Roy Li [Tue, 10 May 2016 02:09:33 +0000 (10:09 +0800)]
systemd: re-enable mount propagation for udevd
With MountFlags=slave, those mounts then become private to the systemd-udevd
namespace and are no longer accessible from outside the namespace, which is
not expected
Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
(cherry picked from commit 73f43d857fe0102033f25491007b6dbe3d5fa8ee) Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
libc-package.bbclass: split binary localedata even more if asked to
If GLIBC_SPLIT_LC_PACKAGES is set to a non-zero value, convert
glibc-binary-localedata-XX-YY to be a meta package depending on
glibc-binary-localedata-XX-YY-lc-address and so on. This enables
saving quite some space if someone doesn't need LC_COLLATE for
example.
Some regex code was removed from output_locale_binary_rdepends,
because legitimize_package_name already converts to lowercase.
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
Busybox may offer a bash applet. If enabled, the alternatives mechanism
avoids breaking logins if bash gets deinstalled while /bin/bash is configured
as a login shell.
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
Contains just enough to mount and unmount nfs volumes, i.e.
the same as nfs-utils-client before commit 39bb7e3 ("nfs-utils:
separate package as Debain style").
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
update-rc.d: ignore initscript in prerm and preinst when systemd is active
In hybrid systemd/sysvinit builds, if the recipe inherits systemd and systemd
is installed, we can safely assume that the service gets stopped by the prerm
script fragment from systemd.bbclass. This fixes deinstallation of packages
with initscripts returning errors when no running service was found. The preinst
shouldn't run the initscript either, because postinst will call systemctl restart.
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
connman: Simplify and fix packaging of VPN plug-ins
- Use simple static packaging.
- Move VPN runtime dependencies from connman to the individual plug-ins.
- Create a connmann-ppp package containing libppp-plugin.so, which is
a shared library needed by l2tp and pptp plug-ins.
- Let connman suggest VPN packages instead of recommending them, so they
don't get installed by default.
- Remove unknown configure options (--with-pptp --with-l2tp)
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
Richard Purdie [Wed, 28 Sep 2016 23:39:37 +0000 (00:39 +0100)]
db: Refresh patches
The patches were failing to apply in some cases, refresh them aganst the
current source.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit eb11f60d9d87aa24e93a86f366764b1848bb5cb1) Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
The SRC_URI was changed to point gentoo distfiles because now Oracle
request authorization for download the source code [1], there are no changes
in the LICENSE since version 6.0.20 when the LICENSE changes to AGPL-3
[2], also the md5sum was review to be sure that is the same.
This minor upgrade fix an issue related to multiple rpm instances querying
the database [3].
The bugfixes related are,
- Fixed a bug that may lead to a crash when opening multiple environments
in a multi-threaded program.
- Fixed a bug where closing a panic environment raised access violation
and crashed the program.
For see the complete list of changes mostly bugfixes between 6.0.30 and 6.0.35 [4].
Andre McCurdy [Fri, 16 Sep 2016 22:52:29 +0000 (15:52 -0700)]
kernel.bbclass: assign INITRAMFS_BASE_NAME using ?=
Default values for KERNEL_IMAGE_BASE_NAME and MODULE_IMAGE_BASE_NAME
are already assigned using ?= and anyone wanting to over-ride one is
likely to want to over-ride them all. Make the three consistent with
each other.
Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit e30c6c93bb70d17244c90c2be12229148f8f6314) Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
Richard Purdie [Thu, 15 Sep 2016 10:48:39 +0000 (11:48 +0100)]
openjade/sgml-common: Add sstate postrm commands
If you bump the PR of sgml-common and openjade-native but not sgml-
common-native, you will see a failure as files were removed from the
sysroot but still referenced by the sgml docbook catalog.
To properly handle this, the clean function needs to run at sstate
removal time, the problem is that this sstate removal can happen when
the metadata isn't present, so the correct removal commands are
unknown.
To avoid this, we need to write the commands into a "postrm" script
when we install the files, this can then be executed at sstate removal
time.
[YOCTO #8273]
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit cdae3e76232110903d124195b036e4e70fb28aa4) Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
Richard Purdie [Thu, 15 Sep 2016 10:45:14 +0000 (11:45 +0100)]
sstate: Add postrm command support
There are some issues in sstate which can't be handled by file removal
alone. Currently there is no way to execute a command against sstate and
doing so is potentially problematic for things like dependencies. This
patch adds a mechanism where any "postrm" script is executed if its present
allowing some openjade/sgml issues to be resolved.
