From 92b42cb35d755f8cfe6c17d403711a536e0f0721 Mon Sep 17 00:00:00 2001 From: Patrick Williams Date: Sat, 3 Sep 2022 06:53:57 -0500 Subject: subtree updates MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit meta-raspberrypi: b6a1645a97..c57b464b88: Lluis Campos (1): rpi-cmdline: do_compile: Use pure Python syntax to get `CMDLINE` meta-openembedded: 2eb39477a7..a755af4fb5: Adrian Zaharia (1): lapack: add packageconfig for lapacke Akash Hadke (1): polkit: Add --shell /bin/nologin to polkitd user Alex Kiernan (3): ntpsec: Add UPSTREAM_CHECK_URI libgpiod: Detect ptest using PTEST_ENABLED ostree: Cleanup PACKAGECONFIGs Anuj Mittal (1): yasm: fix buildpaths warning Atanas Bunchev (1): python3-twitter: Upgrade 4.8.0 -> 4.10.1 Bartosz Golaszewski (4): imagemagick: add PACKAGECONFIG for C++ bindings python3-matplotlib: don't use PYTHON_PN python3-matplotlib: add packaging to RDEPENDS python3-matplotlib: bump to 3.5.2 Bruce Ashfield (3): vboxguestdrivers: fix build against 5.19 kernel / libc-headers zfs: update to v2.1.5 vboxguestdrivers: make kernel shared directory dependency explicit Carsten Bäcker (1): spdlog: Fix CMake flag Changqing Li (3): fuse3: support ptest redis: fix do_patch fuzz warning dlt-daemon: fix dlt-system.service failed since buffer overflow Clément Péron (1): python: add Pydantic data validation package Devendra Tewari (1): android-tools: sleep more in android-gadget-start Ed Tanous (1): Add python-requests-unixsocket recipe Enguerrand de Ribaucourt (1): mdio-tools: add recipes Etienne Cordonnier (1): uutils-coreutils: add recipe Jagadeesh Krishnanjanappa (4): python3-asgiref: add recipe python3-django: make 3.2.x as default version python3-django: Add python3-asgiref runtime dependency python3-django: remove 2.2.x recipe Jan Luebbe (2): chrony: add support for config and source snippet includes gensio: upgrade 2.3.1 -> 2.5.2 Jan Vermaete (1): makeself: added makeself as new recipe Jim Broadus (1): networkmanager: fix iptables and nft paths Jose Quaresma (2): wireguard-module: 1.0.20210219 -> 1.0.20220627 wireguard-tools: Add a new package for wg-quick Julian Haller (2): pcsc-lite: upgrade 1.9.0 -> 1.9.8 ccid: upgrade 1.4.33 -> 1.5.0 Justin Bronder (1): lmdb: only set SONAME on the shared library Khem Raj (61): mariadb: Inherit pkgconfig mariadb: Add packageconfig for lz4 and enable it ibus: Swith to use main branch instead of master kronosnet: Upgrade to 1.24 ostree: Upgrade to 2022.5 release sdbus-c++-libsystemd: Fix build with glibc 2.36 xfstests: Upgrade to v2022.07.10 autofs: Fix build with glibc 2.36 audit: Upgrade to 3.0.8 and fix build with linux 5.17+ pcp: Add to USERADD_PACKAGES instead of override mozjs: Use RUST_HOST_SYS and RUST_TARGET_SYS fluentbit: Fix build with clang audit: Fix build with musl fluentbit: Fix build with musl klibc: Upgrade to 2.0.10 gnome-keyring,cunit,xfce4-panel: Do not inherit remove-libtool class here mpd: Update to 0.23.8 openipmi: Enable largefile cflags proftpd: Always enable largefile support netperf: Always enable largefile support openipmi: Always enable largefile support unbound: Always enable largefile support sysbench: Always enable largefile support libmtp: Always enable largefile support toybox: Fix build with glibc 2.36+ xfstests: Upgrade to 2022.07.31 release libmpd: Fix function returns and casts audit: Revert the tweak done in configure step in do_install mpd: Upgrade to 0.23.9 fluentbit: Use CMAKE_C_STANDARD_LIBRARIES cmake var to pass libatomic fluentbit: Upgrade to 1.9.7 and fix build on x86 klibc: Fix build with kernel 5.19 headers ntpsec: Add -D_GNU_SOURCE and fix building with devtool gd: Fix build with clang-15 cpulimit: Define -D_GNU_SOURCE safec: Remove unused variable 'len' ncftp: Enable autoreconf ncftp: Fix TMPDIR path embedding into ncftpget libb64: Switch to github fork and upgrade to 2.0.0.1+git dhrystone: Disable warnings as errors with clang dibbler: Fix build with musl fio: Fix additional warnings seen with musl ssmtp: Fix null pointer assignments gst-editing-services: Add recipe rygel: Upgrade to 0.40.4 libesmtp: Define _GNU_SOURCE python3-grpcio: Enable largefile support explicitly libteam: Include missing headers for strrchr and memcmp neon: Upgrade to 0.32.2 satyr: Fix build on musl/clang libmusicbrainz: Avoid -Wnonnull warning aom: Upgrade to 3.4.0 vorbis-tools: Fix build on musl dvb-apps: Use tarball for SRC_URI and fix build on musl python3-netifaces: Fix build with python3 and musl python3-pyephem: Fix build with python3 and musl samba: Fix warnings in configure tests for rpath checks lirc: Fix build on musl mongodb: Fix boost build with clang-15 crda: Fix build with clang-15 monkey: Fix build with musl Lei Maohui (2): dnf-plugin-tui: Fix somw issue in postinstall process. xrdp: Fix buildpaths warning. Leon Anavi (16): python3-nocasedict: Upgrade 1.0.3 -> 1.0.4 python3-frozenlist: Upgrade 1.3.0 -> 1.3.1 python3-networkx: Upgrade 2.8.4 -> 2.8.5 python3-pyhamcrest: Upgrade 2.0.3 -> 2.0.4 python3-aiohue: Upgrade 4.4.2 -> 4.5.0 python3-pyperf: Upgrade 2.3.0 -> 2.4.1 python3-eth-abi: Upgrade 3.0.0 -> 3.0.1 python3-cytoolz: Upgrade 0.11.2 -> 0.12.0 python3-yarl: Upgrade 1.7.2 -> 1.8.1 python3-term: Upgrade 2.3 -> 2.4 python3-coverage: Upgrade 6.4.1 -> 6.4.4 python3-regex: Upgrade 2022.7.25 -> 2022.8.17 python3-awesomeversion: Upgrade 22.6.0 -> 22.8.0 python3-typed-ast: Upgrade 1.5.2 -> 1.5.4 python3-prompt-toolkit: Upgrade 3.0.24 -> 3.0.30 python3-prettytable: Upgrade 3.1.1 -> 3.3.0 Markus Volk (6): libass: update to v1.16.0 spdlog: update to v1.10.0 waylandpp: add recipe wireplumber: update to v0.4.11 pipewire: update to v0.3.56 pipewire: improve runtime dependency settings Marta Rybczynska (1): polkit: update patches for musl compilation Matthias Klein (1): libftdi: update to 1.5 Mike Crowe (1): yasm: Only depend on xmlto when docs are enabled Mike Petersen (1): sshpass: add recipe Mingli Yu (10): net-snmp: set ac_cv_path_PSPROG postgresql: Fix the buildpaths issue freeradius: Fix buildpaths issue openipmi: Fix buildpaths issue apache2: Fix the buildpaths issue frr: fix buildpaths issue nspr: fix buildpaths issue liblockfile: fix buildpaths issue freediameter: fix buildpaths issue postgresql: make sure pam conf installed when pam enabled Ovidiu Panait (1): net-snmp: upgrade 5.9.1 -> 5.9.3 Paulo Neves (1): fluentbit Upgrade to 1.3.5 -> 1.9.6 Philip Balister (2): python3-pybind11: Update to Version 2.10.0. Remove dead link and old information from the README. Potin Lai (7): libplist: add libplist_git.bb libimobiledevice-glue: SRCREV bump bc6c44b..d2ff796 libimobiledevice: add libimobiledevice_git.bb libirecovery: SRCREV bump e190945..ab5b4d8 libusbmuxd: add libusbmuxd_git.bb usbmuxd: add usbmuxd_git.bb idevicerestore: SRCREV bump 280575b..7d622d9 Richard Purdie (1): lmdb: Don't inherit base Sam Van Den Berge (1): python3-jsonrpcserver: add patch to use importlib.resources instead of pkg_resources Saul Wold (10): libipc-signal-perl: Fix LICENSE string libdigest-hmac-perl: Fix LICENSE string libio-socket-ssl-perl: Fix LICENSE string libdigest-sha1-perl: Fix LICENSE string libmime-types-perl: Fix LICENSE string libauthen-sasl-perl: Fix LICENSE string libnet-ldap-perl: Fix LICENSE string libxml-libxml-perl: Fix LICENSE string libnet-telnet-perl: Fix LICENSE string libproc-waitstat-perl: Fix LICENSE string Sean Anderson (2): image_types_sparse: Pad source image to block size image_types_sparse: Generate "don't care" chunks Vyacheslav Yurkov (4): protobuf: correct ptest dependency protobuf: 3.19.4 -> 3.21.5 upgrade protobuf: change build system to cmake protobuf: disable protoc binary for target Wang Mingyu (60): cifs-utils: upgrade 6.15 -> 7.0 geocode-glib: upgrade 3.26.3 -> 3.26.4 gjs: upgrade 1.72.1 -> 1.72.2 htpdate: upgrade 1.3.5 -> 1.3.6 icewm: upgrade 2.9.8 -> 2.9.9 ipc-run: upgrade 20200505.0 -> 20220807.0 iwd: upgrade 1.28 -> 1.29 ldns: upgrade 1.8.1 -> 1.8.2 libadwaita: upgrade 1.1.3 -> 1.1.4 libencode-perl: upgrade 3.18 -> 3.19 libmime-charset-perl: upgrade 1.012.2 -> 1.013.1 libtest-warn-perl: upgrade 0.36 -> 0.37 nano: upgrade 6.3 -> 6.4 nbdkit: upgrade 1.31.15 -> 1.32.1 netdata: upgrade 1.35.1 -> 1.36.0 fio: upgrade 3.30 -> 3.31 nlohmann-json: upgrade 3.10.5 -> 3.11.2 poco: upgrade 1.12.1 -> 1.12.2 postgresql: upgrade 14.4 -> 14.5 poppler: upgrade 22.07.0 -> 22.08.0 smarty: upgrade 4.1.1 -> 4.2.0 tracker: upgrade 3.3.2 -> 3.3.3 uftp: upgrade 5.0 -> 5.0.1 xdg-user-dirs: upgrade 0.17 -> 0.18 python3-pycodestyle: upgrade 2.9.0 -> 2.9.1 python3-pyzmq: upgrade 23.2.0 -> 23.2.1 python3-setuptools-declarative-requirements: upgrade 1.2.0 -> 1.3.0 python3-sqlalchemy: upgrade 1.4.39 -> 1.4.40 python3-werkzeug: upgrade 2.2.1 -> 2.2.2 python3-xmlschema: upgrade 2.0.1 -> 2.0.2 python3-yappi: upgrade 1.3.5 -> 1.3.6 ade: upgrade 0.1.1f -> 0.1.2 babl: upgrade 0.1.92 -> 0.1.94 ctags: upgrade 5.9.20220703.0 -> 5.9.20220821.0 grilo-plugins: upgrade 0.3.14 -> 0.3.15 ldns: upgrade 1.8.2 -> 1.8.3 libcurses-perl: upgrade 1.38 -> 1.41 mosquitto: upgrade 2.0.14 -> 2.0.15 nbdkit: upgrade 1.32.1 -> 1.33.1 netdata: upgrade 1.36.0 -> 1.36.1 libsdl2-ttf: upgrade 2.20.0 -> 2.20.1 xfstests: upgrade 2022.07.31 -> 2022.08.07 php: upgrade 8.1.8 -> 8.1.9 rdma-core: upgrade 41.0 -> 42.0 spitools: upgrade 1.0.1 -> 1.0.2 unbound: upgrade 1.16.1 -> 1.16.2 zlog: upgrade 1.2.15 -> 1.2.16 python3-hexbytes: upgrade 0.2.3 -> 0.3.0 python3-pythonping: upgrade 1.1.2 -> 1.1.3 python3-jsonrpcserver: Add dependence python3-typing-extensions feh: upgrade 3.9 -> 3.9.1 gnome-bluetooth: upgrade 42.2 -> 42.3 hunspell: upgrade 1.7.0 -> 1.7.1 gtk4: upgrade 4.6.6 -> 4.6.7 logwatch: upgrade 7.6 -> 7.7 bdwgc: upgrade 8.2.0 -> 8.2.2 tcpreplay: upgrade 4.4.1 -> 4.4.2 tree: upgrade 2.0.2 -> 2.0.3 xfsdump: upgrade 3.1.10 -> 3.1.11 babl: upgrade 0.1.94 -> 0.1.96 Wolfgang Meyer (1): libsdl2-ttf: upgrade 2.0.18 -> 2.20.0 Xu Huan (18): python3-protobuf: upgrade 4.21.3 -> 4.21.4 python3-pycodestyle: upgrade 2.8.0 -> 2.9.0 python3-pyflakes: upgrade 2.4.0 -> 2.5.0 python3-pythonping: upgrade 1.1.1 -> 1.1.2 python3-regex: upgrade 2022.7.24 -> 2022.7.25 python3-werkzeug: upgrade 2.2.0 -> 2.2.1 python3-google-auth: upgrade 2.9.1 -> 2.10.0 python3-humanize: upgrade 4.2.3 -> 4.3.0 python3-hexbytes: upgrade 0.2.2 -> 0.2.3 python3-imageio: upgrade 2.21.0 -> 2.21.1 python3-nocaselist: upgrade 1.0.5 -> 1.0.6 python3-protobuf: upgrade 4.21.4 -> 4.21.5 python3-pycares: upgrade 4.2.1 -> 4.2.2 python3-fastjsonschema: upgrade 2.16.1 -> 2.16.2 python3-google-api-python-client: upgrade 2.56.0 -> 2.57.0 python3-google-auth: upgrade 2.10.0 -> 2.11.0 python3-grpcio-tools: upgrade 1.47.0 -> 1.48.0 python3-grpcio: upgrade 1.47.0 -> 1.48.0 Yi Zhao (5): strongswan: upgrade 5.9.6 -> 5.9.7 libldb: upgrade 2.3.3 -> 2.3.4 samba: upgrade 4.14.13 -> 4.14.14 python3-jsonrpcserver: upgrade 5.0.7 -> 5.0.8 samba: fix buildpaths issue wangmy (16): gedit: upgrade 42.1 -> 42.2 libwacom: upgrade 2.3.0 -> 2.4.0 htpdate: upgrade 1.3.4 -> 1.3.5 nbdkit: upgrade 1.31.14 -> 1.31.15 pure-ftpd: upgrade 1.0.50 -> 1.0.51 avro-c: upgrade 1.11.0 -> 1.11.1 debootstrap: upgrade 1.0.126 -> 1.0.127 freerdp: upgrade 2.7.0 -> 2.8.0 icewm: upgrade 2.9.7 -> 2.9.8 libmxml: upgrade 3.3 -> 3.3.1 poco: upgrade 1.12.0 -> 1.12.1 xfontsel: upgrade 1.0.6 -> 1.1.0 xmessage: upgrade 1.0.5 -> 1.0.6 xrefresh: upgrade 1.0.6 -> 1.0.7 zabbix: upgrade 6.0.5 -> 6.2.1 xrdp: upgrade 0.9.18 -> 0.9.19 zhengrq.fnst (4): python3-asttokens: upgrade 2.0.7 -> 2.0.8 python3-charset-normalizer: upgrade 2.1.0 -> 2.1.1 python3-eth-account: 0.6.1 -> 0.7.0 python3-cantools: upgrade 37.1.0 -> 37.1.2 zhengruoqin (12): python3-dominate: upgrade 2.6.0 -> 2.7.0 python3-flask-login: upgrade 0.6.1 -> 0.6.2 python3-google-api-python-client: upgrade 2.54.0 -> 2.55.0 python3-haversine: upgrade 2.5.1 -> 2.6.0 python3-imageio: upgrade 2.19.5 -> 2.21.0 python3-autobahn: upgrade 22.6.1 -> 22.7.1 python3-engineio: upgrade 4.3.3 -> 4.3.4 python3-flask: upgrade 2.1.3 -> 2.2.2 python3-gcovr: upgrade 5.1 -> 5.2 python3-google-api-python-client: upgrade 2.55.0 -> 2.56.0 python3-asttokens: upgrade 2.0.5 -> 2.0.7 python3-zeroconf: upgrade 0.38.7 -> 0.39.0 meta-security: 2a2d650ee0..10fdc2b13a: Anton Antonov (2): Use CARGO_TARGET_SUBDIR in do_install parsec-service: Update oeqa tests Armin Kuster (8): python3-privacyidea: update to 3.7.3 lkrg-module: update to 0.9.5 apparmor: update to 3.0.6 packagegroup-core-security: add space for appends cryptmount: Add new pkg packagegroup-core-security: add pkg to grp cyptmount: Fix mount.h conflicts seen with glibc 2.36+ kas: update testimage inherit John Edward Broadbent (1): meta-security: Add recipe for Glome Mingli Yu (1): samhain-standalone: fix buildpaths issue poky: fc59c28724..9b1db65e7d: Alejandro Hernandez Samaniego (1): baremetal-image.bbclass: Emulate image.bbclass to handle new classes scope Alex Stewart (1): maintainers: update opkg maintainer Alexander Kanavin (113): kmscube: address linux 5.19 fails rpm: update 4.17.0 -> 4.17.1 go: update 1.18.4 -> 1.19 bluez5: update 5.64 -> 5.65 python3-pip: update 22.2.1 -> 22.2.2 ffmpeg: update 5.0.1 -> 5.1 iproute2: upgrade 5.18.0 -> 5.19.0 harfbuzz: upgrade 4.4.1 -> 5.1.0 libwpe: upgrade 1.12.0 -> 1.12.2 bind: upgrade 9.18.4 -> 9.18.5 diffoscope: upgrade 218 -> 220 ell: upgrade 0.51 -> 0.52 gnutls: upgrade 3.7.6 -> 3.7.7 iso-codes: upgrade 4.10.0 -> 4.11.0 kea: upgrade 2.0.2 -> 2.2.0 kexec-tools: upgrade 2.0.24 -> 2.0.25 libcap: upgrade 2.64 -> 2.65 libevdev: upgrade 1.12.1 -> 1.13.0 libnotify: upgrade 0.8.0 -> 0.8.1 libwebp: upgrade 1.2.2 -> 1.2.3 libxcvt: upgrade 0.1.1 -> 0.1.2 mesa: upgrade 22.1.3 -> 22.1.5 mobile-broadband-provider-info: upgrade 20220511 -> 20220725 nettle: upgrade 3.8 -> 3.8.1 piglit: upgrade to latest revision puzzles: upgrade to latest revision python3: upgrade 3.10.5 -> 3.10.6 python3-dtschema: upgrade 2022.7 -> 2022.8 python3-hypothesis: upgrade 6.50.1 -> 6.54.1 python3-jsonschema: upgrade 4.9.0 -> 4.9.1 python3-markdown: upgrade 3.3.7 -> 3.4.1 python3-setuptools: upgrade 63.3.0 -> 63.4.1 python3-sphinx: upgrade 5.0.2 -> 5.1.1 python3-urllib3: upgrade 1.26.10 -> 1.26.11 sqlite3: upgrade 3.39.1 -> 3.39.2 sysklogd: upgrade 2.4.0 -> 2.4.2 webkitgtk: upgrade 2.36.4 -> 2.36.5 kernel-dev: working with kernel using devtool does not require building and installing eSDK sdk-manual: describe how to use extensible SDK functionality directly in a Yocto build dropbear: merge .inc into .bb rust: update 1.62.0 -> 1.62.1 cmake: update 3.23.2 -> 3.24.0 weston: upgrade 10.0.1 -> 10.0.2 patchelf: update 0.14.5 -> 0.15.0 patchelf: replace a rejected patch with an equivalent uninative.bbclass tweak weston: exclude pre-releases from version check tzdata: upgrade 2022a -> 2022b libcgroup: update 2.0.2 -> 3.0.0 python3-setuptools-rust: update 1.4.1 -> 1.5.1 shadow: update 4.11.1 -> 4.12.1 slang: update 2.3.2 -> 2.3.3 xz: update 5.2.5 -> 5.2.6 gdk-pixbuf: update 2.42.8 -> 2.42.9 xorgproto: update 2022.1 -> 2022.2 boost-build-native: update 4.4.1 -> 1.80.0 boost: update 1.79.0 -> 1.80.0 vulkan-samples: update to latest revision epiphany: upgrade 42.3 -> 42.4 git: upgrade 2.37.1 -> 2.37.2 glib-networking: upgrade 2.72.1 -> 2.72.2 gnu-efi: upgrade 3.0.14 -> 3.0.15 gpgme: upgrade 1.17.1 -> 1.18.0 libjpeg-turbo: upgrade 2.1.3 -> 2.1.4 libwebp: upgrade 1.2.3 -> 1.2.4 lighttpd: upgrade 1.4.65 -> 1.4.66 mesa: upgrade 22.1.5 -> 22.1.6 meson: upgrade 0.63.0 -> 0.63.1 mpg123: upgrade 1.30.1 -> 1.30.2 pango: upgrade 1.50.8 -> 1.50.9 piglit: upgrade to latest revision pkgconf: upgrade 1.8.0 -> 1.9.2 python3-dtschema: upgrade 2022.8 -> 2022.8.1 python3-more-itertools: upgrade 8.13.0 -> 8.14.0 python3-numpy: upgrade 1.23.1 -> 1.23.2 python3-pbr: upgrade 5.9.0 -> 5.10.0 python3-pyelftools: upgrade 0.28 -> 0.29 python3-pytz: upgrade 2022.1 -> 2022.2.1 strace: upgrade 5.18 -> 5.19 sysklogd: upgrade 2.4.2 -> 2.4.4 wireless-regdb: upgrade 2022.06.06 -> 2022.08.12 wpebackend-fdo: upgrade 1.12.0 -> 1.12.1 python3-hatchling: update 1.6.0 -> 1.8.0 python3-setuptools: update 63.4.1 -> 65.0.2 devtool: do not leave behind source trees in workspace/sources systemtap: add a patch to address a python 3.11 failure bitbake: bitbake-layers: initialize tinfoil before registering command line arguments scripts/oe-setup-builddir: add a check that TEMPLATECONF is valid bitbake-layers: add a command to save the active build configuration as a template into a layer bitbake-layers: add ability to save current layer repository configuration into a file scripts/oe-setup-layers: add a script that restores the layer configuration from a json file selftest/bblayers: add a test for creating a layer setup and using it to restore the layers selftest/bblayers: adjust the revision for the layer setup test perl: run builds from a pristine source tree meta-poky/conf: move default templates to conf/templates/default/ syslinux: mark all pending patches as Inactive-Upstream shadow: correct the pam patch status mtd-utils: remove patch that adds -I option gstreamer1.0-plugins-bad: