From c3d88e4d9fcc08e1aae7cc9d0337c0261e996c64 Mon Sep 17 00:00:00 2001 From: Andrew Geissler Date: Fri, 2 Oct 2020 09:45:00 -0500 Subject: poky: subtree update:c6bc20857c..b23aa6b753 Anatol Belski (1): bitbake: bitbake: hashserv: Fix localhost sometimes resolved to a wrong IP Andrew Geissler (1): systemd: Upgrade v246.2 -> v246.6 Anibal Limon (1): mesa: update 20.1.6 -> 20.1.8 Bruce Ashfield (2): linux-yocto/beaglebone: Switch to sdhci-omap driver kernel-yocto: add KBUILD_DEFCONFIG search location to failure message Changqing Li (1): sysklogd: fix parallel build issue Charlie Davies (2): bitbake: bitbake: fetch/git: add support for SRC_URI containing spaces in url bitbake: bitbake: tests/fetch: add unit tests for SRC_URI with spaces in url Chee Yang Lee (1): bash : include patch 17 & 18 Chen Qi (2): populate_sdk_ext.bbclass: add ESDK_MANIFEST_EXCLUDES testsdk.py: remove workspace/sources to avoid failure in case of multilib Chris Laplante (3): bitbake.conf: add name of multiconfig to BUILDCFG_HEADER when multiconfig is active cve-check: introduce CVE_CHECK_RECIPE_FILE variable to allow changing of per-recipe check file cve-check: add CVE_CHECK_REPORT_PATCHED variable to suppress reporting of patched CVEs Christian Eggers (1): packagegroup: rrecommend perf also for musl on ARM De Huo (1): bash: fix CVE-2019-18276 Jean-Francois Dagenais (2): bitbake: bitbake: tests/siggen: introduce clean_basepath testcases bitbake: bitbake: siggen: clean_basepath: improve perfo and readability Jens Rehsack (1): image-artifact-names: make variables overridable Jon Mason (1): Space-comma Cleanups Jonathan Richardson (1): cortex-m0.inc: Add tuning for cortex-m0 Kai Kang (2): systemd: disable xdg-autostart generator by default kea: fix conflict between multilibs Khairul Rohaizzat Jamaluddin (1): sphinx: ref-variables: Added entry for IMAGE_EFI_BOOT_FILES Khem Raj (6): ncurses: Create alternative symlinks for st and st-256color packagegroups: remove strace and lttng-tools for rv32/musl qemuboot: Add QB_RNG variable gettext: Fix ptest failure ptest-runner: Backport patch to fix inappropriate ioctl error systemd: Drop 0023-Fix-field-efi_loader_entry_one_shot_stat-has-incompl.patch Konrad Weihmann (1): testexport: rename create_tarball method Leif Middelschulte (2): bitbake: fetch2: fix handling of `\` in file:// SRC_URI bitbake: tests/fetch: backslash support in file:// URIs Mark Jonas (2): Add license text for PSF-2.0 Map license names PSF and PSFv2 to PSF-2.0 Mingli Yu (3): kea: create /var/lib/kea and /var/run/kea folder bind: remove -r option for rndc-confgen debianutils: update the debian snapshot version Nicolas Dechesne (3): sphinx: report errors when dependencies are not met README: include detailed information about sphinx sphinx: fix up some trademark and branding issues Norman Stetter (1): sstate.bbclass: Check file ownership before doing 'touch -a' Otavio Salvador (1): openssh: Allow enable/disable of rng-tools recommendation on sshd Peter A. Bigot (1): go-mod.bbclass: use append to add `modcacherw` Quentin Schulz (2): docs: static: theme_overrides.css: fix responsive design on <640px screens docs: fix broken links Randy MacLeod (1): curl: Change SRC_URI from http to https Rasmus Villemoes (1): kernel.bbclass: ensure symlink_kernsrc task gets run even with externalsrc Richard Purdie (15): scripts/oe-build-perf-report: Use python3 from the environment dropbear/openssh: Lower priority of key generation oeqa/qemurunner: Increase serial timeout python3-markupsafe: Import from meta-oe/meta-python python3-jinja2: Import from meta-oe/meta-python buildtools-tarball: Add python3-jinja2 buildtools-tarball: Fix conflicts with oe-selftest and other tooling oeqa/selftest/incompatible_lib: Fix append usage oeqa/selftest/containerimage: Update to match assumptions in configuration ssh-pregen-hostkeys: Add a recipe with pregenerated ssh host keys build-appliance-image: Update to master head revision bitbake: Revert "bitbake-layers: add signal hander to avoid exception" staging: Ensure cleaned dependencies are added oeqa/selftest/devtool: Add sync call to test teardown bitbake: cooker: Avoid tracebacks if data was never setup Ross Burton (11): gettext: no need to depend on bison-native meta: add/fix invalid Upstream-Status tags bitbake: taskexp: update for GTK API changes glibc: make nscd optional utils: respect scheduler affinity in cpu_count() rpm: disable libarchive use sstate: set mode explicitly when creating directories in sstate-cache rpm: add PACKAGECONFIG for the systemd inhibit plugin boost: move the build directory outside of S bitbake: utils: add umask changing context manager bitbake: siggen: use correct umask when writing siginfo Saul Wold (2): testimage: Add testimage_dump_target to kwargs target/ssh.py: Add dump_target support Teoh Jay Shen (1): oeqa/runtime : add test for RTC(Real Time Clock) Tim Orling (1): oeqa/selftest/cases/devtool.py: avoid .pyc race Usama Arif (1): ref-manual: document authentication key variables Wang Mingyu (1): maintainers.inc: Add Zang Ruochen and Wang Mingyu for several recipes Yi Zhao (4): dhcpcd: pass --dbdir to EXTRA_OECONF to set database directory dhcpcd: set --runstatedir to /run dhcpcd: add dhcpcd user to support priviledge separation dhcpcd: set service to conflict with connman akuster (1): libdrm: fix build failure zangrc (4): bind: upgrade 9.16.5 -> 9.16.7 stress-ng: upgrade 0.11.19 -> 0.11.21 pango: upgrade 1.46.1 -> 1.46.2 sudo: upgrade 1.9.2 -> 1.9.3 Signed-off-by: Andrew Geissler Change-Id: I2c19d3b3793ee5a6f42e04817147d75f315943a5 --- poky/bitbake/bin/bitbake-layers | 2 - poky/bitbake/bin/bitbake-selftest | 1 + poky/bitbake/lib/bb/cooker.py | 3 +- poky/bitbake/lib/bb/fetch2/__init__.py | 2 +- poky/bitbake/lib/bb/fetch2/git.py | 12 +- poky/bitbake/lib/bb/siggen.py | 33 +- poky/bitbake/lib/bb/tests/fetch.py | 52 ++ poky/bitbake/lib/bb/tests/siggen.py | 91 +++ poky/bitbake/lib/bb/ui/taskexp.py | 7 +- poky/bitbake/lib/bb/utils.py | 11 + poky/bitbake/lib/hashserv/tests.py | 7 +- poky/documentation/Makefile.sphinx | 4 + poky/documentation/README | 283 +++++++- poky/documentation/_templates/footer.html | 12 + poky/documentation/conf.py | 16 +- .../dev-manual/dev-manual-common-tasks.rst | 13 +- poky/documentation/dev-manual/dev-manual-qemu.rst | 2 +- poky/documentation/dev-manual/dev-manual-start.rst | 10 +- poky/documentation/index.rst | 4 +- .../overview-manual/overview-manual-concepts.rst | 2 +- .../overview-manual-development-environment.rst | 6 +- .../overview-manual/overview-manual-yp-intro.rst | 2 +- poky/documentation/ref-manual/migration-1.5.rst | 2 +- poky/documentation/ref-manual/ref-classes.rst | 4 +- poky/documentation/ref-manual/ref-images.rst | 2 +- poky/documentation/ref-manual/ref-terms.rst | 2 +- poky/documentation/ref-manual/ref-variables.rst | 65 +- .../sdk-manual/sdk-appendix-obtain.rst | 6 +- poky/documentation/sdk-manual/sdk-extensible.rst | 2 +- poky/documentation/sdk-manual/sdk-intro.rst | 4 +- poky/documentation/sdk-manual/sdk-using.rst | 2 +- .../sphinx-static/theme_overrides.css | 2 - poky/documentation/sphinx/yocto-vars.py | 11 +- poky/meta/classes/cve-check.bbclass | 42 +- poky/meta/classes/go-mod.bbclass | 2 +- poky/meta/classes/image-artifact-names.bbclass | 8 +- poky/meta/classes/kernel-yocto.bbclass | 2 +- poky/meta/classes/kernel.bbclass | 5 +- poky/meta/classes/linuxloader.bbclass | 2 +- poky/meta/classes/populate_sdk_ext.bbclass | 6 + poky/meta/classes/qemuboot.bbclass | 4 + poky/meta/classes/rootfs_rpm.bbclass | 2 +- poky/meta/classes/sstate.bbclass | 4 +- poky/meta/classes/staging.bbclass | 2 +- poky/meta/classes/testexport.bbclass | 8 +- poky/meta/classes/testimage.bbclass | 1 + poky/meta/conf/bitbake.conf | 2 +- poky/meta/conf/distro/include/maintainers.inc | 39 +- poky/meta/conf/licenses.conf | 6 +- poky/meta/conf/machine/include/arm/arch-arm64.inc | 10 +- poky/meta/conf/machine/include/arm/arch-armv4.inc | 2 +- poky/meta/conf/machine/include/arm/arch-armv5.inc | 2 +- poky/meta/conf/machine/include/arm/arch-armv6.inc | 2 +- poky/meta/conf/machine/include/arm/arch-armv6m.inc | 2 +- poky/meta/conf/machine/include/arm/arch-armv7a.inc | 2 +- .../meta/conf/machine/include/arm/arch-armv7ve.inc | 2 +- .../conf/machine/include/arm/arch-armv8-2a.inc | 2 +- poky/meta/conf/machine/include/arm/arch-armv8a.inc | 2 +- poky/meta/conf/machine/include/mips/arch-mips.inc | 16 +- poky/meta/conf/machine/include/qemuboot-mips.inc | 2 - poky/meta/conf/machine/include/qemuboot-x86.inc | 2 - poky/meta/conf/machine/include/riscv/qemuriscv.inc | 3 - .../meta/conf/machine/include/tune-arm1136jf-s.inc | 2 +- .../meta/conf/machine/include/tune-arm1176jz-s.inc | 2 +- poky/meta/conf/machine/include/tune-arm920t.inc | 2 +- poky/meta/conf/machine/include/tune-arm926ejs.inc | 2 +- poky/meta/conf/machine/include/tune-arm9tdmi.inc | 2 +- poky/meta/conf/machine/include/tune-cortex-m0.inc | 11 + poky/meta/conf/machine/include/tune-cortexa15.inc | 2 +- poky/meta/conf/machine/include/tune-cortexa17.inc | 2 +- poky/meta/conf/machine/include/tune-cortexa5.inc | 2 +- .../machine/include/tune-cortexa57-cortexa53.inc | 2 +- poky/meta/conf/machine/include/tune-cortexa7.inc | 2 +- .../machine/include/tune-cortexa72-cortexa53.inc | 2 +- .../machine/include/tune-cortexa73-cortexa53.inc | 2 +- poky/meta/conf/machine/include/tune-cortexa8.inc | 2 +- poky/meta/conf/machine/include/tune-cortexa9.inc | 2 +- poky/meta/conf/machine/include/tune-ep9312.inc | 2 +- poky/meta/conf/machine/include/tune-iwmmxt.inc | 2 +- .../conf/machine/include/tune-strongarm1100.inc | 2 +- poky/meta/conf/machine/include/tune-xscale.inc | 2 +- poky/meta/conf/machine/include/x86/arch-x86.inc | 12 +- poky/meta/conf/machine/qemuarm.conf | 2 - poky/meta/conf/machine/qemuarm64.conf | 2 - poky/meta/conf/machine/qemuarmv5.conf | 2 - poky/meta/conf/machine/qemuppc.conf | 2 - poky/meta/files/common-licenses/PSF-2.0 | 49 ++ poky/meta/lib/oe/utils.py | 3 +- poky/meta/lib/oeqa/core/target/qemu.py | 4 + poky/meta/lib/oeqa/core/target/ssh.py | 2 + poky/meta/lib/oeqa/runtime/cases/rtc.py | 38 ++ poky/meta/lib/oeqa/sdkext/testsdk.py | 3 + .../meta/lib/oeqa/selftest/cases/containerimage.py | 3 + poky/meta/lib/oeqa/selftest/cases/devtool.py | 10 +- .../lib/oeqa/selftest/cases/incompatible_lic.py | 2 +- poky/meta/lib/oeqa/utils/qemurunner.py | 2 +- .../0001-avoid-start-failure-with-bind-user.patch | 27 - ...lwresd-V-and-start-log-hide-build-options.patch | 35 - ...-searching-for-json-headers-searches-sysr.patch | 47 -- .../recipes-connectivity/bind/bind-9.16.5/bind9 | 2 - .../bind/bind-9.16.5/conf.patch | 330 ---------- .../bind/bind-9.16.5/generate-rndc-key.sh | 8 - .../init.d-add-support-for-read-only-rootfs.patch | 65 -- .../make-etc-initd-bind-stop-work.patch | 42 -- .../bind/bind-9.16.5/named.service | 22 - .../0001-avoid-start-failure-with-bind-user.patch | 27 + ...lwresd-V-and-start-log-hide-build-options.patch | 35 + ...-searching-for-json-headers-searches-sysr.patch | 47 ++ .../recipes-connectivity/bind/bind-9.16.7/bind9 | 2 + .../bind/bind-9.16.7/conf.patch | 330 ++++++++++ .../bind/bind-9.16.7/generate-rndc-key.sh | 8 + .../init.d-add-support-for-read-only-rootfs.patch | 65 ++ .../make-etc-initd-bind-stop-work.patch | 42 ++ .../bind/bind-9.16.7/named.service | 22 + poky/meta/recipes-connectivity/bind/bind_9.16.5.bb | 123 ---- poky/meta/recipes-connectivity/bind/bind_9.16.7.bb | 123 ++++ .../recipes-connectivity/dhcpcd/dhcpcd_9.2.0.bb | 13 +- .../dhcpcd/files/dhcpcd.service | 1 + .../dhcpcd/files/dhcpcd@.service | 3 +- ...create-var-lib-kea-and-var-run-kea-folder.patch | 39 ++ .../kea/files/fix-multilib-conflict.patch | 55 ++ poky/meta/recipes-connectivity/kea/kea_1.7.10.bb | 4 +- .../openssh/openssh/sshdgenkeys.service | 1 + .../recipes-connectivity/openssh/openssh_8.3p1.bb | 10 +- .../ssh-pregen-hostkeys/dropbear_rsa_host_key | Bin 0 -> 805 bytes .../ssh-pregen-hostkeys/openssh/ssh_host_ecdsa_key | 9 + .../openssh/ssh_host_ecdsa_key.pub | 1 + .../openssh/ssh_host_ed25519_key | 7 + .../openssh/ssh_host_ed25519_key.pub | 1 + .../ssh-pregen-hostkeys/openssh/ssh_host_rsa_key | 38 ++ .../openssh/ssh_host_rsa_key.pub | 1 + .../ssh-pregen-hostkeys/ssh-pregen-hostkeys_1.0.bb | 19 + .../dropbear/dropbear/dropbearkey.service | 1 + ...msgmerge-29-Add-executable-file-mode-bits.patch | 23 + poky/meta/recipes-core/gettext/gettext_0.21.bb | 8 +- poky/meta/recipes-core/glibc/glibc_2.32.bb | 4 +- .../images/build-appliance-image_15.0.0.bb | 2 +- .../meta/recipes-core/images/core-image-minimal.bb | 2 +- poky/meta/recipes-core/meta/buildtools-tarball.bb | 4 + poky/meta/recipes-core/ncurses/ncurses.inc | 5 + .../packagegroups/packagegroup-core-tools-debug.bb | 5 +- .../packagegroup-core-tools-profile.bb | 2 + poky/meta/recipes-core/systemd/systemd.inc | 2 +- .../systemd/0001-Handle-missing-gshadow.patch | 20 +- .../0001-Use-PREFIX-ROOTPREFIX-correctly.patch | 81 --- ...fi_loader_entry_one_shot_stat-has-incompl.patch | 31 - poky/meta/recipes-core/systemd/systemd_246.2.bb | 725 --------------------- poky/meta/recipes-core/systemd/systemd_246.6.bb | 724 ++++++++++++++++++++ .../python/python3-jinja2/run-ptest | 3 + .../python/python3-jinja2_2.11.2.bb | 45 ++ .../python/python3-markupsafe/run-ptest | 3 + .../python/python3-markupsafe_1.1.1.bb | 28 + ...ss-missing-libraries-to-Extension-for-mul.patch | 2 +- .../qemu/qemu-system-native_5.1.0.bb | 2 +- ...01-qemu-Do-not-include-file-if-not-exists.patch | 2 +- poky/meta/recipes-devtools/qemu/qemu_5.1.0.bb | 4 +- poky/meta/recipes-devtools/rpm/rpm_4.15.1.bb | 20 +- .../bash/bash/bash-CVE-2019-18276.patch | 386 +++++++++++ poky/meta/recipes-extended/bash/bash_5.0.bb | 8 + .../ltp/0004-guard-mallocopt-with-__GLIBC__.patch | 2 +- .../stress-ng/stress-ng_0.11.19.bb | 27 - .../stress-ng/stress-ng_0.11.21.bb | 27 + poky/meta/recipes-extended/sudo/sudo_1.9.2.bb | 47 -- poky/meta/recipes-extended/sudo/sudo_1.9.3.bb | 47 ++ .../files/0001-Makefile.am-fixup-issue-17.patch | 43 ++ poky/meta/recipes-extended/sysklogd/sysklogd.inc | 1 + .../files/0001-xf86drm.c-fix-build-failure.patch | 87 +++ poky/meta/recipes-graphics/drm/libdrm_2.4.102.bb | 4 +- poky/meta/recipes-graphics/mesa/mesa-gl_20.1.6.bb | 15 - poky/meta/recipes-graphics/mesa/mesa-gl_20.1.8.bb | 15 + poky/meta/recipes-graphics/mesa/mesa.inc | 2 +- poky/meta/recipes-graphics/mesa/mesa_20.1.6.bb | 2 - poky/meta/recipes-graphics/mesa/mesa_20.1.8.bb | 2 + poky/meta/recipes-graphics/pango/pango_1.46.1.bb | 47 -- poky/meta/recipes-graphics/pango/pango_1.46.2.bb | 47 ++ .../recipes-graphics/vulkan/vulkan-demos_git.bb | 2 +- ...t-on-probing-a-non-PCI-platform-device-on.patch | 2 +- poky/meta/recipes-kernel/linux/linux-yocto-dev.bb | 2 +- .../recipes-kernel/linux/linux-yocto-rt_5.4.bb | 2 +- .../recipes-kernel/linux/linux-yocto-rt_5.8.bb | 4 +- .../recipes-kernel/linux/linux-yocto-tiny_5.8.bb | 2 +- poky/meta/recipes-kernel/linux/linux-yocto_5.4.bb | 4 +- poky/meta/recipes-kernel/linux/linux-yocto_5.8.bb | 6 +- .../recipes-multimedia/libpng/libpng_1.6.37.bb | 2 +- poky/meta/recipes-support/boost/boost.inc | 12 +- poky/meta/recipes-support/curl/curl_7.72.0.bb | 2 +- .../debianutils/debianutils_4.11.1.bb | 2 +- .../ptest-runner/ptest-runner_2.4.0.bb | 4 +- poky/scripts/oe-build-perf-report | 2 +- poky/scripts/runqemu | 2 +- 190 files changed, 3300 insertions(+), 1955 deletions(-) create mode 100644 poky/bitbake/lib/bb/tests/siggen.py create mode 100644 poky/documentation/_templates/footer.html create mode 100644 poky/meta/conf/machine/include/tune-cortex-m0.inc create mode 100644 poky/meta/files/common-licenses/PSF-2.0 create mode 100644 poky/meta/lib/oeqa/runtime/cases/rtc.py delete mode 100644 poky/meta/recipes-connectivity/bind/bind-9.16.5/0001-avoid-start-failure-with-bind-user.patch delete mode 100644 poky/meta/recipes-connectivity/bind/bind-9.16.5/0001-named-lwresd-V-and-start-log-hide-build-options.patch delete mode 100644 poky/meta/recipes-connectivity/bind/bind-9.16.5/bind-ensure-searching-for-json-headers-searches-sysr.patch delete mode 100644 poky/meta/recipes-connectivity/bind/bind-9.16.5/bind9 delete mode 100644 poky/meta/recipes-connectivity/bind/bind-9.16.5/conf.patch delete mode 100644 poky/meta/recipes-connectivity/bind/bind-9.16.5/generate-rndc-key.sh delete mode 100644 poky/meta/recipes-connectivity/bind/bind-9.16.5/init.d-add-support-for-read-only-rootfs.patch delete mode 100644 poky/meta/recipes-connectivity/bind/bind-9.16.5/make-etc-initd-bind-stop-work.patch delete mode 100644 poky/meta/recipes-connectivity/bind/bind-9.16.5/named.service create mode 100644 poky/meta/recipes-connectivity/bind/bind-9.16.7/0001-avoid-start-failure-with-bind-user.patch create mode 100644 poky/meta/recipes-connectivity/bind/bind-9.16.7/0001-named-lwresd-V-and-start-log-hide-build-options.patch create mode 100644 poky/meta/recipes-connectivity/bind/bind-9.16.7/bind-ensure-searching-for-json-headers-searches-sysr.patch create mode 100644 poky/meta/recipes-connectivity/bind/bind-9.16.7/bind9 create mode 100644 poky/meta/recipes-connectivity/bind/bind-9.16.7/conf.patch create mode 100644 poky/meta/recipes-connectivity/bind/bind-9.16.7/generate-rndc-key.sh create mode 100644 poky/meta/recipes-connectivity/bind/bind-9.16.7/init.d-add-support-for-read-only-rootfs.patch create mode 100644 poky/meta/recipes-connectivity/bind/bind-9.16.7/make-etc-initd-bind-stop-work.patch create mode 100644 poky/meta/recipes-connectivity/bind/bind-9.16.7/named.service delete mode 100644 poky/meta/recipes-connectivity/bind/bind_9.16.5.bb create mode 100644 poky/meta/recipes-connectivity/bind/bind_9.16.7.bb create mode 100644 poky/meta/recipes-connectivity/kea/files/0001-keactrl.in-create-var-lib-kea-and-var-run-kea-folder.patch create mode 100644 poky/meta/recipes-connectivity/kea/files/fix-multilib-conflict.patch create mode 100644 poky/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/dropbear_rsa_host_key create mode 100644 poky/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_ecdsa_key create mode 100644 poky/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_ecdsa_key.pub create mode 100644 poky/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_ed25519_key create mode 100644 poky/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_ed25519_key.pub create mode 100644 poky/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_rsa_key create mode 100644 poky/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_rsa_key.pub create mode 100644 poky/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys_1.0.bb create mode 100644 poky/meta/recipes-core/gettext/gettext-0.21/0001-msgmerge-29-Add-executable-file-mode-bits.patch delete mode 100644 poky/meta/recipes-core/systemd/systemd/0001-Use-PREFIX-ROOTPREFIX-correctly.patch delete mode 100644 poky/meta/recipes-core/systemd/systemd/0023-Fix-field-efi_loader_entry_one_shot_stat-has-incompl.patch delete mode 100644 poky/meta/recipes-core/systemd/systemd_246.2.bb create mode 100644 poky/meta/recipes-core/systemd/systemd_246.6.bb create mode 100644 poky/meta/recipes-devtools/python/python3-jinja2/run-ptest create mode 100644 poky/meta/recipes-devtools/python/python3-jinja2_2.11.2.bb create mode 100644 poky/meta/recipes-devtools/python/python3-markupsafe/run-ptest create mode 100644 poky/meta/recipes-devtools/python/python3-markupsafe_1.1.1.bb create mode 100644 poky/meta/recipes-extended/bash/bash/bash-CVE-2019-18276.patch delete mode 100644 poky/meta/recipes-extended/stress-ng/stress-ng_0.11.19.bb create mode 100644 poky/meta/recipes-extended/stress-ng/stress-ng_0.11.21.bb delete mode 100644 poky/meta/recipes-extended/sudo/sudo_1.9.2.bb create mode 100644 poky/meta/recipes-extended/sudo/sudo_1.9.3.bb create mode 100644 poky/meta/recipes-extended/sysklogd/files/0001-Makefile.am-fixup-issue-17.patch create mode 100644 poky/meta/recipes-graphics/drm/files/0001-xf86drm.c-fix-build-failure.patch delete mode 100644 poky/meta/recipes-graphics/mesa/mesa-gl_20.1.6.bb create mode 100644 poky/meta/recipes-graphics/mesa/mesa-gl_20.1.8.bb delete mode 100644 poky/meta/recipes-graphics/mesa/mesa_20.1.6.bb create mode 100644 poky/meta/recipes-graphics/mesa/mesa_20.1.8.bb delete mode 100644 poky/meta/recipes-graphics/pango/pango_1.46.1.bb create mode 100644 poky/meta/recipes-graphics/pango/pango_1.46.2.bb (limited to 'poky') diff --git a/poky/bitbake/bin/bitbake-layers b/poky/bitbake/bin/bitbake-layers index 149f1b1ac..ff085d674 100755 --- a/poky/bitbake/bin/bitbake-layers +++ b/poky/bitbake/bin/bitbake-layers @@ -14,7 +14,6 @@ import logging import os import sys import argparse -import signal bindir = os.path.dirname(__file__) topdir = os.path.dirname(bindir) @@ -26,7 +25,6 @@ import bb.msg logger = bb.msg.logger_create('bitbake-layers', sys.stdout) def main(): - signal.signal(signal.SIGPIPE, signal.SIG_DFL) parser = argparse.ArgumentParser( description="BitBake layers utility", epilog="Use %(prog)s --help to get help on a specific command", diff --git a/poky/bitbake/bin/bitbake-selftest b/poky/bitbake/bin/bitbake-selftest index e84d6a559..6c0737416 100755 --- a/poky/bitbake/bin/bitbake-selftest +++ b/poky/bitbake/bin/bitbake-selftest @@ -27,6 +27,7 @@ tests = ["bb.tests.codeparser", "bb.tests.parse", "bb.tests.persist_data", "bb.tests.runqueue", + "bb.tests.siggen", "bb.tests.utils", "hashserv.tests", "layerindexlib.tests.layerindexobj", diff --git a/poky/bitbake/lib/bb/cooker.py b/poky/bitbake/lib/bb/cooker.py index 5442f7d22..1f4cc1e96 100644 --- a/poky/bitbake/lib/bb/cooker.py +++ b/poky/bitbake/lib/bb/cooker.py @@ -1679,7 +1679,8 @@ class BBCooker: if self.hashserv: self.hashserv.process.terminate() self.hashserv.process.join() - bb.event.fire(CookerExit(), self.data) + if hasattr(self, "data"): + bb.event.fire(CookerExit(), self.data) def shutdown(self, force = False): if force: diff --git a/poky/bitbake/lib/bb/fetch2/__init__.py b/poky/bitbake/lib/bb/fetch2/__init__.py index 7ec1fea5d..551bfb70f 100644 --- a/poky/bitbake/lib/bb/fetch2/__init__.py +++ b/poky/bitbake/lib/bb/fetch2/__init__.py @@ -1520,7 +1520,7 @@ class FetchMethod(object): if urlpath.find("/") != -1: destdir = urlpath.rsplit("/", 1)[0] + '/' bb.utils.mkdirhier("%s/%s" % (unpackdir, destdir)) - cmd = 'cp -fpPRH %s %s' % (file, destdir) + cmd = 'cp -fpPRH "%s" "%s"' % (file, destdir) if not cmd: return diff --git a/poky/bitbake/lib/bb/fetch2/git.py b/poky/bitbake/lib/bb/fetch2/git.py index 644ba9238..07064c694 100644 --- a/poky/bitbake/lib/bb/fetch2/git.py +++ b/poky/bitbake/lib/bb/fetch2/git.py @@ -236,7 +236,7 @@ class Git(FetchMethod): ud.unresolvedrev[name] = ud.revisions[name] ud.revisions[name] = self.latest_revision(ud, d, name) - gitsrcname = '%s%s' % (ud.host.replace(':', '.'), ud.path.replace('/', '.').replace('*', '.')) + gitsrcname = '%s%s' % (ud.host.replace(':', '.'), ud.path.replace('/', '.').replace('*', '.').replace(' ','_')) if gitsrcname.startswith('.'): gitsrcname = gitsrcname[1:] @@ -342,7 +342,7 @@ class Git(FetchMethod): # We do this since git will use a "-l" option automatically for local urls where possible if repourl.startswith("file://"): repourl = repourl[7:] - clone_cmd = "LANG=C %s clone --bare --mirror %s %s --progress" % (ud.basecmd, repourl, ud.clonedir) + clone_cmd = "LANG=C %s clone --bare --mirror \"%s\" %s --progress" % (ud.basecmd, repourl, ud.clonedir) if ud.proto.lower() != 'file': bb.fetch2.check_network_access(d, clone_cmd, ud.url) progresshandler = GitProgressHandler(d) @@ -354,8 +354,8 @@ class Git(FetchMethod): if "origin" in output: runfetchcmd("%s remote rm origin" % ud.basecmd, d, workdir=ud.clonedir) - runfetchcmd("%s remote add --mirror=fetch origin %s" % (ud.basecmd, repourl), d, workdir=ud.clonedir) - fetch_cmd = "LANG=C %s fetch -f --progress %s refs/*:refs/*" % (ud.basecmd, repourl) + runfetchcmd("%s remote add --mirror=fetch origin \"%s\"" % (ud.basecmd, repourl), d, workdir=ud.clonedir) + fetch_cmd = "LANG=C %s fetch -f --progress \"%s\" refs/*:refs/*" % (ud.basecmd, repourl) if ud.proto.lower() != 'file': bb.fetch2.check_network_access(d, fetch_cmd, ud.url) progresshandler = GitProgressHandler(d) @@ -504,7 +504,7 @@ class Git(FetchMethod): raise bb.fetch2.UnpackError("No up to date source found: " + "; ".join(source_error), ud.url) repourl = self._get_repo_url(ud) - runfetchcmd("%s remote set-url origin %s" % (ud.basecmd, repourl), d, workdir=destdir) + runfetchcmd("%s remote set-url origin \"%s\"" % (ud.basecmd, repourl), d, workdir=destdir) if self._contains_lfs(ud, d, destdir): if need_lfs and not self._find_git_lfs(d): @@ -623,7 +623,7 @@ class Git(FetchMethod): d.setVar('_BB_GIT_IN_LSREMOTE', '1') try: repourl = self._get_repo_url(ud) - cmd = "%s ls-remote %s %s" % \ + cmd = "%s ls-remote \"%s\" %s" % \ (ud.basecmd, repourl, search) if ud.proto.lower() != 'file': bb.fetch2.check_network_access(d, cmd, repourl) diff --git a/poky/bitbake/lib/bb/siggen.py b/poky/bitbake/lib/bb/siggen.py index ad49d1e2a..86e0e16f3 100644 --- a/poky/bitbake/lib/bb/siggen.py +++ b/poky/bitbake/lib/bb/siggen.py @@ -358,7 +358,8 @@ class SignatureGeneratorBasic(SignatureGenerator): else: sigfile = stampbase + "." + task + ".sigbasedata" + "." + self.basehash[tid] - bb.utils.mkdirhier(os.path.dirname(sigfile)) + with bb.utils.umask(0o002): + bb.utils.mkdirhier(os.path.dirname(sigfile)) data = {} data['task'] = task @@ -746,16 +747,26 @@ def list_inline_diff(oldlist, newlist, colors=None): ret.append(item) return '[%s]' % (', '.join(ret)) -def clean_basepath(a): - mc = None - if a.startswith("mc:"): - _, mc, a = a.split(":", 2) - b = a.rsplit("/", 2)[1] + '/' + a.rsplit("/", 2)[2] - if a.startswith("virtual:"): - b = b + ":" + a.rsplit(":", 2)[0] - if mc: - b = b + ":mc:" + mc - return b +def clean_basepath(basepath): + basepath, dir, recipe_task = basepath.rsplit("/", 2) + cleaned = dir + '/' + recipe_task + + if basepath[0] == '/': + return cleaned + + if basepath.startswith("mc:"): + mc, mc_name, basepath = basepath.split(":", 2) + mc_suffix = ':mc:' + mc_name + else: + mc_suffix = '' + + # mc stuff now removed from basepath. Whatever was next, if present will be the first + # suffix. ':/', recipe path start, marks the end of this. Something like + # 'virtual:a[:b[:c]]:/path...' (b and c being optional) + if basepath[0] != '/': + cleaned += ':' + basepath.split(':/', 1)[0] + + return cleaned + mc_suffix def clean_basepaths(a): b = {} diff --git a/poky/bitbake/lib/bb/tests/fetch.py b/poky/bitbake/lib/bb/tests/fetch.py index 0ecf044f3..5a4db9ca4 100644 --- a/poky/bitbake/lib/bb/tests/fetch.py +++ b/poky/bitbake/lib/bb/tests/fetch.py @@ -223,6 +223,21 @@ class URITest(unittest.TestCase): 'query': {}, 'relative': False }, + "git://tfs-example.org:22/tfs/example%20path/example.git": { + 'uri': 'git://tfs-example.org:22/tfs/example%20path/example.git', + 'scheme': 'git', + 'hostname': 'tfs-example.org', + 'port': 22, + 'hostport': 'tfs-example.org:22', + 'path': '/tfs/example path/example.git', + 'userinfo': '', + 'userinfo': '', + 'username': '', + 'password': '', + 'params': {}, + 'query': {}, + 'relative': False + }, "http://somesite.net;someparam=1": { 'uri': 'http://somesite.net;someparam=1', 'scheme': 'http', @@ -584,6 +599,7 @@ class FetcherLocalTest(FetcherTest): touch(os.path.join(self.localsrcdir, 'dir', 'd')) os.makedirs(os.path.join(self.localsrcdir, 'dir', 'subdir')) touch(os.path.join(self.localsrcdir, 'dir', 'subdir', 'e')) + touch(os.path.join(self.localsrcdir, r'backslash\x2dsystemd-unit.device')) self.d.setVar("FILESPATH", self.localsrcdir) def fetchUnpack(self, uris): @@ -601,6 +617,10 @@ class FetcherLocalTest(FetcherTest): tree = self.fetchUnpack(['file://a', 'file://dir/c']) self.assertEqual(tree, ['a', 'dir/c']) + def test_local_backslash(self): + tree = self.fetchUnpack([r'file://backslash\x2dsystemd-unit.device']) + self.assertEqual(tree, [r'backslash\x2dsystemd-unit.device']) + def test_local_wildcard(self): with self.assertRaises(bb.fetch2.ParameterError): tree = self.fetchUnpack(['file://a', 'file://dir/*']) @@ -2080,6 +2100,38 @@ class GitLfsTest(FetcherTest): shutil.rmtree(self.gitdir, ignore_errors=True) fetcher.unpack(self.d.getVar('WORKDIR')) +class GitURLWithSpacesTest(FetcherTest): + test_git_urls = { + "git://tfs-example.org:22/tfs/example%20path/example.git" : { + 'url': 'git://tfs-example.org:22/tfs/example%20path/example.git', + 'gitsrcname': 'tfs-example.org.22.tfs.example_path.example.git', + 'path': '/tfs/example path/example.git' + }, + "git://tfs-example.org:22/tfs/example%20path/example%20repo.git" : { + 'url': 'git://tfs-example.org:22/tfs/example%20path/example%20repo.git', + 'gitsrcname': 'tfs-example.org.22.tfs.example_path.example_repo.git', + 'path': '/tfs/example path/example repo.git' + } + } + + def test_urls(self): + + # Set fake SRCREV to stop git fetcher from trying to contact non-existent git repo + self.d.setVar('SRCREV', '82ea737a0b42a8b53e11c9cde141e9e9c0bd8c40') + + for test_git_url, ref in self.test_git_urls.items(): + + fetcher = bb.fetch.Fetch([test_git_url], self.d) + ud = fetcher.ud[fetcher.urls[0]] + + self.assertEqual(ud.url, ref['url']) + self.assertEqual(ud.path, ref['path']) + self.assertEqual(ud.localfile, os.path.join(self.dldir, "git2", ref['gitsrcname'])) + self.assertEqual(ud.localpath, os.path.join(self.dldir, "git2", ref['gitsrcname'])) + self.assertEqual(ud.lockfile, os.path.join(self.dldir, "git2", ref['gitsrcname'] + '.lock')) + self.assertEqual(ud.clonedir, os.path.join(self.dldir, "git2", ref['gitsrcname'])) + self.assertEqual(ud.fullmirror, os.path.join(self.dldir, "git2_" + ref['gitsrcname'] + '.tar.gz')) + class NPMTest(FetcherTest): def skipIfNoNpm(): import shutil diff --git a/poky/bitbake/lib/bb/tests/siggen.py b/poky/bitbake/lib/bb/tests/siggen.py new file mode 100644 index 000000000..c21ab4e4f --- /dev/null +++ b/poky/bitbake/lib/bb/tests/siggen.py @@ -0,0 +1,91 @@ +# +# BitBake Test for lib/bb/siggen.py +# +# Copyright (C) 2020 Jean-François Dagenais +# +# SPDX-License-Identifier: GPL-2.0-only +# + +import unittest +import logging +import bb +import time + +logger = logging.getLogger('BitBake.TestSiggen') + +import bb.siggen + +class SiggenTest(unittest.TestCase): + + def test_clean_basepath_simple_target_basepath(self): + basepath = '/full/path/to/poky/meta/recipes-whatever/helloworld/helloworld_1.2.3.bb:do_sometask' + expected_cleaned = 'helloworld/helloworld_1.2.3.bb:do_sometask' + + actual_cleaned = bb.siggen.clean_basepath(basepath) + + self.assertEqual(actual_cleaned, expected_cleaned) + + def test_clean_basepath_basic_virtual_basepath(self): + basepath = 'virtual:something:/full/path/to/poky/meta/recipes-whatever/helloworld/helloworld_1.2.3.bb:do_sometask' + expected_cleaned = 'helloworld/helloworld_1.2.3.bb:do_sometask:virtual:something' + + actual_cleaned = bb.siggen.clean_basepath(basepath) + + self.assertEqual(actual_cleaned, expected_cleaned) + + def test_clean_basepath_mc_basepath(self): + basepath = 'mc:somemachine:/full/path/to/poky/meta/recipes-whatever/helloworld/helloworld_1.2.3.bb:do_sometask' + expected_cleaned = 'helloworld/helloworld_1.2.3.bb:do_sometask:mc:somemachine' + + actual_cleaned = bb.siggen.clean_basepath(basepath) + + self.assertEqual(actual_cleaned, expected_cleaned) + + def test_clean_basepath_virtual_long_prefix_basepath(self): + basepath = 'virtual:something:A:B:C:/full/path/to/poky/meta/recipes-whatever/helloworld/helloworld_1.2.3.bb:do_sometask' + expected_cleaned = 'helloworld/helloworld_1.2.3.bb:do_sometask:virtual:something:A:B:C' + + actual_cleaned = bb.siggen.clean_basepath(basepath) + + self.assertEqual(actual_cleaned, expected_cleaned) + + def test_clean_basepath_mc_virtual_basepath(self): + basepath = 'mc:somemachine:virtual:something:/full/path/to/poky/meta/recipes-whatever/helloworld/helloworld_1.2.3.bb:do_sometask' + expected_cleaned = 'helloworld/helloworld_1.2.3.bb:do_sometask:virtual:something:mc:somemachine' + + actual_cleaned = bb.siggen.clean_basepath(basepath) + + self.assertEqual(actual_cleaned, expected_cleaned) + + def test_clean_basepath_mc_virtual_long_prefix_basepath(self): + basepath = 'mc:X:virtual:something:C:B:A:/full/path/to/poky/meta/recipes-whatever/helloworld/helloworld_1.2.3.bb:do_sometask' + expected_cleaned = 'helloworld/helloworld_1.2.3.bb:do_sometask:virtual:something:C:B:A:mc:X' + + actual_cleaned = bb.siggen.clean_basepath(basepath) + + self.assertEqual(actual_cleaned, expected_cleaned) + + + # def test_clean_basepath_performance(self): + # input_basepaths = [ + # 'mc:X:/full/path/to/poky/meta/recipes-whatever/helloworld/helloworld_1.2.3.bb:do_sometask', + # 'mc:X:virtual:something:C:B:A:/full/path/to/poky/meta/recipes-whatever/helloworld/helloworld_1.2.3.bb:do_sometask', + # 'virtual:something:C:B:A:/different/path/to/poky/meta/recipes-whatever/helloworld/helloworld_1.2.3.bb:do_sometask', + # 'virtual:something:A:/full/path/to/poky/meta/recipes-whatever/helloworld/helloworld_1.2.3.bb:do_sometask', + # '/this/is/most/common/input/recipes-whatever/helloworld/helloworld_1.2.3.bb:do_sometask', + # '/and/should/be/tested/with/recipes-whatever/helloworld/helloworld_1.2.3.bb:do_sometask', + # '/more/weight/recipes-whatever/helloworld/helloworld_1.2.3.bb:do_sometask', + # ] + + # time_start = time.time() + + # i = 2000000 + # while i >= 0: + # for basepath in input_basepaths: + # bb.siggen.clean_basepath(basepath) + # i -= 1 + + # elapsed = time.time() - time_start + # print('{} ({}s)'.format(self.id(), round(elapsed, 3))) + + # self.assertTrue(False) diff --git a/poky/bitbake/lib/bb/ui/taskexp.py b/poky/bitbake/lib/bb/ui/taskexp.py index 05e32338c..2b246710c 100644 --- a/poky/bitbake/lib/bb/ui/taskexp.py +++ b/poky/bitbake/lib/bb/ui/taskexp.py @@ -58,7 +58,12 @@ class PackageReverseDepView(Gtk.TreeView): self.current = None self.filter_model = model.filter_new() self.filter_model.set_visible_func(self._filter) - self.sort_model = self.filter_model.sort_new_with_model() + # The introspected API was fixed but we can't rely on a pygobject that hides this. + # https://gitlab.gnome.org/GNOME/pygobject/-/commit/9cdbc56fbac4db2de78dc080934b8f0a7efc892a + if hasattr(Gtk.TreeModelSort, "new_with_model"): + self.sort_model = Gtk.TreeModelSort.new_with_model(self.filter_model) + else: + self.sort_model = self.filter_model.sort_new_with_model() self.sort_model.set_sort_column_id(COL_DEP_PARENT, Gtk.SortType.ASCENDING) self.set_model(self.sort_model) self.append_column(Gtk.TreeViewColumn(label, Gtk.CellRendererText(), text=COL_DEP_PARENT)) diff --git a/poky/bitbake/lib/bb/utils.py b/poky/bitbake/lib/bb/utils.py index 0b79f92e2..f73d31fb7 100644 --- a/poky/bitbake/lib/bb/utils.py +++ b/poky/bitbake/lib/bb/utils.py @@ -944,6 +944,17 @@ def which(path, item, direction = 0, history = False, executable=False): return "", hist return "" +@contextmanager +def umask(new_mask): + """ + Context manager to set the umask to a specific mask, and restore it afterwards. + """ + current_mask = os.umask(new_mask) + try: + yield + finally: + os.umask(current_mask) + def to_boolean(string, default=None): if not string: return default diff --git a/poky/bitbake/lib/hashserv/tests.py b/poky/bitbake/lib/hashserv/tests.py index b34c43687..4566f2473 100644 --- a/poky/bitbake/lib/hashserv/tests.py +++ b/poky/bitbake/lib/hashserv/tests.py @@ -14,6 +14,7 @@ import sys import tempfile import threading import unittest +import socket class TestHashEquivalenceServer(object): @@ -163,4 +164,8 @@ class TestHashEquivalenceUnixServer(TestHashEquivalenceServer, unittest.TestCase class TestHashEquivalenceTCPServer(TestHashEquivalenceServer, unittest.TestCase): def get_server_addr(self): - return "localhost:0" + # Some hosts cause asyncio module to misbehave, when IPv6 is not enabled. + # If IPv6 is enabled, it should be safe to use localhost directly, in general + # case it is more reliable to resolve the IP address explicitly. + return socket.gethostbyname("localhost") + ":0" + diff --git a/poky/documentation/Makefile.sphinx b/poky/documentation/Makefile.sphinx index c663c2954..c9518558b 100644 --- a/poky/documentation/Makefile.sphinx +++ b/poky/documentation/Makefile.sphinx @@ -9,6 +9,10 @@ SOURCEDIR = . BUILDDIR = _build DESTDIR = final +ifeq ($(shell if which $(SPHINXBUILD) >/dev/null 2>&1; then echo 1; else echo 0; fi),0) +$(error "The '$(SPHINXBUILD)' command was not found. Make sure you have Sphinx installed") +endif + # Put it first so that "make" without argument is like "make help". help: @$(SPHINXBUILD) -M help "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O) diff --git a/poky/documentation/README b/poky/documentation/README index d64f2fd2f..fce3cfe17 100644 --- a/poky/documentation/README +++ b/poky/documentation/README @@ -40,16 +40,11 @@ Folders exist