--- /dev/null
+<!-- Aegis manifest declares the security credentials required by an
+ application to run correctly. By default, a manifest file will be
+ created or updated automatically as a part of build.
+
+ The detection of required credentials is based on static scan of
+ application binaries. In some cases, the scan may not be able to
+ detect the correct set of permissions. If this is the case, you must
+ declare the credentials required by your application in this file.
+
+ To create a manifest file automatically as a part of build (DEFAULT):
+
+ * You may leave this file as-is.
+ * Do not list any '<credential name="token" />' entries
+ outside of comments.
+
+ To provide a manifest yourself:
+
+ * List the correct credentials for the application in this file.
+ * Some commented-out examples of often required tokens are provided.
+ * Ensure the path to your application binary given in
+ '<for path="/path/to/app" />' is correct.
+ * Please do not request more credentials than what your application
+ actually requires.
+
+ To disable manifest file:
+
+ * Replace this file with a file starting with the string "NoAegisFile" (without quotes).
+ * Final application package will not contain a manifest.
+
+-->
+<aegis>
+ <request policy="add">
+
+ <!-- Make a GSM call, send text messages (SMS). -->
+ <!--
+ <credential name="Cellular" />
+ -->
+
+ <!-- Access Facebook social data. -->
+ <!--
+ <credential name="FacebookSocial" />
+ -->
+
+ <!-- Read access to data stored in tracker. -->
+ <!--
+ <credential name="TrackerReadAccess" />
+ -->
+
+ <!-- Read and write access to data stored in tracker. -->
+ <!--
+ <credential name="TrackerWriteAccess" />
+ -->
+
+ <!-- Read Location information. -->
+ <!--
+ <credential name="Location" />
+ -->
+
+ <!-- Access to Audio, Multimedia and Camera. -->
+ <!--
+ <credential name="GRP::pulse-access" />
+ <credential name="GRP::video" />
+ <credential name="GRP::audio" />
+ -->
+
+ </request>
+
+ <for path="/opt/%%PROJECTNAME%%/bin/%%PROJECTNAME%%" />
+ <for path="applauncherd-launcher::/usr/bin/applauncherd.bin" id="" />
+</aegis>
QString newFileName = fileName;
if (newFileName == Qt4HarmattanTarget::aegisManifestFileName()) {
// If the user has touched the Aegis manifest file, we copy it for use
- // by MADDE. Otherwise the required capabilities will be auto-detected.
+ // by MADDE. Otherwise the required capabilities will be auto-detected,
+ // unless the user explicitly requests that no manifest should be created.
if (QFileInfo(srcFile).size() == 0)
continue;
newFileName = maemoTarget()->packageName() + QLatin1String(".aegis");
}
+
const QString destFile = debianDirPath + QLatin1Char('/') + newFileName;
if (fileName == QLatin1String("rules")) {
if (!adaptRulesFile(srcFile, destFile))
return false;
- } else if (!QFile::copy(srcFile, destFile)) {
- raiseError(tr("Could not copy file '%1' to '%2'")
+ continue;
+ }
+
+ if (newFileName == maemoTarget()->packageName() + QLatin1String(".aegis")) {
+ Utils::FileReader reader;
+ if (!reader.fetch(srcFile)) {
+ raiseError(tr("Could not read manifest file '%1': %2.")
+ .arg(QDir::toNativeSeparators(srcFile), reader.errorString()));
+ return false;
+ }
+ if (reader.data().startsWith("NoAegisFile")) {
+ QFile targetFile(destFile);
+ if (!targetFile.open(QIODevice::WriteOnly)) {
+ raiseError(tr("Could not write manifest file '%1': %2.")
+ .arg(QDir::toNativeSeparators(destFile), targetFile.errorString()));
+ return false;
+ }
+ continue;
+ }
+ }
+
+ if (!QFile::copy(srcFile, destFile)) {
+ raiseError(tr("Could not copy file '%1' to '%2'.")
.arg(QDir::toNativeSeparators(srcFile), QDir::toNativeSeparators(destFile)));
return false;
}
void Qt4HarmattanTarget::handleTargetAddedSpecial()
{
AbstractDebBasedQt4MaemoTarget::handleTargetAddedSpecial();
- QFile aegisFile(debianDirPath() + QLatin1Char('/') + aegisManifestFileName());
- if (!aegisFile.exists())
- aegisFile.open(QIODevice::WriteOnly);
+ const QFile aegisFile(debianDirPath() + QLatin1Char('/') + aegisManifestFileName());
+ if (aegisFile.exists())
+ return;
+
+ Utils::FileReader reader;
+ if (!reader.fetch(Core::ICore::instance()->resourcePath()
+ + QLatin1String("/templates/shared/") + aegisManifestFileName())) {
+ qDebug("Reading manifest template failed.");
+ return;
+ }
+ QString content = QString::fromUtf8(reader.data());
+ content.replace(QLatin1String("%%PROJECTNAME%%"), project()->displayName());
+ Utils::FileSaver writer(aegisFile.fileName(), QIODevice::WriteOnly);
+ writer.write(content.toUtf8());
+ if (!writer.finalize()) {
+ qDebug("Failure writing manifest file.");
+ return;
+ }
}
void Qt4HarmattanTarget::addAdditionalControlFileFields(QByteArray &controlContents)