Provide and example confinement for an Ubuntu SDK application
Acceptance criteria for April:
- Goal: AppArmor, SDK and Unity developers are able to use example applications for native Ubuntu SDK QML, HTML5 and PhoneGap apps to exercise our existing confinement implementation
- Goal: Developers are able to use initial easyprof confinement templates to confine QML, HTML5 and PhoneGap apps
- Goal: Unity developers are able to build upon a prototype application launcher for launching SDK applications
The is prerequisite work for our final confinement policy templates.
Blueprint information
- Status:
- Complete
- Approver:
- Jamie Strandboge
- Priority:
- High
- Drafter:
- Marc Deslauriers
- Direction:
- Approved
- Assignee:
- Steve Beattie
- Definition:
- Approved
- Series goal:
- Accepted for raring
- Implementation:
- Implemented
- Milestone target:
- ubuntu-13.04-month-6
- Started by
- Jamie Strandboge
- Completed by
- Jamie Strandboge
Related branches
Related bugs
Bug #1176127: GLib Application Registers a DBus name under application confinement | Confirmed |
Sprints
Whiteboard
jdstrand> If we can run mir native on a tablet, perhaps adjust the SDK native app to legitimately use the clipboard, screenshot, drag and drop and keyboard sniff. If something isn't working, start conversation with Mir folks on how to get it to work or find it when it will be implemented.
jdstrand> also see https:/
jdstrand> please see (and elaborate on ;) https:/
jdstrand 2013-05-03> based on discussions, the app launcher will be upstart user jobs. One user job will be used and takes an argument for the app. The upstart job should:
1. document the fact that the upstart jobs provide the initial session environment (ie, at login)
2. add UBUNTU_
3. add a TODO for add GAPPLICATION envvar ted mentioned (LP: #1176127)
4. document in the job that we can add/clear various variables in the job
Work Items
Work items:
locate/write a representative HelloNativeConf
locate/write a representative HelloHTML5Confi
locate/write a representative HelloPhoneGapCo
create initial aa-easyprof template and policy groups for SDK native app: DONE
create initial aa-easyprof template and policy groups for SDK HTML5 app: DONE
create initial aa-easyprof template and policy groups for PhoneGap app: DONE
prototype (with TODOs) initial app launcher (see ApplicationConf
send app launcher prototype to Unity team to discuss next steps: POSTPONED
Dependency tree
* Blueprints in grey have been implemented.