for individual manuals as follows: * kernel-dev - The Yocto Project Linux Kernel Development Tasks Manual * ref-manual - The Yocto Project Reference Manual * yocto-project-qs - The Yocto Project Quick Start -* mega-manual - The Yocto Project Mega-Manual, which is an aggregated manual comprised - of all YP manuals and guides * profile-manual - The Yocto Project Profile and Tracing Manual * toaster-manual - The Toaster Manual +* test-manual - The Test Environment Manual -Each folder is self-contained regarding content and figures. Note that there -is a sed file needed to process the links of the mega-manual. The sed file -is located in the tools directory. Also note that the figures folder in the -mega-manual directory contains duplicates of all the figures in the YP folders -directories for all YP manuals and guides. +Each folder is self-contained regarding content and figures. If you want to find HTML versions of the Yocto Project manuals on the web, go to http://www.yoctoproject.org and click on the "Documentation" tab. From @@ -60,34 +55,266 @@ currently being developed. In general, the Yocto Project site (http://www.yoctoproject.org) is a great reference for both information and downloads. -Makefile +poky.yaml +========= + +This file defines variables used for documentation production. The variables +are used to define release pathnames, URLs for the published manuals, etc. + +template ======== +Contains various templates, fonts, and some old PNG files. + +Sphinx +====== + +The Yocto Project documentation was migrated from the original DocBook +format to Sphinx based documentation for the Yocto Project 3.2 +release. This section will provide additional information related to +the Sphinx migration, and guidelines for developers willing to +contribute to the Yocto Project documentation. + + Sphinx is a tool that makes it easy to create intelligent and + beautiful documentation, written by Georg Brandl and licensed under + the BSD license. It was originally created for the Python + documentation. + +Extensive documentation is available on the Sphinx website: +https://www.sphinx-doc.org/en/master/. Sphinx is designed to be +extensible thanks to the ability to write our own custom extensions, +as Python modules, which will be executed during the generation of the +documentation. + +Yocto Project documentation website +=================================== + +A new website has been created to host the Yocto Project +documentation, it can be found at: https://docs.yoctoproject.org/. + +The entire Yocto Project documentation, as well as the BitBake manual +is published on this website, including all previously released +versions. A version switcher was added, as a drop-down menu on the top +of the page to switch back and forth between the various versions of +the current active Yocto Project releases. + +Transition pages have been added (as rst file) to show links to old +versions of the Yocto Project documentation with links to each manual +generated with DocBook. + +How to build the Yocto Project documentation +============================================ + +Sphinx is written in Python. While it might work with Python2, for +obvious reasons, we will only support building the Yocto Project +documentation with Python3. + +Sphinx might be available in your Linux distro packages repositories, +however it is not recommend using distro packages, as they might be +old versions, especially if you are using an LTS version of your +distro. The recommended method to install Sphinx and all required +dependencies is to use the Python Package Index (pip). + +To install all required packages run: -The Makefile processes manual directories to create HTML, PDF, -tarballs, etc. Details on how the Makefile work are documented -inside the Makefile. See that file for more information. + $ pip3 install sphinx sphinx_rtd_theme pyyaml -To build a manual, you run the make command and pass it the name -of the folder containing the manual's contents. -For example, the following command run from the documentation directory -creates an HTML version of the SDK manual. -The DOC variable specifies the manual you are making: +To build the documentation locally, run: - $ make DOC=sdk-manual + $ cd documentation + $ make -f Makefile.sphinx html -poky.ent +The resulting HTML index page will be _build/html/index.html, and you +can browse your own copy of the locally generated documentation with +your browser. + +Sphinx theme and CSS customization +================================== + +The Yocto Project documentation is currently based on the "Read the +Docs" Sphinx theme, with a few changes to make sure the look and feel +of the project documentation is preserved. + +Most of the theme changes can be done using the file +'sphinx-static/theme_overrides.css'. Most CSS changes in this file +were inherited from the DocBook CSS stylesheets. + +Sphinx design guidelines and principles +======================================= + +The initial Docbook to Sphinx migration was done with an automated +tool called Pandoc (https://pandoc.org/). The tool produced some clean +output markdown text files. After the initial automated conversion +additional changes were done to fix up headings, images and links. In +addition Sphinx has built in mechanisms (directives) which were used +to replace similar functions implemented in Docbook such as glossary, +variables substitutions, notes and references. + +Headings ======== -This file defines variables used for documentation production. The variables -are used to define release pathnames, URLs for the published manuals, etc. +The layout of the Yocto Project manuals is organized as follows -template + Book + Chapter + Section + Section + Section + +The following headings styles are defined in Sphinx: + + Book => overline === + Chapter => overline *** + Section => ==== + Section => ---- + Section => ^^^^ + Section => """" or ~~~~ + +With this proposal, we preserve the same TOCs between Sphinx and Docbook. + +Built-in glossary +================= + +Sphinx has a glossary directive. From +https://www.sphinx-doc.org/en/master/usage/restructuredtext/directives.html#glossary: + + This directive must contain a reST definition list with terms and + definitions. The definitions will then be referencable with the + [https://www.sphinx-doc.org/en/master/usage/restructuredtext/roles.html#role-term + 'term' role]. + +So anywhere in any of the Yocto Project manuals, :term:`VAR` can be +used to refer to an item from the glossary, and a link is created +automatically. A general index of terms is also generated by Sphinx +automatically. + +Global substitutions +==================== + +The Yocto Project documentation makes heavy use of global +variables. In Docbook these variables are stored in the file +poky.ent. This Docbook feature is not handled automatically with +Pandoc. Sphinx has builtin support for substitutions +(https://www.sphinx-doc.org/en/master/usage/restructuredtext/basics.html#substitutions), +however there are important shortcomings. For example they cannot be +used/nested inside code-block sections. + +A Sphinx extension was implemented to support variable substitutions +to mimic the DocBook based documentation behavior. Variabes +substitutions are done while reading/parsing the .rst files. The +pattern for variables substitutions is the same as with DocBook, +e.g. `&VAR;`. + +The implementation of the extension can be found here in the file +documentation/sphinx/yocto-vars.py, this extension is enabled by +default when building the Yocto Project documentation. All variables +are set in a file call poky.yaml, which was initially generated from +poky.ent. The file was converted into YAML so that it is easier to +process by the custom Sphinx extension (which is a Python module). + +For example, the following .rst content will produce the 'expected' +content: + + .. code-block:: + $ mkdir ~/poky-&DISTRO; + or + $ git clone &YOCTO_GIT_URL;/git/poky -b &DISTRO_NAME_NO_CAP; + +Variables can be nested, like it was the case for DocBook: + + YOCTO_HOME_URL : "http://www.yoctoproject.org" + YOCTO_DOCS_URL : "&YOCTO_HOME_URL;/docs" + +Note directive +============== + +Sphinx has a builtin 'note' directive that produces clean Note section +in the output file. There are various types of directives such as +"attention", "caution", "danger", "error", "hint", "important", "tip", +"warning", "admonition" that are supported, and additional directive +can be added as Sphinx extension if needed. + +Figures +======= + +The Yocto Project documentation has many figures/images. Sphinx has a +'figure' directive which is straight forward to use. To include a +figure in the body of the documentation: + + .. image:: figures/YP-flow-diagram.png + +Links and References +==================== + +The following types of links can be used: links to other locations in +the same document, to locations in other documents and to external +websites. + +More information can be found here: +https://sublime-and-sphinx-guide.readthedocs.io/en/latest/references.html. + +References +========== + +The following extension is enabed by default: +sphinx.ext.autosectionlabel +(https://www.sphinx-doc.org/en/master/usage/extensions/autosectionlabel.html). + +This extension allows you to refer sections by their titles. Note that +autosectionlabel_prefix_document is enabled by default, so that we can +insert references from any document. + +For example, to insert an HTML link to a section from +documentaion/manual/intro.rst, use: + + Please check this :ref:`manual/intro:Cross-References to Locations in the Same Document` + +Alternatively a custom text can be used instead of using the section +text: + + Please check this :ref:`section ` + +TIP: The following command can be used to dump all the references that + are defined in the project documentation: + + python -msphinx.ext.intersphinx /html/objects.inv + +This dump contains all links and for each link it shows the default +"Link Text" that Sphinx would use. If the default link text is not +appropriate, a custom link text can be used in the ':ref:' directive. + +Extlinks ======== -Contains various templates, fonts, and some old PNG files. -tools -===== -Contains a tool to convert the DocBook files to PDF format. This folder also -contains the mega-manual.sed file, which is used by Makefile to process -cross-references from within the manual that normally go to an external -manual. +The sphinx.ext.extlinks extension is enabled by default +(https://sublime-and-sphinx-guide.readthedocs.io/en/latest/references.html#use-the-external-links-extension), +and it is configured with: + + 'yocto_home': ('https://yoctoproject.org%s', None), + 'yocto_wiki': ('https://wiki.yoctoproject.org%s', None), + 'yocto_dl': ('https://downloads.yoctoproject.org%s', None), + 'yocto_lists': ('https://lists.yoctoproject.org%s', None), + 'yocto_bugs': ('https://bugzilla.yoctoproject.org%s', None), + 'yocto_ab': ('https://autobuilder.yoctoproject.org%s', None), + 'yocto_docs': ('https://docs.yoctoproject.org%s', None), + 'yocto_git': ('https://git.yoctoproject.org%s', None), + 'oe_home': ('https://www.openembedded.org%s', None), + 'oe_lists': ('https://lists.openembedded.org%s', None), + +It creates convenient shortcuts which can be used throughout the +documentation rst files, as: + + Please check this :yocto_wiki:`wiki page ` + +Intersphinx links +================= + +The sphinx.ext.intersphinx extension is enabled by default +(https://www.sphinx-doc.org/en/master/usage/extensions/intersphinx.html), +so that we can cross reference content from other Sphinx based +documentation projects, such as the BitBake manual. + +References to the bitbake manual can be done like this: + + See the ":ref:`-D `" option +or + :term:`bitbake:BB_NUMBER_PARSE_THREADS` diff --git a/poky/documentation/_templates/footer.html b/poky/documentation/_templates/footer.html new file mode 100644 index 000000000..508129ede --- /dev/null +++ b/poky/documentation/_templates/footer.html @@ -0,0 +1,12 @@ +
+
+
+

A Linux Foundation Collaborative Project. +
All Rights Reserved. Linux Foundation® and Yocto Project® are registered trademarks of the Linux Foundation. +
Linux® is a registered trademark of Linus Torvalds. +
© Copyright {{ copyright }} +
Last updated on {{ last_updated }} +

+
+
+ diff --git a/poky/documentation/conf.py b/poky/documentation/conf.py index 34d1bc97a..80d5e8e83 100644 --- a/poky/documentation/conf.py +++ b/poky/documentation/conf.py @@ -27,7 +27,7 @@ release = current_version # -- Project information ----------------------------------------------------- -project = 'The Yocto Project' +project = 'The Yocto Project \xae' copyright = '2010-%s, The Linux Foundation' % datetime.datetime.now().year author = 'The Linux Foundation' @@ -91,10 +91,16 @@ intersphinx_mapping = { # The theme to use for HTML and HTML Help pages. See the documentation for # a list of builtin themes. # -html_theme = 'sphinx_rtd_theme' -html_theme_options = { - 'sticky_navigation': False, -} +try: + import sphinx_rtd_theme + html_theme = 'sphinx_rtd_theme' + html_theme_options = { + 'sticky_navigation': False, + } +except ImportError: + sys.stderr.write("The Sphinx sphinx_rtd_theme HTML theme was not found.\ + \nPlease make sure to install the sphinx_rtd_theme python package.\n") + sys.exit(1) html_logo = 'sphinx-static/YoctoProject_Logo_RGB.jpg' diff --git a/poky/documentation/dev-manual/dev-manual-common-tasks.rst b/poky/documentation/dev-manual/dev-manual-common-tasks.rst index 5eb7c5164..179979c76 100644 --- a/poky/documentation/dev-manual/dev-manual-common-tasks.rst +++ b/poky/documentation/dev-manual/dev-manual-common-tasks.rst @@ -10746,14 +10746,15 @@ varies by component: `bitbake-devel `__ mailing list. -- *"meta-*" trees:* These trees contain Metadata. Use the - `poky `__ mailing list. +- *"meta-\*" trees:* These trees contain Metadata. Use the + `poky `__ mailing list. + +- *Documentation*: For changes to the Yocto Project documentation, use the `docs + `__ mailing list. For changes to other layers hosted in the Yocto Project source -repositories (i.e. ``yoctoproject.org``), tools, and the Yocto Project -documentation, use the `Yocto -Project `__ general -mailing list. +repositories (i.e. ``yoctoproject.org``) and tools use the `Yocto Project +`__ general mailing list. .. note:: diff --git a/poky/documentation/dev-manual/dev-manual-qemu.rst b/poky/documentation/dev-manual/dev-manual-qemu.rst index 88b03745f..2833689d5 100644 --- a/poky/documentation/dev-manual/dev-manual-qemu.rst +++ b/poky/documentation/dev-manual/dev-manual-qemu.rst @@ -81,7 +81,7 @@ available. Follow these general steps to run QEMU: your :term:`Build Directory`. - If you have not built an image, you can go to the - :yocto_dl:`machines/qemu ` area and download a + :yocto_dl:`machines/qemu ` area and download a pre-built image that matches your architecture and can be run on QEMU. diff --git a/poky/documentation/dev-manual/dev-manual-start.rst b/poky/documentation/dev-manual/dev-manual-start.rst index 536d5a9cd..d9c1e4de0 100644 --- a/poky/documentation/dev-manual/dev-manual-start.rst +++ b/poky/documentation/dev-manual/dev-manual-start.rst @@ -380,7 +380,7 @@ as your Yocto Project build host: Depending on your build host, you might have to install different software to support Docker containers. Go to the Docker installation page and read about the platform requirements in "`Supported - Platforms `__" + Platforms `__" your build host needs to run containers. 2. *Choose What To Install:* Depending on whether or not your build host @@ -402,11 +402,11 @@ as your Yocto Project build host: type of the software you need to install: - Install `Docker CE for - Windows `__ + Windows `__ for Windows build hosts that meet requirements. - Install `Docker CE for - Macs `__ + MacOs `__ for Mac build hosts that meet requirements. - Install `Docker Toolbox for @@ -619,7 +619,7 @@ Use the following procedure to locate the latest upstream copy of the 3. *Find the URL Used to Clone the Repository:* At the bottom of the page, note the URL used to clone that repository - (e.g. :yocto_git:`/git/poky`). + (e.g. :yocto_git:`/cgit.cgi/poky`). .. note:: @@ -647,7 +647,7 @@ of a given component. Follow these steps to locate and download a particular tarball: 1. *Access the Index of Releases:* Open a browser and go to - :yocto_dl:`Index of Releases `. The + :yocto_dl:`Index of Releases `. The list represents released components (e.g. ``bitbake``, ``sato``, and so on). diff --git a/poky/documentation/index.rst b/poky/documentation/index.rst index 258ecb81a..821316915 100644 --- a/poky/documentation/index.rst +++ b/poky/documentation/index.rst @@ -5,8 +5,8 @@ You can adapt this file completely to your liking, but it should at least contain the root `toctree` directive. -Welcome to The Yocto Project's documentation! -============================================= +Welcome to the Yocto Project Documentation +========================================== | diff --git a/poky/documentation/overview-manual/overview-manual-concepts.rst b/poky/documentation/overview-manual/overview-manual-concepts.rst index 3d8dc7afd..6ce5f80af 100644 --- a/poky/documentation/overview-manual/overview-manual-concepts.rst +++ b/poky/documentation/overview-manual/overview-manual-concepts.rst @@ -153,7 +153,7 @@ several pieces of hardware. Many layers exist that work in the Yocto Project development environment. The `Yocto Project Curated Layer -Index `__ +Index `__ and `OpenEmbedded Layer Index `__ both contain layers from which you can use or leverage. diff --git a/poky/documentation/overview-manual/overview-manual-development-environment.rst b/poky/documentation/overview-manual/overview-manual-development-environment.rst index 3b5147d73..bb2c8e72e 100644 --- a/poky/documentation/overview-manual/overview-manual-development-environment.rst +++ b/poky/documentation/overview-manual/overview-manual-development-environment.rst @@ -43,7 +43,7 @@ Wikipedia has a good historical description of the Open Source Philosophy `here `__. You can also find helpful information on how to participate in the Linux Community -`here `__. +`here `__. .. _gs-the-development-host: @@ -185,7 +185,7 @@ development: see the ":ref:`dev-manual/dev-manual-start:accessing source repositories`" Section in the Yocto Project Development Tasks Manual. -- :yocto_dl:`Index of /releases: ` This is an index +- :yocto_dl:`Index of /releases: ` This is an index of releases such as Poky, Pseudo, installers for cross-development toolchains, miscellaneous support and all released versions of Yocto Project in the form of images or tarballs. Downloading and extracting @@ -205,7 +205,7 @@ development: through the "SOFTWARE" menu that allows you to download any Yocto Project release, tool, and Board Support Package (BSP) in tarball form. The tarballs are similar to those found in the - :yocto_dl:`Index of /releases: ` area. + :yocto_dl:`Index of /releases: ` area. .. image:: figures/yp-download.png :align: center diff --git a/poky/documentation/overview-manual/overview-manual-yp-intro.rst b/poky/documentation/overview-manual/overview-manual-yp-intro.rst index 265fbda7f..5cdab7ca4 100644 --- a/poky/documentation/overview-manual/overview-manual-yp-intro.rst +++ b/poky/documentation/overview-manual/overview-manual-yp-intro.rst @@ -224,7 +224,7 @@ your Metadata, the easier it is to cope with future changes. possible. - Familiarize yourself with the `Yocto Project curated layer - index `__ + index `__ or the `OpenEmbedded layer index `__. The latter contains more layers but they are less universally diff --git a/poky/documentation/ref-manual/migration-1.5.rst b/poky/documentation/ref-manual/migration-1.5.rst index ce55199df..fa6ff92f1 100644 --- a/poky/documentation/ref-manual/migration-1.5.rst +++ b/poky/documentation/ref-manual/migration-1.5.rst @@ -185,7 +185,7 @@ been introduced. You can find some of the implications for this change `here `__. The change also means that recipes that install files to ``/var/run`` must be changed. You can find a guide on how to make these changes -`here `__. +`here `__. .. _migration-1.5-removal-of-package-manager-database-within-image-recipes: diff --git a/poky/documentation/ref-manual/ref-classes.rst b/poky/documentation/ref-manual/ref-classes.rst index 60ce8efd2..b007e3482 100644 --- a/poky/documentation/ref-manual/ref-classes.rst +++ b/poky/documentation/ref-manual/ref-classes.rst @@ -1413,7 +1413,9 @@ variables :term:`UBOOT_SIGN_ENABLE`, :term:`UBOOT_MKIMAGE_DTCOPTS`, :term:`UBOOT_SIGN_KEYDIR` and :term:`UBOOT_SIGN_KEYNAME` are set appropriately. The default values used for :term:`FIT_HASH_ALG` and :term:`FIT_SIGN_ALG` in ``kernel-fitimage`` are "sha256" and -"rsa2048" respectively. +"rsa2048" respectively. The keys for signing fitImage can be generated using +the ``kernel-fitimage`` class when both :term:`FIT_GENERATE_KEYS` and +:term:`UBOOT_SIGN_ENABLE` are set to "1". .. _ref-classes-kernel-grub: diff --git a/poky/documentation/ref-manual/ref-images.rst b/poky/documentation/ref-manual/ref-images.rst index f0229c3bb..c88d4d75c 100644 --- a/poky/documentation/ref-manual/ref-images.rst +++ b/poky/documentation/ref-manual/ref-images.rst @@ -42,7 +42,7 @@ Following is a list of supported recipes: `VMware Workstation `__. For more information on this image, see the :yocto_home:`Build - Appliance ` page + Appliance ` page on the Yocto Project website. - ``core-image-base``: A console-only image that fully supports the diff --git a/poky/documentation/ref-manual/ref-terms.rst b/poky/documentation/ref-manual/ref-terms.rst index 6e7e5169c..600cc23c3 100644 --- a/poky/documentation/ref-manual/ref-terms.rst +++ b/poky/documentation/ref-manual/ref-terms.rst @@ -355,7 +355,7 @@ universal, the list includes them just in case: the Source Directory, if you do, the top-level directory name of the Source Directory is derived from the Yocto Project release tarball. For example, downloading and unpacking - :yocto_dl:`releases/yocto/&DISTRO_REL_TAG;/&YOCTO_POKY;.tar.bz2` + :yocto_dl:`/releases/yocto/&DISTRO_REL_TAG;/&YOCTO_POKY;.tar.bz2` results in a Source Directory whose root folder is named ``poky``. It is important to understand the differences between the Source diff --git a/poky/documentation/ref-manual/ref-variables.rst b/poky/documentation/ref-manual/ref-variables.rst index 625a37c15..2d6719df1 100644 --- a/poky/documentation/ref-manual/ref-variables.rst +++ b/poky/documentation/ref-manual/ref-variables.rst @@ -696,7 +696,7 @@ system and gives an overview of their function and contents. compiler. Consequently, the syntax follows Python's Regular Expression (re) syntax. The expressions are compared against the full paths to the files. For complete syntax information, see Python's - documentation at http://docs.python.org/3/library/re.html#re. + documentation at https://docs.python.org/3/library/re.html#regular-expression-syntax. The following example uses a complete regular expression to tell BitBake to ignore all recipe and recipe append files in the @@ -2585,13 +2585,36 @@ system and gives an overview of their function and contents. For guidance on how to create your own file permissions settings table file, examine the existing ``fs-perms.txt``. + FIT_GENERATE_KEYS + Decides whether to generate the keys for signing fitImage if they + don't already exist. The keys are created in ``UBOOT_SIGN_KEYDIR``. + The default value is 0. + FIT_HASH_ALG Specifies the hash algorithm used in creating the FIT Image. For e.g. sha256. + FIT_KEY_GENRSA_ARGS + Arguments to openssl genrsa for generating RSA private key for signing + fitImage. The default value is "-F4". i.e. the public exponent 65537 to + use. + + FIT_KEY_REQ_ARGS + Arguments to openssl req for generating certificate for signing fitImage. + The default value is "-batch -new". batch for non interactive mode + and new for generating new keys. + + FIT_KEY_SIGN_PKCS + Format for public key ceritifcate used in signing fitImage. + The default value is "x509". + FIT_SIGN_ALG Specifies the signature algorithm used in creating the FIT Image. For e.g. rsa2048. + FIT_SIGN_NUMBITS + Size of private key in number of bits used in fitImage. The default + value is "2048". + FONT_EXTRA_RDEPENDS When inheriting the :ref:`fontcache ` class, this variable specifies the runtime dependencies for font packages. @@ -2902,10 +2925,46 @@ system and gives an overview of their function and contents. The base name of image output files. This variable defaults to the recipe name (``${``\ :term:`PN`\ ``}``). + IMAGE_EFI_BOOT_FILES + A space-separated list of files installed into the boot partition + when preparing an image using the Wic tool with the + ``bootimg-efi`` source plugin. By default, + the files are + installed under the same name as the source files. To change the + installed name, separate it from the original name with a semi-colon + (;). Source files need to be located in + :term:`DEPLOY_DIR_IMAGE`. Here are two + examples: + :: + + IMAGE_EFI_BOOT_FILES = "${KERNEL_IMAGETYPE};bz2" + IMAGE_EFI_BOOT_FILES = "${KERNEL_IMAGETYPE} microcode.cpio" + + Alternatively, source files can be picked up using a glob pattern. In + this case, the destination file must have the same name as the base + name of the source file path. To install files into a directory + within the target location, pass its name after a semi-colon (;). + Here are two examples: + :: + + IMAGE_EFI_BOOT_FILES = "boot/loader/*" + IMAGE_EFI_BOOT_FILES = "boot/loader/*;boot/" + + The first example + installs all files from ``${DEPLOY_DIR_IMAGE}/boot/loader/`` + into the root of the target partition. The second example installs + the same files into a ``boot`` directory within the target partition. + + You can find information on how to use the Wic tool in the + ":ref:`dev-manual/dev-manual-common-tasks:creating partitioned images using wic`" + section of the Yocto Project Development Tasks Manual. Reference + material for Wic is located in the + ":doc:`../ref-manual/ref-kickstart`" chapter. + IMAGE_BOOT_FILES A space-separated list of files installed into the boot partition when preparing an image using the Wic tool with the - ``bootimg-partition`` or ``bootimg-efi`` source plugin. By default, + ``bootimg-partition`` source plugin. By default, the files are installed under the same name as the source files. To change the installed name, separate it from the original name with a semi-colon @@ -3669,7 +3728,7 @@ system and gives an overview of their function and contents. The value in ``INITSCRIPT_PARAMS`` is passed through to the ``update-rc.d`` command. For more information on valid parameters, please see the ``update-rc.d`` manual page at - http://www.tin.org/bin/man.cgi?section=8&topic=update-rc.d. + https://manpages.debian.org/buster/init-system-helpers/update-rc.d.8.en.html INSANE_SKIP Specifies the QA checks to skip for a specific package within a diff --git a/poky/documentation/sdk-manual/sdk-appendix-obtain.rst b/poky/documentation/sdk-manual/sdk-appendix-obtain.rst index ffaed9dee..97ab9169e 100644 --- a/poky/documentation/sdk-manual/sdk-appendix-obtain.rst +++ b/poky/documentation/sdk-manual/sdk-appendix-obtain.rst @@ -17,7 +17,7 @@ and then run the script to hand-install the toolchain. Follow these steps to locate and hand-install the toolchain: 1. *Go to the Installers Directory:* Go to - :yocto_dl:`releases/yocto/yocto-3.1.2/toolchain/` + :yocto_dl:`/releases/yocto/yocto-3.1.2/toolchain/` 2. *Open the Folder for Your Build Host:* Open the folder that matches your :term:`Build Host` (i.e. @@ -204,7 +204,7 @@ Follow these steps to extract the root filesystem: Image File:* You need to find and download the root filesystem image file that is appropriate for your target system. These files are kept in machine-specific folders in the - :yocto_dl:`Index of Releases ` + :yocto_dl:`Index of Releases ` in the "machines" directory. The machine-specific folders of the "machines" directory contain @@ -258,7 +258,7 @@ Follow these steps to extract the root filesystem: Following is an example command that extracts the root filesystem from a previously built root filesystem image that was downloaded - from the :yocto_dl:`Index of Releases `. + from the :yocto_dl:`Index of Releases `. This command extracts the root filesystem into the ``core2-64-sato`` directory: :: diff --git a/poky/documentation/sdk-manual/sdk-extensible.rst b/poky/documentation/sdk-manual/sdk-extensible.rst index 1ad5c46be..0f92ac9f0 100644 --- a/poky/documentation/sdk-manual/sdk-extensible.rst +++ b/poky/documentation/sdk-manual/sdk-extensible.rst @@ -51,7 +51,7 @@ Host` by running the ``*.sh`` installation script. You can download a tarball installer, which includes the pre-built toolchain, the ``runqemu`` script, the internal build system, ``devtool``, and support files from the appropriate -:yocto_dl:`toolchain ` directory within the Index of +:yocto_dl:`toolchain ` directory within the Index of Releases. Toolchains are available for several 32-bit and 64-bit architectures with the ``x86_64`` directories, respectively. The toolchains the Yocto Project provides are based off the diff --git a/poky/documentation/sdk-manual/sdk-intro.rst b/poky/documentation/sdk-manual/sdk-intro.rst index 2e01cf136..82b7bcf3c 100644 --- a/poky/documentation/sdk-manual/sdk-intro.rst +++ b/poky/documentation/sdk-manual/sdk-intro.rst @@ -195,7 +195,7 @@ You just need to follow these general steps: root filesystem images. If you are going to develop your application on hardware, go to the - :yocto_dl:`machines ` download area and choose a + :yocto_dl:`machines ` download area and choose a target machine area from which to download the kernel image and root filesystem. This download area could have several files in it that support development using actual hardware. For example, the area @@ -205,7 +205,7 @@ You just need to follow these general steps: If you are going to develop your application and then run and test it using the QEMU emulator, go to the - :yocto_dl:`machines/qemu ` download area. From this + :yocto_dl:`machines/qemu ` download area. From this area, go down into the directory for your target architecture (e.g. ``qemux86_64`` for an Intel-based 64-bit architecture). Download the kernel, root filesystem, and any other files you need for your diff --git a/poky/documentation/sdk-manual/sdk-using.rst b/poky/documentation/sdk-manual/sdk-using.rst index cd57f07ee..09a194cab 100644 --- a/poky/documentation/sdk-manual/sdk-using.rst +++ b/poky/documentation/sdk-manual/sdk-using.rst @@ -47,7 +47,7 @@ Host` by running the ``*.sh`` installation script. You can download a tarball installer, which includes the pre-built toolchain, the ``runqemu`` script, and support files from the -appropriate :yocto_dl:`toolchain ` directory within +appropriate :yocto_dl:`toolchain ` directory within the Index of Releases. Toolchains are available for several 32-bit and 64-bit architectures with the ``x86_64`` directories, respectively. The toolchains the Yocto Project provides are based off the diff --git a/poky/documentation/sphinx-static/theme_overrides.css b/poky/documentation/sphinx-static/theme_overrides.css index c18053398..55da38a2b 100644 --- a/poky/documentation/sphinx-static/theme_overrides.css +++ b/poky/documentation/sphinx-static/theme_overrides.css @@ -4,8 +4,6 @@ body { font-family: Verdana, Sans, sans-serif; - - min-width: 640px; margin: 0em auto; color: #333; } diff --git a/poky/documentation/sphinx/yocto-vars.py b/poky/documentation/sphinx/yocto-vars.py index 568947299..8083d7da1 100644 --- a/poky/documentation/sphinx/yocto-vars.py +++ b/poky/documentation/sphinx/yocto-vars.py @@ -1,10 +1,19 @@ #!/usr/bin/env python import re -import yaml +import sys import sphinx from sphinx.application import Sphinx +# This extension uses pyyaml, report an explicit +# error message if it's not installed +try: + import yaml +except ImportError: + sys.stderr.write("The Yocto Project Sphinx documentation requires PyYAML.\ + \nPlease make sure to install pyyaml python package.\n") + sys.exit(1) + __version__ = '1.0' # Variables substitutions. Uses {VAR} subst using variables defined in poky.yaml diff --git a/poky/meta/classes/cve-check.bbclass b/poky/meta/classes/cve-check.bbclass index 02fef7c20..25cefda92 100644 --- a/poky/meta/classes/cve-check.bbclass +++ b/poky/meta/classes/cve-check.bbclass @@ -36,18 +36,21 @@ CVE_CHECK_SUMMARY_FILE_NAME ?= "cve-summary" CVE_CHECK_SUMMARY_FILE ?= "${CVE_CHECK_SUMMARY_DIR}/${CVE_CHECK_SUMMARY_FILE_NAME}" CVE_CHECK_DIR ??= "${DEPLOY_DIR}/cve" +CVE_CHECK_RECIPE_FILE ?= "${CVE_CHECK_DIR}/${PN}" CVE_CHECK_MANIFEST ?= "${DEPLOY_DIR_IMAGE}/${IMAGE_NAME}${IMAGE_NAME_SUFFIX}.cve" CVE_CHECK_COPY_FILES ??= "1" CVE_CHECK_CREATE_MANIFEST ??= "1" +CVE_CHECK_REPORT_PATCHED ??= "1" + # Whitelist for packages (PN) CVE_CHECK_PN_WHITELIST ?= "" # Whitelist for CVE. If a CVE is found, then it is considered patched. # The value is a string containing space separated CVE values: -# +# # CVE_CHECK_WHITELIST = 'CVE-2014-2524 CVE-2018-1234' -# +# CVE_CHECK_WHITELIST ?= "" python cve_save_summary_handler () { @@ -118,7 +121,7 @@ python cve_check_write_rootfs_manifest () { import shutil if d.getVar("CVE_CHECK_COPY_FILES") == "1": - deploy_file = os.path.join(d.getVar("CVE_CHECK_DIR"), d.getVar("PN")) + deploy_file = d.getVar("CVE_CHECK_RECIPE_FILE") if os.path.exists(deploy_file): bb.utils.remove(deploy_file) @@ -331,12 +334,15 @@ def cve_write_data(d, patched, unpatched, whitelisted, cve_data): bb.utils.mkdirhier(os.path.dirname(cve_file)) for cve in sorted(cve_data): + is_patched = cve in patched + if is_patched and (d.getVar("CVE_CHECK_REPORT_PATCHED") != "1"): + continue write_string += "PACKAGE NAME: %s\n" % d.getVar("PN") write_string += "PACKAGE VERSION: %s%s\n" % (d.getVar("EXTENDPE"), d.getVar("PV")) write_string += "CVE: %s\n" % cve if cve in whitelisted: write_string += "CVE STATUS: Whitelisted\n" - elif cve in patched: + elif is_patched: write_string += "CVE STATUS: Patched\n" else: unpatched_cves.append(cve) @@ -350,20 +356,20 @@ def cve_write_data(d, patched, unpatched, whitelisted, cve_data): if unpatched_cves: bb.warn("Found unpatched CVE (%s), for more information check %s" % (" ".join(unpatched_cves),cve_file)) - with open(cve_file, "w") as f: - bb.note("Writing file %s with CVE information" % cve_file) - f.write(write_string) - - if d.getVar("CVE_CHECK_COPY_FILES") == "1": - cve_dir = d.getVar("CVE_CHECK_DIR") - bb.utils.mkdirhier(cve_dir) - deploy_file = os.path.join(cve_dir, d.getVar("PN")) - with open(deploy_file, "w") as f: + if write_string: + with open(cve_file, "w") as f: + bb.note("Writing file %s with CVE information" % cve_file) f.write(write_string) - if d.getVar("CVE_CHECK_CREATE_MANIFEST") == "1": - cvelogpath = d.getVar("CVE_CHECK_SUMMARY_DIR") - bb.utils.mkdirhier(cvelogpath) + if d.getVar("CVE_CHECK_COPY_FILES") == "1": + deploy_file = d.getVar("CVE_CHECK_RECIPE_FILE") + bb.utils.mkdirhier(os.path.dirname(deploy_file)) + with open(deploy_file, "w") as f: + f.write(write_string) + + if d.getVar("CVE_CHECK_CREATE_MANIFEST") == "1": + cvelogpath = d.getVar("CVE_CHECK_SUMMARY_DIR") + bb.utils.mkdirhier(cvelogpath) - with open(d.getVar("CVE_CHECK_TMP_FILE"), "a") as f: - f.write("%s" % write_string) + with open(d.getVar("CVE_CHECK_TMP_FILE"), "a") as f: + f.write("%s" % write_string) diff --git a/poky/meta/classes/go-mod.bbclass b/poky/meta/classes/go-mod.bbclass index 5871d0250..cabb04d0e 100644 --- a/poky/meta/classes/go-mod.bbclass +++ b/poky/meta/classes/go-mod.bbclass @@ -12,7 +12,7 @@ # The '-modcacherw' option ensures we have write access to the cached objects so # we avoid errors during clean task as well as when removing the TMPDIR. -export GOBUILDFLAGS ?= "-v ${GO_LDFLAGS} -modcacherw" +GOBUILDFLAGS_append = " -modcacherw" inherit go diff --git a/poky/meta/classes/image-artifact-names.bbclass b/poky/meta/classes/image-artifact-names.bbclass index 5ab8f1b7a..3ac8dd731 100644 --- a/poky/meta/classes/image-artifact-names.bbclass +++ b/poky/meta/classes/image-artifact-names.bbclass @@ -2,11 +2,11 @@ # Specific image creation and rootfs population info. ################################################################## -IMAGE_BASENAME = "${PN}" -IMAGE_VERSION_SUFFIX = "-${DATETIME}" +IMAGE_BASENAME ?= "${PN}" +IMAGE_VERSION_SUFFIX ?= "-${DATETIME}" IMAGE_VERSION_SUFFIX[vardepsexclude] += "DATETIME" -IMAGE_NAME = "${IMAGE_BASENAME}-${MACHINE}${IMAGE_VERSION_SUFFIX}" -IMAGE_LINK_NAME = "${IMAGE_BASENAME}-${MACHINE}" +IMAGE_NAME ?= "${IMAGE_BASENAME}-${MACHINE}${IMAGE_VERSION_SUFFIX}" +IMAGE_LINK_NAME ?