remove an unneeded patch ghostscript: remove unneeded patch ovmf: drop the force no-stack-protector patch python: submit CC to cc_basename patch upstream mc: submit perl warnings patch upstream sysvinit: send install.patch upstream valgrind: (re)send ppc instructions patch upstream gdk-pixbuf: submit fatal-loader.patch upstream libsdl2: follow upstream version is even rule python3-pip: submit reproducible.patch upstream python3-pip: remove unneeded reproducible.patch llvm: remove 0006-llvm-TargetLibraryInfo-Undefine-libc-functions-if-th.patch scripts/oe-setup-builddir: migrate build/conf/templateconf.cfg to new template locations meta/files/layers.schema.json: drop the layers property scripts/oe-setup-builddir: write to conf/templateconf.cfg after the build is set up scripts/oe-setup-builddir: make environment variable the highest priority source for TEMPLATECONF Alexandre Belloni (1): ruby: drop capstone support Andrei Gherzan (7): shadow: Enable subid support rootfspostcommands.py: Restructure sort_passwd and related functions rootfspostcommands.py: Cleanup subid backup files generated by shadow-utils selftest: Add module for testing rootfs postcommands rootfs-postcommands.bbclass: Follow function rename in rootfspostcommands.py shadow: Avoid nss warning/error with musl linux-yocto: Fix COMPATIBLE_MACHINE regex match Andrey Konovalov (2): mesa: add pipe-loader's libraries to libopencl-mesa package mesa: build clover with native LLVM codegen support for freedreno Anuj Mittal (1): poky.conf: add ubuntu-22.04 to tested distros Armin Kuster (1): system-requirements.rst: remove EOL and Centos7 hosts Aryaman Gupta (1): bitbake: runqueue: add memory pressure regulation Awais Belal (1): kernel-fitimage.bbclass: only package unique DTBs Beniamin Sandu (1): libpam: use /run instead of /var/run in systemd tmpfiles Bertrand Marquis (1): sysvinit-inittab/start_getty: Fix respawn too fast Bruce Ashfield (22): linux-yocto/5.15: update to v5.15.58 linux-yocto/5.10: update to v5.10.134 linux-yocto-rt/5.15: update to -rt48 (and fix -stable merge) linux-libc-headers: update to v5.19 kernel-devsrc: support arm v5.19+ on target build kernel-devsrc: support powerpc on v5.19+ lttng-modules: fix build against mips and v5.19 kernel linux-yocto: introduce v5.19 reference kernel recipes meta/conf: update preferred linux-yocto version to v5.19 linux-yocto: drop v5.10 reference kernel recipes linux-yocto/5.15: update to v5.15.59 linux-yocto/5.15: fix reproducibility issues linux-yocto/5.19: cfg: update x32 configuration fragment linux-yocto/5.19: fix reproducibility issues poky: update preferred version to v5.19 poky: change preferred kernel version to 5.15 in poky-alt yocto-bsp: drop v5.10 bbappend and create 5.19 placeholder lttng-modules: replace mips compaction fix with upstream change linux-yocto/5.15: update to v5.15.60 linux-yocto/5.19: update to v5.19.1 linux-yocto/5.19: update to v5.19.3 linux-yocto/5.15: update to v5.15.62 Changqing Li (1): apt: fix nativesdk-apt build failure during the second time build Chen Qi (2): python3-hypothesis: revert back to 6.46.11 python3-requests: add python3-compression dependency Drew Moseley (1): rng-tools: Replace obsolete "wants systemd-udev-settle" Enrico Scholz (2): npm.bbclass: fix typo in 'fund' config option npm.bbclass: fix architecture mapping Ernst Sjöstrand (1): cve-check: Don't use f-strings Jacob Kroon (1): python3-cython: Remove debug lines Jan Luebbe (2): openssh: sync local ssh_config + sshd_config files with upstream 8.7p1 openssh: add support for config snippet includes to ssh and sshd JeongBong Seo (1): wic: add 'none' fstype for custom image Johannes Schneider (1): classes: rootfs-postcommands: autologin root on serial-getty Jon Mason (2): oeqa/parselogs: add qemuarmv5 arm-charlcd masking ref-manual: add numa to machine features Jose Quaresma (4): bitbake: build: prefix the tasks with a timestamp in the log task_order archiver.bbclass: some recipes that uses the kernelsrc bbclass uses the shared source linux-yocto: prepend the the value with a space when append to KERNEL_EXTRA_ARGS shaderc: upgrade 2022.1 -> 2022.2 Joshua Watt (4): bitbake: siggen: Fix insufficent entropy in sigtask file names bitbake: utils: Pass lock argument in fileslocked classes: cve-check: Get shared database lock meta/files: add layer setup JSON schema and example Kai Kang (1): packagegroup-self-hosted: update for strace Kevin Hao (1): uboot-config.bbclass: Don't bail out early in multi configs Khem Raj (83): qemu: Fix build with glibc 2.36 mtd-utils: Fix build with glibc 2.36 stress-ng: Upgrade to 0.14.03 bootchart2: Fix build with glibc 2.36+ ltp: Fix sys/mount.h conflicts needed for glibc 2.36+ compile efivar: Fix build with glibc 2.36 cracklib: Drop using register keyword util-linux: Define pidfd_* function signatures util-linux: Upgrade to 2.38.1 tcp-wrappers: Fix implicit-function-declaration warnings perl-cross: Correct function signatures in configure_func.sh perl: Pass additional flags to enable lfs and gnu source sysvinit: Fix mount.h conflicts seen with glibc 2.36+ glibc: Bump to 2.36 glibc: Update patch status zip: Enable largefile support based on distro feature zip: Make configure checks to be more robust unzip: Fix configure tests to use modern C unzip: Enable largefile support when enabled in distro iproute2: Fix netns check during configure glibc: Bump to latest 2.36 branch gstreamer1.0-plugins-base: Include required system headers for isspace() and sscanf() musl: Upgrade to latest tip of trunk zip: Always enable LARGE_FILE_SUPPORT libmicrohttpd: Enable largefile support unconditionally unzip: Always enable largefile support default-distrovars: Remove largefile from defualt DISTRO_FEATURES zlib: Resolve CVE-2022-37434 json-c: Fix function prototypes rsync: Backport fix to address CVE-2022-29154 rsync: Upgrade to 3.2.5 libtirpc: Backport fix for CVE-2021-46828 libxml2: Ignore CVE-2016-3709 tiff: Backport a patch for CVE-2022-34526 libtirpc: Upgrade to 1.3.3 perf: Add packageconfig for libbfd support and use disabled as default connman: Backports for security fixes systemd: Upgrade to 251.4 and fix build with binutils 2.39 time: Add missing include for memset screen: Add missing include files in configure checks setserial: Fix build with clang expect: Fix implicit-function-declaration warnings spirv-tools: Remove default copy constructor in header boost: Compile out stdlib unary/binary_functions for c++11 and newer vulkan-samples: Qualify move as std::move apt: Do not use std::binary_function ltp: Fix sys/mount.h and linux/mount.h conflict rpm: Remove -Wimplicit-function-declaration warnings binutils: Upgrade to 2.39 release binutils-cross: Disable gprofng for when building cross binutils binutils: Package up gprofng binutils: Disable gprofng when using clang binutils-cross-canadian: Package up new gprofng.rc file autoconf: Fix strict prototype errors in generated tests rsync: Add missing prototypes to function declarations nfs-utils: Upgrade to 2.6.2 webkitgtk: Upgrade to 2.36.6 minor update musl: Update to tip binutils: Disable gprofng on musl systems binutils: Upgrade to latest on 2.39 release branch cargo_common.bbclass: Add missing space in shell conditional code rng-tools: Remove depndencies on hwrng ccache: Update the patch status ccache: Fix build with gcc12 on musl alsa-plugins: Include missing string.h xinetd: Pass missing -D_GNU_SOURCE watchdog: Include needed system header for function decls libcgroup: Use GNU strerror_r only when its available pinentry: enable _XOPEN_SOURCE on musl for wchar usage in curses apr: Use correct strerror_r implementation based on libc type gcr: Define _GNU_SOURCE ltp: Adjust types to match create_fifo_thread return gcc: Upgrade to 12.2.0 glibc: Update to latest on 2.36 ltp: Remove -mfpmath=sse on x86-64 too apr: Cache configure tests which use AC_TRY_RUN rust: Fix build failure on riscv32 ncurses: Fix configure tests for exit and mbstate_t rust-llvm: Update to matching LLVM_VERSION from rust-source librepo: Fix build on musl rsync: Turn on -pedantic-errors at the end of 'configure' ccache: Upgrade to 4.6.2 xmlto: Update to use upstream tip of trunk Konrad Weihmann (1): python3: disable user site-pkg for native target Lee Chee Yang (1): migration guides: add release notes for 4.0.3 Luca Ceresoli (1): libmnl: remove unneeded SRC_URI 'name' option Markus Volk (2): connman: add PACKAGECONFIG to support iwd packagegroup-base.bb: add a configure option to set the wireless-daemon Martin Jansa (5): glibc: revert one upstream change to work around broken DEBUG_BUILD build syslinux: Fix build with glibc-2.36 syslinux: refresh patches with devtool glibc: fix new upstream build issue with DEBUG_BUILD build glibc: apply proposed patch from upstream instead of revert Mateusz Marciniec (2): util-linux: Remove --enable-raw from EXTRA_OECONF util-linux: Improve check for magic in configure.ac Michael Halstead (1): uninative: Upgrade to 3.7 to work with glibc 2.36 Michael Opdenacker (1): dev-manual: use proper note directive Mingli Yu (1): bitbake: fetch: use BPN instead Neil Horman (1): bitbake: Fix npm to use https rather than http Paul Eggleton (1): relocate_sdk.py: ensure interpreter size error causes relocation to fail Pavel Zhukov (6): package_rpm: Do not replace square brackets in %files selftest: Add regression test for rpm filesnames parselogs: Ignore xf86OpenConsole error bitbake: gitsm: Error out if submodule refers to parent repo bitbake: tests: Add Timeout class bitbake: tests: Add test for possible gitsm deadlock Peter Bergin (3): rust-cross-canadian: rename shell variables for easier appends packagegroup-rust-cross-canadian: add native compiler environment oeqa/sdk: extend rust test to also use a build script Peter Marko (1): create-spdx: handle links to inaccessible locations Quentin Schulz (3): docs: conf.py: update yocto_git base URL docs: README: add TeX font package required for building PDF docs: ref-manual: system-requirements: add missing packages Randy MacLeod (1): rust: update from 1.62.1 to 1.63.0 Rasmus Villemoes (1): bitbake.conf: set BB_DEFAULT_UMASK using ??= Richard Purdie (85): oeqa/selftest/sstate: Ensure tests are deterministic nativesdk: Clear TUNE_FEATURES populate_sdk_base: Disable rust SDK for MIPS n32 selftest/reproducible: Exclude rust/rust-dbg for now until we can fix conf/distro/no-static-libs: Allow static musl for rust rust-target-config: Add mips n32 target information rust-common: Add CXXFLAGS rust-common: Drop export directive from wrappers rust-common: Rework wrappers to handle musl rust: Work around reproducibility issues rust: Switch to use RUST_XXX_SYS consistently rust.inc: Rename variables to make code clearer rust.inc: Fix cross build llvm-config handling rust/mesa: Drop obsolete YOCTO_ALTERNATE_MULTILIB_NAME rust-target-config: Show clear error when target isn't defined rust: Generate per recipe target configuration files rust-common/rust: Improve bootstrap BUILD_SYS handling cargo_common: Handle build SYS as well as HOST/TARGET rust-llvm: Enable nativesdk variant rust.inc: Fix for cross compilation configuration rust-common: Update to match cross targets rust-target-config: Make target workaround generic rust-common: Simplify libc handling cargo: Drop cross-canadian variant and fix/use nativesdk rust-common: Set rustlibdir to match target expectation rust-cross-canadian: Simplify and fix rust: Drop cross/crosssdk rust: Enable nativesdk and target builds + replace rust-tools-cross-canadian rust: Fix musl builds rust: Ensure buildpaths are handled in debug symbols correctly rust: Update README selftest/wic: Tweak test case to not depend on kernel size bitbake: runqueue: Ensure deferred tasks are sorted by multiconfig bitbake: runqueue: Improve deadlock warning messages bitbake: runqueue: Drop deadlock breaking force fail rust-common: Remove conflict with utils create_wrapper kern-devsrc: Drop auto.conf creation cargo: Work around host system library conflicts rust-cross-canadian: Use shell from SDK, not the host buildhistory: Only use image-artifact-names as an image class rust: Remove unneeded RUST_TARGETGENS settings meta-skeleton/hello-mod: Switch to SPDX-License-Identifier perf: Fix reproducibility issues with 5.19 onwards selftest/runtime_test/incompatible_lic: Use IMAGE_CLASSES for testimage testexport: Fix to work as an image class testexport: Use IMAGE_CLASSES for testimage selftest/runtime_test: Use testexport in IMAGE_CLASSES, not globally bitbake: BBHandler: Allow earlier exit for classes not found bitbake: BBHandler: Make inherit calls more directly bitbake: bitbake: Add copyright headers where missing bitbake: BBHandler/cooker: Implement recipe and global classes classes: Add copyright statements to files without one scripts: Add copyright statements to files without one classes: Add SPDX license identifiers lib: Add copyright statements to files without one insane: Update to allow for class layout changes classes: Update classes to match new bitbake class scope functionality recipetool: Update for class changes package: Switch debug source handling to use prefix map libgcc/gcc-runtime: Improve source reference handling bitbake.conf: Handle S and B separately for debug mapping python3-cython: Update code to match debug path changes gcc-cross: Fix relative links gcc: Resolve relative prefix-map filenames gcc: Add a patch to avoid hardcoded paths in libgcc on powerpc gcc: Update patch status to submitted for two patches valgrind: Disable drd/tests/std_thread2 ptest valgrind: Update to match debug file layout changes skeleton/service: Ensure debug path handling works as intended distrooverrides: Move back to classes whilst it's usage is clarified vim: Upgrade 9.0.0115 -> 9.0.0242 icu: Drop binconfig support (icu-config) libtirpc: Mark CVE-2021-46828 as resolved bitbake: runqueue: Change pressure file warning to a note rust-target-config: Drop has-elf-tls option llvm: Add llvm-config wrapper to improve flags handling mesa: Rework llvm handling rust-target-config: Fix qemuppc target cpu option rust: Fix crossbeam-utils for arches without atomics pseudo: Update to include recent upstream minor fixes bitbake: Revert "fetch: use BPN instead" vim: Upgrade 9.0.0242 -> 9.0.0341 gcc-multilib-config: Fix i686 toolchain relocation issues kernel: Always set CC and LD for the kernel build kernel: Use consistent make flags for menuconfig Robert Joslyn (1): curl: Update to 7.85.0 Ross Burton (9): oeqa/qemurunner: add run_serial() comment oeqa/commands: add support for running cross tools to runCmd oeqa/selftest: rewrite gdbserver test libxml2: wrap xmllint to use the correct XML catalogues oeqa/selftest: add test for debuginfod libgcrypt: remove obsolete pkgconfig install libgcrypt: remove obsolete patch libgcrypt: rewrite ptest cve-check: close cursors as soon as possible Sakib Sajal (2): qemu: fix CVE-2021-3507 qemu: fix CVE-2022-0216 Shubham Kulkarni (1): sanity: add a comment to ensure CONNECTIVITY_CHECK_URIS is correct Simone Weiss (1): json-c: Add ptest for json-c Sundeep KOKKONDA (1): glibc : stable 2.35 branch updates Thomas Roos (1): oeqa devtool: Add tests to cover devtool handling of various git URL styles Tom Hochstein (1): piglit: Add PACKAGECONFIG for glx and opencl Tom Rini (1): qemux86-64: Allow higher tunes Ulrich Ölmann (1): scripts/runqemu.README: fix typos and trailing whitespaces William A. Kennington III (1): image_types: Set SOURCE_DATE_EPOCH for squashfs Yang Xu (1): insane.bbclass: Skip patches not in oe-core by full path Yogesh Tyagi (1): gdbserver : add selftest Yongxin Liu (1): grub2: fix several CVEs wangmy (19): msmtp: upgrade 1.8.20 -> 1.8.22 bind: upgrade 9.18.5 -> 9.18.6 btrfs-tools: upgrade 5.18.1 -> 5.19 libdnf: upgrade 0.67.0 -> 0.68.0 librepo: upgrade 1.14.3 -> 1.14.4 pkgconf: upgrade 1.9.2 -> 1.9.3 python3-pygments: upgrade 2.12.0 -> 2.13.0 ethtool: upgrade 5.18 -> 5.19 librsvg: upgrade 2.54.4 -> 2.54.5 libtasn1: upgrade 4.18.0 -> 4.19.0 liburcu: upgrade 0.13.1 -> 0.13.2 libwpe: upgrade 1.12.2 -> 1.12.3 lttng-tools: upgrade 2.13.7 -> 2.13.8 lttng-ust: upgrade 2.13.3 -> 2.13.4 libatomic-ops: upgrade 7.6.12 -> 7.6.14 lz4: upgrade 1.9.3 -> 1.9.4 python3-hatchling: upgrade 1.8.0 -> 1.8.1 python3-urllib3: upgrade 1.26.11 -> 1.26.12 repo: upgrade 2.28 -> 2.29.1 meta-arm: 20a629180c..52f07a4b0b: Anton Antonov (11): arm/optee-os: backport RWX permission error patch work around for too few arguments to function init_disassemble_info() error arm/optee-os: backport linker warning patches arm/tf-a-tests: work around RWX permission error on segment Recipes for Trusted Services dependencies. Recipes for Trusted Services Secure Partitions ARM-FFA kernel drivers and kernel configs for Trusted Services Trusted Services test/demo NWd tools psa-api-tests for Trusted Services Include Trusted Services SPs into optee-os image Define qemuarm64-secureboot-ts CI pipeline and include it into meta-arm Gowtham Suresh Kumar (2): arm-bsp/secure-partitions: fix SMM gateway bug for EFI GetVariable() arm-bsp/u-boot: drop EFI GetVariable() workarounds patches Jon Mason (11): arm-bsp/fvp-base-arm32: Update kernel patch for v5.19 arm/qemuarm64-secureboot: remove tfa memory patch arm/linux-yocto: remove optee num pages kernel config variable arm-bsp/juno: drop scmi patch arm/qemuarm-secureboot: remove vmalloc from QB_KERNEL_CMDLINE_APPEND arm/fvp: use image-artifact-names as an image class atp/atp: drop package inherits arm/optee: Update to 3.18 arm-bsp/fvp-base: set preferred kernel to 5.15 arm/arm-bsp: Add yocto-kernel-cache bluetooth support arm-bsp/corstone1000: use compressed kernel image Khem Raj (2): gator-daemon: Define _GNU_SOURCE feature test macro optee-os: Add section attribute parameters when clang is used Peter Hoyes (3): docs: Update FVP_CONSOLES in runfvp documentation docs: Introduce meta-arm OEQA documentation arm/oeqa: Make linuxboot test case timeout configurable Richard Purdie (1): gem5/gem5-m5ops: Drop uneeded package inherit Ross Burton (2): arm/trusted-firmware-a: remove redundant patches arm/trusted-firmware-a: work around RWX permission error on segment Rui Miguel Silva (2): arm-bsp:corstone500: rebase u-boot patches on v2022.07 arm-bsp/corstone1000: rebase u-boot patches on top v2022.07 Vishnu Banavath (3): arm-bsp/trusted-firmware-a: Bump TF-A version for N1SDP arm-bsp/optee: add optee-os support for N1SDP target arm/optee: update optee-client to v3.18 Signed-off-by: Patrick Williams Change-Id: I90aa0a94410dd208163af126566d22c77787abc2 --- .../0001-avoid-start-failure-with-bind-user.patch | 27 -- ...lwresd-V-and-start-log-hide-build-options.patch | 35 --- ...