Age | Commit message (Collapse) | Author | Files |
|
check_snprintf.patch has been dropped, because it seems to fix a problem
that doesn't anymore exist, and doesn't have any description of what the
problem was and how was it fixed.
tarfix.patch has been merged upstream.
The rest of the patches have been rebased to the new upstream release
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
They managed to 'break' tar. Again. Sorry, they fixed a regression
which broke dpkg-deb.
The addition of:
http://git.savannah.gnu.org/cgit/tar.git/commit/?id=163e96a0e619a900eab6de827c7c5749ecc9d3f2
("Bugfix: entries read from the -T file did not get proper matching_flag.")
means that the no-recursion option gets lost. This leads to many files getting included
multiple times, along with files which shouldn't be there.
The commit message is horrendous. The patch actually makes the option positional
(as documnted since 2003) and therefore doesn't affect the input from the -T option.
Moving the --no-reursion option to earlier in the command avoids the bug.
The bug was not present in tar 1.28 however it has been backported in at least
Fedora 22 and heading into Fedora 21.
Redhat reports of issue:
https://bugzilla.redhat.com/show_bug.cgi?id=1230762 [tar]
https://bugzilla.redhat.com/show_bug.cgi?id=1241508 [dpkg]
Discussion of bug in upstream tar:
http://www.mail-archive.com/bug-tar@gnu.org/msg04799.html
[YOCTO #7988]
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
upgrade to fix two CVE defects: CVE-2014-8625 and CVE-2015-0840
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8625
Multiple format string vulnerabilities in the parse_error_msg
function in parsehelp.c in dpkg before 1.17.22 allow remote attackers
to cause a denial of service (crash) and possibly execute arbitrary
code via format string specifiers in the (1) package or (2)
architecture name.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0840
The dpkg-source command in Debian dpkg before 1.16.16 and 1.17.x before
1.17.25 allows remote attackers to bypass signature verification
via a crafted Debian source control file (.dsc).
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Cross-compling dpkg application for armeb fails with below error
during configure task,
(snip)
configure:23141: checking dpkg cpu type
configure:23148: result: armeb
configure:23150: WARNING: armeb not found in cputable
configure:23162: checking dpkg operating system type
configure:23169: result: linux-gnueabi
configure:23171: WARNING: linux-gnueabi not found in ostable
configure:23183: checking dpkg architecture name
configure:23189: error: cannot determine host dpkg architecture
-- CUT --
Add the required combination of "gnueabi-linux-armeb" entry in
triplet list.
Signed-off-by: Krishnanjanappa, Jagadeesh <jagadeesh.krishnanjanappa@caviumnetworks.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Hardlink count duing do_package_write_deb can change causing dpkg-deb
failures. We don't care about this error case so avoid it by checking
the tar exit code.
[YOCTO #7529]
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Debian, Ubuntu and opkg all have it in bindir.
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Given that bitbake.conf sets the default values:
BP = "${BPN}-${PV}"
S = "${WORKDIR}/${BP}"
there are a number of recipes that set the variable S completely
superfluously, so get rid of them.
Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
I used a for loop to build these packages more than 520 times, these
recipes never failed.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
|
|
perl scripts:
packages-split/dpkg/usr/bin/dpkg-parsechangelog:#!/usr/bin/perl
packages-split/dpkg/usr/bin/dpkg-mergechangelogs:#!/usr/bin/perl
packages-split/dpkg/usr/bin/dpkg-architecture:#!/usr/bin/perl
packages-split/dpkg/usr/bin/dpkg-vendor:#!/usr/bin/perl
packages-split/dpkg/usr/bin/dpkg-shlibdeps:#!/usr/bin/perl
packages-split/dpkg/usr/bin/dpkg-scanpackages:#!/usr/bin/perl
packages-split/dpkg/usr/bin/dpkg-buildpackage:#!/usr/bin/perl
packages-split/dpkg/usr/bin/dpkg-genchanges:#!/usr/bin/perl
packages-split/dpkg/usr/bin/dpkg-gensymbols:#!/usr/bin/perl
packages-split/dpkg/usr/bin/dpkg-distaddfile:#!/usr/bin/perl
packages-split/dpkg/usr/bin/dpkg-buildflags:#!/usr/bin/perl
packages-split/dpkg/usr/bin/dpkg-checkbuilddeps:#!/usr/bin/perl
packages-split/dpkg/usr/bin/dpkg-gencontrol:#!/usr/bin/perl
packages-split/dpkg/usr/bin/dpkg-scansources:#!/usr/bin/perl
packages-split/dpkg/usr/bin/dpkg-source:#!/usr/bin/perl
packages-split/dpkg/usr/bin/dpkg-name:#!/usr/bin/perl
packages-split/dpkg/usr/lib/dpkg/parsechangelog/debian:#!/usr/bin/perl
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
|
|
Force dpkg to use "tar" on the target.
