[Automotive] appman use case question

Robert Griebl robert.griebl at pelagicore.com
Thu Oct 20 14:46:29 CEST 2016 

Hi Jack,

Sorry for the late reply.

On 14.10.2016 18:05, Sanchez, Jack wrote:
> It certainly seems apparent that appman requires root privileges in
> order to properly run and gain access to input and graphics devices on
> the system. If this is not the case, I would be interested in hearing
> anything I may be missing at this point for that.

That is certainly not the case. Quite the opposite: you shouldn't run 
the AM as root, although you need to have it SUID-root if you want to 
use the installer part (only a small helper process will continue to run 
with root privileges in this case -- the main process will drop them 
immediately)

Gaining access to devices is done via standard Unix file permissions in 
/dev. Of course you have to adjust those if you are running non-root.

We have done embedded, Yocto based non-root installations in the past 
without any major problems (the biggest one being to make sure that 
everyone ends up on the same session bus, but this was basically a 
fiddling around with systemd units).

cu
Robert


> In our system, we require that our HMI applications actually run as a
> user other than root for security reasons, however, since appman is
> doing lifecycle management, all the processes will inherit this root
> environment.
>
> So we need to be able to launch our HMI apps through appman from another
> user session in order to be on the same DBUS session as our system
> services being communicated with (controlling hardware).
>
> Even if we are able to do this - I'm assuming the difference in DBUS
> sessions from root to the other user will also potentially impede
> communications between appman and the appman-based HMI processes.
>
> Has anyone already handled this issue and/or are there plans in place
> for the QtAS development teams to add in this type of functionality?
> Would we need to fork and do this work ourselves in order to break apart
> this coupling?
>
> Basically we just want to use appman as more of a server based
> compositor as Weston is used, and be able to dynamically attach HMI
> processes to the appman server.
>
> Thanks for any help!
>
> Best regards,
> --
> *Jack Sanchez*
> Lead Qt Engineer
>
> *M:* +1 503-608-8282
> *E: jsanche1 at jaguarlandrover.com <mailto:jsanche1 at jaguarlandrover.com>*
>
> *Jaguar Land Rover, 1419 NW 14th Ave, Portland, Oregon, 97209, USA*
> *jaguar.com <http://jaguar.com/>  |  landrover.com <http://landrover.com/>*
>
>
> _______________________________________________
> Automotive mailing list
> Automotive at qt-project.org
> http://lists.qt-project.org/mailman/listinfo/automotive
>


-- 
Robert Griebl
Senior Software Engineer

Pelagicore AG
Balanstr. 55, 81541 Munich, Germany
robert.griebl at pelagicore.com
www.pelagicore.com

More information about the Automotive mailing list