-searching-for-json-headers-searches-sysr.patch | 47 --- .../recipes-connectivity/bind/bind-9.18.4/bind9 | 2 - .../bind/bind-9.18.4/conf.patch | 330 --------------------- .../bind/bind-9.18.4/generate-rndc-key.sh | 8 - .../init.d-add-support-for-read-only-rootfs.patch | 65 ---- .../make-etc-initd-bind-stop-work.patch | 42 --- .../bind/bind-9.18.4/named.service | 22 -- .../0001-avoid-start-failure-with-bind-user.patch | 27 ++ ...lwresd-V-and-start-log-hide-build-options.patch | 35 +++ ...-searching-for-json-headers-searches-sysr.patch | 47 +++ .../recipes-connectivity/bind/bind-9.18.6/bind9 | 2 + .../bind/bind-9.18.6/conf.patch | 330 +++++++++++++++++++++ .../bind/bind-9.18.6/generate-rndc-key.sh | 8 + .../init.d-add-support-for-read-only-rootfs.patch | 65 ++++ .../make-etc-initd-bind-stop-work.patch | 42 +++ .../bind/bind-9.18.6/named.service | 22 ++ poky/meta/recipes-connectivity/bind/bind_9.18.4.bb | 114 ------- poky/meta/recipes-connectivity/bind/bind_9.18.6.bb | 114 +++++++ poky/meta/recipes-connectivity/bluez5/bluez5.inc | 1 - .../bluez5/bluez5/fix_service.patch | 30 -- .../recipes-connectivity/bluez5/bluez5_5.64.bb | 70 ----- .../recipes-connectivity/bluez5/bluez5_5.65.bb | 70 +++++ poky/meta/recipes-connectivity/connman/connman.inc | 11 +- .../connman/connman/CVE-2022-32292.patch | 37 +++ .../connman/connman/CVE-2022-32293_p1.patch | 141 +++++++++ .../connman/connman/CVE-2022-32293_p2.patch | 174 +++++++++++ .../recipes-connectivity/connman/connman_1.41.bb | 3 + ...efine-_GNU_SOURCE-when-checking-for-setns.patch | 28 ++ ...ats.c-add-an-include-where-MIN-is-defined.patch | 25 ++ .../iproute2/iproute2_5.18.0.bb | 11 - .../iproute2/iproute2_5.19.0.bb | 13 + poky/meta/recipes-connectivity/kea/kea_2.0.2.bb | 77 ----- poky/meta/recipes-connectivity/kea/kea_2.2.0.bb | 77 +++++ .../mobile-broadband-provider-info_git.bb | 4 +- ...-mountd-Check-for-return-of-stat-function.patch | 34 +++ .../nfs-utils/0006-Fix-function-prototypes.patch | 93 ++++++ .../nfs-utils/nfs-utils_2.6.1.bb | 145 --------- .../nfs-utils/nfs-utils_2.6.2.bb | 150 ++++++++++ .../openssh/openssh/ssh_config | 6 +- .../openssh/openssh/sshd_config | 17 +- 42 files changed, 1561 insertions(+), 1040 deletions(-) delete mode 100644 poky/meta/recipes-connectivity/bind/bind-9.18.4/0001-avoid-start-failure-with-bind-user.patch delete mode 100644 poky/meta/recipes-connectivity/bind/bind-9.18.4/0001-named-lwresd-V-and-start-log-hide-build-options.patch delete mode 100644 poky/meta/recipes-connectivity/bind/bind-9.18.4/bind-ensure-searching-for-json-headers-searches-sysr.patch delete mode 100644 poky/meta/recipes-connectivity/bind/bind-9.18.4/bind9 delete mode 100644 poky/meta/recipes-connectivity/bind/bind-9.18.4/conf.patch delete mode 100644 poky/meta/recipes-connectivity/bind/bind-9.18.4/generate-rndc-key.sh delete mode 100644 poky/meta/recipes-connectivity/bind/bind-9.18.4/init.d-add-support-for-read-only-rootfs.patch delete mode 100644 poky/meta/recipes-connectivity/bind/bind-9.18.4/make-etc-initd-bind-stop-work.patch delete mode 100644 poky/meta/recipes-connectivity/bind/bind-9.18.4/named.service create mode 100644 poky/meta/recipes-connectivity/bind/bind-9.18.6/0001-avoid-start-failure-with-bind-user.patch create mode 100644 poky/meta/recipes-connectivity/bind/bind-9.18.6/0001-named-lwresd-V-and-start-log-hide-build-options.patch create mode 100644 poky/meta/recipes-connectivity/bind/bind-9.18.6/bind-ensure-searching-for-json-headers-searches-sysr.patch create mode 100644 poky/meta/recipes-connectivity/bind/bind-9.18.6/bind9 create mode 100644 poky/meta/recipes-connectivity/bind/bind-9.18.6/conf.patch create mode 100644 poky/meta/recipes-connectivity/bind/bind-9.18.6/generate-rndc-key.sh create mode 100644 poky/meta/recipes-connectivity/bind/bind-9.18.6/init.d-add-support-for-read-only-rootfs.patch create mode 100644 poky/meta/recipes-connectivity/bind/bind-9.18.6/make-etc-initd-bind-stop-work.patch create mode 100644 poky/meta/recipes-connectivity/bind/bind-9.18.6/named.service delete mode 100644 poky/meta/recipes-connectivity/bind/bind_9.18.4.bb create mode 100644 poky/meta/recipes-connectivity/bind/bind_9.18.6.bb delete mode 100644 poky/meta/recipes-connectivity/bluez5/bluez5/fix_service.patch delete mode 100644 poky/meta/recipes-connectivity/bluez5/bluez5_5.64.bb create mode 100644 poky/meta/recipes-connectivity/bluez5/bluez5_5.65.bb create mode 100644 poky/meta/recipes-connectivity/connman/connman/CVE-2022-32292.patch create mode 100644 poky/meta/recipes-connectivity/connman/connman/CVE-2022-32293_p1.patch create mode 100644 poky/meta/recipes-connectivity/connman/connman/CVE-2022-32293_p2.patch create mode 100644 poky/meta/recipes-connectivity/iproute2/iproute2/0001-configure-Define-_GNU_SOURCE-when-checking-for-setns.patch create mode 100644 poky/meta/recipes-connectivity/iproute2/iproute2/0001-ip-ipstats.c-add-an-include-where-MIN-is-defined.patch delete mode 100644 poky/meta/recipes-connectivity/iproute2/iproute2_5.18.0.bb create mode 100644 poky/meta/recipes-connectivity/iproute2/iproute2_5.19.0.bb delete mode 100644 poky/meta/recipes-connectivity/kea/kea_2.0.2.bb create mode 100644 poky/meta/recipes-connectivity/kea/kea_2.2.0.bb create mode 100644 poky/meta/recipes-connectivity/nfs-utils/nfs-utils/0005-mountd-Check-for-return-of-stat-function.patch create mode 100644 poky/meta/recipes-connectivity/nfs-utils/nfs-utils/0006-Fix-function-prototypes.patch delete mode 100644 poky/meta/recipes-connectivity/nfs-utils/nfs-utils_2.6.1.bb create mode 100644 poky/meta/recipes-connectivity/nfs-utils/nfs-utils_2.6.2.bb (limited to 'poky/meta/recipes-connectivity') diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.4/0001-avoid-start-failure-with-bind-user.patch b/poky/meta/recipes-connectivity/bind/bind-9.18.4/0001-avoid-start-failure-with-bind-user.patch deleted file mode 100644 index ec1bc7b567..0000000000 --- a/poky/meta/recipes-connectivity/bind/bind-9.18.4/0001-avoid-start-failure-with-bind-user.patch +++ /dev/null @@ -1,27 +0,0 @@ -From 31dde3562f287429eea94b77250d184818b49063 Mon Sep 17 00:00:00 2001 -From: Chen Qi -Date: Mon, 15 Oct 2018 16:55:09 +0800 -Subject: [PATCH] avoid start failure with bind user - -Upstream-Status: Pending - -Signed-off-by: Chen Qi ---- - init.d | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/init.d b/init.d -index b2eec60..6e03936 100644 ---- a/init.d -+++ b/init.d -@@ -57,6 +57,7 @@ case "$1" in - modprobe capability >/dev/null 2>&1 || true - if [ ! -f /etc/bind/rndc.key ]; then - /usr/sbin/rndc-confgen -a -b 512 -+ chown root:bind /etc/bind/rndc.key >/dev/null 2>&1 || true - chmod 0640 /etc/bind/rndc.key - fi - if [ -f /var/run/named/named.pid ]; then --- -2.7.4 - diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.4/0001-named-lwresd-V-and-start-log-hide-build-options.patch b/poky/meta/recipes-connectivity/bind/bind-9.18.4/0001-named-lwresd-V-and-start-log-hide-build-options.patch deleted file mode 100644 index 4c10f33f04..0000000000 --- a/poky/meta/recipes-connectivity/bind/bind-9.18.4/0001-named-lwresd-V-and-start-log-hide-build-options.patch +++ /dev/null @@ -1,35 +0,0 @@ -From 4e83392e840fa7b05e778710b8c202d102477a13 Mon Sep 17 00:00:00 2001 -From: Hongxu Jia -Date: Mon, 27 Aug 2018 21:24:20 +0800 -Subject: [PATCH] `named/lwresd -V' and start log hide build options - -The build options expose build path directories, so hide them. -[snip] -$ named -V -|built by make with *** (options are hidden) -[snip] - -Upstream-Status: Inappropriate [oe-core specific] - -Signed-off-by: Hongxu Jia - -Refreshed for 9.16.0 -Signed-off-by: Armin Kuster - ---- - configure.ac | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/configure.ac b/configure.ac -index bf20690..c5d330f 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -35,7 +35,7 @@ AC_DEFINE([PACKAGE_VERSION_EXTRA], ["][bind_VERSION_EXTRA]["], [BIND 9 Extra par - AC_DEFINE([PACKAGE_DESCRIPTION], [m4_ifnblank(bind_DESCRIPTION, [" ]bind_DESCRIPTION["], [])], [An extra string to print after PACKAGE_STRING]) - AC_DEFINE([PACKAGE_SRCID], ["][bind_SRCID]["], [A short hash from git]) - --bind_CONFIGARGS="${ac_configure_args:-default}" -+bind_CONFIGARGS="(removed for reproducibility)" - AC_DEFINE_UNQUOTED([PACKAGE_CONFIGARGS], ["$bind_CONFIGARGS"], [Either 'defaults' or used ./configure options]) - - AC_DEFINE([PACKAGE_BUILDER], ["make"], [make or Visual Studio]) diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.4/bind-ensure-searching-for-json-headers-searches-sysr.patch b/poky/meta/recipes-connectivity/bind/bind-9.18.4/bind-ensure-searching-for-json-headers-searches-sysr.patch deleted file mode 100644 index f1abd179e8..0000000000 --- a/poky/meta/recipes-connectivity/bind/bind-9.18.4/bind-ensure-searching-for-json-headers-searches-sysr.patch +++ /dev/null @@ -1,47 +0,0 @@ -From 246087f89e9434b726c7884e4c0964f71084f091 Mon Sep 17 00:00:00 2001 -From: Paul Gortmaker -Date: Tue, 9 Jun 2015 11:22:00 -0400 -Subject: [PATCH] bind: ensure searching for json headers searches sysroot - -Bind can fail configure by detecting headers w/o libs[1], or -it can fail the host contamination check as per below: - -ERROR: This autoconf log indicates errors, it looked at host include and/or library paths while determining system capabilities. -Rerun configure task after fixing this. The path was 'build/tmp/work/core2-64-poky-linux/bind/9.10.2-r1/build' -ERROR: Function failed: do_qa_configure -ERROR: Logfile of failure stored in: build/tmp/work/core2-64-poky-linux/bind/9.10.2-r1/temp/log.do_configure.5242 -ERROR: Task 5 (meta/recipes-connectivity/bind/bind_9.10.2.bb, do_configure) failed with exit code '1' -NOTE: Tasks Summary: Attempted 773 tasks of which 768 didn't need to be rerun and 1 failed. -No currently running tasks (773 of 781) - -Summary: 1 task failed: - /meta/recipes-connectivity/bind/bind_9.10.2.bb, do_configure - -One way to fix it would be to unconditionally disable json in bind -configure[2] but here we fix it by using the path to where we would -put the header if we had json in the sysroot, in case someone wants -to make use of the combination some day. - -[1] https://trac.macports.org/ticket/45305 -[2] https://trac.macports.org/changeset/126406 - -Upstream-Status: Inappropriate [OE Specific] -Signed-off-by: Paul Gortmaker - ---- - configure.ac | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/configure.ac b/configure.ac -index 10e8bf6..bf20690 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -814,7 +814,7 @@ AS_CASE([$with_lmdb], - [no],[], - [auto|yes], [PKG_CHECK_MODULES([LMDB], [lmdb], - [ac_lib_lmdb_found=yes], -- [for ac_lib_lmdb_path in /usr /usr/local /opt /opt/local; do -+ [for ac_lib_lmdb_path in "${STAGING_INCDIR}"; do - AX_LIB_LMDB([$ac_lib_lmdb_path], - [ac_lib_lmdb_found=yes - break]) diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.4/bind9 b/poky/meta/recipes-connectivity/bind/bind-9.18.4/bind9 deleted file mode 100644 index 968679ff7f..0000000000 --- a/poky/meta/recipes-connectivity/bind/bind-9.18.4/bind9 +++ /dev/null @@ -1,2 +0,0 @@ -# startup options for the server -OPTIONS="-u bind" diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.4/conf.patch b/poky/meta/recipes-connectivity/bind/bind-9.18.4/conf.patch deleted file mode 100644 index aa3642acec..0000000000 --- a/poky/meta/recipes-connectivity/bind/bind-9.18.4/conf.patch +++ /dev/null @@ -1,330 +0,0 @@ -Upstream-Status: Inappropriate [configuration] - -the patch is imported from openembedded project - -11/30/2010 - Qing He - -diff -urN bind-9.3.1.orig/conf/db.0 bind-9.3.1/conf/db.0 ---- bind-9.3.1.orig/conf/db.0 1970-01-01 01:00:00.000000000 +0100 -+++ bind-9.3.1/conf/db.0 2005-07-10 22:14:00.000000000 +0200 -@@ -0,0 +1,12 @@ -+; -+; BIND reverse data file for broadcast zone -+; -+$TTL 604800 -+@ IN SOA localhost. root.localhost. ( -+ 1 ; Serial -+ 604800 ; Refresh -+ 86400 ; Retry -+ 2419200 ; Expire -+ 604800 ) ; Negative Cache TTL -+; -+@ IN NS localhost. -diff -urN bind-9.3.1.orig/conf/db.127 bind-9.3.1/conf/db.127 ---- bind-9.3.1.orig/conf/db.127 1970-01-01 01:00:00.000000000 +0100 -+++ bind-9.3.1/conf/db.127 2005-07-10 22:14:00.000000000 +0200 -@@ -0,0 +1,13 @@ -+; -+; BIND reverse data file for local loopback interface -+; -+$TTL 604800 -+@ IN SOA localhost. root.localhost. ( -+ 1 ; Serial -+ 604800 ; Refresh -+ 86400 ; Retry -+ 2419200 ; Expire -+ 604800 ) ; Negative Cache TTL -+; -+@ IN NS localhost. -+1.0.0 IN PTR localhost. -diff -urN bind-9.3.1.orig/conf/db.empty bind-9.3.1/conf/db.empty ---- bind-9.3.1.orig/conf/db.empty 1970-01-01 01:00:00.000000000 +0100 -+++ bind-9.3.1/conf/db.empty 2005-07-10 22:14:00.000000000 +0200 -@@ -0,0 +1,14 @@ -+; BIND reverse data file for empty rfc1918 zone -+; -+; DO NOT EDIT THIS FILE - it is used for multiple zones. -+; Instead, copy it, edit named.conf, and use that copy. -+; -+$TTL 86400 -+@ IN SOA localhost. root.localhost. ( -+ 1 ; Serial -+ 604800 ; Refresh -+ 86400 ; Retry -+ 2419200 ; Expire -+ 86400 ) ; Negative Cache TTL -+; -+@ IN NS localhost. -diff -urN bind-9.3.1.orig/conf/db.255 bind-9.3.1/conf/db.255 ---- bind-9.3.1.orig/conf/db.255 1970-01-01 01:00:00.000000000 +0100 -+++ bind-9.3.1/conf/db.255 2005-07-10 22:14:00.000000000 +0200 -@@ -0,0 +1,12 @@ -+; -+; BIND reserve data file for broadcast zone -+; -+$TTL 604800 -+@ IN SOA localhost. root.localhost. ( -+ 1 ; Serial -+ 604800 ; Refresh -+ 86400 ; Retry -+ 2419200 ; Expire -+ 604800 ) ; Negative Cache TTL -+; -+@ IN NS localhost. -diff -urN bind-9.3.1.orig/conf/db.local bind-9.3.1/conf/db.local ---- bind-9.3.1.orig/conf/db.local 1970-01-01 01:00:00.000000000 +0100 -+++ bind-9.3.1/conf/db.local 2005-07-10 22:14:00.000000000 +0200 -@@ -0,0 +1,13 @@ -+; -+; BIND data file for local loopback interface -+; -+$TTL 604800 -+@ IN SOA localhost. root.localhost. ( -+ 1 ; Serial -+ 604800 ; Refresh -+ 86400 ; Retry -+ 2419200 ; Expire -+ 604800 ) ; Negative Cache TTL -+; -+@ IN NS localhost. -+@ IN A 127.0.0.1 -diff -urN bind-9.3.1.orig/conf/db.root bind-9.3.1/conf/db.root ---- bind-9.3.1.orig/conf/db.root 1970-01-01 01:00:00.000000000 +0100 -+++ bind-9.3.1/conf/db.root 2005-07-10 22:14:00.000000000 +0200 -@@ -0,0 +1,45 @@ -+ -+; <<>> DiG 9.2.3 <<>> ns . @a.root-servers.net. -+;; global options: printcmd -+;; Got answer: -+;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18944 -+;; flags: qr aa rd; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 13 -+ -+;; QUESTION SECTION: -+;. IN NS -+ -+;; ANSWER SECTION: -+. 518400 IN NS A.ROOT-SERVERS.NET. -+. 518400 IN NS B.ROOT-SERVERS.NET. -+. 518400 IN NS C.ROOT-SERVERS.NET. -+. 518400 IN NS D.ROOT-SERVERS.NET. -+. 518400 IN NS E.ROOT-SERVERS.NET. -+. 518400 IN NS F.ROOT-SERVERS.NET. -+. 518400 IN NS G.ROOT-SERVERS.NET. -+. 518400 IN NS H.ROOT-SERVERS.NET. -+. 518400 IN NS I.ROOT-SERVERS.NET. -+. 518400 IN NS J.ROOT-SERVERS.NET. -+. 518400 IN NS K.ROOT-SERVERS.NET. -+. 518400 IN NS L.ROOT-SERVERS.NET. -+. 