How do I get access the SD card in sandboxed application?


#1

I have the mangOH Green with WP85.

I have built an application which contains 1 sandboxed app and 1 unsandboxed app that communicate via a legato API.

The SD card is mounted in the unsandboxed app in /mnt/userrw/sdcard directory.
This can read and write files on the SD card OK.

The sandboxed app has an adef file with:

requires:
{

dir:
{
	/mnt/userrw/sdcard		/mnt/userrw/sdcard
}

file:
{
	/bin/sh							/bin/
	/bin/cp							/bin/
}

}

The app can list filenames from that directory with no problem.
When I attempt to copy a file from the SD card directory to a local directory, it gives file permission error for the SD card location:

cp: can’t open ‘/mnt/userrw/sdcard/TLCU.xml’ : permission denied

I first set the permissions of the file using chmod as shown here:
https://docs.legato.io/latest/defFilesAdef.html#defFilesAdef_requiresDir

I then use a pipe to execute the linux command “cp” to copy. It obviously recognises the file as being there, but denies permission to copy the file from the SD card.

The C commands I am using are:

chmod ("/mnt/userrw/sdcard/TLCU.xml", S_IRWXU | S_IRWXG | S_IRWXO);
fp = popen("/bin/cp   /mnt/userrw/sdcard/TLCU.xml   /TLCU.xml 2>&1", "r");
...

What can I do to set the permissions and copy the file from the SD card into the sandboxed directory so that I can work on it?


#2

You cannot do that due to smack constraints. You will need to unsandbox your app


#3

Thanks for the reply, much appreciated.

When the unsandboxed mounts the SD card, the sandboxed app can list the contents of the SD card, but can’t do anything else. I don’t see the point of that.

Can I mount the SD card from within the sandboxed app? Then I could access the files that way.


#4

in your sandboxed apps .adef try to add this

requires:
{
	device:
	{
		[rw] /mnt/userrw/sdcard		/mnt/userrw/sdcard
	}
	
}

#5

Hi Francis,
I just tried that, it compiled, but the mangOH wouldn’t load the code.

Thanks for the suggestion.


#6

ok did you make a “make clean” of your project ?
To take effect of the .adef change.


#7

I have a couple of script files, the first contains:
mkapp TLCU.adef -t wp85

The second contains:
app install TLCU.wp85.update 192.168.2.2

When I compile, it takes a lot longer when I change the adef file.
Is there something I need to include in either of these that makes it clean?


#8

No it’s good. What is error message when you try to install the app ?


#9

adef contains:
requires:
{

device:
{
	// serial ports
	[rw]    /dev/ttyHS0   /dev/ttyHS0
	[rw]    /dev/ttyHSL1  /dev/ttyHSL1
	[rw]    /mnt/userrw/sdcard		/mnt/userrw/sdcard
}

I have cut the report down, so the first line here states that the directory is not a device file… SUCCESS! and the final line states disconnect.


Jan 6 04:58:23 swi-mdm9x15 user.err Legato: =ERR= | supervisor[506]/supervisor T=main | app.c GetDevID() 635 | ‘/mnt/userrw/sdcard’ is not a device file. Success.
Jan 6 04:58:23 swi-mdm9x15 user.err Legato: =ERR= | supervisor[506]/supervisor T=main | apps.c LaunchApp() 663 | Application ‘TLCU’ cannot run.
Jan 6 04:58:23 swi-mdm9x15 user.info Legato: INFO | updateDaemon[533]/updateDaemon T=main | app.c app_InstallIndividual() 662 | App TLCU <60343d4b205504f12399462f51284f89> installed
Jan 6 04:58:23 swi-mdm9x15 user.info Legato: INFO | updateDaemon[533]/updateDaemon T=main | updateDaemon.c ApplyAppUpdate() 664 | App ‘TLCU<60343d4b205504f12399462f51284f89>’ installed properly.
Jan 6 04:58:23 swi-mdm9x15 user.info Legato: INFO | updateDaemon[533]/updateDaemon T=main | updateDaemon.c StartProbation() 190 | System on probation (timer started).
Jan 6 04:58:23 swi-mdm9x15 user.info Legato: INFO | avcDaemon[562]/avcDaemon T=main | assetData.c assetData_CreateInstanceById() 3079 | Finished creating instance 0 for TLCU/0

Jan 6 04:58:23 swi-mdm9x15 user.info Legato: INFO | avcDaemon[562]/avcDaemon T=main | assetData.c assetData_CreateInstanceById() 3079 | Finished creating instance 5 for TLCU/1
Jan 6 04:58:23 swi-mdm9x15 authpriv.info dropbear[9665]: Exit (root): Disconnect received

Removal of the line from the adef restores it to a working system.


#10

Ok I’m not expert for this. Sorry can’t help you more…


#11

@AndrewMawdsley Could you please let me know how you are mounting your SD card? I have a similar requirement here and when I try to create an init .sh script to mount the sd car via mount command it ends up hanging and freezing the whole device i.e. when I do app status I nvr get any response which makes me believe that legato is freezing as a result of that. I think I need to mount the SD card via application side instead of kernel side. Could you tell me how you are doing that via an APP? is it just having a system call that does mount?


#12

Hi Ghaddam,

I don’t use a script. Inside the application, I have a C system call that runs the mount command.

If you were to mount manually:

mkdir -p /mnt/userrw/sdcard
/bin/mount -t auto -o sync -o rw /dev/mmcblk0p1 “/mnt/userrw/sdcard”
df –h			

df checks that it mounted correctly (using the human readable switch), which shows
/dev/mmcblk0p1 /mnt/userrw/sdcard

To open in C, I use popen so that I can capture the result that it returns:

FILE *fp;
char localresponse[40]="";

fp = popen("/bin/mount -t auto -o sync -o rw /dev/mmcblk0p1 “/mnt/userrw/sdcard” 2>&1", “r”);
while (fgets(localresponse, sizeof(localresponse)-1, fp) != NULL) {
… code to capture the output strings…
}
pclose(fp); // close the pipe

Note:

  1. The SD card must be present at power-on
  2. To access the SD card, the app must be unboxed
  3. Because it is unboxed, you don’t have to register the commands in the adef file.