Skip to content

M
meta-nemo
Commit 83011989 authored by Florent Revest's avatar Florent Revest
Browse files
Options

Make sure user services are only run as ceres. Since openssh uses pam login,... 

Make sure user services are only run as ceres. Since openssh uses pam login, ssh root@watchIp would open a new systemd user session and start asteroid-launcher or other services as root
parent 4fab57a8
Hide whitespace changes
Inline Side-by-side
Showing with 61 additions and 34 deletions
recipes-asteroid/asteroid-btsyncd/asteroid-btsyncd_git.bb
View file @ 83011989
...@@ -14,12 +14,15 @@ inherit qmake5 gsettings ...@@ -14,12 +14,15 @@ inherit qmake5 gsettings
DEPENDS += "qtbase glibmm qtmpris statefs-qt timed" DEPENDS += "qtbase glibmm qtmpris statefs-qt timed"
RDEPENDS_${PN} += "glibmm qtmpris" RDEPENDS_${PN} += "glibmm qtmpris"
FILES_${PN} += "/usr/bin/ /usr/lib/systemd/user/ /usr/share/glib-2.0/schemas /usr/share/translations/" FILES_${PN} += "/usr/bin/ /usr/lib/systemd/user/ /usr/share/glib-2.0/schemas /usr/share/translations/ /home/ceres/.config/systemd/user/default.target.wants/"
do_install_append() { do_install_append() {
install -d ${D}/usr/lib/systemd/user/default.target.wants/ install -d ${D}/usr/lib/systemd/user/
install -d ${D}/home/ceres/.config/systemd/user/default.target.wants/
cp ../asteroid-btsyncd.service ${D}/usr/lib/systemd/user/ cp ../asteroid-btsyncd.service ${D}/usr/lib/systemd/user/
ln -s ../asteroid-btsyncd.service ${D}/usr/lib/systemd/user/default.target.wants/asteroid-btsyncd.service if [ ! -f ${D}/home/ceres/.config/systemd/user/default.target.wants/asteroid-btsyncd.service ]; then
ln -s /usr/lib/systemd/user/asteroid-btsyncd.service ${D}/home/ceres/.config/systemd/user/default.target.wants/asteroid-btsyncd.service
fi
lrelease ${S}/i18n/asteroid-btsyncd.*.ts lrelease ${S}/i18n/asteroid-btsyncd.*.ts
install -d ${D}/usr/share/translations/ install -d ${D}/usr/share/translations/
......
recipes-asteroid/asteroid-launcher/asteroid-launcher_git.bb
View file @ 83011989
...@@ -15,7 +15,7 @@ inherit qmake5 ...@@ -15,7 +15,7 @@ inherit qmake5
DEPENDS += "lipstick" DEPENDS += "lipstick"
RDEPENDS_${PN} += "qtdeclarative-qmlplugins qml-asteroid qtwayland-plugins nemo-qml-plugin-time nemo-qml-plugin-contextkit nemo-qml-plugin-configuration asteroid-wallpapers ttf-roboto ttf-raleway ttf-orbitron" RDEPENDS_${PN} += "qtdeclarative-qmlplugins qml-asteroid qtwayland-plugins nemo-qml-plugin-time nemo-qml-plugin-contextkit nemo-qml-plugin-configuration asteroid-wallpapers ttf-roboto ttf-raleway ttf-orbitron"
FILES_${PN} += "/usr/share/asteroid-launcher/ /usr/lib/systemd/user/ /usr/share/translations/" FILES_${PN} += "/usr/share/asteroid-launcher/ /usr/lib/systemd/user/ /usr/share/translations/ /home/ceres/.config/systemd/user/default.target.wants/"
do_install_append() { do_install_append() {
lrelease ${S}/i18n/asteroid-launcher.*.ts lrelease ${S}/i18n/asteroid-launcher.*.ts
...@@ -28,9 +28,10 @@ do_install_append() { ...@@ -28,9 +28,10 @@ do_install_append() {
cp ../qemu.conf ${D}/var/lib/environment/compositor/ cp ../qemu.conf ${D}/var/lib/environment/compositor/
fi fi
install -d ${D}/usr/lib/systemd/user/default.target.wants/ install -d ${D}/usr/lib/systemd/user/
