How to generate the Aegis file?



  • Hi all,

    I am trying to deploy my harmattan application to QEMU but i always get the following errors
    @libqtcontacts-tracker: engine.cpp:1280: Invalid credential string (TrackerReadAccess), errno (22) : Invalid argument
    libqtcontacts-tracker: engine.cpp:1280: Invalid credential string (TrackerWriteAccess), errno (22) : Invalid argument
    libqtcontacts-tracker: engine.cpp:1289: Entity does not possess required credential
    libqtcontacts-tracker: engine.cpp:1307:

    WARNING /!\ - MANDATORY SECURITY TOKENS ARE MISSIN

    Rejecting QContactLocalIdFetchRequest.
    Please add an AEGIS manifest to your package requesting the following
    security tokens: TrackerReadAccess, TrackerWriteAccess for /opt/FaceOff/bin/FaceOff [754].

    "Couldn't obtain a direct connection to the Tracker store: Error calling StartServiceByName for org.freedesktop.Tracker1: GDBus.Error:org.freedesktop.DBus.Error.Spawn.ChildExited: Process /usr/lib/tracker/tracker-store exited with status 1"
    libqtcontacts-tracker: sparqlresolver.cpp:123: Couldn't obtain a direct connection to the Tracker store: Error calling StartServiceByName for org.freedesktop.Tracker1: GDBus.Error:org.freedesktop.DBus.Error.Spawn.ChildExited: Process /usr/lib/tracker/tracker-store exited with status 1
    libqtcontacts-tracker: tasks.cpp:66: Cannot prefill resource cache with resources required by detail schemas@

    I know that there is missing credentials .

    I tried to add theme manually but without any result.
    @<aegis>
    <request policy="add">
    <credential name="TrackerReadAccess"/>
    <credential name="TrackerWriteAccess"/>
    <for path="/opt/FaceOff/bin/FaceOff"/>
    </request>
    </aegis>@

    I want now to generate theme automatically, How can I do that?
    note:- I am using windows 7, Qt SDK 1.1.3, QEMU nothing more than that
    Thank you for your help.



  • Did you upgraded to the last Qt 4.7.4 and Qt Creator 2.3.0 ? This is important because the previouse Qt Creator version was having some bugs managing the packaging.

    In this moment I don't remember exactly but the aegis problem was depending by the Windows 7 and not by the development environement. I am sure of this. This is the same problem I had when tryed to compile the first applicaiton for Harmattan under Windows 7 + QEMU

    This problems will disappear with Qt Creator 2.3.0



  • I am already using up to date version of Qt.



  • Finally I remembered where I have found about aegis: http://www.developer.nokia.com/Community/Wiki/Harmattan:Developer_Library/Developing_for_Harmattan/Harmattan_security/Security_guide/Aegis_manifest_file_generation_tool

    It is in the Harmattan section of developer.nokia.com not on the developer network. I think this link may be helpful for you.



  • You might also note to check if your "qtc_packaging/debian_harmattan/manifest.aegis" file still exists. The current Qt SDK has an error which deletes this file upon project opening: https://bugreports.qt.nokia.com/browse/QTCREATORBUG-6117

    Also delete the _aegis file in your project directory and check if it gets re-generated when packaging. It should contain your manifest.aegis' contents.



  • @gri: this error IIRC was still present in Qt 4.7.3 It is not had been solved ?



  • It's not a Qt bug. It's QtCreator, which is 2.3.0 in the current QtSDK (1.1.3). See the bugreport's date, it should be fixed in the next patch release. I have to "git checkout" my .aegis file on every project opening ...



  • I see. Thus there was another trouble that I don't rememebr related to the aegis file also in the prevous version of Qt Creator. I meant Qt 4.7.4 and Qt 4.7.3 as the full SDK packages (including Qt Creator ).



  • Ok, it seems that there is a problem in the qt creator.

    How can I generate the aegis file for the following libraries.

