+<!DOCTYPE html>
<html>
<head>
- <link rel="stylesheet" type="text/css" href="doc.css">
- <meta charset="UTF-8">
+ <meta charset="utf-8">
+ <meta name="generator" content="pandoc">
+ <meta name="viewport" content="width=device-width, initial-scale=1.0, user-scalable=yes">
+ <meta name="author" content="José Bollo">
+ <meta name="author" content="Fulup Ar Foll">
+ <title>The afm-system-daemon</title>
+ <style type="text/css">code{white-space: pre;}</style>
+ <!--[if lt IE 9]>
+ <script src="http://html5shim.googlecode.com/svn/trunk/html5.js"></script>
+ <![endif]-->
+ <link rel="stylesheet" href="doc.css">
</head>
<body>
-<a name="The.afm-system-daemon"></a>
-<h1>The afm-system-daemon</h1>
-
+<header>
+<h1 class="title">The afm-system-daemon</h1>
+<h2 class="author">José Bollo</h2>
+<h2 class="author">Fulup Ar Foll</h2>
+<h3 class="date">30 mai 2016</h3>
+</header>
+<nav id="TOC">
+<ul>
+<li><a href="#the-afm-system-daemon">The afm-system-daemon</a><ul>
+<li><a href="#foreword">Foreword</a></li>
+<li><a href="#introduction">Introduction</a></li>
+<li><a href="#starting-afm-system-daemon">Starting <strong>afm-system-daemon</strong></a></li>
+<li><a href="#the-d-bus-interface">The D-Bus interface</a><ul>
+<li><a href="#overview-of-the-dbus-interface">Overview of the dbus interface</a></li>
+<li><a href="#the-protocol-over-d-bus">The protocol over D-Bus</a></li>
+</ul></li>
+</ul></li>
+</ul>
+</nav>
+<h1 id="the-afm-system-daemon">The afm-system-daemon</h1>
<pre><code>version: 1
Date: 30 mai 2016
-Author: José Bollo
-</code></pre>
-
-<p><ul>
- <li><a href="#The.afm-system-daemon">The afm-system-daemon</a>
- <ul>
- <li><a href="#Foreword">Foreword</a></li>
- <li><a href="#Introduction">Introduction</a></li>
- <li><a href="#Starting..strong.afm-system-daemon..strong.">Starting <strong>afm-system-daemon</strong></a></li>
- <li><a href="#The.D-Bus.interface">The D-Bus interface</a>
- <ul>
- <li><a href="#Overview.of.the.dbus.interface">Overview of the dbus interface</a></li>
- <li><a href="#The.protocol.over.D-Bus">The protocol over D-Bus</a>
- <ul>
- <li><a href="#Method.org.AGL.afm.system.install">Method org.AGL.afm.system.install</a></li>
- <li><a href="#Method.org.AGL.afm.system.uninstall">Method org.AGL.afm.system.uninstall</a></li>
- </ul>
- </li>
- </ul>
- </li>
- </ul>
- </li>
-</ul></p>
-
-<a name="Foreword"></a>
-<h2>Foreword</h2>
-
-<p>This document describes application framework system daemon fundamentals.
-FCF (Fully Conform to Specification) implementation is still under development.
-It may happen that current implementation somehow diverges with specifications.</p>
-
-<a name="Introduction"></a>
-<h2>Introduction</h2>
-
-<p>The daemon <strong>afm-system-daemon</strong> is in charge of installing
-applications on AGL system. Its main tasks are:</p>
-
+Author: José Bollo</code></pre>
+<p>TABLE-OF-CONTENT-HERE</p>
+<h2 id="foreword">Foreword</h2>
+<p>This document describes application framework system daemon fundamentals. FCF (Fully Conform to Specification) implementation is still under development. It may happen that current implementation somehow diverges with specifications.</p>
+<h2 id="introduction">Introduction</h2>
+<p>The daemon <strong>afm-system-daemon</strong> is in charge of installing applications on AGL system. Its main tasks are:</p>
<ul>
-<li><p>installs applications and setup security framework
-for newly installed application.</p></li>
+<li><p>installs applications and setup security framework for newly installed application.</p></li>
<li><p>uninstall applications</p></li>
</ul>
-
-
-<p>The <strong>afm-system-daemon</strong> takes its orders from system
-instance of D-Bus.</p>
-
+<p>The <strong>afm-system-daemon</strong> takes its orders from system instance of D-Bus.</p>
<p>The figure below summarizes the situation of <strong>afm-system-daemon</strong> in the system.</p>
-
<pre><code>+------------------------------------------------------------+
| User |
| |
| +--------------------+ +-----------------------+ |
| |
| System |
-+------------------------------------------------------------+
-</code></pre>
-
-<a name="Starting..strong.afm-system-daemon..strong."></a>
-<h2>Starting <strong>afm-system-daemon</strong></h2>
-
-<p><strong>afm-system-daemon</strong> is launched as a <strong>systemd</strong> service
-attached to system. Normally, the service file is
-located at /lib/systemd/system/afm-system-daemon.service.</p>
-
++------------------------------------------------------------+</code></pre>
+<h2 id="starting-afm-system-daemon">Starting <strong>afm-system-daemon</strong></h2>
+<p><strong>afm-system-daemon</strong> is launched as a <strong>systemd</strong> service attached to system. Normally, the service file is located at /lib/systemd/system/afm-system-daemon.service.</p>
<p>The options for launching <strong>afm-system-daemon</strong> are:</p>
-
<pre><code>-r
--root directory
- Set the root application directory.
+ Set the root application directory.
- Note that the default root directory is defined
- to be /usr/share/afm/applications (may change).
+ Note that the default root directory is defined
+ to be /usr/share/afm/applications (may change).
-d
--daemon
- Daemonizes the process. It is not needed by sytemd.
+ Daemonizes the process. It is not needed by sytemd.
-q
--quiet
- Reduces the verbosity (can be repeated).
+ Reduces the verbosity (can be repeated).
-v
--verbose
- Increases the verbosity (can be repeated).
+ Increases the verbosity (can be repeated).
-h
--help
- Prints a short help.
-</code></pre>
-
-<a name="The.D-Bus.interface"></a>
-<h2>The D-Bus interface</h2>
-
-<a name="Overview.of.the.dbus.interface"></a>
-<h3>Overview of the dbus interface</h3>
-
-<p><strong><em>afm-system-daemon</em></strong> takes its orders from the session instance
-of D-Bus. The use of D-Bus is great because it allows to implement
-discovery and signaling.</p>
-
-<p>The <strong>afm-system-daemon</strong> is listening with the destination name
-<strong><em>org.AGL.afm.system</em></strong> at the object of path <strong><em>/org/AGL/afm/system</em></strong>
-on the interface <strong><em>org.AGL.afm.system</em></strong> for the below detailed
-members <strong><em>install</em></strong> and <strong><em>uninstall</em></strong>.</p>
-
-<p>D-Bus is mainly used for signaling and discovery. Its optimized
-typed protocol is not used except for transmitting only one string
-in both directions.</p>
-
-<p>The client and the service are using JSON serialization to
-exchange data.</p>
-
+ Prints a short help.</code></pre>
+<h2 id="the-d-bus-interface">The D-Bus interface</h2>
+<h3 id="overview-of-the-dbus-interface">Overview of the dbus interface</h3>
+<p><strong><em>afm-system-daemon</em></strong> takes its orders from the session instance of D-Bus. The use of D-Bus is great because it allows to implement discovery and signaling.</p>
+<p>The <strong>afm-system-daemon</strong> is listening with the destination name <strong><em>org.AGL.afm.system</em></strong> at the object of path <strong><em>/org/AGL/afm/system</em></strong> on the interface <strong><em>org.AGL.afm.system</em></strong> for the below detailed members <strong><em>install</em></strong> and <strong><em>uninstall</em></strong>.</p>
+<p>D-Bus is mainly used for signaling and discovery. Its optimized typed protocol is not used except for transmitting only one string in both directions.</p>
+<p>The client and the service are using JSON serialization to exchange data.</p>
<p>The D-Bus interface is defined by:</p>
-
<ul>
<li><p>DESTINATION: <strong>org.AGL.afm.system</strong></p></li>
<li><p>PATH: <strong>/org/AGL/afm/system</strong></p></li>
<li><p>INTERFACE: <strong>org.AGL.afm.system</strong></p></li>
</ul>
-
-
-<p>The signature of any member of the interface is <strong><em>string -> string</em></strong>
-for <strong><em>JSON -> JSON</em></strong>.</p>
-
-<p>This is the normal case. In case of error, the current implementation
-returns a dbus error that is a string.</p>
-
-<p>Here is an example using <em>dbus-send</em> to query data on
-installed applications.</p>
-
+<p>The signature of any member of the interface is <strong><em>string -> string</em></strong> for <strong><em>JSON -> JSON</em></strong>.</p>
+<p>This is the normal case. In case of error, the current implementation returns a dbus error that is a string.</p>
+<p>Here is an example using <em>dbus-send</em> to query data on installed applications.</p>
<pre><code>dbus-send --session --print-reply \
---dest=org.AGL.afm.system \
-/org/AGL/afm/system \
-org.AGL.afm.system.install 'string:"/tmp/appli.wgt"'
-</code></pre>
-
-<a name="The.protocol.over.D-Bus"></a>
-<h3>The protocol over D-Bus</h3>
-
+ --dest=org.AGL.afm.system \
+ /org/AGL/afm/system \
+ org.AGL.afm.system.install 'string:"/tmp/appli.wgt"'</code></pre>
+<h3 id="the-protocol-over-d-bus">The protocol over D-Bus</h3>
<hr />
-
-<a name="Method.org.AGL.afm.system.install"></a>
-<h4>Method org.AGL.afm.system.install</h4>
-
+<h4 id="method-org.agl.afm.system.install">Method org.AGL.afm.system.install</h4>
<p><strong>Description</strong>: Install an application from a widget file.</p>
-
-<p>When an application with the same <em>id</em> and <em>version</em> already exists. Outside of
-using <em>force=true</em> the application is not reinstalled.</p>
-
-<p>Applications are installed the subdirectories of applications common directory.
-If <em>root</em> is specified, the application is installed under the
-sub-directories of the <em>root</em> defined.</p>
-
-<p>Note that this methods is a simple accessor method of
-<strong><em>org.AGL.afm.system.install</em></strong> from <strong><em>afm-system-daemon</em></strong>.</p>
-
-<p>After the installation and before returning to the sender,
-<strong><em>afm-system-daemon</em></strong> sends a signal <strong><em>org.AGL.afm.system.changed</em></strong>.</p>
-
-<p><strong>Input</strong>: The <em>path</em> of the widget file to install and, optionally,
-a flag to <em>force</em> reinstallation, and, optionally, a <em>root</em> directory.</p>
-
+<p>When an application with the same <em>id</em> and <em>version</em> already exists. Outside of using <em>force=true</em> the application is not reinstalled.</p>
+<p>Applications are installed the subdirectories of applications common directory. If <em>root</em> is specified, the application is installed under the sub-directories of the <em>root</em> defined.</p>
+<p>Note that this methods is a simple accessor method of <strong><em>org.AGL.afm.system.install</em></strong> from <strong><em>afm-system-daemon</em></strong>.</p>
+<p>After the installation and before returning to the sender, <strong><em>afm-system-daemon</em></strong> sends a signal <strong><em>org.AGL.afm.system.changed</em></strong>.</p>
+<p><strong>Input</strong>: The <em>path</em> of the widget file to install and, optionally, a flag to <em>force</em> reinstallation, and, optionally, a <em>root</em> directory.</p>
<p>Either just a string being the absolute path of the widget file:</p>
-
-<pre><code>"/a/path/driving/to/the/widget"
-</code></pre>
-
+<pre><code>"/a/path/driving/to/the/widget"</code></pre>
<p>Or an object:</p>
-
<pre><code>{
- "wgt": "/a/path/to/the/widget",
- "force": false,
- "root": "/a/path/to/the/root"
-}
-</code></pre>
-
-<p>“wgt” and “root” must be absolute paths.</p>
-
-<p><strong>output</strong>: An object with the field “added” being the string for
-the id of the added application.</p>
-
-<pre><code>{"added":"appli@x.y"}
-</code></pre>
-
+ "wgt": "/a/path/to/the/widget",
+ "force": false,
+ "root": "/a/path/to/the/root"
+}</code></pre>
+<p>"wgt" and "root" must be absolute paths.</p>
+<p><strong>output</strong>: An object with the field "added" being the string for the id of the added application.</p>
+<pre><code>{"added":"appli@x.y"}</code></pre>
<hr />
-
-<a name="Method.org.AGL.afm.system.uninstall"></a>
-<h4>Method org.AGL.afm.system.uninstall</h4>
-
+<h4 id="method-org.agl.afm.system.uninstall">Method org.AGL.afm.system.uninstall</h4>
<p><strong>Description</strong>: Uninstall an application from its id.</p>
-
-<p>Note that this methods is a simple method accessor of
-<strong><em>org.AGL.afm.system.uninstall</em></strong> from <strong><em>afm-system-daemon</em></strong>.</p>
-
-<p>After the uninstallation and before returning to the sender,
-<strong><em>afm-system-daemon</em></strong> sends a signal <strong><em>org.AGL.afm.system.changed</em></strong>.</p>
-
+<p>Note that this methods is a simple method accessor of <strong><em>org.AGL.afm.system.uninstall</em></strong> from <strong><em>afm-system-daemon</em></strong>.</p>
+<p>After the uninstallation and before returning to the sender, <strong><em>afm-system-daemon</em></strong> sends a signal <strong><em>org.AGL.afm.system.changed</em></strong>.</p>
<p><strong>Input</strong>: the <em>id</em> of the application and optionally the application <em>root</em> path.</p>
-
<p>Either a string:</p>
-
-<pre><code>"appli@x.y"
-</code></pre>
-
+<pre><code>"appli@x.y"</code></pre>
<p>Or an object:</p>
-
<pre><code>{
- "id": "appli@x.y",
- "root": "/a/path/to/the/root"
-}
-</code></pre>
-
-<p><strong>output</strong>: the value ‘true’.</p>
+ "id": "appli@x.y",
+ "root": "/a/path/to/the/root"
+}</code></pre>
+<p><strong>output</strong>: the value 'true'.</p>
</body>
</html>
+<!DOCTYPE html>
<html>
<head>
- <link rel="stylesheet" type="text/css" href="doc.css">
- <meta charset="UTF-8">
+ <meta charset="utf-8">
+ <meta name="generator" content="pandoc">
+ <meta name="viewport" content="width=device-width, initial-scale=1.0, user-scalable=yes">
+ <meta name="author" content="José Bollo">
+ <meta name="author" content="Fulup Ar Foll">
+ <title>The afm-user-daemon</title>
+ <style type="text/css">code{white-space: pre;}</style>
+ <!--[if lt IE 9]>
+ <script src="http://html5shim.googlecode.com/svn/trunk/html5.js"></script>
+ <![endif]-->
+ <link rel="stylesheet" href="doc.css">
</head>
<body>
-<a name="The.afm-user-daemon"></a>
-<h1>The afm-user-daemon</h1>
-
+<header>
+<h1 class="title">The afm-user-daemon</h1>
+<h2 class="author">José Bollo</h2>
+<h2 class="author">Fulup Ar Foll</h2>
+<h3 class="date">30 mai 2016</h3>
+</header>
+<nav id="TOC">
+<ul>
+<li><a href="#the-afm-user-daemon">The afm-user-daemon</a><ul>
+<li><a href="#foreword">Foreword</a></li>
+<li><a href="#introduction">Introduction</a></li>
+<li><a href="#tasks-of-afm-user-daemon">Tasks of <strong>afm-user-daemon</strong></a><ul>
+<li><a href="#maintaining-list-of-applications">Maintaining list of applications</a></li>
+<li><a href="#launching-application">Launching application</a></li>
+<li><a href="#managing-instances-of-running-applications">Managing instances of running applications</a></li>
+<li><a href="#installing-and-uninstalling-applications">Installing and uninstalling applications</a></li>
+</ul></li>
+<li><a href="#starting-afm-user-daemon">Starting <strong>afm-user-daemon</strong></a></li>
+<li><a href="#launcher-configuration">Launcher Configuration</a><ul>
+<li><a href="#mode-local">mode local</a></li>
+<li><a href="#mode-remote">mode remote</a></li>
+<li><a href="#substitutions">%substitutions</a></li>
+</ul></li>
+<li><a href="#the-d-bus-interface">The D-Bus interface</a><ul>
+<li><a href="#overview-of-the-dbus-interface">Overview of the dbus interface</a></li>
+<li><a href="#using-afm-util">Using <strong><em>afm-util</em></strong></a></li>
+<li><a href="#the-protocol-over-d-bus">The protocol over D-Bus</a></li>
+</ul></li>
+</ul></li>
+</ul>
+</nav>
+<h1 id="the-afm-user-daemon">The afm-user-daemon</h1>
<pre><code>version: 1
Date: 30 mai 2016
-Author: José Bollo
-</code></pre>
-
-<p><ul>
- <li><a href="#The.afm-user-daemon">The afm-user-daemon</a>
- <ul>
- <li><a href="#Foreword">Foreword</a></li>
- <li><a href="#Introduction">Introduction</a></li>
- <li><a href="#Tasks.of..strong.afm-user-daemon..strong.">Tasks of <strong>afm-user-daemon</strong></a>
- <ul>
- <li><a href="#Maintaining.list.of.applications">Maintaining list of applications</a></li>
- <li><a href="#Launching.application">Launching application</a></li>
- <li><a href="#Managing.instances.of.running.applications">Managing instances of running applications</a></li>
- <li><a href="#Installing.and.uninstalling.applications">Installing and uninstalling applications</a></li>
- </ul>
- </li>
- <li><a href="#Starting..strong.afm-user-daemon..strong.">Starting <strong>afm-user-daemon</strong></a></li>
- <li><a href="#Launcher.Configuration.">Launcher Configuration </a>
- <ul>
- <li><a href="#mode.local">mode local</a></li>
- <li><a href="#mode.remote">mode remote</a></li>
- <li><a href="#L.substitutions">%substitutions</a></li>
- </ul>
- </li>
- <li><a href="#The.D-Bus.interface">The D-Bus interface</a>
- <ul>
- <li><a href="#Overview.of.the.dbus.interface">Overview of the dbus interface</a></li>
- <li><a href="#Using..strong..em.afm-util..em...strong.">Using <strong><em>afm-util</em></strong></a></li>
- <li><a href="#The.protocol.over.D-Bus">The protocol over D-Bus</a>
- <ul>
- <li><a href="#Method.org.AGL.afm.user.detail">Method org.AGL.afm.user.detail</a></li>
- <li><a href="#Method.org.AGL.afm.user.runnables">Method org.AGL.afm.user.runnables</a></li>
- <li><a href="#Method.org.AGL.afm.user.install">Method org.AGL.afm.user.install</a></li>
- <li><a href="#Method.org.AGL.afm.user.uninstall">Method org.AGL.afm.user.uninstall</a></li>
- <li><a href="#Method.org.AGL.afm.user.start">Method org.AGL.afm.user.start</a></li>
- <li><a href="#Method.org.AGL.afm.user.terminate">Method org.AGL.afm.user.terminate</a></li>
- <li><a href="#Method.org.AGL.afm.user.stop">Method org.AGL.afm.user.stop</a></li>
- <li><a href="#Method.org.AGL.afm.user.continue">Method org.AGL.afm.user.continue</a></li>
- <li><a href="#Method.org.AGL.afm.user.state">Method org.AGL.afm.user.state</a></li>
- <li><a href="#Method.org.AGL.afm.user.runners">Method org.AGL.afm.user.runners</a></li>
- </ul>
- </li>
- </ul>
- </li>
- </ul>
- </li>
-</ul></p>
-
-<a name="Foreword"></a>
-<h2>Foreword</h2>
-
-<p>This document describes application framework user daemon fundamentals.
