| Age | Commit message (Collapse) | Author | Files |
|---|
|
Add the following line to common_errors list.
Failed to read /var/lib/nfs/statd/state: Success
This message is not harmful, it does not result in rpc.statd starting
failure.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
And use bitbake variables for install paths to fix nativesdk-openssh
compilation.
Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
When generating the extended SDK, there is a copy step where this class
goes through the layers and other stuff that have been copied to
generate the SDK. The corebase; ie. the folder that contains the core
layer 'meta' is treated in a special way. Unfortunately in our tree, we
have:
sources/meta/meta
| `- core layer
`------- corebase
In populate_sdk_ext's copy_buildsystem, the heuristic to determine which
element of the list returned by copy_bitbake_and_layers is corebase is
fooled by such layout.
In copy_bitbake_and_layers, corebase is already handled specifically and
reliably, so we should let that function tell us which folder is
corebase instead of trying to determine it.
To do so, change the return type of copy_bitbake_and_layers to a tuple
that contains (corebase, copied_layers). It also simplifies the code on
the caller side.
Signed-off-by: Damien Riegel <damien.riegel@savoirfairelinux.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
There's only one user of rsync.inc (meta-gplv2 has its own copy), so
merge the .inc file into the rsync recipe.
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
An earlier version of a change was merged from S. Lockwood-Childs
<sjl@vctlabs.com> which made the CFLAGS consistent across native,
nativesdk and target cases. This syncs with a later verison of the
patch to remove duplicate CFLAGS settings and simplify the recipe.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
When generating overlay DTB configuration sections, U-Boot doesn't want
the kernel specified again as we already have that in our base DTB. Add
support for this to allow bootm to process overlay configuration sections.
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Introduce UBOOT_DTB_LOADADDRESS and UBOOT_DTBO_LOADADDRESS so that you
can set where U-Boot loads full and overlay DTBs. This is required when
using bootm's overlay support to construct the final DTB.
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The patch was previously removed for gcc7 but came back with gcc8.
http://git.openembedded.org/openembedded-core/commit/?id=f71bc69e5b7581c53071055b694bb0dbfe4b4a87
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
alsa-tools is actually a collection of 20 separate tools, each with their own
configure scripts. The dependencies are varied, old, and estoric (FLTK, GTK+ 1, 2,
and 3, PyGTK 2, Qt3).
Instead of maintaining patches to try and pick a subset that builds, use
PACKAGECONFIG and some magic to build what the user requests.
By default we build all the tools which have no dependencies, and the tools
which need GTK+ 2 or GTK+ 3 if the relevant DISTRO_FEATURES are enabled.
Add a patch to fix the build of ld10k1 with musl.
The ncurses build dependency doesn't seem to be checked for, so remove that.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The sshd UseDNS option has defaulted to "no" since openssh 6.8p1,
so it's no longer necessary to postprocess the rootfs to force the
option:
https://www.openssh.com/txt/release-6.8
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Previously sshd_check_keys would create a full set of all possible
sshd host keys, even if sshd_config has been set to only enable
certain key types.
Update sshd_check_keys to only create keys which have been enabled in
sshd_config (with a fallback to creating a full set of key types if
no HostKey options are defined, as before).
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Changes are mostly related to the removal of support for SSH v.1
protocol, which was dropped from openssh sshd in 7.4p1:
https://www.openssh.com/txt/release-7.4
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The openssh sshd init script contains a mix of indent styles, mostly
inherited from the Debian script from which it is derived. Leave the
indent from Debian as-is, but for lines which are OE specific (e.g.
where Debian's log_daemon_msg helper has been replaced with echo)
make the indent consistent with surrounding lines.
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The "ssh-keygen" package no longer seems to be provided by any recipe
in oe-core or meta-oe, so there's no clear reason for the
openssh-keygen package to conflict with it.
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Openssh takes care of enabling large-file support automatically via
the AC_SYS_LARGEFILE in the configure.ac, so additional help from the
recipe is not required.
Even if it were once required, defining __FILE_OFFSET_BITS (ie with
double leading underscores) looks like a typo and probably never had
any effect anyway?
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
When include conf/distro/include/security_flags.inc, NOPIE flags are
still required for mips64 target builds. Otherwise it fails to build
packages such as glide which inherit go.bbclass:
| .../tmp-glibc/work/mips64-wrs-linux/glide/0.13.1-r0/recipe-sysroot-native/usr/bin/mips64-wrs-linux/../../libexec/mips64-wrs-linux/
| gcc/mips64-wrs-linux/7.3.0/ld: .../tmp-glibc/work/mips64-wrs-linux/glide/0.13.1-r0/go-tmp/go-link-518447869/go.o:
| relocation r_mips_26 against `a local symbol' can not be used when making a shared object; recompile with -fPIC`
Use override 'mipsarch' to set SECURITY_CFLAGS for both mips and mips64.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Apply patch from Taras Kondratiuk <takondra@cisco.com> to gcc 8.x too.