= "${IMAGE_BASENAME}-${MACHINE}" # IMAGE_NAME is the base name for everything produced when building images. # The actual image that contains the rootfs has an additional suffix (.rootfs diff --git a/poky/meta/classes/kernel-yocto.bbclass b/poky/meta/classes/kernel-yocto.bbclass index a35c5923d..35587dd56 100644 --- a/poky/meta/classes/kernel-yocto.bbclass +++ b/poky/meta/classes/kernel-yocto.bbclass @@ -155,7 +155,7 @@ do_kernel_metadata() { fi in_tree_defconfig="${WORKDIR}/defconfig" else - bbfatal "A KBUILD_DEFCONFIG '${KBUILD_DEFCONFIG}' was specified, but not present in the source tree" + bbfatal "A KBUILD_DEFCONFIG '${KBUILD_DEFCONFIG}' was specified, but not present in the source tree (${S}/arch/${ARCH}/configs/)" fi fi diff --git a/poky/meta/classes/kernel.bbclass b/poky/meta/classes/kernel.bbclass index 48135b3d4..78def5bbc 100644 --- a/poky/meta/classes/kernel.bbclass +++ b/poky/meta/classes/kernel.bbclass @@ -172,7 +172,10 @@ python do_symlink_kernsrc () { shutil.move(s, kernsrc) os.symlink(kernsrc, s) } -addtask symlink_kernsrc before do_patch after do_unpack +# do_patch is normally ordered before do_configure, but +# externalsrc.bbclass deletes do_patch, breaking the dependency of +# do_configure on do_symlink_kernsrc. +addtask symlink_kernsrc before do_patch do_configure after do_unpack inherit kernel-arch deploy diff --git a/poky/meta/classes/linuxloader.bbclass b/poky/meta/classes/linuxloader.bbclass index 176fd89fd..720e5dfad 100644 --- a/poky/meta/classes/linuxloader.bbclass +++ b/poky/meta/classes/linuxloader.bbclass @@ -4,7 +4,7 @@ def get_musl_loader_arch(d): targetarch = d.getVar("TARGET_ARCH") if targetarch.startswith("microblaze"): - ldso_arch = "microblaze${@bb.utils.contains('TUNE_FEATURES', 'bigendian', '', 'el' ,d)}" + ldso_arch = "microblaze${@bb.utils.contains('TUNE_FEATURES', 'bigendian', '', 'el', d)}" elif targetarch.startswith("mips"): ldso_arch = "mips${ABIEXTENSION}${MIPSPKGSFX_BYTE}${MIPSPKGSFX_R6}${MIPSPKGSFX_ENDIAN}${@['', '-sf'][d.getVar('TARGET_FPU') == 'soft']}" elif targetarch == "powerpc": diff --git a/poky/meta/classes/populate_sdk_ext.bbclass b/poky/meta/classes/populate_sdk_ext.bbclass index d659b6940..6f35b612c 100644 --- a/poky/meta/classes/populate_sdk_ext.bbclass +++ b/poky/meta/classes/populate_sdk_ext.bbclass @@ -522,12 +522,18 @@ python copy_buildsystem () { # sdk_ext_postinst() below) thus the checksum we take here would always # be different. manifest_file_list = ['conf/*'] + esdk_manifest_excludes = (d.getVar('ESDK_MANIFEST_EXCLUDES') or '').split() + esdk_manifest_excludes_list = [] + for exclude_item in esdk_manifest_excludes: + esdk_manifest_excludes_list += glob.glob(os.path.join(baseoutpath, exclude_item)) manifest_file = os.path.join(baseoutpath, 'conf', 'sdk-conf-manifest') with open(manifest_file, 'w') as f: for item in manifest_file_list: for fn in glob.glob(os.path.join(baseoutpath, item)): if fn == manifest_file: continue + if fn in esdk_manifest_excludes_list: + continue chksum = bb.utils.sha256_file(fn) f.write('%s\t%s\n' % (chksum, os.path.relpath(fn, baseoutpath))) } diff --git a/poky/meta/classes/qemuboot.bbclass b/poky/meta/classes/qemuboot.bbclass index d8f62ef6e..824676216 100644 --- a/poky/meta/classes/qemuboot.bbclass +++ b/poky/meta/classes/qemuboot.bbclass @@ -29,6 +29,9 @@ # QB_AUDIO_OPT: qemu audio option, e.g., "-soundhw ac97,es1370", used # when QB_AUDIO_DRV is set. # +# QB_RNG: Pass-through for host random number generator, it can speedup boot +# in system mode, where system is experiencing entropy starvation +# # QB_KERNEL_ROOT: kernel's root, e.g., /dev/vda # # QB_NETWORK_DEVICE: network device, e.g., "-device virtio-net-pci,netdev=net0,mac=@MAC@", @@ -77,6 +80,7 @@ QB_MEM ?= "-m 256" QB_SERIAL_OPT ?= "-serial mon:stdio -serial null" QB_DEFAULT_KERNEL ?= "${KERNEL_IMAGETYPE}" QB_DEFAULT_FSTYPE ?= "ext4" +QB_RNG ?= "-object rng-random,filename=/dev/urandom,id=rng0 -device virtio-rng-pci,rng=rng0" QB_OPT_APPEND ?= "" QB_NETWORK_DEVICE ?= "-device virtio-net-pci,netdev=net0,mac=@MAC@" QB_CMDLINE_IP_SLIRP ?= "ip=dhcp" diff --git a/poky/meta/classes/rootfs_rpm.bbclass b/poky/meta/classes/rootfs_rpm.bbclass index 51f89ea99..82584f386 100644 --- a/poky/meta/classes/rootfs_rpm.bbclass +++ b/poky/meta/classes/rootfs_rpm.bbclass @@ -9,7 +9,7 @@ export STAGING_INCDIR export STAGING_LIBDIR # Add 100Meg of extra space for dnf -IMAGE_ROOTFS_EXTRA_SPACE_append = "${@bb.utils.contains("PACKAGE_INSTALL", "dnf", " + 102400", "" ,d)}" +IMAGE_ROOTFS_EXTRA_SPACE_append = "${@bb.utils.contains("PACKAGE_INSTALL", "dnf", " + 102400", "", d)}" # Dnf is python based, so be sure python3-native is available to us. EXTRANATIVEPATH += "python3-native" diff --git a/poky/meta/classes/sstate.bbclass b/poky/meta/classes/sstate.bbclass index 375196ef2..a8ae75101 100644 --- a/poky/meta/classes/sstate.bbclass +++ b/poky/meta/classes/sstate.bbclass @@ -787,7 +787,7 @@ sstate_create_package () { return fi - mkdir -p `dirname ${SSTATE_PKG}` + mkdir --mode=0775 -p `dirname ${SSTATE_PKG}` TFILE=`mktemp ${SSTATE_PKG}.XXXXXXXX` # Use pigz if available @@ -847,7 +847,7 @@ python sstate_report_unihash() { sstate_unpack_package () { tar -xvzf ${SSTATE_PKG} # update .siginfo atime on local/NFS mirror - [ -w ${SSTATE_PKG}.siginfo ] && [ -h ${SSTATE_PKG}.siginfo ] && touch -a ${SSTATE_PKG}.siginfo + [ -O ${SSTATE_PKG}.siginfo ] && [ -w ${SSTATE_PKG}.siginfo ] && [ -h ${SSTATE_PKG}.siginfo ] && touch -a ${SSTATE_PKG}.siginfo # Use "! -w ||" to return true for read only files [ ! -w ${SSTATE_PKG} ] || touch --no-dereference ${SSTATE_PKG} [ ! -w ${SSTATE_PKG}.sig ] || [ ! -e ${SSTATE_PKG}.sig ] || touch --no-dereference ${SSTATE_PKG}.sig diff --git a/poky/meta/classes/staging.bbclass b/poky/meta/classes/staging.bbclass index de3a19815..f0a619b35 100644 --- a/poky/meta/classes/staging.bbclass +++ b/poky/meta/classes/staging.bbclass @@ -614,7 +614,7 @@ python staging_taskhandler() { bbtasks = e.tasklist for task in bbtasks: deps = d.getVarFlag(task, "depends") - if deps and "populate_sysroot" in deps: + if task == "do_configure" or (deps and "populate_sysroot" in deps): d.appendVarFlag(task, "prefuncs", " extend_recipe_sysroot") } staging_taskhandler[eventmask] = "bb.event.RecipeTaskPreProcess" diff --git a/poky/meta/classes/testexport.bbclass b/poky/meta/classes/testexport.bbclass index 59cbaefbf..1b0fb44a4 100644 --- a/poky/meta/classes/testexport.bbclass +++ b/poky/meta/classes/testexport.bbclass @@ -137,7 +137,7 @@ def copy_needed_files(d, tc): shutil.rmtree(os.path.join(subdir, dir)) # Create tar file for common parts of testexport - create_tarball(d, "testexport.tar.gz", d.getVar("TEST_EXPORT_DIR")) + testexport_create_tarball(d, "testexport.tar.gz", d.getVar("TEST_EXPORT_DIR")) # Copy packages needed for runtime testing package_extraction(d, tc.suites) @@ -146,7 +146,7 @@ def copy_needed_files(d, tc): export_pkg_dir = os.path.join(d.getVar("TEST_EXPORT_DIR"), "packages") oe.path.copytree(test_pkg_dir, export_pkg_dir) # Create tar file for packages needed by the DUT - create_tarball(d, "testexport_packages_%s.tar.gz" % d.getVar("MACHINE"), export_pkg_dir) + testexport_create_tarball(d, "testexport_packages_%s.tar.gz" % d.getVar("MACHINE"), export_pkg_dir) # Copy SDK if d.getVar("TEST_EXPORT_SDK_ENABLED") == "1": @@ -159,11 +159,11 @@ def copy_needed_files(d, tc): shutil.copy2(tarball_path, export_sdk_dir) # Create tar file for the sdk - create_tarball(d, "testexport_sdk_%s.tar.gz" % d.getVar("SDK_ARCH"), export_sdk_dir) + testexport_create_tarball(d, "testexport_sdk_%s.tar.gz" % d.getVar("SDK_ARCH"), export_sdk_dir) bb.plain("Exported tests to: %s" % export_path) -def create_tarball(d, tar_name, src_dir): +def testexport_create_tarball(d, tar_name, src_dir): import tarfile diff --git a/poky/meta/classes/testimage.bbclass b/poky/meta/classes/testimage.bbclass index 6c8bedcd6..e3feef02f 100644 --- a/poky/meta/classes/testimage.bbclass +++ b/poky/meta/classes/testimage.bbclass @@ -319,6 +319,7 @@ def testimage_main(d): target_kwargs['powercontrol_extra_args'] = d.getVar("TEST_POWERCONTROL_EXTRA_ARGS") or "" target_kwargs['serialcontrol_cmd'] = d.getVar("TEST_SERIALCONTROL_CMD") or None target_kwargs['serialcontrol_extra_args'] = d.getVar("TEST_SERIALCONTROL_EXTRA_ARGS") or "" + target_kwargs['testimage_dump_target'] = d.getVar("testimage_dump_target") or "" def export_ssh_agent(d): import os diff --git a/poky/meta/conf/bitbake.conf b/poky/meta/conf/bitbake.conf index a318d1ca5..e6338b0c7 100644 --- a/poky/meta/conf/bitbake.conf +++ b/poky/meta/conf/bitbake.conf @@ -701,7 +701,7 @@ PREFERRED_PROVIDER_virtual/fakeroot-native ?= "pseudo-native" ################################################################## # Pre-build configuration output -BUILDCFG_HEADER = "Build Configuration:" +BUILDCFG_HEADER = "Build Configuration${@" (mc:${BB_CURRENT_MC})" if d.getVar("BBMULTICONFIG") else ""}:" BUILDCFG_VARS = "BB_VERSION BUILD_SYS NATIVELSBSTRING TARGET_SYS MACHINE DISTRO DISTRO_VERSION TUNE_FEATURES TARGET_FPU" BUILDCFG_VARS[type] = "list" BUILDCFG_NEEDEDVARS = "TARGET_ARCH TARGET_OS" diff --git a/poky/meta/conf/distro/include/maintainers.inc b/poky/meta/conf/distro/include/maintainers.inc index a094b39b2..5a3f913b0 100644 --- a/poky/meta/conf/distro/include/maintainers.inc +++ b/poky/meta/conf/distro/include/maintainers.inc @@ -78,7 +78,7 @@ RECIPE_MAINTAINER_pn-bmap-tools = "Anuj Mittal " RECIPE_MAINTAINER_pn-boost = "Alexander Kanavin " RECIPE_MAINTAINER_pn-bootchart2 = "Alexander Kanavin " RECIPE_MAINTAINER_pn-bsd-headers = "Khem Raj " -RECIPE_MAINTAINER_pn-btrfs-tools = "Alexander Kanavin " +RECIPE_MAINTAINER_pn-btrfs-tools = "Wang Mingyu " RECIPE_MAINTAINER_pn-build-appliance-image = "Richard Purdie " RECIPE_MAINTAINER_pn-build-sysroots = "Richard Purdie " RECIPE_MAINTAINER_pn-builder = "Richard Purdie " @@ -157,14 +157,14 @@ RECIPE_MAINTAINER_pn-dos2unix = "Khem Raj " RECIPE_MAINTAINER_pn-dosfstools = "Yi Zhao " RECIPE_MAINTAINER_pn-dpkg = "Aníbal Limón " RECIPE_MAINTAINER_pn-dropbear = "Yi Zhao " -RECIPE_MAINTAINER_pn-dtc = "Alexander Kanavin " +RECIPE_MAINTAINER_pn-dtc = "Wang Mingyu " RECIPE_MAINTAINER_pn-dwarfsrcfiles = "Alexander Kanavin " RECIPE_MAINTAINER_pn-e2fsprogs = "Robert Yang " RECIPE_MAINTAINER_pn-ed = "Alexander Kanavin " RECIPE_MAINTAINER_pn-efivar = "Ross Burton " RECIPE_MAINTAINER_pn-efibootmgr = "Ross Burton " -RECIPE_MAINTAINER_pn-elfutils = "Hongxu Jia " -RECIPE_MAINTAINER_pn-ell = "Oleksandr Kravchuk " +RECIPE_MAINTAINER_pn-elfutils = "Zang Ruochen " +RECIPE_MAINTAINER_pn-ell = "Zang Ruochen " RECIPE_MAINTAINER_pn-enchant2 = "Anuj Mittal " RECIPE_MAINTAINER_pn-encodings = "Armin Kuster " RECIPE_MAINTAINER_pn-epiphany = "Alexander Kanavin " @@ -279,7 +279,7 @@ RECIPE_MAINTAINER_pn-intltool = "Alexander Kanavin " RECIPE_MAINTAINER_pn-iproute2 = "Changhyeok Bae " RECIPE_MAINTAINER_pn-iptables = "Changhyeok Bae " RECIPE_MAINTAINER_pn-iputils = "Changhyeok Bae " -RECIPE_MAINTAINER_pn-iso-codes = "Alexander Kanavin " +RECIPE_MAINTAINER_pn-iso-codes = "Wang Mingyu " RECIPE_MAINTAINER_pn-itstool = "Andreas Müller " RECIPE_MAINTAINER_pn-iw = "Changhyeok Bae " RECIPE_MAINTAINER_pn-libjpeg-turbo = "Anuj Mittal " @@ -362,15 +362,15 @@ RECIPE_MAINTAINER_pn-libogg = "Anuj Mittal " RECIPE_MAINTAINER_pn-libomxil = "Anuj Mittal " RECIPE_MAINTAINER_pn-libpam = "Anuj Mittal " RECIPE_MAINTAINER_pn-libpcap = "Anuj Mittal " -RECIPE_MAINTAINER_pn-libpciaccess = "Alexander Kanavin " +RECIPE_MAINTAINER_pn-libpciaccess = "Wang Mingyu " RECIPE_MAINTAINER_pn-libpcre = "Yi Zhao " RECIPE_MAINTAINER_pn-libpcre2 = "Armin Kuster " -RECIPE_MAINTAINER_pn-libpipeline = "Alexander Kanavin " +RECIPE_MAINTAINER_pn-libpipeline = "Wang Mingyu " RECIPE_MAINTAINER_pn-libpng = "Anuj Mittal " RECIPE_MAINTAINER_pn-libproxy = "Anuj Mittal " RECIPE_MAINTAINER_pn-libpthread-stubs = "Alexander Kanavin " RECIPE_MAINTAINER_pn-libpsl = "Anuj Mittal " -RECIPE_MAINTAINER_pn-librepo = "Alexander Kanavin " +RECIPE_MAINTAINER_pn-librepo = "Wang Mingyu " RECIPE_MAINTAINER_pn-librsvg = "Anuj Mittal " RECIPE_MAINTAINER_pn-libsamplerate0 = "Tanu Kaskinen " RECIPE_MAINTAINER_pn-libsdl2 = "Yi Zhao " @@ -391,7 +391,7 @@ RECIPE_MAINTAINER_pn-libtool-native = "Robert Yang " RECIPE_MAINTAINER_pn-libucontext = "Khem Raj " RECIPE_MAINTAINER_pn-libunistring = "Anuj Mittal " RECIPE_MAINTAINER_pn-libunwind = "Bruce Ashfield " -RECIPE_MAINTAINER_pn-liburcu = "Alexander Kanavin " +RECIPE_MAINTAINER_pn-liburcu = "Wang Mingyu " RECIPE_MAINTAINER_pn-liburi-perl = "Tim Orling " RECIPE_MAINTAINER_pn-libusb1 = "Anuj Mittal " RECIPE_MAINTAINER_pn-libubootenv = "Stefano Babic " @@ -399,7 +399,7 @@ RECIPE_MAINTAINER_pn-libuv = "Armin Kuster " RECIPE_MAINTAINER_pn-libva = "Anuj Mittal " RECIPE_MAINTAINER_pn-libva-initial = "Anuj Mittal " RECIPE_MAINTAINER_pn-libva-utils = "Anuj Mittal " -RECIPE_MAINTAINER_pn-libvorbis = "Tanu Kaskinen " +RECIPE_MAINTAINER_pn-libvorbis = "Zang Ruochen " RECIPE_MAINTAINER_pn-libwebp = "Alexander Kanavin " RECIPE_MAINTAINER_pn-libwpe = "Alexander Kanavin " RECIPE_MAINTAINER_pn-libx11 = "Armin Kuster " @@ -440,7 +440,7 @@ RECIPE_MAINTAINER_pn-libxtst = "Armin Kuster " RECIPE_MAINTAINER_pn-libxv = "Armin Kuster " RECIPE_MAINTAINER_pn-libxvmc = "Armin Kuster " RECIPE_MAINTAINER_pn-libxxf86vm = "Armin Kuster " -RECIPE_MAINTAINER_pn-libyaml = "Alexander Kanavin " +RECIPE_MAINTAINER_pn-libyaml = "Wang Mingyu " RECIPE_MAINTAINER_pn-lighttpd = "Alexander Kanavin " RECIPE_MAINTAINER_pn-linux-dummy = "Alexander Kanavin " RECIPE_MAINTAINER_pn-linux-firmware = "Otavio Salvador " @@ -505,7 +505,7 @@ RECIPE_MAINTAINER_pn-modutils-initscripts = "Yi Zhao " RECIPE_MAINTAINER_pn-mpeg2dec = "Alexander Kanavin " RECIPE_MAINTAINER_pn-mpfr = "Khem Raj " RECIPE_MAINTAINER_pn-mpg123 = "Alexander Kanavin " -RECIPE_MAINTAINER_pn-msmtp = "Alexander Kanavin " +RECIPE_MAINTAINER_pn-msmtp = "Wang Mingyu " RECIPE_MAINTAINER_pn-mtd-utils = "Denys Dmytriyenko " RECIPE_MAINTAINER_pn-mtdev = "Anuj Mittal " RECIPE_MAINTAINER_pn-mtools = "Anuj Mittal " @@ -580,7 +580,7 @@ RECIPE_MAINTAINER_pn-puzzles = "Anuj Mittal " RECIPE_MAINTAINER_pn-python3 = "Oleksandr Kravchuk " RECIPE_MAINTAINER_pn-python3-async = "Oleksandr Kravchuk " RECIPE_MAINTAINER_pn-python3-cython = "Oleksandr Kravchuk " -RECIPE_MAINTAINER_pn-python3-dbus = "Oleksandr Kravchuk " +RECIPE_MAINTAINER_pn-python3-dbus = "Zang Ruochen " RECIPE_MAINTAINER_pn-python3-dbusmock = "Oleksandr Kravchuk " RECIPE_MAINTAINER_pn-python3-docutils = "Oleksandr Kravchuk " RECIPE_MAINTAINER_pn-python3-pycryptodome = "Joshua Watt " @@ -589,22 +589,24 @@ RECIPE_MAINTAINER_pn-python3-extras = "Oleksandr Kravchuk -Date: Mon, 15 Oct 2018 16:55:09 +0800 -Subject: [PATCH] avoid start failure with bind user - -Upstream-Status: Pending - -Signed-off-by: Chen Qi ---- - init.d | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/init.d b/init.d -index b2eec60..6e03936 100644 ---- a/init.d -+++ b/init.d -@@ -57,6 +57,7 @@ case "$1" in - modprobe capability >/dev/null 2>&1 || true - if [ ! -f /etc/bind/rndc.key ]; then - /usr/sbin/rndc-confgen -a -b 512 -r /dev/urandom -+ chown root:bind /etc/bind/rndc.key >/dev/null 2>&1 || true - chmod 0640 /etc/bind/rndc.key - fi - if [ -f /var/run/named/named.pid ]; then --- -2.7.4 - diff --git a/poky/meta/recipes-connectivity/bind/bind-9.16.5/0001-named-lwresd-V-and-start-log-hide-build-options.patch b/poky/meta/recipes-connectivity/bind/bind-9.16.5/0001-named-lwresd-V-and-start-log-hide-build-options.patch deleted file mode 100644 index 5bcc16c9b..000000000 --- a/poky/meta/recipes-connectivity/bind/bind-9.16.5/0001-named-lwresd-V-and-start-log-hide-build-options.patch +++ /dev/null @@ -1,35 +0,0 @@ -From a3af4a405baf5ff582e82aaba392dd9667d94bdc Mon Sep 17 00:00:00 2001 -From: Hongxu Jia -Date: Mon, 27 Aug 2018 21:24:20 +0800 -Subject: [PATCH] `named/lwresd -V' and start log hide build options - -The build options expose build path directories, so hide them. -[snip] -$ named -V -|built by make with *** (options are hidden) -[snip] - -Upstream-Status: Inappropriate [oe-core specific] - -Signed-off-by: Hongxu Jia - -Refreshed for 9.16.0 -Signed-off-by: Armin Kuster - ---- - bin/named/include/named/globals.h | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -Index: bind-9.16.0/bin/named/include/named/globals.h -=================================================================== ---- bind-9.16.0.orig/bin/named/include/named/globals.h -+++ bind-9.16.0/bin/named/include/named/globals.h -@@ -69,7 +69,7 @@ EXTERN const char *named_g_version I - EXTERN const char *named_g_product INIT(PRODUCT); - EXTERN const char *named_g_description INIT(DESCRIPTION); - EXTERN const char *named_g_srcid INIT(SRCID); --EXTERN const char *named_g_configargs INIT(CONFIGARGS); -+EXTERN const char *named_g_configargs INIT("*** (options are hidden)"); - EXTERN const char *named_g_builder INIT(BUILDER); - EXTERN in_port_t named_g_port INIT(0); - EXTERN isc_dscp_t named_g_dscp INIT(-1); diff --git a/poky/meta/recipes-connectivity/bind/bind-9.16.5/bind-ensure-searching-for-json-headers-searches-sysr.patch b/poky/meta/recipes-connectivity/bind/bind-9.16.5/bind-ensure-searching-for-json-headers-searches-sysr.patch deleted file mode 100644 index f9cdc7ca4..000000000 --- a/poky/meta/recipes-connectivity/bind/bind-9.16.5/bind-ensure-searching-for-json-headers-searches-sysr.patch +++ /dev/null @@ -1,47 +0,0 @@ -From edda20fb5a6e88548f85e39d34d6c074306e15bc Mon Sep 17 00:00:00 2001 -From: Paul Gortmaker -Date: Tue, 9 Jun 2015 11:22:00 -0400 -Subject: [PATCH] bind: ensure searching for json headers searches sysroot - -Bind can fail configure by detecting headers w/o libs[1], or -it can fail the host contamination check as per below: - -ERROR: This autoconf log indicates errors, it looked at host include and/or library paths while determining system capabilities. -Rerun configure task after fixing this. The path was 'build/tmp/work/core2-64-poky-linux/bind/9.10.2-r1/build' -ERROR: Function failed: do_qa_configure -ERROR: Logfile of failure stored in: build/tmp/work/core2-64-poky-linux/bind/9.10.2-r1/temp/log.do_configure.5242 -ERROR: Task 5 (meta/recipes-connectivity/bind/bind_9.10.2.bb, do_configure) failed with exit code '1' -NOTE: Tasks Summary: Attempted 773 tasks of which 768 didn't need to be rerun and 1 failed. -No currently running tasks (773 of 781) - -Summary: 1 task failed: - /meta/recipes-connectivity/bind/bind_9.10.2.bb, do_configure - -One way to fix it would be to unconditionally disable json in bind -configure[2] but here we fix it by using the path to where we would -put the header if we had json in the sysroot, in case someone wants -to make use of the combination some day. - -[1] https://trac.macports.org/ticket/45305 -[2] https://trac.macports.org/changeset/126406 - -Upstream-Status: Inappropriate [OE Specific] -Signed-off-by: Paul Gortmaker - ---- - configure.ac | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -Index: bind-9.16.4/configure.ac -=================================================================== ---- bind-9.16.4.orig/configure.ac -+++ bind-9.16.4/configure.ac -@@ -1232,7 +1232,7 @@ case "$use_lmdb" in - LMDB_LIBS="" - ;; - auto|yes) -- for d in /usr /usr/local /opt/local -+ for d in "${STAGING_INCDIR}" - do - if test -f "${d}/include/lmdb.h" - then diff --git a/poky/meta/recipes-connectivity/bind/bind-9.16.5/bind9 b/poky/meta/recipes-connectivity/bind/bind-9.16.5/bind9 deleted file mode 100644 index 968679ff7..000000000 --- a/poky/meta/recipes-connectivity/bind/bind-9.16.5/bind9 +++ /dev/null @@ -1,2 +0,0 @@ -# startup options for the server -OPTIONS="-u bind" diff --git a/poky/meta/recipes-connectivity/bind/bind-9.16.5/conf.patch b/poky/meta/recipes-connectivity/bind/bind-9.16.5/conf.patch deleted file mode 100644 index aad345f9f..000000000 --- a/poky/meta/recipes-connectivity/bind/bind-9.16.5/conf.patch +++ /dev/null @@ -1,330 +0,0 @@ -Upstream-Status: Inappropriate [configuration] - -the patch is imported from openembedded project - -11/30/2010 - Qing He - -diff -urN bind-9.3.1.orig/conf/db.0 bind-9.3.1/conf/db.0 ---- bind-9.3.1.orig/conf/db.0 1970-01-01 01:00:00.000000000 +0100 -+++ bind-9.3.1/conf/db.0 2005-07-10 22:14:00.000000000 +0200 -@@ -0,0 +1,12 @@ -+; -+; BIND reverse data file for broadcast zone -+; -+$TTL 604800 -+@ IN SOA localhost. root.localhost. ( -+ 1 ; Serial -+ 604800 ; Refresh -+ 86400 ; Retry -+ 2419200 ; Expire -+ 604800 ) ; Negative Cache TTL -+; -+@ IN NS localhost. -diff -urN bind-9.3.1.orig/conf/db.127 bind-9.3.1/conf/db.127 ---- bind-9.3.1.orig/conf/db.127 1970-01-01 01:00:00.000000000 +0100 -+++ bind-9.3.1/conf/db.127 2005-07-10 22:14:00.000000000 +0200 -@@ -0,0 +1,13 @@ -+; -+; BIND reverse data file for local loopback interface -+; -+$TTL 604800 -+@ IN SOA localhost. root.localhost. ( -+ 1 ; Serial -+ 604800 ; Refresh -+ 86400 ; Retry -+ 2419200 ; Expire -+ 604800 ) ; Negative Cache TTL -+; -+@ IN NS localhost. -+1.0.0 IN PTR localhost. -diff -urN bind-9.3.1.orig/conf/db.empty bind-9.3.1/conf/db.empty ---- bind-9.3.1.orig/conf/db.empty 1970-01-01 01:00:00.000000000 +0100 -+++ bind-9.3.1/conf/db.empty 2005-07-10 22:14:00.000000000 +0200 -@@ -0,0 +1,14 @@ -+; BIND reverse data file for empty rfc1918 zone -+; -+; DO NOT EDIT THIS FILE - it is used for multiple zones. -+; Instead, copy it, edit named.conf, and use that copy. -+; -+$TTL 86400 -+@ IN SOA localhost. root.localhost. ( -+ 1 ; Serial -+ 604800 ; Refresh -+ 86400 ; Retry -+ 2419200 ; Expire -+ 86400 ) ; Negative Cache TTL -+; -+@ IN NS localhost. -diff -urN bind-9.3.1.orig/conf/db.255 bind-9.3.1/conf/db.255 ---- bind-9.3.1.orig/conf/db.255 1970-01-01 01:00:00.000000000 +0100 -+++ bind-9.3.1/conf/db.255 2005-07-10 22:14:00.000000000 +0200 -@@ -0,0 +1,12 @@ -+; -+; BIND reserve data file for broadcast zone -+; -+$TTL 604800 -+@ IN SOA localhost. root.localhost. ( -+ 1 ; Serial -+ 604800 ; Refresh -+ 86400 ; Retry -+ 2419200 ; Expire -+ 604800 ) ; Negative Cache TTL -+; -+@ IN NS localhost. -diff -urN bind-9.3.1.orig/conf/db.local bind-9.3.1/conf/db.local ---- bind-9.3.1.orig/conf/db.local 1970-01-01 01:00:00.000000000 +0100 -+++ bind-9.3.1/conf/db.local 2005-07-10 22:14:00.000000000 +0200 -@@ -0,0 +1,13 @@ -+; -+; BIND data file for local loopback interface -+; -+$TTL 604800 -+@ IN SOA localhost. root.localhost. ( -+ 1 ; Serial -+ 604800 ; Refresh -+ 86400 ; Retry -+ 2419200 ; Expire -+ 604800 ) ; Negative Cache TTL -+; -+@ IN NS localhost. -+@ IN A 127.0.0.1 -diff -urN bind-9.3.1.orig/conf/db.root bind-9.3.1/conf/db.root ---- bind-9.3.1.orig/conf/db.root 1970-01-01 01:00:00.000000000 +0100 -+++ bind-9.3.1/conf/db.root 2005-07-10 22:14:00.000000000 +0200 -@@ -0,0 +1,45 @@ -+ -+; <<>> DiG 9.2.3 <<>> ns . @a.root-servers.net. -+;; global options: printcmd -+;; Got answer: -+;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18944 -+;; flags: qr aa rd; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 13 -+ -+;; QUESTION SECTION: -+;. IN NS -+ -+;; ANSWER SECTION: -+. 518400 IN NS A.ROOT-SERVERS.NET. -+. 518400 IN NS B.ROOT-SERVERS.NET. -+. 518400 IN NS C.ROOT-SERVERS.NET. -+. 518400 IN NS D.ROOT-SERVERS.NET. -+. 518400 IN NS E.ROOT-SERVERS.NET. -+. 518400 IN NS F.ROOT-SERVERS.NET. -+. 518400 IN NS G.ROOT-SERVERS.NET. -+. 518400 IN NS H.ROOT-SERVERS.NET. -+. 518400 IN NS I.ROOT-SERVERS.NET. -+. 518400 IN NS J.ROOT-SERVERS.NET. -+. 518400 IN NS K.ROOT-SERVERS.NET. -+. 518400 IN NS L.ROOT-SERVERS.NET. -+. 518400 IN NS M.ROOT-SERVERS.NET. -+ -+;; ADDITIONAL SECTION: -+A.ROOT-SERVERS.NET. 3600000 IN A 198.41.0.4 -+B.ROOT-SERVERS.NET. 3600000 IN A 192.228.79.201 -+C.ROOT-SERVERS.NET. 3600000 IN A 192.33.4.12 -+D.ROOT-SERVERS.NET. 3600000 IN A 128.8.10.90 -+E.ROOT-SERVERS.NET. 3600000 IN A 192.203.230.10 -+F.ROOT-SERVERS.NET. 3600000 IN A 192.5.5.241 -+G.ROOT-SERVERS.NET. 3600000 IN A 192.112.36.4 -+H.ROOT-SERVERS.NET. 3600000 IN A 128.63.2.53 -+I.ROOT-SERVERS.NET. 3600000 IN A 192.36.148.17 -+J.ROOT-SERVERS.NET. 3600000 IN A 192.58.128.30 -+K.ROOT-SERVERS.NET. 3600000 IN A 193.0.14.129 -+L.ROOT-SERVERS.NET. 3600000 IN A 198.32.64.12 -+M.ROOT-SERVERS.NET. 3600000 IN A 202.12.27.33 -+ -+;; Query time: 81 msec -+;; SERVER: 198.41.0.4#53(a.root-servers.net.) -+;; WHEN: Sun Feb 1 11:27:14 2004 -+;; MSG SIZE rcvd: 436 -+ -diff -urN bind-9.3.1.orig/conf/named.conf bind-9.3.1/conf/named.conf ---- bind-9.3.1.orig/conf/named.conf 1970-01-01 01:00:00.000000000 +0100 -+++ bind-9.3.1/conf/named.conf 2005-07-10 22:33:46.000000000 +0200 -@@ -0,0 +1,49 @@ -+// This is the primary configuration file for the BIND DNS server named. -+// -+// If you are just adding zones, please do that in /etc/bind/named.conf.local -+ -+include "/etc/bind/named.conf.options"; -+ -+// prime the server with knowledge of the root servers -+zone "." { -+ type hint; -+ file "/etc/bind/db.root"; -+}; -+ -+// be authoritative for the localhost forward and reverse zones, and for -+// broadcast zones as per RFC 1912 -+ -+zone "localhost" { -+ type master; -+ file "/etc/bind/db.local"; -+}; -+ -+zone "127.in-addr.arpa" { -+ type master; -+ file "/etc/bind/db.127"; -+}; -+ -+zone "0.in-addr.arpa" { -+ type master; -+ file "/etc/bind/db.0"; -+}; -+ -+zone "255.in-addr.arpa" { -+ type master; -+ file "/etc/bind/db.255"; -+}; -+ -+// zone "com" { type delegation-only; }; -+// zone "net" { type delegation-only; }; -+ -+// From the release notes: -+// Because many of our users are uncomfortable receiving undelegated answers -+// from root or top level domains, other than a few for whom that behaviour -+// has been trusted and expected for quite some length of time, we have now -+// introduced the "root-delegations-only" feature which applies delegation-only -+// logic to all top level domains, and to the root domain. An exception list -+// should be specified, including "MUSEUM" and "DE", and any other top level -+// domains from whom undelegated responses are expected and trusted. -+// root-delegation-only exclude { "DE"; "MUSEUM"; }; -+ -+include "/etc/bind/named.conf.local"; -diff -urN bind-9.3.1.orig/conf/named.conf.local bind-9.3.1/conf/named.conf.local ---- bind-9.3.1.orig/conf/named.conf.local 1970-01-01 01:00:00.000000000 +0100 -+++ bind-9.3.1/conf/named.conf.local 2005-07-10 22:14:06.000000000 +0200 -@@ -0,0 +1,8 @@ -+// -+// Do any local configuration here -+// -+ -+// Consider adding the 1918 zones here, if they are not used in your -+// organization -+//include "/etc/bind/zones.rfc1918"; -+ -diff -urN bind-9.3.1.orig/conf/named.conf.options bind-9.3.1/conf/named.conf.options ---- bind-9.3.1.orig/conf/named.conf.options 1970-01-01 01:00:00.000000000 +0100 -+++ bind-9.3.1/conf/named.conf.options 2005-07-10 22:14:06.000000000 +0200 -@@ -0,0 +1,24 @@ -+options { -+ directory "/var/cache/bind"; -+ -+ // If there is a firewall between you and nameservers you want -+ // to talk to, you might need to uncomment the query-source -+ // directive below. Previous versions of BIND always asked -+ // questions using port 53, but BIND 8.1 and later use an unprivileged -+ // port by default. -+ -+ // query-source address * port 53; -+ -+ // If your ISP provided one or more IP addresses for stable -+ // nameservers, you probably want to use them as forwarders. -+ // Uncomment the following block, and insert the addresses replacing -+ // the all-0's placeholder. -+ -+ // forwarders { -+ // 0.0.0.0; -+ // }; -+ -+ auth-nxdomain no; # conform to RFC1035 -+ -+}; -+ -diff -urN bind-9.3.1.orig/conf/zones.rfc1918 bind-9.3.1/conf/zones.rfc1918 ---- bind-9.3.1.orig/conf/zones.rfc1918 1970-01-01 01:00:00.000000000 +0100 -+++ bind-9.3.1/conf/zones.rfc1918 2005-07-10 22:14:10.000000000 +0200 -@@ -0,0 +1,20 @@ -+zone "10.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; -+ -+zone "16.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; -+zone "17.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; -+zone "18.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; -+zone "19.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; -+zone "20.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; -+zone "21.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; -+zone "22.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; -+zone "23.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; -+zone "24.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; -+zone "25.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; -+zone "26.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; -+zone "27.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; -+zone "28.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; -+zone "29.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; -+zone "30.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; -+zone "31.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; -+ -+zone "168.192.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; -diff -urN bind-9.3.1.orig/init.d bind-9.3.1/init.d ---- bind-9.3.1.orig/init.d 1970-01-01 01:00:00.000000000 +0100 -+++ bind-9.3.1/init.d 2005-07-10 23:09:58.000000000 +0200 -@@ -0,0 +1,70 @@ -+#!/bin/sh -+ -+PATH=/sbin:/bin:/usr/sbin:/usr/bin -+ -+# for a chrooted server: "-u bind -t /var/lib/named" -+# Don't modify this line, change or create /etc/default/bind9. -+OPTIONS="" -+ -+test -f /etc/default/bind9 && . /etc/default/bind9 -+ -+test -x /usr/sbin/rndc || exit 0 -+ -+case "$1" in -+ start) -+ echo -n "Starting domain name service: named" -+ -+ modprobe capability >/dev/null 2>&1 || true -+ if [ ! -f /etc/bind/rndc.key ]; then -+ /usr/sbin/rndc-confgen -a -b 512 -r /dev/urandom -+ chmod 0640 /etc/bind/rndc.key -+ fi -+ if [ -f /var/run/named/named.pid ]; then -+ ps `cat /var/run/named/named.pid` > /dev/null && exit 1 -+ fi -+ -+ # dirs under /var/run can go away on reboots. -+ mkdir -p /var/run/named -+ mkdir -p /var/cache/bind -+ chmod 775 /var/run/named -+ chown root:bind /var/run/named >/dev/null 2>&1 || true -+ -+ if [ ! -x /usr/sbin/named ]; then -+ echo "named binary missing - not starting" -+ exit 1 -+ fi -+ if start-stop-daemon --start --quiet --exec /usr/sbin/named \ -+ --pidfile /var/run/named/named.pid -- $OPTIONS; then -+ if [ -x /sbin/resolvconf ] ; then -+ echo "nameserver 127.0.0.1" | /sbin/resolvconf -a lo -+ fi -+ fi -+ echo "." -+ ;; -+ -+ stop) -+ echo -n "Stopping domain name service: named" -+ if [ -x /sbin/resolvconf ]; then -+ /sbin/resolvconf -d lo -+ fi -+ /usr/sbin/rndc stop >/dev/null 2>&1 -+ echo "." -+ ;; -+ -+ reload) -+ /usr/sbin/rndc reload -+ ;; -+ -+ restart|force-reload) -+ $0 stop -+ sleep 2 -+ $0 start -+ ;; -+ -+ *) -+ echo "Usage: /etc/init.d/bind {start|stop|reload|restart|force-reload}" >&2 -+ exit 1 -+ ;; -+esac -+ -+exit 0 diff --git a/poky/meta/recipes-connectivity/bind/bind-9.16.5/generate-rndc-key.sh b/poky/meta/recipes-connectivity/bind/bind-9.16.5/generate-rndc-key.sh deleted file mode 100644 index ef915c0ae..000000000 --- a/poky/meta/recipes-connectivity/bind/bind-9.16.5/generate-rndc-key.sh +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/sh - -if [ ! -s /etc/bind/rndc.key ]; then - echo -n "Generating /etc/bind/rndc.key:" - /usr/sbin/rndc-confgen -a -b 512 -r /dev/urandom - chown root:bind /etc/bind/rndc.key - chmod 0640 /etc/bind/rndc.key -fi diff --git a/poky/meta/recipes-connectivity/bind/bind-9.16.5/init.d-add-support-for-read-only-rootfs.patch b/poky/meta/recipes-connectivity/bind/bind-9.16.5/init.d-add-support-for-read-only-rootfs.patch deleted file mode 100644 index 11db95ede..000000000 --- a/poky/meta/recipes-connectivity/bind/bind-9.16.5/init.d-add-support-for-read-only-rootfs.patch +++ /dev/null @@ -1,65 +0,0 @@ -Subject: init.d: add support for read-only rootfs - -Upstream-Status: Inappropriate [oe specific] - -Signed-off-by: Chen Qi ---- - init.d | 40 ++++++++++++++++++++++++++++++++++++++++ - 1 file changed, 40 insertions(+) - -diff --git a/init.d b/init.d -index 0111ed4..24677c8 100644 ---- a/init.d -+++ b/init.d -@@ -6,8 +6,48 @@ PATH=/sbin:/bin:/usr/sbin:/usr/bin - # Don't modify this line, change or create /etc/default/bind9. - OPTIONS="" - -+test -f /etc/default/rcS && . /etc/default/rcS - test -f /etc/default/bind9 && . /etc/default/bind9 - -+# This function is here because it's possible that /var and / are on different partitions. -+is_on_read_only_partition () { -+ DIRECTORY=$1 -+ dir=`readlink -f $DIRECTORY` -+ while true; do -+ if [ ! -d "$dir" ]; then -+ echo "ERROR: $dir is not a directory" -+ exit 1 -+ else -+ for flag in `awk -v dir=$dir '{ if ($2 == dir) { print "FOUND"; split($4,FLAGS,",") } }; \ -+ END { for (f in FLAGS) print FLAGS[f] }' < /proc/mounts`; do -+ [ "$flag" = "FOUND" ] && partition="read-write" -+ [ "$flag" = "ro" ] && { partition="read-only"; break; } -+ done -+ if [ "$dir" = "/" -o -n "$partition" ]; then -+ break -+ else -+ dir=`dirname $dir` -+ fi -+ fi -+ done -+ [ "$partition" = "read-only" ] && echo "yes" || echo "no" -+} -+ -+bind_mount () { -+ olddir=$1 -+ newdir=$2 -+ mkdir -p $olddir -+ cp -a $newdir/* $olddir -+ mount --bind $olddir $newdir -+} -+ -+# Deal with read-only rootfs -+if [ "$ROOTFS_READ_ONLY" = "yes" ]; then -+ [ "$VERBOSE" != "no" ] && echo "WARN: start bind service in read-only rootfs" -+ [ `is_on_read_only_partition /etc/bind` = "yes" ] && bind_mount /var/volatile/bind/etc /etc/bind -+ [ `is_on_read_only_partition /var/named` = "yes" ] && bind_mount /var/volatile/bind/named /var/named -+fi -+ - test -x /usr/sbin/rndc || exit 0 - - case "$1" in --- -1.7.9.5 - diff --git a/poky/meta/recipes-connectivity/bind/bind-9.16.5/make-etc-initd-bind-stop-work.patch b/poky/meta/recipes-connectivity/bind/bind-9.16.5/make-etc-initd-bind-stop-work.patch deleted file mode 100644 index 146f3e35d..000000000 --- a/poky/meta/recipes-connectivity/bind/bind-9.16.5/make-etc-initd-bind-stop-work.patch +++ /dev/null @@ -1,42 +0,0 @@ -bind: make "/etc/init.d/bind stop" work - -Upstream-Status: Inappropriate [configuration] - -Add some configurations, make rndc command be able to controls -the named daemon. - -Signed-off-by: Roy Li ---- - conf/named.conf | 5 +++++ - conf/rndc.conf | 5 +++++ - 2 files changed, 10 insertions(+), 0 deletions(-) - create mode 100644 conf/rndc.conf - -diff --git a/conf/named.conf b/conf/named.conf -index 95829cf..c8899e7 100644 ---- a/conf/named.conf -+++ b/conf/named.conf -@@ -47,3 +47,8 @@ zone "255.in-addr.arpa" { - // root-delegation-only exclude { "DE"; "MUSEUM"; }; - - include "/etc/bind/named.conf.local"; -+include "/etc/bind/rndc.key" ; -+controls { -+ inet 127.0.0.1 allow { localhost; } -+ keys { rndc-key; }; -+}; -diff --git a/conf/rndc.conf b/conf/rndc.conf -new file mode 100644 -index 0000000..a0b481d ---- /dev/null -+++ b/conf/rndc.conf -@@ -0,0 +1,5 @@ -+include "/etc/bind/rndc.key"; -+options { -+ default-server localhost; -+ default-key rndc-key; -+}; - --- -1.7.5.4 - diff --git a/poky/meta/recipes-connectivity/bind/bind-9.16.5/named.service b/poky/meta/recipes-connectivity/bind/bind-9.16.5/named.service deleted file mode 100644 index cda56ef01..000000000 --- a/poky/meta/recipes-connectivity/bind/bind-9.16.5/named.service +++ /dev/null @@ -1,22 +0,0 @@ -[Unit] -Description=Berkeley Internet Name Domain (DNS) -Wants=nss-lookup.target -Before=nss-lookup.target -After=network.target - -[Service] -Type=forking -EnvironmentFile=-/etc/default/bind9 -PIDFile=/run/named/named.pid - -ExecStartPre=@SBINDIR@/generate-rndc-key.sh -ExecStart=@SBINDIR@/named $OPTIONS - -ExecReload=@BASE_BINDIR@/sh -c '@SBINDIR@/rndc reload > /dev/null 2>&1 || @BASE_BINDIR@/kill -HUP $MAINPID' - -ExecStop=@BASE_BINDIR@/sh -c '@SBINDIR@/rndc stop > /dev/null 2>&1 || @BASE_BINDIR@/kill -TERM $MAINPID' - -PrivateTmp=true - -[Install] -WantedBy=multi-user.target diff --git a/poky/meta/recipes-connectivity/bind/bind-9.16.7/0001-avoid-start-failure-with-bind-user.patch b/poky/meta/recipes-connectivity/bind/bind-9.16.7/0001-avoid-start-failure-with-bind-user.patch new file mode 100644 index 000000000..8db96ec04 --- /dev/null +++ b/poky/meta/recipes-connectivity/bind/bind-9.16.7/0001-avoid-start-failure-with-bind-user.patch @@ -0,0 +1,27 @@ +From 31dde3562f287429eea94b77250d184818b49063 Mon Sep 17 00:00:00 2001 +From: Chen Qi +Date: Mon, 15 Oct 2018 16:55:09 +0800 +Subject: [PATCH] avoid start failure with bind user + +Upstream-Status: Pending + +Signed-off-by: Chen Qi +--- + init.d | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/init.d b/init.d +index b2eec60..6e03936 100644 +--- a/init.d ++++ b/init.d +@@ -57,6 +57,7 @@ case "$1" in + modprobe capability >/dev/null 2>&1 || true + if [ ! -f /etc/bind/rndc.key ]; then + /usr/sbin/rndc-confgen -a -b 512 -r /dev/urandom ++ chown root:bind /etc/bind/rndc.key >/dev/null 2>&1 || true + chmod 0640 /etc/bind/rndc.key + fi + if [ -f /var/run/named/named.pid ]; then +-- +2.7.4 + diff --git a/poky/meta/recipes-connectivity/bind/bind-9.16.7/0001-named-lwresd-V-and-start-log-hide-build-options.patch b/poky/meta/recipes-connectivity/bind/bind-9.16.7/0001-named-lwresd-V-and-start-log-hide-build-options.patch new file mode 100644 index 000000000..5bcc16c9b --- /dev/null +++ b/poky/meta/recipes-connectivity/bind/bind-9.16.7/0001-named-lwresd-V-and-start-log-hide-build-options.patch @@ -0,0 +1,35 @@ +From a3af4a405baf5ff582e82aaba392dd9667d94bdc Mon Sep 17 00:00:00 2001 +From: Hongxu Jia +Date: Mon, 27 Aug 2018 21:24:20 +0800 +Subject: [PATCH] `named/lwresd -V' and start log hide build options + +The build options expose build path directories, so hide them. +[snip] +$ named -V +|built by make with *** (options are hidden) +[snip] + +Upstream-Status: Inappropriate [oe-core specific] + +Signed-off-by: Hongxu Jia + +Refreshed for 9.16.0 +Signed-off-by: Armin Kuster + +--- + bin/named/include/named/globals.h | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +Index: bind-9.16.0/bin/named/include/named/globals.h +=================================================================== +--- bind-9.16.0.orig/bin/named/include/named/globals.h ++++ bind-9.16.0/bin/named/include/named/globals.h +@@ -69,7 +69,7 @@ EXTERN const char *named_g_version I + EXTERN const char *named_g_product INIT(PRODUCT); + EXTERN const char *named_g_description INIT(DESCRIPTION); + EXTERN const char *named_g_srcid INIT(SRCID); +-EXTERN const char *named_g_configargs INIT(CONFIGARGS); ++EXTERN const char *named_g_configargs INIT("*** (options are hidden)"); + EXTERN const char *named_g_builder INIT(BUILDER); + EXTERN in_port_t named_g_port INIT(0); + EXTERN isc_dscp_t named_g_dscp INIT(-1); diff --git a/poky/meta/recipes-connectivity/bind/bind-9.16.7/bind-ensure-searching-for-json-headers-searches-sysr.patch b/poky/meta/recipes-connectivity/bind/bind-9.16.7/bind-ensure-searching-for-json-headers-searches-sysr.patch new file mode 100644 index 000000000..f9cdc7ca4 --- /dev/null +++ b/poky/meta/recipes-connectivity/bind/bind-9.16.7/bind-ensure-searching-for-json-headers-searches-sysr.patch @@ -0,0 +1,47 @@ +From edda20fb5a6e88548f85e39d34d6c074306e15bc Mon Sep 17 00:00:00 2001 +From: Paul Gortmaker +Date: Tue, 9 Jun 2015 11:22:00 -0400 +Subject: [PATCH] bind: ensure searching for json headers searches sysroot + +Bind can fail configure by detecting headers w/o libs[1], or +it can fail the host contamination check as per below: + +ERROR: This autoconf log indicates errors, it looked at host include and/or library paths while determining system capabilities. +Rerun configure task after fixing this. The path was 'build/tmp/work/core2-64-poky-linux/bind/9.10.2-r1/build' +ERROR: Function failed: do_qa_configure +ERROR: Logfile of failure stored in: build/tmp/work/core2-64-poky-linux/bind/9.10.2-r1/temp/log.do_configure.5242 +ERROR: Task 5 (meta/recipes-connectivity/bind/bind_9.10.2.bb, do_configure) failed with exit code '1' +NOTE: Tasks Summary: Attempted 773 tasks of which 768 didn't need to be rerun and 1 failed. +No currently running tasks (773 of 781) + +Summary: 1 task failed: + /meta/recipes-connectivity/bind/bind_9.10.2.bb, do_configure + +One way to fix it would be to unconditionally disable json in bind +configure[2] but here we fix it by using the path to where we would +put the header if we had json in the sysroot, in case someone wants +to make use of the combination some day. + +[1] https://trac.macports.org/ticket/45305 +[2] https://trac.macports.org/changeset/126406 + +Upstream-Status: Inappropriate [OE Specific] +Signed-off-by: Paul Gortmaker + +--- + configure.ac | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +Index: bind-9.16.4/configure.ac +=================================================================== +--- bind-9.16.4.orig/configure.ac ++++ bind-9.16.4/configure.ac +@@ -1232,7 +1232,7 @@ case "$use_lmdb" in + LMDB_LIBS="" + ;; + auto|yes) +- for d in /usr /usr/local /opt/local ++ for d in "${STAGING_INCDIR}" + do + if test -f "${d}/include/lmdb.h" + then diff --git a/poky/meta/recipes-connectivity/bind/bind-9.16.7/bind9 b/poky/meta/recipes-connectivity/bind/bind-9.16.7/bind9 new file mode 100644 index 000000000..968679ff7 --- /dev/null +++ b/poky/meta/recipes-connectivity/bind/bind-9.16.7/bind9 @@ -0,0 +1,2 @@ +# startup options for the server +OPTIONS="-u bind" diff --git a/poky/meta/recipes-connectivity/bind/bind-9.16.7/conf.patch b/poky/meta/recipes-connectivity/bind/bind-9.16.7/conf.patch new file mode 100644 index 000000000..aad345f9f --- /dev/null +++ b/poky/meta/recipes-connectivity/bind/bind-9.16.7/conf.patch @@ -0,0 +1,330 @@ +Upstream-Status: Inappropriate [configuration] + +the patch is imported from openembedded project + +11/30/2010 - Qing He + +diff -urN bind-9.3.1.orig/conf/db.0 bind-9.3.1/conf/db.0 +--- bind-9.3.1.orig/conf/db.0 1970-01-01 01:00:00.000000000 +0100 ++++ bind-9.3.1/conf/db.0 2005-07-10 22:14:00.000000000 +0200 +@@ -0,0 +1,12 @@ ++; ++; BIND reverse data file for broadcast zone ++; ++$TTL 604800 ++@ IN SOA localhost. root.localhost. ( ++ 1 ; Serial ++ 604800 ; Refresh ++ 86400 ; Retry ++ 2419200 ; Expire ++ 604800 ) ; Negative Cache TTL ++; ++@ IN NS localhost. +diff -urN bind-9.3.1.orig/conf/db.127 bind-9.3.1/conf/db.127 +--- bind-9.3.1.orig/conf/db.127 1970-01-01 01:00:00.000000000 +0100 ++++ bind-9.3.1/conf/db.127 2005-07-10 22:14:00.000000000 +0200 +@@ -0,0 +1,13 @@ ++; ++; BIND reverse data file for local loopback interface ++; ++$TTL 604800 ++@ IN SOA localhost. root.localhost. ( ++ 1 ; Serial ++ 604800 ; Refresh ++ 86400 ; Retry ++ 2419200 ; Expire ++ 604800 ) ; Negative Cache TTL ++; ++@ IN NS localhost. ++1.0.0 IN PTR localhost. +diff -urN bind-9.3.1.orig/conf/db.empty bind-9.3.1/conf/db.empty +--- bind-9.3.1.orig/conf/db.empty 1970-01-01 01:00:00.000000000 +0100 ++++ bind-9.3.1/conf/db.empty 2005-07-10 22:14:00.000000000 +0200 +@@ -0,0 +1,14 @@ ++; BIND reverse data file for empty rfc1918 zone ++; ++; DO NOT EDIT THIS FILE - it is used for multiple zones. ++; Instead, copy it, edit named.conf, and use that copy. ++; ++$TTL 86400 ++@ IN SOA localhost. root.localhost. ( ++ 1 ; Serial ++ 604800 ; Refresh ++ 86400 ; Retry ++ 2419200 ; Expire ++ 86400 ) ; Negative Cache TTL ++; ++@ IN NS localhost. +diff -urN bind-9.3.1.orig/conf/db.255 bind-9.3.1/conf/db.255 +--- bind-9.3.1.orig/conf/db.255 1970-01-01 01:00:00.000000000 +0100 ++++ bind-9.3.1/conf/db.255 2005-07-10 22:14:00.000000000 +0200 +@@ -0,0 +1,12 @@ ++; ++; BIND reserve data file for broadcast zone ++; ++$TTL 604800 ++@ IN SOA localhost. root.localhost. ( ++ 1 ; Serial ++ 604800 ; Refresh ++ 86400 ; Retry ++ 2419200 ; Expire ++ 604800 ) ; Negative Cache TTL ++; ++@ IN NS localhost. +diff -urN bind-9.3.1.orig/conf/db.local bind-9.3.1/conf/db.local +--- bind-9.3.1.orig/conf/db.local 1970-01-01 01:00:00.000000000 +0100 ++++ bind-9.3.1/conf/db.local 2005-07-10 22:14:00.000000000 +0200 +@@ -0,0 +1,13 @@ ++; ++; BIND data file for local loopback interface ++; ++$TTL 604800 ++@ IN SOA localhost. root.localhost. ( ++ 1 ; Serial ++ 604800 ; Refresh ++ 86400 ; Retry ++ 2419200 ; Expire ++ 604800 ) ; Negative Cache TTL ++; ++@ IN NS localhost. ++@ IN A 127.0.0.1 +diff -urN bind-9.3.1.orig/conf/db.root bind-9.3.1/conf/db.root +--- bind-9.3.1.orig/conf/db.root 1970-01-01 01:00:00.000000000 +0100 ++++ bind-9.3.1/conf/db.root 2005-07-10 22:14:00.000000000 +0200 +@@ -0,0 +1,45 @@ ++ ++; <<>> DiG 9.2.3 <<>> ns . @a.root-servers.net. ++;; global options: printcmd ++;; Got answer: ++;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18944 ++;; flags: qr aa rd; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 13 ++ ++;; QUESTION SECTION: ++;. IN NS ++ ++;; ANSWER SECTION: ++. 518400 IN NS A.ROOT-SERVERS.NET. ++. 518400 IN NS B.ROOT-SERVERS.NET. ++. 518400 IN NS C.ROOT-SERVERS.NET. ++. 518400 IN NS D.ROOT-SERVERS.NET. ++. 518400 IN NS E.ROOT-SERVERS.NET. ++. 518400 IN NS F.ROOT-SERVERS.NET. ++. 518400 IN NS G.ROOT-SERVERS.NET. ++. 518400 IN NS H.ROOT-SERVERS.NET. ++. 518400 IN NS I.ROOT-SERVERS.NET. ++. 518400 IN NS J.ROOT-SERVERS.NET. ++. 518400 IN NS K.ROOT-SERVERS.NET. ++. 518400 IN NS L.ROOT-SERVERS.NET. ++. 518400 IN NS M.ROOT-SERVERS.NET. ++ ++;; ADDITIONAL SECTION: ++A.ROOT-SERVERS.NET. 3600000 IN A 198.41.0.4 ++B.ROOT-SERVERS.NET. 3600000 IN A 192.228.79.201 ++C.ROOT-SERVERS.NET. 3600000 IN A 192.33.4.12 ++D.ROOT-SERVERS.NET. 3600000 IN A 128.8.10.90 ++E.ROOT-SERVERS.NET. 3600000 IN A 192.203.230.10 ++F.ROOT-SERVERS.NET. 3600000 IN A 192.5.5.241 ++G.ROOT-SERVERS.NET. 3600000 IN A 192.112.36.4 ++H.ROOT-SERVERS.NET. 3600000 IN A 128.63.2.53 ++I.ROOT-SERVERS.NET. 3600000 IN A 192.36.148.17 ++J.ROOT-SERVERS.NET. 3600000 IN A 192.58.128.30 ++K.ROOT-SERVERS.NET. 3600000 IN A 193.0.14.129 ++L.ROOT-SERVERS.NET. 3600000 IN A 198.32.64.12 ++M.ROOT-SERVERS.NET. 3600000 IN A 202.12.27.33 ++ ++;; Query time: 81 msec ++;; SERVER: 198.41.0.4#53(a.root-servers.net.) ++;; WHEN: Sun Feb 1 11:27:14 2004 ++;; MSG SIZE rcvd: 436 ++ +diff -urN bind-9.3.1.orig/conf/named.conf bind-9.3.1/conf/named.conf +--- bind-9.3.1.orig/conf/named.conf 1970-01-01 01:00:00.000000000 +0100 ++++ bind-9.3.1/conf/named.conf 2005-07-10 22:33:46.000000000 +0200 +@@ -0,0 +1,49 @@ ++// This is the primary configuration file for the BIND DNS server named. ++// ++// If you are just adding zones, please do that in /etc/bind/named.conf.local ++ ++include "/etc/bind/named.conf.options"; ++ ++// prime the server with knowledge of the root servers ++zone "." { ++ type hint; ++ file "/etc/bind/db.root"; ++}; ++ ++// be authoritative for the localhost forward and reverse zones, and for ++// broadcast zones as per RFC 1912 ++ ++zone "localhost" { ++ type master; ++ file "/etc/bind/db.local"; ++}; ++ ++zone "127.in-addr.arpa" { ++ type master; ++ file "/etc/bind/db.127"; ++}; ++ ++zone "0.in-addr.arpa" { ++ type master; ++ file "/etc/bind/db.0"; ++}; ++ ++zone "255.in-addr.arpa" { ++ type master; ++ file "/etc/bind/db.255"; ++}; ++ ++// zone "com" { type delegation-only; }; ++// zone "net" { type delegation-only; }; ++ ++// From the release notes: ++// Because many of our users are uncomfortable receiving undelegated answers ++// from root or top level domains, other than a few for whom that behaviour ++// has been trusted and expected for quite some length of time, we have now ++// introduced the "root-delegations-only" feature which applies delegation-only ++// logic to all top level domains, and to the root domain. An exception list ++// should be specified, including "MUSEUM" and "DE", and any other top level ++// domains from whom undelegated responses are expected and trusted. ++// root-delegation-only exclude { "DE"; "MUSEUM"; }; ++ ++include "/etc/bind/named.conf.local"; +diff -urN bind-9.3.1.orig/conf/named.conf.local bind-9.3.1/conf/named.conf.local +--- bind-9.3.1.orig/conf/named.conf.local 1970-01-01 01:00:00.000000000 +0100 ++++ bind-9.3.1/conf/named.conf.local 2005-07-10 22:14:06.000000000 +0200 +@@ -0,0 +1,8 @@ ++// ++// Do any local configuration here ++// ++ ++// Consider adding the 1918 zones here, if they are not used in your ++// organization ++//include "/etc/bind/zones.rfc1918"; ++ +diff -urN bind-9.3.1.orig/conf/named.conf.options bind-9.3.1/conf/named.conf.options +--- bind-9.3.1.orig/conf/named.conf.options 1970-01-01 01:00:00.000000000 +0100 ++++ bind-9.3.1/conf/named.conf.options 2005-07-10 22:14:06.000000000 +0200 +@@ -0,0 +1,24 @@ ++options { ++ directory "/var/cache/bind"; ++ ++ // If there is a firewall between you and nameservers you want ++ // to talk to, you might need to uncomment the query-source ++ // directive below. Previous versions of BIND always asked ++ // questions using port 53, but BIND 8.1 and later use an unprivileged ++ // port by default. ++ ++ // query-source address * port 53; ++ ++ // If your ISP provided one or more IP addresses for stable ++ // nameservers, you probably want to use them as forwarders. ++ // Uncomment the following block, and insert the addresses replacing ++ // the all-0's placeholder. ++ ++ // forwarders { ++ // 0.0.0.0; ++ // }; ++ ++ auth-nxdomain no; # conform to RFC1035 ++ ++}; ++ +diff -urN bind-9.3.1.orig/conf/zones.rfc1918 bind-9.3.1/conf/zones.rfc1918 +--- bind-9.3.1.orig/conf/zones.rfc1918 1970-01-01 01:00:00.000000000 +0100 ++++ bind-9.3.1/conf/zones.rfc1918 2005-07-10 22:14:10.000000000 +0200 +@@ -0,0 +1,20 @@ ++zone "10.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; ++ ++zone "16.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; ++zone "17.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; ++zone "18.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; ++zone "19.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; ++zone "20.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; ++zone "21.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; ++zone "22.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; ++zone "23.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; ++zone "24.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; ++zone "25.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; ++zone "26.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; ++zone "27.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; ++zone "28.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; ++zone "29.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; ++zone "30.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; ++zone "31.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; ++ ++zone "168.192.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; +diff -urN bind-9.3.1.orig/init.d bind-9.3.1/init.d +--- bind-9.3.1.orig/init.d 1970-01-01 01:00:00.000000000 +0100 ++++ bind-9.3.1/init.d 2005-07-10 23:09:58.000000000 +0200 +@@ -0,0 +1,70 @@ ++#!/bin/sh ++ ++PATH=/sbin:/bin:/usr/sbin:/usr/bin ++ ++# for a chrooted server: "-u bind -t /var/lib/named" ++# Don't modify this line, change or create /etc/default/bind9. ++OPTIONS="" ++ ++test -f /etc/default/bind9 && . /etc/default/bind9 ++ ++test -x /usr/sbin/rndc || exit 0 ++ ++case "$1" in ++ start) ++ echo -n "Starting domain name service: named" ++ ++ modprobe capability >/dev/null 2>&1 || true ++ if [ ! -f /etc/bind/rndc.key ]; then ++ /usr/sbin/rndc-confgen -a -b 512 -r /dev/urandom ++ chmod 0640 /etc/bind/rndc.key ++ fi ++ if [ -f /var/run/named/named.pid ]; then ++ ps `cat /var/run/named/named.pid` > /dev/null && exit 1 ++ fi ++ ++ # dirs under /var/run can go away on reboots. ++ mkdir -p /var/run/named ++ mkdir -p /var/cache/bind ++ chmod 775 /var/run/named ++ chown root:bind /var/run/named >/dev/null 2>&1 || true ++ ++ if [ ! -x /usr/sbin/named ]; then ++ echo "named binary missing - not starting" ++ exit 1 ++ fi ++ if start-stop-daemon --start --quiet --exec /usr/sbin/named \ ++ --pidfile /var/run/named/named.pid -- $OPTIONS; then ++ if [ -x /sbin/resolvconf ] ; then ++ echo "nameserver 127.0.0.1" | /sbin/resolvconf -a lo ++ fi ++ fi ++ echo "." ++ ;; ++ ++ stop) ++ echo -n "Stopping domain name service: named" ++ if [ -x /sbin/resolvconf ]; then ++ /sbin/resolvconf -d lo ++ fi ++ /usr/sbin/rndc stop >/dev/null 2>&1 ++ echo "." ++ ;; ++ ++ reload) ++ /usr/sbin/rndc reload ++ ;; ++ ++ restart|force-reload) ++ $0 stop ++ sleep 2 ++ $0 start ++ ;; ++ ++ *) ++ echo "Usage: /etc/init.d/bind {start|stop|reload|restart|force-reload}" >&2 ++ exit 1 ++ ;; ++esac ++ ++exit 0 diff --git a/poky/meta/recipes-connectivity/bind/bind-9.16.7/generate-rndc-key.sh b/poky/meta/recipes-connectivity/bind/bind-9.16.7/generate-rndc-key.sh new file mode 100644 index 000000000..633e29c0e --- /dev/null +++ b/poky/meta/recipes-connectivity/bind/bind-9.16.7/generate-rndc-key.sh @@ -0,0 +1,8 @@ +#!/bin/sh + +if [ ! -s /etc/bind/rndc.key ]; then + echo -n "Generating /etc/bind/rndc.key:" + /usr/sbin/rndc-confgen -a -b 512 + chown root:bind /etc/bind/rndc.key + chmod 0640 /etc/bind/rndc.key +fi diff --git a/poky/meta/recipes-connectivity/bind/bind-9.16.7/init.d-add-support-for-read-only-rootfs.patch b/poky/meta/recipes-connectivity/bind/bind-9.16.7/init.d-add-support-for-read-only-rootfs.patch new file mode 100644 index 000000000..11db95ede --- /dev/null +++ b/poky/meta/recipes-connectivity/bind/bind-9.16.7/init.d-add-support-for-read-only-rootfs.patch @@ -0,0 +1,65 @@ +Subject: init.d: add support for read-only rootfs + +Upstream-Status: Inappropriate [oe specific] + +Signed-off-by: Chen Qi +--- + init.d | 40 ++++++++++++++++++++++++++++++++++++++++ + 1 file changed, 40 insertions(+) + +diff --git a/init.d b/init.d +index 0111ed4..24677c8 100644 +--- a/init.d ++++ b/init.d +@@ -6,8 +6,48 @@ PATH=/sbin:/bin:/usr/sbin:/usr/bin + # Don't modify this line, change or create /etc/default/bind9. + OPTIONS="" + ++test -f /etc/default/rcS && . /etc/default/rcS + test -f /etc/default/bind9 && . /etc/default/bind9 + ++# This function is here because it's possible that /var and / are on different partitions. ++is_on_read_only_partition () { ++ DIRECTORY=$1 ++ dir=`readlink -f $DIRECTORY` ++ while true; do ++ if [ ! -d "$dir" ]; then ++ echo "ERROR: $dir is not a directory" ++ exit 1 ++ else ++ for flag in `awk -v dir=$dir '{ if ($2 == dir) { print "FOUND"; split($4,FLAGS,",") } }; \ ++ END { for (f in FLAGS) print FLAGS[f] }' < /proc/mounts`; do ++ [ "$flag" = "FOUND" ] && partition="read-write" ++ [ "$flag" = "ro" ] && { partition="read-only"; break; } ++ done ++ if [ "$dir" = "/" -o -n "$partition" ]; then ++ break ++ else ++ dir=`dirname $dir` ++ fi ++ fi ++ done ++ [ "$partition" = "read-only" ] && echo "yes" || echo "no" ++} ++ ++bind_mount () { ++ olddir=$1 ++ newdir=$2 ++ mkdir -p $olddir ++ cp -a $newdir/* $olddir ++ mount --bind $olddir $newdir ++} ++ ++# Deal with read-only rootfs ++if [ "$ROOTFS_READ_ONLY" = "yes" ]; then ++ [ "$VERBOSE" != "no" ] && echo "WARN: start bind service in read-only rootfs" ++ [ `is_on_read_only_partition /etc/bind` = "yes" ] && bind_mount /var/volatile/bind/etc /etc/bind ++ [ `is_on_read_only_partition /var/named` = "yes" ] && bind_mount /var/volatile/bind/named /var/named ++fi ++ + test -x /usr/sbin/rndc || exit 0 + + case "$1" in +-- +1.7.9.5 + diff --git a/poky/meta/recipes-connectivity/bind/bind-9.16.7/make-etc-initd-bind-stop-work.patch b/poky/meta/recipes-connectivity/bind/bind-9.16.7/make-etc-initd-bind-stop-work.patch new file mode 100644 index 000000000..146f3e35d --- /dev/null +++ b/poky/meta/recipes-connectivity/bind/bind-9.16.7/make-etc-initd-bind-stop-work.patch @@ -0,0 +1,42 @@ +bind: make "/etc/init.d/bind stop" work + +Upstream-Status: Inappropriate [configuration] + +Add some configurations, make rndc command be able to controls +the named daemon. + +Signed-off-by: Roy Li +--- + conf/named.conf | 5 +++++ + conf/rndc.conf | 5 +++++ + 2 files changed, 10 insertions(+), 0 deletions(-) + create mode 100644 conf/rndc.conf + +diff --git a/conf/named.conf b/conf/named.conf +index 95829cf..c8899e7 100644 +--- a/conf/named.conf ++++ b/conf/named.conf +@@ -47,3 +47,8 @@ zone "255.in-addr.arpa" { + // root-delegation-only exclude { "DE"; "MUSEUM"; }; + + include "/etc/bind/named.conf.local"; ++include "/etc/bind/rndc.key" ; ++controls { ++ inet 127.0.0.1 allow { localhost; } ++ keys { rndc-key; }; ++}; +diff --git a/conf/rndc.conf b/conf/rndc.conf +new file mode 100644 +index 0000000..a0b481d +--- /dev/null ++++ b/conf/rndc.conf +@@ -0,0 +1,5 @@ ++include "/etc/bind/rndc.key"; ++options { ++ default-server localhost; ++ default-key rndc-key; ++}; + +-- +1.7.5.4 + diff --git a/poky/meta/recipes-connectivity/bind/bind-9.16.7/named.service b/poky/meta/recipes-connectivity/bind/bind-9.16.7/named.service new file mode 100644 index 000000000..cda56ef01 --- /dev/null +++ b/poky/meta/recipes-connectivity/bind/bind-9.16.7/named.service @@ -0,0 +1,22 @@ +[Unit] +Description=Berkeley Internet Name Domain (DNS) +Wants=nss-lookup.target +Before=nss-lookup.target +After=network.target + +[Service] +Type=forking +EnvironmentFile=-/etc/default/bind9 +PIDFile=/run/named/named.pid + +ExecStartPre=@SBINDIR@/generate-rndc-key.sh +ExecStart=@SBINDIR@/named $OPTIONS + +ExecReload=@BASE_BINDIR@/sh -c '@SBINDIR@/rndc reload > /dev/null 2>&1 || @BASE_BINDIR@/kill -HUP $MAINPID' + +ExecStop=@BASE_BINDIR@/sh -c '@SBINDIR@/rndc stop > /dev/null 2>&1 || @BASE_BINDIR@/kill -TERM $MAINPID' + +PrivateTmp=true + +[Install] +WantedBy=multi-user.target diff --git a/poky/meta/recipes-connectivity/bind/bind_9.16.5.bb b/poky/meta/recipes-connectivity/bind/bind_9.16.5.bb deleted file mode 100644 index 103192490..000000000 --- a/poky/meta/recipes-connectivity/bind/bind_9.16.5.bb +++ /dev/null @@ -1,123 +0,0 @@ -SUMMARY = "ISC Internet Domain Name Server" -HOMEPAGE = "http://www.isc.org/sw/bind/" -SECTION = "console/network" - -LICENSE = "MPL-2.0" -LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=188b8d0644bd6835df43b84e3f180be1" - -DEPENDS = "openssl libcap zlib libuv" - -SRC_URI = "https://ftp.isc.org/isc/bind9/${PV}/${BPN}-${PV}.tar.xz \ - file://conf.patch \ - file://named.service \ - file://bind9 \ - file://generate-rndc-key.sh \ - file://make-etc-initd-bind-stop-work.patch \ - file://init.d-add-support-for-read-only-rootfs.patch \ - file://bind-ensure-searching-for-json-headers-searches-sysr.patch \ - file://0001-named-lwresd-V-and-start-log-hide-build-options.patch \ - file://0001-avoid-start-failure-with-bind-user.patch \ - " - -SRC_URI[sha256sum] = "6378b3e51fef11a8be4794dc48e8111ba92d211c0dfd129a0c296ed06a3dc075" - -UPSTREAM_CHECK_URI = "https://ftp.isc.org/isc/bind9/" -# stay at 9.16 follow the ESV versions divisible by 4 -UPSTREAM_CHECK_REGEX = "(?P9.(16|20|24|28)(\.\d+)+(-P\d+)*)/" - -inherit autotools update-rc.d systemd useradd pkgconfig multilib_header update-alternatives - -# PACKAGECONFIGs readline and libedit should NOT be set at same time -PACKAGECONFIG ?= "readline" -PACKAGECONFIG[httpstats] = "--with-libxml2=${STAGING_DIR_HOST}${prefix},--without-libxml2,libxml2" -PACKAGECONFIG[readline] = "--with-readline=-lreadline,,readline" -PACKAGECONFIG[libedit] = "--with-readline=-ledit,,libedit" -PACKAGECONFIG[python3] = "--with-python=yes --with-python-install-dir=${PYTHON_SITEPACKAGES_DIR} , --without-python, python3-ply-native," - -EXTRA_OECONF = " --with-libtool --disable-devpoll --enable-epoll \ - --with-gssapi=no --with-lmdb=no --with-zlib \ - --sysconfdir=${sysconfdir}/bind \ - --with-openssl=${STAGING_DIR_HOST}${prefix} \ - " -LDFLAGS_append = " -lz" - -inherit ${@bb.utils.contains('PACKAGECONFIG', 'python3', 'python3native distutils3-base', '', d)} - -# dhcp needs .la so keep them -REMOVE_LIBTOOL_LA = "0" - -USERADD_PACKAGES = "${PN}" -USERADD_PARAM_${PN} = "--system --home ${localstatedir}/cache/bind --no-create-home \ - --user-group bind" - -INITSCRIPT_NAME = "bind" -INITSCRIPT_PARAMS = "defaults" - -SYSTEMD_SERVICE_${PN} = "named.service" - -do_install_append() { - - rmdir "${D}${localstatedir}/run" - rmdir --ignore-fail-on-non-empty "${D}${localstatedir}" - install -d -o bind "${D}${localstatedir}/cache/bind" - install -d "${D}${sysconfdir}/bind" - install -d "${D}${sysconfdir}/init.d" - install -m 644 ${S}/conf/* "${D}${sysconfdir}/bind/" - install -m 755 "${S}/init.d" "${D}${sysconfdir}/init.d/bind" - if ${@bb.utils.contains('PACKAGECONFIG', 'python3', 'true', 'false', d)}; then - sed -i -e '1s,#!.*python3,#! /usr/bin/python3,' \ - ${D}${sbindir}/dnssec-coverage \ - ${D}${sbindir}/dnssec-checkds \ - ${D}${sbindir}/dnssec-keymgr - fi - - # Install systemd related files - install -d ${D}${sbindir} - install -m 755 ${WORKDIR}/generate-rndc-key.sh ${D}${sbindir} - install -d ${D}${systemd_unitdir}/system - install -m 0644 ${WORKDIR}/named.service ${D}${systemd_unitdir}/system - sed -i -e 's,@BASE_BINDIR@,${base_bindir},g' \ - -e 's,@SBINDIR@,${sbindir},g' \ - ${D}${systemd_unitdir}/system/named.service - - install -d ${D}${sysconfdir}/default - install -m 0644 ${WORKDIR}/bind9 ${D}${sysconfdir}/default - - if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then - install -d ${D}${sysconfdir}/tmpfiles.d - echo "d /run/named 0755 bind bind - -" > ${D}${sysconfdir}/tmpfiles.d/bind.conf - fi - - oe_multilib_header isc/platform.h -} - -CONFFILES_${PN} = " \ - ${sysconfdir}/bind/named.conf \ - ${sysconfdir}/bind/named.conf.local \ - ${sysconfdir}/bind/named.conf.options \ - ${sysconfdir}/bind/db.0 \ - ${sysconfdir}/bind/db.127 \ - ${sysconfdir}/bind/db.empty \ - ${sysconfdir}/bind/db.local \ - ${sysconfdir}/bind/db.root \ - " - -ALTERNATIVE_${PN}-utils = "nslookup" -ALTERNATIVE_LINK_NAME[nslookup] = "${bindir}/nslookup" -ALTERNATIVE_PRIORITY = "100" - -PACKAGE_BEFORE_PN += "${PN}-utils" -FILES_${PN}-utils = "${bindir}/host ${bindir}/dig ${bindir}/mdig ${bindir}/nslookup ${bindir}/nsupdate" -FILES_${PN}-dev += "${bindir}/isc-config.h" -FILES_${PN} += "${sbindir}/generate-rndc-key.sh" - -PACKAGE_BEFORE_PN += "${PN}-libs" -FILES_${PN}-libs = "${libdir}/*.so* ${libdir}/named/*.so*" -FILES_${PN}-staticdev += "${libdir}/*.la" - -PACKAGE_BEFORE_PN += "${@bb.utils.contains('PACKAGECONFIG', 'python3', 'python3-bind', '', d)}" -FILES_python3-bind = "${sbindir}/dnssec-coverage ${sbindir}/dnssec-checkds \ - ${sbindir}/dnssec-keymgr ${PYTHON_SITEPACKAGES_DIR}" - -RDEPENDS_${PN}-dev = "" -RDEPENDS_python3-bind = "python3-core python3-ply" diff --git a/poky/meta/recipes-connectivity/bind/bind_9.16.7.bb b/poky/meta/recipes-connectivity/bind/bind_9.16.7.bb new file mode 100644 index 000000000..5fc2c1d3c --- /dev/null +++ b/poky/meta/recipes-connectivity/bind/bind_9.16.7.bb @@ -0,0 +1,123 @@ +SUMMARY = "ISC Internet Domain Name Server" +HOMEPAGE = "http://www.isc.org/sw/bind/" +SECTION = "console/network" + +LICENSE = "MPL-2.0" +LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=188b8d0644bd6835df43b84e3f180be1" + +DEPENDS = "openssl libcap zlib libuv" + +SRC_URI = "https://ftp.isc.org/isc/bind9/${PV}/${BPN}-${PV}.tar.xz \ + file://conf.patch \ + file://named.service \ + file://bind9 \ + file://generate-rndc-key.sh \ + file://make-etc-initd-bind-stop-work.patch \ + file://init.d-add-support-for-read-only-rootfs.patch \ + file://bind-ensure-searching-for-json-headers-searches-sysr.patch \ + file://0001-named-lwresd-V-and-start-log-hide-build-options.patch \ + file://0001-avoid-start-failure-with-bind-user.patch \ + " + +SRC_URI[sha256sum] = "9f7d1812ebbd26a699f62b6fa8522d5dec57e4bf43af0042a0d60d39ed8314d1" + +UPSTREAM_CHECK_URI = "https://ftp.isc.org/isc/bind9/" +# stay at 9.16 follow the ESV versions divisible by 4 +UPSTREAM_CHECK_REGEX = "(?P9.(16|20|24|28)(\.\d+)+(-P\d+)*)/" + +inherit autotools update-rc.d systemd useradd pkgconfig multilib_header update-alternatives + +# PACKAGECONFIGs readline and libedit should NOT be set at same time +PACKAGECONFIG ?= "readline" +PACKAGECONFIG[httpstats] = "--with-libxml2=${STAGING_DIR_HOST}${prefix},--without-libxml2,libxml2" +PACKAGECONFIG[readline] = "--with-readline=-lreadline,,readline" +PACKAGECONFIG[libedit] = "--with-readline=-ledit,,libedit" +PACKAGECONFIG[python3] = "--with-python=yes --with-python-install-dir=${PYTHON_SITEPACKAGES_DIR} , --without-python, python3-ply-native," + +EXTRA_OECONF = " --with-libtool --disable-devpoll --disable-auto-validation --enable-epoll \ + --with-gssapi=no --with-lmdb=no --with-zlib \ + --sysconfdir=${sysconfdir}/bind \ + --with-openssl=${STAGING_DIR_HOST}${prefix} \ + " +LDFLAGS_append = " -lz" + +inherit ${@bb.utils.contains('PACKAGECONFIG', 'python3', 'python3native distutils3-base', '', d)} + +# dhcp needs .la so keep them +REMOVE_LIBTOOL_LA = "0" + +USERADD_PACKAGES = "${PN}" +USERADD_PARAM_${PN} = "--system --home ${localstatedir}/cache/bind --no-create-home \ + --user-group bind" + +INITSCRIPT_NAME = "bind" +INITSCRIPT_PARAMS = "defaults" + +SYSTEMD_SERVICE_${PN} = "named.service" + +do_install_append() { + + rmdir "${D}${localstatedir}/run" + rmdir --ignore-fail-on-non-empty "${D}${localstatedir}" + install -d -o bind "${D}${localstatedir}/cache/bind" + install -d "${D}${sysconfdir}/bind" + install -d "${D}${sysconfdir}/init.d" + install -m 644 ${S}/conf/* "${D}${sysconfdir}/bind/" + install -m 755 "${S}/init.d" "${D}${sysconfdir}/init.d/bind" + if ${@bb.utils.contains('PACKAGECONFIG', 'python3', 'true', 'false', d)}; then + sed -i -e '1s,#!.*python3,#! /usr/bin/python3,' \ + ${D}${sbindir}/dnssec-coverage \ + ${D}${sbindir}/dnssec-checkds \ + ${D}${sbindir}/dnssec-keymgr + fi + + # Install systemd related files + install -d ${D}${sbindir} + install -m 755 ${WORKDIR}/generate-rndc-key.sh ${D}${sbindir} + install -d ${D}${systemd_unitdir}/system + install -m 0644 ${WORKDIR}/named.service ${D}${systemd_unitdir}/system + sed -i -e 's,@BASE_BINDIR@,${base_bindir},g' \ + -e 's,@SBINDIR@,${sbindir},g' \ + ${D}${systemd_unitdir}/system/named.service + + install -d ${D}${sysconfdir}/default + install -m 0644 ${WORKDIR}/bind9 ${D}${sysconfdir}/default + + if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then + install -d ${D}${sysconfdir}/tmpfiles.d + echo "d /run/named 0755 bind bind - -" > ${D}${sysconfdir}/tmpfiles.d/bind.conf + fi + + oe_multilib_header isc/platform.h +} + +CONFFILES_${PN} = " \ + ${sysconfdir}/bind/named.conf \ + ${sysconfdir}/bind/named.conf.local \ + ${sysconfdir}/bind/named.conf.options \ + ${sysconfdir}/bind/db.0 \ + ${sysconfdir}/bind/db.127 \ + ${sysconfdir}/bind/db.empty \ + ${sysconfdir}/bind/db.local \ + ${sysconfdir}/bind/db.root \ + " + +ALTERNATIVE_${PN}-utils = "nslookup" +ALTERNATIVE_LINK_NAME[nslookup] = "${bindir}/nslookup" +ALTERNATIVE_PRIORITY = "100" + +PACKAGE_BEFORE_PN += "${PN}-utils" +FILES_${PN}-utils = "${bindir}/host ${bindir}/dig ${bindir}/mdig ${bindir}/nslookup ${bindir}/nsupdate" +FILES_${PN}-dev += "${bindir}/isc-config.h" +FILES_${PN} += "${sbindir}/generate-rndc-key.sh" + +PACKAGE_BEFORE_PN += "${PN}-libs" +FILES_${PN}-libs = "${libdir}/*.so* ${libdir}/named/*.so*" +FILES_${PN}-staticdev += "${libdir}/*.la" + +PACKAGE_BEFORE_PN += "${@bb.utils.contains('PACKAGECONFIG', 'python3', 'python3-bind', '', d)}" +FILES_python3-bind = "${sbindir}/dnssec-coverage ${sbindir}/dnssec-checkds \ + ${sbindir}/dnssec-keymgr ${PYTHON_SITEPACKAGES_DIR}" + +RDEPENDS_${PN}-dev = "" +RDEPENDS_python3-bind = "python3-core python3-ply" diff --git a/poky/meta/recipes-connectivity/dhcpcd/dhcpcd_9.2.0.bb b/poky/meta/recipes-connectivity/dhcpcd/dhcpcd_9.2.0.bb index 292cb5b00..4344841b5 100644 --- a/poky/meta/recipes-connectivity/dhcpcd/dhcpcd_9.2.0.bb +++ b/poky/meta/recipes-connectivity/dhcpcd/dhcpcd_9.2.0.bb @@ -19,7 +19,7 @@ SRC_URI = "https://roy.marples.name/downloads/${BPN}/${BPN}-${PV}.tar.xz \ SRC_URI[sha256sum] = "fcb2d19672d445bbfd38678fdee4f556ef967a3ea6bd81092d10545df2cb9666" -inherit pkgconfig autotools-brokensep systemd +inherit pkgconfig autotools-brokensep systemd useradd SYSTEMD_SERVICE_${PN} = "dhcpcd.service" @@ -28,12 +28,21 @@ PACKAGECONFIG ?= "udev ${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)}" PACKAGECONFIG[udev] = "--with-udev,--without-udev,udev,udev" PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6" -EXTRA_OECONF = "--enable-ipv4" +EXTRA_OECONF = "--enable-ipv4 \ + --dbdir=${localstatedir}/lib/${BPN} \ + --runstatedir=/run \ + " + +USERADD_PACKAGES = "${PN}" +USERADD_PARAM_${PN} = "--system -d ${localstatedir}/lib/${BPN} -M -s /bin/false -U dhcpcd" do_install_append () { # install systemd unit files install -d ${D}${systemd_unitdir}/system install -m 0644 ${WORKDIR}/dhcpcd*.service ${D}${systemd_unitdir}/system + + chmod 700 ${D}${localstatedir}/lib/${BPN} + chown dhcpcd:dhcpcd ${D}${localstatedir}/lib/${BPN} } FILES_${PN}-dbg += "${libdir}/dhcpcd/dev/.debug" diff --git a/poky/meta/recipes-connectivity/dhcpcd/files/dhcpcd.service b/poky/meta/recipes-connectivity/dhcpcd/files/dhcpcd.service index 86b5a43c3..bbed6d85c 100644 --- a/poky/meta/recipes-connectivity/dhcpcd/files/dhcpcd.service +++ b/poky/meta/recipes-connectivity/dhcpcd/files/dhcpcd.service @@ -2,6 +2,7 @@ Description=A minimalistic network configuration daemon with DHCPv4, rdisc and DHCPv6 support Wants=network.target Before=network.target +Conflicts=connman.service [Service] ExecStart=/usr/sbin/dhcpcd -q --nobackground diff --git a/poky/meta/recipes-connectivity/dhcpcd/files/dhcpcd@.service b/poky/meta/recipes-connectivity/dhcpcd/files/dhcpcd@.service index c81bb05ea..389b076c3 100644 --- a/poky/meta/recipes-connectivity/dhcpcd/files/dhcpcd@.service +++ b/poky/meta/recipes-connectivity/dhcpcd/files/dhcpcd@.service @@ -4,10 +4,11 @@ Wants=network.target Before=network.target BindsTo=sys-subsystem-net-devices-%i.device After=sys-subsystem-net-devices-%i.device +Conflicts=connman.service [Service] Type=forking -PIDFile=/run/dhcpcd-%I.pid +PIDFile=/run/dhcpcd/%I.pid ExecStart=/usr/sbin/dhcpcd -q %I ExecStop=/usr/sbin/dhcpcd -x %I diff --git a/poky/meta/recipes-connectivity/kea/files/0001-keactrl.in-create-var-lib-kea-and-var-run-kea-folder.patch b/poky/meta/recipes-connectivity/kea/files/0001-keactrl.in-create-var-lib-kea-and-var-run-kea-folder.patch new file mode 100644 index 000000000..ab3fd8394 --- /dev/null +++ b/poky/meta/recipes-connectivity/kea/files/0001-keactrl.in-create-var-lib-kea-and-var-run-kea-folder.patch @@ -0,0 +1,39 @@ +From 639dc25cdabc9d1846000a542c8cc19158b69994 Mon Sep 17 00:00:00 2001 +From: Mingli Yu +Date: Fri, 18 Sep 2020 08:18:08 +0000 +Subject: [PATCH] keactrl.in: create /var/lib/kea and /var/run/kea folder + +Create /var/lib/kea and /var/run/kea folder to fix below error: + # keactrl start + INFO/keactrl: Starting /usr/sbin/kea-dhcp4 -c /etc/kea/kea-dhcp4.conf + INFO/keactrl: Starting /usr/sbin/kea-dhcp6 -c /etc/kea/kea-dhcp6.conf + INFO/keactrl: Starting /usr/sbin/kea-ctrl-agent -c /etc/kea/kea-ctrl-agent.conf + Unable to use interprocess sync lockfile (No such file or directory): /var/run/kea/logger_lockfile + Service failed: Launch failed: Unable to open PID file '/var/run/kea/kea-ctrl-agent.kea-ctrl-agent.pid' for write + [snip] + ERROR [kea-dhcp4.dhcp4/615.140641792751488] DHCP4_CONFIG_LOAD_FAIL configuration error using file: /etc/kea/kea-dhcp4.conf, reason: Unable to open database: unable to open '/var/lib/kea/kea-leases4.csv' + [snip] + +Upstream-Status: Inappropriate [config specific] + +Signed-off-by: Mingli Yu +--- + src/bin/keactrl/keactrl.in | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/src/bin/keactrl/keactrl.in b/src/bin/keactrl/keactrl.in +index 12b2b3f..47cf6f9 100644 +--- a/src/bin/keactrl/keactrl.in ++++ b/src/bin/keactrl/keactrl.in +@@ -482,6 +482,8 @@ case ${command} in + # The variables (dhcp4_srv, dhcp6_serv, dhcp_ddns_srv etc) are set in the + # keactrl.conf file that shellcheck is unable to read. + # shellcheck disable=SC2154 ++ [ -d @LOCALSTATEDIR@/run/kea ] || mkdir -p @LOCALSTATEDIR@/run/kea ++ [ -d @LOCALSTATEDIR@/lib/kea ] || mkdir -p @LOCALSTATEDIR@/lib/kea + run_conditional "dhcp4" "start_server ${dhcp4_srv} -c ${kea_dhcp4_config_file} ${args}" 1 + run_conditional "dhcp6" "start_server ${dhcp6_srv} -c ${kea_dhcp6_config_file} ${args}" 1 + # shellcheck disable=SC2154 +-- +2.26.2 + diff --git a/poky/meta/recipes-connectivity/kea/files/fix-multilib-conflict.patch b/poky/meta/recipes-connectivity/kea/files/fix-multilib-conflict.patch new file mode 100644 index 000000000..733adf553 --- /dev/null +++ b/poky/meta/recipes-connectivity/kea/files/fix-multilib-conflict.patch @@ -0,0 +1,55 @@ +There are conflict of config files between kea and lib32-kea: + +| Error: Transaction test error: +| file /etc/kea/kea-ctrl-agent.conf conflicts between attempted installs of + lib32-kea-1.7.10-r0.core2_32 and kea-1.7.10-r0.core2_64 +| file /etc/kea/kea-dhcp4.conf conflicts between attempted installs of + lib32-kea-1.7.10-r0.core2_32 and kea-1.7.10-r0.core2_64 + +Because they are all commented out, replace the expanded libdir path with +'$libdir' in the config files to avoid conflict. + +Signed-off-by: Kai Kang +--- + src/bin/keactrl/kea-ctrl-agent.conf.pre | 3 ++- + src/bin/keactrl/kea-dhcp4.conf.pre | 6 ++++-- + 2 files changed, 6 insertions(+), 3 deletions(-) + +diff --git a/src/bin/keactrl/kea-ctrl-agent.conf.pre b/src/bin/keactrl/kea-ctrl-agent.conf.pre +index 211b7ff..d710ec7 100644 +--- a/src/bin/keactrl/kea-ctrl-agent.conf.pre ++++ b/src/bin/keactrl/kea-ctrl-agent.conf.pre +@@ -45,7 +45,8 @@ + // Agent will fail to start. + "hooks-libraries": [ + // { +-// "library": "@libdir@/kea/hooks/control-agent-commands.so", ++// // Replace $libdir with real library path /usr/lib or /usr/lib64 ++// "library": "$libdir/kea/hooks/control-agent-commands.so", + // "parameters": { + // "param1": "foo" + // } +diff --git a/src/bin/keactrl/kea-dhcp4.conf.pre b/src/bin/keactrl/kea-dhcp4.conf.pre +index 5f77a32..70ae3d9 100644 +--- a/src/bin/keactrl/kea-dhcp4.conf.pre ++++ b/src/bin/keactrl/kea-dhcp4.conf.pre +@@ -252,7 +252,8 @@ + // // of all devices serviced by Kea, including their identifiers + // // (like MAC address), their location in the network, times + // // when they were active etc. +- // "library": "@libdir@/kea/hooks/libdhcp_legal_log.so" ++ // // Replace $libdir with real library path /usr/lib or /usr/lib64 ++ // "library": "$libdir/kea/hooks/libdhcp_legal_log.so" + // "parameters": { + // "path": "/var/lib/kea", + // "base-name": "kea-forensic4" +@@ -269,7 +270,8 @@ + // // of specific options or perhaps even a combination of several + // // options and fields to uniquely identify a client. Those scenarios + // // are addressed by the Flexible Identifiers hook application. +- // "library": "@libdir@/kea/hooks/libdhcp_flex_id.so", ++ // // Replace $libdir with real library path /usr/lib or /usr/lib64 ++ // "library": "$libdir/kea/hooks/libdhcp_flex_id.so", + // "parameters": { + // "identifier-expression": "substring(relay6[0].option[18],0,8)" + // } diff --git a/poky/meta/recipes-connectivity/kea/kea_1.7.10.bb b/poky/meta/recipes-connectivity/kea/kea_1.7.10.bb index e2560b239..2ea4b1275 100644 --- a/poky/meta/recipes-connectivity/kea/kea_1.7.10.bb +++ b/poky/meta/recipes-connectivity/kea/kea_1.7.10.bb @@ -9,9 +9,11 @@ DEPENDS = "boost log4cplus openssl" SRC_URI = "\ http://ftp.isc.org/isc/kea/${PV}/${BP}.tar.gz \ + file://0001-keactrl.in-create-var-lib-kea-and-var-run-kea-folder.patch \ file://kea-dhcp4.service \ file://kea-dhcp6.service \ file://kea-dhcp-ddns.service \ + file://fix-multilib-conflict.patch \ " SRC_URI[sha256sum] = "4e121f0e58b175a827581c69cb1d60778647049fa47f142940dddc9ce58f3c82" @@ -46,7 +48,7 @@ do_install_append() { install -m 0644 ${WORKDIR}/kea-dhcp*service ${D}${systemd_system_unitdir} sed -i -e 's,@SBINDIR@,${sbindir},g' -e 's,@BASE_BINDIR@,${base_bindir},g' \ -e 's,@LOCALSTATEDIR@,${localstatedir},g' -e 's,@SYSCONFDIR@,${sysconfdir},g' \ - ${D}${systemd_system_unitdir}/kea-dhcp*service + ${D}${systemd_system_unitdir}/kea-dhcp*service ${D}${sbindir}/keactrl } do_install_append() { diff --git a/poky/meta/recipes-connectivity/openssh/openssh/sshdgenkeys.service b/poky/meta/recipes-connectivity/openssh/openssh/sshdgenkeys.service index 603c33787..fd81793d5 100644 --- a/poky/meta/recipes-connectivity/openssh/openssh/sshdgenkeys.service +++ b/poky/meta/recipes-connectivity/openssh/openssh/sshdgenkeys.service @@ -6,3 +6,4 @@ RequiresMountsFor=/var /run ExecStart=@LIBEXECDIR@/sshd_check_keys Type=oneshot RemainAfterExit=yes +Nice=10 diff --git a/poky/meta/recipes-connectivity/openssh/openssh_8.3p1.bb b/poky/meta/recipes-connectivity/openssh/openssh_8.3p1.bb index fad321898..e00732870 100644 --- a/poky/meta/recipes-connectivity/openssh/openssh_8.3p1.bb +++ b/poky/meta/recipes-connectivity/openssh/openssh_8.3p1.bb @@ -42,12 +42,15 @@ SYSTEMD_SERVICE_${PN}-sshd = "sshd.socket" inherit autotools-brokensep ptest -PACKAGECONFIG ??