[YOCTO #8273]
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 2268efd0cd3ddb40870c4c424d10444ba86d2849) Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
dpkg is using a script (dpkg-architecture.pl) to detect the target
architecture automatically.
Unfortunately, it is using the cross compiler prefix to do the detection
and for ARM, oe-core is using <vendor>-linux-gnueabi for toolchains with
and without call-convention hard. The script then always detects
'armel' and never gets 'armhf' for call-convention hard.
This solves:
dpkg: error processing archive evtest_1.32+0+b8343ec112-r0_armhf.deb (--install):
package architecture (armhf) does not match system (armel)
Errors were encountered while processing:
evtest_1.32+0+b8343ec112-r0_armhf.deb
Signed-off-by: Alexandre Belloni <alexandre.belloni@free-electrons.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
(cherry picked from commit b01a01ff47e09da4aaa2db992380ca0498f0e5ae) Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
André Draszik [Thu, 21 Jul 2016 11:09:23 +0000 (12:09 +0100)]
kernel.bbclass: explicitly set workdir in do_bundle_initramfs
bitbake rev 67a7b8b02 "build: don't use $B as the default cwd for
functions" (included in current bitbake master) breaks the assumption
that do_bundle_initramfs runs inside the build directory.
This causes kernel_do_compile() as called from within
do_bundle_initramfs() to fail, as the former is not being executed
from the correct directory anymore. (Note that kernel_do_compile()
as called from bitbake directly doesn't suffer from that problem,
as it inherits the workdir from base_do_compile() in that case.)
Set workdir explicitly.
Signed-off-by: André Draszik <git@andred.net> Signed-off-by: Ross Burton <ross.burton@intel.com>
(cherry picked from commit 4455da22a151c2ac006af63cbd39779b21b12580) Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
Reintroduce the use of cross-libtool when building the target package
this fails otherwise with clang
| ./libtool --mode=execute true db_printlog
| /usr/lib/libstdc++.so: file not recognized: File format not recognized
| clang-3.9: error: linker command failed with exit code 1 (use -v to see invocation)
Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
(cherry picked from commit f9fab69a15a71f541f93fb38319de03ad07b1bf5) Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
Ed Bartosh [Mon, 11 Jul 2016 09:43:09 +0000 (12:43 +0300)]
sstate.bbclass: make PV to depend on PV variable value
Currently PV is defined in meta/conf/bitbake.conf as a python
expression: "${@bb.parse.BBHandler.vars_from_file(d.getVar('FILE',
False),d)[1] or '1.0'}". As FILE is whitelisted it causes PV to
not depend on it. This causes sstate code to not detect that
PV changes when recipe filename changes.
Making PV to explicitly depend on PV variable value overrides default
behaviour. Instead of depending on python expression bitbake depends
on evaluated value of PV variable, which should fix the above
mentioned issue.
[YOCTO #9806]
Signed-off-by: Ed Bartosh <ed.bartosh@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
(cherry picked from commit 918646ca803d56004fb0ab7c21e86cc9cb14513d) Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
Ross Burton [Tue, 23 Feb 2016 14:05:35 +0000 (14:05 +0000)]
db: use S/B more idiomatically
Instead of setting S to a directory inside the tarball and B to another
directory inside the tarball, use the default value of S and set
AUTOTOOLS_SCRIPT_PATH to the right path to find configure. Update the patches
so they still apply, and clean up the recipe slightly.
Because something is not quite right regarding quilt and patching, add a PR bump
to the recipes to ensure that a clean work directory is used: for some reason
rebuilds will rarely fail to patch correctly.
Signed-off-by: Ross Burton <ross.burton@intel.com>
(cherry picked from commit dcbef72b8344c22617d65ea1e9f0fa7ad9a742bd) Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
André Draszik [Fri, 24 Jun 2016 13:40:08 +0000 (14:40 +0100)]
classes/kernel: fix symlink logic when bundling initramfs images
If linkpath points to the a file in KERNEL_OUTPUT_DIR, rather than
outside, then symlink creation for the bundled initramfs image files
fails.
This is because in that case $linkpath.initramfs and $realpath.initramfs
are in the same directory, KERNEL_OUTPUT_DIR, and hence are the same.
Since we just created $realpath.initramfs, creating a symlink with the
same name will fail.
Given that $linkpath is not necessarily the same as the kernel image type,
just removing this symlink creation is not the right thing to do, as
in that case kernel_do_deploy() wouldn't find the bundled file.
What we really want is a symlink from the name of the initramfs-bundled
kernel image type to the real initramfs-bundled kernel image, as that is
what is actually used later in do_deploy().