The dpkg configure script looks for gnutar, gtar, and
tar in order. If it finds gnutar or gtar on the host
it expects to use that as its tar program on the target.
Without this, if gtar exists (as it does on my system) then
dpkg will consistently fail on the target with an error about
gtar not being found.
Signed-off-by: Dan McGregor <dan.mcgregor@usask.ca>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Remove dpkg-1.17.4-CVE-2014-0471, dpkg-1.17.4-CVE-2014-0471-CVE-2014-3127 and
ignore_extra_fields patches that are already in upstream.
Rebase no-vla-warning patch.
Signed-off-by: Aníbal Limón <anibal.limon@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
v2 changes:
* update format for commit log
* add Upstream-Status for patch
commit a12eb58959d0a10584a428f4a3103a49204c410f upstream
Dpkg::Source::Patch: Outright reject C-style filenames in patches
Because patch only started recognizing C-style filenames in diffs
in version 2.7, it's not safe to assume one behaviour or the other,
as the system might or might not have a recent enough version, or
a GNU patch program at all. There's also no reason we should be
supporting this kind of strange encoded filenames in patches, when
we have not done so up to now.
Let's just ban these types of diffs and be done with it.
Fixes: CVE-2014-0471, CVE-2014-3127
Closes: #746306
[drop the text for debian/changelog,because it's not suitable
for the veriosn]
Signed-off-by: Wenlin Kang <wenlin.kang@windriver.com>
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
v2 changes:
* update format for commit log
* add Upstream-Status for patch
commit a82651188476841d190c58693f95827d61959b51 upstream
Dkpkg::Source::Patch: Correctly parse C-style diff filenames
We need to strip the surrounding quotes, and unescape any escape
sequence, so that we check the same files that the patch program will
be using, otherwise a malicious package could overpass those checks,
and perform directory traversal attacks on source package unpacking.
Fixes: CVE-2014-0471
Reported-by: Jakub Wilk <jwilk@debian.org>
[drop the text for debian/changelog,because it's not suitable
for the veriosn]
Signed-off-by: Wenlin Kang <wenlin.kang@windriver.com>
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The base_contains is kept as a compatibility method and we ought to
not use it in OE-Core so we can remove it from base metadata in
future.
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
BitBake has the exact same code as oe.utils.contains so there's no
reason to duplicate it. We now rely on the bb.utils.contains code for
metadata.
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Just use the run-postinsts recipe for running first boot postinstalls.
[YOCTO #5666]
Signed-off-by: Laurentiu Palcu <laurentiu.palcu@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
bzip2-native is in ASSUME_PROVIDED so the dependency that dpkg has doesn't correctly
trigger the build dependency. This shows up if you don't have bzip2 development
headers on your build machine and you:
bitbake dpkg-native
bitbake dpkg-native -c cleansstate
rm tmp -rf
bitbake dpkg-native
This patch uses the bzip2-replacement-native dependency as a handful
of other recipes do to make sure libbz2 is available.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
dpkg-native should not depend on the target xz. Fix this.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
Remove the -Wvla flag from the set of compiler warning flags, since gcc
on old host systems such as CentOS 5.8 doesn't support it, and it
causes a build error for dpkg-native.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
[ CQID: WIND00392830 ]
CentOS 5.8 provides the kernel support and headers for the
sync_file_range() syscall, but glibc 2.5 doesn't implement the
sync_file_range() syscall stub, so we can't link dpkg-native. Add a
patch that makes dpkg require a glibc version >= 2.6 in order to use
sync_file_range().