install -d ${D}/home/ceres/.config/systemd/user/default.target.wants/
cp ../asteroid-launcher.service ${D}/usr/lib/systemd/user/ cp ../asteroid-launcher.service ${D}/usr/lib/systemd/user/
if [ ! -f ${D}/usr/lib/systemd/user/default.target.wants/asteroid-launcher.service ]; then if [ ! -f ${D}/home/ceres/.config/systemd/user/default.target.wants/asteroid-launcher.service ]; then
ln -s ../asteroid-launcher.service ${D}/usr/lib/systemd/user/default.target.wants/asteroid-launcher.service ln -s /usr/lib/systemd/user/asteroid-launcher.service ${D}/home/ceres/.config/systemd/user/default.target.wants/asteroid-launcher.service
fi fi
} }
recipes-core/systemd/systemd_%.bbappend
View file @ 83011989
...@@ -14,17 +14,22 @@ do_install_append() { ...@@ -14,17 +14,22 @@ do_install_append() {
install -d ${D}/var/lib/systemd/linger install -d ${D}/var/lib/systemd/linger
touch ${D}/var/lib/systemd/linger/ceres touch ${D}/var/lib/systemd/linger/ceres
sed -i "s@agetty --noclear @agetty --autologin ceres @" ${D}/lib/systemd/system/getty@.service sed -i "s@agetty --noclear @agetty --autologin ceres @" ${D}/lib/systemd/system/getty@.service
# In current systemd versions we have to take care ourselves of the dbus user service, it should be handled in the next versions # In current systemd versions we have to take care ourselves of the dbus user service, it should be handled in the next versions
install -d ${D}/usr/lib/systemd/user/default.target.wants/ install -d ${D}/usr/lib/systemd/user/
install -d ${D}/home/ceres/.config/systemd/user/default.target.wants/
install -m 0644 ${WORKDIR}/dbus.socket ${D}/usr/lib/systemd/user/dbus.socket install -m 0644 ${WORKDIR}/dbus.socket ${D}/usr/lib/systemd/user/dbus.socket
install -m 0644 ${WORKDIR}/dbus.service ${D}/usr/lib/systemd/user/dbus.service install -m 0644 ${WORKDIR}/dbus.service ${D}/usr/lib/systemd/user/dbus.service
ln -s ../dbus.socket ${D}/usr/lib/systemd/user/default.target.wants/dbus.socket if [ ! -f ${D}/home/ceres/.config/systemd/user/default.target.wants/dbus.socket ]; then
ln -s ../dbus.service ${D}/usr/lib/systemd/user/default.target.wants/dbus.service ln -s /usr/lib/systemd/user/dbus.socket ${D}/home/ceres/.config/systemd/user/default.target.wants/dbus.socket
ln -s /usr/lib/systemd/user/dbus.service ${D}/home/ceres/.config/systemd/user/default.target.wants/dbus.service
fi
install -d ${D}/etc/systemd/system/user@.service.d/ install -d ${D}/etc/systemd/system/user@.service.d/
install -m 0644 ${WORKDIR}/dbus.conf ${D}/etc/systemd/system/user@.service.d/dbus.conf install -m 0644 ${WORKDIR}/dbus.conf ${D}/etc/systemd/system/user@.service.d/dbus.conf
} }
FILES_${PN} += "/home/ceres/.config/systemd/user/default.target.wants/"
PACKAGECONFIG_append += "pam" PACKAGECONFIG_append += "pam"
RRECOMMENDS_${PN}_remove = "udev-hwdb" RRECOMMENDS_${PN}_remove = "udev-hwdb"
recipes-nemomobile/buteo/buteo-syncfw_git.bb
View file @ 83011989
...@@ -20,12 +20,14 @@ do_configure_prepend() { ...@@ -20,12 +20,14 @@ do_configure_prepend() {
do_install_append() { do_install_append() {
cp ${WORKDIR}/msyncd.service ${D}/usr/lib/systemd/user/msyncd.service cp ${WORKDIR}/msyncd.service ${D}/usr/lib/systemd/user/msyncd.service
