Taste the Rainbow:0.7.0: Difference between revisions
Jump to navigation
Jump to search
m (Taste the Rainbow moved to Taste the Rainbow:0.7.0: Rainbow 0.7.2 needs to be documented.) |
|||
(13 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
This page is a guided tour of the [http://dev.laptop.org/git?p=users/mstone/security;a=commit;h=b6a2a0c96f522956a69871c6d839bc67d2f78424 source code] of the [[Rainbow|rainbow-0.7.0]] release. |
This page is a guided tour of the [http://dev.laptop.org/git?p=users/mstone/security;a=commit;h=b6a2a0c96f522956a69871c6d839bc67d2f78424 source code] of the [[Rainbow|rainbow-0.7.0]] release. |
||
== Overview == |
== Source Code Overview == |
||
⚫ | |||
./rainbow |
|||
|--- README : Standard boilerplate about where work gets done; somewhat dated in this release. |
|||
|--- conf : installation-time configuration files |
|||
| \--- session-olpc.conf : applies some unusual dbus rules to allow many uids |
|||
| to use the same session bus and enables OLPC-specific |
|||
| dbus access checks. When /etc/olpc-security exists, |
|||
⚫ | |||
| |
|||
|--- docs : explanations & notes |
|||
| |--- DESIGN : A discussion of how the predecessor to the current architecture arose. |
|||
| \--- NOTES : various problems I have encountered and thoughts on how to solve them. |
|||
| *--- [http://dev.laptop.org/git?p=security;a=blob;f=rainbow.txt;hb=HEAD rainbow.txt] : a sketch & justification of the current design |
|||
| |
|||
\--- rainbow : source code |
|||
⚫ | |||
| neuralis did together a few weeks ago |
|||
|--- util : functions wrapping frequently used idioms or useful syscalls |
|||
|--- stages : logic implementing activity launching |
|||
|--- targets : control flow describing how to call activity-launching code |
|||
\--- service.py : dbus service entry-point |
|||
./rainbow.spec.in : spec-file template for building RPMS |
|||
./Makefile.package : package-specific variables for use in ../Makefile.fedora |
|||
../Makefile.fedora : rules for making local snapshot builds and |
|||
internal releases, prior to pushing to Fedora |
|||
⚫ | |||
⚫ | |||
The key functions for launching activities are |
|||
The two interesting directories here are docs and rainbow. |
|||
*[http://dev.laptop.org/git?p=users/mstone/security;a=blob;f=rainbow/rainbow/stages/sugar.py;h=ad68b168d1cbab33a511d65d25e44a8151d06e60;hb=b6a2a0c96f522956a69871c6d839bc67d2f78424#l10 stages/sugar.py:begin()], |
|||
*[http://dev.laptop.org/git?p=users/mstone/security;a=blob;f=rainbow/rainbow/stages/sugar.py;h=ad68b168d1cbab33a511d65d25e44a8151d06e60;hb=b6a2a0c96f522956a69871c6d839bc67d2f78424#l72 stages/sugar.py:prepare()], and |
|||
*[http://dev.laptop.org/git?p=users/mstone/security;a=blob;f=rainbow/rainbow/stages/activation.py;h=97228604c9781b3129767f4374e25f345ef49197;hb=b6a2a0c96f522956a69871c6d839bc67d2f78424#l16 stages/activation.py:launch()]. |
|||
These functions are called in the order listed from |
|||
The interesting file is rainbow.spec.in |
|||
*[http://dev.laptop.org/git?p=users/mstone/security;a=blob;f=rainbow/rainbow/targets/sugar.py;h=504e4ae5fcad44fe70b8eb32403319ea451353ee;hb=b6a2a0c96f522956a69871c6d839bc67d2f78424#l8 targets/sugar.py:launch()] and |
|||
*[http://dev.laptop.org/git?p=users/mstone/security;a=blob;f=rainbow/rainbow/targets/sugar.py;h=504e4ae5fcad44fe70b8eb32403319ea451353ee;hb=b6a2a0c96f522956a69871c6d839bc67d2f78424#l28 targets/sugar.py:_exile()] |
|||
which are, in turn, called from |
|||
The Makefile includes 'Makefile.fedora' one level higher and builds rpms for personal testing based on some variables defined in Makefile.package |
|||
*[http://dev.laptop.org/git?p=users/mstone/security;a=blob;f=rainbow/rainbow/service.py;h=aaa6fc140511a5d9c08f25319b9c6f8f106c8cc6;hb=b6a2a0c96f522956a69871c6d839bc67d2f78424#l57 service.py:Rainbow.CreateActivity()] |
|||