Signed-off-by: Donn Seeley <donn.seeley@windriver.com>
Signed-off-by: Lei Liu <lei.liu2@windriver.com>
Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com>
Signed-off-by: Jeff Polk <jeff.polk@windriver.com>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Use a systemd service file for first boot configuration for dpkg
based images which has 'package-management' in its IMAGE_FEATURES.
[YOCTO #5719]
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
A lot of our recipes had short one-line DESCRIPTION values and no
SUMMARY value set. In this case it's much better to just set SUMMARY
since DESCRIPTION is defaulted from SUMMARY anyway and then the SUMMARY
is at least useful. I also took the opportunity to fix up a lot of the
new SUMMARY values, making them concisely explain the function of the
recipe / package where possible.
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
|
|
Fix/remove the following unrecognised options:
* --without-static-progs: can't find anything about this in the history,
so remove it.
* --without-dselect -> --disable-dselect
* --with-start-stop-daemon -> --enable-start-stop-daemon
* --with-bz2lib, typo, should be --with-bz2
* --without-sgml-doc: the sgml doc had been removed from dpkg, so
remove it.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
|
|
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
dpkg uses xz as a compressor and the binary image is needed on the system for
dpkg to work correctly.
[YOCTO #1881]
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
CQID: 431771
configure cannot determine the proper cpu, os, or
architecture for mips64, and possibly other arch's,
because of faulty code added to Arch.pm in the latest
release from upstream. We remove that code.
Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Build dpkg-native on Fedora 19, it fails with:
/usr/include/c++/4.8.1/cstdlib: In function ‘long long int std::abs(long long int)’:
/usr/include/c++/4.8.1/cstdlib:174:20: error: declaration of C function ‘long long int std::abs(long long int)’ conflicts with
abs(long long __x) { return __builtin_llabs (__x); }
^
/usr/include/c++/4.8.1/cstdlib:166:3: error: previous declaration ‘long int std::abs(long int)’ here
abs(long __i) { return __builtin_labs(__i); }
^
That because header cstdlib is included in a 'extern "C"' block that gcc
4.8 doesn't support. Fix it by move the header file out of the 'extern "C"'
block.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
Rebased patches and removed mips related arch triptlet patch due to being upstreamed
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
Signed-off-by: Roy.Li <rongqing.li@windriver.com>
[sgw - tweaked Upstream-Status]
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
create_wrapper was previously abused to invoke the Perl interpretter directly
instead of relying on #! parsing, which is read into a 128 byte buffer so breaks
with deep build directories.
However we already install a "nativeperl" binary into the native sysroot, so
use sed to change the #! line to /usr/bin/env nativeperl.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
This recipe is used only when the package manager is not deployed on
target and there still are delayed postinstalls that need to be run on
target. At the moment, run-postinsts is targeted to dpkg/opkg. RPM uses another
recipe, called rpm-postinsts which, in turn, is used even when the rpm
package is deployed.
This patch intends to make run-postinsts generic and deprecate
rpm-postinsts. Here's why:
* when opkg/dpkg are not deplyed, the meta-data files are useless.
Hence, the awk script is not needed. The postinstall files are already
saved in /etc/(deb|ipk)-postinsts directory and we can use the same
procedure as in rpm's case;
Also, the recipe is moved out from meta/recipes-devel/dpkg to
meta/recipes-devel/run-postinsts.
Signed-off-by: Laurentiu Palcu <laurentiu.palcu@intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
dpkg has no DEPENDS on lzma so turn it off explicitly.
[YOCTO #4518]
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The path to the native perl was incorrect leading to rootfs failures. This
patch corrects that problem, it's a complementary fix for commit:04432446.
Signed-off-by: Ming Liu <ming.liu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Enable postinst logging by checking the configuration in ${sysconfdir}
/default/postinst.
In this way, the postinst logging is enabled if 'debug-tweaks' is
in IMAGE_FEATURES, and at the same time, we avoid unnecessary rebuilt
if IMAGE_FEATURES is changed.
