Taste the Rainbow:0.7.8: Difference between revisions
Jump to navigation
Jump to search
m (New page: This page is a guided tour of the [http://dev.laptop.org/git?p=users/mstone/security;a=tree;hb=0168171c698d3ac75645dc150052fd34b28ec357 source code] of the rainbow-0.7.4 releas...) |
mNo edit summary |
||
| Line 1: | Line 1: | ||
This page is a guided tour of the [http://dev.laptop.org/git?p=users/mstone/security;a=tree;hb= |
This page is a guided tour of the [http://dev.laptop.org/git?p=users/mstone/security;a=tree;hb=83eea6528df6a65d9fed508344019cc1e14b24bd source code] of the [[Rainbow|rainbow-0.7.8]] release. |
||
== Source Code Overview == |
== Source Code Overview == |
||
Please start in my [http://dev.laptop.org/git?p=users/mstone/security;a=tree;f=rainbow;hb= |
Please start in my [http://dev.laptop.org/git?p=users/mstone/security;a=tree;f=rainbow;hb=83eea6528df6a65d9fed508344019cc1e14b24bd rainbow-0.7.8 tree]. |
||
./ |
./ |
||
| Line 16: | Line 16: | ||
| |
| |
||
|--- docs : explanations & notes |
|--- docs : explanations & notes |
||
| |--- |
| |--- NOTES : various problems I have encountered and thoughts on how to solve them. |
||
| \--- NOTES : various problems I have encountered and thoughts on how to solve them. |
|||
| *--- [http://dev.laptop.org/git?p=users/mstone/security;a=blob;f=rainbow.txt;hb=HEAD rainbow.txt] : a sketch & justification of the current design |
| *--- [http://dev.laptop.org/git?p=users/mstone/security;a=blob;f=rainbow.txt;hb=HEAD rainbow.txt] : a sketch & justification of the current design |
||
| |
| |
||
\--- rainbow : source code |
\--- rainbow : source code |
||
|--- permissions : a stub based on the secure installation work that marcopg and |
|||
| neuralis did together a few weeks ago |
|||
|--- util : functions wrapping frequently used idioms or useful syscalls |
|--- util : functions wrapping frequently used idioms or useful syscalls |
||
|--- inject.py : logic implementing activity launching |
|--- inject.py : logic implementing activity launching |
||
| Line 30: | Line 27: | ||
The key functions for launching activities are |
The key functions for launching activities are |
||
*[http://dev.laptop.org/git?p=users/mstone/security;a=blob;f=rainbow/rainbow/inject.py;hb= |
*[http://dev.laptop.org/git?p=users/mstone/security;a=blob;f=rainbow/rainbow/inject.py;hb=83eea6528df6a65d9fed508344019cc1e14b24bd#l87 inject.py:grab_home()], |
||
*[http://dev.laptop.org/git?p=users/mstone/security;a=blob;f=rainbow/rainbow/inject.py;hb= |
*[http://dev.laptop.org/git?p=users/mstone/security;a=blob;f=rainbow/rainbow/inject.py;hb=83eea6528df6a65d9fed508344019cc1e14b24bd#l112 inject.py:configure_home()], and |
||
*[http://dev.laptop.org/git?p=users/mstone/security;a=blob;f=rainbow/rainbow/inject.py;hb= |
*[http://dev.laptop.org/git?p=users/mstone/security;a=blob;f=rainbow/rainbow/inject.py;hb=83eea6528df6a65d9fed508344019cc1e14b24bd#l142 inject.py:launch()]. |
||
These functions are called in the order listed from |
These functions are called in the order listed from |
||
*[http://dev.laptop.org/git?p=users/mstone/security;a=blob;f=rainbow/rainbow/inject.py;hb= |
*[http://dev.laptop.org/git?p=users/mstone/security;a=blob;f=rainbow/rainbow/inject.py;hb=83eea6528df6a65d9fed508344019cc1e14b24bd#l201 inject.py:run()] |
||
which which is, in turn, called from |
which which is, in turn, called from |
||
*[http://dev.laptop.org/git?p=users/mstone/security;a=blob;f=rainbow/rainbow/service.py;hb= |
*[http://dev.laptop.org/git?p=users/mstone/security;a=blob;f=rainbow/rainbow/service.py;hb=83eea6528df6a65d9fed508344019cc1e14b24bd#l58 service.py:Rainbow.CreateActivity()] |
||
These six functions (and the relatively simple helpers they call) exhaust the functionality provided by rainbow-0.7.4. |
These six functions (and the relatively simple helpers they call) exhaust the functionality provided by rainbow-0.7.4. |
||
| Line 46: | Line 43: | ||
I develop Rainbow in four basic modes: |
I develop Rainbow in four basic modes: |
||
* From a live git clone, when developing new features. |
|||
cp setup.py.in setup.py |
|||
sed -i -e 's/@VERSION@/1/' setup.py |
|||
python setup.py develop |
|||
* By packaging snapshots of a git clone to try out packaging changes. |
* By packaging snapshots of a git clone to try out packaging changes. |
||
make snapshot |
make snapshot |
||
Revision as of 22:44, 24 January 2008
This page is a guided tour of the source code of the rainbow-0.7.8 release.
Source Code Overview
Please start in my rainbow-0.7.8 tree.
./ |--- README : Standard boilerplate about where work gets done; somewhat dated in this release. |--- rainbow.spec.in : spec-file template for building RPMS |--- Makefile.package : package-specific variables for use in ../Makefile.fedora |--- conf : installation-time configuration files | \--- session-olpc.conf : applies some unusual dbus rules to allow many uids | to use the same session bus and enables OLPC-specific | dbus access checks. When /etc/olpc-security exists, | session-olpc.conf is loaded by /usr/bin/sugar | |--- docs : explanations & notes | |--- NOTES : various problems I have encountered and thoughts on how to solve them. | *--- rainbow.txt : a sketch & justification of the current design | \--- rainbow : source code |--- util : functions wrapping frequently used idioms or useful syscalls |--- inject.py : logic implementing activity launching \--- service.py : dbus service entry-point
Activity Launching
The key functions for launching activities are
These functions are called in the order listed from
which which is, in turn, called from
These six functions (and the relatively simple helpers they call) exhaust the functionality provided by rainbow-0.7.4.
Developing Rainbow
I develop Rainbow in four basic modes:
- By packaging snapshots of a git clone to try out packaging changes.
make snapshot
- With locally-built or scratch-built packages, when I'm getting ready to tag a release.
make release
- With an official release, built with Fedora's Koji build system from sources archived in Fedora CVS.