Age | Commit message (Collapse) | Author | Files |
|
Backport fixes from pseudo master for an acl issue and more importantly, a segfault
issue with bash which can be triggered by the recent useradd changes.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Currently there are multiple issues with useradd:
* If base-passwd rebuilds, it wipes out recipe specific user/group additions
to sysroots and causes errors
* If recipe A adds a user and recipe B depends on A, it can't see any of the
users/groups A adds.
This patch changes base-passwd so it always works as a postinst script
within the sysroot and copies in the master files, then runs any
postinst-useradd-* scripts afterwards to add additional user/groups.
The postinst-useradd-* scripts are tweaked so that if /etc/passwd doesn't exist
they just exit, knowning they'll be executed later. We also add a dummy entry to
the dummy passwd file from pseudo so we can avoid this too.
There is a problem where if recipe A adds a user and recipe B depends on A but
doesn't care about users, it may not have a dependency on the useradd/groupadd
tools which would therefore not be available in B's sysroot. We therefore also
tweak postinst-useradd-* scripts so that if the tools aren't present we simply
don't add users. If you need the users, you add a dependency on the tools in the
recipe and they'll be added.
We add postinst-* to SSTATE_SCAN_FILES since almost any postinst script of this
kind is going to need relocation help.
We also ensure that the postinst-useradd script is written into the sstate
object as the current script was only being added in a recipe local way.
Thanks to Peter Kjellerstedt <pkj@axis.com> and Patrick Ohly for some pieces
of this patch.
[Yocto #11124]
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Update to the newly minted 1.8.2, dropping several patches we'd
backported since the last release.
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
pseudo_1.8.1.bb gets the backported patch and pseudo_git.bb gets
updated to include the commit.
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
renameat calls under pseudo were losing extended attributes.
Backport the fix for this from pseudo upstream.
[YOCTO '10349]
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
When the client spawns a pseudo server, it starts out sending diagnostics
to stderr. This can be spammy in some cases with races during startup;
everything resolves, but we get scary-looking diagnostics. So shove
those into a log file.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
|
|
In a heavily loaded container, the child process might not started
before the parent process had terminated. The child process attempts to
signal the parent with SIGUSR1. If the parent had terminated, the
parent becomes PID 1, which is generally init. When it signaled pid 1,
it caused the docker mini-init to terminate.
This doesn't happen in a traditional system, as systemd/sysvinit is
protected to only root users can signal it.
[YOCTO #10324]
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Nodejs expects the user and group nobody to exist on global install commands.
The target build works as base-passwd contained it, however the fallback passwd did not.
This broke the SDK if nodejs was included.
Signed-off-by: Michael Davis <michael.davis@essvote.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Update the SRCREV to 2 commits beyond the 1.8.1 tag (to the current
HEAD) in order to include a fix for the xattr performance regression
[YOCTO #9929].
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
In the 1.8 series of pseudo extended attribute handling was reworked
to be a property of inodes, not paths, and as a product fixed extended
attribute semantics on hardlinks. Unfortunately this rework introduced
a slow path around file deletion.
Add a patch for use by the pseudo 1.8.1 recipe which backports a fix
for this regression from the master branch of pseudo.
[YOCTO #9929]
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
* Drop patches where the changes exist upstream
* Fetch from git as no tarball is available for 1.8.1
* Move common code to pseudo.inc
* Update patchset in git recipe
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Setting rpath causes clash of host and sdk libc and makes
pseudo to crash with relocation error: libpthread.so.0:
symbol __libc_vfork, version GLIBC_PRIVATE not defined
in file libc.so.6 with link time reference
Removing rpath fixes this as it makes pseudo to use only host
pthread and libc.
[YOCTO #9761]
Signed-off-by: Ed Bartosh <ed.bartosh@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
There are issues with a change made to RTLD_NEXT behaviour in glibc 2.24
and that change was also backported to older glibc versions in some distros
like Fedora 23. This adds a workaround whilst the pseudo maintainer fixes
various issues properly.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Christopher Larson <chris_larson@mentor.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
xattr removal doesn't work in pseudo 1.7.5, backport a patch from
pseudo master to fix this.
[YOCTO #9324]
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Increase number of retries to handle slow exiting servers.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
filter out PIE options
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
This uprev adds various improvements with regards to the server
spawn logic, and also sorts xattrs to work around a bug in one of
the mkfs utilities.
Signed-off-by: Peter Seebach <peter.seebach@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
With the autodebug package generation logic, specifically setting FILES_${PN}-dbg
isn't needed in most cases, we can remove them.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The 0600 modes were coming from fopen/freopen/etc., because those
don't specify a filesystem mode (just an access mode like "r" or
"w"). Use 0666 & ~umask. (And then the PSEUDO_FS_MODE macro masks
in the 0600 bits we want to be sure are present.)
