| Age | Commit message (Collapse) | Author | Files |
|---|
|
As the format "tar.xz" is included in the IMAGE_TYPES bitbake variable
as defined in meta/classes/image_types.bbclass, it should also be
possible to extract a rootfs that has been built using that format.
Signed-off-by: Dennis Menschel <menschel-d@posteo.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
default-versions.inc is included by defaultsetup.conf which in bitbake.conf
is included after local/machine/distro.conf.
If these are hard assignments distros can's overwrite them.
Signed-off-by: Stefan Stanacar <sstncr@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The audit package specifies the following:
UPDATERCPN = "auditd"
However because it is not multilibized, the value "auditd" is used to
search for the package to add the post install script too. In the mutlilib
alternate abi case, that package does not exist. It ends up assigning
the post install script to the lib32-audit-lic package, which
subsequently failes to execute the script due to the initscript it is
trying to turn on is not installed.
Signed-off-by: Jeremy Puhlman <jpuhlman@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
There's a bug in Meson[1] where it find_program("foo") will fail if foo is
defined in the cross file as a list.
This is causing the Meson build of libdrm to fail, but for this instance we can
work around the problem by only using lists in the cross file if there are
arguments, and just using a string if there are not.
[1] https://github.com/mesonbuild/meson/issues/3737
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The services and timers are not useful if a repo is not configured.
In OE, we default to have no repo configured. So we default to disable
these units.
The problem was found by the test_systemd_failed runtime test case.
dnf-makecache.service is found to fail. This is due to lack of repo.
Note that as this service is started by the dnf-makecache.timer, it's
possible that test_systemd_failed passes in case the timer is not started
yet.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The following message from watchdog is not an error.
"error retry time-out = 60 seconds"
Checking watchdog's source codes, we have:
src/watchdog.c: log_message(LOG_INFO, "error retry time-out = %d seconds", retry_timeout);
It's clear this is an info message, so parselogs should ignore it.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The current init script is installed from source with redhat style.
It does not get configuration from /etc/default/watchdog. We should use
debian style init script.
Write our own script just like what wd_keepalive does.
Also, in the init script, we check the existence of /dev/watchdog to
determine whether to start the daemon or not.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
We need to make sure logs are not lost. As long as there's no
strong and vaild reason, we should make daemons start after syslog.
As a side effect, we could check the logs to see if there are
some potential problem. In OE, the 'parselogs' test case could
do it automatically.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
systemd has internal support for watchdog. See the RuntimeWatchdogSec
in /etc/systemd/system.conf.
We'd better just disable this service by default. If users want to use
watchdog, consider using the systemd one.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This patch modifies watchdog.conf file. But this file is deliberately
deleted in do_install. The current mechanism in OE is to use another
recipe watchdog-conf to handle watchdog configuration. So the patch
is really useless.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Add the following line to common_errors list.
Failed to read /var/lib/nfs/statd/state: Success
This message is not harmful, it does not result in rpc.statd starting
failure.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
And use bitbake variables for install paths to fix nativesdk-openssh
compilation.
Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
When generating the extended SDK, there is a copy step where this class
goes through the layers and other stuff that have been copied to
generate the SDK. The corebase; ie. the folder that contains the core
layer 'meta' is treated in a special way. Unfortunately in our tree, we
have:
sources/meta/meta
| `- core layer
`------- corebase
In populate_sdk_ext's copy_buildsystem, the heuristic to determine which
element of the list returned by copy_bitbake_and_layers is corebase is
fooled by such layout.
In copy_bitbake_and_layers, corebase is already handled specifically and
reliably, so we should let that function tell us which folder is
corebase instead of trying to determine it.
To do so, change the return type of copy_bitbake_and_layers to a tuple
that contains (corebase, copied_layers). It also simplifies the code on
the caller side.
Signed-off-by: Damien Riegel <damien.riegel@savoirfairelinux.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
There's only one user of rsync.inc (meta-gplv2 has its own copy), so
merge the .inc file into the rsync recipe.
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
An earlier version of a change was merged from S. Lockwood-Childs
<sjl@vctlabs.com> which made the CFLAGS consistent across native,
nativesdk and target cases. This syncs with a later verison of the
patch to remove duplicate CFLAGS settings and simplify the recipe.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
When generating overlay DTB configuration sections, U-Boot doesn't want
the kernel specified again as we already have that in our base DTB. Add
support for this to allow bootm to process overlay configuration sections.
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Introduce UBOOT_DTB_LOADADDRESS and UBOOT_DTBO_LOADADDRESS so that you
can set where U-Boot loads full and overlay DTBs. This is required when
using bootm's overlay support to construct the final DTB.