-FCF (Fully Conform to Specification) implementation is still under development.
-It may happen that current implementation somehow diverges with specifications.</p>
-
-<a name="Introduction"></a>
-<h2>Introduction</h2>
-
-<p>The daemon <strong>afm-user-daemon</strong> is in charge of handling
-applications on behalf of a user. Its main tasks are:</p>
-
+Author: José Bollo</code></pre>
+<p>TABLE-OF-CONTENT-HERE</p>
+<h2 id="foreword">Foreword</h2>
+<p>This document describes application framework user daemon fundamentals. FCF (Fully Conform to Specification) implementation is still under development. It may happen that current implementation somehow diverges with specifications.</p>
+<h2 id="introduction">Introduction</h2>
+<p>The daemon <strong>afm-user-daemon</strong> is in charge of handling applications on behalf of a user. Its main tasks are:</p>
<ul>
-<li><p>enumerate applications that end user can run
-and keep this list available on demand</p></li>
-<li><p>start applications on behalf of end user, set user running
-environment, set user security context</p></li>
+<li><p>enumerate applications that end user can run and keep this list available on demand</p></li>
+<li><p>start applications on behalf of end user, set user running environment, set user security context</p></li>
<li><p>list current runnable or running applications</p></li>
-<li><p>stop (aka pause), continue (aka resume), terminate
-a running instance of a given application</p></li>
-<li><p>transfer requests for installation/uninstallation
-of applications to the corresponding system daemon
-<strong>afm-system-daemon</strong></p></li>
+<li><p>stop (aka pause), continue (aka resume), terminate a running instance of a given application</p></li>
+<li><p>transfer requests for installation/uninstallation of applications to the corresponding system daemon <strong>afm-system-daemon</strong></p></li>
</ul>
-
-
-<p>The <strong>afm-user-daemon</strong> takes its orders from the session
-instance of D-Bus.</p>
-
+<p>The <strong>afm-user-daemon</strong> takes its orders from the session instance of D-Bus.</p>
<p>The figure below summarizes the situation of <strong>afm-user-daemon</strong> in the system.</p>
-
<pre><code>+------------------------------------------------------------+
| User |
| +---------------------+ |
| +--------------------+ +-----------------------+ |
| |
| System |
-+------------------------------------------------------------+
-</code></pre>
-
-<a name="Tasks.of..strong.afm-user-daemon..strong."></a>
-<h2>Tasks of <strong>afm-user-daemon</strong></h2>
-
-<a name="Maintaining.list.of.applications"></a>
-<h3>Maintaining list of applications</h3>
-
-<p>At start <strong>afm-user-daemon</strong> scans the directories containing
-applications and load in memory a list of avaliable applications
-accessible by current user.</p>
-
-<p>When <strong>afm-system-daemon</strong> installs or removes an application.
-On success it sends the signal <em>org.AGL.afm.system.changed</em>.
-When receiving such a signal, <strong>afm-user-daemon</strong> rebuilds its
-applications list.</p>
-
-<p><strong>afm-user-daemon</strong> provides the data it collects about
-applications to its clients. Clients may either request the full list
-of avaliable applications or a more specific information about a
-given application.</p>
-
-<a name="Launching.application"></a>
-<h3>Launching application</h3>
-
-<p><strong>afm-user-daemon</strong> launches application. Its builds a secure
-environment for the application before starting it within a
-secured environment.</p>
-
++------------------------------------------------------------+</code></pre>
+<h2 id="tasks-of-afm-user-daemon">Tasks of <strong>afm-user-daemon</strong></h2>
+<h3 id="maintaining-list-of-applications">Maintaining list of applications</h3>
+<p>At start <strong>afm-user-daemon</strong> scans the directories containing applications and load in memory a list of avaliable applications accessible by current user.</p>
+<p>When <strong>afm-system-daemon</strong> installs or removes an application. On success it sends the signal <em>org.AGL.afm.system.changed</em>. When receiving such a signal, <strong>afm-user-daemon</strong> rebuilds its applications list.</p>
+<p><strong>afm-user-daemon</strong> provides the data it collects about applications to its clients. Clients may either request the full list of avaliable applications or a more specific information about a given application.</p>
+<h3 id="launching-application">Launching application</h3>
+<p><strong>afm-user-daemon</strong> launches application. Its builds a secure environment for the application before starting it within a secured environment.</p>
<p>Different kind of applications can be launched.</p>
-
-<p>This is set using a configuration file that describes
-how to launch an application of a given kind within a given
-mode.</p>
-
+<p>This is set using a configuration file that describes how to launch an application of a given kind within a given mode.</p>
<p>There is two launching modes: local or remote.</p>
-
-<p>Launching an application locally means that
-the application and its binder are launched together.</p>
-
-<p>Launching application remotely translates in only launching
-the application binder. The UI by itself has to be activated
-remotely by the requested (ie: HTML5 homescreen in a browser)</p>
-
-<p>Once launched, running instances of application receive
-a runid that identify them.</p>
-
-<a name="Managing.instances.of.running.applications"></a>
-<h3>Managing instances of running applications</h3>
-
-<p><strong>afm-user-daemon</strong> manages the list of applications
-that it launched.</p>
-
-<p>When owning the right permissions, a client can get the list
-of running instances and details about a specific
-running instance. It can also terminates, stops or
-continues a given application.</p>
-
-<a name="Installing.and.uninstalling.applications"></a>
-<h3>Installing and uninstalling applications</h3>
-
-<p>If the client own the right permissions,
-<strong>afm-user-daemon</strong> delegates that task
-to <strong>afm-system-daemon</strong>.</p>
-
-<a name="Starting..strong.afm-user-daemon..strong."></a>
-<h2>Starting <strong>afm-user-daemon</strong></h2>
-
-<p><strong>afm-user-daemon</strong> is launched as a <strong>systemd</strong> service
-attached to user sessions. Normally, the service file is
-located at /usr/lib/systemd/user/afm-user-daemon.service.</p>
-
+<p>Launching an application locally means that the application and its binder are launched together.</p>
+<p>Launching application remotely translates in only launching the application binder. The UI by itself has to be activated remotely by the requested (ie: HTML5 homescreen in a browser)</p>
+<p>Once launched, running instances of application receive a runid that identify them.</p>
+<h3 id="managing-instances-of-running-applications">Managing instances of running applications</h3>
+<p><strong>afm-user-daemon</strong> manages the list of applications that it launched.</p>
+<p>When owning the right permissions, a client can get the list of running instances and details about a specific running instance. It can also terminates, stops or continues a given application.</p>
+<h3 id="installing-and-uninstalling-applications">Installing and uninstalling applications</h3>
+<p>If the client own the right permissions, <strong>afm-user-daemon</strong> delegates that task to <strong>afm-system-daemon</strong>.</p>
+<h2 id="starting-afm-user-daemon">Starting <strong>afm-user-daemon</strong></h2>
+<p><strong>afm-user-daemon</strong> is launched as a <strong>systemd</strong> service attached to user sessions. Normally, the service file is located at /usr/lib/systemd/user/afm-user-daemon.service.</p>
<p>The options for launching <strong>afm-user-daemon</strong> are:</p>
-
<pre><code>-a
--application directory
- Includes the given application directory to
- the database base of applications.
+ Includes the given application directory to
+ the database base of applications.
- Can be repeated.
+ Can be repeated.
-r
--root directory
- Includes root application directory or directories when
- passing multiple rootdir to
- applications database.
-
- Note that default root directory for
- applications is always added. In current version
- /usr/share/afm/applications is used as default.
+ Includes root application directory or directories when
+ passing multiple rootdir to
+ applications database.
+ Note that default root directory for
+ applications is always added. In current version
+ /usr/share/afm/applications is used as default.
+
-m
--mode (local|remote)
- Set the default launch mode.
- The default value is 'local'
+ Set the default launch mode.
+ The default value is 'local'
-d
--daemon
- Daemonizes the process. It is not needed by sytemd.
+ Daemonizes the process. It is not needed by sytemd.
-q
--quiet
- Reduces the verbosity (can be repeated).
+ Reduces the verbosity (can be repeated).
-v
--verbose
- Increases the verbosity (can be repeated).
+ Increases the verbosity (can be repeated).
-h
--help
- Prints a short help.
-</code></pre>
-
-<a name="Launcher.Configuration."></a>
-<h2>Launcher Configuration </h2>
-
-<p>It contains rules for launching applications.
-When <strong>afm-user-daemon</strong> has to launch an application,
-it looks for launch mode (local or remote), as well as
-for the type of application describe in <strong><em>config.xml</em></strong>
-widget configuration file.</p>
-
+ Prints a short help.</code></pre>
+<h2 id="launcher-configuration">Launcher Configuration</h2>
+<p>It contains rules for launching applications. When <strong>afm-user-daemon</strong> has to launch an application, it looks for launch mode (local or remote), as well as for the type of application describe in <strong><em>config.xml</em></strong> widget configuration file.</p>
<p>This tuple mode+type allows to select the adequate rule.</p>
-
<p>Configuration file is <strong>/etc/afm/afm-launch.conf</strong>.</p>
-
-<p>It contains sections and rules. It can also contain comments
-and empty lines to improve readability.</p>
-
-<p>The separators are space and tabulation, any other character
-should have a meaning.</p>
-
-<p>The format is line oriented.
-The new line character separate the lines.</p>
-
-<p>Lines having only separators are blank lines and ignored.
-Line having character #(sharp) at first position are comment
-lines and ignored.</p>
-
-<p>Lines not starting with a separator are different
-from lines starting with a separator character.</p>
-
+<p>It contains sections and rules. It can also contain comments and empty lines to improve readability.</p>
+<p>The separators are space and tabulation, any other character should have a meaning.</p>
+<p>The format is line oriented. The new line character separate the lines.</p>
+<p>Lines having only separators are blank lines and ignored. Line having character #(sharp) at first position are comment lines and ignored.</p>
+<p>Lines not starting with a separator are different from lines starting with a separator character.</p>
<p>The grammar of the configuration file is defined below:</p>
-
<pre><code>CONF: *COMMENT *SECTION
SECTION: MODE *RULE
RULE: +TYPE VECTOR ?VECTOR
-MODE: 'mode' +SEP ('local' | 'remote') *SEP EOL
+MODE: 'mode' +SEP ('local' | 'remote') *SEP EOL
TYPE: DATA *SEP EOL
EOL: NL *COMMENT
COMMENT: *SEP CMT *(SEP | NCHAR) NL
-NL: '\x0a'
-SEP: '\x20' | '\x09'
-CMT: '#'
-CHAR: '\x00'..'\x08' | '\x0b'..'\x1f' | '\x21' | '\x22' | '\x24'..'\xff'
-NCHAR: CMT | CHAR
-</code></pre>
-
-<p>Here is a sample of configuration file for defining how
-to launch an application of types <em>application/x-executable</em>,
-<em>text/x-shellscript</em> and <em>text/html</em> in local mode:</p>
-
+NL: '\x0a'
+SEP: '\x20' | '\x09'
+CMT: '#'
+CHAR: '\x00'..'\x08' | '\x0b'..'\x1f' | '\x21' | '\x22' | '\x24'..'\xff'
+NCHAR: CMT | CHAR</code></pre>
+<p>Here is a sample of configuration file for defining how to launch an application of types <em>application/x-executable</em>, <em>text/x-shellscript</em> and <em>text/html</em> in local mode:</p>
<pre><code>mode local
application/x-executable
text/x-shellscript
-%r/%c
+ %r/%c
text/html
-/usr/bin/afb-daemon --mode=local --readyfd=%R --alias=/icons:%I --port=%P --rootdir=%r --token=%S --sessiondir=%D/.afb-daemon
-/usr/bin/web-runtime http://localhost:%P/%c?token=%S
-</code></pre>
-
+ /usr/bin/afb-daemon --mode=local --readyfd=%R --alias=/icons:%I --port=%P --rootdir=%r --token=%S --sessiondir=%D/.afb-daemon
+ /usr/bin/web-runtime http://localhost:%P/%c?token=%S</code></pre>
<p>This shows that:</p>
-
<ul>
<li>within a section, several rules can be defined</li>
<li>within a rule, several types can be defined</li>
<li>vectors are using %substitution</li>
<li>launched binaries must be defined with their full path</li>
</ul>
-
-
-<a name="mode.local"></a>
-<h3>mode local</h3>
-
-<p>Within this mode, the launchers have either one or two description vectors.
-All of those vectors are treated as programs
-and are executed with ‘execve’ system call.</p>
-
-<p>The first vector is the leader vector and it defines the process
-group. The second vector (if any) is attached to the group
-defined by this first vector.</p>
-
-<a name="mode.remote"></a>
-<h3>mode remote</h3>
-
-<p>Within this mode, the launchers have either one or two vectors
-describing them.</p>
-
-<p>The first vector is process as a program and is executed with
-system call ‘execve’.</p>
-
-<p>The second vector (if any) defines a text that is returned
-to the caller. This mechanism can be used to return a uri
-for remote UI to connect on the newly launched application.</p>
-
-<p>The daemon <strong><em>afm-user-daemon</em></strong> allocates a port for each
-new remote application.
-The current implementation port allocation is incremental.