mkdir -p ${D}/usr/lib/systemd/user/default.target.wants install -d ${D}/home/ceres/.config/systemd/user/default.target.wants/
ln -s ../msyncd.service ${D}/usr/lib/systemd/user/default.target.wants/ if [ ! -f ${D}/home/ceres/.config/systemd/user/default.target.wants/msyncd.service ]; then
ln -s /usr/lib/systemd/user/msyncd.service ${D}/home/ceres/.config/systemd/user/default.target.wants/msyncd.service
fi
} }
DEPENDS = "libaccounts-qt5 libsignon-qt5 qtsystems nemo-keepalive" DEPENDS = "libaccounts-qt5 libsignon-qt5 qtsystems nemo-keepalive"
FILES_${PN} += "/usr/share/glib-2.0/schemas /usr/share/accounts/services/ /usr/lib/systemd" FILES_${PN} += "/usr/share/glib-2.0/schemas /usr/share/accounts/services/ /usr/lib/systemd /home/ceres/.config/systemd/user/default.target.wants/"
FILES_${PN}-dev += "/usr/lib/libbuteosyncfw5.prl" FILES_${PN}-dev += "/usr/lib/libbuteosyncfw5.prl"
FILES_${PN}-dbg += "/opt/tests/" FILES_${PN}-dbg += "/opt/tests/"
recipes-nemomobile/mapplauncherd/mapplauncherd-booster-qtcomponents_git.bb
View file @ 83011989
...@@ -23,13 +23,15 @@ do_configure_prepend() { ...@@ -23,13 +23,15 @@ do_configure_prepend() {
} }
do_install_append() { do_install_append() {
install -d ${D}/usr/lib/systemd/user/default.target.wants/ install -d ${D}/home/ceres/.config/systemd/user/default.target.wants/
ln -s ../booster-qtcomponents-qt5.service ${D}/usr/lib/systemd/user/default.target.wants/booster-qtcomponents-qt5.service if [ ! -f ${D}/home/ceres/.config/systemd/user/default.target.wants/booster-qtcomponents-qt5.service ]; then
ln -s /usr/lib/systemd/user/booster-qtcomponents-qt5.service ${D}/home/ceres/.config/systemd/user/default.target.wants/booster-qtcomponents-qt5.service
fi
install -d ${D}/var/lib/environment/mapplauncherd install -d ${D}/var/lib/environment/mapplauncherd
echo "QT_QPA_PLATFORM=wayland-egl" > ${D}/var/lib/environment/mapplauncherd/qtcomponents-qt5.conf echo "QT_QPA_PLATFORM=wayland-egl" > ${D}/var/lib/environment/mapplauncherd/qtcomponents-qt5.conf
echo "QT_IM_MODULE=qtvirtualkeyboard" >> ${D}/var/lib/environment/mapplauncherd/qtcomponents-qt5.conf echo "QT_IM_MODULE=qtvirtualkeyboard" >> ${D}/var/lib/environment/mapplauncherd/qtcomponents-qt5.conf
} }
FILES_${PN} += "/usr/libexec/mapplauncherd/ /usr/lib/systemd/user /usr/share/booster-qtcomponents-qt5" FILES_${PN} += "/usr/libexec/mapplauncherd/ /usr/lib/systemd/user /usr/share/booster-qtcomponents-qt5 /home/ceres/.config/systemd/user/default.target.wants/"
FILES_${PN}-dbg += "/usr/libexec/mapplauncherd/.debug" FILES_${PN}-dbg += "/usr/libexec/mapplauncherd/.debug"
recipes-nemomobile/mapplauncherd/mapplauncherd-qt_git.bb
View file @ 83011989
...@@ -21,10 +21,12 @@ do_configure_prepend() { ...@@ -21,10 +21,12 @@ do_configure_prepend() {
do_install_append() { do_install_append() {
rm ${D}/usr/lib/systemd/user/booster-qt5-signal.service rm ${D}/usr/lib/systemd/user/booster-qt5-signal.service
install -d ${D}/usr/lib/systemd/user/default.target.wants/ install -d ${D}/home/ceres/.config/systemd/user/default.target.wants/
ln -s ../booster-qt5.service ${D}/usr/lib/systemd/user/default.target.wants/booster-qt5.service if [ ! -f ${D}/home/ceres/.config/systemd/user/default.target.wants/booster-qt5.service ]; then