Normal gcc-cross has build-id feature enabled by default, so most of
target binaries has build-id. But libc (glibc, musl) doesn't have
build-id, because it is built with gcc-cross-initial.
Build-id is a useful feature, so enable it for gcc-cross-initial too.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Normal gcc-cross has build-id feature enabled by default, so most of
target binaries has build-id. But libc (glibc, musl) doesn't have
build-id, because it is built with gcc-cross-initial.
Build-id is a useful feature, so enable it for gcc-cross-initial too.
Signed-off-by: Taras Kondratiuk <takondra@cisco.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
The script oe-git-proxy uses some tools that may not be included
on HOSTTOOLS, thus add the proper documentation.
Signed-off-by: Leonardo Sandoval <leonardo.sandoval.gonzalez@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
This patch isn't needed for musl or glibc, so drop it.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Fixed:
b'Your entry can be found here: http://<snip>'
Now looks like:
Your entry can be found here: http://<snip>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Adding CVE-2017-5669 test fix patch which is accepted upstream in LTP repo.
Ref:
cve-2017-5669: shmat() for 0 (or <PAGESIZE with RND flag) has to fail with REMAPs
https://github.com/linux-test-project/ltp/pull/324
Upstream-Status: Accepted [https://github.com/linux-test-project/ltp/pull/324]
Signed-off-by: Naresh Kamboju <naresh.kamboju@linaro.org>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
* Upstream release notes:
"
May 23 2018 <shlomif@shlomifish.org> (Shlomi Fish)
Error.pm #0.17026
- Convert to Dist-Zilla.
"
* Tested on qemux86: all tests pass
Signed-off-by: Tim Orling <timothy.t.orling@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Andrej has kindly stepped up as the busybox maintainer.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
It appears the rpm5.org has been down for some time, switch to fossies
WARNING: popt-native-1.16-r3 do_fetch: Failed to fetch URL http://rpm5.org/files/popt/popt-1.16.tar.gz, attempting MIRRORS if available
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
SystemD 237 implements a stricted PIDfile handling that breaks several
daemons [1].
Change the way we start xinetd, mimicing other distros [2].
Fixes:
root@qt5122:~# journalctl -u xinetd
-- Logs begin at Fri 2018-05-25 14:33:29 UTC, end at Mon 2018-06-11 07:33:08 UTC. --
May 25 14:33:31 qt5122 systemd[1]: Starting Xinetd A Powerful Replacement For Inetd...
May 25 14:33:31 qt5122 systemd[1]: xinetd.service: Permission denied while opening PID file or unsafe symlink chain: /var/run/xinetd.pid
Jun 11 07:27:24 qt5122 systemd[1]: xinetd.service: Start operation timed out. Terminating.
Jun 11 07:27:24 qt5122 systemd[1]: xinetd.service: Failed with result 'timeout'.
Jun 11 07:27:24 qt5122 systemd[1]: Failed to start Xinetd A Powerful Replacement For Inetd.
Jun 11 07:31:38 qt5122 systemd[1]: Starting Xinetd A Powerful Replacement For Inetd...
Jun 11 07:31:38 qt5122 systemd[1]: xinetd.service: Permission denied while opening PID file or unsafe symlink chain: /var/run/xinetd.pid
Jun 11 07:33:08 qt5122 systemd[1]: xinetd.service: Start operation timed out. Terminating.
Jun 11 07:33:08 qt5122 systemd[1]: xinetd.service: Failed with result 'timeout'.
Jun 11 07:33:08 qt5122 systemd[1]: Failed to start Xinetd A Powerful Replacement For Inetd.
[1]: https://github.com/systemd/systemd/issues/8085
[2]: https://github.com/felixonmars/archlinux-community/commit/e49040636737fdb09031e75ec4d73a580f80676b
Signed-off-by: Ricardo Ribalda Delgado <ricardo.ribalda@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Add version field in recipe name for example recipe created by
bitbake-layers.
Fixes [YOCTO #12767]
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
By default, we ought to use console="${console},${baudrate}" as
console bootparam as commonly it is left to be passed with the
bootargs.
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Dengke Du <dengke.du@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Backport two CVE patches from the upstream
https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=summary
commit 5460617d1567657621107d895ee2dd83bc1f88f2
commit cd66c0e584c6d692bc8347b5e72723d02b8a8ada
Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Inherit manpages to update manual file index caches after installation
for man-pages.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
If a package installs manual files, it should update manual index cache
after its installation. Add package 'man-db' to RDEPENDS which contains
command 'mandb' to update the cache. And do the update in the post
install scripts.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
"The cpio_safer_name_suffix function in util.c in cpio 2.11 allows
remote attackers to cause a denial of service (out-of-bounds write)
via a crafted cpio file."
https://nvd.nist.gov/vuln/detail/CVE-2016-2037
Note that there appear to be two versions of this fix. The original
patch posted to the bug-cpio mailing list [1] is used by Debian [2],
but apparently causes regression [3]. The patch accepted to the
upstream git repo [4] seems to be the most complete fix.