Signed-off-by: Peter Seebach <peter.seebach@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Pseudo 1.7 adds an experimental feature (which I think needs more testing
before it becomes the default) allowing the pseudo client to store modes
and uid/gid values in extended attributes rather than using the sqlite
database. On most Linux-like systems, this works only if the underlying
file is a plain file or a directory.
Also added is a profiling feature to allow some amount of reporting on
the wall-clock time the client spends in wrappers, processing operations,
or in IPC. This feature is not intendeded to be precisely accurate, but
gives a good overview of where time is going.
Based on the results from the profiling feature, the client now suppresses
OP_OPEN and OP_EXEC messages if the server is not logging messages, and
no longer uses constant dynamic allocation and free cycles for canonicalized
paths.
There's a few other likely-looking optimizations being considered, but
this seemed like a good cutoff for now.
1.7.1 fixes two bugs, one affecting mostly XFS systems with 64-bit
inode values, and one affecting code that called realpath(x, NULL), such
as the RPM backend.
1.7.2 fixes an indirect side-effect of the chmod fixes to deal with
umask 0700, which had no effect with opkg 0.2.4 but appears to cause
failures with 0.3.0.
1.7.3 prevents mkdirat() (and mkfifoat()) from setting errno on success,
because glibc's localedef inexplicably errors out if errno was set, even
if the operation's actual return code (which it tests) indicated
success.
Signed-off-by: Peter Seebach <peter.seebach@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Previous URI did not allow directory listings.
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Adds proper support for fifos, giving performance back to bitbake
with the recent logging changes.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
We really want the same sstate checksums for pseudo-native on 32 and 64 bit platforms
but the use of SITEINFO_BITS prevents this. Since other things would change if
the bit size changes, we can safely exclude this variable and rely on others
(e.g. BUILD_ARCH included in WORKDIR) to handle this.
[YOCTO #5970]
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
There was a stupid logic error controlling the diagnostic for
a "possible" mismatch involving trailing slashes and whether or
not a node was believed to be a directory. Specifically, a diagnostic
got printed any time a lookup for a directory *didn't* have a
trailing slash, as well as in the (actually intended) case where
a non-directory lookup *did*.
No other changes, but that one is probably significant.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
pseudo 1.6.3 merges (with some changes) the changes from
Peter A. Bigot to make --without-fallback-passwd work. It
also adds a proposed fix for Yocto bug #7097, which has
passed the obvious tests I could think of.
pseudo 1.6.4 fixes a silly configure bug introduced with
1.6.3.
[YOCTO: #7097]
Signed-off-by: Peter Seebach <peter.seebach@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
Normally pseudo is built with --without-passwd-fallback, which requires
that somebody provide target passwd and group files. Those come from
base-passwd in OE, but base-passwd cannot be built without first
invoking operations under pseudo that require getpw*/getgr*.
Provide the absolute minimum stub files, matching in content what will
eventually be on the target, that can be used in the cases where the
target files are not yet available. The requirements for minimum stub
are the usernames and groups identified in meta/files/fs-perms.txt.
Signed-off-by: Peter A. Bigot <pab@pabigot.com>
|
|
No good reason exists to fall back to the build host /etc files when
attempting to resolve user and group information. Recipe dependencies
should be updated so the correct target files are available.
Signed-off-by: Peter A. Bigot <pab@pabigot.com>
|
|
This makes it possible to use --without-passwd-fallback when building
images where the preferred passwd files are not available until after
installation has begun.
Signed-off-by: Peter A. Bigot <pab@pabigot.com>
|
|
A bug in pseudo 1.6.2 results in lock failures if this option is
present.
Signed-off-by: Peter A. Bigot <pab@pabigot.com>
|
|
pseudo 1.6.2 fixes problems with 64-bit inodes and some underlying issues
involving file renames that could occasionally cause very strange behaviors
files being deleted, linked, or renamed, mostly observed as strange
recovery if an inode got reused.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Pseudo now automatically tries to shut down the server after running
single commands under pseudo ("pseudo <cmd>"), which means it can
print a useless "server already offline" message in some cases. The
message has been changed to a debugging message only.
The glibc symbol versions for memcpy were being applied to non-x86
targets, unintentionally, which broke builds for at least some targets.
(But pseudo doesn't usually get built for targets so it didn't
get noticed right away.)
Signed-off-by: Peter Seebach <peter.seebach@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This uprevs pseudo to 1.6. This merges in all of the existing
fixes, and also adds partial support for extended attributes,
including storing arbitrary extended attributes in the database,
and also interpreting the posix permissions ACLs as chmod
requests.
