14 This document describes what we intend to do. It may happen that our
15 current implementation and the content of this document differ.
17 In case of differences, it is assumed that this document is right
18 and the implementation is wrong.
24 The daemon **afm-user-daemon** is in charge of handling
25 applications for one user. Its main tasks are:
27 - enumerate the applications that the user can run
28 and keep the list avalable on demand
30 - start applications for the user, set their running
31 environment, set their security context
33 - list the current runner applications
35 - stop (aka pause), continue (aka resume), terminate
36 the running instance of application
38 - transfer requests for installation or uninstallation
39 of applications to the dedicated system daemon
42 The **afm-user-daemon** takes its orders from the session
45 The figure below summarizes the situation of the
46 **afm-user-daemon** in the system.
48 +------------------------------------------------------------+
50 | +---------------------+ |
51 | +---------------------+ | Smack isolated | |
52 | | D-Bus session + | APPLICATIONS | |
53 | +----------+----------+ +---------+-----------+ |
56 | +----------+--------------------------+-----------+ |
58 | | afm-user-daemon | |
60 | +----------+----------------------+----------+----+ |
63 :================|======================|==========:=========:
65 | +----------+----------+ +-----+-----+ : |
66 | | D-Bus system +-----+ CYNARA | : |
67 | +----------+----------+ +-----+-----+ : |
69 | +----------+---------+ +-------+----------+----+ |
70 | | afm-system-daemon +----+ SECURITY-MANAGER | |
71 | +--------------------+ +-----------------------+ |
74 +------------------------------------------------------------+
77 Tasks of **afm-user-daemon**
78 ----------------------------
80 ### Maintaining list of applications ###
82 At start **afm-user-daemon** scans the directories containing
83 the applications and load in memory the list applications
84 availables to the current user.
86 When **afm-system-daemon** installs or removes an application,
87 it sends the signal *org.AGL.afm.system.changed* on success.
88 If it receives that signal, **afm-user-daemon** rebuild its
91 **afm-user-daemon** provides the data that it collected about
92 application to its clients that either want to get that list
93 or to get information about one application.
95 ### Launching applications ###
97 **afm-user-daemon** launchs the applications. This means
98 that its builds a secure environment for the application
99 and then start it inside that secured environment.
101 Applications of different kind can be launched.
103 This is set using a configuration file that describes
104 how to launch an application of a given kind for a given
107 There is two launching modes: local or remote.
109 Launching an application locally means that
110 the application and its binder are launcher together.
112 Launching application remotely means that only the
113 binder is launched for the application.
115 Once launched, running instances of application receive
116 a runid that identify them.
118 ### Managing instances of running applications ###
120 **afm-user-daemon** manages the list of applications
123 With the good permissions, a client can get the list
124 of the running instances and details about a specific
125 running instance. It can also terminate, stop or
126 continue a given application.
128 ### Installing and uninstalling applications ###
130 If the client has the good permission,
131 **afm-user-daemon** delegates that task
132 to **afm-system-daemon**.
135 Starting **afm-user-daemon**
136 -----------------------------
138 **afm-user-daemon** is launched as a **systemd** service
139 attached to user sessions. Normally, the service file is
140 located at /usr/lib/systemd/user/afm-user-daemon.service.
142 The options for launching **afm-user-daemon** are:
145 --application directory
147 Includes the given application directory to
148 the database base of applications.
155 Includes the root application directory to
156 the database base of applications.
158 Note that the default root directory for
159 applications is always added. It is defined
160 to be /usr/share/afm/applications (may change).
165 --mode (local|remote)
167 Set the default launch mode.
168 The default value is 'local'
173 Daemonizes the process. It is not needed by sytemd.
178 Reduces the verbosity (can be repeated).
183 Increases the verbosity (can be repeated).
191 Configuration of the launcher
192 -----------------------------
194 It contains rules for launching applications.
195 When **afm-user-daemon** need to launch an application,
196 it looks to the mode of launch, local or remote, and the
197 type of the application as given by the file ***config.xml***
200 This couple mode and type allows to select the rule.
202 The configuration file is **/etc/afm/afm-launch.conf**.
204 It contains sections and rules. It can also contain comments
205 and empty lines to improve the readability.
207 The separators are space and tabulation, any other character
208 is meaning something.
210 The format is line oriented.
211 The new line character separate the lines.
213 Lines having only separators are blank lines and are skipped.
214 Line having the character # (sharp) as first not separator character
215 are comment lines and are ignored.
217 Lines starting with a not separator character are differents
218 of lines starting with a separator character.
