Age | Commit message (Collapse) | Author | Files |
|
The currnet patches in OE-core doesn't have the "CVE:"
tag, now part of the policy of the patches.
This is patch add this tag to several patches. There might
be patches that I miss; the tag can be added in the future.
Signed-off-by: Mariano Lopez <mariano.lopez@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
libtirpc 1.0.1 uses the SVC_XP_AUTH macro to access xp_auth.
Update rpcbind to follow the same way.
Signed-off-by: Maxin B. John <maxin.john@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
rpcbind: Fix memory corruption in PMAP_CALLIT code
Use-after-free vulnerability in xprt_set_caller in rpcb_svc_com.c in
rpcbind 0.2.1 and earlier allows remote attackers to cause a denial of
service (daemon crash) via crafted packets, involving a PMAP_CALLIT
code.
The patch comes from
<http://www.openwall.com/lists/oss-security/2015/09/18/7>, and it hasn't
been in rpcbind upstream yet.
Signed-off-by: Li Zhou <li.zhou@windriver.com>
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
While runing:
$ systemctl restart rpcbind
$ systemctl status rpcbind
There are errors like below:
rpcbind[1722]: Cannot open '/tmp/rpcbind.xdr' file for reading, \
errno 2 (No such file or directory)
rpcbind[1722]: Cannot open '/tmp/portmap.xdr' file for reading, \
errno 2 (No such file or directory)
'-w' causes rpcbind to do a "warm start" by read a state file when
rpcbind starts up. The state file is created when rpcbind terminates.
The state file is not always there, the patch refers to:
https://bugs.launchpad.net/ubuntu/+source/rpcbind/+bug/835833
Signed-off-by: Li Wang <li.wang@windriver.com>
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Where Signed-off-by statements have been added they were sourced from the
original commit where the author claims creation.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
The 0001-uclibc-nss.patch has been applied upstream
in a bit different way but solves the issue at hand
Change-Id: I7312d109d01c08338d4673383e2eaccee219b7bd
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
* Updated 0001-Avoid-use-of-glibc-sys-cdefs.h-header.patch
* Removed 0002-uclibc-rpcsvc-defines.patch since it is already in the
source.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
most patches are just removing glibc'ism e.g. using sys/queue.h
of cdefs.h the one patch which is specific to musl
is housed with overrides
Change-Id: Ia15bf6c9c4b562c9392a704ef92e9090aa5f6381
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
* rpcbind.service requires rpcbind.socket and systemctl tries to add it twice
* see log.do_rootfs:
Started /OE/build/shr-core/tmp-glibc/sysroots/x86_64-linux/usr/bin/systemctl --root=/OE/build/shr-core/tmp-glibc/work/nokia900-oe-linux-gnueabi/shr-image/2.0-r20/rootfs enable rpcbind.service rpcbind.socket
Try to find location of rpcbind.service...
Found rpcbind.service in /lib/systemd/system/rpcbind.service
Also=rpcbind.socket found in rpcbind.service
Started /OE/build/shr-core/tmp-glibc/sysroots/x86_64-linux/usr/bin/systemctl --root=/OE/build/shr-core/tmp-glibc/work/nokia900-oe-linux-gnueabi/shr-image/2.0-r20/rootfs enable rpcbind.socket
Try to find location of rpcbind.socket...
Found rpcbind.socket in /lib/systemd/system/rpcbind.socket
WantedBy=sockets.target found in rpcbind.socket
Enabled rpcbind.socket for sockets.target.
Try to find location of rpcbind.socket...
Found rpcbind.socket in /lib/systemd/system/rpcbind.socket
WantedBy=sockets.target found in rpcbind.socket
ln: failed to create symbolic link '/OE/build/shr-core/tmp-glibc/work/nokia900-oe-linux-gnueabi/shr-image/2.0-r20/rootfs/etc/systemd/system/sockets.target.wants/rpcbind.socket': File exists
Enabled rpcbind.socket for sockets.target.
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
|
|
Drop 0001-rpcbind-rpcuser-not-being-set-in-Makefile.am.patch
which has been merged to 0.2.2
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
|
|
Instead of setting 'Restart=always' in the service file, we should
make the service socket activated, just like what Fedora does.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
|
|
Exiting with '2' is actually expected with rpcbind, because it catches
SIGTERM and exits with '2' explicitly.
The related code is as follows.
(void) signal(SIGTERM, terminate);
/*
* Catch the signal and die
*/
static void
terminate(int dummy /*__unused*/)
{
close(rpcbindlockfd);
unlink(_PATH_RPCBINDSOCK);
unlink(RPCBINDDLOCK);
syslog(LOG_ERR,
"rpcbind terminating on signal. Restart with \"rpcbind -w\"");
write_warmstart(); /* Dump yourself */
exit(2);
}
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Dan McGregor <dan.mcgregor@usask.ca>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
These recipes all use pkg-config in some way but were missing
dependencies on the tool, this patch adds them.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
For security policy, change to run rpcbind daemon with rpc user
just like Redhat does, so set the --with-rpcuser to rpc and add rpc user.
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
Instead of manually adding initscripts to RDEPENDS of each package,
we should make it automatically handled by the update-rc.d.bbclass.
This solution would have the benefit of backward compatibility. In
other words, users need not modify their recipes.