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The patch was previously removed for gcc7 but came back with gcc8.
http://git.openembedded.org/openembedded-core/commit/?id=f71bc69e5b7581c53071055b694bb0dbfe4b4a87
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
alsa-tools is actually a collection of 20 separate tools, each with their own
configure scripts. The dependencies are varied, old, and estoric (FLTK, GTK+ 1, 2,
and 3, PyGTK 2, Qt3).
Instead of maintaining patches to try and pick a subset that builds, use
PACKAGECONFIG and some magic to build what the user requests.
By default we build all the tools which have no dependencies, and the tools
which need GTK+ 2 or GTK+ 3 if the relevant DISTRO_FEATURES are enabled.
Add a patch to fix the build of ld10k1 with musl.
The ncurses build dependency doesn't seem to be checked for, so remove that.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The sshd UseDNS option has defaulted to "no" since openssh 6.8p1,
so it's no longer necessary to postprocess the rootfs to force the
option:
https://www.openssh.com/txt/release-6.8
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Previously sshd_check_keys would create a full set of all possible
sshd host keys, even if sshd_config has been set to only enable
certain key types.
Update sshd_check_keys to only create keys which have been enabled in
sshd_config (with a fallback to creating a full set of key types if
no HostKey options are defined, as before).
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Changes are mostly related to the removal of support for SSH v.1
protocol, which was dropped from openssh sshd in 7.4p1:
https://www.openssh.com/txt/release-7.4
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The openssh sshd init script contains a mix of indent styles, mostly
inherited from the Debian script from which it is derived. Leave the
indent from Debian as-is, but for lines which are OE specific (e.g.
where Debian's log_daemon_msg helper has been replaced with echo)
make the indent consistent with surrounding lines.
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The "ssh-keygen" package no longer seems to be provided by any recipe
in oe-core or meta-oe, so there's no clear reason for the
openssh-keygen package to conflict with it.
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Openssh takes care of enabling large-file support automatically via
the AC_SYS_LARGEFILE in the configure.ac, so additional help from the
recipe is not required.
Even if it were once required, defining __FILE_OFFSET_BITS (ie with
double leading underscores) looks like a typo and probably never had
any effect anyway?
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
When include conf/distro/include/security_flags.inc, NOPIE flags are
still required for mips64 target builds. Otherwise it fails to build
packages such as glide which inherit go.bbclass:
| .../tmp-glibc/work/mips64-wrs-linux/glide/0.13.1-r0/recipe-sysroot-native/usr/bin/mips64-wrs-linux/../../libexec/mips64-wrs-linux/
| gcc/mips64-wrs-linux/7.3.0/ld: .../tmp-glibc/work/mips64-wrs-linux/glide/0.13.1-r0/go-tmp/go-link-518447869/go.o:
| relocation r_mips_26 against `a local symbol' can not be used when making a shared object; recompile with -fPIC`
Use override 'mipsarch' to set SECURITY_CFLAGS for both mips and mips64.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Apply patch from Taras Kondratiuk <takondra@cisco.com> to gcc 8.x too.
Normal gcc-cross has build-id feature enabled by default, so most of
target binaries has build-id. But libc (glibc, musl) doesn't have
build-id, because it is built with gcc-cross-initial.
Build-id is a useful feature, so enable it for gcc-cross-initial too.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Normal gcc-cross has build-id feature enabled by default, so most of
target binaries has build-id. But libc (glibc, musl) doesn't have
build-id, because it is built with gcc-cross-initial.
Build-id is a useful feature, so enable it for gcc-cross-initial too.
Signed-off-by: Taras Kondratiuk <takondra@cisco.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
The script oe-git-proxy uses some tools that may not be included
on HOSTTOOLS, thus add the proper documentation.
Signed-off-by: Leonardo Sandoval <leonardo.sandoval.gonzalez@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
This patch isn't needed for musl or glibc, so drop it.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Fixed:
b'Your entry can be found here: http://<snip>'
Now looks like:
Your entry can be found here: http://<snip>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Adding CVE-2017-5669 test fix patch which is accepted upstream in LTP repo.
Ref:
cve-2017-5669: shmat() for 0 (or <PAGESIZE with RND flag) has to fail with REMAPs
https://github.com/linux-test-project/ltp/pull/324
Upstream-Status: Accepted [https://github.com/linux-test-project/ltp/pull/324]
Signed-off-by: Naresh Kamboju <naresh.kamboju@linaro.org>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
* Upstream release notes:
"
May 23 2018 <shlomif@shlomifish.org> (Shlomi Fish)
Error.pm #0.17026
- Convert to Dist-Zilla.
