wam: add user setup script/service

Add a per-user setup script, systemd unit to run it, and add the
unit as a dependency of systemd's user-runtime-dir@.service so it
will be run before the user services on each boot.  This should
fix the various permission issues currently being seen with WAM
startup.

Bug-AGL: SPEC-3781

Signed-off-by: Scott Murray <scott.murray@konsulko.com>
Change-Id: Ie45b43a39530c23439332cdcd7f4550c9f6fc23c

diff --git a/recipes-wam/wam/files/wam-user-setup.sh b/recipes-wam/wam/files/wam-user-setup.sh
new file mode 100755 (executable)
index 0000000..515ea82
--- /dev/null
+++ b/recipes-wam/wam/files/wam-user-setup.sh
@@ -0,0 +1,25 @@
+#!/bin/sh
+
+uid="$1"
+bdir=/run/user
+udir="$bdir/$uid"
+hdir="/home/$uid"
+
+dodir() {
+       local x smackset="$1"
+       shift
+       for x; do
+               test -e "$x" || mkdir -m 700 "$x"
+               chmod 700 "$x"
+               chown "$uid:$uid" "$x"
+               chsmack $smackset "$x"
+       done
+}
+
+dodir '-t -a User::Home' "$hdir/wamdata"
+
+# Initialize lockfile, without this apps will be blocked by SMACK
+touch "$udir/wamsocket.lock"
+chmod 660 "$udir/wamsocket.lock"
+chown "$uid:$uid" "$udir/wamsocket.lock"
+chsmack -a User::App-Shared "$udir/wamsocket.lock"

diff --git a/recipes-wam/wam/files/wam-user-setup@.service b/recipes-wam/wam/files/wam-user-setup@.service
new file mode 100644 (file)
index 0000000..f481478
--- /dev/null
+++ b/recipes-wam/wam/files/wam-user-setup@.service
@@ -0,0 +1,10 @@
+[Unit]
+Description=Set up WAM for user %i
+Requires=afm-user-setup@i.service
+After=user-runtime-dir@%i.service afm-user-setup@i.service
+Before=user@%i.service
+
+[Service]
+Type=oneshot
+StartLimitInterval=0
+ExecStart=-/usr/libexec/wam/wam-user-setup.sh %i

diff --git a/recipes-wam/wam/wam_git.bb b/recipes-wam/wam/wam_git.bb
index a09473a..cf2d5fa 100644 (file)
--- a/recipes-wam/wam/wam_git.bb
+++ b/recipes-wam/wam/wam_git.bb
@@ -28,6 +28,8 @@ SRC_URI = "\
     git://github.com/igalia/${BPN}.git;branch=@43.agl.jellyfish;protocol=https \
     file://WebAppMgr@.service \
     file://WebAppMgr.env \
+    file://wam-user-setup.sh \
+    file://wam-user-setup@.service \
     file://trunc-webapp-roles.patch \
 "
 S = "${WORKDIR}/git"
@@ -43,6 +45,11 @@ do_install_append() {
     ln -snf WebAppMgr ${D}${bindir}/web-runtime
     install -d ${D}${systemd_system_unitdir}/afm-user-session@.target.wants
     ln -sf ../WebAppMgr@.service ${D}${systemd_system_unitdir}/afm-user-session@.target.wants/
+    install -d ${D}${libexecdir}/wam/
+    install -v -m 755 ${WORKDIR}/wam-user-setup.sh ${D}${libexecdir}/wam/wam-user-setup.sh
+    install -v -m 644 ${WORKDIR}/wam-user-setup@.service ${D}${systemd_system_unitdir}/wam-user-setup@.service
+    install -d ${D}${systemd_system_unitdir}/user-runtime-dir@.service.wants/
+    ln -sf ../wam-user-setup@.service ${D}${systemd_system_unitdir}/user-runtime-dir@.service.wants/
 }
 
 FILES_${PN} += "${sysconfdir}/init ${sysconfdir}/wam ${libdir}/webappmanager/plugins/*.so ${systemd_system_unitdir}"