518400 IN NS M.ROOT-SERVERS.NET. -+ -+;; ADDITIONAL SECTION: -+A.ROOT-SERVERS.NET. 3600000 IN A 198.41.0.4 -+B.ROOT-SERVERS.NET. 3600000 IN A 192.228.79.201 -+C.ROOT-SERVERS.NET. 3600000 IN A 192.33.4.12 -+D.ROOT-SERVERS.NET. 3600000 IN A 128.8.10.90 -+E.ROOT-SERVERS.NET. 3600000 IN A 192.203.230.10 -+F.ROOT-SERVERS.NET. 3600000 IN A 192.5.5.241 -+G.ROOT-SERVERS.NET. 3600000 IN A 192.112.36.4 -+H.ROOT-SERVERS.NET. 3600000 IN A 128.63.2.53 -+I.ROOT-SERVERS.NET. 3600000 IN A 192.36.148.17 -+J.ROOT-SERVERS.NET. 3600000 IN A 192.58.128.30 -+K.ROOT-SERVERS.NET. 3600000 IN A 193.0.14.129 -+L.ROOT-SERVERS.NET. 3600000 IN A 198.32.64.12 -+M.ROOT-SERVERS.NET. 3600000 IN A 202.12.27.33 -+ -+;; Query time: 81 msec -+;; SERVER: 198.41.0.4#53(a.root-servers.net.) -+;; WHEN: Sun Feb 1 11:27:14 2004 -+;; MSG SIZE rcvd: 436 -+ -diff -urN bind-9.3.1.orig/conf/named.conf bind-9.3.1/conf/named.conf ---- bind-9.3.1.orig/conf/named.conf 1970-01-01 01:00:00.000000000 +0100 -+++ bind-9.3.1/conf/named.conf 2005-07-10 22:33:46.000000000 +0200 -@@ -0,0 +1,49 @@ -+// This is the primary configuration file for the BIND DNS server named. -+// -+// If you are just adding zones, please do that in /etc/bind/named.conf.local -+ -+include "/etc/bind/named.conf.options"; -+ -+// prime the server with knowledge of the root servers -+zone "." { -+ type hint; -+ file "/etc/bind/db.root"; -+}; -+ -+// be authoritative for the localhost forward and reverse zones, and for -+// broadcast zones as per RFC 1912 -+ -+zone "localhost" { -+ type master; -+ file "/etc/bind/db.local"; -+}; -+ -+zone "127.in-addr.arpa" { -+ type master; -+ file "/etc/bind/db.127"; -+}; -+ -+zone "0.in-addr.arpa" { -+ type master; -+ file "/etc/bind/db.0"; -+}; -+ -+zone "255.in-addr.arpa" { -+ type master; -+ file "/etc/bind/db.255"; -+}; -+ -+// zone "com" { type delegation-only; }; -+// zone "net" { type delegation-only; }; -+ -+// From the release notes: -+// Because many of our users are uncomfortable receiving undelegated answers -+// from root or top level domains, other than a few for whom that behaviour -+// has been trusted and expected for quite some length of time, we have now -+// introduced the "root-delegations-only" feature which applies delegation-only -+// logic to all top level domains, and to the root domain. An exception list -+// should be specified, including "MUSEUM" and "DE", and any other top level -+// domains from whom undelegated responses are expected and trusted. -+// root-delegation-only exclude { "DE"; "MUSEUM"; }; -+ -+include "/etc/bind/named.conf.local"; -diff -urN bind-9.3.1.orig/conf/named.conf.local bind-9.3.1/conf/named.conf.local ---- bind-9.3.1.orig/conf/named.conf.local 1970-01-01 01:00:00.000000000 +0100 -+++ bind-9.3.1/conf/named.conf.local 2005-07-10 22:14:06.000000000 +0200 -@@ -0,0 +1,8 @@ -+// -+// Do any local configuration here -+// -+ -+// Consider adding the 1918 zones here, if they are not used in your -+// organization -+//include "/etc/bind/zones.rfc1918"; -+ -diff -urN bind-9.3.1.orig/conf/named.conf.options bind-9.3.1/conf/named.conf.options ---- bind-9.3.1.orig/conf/named.conf.options 1970-01-01 01:00:00.000000000 +0100 -+++ bind-9.3.1/conf/named.conf.options 2005-07-10 22:14:06.000000000 +0200 -@@ -0,0 +1,24 @@ -+options { -+ directory "/var/cache/bind"; -+ -+ // If there is a firewall between you and nameservers you want -+ // to talk to, you might need to uncomment the query-source -+ // directive below. Previous versions of BIND always asked -+ // questions using port 53, but BIND 8.1 and later use an unprivileged -+ // port by default. -+ -+ // query-source address * port 53; -+ -+ // If your ISP provided one or more IP addresses for stable -+ // nameservers, you probably want to use them as forwarders. -+ // Uncomment the following block, and insert the addresses replacing -+ // the all-0's placeholder. -+ -+ // forwarders { -+ // 0.0.0.0; -+ // }; -+ -+ auth-nxdomain no; # conform to RFC1035 -+ -+}; -+ -diff -urN bind-9.3.1.orig/conf/zones.rfc1918 bind-9.3.1/conf/zones.rfc1918 ---- bind-9.3.1.orig/conf/zones.rfc1918 1970-01-01 01:00:00.000000000 +0100 -+++ bind-9.3.1/conf/zones.rfc1918 2005-07-10 22:14:10.000000000 +0200 -@@ -0,0 +1,20 @@ -+zone "10.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; -+ -+zone "16.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; -+zone "17.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; -+zone "18.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; -+zone "19.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; -+zone "20.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; -+zone "21.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; -+zone "22.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; -+zone "23.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; -+zone "24.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; -+zone "25.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; -+zone "26.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; -+zone "27.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; -+zone "28.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; -+zone "29.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; -+zone "30.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; -+zone "31.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; -+ -+zone "168.192.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; -diff -urN bind-9.3.1.orig/init.d bind-9.3.1/init.d ---- bind-9.3.1.orig/init.d 1970-01-01 01:00:00.000000000 +0100 -+++ bind-9.3.1/init.d 2005-07-10 23:09:58.000000000 +0200 -@@ -0,0 +1,70 @@ -+#!/bin/sh -+ -+PATH=/sbin:/bin:/usr/sbin:/usr/bin -+ -+# for a chrooted server: "-u bind -t /var/lib/named" -+# Don't modify this line, change or create /etc/default/bind9. -+OPTIONS="" -+ -+test -f /etc/default/bind9 && . /etc/default/bind9 -+ -+test -x /usr/sbin/rndc || exit 0 -+ -+case "$1" in -+ start) -+ echo -n "Starting domain name service: named" -+ -+ modprobe capability >/dev/null 2>&1 || true -+ if [ ! -f /etc/bind/rndc.key ]; then -+ /usr/sbin/rndc-confgen -a -b 512 -+ chmod 0640 /etc/bind/rndc.key -+ fi -+ if [ -f /var/run/named/named.pid ]; then -+ ps `cat /var/run/named/named.pid` > /dev/null && exit 1 -+ fi -+ -+ # dirs under /var/run can go away on reboots. -+ mkdir -p /var/run/named -+ mkdir -p /var/cache/bind -+ chmod 775 /var/run/named -+ chown root:bind /var/run/named >/dev/null 2>&1 || true -+ -+ if [ ! -x /usr/sbin/named ]; then -+ echo "named binary missing - not starting" -+ exit 1 -+ fi -+ if start-stop-daemon --start --quiet --exec /usr/sbin/named \ -+ --pidfile /var/run/named/named.pid -- $OPTIONS; then -+ if [ -x /sbin/resolvconf ] ; then -+ echo "nameserver 127.0.0.1" | /sbin/resolvconf -a lo -+ fi -+ fi -+ echo "." -+ ;; -+ -+ stop) -+ echo -n "Stopping domain name service: named" -+ if [ -x /sbin/resolvconf ]; then -+ /sbin/resolvconf -d lo -+ fi -+ /usr/sbin/rndc stop >/dev/null 2>&1 -+ echo "." -+ ;; -+ -+ reload) -+ /usr/sbin/rndc reload -+ ;; -+ -+ restart|force-reload) -+ $0 stop -+ sleep 2 -+ $0 start -+ ;; -+ -+ *) -+ echo "Usage: /etc/init.d/bind {start|stop|reload|restart|force-reload}" >&2 -+ exit 1 -+ ;; -+esac -+ -+exit 0 diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.4/generate-rndc-key.sh b/poky/meta/recipes-connectivity/bind/bind-9.18.4/generate-rndc-key.sh deleted file mode 100644 index 633e29c0e6..0000000000 --- a/poky/meta/recipes-connectivity/bind/bind-9.18.4/generate-rndc-key.sh +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/sh - -if [ ! -s /etc/bind/rndc.key ]; then - echo -n "Generating /etc/bind/rndc.key:" - /usr/sbin/rndc-confgen -a -b 512 - chown root:bind /etc/bind/rndc.key - chmod 0640 /etc/bind/rndc.key -fi diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.4/init.d-add-support-for-read-only-rootfs.patch b/poky/meta/recipes-connectivity/bind/bind-9.18.4/init.d-add-support-for-read-only-rootfs.patch deleted file mode 100644 index 11db95ede1..0000000000 --- a/poky/meta/recipes-connectivity/bind/bind-9.18.4/init.d-add-support-for-read-only-rootfs.patch +++ /dev/null @@ -1,65 +0,0 @@ -Subject: init.d: add support for read-only rootfs - -Upstream-Status: Inappropriate [oe specific] - -Signed-off-by: Chen Qi ---- - init.d | 40 ++++++++++++++++++++++++++++++++++++++++ - 1 file changed, 40 insertions(+) - -diff --git a/init.d b/init.d -index 0111ed4..24677c8 100644 ---- a/init.d -+++ b/init.d -@@ -6,8 +6,48 @@ PATH=/sbin:/bin:/usr/sbin:/usr/bin - # Don't modify this line, change or create /etc/default/bind9. - OPTIONS="" - -+test -f /etc/default/rcS && . /etc/default/rcS - test -f /etc/default/bind9 && . /etc/default/bind9 - -+# This function is here because it's possible that /var and / are on different partitions. -+is_on_read_only_partition () { -+ DIRECTORY=$1 -+ dir=`readlink -f $DIRECTORY` -+ while true; do -+ if [ ! -d "$dir" ]; then -+ echo "ERROR: $dir is not a directory" -+ exit 1 -+ else -+ for flag in `awk -v dir=$dir '{ if ($2 == dir) { print "FOUND"; split($4,FLAGS,",") } }; \ -+ END { for (f in FLAGS) print FLAGS[f] }' < /proc/mounts`; do -+ [ "$flag" = "FOUND" ] && partition="read-write" -+ [ "$flag" = "ro" ] && { partition="read-only"; break; } -+ done -+ if [ "$dir" = "/" -o -n "$partition" ]; then -+ break -+ else -+ dir=`dirname $dir` -+ fi -+ fi -+ done -+ [ "$partition" = "read-only" ] && echo "yes" || echo "no" -+} -+ -+bind_mount () { -+ olddir=$1 -+ newdir=$2 -+ mkdir -p $olddir -+ cp -a $newdir/* $olddir -+ mount --bind $olddir $newdir -+} -+ -+# Deal with read-only rootfs -+if [ "$ROOTFS_READ_ONLY" = "yes" ]; then -+ [ "$VERBOSE" != "no" ] && echo "WARN: start bind service in read-only rootfs" -+ [ `is_on_read_only_partition /etc/bind` = "yes" ] && bind_mount /var/volatile/bind/etc /etc/bind -+ [ `is_on_read_only_partition /var/named` = "yes" ] && bind_mount /var/volatile/bind/named /var/named -+fi -+ - test -x /usr/sbin/rndc || exit 0 - - case "$1" in --- -1.7.9.5 - diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.4/make-etc-initd-bind-stop-work.patch b/poky/meta/recipes-connectivity/bind/bind-9.18.4/make-etc-initd-bind-stop-work.patch deleted file mode 100644 index 146f3e35db..0000000000 --- a/poky/meta/recipes-connectivity/bind/bind-9.18.4/make-etc-initd-bind-stop-work.patch +++ /dev/null @@ -1,42 +0,0 @@ -bind: make "/etc/init.d/bind stop" work - -Upstream-Status: Inappropriate [configuration] - -Add some configurations, make rndc command be able to controls -the named daemon. - -Signed-off-by: Roy Li ---- - conf/named.conf | 5 +++++ - conf/rndc.conf | 5 +++++ - 2 files changed, 10 insertions(+), 0 deletions(-) - create mode 100644 conf/rndc.conf - -diff --git a/conf/named.conf b/conf/named.conf -index 95829cf..c8899e7 100644 ---- a/conf/named.conf -+++ b/conf/named.conf -@@ -47,3 +47,8 @@ zone "255.in-addr.arpa" { - // root-delegation-only exclude { "DE"; "MUSEUM"; }; - - include "/etc/bind/named.conf.local"; -+include "/etc/bind/rndc.key" ; -+controls { -+ inet 127.0.0.1 allow { localhost; } -+ keys { rndc-key; }; -+}; -diff --git a/conf/rndc.conf b/conf/rndc.conf -new file mode 100644 -index 0000000..a0b481d ---- /dev/null -+++ b/conf/rndc.conf -@@ -0,0 +1,5 @@ -+include "/etc/bind/rndc.key"; -+options { -+ default-server localhost; -+ default-key rndc-key; -+}; - --- -1.7.5.4 - diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.4/named.service b/poky/meta/recipes-connectivity/bind/bind-9.18.4/named.service deleted file mode 100644 index cda56ef015..0000000000 --- a/poky/meta/recipes-connectivity/bind/bind-9.18.4/named.service +++ /dev/null @@ -1,22 +0,0 @@ -[Unit] -Description=Berkeley Internet Name Domain (DNS) -Wants=nss-lookup.target -Before=nss-lookup.target -After=network.target - -[Service] -Type=forking -EnvironmentFile=-/etc/default/bind9 -PIDFile=/run/named/named.pid - -ExecStartPre=@SBINDIR@/generate-rndc-key.sh -ExecStart=@SBINDIR@/named $OPTIONS - -ExecReload=@BASE_BINDIR@/sh -c '@SBINDIR@/rndc reload > /dev/null 2>&1 || @BASE_BINDIR@/kill -HUP $MAINPID' - -ExecStop=@BASE_BINDIR@/sh -c '@SBINDIR@/rndc stop > /dev/null 2>&1 || @BASE_BINDIR@/kill -TERM $MAINPID' - -PrivateTmp=true - -[Install] -WantedBy=multi-user.target diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.6/0001-avoid-start-failure-with-bind-user.patch b/poky/meta/recipes-connectivity/bind/bind-9.18.6/0001-avoid-start-failure-with-bind-user.patch new file mode 100644 index 0000000000..ec1bc7b567 --- /dev/null +++ b/poky/meta/recipes-connectivity/bind/bind-9.18.6/0001-avoid-start-failure-with-bind-user.patch @@ -0,0 +1,27 @@ +From 31dde3562f287429eea94b77250d184818b49063 Mon Sep 17 00:00:00 2001 +From: Chen Qi +Date: Mon, 15 Oct 2018 16:55:09 +0800 +Subject: [PATCH] avoid start failure with bind user + +Upstream-Status: Pending + +Signed-off-by: Chen Qi +--- + init.d | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/init.d b/init.d +index b2eec60..6e03936 100644 +--- a/init.d ++++ b/init.d +@@ -57,6 +57,7 @@ case "$1" in + modprobe capability >/dev/null 2>&1 || true + if [ ! -f /etc/bind/rndc.key ]; then + /usr/sbin/rndc-confgen -a -b 512 ++ chown root:bind /etc/bind/rndc.key >/dev/null 2>&1 || true + chmod 0640 /etc/bind/rndc.key + fi + if [ -f /var/run/named/named.pid ]; then +-- +2.7.4 + diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.6/0001-named-lwresd-V-and-start-log-hide-build-options.patch b/poky/meta/recipes-connectivity/bind/bind-9.18.6/0001-named-lwresd-V-and-start-log-hide-build-options.patch new file mode 100644 index 0000000000..4c10f33f04 --- /dev/null +++ b/poky/meta/recipes-connectivity/bind/bind-9.18.6/0001-named-lwresd-V-and-start-log-hide-build-options.patch @@ -0,0 +1,35 @@ +From 4e83392e840fa7b05e778710b8c202d102477a13 Mon Sep 17 00:00:00 2001 +From: Hongxu Jia +Date: Mon, 27 Aug 2018 21:24:20 +0800 +Subject: [PATCH] `named/lwresd -V' and start log hide build options + +The build options expose build path directories, so hide them. +[snip] +$ named -V +|built by make with *** (options are hidden) +[snip] + +Upstream-Status: Inappropriate [oe-core specific] + +Signed-off-by: Hongxu Jia + +Refreshed for 9.16.0 +Signed-off-by: Armin Kuster + +--- + configure.ac | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/configure.ac b/configure.ac +index bf20690..c5d330f 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -35,7 +35,7 @@ AC_DEFINE([PACKAGE_VERSION_EXTRA], ["][bind_VERSION_EXTRA]["], [BIND 9 Extra par + AC_DEFINE([PACKAGE_DESCRIPTION], [m4_ifnblank(bind_DESCRIPTION, [" ]bind_DESCRIPTION["], [])], [An extra string to print after PACKAGE_STRING]) + AC_DEFINE([PACKAGE_SRCID], ["][bind_SRCID]["], [A short hash from git]) + +-bind_CONFIGARGS="${ac_configure_args:-default}" ++bind_CONFIGARGS="(removed for reproducibility)" + AC_DEFINE_UNQUOTED([PACKAGE_CONFIGARGS], ["$bind_CONFIGARGS"], [Either 'defaults' or used ./configure options]) + + AC_DEFINE([PACKAGE_BUILDER], ["make"], [make or Visual Studio]) diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.6/bind-ensure-searching-for-json-headers-searches-sysr.patch b/poky/meta/recipes-connectivity/bind/bind-9.18.6/bind-ensure-searching-for-json-headers-searches-sysr.patch new file mode 100644 index 0000000000..f1abd179e8 --- /dev/null +++ b/poky/meta/recipes-connectivity/bind/bind-9.18.6/bind-ensure-searching-for-json-headers-searches-sysr.patch @@ -0,0 +1,47 @@ +From 246087f89e9434b726c7884e4c0964f71084f091 Mon Sep 17 00:00:00 2001 +From: Paul Gortmaker +Date: Tue, 9 Jun 2015 11:22:00 -0400 +Subject: [PATCH] bind: ensure searching for json headers searches sysroot + +Bind can fail configure by detecting headers w/o libs[1], or +it can fail the host contamination check as per below: + +ERROR: This autoconf log indicates errors, it looked at host include and/or library paths while determining system capabilities. +Rerun configure task after fixing this. The path was 'build/tmp/work/core2-64-poky-linux/bind/9.10.2-r1/build' +ERROR: Function failed: do_qa_configure +ERROR: Logfile of failure stored in: build/tmp/work/core2-64-poky-linux/bind/9.10.2-r1/temp/log.do_configure.5242 +ERROR: Task 5 (meta/recipes-connectivity/bind/bind_9.10.2.bb, do_configure) failed with exit code '1' +NOTE: Tasks Summary: Attempted 773 tasks of which 768 didn't need to be rerun and 1 failed. +No currently running tasks (773 of 781) + +Summary: 1 task failed: + /meta/recipes-connectivity/bind/bind_9.10.2.bb, do_configure + +One way to fix it would be to unconditionally disable json in bind +configure[2] but here we fix it by using the path to where we would +put the header if we had json in the sysroot, in case someone wants +to make use of the combination some day. + +[1] https://trac.macports.org/ticket/45305 +[2] https://trac.macports.org/changeset/126406 + +Upstream-Status: Inappropriate [OE Specific] +Signed-off-by: Paul Gortmaker + +--- + configure.ac | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/configure.ac b/configure.ac +index 10e8bf6..bf20690 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -814,7 +814,7 @@ AS_CASE([$with_lmdb], + [no],[], + [auto|yes], [PKG_CHECK_MODULES([LMDB], [lmdb], + [ac_lib_lmdb_found=yes], +- [for ac_lib_lmdb_path in /usr /usr/local /opt /opt/local; do ++ [for ac_lib_lmdb_path in "${STAGING_INCDIR}"; do + AX_LIB_LMDB([$ac_lib_lmdb_path], + [ac_lib_lmdb_found=yes + break]) diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.6/bind9 b/poky/meta/recipes-connectivity/bind/bind-9.18.6/bind9 new file mode 100644 index 0000000000..968679ff7f --- /dev/null +++ b/poky/meta/recipes-connectivity/bind/bind-9.18.6/bind9 @@ -0,0 +1,2 @@ +# startup options for the server +OPTIONS="-u bind" diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.6/conf.patch b/poky/meta/recipes-connectivity/bind/bind-9.18.6/conf.patch new file mode 100644 index 0000000000..aa3642acec --- /dev/null +++ b/poky/meta/recipes-connectivity/bind/bind-9.18.6/conf.patch @@ -0,0 +1,330 @@ +Upstream-Status: Inappropriate [configuration] + +the patch is imported from openembedded project + +11/30/2010 - Qing He + +diff -urN bind-9.3.1.orig/conf/db.0 bind-9.3.1/conf/db.0 +--- bind-9.3.1.orig/conf/db.0 1970-01-01 01:00:00.000000000 +0100 ++++ bind-9.3.1/conf/db.0 2005-07-10 22:14:00.000000000 +0200 +@@ -0,0 +1,12 @@ ++; ++; BIND reverse data file for broadcast zone ++; ++$TTL 604800 ++@ IN SOA localhost. root.localhost. ( ++ 1 ; Serial ++ 604800 ; Refresh ++ 86400 ; Retry ++ 2419200 ; Expire ++ 604800 ) ; Negative Cache TTL ++; ++@ IN NS localhost. +diff -urN bind-9.3.1.orig/conf/db.127 bind-9.3.1/conf/db.127 +--- bind-9.3.1.orig/conf/db.127 1970-01-01 01:00:00.000000000 +0100 ++++ bind-9.3.1/conf/db.127 2005-07-10 22:14:00.000000000 +0200 +@@ -0,0 +1,13 @@ ++; ++; BIND reverse data file for local loopback interface ++; ++$TTL 604800 ++@ IN SOA localhost. root.localhost. ( ++ 1 ; Serial ++ 604800 ; Refresh ++ 86400 ; Retry ++ 2419200 ; Expire ++ 604800 ) ; Negative Cache TTL ++; ++@ IN NS localhost. ++1.0.0 IN PTR localhost. +diff -urN bind-9.3.1.orig/conf/db.empty bind-9.3.1/conf/db.empty +--- bind-9.3.1.orig/conf/db.empty 1970-01-01 01:00:00.000000000 +0100 ++++ bind-9.3.1/conf/db.empty 2005-07-10 22:14:00.000000000 +0200 +@@ -0,0 +1,14 @@ ++; BIND reverse data file for empty rfc1918 zone ++; ++; DO NOT EDIT THIS FILE - it is used for multiple zones. ++; Instead, copy it, edit named.conf, and use that copy. ++; ++$TTL 86400 ++@ IN SOA localhost. root.localhost. ( ++ 1 ; Serial ++ 604800 ; Refresh ++ 86400 ; Retry ++ 2419200 ; Expire ++ 86400 ) ; Negative Cache TTL ++; ++@ IN NS localhost. +diff -urN bind-9.3.1.orig/conf/db.255 bind-9.3.1/conf/db.255 +--- bind-9.3.1.orig/conf/db.255 1970-01-01 01:00:00.000000000 +0100 ++++ bind-9.3.1/conf/db.255 2005-07-10 22:14:00.000000000 +0200 +@@ -0,0 +1,12 @@ ++; ++; BIND reserve data file for broadcast zone ++; ++$TTL 604800 ++@ IN SOA localhost. root.localhost. ( ++ 1 ; Serial ++ 604800 ; Refresh ++ 86400 ; Retry ++ 2419200 ; Expire ++ 604800 ) ; Negative Cache TTL ++; ++@ IN NS localhost. +diff -urN bind-9.3.1.orig/conf/db.local bind-9.3.1/conf/db.local +--- bind-9.3.1.orig/conf/db.local 1970-01-01 01:00:00.000000000 +0100 ++++ bind-9.3.1/conf/db.local 2005-07-10 22:14:00.000000000 +0200 +@@ -0,0 +1,13 @@ ++; ++; BIND data file for local loopback interface ++; ++$TTL 604800 ++@ IN SOA localhost. root.localhost. ( ++ 1 ; Serial ++ 604800 ; Refresh ++ 86400 ; Retry ++ 2419200 ; Expire ++ 604800 ) ; Negative Cache TTL ++; ++@ IN NS localhost. ++@ IN A 127.0.0.1 +diff -urN bind-9.3.1.orig/conf/db.root bind-9.3.1/conf/db.root +--- bind-9.3.1.orig/conf/db.root 1970-01-01 01:00:00.000000000 +0100 ++++ bind-9.3.1/conf/db.root 2005-07-10 22:14:00.000000000 +0200 +@@ -0,0 +1,45 @@ ++ ++; <<>> DiG 9.2.3 <<>> ns . @a.root-servers.net. ++;; global options: printcmd ++;; Got answer: ++;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18944 ++;; flags: qr aa rd; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 13 ++ ++;; QUESTION SECTION: ++;. IN NS ++ ++;; ANSWER SECTION: ++. 518400 IN NS A.ROOT-SERVERS.NET. ++. 518400 IN NS B.ROOT-SERVERS.NET. ++. 518400 IN NS C.ROOT-SERVERS.NET. ++. 518400 IN NS D.ROOT-SERVERS.NET. ++. 518400 IN NS E.ROOT-SERVERS.NET. ++. 518400 IN NS F.ROOT-SERVERS.NET. ++. 518400 IN NS G.ROOT-SERVERS.NET. ++. 518400 IN NS H.ROOT-SERVERS.NET. ++. 518400 IN NS I.ROOT-SERVERS.NET. ++. 518400 IN NS J.ROOT-SERVERS.NET. ++. 518400 IN NS K.ROOT-SERVERS.NET. ++. 518400 IN NS L.ROOT-SERVERS.NET. ++. 518400 IN NS M.ROOT-SERVERS.NET. ++ ++;; ADDITIONAL SECTION: ++A.ROOT-SERVERS.NET. 3600000 IN A 198.41.0.4 ++B.ROOT-SERVERS.NET. 3600000 IN A 192.228.79.201 ++C.ROOT-SERVERS.NET. 3600000 IN A 192.33.4.12 ++D.ROOT-SERVERS.NET. 3600000 IN A 128.8.10.90 ++E.ROOT-SERVERS.NET. 3600000 IN A 192.203.230.10 ++F.ROOT-SERVERS.NET. 3600000 IN A 192.5.5.241 ++G.ROOT-SERVERS.NET. 3600000 IN A 192.112.36.4 ++H.ROOT-SERVERS.NET. 3600000 IN A 128.63.2.53 ++I.ROOT-SERVERS.NET. 3600000 IN A 192.36.148.17 ++J.ROOT-SERVERS.NET. 3600000 IN A 192.58.128.30 ++K.ROOT-SERVERS.NET. 3600000 IN A 193.0.14.129 ++L.ROOT-SERVERS.NET. 3600000 IN A 198.32.64.12 ++M.ROOT-SERVERS.NET. 3600000 IN A 202.12.27.33 ++ ++;; Query time: 81 msec ++;; SERVER: 198.41.0.4#53(a.root-servers.net.) ++;; WHEN: Sun Feb 1 11:27:14 2004 ++;; MSG SIZE rcvd: 436 ++ +diff -urN bind-9.3.1.orig/conf/named.conf bind-9.3.1/conf/named.conf +--- bind-9.3.1.orig/conf/named.conf 1970-01-01 01:00:00.000000000 +0100 ++++ bind-9.3.1/conf/named.conf 2005-07-10 22:33:46.000000000 +0200 +@@ -0,0 +1,49 @@ ++// This is the primary configuration file for the BIND DNS server named. ++// ++// If you are just adding zones, please do that in /etc/bind/named.conf.local ++ ++include "/etc/bind/named.conf.options"; ++ ++// prime the server with knowledge of the root servers ++zone "." { ++ type hint; ++ file "/etc/bind/db.root"; ++}; ++ ++// be authoritative for the localhost forward and reverse zones, and for ++// broadcast zones as per RFC 1912 ++ ++zone "localhost" { ++ type master; ++ file "/etc/bind/db.local"; ++}; ++ ++zone "127.in-addr.arpa" { ++ type master; ++ file "/etc/bind/db.127"; ++}; ++ ++zone "0.in-addr.arpa" { ++ type master; ++ file "/etc/bind/db.0"; ++}; ++ ++zone "255.in-addr.arpa" { ++ type master; ++ file "/etc/bind/db.255"; ++}; ++ ++// zone "com" { type delegation-only; }; ++// zone "net" { type delegation-only; }; ++ ++// From the release notes: ++// Because many of our users are uncomfortable receiving undelegated answers ++// from root or top level domains, other than a few for whom that behaviour ++// has been trusted and expected for quite some length of time, we have now ++// introduced the "root-delegations-only" feature which applies delegation-only ++// logic to all top level domains, and to the root domain. An exception list ++// should be specified, including "MUSEUM" and "DE", and any other top level ++// domains from whom undelegated responses are expected and trusted. ++// root-delegation-only exclude { "DE"; "MUSEUM"; }; ++ ++include "/etc/bind/named.conf.local"; +diff -urN bind-9.3.1.orig/conf/named.conf.local bind-9.3.1/conf/named.conf.local +--- bind-9.3.1.orig/conf/named.conf.local 1970-01-01 01:00:00.000000000 +0100 ++++ bind-9.3.1/conf/named.conf.local 2005-07-10 22:14:06.000000000 +0200 +@@ -0,0 +1,8 @@ ++// ++// Do any local configuration here ++// ++ ++// Consider adding the 1918 zones here, if they are not used in your ++// organization ++//include "/etc/bind/zones.rfc1918"; ++ +diff -urN bind-9.3.1.orig/conf/named.conf.options bind-9.3.1/conf/named.conf.options +--- bind-9.3.1.orig/conf/named.conf.options 1970-01-01 01:00:00.000000000 +0100 ++++ bind-9.3.1/conf/named.conf.options 2005-07-10 22:14:06.000000000 +0200 +@@ -0,0 +1,24 @@ ++options { ++ directory "/var/cache/bind"; ++ ++ // If there is a firewall between you and nameservers you want ++ // to talk to, you might need to uncomment the query-source ++ // directive below. Previous versions of BIND always asked ++ // questions using port 53, but BIND 8.1 and later use an unprivileged ++ // port by default. ++ ++ // query-source address * port 53; ++ ++ // If your ISP provided one or more IP addresses for stable ++ // nameservers, you probably want to use them as forwarders. ++ // Uncomment the following block, and insert the addresses replacing ++ // the all-0's placeholder. ++ ++ // forwarders { ++ // 0.0.0.0; ++ // }; ++ ++ auth-nxdomain no; # conform to RFC1035 ++ ++}; ++ +diff -urN bind-9.3.1.orig/conf/zones.rfc1918 bind-9.3.1/conf/zones.rfc1918 +--- bind-9.3.1.orig/conf/zones.rfc1918 1970-01-01 01:00:00.000000000 +0100 ++++ bind-9.3.1/conf/zones.rfc1918 2005-07-10 22:14:10.000000000 +0200 +@@ -0,0 +1,20 @@ ++zone "10.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; ++ ++zone "16.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; ++zone "17.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; ++zone "18.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; ++zone "19.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; ++zone "20.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; ++zone "21.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; ++zone "22.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; ++zone "23.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; ++zone "24.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; ++zone "25.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; ++zone "26.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; ++zone "27.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; ++zone "28.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; ++zone "29.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; ++zone "30.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; ++zone "31.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; ++ ++zone "168.192.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; +diff -urN bind-9.3.1.orig/init.d bind-9.3.1/init.d +--- bind-9.3.1.orig/init.d 1970-01-01 01:00:00.000000000 +0100 ++++ bind-9.3.1/init.d 2005-07-10 23:09:58.000000000 +0200 +@@ -0,0 +1,70 @@ ++#!/bin/sh ++ ++PATH=/sbin:/bin:/usr/sbin:/usr/bin ++ ++# for a chrooted server: "-u bind -t /var/lib/named" ++# Don't modify this line, change or create /etc/default/bind9. ++OPTIONS="" ++ ++test -f /etc/default/bind9 && . /etc/default/bind9 ++ ++test -x /usr/sbin/rndc || exit 0 ++ ++case "$1" in ++ start) ++ echo -n "Starting domain name service: named" ++ ++ modprobe capability >/dev/null 2>&1 || true ++ if [ ! -f /etc/bind/rndc.key ]; then ++ /usr/sbin/rndc-confgen -a -b 512 ++ chmod 0640 /etc/bind/rndc.key ++ fi ++ if [ -f /var/run/named/named.pid ]; then ++ ps `cat /var/run/named/named.pid` > /dev/null && exit 1 ++ fi ++ ++ # dirs under /var/run can go away on reboots. ++ mkdir -p /var/run/named ++ mkdir -p /var/cache/bind ++ chmod 775 /var/run/named ++ chown root:bind /var/run/named >/dev/null 2>&1 || true ++ ++ if [ ! -x /usr/sbin/named ]; then ++ echo "named binary missing - not starting" ++ exit 1 ++ fi ++ if start-stop-daemon --start --quiet --exec /usr/sbin/named \ ++ --pidfile /var/run/named/named.pid -- $OPTIONS; then ++ if [ -x /sbin/resolvconf ] ; then ++ echo "nameserver 127.0.0.1" | /sbin/resolvconf -a lo ++ fi ++ fi ++ echo "." ++ ;; ++ ++ stop) ++ echo -n "Stopping domain name service: named" ++ if [ -x /sbin/resolvconf ]; then ++ /sbin/resolvconf -d lo ++ fi ++ /usr/sbin/rndc stop >/dev/null 2>&1 ++ echo "." ++ ;; ++ ++ reload) ++ /usr/sbin/rndc reload ++ ;; ++ ++ restart|force-reload) ++ $0 stop ++ sleep 2 ++ $0 start ++ ;; ++ ++ *) ++ echo "Usage: /etc/init.d/bind {start|stop|reload|restart|force-reload}" >&2 ++ exit 1 ++ ;; ++esac ++ ++exit 0 diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.6/generate-rndc-key.sh b/poky/meta/recipes-connectivity/bind/bind-9.18.6/generate-rndc-key.sh new file mode 100644 index 0000000000..633e29c0e6 --- /dev/null +++ b/poky/meta/recipes-connectivity/bind/bind-9.18.6/generate-rndc-key.sh @@ -0,0 +1,8 @@ +#!/bin/sh + +if [ ! -s /etc/bind/rndc.key ]; then + echo -n "Generating /etc/bind/rndc.key:" + /usr/sbin/rndc-confgen -a -b 512 + chown root:bind /etc/bind/rndc.key + chmod 0640 /etc/bind/rndc.key +fi diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.6/init.d-add-support-for-read-only-rootfs.patch b/poky/meta/recipes-connectivity/bind/bind-9.18.6/init.d-add-support-for-read-only-rootfs.patch new file mode 100644 index 0000000000..11db95ede1 --- /dev/null +++ b/poky/meta/recipes-connectivity/bind/bind-9.18.6/init.d-add-support-for-read-only-rootfs.patch @@ -0,0 +1,65 @@ +Subject: init.d: add support for read-only rootfs + +Upstream-Status: Inappropriate [oe specific] + +Signed-off-by: Chen Qi +--- + init.d | 40 ++++++++++++++++++++++++++++++++++++++++ + 1 file changed, 40 insertions(+) + +diff --git a/init.d b/init.d +index 0111ed4..24677c8 100644 +--- a/init.d ++++ b/init.d +@@ -6,8 +6,48 @@ PATH=/sbin:/bin:/usr/sbin:/usr/bin + # Don't modify this line, change or create /etc/default/bind9. + OPTIONS="" + ++test -f /etc/default/rcS && . /etc/default/rcS + test -f /etc/default/bind9 && . /etc/default/bind9 + ++# This function is here because it's possible that /var and / are on different partitions. ++is_on_read_only_partition () { ++ DIRECTORY=$1 ++ dir=`readlink -f $DIRECTORY` ++ while true; do ++ if [ ! -d "$dir" ]; then ++ echo "ERROR: $dir is not a directory" ++ exit 1 ++ else ++ for flag in `awk -v dir=$dir '{ if ($2 == dir) { print "FOUND"; split($4,FLAGS,",") } }; \ ++ END { for (f in FLAGS) print FLAGS[f] }' < /proc/mounts`; do ++ [ "$flag" = "FOUND" ] && partition="read-write" ++ [ "$flag" = "ro" ] && { partition="read-only"; break; } ++ done ++ if [ "$dir" = "/" -o -n "$partition" ]; then ++ break ++ else ++ dir=`dirname $dir` ++ fi ++ fi ++ done ++ [ "$partition" = "read-only" ] && echo "yes" || echo "no" ++} ++ ++bind_mount () { ++ olddir=$1 ++ newdir=$2 ++ mkdir -p $olddir ++ cp -a $newdir/* $olddir ++ mount --bind $olddir $newdir ++} ++ ++# Deal with read-only rootfs ++if [ "$ROOTFS_READ_ONLY" = "yes" ]; then ++ [ "$VERBOSE" != "no" ] && echo "WARN: start bind service in read-only rootfs" ++ [ `is_on_read_only_partition /etc/bind` = "yes" ] && bind_mount /var/volatile/bind/etc /etc/bind ++ [ `is_on_read_only_partition /var/named` = "yes" ] && bind_mount /var/volatile/bind/named /var/named ++fi ++ + test -x /usr/sbin/rndc || exit 0 + + case "$1" in +-- +1.7.9.5 + diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.6/make-etc-initd-bind-stop-work.patch b/poky/meta/recipes-connectivity/bind/bind-9.18.6/make-etc-initd-bind-stop-work.patch new file mode 100644 index 0000000000..146f3e35db --- /dev/null +++ b/poky/meta/recipes-connectivity/bind/bind-9.18.6/make-etc-initd-bind-stop-work.patch @@ -0,0 +1,42 @@ +bind: make "/etc/init.d/bind stop" work + +Upstream-Status: Inappropriate [configuration] + +Add some configurations, make rndc command be able to controls +the named daemon. + +Signed-off-by: Roy Li +--- + conf/named.conf | 5 +++++ + conf/rndc.conf | 5 +++++ + 2 files changed, 10 insertions(+), 0 deletions(-) + create mode 100644 conf/rndc.conf + +diff --git a/conf/named.conf b/conf/named.conf +index 95829cf..c8899e7 100644 +--- a/conf/named.conf ++++ b/conf/named.conf +@@ -47,3 +47,8 @@ zone "255.in-addr.arpa" { + // root-delegation-only exclude { "DE"; "MUSEUM"; }; + + include "/etc/bind/named.conf.local"; ++include "/etc/bind/rndc.key" ; ++controls { ++ inet 127.0.0.1 allow { localhost; } ++ keys { rndc-key; }; ++}; +diff --git a/conf/rndc.conf b/conf/rndc.conf +new file mode 100644 +index 0000000..a0b481d +--- /dev/null ++++ b/conf/rndc.conf +@@ -0,0 +1,5 @@ ++include "/etc/bind/rndc.key"; ++options { ++ default-server localhost; ++ default-key rndc-key; ++}; + +-- +1.7.5.4 + diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.6/named.service b/poky/meta/recipes-connectivity/bind/bind-9.18.6/named.service new file mode 100644 index 0000000000..cda56ef015 --- /dev/null +++ b/poky/meta/recipes-connectivity/bind/bind-9.18.6/named.service @@ -0,0 +1,22 @@ +[Unit] +Description=Berkeley Internet Name Domain (DNS) +Wants=nss-lookup.target +Before=nss-lookup.target +After=network.target + +[Service] +Type=forking +EnvironmentFile=-/etc/default/bind9 +PIDFile=/run/named/named.pid + +ExecStartPre=@SBINDIR@/generate-rndc-key.sh +ExecStart=@SBINDIR@/named $OPTIONS + +ExecReload=@BASE_BINDIR@/sh -c '@SBINDIR@/rndc reload > /dev/null 2>&1 || @BASE_BINDIR@/kill -HUP $MAINPID' + +ExecStop=@BASE_BINDIR@/sh -c '@SBINDIR@/rndc stop > /dev/null 2>&1 || @BASE_BINDIR@/kill -TERM $MAINPID' + +PrivateTmp=true + +[Install] +WantedBy=multi-user.target diff --git a/poky/meta/recipes-connectivity/bind/bind_9.18.4.bb b/poky/meta/recipes-connectivity/bind/bind_9.18.4.bb deleted file mode 100644 index 8c62fc771d..0000000000 --- a/poky/meta/recipes-connectivity/bind/bind_9.18.4.bb +++ /dev/null @@ -1,114 +0,0 @@ -SUMMARY = "ISC Internet Domain Name Server" -HOMEPAGE = "https://www.isc.org/bind/" -DESCRIPTION = "BIND 9 provides a full-featured Domain Name Server system" -SECTION = "console/network" - -LICENSE = "MPL-2.0" -LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=9a4a897f202c0710e07f2f2836bc2b62" - -DEPENDS = "openssl libcap zlib libuv" - -SRC_URI = "https://ftp.isc.org/isc/bind9/${PV}/${BPN}-${PV}.tar.xz \ - file://conf.patch \ - file://named.service \ - file://bind9 \ - file://generate-rndc-key.sh \ - file://make-etc-initd-bind-stop-work.patch \ - file://init.d-add-support-for-read-only-rootfs.patch \ - file://bind-ensure-searching-for-json-headers-searches-sysr.patch \ - file://0001-named-lwresd-V-and-start-log-hide-build-options.patch \ - file://0001-avoid-start-failure-with-bind-user.patch \ - " - -SRC_URI[sha256sum] = "f277ae50159a00c300eb926a9c5d51953038a936bd8242d6913dfb6eac42761d" - -UPSTREAM_CHECK_URI = "https://ftp.isc.org/isc/bind9/" -# follow the ESV versions divisible by 2 -UPSTREAM_CHECK_REGEX = "(?P9.