The extended attribute support means we need xattr.h, the simplest
way to be sure of this is to build attr before pseudo, which doesn't
take long.
Signed-off-by: Peter Seebach <peter.seebach@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The fchmodat-permissions patch was fine for the fchmod case, but
had the unintended side effect of disregarding umask settings for
open, mknod, mkdir, and their close relatives. Start tracking umask
and masking the umask bits out where appropriate.
Signed-off-by: Peter Seebach <peter.seebach@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
It turns out that pseudo's decision not to report errors from
the host system's fchmodat() can break GNU tar in a very strange
way, resulting in directories being mode 0700 instead of whatever
they should have been.
Additionally, it turns out that if you make directories in your
rootfs mode 777, that results in the local copies being mode 777,
which could allow a hypothetical attacker with access to the
machine to add files to your rootfs image. We should mask out
the 022 bits when making actual mode changes in the rootfs.
This patch represents a backport to the 1.5.1 branch of three
patches from the 1.6 branch, because it took a couple of tries
to get this quite right.
Signed-off-by: Peter Seebach <peter.seebach@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
When install command sets the created directory mode, pseudo will change
the mode of the directory to 0700 incorrectly. Backport patch to fix it.
Signed-off-by: yanjun.zhu <yanjun.zhu@windriver.com>
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The virtclass overrides will go away at some point (apart from the multilib one).
Change them all to class-xxx instead since people enjoy copy and pasting them.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
A lot of our recipes had short one-line DESCRIPTION values and no
SUMMARY value set. In this case it's much better to just set SUMMARY
since DESCRIPTION is defaulted from SUMMARY anyway and then the SUMMARY
is at least useful. I also took the opportunity to fix up a lot of the
new SUMMARY values, making them concisely explain the function of the
recipe / package where possible.
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
|
|
Remove all PR = "r0" from all .bb files in oe-core. This was done
with the command sed -e '/^PR.*=.*r0\"/d' recipes*/*/*.bb -i
We've switching to the PR server, PR bumps are no longer needed and
this saves people either accidentally bumping them or forgetting to
remove the lines (r0 is the default anyway).
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
libpseudo.so is always installed into ${prefix}/lib/, not ${libdir},
so fix these paths; and skip libdir WARN_QA checking to ignore the
warning in 64bit and multilib enabled system
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
There is a potential issue with the fastop code in pseudo since a process may
exit and allow some other function to run before the server has processed
the commands run by the process. Issues have been see with unpredictable
file permissions.
To avoid this, we ping the server before exitting which guarantees it has
processed the current command queue.
The patch was written by peter.seebach@windriver.com
[YOCTO #5132]
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Putting a warning at the top of do_compile is useful but not everyone reads the
file from beginning to end, so use a trap to put the message at the bottom too.
[ YOCTO #4919 ]
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
In the future bbnote/bbwarn will be integrated into bitbake's logging, so use
those functions instead of echo directly.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The exported SDK only needs simulated root privileges for specific
tasks, such as the user-mode NFS server or rootfs extraction, and
oe-core does not support multilib builds in the generated SDK, so
it is neither necessary nor possible to build a 32-bit libpseudo.so
for a 64-bit SDK.
[YOCTO #5135]
Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
qemu.bbclass adds PSEUDO_UNLOAD=1 in qemu_run_binary to avoid reference to
pseudo functions that may not exist in the target environment. This patch
detects the addition of that variable within the environment to which the
call applies, even if not present in the parent environment.
As a side effect it fixes a memory leak.
[YOCTO #4843]
Signed-off-by: Peter A. Bigot <pab@pabigot.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
It's not necessary to specify the protocol parameter when it's the
default protocol for the fetcher, e.g. the default protocol for
git fetcher it git, "protocol=git" isn't needed.
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This is for Yocto bug #4920. The NO32LIBS variable is intended to allow
the user to force the creation of a 32-bit libpseudo, for use with things
like prebuilt binary toolchains. Unfortunately, the tests for likely
compilability (stubs-32.h) were still present, so you would get silent
failures. And if you did cause it to try to build, the failures were not
particularly clearly explained.
So, we:
1. Emit at least a message during configuration saying we're only
building 64-bit, if we are.
2. Warn the user for at least one common case where we know builds
are likely to fail.
3. If NO32LIBS is 0, we try the compile for sure, and if it fails,
we've emitted at least some sort of message up near the top of the
compile output that tells you what might be wrong.
Signed-off-by: Peter Seebach <peter.seebach@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
We've been using 1.5.1 for a while now with success, so in line with the
OE-Core policy of avoiding multiple versions of the same recipe let's
drop this version.
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|