= "" +PACKAGECONFIG ??= "rng-tools" PACKAGECONFIG[kerberos] = "--with-kerberos5,--without-kerberos5,krb5" PACKAGECONFIG[ldns] = "--with-ldns,--without-ldns,ldns" PACKAGECONFIG[libedit] = "--with-libedit,--without-libedit,libedit" PACKAGECONFIG[manpages] = "--with-mantype=man,--with-mantype=cat" +# Add RRECOMMENDS to rng-tools for sshd package +PACKAGECONFIG[rng-tools] = "" + EXTRA_AUTORECONF += "--exclude=aclocal" # login path is hardcoded in sshd @@ -149,7 +152,10 @@ FILES_${PN}-keygen = "${bindir}/ssh-keygen" RDEPENDS_${PN} += "${PN}-scp ${PN}-ssh ${PN}-sshd ${PN}-keygen" RDEPENDS_${PN}-sshd += "${PN}-keygen ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'pam-plugin-keyinit pam-plugin-loginuid', '', d)}" -RRECOMMENDS_${PN}-sshd_append_class-target = " rng-tools" +RRECOMMENDS_${PN}-sshd_append_class-target = "\ + ${@bb.utils.filter('PACKAGECONFIG', 'rng-tools', d)} \ +" + # gdb would make attach-ptrace test pass rather than skip but not worth the build dependencies RDEPENDS_${PN}-ptest += "${PN}-sftp ${PN}-misc ${PN}-sftp-server make sed sudo coreutils" diff --git a/poky/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/dropbear_rsa_host_key b/poky/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/dropbear_rsa_host_key new file mode 100644 index 000000000..30443c943 Binary files /dev/null and b/poky/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/dropbear_rsa_host_key differ diff --git a/poky/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_ecdsa_key b/poky/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_ecdsa_key new file mode 100644 index 000000000..86c2104ec --- /dev/null +++ b/poky/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_ecdsa_key @@ -0,0 +1,9 @@ +-----BEGIN OPENSSH PRIVATE KEY----- +b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAaAAAABNlY2RzYS +1zaGEyLW5pc3RwMjU2AAAACG5pc3RwMjU2AAAAQQRJR6iZxr/NTqQN9NOwV+WPtu42r2eF +rJ0xsnlqw5bpmfz6aDR8RQvVHUZjRGQfR/RXPbQ5x+bjjdm176TuXNhHAAAAqAoE27MKBN +uzAAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBElHqJnGv81OpA30 +07BX5Y+27javZ4WsnTGyeWrDlumZ/PpoNHxFC9UdRmNEZB9H9Fc9tDnH5uON2bXvpO5c2E +cAAAAgLiHv/IWhxwosz9BiNILOOPlXaueL5hVTBKUJkpOi48sAAAANcm9vdEBxZW11bWlw +cwECAw== +-----END OPENSSH PRIVATE KEY----- diff --git a/poky/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_ecdsa_key.pub b/poky/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_ecdsa_key.pub new file mode 100644 index 000000000..a358aeb88 --- /dev/null +++ b/poky/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_ecdsa_key.pub @@ -0,0 +1 @@ +ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBElHqJnGv81OpA3007BX5Y+27javZ4WsnTGyeWrDlumZ/PpoNHxFC9UdRmNEZB9H9Fc9tDnH5uON2bXvpO5c2Ec= root@qemupregen diff --git a/poky/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_ed25519_key b/poky/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_ed25519_key new file mode 100644 index 000000000..00ed9adae --- /dev/null +++ b/poky/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_ed25519_key @@ -0,0 +1,7 @@ +-----BEGIN OPENSSH PRIVATE KEY----- +b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW +QyNTUxOQAAACDHSFTAbJ3OTd1r1E8G5JleCmsJEpQHmdTGtMcYqwWbbwAAAJChFtV0oRbV +dAAAAAtzc2gtZWQyNTUxOQAAACDHSFTAbJ3OTd1r1E8G5JleCmsJEpQHmdTGtMcYqwWbbw +AAAEA8UiUsygsTbP0HkDi5leXpQaVXihDyCHeitkBCItJGhcdIVMBsnc5N3WvUTwbkmV4K +awkSlAeZ1Ma0xxirBZtvAAAADXJvb3RAcWVtdW1pcHM= +-----END OPENSSH PRIVATE KEY----- diff --git a/poky/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_ed25519_key.pub b/poky/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_ed25519_key.pub new file mode 100644 index 000000000..cc0e2f43e --- /dev/null +++ b/poky/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_ed25519_key.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMdIVMBsnc5N3WvUTwbkmV4KawkSlAeZ1Ma0xxirBZtv root@qemupregen diff --git a/poky/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_rsa_key b/poky/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_rsa_key new file mode 100644 index 000000000..a8e4406ba --- /dev/null +++ b/poky/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_rsa_key @@ -0,0 +1,38 @@ +-----BEGIN OPENSSH PRIVATE KEY----- +b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABlwAAAAdzc2gtcn +NhAAAAAwEAAQAAAYEA2Q6dzF1xziCQCFq+e+Fv6w0607gNlyKnkhuoRq8G7/HEqXU2eEtC +i3AMUrAP8k7s9kP5vI5CyfSgFuC9MxDV2YL2bsmvRxBSKgg6KbNxkoTaFBqyqHopuWQca8 +KRahvzt5dh9fsmeqamIwgMWKTSwtDHcsbyt84nmO2Z2ZrNXobgueMIj+HiJVgmWn86FQFL +EoONAA+qb4SciPsxvmTlaQ/DMAh3llVo/IMLD9oyAyAI2kbHNnZttlYv5TmY7ICd3yCW8z +PXrxNcEF3Qs1d68gVJxLjLKTlYGzJW2J+RwY+1DJZ0w4lozeQiZXTXVtzcJB0tm2DcvQMz +kqyARmncSUwcPbEClEW6Y2xQnLeSHjexzlCCndiUbBTeG5iRl4OL6DN40iI9Lw2VROtj2Y +59n9PCfaoUs08dsgJLaNrDbRHrCRLSdZJ6OQFiC/nAx/t4e4+wdUgNOqLyJqomdNdaLXPq +tzr9ssrcY5j1DmmwKtzfTI5VM9LRQo+REIiUCNTFAAAFiFh232tYdt9rAAAAB3NzaC1yc2 +EAAAGBANkOncxdcc4gkAhavnvhb+sNOtO4DZcip5IbqEavBu/xxKl1NnhLQotwDFKwD/JO +7PZD+byOQsn0oBbgvTMQ1dmC9m7Jr0cQUioIOimzcZKE2hQasqh6KblkHGvCkWob87eXYf +X7JnqmpiMIDFik0sLQx3LG8rfOJ5jtmdmazV6G4LnjCI/h4iVYJlp/OhUBSxKDjQAPqm+E +nIj7Mb5k5WkPwzAId5ZVaPyDCw/aMgMgCNpGxzZ2bbZWL+U5mOyAnd8glvMz168TXBBd0L +NXevIFScS4yyk5WBsyVtifkcGPtQyWdMOJaM3kImV011bc3CQdLZtg3L0DM5KsgEZp3ElM +HD2xApRFumNsUJy3kh43sc5Qgp3YlGwU3huYkZeDi+gzeNIiPS8NlUTrY9mOfZ/Twn2qFL +NPHbICS2jaw20R6wkS0nWSejkBYgv5wMf7eHuPsHVIDTqi8iaqJnTXWi1z6rc6/bLK3GOY +9Q5psCrc30yOVTPS0UKPkRCIlAjUxQAAAAMBAAEAAAGAGIj+bUtiwdoMbeVUAszIydkE/U +mgv6S7LFjT/KlsL1M017LYJWDcdMaFnhMouksRngSxBg9OnWV5cxyURmFwytVy5bMGjRHb +N8UWTgBqphU+UWdzKngkn0AhtkyYA1aFhgsml5d8EgEkZnFSc/KtoDfZU7AJX519/FtfOK +m27Shx3pE7Nohh97avHyuidR1gTwdvuMIMke57g0BhrxPYmredaKCMZAHjjCeD6JbRcGj+ +ly3I9u8MF8BGSbLpBlLDUFCwP8G5CdmMua8bPJYhPSRqMLQhclI7hc6FaYk+gZV9B74Iv/ +SAxcCwI97dNbE0IAsbbWoUdoKGpAYQ5gOdhu5ioqZwKWjNjB3Xx48mq8xtmIR9HEnYzEnk +b/tDWNRWrGkvNK7vpLvnbsSSKBqOAbMzmQdJxogTgjE5doSmu2/krIMR6KUcUox2ZrR8Ot +JM6bXyNFBviiXmYvw/SZTDrVJu8BPMu5EMS5pBl8jPFBGI/ePk4qg7lWAJeQ89ThtBAAAA +wQDEU4HjomWwJsn9UWdoodXTV5aPY9B1OPkmYnRPtsjSAcXgtBzUXMEOsmXODOK3aQjsE0 +jQKpWDAUcUf6KKZKRehxUN4MlwujCG9czn65S6B8BsP1YUfZQjpNyub8vDBfeKzlxKBEEM +lb4iBT+LEGkihK13H5CbqRg1GDAThZzwrV4pj3S40zgyHhn8JjK4x4djEY6NwkWH8E2DgD +8vYG/FKh5E/VIZtCgtAHa4QNAgGB4VMRn1VpSJzxjCxb1wancAAADBAPT7F34WYEI3Vc52 +p1U5rPa6dZtg5QM14V0+KtMlb3frd0/F+JVj4t6COQ8J9pkOuD0YjOYJuFXIWAAYIjCdWt +cbTi/sSERawOWxrgSwJo2vjt5izrBQtr3N8tiB6KDGa5sdgJl5XzJ0SsdStfBbyhcJO4RV +p9lc+X8OsUfFsClmyIs45vlxBRH06DP6/zmYCAmqvlrfZJKqlpKAEWDDObRy/3+mSNhZ0J +BdmncASiASRlPPIoIHznyA1COUn6+TnwAAAMEA4tH89Dez2JauyPVeCyHAC680vrBKjmMx +WYdpq2Xzd/LNl2L9oc0IEZzerLTuaCh6qsbbk2wWj1nrYXvefz/xUtDR427tvRXckcsWhP +2HYohdYBkwTpp9QuscIV76GdwbTImuNEzvABH1hpTG6DSzqeyf/EVmSq07nptJIs5lpU49 +tW2aWraSvswHR9xfts1U79w9f4BNDy1rTmfuLERTRNF/T9CIFsk9tArLUNT64mhHtoEs8F +9AyGuq6v49bN0bAAAADXJvb3RAcWVtdW1pcHMBAgMEBQ== +-----END OPENSSH PRIVATE KEY----- diff --git a/poky/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_rsa_key.pub b/poky/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_rsa_key.pub new file mode 100644 index 000000000..9eb8c3838 --- /dev/null +++ b/poky/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_rsa_key.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDZDp3MXXHOIJAIWr574W/rDTrTuA2XIqeSG6hGrwbv8cSpdTZ4S0KLcAxSsA/yTuz2Q/m8jkLJ9KAW4L0zENXZgvZuya9HEFIqCDops3GShNoUGrKoeim5ZBxrwpFqG/O3l2H1+yZ6pqYjCAxYpNLC0MdyxvK3zieY7ZnZms1ehuC54wiP4eIlWCZafzoVAUsSg40AD6pvhJyI+zG+ZOVpD8MwCHeWVWj8gwsP2jIDIAjaRsc2dm22Vi/lOZjsgJ3fIJbzM9evE1wQXdCzV3ryBUnEuMspOVgbMlbYn5HBj7UMlnTDiWjN5CJldNdW3NwkHS2bYNy9AzOSrIBGadxJTBw9sQKURbpjbFCct5IeN7HOUIKd2JRsFN4bmJGXg4voM3jSIj0vDZVE62PZjn2f08J9qhSzTx2yAkto2sNtEesJEtJ1kno5AWIL+cDH+3h7j7B1SA06ovImqiZ011otc+q3Ov2yytxjmPUOabAq3N9MjlUz0tFCj5EQiJQI1MU= root@qemupregen diff --git a/poky/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys_1.0.bb b/poky/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys_1.0.bb new file mode 100644 index 000000000..ddd10e6ee --- /dev/null +++ b/poky/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys_1.0.bb @@ -0,0 +1,19 @@ +SUMMARY = "Pre generated host keys mainly for speeding up our qemu tests" + +SRC_URI = "file://dropbear_rsa_host_key \ + file://openssh" + +LICENSE = "MIT" +LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302" + +INHIBIT_DEFAULT_DEPS = "1" + +do_install () { + install -d ${D}${sysconfdir}/dropbear + install ${WORKDIR}/dropbear_rsa_host_key -m 0600 ${D}${sysconfdir}/dropbear/ + + install -d ${D}${sysconfdir}/ssh + install ${WORKDIR}/openssh/* ${D}${sysconfdir}/ssh/ + chmod 0600 ${D}${sysconfdir}/ssh/* + chmod 0644 ${D}${sysconfdir}/ssh/*.pub +} \ No newline at end of file diff --git a/poky/meta/recipes-core/dropbear/dropbear/dropbearkey.service b/poky/meta/recipes-core/dropbear/dropbear/dropbearkey.service index c49053d57..71a12a611 100644 --- a/poky/meta/recipes-core/dropbear/dropbear/dropbearkey.service +++ b/poky/meta/recipes-core/dropbear/dropbear/dropbearkey.service @@ -11,3 +11,4 @@ Type=oneshot ExecStart=@BASE_BINDIR@/mkdir -p ${DROPBEAR_RSAKEY_DIR} ExecStart=@SBINDIR@/dropbearkey -t rsa -f ${DROPBEAR_RSAKEY_DIR}/dropbear_rsa_host_key RemainAfterExit=yes +Nice=10 diff --git a/poky/meta/recipes-core/gettext/gettext-0.21/0001-msgmerge-29-Add-executable-file-mode-bits.patch b/poky/meta/recipes-core/gettext/gettext-0.21/0001-msgmerge-29-Add-executable-file-mode-bits.patch new file mode 100644 index 000000000..e42a6c0a4 --- /dev/null +++ b/poky/meta/recipes-core/gettext/gettext-0.21/0001-msgmerge-29-Add-executable-file-mode-bits.patch @@ -0,0 +1,23 @@ +From 71988f83b69c4ed98d1b9418da80edf11a931894 Mon Sep 17 00:00:00 2001 +From: Khem Raj +Date: Wed, 23 Sep 2020 22:08:34 -0700 +Subject: [PATCH] msgmerge-29: Add executable file mode bits + +This script is installed with default mode bits and executed directly +e.g ./msgmerge-29 when doing make check which results in + +/bin/bash: line 9: ./msgmerge-29: Permission denied + +Upstream-Status: Pending +Signed-off-by: Khem Raj +--- + gettext-tools/tests/msgmerge-29 | 0 + 1 file changed, 0 insertions(+), 0 deletions(-) + mode change 100644 => 100755 gettext-tools/tests/msgmerge-29 + +diff --git a/gettext-tools/tests/msgmerge-29 b/gettext-tools/tests/msgmerge-29 +old mode 100644 +new mode 100755 +-- +2.28.0 + diff --git a/poky/meta/recipes-core/gettext/gettext_0.21.bb b/poky/meta/recipes-core/gettext/gettext_0.21.bb index 54305623d..bc14867bb 100644 --- a/poky/meta/recipes-core/gettext/gettext_0.21.bb +++ b/poky/meta/recipes-core/gettext/gettext_0.21.bb @@ -8,11 +8,8 @@ SECTION = "libs" LICENSE = "GPLv3+ & LGPL-2.1+" LIC_FILES_CHKSUM = "file://COPYING;md5=c678957b0c8e964aa6c70fd77641a71e" -# Because po-gram-gen.y has been modified by fix-CVE-2018-18751.patch, -# it requires yacc which provided by bison-native -# Please remove bison-native from DEPENDS* when next upgrade -DEPENDS = "bison-native gettext-native virtual/libiconv" -DEPENDS_class-native = "bison-native gettext-minimal-native" +DEPENDS = "gettext-native virtual/libiconv" +DEPENDS_class-native = "gettext-minimal-native" PROVIDES = "virtual/libintl virtual/gettext" PROVIDES_class-native = "virtual/gettext-native" RCONFLICTS_${PN} = "proxy-libintl" @@ -24,6 +21,7 @@ SRC_URI = "${GNU_MIRROR}/gettext/gettext-${PV}.tar.gz \ file://0001-tests-autopoint-3-unset-MAKEFLAGS.patch \ file://0001-init-env.in-do-not-add-C-CXX-parameters.patch \ file://mingw.patch \ + file://0001-msgmerge-29-Add-executable-file-mode-bits.patch \ " SRC_URI[sha256sum] = "c77d0da3102aec9c07f43671e60611ebff89a996ef159497ce8e59d075786b12" diff --git a/poky/meta/recipes-core/glibc/glibc_2.32.bb b/poky/meta/recipes-core/glibc/glibc_2.32.bb index 7049e6162..2a0e46438 100644 --- a/poky/meta/recipes-core/glibc/glibc_2.32.bb +++ b/poky/meta/recipes-core/glibc/glibc_2.32.bb @@ -69,13 +69,15 @@ EXTRA_OECONF = "--enable-kernel=${OLDEST_KERNEL} \ --enable-stackguard-randomization \ --disable-crypt \ --with-default-link \ - --enable-nscd \ ${@bb.utils.contains_any('SELECTED_OPTIMIZATION', '-O0 -Og', '--disable-werror', '', d)} \ ${GLIBCPIE} \ ${GLIBC_EXTRA_OECONF}" EXTRA_OECONF += "${@get_libc_fpu_setting(bb, d)}" +PACKAGECONFIG ??= "nscd" +PACKAGECONFIG[nscd] = "--enable-nscd,--disable-nscd" + do_patch_append() { bb.build.exec_func('do_fix_readlib_c', d) } diff --git a/poky/meta/recipes-core/images/build-appliance-image_15.0.0.bb b/poky/meta/recipes-core/images/build-appliance-image_15.0.0.bb index 134e1da99..8be6171b2 100644 --- a/poky/meta/recipes-core/images/build-appliance-image_15.0.0.bb +++ b/poky/meta/recipes-core/images/build-appliance-image_15.0.0.bb @@ -24,7 +24,7 @@ IMAGE_FSTYPES = "wic.vmdk" inherit core-image module-base setuptools3 -SRCREV ?= "e9f2c011573ec906756e5e2b767b36c4f9795623" +SRCREV ?= "20586411649fcad6f0459ce74a581374ab564737" SRC_URI = "git://git.yoctoproject.org/poky \ file://Yocto_Build_Appliance.vmx \ file://Yocto_Build_Appliance.vmxf \ diff --git a/poky/meta/recipes-core/images/core-image-minimal.bb b/poky/meta/recipes-core/images/core-image-minimal.bb index 4630026aa..19f27f839 100644 --- a/poky/meta/recipes-core/images/core-image-minimal.bb +++ b/poky/meta/recipes-core/images/core-image-minimal.bb @@ -9,4 +9,4 @@ LICENSE = "MIT" inherit core-image IMAGE_ROOTFS_SIZE ?= "8192" -IMAGE_ROOTFS_EXTRA_SPACE_append = "${@bb.utils.contains("DISTRO_FEATURES", "systemd", " + 4096", "" ,d)}" +IMAGE_ROOTFS_EXTRA_SPACE_append = "${@bb.utils.contains("DISTRO_FEATURES", "systemd", " + 4096", "", d)}" diff --git a/poky/meta/recipes-core/meta/buildtools-tarball.bb b/poky/meta/recipes-core/meta/buildtools-tarball.bb index 75b71f553..560b8d67b 100644 --- a/poky/meta/recipes-core/meta/buildtools-tarball.bb +++ b/poky/meta/recipes-core/meta/buildtools-tarball.bb @@ -11,6 +11,7 @@ TOOLCHAIN_HOST_TASK ?= "\ nativesdk-python3-modules \ nativesdk-python3-misc \ nativesdk-python3-git \ + nativesdk-python3-jinja2 \ nativesdk-python3-testtools \ nativesdk-python3-subunit \ nativesdk-ncurses-terminfo-base \ @@ -79,6 +80,9 @@ if [ -d "\$OECORE_NATIVE_SYSROOT/environment-setup.d" ]; then . \$envfile done fi +# We have to unset this else it can confuse oe-selftest and other tools +# which may also use the overlapping namespace. +unset OECORE_NATIVE_SYSROOT EOF if [ "${SDKMACHINE}" = "i686" ]; then diff --git a/poky/meta/recipes-core/ncurses/ncurses.inc b/poky/meta/recipes-core/ncurses/ncurses.inc index 1627fb91d..4b6188966 100644 --- a/poky/meta/recipes-core/ncurses/ncurses.inc +++ b/poky/meta/recipes-core/ncurses/ncurses.inc @@ -273,6 +273,11 @@ inherit update-alternatives ALTERNATIVE_PRIORITY = "100" ALTERNATIVE_ncurses-tools_class-target = "clear reset" +ALTERNATIVE_ncurses-terminfo_class-target = "st st-256color" + +ALTERNATIVE_LINK_NAME[st] = "${datadir}/terminfo/s/st" + +ALTERNATIVE_LINK_NAME[st-256color] = "${datadir}/terminfo/s/st-256color" BBCLASSEXTEND = "native nativesdk" diff --git a/poky/meta/recipes-core/packagegroups/packagegroup-core-tools-debug.bb b/poky/meta/recipes-core/packagegroups/packagegroup-core-tools-debug.bb index 81fbdf460..283c1f1a3 100644 --- a/poky/meta/recipes-core/packagegroups/packagegroup-core-tools-debug.bb +++ b/poky/meta/recipes-core/packagegroups/packagegroup-core-tools-debug.bb @@ -13,9 +13,12 @@ PR = "r3" MTRACE = "" MTRACE_libc-glibc = "libc-mtrace" +STRACE = "strace" +STRACE_riscv32_libc-musl = "" + RDEPENDS_${PN} = "\ gdb \ gdbserver \ - strace \ ${MTRACE} \ + ${STRACE} \ " diff --git a/poky/meta/recipes-core/packagegroups/packagegroup-core-tools-profile.bb b/poky/meta/recipes-core/packagegroups/packagegroup-core-tools-profile.bb index 17b1391a4..d437e2831 100644 --- a/poky/meta/recipes-core/packagegroups/packagegroup-core-tools-profile.bb +++ b/poky/meta/recipes-core/packagegroups/packagegroup-core-tools-profile.bb @@ -28,6 +28,7 @@ PROFILETOOLS = "\ " PERF = "perf" PERF_libc-musl = "" +PERF_libc-musl_arm = "perf" # systemtap needs elfutils which is not fully buildable on some arches/libcs SYSTEMTAP = "systemtap" @@ -37,6 +38,7 @@ SYSTEMTAP_riscv64 = "" LTTNGTOOLS = "lttng-tools" LTTNGTOOLS_arc = "" +LTTNGTOOLS_riscv32_libc-musl = "" BABELTRACE = "babeltrace" BABELTRACE2 = "babeltrace2" diff --git a/poky/meta/recipes-core/systemd/systemd.inc b/poky/meta/recipes-core/systemd/systemd.inc index b0d4fe403..1733565fc 100644 --- a/poky/meta/recipes-core/systemd/systemd.inc +++ b/poky/meta/recipes-core/systemd/systemd.inc @@ -14,7 +14,7 @@ LICENSE = "GPLv2 & LGPLv2.1" LIC_FILES_CHKSUM = "file://LICENSE.GPL2;md5=751419260aa954499f7abaabaa882bbe \ file://LICENSE.LGPL2.1;md5=4fbd65380cdd255951079008b364516c" -SRCREV = "91b37e6f0982e1e64c63017000248d7441a83a2e" +SRCREV = "2ee1c57c4ff4fd3349cf03c2e89fbd18ca0b3a4a" SRCBRANCH = "v246-stable" SRC_URI = "git://github.com/systemd/systemd-stable.git;protocol=git;branch=${SRCBRANCH}" diff --git a/poky/meta/recipes-core/systemd/systemd/0001-Handle-missing-gshadow.patch b/poky/meta/recipes-core/systemd/systemd/0001-Handle-missing-gshadow.patch index 723cd2e52..c5960a0d6 100644 --- a/poky/meta/recipes-core/systemd/systemd/0001-Handle-missing-gshadow.patch +++ b/poky/meta/recipes-core/systemd/systemd/0001-Handle-missing-gshadow.patch @@ -14,10 +14,8 @@ Signed-off-by: Alex Kiernan src/shared/userdb.c | 6 ++++++ 3 files changed, 30 insertions(+) -Index: systemd-stable/src/shared/group-record-nss.c -=================================================================== ---- systemd-stable.orig/src/shared/group-record-nss.c -+++ systemd-stable/src/shared/group-record-nss.c +--- a/src/shared/group-record-nss.c ++++ b/src/shared/group-record-nss.c @@ -19,8 +19,10 @@ int nss_group_to_group_record( if (isempty(grp->gr_name)) return -EINVAL; @@ -35,7 +33,7 @@ Index: systemd-stable/src/shared/group-record-nss.c +#if ENABLE_GSHADOW if (sgrp) { - if (hashed_password_valid(sgrp->sg_passwd)) { + if (looks_like_hashed_password(sgrp->sg_passwd)) { g->hashed_password = strv_new(sgrp->sg_passwd); @@ -51,6 +54,7 @@ int nss_group_to_group_record( if (!g->administrators) @@ -119,10 +117,8 @@ Index: systemd-stable/src/shared/group-record-nss.c if (r < 0) return r; -Index: systemd-stable/src/shared/group-record-nss.h -=================================================================== ---- systemd-stable.orig/src/shared/group-record-nss.h -+++ systemd-stable/src/shared/group-record-nss.h +--- a/src/shared/group-record-nss.h ++++ b/src/shared/group-record-nss.h @@ -2,7 +2,11 @@ #pragma once @@ -135,10 +131,8 @@ Index: systemd-stable/src/shared/group-record-nss.h #include "group-record.h" -Index: systemd-stable/src/shared/userdb.c -=================================================================== ---- systemd-stable.orig/src/shared/userdb.c -+++ systemd-stable/src/shared/userdb.c +--- a/src/shared/userdb.c ++++ b/src/shared/userdb.c @@ -930,13 +930,16 @@ int groupdb_iterator_get(UserDBIterator if (gr) { _cleanup_free_ char *buffer = NULL; diff --git a/poky/meta/recipes-core/systemd/systemd/0001-Use-PREFIX-ROOTPREFIX-correctly.patch b/poky/meta/recipes-core/systemd/systemd/0001-Use-PREFIX-ROOTPREFIX-correctly.patch deleted file mode 100644 index c61941df9..000000000 --- a/poky/meta/recipes-core/systemd/systemd/0001-Use-PREFIX-ROOTPREFIX-correctly.patch +++ /dev/null @@ -1,81 +0,0 @@ -From 2868e3b72d4ac02860e380d70c9af0d61a985790 Mon Sep 17 00:00:00 2001 -From: Alex Kiernan -Date: Sun, 16 Aug 2020 16:07:12 +0000 -Subject: [PATCH] Use PREFIX/ROOTPREFIX correctly - -Signed-off-by: Alex Kiernan -Upstream-status: Pending [https://github.com/systemd/systemd/issues/16773] ---- - meson.build | 1 + - src/core/systemd.pc.in | 8 ++++---- - src/libsystemd/sd-path/sd-path.c | 8 ++++---- - 3 files changed, 9 insertions(+), 8 deletions(-) - -diff --git a/meson.build b/meson.build -index dbbddb68e232..18618dba0623 100644 ---- a/meson.build -+++ b/meson.build -@@ -226,6 +226,7 @@ conf.set_quoted('SYSTEMD_SHUTDOWN_BINARY_PATH', join_paths(rootlib - conf.set_quoted('SYSTEMCTL_BINARY_PATH', join_paths(rootbindir, 'systemctl')) - conf.set_quoted('SYSTEMD_TTY_ASK_PASSWORD_AGENT_BINARY_PATH', join_paths(rootbindir, 'systemd-tty-ask-password-agent')) - conf.set_quoted('SYSTEMD_STDIO_BRIDGE_BINARY_PATH', join_paths(bindir, 'systemd-stdio-bridge')) -+conf.set_quoted('PREFIX', prefixdir) - conf.set_quoted('ROOTPREFIX', rootprefixdir) - conf.set_quoted('RANDOM_SEED_DIR', randomseeddir) - conf.set_quoted('RANDOM_SEED', join_paths(randomseeddir, 'random-seed')) -diff --git a/src/core/systemd.pc.in b/src/core/systemd.pc.in -index 8424837824b5..410a126317ad 100644 ---- a/src/core/systemd.pc.in -+++ b/src/core/systemd.pc.in -@@ -65,16 +65,16 @@ systemdshutdowndir=${systemd_shutdown_dir} - tmpfiles_dir=${prefix}/lib/tmpfiles.d - tmpfilesdir=${tmpfiles_dir} - --sysusers_dir=${rootprefix}/lib/sysusers.d -+sysusers_dir=${prefix}/lib/sysusers.d - sysusersdir=${sysusers_dir} - --sysctl_dir=${rootprefix}/lib/sysctl.d -+sysctl_dir=${prefix}/lib/sysctl.d - sysctldir=${sysctl_dir} - --binfmt_dir=${rootprefix}/lib/binfmt.d -+binfmt_dir=${prefix}/lib/binfmt.d - binfmtdir=${binfmt_dir} - --modules_load_dir=${rootprefix}/lib/modules-load.d -+modules_load_dir=${prefix}/lib/modules-load.d - modulesloaddir=${modules_load_dir} - - catalog_dir=${prefix}/lib/systemd/catalog -diff --git a/src/libsystemd/sd-path/sd-path.c b/src/libsystemd/sd-path/sd-path.c -index 736795d1d797..3572916dc073 100644 ---- a/src/libsystemd/sd-path/sd-path.c -+++ b/src/libsystemd/sd-path/sd-path.c -@@ -371,19 +371,19 @@ static int get_path(uint64_t type, char **buffer, const char **ret) { - return 0; - - case SD_PATH_SYSUSERS: -- *ret = ROOTPREFIX "/lib/sysusers.d"; -+ *ret = PREFIX "/lib/sysusers.d"; - return 0; - - case SD_PATH_SYSCTL: -- *ret = ROOTPREFIX "/lib/sysctl.d"; -+ *ret = PREFIX "/lib/sysctl.d"; - return 0; - - case SD_PATH_BINFMT: -- *ret = ROOTPREFIX "/lib/binfmt.d"; -+ *ret = PREFIX "/lib/binfmt.d"; - return 0; - - case SD_PATH_MODULES_LOAD: -- *ret = ROOTPREFIX "/lib/modules-load.d"; -+ *ret = PREFIX "/lib/modules-load.d"; - return 0; - - case SD_PATH_CATALOG: --- -2.17.1 - diff --git a/poky/meta/recipes-core/systemd/systemd/0023-Fix-field-efi_loader_entry_one_shot_stat-has-incompl.patch b/poky/meta/recipes-core/systemd/systemd/0023-Fix-field-efi_loader_entry_one_shot_stat-has-incompl.patch deleted file mode 100644 index 78660691d..000000000 --- a/poky/meta/recipes-core/systemd/systemd/0023-Fix-field-efi_loader_entry_one_shot_stat-has-incompl.patch +++ /dev/null @@ -1,31 +0,0 @@ -From f939d3e07e1175caac5cf4cbf54bd8a58c2f198a Mon Sep 17 00:00:00 2001 -From: Alex Kiernan -Date: Fri, 7 Aug 2020 15:30:52 +0000 -Subject: [PATCH] Fix field 'efi_loader_entry_one_shot_stat' has incomplete - type - -| In file included from ../../../../../../workspace/sources/systemd/src/login/logind-gperf.gperf:7: -| ../../../../../../workspace/sources/systemd/src/login/logind.h:131:21: error: field 'efi_loader_entry_one_shot_stat' has incomplete type -| 131 | struct stat efi_loader_entry_one_shot_stat; -| | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -Upstream-Status: Inappropriate [musl specific] -Signed-off-by: Alex Kiernan ---- - src/login/logind.h | 3 +++ - 1 file changed, 3 insertions(+) - -diff --git a/src/login/logind.h b/src/login/logind.h -index e64ecce8e2..2d4007d84b 100644 ---- a/src/login/logind.h -+++ b/src/login/logind.h -@@ -2,6 +2,9 @@ - #pragma once - - #include -+#include -+#include -+#include - - #include "sd-bus.h" - #include "sd-device.h" diff --git a/poky/meta/recipes-core/systemd/systemd_246.2.bb b/poky/meta/recipes-core/systemd/systemd_246.2.bb deleted file mode 100644 index af10e4212..000000000 --- a/poky/meta/recipes-core/systemd/systemd_246.2.bb +++ /dev/null @@ -1,725 +0,0 @@ -require systemd.inc - -PROVIDES = "udev" - -PE = "1" - -DEPENDS = "intltool-native gperf-native libcap util-linux" - -SECTION = "base/shell" - -inherit useradd pkgconfig meson perlnative update-rc.d update-alternatives qemu systemd gettext bash-completion manpages features_check - -# As this recipe builds udev, respect systemd being in DISTRO_FEATURES so -# that we don't build both udev and systemd in world builds. -REQUIRED_DISTRO_FEATURES = "systemd" - -SRC_URI += "file://touchscreen.rules \ - file://00-create-volatile.conf \ - file://init \ - file://99-default.preset \ - file://0001-binfmt-Don-t-install-dependency-links-at-install-tim.patch \ - file://0003-implment-systemd-sysv-install-for-OE.patch \ - file://0001-Use-PREFIX-ROOTPREFIX-correctly.patch \ - " - -# patches needed by musl -SRC_URI_append_libc-musl = " ${SRC_URI_MUSL}" -SRC_URI_MUSL = "\ - file://0002-don-t-use-glibc-specific-qsort_r.patch \ - file://0003-missing_type.h-add-__compare_fn_t-and-comparison_fn_.patch \ - file://0004-add-fallback-parse_printf_format-implementation.patch \ - file://0005-src-basic-missing.h-check-for-missing-strndupa.patch \ - file://0006-Include-netinet-if_ether.h.patch \ - file://0007-don-t-fail-if-GLOB_BRACE-and-GLOB_ALTDIRFUNC-is-not.patch \ - file://0008-add-missing-FTW_-macros-for-musl.patch \ - file://0010-fix-missing-of-__register_atfork-for-non-glibc-build.patch \ - file://0011-Use-uintmax_t-for-handling-rlim_t.patch \ - file://0014-test-sizeof.c-Disable-tests-for-missing-typedefs-in-.patch \ - file://0015-don-t-pass-AT_SYMLINK_NOFOLLOW-flag-to-faccessat.patch \ - file://0016-Define-glibc-compatible-basename-for-non-glibc-syste.patch \ - file://0017-Do-not-disable-buffering-when-writing-to-oom_score_a.patch \ - file://0018-distinguish-XSI-compliant-strerror_r-from-GNU-specif.patch \ - file://0019-Hide-__start_BUS_ERROR_MAP-and-__stop_BUS_ERROR_MAP.patch \ - file://0020-missing_type.h-add-__compar_d_fn_t-definition.patch \ - file://0021-avoid-redefinition-of-prctl_mm_map-structure.patch \ - file://0021-Handle-missing-LOCK_EX.patch \ - file://0022-Fix-incompatible-pointer-type-struct-sockaddr_un.patch \ - file://0023-Fix-field-efi_loader_entry_one_shot_stat-has-incompl.patch \ - file://0024-test-json.c-define-M_PIl.patch \ - file://0001-do-not-disable-buffer-in-writing-files.patch \ - file://0002-src-login-brightness.c-include-sys-wait.h.patch \ - file://0003-src-basic-copy.c-include-signal.h.patch \ - file://0004-src-shared-cpu-set-util.h-add-__cpu_mask-definition.patch \ - file://0001-Handle-missing-gshadow.patch \ - " - -PAM_PLUGINS = " \ - pam-plugin-unix \ - pam-plugin-loginuid \ - pam-plugin-keyinit \ -" - -PACKAGECONFIG ??= " \ - ${@bb.utils.filter('DISTRO_FEATURES', 'acl audit efi ldconfig pam selinux smack usrmerge polkit', d)} \ - ${@bb.utils.contains('DISTRO_FEATURES', 'wifi', 'rfkill', '', d)} \ - ${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'xkbcommon', '', d)} \ - backlight \ - binfmt \ - gshadow \ - hibernate \ - hostnamed \ - idn \ - ima \ - kmod \ - localed \ - logind \ - machined \ - myhostname \ - networkd \ - nss \ - nss-mymachines \ - nss-resolve \ - quotacheck \ - randomseed \ - resolved \ - set-time-epoch \ - sysusers \ - sysvinit \ - timedated \ - timesyncd \ - userdb \ - utmp \ - vconsole \ - xz \ -" - -PACKAGECONFIG_remove_libc-musl = " \ - gshadow \ - idn \ - localed \ - myhostname \ - nss \ - nss-mymachines \ - nss-resolve \ - sysusers \ - userdb \ - utmp \ -" - -CFLAGS_append_libc-musl = " -D__UAPI_DEF_ETHHDR=0 " - -# Use the upstream systemd serial-getty@.service and rely on -# systemd-getty-generator instead of using the OE-core specific -# systemd-serialgetty.bb - not enabled by default. -PACKAGECONFIG[serial-getty-generator] = "" - -PACKAGECONFIG[acl] = "-Dacl=true,-Dacl=false,acl" -PACKAGECONFIG[audit] = "-Daudit=true,-Daudit=false,audit" -PACKAGECONFIG[backlight] = "-Dbacklight=true,-Dbacklight=false" -PACKAGECONFIG[binfmt] = "-Dbinfmt=true,-Dbinfmt=false" -PACKAGECONFIG[bzip2] = "-Dbzip2=true,-Dbzip2=false,bzip2" -PACKAGECONFIG[cgroupv2] = "-Ddefault-hierarchy=unified,-Ddefault-hierarchy=hybrid" -PACKAGECONFIG[coredump] = "-Dcoredump=true,-Dcoredump=false" -PACKAGECONFIG[cryptsetup] = "-Dlibcryptsetup=true,-Dlibcryptsetup=false,cryptsetup" -PACKAGECONFIG[dbus] = "-Ddbus=true,-Ddbus=false,dbus" -PACKAGECONFIG[efi] = "-Defi=true,-Defi=false" -PACKAGECONFIG[gnu-efi] = "-Dgnu-efi=true -Defi-libdir=${STAGING_LIBDIR} -Defi-includedir=${STAGING_INCDIR}/efi,-Dgnu-efi=false,gnu-efi" -PACKAGECONFIG[elfutils] = "-Delfutils=true,-Delfutils=false,elfutils" -PACKAGECONFIG[firstboot] = "-Dfirstboot=true,-Dfirstboot=false" -# Sign the journal for anti-tampering -PACKAGECONFIG[gcrypt] = "-Dgcrypt=true,-Dgcrypt=false,libgcrypt" -PACKAGECONFIG[gnutls] = "-Dgnutls=true,-Dgnutls=false,gnutls" -PACKAGECONFIG[gshadow] = "-Dgshadow=true,-Dgshadow=false" -PACKAGECONFIG[hibernate] = "-Dhibernate=true,-Dhibernate=false" -PACKAGECONFIG[hostnamed] = "-Dhostnamed=true,-Dhostnamed=false" -PACKAGECONFIG[idn] = "-Didn=true,-Didn=false" -PACKAGECONFIG[ima] = "-Dima=true,-Dima=false" -# importd requires curl/xz/zlib/bzip2/gcrypt -PACKAGECONFIG[importd] = "-Dimportd=true,-Dimportd=false" -# Update NAT firewall rules -PACKAGECONFIG[iptc] = "-Dlibiptc=true,-Dlibiptc=false,iptables" -PACKAGECONFIG[journal-upload] = "-Dlibcurl=true,-Dlibcurl=false,curl" -PACKAGECONFIG[kmod] = "-Dkmod=true,-Dkmod=false,kmod" -PACKAGECONFIG[ldconfig] = "-Dldconfig=true,-Dldconfig=false,,ldconfig" -PACKAGECONFIG[libidn] = "-Dlibidn=true,-Dlibidn=false,libidn" -PACKAGECONFIG[libidn2] = "-Dlibidn2=true,-Dlibidn2=false,libidn2" -PACKAGECONFIG[localed] = "-Dlocaled=true,-Dlocaled=false" -PACKAGECONFIG[logind] = "-Dlogind=true,-Dlogind=false" -PACKAGECONFIG[lz4] = "-Dlz4=true,-Dlz4=false,lz4" -PACKAGECONFIG[machined] = "-Dmachined=true,-Dmachined=false" -PACKAGECONFIG[manpages] = "-Dman=true,-Dman=false,libxslt-native xmlto-native docbook-xml-dtd4-native docbook-xsl-stylesheets-native" -PACKAGECONFIG[microhttpd] = "-Dmicrohttpd=true,-Dmicrohttpd=false,libmicrohttpd" -PACKAGECONFIG[myhostname] = "-Dnss-myhostname=true,-Dnss-myhostname=false,,libnss-myhostname" -PACKAGECONFIG[networkd] = "-Dnetworkd=true,-Dnetworkd=false" -PACKAGECONFIG[nss] = "-Dnss-systemd=true,-Dnss-systemd=false" -PACKAGECONFIG[nss-mymachines] = "-Dnss-mymachines=true,-Dnss-mymachines=false" -PACKAGECONFIG[nss-resolve] = "-Dnss-resolve=true,-Dnss-resolve=false" -PACKAGECONFIG[openssl] = "-Dopenssl=true,-Dopenssl=false,openssl" -PACKAGECONFIG[pam] = "-Dpam=true,-Dpam=false,libpam,${PAM_PLUGINS}" -PACKAGECONFIG[pcre2] = "-Dpcre2=true,-Dpcre2=false,libpcre2" -PACKAGECONFIG[polkit] = "-Dpolkit=true,-Dpolkit=false" -PACKAGECONFIG[portabled] = "-Dportabled=true,-Dportabled=false" -PACKAGECONFIG[qrencode] = "-Dqrencode=true,-Dqrencode=false,qrencode" -PACKAGECONFIG[quotacheck] = "-Dquotacheck=true,-Dquotacheck=false" -PACKAGECONFIG[randomseed] = "-Drandomseed=true,-Drandomseed=false" -PACKAGECONFIG[resolved] = "-Dresolve=true,-Dresolve=false" -PACKAGECONFIG[rfkill] = "-Drfkill=true,-Drfkill=false" -# libseccomp is found in meta-security -PACKAGECONFIG[seccomp] = "-Dseccomp=true,-Dseccomp=false,libseccomp" -PACKAGECONFIG[selinux] = "-Dselinux=true,-Dselinux=false,libselinux,initscripts-sushell" -PACKAGECONFIG[smack] = "-Dsmack=true,-Dsmack=false" -PACKAGECONFIG[sysusers] = "-Dsysusers=true,-Dsysusers=false" -PACKAGECONFIG[sysvinit] = "-Dsysvinit-path=${sysconfdir}/init.d -Dsysvrcnd-path=${sysconfdir},-Dsysvinit-path= -Dsysvrcnd-path=,,systemd-compat-units update-rc.d" -# When enabled use reproducble build timestamp if set as time epoch, -# or build time if not. When disabled, time epoch is unset. -def build_epoch(d): - epoch = d.getVar('SOURCE_DATE_EPOCH') or "-1" - return '-Dtime-epoch=%d' % int(epoch) -PACKAGECONFIG[set-time-epoch] = "${@build_epoch(d)},-Dtime-epoch=0" -PACKAGECONFIG[timedated] = "-Dtimedated=true,-Dtimedated=false" -PACKAGECONFIG[timesyncd] = "-Dtimesyncd=true,-Dtimesyncd=false" -PACKAGECONFIG[usrmerge] = "-Dsplit-usr=false,-Dsplit-usr=true" -PACKAGECONFIG[sbinmerge] = "-Dsplit-bin=false,-Dsplit-bin=true" -PACKAGECONFIG[userdb] = "-Duserdb=true,-Duserdb=false" -PACKAGECONFIG[utmp] = "-Dutmp=true,-Dutmp=false" -PACKAGECONFIG[valgrind] = "-DVALGRIND=1,,valgrind" -PACKAGECONFIG[vconsole] = "-Dvconsole=true,-Dvconsole=false,,${PN}-vconsole-setup" -# Verify keymaps on locale change -PACKAGECONFIG[xkbcommon] = "-Dxkbcommon=true,-Dxkbcommon=false,libxkbcommon" -PACKAGECONFIG[xz] = "-Dxz=true,-Dxz=false,xz" -PACKAGECONFIG[zlib] = "-Dzlib=true,-Dzlib=false,zlib" - -# Helper variables to clarify locations. This mirrors the logic in systemd's -# build system. -rootprefix ?= "${root_prefix}" -rootlibdir ?