[1] https://lists.gnu.org/archive/html/bug-cpio/2016-01/msg00005.html
[2] https://security-tracker.debian.org/tracker/CVE-2016-2037
[3] https://www.mail-archive.com/bug-cpio@gnu.org/msg00584.html
[4] http://git.savannah.gnu.org/cgit/cpio.git/commit/?id=d36ec5f4e93130efb24fb9678aafd88e8070095b
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Merge contents of cpio_v2.inc into the only recipe which uses it.
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
qemu doesn't use autotools, so don't inherit it and just call 'make install'
directly.
No need to alter makefiles anymore, as they appear to respect CFLAGS now.
Remove a chmod of beginend_funcs.sh (a file we patched in, and removed,
many years ago).
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Wayland has moved to GitLab with the result that /releases/ no longer returns a
directory listing, so the upgrade detection doesn't work.
The upgrade detection can scan releases.html just as well, so tell it to look
there.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
The handling of the environment setup was moved to the post-relocate
script handler, and so is no longer necessary in the setup script
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
systemd by default sets the system time at boot to the date of its NEWS
file. It provides the option to change that at build time, and some
projects need to come up at a particular date if no RTC is present.
Provide the option to set the time at boot to the epoch instead of the
date of the NEWS file.
Signed-off-by: Dan McGregor <dan.mcgregor@usask.ca>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
it is from:
https://www.eclipse.org/org/documents/epl-2.0/EPL-2.0.txt
And add 'EPL-2.0' to SRC_DISTRIBUTE_LICENSES.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Add option "-p" to specify fixed port number
Signed-off-by: Li Wang <li.wang@windriver.com>
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
When switch PATCHTOOL to patch, applying 'key-replay-cve-multiple.patch' failed:
checking file src/ap/ieee802_11.c
checking file src/ap/wpa_auth.c
checking file src/ap/wpa_auth.h
checking file src/ap/wpa_auth_ft.c
checking file src/ap/wpa_auth_i.h
checking file src/common/wpa_common.h
checking file src/rsn_supp/wpa.c
checking file src/rsn_supp/wpa_i.h
checking file src/rsn_supp/wpa.c
Hunk #1 FAILED at 709.
Hunk #2 FAILED at 757.
Hunk #3 succeeded at 840 (offset -12 lines).
Hunk #4 FAILED at 868.
Hunk #5 FAILED at 900.
Hunk #6 FAILED at 924.
Hunk #7 succeeded at 1536 (offset -38 lines).
Hunk #8 FAILED at 2386.
Hunk #9 FAILED at 2920.
Hunk #10 succeeded at 2940 (offset -46 lines).
Hunk #11 FAILED at 2998.
8 out of 11 hunks FAILED
checking file src/rsn_supp/wpa_i.h
Hunk #1 FAILED at 32.
1 out of 1 hunk FAILED
checking file src/common/wpa_common.h
Hunk #1 succeeded at 215 with fuzz 1.
checking file src/rsn_supp/wpa.c
checking file src/rsn_supp/wpa_i.h
checking file src/ap/wpa_auth.c
Hunk #1 succeeded at 1898 (offset -3 lines).
Hunk #2 succeeded at 2470 (offset -3 lines).
checking file src/rsn_supp/tdls.c
checking file wpa_supplicant/wnm_sta.c
checking file src/rsn_supp/wpa.c
Hunk #1 succeeded at 2378 (offset -62 lines).
checking file src/rsn_supp/wpa_ft.c
checking file src/rsn_supp/wpa_i.h
Hunk #1 succeeded at 123 (offset -5 lines).
So split the wpa-supplicant/key-replay-cve-multiple to 8 patches.
Signed-off-by: Hong Liu <hongl.fnst@cn.fujitsu.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
add multilib support for this receipe, or it will conflicts in mutlilib setting
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Instead of patching Module::Build, maybe Module::Build::Tiny and all other
similar tools, use the official way to tell them which is the target perl
on target.
(From OE-Core rev: f3925216b06ff7fbe21989210f8eb11e16be6631)
Signed-off-by: Jens Rehsack <sno@netbsd.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
These packages use hand-grown makefiles which don't handle cleans as they can
invoke /usr/bin/gmake directly which may not exist. Until new upstream releases
are made (which have ported to automake) set CLEANBROKEN to work around this.
[ YOCTO #12775 ]
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
gresource-tool has optional support for using libelf to extract resources from
ELF files, so add a PACKAGECONFIG in case someone wants this.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
It should be RCONFLICTS_${PN} instead of RCONFLICTS_${PN}-syslog.
There's no ${PN}-syslog package.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