-A smarter (cacheable and discoverable) allocation should be defined.</p>
-
-<a name="L.substitutions"></a>
-<h3>%substitutions</h3>
-
-<p>Vectors can include sequences of 2 characters that have a special
-meaning. These sequences are named <em>%substitution</em> because their
-first character is the percent sign (%) and because each occurrence
-of the sequence is replaced, at launch time, by the value associated
-to sequences.</p>
-
+<h3 id="mode-local">mode local</h3>
+<p>Within this mode, the launchers have either one or two description vectors. All of those vectors are treated as programs and are executed with 'execve' system call.</p>
+<p>The first vector is the leader vector and it defines the process group. The second vector (if any) is attached to the group defined by this first vector.</p>
+<h3 id="mode-remote">mode remote</h3>
+<p>Within this mode, the launchers have either one or two vectors describing them.</p>
+<p>The first vector is process as a program and is executed with system call 'execve'.</p>
+<p>The second vector (if any) defines a text that is returned to the caller. This mechanism can be used to return a uri for remote UI to connect on the newly launched application.</p>
+<p>The daemon <strong><em>afm-user-daemon</em></strong> allocates a port for each new remote application. The current implementation port allocation is incremental. A smarter (cacheable and discoverable) allocation should be defined.</p>
+<h3 id="substitutions">%substitutions</h3>
+<p>Vectors can include sequences of 2 characters that have a special meaning. These sequences are named <em>%substitution</em> because their first character is the percent sign (%) and because each occurrence of the sequence is replaced, at launch time, by the value associated to sequences.</p>
<p>Here is the list of <em>%substitutions</em>:</p>
-
<ul>
-<li><p><strong><em>%%</em></strong>: %.</p>
-
-<p>This simply emits the percent sign %</p></li>
-<li><p><strong><em>%a</em></strong>: appid</p>
-
+<li><strong><em>%%</em></strong>: %.</li>
+</ul>
+<p>This simply emits the percent sign %</p>
+<ul>
+<li><strong><em>%a</em></strong>: appid</li>
+</ul>
<p>Holds application Id of launched application.</p>
-
-<p>Defined by the attribute <strong>id</strong> of the element <strong><widget></strong>
-of <strong>config.xml</strong>.</p></li>
-<li><p><strong><em>%c</em></strong>: content</p>
-
+<p>Defined by the attribute <strong>id</strong> of the element <strong><widget></strong> of <strong>config.xml</strong>.</p>
+<ul>
+<li><strong><em>%c</em></strong>: content</li>
+</ul>
<p>The file within the widget directory that is the entry point.</p>
-
-<p>For HTML applications, it represents the relative path to main
-page (aka index.html).</p>
-
-<p>Defined by attribute <strong>src</strong> of the element <strong><content></strong> within <strong>config.xml</strong>.</p></li>
-<li><p><strong><em>%D</em></strong>: datadir</p>
-
-<p>Path of the directory where the application runs (cwd)
-and stores its data.</p>
-
-<p>It is equal to %h/%a.</p></li>
-<li><p><strong><em>%H</em></strong>: height</p>
-
+<p>For HTML applications, it represents the relative path to main page (aka index.html).</p>
+<p>Defined by attribute <strong>src</strong> of the element <strong><content></strong> within <strong>config.xml</strong>.</p>
+<ul>
+<li><strong><em>%D</em></strong>: datadir</li>
+</ul>
+<p>Path of the directory where the application runs (cwd) and stores its data.</p>
+<p>It is equal to %h/%a.</p>
+<ul>
+<li><strong><em>%H</em></strong>: height</li>
+</ul>
<p>Requested height for the widget.</p>
-
-<p>Defined by the attribute <strong>height</strong> of the element <strong><widget></strong>
-of <strong>config.xml</strong>.</p></li>
-<li><p><strong><em>%h</em></strong>: homedir</p>
-
+<p>Defined by the attribute <strong>height</strong> of the element <strong><widget></strong> of <strong>config.xml</strong>.</p>
+<ul>
+<li><strong><em>%h</em></strong>: homedir</li>
+</ul>
<p>Path of the home directory for all applications.</p>
-
-<p>It is generally equal to $HOME/app-data</p></li>
-<li><p><strong><em>%I</em></strong>: icondir</p>
-
-<p>Path of the directory were the icons of the applications can be found.</p></li>
-<li><p><strong><em>%m</em></strong>: mime-type</p>
-
+<p>It is generally equal to $HOME/app-data</p>
+<ul>
+<li><strong><em>%I</em></strong>: icondir</li>
+</ul>
+<p>Path of the directory were the icons of the applications can be found.</p>
+<ul>
+<li><strong><em>%m</em></strong>: mime-type</li>
+</ul>
<p>Mime type of the launched application.</p>
-
-<p>Defined by the attribute <strong>type</strong> of the element <strong><content></strong>
-of <strong>config.xml</strong>.</p></li>
-<li><p><strong><em>%n</em></strong>: name</p>
-
-<p>Name of the application as defined by the content of the
-element <strong><name></strong> of <strong>config.xml</strong>.</p></li>
-<li><p><strong><em>%p</em></strong>: plugins</p>
-
-<p>In the future should represent the list of plugins and plugins directory separated by ‘,’.
-Warning: not supported in current version.</p></li>
-<li><p><strong><em>%P</em></strong>: port</p>
-
-<p>A port to use. It is currently a kind of random port. The precise
-model is to be defined later.</p></li>
-<li><p><strong><em>%R</em></strong>: readyfd</p>
-
-<p>Number of file descriptor to use for signaling
-readiness of launched process.</p></li>
-<li><p><strong><em>%r</em></strong>: rootdir</p>
-
-<p>Path of directory containing the widget and its data.</p></li>
-<li><p><strong><em>%S</em></strong>: secret</p>
-
-<p>An hexadecimal number that can be used to initialize pairing of client
-and application binder.</p></li>
-<li><p><strong><em>%W</em></strong>: width</p>
-
-<p>Requested width for the widget.</p>
-
-<p>Defined by the attribute <strong>width</strong> of the element <strong><widget></strong>
-of <strong>config.xml</strong>.</p></li>
+<p>Defined by the attribute <strong>type</strong> of the element <strong><content></strong> of <strong>config.xml</strong>.</p>
+<ul>
+<li><strong><em>%n</em></strong>: name</li>
</ul>
-
-
-<a name="The.D-Bus.interface"></a>
-<h2>The D-Bus interface</h2>
-
-<a name="Overview.of.the.dbus.interface"></a>
-<h3>Overview of the dbus interface</h3>
-
-<p><strong><em>afm-user-daemon</em></strong> takes its orders from the session instance
-of D-Bus. D-Bus is nice to use in this context because it allows
-discovery and signaling.</p>
-
-<p>The dbus session is by default addressed by environment
-variable <strong><em>DBUS_SESSION_BUS_ADDRESS</em></strong>. Using <strong>systemd</strong>
-variable <em>DBUS_SESSION_BUS_ADDRESS</em> is automatically set for
-user sessions.</p>
-
-<p>The <strong>afm-user-daemon</strong> is listening on destination name
-<strong><em>org.AGL.afm.user</em></strong> at object path <strong><em>/org/AGL/afm/user</em></strong>
-on interface <strong><em>org.AGL.afm.user</em></strong> for following members:
- <strong><em>runnables</em></strong>, <strong><em>detail</em></strong>, <strong><em>start</em></strong>, <strong><em>terminate</em></strong>,
-<strong><em>stop</em></strong>, <strong><em>continue</em></strong>, <strong><em>runners</em></strong>, <strong><em>state</em></strong>,
-<strong><em>install</em></strong> and <strong><em>uninstall</em></strong>.</p>
-
-<p>D-Bus is mainly used for signaling and discovery. Its optimized
-typed protocol is not used except for transmission of standalone strings.</p>
-
+<p>Name of the application as defined by the content of the element <strong><name></strong> of <strong>config.xml</strong>.</p>
+<ul>
+<li><strong><em>%p</em></strong>: plugins</li>
+</ul>
+<p>In the future should represent the list of plugins and plugins directory separated by ','. Warning: not supported in current version.</p>
+<ul>
+<li><strong><em>%P</em></strong>: port</li>
+</ul>
+<p>A port to use. It is currently a kind of random port. The precise model is to be defined later.</p>
+<ul>
+<li><strong><em>%R</em></strong>: readyfd</li>
+</ul>
+<p>Number of file descriptor to use for signaling readiness of launched process.</p>
+<ul>
+<li><strong><em>%r</em></strong>: rootdir</li>
+</ul>
+<p>Path of directory containing the widget and its data.</p>
+<ul>
+<li><strong><em>%S</em></strong>: secret</li>
+</ul>
+<p>An hexadecimal number that can be used to initialize pairing of client and application binder.</p>
+<ul>
+<li><strong><em>%W</em></strong>: width</li>
+</ul>
+<p>Requested width for the widget.</p>
+<p>Defined by the attribute <strong>width</strong> of the element <strong><widget></strong> of <strong>config.xml</strong>.</p>
+<h2 id="the-d-bus-interface">The D-Bus interface</h2>
+<h3 id="overview-of-the-dbus-interface">Overview of the dbus interface</h3>
+<p><strong><em>afm-user-daemon</em></strong> takes its orders from the session instance of D-Bus. D-Bus is nice to use in this context because it allows discovery and signaling.</p>
+<p>The dbus session is by default addressed by environment variable <strong><em>DBUS_SESSION_BUS_ADDRESS</em></strong>. Using <strong>systemd</strong> variable <em>DBUS_SESSION_BUS_ADDRESS</em> is automatically set for user sessions.</p>
+<p>The <strong>afm-user-daemon</strong> is listening on destination name <strong><em>org.AGL.afm.user</em></strong> at object path <strong><em>/org/AGL/afm/user</em></strong> on interface <strong><em>org.AGL.afm.user</em></strong> for following members: <strong><em>runnables</em></strong>, <strong><em>detail</em></strong>, <strong><em>start</em></strong>, <strong><em>terminate</em></strong>, <strong><em>stop</em></strong>, <strong><em>continue</em></strong>, <strong><em>runners</em></strong>, <strong><em>state</em></strong>, <strong><em>install</em></strong> and <strong><em>uninstall</em></strong>.</p>
+<p>D-Bus is mainly used for signaling and discovery. Its optimized typed protocol is not used except for transmission of standalone strings.</p>
<p>Clients and Services are using JSON serialisation to exchange data.</p>
-
<p>The D-Bus interface is defined by:</p>
-
<ul>
<li><p>DESTINATION: <strong>org.AGL.afm.user</strong></p></li>
<li><p>PATH: <strong>/org/AGL/afm/user</strong></p></li>
<li><p>INTERFACE: <strong>org.AGL.afm.user</strong></p></li>
</ul>
-
-
-<p>The signature of any member of the interface is <strong><em>string -> string</em></strong>
-for <strong><em>JSON -> JSON</em></strong>.</p>
-
-<p>This is the normal case. In case of error, the current implementation
-returns a dbus error as a string.</p>
-
-<p>Here an example using <em>dbus-send</em> to query data on
-installed applications.</p>
-
+<p>The signature of any member of the interface is <strong><em>string -> string</em></strong> for <strong><em>JSON -> JSON</em></strong>.</p>
+<p>This is the normal case. In case of error, the current implementation returns a dbus error as a string.</p>
+<p>Here an example using <em>dbus-send</em> to query data on installed applications.</p>
<pre><code>dbus-send --session --print-reply \
---dest=org.AGL.afm.user \
-/org/AGL/afm/user \
-org.AGL.afm.user.runnables string:true
-</code></pre>
-
-<a name="Using..strong..em.afm-util..em...strong."></a>
-<h3>Using <strong><em>afm-util</em></strong></h3>
-
-<p>The command line tool <strong><em>afm-util</em></strong> uses dbus-send to send
-orders to <strong>afm-user-daemon</strong>. This small scripts allows to
-send command to <strong><em>afm-user-daemon</em></strong> either interactively
-at shell prompt or scriptically.</p>
-
+ --dest=org.AGL.afm.user \
+ /org/AGL/afm/user \
+ org.AGL.afm.user.runnables string:true</code></pre>
+<h3 id="using-afm-util">Using <strong><em>afm-util</em></strong></h3>
+<p>The command line tool <strong><em>afm-util</em></strong> uses dbus-send to send orders to <strong>afm-user-daemon</strong>. This small scripts allows to send command to <strong><em>afm-user-daemon</em></strong> either interactively at shell prompt or scriptically.</p>
<p>The syntax is simple: it accept a command and when requires attached arguments.</p>
-
<p>Here is the summary of <strong><em>afm-util</em></strong>:</p>
-
<ul>
-<li><p><strong>afm-util runnables </strong>:</p>
-
-<p>list the runnable widgets installed</p></li>
-<li><p><strong>afm-util install wgt </strong>:</p>
-
-<p>install the wgt file</p></li>
-<li><p><strong>afm-util uninstall id </strong>:</p>
-
-<p>remove the installed widget of id</p></li>
-<li><p><strong>afm-util detail id </strong>:</p>
-
-<p>print detail about the installed widget of id</p></li>
-<li><p><strong>afm-util runners </strong>:</p>
-
-<p>list the running instance</p></li>
-<li><p><strong>afm-util start id </strong>:</p>
-
-<p>start an instance of the widget of id</p></li>
-<li><p><strong>afm-util terminate rid </strong>:</p>
-
-<p>terminate the running instance rid</p></li>
-<li><p><strong>afm-util stop rid </strong>:</p>
-
-<p>stop the running instance rid</p></li>
-<li><p><strong>afm-util continue rid </strong>:</p>
-
-<p>continue the previously rid</p></li>
-<li><p><strong>afm-util state rid </strong>:</p>
-
-<p>get status of the running instance rid</p></li>
+<li><strong>afm-util runnables </strong>:</li>
</ul>
-
-
+<p>list the runnable widgets installed</p>
+<ul>
+<li><strong>afm-util install wgt </strong>:</li>
+</ul>
+<p>install the wgt file</p>
+<ul>
+<li><strong>afm-util uninstall id </strong>:</li>
+</ul>
+<p>remove the installed widget of id</p>
+<ul>
+<li><strong>afm-util detail id </strong>:</li>
+</ul>
+<p>print detail about the installed widget of id</p>
+<ul>
+<li><strong>afm-util runners </strong>:</li>
+</ul>
+<p>list the running instance</p>
+<ul>
+<li><strong>afm-util start id </strong>:</li>
+</ul>
+<p>start an instance of the widget of id</p>
+<ul>
+<li><strong>afm-util terminate rid </strong>:</li>
+</ul>
+<p>terminate the running instance rid</p>
+<ul>
+<li><strong>afm-util stop rid </strong>:</li>
+</ul>
+<p>stop the running instance rid</p>
+<ul>
+<li><strong>afm-util continue rid </strong>:</li>
+</ul>
+<p>continue the previously rid</p>
+<ul>
+<li><strong>afm-util state rid </strong>:</li>
+</ul>
+<p>get status of the running instance rid</p>
<p>Here is how to list applications using <strong><em>afm-util</em></strong>:</p>
-
-<pre><code>afm-util runnables
-</code></pre>
-
+<pre><code>afm-util runnables</code></pre>
<hr />
-
-<a name="The.protocol.over.D-Bus"></a>
-<h3>The protocol over D-Bus</h3>
-
+<h3 id="the-protocol-over-d-bus">The protocol over D-Bus</h3>
<p>Recall:</p>
-
<ul>
<li><p><strong>DESTINATION</strong>: org.AGL.afm.user</p></li>
<li><p><strong>PATH</strong>: /org/AGL/afm/user</p></li>
<li><p><strong>INTERFACE</strong>: org.AGL.afm.user</p></li>
</ul>
-
-
<hr />
-
-<a name="Method.org.AGL.afm.user.detail"></a>
-<h4>Method org.AGL.afm.user.detail</h4>
-
+<h4 id="method-org.agl.afm.user.detail">Method org.AGL.afm.user.detail</h4>
<p><strong>Description</strong>: Get details about an application from its id.</p>
-
<p><strong>Input</strong>: the id of the application as below.</p>
-
<p>Either just a string:</p>
-
-<pre><code>"appli@x.y"
-</code></pre>
-
-<p>Or an object having the field “id” of type string:</p>
-
-<pre><code>{"id":"appli@x.y"}
-</code></pre>
-
-<p><strong>Output</strong>: A JSON object describing the application containing
-the fields described below.</p>
-
+<pre><code>"appli@x.y"</code></pre>
+<p>Or an object having the field "id" of type string:</p>
+<pre><code>{"id":"appli@x.y"}</code></pre>
+<p><strong>Output</strong>: A JSON object describing the application containing the fields described below.</p>
<pre><code>{
- "id": string, the application id (id@version)
- "version": string, the version of the application
- "width": integer, requested width of the application
- "height": integer, resqueted height of the application
- "name": string, the name of the application
- "description": string, the description of the application
- "shortname": string, the short name of the application
- "author": string, the author of the application
-}
-</code></pre>
-
+ "id": string, the application id (id@version)
+ "version": string, the version of the application
+ "width": integer, requested width of the application
+ "height": integer, resqueted height of the application
+ "name": string, the name of the application
+ "description": string, the description of the application
+ "shortname": string, the short name of the application
+ "author": string, the author of the application
+}</code></pre>
<hr />
-
-<a name="Method.org.AGL.afm.user.runnables"></a>
-<h4>Method org.AGL.afm.user.runnables</h4>
-
+<h4 id="method-org.agl.afm.user.runnables">Method org.AGL.afm.user.runnables</h4>
<p><strong>Description</strong>: Get the list of applications that can be run.</p>
-
<p><strong>Input</strong>: any valid json entry, can be anything except null.</p>
-
-<p><strong>output</strong>: An array of description of the runnable applications.
