2>
+<h3 class="date">24 juin 2016</h3>
+</header>
+<nav id="TOC">
<ul>
-<li>APPDIR is as defined above</li>
-<li>PKGID is a directory whose name is the package identifier</li>
-<li>VER is the version of the package MAJOR.MINOR</li>
+<li><a href="#the-afm-system-daemon">The afm-system-daemon</a><ul>
+<li><a href="#foreword">Foreword</a></li>
+<li><a href="#introduction">Introduction</a></li>
+<li><a href="#starting-afm-system-daemon">Starting <strong>afm-system-daemon</strong></a></li>
+<li><a href="#the-d-bus-interface">The D-Bus interface</a><ul>
+<li><a href="#overview-of-the-dbus-interface">Overview of the dbus interface</a></li>
+<li><a href="#the-protocol-over-d-bus">The protocol over D-Bus</a></li>
+</ul></li>
+</ul></li>
</ul>
-
-
-<p>This organisation has the advantage to allow several versions to leave together.
-This is needed for some good reasons (rolling back) and also for less good reasons (user habits).</p>
-
-<a name="Identity.of.installed.files"></a>
-<h2>Identity of installed files</h2>
-
-<p>All the files are installed as the user “userapp” and group “userapp”.
-All files have rw(x) for user and r-(x) for group and others.</p>
-
-<p>This allows any user to read the files.</p>
-
-<a name="Labelling.the.directories.of.applications"></a>
-<h2>Labelling the directories of applications</h2>
-
-<a name="Organisation.of.data"></a>
-<h1>Organisation of data</h1>
-
-<p>The data of a user are in its directory and are labelled using the labels of the application</p>
-
-<a name="Setting.Smack.rules.for.the.application"></a>
-<h1>Setting Smack rules for the application</h1>
-
-<p>For Tizen, the following rules are set by the security manager for each application.</p>
-
-<pre><code>System ~APP~ rwx
-System ~PKG~ rwxat
-System ~PKG~::RO rwxat
-~APP~ System wx
-~APP~ System::Shared rxl
-~APP~ System::Run rwxat
-~APP~ System::Log rwxa
-~APP~ _ l
-User ~APP~ rwx
-User ~PKG~ rwxat
-User ~PKG~::RO rwxat
-~APP~ User wx
-~APP~ User::Home rxl
-~APP~ User::App::Shared rwxat
-~APP~ ~PKG~ rwxat
-~APP~ ~PKG~::RO rxl
-</code></pre>
-
-<p>Here, ~PKG~ is the identifier of the package and ~APP~ is the identifier of the application.</p>
-
-<a name="What.user.can.run.an.application."></a>
-<h1>What user can run an application?</h1>
-
-<p>Not all user are able to run all applications.
-How to manage that?</p>
+</nav>
+<h1 id="the-afm-system-daemon">The afm-system-daemon</h1>
+<h2 id="foreword">Foreword</h2>
+<p>This document describes application framework system daemon fundamentals. FCF (Fully Conform to Specification) implementation is still under development. It may happen that current implementation somehow diverges with specifications.</p>
+<h2 id="introduction">Introduction</h2>
+<p>The daemon <strong>afm-system-daemon</strong> is in charge of installing applications on AGL system. Its main tasks are:</p>
+<ul>
+<li><p>installs applications and setup security framework for newly installed application.</p></li>
+<li><p>uninstall applications</p></li>
+</ul>
+<p>The <strong>afm-system-daemon</strong> takes its orders from system instance of D-Bus.</p>
+<p>The figure below summarizes the situation of <strong>afm-system-daemon</strong> in the system.</p>
+<pre><code>+------------------------------------------------------------+
+| User |
+| |
+| +-------------------------------------------------+ |
+| | | |
+| | afm-user-daemon | |
+| | | |
+| +----------+----------------------+----------+----+ |
+| | | : |
+| | | : |
+:================|======================|==========:=========:
+| | | : |
+| +----------+----------+ +-----+-----+ : |
+| | D-Bus system +-----+ CYNARA | : |
+| +----------+----------+ +-----+-----+ : |
+| | | : |
+| +----------+---------+ +-------+----------+----+ |
+| | afm-system-daemon +----+ SECURITY-MANAGER | |
+| +--------------------+ +-----------------------+ |
+| |
+| System |
++------------------------------------------------------------+</code></pre>
+<h2 id="starting-afm-system-daemon">Starting <strong>afm-system-daemon</strong></h2>
+<p><strong>afm-system-daemon</strong> is launched as a <strong>systemd</strong> service attached to system. Normally, the service file is located at /lib/systemd/system/afm-system-daemon.service.</p>
+<p>The options for launching <strong>afm-system-daemon</strong> are:</p>
+<pre><code>-r
+--root directory
+
+ Set the root application directory.
+
+ Note that the default root directory is defined
+ to be /usr/share/afm/applications (may change).