    Contacts, SystemInfo, Multimedia, gallery

    I think that when ever i changed the aegis file it will be cleared when i build the package using qt creator

    Thank you for your help



  • For a detailed list take a look here: http://harmattan-dev.nokia.com/docs/library/html/guide/html/Developer_Library_Developing_for_Harmattan_Harmattan_security_Security_guide_Harmattan_APIs_that_require_credentials.html

    Create the manifest.aegis file your own in qtc_packaging/debian_harmattan and be prepared the file gets cleared. So store a copy of it somewhere or use a versioning system. Check the file contents before packaging :)



  • bq. Finally I remembered where I have found about aegis: http://www.developer.nokia.com/Community/Wiki/Harmattan:Developer_Library/Developing_for_Harmattan/Harmattan_security/Security_guide/Aegis_manifest_file_generation_tool

    It is in the Harmattan section of developer.nokia.com not on the developer network. I think this link may be helpful for you.

    @gri: It is the second time that someone of us tells it to @mismael :) Seems that we are discussing alone :D



  • The developer.nokia.com site is much older than the harmattan-dev site. It also contains no reference to the list of credentials and is less structured in my point of view :) So it is not the same for me.

    Edit: Ok, I was wrong, it has detailed information but different :) So it's better to look at both of them.



  • @gri: the question was about the owner of this thread :) ... I have seen your link for the first time today, nice! Thank you.



  • I tried to put the aegis file while qt creator packaging the application and i used the following credentials in it
    @<aegis>
    <request>
    <credential name="TrackerReadAccess" />
    <credential name="TrackerWriteAccess" />
    <credential name="GRP::metadata-users" />
    <credential name="GRP::pulse-access" />
    <credential name="GRP::video" />
    <credential name="mce::DeviceModeControl" />
    <credential name="mce::TKLockControl" />
    <for path="/usr/bin/userdatamanager" />
    </request>
    </aegis>@

    but still the application does not execute because of the credentials.



  • Do you run the application with debugger attached or without? On the N950 beta1 firmware, there was an error where the applications' credentials are lost when running with debugger.

    I don't know exactly which version the emulator is running. If the application works without the debugger, this may be the same.

    In this case you would need to:

    • Login as developer via ssh
    • Execute "cat /etc/passwd | grep developer" and see if you read /bin/sh or /bin/develsh
    • If there is /bin/sh, become root and open "/etc/shells" with an editor, add "/bin/develsh"
    • Become developer again and run "chsh", choose "/bin/develsh"


  • I am running the application in the release mode



  • Even in release mode you can run the debugger :) Please start the application with "CTRL + R" or the "Play" icon without overlay on bottom left to be sure.
    Also take a look at the _aegis file in your project folder and tell me if it contains the lines you've written to your manifest.aegis.

    If it does not work, I suppose the best idea would be to zip your code and upload it somewhere for testing. If you don't want to publish it to all, send me a private message with a link to the sources - I won't steal your code.



  • 1- how can i get back to developer user (excuse me i am new to linux world)
    2- when i tried to use "chch" as devel-su user it says that "chch" not found

    thank you for your help



  • You can check which user you are with "whoami". To become developer again from devel-su, you have to run "exit". The sign in front of your cursor also indicates who you are: "$" is user; "#" is root.

    The command you have to run is "chsh", short for "change shell", not "chch". You have to add "/bin/develsh" to "/etc/shells" in order to be able to change the shell. Your favourite editor for editing might be "nano" (if available in emulator), which can be controlled by CTRL + "key number on the bottom of your screen".

    If "chsh" is not available in the emulator, you can also change the entry of developer in "/etc/passwd" but be warned if you mess up the file, your emulator may not work anymore!



  • hi gri,

    the _aegis file contains what i wrote in the *.aegis file.
    I run the application with "CTRL + R"



  • Ok, then I'm out of ideas now. Could you either provide a zip package with your code or the .deb file that I could test it on an actual device since I don't have the emulator?


Log in to reply
 

Looks like your connection to Qt Forum was lost, please wait while we try to reconnect.