-Each item of the array contains an object containing the detail of
-an application as described above for the method
-<em>org.AGL.afm.user.detail</em>.</p>
-
+<p><strong>output</strong>: An array of description of the runnable applications. Each item of the array contains an object containing the detail of an application as described above for the method <em>org.AGL.afm.user.detail</em>.</p>
<hr />
-
-<a name="Method.org.AGL.afm.user.install"></a>
-<h4>Method org.AGL.afm.user.install</h4>
-
+<h4 id="method-org.agl.afm.user.install">Method org.AGL.afm.user.install</h4>
<p><strong>Description</strong>: Install an application from its widget file.</p>
-
-<p>If an application of the same <em>id</em> and <em>version</em> exists, it is not
-reinstalled except when <em>force=true</em>.</p>
-
-<p>Applications are installed in the subdirectories of the common directory
-reserved for applications.
-If <em>root</em> is specified, the application is installed under
-sub-directories of defined <em>root</em>.</p>
-
-<p>Note that this methods is a simple accessor to the method
-<strong><em>org.AGL.afm.system.install</em></strong> of <strong><em>afm-system-daemon</em></strong>.</p>
-
-<p>After the installation and before returning to the sender,
-<strong><em>afm-user-daemon</em></strong> sends the signal <strong><em>org.AGL.afm.user.changed</em></strong>.</p>
-
-<p><strong>Input</strong>: The <em>path</em> of widget file to be installed. Optionally,
-a flag to <em>force</em> reinstallation and/or a <em>root</em> directory.</p>
-
+<p>If an application of the same <em>id</em> and <em>version</em> exists, it is not reinstalled except when <em>force=true</em>.</p>
+<p>Applications are installed in the subdirectories of the common directory reserved for applications. If <em>root</em> is specified, the application is installed under sub-directories of defined <em>root</em>.</p>
+<p>Note that this methods is a simple accessor to the method <strong><em>org.AGL.afm.system.install</em></strong> of <strong><em>afm-system-daemon</em></strong>.</p>
+<p>After the installation and before returning to the sender, <strong><em>afm-user-daemon</em></strong> sends the signal <strong><em>org.AGL.afm.user.changed</em></strong>.</p>
+<p><strong>Input</strong>: The <em>path</em> of widget file to be installed. Optionally, a flag to <em>force</em> reinstallation and/or a <em>root</em> directory.</p>
<p>Simple form a simple string containing the absolute widget path:</p>
-
-<pre><code>"/a/path/driving/to/the/widget"
-</code></pre>
-
+<pre><code>"/a/path/driving/to/the/widget"</code></pre>
<p>Or an object:</p>
-
<pre><code>{
- "wgt": "/a/path/to/the/widget",
- "force": false,
- "root": "/a/path/to/the/root"
-}
-</code></pre>
-
-<p>“wgt” and “root” MUST be absolute paths.</p>
-
-<p><strong>output</strong>: An object containing field “added” to use as application ID.</p>
-
-<pre><code>{"added":"appli@x.y"}
-</code></pre>
-
+ "wgt": "/a/path/to/the/widget",
+ "force": false,
+ "root": "/a/path/to/the/root"
+}</code></pre>
+<p>"wgt" and "root" MUST be absolute paths.</p>
+<p><strong>output</strong>: An object containing field "added" to use as application ID.</p>
+<pre><code>{"added":"appli@x.y"}</code></pre>
<hr />
-
-<a name="Method.org.AGL.afm.user.uninstall"></a>
-<h4>Method org.AGL.afm.user.uninstall</h4>
-
+<h4 id="method-org.agl.afm.user.uninstall">Method org.AGL.afm.user.uninstall</h4>
<p><strong>Description</strong>: Uninstall an application from its id.</p>
-
-<p>Note that this methods is a simple accessor to
-<strong><em>org.AGL.afm.system.uninstall</em></strong> method from <strong><em>afm-system-daemon</em></strong>.</p>
-
-<p>After the uninstallation and before returning to the sender,
-<strong><em>afm-user-daemon</em></strong> sends the signal <strong><em>org.AGL.afm.user.changed</em></strong>.</p>
-
-<p><strong>Input</strong>: the <em>id</em> of the application and, optionally, the path to
-application <em>root</em>.</p>
-
+<p>Note that this methods is a simple accessor to <strong><em>org.AGL.afm.system.uninstall</em></strong> method from <strong><em>afm-system-daemon</em></strong>.</p>
+<p>After the uninstallation and before returning to the sender, <strong><em>afm-user-daemon</em></strong> sends the signal <strong><em>org.AGL.afm.user.changed</em></strong>.</p>
+<p><strong>Input</strong>: the <em>id</em> of the application and, optionally, the path to application <em>root</em>.</p>
<p>Either a string:</p>
-
-<pre><code>"appli@x.y"
-</code></pre>
-
+<pre><code>"appli@x.y"</code></pre>
<p>Or an object:</p>
-
<pre><code>{
- "id": "appli@x.y",
- "root": "/a/path/to/the/root"
-}
-</code></pre>
-
-<p><strong>output</strong>: the value ‘true’.</p>
-
+ "id": "appli@x.y",
+ "root": "/a/path/to/the/root"
+}</code></pre>
+<p><strong>output</strong>: the value 'true'.</p>
<hr />
-
-<a name="Method.org.AGL.afm.user.start"></a>
-<h4>Method org.AGL.afm.user.start</h4>
-
+<h4 id="method-org.agl.afm.user.start">Method org.AGL.afm.user.start</h4>
<p><strong>Description</strong>:</p>
-
-<p><strong>Input</strong>: the <em>id</em> of the application and, optionally, the
-start <em>mode</em> as below.</p>
-
+<p><strong>Input</strong>: the <em>id</em> of the application and, optionally, the start <em>mode</em> as below.</p>
<p>Either just a string:</p>
-
-<pre><code>"appli@x.y"
-</code></pre>
-
-<p>Or an object containing field “id” of type string and
-optionally a field mode:</p>
-
-<pre><code>{"id":"appli@x.y","mode":"local"}
-</code></pre>
-
-<p>The field “mode” is a string equal to either “local” or “remote”.</p>
-
+<pre><code>"appli@x.y"</code></pre>
+<p>Or an object containing field "id" of type string and optionally a field mode:</p>
+<pre><code>{"id":"appli@x.y","mode":"local"}</code></pre>
+<p>The field "mode" is a string equal to either "local" or "remote".</p>
<p><strong>output</strong>: The <em>runid</em> of the application launched. <em>runid</em> is an integer.</p>
-
<hr />
-
-<a name="Method.org.AGL.afm.user.terminate"></a>
-<h4>Method org.AGL.afm.user.terminate</h4>
-
+<h4 id="method-org.agl.afm.user.terminate">Method org.AGL.afm.user.terminate</h4>
<p><strong>Description</strong>: Terminates the application attached to <em>runid</em>.</p>
-
<p><strong>Input</strong>: The <em>runid</em> (an integer) of running instance to terminate.</p>
-
-<p><strong>output</strong>: the value ‘true’.</p>
-
+<p><strong>output</strong>: the value 'true'.</p>
<hr />
-
-<a name="Method.org.AGL.afm.user.stop"></a>
-<h4>Method org.AGL.afm.user.stop</h4>
-
+<h4 id="method-org.agl.afm.user.stop">Method org.AGL.afm.user.stop</h4>
<p><strong>Description</strong>: Stops the application attached to <em>runid</em> until terminate or continue.</p>
-
<p><strong>Input</strong>: The <em>runid</em> (integer) of the running instance to stop.</p>
-
-<p><strong>output</strong>: the value ‘true’.</p>
-
+<p><strong>output</strong>: the value 'true'.</p>
<hr />
-
-<a name="Method.org.AGL.afm.user.continue"></a>
-<h4>Method org.AGL.afm.user.continue</h4>
-
+<h4 id="method-org.agl.afm.user.continue">Method org.AGL.afm.user.continue</h4>
<p><strong>Description</strong>: Continues the application attached to <em>runid</em> previously stopped.</p>
-
<p><strong>Input</strong>: The <em>runid</em> (integer) of the running instance to continue.</p>
-
-<p><strong>output</strong>: the value ‘true’.</p>
-
+<p><strong>output</strong>: the value 'true'.</p>
<hr />
-
-<a name="Method.org.AGL.afm.user.state"></a>
-<h4>Method org.AGL.afm.user.state</h4>
-
+<h4 id="method-org.agl.afm.user.state">Method org.AGL.afm.user.state</h4>
<p><strong>Description</strong>: Get informations about a running instance of <em>runid</em>.</p>
-
<p><strong>Input</strong>: The <em>runid</em> (integer) of the running instance inspected.</p>
-
-<p><strong>output</strong>: An object describing instance state. It contains:
-the runid (integer), the id of the running application (string),
-the state of the application (string either: “starting”, “running”, “stopped”).</p>
-
+<p><strong>output</strong>: An object describing instance state. It contains: the runid (integer), the id of the running application (string), the state of the application (string either: "starting", "running", "stopped").</p>
<p>Example of returned state:</p>
-
<pre><code>{
- "runid": 2,
- "state": "running",
- "id": "appli@x.y"
-}
-</code></pre>
-
+ "runid": 2,
+ "state": "running",
+ "id": "appli@x.y"
+}</code></pre>
<hr />
-
-<a name="Method.org.AGL.afm.user.runners"></a>
-<h4>Method org.AGL.afm.user.runners</h4>
-
+<h4 id="method-org.agl.afm.user.runners">Method org.AGL.afm.user.runners</h4>
<p><strong>Description</strong>: Get the list of currently running instances.</p>
-
<p><strong>Input</strong>: anything.</p>
-
-<p><strong>output</strong>: An array of states, one per running instance, as returned by
-the methodd <strong><em>org.AGL.afm.user.state</em></strong>.</p>
+<p><strong>output</strong>: An array of states, one per running instance, as returned by the methodd <strong><em>org.AGL.afm.user.state</em></strong>.</p>
</body>
</html>
+<!DOCTYPE html>
<html>
<head>
- <link rel="stylesheet" type="text/css" href="doc.css">
- <meta charset="UTF-8">
+ <meta charset="utf-8">
+ <meta name="generator" content="pandoc">
+ <meta name="viewport" content="width=device-width, initial-scale=1.0, user-scalable=yes">
+ <meta name="author" content="José Bollo">
+ <meta name="author" content="Fulup Ar Foll">
+ <title>Application framework</title>
+ <style type="text/css">code{white-space: pre;}</style>
+ <!--[if lt IE 9]>
+ <script src="http://html5shim.googlecode.com/svn/trunk/html5.js"></script>
+ <![endif]-->
+ <link rel="stylesheet" href="doc.css">
</head>
<body>
-<a name="Application.framework"></a>
-<h1>Application framework</h1>
-
+<header>
+<h1 class="title">Application framework</h1>
+<h2 class="author">José Bollo</h2>
+<h2 class="author">Fulup Ar Foll</h2>
+<h3 class="date">30 mai 2016</h3>
+</header>
+<nav id="TOC">
+<ul>
+<li><a href="#application-framework">Application framework</a><ul>
+<li><a href="#foreword">Foreword</a></li>
+<li><a href="#overview">Overview</a></li>
+<li><a href="#comparison-to-other-frameworks">Comparison to other frameworks</a><ul>
+<li><a href="#tizen-framework">Tizen framework</a></li>
+<li><a href="#xdg-app">xdg-app</a></li>
+<li><a href="#ostro">ostro</a></li>
+</ul></li>
+</ul></li>
+<li><a href="#organization-of-directory-of-applications">organization of directory of applications</a><ul>
+<li><a href="#identity-of-installed-files">Identity of installed files</a></li>
+<li><a href="#labeling-the-directories-of-applications">labeling the directories of applications</a></li>
+</ul></li>
+<li><a href="#organization-of-data">organization of data</a></li>
+<li><a href="#setting-smack-rules-for-the-application">Setting Smack rules for the application</a></li>
+<li><a href="#what-user-can-run-an-application">What user can run an application?</a></li>
+</ul>
+</nav>
+<h1 id="application-framework">Application framework</h1>
<pre><code>version: 1
Date: 30 mai 2016
-Author: José Bollo
-</code></pre>
-
-<p><ul>
- <li><a href="#Application.framework">Application framework</a>
- <ul>
- <li><a href="#Foreword">Foreword</a></li>
- <li><a href="#Overview">Overview</a></li>
- <li><a href="#Comparison.to.other.frameworks">Comparison to other frameworks</a>
- <ul>
- <li><a href="#Tizen.framework">Tizen framework</a></li>
- <li><a href="#xdg-app">xdg-app</a></li>
- <li><a href="#ostro">ostro</a>
-</li>
- </ul>
- </li>
- </ul>
- </li>
- <li><a href="#organization.of.directory.of.applications">organization of directory of applications</a>
- <ul>
- <li><a href="#Identity.of.installed.files">Identity of installed files</a></li>
- <li><a href="#labeling.the.directories.of.applications">labeling the directories of applications</a></li>
- </ul>
- </li>
- <li><a href="#organization.of.data">organization of data</a></li>
- <li><a href="#Setting.Smack.rules.for.the.application">Setting Smack rules for the application</a></li>
- <li><a href="#What.user.can.run.an.application.">What user can run an application?</a></li>
-</ul></p>
-
-<a name="Foreword"></a>
-<h2>Foreword</h2>
-
-<p>This document describes application framework fundamentals.
-FCF (Fully Conform to Specification) implementation is still under development.
-It may happen that current implementation somehow diverges with specifications.</p>
-
-<a name="Overview"></a>
-<h2>Overview</h2>
-
-<p>The application framework on top of the security framework
-provides components to install and uninstall applications
-as well as to run them in a secured environment.</p>
-
-<p>The goal of the framework is to manage applications and hide security details
-to applications.</p>
-
-<p>For the reasons explained in introduction, it was choose not to reuse Tizen
-application framework directly, but to rework a new framework inspired from Tizen.</p>
-
-<p>fundamentals remain identical: the applications are distributed
-in a digitally signed container that should match widget specifications
-normalized by the W3C. This is described by the technical
-recommendations <a href="http://www.w3.org/TR/widgets" title="Packaged Web Apps">widgets</a> and <a href="http://www.w3.org/TR/widgets-digsig" title="XML Digital Signatures for Widgets">widgets-digsig</a> of the W3 consortium.</p>
-
-<p>As today this model allows the distribution of HTML, QML and binary applications
-but it could be extended to any other class of applications.</p>
-
-<p>The management of widget package signatures.
-Current model is only an initial step, it might be extended in the
-future to include new feature (ie: incremental delivery).</p>
-
-<a name="Comparison.to.other.frameworks"></a>
-<h2>Comparison to other frameworks</h2>
-
-<a name="Tizen.framework"></a>
-<h3>Tizen framework</h3>
-
-<a name="xdg-app"></a>
-<h3>xdg-app</h3>
-
-<a name="ostro"></a>
-<h3>ostro</h3>
-
-<a name="organization.of.directory.of.applications"></a>
-<h1>organization of directory of applications</h1>
-
+Author: José Bollo</code></pre>
+<p>TABLE-OF-CONTENT-HERE</p>
+<h2 id="foreword">Foreword</h2>
+<p>This document describes application framework fundamentals. FCF (Fully Conform to Specification) implementation is still under development. It may happen that current implementation somehow diverges with specifications.</p>
+<h2 id="overview">Overview</h2>
+<p>The application framework on top of the security framework provides components to install and uninstall applications as well as to run them in a secured environment.</p>
+<p>The goal of the framework is to manage applications and hide security details to applications.</p>
+<p>For the reasons explained in introduction, it was choose not to reuse Tizen application framework directly, but to rework a new framework inspired from Tizen.</p>
+<p>fundamentals remain identical: the applications are distributed in a digitally signed container that should match widget specifications normalized by the W3C. This is described by the technical recommendations <a href="http://www.w3.org/TR/widgets" title="Packaged Web Apps">widgets</a> and <a href="http://www.w3.org/TR/widgets-digsig" title="XML Digital Signatures for Widgets">widgets-digsig</a> of the W3 consortium.</p>
+<p>As today this model allows the distribution of HTML, QML and binary applications but it could be extended to any other class of applications.</p>
+<p>The management of widget package signatures. Current model is only an initial step, it might be extended in the future to include new feature (ie: incremental delivery).</p>
+<h2 id="comparison-to-other-frameworks">Comparison to other frameworks</h2>
+<h3 id="tizen-framework">Tizen framework</h3>
+<h3 id="xdg-app">xdg-app</h3>
+<h3 id="ostro">ostro</h3>
+<h1 id="organization-of-directory-of-applications">organization of directory of applications</h1>
<p>The main path for applications are: APPDIR/PKGID/VER.</p>
-
<p>Where:</p>
-
<ul>
<li>APPDIR is as defined above</li>
<li>PKGID is a directory whose name is the package identifier</li>
<li>VER is the version of the package MAJOR.MINOR</li>
</ul>
-
-
-<p>The advantage of such an organization is to allow several versions to live together.