[YOCTO #4262]
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Currently a load of scripts in ${bindir} start with:
which is undesireable, this patch fixes that.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
The postinstall needs to reference $D, not ${D} which would get expanded
by bitbake. This allows postinsts to run correctly on the target system.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Recipes cannot depend on the value of IMAGE_FEATURES; in this case the
result is do_package task signatures changing every time IMAGE_FEATURES
changes, causing a large number of task re-executions. The
implementation of the log capturing really needs to be changed to
capture these in a different place and possibly not even conditional
upon IMAGE_FEATURES at all, but this will be invasive at this point in
the development cycle. For now, remove the variable dependencies to fix
the immediate problem.
Fixes [YOCTO #4246].
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
If multiple package managers are installed in the image, they will
overwrite each other's run-postinsts script, resulting in postinstalls
not beeing run at all at first boot.
What this patch does:
* checks whether opkg/dpks/rpm is actually used to install
the packages and, only after, creates the run-postinsts script;
* brings dpkg recipe in sync with opkg: moves the script creation from
do_install to postinstall;
* move creation of run-postinsts script (rpm-postinsts recipe) to the
postinstall scriptlet in order to better control the creation of the
script according to the package manager used;
[YOCTO #4231]
[YOCTO #4179]
Signed-off-by: Laurentiu Palcu <laurentiu.palcu@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Add missing path component to make out of tree builds work.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Dpkg compilation depends on the ncurses, so add
this dependency.
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
When image feature "debug-tweaks" enabled, save output of postinstall
scripts to log file /var/log/postinstall.log when image first boot. And
the log file can be configured.
It also needs image feature "package-management" enabled. If not,
package run-postinsts will be installed and then all packages will be
configured by it. Command 'dpkg --configure' outputs nothing.
[YOCTO #3223]
Signed-off-by: Kang Kai <kai.kang@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
Fix the following warning:
WARNING: QA Issue: lib32-run-postinsts: Files/directories were installed but not shipped
/usr/share/lib32-run-postinsts
/usr/share/lib32-run-postinsts/run-postinsts.awk
[YOCTO #3438]
Signed-off-by: Constantin Musca <constantinx.musca@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
configure touches pkg-config for various tests so we need the DEPENDS
which we can gain from the class inherit
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Invoking dpkg-scanpackages on Fedora 17 to build deb image meets such an error:
Can't locate Dpkg.pm in @INC (@INC contains: /usr/local/lib64/perl5 /usr/loc
al/share/perl5 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr
/lib64/perl5 /usr/share/perl5.) at tmp/sysroots/x86_64-linux/usr/bin/dpkg-sca
npackages line 27.
1. The dpkg-scanpackages is invoked at deb image creation time and it is built
by dpkg-native. The dpkg-scanpackages is a perl script and import module `Dpkg'.
2. The Dpkg.pm has been installed in perl's staging dir at dpkg-native compiling
time. Such as `tmp/sysroots/x86_64-linux/usr/lib/perl-native/perl/Dpkg.pm'
3. The dpkg-native uses create_wrapper to relocate to perl-native if perl-native
has been built. If perl-native isn't built, it will use the host Dpkg as default.
4. If dpkg-native is built on a new build envionment which means perl-native doesn't
exist before, and the build system doesn't install dpkg (such as Fedora 17), the
dpkg-scanpackages could not work correctly.
5. Modify dpkg-native's depends, change `perl-native-runtime' to `perl-native', Let
perl-native automatically be built before building dpkg-native.
[YOCTO #3817]
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
The overrides virtclass-native and virtclass-nativesdk are deprecated,
which should be replaced by class-native and class-nativesdk.
[YOCTO #3297]
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
autofoo.patch: removed
- the patch is not used
check_version: adapted to the new version
- adapt the linux-wrs kernel version, which has character '_'
- remove the first-char-digit-check (as the 1.15.8.5 version does)
dpkg-deb-avoid-fflush.patch: removed
- the patch is included in the new version
fix-timestamps.patch: added
- the lutimes function doesn't work properly for all systems
ignore_extra_fields.patch: adapted to the new version
nochroot.patch: removed
- the patch is not used
noman.patch: adapted to the new version
noupdalt.patch: removed
- the patch is not used
perllibdir.patch: removed
- in the new version PERL_LIBDIR will be set only if empty
preinst.patch: adapted to new version
removed-tar-no-timestamp.patch: added
- the busybox-1.19.4 tar utility doesn't support --warning=no-timestamp
Signed-off-by: Constantin Musca <constantinx.musca@intel.com>
|