= "${base_libdir}" -rootlibexecdir = "${rootprefix}/lib" - -# This links udev statically with systemd helper library. -# Otherwise udev package would depend on systemd package (which has the needed shared library), -# and always pull it into images. -EXTRA_OEMESON += "-Dlink-udev-shared=false" - -EXTRA_OEMESON += "-Dnobody-user=nobody \ - -Dnobody-group=nobody \ - -Drootlibdir=${rootlibdir} \ - -Drootprefix=${rootprefix} \ - -Ddefault-locale=C \ - " - -# Hardcode target binary paths to avoid using paths from sysroot -EXTRA_OEMESON += "-Dkexec-path=${sbindir}/kexec \ - -Dkmod-path=${base_bindir}/kmod \ - -Dmount-path=${base_bindir}/mount \ - -Dquotacheck-path=${sbindir}/quotacheck \ - -Dquotaon-path=${sbindir}/quotaon \ - -Dsulogin-path=${base_sbindir}/sulogin \ - -Dnologin-path=${base_sbindir}/nologin \ - -Dumount-path=${base_bindir}/umount" - -do_install() { - meson_do_install - install -d ${D}/${base_sbindir} - if ${@bb.utils.contains('PACKAGECONFIG', 'serial-getty-generator', 'false', 'true', d)}; then - # Provided by a separate recipe - rm ${D}${systemd_unitdir}/system/serial-getty* -f - fi - - # Provide support for initramfs - [ ! -e ${D}/init ] && ln -s ${rootlibexecdir}/systemd/systemd ${D}/init - [ ! -e ${D}/${base_sbindir}/udevd ] && ln -s ${rootlibexecdir}/systemd/systemd-udevd ${D}/${base_sbindir}/udevd - - install -d ${D}${sysconfdir}/udev/rules.d/ - install -d ${D}${sysconfdir}/tmpfiles.d - for rule in $(find ${WORKDIR} -maxdepth 1 -type f -name "*.rules"); do - install -m 0644 $rule ${D}${sysconfdir}/udev/rules.d/ - done - - install -m 0644 ${WORKDIR}/00-create-volatile.conf ${D}${sysconfdir}/tmpfiles.d/ - - if ${@bb.utils.contains('DISTRO_FEATURES','sysvinit','true','false',d)}; then - install -d ${D}${sysconfdir}/init.d - install -m 0755 ${WORKDIR}/init ${D}${sysconfdir}/init.d/systemd-udevd - sed -i s%@UDEVD@%${rootlibexecdir}/systemd/systemd-udevd% ${D}${sysconfdir}/init.d/systemd-udevd - install -Dm 0755 ${S}/src/systemctl/systemd-sysv-install.SKELETON ${D}${systemd_unitdir}/systemd-sysv-install - fi - - chown root:systemd-journal ${D}/${localstatedir}/log/journal - - # Delete journal README, as log can be symlinked inside volatile. - rm -f ${D}/${localstatedir}/log/README - - # journal-remote creates this at start - rm -rf ${D}/${localstatedir}/log/journal/remote - - install -d ${D}${systemd_unitdir}/system/graphical.target.wants - install -d ${D}${systemd_unitdir}/system/multi-user.target.wants - install -d ${D}${systemd_unitdir}/system/poweroff.target.wants - install -d ${D}${systemd_unitdir}/system/reboot.target.wants - install -d ${D}${systemd_unitdir}/system/rescue.target.wants - - # Create symlinks for systemd-update-utmp-runlevel.service - if ${@bb.utils.contains('PACKAGECONFIG', 'utmp', 'true', 'false', d)}; then - ln -sf ../systemd-update-utmp-runlevel.service ${D}${systemd_unitdir}/system/graphical.target.wants/systemd-update-utmp-runlevel.service - ln -sf ../systemd-update-utmp-runlevel.service ${D}${systemd_unitdir}/system/multi-user.target.wants/systemd-update-utmp-runlevel.service - ln -sf ../systemd-update-utmp-runlevel.service ${D}${systemd_unitdir}/system/poweroff.target.wants/systemd-update-utmp-runlevel.service - ln -sf ../systemd-update-utmp-runlevel.service ${D}${systemd_unitdir}/system/reboot.target.wants/systemd-update-utmp-runlevel.service - ln -sf ../systemd-update-utmp-runlevel.service ${D}${systemd_unitdir}/system/rescue.target.wants/systemd-update-utmp-runlevel.service - fi - - # this file is needed to exist if networkd is disabled but timesyncd is still in use since timesyncd checks it - # for existence else it fails - if [ -s ${D}${exec_prefix}/lib/tmpfiles.d/systemd.conf ]; then - ${@bb.utils.contains('PACKAGECONFIG', 'networkd', ':', 'sed -i -e "\$ad /run/systemd/netif/links 0755 root root -" ${D}${exec_prefix}/lib/tmpfiles.d/systemd.conf', d)} - fi - if ! ${@bb.utils.contains('PACKAGECONFIG', 'resolved', 'true', 'false', d)}; then - echo 'L! ${sysconfdir}/resolv.conf - - - - ../run/systemd/resolve/resolv.conf' >>${D}${exec_prefix}/lib/tmpfiles.d/etc.conf - echo 'd /run/systemd/resolve 0755 root root -' >>${D}${exec_prefix}/lib/tmpfiles.d/systemd.conf - echo 'f /run/systemd/resolve/resolv.conf 0644 root root' >>${D}${exec_prefix}/lib/tmpfiles.d/systemd.conf - ln -s ../run/systemd/resolve/resolv.conf ${D}${sysconfdir}/resolv-conf.systemd - else - sed -i -e "s%^L! /etc/resolv.conf.*$%L! /etc/resolv.conf - - - - ../run/systemd/resolve/resolv.conf%g" ${D}${exec_prefix}/lib/tmpfiles.d/etc.conf - ln -s ../run/systemd/resolve/resolv.conf ${D}${sysconfdir}/resolv-conf.systemd - fi - if ${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'false', 'true', d)}; then - rm ${D}${exec_prefix}/lib/tmpfiles.d/x11.conf - rm -r ${D}${sysconfdir}/X11 - fi - - # If polkit is setup fixup permissions and ownership - if ${@bb.utils.contains('PACKAGECONFIG', 'polkit', 'true', 'false', d)}; then - if [ -d ${D}${datadir}/polkit-1/rules.d ]; then - chmod 700 ${D}${datadir}/polkit-1/rules.d - chown polkitd:root ${D}${datadir}/polkit-1/rules.d - fi - fi - - # create link for existing udev rules - ln -s ${base_bindir}/udevadm ${D}${base_sbindir}/udevadm - - # duplicate udevadm for postinst script - install -d ${D}${libexecdir} - ln ${D}${base_bindir}/udevadm ${D}${libexecdir}/${MLPREFIX}udevadm - - # install default policy for presets - # https://www.freedesktop.org/wiki/Software/systemd/Preset/#howto - install -Dm 0644 ${WORKDIR}/99-default.preset ${D}${systemd_unitdir}/system-preset/99-default.preset -} - -python populate_packages_prepend (){ - systemdlibdir = d.getVar("rootlibdir") - do_split_packages(d, systemdlibdir, '^lib(.*)\.so\.*', 'lib%s', 'Systemd %s library', extra_depends='', allow_links=True) -} -PACKAGES_DYNAMIC += "^lib(udev|systemd|nss).*" - -PACKAGE_BEFORE_PN = "\ - ${PN}-gui \ - ${PN}-vconsole-setup \ - ${PN}-initramfs \ - ${PN}-analyze \ - ${PN}-kernel-install \ - ${PN}-rpm-macros \ - ${PN}-binfmt \ - ${PN}-zsh-completion \ - ${PN}-container \ - ${PN}-journal-gatewayd \ - ${PN}-journal-upload \ - ${PN}-journal-remote \ - ${PN}-extra-utils \ - ${PN}-udev-rules \ - udev \ - udev-hwdb \ -" - -SUMMARY_${PN}-container = "Tools for containers and VMs" -DESCRIPTION_${PN}-container = "Systemd tools to spawn and manage containers and virtual machines." - -SUMMARY_${PN}-journal-gatewayd = "HTTP server for journal events" -DESCRIPTION_${PN}-journal-gatewayd = "systemd-journal-gatewayd serves journal events over the network. Clients must connect using HTTP. The server listens on port 19531 by default." - -SUMMARY_${PN}-journal-upload = "Send journal messages over the network" -DESCRIPTION_${PN}-journal-upload = "systemd-journal-upload uploads journal entries to a specified URL." - -SUMMARY_${PN}-journal-remote = "Receive journal messages over the network" -DESCRIPTION_${PN}-journal-remote = "systemd-journal-remote is a command to receive serialized journal events and store them to journal files." - -SYSTEMD_PACKAGES = "${@bb.utils.contains('PACKAGECONFIG', 'binfmt', '${PN}-binfmt', '', d)} \ - ${@bb.utils.contains('PACKAGECONFIG', 'microhttpd', '${PN}-journal-gatewayd', '', d)} \ - ${@bb.utils.contains('PACKAGECONFIG', 'microhttpd', '${PN}-journal-remote', '', d)} \ - ${@bb.utils.contains('PACKAGECONFIG', 'journal-upload', '${PN}-journal-upload', '', d)} \ -" -SYSTEMD_SERVICE_${PN}-binfmt = "systemd-binfmt.service" - -USERADD_PACKAGES = "${PN} ${PN}-extra-utils \ - ${@bb.utils.contains('PACKAGECONFIG', 'microhttpd', '${PN}-journal-gateway', '', d)} \ - ${@bb.utils.contains('PACKAGECONFIG', 'microhttpd', '${PN}-journal-remote', '', d)} \ - ${@bb.utils.contains('PACKAGECONFIG', 'journal-upload', '${PN}-journal-upload', '', d)} \ -" -GROUPADD_PARAM_${PN} = "-r systemd-journal" -USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'coredump', '--system -d / -M --shell /bin/nologin systemd-coredump;', '', d)}" -USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'networkd', '--system -d / -M --shell /bin/nologin systemd-network;', '', d)}" -USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'polkit', '--system --no-create-home --user-group --home-dir ${sysconfdir}/polkit-1 polkitd;', '', d)}" -USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'resolved', '--system -d / -M --shell /bin/nologin systemd-resolve;', '', d)}" -USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'timesyncd', '--system -d / -M --shell /bin/nologin systemd-timesync;', '', d)}" -USERADD_PARAM_${PN}-extra-utils = "--system -d / -M --shell /bin/nologin systemd-bus-proxy" -USERADD_PARAM_${PN}-journal-gateway = "--system -d / -M --shell /bin/nologin systemd-journal-gateway" -USERADD_PARAM_${PN}-journal-remote = "--system -d / -M --shell /bin/nologin systemd-journal-remote" -USERADD_PARAM_${PN}-journal-upload = "--system -d / -M --shell /bin/nologin systemd-journal-upload" - -FILES_${PN}-analyze = "${bindir}/systemd-analyze" - -FILES_${PN}-initramfs = "/init" -RDEPENDS_${PN}-initramfs = "${PN}" - -FILES_${PN}-gui = "${bindir}/systemadm" - -FILES_${PN}-vconsole-setup = "${rootlibexecdir}/systemd/systemd-vconsole-setup \ - ${systemd_unitdir}/system/systemd-vconsole-setup.service \ - ${systemd_unitdir}/system/sysinit.target.wants/systemd-vconsole-setup.service" - -RDEPENDS_${PN}-kernel-install += "bash" -FILES_${PN}-kernel-install = "${bindir}/kernel-install \ - ${sysconfdir}/kernel/ \ - ${exec_prefix}/lib/kernel \ - " -FILES_${PN}-rpm-macros = "${exec_prefix}/lib/rpm \ - " - -FILES_${PN}-zsh-completion = "${datadir}/zsh/site-functions" - -FILES_${PN}-binfmt = "${sysconfdir}/binfmt.d/ \ - ${exec_prefix}/lib/binfmt.d \ - ${rootlibexecdir}/systemd/systemd-binfmt \ - ${systemd_unitdir}/system/proc-sys-fs-binfmt_misc.* \ - ${systemd_unitdir}/system/systemd-binfmt.service" -RRECOMMENDS_${PN}-binfmt = "kernel-module-binfmt-misc" - -RRECOMMENDS_${PN}-vconsole-setup = "kbd kbd-consolefonts kbd-keymaps" - - -FILES_${PN}-journal-gatewayd = "${rootlibexecdir}/systemd/systemd-journal-gatewayd \ - ${systemd_system_unitdir}/systemd-journal-gatewayd.service \ - ${systemd_system_unitdir}/systemd-journal-gatewayd.socket \ - ${systemd_system_unitdir}/sockets.target.wants/systemd-journal-gatewayd.socket \ - ${datadir}/systemd/gatewayd/browse.html \ - " -SYSTEMD_SERVICE_${PN}-journal-gatewayd = "systemd-journal-gatewayd.socket" - -FILES_${PN}-journal-upload = "${rootlibexecdir}/systemd/systemd-journal-upload \ - ${systemd_system_unitdir}/systemd-journal-upload.service \ - ${sysconfdir}/systemd/journal-upload.conf \ - " -SYSTEMD_SERVICE_${PN}-journal-upload = "systemd-journal-upload.service" - -FILES_${PN}-journal-remote = "${rootlibexecdir}/systemd/systemd-journal-remote \ - ${sysconfdir}/systemd/journal-remote.conf \ - ${systemd_system_unitdir}/systemd-journal-remote.service \ - ${systemd_system_unitdir}/systemd-journal-remote.socket \ - " -SYSTEMD_SERVICE_${PN}-journal-remote = "systemd-journal-remote.socket" - - -FILES_${PN}-container = "${sysconfdir}/dbus-1/system.d/org.freedesktop.import1.conf \ - ${sysconfdir}/dbus-1/system.d/org.freedesktop.machine1.conf \ - ${sysconfdir}/systemd/system/multi-user.target.wants/machines.target \ - ${base_bindir}/machinectl \ - ${bindir}/systemd-nspawn \ - ${nonarch_libdir}/systemd/import-pubring.gpg \ - ${systemd_system_unitdir}/busnames.target.wants/org.freedesktop.import1.busname \ - ${systemd_system_unitdir}/busnames.target.wants/org.freedesktop.machine1.busname \ - ${systemd_system_unitdir}/local-fs.target.wants/var-lib-machines.mount \ - ${systemd_system_unitdir}/machines.target.wants/var-lib-machines.mount \ - ${systemd_system_unitdir}/remote-fs.target.wants/var-lib-machines.mount \ - ${systemd_system_unitdir}/machine.slice \ - ${systemd_system_unitdir}/machines.target \ - ${systemd_system_unitdir}/org.freedesktop.import1.busname \ - ${systemd_system_unitdir}/org.freedesktop.machine1.busname \ - ${systemd_system_unitdir}/systemd-importd.service \ - ${systemd_system_unitdir}/systemd-machined.service \ - ${systemd_system_unitdir}/dbus-org.freedesktop.machine1.service \ - ${systemd_system_unitdir}/var-lib-machines.mount \ - ${rootlibexecdir}/systemd/systemd-import \ - ${rootlibexecdir}/systemd/systemd-importd \ - ${rootlibexecdir}/systemd/systemd-machined \ - ${rootlibexecdir}/systemd/systemd-pull \ - ${exec_prefix}/lib/tmpfiles.d/systemd-nspawn.conf \ - ${systemd_system_unitdir}/systemd-nspawn@.service \ - ${libdir}/libnss_mymachines.so.2 \ - ${datadir}/dbus-1/system-services/org.freedesktop.import1.service \ - ${datadir}/dbus-1/system-services/org.freedesktop.machine1.service \ - ${datadir}/dbus-1/system.d/org.freedesktop.import1.conf \ - ${datadir}/dbus-1/system.d/org.freedesktop.machine1.conf \ - ${datadir}/polkit-1/actions/org.freedesktop.import1.policy \ - ${datadir}/polkit-1/actions/org.freedesktop.machine1.policy \ - " - -RRECOMMENDS_${PN}-container += "\ - ${PN}-journal-upload \ - ${PN}-journal-remote \ - ${PN}-journal-gatewayd \ - " - -FILES_${PN}-extra-utils = "\ - ${base_bindir}/systemd-escape \ - ${base_bindir}/systemd-inhibit \ - ${bindir}/systemd-detect-virt \ - ${bindir}/systemd-path \ - ${bindir}/systemd-run \ - ${bindir}/systemd-cat \ - ${bindir}/systemd-delta \ - ${bindir}/systemd-cgls \ - ${bindir}/systemd-cgtop \ - ${bindir}/systemd-stdio-bridge \ - ${base_bindir}/systemd-ask-password \ - ${base_bindir}/systemd-tty-ask-password-agent \ - ${systemd_unitdir}/system/systemd-ask-password-console.path \ - ${systemd_unitdir}/system/systemd-ask-password-console.service \ - ${systemd_unitdir}/system/systemd-ask-password-wall.path \ - ${systemd_unitdir}/system/systemd-ask-password-wall.service \ - ${systemd_unitdir}/system/sysinit.target.wants/systemd-ask-password-console.path \ - ${systemd_unitdir}/system/sysinit.target.wants/systemd-ask-password-wall.path \ - ${systemd_unitdir}/system/multi-user.target.wants/systemd-ask-password-wall.path \ - ${rootlibexecdir}/systemd/systemd-resolve-host \ - ${rootlibexecdir}/systemd/systemd-ac-power \ - ${rootlibexecdir}/systemd/systemd-activate \ - ${rootlibexecdir}/systemd/systemd-bus-proxyd \ - ${systemd_unitdir}/system/systemd-bus-proxyd.service \ - ${systemd_unitdir}/system/systemd-bus-proxyd.socket \ - ${rootlibexecdir}/systemd/systemd-socket-proxyd \ - ${rootlibexecdir}/systemd/systemd-reply-password \ - ${rootlibexecdir}/systemd/systemd-sleep \ - ${rootlibexecdir}/systemd/system-sleep \ - ${systemd_unitdir}/system/systemd-hibernate.service \ - ${systemd_unitdir}/system/systemd-hybrid-sleep.service \ - ${systemd_unitdir}/system/systemd-suspend.service \ - ${systemd_unitdir}/system/sleep.target \ - ${rootlibexecdir}/systemd/systemd-initctl \ - ${systemd_unitdir}/system/systemd-initctl.service \ - ${systemd_unitdir}/system/systemd-initctl.socket \ - ${systemd_unitdir}/system/sockets.target.wants/systemd-initctl.socket \ - ${rootlibexecdir}/systemd/system-generators/systemd-gpt-auto-generator \ - ${rootlibexecdir}/systemd/systemd-cgroups-agent \ -" - -FILES_${PN}-udev-rules = "\ - ${rootlibexecdir}/udev/rules.d/70-uaccess.rules \ - ${rootlibexecdir}/udev/rules.d/71-seat.rules \ - ${rootlibexecdir}/udev/rules.d/73-seat-late.rules \ - ${rootlibexecdir}/udev/rules.d/99-systemd.rules \ -" - -CONFFILES_${PN} = "${sysconfdir}/systemd/coredump.conf \ - ${sysconfdir}/systemd/journald.conf \ - ${sysconfdir}/systemd/logind.conf \ - ${sysconfdir}/systemd/networkd.conf \ - ${sysconfdir}/systemd/pstore.conf \ - ${sysconfdir}/systemd/resolved.conf \ - ${sysconfdir}/systemd/sleep.conf \ - ${sysconfdir}/systemd/system.conf \ - ${sysconfdir}/systemd/timesyncd.conf \ - ${sysconfdir}/systemd/user.conf \ -" - -FILES_${PN} = " ${base_bindir}/* \ - ${base_sbindir}/shutdown \ - ${base_sbindir}/halt \ - ${base_sbindir}/poweroff \ - ${base_sbindir}/runlevel \ - ${base_sbindir}/telinit \ - ${base_sbindir}/resolvconf \ - ${base_sbindir}/reboot \ - ${base_sbindir}/init \ - ${datadir}/dbus-1/services \ - ${datadir}/dbus-1/system-services \ - ${datadir}/polkit-1 \ - ${datadir}/${BPN} \ - ${datadir}/factory \ - ${sysconfdir}/dbus-1/ \ - ${sysconfdir}/modules-load.d/ \ - ${sysconfdir}/pam.d/ \ - ${sysconfdir}/sysctl.d/ \ - ${sysconfdir}/systemd/ \ - ${sysconfdir}/tmpfiles.d/ \ - ${sysconfdir}/xdg/ \ - ${sysconfdir}/init.d/README \ - ${sysconfdir}/resolv-conf.systemd \ - ${sysconfdir}/X11/xinit/xinitrc.d/* \ - ${rootlibexecdir}/systemd/* \ - ${systemd_unitdir}/* \ - ${base_libdir}/security/*.so \ - /cgroup \ - ${bindir}/systemd* \ - ${bindir}/busctl \ - ${bindir}/coredumpctl \ - ${bindir}/localectl \ - ${bindir}/hostnamectl \ - ${bindir}/resolvectl \ - ${bindir}/timedatectl \ - ${bindir}/bootctl \ - ${exec_prefix}/lib/tmpfiles.d/*.conf \ - ${exec_prefix}/lib/systemd \ - ${exec_prefix}/lib/modules-load.d \ - ${exec_prefix}/lib/sysctl.d \ - ${exec_prefix}/lib/sysusers.d \ - ${exec_prefix}/lib/environment.d \ - ${localstatedir} \ - ${rootlibexecdir}/modprobe.d/systemd.conf \ - ${datadir}/dbus-1/system.d/org.freedesktop.timedate1.conf \ - ${datadir}/dbus-1/system.d/org.freedesktop.locale1.conf \ - ${datadir}/dbus-1/system.d/org.freedesktop.network1.conf \ - ${datadir}/dbus-1/system.d/org.freedesktop.resolve1.conf \ - ${datadir}/dbus-1/system.d/org.freedesktop.systemd1.conf \ - ${datadir}/dbus-1/system.d/org.freedesktop.hostname1.conf \ - ${datadir}/dbus-1/system.d/org.freedesktop.login1.conf \ - ${datadir}/dbus-1/system.d/org.freedesktop.timesync1.conf \ - ${datadir}/dbus-1/system.d/org.freedesktop.portable1.conf \ - " - -FILES_${PN}-dev += "${base_libdir}/security/*.la ${datadir}/dbus-1/interfaces/ ${sysconfdir}/rpm/macros.systemd" - -RDEPENDS_${PN} += "kmod dbus util-linux-mount util-linux-umount udev (= ${EXTENDPKGV}) systemd-udev-rules util-linux-agetty util-linux-fsck" -RDEPENDS_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'serial-getty-generator', '', 'systemd-serialgetty', d)}" -RDEPENDS_${PN} += "volatile-binds" - -RRECOMMENDS_${PN} += "systemd-extra-utils \ - udev-hwdb \ - e2fsprogs-e2fsck \ - kernel-module-autofs4 kernel-module-unix kernel-module-ipv6 kernel-module-sch-fq-codel \ - os-release \ - systemd-conf \ -" - -INSANE_SKIP_${PN} += "dev-so libdir" -INSANE_SKIP_${PN}-dbg += "libdir" -INSANE_SKIP_${PN}-doc += " libdir" - -RPROVIDES_udev = "hotplug" - -RDEPENDS_udev-hwdb += "udev" - -FILES_udev += "${base_sbindir}/udevd \ - ${rootlibexecdir}/systemd/network/99-default.link \ - ${rootlibexecdir}/systemd/systemd-udevd \ - ${rootlibexecdir}/udev/accelerometer \ - ${rootlibexecdir}/udev/ata_id \ - ${rootlibexecdir}/udev/cdrom_id \ - ${rootlibexecdir}/udev/collect \ - ${rootlibexecdir}/udev/fido_id \ - ${rootlibexecdir}/udev/findkeyboards \ - ${rootlibexecdir}/udev/keyboard-force-release.sh \ - ${rootlibexecdir}/udev/keymap \ - ${rootlibexecdir}/udev/mtd_probe \ - ${rootlibexecdir}/udev/scsi_id \ - ${rootlibexecdir}/udev/v4l_id \ - ${rootlibexecdir}/udev/keymaps \ - ${rootlibexecdir}/udev/rules.d/50-udev-default.rules \ - ${rootlibexecdir}/udev/rules.d/60-autosuspend.rules \ - ${rootlibexecdir}/udev/rules.d/60-autosuspend-chromiumos.rules \ - ${rootlibexecdir}/udev/rules.d/60-block.rules \ - ${rootlibexecdir}/udev/rules.d/60-cdrom_id.rules \ - ${rootlibexecdir}/udev/rules.d/60-drm.rules \ - ${rootlibexecdir}/udev/rules.d/60-evdev.rules \ - ${rootlibexecdir}/udev/rules.d/60-fido-id.rules \ - ${rootlibexecdir}/udev/rules.d/60-input-id.rules \ - ${rootlibexecdir}/udev/rules.d/60-persistent-alsa.rules \ - ${rootlibexecdir}/udev/rules.d/60-persistent-input.rules \ - ${rootlibexecdir}/udev/rules.d/60-persistent-storage.rules \ - ${rootlibexecdir}/udev/rules.d/60-persistent-storage-tape.rules \ - ${rootlibexecdir}/udev/rules.d/60-persistent-v4l.rules \ - ${rootlibexecdir}/udev/rules.d/60-sensor.rules \ - ${rootlibexecdir}/udev/rules.d/60-serial.rules \ - ${rootlibexecdir}/udev/rules.d/61-autosuspend-manual.rules \ - ${rootlibexecdir}/udev/rules.d/64-btrfs.rules \ - ${rootlibexecdir}/udev/rules.d/70-joystick.rules \ - ${rootlibexecdir}/udev/rules.d/70-mouse.rules \ - ${rootlibexecdir}/udev/rules.d/70-power-switch.rules \ - ${rootlibexecdir}/udev/rules.d/70-touchpad.rules \ - ${rootlibexecdir}/udev/rules.d/75-net-description.rules \ - ${rootlibexecdir}/udev/rules.d/75-probe_mtd.rules \ - ${rootlibexecdir}/udev/rules.d/78-sound-card.rules \ - ${rootlibexecdir}/udev/rules.d/80-drivers.rules \ - ${rootlibexecdir}/udev/rules.d/80-net-setup-link.rules \ - ${rootlibexecdir}/udev/rules.d/90-vconsole.rules \ - ${sysconfdir}/udev \ - ${sysconfdir}/init.d/systemd-udevd \ - ${systemd_unitdir}/system/*udev* \ - ${systemd_unitdir}/system/*.wants/*udev* \ - ${base_bindir}/systemd-hwdb \ - ${base_bindir}/udevadm \ - ${base_sbindir}/udevadm \ - ${libexecdir}/${MLPREFIX}udevadm \ - ${datadir}/bash-completion/completions/udevadm \ - ${systemd_unitdir}/system/systemd-hwdb-update.service \ - " - -FILES_udev-hwdb = "${rootlibexecdir}/udev/hwdb.d \ - " - -RCONFLICTS_${PN} = "tiny-init ${@bb.utils.contains('PACKAGECONFIG', 'resolved', 'resolvconf', '', d)}" - -INITSCRIPT_PACKAGES = "udev" -INITSCRIPT_NAME_udev = "systemd-udevd" -INITSCRIPT_PARAMS_udev = "start 03 S ." - -python __anonymous() { - if not bb.utils.contains('DISTRO_FEATURES', 'sysvinit', True, False, d): - d.setVar("INHIBIT_UPDATERCD_BBCLASS", "1") -} - -python do_warn_musl() { - if d.getVar('TCLIBC') == "musl": - bb.warn("Using systemd with musl is not recommended since it is not supported upstream and some patches are known to be problematic.") -} -addtask warn_musl before do_configure - -ALTERNATIVE_${PN} = "halt reboot shutdown poweroff runlevel ${@bb.utils.contains('PACKAGECONFIG', 'resolved', 'resolv-conf', '', d)}" - -ALTERNATIVE_TARGET[resolv-conf] = "${sysconfdir}/resolv-conf.systemd" -ALTERNATIVE_LINK_NAME[resolv-conf] = "${sysconfdir}/resolv.conf" -ALTERNATIVE_PRIORITY[resolv-conf] ?= "50" - -ALTERNATIVE_TARGET[halt] = "${base_bindir}/systemctl" -ALTERNATIVE_LINK_NAME[halt] = "${base_sbindir}/halt" -ALTERNATIVE_PRIORITY[halt] ?= "300" - -ALTERNATIVE_TARGET[reboot] = "${base_bindir}/systemctl" -ALTERNATIVE_LINK_NAME[reboot] = "${base_sbindir}/reboot" -ALTERNATIVE_PRIORITY[reboot] ?= "300" - -ALTERNATIVE_TARGET[shutdown] = "${base_bindir}/systemctl" -ALTERNATIVE_LINK_NAME[shutdown] = "${base_sbindir}/shutdown" -ALTERNATIVE_PRIORITY[shutdown] ?= "300" - -ALTERNATIVE_TARGET[poweroff] = "${base_bindir}/systemctl" -ALTERNATIVE_LINK_NAME[poweroff] = "${base_sbindir}/poweroff" -ALTERNATIVE_PRIORITY[poweroff] ?= "300" - -ALTERNATIVE_TARGET[runlevel] = "${base_bindir}/systemctl" -ALTERNATIVE_LINK_NAME[runlevel] = "${base_sbindir}/runlevel" -ALTERNATIVE_PRIORITY[runlevel] ?= "300" - -pkg_postinst_${PN}_libc-glibc () { - sed -e '/^hosts:/s/\s*\//' \ - -e 's/\(^hosts:.*\)\(\\)\(.*\)\(\\)\(.*\)/\1\2 myhostname \3\4\5/' \ - -i $D${sysconfdir}/nsswitch.conf -} - -pkg_prerm_${PN}_libc-glibc () { - sed -e '/^hosts:/s/\s*\//' \ - -e '/^hosts:/s/\s*myhostname//' \ - -i $D${sysconfdir}/nsswitch.conf -} - -PACKAGE_WRITE_DEPS += "qemu-native" -pkg_postinst_udev-hwdb () { - if test -n "$D"; then - $INTERCEPT_DIR/postinst_intercept update_udev_hwdb ${PKG} mlprefix=${MLPREFIX} binprefix=${MLPREFIX} rootlibexecdir="${rootlibexecdir}" PREFERRED_PROVIDER_udev="${PREFERRED_PROVIDER_udev}" - else - udevadm hwdb --update - fi -} - -pkg_prerm_udev-hwdb () { - rm -f $D${sysconfdir}/udev/hwdb.bin -} diff --git a/poky/meta/recipes-core/systemd/systemd_246.6.bb b/poky/meta/recipes-core/systemd/systemd_246.6.bb new file mode 100644 index 000000000..c1424a147 --- /dev/null +++ b/poky/meta/recipes-core/systemd/systemd_246.6.bb @@ -0,0 +1,724 @@ +require systemd.inc + +PROVIDES = "udev" + +PE = "1" + +DEPENDS = "intltool-native gperf-native libcap util-linux" + +SECTION = "base/shell" + +inherit useradd pkgconfig meson perlnative update-rc.d update-alternatives qemu systemd gettext bash-completion manpages features_check + +# As this recipe builds udev, respect systemd being in DISTRO_FEATURES so +# that we don't build both udev and systemd in world builds. +REQUIRED_DISTRO_FEATURES = "systemd" + +SRC_URI += "file://touchscreen.rules \ + file://00-create-volatile.conf \ + file://init \ + file://99-default.preset \ + file://0001-binfmt-Don-t-install-dependency-links-at-install-tim.patch \ + file://0003-implment-systemd-sysv-install-for-OE.patch \ + " + +# patches needed by musl +SRC_URI_append_libc-musl = " ${SRC_URI_MUSL}" +SRC_URI_MUSL = "\ + file://0002-don-t-use-glibc-specific-qsort_r.patch \ + file://0003-missing_type.h-add-__compare_fn_t-and-comparison_fn_.patch \ + file://0004-add-fallback-parse_printf_format-implementation.patch \ + file://0005-src-basic-missing.h-check-for-missing-strndupa.patch \ + file://0006-Include-netinet-if_ether.h.patch \ + file://0007-don-t-fail-if-GLOB_BRACE-and-GLOB_ALTDIRFUNC-is-not.patch \ + file://0008-add-missing-FTW_-macros-for-musl.patch \ + file://0010-fix-missing-of-__register_atfork-for-non-glibc-build.patch \ + file://0011-Use-uintmax_t-for-handling-rlim_t.patch \ + file://0014-test-sizeof.c-Disable-tests-for-missing-typedefs-in-.patch \ + file://0015-don-t-pass-AT_SYMLINK_NOFOLLOW-flag-to-faccessat.patch \ + file://0016-Define-glibc-compatible-basename-for-non-glibc-syste.patch \ + file://0017-Do-not-disable-buffering-when-writing-to-oom_score_a.patch \ + file://0018-distinguish-XSI-compliant-strerror_r-from-GNU-specif.patch \ + file://0019-Hide-__start_BUS_ERROR_MAP-and-__stop_BUS_ERROR_MAP.patch \ + file://0020-missing_type.h-add-__compar_d_fn_t-definition.patch \ + file://0021-avoid-redefinition-of-prctl_mm_map-structure.patch \ + file://0021-Handle-missing-LOCK_EX.patch \ + file://0022-Fix-incompatible-pointer-type-struct-sockaddr_un.patch \ + file://0024-test-json.c-define-M_PIl.patch \ + file://0001-do-not-disable-buffer-in-writing-files.patch \ + file://0002-src-login-brightness.c-include-sys-wait.h.patch \ + file://0003-src-basic-copy.c-include-signal.h.patch \ + file://0004-src-shared-cpu-set-util.h-add-__cpu_mask-definition.patch \ + file://0001-Handle-missing-gshadow.patch \ + " + +PAM_PLUGINS = " \ + pam-plugin-unix \ + pam-plugin-loginuid \ + pam-plugin-keyinit \ +" + +PACKAGECONFIG ??= " \ + ${@bb.utils.filter('DISTRO_FEATURES', 'acl audit efi ldconfig pam selinux smack usrmerge polkit', d)} \ + ${@bb.utils.contains('DISTRO_FEATURES', 'wifi', 'rfkill', '', d)} \ + ${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'xkbcommon', '', d)} \ + backlight \ + binfmt \ + gshadow \ + hibernate \ + hostnamed \ + idn \ + ima \ + kmod \ + localed \ + logind \ + machined \ + myhostname \ + networkd \ + nss \ + nss-mymachines \ + nss-resolve \ + quotacheck \ + randomseed \ + resolved \ + set-time-epoch \ + sysusers \ + sysvinit \ + timedated \ + timesyncd \ + userdb \ + utmp \ + vconsole \ + xz \ +" + +PACKAGECONFIG_remove_libc-musl = " \ + gshadow \ + idn \ + localed \ + myhostname \ + nss \ + nss-mymachines \ + nss-resolve \ + sysusers \ + userdb \ + utmp \ +" + +CFLAGS_append_libc-musl = " -D__UAPI_DEF_ETHHDR=0 " + +# Use the upstream systemd serial-getty@.service and rely on +# systemd-getty-generator instead of using the OE-core specific +# systemd-serialgetty.bb - not enabled by default. +PACKAGECONFIG[serial-getty-generator] = "" + +PACKAGECONFIG[acl] = "-Dacl=true,-Dacl=false,acl" +PACKAGECONFIG[audit] = "-Daudit=true,-Daudit=false,audit" +PACKAGECONFIG[backlight] = "-Dbacklight=true,-Dbacklight=false" +PACKAGECONFIG[binfmt] = "-Dbinfmt=true,-Dbinfmt=false" +PACKAGECONFIG[bzip2] = "-Dbzip2=true,-Dbzip2=false,bzip2" +PACKAGECONFIG[cgroupv2] = "-Ddefault-hierarchy=unified,-Ddefault-hierarchy=hybrid" +PACKAGECONFIG[coredump] = "-Dcoredump=true,-Dcoredump=false" +PACKAGECONFIG[cryptsetup] = "-Dlibcryptsetup=true,-Dlibcryptsetup=false,cryptsetup" +PACKAGECONFIG[dbus] = "-Ddbus=true,-Ddbus=false,dbus" +PACKAGECONFIG[efi] = "-Defi=true,-Defi=false" +PACKAGECONFIG[gnu-efi] = "-Dgnu-efi=true -Defi-libdir=${STAGING_LIBDIR} -Defi-includedir=${STAGING_INCDIR}/efi,-Dgnu-efi=false,gnu-efi" +PACKAGECONFIG[elfutils] = "-Delfutils=true,-Delfutils=false,elfutils" +PACKAGECONFIG[firstboot] = "-Dfirstboot=true,-Dfirstboot=false" +# Sign the journal for anti-tampering +PACKAGECONFIG[gcrypt] = "-Dgcrypt=true,-Dgcrypt=false,libgcrypt" +PACKAGECONFIG[gnutls] = "-Dgnutls=true,-Dgnutls=false,gnutls" +PACKAGECONFIG[gshadow] = "-Dgshadow=true,-Dgshadow=false" +PACKAGECONFIG[hibernate] = "-Dhibernate=true,-Dhibernate=false" +PACKAGECONFIG[hostnamed] = "-Dhostnamed=true,-Dhostnamed=false" +PACKAGECONFIG[idn] = "-Didn=true,-Didn=false" +PACKAGECONFIG[ima] = "-Dima=true,-Dima=false" +# importd requires curl/xz/zlib/bzip2/gcrypt +PACKAGECONFIG[importd] = "-Dimportd=true,-Dimportd=false" +# Update NAT firewall rules +PACKAGECONFIG[iptc] = "-Dlibiptc=true,-Dlibiptc=false,iptables" +PACKAGECONFIG[journal-upload] = "-Dlibcurl=true,-Dlibcurl=false,curl" +PACKAGECONFIG[kmod] = "-Dkmod=true,-Dkmod=false,kmod" +PACKAGECONFIG[ldconfig] = "-Dldconfig=true,-Dldconfig=false,,ldconfig" +PACKAGECONFIG[libidn] = "-Dlibidn=true,-Dlibidn=false,libidn" +PACKAGECONFIG[libidn2] = "-Dlibidn2=true,-Dlibidn2=false,libidn2" +PACKAGECONFIG[localed] = "-Dlocaled=true,-Dlocaled=false" +PACKAGECONFIG[logind] = "-Dlogind=true,-Dlogind=false" +PACKAGECONFIG[lz4] = "-Dlz4=true,-Dlz4=false,lz4" +PACKAGECONFIG[machined] = "-Dmachined=true,-Dmachined=false" +PACKAGECONFIG[manpages] = "-Dman=true,-Dman=false,libxslt-native xmlto-native docbook-xml-dtd4-native docbook-xsl-stylesheets-native" +PACKAGECONFIG[microhttpd] = "-Dmicrohttpd=true,-Dmicrohttpd=false,libmicrohttpd" +PACKAGECONFIG[myhostname] = "-Dnss-myhostname=true,-Dnss-myhostname=false,,libnss-myhostname" +PACKAGECONFIG[networkd] = "-Dnetworkd=true,-Dnetworkd=false" +PACKAGECONFIG[nss] = "-Dnss-systemd=true,-Dnss-systemd=false" +PACKAGECONFIG[nss-mymachines] = "-Dnss-mymachines=true,-Dnss-mymachines=false" +PACKAGECONFIG[nss-resolve] = "-Dnss-resolve=true,-Dnss-resolve=false" +PACKAGECONFIG[openssl] = "-Dopenssl=true,-Dopenssl=false,openssl" +PACKAGECONFIG[pam] = "-Dpam=true,-Dpam=false,libpam,${PAM_PLUGINS}" +PACKAGECONFIG[pcre2] = "-Dpcre2=true,-Dpcre2=false,libpcre2" +PACKAGECONFIG[polkit] = "-Dpolkit=true,-Dpolkit=false" +PACKAGECONFIG[portabled] = "-Dportabled=true,-Dportabled=false" +PACKAGECONFIG[qrencode] = "-Dqrencode=true,-Dqrencode=false,qrencode" +PACKAGECONFIG[quotacheck] = "-Dquotacheck=true,-Dquotacheck=false" +PACKAGECONFIG[randomseed] = "-Drandomseed=true,-Drandomseed=false" +PACKAGECONFIG[resolved] = "-Dresolve=true,-Dresolve=false" +PACKAGECONFIG[rfkill] = "-Drfkill=true,-Drfkill=false" +# libseccomp is found in meta-security +PACKAGECONFIG[seccomp] = "-Dseccomp=true,-Dseccomp=false,libseccomp" +PACKAGECONFIG[selinux] = "-Dselinux=true,-Dselinux=false,libselinux,initscripts-sushell" +PACKAGECONFIG[smack] = "-Dsmack=true,-Dsmack=false" +PACKAGECONFIG[sysusers] = "-Dsysusers=true,-Dsysusers=false" +PACKAGECONFIG[sysvinit] = "-Dsysvinit-path=${sysconfdir}/init.d -Dsysvrcnd-path=${sysconfdir},-Dsysvinit-path= -Dsysvrcnd-path=,,systemd-compat-units update-rc.d" +# When enabled use reproducble build timestamp if set as time epoch, +# or build time if not. When disabled, time epoch is unset. +def build_epoch(d): + epoch = d.getVar('SOURCE_DATE_EPOCH') or "-1" + return '-Dtime-epoch=%d' % int(epoch) +PACKAGECONFIG[set-time-epoch] = "${@build_epoch(d)},-Dtime-epoch=0" +PACKAGECONFIG[timedated] = "-Dtimedated=true,-Dtimedated=false" +PACKAGECONFIG[timesyncd] = "-Dtimesyncd=true,-Dtimesyncd=false" +PACKAGECONFIG[usrmerge] = "-Dsplit-usr=false,-Dsplit-usr=true" +PACKAGECONFIG[sbinmerge] = "-Dsplit-bin=false,-Dsplit-bin=true" +PACKAGECONFIG[userdb] = "-Duserdb=true,-Duserdb=false" +PACKAGECONFIG[utmp] = "-Dutmp=true,-Dutmp=false" +PACKAGECONFIG[valgrind] = "-DVALGRIND=1,,valgrind" +PACKAGECONFIG[vconsole] = "-Dvconsole=true,-Dvconsole=false,,${PN}-vconsole-setup" +PACKAGECONFIG[xdg-autostart] = "-Dxdg-autostart=true,-Dxdg-autostart=false" +# Verify keymaps on locale change +PACKAGECONFIG[xkbcommon] = "-Dxkbcommon=true,-Dxkbcommon=false,libxkbcommon" +PACKAGECONFIG[xz] = "-Dxz=true,-Dxz=false,xz" +PACKAGECONFIG[zlib] = "-Dzlib=true,-Dzlib=false,zlib" + +# Helper variables to clarify locations. This mirrors the logic in systemd's +# build system. +rootprefix ?= "${root_prefix}" +rootlibdir ?= "${base_libdir}" +rootlibexecdir = "${rootprefix}/lib" + +# This links udev statically with systemd helper library. +# Otherwise udev package would depend on systemd package (which has the needed shared library), +# and always pull it into images. +EXTRA_OEMESON += "-Dlink-udev-shared=false" + +EXTRA_OEMESON += "-Dnobody-user=nobody \ + -Dnobody-group=nobody \ + -Drootlibdir=${rootlibdir} \ + -Drootprefix=${rootprefix} \ + -Ddefault-locale=C \ + " + +# Hardcode target binary paths to avoid using paths from sysroot +EXTRA_OEMESON += "-Dkexec-path=${sbindir}/kexec \ + -Dkmod-path=${base_bindir}/kmod \ + -Dmount-path=${base_bindir}/mount \ + -Dquotacheck-path=${sbindir}/quotacheck \ + -Dquotaon-path=${sbindir}/quotaon \ + -Dsulogin-path=${base_sbindir}/sulogin \ + -Dnologin-path=${base_sbindir}/nologin \ + -Dumount-path=${base_bindir}/umount" + +do_install() { + meson_do_install + install -d ${D}/${base_sbindir} + if ${@bb.utils.contains('PACKAGECONFIG', 'serial-getty-generator', 'false', 'true', d)}; then + # Provided by a separate recipe + rm ${D}${systemd_unitdir}/system/serial-getty* -f + fi + + # Provide support for initramfs + [ ! -e ${D}/init ] && ln -s ${rootlibexecdir}/systemd/systemd ${D}/init + [ ! -e ${D}/${base_sbindir}/udevd ] && ln -s ${rootlibexecdir}/systemd/systemd-udevd ${D}/${base_sbindir}/udevd + + install -d ${D}${sysconfdir}/udev/rules.d/ + install -d ${D}${sysconfdir}/tmpfiles.d + for rule in $(find ${WORKDIR} -maxdepth 1 -type f -name "*.rules"); do + install -m 0644 $rule ${D}${sysconfdir}/udev/rules.d/ + done + + install -m 0644 ${WORKDIR}/00-create-volatile.conf ${D}${sysconfdir}/tmpfiles.d/ + + if ${@bb.utils.contains('DISTRO_FEATURES','sysvinit','true','false',d)}; then + install -d ${D}${sysconfdir}/init.d + install -m 0755 ${WORKDIR}/init ${D}${sysconfdir}/init.d/systemd-udevd + sed -i s%@UDEVD@%${rootlibexecdir}/systemd/systemd-udevd% ${D}${sysconfdir}/init.d/systemd-udevd + install -Dm 0755 ${S}/src/systemctl/systemd-sysv-install.SKELETON ${D}${systemd_unitdir}/systemd-sysv-install + fi + + chown root:systemd-journal ${D}/${localstatedir}/log/journal + + # Delete journal README, as log can be symlinked inside volatile. + rm -f ${D}/${localstatedir}/log/README + + # journal-remote creates this at start + rm -rf ${D}/${localstatedir}/log/journal/remote + + install -d ${D}${systemd_unitdir}/system/graphical.target.wants + install -d ${D}${systemd_unitdir}/system/multi-user.target.wants + install -d ${D}${systemd_unitdir}/system/poweroff.target.wants + install -d ${D}${systemd_unitdir}/system/reboot.target.wants + install -d ${D}${systemd_unitdir}/system/rescue.target.wants + + # Create symlinks for systemd-update-utmp-runlevel.service + if ${@bb.utils.contains('PACKAGECONFIG', 'utmp', 'true', 'false', d)}; then + ln -sf ../systemd-update-utmp-runlevel.service ${D}${systemd_unitdir}/system/graphical.target.wants/systemd-update-utmp-runlevel.service + ln -sf ../systemd-update-utmp-runlevel.service ${D}${systemd_unitdir}/system/multi-user.target.wants/systemd-update-utmp-runlevel.service + ln -sf ../systemd-update-utmp-runlevel.service ${D}${systemd_unitdir}/system/poweroff.target.wants/systemd-update-utmp-runlevel.service + ln -sf ../systemd-update-utmp-runlevel.service ${D}${systemd_unitdir}/system/reboot.target.wants/systemd-update-utmp-runlevel.service + ln -sf ../systemd-update-utmp-runlevel.service ${D}${systemd_unitdir}/system/rescue.target.wants/systemd-update-utmp-runlevel.service + fi + + # this file is needed to exist if networkd is disabled but timesyncd is still in use since timesyncd checks it + # for existence else it fails + if [ -s ${D}${exec_prefix}/lib/tmpfiles.d/systemd.conf ]; then + ${@bb.utils.contains('PACKAGECONFIG', 'networkd', ':', 'sed -i -e "\$ad /run/systemd/netif/links 0755 root root -" ${D}${exec_prefix}/lib/tmpfiles.d/systemd.conf', d)} + fi + if ! ${@bb.utils.contains('PACKAGECONFIG', 'resolved', 'true', 'false', d)}; then + echo 'L! ${sysconfdir}/resolv.conf - - - - ../run/systemd/resolve/resolv.conf' >>${D}${exec_prefix}/lib/tmpfiles.d/etc.conf + echo 'd /run/systemd/resolve 0755 root root -' >>${D}${exec_prefix}/lib/tmpfiles.d/systemd.conf + echo 'f /run/systemd/resolve/resolv.conf 0644 root root' >>${D}${exec_prefix}/lib/tmpfiles.d/systemd.conf + ln -s ../run/systemd/resolve/resolv.conf ${D}${sysconfdir}/resolv-conf.systemd + else + sed -i -e "s%^L! /etc/resolv.conf.*$%L! /etc/resolv.conf - - - - ../run/systemd/resolve/resolv.conf%g" ${D}${exec_prefix}/lib/tmpfiles.d/etc.conf + ln -s ../run/systemd/resolve/resolv.conf ${D}${sysconfdir}/resolv-conf.systemd + fi + if ${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'false', 'true', d)}; then + rm ${D}${exec_prefix}/lib/tmpfiles.d/x11.conf + rm -r ${D}${sysconfdir}/X11 + fi + + # If polkit is setup fixup permissions and ownership + if ${@bb.utils.contains('PACKAGECONFIG', 'polkit', 'true', 'false', d)}; then + if [ -d ${D}${datadir}/polkit-1/rules.d ]; then + chmod 700 ${D}${datadir}/polkit-1/rules.d + chown polkitd:root ${D}${datadir}/polkit-1/rules.d + fi + fi + + # create link for existing udev rules + ln -s ${base_bindir}/udevadm ${D}${base_sbindir}/udevadm + + # duplicate udevadm for postinst script + install -d ${D}${libexecdir} + ln ${D}${base_bindir}/udevadm ${D}${libexecdir}/${MLPREFIX}udevadm + + # install default policy for presets + # https://www.freedesktop.org/wiki/Software/systemd/Preset/#howto + install -Dm 0644 ${WORKDIR}/99-default.preset ${D}${systemd_unitdir}/system-preset/99-default.preset +} + +python populate_packages_prepend (){ + systemdlibdir = d.getVar("rootlibdir") + do_split_packages(d, systemdlibdir, '^lib(.*)\.so\.*', 'lib%s', 'Systemd %s library', extra_depends='', allow_links=True) +} +PACKAGES_DYNAMIC += "^lib(udev|systemd|nss).