This brings the code path for when $KERNEL_OUTPUT_DIR/$type is a symlink
in line with when it is not.
Signed-off-by: André Draszik <adraszik@tycoint.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
(cherry picked from commit 7585ebbbe4e95870ab7475737ed5b94255351c72) Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
André Draszik [Fri, 24 Jun 2016 10:42:32 +0000 (11:42 +0100)]
classes/kernel: fix symlink creation in DEPLOYDIR for bundled initramfs
If multiple kernel image types have been specified, only the very first
one would receive a symlink in DEPLOYDIR.
The reason is that we're looping over the list of image types and check
if a bundled initramfs images exists using a relative path. As part of
the loop we're changing the current directory, hence all additional
iterations fail to see the files we're looking for, and hence no symlinks
are being created.
Fix by not changing the directory and adjusting the ln invocation instead.
Signed-off-by: André Draszik <adraszik@tycoint.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
(cherry picked from commit 2a6ac8ca71b669b8653eb19417faf58575385a21) Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
Maxin B. John [Mon, 6 Jun 2016 09:13:41 +0000 (12:13 +0300)]
db: add RECIPE_NO_UPDATE_REASON
db-6.2.23 does not work with RPM-5.x due to changes in locking semantics
Signed-off-by: Maxin B. John <maxin.john@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 8ea6be55b795ae5306606f7d4cdacdf3c2afa5ae) Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
Maxin B. John [Tue, 31 May 2016 15:26:03 +0000 (18:26 +0300)]
openssl: fix the dangling libcrypto.a symlink
Update libcrypto.a symlink to the proper location.
[YOCTO #9523]
Signed-off-by: Maxin B. John <maxin.john@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 3d6884a99a170a2d1925ed347431518fff3cf367) Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
He Zhe [Wed, 25 May 2016 08:47:17 +0000 (04:47 -0400)]
kernel: Make symbol link to vmlinuz in boot directory
Rename do_kernel_link_vmlinux to do_kernel_link_images and make a
symbol link to vmlinuz(if exists) for reference in arch/$arch/boot
directory.
Signen-off-by: He Zhe <zhe.he@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
(cherry picked from commit 6e58f54be103814b6b8a85b236510633c49e6832) Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
He Zhe [Wed, 25 May 2016 08:47:16 +0000 (04:47 -0400)]
kernel: Add KERNEL_IMAGETYPES to build multi types kernel at one time
Add KERNEL_IMAGETYPES to support building packaging and installing
multi types of kernel images, such as zImage uImage, at one time.
KERNEL_IMAGETYPE and KERNEL_ALT_IMAGETYPE work as before.
Signed-off-by: He Zhe <zhe.he@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
(cherry picked from commit 849b67b2e4820564b5e5c9bd4bb293c44351c5f3) Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
Richard Purdie [Sat, 21 May 2016 11:27:48 +0000 (12:27 +0100)]
kernel-uimage: Fix python indentation
Use spaces, not tabs for python functions.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 96ed92aded49fc47c7e407d36ba4f03dafee28cd) Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
Ross Burton [Wed, 19 Jul 2017 13:27:32 +0000 (14:27 +0100)]
libgcrypt: fix CVE-2017-9526
In libgcrypt before 1.7.7, an attacker who learns the EdDSA session key (from
side-channel observation during the signing process) can easily recover the
long-term secret key. 1.7.7 makes a cipher/ecc-eddsa.c change to store this
session key in secure memory, to ensure that constant-time point operations are
used in the MPI library.
Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
initrdscripts/init-install*: Add rootwait when installing to USB devices
It can take a bit for USB devices to be detected, so if a USB device is
your rootfs and you don't set rootwait you will most likely get a kernel
panic. Fix this by adding rootwait to the kernel command line on
installation.
Fixes [YOCTO #9462].
Signed-off-by: California Sullivan <california.l.sullivan@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Richard Purdie [Fri, 16 Jun 2017 08:42:30 +0000 (09:42 +0100)]
package_ipk: Clean up Source entry in ipk packages
There is the potential for sensitive information to leak through the urls
there and removing it brings this into the behavior of the other package
backends since filtering it is likely error prone.
Since ipks don't appear to be generated at all if we don't set this, set
the field to the recipe name used (basename only, no paths). This avoids
information leaking. We may want to drop the field if opkg can allow that
at a future point but the recipe name is a suitable identifier for now.
Reported-by: Andrej Valek <andrej.valek@siemens.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
projects / thirdparty / openembedded / openembedded-core-contrib.git / log
