summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--qtc_packaging/debian_harmattan/manifest.aegis72
1 files changed, 7 insertions, 65 deletions
diff --git a/qtc_packaging/debian_harmattan/manifest.aegis b/qtc_packaging/debian_harmattan/manifest.aegis
index 1cc4641..9ed7231 100644
--- a/qtc_packaging/debian_harmattan/manifest.aegis
+++ b/qtc_packaging/debian_harmattan/manifest.aegis
@@ -1,70 +1,12 @@
-AutoGenerateAegisFile
-<!-- Aegis manifest declares the security credentials required by an
- application to run correctly. By default, a manifest file will be
- created or updated automatically as a part of build.
-
- The detection of required credentials is based on static scan of
- application binaries. In some cases, the scan may not be able to
- detect the correct set of permissions. If this is the case, you must
- declare the credentials required by your application in this file.
-
- To create a manifest file automatically as a part of build (DEFAULT):
-
- * Make sure this file starts with the string "AutoGenerateAegisFile" (without quotes).
- * Alternatively, it can also be completely empty.
-
- To provide a manifest yourself:
-
- * List the correct credentials for the application in this file.
- * Some commented-out examples of often required tokens are provided.
- * Ensure the path to your application binary given in
- '<for path="/path/to/app" />' is correct.
- * Please do not request more credentials than what your application
- actually requires.
-
- To disable manifest file:
-
- * Replace this file with a file starting with the string "NoAegisFile" (without quotes).
- * Final application package will not contain a manifest.
-
--->
<aegis>
- <request policy="add">
-
- <!-- Make a GSM call, send text messages (SMS). -->
- <!--
- <credential name="Cellular" />
- -->
-
- <!-- Access Facebook social data. -->
- <!--
- <credential name="FacebookSocial" />
- -->
-
- <!-- Read access to data stored in tracker. -->
- <!--
- <credential name="TrackerReadAccess" />
- -->
+ <request>
+ <!-- The daemon is supposed to be run as user. -->
+ <credential name="UID::user" />
+ <credential name="GID::users" />
- <!-- Read and write access to data stored in tracker. -->
- <!--
- <credential name="TrackerWriteAccess" />
- -->
-
- <!-- Read Location information. -->
- <!--
- <credential name="Location" />
- -->
-
- <!-- Access to Audio, Multimedia and Camera. -->
- <!--
- <credential name="GRP::pulse-access" />
- <credential name="GRP::video" />
- <credential name="GRP::audio" />
- -->
+ <!-- Required for service discovery -->
+ <credential name="CAP::net_broadcast" />
+ <for path="/opt/distfold/bin/distfoldd" />
</request>
-
- <for path="/opt/distfold/bin/distfold" />
- <for path="applauncherd-launcher::/usr/bin/applauncherd.bin" id="" />
</aegis>