*" + +PACKAGE_BEFORE_PN = "\ + ${PN}-gui \ + ${PN}-vconsole-setup \ + ${PN}-initramfs \ + ${PN}-analyze \ + ${PN}-kernel-install \ + ${PN}-rpm-macros \ + ${PN}-binfmt \ + ${PN}-zsh-completion \ + ${PN}-container \ + ${PN}-journal-gatewayd \ + ${PN}-journal-upload \ + ${PN}-journal-remote \ + ${PN}-extra-utils \ + ${PN}-udev-rules \ + udev \ + udev-hwdb \ +" + +SUMMARY_${PN}-container = "Tools for containers and VMs" +DESCRIPTION_${PN}-container = "Systemd tools to spawn and manage containers and virtual machines." + +SUMMARY_${PN}-journal-gatewayd = "HTTP server for journal events" +DESCRIPTION_${PN}-journal-gatewayd = "systemd-journal-gatewayd serves journal events over the network. Clients must connect using HTTP. The server listens on port 19531 by default." + +SUMMARY_${PN}-journal-upload = "Send journal messages over the network" +DESCRIPTION_${PN}-journal-upload = "systemd-journal-upload uploads journal entries to a specified URL." + +SUMMARY_${PN}-journal-remote = "Receive journal messages over the network" +DESCRIPTION_${PN}-journal-remote = "systemd-journal-remote is a command to receive serialized journal events and store them to journal files." + +SYSTEMD_PACKAGES = "${@bb.utils.contains('PACKAGECONFIG', 'binfmt', '${PN}-binfmt', '', d)} \ + ${@bb.utils.contains('PACKAGECONFIG', 'microhttpd', '${PN}-journal-gatewayd', '', d)} \ + ${@bb.utils.contains('PACKAGECONFIG', 'microhttpd', '${PN}-journal-remote', '', d)} \ + ${@bb.utils.contains('PACKAGECONFIG', 'journal-upload', '${PN}-journal-upload', '', d)} \ +" +SYSTEMD_SERVICE_${PN}-binfmt = "systemd-binfmt.service" + +USERADD_PACKAGES = "${PN} ${PN}-extra-utils \ + ${@bb.utils.contains('PACKAGECONFIG', 'microhttpd', '${PN}-journal-gateway', '', d)} \ + ${@bb.utils.contains('PACKAGECONFIG', 'microhttpd', '${PN}-journal-remote', '', d)} \ + ${@bb.utils.contains('PACKAGECONFIG', 'journal-upload', '${PN}-journal-upload', '', d)} \ +" +GROUPADD_PARAM_${PN} = "-r systemd-journal" +USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'coredump', '--system -d / -M --shell /bin/nologin systemd-coredump;', '', d)}" +USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'networkd', '--system -d / -M --shell /bin/nologin systemd-network;', '', d)}" +USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'polkit', '--system --no-create-home --user-group --home-dir ${sysconfdir}/polkit-1 polkitd;', '', d)}" +USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'resolved', '--system -d / -M --shell /bin/nologin systemd-resolve;', '', d)}" +USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'timesyncd', '--system -d / -M --shell /bin/nologin systemd-timesync;', '', d)}" +USERADD_PARAM_${PN}-extra-utils = "--system -d / -M --shell /bin/nologin systemd-bus-proxy" +USERADD_PARAM_${PN}-journal-gateway = "--system -d / -M --shell /bin/nologin systemd-journal-gateway" +USERADD_PARAM_${PN}-journal-remote = "--system -d / -M --shell /bin/nologin systemd-journal-remote" +USERADD_PARAM_${PN}-journal-upload = "--system -d / -M --shell /bin/nologin systemd-journal-upload" + +FILES_${PN}-analyze = "${bindir}/systemd-analyze" + +FILES_${PN}-initramfs = "/init" +RDEPENDS_${PN}-initramfs = "${PN}" + +FILES_${PN}-gui = "${bindir}/systemadm" + +FILES_${PN}-vconsole-setup = "${rootlibexecdir}/systemd/systemd-vconsole-setup \ + ${systemd_unitdir}/system/systemd-vconsole-setup.service \ + ${systemd_unitdir}/system/sysinit.target.wants/systemd-vconsole-setup.service" + +RDEPENDS_${PN}-kernel-install += "bash" +FILES_${PN}-kernel-install = "${bindir}/kernel-install \ + ${sysconfdir}/kernel/ \ + ${exec_prefix}/lib/kernel \ + " +FILES_${PN}-rpm-macros = "${exec_prefix}/lib/rpm \ + " + +FILES_${PN}-zsh-completion = "${datadir}/zsh/site-functions" + +FILES_${PN}-binfmt = "${sysconfdir}/binfmt.d/ \ + ${exec_prefix}/lib/binfmt.d \ + ${rootlibexecdir}/systemd/systemd-binfmt \ + ${systemd_unitdir}/system/proc-sys-fs-binfmt_misc.* \ + ${systemd_unitdir}/system/systemd-binfmt.service" +RRECOMMENDS_${PN}-binfmt = "kernel-module-binfmt-misc" + +RRECOMMENDS_${PN}-vconsole-setup = "kbd kbd-consolefonts kbd-keymaps" + + +FILES_${PN}-journal-gatewayd = "${rootlibexecdir}/systemd/systemd-journal-gatewayd \ + ${systemd_system_unitdir}/systemd-journal-gatewayd.service \ + ${systemd_system_unitdir}/systemd-journal-gatewayd.socket \ + ${systemd_system_unitdir}/sockets.target.wants/systemd-journal-gatewayd.socket \ + ${datadir}/systemd/gatewayd/browse.html \ + " +SYSTEMD_SERVICE_${PN}-journal-gatewayd = "systemd-journal-gatewayd.socket" + +FILES_${PN}-journal-upload = "${rootlibexecdir}/systemd/systemd-journal-upload \ + ${systemd_system_unitdir}/systemd-journal-upload.service \ + ${sysconfdir}/systemd/journal-upload.conf \ + " +SYSTEMD_SERVICE_${PN}-journal-upload = "systemd-journal-upload.service" + +FILES_${PN}-journal-remote = "${rootlibexecdir}/systemd/systemd-journal-remote \ + ${sysconfdir}/systemd/journal-remote.conf \ + ${systemd_system_unitdir}/systemd-journal-remote.service \ + ${systemd_system_unitdir}/systemd-journal-remote.socket \ + " +SYSTEMD_SERVICE_${PN}-journal-remote = "systemd-journal-remote.socket" + + +FILES_${PN}-container = "${sysconfdir}/dbus-1/system.d/org.freedesktop.import1.conf \ + ${sysconfdir}/dbus-1/system.d/org.freedesktop.machine1.conf \ + ${sysconfdir}/systemd/system/multi-user.target.wants/machines.target \ + ${base_bindir}/machinectl \ + ${bindir}/systemd-nspawn \ + ${nonarch_libdir}/systemd/import-pubring.gpg \ + ${systemd_system_unitdir}/busnames.target.wants/org.freedesktop.import1.busname \ + ${systemd_system_unitdir}/busnames.target.wants/org.freedesktop.machine1.busname \ + ${systemd_system_unitdir}/local-fs.target.wants/var-lib-machines.mount \ + ${systemd_system_unitdir}/machines.target.wants/var-lib-machines.mount \ + ${systemd_system_unitdir}/remote-fs.target.wants/var-lib-machines.mount \ + ${systemd_system_unitdir}/machine.slice \ + ${systemd_system_unitdir}/machines.target \ + ${systemd_system_unitdir}/org.freedesktop.import1.busname \ + ${systemd_system_unitdir}/org.freedesktop.machine1.busname \ + ${systemd_system_unitdir}/systemd-importd.service \ + ${systemd_system_unitdir}/systemd-machined.service \ + ${systemd_system_unitdir}/dbus-org.freedesktop.machine1.service \ + ${systemd_system_unitdir}/var-lib-machines.mount \ + ${rootlibexecdir}/systemd/systemd-import \ + ${rootlibexecdir}/systemd/systemd-importd \ + ${rootlibexecdir}/systemd/systemd-machined \ + ${rootlibexecdir}/systemd/systemd-pull \ + ${exec_prefix}/lib/tmpfiles.d/systemd-nspawn.conf \ + ${systemd_system_unitdir}/systemd-nspawn@.service \ + ${libdir}/libnss_mymachines.so.2 \ + ${datadir}/dbus-1/system-services/org.freedesktop.import1.service \ + ${datadir}/dbus-1/system-services/org.freedesktop.machine1.service \ + ${datadir}/dbus-1/system.d/org.freedesktop.import1.conf \ + ${datadir}/dbus-1/system.d/org.freedesktop.machine1.conf \ + ${datadir}/polkit-1/actions/org.freedesktop.import1.policy \ + ${datadir}/polkit-1/actions/org.freedesktop.machine1.policy \ + " + +RRECOMMENDS_${PN}-container += "\ + ${PN}-journal-upload \ + ${PN}-journal-remote \ + ${PN}-journal-gatewayd \ + " + +FILES_${PN}-extra-utils = "\ + ${base_bindir}/systemd-escape \ + ${base_bindir}/systemd-inhibit \ + ${bindir}/systemd-detect-virt \ + ${bindir}/systemd-path \ + ${bindir}/systemd-run \ + ${bindir}/systemd-cat \ + ${bindir}/systemd-delta \ + ${bindir}/systemd-cgls \ + ${bindir}/systemd-cgtop \ + ${bindir}/systemd-stdio-bridge \ + ${base_bindir}/systemd-ask-password \ + ${base_bindir}/systemd-tty-ask-password-agent \ + ${systemd_unitdir}/system/systemd-ask-password-console.path \ + ${systemd_unitdir}/system/systemd-ask-password-console.service \ + ${systemd_unitdir}/system/systemd-ask-password-wall.path \ + ${systemd_unitdir}/system/systemd-ask-password-wall.service \ + ${systemd_unitdir}/system/sysinit.target.wants/systemd-ask-password-console.path \ + ${systemd_unitdir}/system/sysinit.target.wants/systemd-ask-password-wall.path \ + ${systemd_unitdir}/system/multi-user.target.wants/systemd-ask-password-wall.path \ + ${rootlibexecdir}/systemd/systemd-resolve-host \ + ${rootlibexecdir}/systemd/systemd-ac-power \ + ${rootlibexecdir}/systemd/systemd-activate \ + ${rootlibexecdir}/systemd/systemd-bus-proxyd \ + ${systemd_unitdir}/system/systemd-bus-proxyd.service \ + ${systemd_unitdir}/system/systemd-bus-proxyd.socket \ + ${rootlibexecdir}/systemd/systemd-socket-proxyd \ + ${rootlibexecdir}/systemd/systemd-reply-password \ + ${rootlibexecdir}/systemd/systemd-sleep \ + ${rootlibexecdir}/systemd/system-sleep \ + ${systemd_unitdir}/system/systemd-hibernate.service \ + ${systemd_unitdir}/system/systemd-hybrid-sleep.service \ + ${systemd_unitdir}/system/systemd-suspend.service \ + ${systemd_unitdir}/system/sleep.target \ + ${rootlibexecdir}/systemd/systemd-initctl \ + ${systemd_unitdir}/system/systemd-initctl.service \ + ${systemd_unitdir}/system/systemd-initctl.socket \ + ${systemd_unitdir}/system/sockets.target.wants/systemd-initctl.socket \ + ${rootlibexecdir}/systemd/system-generators/systemd-gpt-auto-generator \ + ${rootlibexecdir}/systemd/systemd-cgroups-agent \ +" + +FILES_${PN}-udev-rules = "\ + ${rootlibexecdir}/udev/rules.d/70-uaccess.rules \ + ${rootlibexecdir}/udev/rules.d/71-seat.rules \ + ${rootlibexecdir}/udev/rules.d/73-seat-late.rules \ + ${rootlibexecdir}/udev/rules.d/99-systemd.rules \ +" + +CONFFILES_${PN} = "${sysconfdir}/systemd/coredump.conf \ + ${sysconfdir}/systemd/journald.conf \ + ${sysconfdir}/systemd/logind.conf \ + ${sysconfdir}/systemd/networkd.conf \ + ${sysconfdir}/systemd/pstore.conf \ + ${sysconfdir}/systemd/resolved.conf \ + ${sysconfdir}/systemd/sleep.conf \ + ${sysconfdir}/systemd/system.conf \ + ${sysconfdir}/systemd/timesyncd.conf \ + ${sysconfdir}/systemd/user.conf \ +" + +FILES_${PN} = " ${base_bindir}/* \ + ${base_sbindir}/shutdown \ + ${base_sbindir}/halt \ + ${base_sbindir}/poweroff \ + ${base_sbindir}/runlevel \ + ${base_sbindir}/telinit \ + ${base_sbindir}/resolvconf \ + ${base_sbindir}/reboot \ + ${base_sbindir}/init \ + ${datadir}/dbus-1/services \ + ${datadir}/dbus-1/system-services \ + ${datadir}/polkit-1 \ + ${datadir}/${BPN} \ + ${datadir}/factory \ + ${sysconfdir}/dbus-1/ \ + ${sysconfdir}/modules-load.d/ \ + ${sysconfdir}/pam.d/ \ + ${sysconfdir}/sysctl.d/ \ + ${sysconfdir}/systemd/ \ + ${sysconfdir}/tmpfiles.d/ \ + ${sysconfdir}/xdg/ \ + ${sysconfdir}/init.d/README \ + ${sysconfdir}/resolv-conf.systemd \ + ${sysconfdir}/X11/xinit/xinitrc.d/* \ + ${rootlibexecdir}/systemd/* \ + ${systemd_unitdir}/* \ + ${base_libdir}/security/*.so \ + /cgroup \ + ${bindir}/systemd* \ + ${bindir}/busctl \ + ${bindir}/coredumpctl \ + ${bindir}/localectl \ + ${bindir}/hostnamectl \ + ${bindir}/resolvectl \ + ${bindir}/timedatectl \ + ${bindir}/bootctl \ + ${exec_prefix}/lib/tmpfiles.d/*.conf \ + ${exec_prefix}/lib/systemd \ + ${exec_prefix}/lib/modules-load.d \ + ${exec_prefix}/lib/sysctl.d \ + ${exec_prefix}/lib/sysusers.d \ + ${exec_prefix}/lib/environment.d \ + ${localstatedir} \ + ${rootlibexecdir}/modprobe.d/systemd.conf \ + ${datadir}/dbus-1/system.d/org.freedesktop.timedate1.conf \ + ${datadir}/dbus-1/system.d/org.freedesktop.locale1.conf \ + ${datadir}/dbus-1/system.d/org.freedesktop.network1.conf \ + ${datadir}/dbus-1/system.d/org.freedesktop.resolve1.conf \ + ${datadir}/dbus-1/system.d/org.freedesktop.systemd1.conf \ + ${datadir}/dbus-1/system.d/org.freedesktop.hostname1.conf \ + ${datadir}/dbus-1/system.d/org.freedesktop.login1.conf \ + ${datadir}/dbus-1/system.d/org.freedesktop.timesync1.conf \ + ${datadir}/dbus-1/system.d/org.freedesktop.portable1.conf \ + " + +FILES_${PN}-dev += "${base_libdir}/security/*.la ${datadir}/dbus-1/interfaces/ ${sysconfdir}/rpm/macros.systemd" + +RDEPENDS_${PN} += "kmod dbus util-linux-mount util-linux-umount udev (= ${EXTENDPKGV}) systemd-udev-rules util-linux-agetty util-linux-fsck" +RDEPENDS_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'serial-getty-generator', '', 'systemd-serialgetty', d)}" +RDEPENDS_${PN} += "volatile-binds" + +RRECOMMENDS_${PN} += "systemd-extra-utils \ + udev-hwdb \ + e2fsprogs-e2fsck \ + kernel-module-autofs4 kernel-module-unix kernel-module-ipv6 kernel-module-sch-fq-codel \ + os-release \ + systemd-conf \ +" + +INSANE_SKIP_${PN} += "dev-so libdir" +INSANE_SKIP_${PN}-dbg += "libdir" +INSANE_SKIP_${PN}-doc += " libdir" + +RPROVIDES_udev = "hotplug" + +RDEPENDS_udev-hwdb += "udev" + +FILES_udev += "${base_sbindir}/udevd \ + ${rootlibexecdir}/systemd/network/99-default.link \ + ${rootlibexecdir}/systemd/systemd-udevd \ + ${rootlibexecdir}/udev/accelerometer \ + ${rootlibexecdir}/udev/ata_id \ + ${rootlibexecdir}/udev/cdrom_id \ + ${rootlibexecdir}/udev/collect \ + ${rootlibexecdir}/udev/fido_id \ + ${rootlibexecdir}/udev/findkeyboards \ + ${rootlibexecdir}/udev/keyboard-force-release.sh \ + ${rootlibexecdir}/udev/keymap \ + ${rootlibexecdir}/udev/mtd_probe \ + ${rootlibexecdir}/udev/scsi_id \ + ${rootlibexecdir}/udev/v4l_id \ + ${rootlibexecdir}/udev/keymaps \ + ${rootlibexecdir}/udev/rules.d/50-udev-default.rules \ + ${rootlibexecdir}/udev/rules.d/60-autosuspend.rules \ + ${rootlibexecdir}/udev/rules.d/60-autosuspend-chromiumos.rules \ + ${rootlibexecdir}/udev/rules.d/60-block.rules \ + ${rootlibexecdir}/udev/rules.d/60-cdrom_id.rules \ + ${rootlibexecdir}/udev/rules.d/60-drm.rules \ + ${rootlibexecdir}/udev/rules.d/60-evdev.rules \ + ${rootlibexecdir}/udev/rules.d/60-fido-id.rules \ + ${rootlibexecdir}/udev/rules.d/60-input-id.rules \ + ${rootlibexecdir}/udev/rules.d/60-persistent-alsa.rules \ + ${rootlibexecdir}/udev/rules.d/60-persistent-input.rules \ + ${rootlibexecdir}/udev/rules.d/60-persistent-storage.rules \ + ${rootlibexecdir}/udev/rules.d/60-persistent-storage-tape.rules \ + ${rootlibexecdir}/udev/rules.d/60-persistent-v4l.rules \ + ${rootlibexecdir}/udev/rules.d/60-sensor.rules \ + ${rootlibexecdir}/udev/rules.d/60-serial.rules \ + ${rootlibexecdir}/udev/rules.d/61-autosuspend-manual.rules \ + ${rootlibexecdir}/udev/rules.d/64-btrfs.rules \ + ${rootlibexecdir}/udev/rules.d/70-joystick.rules \ + ${rootlibexecdir}/udev/rules.d/70-mouse.rules \ + ${rootlibexecdir}/udev/rules.d/70-power-switch.rules \ + ${rootlibexecdir}/udev/rules.d/70-touchpad.rules \ + ${rootlibexecdir}/udev/rules.d/75-net-description.rules \ + ${rootlibexecdir}/udev/rules.d/75-probe_mtd.rules \ + ${rootlibexecdir}/udev/rules.d/78-sound-card.rules \ + ${rootlibexecdir}/udev/rules.d/80-drivers.rules \ + ${rootlibexecdir}/udev/rules.d/80-net-setup-link.rules \ + ${rootlibexecdir}/udev/rules.d/90-vconsole.rules \ + ${sysconfdir}/udev \ + ${sysconfdir}/init.d/systemd-udevd \ + ${systemd_unitdir}/system/*udev* \ + ${systemd_unitdir}/system/*.wants/*udev* \ + ${base_bindir}/systemd-hwdb \ + ${base_bindir}/udevadm \ + ${base_sbindir}/udevadm \ + ${libexecdir}/${MLPREFIX}udevadm \ + ${datadir}/bash-completion/completions/udevadm \ + ${systemd_unitdir}/system/systemd-hwdb-update.service \ + " + +FILES_udev-hwdb = "${rootlibexecdir}/udev/hwdb.d \ + " + +RCONFLICTS_${PN} = "tiny-init ${@bb.utils.contains('PACKAGECONFIG', 'resolved', 'resolvconf', '', d)}" + +INITSCRIPT_PACKAGES = "udev" +INITSCRIPT_NAME_udev = "systemd-udevd" +INITSCRIPT_PARAMS_udev = "start 03 S ." + +python __anonymous() { + if not bb.utils.contains('DISTRO_FEATURES', 'sysvinit', True, False, d): + d.setVar("INHIBIT_UPDATERCD_BBCLASS", "1") +} + +python do_warn_musl() { + if d.getVar('TCLIBC') == "musl": + bb.warn("Using systemd with musl is not recommended since it is not supported upstream and some patches are known to be problematic.") +} +addtask warn_musl before do_configure + +ALTERNATIVE_${PN} = "halt reboot shutdown poweroff runlevel ${@bb.utils.contains('PACKAGECONFIG', 'resolved', 'resolv-conf', '', d)}" + +ALTERNATIVE_TARGET[resolv-conf] = "${sysconfdir}/resolv-conf.systemd" +ALTERNATIVE_LINK_NAME[resolv-conf] = "${sysconfdir}/resolv.conf" +ALTERNATIVE_PRIORITY[resolv-conf] ?= "50" + +ALTERNATIVE_TARGET[halt] = "${base_bindir}/systemctl" +ALTERNATIVE_LINK_NAME[halt] = "${base_sbindir}/halt" +ALTERNATIVE_PRIORITY[halt] ?= "300" + +ALTERNATIVE_TARGET[reboot] = "${base_bindir}/systemctl" +ALTERNATIVE_LINK_NAME[reboot] = "${base_sbindir}/reboot" +ALTERNATIVE_PRIORITY[reboot] ?= "300" + +ALTERNATIVE_TARGET[shutdown] = "${base_bindir}/systemctl" +ALTERNATIVE_LINK_NAME[shutdown] = "${base_sbindir}/shutdown" +ALTERNATIVE_PRIORITY[shutdown] ?= "300" + +ALTERNATIVE_TARGET[poweroff] = "${base_bindir}/systemctl" +ALTERNATIVE_LINK_NAME[poweroff] = "${base_sbindir}/poweroff" +ALTERNATIVE_PRIORITY[poweroff] ?= "300" + +ALTERNATIVE_TARGET[runlevel] = "${base_bindir}/systemctl" +ALTERNATIVE_LINK_NAME[runlevel] = "${base_sbindir}/runlevel" +ALTERNATIVE_PRIORITY[runlevel] ?= "300" + +pkg_postinst_${PN}_libc-glibc () { + sed -e '/^hosts:/s/\s*\//' \ + -e 's/\(^hosts:.*\)\(\\)\(.*\)\(\\)\(.*\)/\1\2 myhostname \3\4\5/' \ + -i $D${sysconfdir}/nsswitch.conf +} + +pkg_prerm_${PN}_libc-glibc () { + sed -e '/^hosts:/s/\s*\//' \ + -e '/^hosts:/s/\s*myhostname//' \ + -i $D${sysconfdir}/nsswitch.conf +} + +PACKAGE_WRITE_DEPS += "qemu-native" +pkg_postinst_udev-hwdb () { + if test -n "$D"; then + $INTERCEPT_DIR/postinst_intercept update_udev_hwdb ${PKG} mlprefix=${MLPREFIX} binprefix=${MLPREFIX} rootlibexecdir="${rootlibexecdir}" PREFERRED_PROVIDER_udev="${PREFERRED_PROVIDER_udev}" + else + udevadm hwdb --update + fi +} + +pkg_prerm_udev-hwdb () { + rm -f $D${sysconfdir}/udev/hwdb.bin +} diff --git a/poky/meta/recipes-devtools/python/python3-jinja2/run-ptest b/poky/meta/recipes-devtools/python/python3-jinja2/run-ptest new file mode 100644 index 000000000..5cec71169 --- /dev/null +++ b/poky/meta/recipes-devtools/python/python3-jinja2/run-ptest @@ -0,0 +1,3 @@ +#!/bin/sh + +pytest diff --git a/poky/meta/recipes-devtools/python/python3-jinja2_2.11.2.bb b/poky/meta/recipes-devtools/python/python3-jinja2_2.11.2.bb new file mode 100644 index 000000000..89538d2f2 --- /dev/null +++ b/poky/meta/recipes-devtools/python/python3-jinja2_2.11.2.bb @@ -0,0 +1,45 @@ +DESCRIPTION = "Python Jinja2: A small but fast and easy to use stand-alone template engine written in pure python." + +LICENSE = "BSD-3-Clause" +LIC_FILES_CHKSUM = "file://LICENSE.rst;md5=5dc88300786f1c214c1e9827a5229462" + +SRC_URI[sha256sum] = "89aab215427ef59c34ad58735269eb58b1a5808103067f7bb9d5836c651b3bb0" + +PYPI_PACKAGE = "Jinja2" + +CLEANBROKEN = "1" + +inherit pypi setuptools3 +# ptest disabled in OE-Core for now due to missing dependencies + + +SRC_URI += " \ + file://run-ptest \ +" + +do_install_ptest() { + install -d ${D}${PTEST_PATH}/tests + cp -rf ${S}/tests/* ${D}${PTEST_PATH}/tests/ +} + +RDEPENDS_${PN}-ptest += " \ + ${PYTHON_PN}-pytest \ + ${PYTHON_PN}-unixadmin \ +" + +RDEPENDS_${PN} += " \ + ${PYTHON_PN}-asyncio \ + ${PYTHON_PN}-crypt \ + ${PYTHON_PN}-io \ + ${PYTHON_PN}-json \ + ${PYTHON_PN}-markupsafe \ + ${PYTHON_PN}-math \ + ${PYTHON_PN}-netclient \ + ${PYTHON_PN}-numbers\ + ${PYTHON_PN}-pickle \ + ${PYTHON_PN}-pprint \ + ${PYTHON_PN}-shell \ + ${PYTHON_PN}-threading \ +" + +BBCLASSEXTEND = "native nativesdk" diff --git a/poky/meta/recipes-devtools/python/python3-markupsafe/run-ptest b/poky/meta/recipes-devtools/python/python3-markupsafe/run-ptest new file mode 100644 index 000000000..5cec71169 --- /dev/null +++ b/poky/meta/recipes-devtools/python/python3-markupsafe/run-ptest @@ -0,0 +1,3 @@ +#!/bin/sh + +pytest diff --git a/poky/meta/recipes-devtools/python/python3-markupsafe_1.1.1.bb b/poky/meta/recipes-devtools/python/python3-markupsafe_1.1.1.bb new file mode 100644 index 000000000..403a98a43 --- /dev/null +++ b/poky/meta/recipes-devtools/python/python3-markupsafe_1.1.1.bb @@ -0,0 +1,28 @@ +DESCRIPTION = "Implements a XML/HTML/XHTML Markup safe string for Python" +HOMEPAGE = "http://github.com/mitsuhiko/markupsafe" +LICENSE = "BSD-3-Clause" +LIC_FILES_CHKSUM = "file://LICENSE.rst;md5=ffeffa59c90c9c4a033c7574f8f3fb75" + +SRC_URI[md5sum] = "43fd756864fe42063068e092e220c57b" +SRC_URI[sha256sum] = "29872e92839765e546828bb7754a68c418d927cd064fd4708fab9fe9c8bb116b" + +PYPI_PACKAGE = "MarkupSafe" +inherit pypi setuptools3 +# ptest disabled in OE-Core for now due to missing dependencies + +RDEPENDS_${PN} += "${PYTHON_PN}-stringold" + +BBCLASSEXTEND = "native nativesdk" + +SRC_URI += " \ + file://run-ptest \ +" + +RDEPENDS_${PN}-ptest += " \ + ${PYTHON_PN}-pytest \ +" + +do_install_ptest() { + install -d ${D}${PTEST_PATH}/tests + cp -f ${S}/tests/* ${D}${PTEST_PATH}/tests/ +} diff --git a/poky/meta/recipes-devtools/python/python3/0001-setup.py-pass-missing-libraries-to-Extension-for-mul.patch b/poky/meta/recipes-devtools/python/python3/0001-setup.py-pass-missing-libraries-to-Extension-for-mul.patch index d38ed61dd..ea0af02e7 100644 --- a/poky/meta/recipes-devtools/python/python3/0001-setup.py-pass-missing-libraries-to-Extension-for-mul.patch +++ b/poky/meta/recipes-devtools/python/python3/0001-setup.py-pass-missing-libraries-to-Extension-for-mul.patch @@ -46,7 +46,7 @@ ValueError: semaphore or lock released too many times And the semaphore issue also caused multiprocessing.Queue().put() hung. -Upstream-Status: Pensing +Upstream-Status: Pending Signed-off-by: Hongxu Jia Signed-off-by: Alexander Kanavin diff --git a/poky/meta/recipes-devtools/qemu/qemu-system-native_5.1.0.bb b/poky/meta/recipes-devtools/qemu/qemu-system-native_5.1.0.bb index 7394385d3..222b55cbc 100644 --- a/poky/meta/recipes-devtools/qemu/qemu-system-native_5.1.0.bb +++ b/poky/meta/recipes-devtools/qemu/qemu-system-native_5.1.0.bb @@ -10,7 +10,7 @@ DEPENDS = "glib-2.0-native zlib-native pixman-native qemu-native bison-native" EXTRA_OECONF_append = " --target-list=${@get_qemu_system_target_list(d)}" PACKAGECONFIG ??= "fdt alsa kvm \ - ${@bb.utils.contains('DISTRO_FEATURES', 'opengl', 'virglrenderer glx', '' ,d)} \ + ${@bb.utils.contains('DISTRO_FEATURES', 'opengl', 'virglrenderer glx', '', d)} \ " # Handle distros such as CentOS 5 32-bit that do not have kvm support diff --git a/poky/meta/recipes-devtools/qemu/qemu/0001-qemu-Do-not-include-file-if-not-exists.patch b/poky/meta/recipes-devtools/qemu/qemu/0001-qemu-Do-not-include-file-if-not-exists.patch index 678e05946..d6c0f9ebe 100644 --- a/poky/meta/recipes-devtools/qemu/qemu/0001-qemu-Do-not-include-file-if-not-exists.patch +++ b/poky/meta/recipes-devtools/qemu/qemu/0001-qemu-Do-not-include-file-if-not-exists.patch @@ -6,7 +6,7 @@ Subject: [PATCH] qemu: Do not include file if not exists Script configure checks for if_alg.h and check failed but if_alg.h still included. -Upstream-status: Submitted [https://lists.gnu.org/archive/html/qemu-devel/2020-03/msg07188.html] +Upstream-Status: Submitted [https://lists.gnu.org/archive/html/qemu-devel/2020-03/msg07188.html] Signed-off-by: Oleksiy Obitotskyy [update patch context] diff --git a/poky/meta/recipes-devtools/qemu/qemu_5.1.0.bb b/poky/meta/recipes-devtools/qemu/qemu_5.1.0.bb index a4018cc44..599ff82fc 100644 --- a/poky/meta/recipes-devtools/qemu/qemu_5.1.0.bb +++ b/poky/meta/recipes-devtools/qemu/qemu_5.1.0.bb @@ -21,8 +21,8 @@ do_install_append_class-nativesdk() { PACKAGECONFIG ??= " \ fdt sdl kvm \ ${@bb.utils.filter('DISTRO_FEATURES', 'alsa xen', d)} \ - ${@bb.utils.contains('DISTRO_FEATURES', 'opengl', 'virglrenderer glx', '' ,d)} \ + ${@bb.utils.contains('DISTRO_FEATURES', 'opengl', 'virglrenderer glx', '', d)} \ " PACKAGECONFIG_class-nativesdk ??= "fdt sdl kvm \ - ${@bb.utils.contains('DISTRO_FEATURES', 'opengl', 'virglrenderer glx', '' ,d)} \ + ${@bb.utils.contains('DISTRO_FEATURES', 'opengl', 'virglrenderer glx', '', d)} \ " diff --git a/poky/meta/recipes-devtools/rpm/rpm_4.15.1.bb b/poky/meta/recipes-devtools/rpm/rpm_4.15.1.bb index c9258632d..a1c520555 100644 --- a/poky/meta/recipes-devtools/rpm/rpm_4.15.1.bb +++ b/poky/meta/recipes-devtools/rpm/rpm_4.15.1.bb @@ -49,7 +49,7 @@ SRCREV = "ab2179452c5be276a6b96c591afded485c7e58c3" S = "${WORKDIR}/git" -DEPENDS = "openssl libarchive db file popt xz bzip2 dbus elfutils python3" +DEPENDS = "openssl db file popt xz bzip2 elfutils python3" DEPENDS_append_class-native = " file-replacement-native bzip2-replacement-native" inherit autotools gettext pkgconfig python3native @@ -62,18 +62,22 @@ EXTRA_OECONF_append = " --without-lua --enable-python --with-crypto=openssl" EXTRA_OECONF_append_libc-musl = " --disable-nls --disable-openmp" # --sysconfdir prevents rpm from attempting to access machine-specific configuration in sysroot/etc; we need to have it in rootfs -# # --localstatedir prevents rpm from writing its database to native sysroot when building images -# -# Disable dbus for native, so that rpm doesn't attempt to inhibit shutdown via session dbus even when plugins support is enabled. -# Also disable plugins by default for native. +# Forcibly disable plugins for native/nativesdk, as the inhibit and prioreset +# plugins both behave badly inside builds. EXTRA_OECONF_append_class-native = " --sysconfdir=/etc --localstatedir=/var --disable-plugins" EXTRA_OECONF_append_class-nativesdk = " --sysconfdir=/etc --disable-plugins" BBCLASSEXTEND = "native nativesdk" -PACKAGECONFIG ??= "" +PACKAGECONFIG ??= "${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'inhibit', '', d)}" +# The inhibit plugin serves no purpose outside of the target +PACKAGECONFIG_remove_class-native = "inhibit" +PACKAGECONFIG_remove_class-nativesdk = "inhibit" + PACKAGECONFIG[imaevm] = "--with-imaevm,,ima-evm-utils" +PACKAGECONFIG[inhibit] = "--enable-inhibit-plugin,--disable-inhibit-plugin,dbus" +PACKAGECONFIG[rpm2archive] = "--with-archive,--without-archive,libarchive" ASNEEDED = "" @@ -95,7 +99,7 @@ WRAPPER_TOOLS = " \ do_install_append_class-native() { for tool in ${WRAPPER_TOOLS}; do - create_wrapper ${D}$tool \ + test -x ${D}$tool && create_wrapper ${D}$tool \ RPM_CONFIGDIR=${STAGING_LIBDIR_NATIVE}/rpm \ RPM_ETCCONFIGDIR=${STAGING_DIR_NATIVE} \ MAGIC=${STAGING_DIR_NATIVE}${datadir_native}/misc/magic.mgc \ @@ -105,7 +109,7 @@ do_install_append_class-native() { do_install_append_class-nativesdk() { for tool in ${WRAPPER_TOOLS}; do - create_wrapper ${D}$tool \ + test -x ${D}$tool && create_wrapper ${D}$tool \ RPM_CONFIGDIR='`dirname $''realpath`'/${@os.path.relpath(d.getVar('libdir'), d.getVar('bindir'))}/rpm \ RPM_ETCCONFIGDIR='$'{RPM_ETCCONFIGDIR-'`dirname $''realpath`'/${@os.path.relpath(d.getVar('sysconfdir'), d.getVar('bindir'))}/..} \ MAGIC='`dirname $''realpath`'/${@os.path.relpath(d.getVar('datadir'), d.getVar('bindir'))}/misc/magic.mgc \ diff --git a/poky/meta/recipes-extended/bash/bash/bash-CVE-2019-18276.patch b/poky/meta/recipes-extended/bash/bash/bash-CVE-2019-18276.patch new file mode 100644 index 000000000..7b2073201 --- /dev/null +++ b/poky/meta/recipes-extended/bash/bash/bash-CVE-2019-18276.patch @@ -0,0 +1,386 @@ +From 951bdaad7a18cc0dc1036bba86b18b90874d39ff Mon Sep 17 00:00:00 2001 +From: Chet Ramey +Date: Mon, 1 Jul 2019 09:03:53 -0400 +Subject: [PATCH] commit bash-20190628 snapshot + +An issue was discovered in disable_priv_mode in shell.c in GNU Bash through 5.0 patch 11. +By default, if Bash is run with its effective UID not equal to its real UID, +it will drop privileges by setting its effective UID to its real UID. +However, it does so incorrectly. On Linux and other systems that support "saved UID" functionality, +the saved UID is not dropped. An attacker with command execution in the shell can use "enable -f" for +runtime loading of a new builtin, which can be a shared object that calls setuid() and therefore +regains privileges. However, binaries running with an effective UID of 0 are unaffected. + +Get the patch from [1] to fix the issue. + +Upstream-Status: Inappropriate [the upstream thinks it doesn't increase the credibility of CVEs in general] +CVE: CVE-2019-18276 + +[1] https://git.savannah.gnu.org/cgit/bash.git/commit/?h=devel&id=951bdaa + +Signed-off-by: De Huo +Signed-off-by: Kai Kang +Signed-off-by: Mingli Yu +--- + MANIFEST | 2 ++ + bashline.c | 50 +------------------------------------------------- + builtins/help.def | 2 +- + config.h.in | 10 +++++++++- + configure.ac | 1 + + doc/bash.1 | 3 ++- + doc/bashref.texi | 3 ++- + lib/glob/glob.c | 5 ++++- + pathexp.c | 16 ++++++++++++++-- + shell.c | 8 ++++++++ + tests/glob.tests | 2 ++ + tests/glob6.sub | 54 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ + tests/glob7.sub | 11 +++++++++++ + 14 files changed, 122 insertions(+), 56 deletions(-) + create mode 100644 tests/glob6.sub + create mode 100644 tests/glob7.sub + +diff --git a/MANIFEST b/MANIFEST +index 03de221..f9ccad7 100644 +--- a/MANIFEST ++++ b/MANIFEST +@@ -1037,6 +1037,8 @@ tests/extglob3.tests f + tests/extglob3.right f + tests/extglob4.sub f + tests/extglob5.sub f ++tests/glob6.sub f ++tests/glob7.sub f + tests/func.tests f + tests/func.right f + tests/func1.sub f +diff --git a/bashline.c b/bashline.c +index 824ea9d..d86b47d 100644 +--- a/bashline.c ++++ b/bashline.c +@@ -3718,55 +3718,7 @@ static int + completion_glob_pattern (string) + char *string; + { +- register int c; +- char *send; +- int open; +- +- DECLARE_MBSTATE; +- +- open = 0; +- send = string + strlen (string); +- +- while (c = *string++) +- { +- switch (c) +- { +- case '?': +- case '*': +- return (1); +- +- case '[': +- open++; +- continue; +- +- case ']': +- if (open) +- return (1); +- continue; +- +- case '+': +- case '@': +- case '!': +- if (*string == '(') /*)*/ +- return (1); +- continue; +- +- case '\\': +- if (*string++ == 0) +- return (0); +- } +- +- /* Advance one fewer byte than an entire multibyte character to +- account for the auto-increment in the loop above. */ +-#ifdef HANDLE_MULTIBYTE +- string--; +- ADVANCE_CHAR_P (string, send - string); +- string++; +-#else +- ADVANCE_CHAR_P (string, send - string); +-#endif +- } +- return (0); ++ return (glob_pattern_p (string) == 1); + } + + static char *globtext; +diff --git a/builtins/help.def b/builtins/help.def +index 006c4b5..92f9b38 100644 +--- a/builtins/help.def ++++ b/builtins/help.def +@@ -128,7 +128,7 @@ help_builtin (list) + + /* We should consider making `help bash' do something. */ + +- if (glob_pattern_p (list->word->word)) ++ if (glob_pattern_p (list->word->word) == 1) + { + printf ("%s", ngettext ("Shell commands matching keyword `", "Shell commands matching keywords `", (list->next ? 2 : 1))); + print_word_list (list, ", "); +diff --git a/config.h.in b/config.h.in +index 8554aec..ad4b1e8 100644 +--- a/config.h.in ++++ b/config.h.in +@@ -1,6 +1,6 @@ + /* config.h -- Configuration file for bash. */ + +-/* Copyright (C) 1987-2009,2011-2012 Free Software Foundation, Inc. ++/* Copyright (C) 1987-2009,2011-2012,2013-2019 Free Software Foundation, Inc. + + This file is part of GNU Bash, the Bourne Again SHell. + +@@ -807,6 +807,14 @@ + #undef HAVE_SETREGID + #undef HAVE_DECL_SETREGID + ++/* Define if you have the setregid function. */ ++#undef HAVE_SETRESGID ++#undef HAVE_DECL_SETRESGID ++ ++/* Define if you have the setresuid function. */ ++#undef HAVE_SETRESUID ++#undef HAVE_DECL_SETRESUID ++ + /* Define if you have the setvbuf function. */ + #undef HAVE_SETVBUF + +diff --git a/configure.ac b/configure.ac +index 52b4cdb..549adef 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -810,6 +810,7 @@ AC_CHECK_DECLS([confstr]) + AC_CHECK_DECLS([printf]) + AC_CHECK_DECLS([sbrk]) + AC_CHECK_DECLS([setregid]) ++AC_CHECK_DECLS[(setresuid, setresgid]) + AC_CHECK_DECLS([strcpy]) + AC_CHECK_DECLS([strsignal]) + +diff --git a/doc/bash.1 b/doc/bash.1 +index e6cd08d..9e58a0b 100644 +--- a/doc/bash.1 ++++ b/doc/bash.1 +@@ -4681,7 +4681,8 @@ above). + .PD + .SH "SIMPLE COMMAND EXPANSION" + When a simple command is executed, the shell performs the following +-expansions, assignments, and redirections, from left to right. ++expansions, assignments, and redirections, from left to right, in ++the following order. + .IP 1. + The words that the parser has marked as variable assignments (those + preceding the command name) and redirections are saved for later +diff --git a/doc/bashref.texi b/doc/bashref.texi +index d33cd57..3065126 100644 +--- a/doc/bashref.texi ++++ b/doc/bashref.texi +@@ -2964,7 +2964,8 @@ is not specified. If the file does not exist, it is created. + @cindex command expansion + + When a simple command is executed, the shell performs the following +-expansions, assignments, and redirections, from left to right. ++expansions, assignments, and redirections, from left to right, in ++the following order. + + @enumerate + @item +diff --git a/lib/glob/glob.c b/lib/glob/glob.c +index 398253b..2eaa33e 100644 +--- a/lib/glob/glob.c ++++ b/lib/glob/glob.c +@@ -607,6 +607,7 @@ glob_vector (pat, dir, flags) + register unsigned int i; + int mflags; /* Flags passed to strmatch (). */ + int pflags; /* flags passed to sh_makepath () */ ++ int hasglob; /* return value from glob_pattern_p */ + int nalloca; + struct globval *firstmalloc, *tmplink; + char *convfn; +@@ -648,10 +649,12 @@ glob_vector (pat, dir, flags) + patlen = (pat && *pat) ? strlen (pat) : 0; + + /* If the filename pattern (PAT) does not contain any globbing characters, ++ or contains a pattern with only backslash escapes (hasglob == 2), + we can dispense with reading the directory, and just see if there is + a filename `DIR/PAT'. If there is, and we can access it, just make the + vector to return and bail immediately. */ +- if (skip == 0 && glob_pattern_p (pat) == 0) ++ hasglob = 0; ++ if (skip == 0 && (hasglob = glob_pattern_p (pat)) == 0 || hasglob == 2) + { + int dirlen; + struct stat finfo; +diff --git a/pathexp.c b/pathexp.c +index c1bf2d8..e6c5392 100644 +--- a/pathexp.c ++++ b/pathexp.c +@@ -58,7 +58,10 @@ int extended_glob = EXTGLOB_DEFAULT; + /* Control enabling special handling of `**' */ + int glob_star = 0; + +-/* Return nonzero if STRING has any unquoted special globbing chars in it. */ ++/* Return nonzero if STRING has any unquoted special globbing chars in it. ++ This is supposed to be called when pathname expansion is performed, so ++ it implements the rules in Posix 2.13.3, specifically that an unquoted ++ slash cannot appear in a bracket expression. */ + int + unquoted_glob_pattern_p (string) + register char *string; +@@ -85,10 +88,14 @@ unquoted_glob_pattern_p (string) + continue; + + case ']': +- if (open) ++ if (open) /* XXX - if --open == 0? */ + return (1); + continue; + ++ case '/': ++ if (open) ++ open = 0; ++ + case '+': + case '@': + case '!': +@@ -106,6 +113,11 @@ unquoted_glob_pattern_p (string) + string++; + continue; + } ++ else if (open && *string == '/') ++ { ++ string++; /* quoted slashes in bracket expressions are ok */ ++ continue; ++ } + else if (*string == 0) + return (0); + +diff --git a/shell.c b/shell.c +index a2b2a55..6adabc8 100644 +--- a/shell.c ++++ b/shell.c +@@ -1293,7 +1293,11 @@ disable_priv_mode () + { + int e; + ++#if HAVE_DECL_SETRESUID ++ if (setresuid (current_user.uid, current_user.uid, current_user.uid) < 0) ++#else + if (setuid (current_user.uid) < 0) ++#endif + { + e = errno; + sys_error (_("cannot set uid to %d: effective uid %d"), current_user.uid, current_user.euid); +@@ -1302,7 +1306,11 @@ disable_priv_mode () + exit (e); + #endif + } ++#if HAVE_DECL_SETRESGID ++ if (setresgid (current_user.gid, current_user.gid, current_user.gid) < 0) ++#else + if (setgid (current_user.gid) < 0) ++#endif + sys_error (_("cannot set gid to %d: effective gid %d"), current_user.gid, current_user.egid); + + current_user.euid = current_user.uid; +diff --git a/tests/glob.tests b/tests/glob.tests +index 01913bb..fb012f7 100644 +--- a/tests/glob.tests ++++ b/tests/glob.tests +@@ -12,6 +12,8 @@ ${THIS_SH} ./glob1.sub + ${THIS_SH} ./glob2.sub + ${THIS_SH} ./glob3.sub + ${THIS_SH} ./glob4.sub ++${THIS_SH} ./glob6.sub ++${THIS_SH} ./glob7.sub + + MYDIR=$PWD # save where we are + +diff --git a/tests/glob6.sub b/tests/glob6.sub +new file mode 100644 +index 0000000..b099811 +--- /dev/null ++++ b/tests/glob6.sub +@@ -0,0 +1,54 @@ ++# tests of the backslash-in-glob-patterns discussion on the austin-group ML ++ ++: ${TMPDIR:=/var/tmp} ++ ++ORIG=$PWD ++GLOBDIR=$TMPDIR/bash-glob-$$ ++mkdir $GLOBDIR && cd $GLOBDIR ++ ++# does the pattern matcher allow backslashes as escape characters and remove ++# them as part of matching? ++touch abcdefg ++pat='ab\cd*' ++printf '<%s>\n' $pat ++pat='\.' ++printf '<%s>\n' $pat ++rm abcdefg ++ ++# how about when escaping pattern characters? ++touch '*abc.c' ++a='\**.c' ++printf '%s\n' $a ++rm -f '*abc.c' ++ ++# how about when making the distinction between readable and searchable path ++# components? ++mkdir -m a=x searchable ++mkdir -m a=r readable ++ ++p='searchable/\.' ++printf "%s\n" $p ++ ++p='searchable/\./.' ++printf "%s\n" $p ++ ++p='readable/\.' ++printf "%s\n" $p ++ ++p='readable/\./.' ++printf "%s\n" $p ++ ++printf "%s\n" 'searchable/\.' ++printf "%s\n" 'readable/\.' ++ ++echo */. ++ ++p='*/\.' ++echo $p ++ ++echo */'.' ++ ++rmdir searchable readable ++ ++cd $ORIG ++rmdir $GLOBDIR +diff --git a/tests/glob7.sub b/tests/glob7.sub +new file mode 100644 +index 0000000..0212b8e +--- /dev/null ++++ b/tests/glob7.sub +@@ -0,0 +1,11 @@ ++# according to Posix 2.13.3, a slash in a bracket expression renders that ++# bracket expression invalid ++shopt -s nullglob ++ ++echo 1: [qwe/qwe] ++echo 2: [qwe/ ++echo 3: [qwe/] ++ ++echo 4: [qwe\/qwe] ++echo 5: [qwe\/ ++echo 6: [qwe\/] +-- +1.9.1 + diff --git a/poky/meta/recipes-extended/bash/bash_5.0.bb b/poky/meta/recipes-extended/bash/bash_5.0.bb index 8ff9e6eda..257a03bd8 100644 --- a/poky/meta/recipes-extended/bash/bash_5.0.bb +++ b/poky/meta/recipes-extended/bash/bash_5.0.bb @@ -21,6 +21,8 @@ SRC_URI = "${GNU_MIRROR}/bash/${BP}.tar.gz;name=tarball \ ${GNU_MIRROR}/bash/bash-${PV}-patches/bash50-014;apply=yes;striplevel=0;name=patch014 \ ${GNU_MIRROR}/bash/bash-${PV}-patches/bash50-015;apply=yes;striplevel=0;name=patch015 \ ${GNU_MIRROR}/bash/bash-${PV}-patches/bash50-016;apply=yes;striplevel=0;name=patch016 \ + ${GNU_MIRROR}/bash/bash-${PV}-patches/bash50-017;apply=yes;striplevel=0;name=patch017 \ + ${GNU_MIRROR}/bash/bash-${PV}-patches/bash50-018;apply=yes;striplevel=0;name=patch018 \ file://execute_cmd.patch \ file://mkbuiltins_have_stringize.patch \ file://build-tests.patch \ @@ -28,6 +30,7 @@ SRC_URI = "${GNU_MIRROR}/bash/${BP}.tar.gz;name=tarball \ file://run-ptest \ file://run-bash-ptests \ file://fix-run-builtins.patch \ + file://bash-CVE-2019-18276.patch \ " SRC_URI[tarball.md5sum] = "2b44b47b905be16f45709648f671820b" @@ -65,6 +68,11 @@ SRC_URI[patch015.md5sum] = "c4c6ea23d09a74eaa9385438e48fdf02" SRC_URI[patch015.sha256sum] = "a517df2dda93b26d5cbf00effefea93e3a4ccd6652f152f4109170544ebfa05e" SRC_URI[patch016.md5sum] = "a682ed6fa2c2e7a7c3ba6bdeada07fb5" SRC_URI[patch016.sha256sum] = "ffd1d7a54a99fa7f5b1825e4f7e95d8c8876bc2ca151f150e751d429c650b06d" +SRC_URI[patch017.md5sum] = "d9dcaa1d8e7a24850449a1aac43a12a9" +SRC_URI[patch017.sha256sum] = "4cf3b9fafb8a66d411dd5fc9120032533a4012df1dc6ee024c7833373e2ddc31" +SRC_URI[patch018.md5sum] = "a64d950d5de72ae590455b13e6afefcb" +SRC_URI[patch018.sha256sum] = "7c314e375a105a6642e8ed44f3808b9def89d15f7492fe2029a21ba9c0de81d3" + DEBUG_OPTIMIZATION_append_armv4 = " ${@bb.utils.contains('TUNE_CCARGS', '-mthumb', '-fomit-frame-pointer', '', d)}" DEBUG_OPTIMIZATION_append_armv5 = " ${@bb.utils.contains('TUNE_CCARGS', '-mthumb', '-fomit-frame-pointer', '', d)}" diff --git a/poky/meta/recipes-extended/ltp/ltp/0004-guard-mallocopt-with-__GLIBC__.patch b/poky/meta/recipes-extended/ltp/ltp/0004-guard-mallocopt-with-__GLIBC__.patch index e93886c9c..a187f61f0 100644 --- a/poky/meta/recipes-extended/ltp/ltp/0004-guard-mallocopt-with-__GLIBC__.patch +++ b/poky/meta/recipes-extended/ltp/ltp/0004-guard-mallocopt-with-__GLIBC__.patch @@ -7,7 +7,7 @@ mallocopt is not available on non glibc implementations Signed-off-by: Khem Raj Reviewed-by: Petr Vorel -[ Upstream-Status: accepted in 967612c454aea66770b64f69287671037fe895b3 ] +Upstream-Status: Accepted [967612c454aea66770b64f69287671037fe895b3] --- utils/benchmark/ebizzy-0.3/ebizzy.