Improve management of the group display

The group display protects accesses to display
resources. When running as user, it should not be acquired
by default but on need.

Bug-AGL: SPEC-2006

Change-Id: I7c188720e5cfcb65f02af25d0e4262f59300d16a
Signed-off-by: José Bollo <jose.bollo@iot.bzh>

diff --git a/meta-agl-profile-core/recipes-config/agl-users/agl-users_0.1.bb b/meta-agl-profile-core/recipes-config/agl-users/agl-users_0.1.bb
index 79a9461..709a109 100644 (file)
--- a/meta-agl-profile-core/recipes-config/agl-users/agl-users_0.1.bb
+++ b/meta-agl-profile-core/recipes-config/agl-users/agl-users_0.1.bb
@@ -21,7 +21,7 @@ GROUPADD_PARAM_${PN} = "\
 "
 
 USERADD_PARAM_${PN} = "\
-  -g 1001 -G display -u 1001 -o -d /home/1001 -m -K PASS_MAX_DAYS=-1 agl-driver ; \
-  -g 1002 -G display -u 1002 -o -d /home/1002 -m -K PASS_MAX_DAYS=-1 agl-passenger ; \
+  -g 1001 -u 1001 -o -d /home/1001 -m -K PASS_MAX_DAYS=-1 agl-driver ; \
+  -g 1002 -u 1002 -o -d /home/1002 -m -K PASS_MAX_DAYS=-1 agl-passenger ; \
   --gid display --groups weston-launch,video,input --home-dir /run/platform/display --shell /bin/false --comment \"Display daemon\" --key PASS_MAX_DAYS=-1 display \
 "

diff --git a/meta-agl-profile-graphical/recipes-graphics/wayland/weston-ready/weston-ready.service b/meta-agl-profile-graphical/recipes-graphics/wayland/weston-ready/weston-ready.service
index f8db511..603f5f3 100644 (file)
--- a/meta-agl-profile-graphical/recipes-graphics/wayland/weston-ready/weston-ready.service
+++ b/meta-agl-profile-graphical/recipes-graphics/wayland/weston-ready/weston-ready.service
@@ -4,6 +4,7 @@ Requires=weston.service
 After=weston.service
 
 [Service]
+SupplementaryGroups=display
 Environment="XDG_RUNTIME_DIR=/run/platform/display"
 ExecStart=/usr/bin/weston-ready -t 10
 Type=oneshot