+
+-d
+--daemon
+
+ Daemonizes the process. It is not needed by sytemd.
+
+-q
+--quiet
+
+ Reduces the verbosity (can be repeated).
+
+-v
+--verbose
+
+ Increases the verbosity (can be repeated).
+
+-h
+--help
+
+ Prints a short help.</code></pre>
+<h2 id="the-d-bus-interface">The D-Bus interface</h2>
+<h3 id="overview-of-the-dbus-interface">Overview of the dbus interface</h3>
+<p><strong><em>afm-system-daemon</em></strong> takes its orders from the session instance of D-Bus. The use of D-Bus is great because it allows to implement discovery and signaling.</p>
+<p>The <strong>afm-system-daemon</strong> is listening with the destination name <strong><em>org.AGL.afm.system</em></strong> at the object of path <strong><em>/org/AGL/afm/system</em></strong> on the interface <strong><em>org.AGL.afm.system</em></strong> for the below detailed members <strong><em>install</em></strong> and <strong><em>uninstall</em></strong>.</p>
+<p>D-Bus is mainly used for signaling and discovery. Its optimized typed protocol is not used except for transmitting only one string in both directions.</p>
+<p>The client and the service are using JSON serialization to exchange data.</p>
+<p>The D-Bus interface is defined by:</p>
+<ul>
+<li><p>DESTINATION: <strong>org.AGL.afm.system</strong></p></li>
+<li><p>PATH: <strong>/org/AGL/afm/system</strong></p></li>
+<li><p>INTERFACE: <strong>org.AGL.afm.system</strong></p></li>
+</ul>
+<p>The signature of any member of the interface is <strong><em>string -> string</em></strong> for <strong><em>JSON -> JSON</em></strong>.</p>
+<p>This is the normal case. In case of error, the current implementation returns a dbus error that is a string.</p>
+<p>Here is an example using <em>dbus-send</em> to query data on installed applications.</p>
+<pre><code>dbus-send --session --print-reply \
+ --dest=org.AGL.afm.system \
+ /org/AGL/afm/system \
+ org.AGL.afm.system.install 'string:"/tmp/appli.wgt"'</code></pre>
+<h3 id="the-protocol-over-d-bus">The protocol over D-Bus</h3>
+<hr />
+<h4 id="method-org.agl.afm.system.install">Method org.AGL.afm.system.install</h4>
+<p><strong>Description</strong>: Install an application from a widget file.</p>
+<p>When an application with the same <em>id</em> and <em>version</em> already exists. Outside of using <em>force=true</em> the application is not reinstalled.</p>
+<p>Applications are installed the subdirectories of applications common directory. If <em>root</em> is specified, the application is installed under the sub-directories of the <em>root</em> defined.</p>
+<p>Note that this methods is a simple accessor method of <strong><em>org.AGL.afm.system.install</em></strong> from <strong><em>afm-system-daemon</em></strong>.</p>
+<p>After the installation and before returning to the sender, <strong><em>afm-system-daemon</em></strong> sends a signal <strong><em>org.AGL.afm.system.changed</em></strong>.</p>
+<p><strong>Input</strong>: The <em>path</em> of the widget file to install and, optionally, a flag to <em>force</em> reinstallation, and, optionally, a <em>root</em> directory.</p>
+<p>Either just a string being the absolute path of the widget file:</p>
+<pre><code>"/a/path/driving/to/the/widget"</code></pre>
+<p>Or an object:</p>
+<pre><code>{
+ "wgt": "/a/path/to/the/widget",
+ "force": false,
+ "root": "/a/path/to/the/root"
+}</code></pre>
+<p>"wgt" and "root" must be absolute paths.</p>
+<p><strong>output</strong>: An object with the field "added" being the string for the id of the added application.</p>
+<pre><code>{"added":"appli@x.y"}</code></pre>
+<hr />
+<h4 id="method-org.agl.afm.system.uninstall">Method org.AGL.afm.system.uninstall</h4>
+<p><strong>Description</strong>: Uninstall an application from its id.</p>
+<p>Note that this methods is a simple method accessor of <strong><em>org.AGL.afm.system.uninstall</em></strong> from <strong><em>afm-system-daemon</em></strong>.</p>
+<p>After the uninstallation and before returning to the sender, <strong><em>afm-system-daemon</em></strong> sends a signal <strong><em>org.AGL.afm.system.changed</em></strong>.</p>
+<p><strong>Input</strong>: the <em>id</em> of the application and optionally the application <em>root</em> path.</p>
+<p>Either a string:</p>
+<pre><code>"appli@x.y"</code></pre>
+<p>Or an object:</p>
+<pre><code>{
+ "id": "appli@x.y",
+ "root": "/a/path/to/the/root"
+}</code></pre>
+<p><strong>output</strong>: the value 'true'.</p>
</body>
</html>