-This is required for multiple reasons (ie: roll back) and to comply with developers habits.</p>
-
-<a name="Identity.of.installed.files"></a>
-<h2>Identity of installed files</h2>
-
-<p>All the files are installed as user “userapp” and group “userapp”.
-All files have rw(x) for user and r-(x) for group and others.</p>
-
+<p>The advantage of such an organization is to allow several versions to live together. This is required for multiple reasons (ie: roll back) and to comply with developers habits.</p>
+<h2 id="identity-of-installed-files">Identity of installed files</h2>
+<p>All the files are installed as user "userapp" and group "userapp". All files have rw(x) for user and r-(x) for group and others.</p>
<p>This allows any user to read files.</p>
-
-<a name="labeling.the.directories.of.applications"></a>
-<h2>labeling the directories of applications</h2>
-
-<a name="organization.of.data"></a>
-<h1>organization of data</h1>
-
+<h2 id="labeling-the-directories-of-applications">labeling the directories of applications</h2>
+<h1 id="organization-of-data">organization of data</h1>
<p>The data of a user are contain within its directory and are labeled using the application labels</p>
-
-<a name="Setting.Smack.rules.for.the.application"></a>
-<h1>Setting Smack rules for the application</h1>
-
+<h1 id="setting-smack-rules-for-the-application">Setting Smack rules for the application</h1>
<p>For Tizen, the following rules are set by the security manager for each application.</p>
-
<pre><code>System ~APP~ rwx
System ~PKG~ rwxat
System ~PKG~::RO rwxat
~APP~ User::Home rxl
~APP~ User::App::Shared rwxat
~APP~ ~PKG~ rwxat
-~APP~ ~PKG~::RO rxl
-</code></pre>
-
-<p>Here, ~PKG~ is the identifier of the package and ~APP~ is the identifier of the application.</p>
-
-<a name="What.user.can.run.an.application."></a>
-<h1>What user can run an application?</h1>
-
-<p>Not all user are able to run all applications.
-How to manage that?</p>
+~APP~ ~PKG~::RO rxl</code></pre>
+<p>Here, <sub>PKG</sub> is the identifier of the package and <sub>APP</sub> is the identifier of the application.</p>
+<h1 id="what-user-can-run-an-application">What user can run an application?</h1>
+<p>Not all user are able to run all applications. How to manage that?</p>
</body>
</html>
+<!DOCTYPE html>
<html>
<head>
- <link rel="stylesheet" type="text/css" href="doc.css">
- <meta charset="UTF-8">
+ <meta charset="utf-8">
+ <meta name="generator" content="pandoc">
+ <meta name="viewport" content="width=device-width, initial-scale=1.0, user-scalable=yes">
+ <meta name="author" content="José Bollo">
+ <title>AGL framework, overview of the proposal of IoT.bzh</title>
+ <style type="text/css">code{white-space: pre;}</style>
+ <!--[if lt IE 9]>
+ <script src="http://html5shim.googlecode.com/svn/trunk/html5.js"></script>
+ <![endif]-->
+ <link rel="stylesheet" href="doc.css">
</head>
<body>
-<a name="AGL.framework..overview.of.the.proposal.of.IoT.bzh"></a>
-<h1>AGL framework, overview of the proposal of IoT.bzh</h1>
-
+<header>
+<h1 class="title">AGL framework, overview of the proposal of IoT.bzh</h1>
+<h2 class="author">José Bollo</h2>
+<h3 class="date">29 mai 2016</h3>
+</header>
+<nav id="TOC">
+<ul>
+<li><a href="#agl-framework-overview-of-the-proposal-of-iot.bzh">AGL framework, overview of the proposal of IoT.bzh</a><ul>
+<li><a href="#foreword">Foreword</a></li>
+<li><a href="#introduction">Introduction</a></li>
+<li><a href="#overview">Overview</a></li>
+<li><a href="#links-between-the-security-framework-and-the-application-framework">Links between the "Security framework" and the "Application framework"</a></li>
+<li><a href="#the-security-framework">The security framework</a></li>
+<li><a href="#the-application-framework">The application framework</a></li>
+</ul></li>
+</ul>
+</nav>
+<h1 id="agl-framework-overview-of-the-proposal-of-iot.bzh">AGL framework, overview of the proposal of IoT.bzh</h1>
<pre><code>version: 1
Date: 29 mai 2016
-Author: José Bollo
-</code></pre>
-
-<p><ul>
- <li><a href="#AGL.framework..overview.of.the.proposal.of.IoT.bzh">AGL framework, overview of the proposal of IoT.bzh</a>
- <ul>
- <li><a href="#Foreword">Foreword</a></li>
- <li><a href="#Introduction">Introduction</a></li>
- <li><a href="#Overview">Overview</a></li>
- <li><a href="#Links.between.the..Security.framework..and.the..Application.framework.">Links between the "Security framework" and the "Application framework"</a></li>
- <li><a href="#The.security.framework">The security framework</a></li>
- <li><a href="#The.application.framework">The application framework</a></li>
- </ul>
- </li>
-</ul></p>
-
-<a name="Foreword"></a>
-<h2>Foreword</h2>
-
-<p>This document describes what we intend to do. It may happen that our
-current implementation and the content of this document differ.</p>
-
-<p>In case of differences, it is assumed that this document is right
-and the implementation is wrong.</p>
-
-<a name="Introduction"></a>
-<h2>Introduction</h2>
-
-<p>During the first works in having the security model of Tizen
-integrated in AGL (Automotive Grade Linux) distribution, it became
-quickly obvious that the count of components specific to Tizen
-to integrate was huge.</p>
-
+Author: José Bollo</code></pre>
+<p>TABLE-OF-CONTENT-HERE</p>
+<h2 id="foreword">Foreword</h2>
+<p>This document describes what we intend to do. It may happen that our current implementation and the content of this document differ.</p>
+<p>In case of differences, it is assumed that this document is right and the implementation is wrong.</p>
+<h2 id="introduction">Introduction</h2>
+<p>During the first works in having the security model of Tizen integrated in AGL (Automotive Grade Linux) distribution, it became quickly obvious that the count of components specific to Tizen to integrate was huge.</p>
<p>Here is a minimal list of what was needed:</p>
-
<ul>
<li>platform/appfw/app-installers</li>
<li>platform/core/security/cert-svc</li>
<li>platform/core/appfw/pkgmgr-info</li>
<li>platform/core/appfw/slp-pkgmgr</li>
</ul>
-
-
-<p>But this list is complete because many dependencies are hidden.
-Those hidden dependencies are including some common libraries but also many
-tizen specific sub-components (iniparser, bundle, dlog, libtzplatform-config,
-db-util, vconf-buxton, …).</p>
-
-<p>This is an issue because AGL is not expected to be Tizen. Taking it would
-either need to patch it for removing unwanted components or to take all
-of them.</p>
-
-<p>However, a careful study of the core components of the security framework
-of Tizen showed that their dependencies to Tizen are light (and since some
-of our work, there is no more dependency to tizen).
-Those components are <strong>cynara</strong>, <strong>security-manager</strong>, <strong>D-Bus aware of cynara</strong>.</p>
-
-<p>Luckyly, these core security components of Tizen are provided
-by <a href="https://github.com/01org/meta-intel-iot-security" title="A collection of layers providing security technologies">meta-intel-iot-security</a>, a set of yocto layers.
-These layers were created by Intel to isolate Tizen specific security
-components from the initial port of Tizen to Yocto.
-The 3 layers are providing components for:</p>
-
+<p>But this list is complete because many dependencies are hidden. Those hidden dependencies are including some common libraries but also many tizen specific sub-components (iniparser, bundle, dlog, libtzplatform-config, db-util, vconf-buxton, ...).</p>
+<p>This is an issue because AGL is not expected to be Tizen. Taking it would either need to patch it for removing unwanted components or to take all of them.</p>
+<p>However, a careful study of the core components of the security framework of Tizen showed that their dependencies to Tizen are light (and since some of our work, there is no more dependency to tizen). Those components are <strong>cynara</strong>, <strong>security-manager</strong>, <strong>D-Bus aware of cynara</strong>.</p>
+<p>Luckyly, these core security components of Tizen are provided by <a href="https://github.com/01org/meta-intel-iot-security" title="A collection of layers providing security technologies">meta-intel-iot-security</a>, a set of yocto layers. These layers were created by Intel to isolate Tizen specific security components from the initial port of Tizen to Yocto. The 3 layers are providing components for:</p>
<ul>
<li>Implementing Smack LSM</li>
<li>Implementing Integrity Measurement Architecture</li>
<li>Implementing Tizen Security Framework</li>
</ul>
-
-
<p>The figure below shows the history of these layers.</p>
-
-<pre><code> 2014 2015
+<pre><code> 2014 2015
Tizen OBS ----------+--------------------------->
- \
- \
- Tizen Yocto +---------+-------------->
- \
- \
- meta-intel-iot-security +----------->
-</code></pre>
-
-<p>We took the decision to use these security layers that provides the
-basis of the Tizen security, the security framework.</p>
-
-<p>For the components of the application framework, built top of
-the security framework, instead of pulling the huge set of packages
-from Tizen, we decided to refit it by developping a tiny set of
-components that would implement the same behaviour but without all
-the dependencies and with minor architectural improvements for AGL.</p>
-
-<p>These components are <strong>afm-system-daemon</strong> and <strong>afm-user-daemon</strong>.
-They provides infrastructure for installing, uninstalling,
-launching, terminating, stopping and resuming applications in
-a multi user secure environment.</p>
-
-<p>A third component exists in the framework, the binder <strong>afb-daemon</strong>.
-The binder provides the easiest way to provide secured API for
-any tier. Currently, the use of the binder is not absolutely mandatory.</p>
-
-<p>This documentation explains the framework created by IoT.bzh
-by rewriting the Tizen Application Framework. Be aware of the
-previous foreword.</p>
-
-<a name="Overview"></a>
-<h2>Overview</h2>
-
-<p>The figure below shows the major components of the framework
-and their interactions going through the following scenario:
-APPLICATION installs an other application and then launch it.</p>
-
+ \
+ \
+ Tizen Yocto +---------+-------------->
+ \
+ \
+ meta-intel-iot-security +-----------></code></pre>
+<p>We took the decision to use these security layers that provides the basis of the Tizen security, the security framework.</p>
+<p>For the components of the application framework, built top of the security framework, instead of pulling the huge set of packages from Tizen, we decided to refit it by developping a tiny set of components that would implement the same behaviour but without all the dependencies and with minor architectural improvements for AGL.</p>
+<p>These components are <strong>afm-system-daemon</strong> and <strong>afm-user-daemon</strong>. They provides infrastructure for installing, uninstalling, launching, terminating, stopping and resuming applications in a multi user secure environment.</p>
+<p>A third component exists in the framework, the binder <strong>afb-daemon</strong>. The binder provides the easiest way to provide secured API for any tier. Currently, the use of the binder is not absolutely mandatory.</p>
+<p>This documentation explains the framework created by IoT.bzh by rewriting the Tizen Application Framework. Be aware of the previous foreword.</p>
+<h2 id="overview">Overview</h2>
+<p>The figure below shows the major components of the framework and their interactions going through the following scenario: APPLICATION installs an other application and then launch it.</p>
<pre><code>+-----------------------------------------------------------------------+
| User |
| ................................ |
| +---------------------+ +-------------------------+ |
| |
| System |
-+-----------------------------------------------------------------------+
-</code></pre>
-
++-----------------------------------------------------------------------+</code></pre>
<p>Let follow the sequence of calls:</p>
-
-<ol>
+<ol type="1">
<li><p>APPLICATION calls its <strong>binder</strong> to install the OTHER application.</p></li>
-<li><p>The plugin <strong>afm-main-plugin</strong> of the <strong>binder</strong> calls, through
-<strong>D-Bus</strong> system, the system daemon to install the OTHER application.</p></li>
-<li><p>The system <strong>D-Bus</strong> checks wether APPLICATION has the permission
-or not to install applications by calling <strong>CYNARA</strong>.</p></li>
-<li><p>The system <strong>D-Bus</strong> transmits the request to <strong>afm-system-daemon</strong>.</p>
-
-<p><strong>afm-system-daemon</strong> checks the application to install, its
-signatures and rights and install it.</p></li>
-<li><p><strong>afm-system-daemon</strong> calls <strong>SECURITY-MANAGER</strong> for fullfilling
-security context of the installed application.</p></li>
-<li><p><strong>SECURITY-MANAGER</strong> calls <strong>CYNARA</strong> to install initial permissions
-for the application.</p></li>
+<li><p>The plugin <strong>afm-main-plugin</strong> of the <strong>binder</strong> calls, through <strong>D-Bus</strong> system, the system daemon to install the OTHER application.</p></li>
+<li><p>The system <strong>D-Bus</strong> checks wether APPLICATION has the permission or not to install applications by calling <strong>CYNARA</strong>.</p></li>
+<li><p>The system <strong>D-Bus</strong> transmits the request to <strong>afm-system-daemon</strong>.</p></li>
+</ol>
+<p><strong>afm-system-daemon</strong> checks the application to install, its signatures and rights and install it.</p>
+<ol start="5" type="1">
+<li><p><strong>afm-system-daemon</strong> calls <strong>SECURITY-MANAGER</strong> for fullfilling security context of the installed application.</p></li>
+<li><p><strong>SECURITY-MANAGER</strong> calls <strong>CYNARA</strong> to install initial permissions for the application.</p></li>
<li><p>APPLICATION call its binder to start the nearly installed OTHER application.</p></li>
-<li><p>The plugin <strong>afm-main-plugin</strong> of the <strong>binder</strong> calls, through
-<strong>D-Bus</strong> session, the user daemon to launch the OTHER application.</p></li>
-<li><p>The session <strong>D-Bus</strong> checks wether APPLICATION has the permission
-or not to start an application by calling <strong>CYNARA</strong>.</p></li>
+<li><p>The plugin <strong>afm-main-plugin</strong> of the <strong>binder</strong> calls, through <strong>D-Bus</strong> session, the user daemon to launch the OTHER application.</p></li>
+<li><p>The session <strong>D-Bus</strong> checks wether APPLICATION has the permission or not to start an application by calling <strong>CYNARA</strong>.</p></li>
<li><p>The session <strong>D-Bus</strong> transmits the request to <strong>afm-user-daemon</strong>.</p></li>
-<li><p><strong>afm-user-daemon</strong> checks wether APPLICATION has the permission
-or not to start the OTHER application <strong>CYNARA</strong>.</p></li>
-<li><p><strong>afm-user-daemon</strong> uses <strong>SECURITY-MANAGER</strong> features to set
-the seciruty context for the OTHER application.</p></li>
+<li><p><strong>afm-user-daemon</strong> checks wether APPLICATION has the permission or not to start the OTHER application <strong>CYNARA</strong>.</p></li>
+<li><p><strong>afm-user-daemon</strong> uses <strong>SECURITY-MANAGER</strong> features to set the seciruty context for the OTHER application.</p></li>
<li><p><strong>afm-user-daemon</strong> launches the OTHER application.</p></li>
</ol>
-
-
-<p>This scenario does not cover all the features of the frameworks.
-Shortly because details will be revealed in the next chapters,
-the components are:</p>
-
+<p>This scenario does not cover all the features of the frameworks. Shortly because details will be revealed in the next chapters, the components are:</p>
<ul>
-<li><p><strong><em>SECURITY-MANAGER</em></strong>: in charge of setting Smack contexts and rules,
-of setting groups, and, of creating initial content of <em>CYNARA</em> rules
-for applications.</p></li>
-<li><p><strong><em>CYNARA</em></strong>: in charge of handling API access permissions by users and by
-applications.</p></li>
-<li><p><strong><em>D-Bus</em></strong>: in charge of checking security of messaging. The usual D-Bus
-security rules are enhanced by <em>CYNARA</em> checking rules.</p></li>
+<li><p><strong><em>SECURITY-MANAGER</em></strong>: in charge of setting Smack contexts and rules, of setting groups, and, of creating initial content of <em>CYNARA</em> rules for applications.</p></li>
+<li><p><strong><em>CYNARA</em></strong>: in charge of handling API access permissions by users and by applications.</p></li>
+<li><p><strong><em>D-Bus</em></strong>: in charge of checking security of messaging. The usual D-Bus security rules are enhanced by <em>CYNARA</em> checking rules.</p></li>
<li><p><strong><em>afm-system-daemon</em></strong>: in charge of installing and uninstalling applications.</p></li>
-<li><p><strong><em>afm-user-daemon</em></strong>: in charge of listing applications, querying application details,
-starting, terminating, stopping, resuming applications and their instances
-for a given user context.</p></li>
-<li><p><strong><em>afb-binder</em></strong>: in charge of serving resources and features through an
-HTTP interface.</p></li>
-<li><p><strong><em>afm-main-plugin</em></strong>: This plugin allows applications to use the API
-of the AGL framework.</p></li>
+<li><p><strong><em>afm-user-daemon</em></strong>: in charge of listing applications, querying application details, starting, terminating, stopping, resuming applications and their instances for a given user context.</p></li>
+<li><p><strong><em>afb-binder</em></strong>: in charge of serving resources and features through an HTTP interface.</p></li>
+<li><p><strong><em>afm-main-plugin</em></strong>: This plugin allows applications to use the API of the AGL framework.</p></li>
</ul>
-
-
-<a name="Links.between.the..Security.framework..and.the..Application.framework."></a>
-<h2>Links between the “Security framework” and the “Application framework”</h2>
-
-<p>The security framework refers to the security model used to ensure
-security and to the tools that are provided for implementing that model.</p>
-
-<p>The security model refers to how DAC (Discretionnary Access Control),
-MAC (Mandatory Access Control) and Capabilities are used by the system
-to ensure security and privacy. It also includes features of reporting
-using audit features and by managing logs and alerts.</p>
-
-<p>The application framework manages the applications:
-installing, uninstalling, starting, stopping, listing …</p>
-
-<p>The application framework uses the security model/framework
-to ensure the security and the privacy of the applications that
-it manages.</p>
-
-<p>The application framework must be compliant with the underlyiong
-security model/framework. But it should hide it to the applications.</p>
-
-<a name="The.security.framework"></a>
-<h2>The security framework</h2>
-
-<p>The implemented security model is the security model of Tizen 3.
