From 653562e1449c935f087d2d8265081eeac1cd73b4 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Jos=C3=A9=20Bollo?= Date: Tue, 3 Dec 2019 15:04:02 +0100 Subject: [PATCH] Introduce localuser interface for applications MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit This change make use of nss-localuser hostname family (see https://git.automotivelinux.org/src/nss-localuser/) to separate applications and users, each running its own IP address and hostname. The intended behaviour is to use existing browser policy to ensure privacy of applications and users. Bug-AGL: SPEC-2968 Change-Id: Ie1a3c7331fd43e8747afae2cd338df461bac1454 Signed-off-by: José Bollo --- conf/unit/binder.inc | 4 +++- conf/unit/macros.inc | 1 + 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/conf/unit/binder.inc b/conf/unit/binder.inc index ba5049e..81758fc 100644 --- a/conf/unit/binder.inc +++ b/conf/unit/binder.inc @@ -18,12 +18,14 @@ IF_AGL_DEVEL \ --verbose \ --monitoring \ --port={{:#metatarget.http-port}} \ + --interface=tcp:LOCALUSERAPP:8080 \ --roothttp=ON_CONTENT(application/vnd.agl.service, ., ON_PERM(:public:no-htdocs, ., htdocs)) \ ELSE \ IF_CONTENT(application/vnd.agl.service) \ --no-httpd \ ELSE \ --port={{:#metatarget.http-port}} \ + --interface=tcp:LOCALUSERAPP:8080 \ --roothttp=ON_PERM(:public:no-htdocs, ., htdocs) \ ENDIF \ ENDIF \ @@ -45,6 +47,6 @@ ENDIF \ ON_VALUE(tcp, --ws-server=tcp:{{name}}) \ {{/provided-api}} \ ON_PERM(:platform:apis:auto-ws, --auto-api=API_PATH_WS) \ - ON_CONTENT(text/html, --exec /usr/bin/web-runtime http://localhost:@p/{{content.src}}?token=@t) \ + ON_CONTENT(text/html, --exec /usr/bin/web-runtime http://LOCALUSERAPP:8080/{{content.src}}) \ ON_CONTENT(application/vnd.agl.native, --exec {{:#metadata.install-dir}}/{{content.src}} @p @t) %nl diff --git a/conf/unit/macros.inc b/conf/unit/macros.inc index f21dee5..2fc9bc5 100644 --- a/conf/unit/macros.inc +++ b/conf/unit/macros.inc @@ -76,6 +76,7 @@ define( `USER_API_PATH', `USER_RUN_DIR/apis') define( `USER_API_PATH_WS', `USER_API_PATH/ws') define( `USER_API_PATH_LINK', `USER_API_PATH/link') +define( `LOCALUSERAPP', `ON_PERM(`:partner:scope-platform', `localuser---AFID', `localuser--AFID')') -------------------------------------------------------------------------------- -- AGL_DEVEL SPECIFIC PARTS -------------------------------------------------------------------------------- -- 2.16.6