220 The grammar of the configuration file is defined below:
222 CONF: *COMMENT *SECTION
226 RULE: +TYPE VECTOR ?VECTOR
228 MODE: 'mode' +SEP ('local' | 'remote') *SEP EOL
232 VECTOR: +SEP DATA *(+SEP NDATA) *SEP EOL
238 COMMENT: *SEP CMT *(SEP | NCHAR) NL
243 CHAR: '\x00'..'\x08' | '\x0b'..'\x1f' | '\x21' | '\x22' | '\x24'..'\xff'
246 Here is a sample of configuration file for defining how
247 to launch an application declared of types *application/x-executable*,
248 *text/x-shellscript* and *text/html* in mode local:
252 application/x-executable
257 /usr/bin/afb-daemon --mode=local --readyfd=%R --alias=/icons:%I --port=%P --rootdir=%r --token=%S --sessiondir=%D/.afb-daemon
258 /usr/bin/web-runtime http://localhost:%P/%c?token=%S
262 - within a section, several rules can be defined
263 - within a rule, several types can be defined
264 - within a rule, one or two vectors can be defined
265 - vectors are using %substitution
266 - launched binaries must be defined with their full path
270 Within this mode, the launchers have either one or two vectors
271 describing them. All of these vectors are treated as programs
272 and are executed with the system call 'execve'.
274 The first vector is the leader vector and it defines the process
275 group. The second vector (if any) is attached to the group
276 defined by this first vector.
280 Within this mode, the launchers have either one or two vectors
283 The first vector is treated as a program and is executed with
284 the system call 'execve'.
286 The second vector (if any) defines a text that is returned
287 to the caller. This mechanism can be used to return the uri
288 to connect to for executing the application remotely.
290 The daemon ***afm-user-daemon*** allocates a port for the
291 running the application remotely.
292 The current implmentation of the port allocation is just
294 A more reliable (cacheable and same-originable) allocation
299 Vectors can include sequences of 2 characters that have a special
300 meaning. These sequences are named *%substitution* because their
301 first character is the percent sign (%) and because each occurrence
302 of the sequence is replaced, at launch time, by the value associated
305 Here is the list of *%substitutions*:
309 This simply emits the percent sign %
313 This is the application Id of the launched application.
315 Defined by the attribute **id** of the element **<widget>**
320 The file within the widget directory that is the entry point.
322 For a HTML application, it is the relative path to the main
323 page (aka index.html).
325 Defined by the attribute **src** of the element **<content>**
330 Path of the directory where the application runs (cwd)
333 It is equal to %h/%a.
337 Requested height for the widget.
339 Defined by the attribute **height** of the element **<widget>**
344 Path of the home directory for all applications.
346 It is generally equal to $HOME/app-data
350 Path of the directory were the icons of the applications can be found.
352 - ***%m***: mime-type
354 Mime type of the launched application.
356 Defined by the attribute **type** of the element **<content>**
361 Name of the application as defined by the content of the
362 element **<name>** of **config.xml**.
368 Will be the colon separated list of plugins and plugins directory.
372 A port to use. It is currently a kind of random port. The precise
373 model is to be defined later.
377 Number of the file descriptor to use for signalling
378 readyness of the launched process.
382 Path of the directory containing the widget and its data.
386 An hexadecimal number that can be used to pair the client
387 with its server binder.
391 Requested width for the widget.
393 Defined by the attribute **width** of the element **<widget>**
400 ### Overview of the dbus interface
402 ***afm-user-daemon*** takes its orders from the session instance
403 of D-Bus. The use of D-Bus is great because it allows to implement
404 discovery and signaling.
406 The dbus of the session is by default adressed by the environment
407 variable ***DBUS_SESSION_BUS_ADDRESS***. Using **systemd**
408 the variable *DBUS_SESSION_BUS_ADDRESS* is automatically set for
411 The **afm-user-daemon** is listening with the destination name
412 ***org.AGL.afm.user*** at the object of path ***/org/AGL/afm/user***
413 on the interface ***org.AGL.afm.user*** for the below detailed
414 members ***runnables***, ***detail***, ***start***, ***terminate***,
415 ***stop***, ***continue***, ***runners***, ***state***,
416 ***install*** and ***uninstall***.
418 D-Bus is mainly used for signaling and discovery. Its optimized
419 typed protocol is not used except for transmitting only one string
422 The client and the service are using JSON serialisation to
425 The D-Bus interface is defined by:
427 * DESTINATION: **org.AGL.afm.user**
429 * PATH: **/org/AGL/afm/user**
431 * INTERFACE: **org.AGL.afm.user**
433 The signature of any member of the interface is ***string -> string***
434 for ***JSON -> JSON***.
436 This is the normal case. In case of error, the current implmentation
437 returns a dbus error that is a string.
439 Here is an example that use *dbus-send* to query data on
440 installed applications.
442 dbus-send --session --print-reply \
443 --dest=org.AGL.afm.user \
445 org.AGL.afm.user.runnables string:true
447 ### Using ***afm-util***
449 The command line tool ***afm-util*** uses dbus-send to send
450 orders to **afm-user-daemon**. This small scripts allows to
451 send command to ***afm-user-daemon*** either interactively
452 at shell prompt or scriptically.
454 The syntax is simple: it accept a command and if the command
455 requires it, the argument to the command.