This reverts commit 16080a3485bd793edd66ed8361f1e8b86a9e19ea.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
This fix integrates a patch released
after rpcbind 0.2.1 distribution.
0001-rpcbind-rpcuser-not-being-set-in-Makefile.am.patch
fixes the issue of rpcuser not being set in Makefile.am,
which causes rpcbind to immediately exit.
Fixes [YOCTO #5733].
Signed-off-by: Cristian Iorga <cristian.iorga@intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
Now that the initscripts-functions has been packaged separately,
packages which may use the functions script should have a runtime
dependency on it.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
fix_host_path.patch and obsolete_automake_macros.patch
are no longer necessary, removed.
Signed-off-by: Cristian Iorga <cristian.iorga@intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
Print status messages and exit with proper code. This also allows debian
service script to get rpcbind status correctly.
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
"rpcbind restart" executes stop and then start function. However, if
rpcbind is not started, "exit 0" shall be run in stop function, so start
function will not be run at all. This patch changes "exit 0" to "return 0".
Signed-off-by: Zhangle Yang <zhangle.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Previously, if we switch to runlevel 1 and then switch back to runlevel
5, the network interface will be brought down and the NFS service will
not be restarted correctly.
The problem is that the networking and rpcbind services are brought down
in runlevel 1 but not brought up in runlevel 5.
This patch fixes the above problem. It's based on the assumption that
in sysvinit-based system, runlevel 1 does not have networking support.
This patch adjusts some init script parameters used by update-rc.d. It
makes sure that networking starts before rpcbind which in turn starts
before mountnfs.sh. When switching to runlevel 0, 1 and 6, the umountnfs.sh
is run first before stopping rpcbind service, and the network is brought
down afterwards.
[YOCTO #5513]
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
- Remove dependency on meta-systemd
Signed-off-by: Muhammad Shakeel <muhammad_shakeel@mentor.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
As per OE-Core convention, indentation should be TAB for shell.
Signed-off-by: Muhammad Shakeel <muhammad_shakeel@mentor.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
Signed-off-by: Christopher Larson <chris_larson@mentor.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Add obsolete_automake_macros.patch that replaces automake macros
no longer supported by automake-1.13 with modern constructs.
Signed-off-by: Marko Lindqvist <cazfi74@gmail.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
Add defines which otherwise are missing in uclibc nss
(From OE-Core rev: 649c72a9aba96a609f699970933f4fa60e3cb5bc)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
- Add init script from debian, tweaked for us
- Move binaries from bindir to sbindir, as debian does
Signed-off-by: Christopher Larson <kergoth@gmail.com>
Signed-off-by: Elizabeth Flanagan <elizabeth.flanagan@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
As discussed on the mailing list, this variable isn't useful and if wanted
would be better implemented by distros using pn-X overrides.
This patch executes:
find . -regex ".*\.\(bb\|inc\)$" | xargs sed -i '/^PRIORITY = ".*"$/d'
against the tree removing the referenced. Thanks to Phil Blundell for
the command.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
hostap: add upstream status for hostap-fw-load.patch
lrzsz: add upstream status for lrzsz's patches
bluez: add upstream status for bluez's patches
bluez-dtl1-workaround: add upstream status for COPYING.patch
libgsmd: add upstream status for gsm's patches.
gypsy: add upstream status for gypsy's patch
libpcap: add upstream status for libpcap's patches
ppp: add upstream status for ppp's patches
libtelepathy: add upstream status for libtelepathy's patches
telepathy-python: add upstream status for telepahty-python's patches
wireless-tools: add upstream status for wireless-tools's patches
wpa-supplicant: add upstream status for wpa-supplicant
zeroconf: add upstream status for zeroconf's patch
glibc: add upstream status for glibc's patches
dpkg: add upstream status for dpkg's patches
makedevs: add upstream status for makedevs's patch
opkg: add upstream status for opkg's patches
opkg-utils: add upstream status for opkg-utils's patch
minicom: add upstream status for minicom patches
rpcbind: add upstream status for rpcbind's patch
which: add upstream status for which's patch
clutter-gst: add upstream status for clutter-gst's patches
flac: add upstream status for flac's patches
gst-ffmpeg: add upstream status for gst-ffmpeg's patch
liba52: add upstream status for liba52's patch
libid3tag: add upstream status for libid3tag
libmusicbrainz: add upstream status for libmusicbrainz's patch
pulseaudio: add upstream status for pulseaudio patches
db: add upstream status for db's patch
neon: add upstream status for neon's patch
taglib: add upstream status for taglib's patches
libetpan: add upstream status for libetpan's patch
libopensync: add upstream status for libopensync's patches
libopensync-plugin-evolution2: add upstream status for its patch
libopensync-plugin-syncml: add upstream status for its patch
libsyncml: add upstream status for libsyncml's patch
empathy: add upstream status for empathy's patch
wv: add upstream status for wv's patch
xournal: add upstream status for xournal's patch
Signed-off-by: Dongxiao Xu <dongxiao.xu@intel.com>
|
|
Add Summary information and update descriptions as necessary.
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
|
|
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
Signed-off-by: Saul Wold <Saul.Wold@intel.com>
|
|
Signed-off-by: Saul Wold <Saul.Wold@intel.com>
|
|
Introduce rpcbind utility into poky which is a server that converts
RPC program numbers into universal addresses.
Signed-off-by: Dongxiao Xu <dongxiao.xu@intel.com>
|