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/poky/meta/recipes-extended/stress-ng/stress-ng_0.11.19.bb b/poky/meta/recipes-extended/stress-ng/stress-ng_0.11.19.bb deleted file mode 100644 index f1af99e51..000000000 --- a/poky/meta/recipes-extended/stress-ng/stress-ng_0.11.19.bb +++ /dev/null @@ -1,27 +0,0 @@ -SUMMARY = "System load testing utility" -DESCRIPTION = "Deliberately simple workload generator for POSIX systems. It \ -imposes a configurable amount of CPU, memory, I/O, and disk stress on the system." -HOMEPAGE = "https://kernel.ubuntu.com/~cking/stress-ng/" -LICENSE = "GPLv2" -LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263" - -SRC_URI = "https://kernel.ubuntu.com/~cking/tarballs/${BPN}/${BP}.tar.xz \ - file://0001-Do-not-preserve-ownership-when-installing-example-jo.patch \ - file://no_daddr_t.patch \ - " -SRC_URI[sha256sum] = "a50b753f00a9c880eda4f9d72bb82e37149ac24fab4265212e101926a1c20868" - -DEPENDS = "coreutils-native" - -PROVIDES = "stress" -RPROVIDES_${PN} = "stress" -RREPLACES_${PN} = "stress" -RCONFLICTS_${PN} = "stress" - -inherit bash-completion - -do_install() { - oe_runmake DESTDIR=${D} install - ln -s stress-ng ${D}${bindir}/stress -} - diff --git a/poky/meta/recipes-extended/stress-ng/stress-ng_0.11.21.bb b/poky/meta/recipes-extended/stress-ng/stress-ng_0.11.21.bb new file mode 100644 index 000000000..71671dd04 --- /dev/null +++ b/poky/meta/recipes-extended/stress-ng/stress-ng_0.11.21.bb @@ -0,0 +1,27 @@ +SUMMARY = "System load testing utility" +DESCRIPTION = "Deliberately simple workload generator for POSIX systems. It \ +imposes a configurable amount of CPU, memory, I/O, and disk stress on the system." +HOMEPAGE = "https://kernel.ubuntu.com/~cking/stress-ng/" +LICENSE = "GPLv2" +LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263" + +SRC_URI = "https://kernel.ubuntu.com/~cking/tarballs/${BPN}/${BP}.tar.xz \ + file://0001-Do-not-preserve-ownership-when-installing-example-jo.patch \ + file://no_daddr_t.patch \ + " +SRC_URI[sha256sum] = "ee44b71aba20e9c7d10ec4768efa2245d12579fa17e08b9314c17f06f785ae39" + +DEPENDS = "coreutils-native" + +PROVIDES = "stress" +RPROVIDES_${PN} = "stress" +RREPLACES_${PN} = "stress" +RCONFLICTS_${PN} = "stress" + +inherit bash-completion + +do_install() { + oe_runmake DESTDIR=${D} install + ln -s stress-ng ${D}${bindir}/stress +} + diff --git a/poky/meta/recipes-extended/sudo/sudo_1.9.2.bb b/poky/meta/recipes-extended/sudo/sudo_1.9.2.bb deleted file mode 100644 index 5756b2e14..000000000 --- a/poky/meta/recipes-extended/sudo/sudo_1.9.2.bb +++ /dev/null @@ -1,47 +0,0 @@ -require sudo.inc - -SRC_URI = "https://www.sudo.ws/dist/sudo-${PV}.tar.gz \ - ${@bb.utils.contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)} \ - " - -PAM_SRC_URI = "file://sudo.pam" - -SRC_URI[sha256sum] = "7c98d201f181c47152711b9f391e0f6b5545f3ef8926298a3e8bc6288e118314" - -DEPENDS += " virtual/crypt ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}" -RDEPENDS_${PN} += " ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'pam-plugin-limits pam-plugin-keyinit', '', d)}" - -CACHED_CONFIGUREVARS = " \ - ac_cv_type_rsize_t=no \ - ac_cv_path_MVPROG=${base_bindir}/mv \ - ac_cv_path_BSHELLPROG=${base_bindir}/sh \ - ac_cv_path_SENDMAILPROG=${sbindir}/sendmail \ - ac_cv_path_VIPROG=${base_bindir}/vi \ - " - -EXTRA_OECONF += " \ - ${@bb.utils.contains('DISTRO_FEATURES', 'pam', '--with-pam', '--without-pam', d)} \ - ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '--enable-tmpfiles.d=${nonarch_libdir}/tmpfiles.d', '--disable-tmpfiles.d', d)} \ - --with-rundir=/run/sudo \ - --with-vardir=/var/lib/sudo \ - " - -do_install_append () { - if [ "${@bb.utils.filter('DISTRO_FEATURES', 'pam', d)}" ]; then - install -D -m 644 ${WORKDIR}/sudo.pam ${D}/${sysconfdir}/pam.d/sudo - if ${@bb.utils.contains('PACKAGECONFIG', 'pam-wheel', 'true', 'false', d)} ; then - echo 'auth required pam_wheel.so use_uid' >>${D}${sysconfdir}/pam.d/sudo - sed -i 's/# \(%wheel ALL=(ALL) ALL\)/\1/' ${D}${sysconfdir}/sudoers - fi - fi - - chmod 4111 ${D}${bindir}/sudo - chmod 0440 ${D}${sysconfdir}/sudoers - - # Explicitly remove the /sudo directory to avoid QA error - rmdir -p --ignore-fail-on-non-empty ${D}/run/sudo -} - -FILES_${PN} += "${nonarch_libdir}/tmpfiles.d" -FILES_${PN}-dev += "${libexecdir}/${BPN}/lib*${SOLIBSDEV} ${libexecdir}/${BPN}/*.la \ - ${libexecdir}/lib*${SOLIBSDEV} ${libexecdir}/*.la" diff --git a/poky/meta/recipes-extended/sudo/sudo_1.9.3.bb b/poky/meta/recipes-extended/sudo/sudo_1.9.3.bb new file mode 100644 index 000000000..270625ebe --- /dev/null +++ b/poky/meta/recipes-extended/sudo/sudo_1.9.3.bb @@ -0,0 +1,47 @@ +require sudo.inc + +SRC_URI = "https://www.sudo.ws/dist/sudo-${PV}.tar.gz \ + ${@bb.utils.contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)} \ + " + +PAM_SRC_URI = "file://sudo.pam" + +SRC_URI[sha256sum] = "1d9889cc3b3b15ed8c2c7c3de3aa392a3a726838d020815067c080525c3f5837" + +DEPENDS += " virtual/crypt ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}" +RDEPENDS_${PN} += " ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'pam-plugin-limits pam-plugin-keyinit', '', d)}" + +CACHED_CONFIGUREVARS = " \ + ac_cv_type_rsize_t=no \ + ac_cv_path_MVPROG=${base_bindir}/mv \ + ac_cv_path_BSHELLPROG=${base_bindir}/sh \ + ac_cv_path_SENDMAILPROG=${sbindir}/sendmail \ + ac_cv_path_VIPROG=${base_bindir}/vi \ + " + +EXTRA_OECONF += " \ + ${@bb.utils.contains('DISTRO_FEATURES', 'pam', '--with-pam', '--without-pam', d)} \ + ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '--enable-tmpfiles.d=${nonarch_libdir}/tmpfiles.d', '--disable-tmpfiles.d', d)} \ + --with-rundir=/run/sudo \ + --with-vardir=/var/lib/sudo \ + " + +do_install_append () { + if [ "${@bb.utils.filter('DISTRO_FEATURES', 'pam', d)}" ]; then + install -D -m 644 ${WORKDIR}/sudo.pam ${D}/${sysconfdir}/pam.d/sudo + if ${@bb.utils.contains('PACKAGECONFIG', 'pam-wheel', 'true', 'false', d)} ; then + echo 'auth required pam_wheel.so use_uid' >>${D}${sysconfdir}/pam.d/sudo + sed -i 's/# \(%wheel ALL=(ALL) ALL\)/\1/' ${D}${sysconfdir}/sudoers + fi + fi + + chmod 4111 ${D}${bindir}/sudo + chmod 0440 ${D}${sysconfdir}/sudoers + + # Explicitly remove the /sudo directory to avoid QA error + rmdir -p --ignore-fail-on-non-empty ${D}/run/sudo +} + +FILES_${PN} += "${nonarch_libdir}/tmpfiles.d" +FILES_${PN}-dev += "${libexecdir}/${BPN}/lib*${SOLIBSDEV} ${libexecdir}/${BPN}/*.la \ + ${libexecdir}/lib*${SOLIBSDEV} ${libexecdir}/*.la" diff --git a/poky/meta/recipes-extended/sysklogd/files/0001-Makefile.am-fixup-issue-17.patch b/poky/meta/recipes-extended/sysklogd/files/0001-Makefile.am-fixup-issue-17.patch new file mode 100644 index 000000000..96365648d --- /dev/null +++ b/poky/meta/recipes-extended/sysklogd/files/0001-Makefile.am-fixup-issue-17.patch @@ -0,0 +1,43 @@ +From a4a472c19eaaf03cc0e70797b2d24b540d6424e1 Mon Sep 17 00:00:00 2001 +From: Changqing Li +Date: Wed, 3 Jun 2020 13:39:18 +0800 +Subject: [PATCH] Makefile.am: fixup issue #17 + +only make $(LIBOBJS) depend on $(LTLIBOBJS) still have race condition, +library like pidfile.o may be changed when compile or link for +libsyslog_la_LIBADD, which will cause problem like below: + +ERROR: dwarfsrcfiles failed with exit code 1 (cmd was ['dwarfsrcfiles', /tmp/work/ppc7400-oe-linux/sysklogd/2.1.2-r0/package/usr/lib/libsyslog.a']): +dwarfsrcfiles: tmp/work/ppc7400-oe-linux/sysklogd/2.1.2-r0/package/usr/lib/libsyslog.a: not a valid ELF file + +arm-oe-linux-gnueabi-libtool: link: arm-oe-linux-gnueabi-gcc -march=armv7ve -mthumb -mfpu=neon -mfloat-abi=hard --sysroot=TOPDIR/tmp-glibc/work/armv7vet2hf-neon-oe-linux-gnueabi/sysklogd/2.1.2-r0/recipe-sysroot -shared -fPIC -DPIC .libs/libsyslog_la-syslog.o ../lib/.libs/pidfile.o ../lib/.libs/strlcpy.o ../lib/.libs/strlcat.o -march=armv7ve -mthumb -mfpu=neon -mfloat-abi=hard --sysroot=TOPDIR/tmp-glibc/work/armv7vet2hf-neon-oe-linux-gnueabi/sysklogd/2.1.2-r0/recipe-sysroot -O2 -g -Wl,-O1 -Wl,--hash-style=gnu -Wl,--as-needed -Wl,-soname -Wl,libsyslog.so.0 -o .libs/libsyslog.so.0.0.0 +arm-oe-linux-gnueabi-libtool: link: (cd ".libs" && rm -f "libsyslog.so.0" && ln -s "libsyslog.so.0.0.0" "libsyslog.so.0") +arm-oe-linux-gnueabi-libtool: link: (cd ".libs" && rm -f "libsyslog.so" && ln -s "libsyslog.so.0.0.0" "libsyslog.so") +arm-oe-linux-gnueabi-libtool: link: arm-oe-linux-gnueabi-gcc-ar cru .libs/libsyslog.a libsyslog_la-syslog.o ../lib/pidfile.o ../lib/strlcpy.o ../lib/strlcat.o +TOPDIR/tmp-glibc/work/armv7vet2hf-neon-oe-linux-gnueabi/sysklogd/2.1.2-r0/recipe-sysroot-native/usr/bin/arm-oe-linux-gnueabi/../../libexec/arm-oe-linux-gnueabi/gcc/arm-oe-linux-gnueabi/10.1.0/ar: `u' modifier ignored since `D' is the default (see `U') +TOPDIR/tmp-glibc/work/armv7vet2hf-neon-oe-linux-gnueabi/sysklogd/2.1.2-r0/recipe-sysroot-native/usr/bin/arm-oe-linux-gnueabi/../../libexec/arm-oe-linux-gnueabi/gcc/arm-oe-linux-gnueabi/10.1.0/ar: ../lib/strlcat.o: No such file or directory + +Upstream-Status: Submitted [https://github.com/troglobit/sysklogd/pull/23/commits/e684939559341cb1c6373dfc6469b59e580d80af] + +Signed-off-by: Changqing Li +--- + src/Makefile.am | 7 ++++--- + 1 file changed, 4 insertions(+), 3 deletions(-) + +diff --git a/src/Makefile.am b/src/Makefile.am +index f8a6820..f45c773 100644 +--- a/src/Makefile.am ++++ b/src/Makefile.am +@@ -66,6 +66,7 @@ libsyslog_la_LIBADD = $(LTLIBOBJS) + # ld: syslogd-syslogd.o: in function `main': syslogd.c:417: undefined + # reference to `__pidfile' + # +-# Work around the problem by building one .o from lib at a time, this +-# can be achieved by making LIBOBJS depend on LTLIBOBJS. +-$(LIBOBJS): $(LTLIBOBJS) ++# Work around the problem by make LIBOBJS depend on libsyslog.la, ++# so that LIBOBJS/syslogd/logger will start compile after libsyslog.la ++# is completed ++$(LIBOBJS): $(lib_LTLIBRARIES) +-- +2.17.1 diff --git a/poky/meta/recipes-extended/sysklogd/sysklogd.inc b/poky/meta/recipes-extended/sysklogd/sysklogd.inc index 2e3d9831b..162260f00 100644 --- a/poky/meta/recipes-extended/sysklogd/sysklogd.inc +++ b/poky/meta/recipes-extended/sysklogd/sysklogd.inc @@ -12,6 +12,7 @@ inherit update-rc.d update-alternatives systemd autotools SRC_URI = "git://github.com/troglobit/sysklogd.git;nobranch=1 \ file://sysklogd \ + file://0001-Makefile.am-fixup-issue-17.patch \ " S = "${WORKDIR}/git" diff --git a/poky/meta/recipes-graphics/drm/files/0001-xf86drm.c-fix-build-failure.patch b/poky/meta/recipes-graphics/drm/files/0001-xf86drm.c-fix-build-failure.patch new file mode 100644 index 000000000..60c996ca8 --- /dev/null +++ b/poky/meta/recipes-graphics/drm/files/0001-xf86drm.c-fix-build-failure.patch @@ -0,0 +1,87 @@ +From c7d89412884de2dbfa543720d185027377e62f21 Mon Sep 17 00:00:00 2001 +From: Heiko Thiery +Date: Fri, 5 Jun 2020 23:46:52 +0200 +Subject: [PATCH] xf86drm.c: fix build failure + +./xf86drm.c: In function 'drmNodeIsDRM': +../xf86drm.c:2825:7: error: "__FreeBSD__" is not defined [-Werror=undef] + #elif __FreeBSD__ + ^ +../xf86drm.c: In function 'drmGetMinorNameForFD': +../xf86drm.c:2938:7: error: "__FreeBSD__" is not defined [-Werror=undef] + #elif __FreeBSD__ + ^ +../xf86drm.c: In function 'drmParsePciBusInfo': +../xf86drm.c:3258:7: error: "__FreeBSD__" is not defined [-Werror=undef] + #elif __FreeBSD__ + ^ +../xf86drm.c: In function 'drmParsePciDeviceInfo': +../xf86drm.c:3427:7: error: "__FreeBSD__" is not defined [-Werror=undef] + #elif __FreeBSD__ + ^ +../xf86drm.c: In function 'drmGetDeviceNameFromFd2': +../xf86drm.c:4305:7: error: "__FreeBSD__" is not defined [-Werror=undef] + #elif __FreeBSD__ + ^ + +Signed-off-by: Heiko Thiery + +Upstream-Status: Backport +Signed-off-by: Armin Kuster + +--- + xf86drm.c | 10 +++++----- + 1 file changed, 5 insertions(+), 5 deletions(-) + +diff --git a/xf86drm.c b/xf86drm.c +index 07a18c4..50a6f09 100644 +--- a/xf86drm.c ++++ b/xf86drm.c +@@ -2822,7 +2822,7 @@ static bool drmNodeIsDRM(int maj, int min) + snprintf(path, sizeof(path), "/sys/dev/char/%d:%d/device/drm", + maj, min); + return stat(path, &sbuf) == 0; +-#elif __FreeBSD__ ++#elif defined(__FreeBSD__) + char name[SPECNAMELEN]; + + if (!devname_r(makedev(maj, min), S_IFCHR, name, sizeof(name))) +@@ -2935,7 +2935,7 @@ static char *drmGetMinorNameForFD(int fd, int type) + + closedir(sysdir); + return NULL; +-#elif __FreeBSD__ ++#elif defined(__FreeBSD__) + struct stat sbuf; + char dname[SPECNAMELEN]; + const char *mname; +@@ -3255,7 +3255,7 @@ static int drmParsePciBusInfo(int maj, int min, drmPciBusInfoPtr info) + info->func = pinfo.func; + + return 0; +-#elif __FreeBSD__ ++#elif defined(__FreeBSD__) + return get_sysctl_pci_bus_info(maj, min, info); + #else + #warning "Missing implementation of drmParsePciBusInfo" +@@ -3424,7 +3424,7 @@ static int drmParsePciDeviceInfo(int maj, int min, + device->subdevice_id = pinfo.subdevice_id; + + return 0; +-#elif __FreeBSD__ ++#elif defined(__FreeBSD__) + drmPciBusInfo info; + struct pci_conf_io pc; + struct pci_match_conf patterns[1]; +@@ -4302,7 +4302,7 @@ drm_public char *drmGetDeviceNameFromFd2(int fd) + free(value); + + return strdup(path); +-#elif __FreeBSD__ ++#elif defined(__FreeBSD__) + return drmGetDeviceNameFromFd(fd); + #else + struct stat sbuf; +-- +1.8.3.1 + diff --git a/poky/meta/recipes-graphics/drm/libdrm_2.4.102.bb b/poky/meta/recipes-graphics/drm/libdrm_2.4.102.bb index fb9a94207..ad512d14a 100644 --- a/poky/meta/recipes-graphics/drm/libdrm_2.4.102.bb +++ b/poky/meta/recipes-graphics/drm/libdrm_2.4.102.bb @@ -10,7 +10,9 @@ LIC_FILES_CHKSUM = "file://xf86drm.c;beginline=9;endline=32;md5=c8a3b961af7667c5 PROVIDES = "drm" DEPENDS = "libpthread-stubs" -SRC_URI = "http://dri.freedesktop.org/libdrm/${BP}.tar.xz" +SRC_URI = "http://dri.freedesktop.org/libdrm/${BP}.tar.xz \ + file://0001-xf86drm.c-fix-build-failure.patch " + SRC_URI[sha256sum] = "8bcbf9336c28e393d76c1f16d7e79e394a7fce8a2e929d52d3ad7ad8525ba05b" inherit meson pkgconfig manpages diff --git a/poky/meta/recipes-graphics/mesa/mesa-gl_20.1.6.bb b/poky/meta/recipes-graphics/mesa/mesa-gl_20.1.6.bb deleted file mode 100644 index e50782be1..000000000 --- a/poky/meta/recipes-graphics/mesa/mesa-gl_20.1.6.bb +++ /dev/null @@ -1,15 +0,0 @@ -require mesa.inc - -SUMMARY += " (OpenGL only, no EGL/GLES)" - -PROVIDES = "virtual/libgl virtual/mesa" - -S = "${WORKDIR}/mesa-${PV}" - -# At least one DRI rendering engine is required to build mesa. -# When no X11 is available, use osmesa for the rendering engine. -PACKAGECONFIG ??= "opengl dri ${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'x11', 'osmesa', d)}" -PACKAGECONFIG_class-target = "opengl dri ${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'x11', 'osmesa', d)}" - -# When NOT using X11, we need to make sure we have swrast available. -DRIDRIVERS_append = "${@bb.utils.contains('DISTRO_FEATURES', 'x11', '', ',swrast', d)}" diff --git a/poky/meta/recipes-graphics/mesa/mesa-gl_20.1.8.bb b/poky/meta/recipes-graphics/mesa/mesa-gl_20.1.8.bb new file mode 100644 index 000000000..e50782be1 --- /dev/null +++ b/poky/meta/recipes-graphics/mesa/mesa-gl_20.1.8.bb @@ -0,0 +1,15 @@ +require mesa.inc + +SUMMARY += " (OpenGL only, no EGL/GLES)" + +PROVIDES = "virtual/libgl virtual/mesa" + +S = "${WORKDIR}/mesa-${PV}" + +# At least one DRI rendering engine is required to build mesa. +# When no X11 is available, use osmesa for the rendering engine. +PACKAGECONFIG ??= "opengl dri ${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'x11', 'osmesa', d)}" +PACKAGECONFIG_class-target = "opengl dri ${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'x11', 'osmesa', d)}" + +# When NOT using X11, we need to make sure we have swrast available. +DRIDRIVERS_append = "${@bb.utils.contains('DISTRO_FEATURES', 'x11', '', ',swrast', d)}" diff --git a/poky/meta/recipes-graphics/mesa/mesa.inc b/poky/meta/recipes-graphics/mesa/mesa.inc index af2a5c0f9..dd4619a06 100644 --- a/poky/meta/recipes-graphics/mesa/mesa.inc +++ b/poky/meta/recipes-graphics/mesa/mesa.inc @@ -23,7 +23,7 @@ SRC_URI = "https://mesa.freedesktop.org/archive/mesa-${PV}.tar.xz \ file://0001-meson-misdetects-64bit-atomics-on-mips-clang.patch \ " -SRC_URI[sha256sum] = "23bed40114b03ad640c95bfe72cc879ed2f941d0d481b77b5204a1fc567fa93c" +SRC_URI[sha256sum] = "df21351494f7caaec5a3ccc16f14f15512e98d2ecde178bba1d134edc899b961" UPSTREAM_CHECK_GITTAGREGEX = "mesa-(?P\d+(\.\d+)+)" diff --git a/poky/meta/recipes-graphics/mesa/mesa_20.1.6.bb b/poky/meta/recipes-graphics/mesa/mesa_20.1.6.bb deleted file mode 100644 index 96e8aa38d..000000000 --- a/poky/meta/recipes-graphics/mesa/mesa_20.1.6.bb +++ /dev/null @@ -1,2 +0,0 @@ -require ${BPN}.inc - diff --git a/poky/meta/recipes-graphics/mesa/mesa_20.1.8.bb b/poky/meta/recipes-graphics/mesa/mesa_20.1.8.bb new file mode 100644 index 000000000..96e8aa38d --- /dev/null +++ b/poky/meta/recipes-graphics/mesa/mesa_20.1.8.bb @@ -0,0 +1,2 @@ +require ${BPN}.inc + diff --git a/poky/meta/recipes-graphics/pango/pango_1.46.1.bb b/poky/meta/recipes-graphics/pango/pango_1.46.1.bb deleted file mode 100644 index cc6cc1e35..000000000 --- a/poky/meta/recipes-graphics/pango/pango_1.46.1.bb +++ /dev/null @@ -1,47 +0,0 @@ -SUMMARY = "Framework for layout and rendering of internationalized text" -DESCRIPTION = "Pango is a library for laying out and rendering of text, \ -with an emphasis on internationalization. Pango can be used anywhere \ -that text layout is needed, though most of the work on Pango so far has \ -been done in the context of the GTK+ widget toolkit. Pango forms the \ -core of text and font handling for GTK+-2.x." -HOMEPAGE = "http://www.pango.org/" -BUGTRACKER = "http://bugzilla.gnome.org" -SECTION = "libs" -LICENSE = "LGPLv2.0+" - -LIC_FILES_CHKSUM = "file://COPYING;md5=3bf50002aefd002f49e7bb854063f7e7" - -GNOMEBASEBUILDCLASS = "meson" - -inherit gnomebase gtk-doc ptest-gnome upstream-version-is-even gobject-introspection - -SRC_URI += " file://run-ptest" -SRC_URI[archive.sha256sum] = "fe516b10711bbb6fd75011d66dd08fabfce18f7931aed7415136d53c4aadf1c5" - -DEPENDS = "glib-2.0 glib-2.0-native fontconfig freetype virtual/libiconv cairo harfbuzz fribidi" - -PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'x11', d)} \ - ${@bb.utils.contains('PTEST_ENABLED', '1', 'tests', '', d)}" - -PACKAGECONFIG[x11] = ",,virtual/libx11 libxft" -PACKAGECONFIG[tests] = "-Dinstall-tests=true, -Dinstall-tests=false" -PACKAGECONFIG[thai] = ",,libthai" - -GTKDOC_MESON_OPTION = "gtk_doc" -GIR_MESON_OPTION = 'introspection' - -do_configure_prepend_toolchain-clang() { - sed -i -e "/Werror=implicit-fallthrough/d" ${S}/meson.build -} - -LEAD_SONAME = "libpango-1.0*" - -FILES_${PN} = "${bindir}/* ${libdir}/libpango*${SOLIBS}" - -RDEPENDS_${PN}-ptest += "cantarell-fonts" -RDEPENDS_${PN}-ptest_append_libc-glibc = " locale-base-en-us" - -RPROVIDES_${PN} += "pango-modules pango-module-indic-lang \ - pango-module-basic-fc pango-module-arabic-lang" - -BBCLASSEXTEND = "native nativesdk" diff --git a/poky/meta/recipes-graphics/pango/pango_1.46.2.bb b/poky/meta/recipes-graphics/pango/pango_1.46.2.bb new file mode 100644 index 000000000..c41d1e8a9 --- /dev/null +++ b/poky/meta/recipes-graphics/pango/pango_1.46.2.bb @@ -0,0 +1,47 @@ +SUMMARY = "Framework for layout and rendering of internationalized text" +DESCRIPTION = "Pango is a library for laying out and rendering of text, \ +with an emphasis on internationalization. Pango can be used anywhere \ +that text layout is needed, though most of the work on Pango so far has \ +been done in the context of the GTK+ widget toolkit. Pango forms the \ +core of text and font handling for GTK+-2.x." +HOMEPAGE = "http://www.pango.org/" +BUGTRACKER = "http://bugzilla.gnome.org" +SECTION = "libs" +LICENSE = "LGPLv2.0+" + +LIC_FILES_CHKSUM = "file://COPYING;md5=3bf50002aefd002f49e7bb854063f7e7" + +GNOMEBASEBUILDCLASS = "meson" + +inherit gnomebase gtk-doc ptest-gnome upstream-version-is-even gobject-introspection + +SRC_URI += " file://run-ptest" +SRC_URI[archive.sha256sum] = "d89fab5f26767261b493279b65cfb9eb0955cd44c07c5628d36094609fc51841" + +DEPENDS = "glib-2.0 glib-2.0-native fontconfig freetype virtual/libiconv cairo harfbuzz fribidi" + +PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'x11', d)} \ + ${@bb.utils.contains('PTEST_ENABLED', '1', 'tests', '', d)}" + +PACKAGECONFIG[x11] = ",,virtual/libx11 libxft" +PACKAGECONFIG[tests] = "-Dinstall-tests=true, -Dinstall-tests=false" +PACKAGECONFIG[thai] = ",,libthai" + +GTKDOC_MESON_OPTION = "gtk_doc" +GIR_MESON_OPTION = 'introspection' + +do_configure_prepend_toolchain-clang() { + sed -i -e "/Werror=implicit-fallthrough/d" ${S}/meson.build +} + +LEAD_SONAME = "libpango-1.0*" + +FILES_${PN} = "${bindir}/* ${libdir}/libpango*${SOLIBS}" + +RDEPENDS_${PN}-ptest += "cantarell-fonts" +RDEPENDS_${PN}-ptest_append_libc-glibc = " locale-base-en-us" + +RPROVIDES_${PN} += "pango-modules pango-module-indic-lang \ + pango-module-basic-fc pango-module-arabic-lang" + +BBCLASSEXTEND = "native nativesdk" diff --git a/poky/meta/recipes-graphics/vulkan/vulkan-demos_git.bb b/poky/meta/recipes-graphics/vulkan/vulkan-demos_git.bb index 9484f010c..4175a5615 100644 --- a/poky/meta/recipes-graphics/vulkan/vulkan-demos_git.bb +++ b/poky/meta/recipes-graphics/vulkan/vulkan-demos_git.bb @@ -39,6 +39,6 @@ EXTRA_OECMAKE = "-DRESOURCE_INSTALL_DIR=${datadir}/vulkan-demos" ANY_OF_DISTRO_FEATURES = "x11 wayland" # Can only pick one of [wayland,xcb] -PACKAGECONFIG = "${@bb.utils.contains('DISTRO_FEATURES', 'wayland', 'wayland', 'xcb' ,d)}" +PACKAGECONFIG = "${@bb.utils.contains('DISTRO_FEATURES', 'wayland', 'wayland', 'xcb', d)}" PACKAGECONFIG[wayland] = "-DUSE_WAYLAND_WSI=ON, -DUSE_WAYLAND_WSI=OFF, wayland" PACKAGECONFIG[xcb] = ",,libxcb" diff --git a/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-Fix-segfault-on-probing-a-non-PCI-platform-device-on.patch b/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-Fix-segfault-on-probing-a-non-PCI-platform-device-on.patch index 7b9e3b4ca..8b687d612 100644 --- a/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-Fix-segfault-on-probing-a-non-PCI-platform-device-on.patch +++ b/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-Fix-segfault-on-probing-a-non-PCI-platform-device-on.patch @@ -10,7 +10,7 @@ case. Signed-off-by: Eric Anholt -Upstream-status: Backport [https://github.com/freedesktop/xorg-xserver/commit/e50c85f4e] +Upstream-Status: Backport [https://github.com/freedesktop/xorg-xserver/commit/e50c85f4e] Signed-off-by: Aníbal Limón --- hw/xfree86/common/xf86platformBus.c | 2 +- diff --git a/poky/meta/recipes-kernel/linux/linux-yocto-dev.bb b/poky/meta/recipes-kernel/linux/linux-yocto-dev.bb index c937173d0..fbc62f29c 100644 --- a/poky/meta/recipes-kernel/linux/linux-yocto-dev.bb +++ b/poky/meta/recipes-kernel/linux/linux-yocto-dev.bb @@ -49,6 +49,6 @@ KERNEL_FEATURES_append = " ${KERNEL_EXTRA_FEATURES}" KERNEL_FEATURES_append_qemuall=" cfg/virtio.scc features/drm-bochs/drm-bochs.scc" KERNEL_FEATURES_append_qemux86=" cfg/sound.scc cfg/paravirt_kvm.scc" KERNEL_FEATURES_append_qemux86-64=" cfg/sound.scc cfg/paravirt_kvm.scc" -KERNEL_FEATURES_append = " ${@bb.utils.contains("TUNE_FEATURES", "mx32", " cfg/x32.scc", "" ,d)}" +KERNEL_FEATURES_append = " ${@bb.utils.contains("TUNE_FEATURES", "mx32", " cfg/x32.scc", "", d)}" KERNEL_VERSION_SANITY_SKIP = "1" diff --git a/poky/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb b/poky/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb index 73876bb99..eded625bf 100644 --- a/poky/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb +++ b/poky/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb @@ -41,4 +41,4 @@ KERNEL_FEATURES_append = " ${KERNEL_EXTRA_FEATURES}" KERNEL_FEATURES_append_qemuall=" cfg/virtio.scc features/drm-bochs/drm-bochs.scc" KERNEL_FEATURES_append_qemux86=" cfg/sound.scc cfg/paravirt_kvm.scc" KERNEL_FEATURES_append_qemux86-64=" cfg/sound.scc cfg/paravirt_kvm.scc" -KERNEL_FEATURES_append = "${@bb.utils.contains("DISTRO_FEATURES", "ptest", " features/scsi/scsi-debug.scc", "" ,d)}" +KERNEL_FEATURES_append = "${@bb.utils.contains("DISTRO_FEATURES", "ptest", " features/scsi/scsi-debug.scc", "", d)}" diff --git a/poky/meta/recipes-kernel/linux/linux-yocto-rt_5.8.bb b/poky/meta/recipes-kernel/linux/linux-yocto-rt_5.8.bb index d29c5985c..aa01f06d3 100644 --- a/poky/meta/recipes-kernel/linux/linux-yocto-rt_5.8.bb +++ b/poky/meta/recipes-kernel/linux/linux-yocto-rt_5.8.bb @@ -12,7 +12,7 @@ python () { } SRCREV_machine ?= "31fafe701e2adec65d2b2a74a3e592a358915c67" -SRCREV_meta ?= "a933cb2f91915dceb138775c3878212e228d3eff" +SRCREV_meta ?= "ffbfe61a194537689c782b20da185e7e4daa9ef9" SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \ git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.8;destsuffix=${KMETA}" @@ -41,4 +41,4 @@ KERNEL_FEATURES_append = " ${KERNEL_EXTRA_FEATURES}" KERNEL_FEATURES_append_qemuall=" cfg/virtio.scc features/drm-bochs/drm-bochs.scc" KERNEL_FEATURES_append_qemux86=" cfg/sound.scc cfg/paravirt_kvm.scc" KERNEL_FEATURES_append_qemux86-64=" cfg/sound.scc cfg/paravirt_kvm.scc" -KERNEL_FEATURES_append = "${@bb.utils.contains("DISTRO_FEATURES", "ptest", " features/scsi/scsi-debug.scc", "" ,d)}" +KERNEL_FEATURES_append = "${@bb.utils.contains("DISTRO_FEATURES", "ptest", " features/scsi/scsi-debug.scc", "", d)}" diff --git a/poky/meta/recipes-kernel/linux/linux-yocto-tiny_5.8.bb b/poky/meta/recipes-kernel/linux/linux-yocto-tiny_5.8.bb index d32e5d372..76b61222a 100644 --- a/poky/meta/recipes-kernel/linux/linux-yocto-tiny_5.8.bb +++ b/poky/meta/recipes-kernel/linux/linux-yocto-tiny_5.8.bb @@ -17,7 +17,7 @@ KCONF_BSP_AUDIT_LEVEL = "2" SRCREV_machine_qemuarm ?= "830cb9af40e856615b7a435a4fac57b748ba56d6" SRCREV_machine ?= "31fafe701e2adec65d2b2a74a3e592a358915c67" -SRCREV_meta ?= "a933cb2f91915dceb138775c3878212e228d3eff" +SRCREV_meta ?= "ffbfe61a194537689c782b20da185e7e4daa9ef9" PV = "${LINUX_VERSION}+git${SRCPV}" diff --git a/poky/meta/recipes-kernel/linux/linux-yocto_5.4.bb b/poky/meta/recipes-kernel/linux/linux-yocto_5.4.bb index fe9369196..d06d653d7 100644 --- a/poky/meta/recipes-kernel/linux/linux-yocto_5.4.bb +++ b/poky/meta/recipes-kernel/linux/linux-yocto_5.4.bb @@ -50,5 +50,5 @@ KERNEL_FEATURES_append = " ${KERNEL_EXTRA_FEATURES}" KERNEL_FEATURES_append_qemuall=" cfg/virtio.scc features/drm-bochs/drm-bochs.scc" KERNEL_FEATURES_append_qemux86=" cfg/sound.scc cfg/paravirt_kvm.scc" KERNEL_FEATURES_append_qemux86-64=" cfg/sound.scc cfg/paravirt_kvm.scc" -KERNEL_FEATURES_append = " ${@bb.utils.contains("TUNE_FEATURES", "mx32", " cfg/x32.scc", "" ,d)}" -KERNEL_FEATURES_append = " ${@bb.utils.contains("DISTRO_FEATURES", "ptest", " features/scsi/scsi-debug.scc", "" ,d)}" +KERNEL_FEATURES_append = " ${@bb.utils.contains("TUNE_FEATURES", "mx32", " cfg/x32.scc", "", d)}" +KERNEL_FEATURES_append = " ${@bb.utils.contains("DISTRO_FEATURES", "ptest", " features/scsi/scsi-debug.scc", "", d)}" diff --git a/poky/meta/recipes-kernel/linux/linux-yocto_5.8.bb b/poky/meta/recipes-kernel/linux/linux-yocto_5.8.bb index 9ff1d5da8..f8e72533f 100644 --- a/poky/meta/recipes-kernel/linux/linux-yocto_5.8.bb +++ b/poky/meta/recipes-kernel/linux/linux-yocto_5.8.bb @@ -21,7 +21,7 @@ SRCREV_machine_qemux86 ?= "31fafe701e2adec65d2b2a74a3e592a358915c67" SRCREV_machine_qemux86-64 ?= "31fafe701e2adec65d2b2a74a3e592a358915c67" SRCREV_machine_qemumips64 ?= "4faa049b6b7b51c5d12d20c5e9fcf8e0a3ba8d42" SRCREV_machine ?= "31fafe701e2adec65d2b2a74a3e592a358915c67" -SRCREV_meta ?= "a933cb2f91915dceb138775c3878212e228d3eff" +SRCREV_meta ?= "ffbfe61a194537689c782b20da185e7e4daa9ef9" # remap qemuarm to qemuarma15 for the 5.8 kernel # KMACHINE_qemuarm ?= "qemuarma15" @@ -51,5 +51,5 @@ KERNEL_FEATURES_append = " ${KERNEL_EXTRA_FEATURES}" KERNEL_FEATURES_append_qemuall=" cfg/virtio.scc features/drm-bochs/drm-bochs.scc" KERNEL_FEATURES_append_qemux86=" cfg/sound.scc cfg/paravirt_kvm.scc" KERNEL_FEATURES_append_qemux86-64=" cfg/sound.scc cfg/paravirt_kvm.scc" -KERNEL_FEATURES_append = " ${@bb.utils.contains("TUNE_FEATURES", "mx32", " cfg/x32.scc", "" ,d)}" -KERNEL_FEATURES_append = " ${@bb.utils.contains("DISTRO_FEATURES", "ptest", " features/scsi/scsi-debug.scc", "" ,d)}" +KERNEL_FEATURES_append = " ${@bb.utils.contains("TUNE_FEATURES", "mx32", " cfg/x32.scc", "", d)}" +KERNEL_FEATURES_append = " ${@bb.utils.contains("DISTRO_FEATURES", "ptest", " features/scsi/scsi-debug.scc", "", d)}" diff --git a/poky/meta/recipes-multimedia/libpng/libpng_1.6.37.bb b/poky/meta/recipes-multimedia/libpng/libpng_1.6.37.bb index 8c53d1164..edb2ac614 100644 --- a/poky/meta/recipes-multimedia/libpng/libpng_1.6.37.bb +++ b/poky/meta/recipes-multimedia/libpng/libpng_1.6.37.bb @@ -20,7 +20,7 @@ BINCONFIG = "${bindir}/libpng-config ${bindir}/libpng16-config" inherit autotools binconfig-disabled pkgconfig # Work around missing symbols -EXTRA_OECONF_append_class-target = " ${@bb.utils.contains("TUNE_FEATURES", "neon", "--enable-arm-neon=on", "--enable-arm-neon=off" ,d)}" +EXTRA_OECONF_append_class-target = " ${@bb.utils.contains("TUNE_FEATURES", "neon", "--enable-arm-neon=on", "--enable-arm-neon=off", d)}" PACKAGES =+ "${PN}-tools" diff --git a/poky/meta/recipes-support/boost/boost.inc b/poky/meta/recipes-support/boost/boost.inc index ca140d595..ea1bc123b 100644 --- a/poky/meta/recipes-support/boost/boost.inc +++ b/poky/meta/recipes-support/boost/boost.inc @@ -7,6 +7,9 @@ CVE_PRODUCT = "boost:boost" ARM_INSTRUCTION_SET_armv4 = "arm" ARM_INSTRUCTION_SET_armv5 = "arm" +B = "${WORKDIR}/build" +do_configure[cleandirs] = "${B}" + BOOST_LIBS = "\ atomic \ chrono \ @@ -146,7 +149,7 @@ BOOST_PARALLEL_MAKE = "${@oe.utils.parallel_make_argument(d, '-j%d')}" BJAM_OPTS = '${BOOST_PARALLEL_MAKE} -d+2 -q \ ${BJAM_TOOLS} \ -sBOOST_BUILD_USER_CONFIG=${WORKDIR}/user-config.jam \ - --build-dir=${S}/${TARGET_SYS} \ + --build-dir=${B} \ --disable-icu \ ${BJAM_EXTRA}' @@ -161,6 +164,7 @@ BJAM_OPTS_append_arm = " abi=aapcs architecture=arm" BJAM_OPTS_append_aarch64 = " abi=aapcs address-model=64 architecture=arm" do_configure() { + cd ${S} cp -f ${S}/boost/config/platform/linux.hpp ${S}/boost/config/platform/linux-gnueabi.hpp # D2194:Fixing the failure of "error: duplicate initialization of gcc with the following parameters" during compilation. @@ -184,8 +188,9 @@ do_configure() { } do_compile() { - rm -rf ${S}/${TARGET_SYS} - bjam ${BJAM_OPTS} --prefix=${prefix} \ + cd ${S} + bjam ${BJAM_OPTS} \ + --prefix=${prefix} \ --exec-prefix=${exec_prefix} \ --libdir=${libdir} \ --includedir=${includedir} \ @@ -193,6 +198,7 @@ do_compile() { } do_install() { + cd ${S} bjam ${BJAM_OPTS} \ --libdir=${D}${libdir} \ --includedir=${D}${includedir} \ diff --git a/poky/meta/recipes-support/curl/curl_7.72.0.bb b/poky/meta/recipes-support/curl/curl_7.72.0.bb index a2ae0b690..7d0268253 100644 --- a/poky/meta/recipes-support/curl/curl_7.72.0.bb +++ b/poky/meta/recipes-support/curl/curl_7.72.0.bb @@ -5,7 +5,7 @@ SECTION = "console/network" LICENSE = "MIT" LIC_FILES_CHKSUM = "file://COPYING;md5=2e9fb35867314fe31c6a4977ef7dd531" -SRC_URI = "http://curl.haxx.se/download/curl-${PV}.tar.bz2 \ +SRC_URI = "https://curl.haxx.se/download/curl-${PV}.tar.bz2 \ file://0001-replace-krb5-config-with-pkg-config.patch \ " diff --git a/poky/meta/recipes-support/debianutils/debianutils_4.11.1.bb b/poky/meta/recipes-support/debianutils/debianutils_4.11.1.bb index ef7aa5040..3b1767e5e 100644 --- a/poky/meta/recipes-support/debianutils/debianutils_4.11.1.bb +++ b/poky/meta/recipes-support/debianutils/debianutils_4.11.1.bb @@ -3,7 +3,7 @@ SECTION = "base" LICENSE = "GPLv2 & SMAIL_GPL" LIC_FILES_CHKSUM = "file://debian/copyright;md5=9b912cd0cc654134c0ef3424a0705b94" -SRC_URI = "http://snapshot.debian.org/archive/debian/20200525T145753Z/pool/main/d/${BPN}/${BPN}_${PV}.tar.xz" +SRC_URI = "http://snapshot.debian.org/archive/debian/20200929T025235Z/pool/main/d/${BPN}/${BPN}_${PV}.tar.xz" # the package is taken from snapshots.debian.org; that source is static and goes stale # so we check the latest upstream from a directory that does get updated UPSTREAM_CHECK_URI = "${DEBIAN_MIRROR}/main/d/${BPN}/" diff --git a/poky/meta/recipes-support/ptest-runner/ptest-runner_2.4.0.bb b/poky/meta/recipes-support/ptest-runner/ptest-runner_2.4.0.bb index 0a3186dac..10b4c5b6a 100644 --- a/poky/meta/recipes-support/ptest-runner/ptest-runner_2.4.0.bb +++ b/poky/meta/recipes-support/ptest-runner/ptest-runner_2.4.0.bb @@ -7,8 +7,8 @@ HOMEPAGE = "http://git.yoctoproject.org/cgit/cgit.cgi/ptest-runner2/about/" LICENSE = "GPLv2" LIC_FILES_CHKSUM = "file://LICENSE;md5=751419260aa954499f7abaabaa882bbe" -SRCREV = "1e9a84585909b970cc8850d3ea02a7215dcfa5a3" -PV = "2.4.0+git${SRCPV}" +SRCREV = "834670317bd3f6e427e1ac461c07ada6b8936dfd" +PV .= "+git${SRCPV}" SRC_URI = "git://git.yoctoproject.org/ptest-runner2 \ " diff --git a/poky/scripts/oe-build-perf-report b/poky/scripts/oe-build-perf-report index e781f4f03..7ed86a72f 100755 --- a/poky/scripts/oe-build-perf-report +++ b/poky/scripts/oe-build-perf-report @@ -1,4 +1,4 @@ -#!/usr/bin/python3 +#!/usr/bin/env python3 # # Examine build performance test results # diff --git a/poky/scripts/runqemu b/poky/scripts/runqemu index e62d869c2..e5e66f345 100755 --- a/poky/scripts/runqemu +++ b/poky/scripts/runqemu @@ -1336,7 +1336,7 @@ class BaseConfig(object): if not os.access(qemu_bin, os.X_OK): raise OEPathError("No QEMU binary '%s' could be found" % qemu_bin) - self.qemu_opt = "%s %s %s %s" % (qemu_bin, self.get('NETWORK_CMD'), self.get('ROOTFS_OPTIONS'), self.get('QB_OPT_APPEND')) + self.qemu_opt = "%s %s %s %s %s" % (qemu_bin, self.get('NETWORK_CMD'), self.get('QB_RNG'), self.get('ROOTFS_OPTIONS'), self.get('QB_OPT_APPEND')) for ovmf in self.ovmf_bios: format = ovmf.rsplit('.', 1)[-1] -- cgit v1.2.3