457 Here is the summary of ***afm-util***:
459 - **afm-util runnables **:
461 list the runnable widgets installed
463 - **afm-util install wgt **:
467 - **afm-util uninstall id **:
469 remove the installed widget of id
471 - **afm-util detail id **:
473 print detail about the installed widget of id
475 - **afm-util runners **:
477 list the running instance
479 - **afm-util start id **:
481 start an instance of the widget of id
483 - **afm-util terminate rid **:
485 terminate the running instance rid
487 - **afm-util stop rid **:
489 stop the running instance rid
491 - **afm-util continue rid **:
493 continue the previously rid
495 - **afm-util state rid **:
497 get status of the running instance rid
500 Here is how to list applications using ***afm-util***:
506 ### The protocol over D-Bus
510 * **DESTINATION**: org.AGL.afm.user
512 * **PATH**: /org/AGL/afm/user
514 * **INTERFACE**: org.AGL.afm.user
518 #### Method org.AGL.afm.user.detail
520 **Description**: Get details about an application from its id.
522 **Input**: the id of the application as below.
524 Either just a string:
528 Or an object having the field "id" of type string:
532 **Output**: A JSON object describing the application containing
533 the fields described below.
536 "id": string, the application id (id@version)
537 "version": string, the version of the application
538 "width": integer, requested width of the application
539 "height": integer, resqueted height of the application
540 "name": string, the name of the application
541 "description": string, the description of the application
542 "shortname": string, the short name of the application
543 "author": string, the author of the application
548 #### Method org.AGL.afm.user.runnables
550 **Description**: Get the list of applications that can be run.
552 **Input**: any valid json entry, can be anything except null.
554 **output**: An array of description of the runnable applications.
555 Each item of the array contains an object containing the detail of
556 an application as described above for the method
557 *org.AGL.afm.user.detail*.
561 #### Method org.AGL.afm.user.install
563 **Description**: Install an application from its widget file.
565 If an application of the same *id* and *version* exists, it is not
566 reinstalled except if *force=true*.
568 Applications are installed in the subdirectories of the common directory
570 If *root* is specified, the application is installed under the
571 sub-directories of the *root* defined.
573 Note that this methods is a simple accessor to the method
574 ***org.AGL.afm.system.install*** of ***afm-system-daemon***.
576 After the installation and before returning to the sender,
577 ***afm-user-daemon*** sends the signal ***org.AGL.afm.user.changed***.
579 **Input**: The *path* of the widget file to install and, optionaly,
580 a flag to *force* reinstallation, and, optionaly, a *root* directory.
582 Either just a string being the absolute path of the widget file:
584 "/a/path/driving/to/the/widget"
589 "wgt": "/a/path/to/the/widget",
591 "root": "/a/path/to/the/root"
594 "wgt" and "root" must be absolute paths.
596 **output**: An object with the field "added" being the string for
597 the id of the added application.
599 {"added":"appli@x.y"}
603 #### Method org.AGL.afm.user.uninstall
605 **Description**: Uninstall an application from its id.
608 Note that this methods is a simple accessor to the method
609 ***org.AGL.afm.system.uninstall*** of ***afm-system-daemon***.
611 After the uninstallation and before returning to the sender,
612 ***afm-user-daemon*** sends the signal ***org.AGL.afm.user.changed***.
614 **Input**: the *id* of the application and, otpionaly, the path to
615 *root* of the application.
625 "root": "/a/path/to/the/root"
628 **output**: the value 'true'.
632 #### Method org.AGL.afm.user.start
636 **Input**: the *id* of the application and, optionaly, the
637 start *mode* as below.
639 Either just a string:
643 Or an object having the field "id" of type string and
644 optionaly a field mode:
646 {"id":"appli@x.y","mode":"local"}
648 The field "mode" as a string value being either "local" or "remote".
650 **output**: The *runid* of the application launched.
651 The runid is an integer.
655 #### Method org.AGL.afm.user.terminate
657 **Description**: Terminates the application of *runid*.
659 **Input**: The *runid* (an integer) of the running instance to terminate.
661 **output**: the value 'true'.
665 #### Method org.AGL.afm.user.stop
667 **Description**: Stops the application of *runid* until terminate or continue.
669 **Input**: The *runid* (an integer) of the running instance to stop.
671 **output**: the value 'true'.
675 #### Method org.AGL.afm.user.continue
677 **Description**: Continues the application of *runid* previously stopped.
679 **Input**: The *runid* (an integer) of the running instance to continue.
681 **output**: the value 'true'.
685 #### Method org.AGL.afm.user.state
687 **Description**: Get informations about a running instance of *runid*.
689 **Input**: The *runid* (an integer) of the running instance inspected.
691 **output**: An object describing the state of the instance. It contains:
692 the runid (an integer), the id of the running application (a string),
693 the state of the application (a string being either "starting", "running"
696 Example of returned state:
706 #### Method org.AGL.afm.user.runners
708 **Description**: Get the list of the currently running instances.
712 **output**: An array of states, one per running instance, as returned by
713 the methodd ***org.AGL.afm.user.state***.