Hello,
our application is using the Paho- MQTT client to connect to our MQTT broker. It is possible to connect the broker if the broker is running on our development host. In this case the device uses the usb-ethernet connection to connect to the broker. To make that possible, we allow the application to access a couple of system libraries (see adef snippet).
After this successful test I tried to use the modem connection with a external SIM card. For that I enabled the data connection via command line in the following way:
cm sim select EXTERNAL_SLOT_1
cm data apn web.vodafone.de
cm data connect
After a successful established connection I tested the data connection via a “wget www.heise.de” command, also this was successful .
Afterwards I reconfigured our application to access a MQTT Broker in the internet. Unfortunately it can’t access the external broker. It seems to be that the sandbox does not allow it. I get the following log messages:
Feb 25 12:09:23 swi-mdm9x28-wp user.err Legato: =ERR= | carapplication[4135] | I0225 12:09:23.870231 4135 SoftwareUpdateReceiver.cpp:134] Subscribing SoftwareUpdateCommand…
Feb 25 12:09:23 swi-mdm9x28-wp user.notice kernel: [ 808.931496] audit: type=1400 audit(1582632563.859:34): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject=“app.IVSCar” object="" requested=w pid=4135 comm=“carapplication” saddr=127.0.0.1 src=58489 daddr=127.0.0.1
Feb 25 12:09:23 swi-mdm9x28-wp user.notice kernel: [ 808.932506] audit: type=1400 audit(1582632563.859:35): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject=“app.IVSCar” object="" requested=w pid=4135 comm=“carapplication” saddr=127.0.0.1 src=58489 daddr=127.0.0.1
Feb 25 12:09:23 swi-mdm9x28-wp user.notice kernel: [ 808.932963] audit: type=1400 audit(1582632563.859:36): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject=“app.IVSCar” object="" requested=w pid=4135 comm=“carapplication” saddr=127.0.0.1 src=50730 daddr=127.0.0.1
Feb 25 12:09:23 swi-mdm9x28-wp user.notice kernel: [ 808.933204] audit: type=1400 audit(1582632563.859:37): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject=“app.IVSCar” object="" requested=w pid=4135 comm=“carapplication” saddr=127.0.0.1 src=50730 daddr=127.0.0.1
Feb 25 12:09:23 swi-mdm9x28-wp user.err Legato: =ERR= | carapplication[4135] | I0225 12:09:23.871428 4135 MqttClient.cpp:292] Subscribe devices/ivs_slimscaley_develop_pec2hi_01/commands/softwareupdate
The following snippet is part of our current adef file:
requires:
{
file:
{
// some generic libs:
/lib/libz.so.1 /lib/
/usr/lib/libcurl.so.4 /lib/
/lib/libnsl.so.1 /lib/
// Binary files of OpenSSL and Crypto libs
/usr/lib/libssl.so.1.0.2 /lib/
/usr/lib/libcrypto.so.1.0.2 /lib/
// IP services
/etc/services /etc/
// DNS resolver
/lib/libnss_dns.so.2 /lib/
/lib/libnss_files.so.2 /lib/
/lib/libresolv.so.2 /lib/
/lib/libnss_compat.so.2 /lib/
/etc/nsswitch.conf /etc/
/etc/dnsmasq.conf /etc/
}