ln -s /usr/lib/systemd/user/booster-qt5.service ${D}/home/ceres/.config/systemd/user/default.target.wants/booster-qt5.service
fi
} }
FILES_${PN} += "/usr/lib/systemd/user /usr/libexec/mapplauncherd" FILES_${PN} += "/usr/lib/systemd/user /usr/libexec/mapplauncherd /home/ceres/.config/systemd/user/default.target.wants/"
FILES_${PN}-dev += "/usr/share/mkspecs/features" FILES_${PN}-dev += "/usr/share/mkspecs/features"
FILES_${PN}-dbg += "/usr/libexec/mapplauncherd/.debug" FILES_${PN}-dbg += "/usr/libexec/mapplauncherd/.debug"
recipes-nemomobile/mapplauncherd/mapplauncherd_git.bb
View file @ 83011989
...@@ -20,10 +20,12 @@ do_configure_prepend() { ...@@ -20,10 +20,12 @@ do_configure_prepend() {
} }
do_install_append() { do_install_append() {
install -d ${D}/usr/lib/systemd/user/default.target.wants/ install -d ${D}/home/ceres/.config/systemd/user/default.target.wants/
ln -s ../booster-generic.service ${D}/usr/lib/systemd/user/default.target.wants/booster-generic.service if [ ! -f ${D}/home/ceres/.config/systemd/user/default.target.wants/booster-generic.service ]; then
ln -s /usr/lib/systemd/user/booster-generic.service ${D}/home/ceres/.config/systemd/user/default.target.wants/booster-generic.service
fi
} }
FILES_${PN} += "/usr/lib/systemd/user /usr/libexec/mapplauncherd/ /usr/lib/libapplauncherd.so" FILES_${PN} += "/usr/lib/systemd/user /usr/libexec/mapplauncherd/ /usr/lib/libapplauncherd.so /home/ceres/.config/systemd/user/default.target.wants/"
FILES_${PN}-dbg += "/usr/libexec/mapplauncherd/.debug" FILES_${PN}-dbg += "/usr/libexec/mapplauncherd/.debug"
FILES_${PN}-dev = "/usr/include/" FILES_${PN}-dev = "/usr/include/"
recipes-nemomobile/ngfd/ngfd_git.bb
View file @ 83011989
...@@ -22,9 +22,12 @@ do_configure_prepend() { ...@@ -22,9 +22,12 @@ do_configure_prepend() {
do_install_append() { do_install_append() {
cp ../ngfd.ini ${D}/usr/share/ngfd/ngfd.ini cp ../ngfd.ini ${D}/usr/share/ngfd/ngfd.ini
install -d ${D}/usr/lib/systemd/user/default.target.wants/ install -d ${D}/usr/lib/systemd/user/
install -d ${D}/home/ceres/.config/systemd/user/default.target.wants/
cp ../ngfd.service ${D}/usr/lib/systemd/user/ cp ../ngfd.service ${D}/usr/lib/systemd/user/
ln -s ../ngfd.service ${D}/usr/lib/systemd/user/default.target.wants/ngfd.service if [ ! -f ${D}/home/ceres/.config/systemd/user/default.target.wants/ngfd.service ]; then
ln -s /usr/lib/systemd/user/ngfd.service ${D}/home/ceres/.config/systemd/user/default.target.wants/ngfd.service
fi
install -d ${D}/usr/share/sounds/ install -d ${D}/usr/share/sounds/
} }
...@@ -32,4 +35,4 @@ do_install_append() { ...@@ -32,4 +35,4 @@ do_install_append() {
inherit autotools pkgconfig inherit autotools pkgconfig
FILES_${PN}-dbg += "/usr/lib/ngf/.debug/" FILES_${PN}-dbg += "/usr/lib/ngf/.debug/"
FILES_${PN} += "/usr/lib/ngf /usr/share/dbus-1 /usr/lib/systemd/ /usr/share/sounds/" FILES_${PN} += "/usr/lib/ngf /usr/share/dbus-1 /usr/lib/systemd/ /usr/share/sounds/ /home/ceres/.config/systemd/user/default.target.wants/"
recipes-nemomobile/statefs/statefs_git.bb
View file @ 83011989
...@@ -31,10 +31,15 @@ do_install_append() { ...@@ -31,10 +31,15 @@ do_install_append() {
install -d ${D}/var/lib/statefs/system install -d ${D}/var/lib/statefs/system