These six functions (and the relatively simple helpers they call) exhaust the functionality provided by rainbow-0.7.0. |
|||
When I'm happy with the result, then I scratch-build in koji, fix up any final nitpicks and build the release in koji. |
|||
== |
== Developing Rainbow == |
||
I develop Rainbow in four basic modes: |
|||
Here, conf contains some configuration files that need to be installed onto the system during setup. |
|||
session-olpc.conf is probably the most important of these since it applies some unusual dbus rules to allow many uids to use the same session bus. |
|||
* From a live git clone, when developing new features. |
|||
marcopg> how is that loaded? is the sugar script using it? |
|||
cp setup.py.in setup.py |
|||
sed -i -e 's/@VERSION@/1/' setup.py |
|||
⚫ | |||
python setup.py develop |
|||
* By packaging snapshots of a git clone to try out packaging changes. |
|||
marcopg> what is <olpc>on</olpc> (in session-olpc.conf) |
|||
make snapshot |
|||
* With locally-built or scratch-built packages, when I'm getting ready to tag a release. |
|||
marcopg> that enables coderanger security stuff in dbus? |
|||
make release |
|||
* With an official release, built with Fedora's Koji build system from sources archived in Fedora CVS. |
|||
m_stone> correct, though, since we're no longer using vserver, coderanger's dbus stuff will need some revision. |
|||
** [http://fedoraproject.org/wiki/PackageMaintainers/UpdatingPackageHowTo Fedora Package Update HOWTO] |
|||
m_stone> Note that the <olpc> tag is commented out at present. |
|||
⚫ | |||
⚫ | |||
== Source code == |
Latest revision as of 19:58, 6 November 2007
This page is a guided tour of the source code of the rainbow-0.7.0 release.
Source Code Overview
Please start in my rainbow-0.7.0 tree.
./rainbow |--- README : Standard boilerplate about where work gets done; somewhat dated in this release. |--- conf : installation-time configuration files | \--- session-olpc.conf : applies some unusual dbus rules to allow many uids | to use the same session bus and enables OLPC-specific | dbus access checks. When /etc/olpc-security exists, | session-olpc.conf is loaded by /usr/bin/sugar | |--- docs : explanations & notes | |--- DESIGN : A discussion of how the predecessor to the current architecture arose. | \--- NOTES : various problems I have encountered and thoughts on how to solve them. | *--- rainbow.txt : a sketch & justification of the current design | \--- rainbow : source code |--- permissions : a stub based on the secure installation work that marcopg and | neuralis did together a few weeks ago |--- util : functions wrapping frequently used idioms or useful syscalls |--- stages : logic implementing activity launching |--- targets : control flow describing how to call activity-launching code \--- service.py : dbus service entry-point ./rainbow.spec.in : spec-file template for building RPMS ./Makefile.package : package-specific variables for use in ../Makefile.fedora ../Makefile.fedora : rules for making local snapshot builds and internal releases, prior to pushing to Fedora
Activity Launching
The key functions for launching activities are
These functions are called in the order listed from
which are, in turn, called from
These six functions (and the relatively simple helpers they call) exhaust the functionality provided by rainbow-0.7.0.
Developing Rainbow
I develop Rainbow in four basic modes:
- From a live git clone, when developing new features.
cp setup.py.in setup.py sed -i -e 's/@VERSION@/1/' setup.py python setup.py develop
- By packaging snapshots of a git clone to try out packaging changes.
make snapshot
- With locally-built or scratch-built packages, when I'm getting ready to tag a release.
make release
- With an official release, built with Fedora's Koji build system from sources archived in Fedora CVS.