(\d*[02468])+(\.\d+)+(-P\d+)*)/" - -# Issue only affects dhcpd with recent bind versions. We don't ship dhcpd anymore -# so the issue doesn't affect us. -CVE_CHECK_IGNORE += "CVE-2019-6470" - -inherit autotools update-rc.d systemd useradd pkgconfig multilib_header update-alternatives - -# PACKAGECONFIGs readline and libedit should NOT be set at same time -PACKAGECONFIG ?= "readline" -PACKAGECONFIG[httpstats] = "--with-libxml2=${STAGING_DIR_HOST}${prefix},--without-libxml2,libxml2" -PACKAGECONFIG[readline] = "--with-readline=readline,,readline" -PACKAGECONFIG[libedit] = "--with-readline=libedit,,libedit" -PACKAGECONFIG[dns-over-http] = "--enable-doh,--disable-doh,nghttp2" - -EXTRA_OECONF = " --disable-devpoll --disable-auto-validation --enable-epoll \ - --with-gssapi=no --with-lmdb=no --with-zlib \ - --sysconfdir=${sysconfdir}/bind \ - --with-openssl=${STAGING_DIR_HOST}${prefix} \ - " -LDFLAGS:append = " -lz" - -# dhcp needs .la so keep them -REMOVE_LIBTOOL_LA = "0" - -USERADD_PACKAGES = "${PN}" -USERADD_PARAM:${PN} = "--system --home ${localstatedir}/cache/bind --no-create-home \ - --user-group bind" - -INITSCRIPT_NAME = "bind" -INITSCRIPT_PARAMS = "defaults" - -SYSTEMD_SERVICE:${PN} = "named.service" - -do_install:append() { - - install -d -o bind "${D}${localstatedir}/cache/bind" - install -d "${D}${sysconfdir}/bind" - install -d "${D}${sysconfdir}/init.d" - install -m 644 ${S}/conf/* "${D}${sysconfdir}/bind/" - install -m 755 "${S}/init.d" "${D}${sysconfdir}/init.d/bind" - - # Install systemd related files - install -d ${D}${sbindir} - install -m 755 ${WORKDIR}/generate-rndc-key.sh ${D}${sbindir} - install -d ${D}${systemd_system_unitdir} - install -m 0644 ${WORKDIR}/named.service ${D}${systemd_system_unitdir} - sed -i -e 's,@BASE_BINDIR@,${base_bindir},g' \ - -e 's,@SBINDIR@,${sbindir},g' \ - ${D}${systemd_system_unitdir}/named.service - - install -d ${D}${sysconfdir}/default - install -m 0644 ${WORKDIR}/bind9 ${D}${sysconfdir}/default - - if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then - install -d ${D}${sysconfdir}/tmpfiles.d - echo "d /run/named 0755 bind bind - -" > ${D}${sysconfdir}/tmpfiles.d/bind.conf - fi -} - -CONFFILES:${PN} = " \ - ${sysconfdir}/bind/named.conf \ - ${sysconfdir}/bind/named.conf.local \ - ${sysconfdir}/bind/named.conf.options \ - ${sysconfdir}/bind/db.0 \ - ${sysconfdir}/bind/db.127 \ - ${sysconfdir}/bind/db.empty \ - ${sysconfdir}/bind/db.local \ - ${sysconfdir}/bind/db.root \ - " - -ALTERNATIVE:${PN}-utils = "nslookup" -ALTERNATIVE_LINK_NAME[nslookup] = "${bindir}/nslookup" -ALTERNATIVE_PRIORITY = "100" - -PACKAGE_BEFORE_PN += "${PN}-utils" -FILES:${PN}-utils = "${bindir}/host ${bindir}/dig ${bindir}/mdig ${bindir}/nslookup ${bindir}/nsupdate" -FILES:${PN}-dev += "${bindir}/isc-config.h" -FILES:${PN} += "${sbindir}/generate-rndc-key.sh" - -PACKAGE_BEFORE_PN += "${PN}-libs" -# special arrangement below due to -# https://github.com/isc-projects/bind9/commit/0e25af628cd776f98c04fc4cc59048f5448f6c88 -FILES_SOLIBSDEV = "${libdir}/*[!0-9].so ${libdir}/libbind9.so" -FILES:${PN}-libs = "${libdir}/named/*.so* ${libdir}/*-${PV}.so" -FILES:${PN}-staticdev += "${libdir}/*.la" - -DEV_PKG_DEPENDENCY = "" diff --git a/poky/meta/recipes-connectivity/bind/bind_9.18.6.bb b/poky/meta/recipes-connectivity/bind/bind_9.18.6.bb new file mode 100644 index 0000000000..5f54942776 --- /dev/null +++ b/poky/meta/recipes-connectivity/bind/bind_9.18.6.bb @@ -0,0 +1,114 @@ +SUMMARY = "ISC Internet Domain Name Server" +HOMEPAGE = "https://www.isc.org/bind/" +DESCRIPTION = "BIND 9 provides a full-featured Domain Name Server system" +SECTION = "console/network" + +LICENSE = "MPL-2.0" +LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=9a4a897f202c0710e07f2f2836bc2b62" + +DEPENDS = "openssl libcap zlib libuv" + +SRC_URI = "https://ftp.isc.org/isc/bind9/${PV}/${BPN}-${PV}.tar.xz \ + file://conf.patch \ + file://named.service \ + file://bind9 \ + file://generate-rndc-key.sh \ + file://make-etc-initd-bind-stop-work.patch \ + file://init.d-add-support-for-read-only-rootfs.patch \ + file://bind-ensure-searching-for-json-headers-searches-sysr.patch \ + file://0001-named-lwresd-V-and-start-log-hide-build-options.patch \ + file://0001-avoid-start-failure-with-bind-user.patch \ + " + +SRC_URI[sha256sum] = "d43a0fed03c774d1685d203598218c0b7774a88fcc390a0170710d5feb7fbff1" + +UPSTREAM_CHECK_URI = "https://ftp.isc.org/isc/bind9/" +# follow the ESV versions divisible by 2 +UPSTREAM_CHECK_REGEX = "(?P9.(\d*[02468])+(\.\d+)+(-P\d+)*)/" + +# Issue only affects dhcpd with recent bind versions. We don't ship dhcpd anymore +# so the issue doesn't affect us. +CVE_CHECK_IGNORE += "CVE-2019-6470" + +inherit autotools update-rc.d systemd useradd pkgconfig multilib_header update-alternatives + +# PACKAGECONFIGs readline and libedit should NOT be set at same time +PACKAGECONFIG ?= "readline" +PACKAGECONFIG[httpstats] = "--with-libxml2=${STAGING_DIR_HOST}${prefix},--without-libxml2,libxml2" +PACKAGECONFIG[readline] = "--with-readline=readline,,readline" +PACKAGECONFIG[libedit] = "--with-readline=libedit,,libedit" +PACKAGECONFIG[dns-over-http] = "--enable-doh,--disable-doh,nghttp2" + +EXTRA_OECONF = " --disable-devpoll --disable-auto-validation --enable-epoll \ + --with-gssapi=no --with-lmdb=no --with-zlib \ + --sysconfdir=${sysconfdir}/bind \ + --with-openssl=${STAGING_DIR_HOST}${prefix} \ + " +LDFLAGS:append = " -lz" + +# dhcp needs .la so keep them +REMOVE_LIBTOOL_LA = "0" + +USERADD_PACKAGES = "${PN}" +USERADD_PARAM:${PN} = "--system --home ${localstatedir}/cache/bind --no-create-home \ + --user-group bind" + +INITSCRIPT_NAME = "bind" +INITSCRIPT_PARAMS = "defaults" + +SYSTEMD_SERVICE:${PN} = "named.service" + +do_install:append() { + + install -d -o bind "${D}${localstatedir}/cache/bind" + install -d "${D}${sysconfdir}/bind" + install -d "${D}${sysconfdir}/init.d" + install -m 644 ${S}/conf/* "${D}${sysconfdir}/bind/" + install -m 755 "${S}/init.d" "${D}${sysconfdir}/init.d/bind" + + # Install systemd related files + install -d ${D}${sbindir} + install -m 755 ${WORKDIR}/generate-rndc-key.sh ${D}${sbindir} + install -d ${D}${systemd_system_unitdir} + install -m 0644 ${WORKDIR}/named.service ${D}${systemd_system_unitdir} + sed -i -e 's,@BASE_BINDIR@,${base_bindir},g' \ + -e 's,@SBINDIR@,${sbindir},g' \ + ${D}${systemd_system_unitdir}/named.service + + install -d ${D}${sysconfdir}/default + install -m 0644 ${WORKDIR}/bind9 ${D}${sysconfdir}/default + + if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then + install -d ${D}${sysconfdir}/tmpfiles.d + echo "d /run/named 0755 bind bind - -" > ${D}${sysconfdir}/tmpfiles.d/bind.conf + fi +} + +CONFFILES:${PN} = " \ + ${sysconfdir}/bind/named.conf \ + ${sysconfdir}/bind/named.conf.local \ + ${sysconfdir}/bind/named.conf.options \ + ${sysconfdir}/bind/db.0 \ + ${sysconfdir}/bind/db.127 \ + ${sysconfdir}/bind/db.empty \ + ${sysconfdir}/bind/db.local \ + ${sysconfdir}/bind/db.root \ + " + +ALTERNATIVE:${PN}-utils = "nslookup" +ALTERNATIVE_LINK_NAME[nslookup] = "${bindir}/nslookup" +ALTERNATIVE_PRIORITY = "100" + +PACKAGE_BEFORE_PN += "${PN}-utils" +FILES:${PN}-utils = "${bindir}/host ${bindir}/dig ${bindir}/mdig ${bindir}/nslookup ${bindir}/nsupdate" +FILES:${PN}-dev += "${bindir}/isc-config.h" +FILES:${PN} += "${sbindir}/generate-rndc-key.sh" + +PACKAGE_BEFORE_PN += "${PN}-libs" +# special arrangement below due to +# https://github.com/isc-projects/bind9/commit/0e25af628cd776f98c04fc4cc59048f5448f6c88 +FILES_SOLIBSDEV = "${libdir}/*[!0-9].so ${libdir}/libbind9.so" +FILES:${PN}-libs = "${libdir}/named/*.so* ${libdir}/*-${PV}.so" +FILES:${PN}-staticdev += "${libdir}/*.la" + +DEV_PKG_DEPENDENCY = "" diff --git a/poky/meta/recipes-connectivity/bluez5/bluez5.inc b/poky/meta/recipes-connectivity/bluez5/bluez5.inc index 22dd07b348..79d4645ca8 100644 --- a/poky/meta/recipes-connectivity/bluez5/bluez5.inc +++ b/poky/meta/recipes-connectivity/bluez5/bluez5.inc @@ -53,7 +53,6 @@ SRC_URI = "${KERNELORG_MIRROR}/linux/bluetooth/bluez-${PV}.tar.xz \ ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '', 'file://0001-Allow-using-obexd-without-systemd-in-the-user-sessio.patch', d)} \ file://0001-tests-add-a-target-for-building-tests-without-runnin.patch \ file://0001-test-gatt-Fix-hung-issue.patch \ - file://fix_service.patch \ " S = "${WORKDIR}/bluez-${PV}" diff --git a/poky/meta/recipes-connectivity/bluez5/bluez5/fix_service.patch b/poky/meta/recipes-connectivity/bluez5/bluez5/fix_service.patch deleted file mode 100644 index 96fdf6b299..0000000000 --- a/poky/meta/recipes-connectivity/bluez5/bluez5/fix_service.patch +++ /dev/null @@ -1,30 +0,0 @@ -The systemd bluetooth service failed to start because the /var/lib/bluetooth -path of ReadWritePaths= is created by the bluetooth daemon itself. - -The commit systemd: Add more filesystem lockdown (442d211) add ReadWritePaths=/etc/bluetooth -and ReadOnlyPaths=/var/lib/bluetooth options to the bluetooth systemd service. -The existing ProtectSystem=full option mounts the /usr, the boot loader -directories and /etc read-only. This means the two option are useless and could be removed. - -Upstream-Status: Submitted [https://github.com/bluez/bluez/issues/329] - -Index: bluez-5.64/src/bluetooth.service.in -=================================================================== ---- bluez-5.64.orig/src/bluetooth.service.in -+++ bluez-5.64/src/bluetooth.service.in -@@ -15,12 +15,12 @@ LimitNPROC=1 - - # Filesystem lockdown - ProtectHome=true --ProtectSystem=full -+ProtectSystem=strict - PrivateTmp=true - ProtectKernelTunables=true - ProtectControlGroups=true --ReadWritePaths=@statedir@ --ReadOnlyPaths=@confdir@ -+ConfigurationDirectory=bluetooth -+StateDirectory=bluetooth - - # Execute Mappings - MemoryDenyWriteExecute=true diff --git a/poky/meta/recipes-connectivity/bluez5/bluez5_5.64.bb b/poky/meta/recipes-connectivity/bluez5/bluez5_5.64.bb deleted file mode 100644 index 4319f9aae8..0000000000 --- a/poky/meta/recipes-connectivity/bluez5/bluez5_5.64.bb +++ /dev/null @@ -1,70 +0,0 @@ -require bluez5.inc - -SRC_URI[sha256sum] = "ae437e65b6b3070c198bc5b0109fe9cdeb9eaa387380e2072f9de65fe8a1de34" - -# These issues have kernel fixes rather than bluez fixes so exclude here -CVE_CHECK_IGNORE += "CVE-2020-12352 CVE-2020-24490" - -# noinst programs in Makefile.tools that are conditional on READLINE -# support -NOINST_TOOLS_READLINE ?= " \ - ${@bb.utils.contains('PACKAGECONFIG', 'deprecated', 'attrib/gatttool', '', d)} \ - tools/obex-client-tool \ - tools/obex-server-tool \ - tools/bluetooth-player \ - tools/obexctl \ - tools/btmgmt \ -" - -# noinst programs in Makefile.tools that are conditional on TESTING -# support -NOINST_TOOLS_TESTING ?= " \ - emulator/btvirt \ - emulator/b1ee \ - emulator/hfp \ - peripheral/btsensor \ - tools/3dsp \ - tools/mgmt-tester \ - tools/gap-tester \ - tools/l2cap-tester \ - tools/sco-tester \ - tools/smp-tester \ - tools/hci-tester \ - tools/rfcomm-tester \ - tools/bnep-tester \ - tools/userchan-tester \ -" - -# noinst programs in Makefile.tools that are conditional on TOOLS -# support -NOINST_TOOLS_BT ?= " \ - tools/bdaddr \ - tools/avinfo \ - tools/avtest \ - tools/scotest \ - tools/amptest \ - tools/hwdb \ - tools/hcieventmask \ - tools/hcisecfilter \ - tools/btinfo \ - tools/btsnoop \ - tools/btproxy \ - tools/btiotest \ - tools/bneptest \ - tools/mcaptest \ - tools/cltest \ - tools/oobtest \ - tools/advtest \ - tools/seq2bseq \ - tools/nokfw \ - tools/create-image \ - tools/eddystone \ - tools/ibeacon \ - tools/btgatt-client \ - tools/btgatt-server \ - tools/test-runner \ - tools/check-selftest \ - tools/gatt-service \ - profiles/iap/iapd \ - ${@bb.utils.contains('PACKAGECONFIG', 'btpclient', 'tools/btpclient', '', d)} \ -" diff --git a/poky/meta/recipes-connectivity/bluez5/bluez5_5.65.bb b/poky/meta/recipes-connectivity/bluez5/bluez5_5.65.bb new file mode 100644 index 0000000000..4c15aeb46d --- /dev/null +++ b/poky/meta/recipes-connectivity/bluez5/bluez5_5.65.bb @@ -0,0 +1,70 @@ +require bluez5.inc + +SRC_URI[sha256sum] = "2565a4d48354b576e6ad92e25b54ed66808296581c8abb80587051f9993d96d4" + +# These issues have kernel fixes rather than bluez fixes so exclude here +CVE_CHECK_IGNORE += "CVE-2020-12352 CVE-2020-24490" + +# noinst programs in Makefile.tools that are conditional on READLINE +# support +NOINST_TOOLS_READLINE ?= " \ + ${@bb.utils.contains('PACKAGECONFIG', 'deprecated', 'attrib/gatttool', '', d)} \ + tools/obex-client-tool \ + tools/obex-server-tool \ + tools/bluetooth-player \ + tools/obexctl \ + tools/btmgmt \ +" + +# noinst programs in Makefile.tools that are conditional on TESTING +# support +NOINST_TOOLS_TESTING ?= " \ + emulator/btvirt \ + emulator/b1ee \ + emulator/hfp \ + peripheral/btsensor \ + tools/3dsp \ + tools/mgmt-tester \ + tools/gap-tester \ + tools/l2cap-tester \ + tools/sco-tester \ + tools/smp-tester \ + tools/hci-tester \ + tools/rfcomm-tester \ + tools/bnep-tester \ + tools/userchan-tester \ +" + +# noinst programs in Makefile.tools that are conditional on TOOLS +# support +NOINST_TOOLS_BT ?= " \ + tools/bdaddr \ + tools/avinfo \ + tools/avtest \ + tools/scotest \ + tools/amptest \ + tools/hwdb \ + tools/hcieventmask \ + tools/hcisecfilter \ + tools/btinfo \ + tools/btsnoop \ + tools/btproxy \ + tools/btiotest \ + tools/bneptest \ + tools/mcaptest \ + tools/cltest \ + tools/oobtest \ + tools/advtest \ + tools/seq2bseq \ + tools/nokfw \ + tools/create-image \ + tools/eddystone \ + tools/ibeacon \ + tools/btgatt-client \ + tools/btgatt-server \ + tools/test-runner \ + tools/check-selftest \ + tools/gatt-service \ + profiles/iap/iapd \ + ${@bb.utils.contains('PACKAGECONFIG', 'btpclient', 'tools/btpclient', '', d)} \ +" diff --git a/poky/meta/recipes-connectivity/connman/connman.inc b/poky/meta/recipes-connectivity/connman/connman.inc index 5880ecd5d4..d7af94f792 100644 --- a/poky/meta/recipes-connectivity/connman/connman.inc +++ b/poky/meta/recipes-connectivity/connman/connman.inc @@ -28,10 +28,15 @@ EXTRA_OECONF += "\ --enable-tools \ --disable-polkit \ " +# For smooth operation it would be best to start only one wireless daemon at a time. +# If wpa-supplicant is running, connman will use it preferentially. +# Select either wpa-supplicant or iwd +WIRELESS_DAEMON ??= "wpa-supplicant" PACKAGECONFIG ??= "wispr iptables client\ - ${@bb.utils.filter('DISTRO_FEATURES', '3g systemd wifi', d)} \ + ${@bb.utils.filter('DISTRO_FEATURES', '3g systemd', d)} \ ${@bb.utils.contains('DISTRO_FEATURES', 'bluetooth', 'bluez', '', d)} \ + ${@bb.utils.contains('DISTRO_FEATURES', 'wifi', 'wifi ${WIRELESS_DAEMON}', '', d)} \ " # If you want ConnMan to support VPN, add following statement into @@ -39,9 +44,11 @@ PACKAGECONFIG ??= "wispr iptables client\ # PACKAGECONFIG:append:pn-connman = " openvpn vpnc l2tp pptp" PACKAGECONFIG[systemd] = "--with-systemdunitdir=${systemd_system_unitdir}/ --with-tmpfilesdir=${sysconfdir}/tmpfiles.d/,--with-systemdunitdir='' --with-tmpfilesdir=''" -PACKAGECONFIG[wifi] = "--enable-wifi, --disable-wifi, wpa-supplicant, wpa-supplicant" +PACKAGECONFIG[wifi] = "--enable-wifi, --disable-wifi" PACKAGECONFIG[bluez] = "--enable-bluetooth, --disable-bluetooth, bluez5, bluez5" PACKAGECONFIG[3g] = "--enable-ofono, --disable-ofono, ofono, ofono" +PACKAGECONFIG[wpa-supplicant] = ",,wpa-supplicant,wpa-supplicant" +PACKAGECONFIG[iwd] = "--enable-iwd,--disable-iwd,,iwd" PACKAGECONFIG[tist] = "--enable-tist,--disable-tist," PACKAGECONFIG[openvpn] = "--enable-openvpn --with-openvpn=${sbindir}/openvpn,--disable-openvpn,,openvpn" PACKAGECONFIG[vpnc] = "--enable-vpnc --with-vpnc=${sbindir}/vpnc,--disable-vpnc,,vpnc" diff --git a/poky/meta/recipes-connectivity/connman/connman/CVE-2022-32292.patch b/poky/meta/recipes-connectivity/connman/connman/CVE-2022-32292.patch new file mode 100644 index 0000000000..182c5ca29c --- /dev/null +++ b/poky/meta/recipes-connectivity/connman/connman/CVE-2022-32292.patch @@ -0,0 +1,37 @@ +From d1a5ede5d255bde8ef707f8441b997563b9312bd Mon Sep 17 00:00:00 2001 +From: Nathan Crandall +Date: Tue, 12 Jul 2022 08:56:34 +0200 +Subject: gweb: Fix OOB write in received_data() + +There is a mismatch of handling binary vs. C-string data with memchr +and strlen, resulting in pos, count, and bytes_read to become out of +sync and result in a heap overflow. Instead, do not treat the buffer +as an ASCII C-string. We calculate the count based on the return value +of memchr, instead of strlen. + +Fixes: CVE-2022-32292 + +CVE: CVE-2022-32292 + +Upstream-Status: Backport [https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=d1a5ede5d255bde8ef707f8441b997563b9312bd] +Signed-off-by: Khem Raj +--- + gweb/gweb.