-This model is described <a href="https://wiki.tizen.org/wiki/Security/Tizen_3.X_Overview" title="Tizen 3 security overview">here</a>.</p>
-
-<p>The security framework then comes from Tizen 3 but through
-the <a href="https://github.com/01org/meta-intel-iot-security" title="A collection of layers providing security technologies">meta-intel</a>.
-It includes: <strong>Security-Manager</strong>, <strong>Cynara</strong>
-and <strong>D-Bus</strong> compliant to Cynara.</p>
-
-<p>Two patches are applied to the security-manager. These patches are removing
-dependencies to packages specific of Tizen but that are not needed by AGL.
-None of these patches adds or removes any behaviour.</p>
-
-<p><strong>Theoritically, the security framework/model is an implementation details
-that should not impact the layers above the application framework</strong>.</p>
-
-<p>The security framework of Tizen provides “nice lad” a valuable component to
-scan log files and analyse auditing. This component is still in developement.</p>
-
-<a name="The.application.framework"></a>
-<h2>The application framework</h2>
-
-<p>The application framework on top of the security framework
-provides the components to install and uninstall applications
-and to run it in a secured environment.</p>
-
-<p>The goal is to manage applications and to hide the details of
-the security framework to the applications.</p>
-
-<p>For the reasons explained in introduction, we did not used the
-application framework of Tizen as is but used an adaptation of it.</p>
-
-<p>The basis is kept identical: the applications are distributed
-in a digitally signed container that must match the specifications
-of widgets (web applications). This is described by the technical
-recomendations <a href="http://www.w3.org/TR/widgets" title="Packaged Web Apps">widgets</a> and <a href="http://www.w3.org/TR/widgets-digsig" title="XML Digital Signatures for Widgets">widgets-digsig</a> of the W3 consortium.</p>
-
+<h2 id="links-between-the-security-framework-and-the-application-framework">Links between the "Security framework" and the "Application framework"</h2>
+<p>The security framework refers to the security model used to ensure security and to the tools that are provided for implementing that model.</p>
+<p>The security model refers to how DAC (Discretionnary Access Control), MAC (Mandatory Access Control) and Capabilities are used by the system to ensure security and privacy. It also includes features of reporting using audit features and by managing logs and alerts.</p>
+<p>The application framework manages the applications: installing, uninstalling, starting, stopping, listing ...</p>
+<p>The application framework uses the security model/framework to ensure the security and the privacy of the applications that it manages.</p>
+<p>The application framework must be compliant with the underlyiong security model/framework. But it should hide it to the applications.</p>
+<h2 id="the-security-framework">The security framework</h2>
+<p>The implemented security model is the security model of Tizen 3. This model is described <a href="https://wiki.tizen.org/wiki/Security/Tizen_3.X_Overview" title="Tizen 3 security overview">here</a>.</p>
+<p>The security framework then comes from Tizen 3 but through the <a href="https://github.com/01org/meta-intel-iot-security" title="A collection of layers providing security technologies">meta-intel</a>. It includes: <strong>Security-Manager</strong>, <strong>Cynara</strong> and <strong>D-Bus</strong> compliant to Cynara.</p>
+<p>Two patches are applied to the security-manager. These patches are removing dependencies to packages specific of Tizen but that are not needed by AGL. None of these patches adds or removes any behaviour.</p>
+<p><strong>Theoritically, the security framework/model is an implementation details that should not impact the layers above the application framework</strong>.</p>
+<p>The security framework of Tizen provides "nice lad" a valuable component to scan log files and analyse auditing. This component is still in developement.</p>
+<h2 id="the-application-framework">The application framework</h2>
+<p>The application framework on top of the security framework provides the components to install and uninstall applications and to run it in a secured environment.</p>
+<p>The goal is to manage applications and to hide the details of the security framework to the applications.</p>
+<p>For the reasons explained in introduction, we did not used the application framework of Tizen as is but used an adaptation of it.</p>
+<p>The basis is kept identical: the applications are distributed in a digitally signed container that must match the specifications of widgets (web applications). This is described by the technical recomendations <a href="http://www.w3.org/TR/widgets" title="Packaged Web Apps">widgets</a> and <a href="http://www.w3.org/TR/widgets-digsig" title="XML Digital Signatures for Widgets">widgets-digsig</a> of the W3 consortium.</p>
<p>This model allows the distribution of HTML, QML and binary applications.</p>
-
-<p>The management of signatures of the widget packages
-This basis is not meant as being rigid and it can be extended in the
-futur to include for example incremental delivery.</p>
+<p>The management of signatures of the widget packages This basis is not meant as being rigid and it can be extended in the futur to include for example incremental delivery.</p>
</body>
</html>
<!DOCTYPE html>
<html>
<head>
-<meta charset="utf-8">
-<meta name="viewport" content="width=device-width, initial-scale=1.0">
-<title>quick-tutorial</title>
-<link rel="stylesheet" href="https://stackedit.io/res-min/themes/base.css" />
-<script type="text/javascript" src="https://cdn.mathjax.org/mathjax/latest/MathJax.js?config=TeX-AMS_HTML"></script>
+ <meta charset="utf-8">
+ <meta name="generator" content="pandoc">
+ <meta name="viewport" content="width=device-width, initial-scale=1.0, user-scalable=yes">
+ <meta name="author" content="Stephane Desneux">
+ <title>AGL Application Framework: A Quick Tutorial</title>
+ <style type="text/css">code{white-space: pre;}</style>
+ <!--[if lt IE 9]>
+ <script src="http://html5shim.googlecode.com/svn/trunk/html5.js"></script>
+ <![endif]-->
+ <link rel="stylesheet" href="doc.css">
</head>
-<body><div class="container"><h1 id="agl-application-framework-a-quick-tutorial">AGL Application Framework: A Quick Tutorial</h1>
-
-<p><div class="toc">
+<body>
+<header>
+<h1 class="title">AGL Application Framework: A Quick Tutorial</h1>
+<h2 class="author">Stephane Desneux</h2>
+<h3 class="date">09 juin 2016</h3>
+</header>
+<nav id="TOC">
<ul>
<li><a href="#agl-application-framework-a-quick-tutorial">AGL Application Framework: A Quick Tutorial</a><ul>
<li><a href="#introduction">Introduction</a></li>
<li><a href="#check-running-applications">Check running applications</a></li>
<li><a href="#stop-application">Stop application</a></li>
<li><a href="#uninstall-application">Uninstall application</a></li>
-</ul>
-</li>
-<li><a href="#afm-client-a-sample-html5-homescreen">afm-client: a sample HTML5 ‘Homescreen’</a><ul>
+</ul></li>
+<li><a href="#afm-client-a-sample-html5-homescreen">afm-client: a sample HTML5 'Homescreen'</a><ul>
<li><a href="#installing-an-application">Installing an application</a></li>
<li><a href="#running-an-application">Running an application</a></li>
<li><a href="#stopping-an-application">Stopping an application</a></li>
<li><a href="#uninstalling-an-application">Uninstalling an application</a></li>
-</ul>
-</li>
+</ul></li>
<li><a href="#afb-client-a-template-for-angular-applications">afb-client: a template for Angular Applications</a></li>
+</ul></li>
</ul>
-</li>
-</ul>
-</div>
-</p>
-
-
-
+</nav>
+<h1 id="agl-application-framework-a-quick-tutorial">AGL Application Framework: A Quick Tutorial</h1>
+<p>[TOC]</p>
<h2 id="introduction">Introduction</h2>
-
-<p>This document proposes a quick tutorial to demonstrate the major functionnalities of the AGL Application Framework. For more complete information, please refer to the inline documentation available in the main git repository: <br>
-<a href="https://gerrit.automotivelinux.org/gerrit/#/admin/projects/src/app-framework-main">https://gerrit.automotivelinux.org/gerrit/#/admin/projects/src/app-framework-main</a> <br>
-<a href="https://gerrit.automotivelinux.org/gerrit/#/admin/projects/src/app-framework-binder">https://gerrit.automotivelinux.org/gerrit/#/admin/projects/src/app-framework-binder</a></p>
-
-<p>For more information on AGL, please visit: <br>
-<a href="https://www.automotivelinux.org/">https://www.automotivelinux.org/</a></p>
-
-<hr>
-
-
-
+<p>This document proposes a quick tutorial to demonstrate the major functionnalities of the AGL Application Framework. For more complete information, please refer to the inline documentation available in the main git repository: https://gerrit.automotivelinux.org/gerrit/#/admin/projects/src/app-framework-main https://gerrit.automotivelinux.org/gerrit/#/admin/projects/src/app-framework-binder</p>
+<p>For more information on AGL, please visit: https://www.automotivelinux.org/</p>
+<hr />
<h2 id="sample-applications">Sample applications</h2>
-
-<p>4 sample applications (.wgt files) are prebuilt and available at the following address: <br>
-<a href="https://github.com/iotbzh/afm-widget-examples">https://github.com/iotbzh/afm-widget-examples</a></p>
-
+<p>4 sample applications (.wgt files) are prebuilt and available at the following address: https://github.com/iotbzh/afm-widget-examples</p>
<p>You can get them by cloning this git repository on your desktop (will be useful later in this tutorial):</p>
-
-
-
-<pre class="prettyprint"><code class=" hljs ruby"><span class="hljs-variable">$ </span>git clone <span class="hljs-symbol">https:</span>/<span class="hljs-regexp">/github.com/iotbzh</span><span class="hljs-regexp">/afm-widget-examples</span></code></pre>
-
-
-
+<pre><code>$ git clone https://github.com/iotbzh/afm-widget-examples</code></pre>
<h2 id="using-the-cli-tool">Using the CLI tool</h2>
-
-
-
<h3 id="setup-environment">Setup Environment</h3>
-
<p>Connect your AGL target board to the network and copy some sample widgets on it through SSH (set BOARDIP with your board IP address) :</p>
-
-
-
-<pre class="prettyprint"><code class=" hljs ruby"><span class="hljs-variable">$ </span>cd afm-widget-examples
-<span class="hljs-variable">$ </span><span class="hljs-constant">BOARDIP</span>=<span class="hljs-number">1.2</span>.<span class="hljs-number">3.4</span>
-<span class="hljs-variable">$ </span>scp *.wgt root@<span class="hljs-variable">$BOARDIP</span><span class="hljs-symbol">:~/</span></code></pre>
-
+<pre><code>$ cd afm-widget-examples
+$ BOARDIP=1.2.3.4
+$ scp *.wgt root@$BOARDIP:~/</code></pre>
<p>Connect through SSH on the target board and check for Application Framework daemons:</p>
-
<pre><code>$ ssh root@$BOARDIP
root@porter:~# ps -ef|grep bin/afm
afm 409 1 0 13:00 ? 00:00:00 /usr/bin/afm-system-daemon
root 505 499 0 13:01 ? 00:00:00 /usr/bin/afm-user-daemon
-root 596 550 0 13:22 pts/0 00:00:00 grep afm
-</code></pre>
-
-<p>We can see that there are two daemons running: <br>
-* <strong>afm-system-daemon</strong> runs with a system user ‘afm’ and is responsible for installing/uninstalling packages <br>
-* <strong>afm-user-daemon</strong> runs as a user daemon (currently as root because it’s the only real user on the target board) and is responsible for the whole lifecycle of the applications running inside the user session.</p>
-
-<p>The application framework has a tool running on the Command Line Interface (CLI). Using the <strong>afm-util</strong> command, you can install, uninstall, list, run, stop … applications. </p>
-
-<p>To begin, run ‘<strong>afm-util help</strong>’ to get a quick help on commands:</p>
-
+root 596 550 0 13:22 pts/0 00:00:00 grep afm</code></pre>
+<p>We can see that there are two daemons running: * <strong>afm-system-daemon</strong> runs with a system user 'afm' and is responsible for installing/uninstalling packages * <strong>afm-user-daemon</strong> runs as a user daemon (currently as root because it's the only real user on the target board) and is responsible for the whole lifecycle of the applications running inside the user session.</p>
+<p>The application framework has a tool running on the Command Line Interface (CLI). Using the <strong>afm-util</strong> command, you can install, uninstall, list, run, stop ... applications.</p>
+<p>To begin, run '<strong>afm-util help</strong>' to get a quick help on commands:</p>
<pre><code>root@porter:~# afm-util help
usage: afm-util command [arg]
continue rid continue the previously rid
status rid
- state rid get status of the running instance rid
-</code></pre>
-
-
-
+ state rid get status of the running instance rid</code></pre>
<h3 id="install-an-application">Install an application</h3>
-
<p>You can then install your first application:</p>
-
<pre><code>root@porter:~# afm-util install /home/root/annex.wgt
-{ "added": "webapps-annex@0.0" }
-</code></pre>
-
-<p>Let’s install a second application:</p>
-
+{ "added": "webapps-annex@0.0" }</code></pre>
+<p>Let's install a second application:</p>
<pre><code>root@porter:~# afm-util install /home/root/memory-match.wgt
-{ "added": "webapps-memory-match@1.1" }
-</code></pre>
-
+{ "added": "webapps-memory-match@1.1" }</code></pre>
<p>Note that usually, <strong>afm-util</strong> will return a <strong>JSON result</strong>, which is the common format for messages returned by the Application Framework daemons.</p>
-
-
-
<h3 id="list-installed-applications">List installed applications</h3>
-
<p>You can then list all installed applications:</p>
-
<pre><code>root@porter:~# afm-util list
-[ { "id": "webapps-annex@0.0", "version": "0.0.10", "width": 0, "height": 0, "name": "Annex", "description": "Reversi\/Othello", "shortname": "", "author": "Todd Brandt <todd.e.brandt@intel.com>" },
- { "id": "webapps-memory-match@1.1", "version": "1.1.7", "width": 0, "height": 0, "name": "MemoryMatch", "description": "Memory match", "shortname": "", "author": "Todd Brandt <todd.e.brandt@intel.com>" } ]
-</code></pre>
-
+[ { "id": "webapps-annex@0.0", "version": "0.0.10", "width": 0, "height": 0, "name": "Annex", "description": "Reversi\/Othello", "shortname": "", "author": "Todd Brandt <todd.e.brandt@intel.com>" },
+ { "id": "webapps-memory-match@1.1", "version": "1.1.7", "width": 0, "height": 0, "name": "MemoryMatch", "description": "Memory match", "shortname": "", "author": "Todd Brandt <todd.e.brandt@intel.com>" } ]</code></pre>
<p>Here, we can see the two previously installed applications.</p>
-
-
-
<h3 id="get-information-about-an-application">Get information about an application</h3>
-
-<p>Let’s get some details about the first application:</p>
-
+<p>Let's get some details about the first application:</p>
<pre><code>root@porter:~# afm-util info webapps-annex@0.0
-{ "id": "webapps-annex@0.0", "version": "0.0.10", "width": 0, "height": 0, "name": "Annex", "description": "Reversi\/Othello", "shortname": "", "author": "Todd Brandt <todd.e.brandt@intel.com>" }
-</code></pre>
-
-<p>Note that AGL applications are mostly handled by afm-util through their IDs. In our example, the application ID is ‘webapps-annex@0.0’.</p>
-
-
-
+{ "id": "webapps-annex@0.0", "version": "0.0.10", "width": 0, "height": 0, "name": "Annex", "description": "Reversi\/Othello", "shortname": "", "author": "Todd Brandt <todd.e.brandt@intel.com>" }</code></pre>
+<p>Note that AGL applications are mostly handled by afm-util through their IDs. In our example, the application ID is 'webapps-annex@0.0'.</p>
<h3 id="start-application">Start application</h3>
-
-<p>Let’s start the first application Annex:</p>
-
+<p>Let's start the first application Annex:</p>
<pre><code>root@porter:~# afm-util start webapps-annex@0.0
-1
-</code></pre>
-
+1</code></pre>
<p>As the application is a HTML5 game, you should then get a webview running with QML on the board display.</p>
-
-
-
<h3 id="security-context">Security Context</h3>
-
<p>The application has been started in the user session, with a dedicated security context, enforced by SMACK. To illustrate this, we can take a look at the running processes and their respective SMACK labels:</p>
-
<pre><code>root@porter:~# ps -efZ |grep webapps-annex | grep -v grep
User::App::webapps-annex root 716 491 0 13:19 ? 00:00:00 /usr/bin/afb-daemon --mode=local --readyfd=8 --alias=/icons /usr/share/afm/icons --port=12348 --rootdir=/usr/share/afm/applications/webapps-annex/0.0 --token=7D6D2F16 --sessiondir=/home/root/app-data/webapps-annex/.afb-daemon
-User::App::webapps-annex root 717 491 0 13:19 ? 00:00:00 /usr/bin/qt5/qmlscene http://localhost:12348/index.html?token=7D6D2F16 /usr/bin/web-runtime-webkit.qml
-</code></pre>
-
-<p>In the previous result, we see that the application is composed of two processes: <br>
-* the application binder (afb-daemon) <br>
-* the application UI (qmlscene …)</p>
-
-<p>While most system processes run with the label ‘System’, we see that the application runs with a specific SMACK label ‘User::App::webapps-annex’: this label is used to force the application to follow a Mandatory Access Control (MAC) scheme. This means that those processes run in their own security context, isolated from the rest of the system (and other applications). Global security rules can then be applied to restrict access to all other user or system resources.</p>