"
* Tested on qemux86: all tests pass
Signed-off-by: Tim Orling <timothy.t.orling@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Andrej has kindly stepped up as the busybox maintainer.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
It appears the rpm5.org has been down for some time, switch to fossies
WARNING: popt-native-1.16-r3 do_fetch: Failed to fetch URL http://rpm5.org/files/popt/popt-1.16.tar.gz, attempting MIRRORS if available
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
SystemD 237 implements a stricted PIDfile handling that breaks several
daemons [1].
Change the way we start xinetd, mimicing other distros [2].
Fixes:
root@qt5122:~# journalctl -u xinetd
-- Logs begin at Fri 2018-05-25 14:33:29 UTC, end at Mon 2018-06-11 07:33:08 UTC. --
May 25 14:33:31 qt5122 systemd[1]: Starting Xinetd A Powerful Replacement For Inetd...
May 25 14:33:31 qt5122 systemd[1]: xinetd.service: Permission denied while opening PID file or unsafe symlink chain: /var/run/xinetd.pid
Jun 11 07:27:24 qt5122 systemd[1]: xinetd.service: Start operation timed out. Terminating.
Jun 11 07:27:24 qt5122 systemd[1]: xinetd.service: Failed with result 'timeout'.
Jun 11 07:27:24 qt5122 systemd[1]: Failed to start Xinetd A Powerful Replacement For Inetd.
Jun 11 07:31:38 qt5122 systemd[1]: Starting Xinetd A Powerful Replacement For Inetd...
Jun 11 07:31:38 qt5122 systemd[1]: xinetd.service: Permission denied while opening PID file or unsafe symlink chain: /var/run/xinetd.pid
Jun 11 07:33:08 qt5122 systemd[1]: xinetd.service: Start operation timed out. Terminating.
Jun 11 07:33:08 qt5122 systemd[1]: xinetd.service: Failed with result 'timeout'.
Jun 11 07:33:08 qt5122 systemd[1]: Failed to start Xinetd A Powerful Replacement For Inetd.
[1]: https://github.com/systemd/systemd/issues/8085
[2]: https://github.com/felixonmars/archlinux-community/commit/e49040636737fdb09031e75ec4d73a580f80676b
Signed-off-by: Ricardo Ribalda Delgado <ricardo.ribalda@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Add version field in recipe name for example recipe created by
bitbake-layers.
Fixes [YOCTO #12767]
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
By default, we ought to use console="${console},${baudrate}" as
console bootparam as commonly it is left to be passed with the
bootargs.
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Dengke Du <dengke.du@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Backport two CVE patches from the upstream
https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=summary
commit 5460617d1567657621107d895ee2dd83bc1f88f2
commit cd66c0e584c6d692bc8347b5e72723d02b8a8ada
Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Inherit manpages to update manual file index caches after installation
for man-pages.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
If a package installs manual files, it should update manual index cache
after its installation. Add package 'man-db' to RDEPENDS which contains
command 'mandb' to update the cache. And do the update in the post
install scripts.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
"The cpio_safer_name_suffix function in util.c in cpio 2.11 allows
remote attackers to cause a denial of service (out-of-bounds write)
via a crafted cpio file."
https://nvd.nist.gov/vuln/detail/CVE-2016-2037
Note that there appear to be two versions of this fix. The original
patch posted to the bug-cpio mailing list [1] is used by Debian [2],
but apparently causes regression [3]. The patch accepted to the
upstream git repo [4] seems to be the most complete fix.
[1] https://lists.gnu.org/archive/html/bug-cpio/2016-01/msg00005.html
[2] https://security-tracker.debian.org/tracker/CVE-2016-2037
[3] https://www.mail-archive.com/bug-cpio@gnu.org/msg00584.html
[4] http://git.savannah.gnu.org/cgit/cpio.git/commit/?id=d36ec5f4e93130efb24fb9678aafd88e8070095b
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Merge contents of cpio_v2.inc into the only recipe which uses it.
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
qemu doesn't use autotools, so don't inherit it and just call 'make install'
directly.
No need to alter makefiles anymore, as they appear to respect CFLAGS now.
Remove a chmod of beginend_funcs.sh (a file we patched in, and removed,
many years ago).
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Wayland has moved to GitLab with the result that /releases/ no longer returns a
directory listing, so the upgrade detection doesn't work.
The upgrade detection can scan releases.html just as well, so tell it to look
there.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
The handling of the environment setup was moved to the post-relocate
script handler, and so is no longer necessary in the setup script
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
