ubuntu-phone team mailing list archive

[Ted Gould <ted@xxxxxxxxxx>]

On Tue, 2014-02-04 at 16:50 +0200, Alberto Mardegan wrote:

> On 02/04/2014 04:13 PM, Ted Gould wrote:
> > On Tue, 2014-02-04 at 10:05 +0200, Alberto Mardegan wrote:
> >> I had a quick look at the untrusted helper branch, but I
> >> couldn't understand if it's suitable for my case:
> >> 
> >> " * Start an untrusted helper for a specific @type on a given *
> >> @appid.  We don't know how that is done specifically, as Upstart 
> >> * will call a helper for that type.  And then execute it under
> >> the * Apparmor profile for that helper type."
> >> 
> >> What is "type" in this context?
> > 
> > Type is a string for something defined by you.  This way we can
> > keep the infographics away from the account service helpers.  So
> > I'd guess for you it'd be something like "account-service-plugin"
> > or some such.  It doesn't matter really as long as you use the same
> > type for all the functions (and unique, don't use
> > "content-hub-picker" ☺).
> 
> OK, so it could be "online-account-plugin" in our case. Then you
> confirmed that these helpers will be run under their own AppArmor
> profile (which is indeed what I needed), but that seems to contradict
> the docstring I quoted above and which made me suspicious: "And then
> execute it under the Apparmor profile for that helper type".
> I assume that the documentation string is wrong, and that it should
> read "...under the Apparmor profile for that helper".



Ah, I see how that's confusing now.  I'll update the description.  I was
trying to convey that most helpers will probably have specific profiles
they're using, but was too brief, sorry about that confusion.


> > You probably want upstart_app_launch_start_multiple_helper() which 
> > returns an instance handle.  That allows you to track multiple
> > instances of the same App ID.  This is also a requirement for
> > Content Hub.
> 
> I'll try to use that, this makes a lot more sense now. Thanks!
> I assume that I can use the "uris" parameter to pass parameters to the
> untrusted helper (for example, a UNIX socket to connect to)?


It really was only built for URIs, but it could probably be used that
way.  I'd probably recommend using your exec helper to fill that out.
I'm guessing the format for your exec line probably has some special
keys that say where to place the fds (i.e. "--connect-fd 1") or
something like that.  Anything that is returned in the APP_EXEC variable
will be executed, so that might be a better place to handle specialized
command line insertions.

Ted

Attachment: signature.asc
Description: This is a digitally signed message part