-
-
-
+User::App::webapps-annex root 717 491 0 13:19 ? 00:00:00 /usr/bin/qt5/qmlscene http://localhost:12348/index.html?token=7D6D2F16 /usr/bin/web-runtime-webkit.qml</code></pre>
+<p>In the previous result, we see that the application is composed of two processes: * the application binder (afb-daemon) * the application UI (qmlscene ...)</p>
+<p>While most system processes run with the label 'System', we see that the application runs with a specific SMACK label 'User::App::webapps-annex': this label is used to force the application to follow a Mandatory Access Control (MAC) scheme. This means that those processes run in their own security context, isolated from the rest of the system (and other applications). Global security rules can then be applied to restrict access to all other user or system resources.</p>
<h3 id="check-running-applications">Check running applications</h3>
-
<p>To check for running applications, just run:</p>
-
<pre><code>root@porter:~# afm-util ps
-[ { "runid": 1, "state": "running", "id": "webapps-annex@0.0" } ]
-</code></pre>
-
-<p>The ‘runid’ is the application instance ID and is used as an argument for the subcommands controlling the application runtime state (kill/stop/resume/status)</p>
-
-
-
+[ { "runid": 1, "state": "running", "id": "webapps-annex@0.0" } ]</code></pre>
+<p>The 'runid' is the application instance ID and is used as an argument for the subcommands controlling the application runtime state (kill/stop/resume/status)</p>
<h3 id="stop-application">Stop application</h3>
-
<p>To stop the application that was just started (the one with RUNID 1), just run the stop command:</p>
-
<pre><code>root@porter:~# afm-util terminate 1
-true
-</code></pre>
-
+true</code></pre>
<p>The application is now stopped, as confirmed by a list of running apps:</p>
-
<pre><code>root@porter:~# afm-util ps
-[ ]
-</code></pre>
-
-
-
+[ ]</code></pre>
<h3 id="uninstall-application">Uninstall application</h3>
-
<p>To uninstall an application, simply use its ID:</p>
-
<pre><code>root@porter:~# afm-util uninstall webapps-annex@0.0
-true
-</code></pre>
-
+true</code></pre>
<p>Then list the installed apps to confirm the removal:</p>
-
<pre><code>root@porter:~# afm-util list
-[ { "id": "webapps-memory-match@1.1", "version": "1.1.7", "width": 0, "height": 0, "name": "MemoryMatch", "description": "Memory match", "shortname": "", "author": "Todd Brandt <todd.e.brandt@intel.com>" } ]
-</code></pre>
-
-
-
-<h2 id="afm-client-a-sample-html5-homescreen">afm-client: a sample HTML5 ‘Homescreen’</h2>
-
+[ { "id": "webapps-memory-match@1.1", "version": "1.1.7", "width": 0, "height": 0, "name": "MemoryMatch", "description": "Memory match", "shortname": "", "author": "Todd Brandt <todd.e.brandt@intel.com>" } ]</code></pre>
+<h2 id="afm-client-a-sample-html5-homescreen">afm-client: a sample HTML5 'Homescreen'</h2>
<p><strong>afm-client</strong> is a HTML5 UI that allows to install/uninstall applications as well as starting/stopping them as already demonstrated with afm-util.</p>
-
-<p>The HTML5 UI is accessible remotely through this URL: <br>
-<a href="http://[board_ip]:1234/opa?token=132456789">http://[board_ip]:1234/opa?token=132456789</a></p>
-
-
-
+<p>The HTML5 UI is accessible remotely through this URL: http://[board_ip]:1234/opa?token=132456789</p>
<h3 id="installing-an-application">Installing an application</h3>
-
-<p>By clicking on the ‘<strong>Upload</strong>’ button on the right, you can send an application package (WGT file) and install it. Select for example the file ‘<strong>rabbit.wgt</strong>’ that was cloned initially from the git repository afm-widget-examples.</p>
-
-<p>Then a popup requester ask for a confirmation: ‘Upload Application rabbit.wgt ?’. Click on the ‘<strong>Install</strong>’ button.</p>
-
+<p>By clicking on the '<strong>Upload</strong>' button on the right, you can send an application package (WGT file) and install it. Select for example the file '<strong>rabbit.wgt</strong>' that was cloned initially from the git repository afm-widget-examples.</p>
+<p>Then a popup requester ask for a confirmation: 'Upload Application rabbit.wgt ?'. Click on the '<strong>Install</strong>' button.</p>
<p>You should then see some changes in the toolbar: a new icon appeared, representing the freshly installed application.</p>
-
-
-
<h3 id="running-an-application">Running an application</h3>
-
-<p>In the toolbar, click on the button representing the Rabbit application. You’ll get a popup asking to: <br>
-* start the application <br>
-* or get some info about it <br>
-* or uninstall it</p>
-
-<p>Click on the ‘start’ item: the application starts and should be visible as a webview on the target board display. Note that at this point, we could also run the application remotely, that is in the same browser as the Homescreen app. By default, the application framework is configured to run applications ‘locally’ on the board display.</p>
-
-
-
+<p>In the toolbar, click on the button representing the Rabbit application. You'll get a popup asking to: * start the application * or get some info about it * or uninstall it</p>
+<p>Click on the 'start' item: the application starts and should be visible as a webview on the target board display. Note that at this point, we could also run the application remotely, that is in the same browser as the Homescreen app. By default, the application framework is configured to run applications 'locally' on the board display.</p>
<h3 id="stopping-an-application">Stopping an application</h3>
-
-<p>In the Homescreen application, click again on the Rabbit application button, then select ‘stop’: the application then stops.</p>
-
-
-
+<p>In the Homescreen application, click again on the Rabbit application button, then select 'stop': the application then stops.</p>
<h3 id="uninstalling-an-application">Uninstalling an application</h3>
-
-<p>From the same popup menu, you can select ‘uninstall’ to remove the application from the system. As a consequence, the application icon should disappear from the toolbar.</p>
-
-
-
+<p>From the same popup menu, you can select 'uninstall' to remove the application from the system. As a consequence, the application icon should disappear from the toolbar.</p>
<h2 id="afb-client-a-template-for-angular-applications">afb-client: a template for Angular Applications</h2>
-
-<p>Another package ‘<strong>afb-client</strong>’ is also available for testing. <br>
-This is a sample HTML5 application demonstrating various basic capabilities of the Binder daemon. It can be used by developers as a template to start writing real AGL Applications.</p>
-
+<p>Another package '<strong>afb-client</strong>' is also available for testing. This is a sample HTML5 application demonstrating various basic capabilities of the Binder daemon. It can be used by developers as a template to start writing real AGL Applications.</p>
<p>This application is not available as WGT file yet and it should be started manually without any specific security context:</p>
-
-<pre><code>root@porter:~# /usr/bin/afb-daemon --mode=remote --port=1235 --token='' --sessiondir=/home/root/.afm-daemon --rootdir=/usr/share/agl/afb-client --alias=/icons:/usr/share/afm/icons
-</code></pre>
-
-<p>Then you can access it from a browser: <br>
-<a href="http://[board_ip]:1235/opa/?token=132456789">http://[board_ip]:1235/opa/?token=132456789</a></p>
-
-<p>afb-client is a simple application to demonstrate the built-in capabilities of the binder daemon (handling sessions and security tokens, testing POSTs uploads…) and was used during the application framework development to validate the proposed features.</p></div></body>
-</html>
\ No newline at end of file
+<pre><code>root@porter:~# /usr/bin/afb-daemon --mode=remote --port=1235 --token='' --sessiondir=/home/root/.afm-daemon --rootdir=/usr/share/agl/afb-client --alias=/icons:/usr/share/afm/icons</code></pre>
+<p>Then you can access it from a browser: http://[board_ip]:1235/opa/?token=132456789</p>
+<p>afb-client is a simple application to demonstrate the built-in capabilities of the binder daemon (handling sessions and security tokens, testing POSTs uploads...) and was used during the application framework development to validate the proposed features.</p>
+</body>
+</html>
+<!DOCTYPE html>
<html>
<head>
- <link rel="stylesheet" type="text/css" href="doc.css">
- <meta charset="UTF-8">
+ <meta charset="utf-8">
+ <meta name="generator" content="pandoc">
+ <meta name="viewport" content="width=device-width, initial-scale=1.0, user-scalable=yes">
+ <meta name="author" content="José Bollo">
+ <title>The security framework</title>
+ <style type="text/css">code{white-space: pre;}</style>
+ <!--[if lt IE 9]>
+ <script src="http://html5shim.googlecode.com/svn/trunk/html5.js"></script>
+ <![endif]-->
+ <link rel="stylesheet" href="doc.css">
</head>
<body>
-<a name="The.security.framework"></a>
-<h1>The security framework</h1>
-
+<header>
+<h1 class="title">The security framework</h1>
+<h2 class="author">José Bollo</h2>
+<h3 class="date">29 mai 2016</h3>
+</header>
+<nav id="TOC">
+<ul>
+<li><a href="#the-security-framework">The security framework</a></li>
+<li><a href="#setting-smack-rules-for-the-application">Setting Smack rules for the application</a></li>
+<li><a href="#what-user-can-run-an-application">What user can run an application?</a></li>
+</ul>
+</nav>
+<h1 id="the-security-framework">The security framework</h1>
<pre><code>version: 1
Date: 29 mai 2016
-Author: José Bollo
-</code></pre>
-
-<p><ul>
- <li><a href="#The.security.framework">The security framework</a></li>
- <li><a href="#Setting.Smack.rules.for.the.application">Setting Smack rules for the application</a></li>
- <li><a href="#What.user.can.run.an.application.">What user can run an application?</a></li>
-</ul></p>
-
-<a name="Setting.Smack.rules.for.the.application"></a>
-<h1>Setting Smack rules for the application</h1>
-
+Author: José Bollo</code></pre>
+<p>TABLE-OF-CONTENT-HERE</p>
+<h1 id="setting-smack-rules-for-the-application">Setting Smack rules for the application</h1>
<p>For Tizen, the following rules are set by the security manager for each application.</p>
-
<pre><code>System ~APP~ rwx
System ~PKG~ rwxat
System ~PKG~::RO rwxat
~APP~ User::Home rxl
~APP~ User::App::Shared rwxat
~APP~ ~PKG~ rwxat
-~APP~ ~PKG~::RO rxl
-</code></pre>
-
-<p>Here, ~PKG~ is the identifier of the package and ~APP~ is the identifier of the application.</p>
-
-<a name="What.user.can.run.an.application."></a>
-<h1>What user can run an application?</h1>
-
-<p>Not all user are able to run all applications.
-How to manage that?</p>
+~APP~ ~PKG~::RO rxl</code></pre>
+<p>Here, <sub>PKG</sub> is the identifier of the package and <sub>APP</sub> is the identifier of the application.</p>
+<h1 id="what-user-can-run-an-application">What user can run an application?</h1>
+<p>Not all user are able to run all applications. How to manage that?</p>
</body>
</html>
#!/bin/bash
-# the HTML template
-main='<html>
-<head>
- <link rel="stylesheet" type="text/css" href="doc.css">
- <meta charset="UTF-8">
-</head>
-<body>
-GENERATED-MARKDOWN-HERE
-</body>
-</html>'
-
-# substitute the pattern $1 by the content of the file $2
-subst() {
- awk -v pat="$1" -v rep="$(sed 's:\\:\\\\:g' $2)" '{gsub(pat,rep);gsub(pat,"\\&");print}'
+title() {
+ sed '/^[ \t]*$/d' "$1" |
+ sed '/^===/Q' |
+ sed '/^---/Q' |
+ sed 's/^# //;T;Q' |
+ sed 's/^## //;T;Q' |
+ sed '/^---/Q'
}
-# update the date field of file $1
-updadate() {
- local x=$1
- local t=$(git log -n 1 --format=%ct $x)
- [[ -n "$t" ]] || t=$(stat -c %Y $x)
- local d=$(LANG= date -d @$t +"%d %B %Y")
- sed -i "s/^\( Date: *\).*/\1$d/" $x
+authors() {
+ git log --numstat --format='A %aN' -- "$1" |
+ awk '$1=="A"{sub(/^A /,"");a=$0; s[a]+=0; next}NF==3{s[a]+=($1+0)}END{for(a in s)print s[a]" : "a}' |
+ sort -nr |
+ sed 's/[^:]* : //' |
+ sed '1!s/^/; /' |
+ tr -d '\n'
+}
+
+dateof() {
+ local file="$1"
+ local t=$(git log -n 1 --format=%ct "$file")
+ [[ -n "$t" ]] || t=$(stat -c %Y "$file")
+ LANG= date -d @$t +"%d %B %Y"
}
+meta() {
+ local file="$1"
+ local t=$(title "$file")
+ local a=$(authors "$file")
+ local d=$(dateof "$file")
+ echo "% $t"
+ echo "% $a"
+ echo "% $d"
+ cat "$file"
+}
+
+
# make the html file for $1
mkhtml() {
local x=$1
local h=${x%%.md}.html
- expand -i $x | sed 's:^ : :' > $h.pre
- markdown -f toc,autolink $h.pre > $h.toc.no
- markdown -Tf toc,autolink $h.pre > $h.toc.yes
- head --bytes=-$(stat -c %s $h.toc.no) $h.toc.yes > $h.toc
- echo "$main" |
- subst GENERATED-MARKDOWN-HERE $h.toc.no |
- subst TABLE-OF-CONTENT-HERE $h.toc > $h
- rm $h.*
+ meta "$x" |
+ pandoc --css doc.css -f markdown -t html5 --toc > "$h"
}
# apply
for x in *.md; do
- updadate $x
mkhtml $x
done
+<!DOCTYPE html>
<html>
<head>
- <link rel="stylesheet" type="text/css" href="doc.css">
- <meta charset="UTF-8">
+ <meta charset="utf-8">
+ <meta name="generator" content="pandoc">
+ <meta name="viewport" content="width=device-width, initial-scale=1.0, user-scalable=yes">
+ <meta name="author" content="José Bollo">
+ <meta name="author" content="Fulup Ar Foll">
+ <title>The widgets</title>
+ <style type="text/css">code{white-space: pre;}</style>
+ <!--[if lt IE 9]>
+ <script src="http://html5shim.googlecode.com/svn/trunk/html5.js"></script>
+ <![endif]-->
+ <style type="text/css">
+table.sourceCode, tr.sourceCode, td.lineNumbers, td.sourceCode {
+ margin: 0; padding: 0; vertical-align: baseline; border: none; }
+table.sourceCode { width: 100%; line-height: 100%; }
+td.lineNumbers { text-align: right; padding-right: 4px; padding-left: 4px; color: #aaaaaa; border-right: 1px solid #aaaaaa; }
+td.sourceCode { padding-left: 5px; }
+code > span.kw { color: #007020; font-weight: bold; }
+code > span.dt { color: #902000; }
+code > span.dv { color: #40a070; }
+code > span.bn { color: #40a070; }
+code > span.fl { color: #40a070; }
+code > span.ch { color: #4070a0; }
+code > span.st { color: #4070a0; }
+code > span.co { color: #60a0b0; font-style: italic; }
+code > span.ot { color: #007020; }
+code > span.al { color: #ff0000; font-weight: bold; }
+code > span.fu { color: #06287e; }
+code > span.er { color: #ff0000; font-weight: bold; }
+ </style>
+ <link rel="stylesheet" href="doc.css">
</head>
<body>
-<a name="The.widgets"></a>
-<h1>The widgets</h1>
-
+<header>
+<h1 class="title">The widgets</h1>
+<h2 class="author">José Bollo</h2>
+<h2 class="author">Fulup Ar Foll</h2>
+<h3 class="date">24 juin 2016</h3>
+</header>
+<nav id="TOC">
+<ul>
+<li><a href="#the-widgets">The widgets</a><ul>
+<li><a href="#the-widgets-1">The widgets</a><ul>
+<li><a href="#the-configuration-file-config.xml">The configuration file config.xml</a></li>
+<li><a href="#tools-for-managing-widgets">Tools for managing widgets</a></li>
+<li><a href="#signing-a-widget">Signing a widget</a></li>
+<li><a href="#packing-a-widget">Packing a widget</a></li>
+<li><a href="#getting-data-about-a-widget-file">Getting data about a widget file</a></li>
+</ul></li>
+<li><a href="#writing-a-widget">Writing a widget</a><ul>
+<li><a href="#what-kind-of-application">What kind of application?</a></li>
+<li><a href="#the-steps-for-writing-a-widget">The steps for writing a widget</a></li>
+</ul></li>
+<li><a href="#organization-of-directory-of-applications">Organization of directory of applications</a><ul>
+<li><a href="#directory-where-are-stored-applications">directory where are stored applications</a></li>
+<li><a href="#identity-of-installed-files">Identity of installed files</a></li>
+<li><a href="#labeling-the-directories-of-applications">labeling the directories of applications</a></li>
+</ul></li>
+</ul></li>
+</ul>
+</nav>
+<h1 id="the-widgets">The widgets</h1>
<pre><code>version: 1
Date: 30 mai 2016
-Author: José Bollo
-</code></pre>
-
-<p><ul>
- <li><a href="#The.widgets">The widgets</a>
- <ul>
- <li><a href="#The.widgets">The widgets</a>
- <ul>
- <li><a href="#signature">signature</a></li>
- <li><a href="#directory.where.are.stored.applications">directory where are stored applications</a>
-</li>
- </ul>
- </li>
- </ul>
- </li>
- <li><a href="#Organization.of.directory.of.applications">Organization of directory of applications</a>
- <ul>
- <li><a href="#Identity.of.installed.files">Identity of installed files</a></li>
- <li><a href="#labeling.the.directories.of.applications">labeling the directories of applications</a></li>
- </ul>
- </li>
- <li><a href="#organization.of.data">organization of data</a></li>
-</ul></p>
-
-<a name="The.widgets"></a>
-<h2>The widgets</h2>
-
-<p>The widgets are described by the technical recommendations
-<a href="http://www.w3.org/TR/widgets" title="Packaged Web Apps">widgets</a> and <a href="http://www.w3.org/TR/widgets-digsig" title="XML Digital Signatures for Widgets">widgets-digsig</a>.</p>
-
-<a name="signature"></a>
-<h3>signature</h3>
-
-<p>The application framework</p>
-
-<p>This is the original part of our work here</p>
-
-<a name="directory.where.are.stored.applications"></a>
-<h3>directory where are stored applications</h3>
-
-<p>Applications can be installed in different places: the system itself, extension device.