install -d ${D}/lib/systemd/system/multi-user.target.wants/ install -d ${D}/lib/systemd/system/multi-user.target.wants/
install -d ${D}/usr/lib/systemd/user/default.target.wants/ install -d ${D}/usr/lib/systemd/user/
install -d ${D}/home/ceres/.config/systemd/user/default.target.wants/
mv ${D}/usr/lib/systemd/system/statefs-system.service ${D}/lib/systemd/system/statefs-system.service mv ${D}/usr/lib/systemd/system/statefs-system.service ${D}/lib/systemd/system/statefs-system.service
ln -s ../statefs.service ${D}/usr/lib/systemd/user/default.target.wants/statefs.service if [ ! -f ${D}/home/ceres/.config/systemd/user/default.target.wants/statefs.service ]; then
ln -s ../statefs-system.service ${D}/lib/systemd/system/multi-user.target.wants/statefs-system.service ln -s /usr/lib/systemd/user/statefs.service ${D}/home/ceres/.config/systemd/user/default.target.wants/statefs.service
fi
if [ ! -f ${D}/lib/systemd/system/multi-user.target.wants/statefs-system.service ]; then
ln -s /lib/systemd/system/statefs-system.service ${D}/lib/systemd/system/multi-user.target.wants/statefs-system.service
fi
} }
pkg_postinst_${PN}() { pkg_postinst_${PN}() {
...@@ -57,5 +62,5 @@ else ...@@ -57,5 +62,5 @@ else
fi fi
} }
FILES_${PN} += "/lib/systemd/ /usr/lib/systemd /var/lib/statefs/ /etc/sysconfig/statefs/" FILES_${PN} += "/lib/systemd/ /usr/lib/systemd /var/lib/statefs/ /etc/sysconfig/statefs/ /home/ceres/.config/systemd/user/default.target.wants/"
FILES_${PN}-dbg += "/opt/" FILES_${PN}-dbg += "/opt/"
recipes-nemomobile/timed/timed_git.bb
View file @ 83011989
...@@ -22,10 +22,12 @@ do_configure_prepend() { ...@@ -22,10 +22,12 @@ do_configure_prepend() {
} }
do_install_append() { do_install_append() {
install -d ${D}/usr/lib/systemd/user/default.target.wants/ install -d ${D}/home/ceres/.config/systemd/user/default.target.wants/
ln -s ../timed-qt5.service ${D}/usr/lib/systemd/user/default.target.wants/timed-qt5.service if [ ! -f ${D}/home/ceres/.config/systemd/user/default.target.wants/timed-qt5.service ]; then
ln -s /usr/lib/systemd/user/timed-qt5.service ${D}/home/ceres/.config/systemd/user/default.target.wants/timed-qt5.service
fi
install -d ${D}/var/lib/timed/ install -d ${D}/var/lib/timed/
ln -s /usr/share/zoneinfo/Etc/GMT ${D}/var/lib/timed/localtime ln -s /usr/share/zoneinfo/Etc/GMT ${D}/var/lib/timed/localtime
cp ${WORKDIR}/timed-qt5.conf ${D}/etc/dbus-1/system.d/ cp ${WORKDIR}/timed-qt5.conf ${D}/etc/dbus-1/system.d/
} }
...@@ -40,7 +42,7 @@ fi ...@@ -40,7 +42,7 @@ fi
DEPENDS += "pcre systemd tzdata libiodata-native libiodata statefs-qt qtbase tzdata-timed" DEPENDS += "pcre systemd tzdata libiodata-native libiodata statefs-qt qtbase tzdata-timed"
RDEPENDS_${PN} += "tzdata-timed libcap-bin tzdata" RDEPENDS_${PN} += "tzdata-timed libcap-bin tzdata"
FILES_${PN} += "/usr/lib/ /usr/share/contextkit" FILES_${PN} += "/usr/lib/ /usr/share/contextkit /home/ceres/.config/systemd/user/default.target.wants/"
FILES_${PN}-dev += "/usr/share/mkspecs" FILES_${PN}-dev += "/usr/share/mkspecs"
FILES_${PN}-dbg += "/opt" FILES_${PN}-dbg += "/opt"
INSANE_SKIP_${PN} += "dev-deps" INSANE_SKIP_${PN} += "dev-deps"
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment