IRC logs for #automotive for Thursday, 2020-12-03

*** Newami has quit IRC00:00
cengiz_iohello there. probably the most idiotic question you'll hear today. how can I permit `display` user to access `/dev/null` ??00:20
cengiz_iochsmack says /dev/null is "_"00:20
cengiz_ioand /dev/null is 066600:20
smurraycengiz_io: that looks wrong?  Just booted qemu and checked, it's label is "*" here01:15
cengiz_iosmurray I have zero idea. Dbus fails to start because of this.01:16
smurraycengiz_io: something's broken in your image if you're booting up and it's not labelled '*'01:17
cengiz_iosmurray how can I do such a thing by just appending agl-login-manager and agl-users ?01:18
cengiz_ioby appending I mean adding them ti IMAGE_INSTALL, nothing else01:18
smurraycengiz_io: istr mentioning that it'd probably be better to pull in packagegroup-agl-core-security, I'd check to make sure that's making it into the image, I suspect the SMACK bits are pulled in via it01:19
cengiz_iosmurray it's empty? https://gerrit.automotivelinux.org/gerrit/gitweb?p=AGL/meta-agl.git;a=blob;f=meta-agl-profile-core/recipes-platform/packagegroups/packagegroup-agl-core-security.bb;h=0ae5c77a360f120f80e3ec10188528a75fb30cb1;hb=HEAD01:23
smurrayI'll have to look, there's some packagegroup01:24
cengiz_iosmurray ok thanks01:25
smurraycengiz_io: that empty one gets added to, see meta-agl/meta-app-framework/recipes-platform/packagegroups/packagegroup-agl-core-security.bbappend01:25
smurraycengiz_io: if you don't have e.g. smack-system-setup that that pulls in, I suspect you'll have a bad time01:26
*** leon-anavi has quit IRC01:26
cengiz_iowhat is smack-system-setup?01:27
smurrayno idea, but the name is suggestive01:28
cengiz_iocan I just disable all appfw and disable smack alltogether? I'm microns away from committing suicide01:28
smurraycan't just add that packagegroup?01:29
cengiz_ioadded it right now01:29
smurrayI've not tried building an image w/o the app f/w bits and SMACK, it'd take some experimenting01:30
smurrayfrom a quick look, it's non-trivial atm01:31
smurraythat may change soon, there's some layer reorg planned that probably would have enabling building a plainer image as part of it01:32
cengiz_iosmurray I was able to run weston (without agl-compositor) and my qt app.01:38
cengiz_iosmurray but now my app requires user session dbus, everything is gone haywire01:38
smurraycengiz_io: so "my qt app" is what again?  not an application built with the app f/w stuff?01:39
cengiz_ioI've been a linux user since 1997. never before I've felt this stupid. file permissions, smack, pam, other unknown mechanisms....01:39
cengiz_iosmurray no it's just a f***** qt5 app01:40
smurraycengiz_io: so that's the problem, AGL has an application framework with a security model01:40
cengiz_ioyou would probably ask the reason why I did go with AGL then.01:40
smurraycengiz_io: yep01:40
cengiz_ioyou already did01:40
cengiz_io"for future" is the kool-aid01:41
smurraywhat does your app need to access via dbus?01:42
cengiz_ioAnother app that talks with hardware (can bus, UART, etc)01:43
cengiz_ioPlus ambient light sensors, battery levels etc01:43
cengiz_iothis could have been done without any involvement of AGL but the project requires ASIL compliance and Ford is one of the shareholders.01:45
cengiz_ioand they told us that they "know" AGL01:45
smurraythat'd be interesting, given they disappeared like 3 years ago ;)01:47
smurrayand ASIL is odd, that's a research project for anything Linux based still, e.g. the ELISA project at LF01:48
smurrayso I know there can be issues around SMACK and dbus, there have been problems in the past making some things work01:49
cengiz_iosmurray adding that packagegroup did really change smack status to *01:59
cengiz_iothanks a lot!01:59
smurraycool01:59
cengiz_iosmurray you just saved my soul02:00
cengiz_ioafm-system-daemon.service: Failed to execute command: No such file or directory02:01
cengiz_iodo I need something for this?02:01
cengiz_io./usr/bin/afb-daemon is missing02:01
smurrayso if you're not using the app f/w at all, that wouldn't be a problem, necessarily02:03
cengiz_iosmurray better mask the service then02:03
smurrayI'm a bit at a loss how you get an image w/o af-binder in it, which is where afb-daemon would come from02:04
cengiz_iomagic02:11
smurraycengiz_io: you may want to try adding packagegroup-agl-app-framework, but it's possible that might complicate your life further02:11
cengiz_iosmurray may I ask one last question before I go? suppose I need to create an app user (let's say `netservice`)02:13
cengiz_ioshould I add udev rules for that user for certain permissions?02:13
cengiz_iowhat's the canonical way?02:14
cengiz_ioexcept ofc adding a group, marking certain files with group etc.02:14
cengiz_ioby certain permissions I mean /dev access or serial port access etc.02:14
smurrayso AGL is using a feature in Yocto to use a canned static passwd/group to keep them stable for things like updaters02:16
smurraythey're in meta-agl/meta-agl-profile-core/files, I'd have to poke around a bit to see how you'd overlay them with another set with an extra user02:18
cengiz_iogreat thanks again02:18
smurrayI think you'd have to make a files directory in your own layer and have your modified passwd & group files in it, and that layer would have to be higher priority than meta-agl02:20
smurraybut I'm not 100% sure02:20
smurraycengiz_io: useradd-staticids.bbclass is what's being used, see https://docs.yoctoproject.org/ref-manual/ref-classes.html#useradd-bbclass02:21
smurraycengiz_io: re the device perms, udev rules would be the typical way to go02:26
*** Moistmelon has quit IRC02:29
cengiz_iosmurray great! that's more than I need02:39
cengiz_ioif I could wrap this somehow I will be blogging the journey02:39
cengiz_iobut the fact is docs need serious attention :/02:40
cengiz_iono guidance whatsoever. if it was without this channel and helpful hands like you, it would be impossible02:41
smurraycengiz_io: I don't disagree, but you're building something off the expected path.  For the past several years the expectation has been people would use the app f/w, and if they didn't they'd basically be building up completely from scratch (i.e. effectively using AGL as a glorified poky)02:45
smurraycengiz_io: as I mentioned earlier, that expectation is changing for the next release02:46
smurraycengiz_io: you're also jumping in at a time when the docs site has been undergoing some significant rework02:46
*** adriano has joined #automotive04:54
*** vrubiolo has joined #automotive08:23
*** adriano has quit IRC08:48
*** leon-anavi has joined #automotive08:56
leon-anavimorning08:59
furyHi guys11:12
furyHow's it hangin?11:12
*** kooltux has quit IRC11:24
*** kooltux has joined #automotive11:25
*** walzert has joined #automotive13:13
walzert@smu13:13
walzertsmurray: master build is working.13:13
*** walzert has quit IRC13:16
*** vrubiolo has quit IRC13:37
*** vrubiolo has joined #automotive13:37
*** adriano has joined #automotive15:22
RzRhttps://mastodon.social/@rzr/105316440579379325 video about pipewire that was presentated ealier today at LEE15:29
RzRis it public ?15:31
adrianohttps://www.youtube.com/watch?v=1w6yVqU0lkU seems to be very simillar with this :)15:34
RzRthe logo on the door moved15:36
*** adriano has quit IRC16:27
*** adriano has joined #automotive16:27
*** amalek has quit IRC16:28
*** adriano has quit IRC16:42
*** adriano has joined #automotive17:09
*** Newami has joined #automotive17:32
*** amalek has joined #automotive17:41
*** Newami has quit IRC17:42
*** adriano has quit IRC17:48
*** adriano has joined #automotive17:58
*** adriano has quit IRC18:24
*** vrubiolo has quit IRC18:45
*** toscalix has joined #automotive19:28
*** toscalix has quit IRC19:30
*** toscalix has joined #automotive19:34
*** amalek has quit IRC19:45
*** amalek has joined #automotive20:51
*** toscalix has quit IRC21:44
*** KREYREN has quit IRC21:45
*** KREYREN has joined #automotive21:47
*** leon-anavi has quit IRC22:52

Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!