-On a phone application are typically installed on the sd card.</p>
-
+Author: José Bollo</code></pre>
+<h2 id="the-widgets-1">The widgets</h2>
+<p>The widgets are described by the technical recommendations <a href="http://www.w3.org/TR/widgets" title="Packaged Web Apps">widgets</a> and <a href="http://www.w3.org/TR/widgets-digsig" title="XML Digital Signatures for Widgets">widgets-digsig</a>.</p>
+<p>In summary, <strong>widgets are ZIP files that can be signed and whose content is described by the file <config.xml></strong>.</p>
+<h3 id="the-configuration-file-config.xml">The configuration file config.xml</h3>
+<p>This is one of the important file of the widget. It fully describes the widget.</p>
+<p>Here is the example of the config file for the QML application SmartHome.</p>
+<pre class="sourceCode xml"><code class="sourceCode xml"><span class="kw"><?xml</span> version="1.0" encoding="UTF-8"<span class="kw">?></span>
+<span class="kw"><widget</span><span class="ot"> xmlns=</span><span class="st">"http://www.w3.org/ns/widgets"</span><span class="ot"> id=</span><span class="st">"smarthome"</span><span class="ot"> version=</span><span class="st">"0.1"</span><span class="kw">></span>
+ <span class="kw"><name></span>SmartHome<span class="kw"></name></span>
+ <span class="kw"><icon</span><span class="ot"> src=</span><span class="st">"smarthome.png"</span><span class="kw">/></span>
+ <span class="kw"><content</span><span class="ot"> src=</span><span class="st">"qml/smarthome/smarthome.qml"</span><span class="ot"> type=</span><span class="st">"text/vnd.qt.qml"</span><span class="kw">/></span>
+ <span class="kw"><description></span>This is the Smarthome QML demo application. It shows some user interfaces for controlling an
+automated house. The user interface is completely done with QML.<span class="kw"></description></span>
+ <span class="kw"><author></span>Qt team<span class="kw"></author></span>
+ <span class="kw"><license></span>GPL<span class="kw"></license></span>
+<span class="kw"></widget></span></code></pre>
+<p>The most important items are:</p>
+<ul>
+<li><p><strong><widget id="......"></strong>: gives the id of the widget. It must be unique.</p></li>
+<li><p><strong><widget version="......"></strong>: gives the version of the widget</p></li>
+<li><p><strong><icon src="..."></strong>: gives a path to the icon of the application (can be repeated with different sizes)</p></li>
+<li><p><strong><content src="..." type="..."></strong>: this indicates the entry point and its type. The types handled are set through the file /etc/afm/afm-launch.conf</p></li>
+</ul>
+<p>Further development will add handling of <feature> for requiring and providing permissions and services.</p>
+<h3 id="tools-for-managing-widgets">Tools for managing widgets</h3>
+<p>This project includes tools for managing widgets. These tools are:</p>
+<ul>
+<li><p><strong><em>wgtpkg-info</em></strong>: command line tool to display informations about a widget file.</p></li>
+<li><p><strong><em>wgtpkg-installer</em></strong>: command line tool to install a widget file.</p></li>
+<li><p><strong><em>wgtpkg-pack</em></strong>: command line tool to create a widget file from a widget directory.</p></li>
+<li><p><strong><em>wgtpkg-sign</em></strong>: command line tool to add a signature to a widget directory.</p></li>
+</ul>
+<p>For all these commands, a tiny help is available with options <strong>-h</strong> or <strong>--help</strong>.</p>
+<p>There is no tool for unpacking a widget. For doing such operation, you can use the command <strong>unzip</strong>.</p>
+<p>To list the files of a widget:</p>
+<pre class="sourceCode bash"><code class="sourceCode bash">$ <span class="kw">unzip</span> -l WIDGET</code></pre>
+<p>To extract a widget in some directory:</p>
+<pre class="sourceCode bash"><code class="sourceCode bash">$ <span class="kw">unzip</span> WIDGET -d DIRECTORY</code></pre>
+<p><em>Note that DIRECTORY will be created if needed</em>.</p>
+<h3 id="signing-a-widget">Signing a widget</h3>
+<p>To sign a widget, you need a private key and its certificate.</p>
+<p>The tool <strong>wgtpkg-sign</strong> creates or replace a signature file in the directory of the widget BEFORE its packaging.</p>
+<p>There are two types of signature files: author and distributor.</p>
+<p>Example 1: add an author signature</p>
+<pre class="sourceCode bash"><code class="sourceCode bash">$ <span class="kw">wgtpkg-sign</span> -a -k me.key.pem -c me.cert.pem DIRECTORY</code></pre>
+<p>Example 2: add a distributor signature</p>
+<pre class="sourceCode bash"><code class="sourceCode bash">$ <span class="kw">wgtpkg-sign</span> -k authority.key.pem -c authority.cert.pem DIRECTORY</code></pre>
+<h3 id="packing-a-widget">Packing a widget</h3>
+<p>This operation can be done using the command <strong>zip</strong> but we provide the tool <strong>wgtpkg-pack</strong> that may add checking.</p>
+<p>Example:</p>
+<pre class="sourceCode bash"><code class="sourceCode bash">$ <span class="kw">wgtpkg-pack</span> DIRECTORY -o file.wgt</code></pre>
+<h3 id="getting-data-about-a-widget-file">Getting data about a widget file</h3>
+<p>The command <strong>wgtpkg-info</strong> opens a widget file, reads its <strong>config.xml</strong> file and displays its content in a human readable way.</p>
+<h2 id="writing-a-widget">Writing a widget</h2>
+<h3 id="what-kind-of-application">What kind of application?</h3>
+<p>The file <strong>/etc/afm/afm-launch.conf</strong> explain how to launch applications. (It is the current state that use afm-user-daemon. In a future, it may be replace by systemd features.)</p>
+<p>Currently the applications that can be run are:</p>
+<ul>
+<li><p>binary applications: their type is <strong><em>application/x-executable</em></strong></p></li>
+<li><p>HTML5 applications: their type is <strong><em>text/html</em></strong></p></li>
+<li><p>QML applications: their type is <strong><em>text/vnd.qt.qml</em></strong></p></li>
+</ul>
+<h3 id="the-steps-for-writing-a-widget">The steps for writing a widget</h3>
+<ol type="1">
+<li><p>make your application</p></li>
+<li><p>create its configuration file <strong>config.xml</strong></p></li>
+<li><p>sign it</p></li>
+<li><p>pack it</p></li>
+</ol>
+<p>Fairly easy, no?</p>
+<h2 id="organization-of-directory-of-applications">Organization of directory of applications</h2>
+<h3 id="directory-where-are-stored-applications">directory where are stored applications</h3>
+<p>Applications can be installed in different places: the system itself, extension device. On a phone application are typically installed on the sd card.</p>
<p>This translates to:</p>
-
<ul>
<li>/usr/applications: system wide applications</li>
<li>/opt/applications: removable applications</li>
</ul>
-
-
-<p>From here those paths are referenced as: “APPDIR”.</p>
-
-<a name="Organization.of.directory.of.applications"></a>
-<h1>Organization of directory of applications</h1>
-
+<p>From here those paths are referenced as: "APPDIR".</p>
<p>The main path for applications is: APPDIR/PKGID/VER.</p>
-
<p>Where:</p>
-
<ul>
<li>APPDIR is as defined above</li>
<li>PKGID is a directory whose name is the package identifier</li>
<li>VER is the version of the package MAJOR.MINOR</li>
</ul>
-
-
-<p>This organization has the advantage to allow several versions to leave together.
-This is needed for some good reasons (rolling back) and also for less good reasons (user habits).</p>
-
-<a name="Identity.of.installed.files"></a>
-<h2>Identity of installed files</h2>
-
-<p>All files are installed as user “userapp” and group “userapp”.
-All files have rw(x) for user and r-(x) for group and others.</p>
-
+<p>This organization has the advantage to allow several versions to leave together. This is needed for some good reasons (rolling back) and also for less good reasons (user habits).</p>
+<h3 id="identity-of-installed-files">Identity of installed files</h3>
+<p>All files are installed as user "afm" and group "afm". All files have rw(x) for user and r-(x) for group and others.</p>
<p>This allows every user to read every file.</p>
-
-<a name="labeling.the.directories.of.applications"></a>
-<h2>labeling the directories of applications</h2>
-
-<a name="organization.of.data"></a>
-<h1>organization of data</h1>
-
-<p>The data of a user are in its directory and are labelled using the labels of the application</p>
+<h3 id="labeling-the-directories-of-applications">labeling the directories of applications</h3>
+<p>The data of a user are in its directory and are labelled by the security-manager using the labels of the application.</p>
</body>
</html>
-
The widgets
===========
Date: 30 mai 2016
Author: José Bollo
-TABLE-OF-CONTENT-HERE
The widgets
-----------
The widgets are described by the technical recommendations
[widgets] and [widgets-digsig].
-### signature
+In summary, **widgets are ZIP files that can be signed and
+whose content is described by the file <config.xml>**.
+
+### The configuration file config.xml
+
+This is one of the important file of the widget.
+It fully describes the widget.
+
+Here is the example of the config file for the QML application SmartHome.
+
+```xml
+<?xml version="1.0" encoding="UTF-8"?>
+<widget xmlns="http://www.w3.org/ns/widgets" id="smarthome" version="0.1">
+ <name>SmartHome</name>
+ <icon src="smarthome.png"/>
+ <content src="qml/smarthome/smarthome.qml" type="text/vnd.qt.qml"/>
+ <description>This is the Smarthome QML demo application. It shows some user interfaces for controlling an
+automated house. The user interface is completely done with QML.</description>
+ <author>Qt team</author>
+ <license>GPL</license>
+</widget>
+```
+
+The most important items are:
+
+- **\<widget id="......"\>**: gives the id of the widget. It must be unique.
+
+- **\<widget version="......"\>**: gives the version of the widget
+
+- **\<icon src="..."\>**: gives a path to the icon of the application
+ (can be repeated with different sizes)
+
+- **\<content src="..." type="..."\>**: this indicates the entry point and its type.
+ The types handled are set through the file /etc/afm/afm-launch.conf
+
+Further development will add handling of <feature> for requiring and providing
+permissions and services.
+
+### Tools for managing widgets
+
+This project includes tools for managing widgets.
+These tools are:
+
+- ***wgtpkg-info***: command line tool to display
+ informations about a widget file.
+
+- ***wgtpkg-installer***: command line tool to
+ install a widget file.
+
+- ***wgtpkg-pack***: command line tool to create
+ a widget file from a widget directory.
+
+- ***wgtpkg-sign***: command line tool to add a signature
+ to a widget directory.
+
+For all these commands, a tiny help is available with
+options **-h** or **--help**.
+
+There is no tool for unpacking a widget. For doing such operation,
+you can use the command **unzip**.
+
+To list the files of a widget:
+
+```bash
+$ unzip -l WIDGET
+```
+
+To extract a widget in some directory:
+
+```bash
+$ unzip WIDGET -d DIRECTORY
+```
+
+*Note that DIRECTORY will be created if needed*.
+
+### Signing a widget
+
+To sign a widget, you need a private key and its certificate.
+
+The tool **wgtpkg-sign** creates or replace a signature file in
+the directory of the widget BEFORE its packaging.
+
+There are two types of signature files: author and distributor.
+
+Example 1: add an author signature
-The application framework
+```bash
+$ wgtpkg-sign -a -k me.key.pem -c me.cert.pem DIRECTORY
+```
-This is the original part of our work here
+Example 2: add a distributor signature
+
+```bash
+$ wgtpkg-sign -k authority.key.pem -c authority.cert.pem DIRECTORY
+```
+
+### Packing a widget
+
+This operation can be done using the command **zip** but
+we provide the tool **wgtpkg-pack** that may add checking.
+
+Example:
+```bash
+$ wgtpkg-pack DIRECTORY -o file.wgt
+```
+
+### Getting data about a widget file
+
+The command **wgtpkg-info** opens a widget file, reads its **config.xml**
+file and displays its content in a human readable way.
+
+Writing a widget
+----------------
+
+### What kind of application?
+
+The file **/etc/afm/afm-launch.conf** explain how to launch applications.
+(It is the current state that use afm-user-daemon. In a future, it may be
+replace by systemd features.)
+
+Currently the applications that can be run are:
+
+- binary applications: their type is ***application/x-executable***
+
+- HTML5 applications: their type is ***text/html***
+
+- QML applications: their type is ***text/vnd.qt.qml***
+
+### The steps for writing a widget
+
+1. make your application
+
+2. create its configuration file **config.xml**
+
+3. sign it
+
+4. pack it
+
+Fairly easy, no?
+
+Organization of directory of applications
+-----------------------------------------
### directory where are stored applications
From here those paths are referenced as: "APPDIR".
-
-Organization of directory of applications
-=========================================
-
The main path for applications is: APPDIR/PKGID/VER.
Where:
This organization has the advantage to allow several versions to leave together.
This is needed for some good reasons (rolling back) and also for less good reasons (user habits).
-Identity of installed files
----------------------------
+### Identity of installed files
-All files are installed as user "userapp" and group "userapp".
+All files are installed as user "afm" and group "afm".
All files have rw(x) for user and r-(x) for group and others.
This allows every user to read every file.
+### labeling the directories of applications
-labeling the directories of applications
------------------------------------------
-
-
-organization of data
-====================
-
-The data of a user are in its directory and are labelled using the labels of the application
+The data of a user are in its directory and are labelled by the security-manager
+using the labels of the application.
[meta-intel]: https://github.com/01org/meta-intel-iot-security "A collection of layers providing security technologies"
[widgets]: http://www.w3.org/TR/widgets "Packaged Web Apps"
Code Review / src / app-framework-main.git / commitdiff