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/gweb/gweb.c b/gweb/gweb.c +index 12fcb1d8..13c6c5f2 100644 +--- a/gweb/gweb.c ++++ b/gweb/gweb.c +@@ -918,7 +918,7 @@ static gboolean received_data(GIOChannel *channel, GIOCondition cond, + } + + *pos = '\0'; +- count = strlen((char *) ptr); ++ count = pos - ptr; + if (count > 0 && ptr[count - 1] == '\r') { + ptr[--count] = '\0'; + bytes_read--; +-- +cgit + diff --git a/poky/meta/recipes-connectivity/connman/connman/CVE-2022-32293_p1.patch b/poky/meta/recipes-connectivity/connman/connman/CVE-2022-32293_p1.patch new file mode 100644 index 0000000000..b280203594 --- /dev/null +++ b/poky/meta/recipes-connectivity/connman/connman/CVE-2022-32293_p1.patch @@ -0,0 +1,141 @@ +From 72343929836de80727a27d6744c869dff045757c Mon Sep 17 00:00:00 2001 +From: Daniel Wagner +Date: Tue, 5 Jul 2022 08:32:12 +0200 +Subject: wispr: Add reference counter to portal context + +Track the connman_wispr_portal_context live time via a +refcounter. This only adds the infrastructure to do proper reference +counting. + +Fixes: CVE-2022-32293 +CVE: CVE-2022-32293 +Upstream-Status: Backport [https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=416bfaff988882c553c672e5bfc2d4f648d29e8a] +Signed-off-by: Khem Raj +--- + src/wispr.c | 52 ++++++++++++++++++++++++++++++++++++++++++---------- + 1 file changed, 42 insertions(+), 10 deletions(-) + +diff --git a/src/wispr.c b/src/wispr.c +index a07896ca..bde7e63b 100644 +--- a/src/wispr.c ++++ b/src/wispr.c +@@ -56,6 +56,7 @@ struct wispr_route { + }; + + struct connman_wispr_portal_context { ++ int refcount; + struct connman_service *service; + enum connman_ipconfig_type type; + struct connman_wispr_portal *wispr_portal; +@@ -97,6 +98,11 @@ static char *online_check_ipv4_url = NULL; + static char *online_check_ipv6_url = NULL; + static bool enable_online_to_ready_transition = false; + ++#define wispr_portal_context_ref(wp_context) \ ++ wispr_portal_context_ref_debug(wp_context, __FILE__, __LINE__, __func__) ++#define wispr_portal_context_unref(wp_context) \ ++ wispr_portal_context_unref_debug(wp_context, __FILE__, __LINE__, __func__) ++ + static void connman_wispr_message_init(struct connman_wispr_message *msg) + { + DBG(""); +@@ -162,9 +168,6 @@ static void free_connman_wispr_portal_context( + { + DBG("context %p", wp_context); + +- if (!wp_context) +- return; +- + if (wp_context->wispr_portal) { + if (wp_context->wispr_portal->ipv4_context == wp_context) + wp_context->wispr_portal->ipv4_context = NULL; +@@ -201,9 +204,38 @@ static void free_connman_wispr_portal_context( + g_free(wp_context); + } + ++static struct connman_wispr_portal_context * ++wispr_portal_context_ref_debug(struct connman_wispr_portal_context *wp_context, ++ const char *file, int line, const char *caller) ++{ ++ DBG("%p ref %d by %s:%d:%s()", wp_context, ++ wp_context->refcount + 1, file, line, caller); ++ ++ __sync_fetch_and_add(&wp_context->refcount, 1); ++ ++ return wp_context; ++} ++ ++static void wispr_portal_context_unref_debug( ++ struct connman_wispr_portal_context *wp_context, ++ const char *file, int line, const char *caller) ++{ ++ if (!wp_context) ++ return; ++ ++ DBG("%p ref %d by %s:%d:%s()", wp_context, ++ wp_context->refcount - 1, file, line, caller); ++ ++ if (__sync_fetch_and_sub(&wp_context->refcount, 1) != 1) ++ return; ++ ++ free_connman_wispr_portal_context(wp_context); ++} ++ + static struct connman_wispr_portal_context *create_wispr_portal_context(void) + { +- return g_try_new0(struct connman_wispr_portal_context, 1); ++ return wispr_portal_context_ref( ++ g_new0(struct connman_wispr_portal_context, 1)); + } + + static void free_connman_wispr_portal(gpointer data) +@@ -215,8 +247,8 @@ static void free_connman_wispr_portal(gpointer data) + if (!wispr_portal) + return; + +- free_connman_wispr_portal_context(wispr_portal->ipv4_context); +- free_connman_wispr_portal_context(wispr_portal->ipv6_context); ++ wispr_portal_context_unref(wispr_portal->ipv4_context); ++ wispr_portal_context_unref(wispr_portal->ipv6_context); + + g_free(wispr_portal); + } +@@ -452,7 +484,7 @@ static void portal_manage_status(GWebResult *result, + connman_info("Client-Timezone: %s", str); + + if (!enable_online_to_ready_transition) +- free_connman_wispr_portal_context(wp_context); ++ wispr_portal_context_unref(wp_context); + + __connman_service_ipconfig_indicate_state(service, + CONNMAN_SERVICE_STATE_ONLINE, type); +@@ -616,7 +648,7 @@ static void wispr_portal_request_wispr_login(struct connman_service *service, + return; + } + +- free_connman_wispr_portal_context(wp_context); ++ wispr_portal_context_unref(wp_context); + return; + } + +@@ -952,7 +984,7 @@ static int wispr_portal_detect(struct connman_wispr_portal_context *wp_context) + + if (wp_context->token == 0) { + err = -EINVAL; +- free_connman_wispr_portal_context(wp_context); ++ wispr_portal_context_unref(wp_context); + } + } else if (wp_context->timeout == 0) { + wp_context->timeout = g_idle_add(no_proxy_callback, wp_context); +@@ -1001,7 +1033,7 @@ int __connman_wispr_start(struct connman_service *service, + + /* If there is already an existing context, we wipe it */ + if (wp_context) +- free_connman_wispr_portal_context(wp_context); ++ wispr_portal_context_unref(wp_context); + + wp_context = create_wispr_portal_context(); + if (!wp_context) +-- +cgit + diff --git a/poky/meta/recipes-connectivity/connman/connman/CVE-2022-32293_p2.patch b/poky/meta/recipes-connectivity/connman/connman/CVE-2022-32293_p2.patch new file mode 100644 index 0000000000..56f8fc82de --- /dev/null +++ b/poky/meta/recipes-connectivity/connman/connman/CVE-2022-32293_p2.patch @@ -0,0 +1,174 @@ +From 416bfaff988882c553c672e5bfc2d4f648d29e8a Mon Sep 17 00:00:00 2001 +From: Daniel Wagner +Date: Tue, 5 Jul 2022 09:11:09 +0200 +Subject: wispr: Update portal context references + +Maintain proper portal context references to avoid UAF. + +Fixes: CVE-2022-32293 +CVE: CVE-2022-32293 +Upstream-Status: Backport [https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=72343929836de80727a27d6744c869dff045757c] +Signed-off-by: Khem Raj +--- + src/wispr.c | 34 ++++++++++++++++++++++------------ + 1 file changed, 22 insertions(+), 12 deletions(-) + +diff --git a/src/wispr.c b/src/wispr.c +index bde7e63b..84bed33f 100644 +--- a/src/wispr.c ++++ b/src/wispr.c +@@ -105,8 +105,6 @@ static bool enable_online_to_ready_transition = false; + + static void connman_wispr_message_init(struct connman_wispr_message *msg) + { +- DBG(""); +- + msg->has_error = false; + msg->current_element = NULL; + +@@ -166,8 +164,6 @@ static void free_wispr_routes(struct connman_wispr_portal_context *wp_context) + static void free_connman_wispr_portal_context( + struct connman_wispr_portal_context *wp_context) + { +- DBG("context %p", wp_context); +- + if (wp_context->wispr_portal) { + if (wp_context->wispr_portal->ipv4_context == wp_context) + wp_context->wispr_portal->ipv4_context = NULL; +@@ -483,9 +479,6 @@ static void portal_manage_status(GWebResult *result, + &str)) + connman_info("Client-Timezone: %s", str); + +- if (!enable_online_to_ready_transition) +- wispr_portal_context_unref(wp_context); +- + __connman_service_ipconfig_indicate_state(service, + CONNMAN_SERVICE_STATE_ONLINE, type); + +@@ -546,14 +539,17 @@ static void wispr_portal_request_portal( + { + DBG(""); + ++ wispr_portal_context_ref(wp_context); + wp_context->request_id = g_web_request_get(wp_context->web, + wp_context->status_url, + wispr_portal_web_result, + wispr_route_request, + wp_context); + +- if (wp_context->request_id == 0) ++ if (wp_context->request_id == 0) { + wispr_portal_error(wp_context); ++ wispr_portal_context_unref(wp_context); ++ } + } + + static bool wispr_input(const guint8 **data, gsize *length, +@@ -618,13 +614,15 @@ static void wispr_portal_browser_reply_cb(struct connman_service *service, + return; + + if (!authentication_done) { +- wispr_portal_error(wp_context); + free_wispr_routes(wp_context); ++ wispr_portal_error(wp_context); ++ wispr_portal_context_unref(wp_context); + return; + } + + /* Restarting the test */ + __connman_service_wispr_start(service, wp_context->type); ++ wispr_portal_context_unref(wp_context); + } + + static void wispr_portal_request_wispr_login(struct connman_service *service, +@@ -700,11 +698,13 @@ static bool wispr_manage_message(GWebResult *result, + + wp_context->wispr_result = CONNMAN_WISPR_RESULT_LOGIN; + ++ wispr_portal_context_ref(wp_context); + if (__connman_agent_request_login_input(wp_context->service, + wispr_portal_request_wispr_login, +- wp_context) != -EINPROGRESS) ++ wp_context) != -EINPROGRESS) { + wispr_portal_error(wp_context); +- else ++ wispr_portal_context_unref(wp_context); ++ } else + return true; + + break; +@@ -753,6 +753,7 @@ static bool wispr_portal_web_result(GWebResult *result, gpointer user_data) + if (length > 0) { + g_web_parser_feed_data(wp_context->wispr_parser, + chunk, length); ++ wispr_portal_context_unref(wp_context); + return true; + } + +@@ -770,6 +771,7 @@ static bool wispr_portal_web_result(GWebResult *result, gpointer user_data) + + switch (status) { + case 000: ++ wispr_portal_context_ref(wp_context); + __connman_agent_request_browser(wp_context->service, + wispr_portal_browser_reply_cb, + wp_context->status_url, wp_context); +@@ -781,11 +783,14 @@ static bool wispr_portal_web_result(GWebResult *result, gpointer user_data) + if (g_web_result_get_header(result, "X-ConnMan-Status", + &str)) { + portal_manage_status(result, wp_context); ++ wispr_portal_context_unref(wp_context); + return false; +- } else ++ } else { ++ wispr_portal_context_ref(wp_context); + __connman_agent_request_browser(wp_context->service, + wispr_portal_browser_reply_cb, + wp_context->redirect_url, wp_context); ++ } + + break; + case 300: +@@ -798,6 +803,7 @@ static bool wispr_portal_web_result(GWebResult *result, gpointer user_data) + !g_web_result_get_header(result, "Location", + &redirect)) { + ++ wispr_portal_context_ref(wp_context); + __connman_agent_request_browser(wp_context->service, + wispr_portal_browser_reply_cb, + wp_context->status_url, wp_context); +@@ -808,6 +814,7 @@ static bool wispr_portal_web_result(GWebResult *result, gpointer user_data) + + wp_context->redirect_url = g_strdup(redirect); + ++ wispr_portal_context_ref(wp_context); + wp_context->request_id = g_web_request_get(wp_context->web, + redirect, wispr_portal_web_result, + wispr_route_request, wp_context); +@@ -820,6 +827,7 @@ static bool wispr_portal_web_result(GWebResult *result, gpointer user_data) + + break; + case 505: ++ wispr_portal_context_ref(wp_context); + __connman_agent_request_browser(wp_context->service, + wispr_portal_browser_reply_cb, + wp_context->status_url, wp_context); +@@ -832,6 +840,7 @@ static bool wispr_portal_web_result(GWebResult *result, gpointer user_data) + wp_context->request_id = 0; + done: + wp_context->wispr_msg.message_type = -1; ++ wispr_portal_context_unref(wp_context); + return false; + } + +@@ -890,6 +899,7 @@ static void proxy_callback(const char *proxy, void *user_data) + xml_wispr_parser_callback, wp_context); + + wispr_portal_request_portal(wp_context); ++ wispr_portal_context_unref(wp_context); + } + + static gboolean no_proxy_callback(gpointer user_data) +-- +cgit + diff --git a/poky/meta/recipes-connectivity/connman/connman_1.41.bb b/poky/meta/recipes-connectivity/connman/connman_1.41.bb index 736b78eaeb..79542b2175 100644 --- a/poky/meta/recipes-connectivity/connman/connman_1.41.bb +++ b/poky/meta/recipes-connectivity/connman/connman_1.41.bb @@ -5,6 +5,9 @@ SRC_URI = "${KERNELORG_MIRROR}/linux/network/${BPN}/${BP}.tar.xz \ file://0001-connman.service-stop-systemd-resolved-when-we-use-co.patch \ file://connman \ file://no-version-scripts.patch \ + file://CVE-2022-32293_p1.patch \ + file://CVE-2022-32293_p2.patch \ + file://CVE-2022-32292.patch \ " SRC_URI:append:libc-musl = " file://0002-resolve-musl-does-not-implement-res_ninit.patch" diff --git a/poky/meta/recipes-connectivity/iproute2/iproute2/0001-configure-Define-_GNU_SOURCE-when-checking-for-setns.patch b/poky/meta/recipes-connectivity/iproute2/iproute2/0001-configure-Define-_GNU_SOURCE-when-checking-for-setns.patch new file mode 100644 index 0000000000..04d44ef444 --- /dev/null +++ b/poky/meta/recipes-connectivity/iproute2/iproute2/0001-configure-Define-_GNU_SOURCE-when-checking-for-setns.patch @@ -0,0 +1,28 @@ +From dc837a6b4c2cad7f31cddfe56cd652e26baadc02 Mon Sep 17 00:00:00 2001 +From: Khem Raj +Date: Wed, 10 Aug 2022 22:31:03 -0700 +Subject: [PATCH] configure: Define _GNU_SOURCE when checking for setns + +glibc defines this function only as gnu extention + +Upstream-Status: Submitted [https://lore.kernel.org/netdev/20220811053440.778649-1-raj.khem@gmail.com/T/#u] +Signed-off-by: Khem Raj +--- + configure | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/configure b/configure +index 440facb..c02753b 100755 +--- a/configure ++++ b/configure +@@ -191,6 +191,7 @@ check_ipt_lib_dir() + check_setns() + { + cat >$TMPDIR/setnstest.c < + int main(int argc, char **argv) + { +-- +2.37.1 + diff --git a/poky/meta/recipes-connectivity/iproute2/iproute2/0001-ip-ipstats.c-add-an-include-where-MIN-is-defined.patch b/poky/meta/recipes-connectivity/iproute2/iproute2/0001-ip-ipstats.c-add-an-include-where-MIN-is-defined.patch new file mode 100644 index 0000000000..edd73818ba --- /dev/null +++ b/poky/meta/recipes-connectivity/iproute2/iproute2/0001-ip-ipstats.c-add-an-include-where-MIN-is-defined.patch @@ -0,0 +1,25 @@ +From c8a99f1035ec7b158a204f90e9a7ed3c0b1e3d52 Mon Sep 17 00:00:00 2001 +From: Alexander Kanavin +Date: Fri, 5 Aug 2022 11:31:56 +0200 +Subject: [PATCH] ip/ipstats.c: add an include where MIN is defined + +Otherwise, non-glibc systems error out (e.g. on musl). + +Upstream-Status: Submitted [by email to stephen@networkplumber.org,netdev@vger.kernel.org] +Signed-off-by: Alexander Kanavin +--- + ip/ipstats.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/ip/ipstats.c b/ip/ipstats.c +index 5cdd15a..1ac275b 100644 +--- a/ip/ipstats.c ++++ b/ip/ipstats.c +@@ -1,6 +1,7 @@ + // SPDX-License-Identifier: GPL-2.0+ + #include + #include ++#include + + #include "list.h" + #include "utils.h" diff --git a/poky/meta/recipes-connectivity/iproute2/iproute2_5.18.0.bb b/poky/meta/recipes-connectivity/iproute2/iproute2_5.18.0.bb deleted file mode 100644 index 3e01c70801..0000000000 --- a/poky/meta/recipes-connectivity/iproute2/iproute2_5.18.0.bb +++ /dev/null @@ -1,11 +0,0 @@ -require iproute2.inc - -SRC_URI = "${KERNELORG_MIRROR}/linux/utils/net/${BPN}/${BP}.tar.xz \ - file://0001-libc-compat.h-add-musl-workaround.patch \ - " - -SRC_URI[sha256sum] = "5ba3d464d51c8c283550d507ffac3d10f7aec587b7c66b0ccb6950643646389e" - -# CFLAGS are computed in Makefile and reference CCOPTS -# -EXTRA_OEMAKE:append = " CCOPTS='${CFLAGS}'" diff --git a/poky/meta/recipes-connectivity/iproute2/iproute2_5.19.0.bb b/poky/meta/recipes-connectivity/iproute2/iproute2_5.19.0.bb new file mode 100644 index 0000000000..6a007797c9 --- /dev/null +++ b/poky/meta/recipes-connectivity/iproute2/iproute2_5.19.0.bb @@ -0,0 +1,13 @@ +require iproute2.inc + +SRC_URI = "${KERNELORG_MIRROR}/linux/utils/net/${BPN}/${BP}.tar.xz \ + file://0001-libc-compat.h-add-musl-workaround.patch \ + file://0001-ip-ipstats.c-add-an-include-where-MIN-is-defined.patch \ + file://0001-configure-Define-_GNU_SOURCE-when-checking-for-setns.patch \ + " + +SRC_URI[sha256sum] = "26b7a34d6a7fd2f7a42e2b39c5a90cb61bac522d1096067ffeb195e5693d7791" + +# CFLAGS are computed in Makefile and reference CCOPTS +# +EXTRA_OEMAKE:append = " CCOPTS='${CFLAGS}'" diff --git a/poky/meta/recipes-connectivity/kea/kea_2.0.2.bb b/poky/meta/recipes-connectivity/kea/kea_2.0.2.bb deleted file mode 100644 index 13da1f858d..0000000000 --- a/poky/meta/recipes-connectivity/kea/kea_2.0.2.bb +++ /dev/null @@ -1,77 +0,0 @@ -SUMMARY = "ISC Kea DHCP Server" -DESCRIPTION = "Kea is the next generation of DHCP software developed by ISC. It supports both DHCPv4 and DHCPv6 protocols along with their extensions, e.g. prefix delegation and dynamic updates to DNS." -HOMEPAGE = "http://kea.isc.org" -SECTION = "connectivity" -LICENSE = "MPL-2.0 & Apache-2.0" -LIC_FILES_CHKSUM = "file://COPYING;md5=b4ecee995eeb6780a17dd7e539e97abc" - -DEPENDS = "boost log4cplus openssl" - -SRC_URI = "http://ftp.isc.org/isc/kea/${PV}/${BP}.tar.gz \ - file://kea-dhcp4.service \ - file://kea-dhcp6.service \ - file://kea-dhcp-ddns.service \ - file://kea-dhcp4-server \ - file://kea-dhcp6-server \ - file://kea-dhcp-ddns-server \ - file://fix-multilib-conflict.patch \ - file://fix_pid_keactrl.patch \ - file://0001-src-lib-log-logger_unittest_support.cc-do-not-write-.patch \ - " -SRC_URI[sha256sum] = "8d28213bdc8e2bb870a383b30ac1e53d54e1eba43d2f86e5151b08b66aa6cf32" - -inherit autotools systemd update-rc.d upstream-version-is-even - -INITSCRIPT_NAME = "kea-dhcp4-server" -INITSCRIPT_PARAMS = "defaults 30" - -SYSTEMD_SERVICE:${PN} = "kea-dhcp4.service kea-dhcp6.service kea-dhcp-ddns.service" -SYSTEMD_AUTO_ENABLE = "disable" - -DEBUG_OPTIMIZATION:remove:mips = " -Og" -DEBUG_OPTIMIZATION:append:mips = " -O" -BUILD_OPTIMIZATION:remove:mips = " -Og" -BUILD_OPTIMIZATION:append:mips = " -O" - -DEBUG_OPTIMIZATION:remove:mipsel = " -Og" -DEBUG_OPTIMIZATION:append:mipsel = " -O" -BUILD_OPTIMIZATION:remove:mipsel = " -Og" -BUILD_OPTIMIZATION:append:mipsel = " -O" - -EXTRA_OECONF = "--with-boost-libs=-lboost_system \ - --with-log4cplus=${STAGING_DIR_TARGET}${prefix} \ - --with-openssl=${STAGING_DIR_TARGET}${prefix}" - -do_configure:prepend() { - # replace abs_top_builddir to avoid introducing the build path - # don't expand the abs_top_builddir on the target as the abs_top_builddir is meanlingless on the target - find ${S} -type f -name *.sh.in | xargs sed -i "s:@abs_top_builddir@:@abs_top_builddir_placeholder@:g" - sed -i "s:@abs_top_srcdir@:@abs_top_srcdir_placeholder@:g" ${S}/src/bin/admin/kea-admin.in -} - -# patch out build host paths for reproducibility -do_compile:prepend:class-target() { - sed -i -e "s,${WORKDIR},,g" ${B}/config.report -} - -do_install:append() { - install -d ${D}${sysconfdir}/init.d - install -d ${D}${systemd_system_unitdir} - - install -m 0644 ${WORKDIR}/kea-dhcp*service ${D}${systemd_system_unitdir} - install -m 0755 ${WORKDIR}/kea-*-server ${D}${sysconfdir}/init.d - sed -i -e 's,@SBINDIR@,${sbindir},g' -e 's,@BASE_BINDIR@,${base_bindir},g' \ - -e 's,@LOCALSTATEDIR@,${localstatedir},g' -e 's,@SYSCONFDIR@,${sysconfdir},g' \ - ${D}${systemd_system_unitdir}/kea-dhcp*service ${D}${sbindir}/keactrl -} - -do_install:append() { - rm -rf "${D}${localstatedir}" -} - -CONFFILES:${PN} = "${sysconfdir}/kea/keactrl.conf" - -FILES:${PN}-staticdev += "${libdir}/kea/hooks/*.a ${libdir}/hooks/*.a" -FILES:${PN} += "${libdir}/hooks/*.so" - -PARALLEL_MAKEINST = "" diff --git a/poky/meta/recipes-connectivity/kea/kea_2.2.0.bb b/poky/meta/recipes-connectivity/kea/kea_2.2.0.bb new file mode 100644 index 0000000000..2c2e5a74dd --- /dev/null +++ b/poky/meta/recipes-connectivity/kea/kea_2.2.0.bb @@ -0,0 +1,77 @@ +SUMMARY = "ISC Kea DHCP Server" +DESCRIPTION = "Kea is the next generation of DHCP software developed by ISC. It supports both DHCPv4 and DHCPv6 protocols along with their extensions, e.g. prefix delegation and dynamic updates to DNS." +HOMEPAGE = "http://kea.isc.org" +SECTION = "connectivity" +LICENSE = "MPL-2.0" +LIC_FILES_CHKSUM = "file://COPYING;md5=97ce14bdd2733f5b84ab5e29380d057d" + +DEPENDS = "boost log4cplus openssl" + +SRC_URI = "http://ftp.isc.org/isc/kea/${PV}/${BP}.tar.gz \ + file://kea-dhcp4.service \ + file://kea-dhcp6.service \ + file://kea-dhcp-ddns.service \ + file://kea-dhcp4-server \ + file://kea-dhcp6-server \ + file://kea-dhcp-ddns-server \ + file://fix-multilib-conflict.patch \ + file://fix_pid_keactrl.patch \ + file://0001-src-lib-log-logger_unittest_support.cc-do-not-write-.patch \ + " +SRC_URI[sha256sum] = "da7d90ca62a772602dac6e77e507319038422895ad68eeb142f1487d67d531d2" + +inherit autotools systemd update-rc.d upstream-version-is-even + +INITSCRIPT_NAME = "kea-dhcp4-server" +INITSCRIPT_PARAMS = "defaults 30" + +SYSTEMD_SERVICE:${PN} = "kea-dhcp4.service kea-dhcp6.service kea-dhcp-ddns.service" +SYSTEMD_AUTO_ENABLE = "disable" + +DEBUG_OPTIMIZATION:remove:mips = " -Og" +DEBUG_OPTIMIZATION:append:mips = " -O" +BUILD_OPTIMIZATION:remove:mips = " -Og" +BUILD_OPTIMIZATION:append:mips = " -O" + +DEBUG_OPTIMIZATION:remove:mipsel = " -Og" +DEBUG_OPTIMIZATION:append:mipsel = " -O" +BUILD_OPTIMIZATION:remove:mipsel = " -Og" +BUILD_OPTIMIZATION:append:mipsel = " -O" + +EXTRA_OECONF = "--with-boost-libs=-lboost_system \ + --with-log4cplus=${STAGING_DIR_TARGET}${prefix} \ + --with-openssl=${STAGING_DIR_TARGET}${prefix}" + +do_configure:prepend() { + # replace abs_top_builddir to avoid introducing the build path + # don't expand the abs_top_builddir on the target as the abs_top_builddir is meanlingless on the target + find ${S} -type f -name *.sh.in | xargs sed -i "s:@abs_top_builddir@:@abs_top_builddir_placeholder@:g" + sed -i "s:@abs_top_srcdir@:@abs_top_srcdir_placeholder@:g" ${S}/src/bin/admin/kea-admin.in +} + +# patch out build host paths for reproducibility +do_compile:prepend:class-target() { + sed -i -e "s,${WORKDIR},,g" ${B}/config.report +} + +do_install:append() { + install -d ${D}${sysconfdir}/init.d + install -d ${D}${systemd_system_unitdir} + + install -m 0644 ${WORKDIR}/kea-dhcp*service ${D}${systemd_system_unitdir} + install -m 0755 ${WORKDIR}/kea-*-server ${D}${sysconfdir}/init.d + sed -i -e 's,@SBINDIR@,${sbindir},g' -e 's,@BASE_BINDIR@,${base_bindir},g' \ + -e 's,@LOCALSTATEDIR@,${localstatedir},g' -e 's,@SYSCONFDIR@,${sysconfdir},g' \ + ${D}${systemd_system_unitdir}/kea-dhcp*service ${D}${sbindir}/keactrl +} + +do_install:append() { + rm -rf "${D}${localstatedir}" +} + +CONFFILES:${PN} = "${sysconfdir}/kea/keactrl.conf" + +FILES:${PN}-staticdev += "${libdir}/kea/hooks/*.a ${libdir}/hooks/*.a" +FILES:${PN} += "${libdir}/hooks/*.so" + +PARALLEL_MAKEINST = "" diff --git a/poky/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb b/poky/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb index e6f216e5cb..2cc92b7b47 100644 --- a/poky/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb +++ b/poky/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb @@ -5,8 +5,8 @@ SECTION = "network" LICENSE = "PD" LIC_FILES_CHKSUM = "file://COPYING;md5=87964579b2a8ece4bc6744d2dc9a8b04" -SRCREV = "3d5c8d0f7e0264768a2c000d0fd4b4d4a991e041" -PV = "20220511" +SRCREV = "fe19892a8168bf19d81e3bc4ee319bf7f9f058f5" +PV = "20220725" PE = "1" SRC_URI = "git://gitlab.gnome.org/GNOME/mobile-broadband-provider-info.git;protocol=https;branch=main" diff --git a/poky/meta/recipes-connectivity/nfs-utils/nfs-utils/0005-mountd-Check-for-return-of-stat-function.patch b/poky/meta/recipes-connectivity/nfs-utils/nfs-utils/0005-mountd-Check-for-return-of-stat-function.patch new file mode 100644 index 0000000000..13a21e5307 --- /dev/null +++ b/poky/meta/recipes-connectivity/nfs-utils/nfs-utils/0005-mountd-Check-for-return-of-stat-function.patch @@ -0,0 +1,34 @@ +From 887ecc7837962e9be77a4fea7d9122648f73a84a Mon Sep 17 00:00:00 2001 +From: Khem Raj +Date: Mon, 15 Aug 2022 14:47:53 -0700 +Subject: [PATCH] mountd: Check for return of stat function + +simplify the check, stat() return 0 on success -1 on failure + +Fixes clang reported errors e.g. + +| v4clients.c:29:6: error: logical not is only applied to the left hand side of this comparison [-Werror,-Wlogical-not-parentheses] +| if (!stat("/proc/fs/nfsd/clients", &sb) == 0 || +| ^ ~~ + +Upstream-Status: Submitted [https://patchwork.kernel.org/project/linux-nfs/patch/20220816024403.2694169-1-raj.khem@gmail.com/] +Signed-off-by: Khem Raj +Cc: Konstantin Khorenko +Cc: Steve Dickson +--- + support/export/v4clients.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/support/export/v4clients.c b/support/export/v4clients.c +index 5f15b61..3230251 100644 +--- a/support/export/v4clients.c ++++ b/support/export/v4clients.c +@@ -26,7 +26,7 @@ void v4clients_init(void) + { + struct stat sb; + +- if (!stat("/proc/fs/nfsd/clients", &sb) == 0 || ++ if (stat("/proc/fs/nfsd/clients", &sb) != 0 || + !S_ISDIR(sb.st_mode)) + return; + if (clients_fd >= 0) diff --git a/poky/meta/recipes-connectivity/nfs-utils/nfs-utils/0006-Fix-function-prototypes.patch b/poky/meta/recipes-connectivity/nfs-utils/nfs-utils/0006-Fix-function-prototypes.patch new file mode 100644 index 0000000000..793bc4651c --- /dev/null +++ b/poky/meta/recipes-connectivity/nfs-utils/nfs-utils/0006-Fix-function-prototypes.patch @@ -0,0 +1,93 @@ +From cf0ffbb5c8fa167376926d12a63613f15aa7602f Mon Sep 17 00:00:00 2001 +From: Khem Raj +Date: Mon, 15 Aug 2022 14:50:15 -0700 +Subject: [PATCH] Fix function prototypes + +Clang is now erroring out on functions with out parameter types + +Fixes errors like +error: a function declaration without a prototype is deprecated in all versions of C [-Werror,-Wstrict-prototypes] + +Upstream-Status: Submitted [https://patchwork.kernel.org/project/linux-nfs/patch/20220816024403.2694169-2-raj.khem@gmail.com/] +Signed-off-by: Khem Raj +--- + support/export/auth.c | 2 +- + support/export/v4root.c | 2 +- + support/export/xtab.c | 2 +- + utils/exportfs/exportfs.c | 4 ++-- + utils/mount/network.c | 2 +- + 5 files changed, 6 insertions(+), 6 deletions(-) + +diff --git a/support/export/auth.c b/support/export/auth.c +index 03ce4b8..2d7960f 100644 +--- a/support/export/auth.c ++++ b/support/export/auth.c +@@ -82,7 +82,7 @@ check_useipaddr(void) + } + + unsigned int +-auth_reload() ++auth_reload(void) + { + struct stat stb; + static ino_t last_inode; +diff --git a/support/export/v4root.c b/support/export/v4root.c +index c12a7d8..fbb0ad5 100644 +--- a/support/export/v4root.c ++++ b/support/export/v4root.c +@@ -198,7 +198,7 @@ static int v4root_add_parents(nfs_export *exp) + * looking for components of the v4 mount. + */ + void +-v4root_set() ++v4root_set(void) + { + nfs_export *exp; + int i; +diff --git a/support/export/xtab.c b/support/export/xtab.c +index c888a80..e210ca9 100644 +--- a/support/export/xtab.c ++++ b/support/export/xtab.c +@@ -135,7 +135,7 @@ xtab_write(char *xtab, char *xtabtmp, char *lockfn, int is_export) + } + + int +-xtab_export_write() ++xtab_export_write(void) + { + return xtab_write(etab.statefn, etab.tmpfn, etab.lockfn, 1); + } +diff --git a/utils/exportfs/exportfs.c b/utils/exportfs/exportfs.c +index 6ba615d..0897b22 100644 +--- a/utils/exportfs/exportfs.c ++++ b/utils/exportfs/exportfs.c +@@ -69,14 +69,14 @@ static int _lockfd = -1; + * need these additional lockfile() routines. + */ + static void +-grab_lockfile() ++grab_lockfile(void) + { + _lockfd = open(lockfile, O_CREAT|O_RDWR, 0666); + if (_lockfd != -1) + lockf(_lockfd, F_LOCK, 0); + } + static void +-release_lockfile() ++release_lockfile(void) + { + if (_lockfd != -1) { + lockf(_lockfd, F_ULOCK, 0); +diff --git a/utils/mount/network.c b/utils/mount/network.c +index ed2f825..01ead49 100644 +--- a/utils/mount/network.c ++++ b/utils/mount/network.c +@@ -179,7 +179,7 @@ static const unsigned long probe_mnt3_only[] = { + + static const unsigned int *nfs_default_proto(void); + #ifdef MOUNT_CONFIG +-static const unsigned int *nfs_default_proto() ++static const unsigned int *nfs_default_proto(void) + { + extern unsigned long config_default_proto; + /* diff --git a/poky/meta/recipes-connectivity/nfs-utils/nfs-utils_2.6.1.bb b/poky/meta/recipes-connectivity/nfs-utils/nfs-utils_2.6.1.bb deleted file mode 100644 index bbed5aea59..0000000000 --- a/poky/meta/recipes-connectivity/nfs-utils/nfs-utils_2.6.1.bb +++ /dev/null @@ -1,145 +0,0 @@ -SUMMARY = "userspace utilities for kernel nfs" -DESCRIPTION = "The nfs-utils package provides a daemon for the kernel \ -NFS server and related tools." -HOMEPAGE = "http://nfs.sourceforge.net/" -SECTION = "console/network" - -LICENSE = "MIT & GPL-2.0-or-later & BSD-3-Clause" -LIC_FILES_CHKSUM = "file://COPYING;md5=95f3a93a5c3c7888de623b46ea085a84" - -# util-linux for libblkid -DEPENDS = "libcap libevent util-linux sqlite3 libtirpc" -RDEPENDS:${PN} = "${PN}-client" -RRECOMMENDS:${PN} = "kernel-module-nfsd" - -inherit useradd - -USERADD_PACKAGES = "${PN}-client" -USERADD_PARAM:${PN}-client = "--system --home-dir /var/lib/nfs \ - --shell /bin/false --user-group rpcuser" - -SRC_URI = "${KERNELORG_MIRROR}/linux/utils/nfs-utils/${PV}/nfs-utils-${PV}.tar.xz \ - file://nfsserver \ - file://nfscommon \ - file://nfs-utils.conf \ - file://nfs-server.service \ - file://nfs-mountd.service \ - file://nfs-statd.service \ - file://proc-fs-nfsd.mount \ - file://nfs-utils-debianize-start-statd.patch \ - file://bugfix-adjust-statd-service-name.patch \ - file://0001-Makefile.am-fix-undefined-function-for-libnsm.a.patch \ - file://clang-warnings.patch \ - " -SRC_URI[sha256sum] = "60dfcd94a9f3d72a12bc7058d811787ec87a6d593d70da2123faf9aad3d7a1df" - -# Only kernel-module-nfsd is required here (but can be built-in) - the nfsd module will -# pull in the remainder of the dependencies. - -INITSCRIPT_PACKAGES = "${PN} ${PN}-client" -INITSCRIPT_NAME = "nfsserver" -INITSCRIPT_PARAMS = "defaults" -INITSCRIPT_NAME:${PN}-client = "nfscommon" -INITSCRIPT_PARAMS:${PN}-client = "defaults 19 21" - -inherit autotools-brokensep update-rc.d systemd pkgconfig - -SYSTEMD_PACKAGES = "${PN} ${PN}-client" -SYSTEMD_SERVICE:${PN} = "nfs-server.service nfs-mountd.service" -SYSTEMD_SERVICE:${PN}-client = "nfs-statd.service" - -# --enable-uuid is need for cross-compiling -EXTRA_OECONF = "--with-statduser=rpcuser \ - --enable-mountconfig \ - --enable-libmount-mount \ - --enable-uuid \ - --disable-gss \ - --disable-nfsdcltrack \ - --with-statdpath=/var/lib/nfs/statd \ - --with-rpcgen=${HOSTTOOLS_DIR}/rpcgen \ - " - -PACKAGECONFIG ??= "tcp-wrappers \ - ${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)} \ -" -PACKAGECONFIG:remove:libc-musl = "tcp-wrappers" -PACKAGECONFIG[tcp-wrappers] = "--with-tcp-wrappers,--without-tcp-wrappers,tcp-wrappers" -PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6," -# libdevmapper is available in meta-oe -PACKAGECONFIG[nfsv41] = "--enable-nfsv41,--disable-nfsv41,libdevmapper,libdevmapper" -# keyutils is available in meta-oe -PACKAGECONFIG[nfsv4] = "--enable-nfsv4,--disable-nfsv4,keyutils,python3-core" - -PACKAGES =+ "${PN}-client ${PN}-mount ${PN}-stats" - -CONFFILES:${PN}-client += "${localstatedir}/lib/nfs/etab \ - ${localstatedir}/lib/nfs/rmtab \ - ${localstatedir}/lib/nfs/xtab \ - ${localstatedir}/lib/nfs/statd/state \ - ${sysconfdir}/nfsmount.conf" - -FILES:${PN}-client = "${sbindir}/*statd \ - ${sbindir}/rpc.idmapd ${sbindir}/sm-notify \ - ${sbindir}/showmount ${sbindir}/nfsstat \ - ${localstatedir}/lib/nfs \ - ${sysconfdir}/nfs-utils.conf \ - ${sysconfdir}/nfsmount.conf \ - ${sysconfdir}/init.d/nfscommon \ - ${systemd_system_unitdir}/nfs-statd.service" -RDEPENDS:${PN}-client = "${PN}-mount rpcbind" - -FILES:${PN}-mount = "${base_sbindir}/*mount.nfs*" - -FILES:${PN}-stats = "${sbindir}/mountstats ${sbindir}/nfsiostat ${sbindir}/nfsdclnts" -RDEPENDS:${PN}-stats = "python3-core" - -FILES:${PN}-staticdev += "${libdir}/libnfsidmap/*.a" - -FILES:${PN} += "${systemd_unitdir} ${libdir}/libnfsidmap/" - -do_configure:prepend() { - sed -i -e 's,sbindir = /sbin,sbindir = ${base_sbindir},g' \ - ${S}/utils/mount/Makefile.am -} - -# Make clean needed because the package comes with -# precompiled 64-bit objects that break the build -do_compile:prepend() { - make clean -} - -# Works on systemd only -HIGH_RLIMIT_NOFILE ??= "4096" - -do_install:append () { - install -d ${D}${sysconfdir}/init.d - install -m 0755 ${WORKDIR}/nfsserver ${D}${sysconfdir}/init.d/nfsserver - install -m 0755 ${WORKDIR}/nfscommon ${D}${sysconfdir}/init.d/nfscommon - - install -m 0755 ${WORKDIR}/nfs-utils.conf ${D}${sysconfdir} - install -m 0755 ${S}/utils/mount/nfsmount.conf ${D}${sysconfdir} - - install -d ${D}${systemd_system_unitdir} - install -m 0644 ${WORKDIR}/nfs-server.service ${D}${systemd_system_unitdir}/ - install -m 0644 ${WORKDIR}/nfs-mountd.service ${D}${systemd_system_unitdir}/ - install -m 0644 ${WORKDIR}/nfs-statd.service ${D}${systemd_system_unitdir}/ - sed -i -e 's,@SBINDIR@,${sbindir},g' \ - -e 's,@SYSCONFDIR@,${sysconfdir},g' \ - -e 's,@HIGH_RLIMIT_NOFILE@,${HIGH_RLIMIT_NOFILE},g' \ - ${D}${systemd_system_unitdir}/*.service - if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then - install -m 0644 ${WORKDIR}/proc-fs-nfsd.mount ${D}${systemd_system_unitdir}/ - install -d ${D}${systemd_system_unitdir}/sysinit.target.wants/ - ln -sf ../proc-fs-nfsd.mount ${D}${systemd_system_unitdir}/sysinit.target.wants/proc-fs-nfsd.mount - fi - - # kernel code as of 3.8 hard-codes this path as a default - install -d ${D}/var/lib/nfs/v4recovery - - # chown the directories and files - chown -R rpcuser:rpcuser ${D}${localstatedir}/lib/nfs/statd - chmod 0644 ${D}${localstatedir}/lib/nfs/statd/state - - # Make python tools use python 3 - sed -i -e '1s,#!.*python.*,#!${bindir}/python3,' ${D}${sbindir}/mountstats ${D}${sbindir}/nfsiostat -} diff --git a/poky/meta/recipes-connectivity/nfs-utils/nfs-utils_2.6.2.bb b/poky/meta/recipes-connectivity/nfs-utils/nfs-utils_2.6.2.bb new file mode 100644 index 0000000000..4b5c28c27b --- /dev/null +++ b/poky/meta/recipes-connectivity/nfs-utils/nfs-utils_2.6.2.bb @@ -0,0 +1,150 @@ +SUMMARY = "userspace utilities for kernel nfs" +DESCRIPTION = "The nfs-utils package provides a daemon for the kernel \ +NFS server and related tools." +HOMEPAGE = "http://nfs.sourceforge.net/" +SECTION = "console/network" + +LICENSE = "MIT & GPL-2.0-or-later & BSD-3-Clause" +LIC_FILES_CHKSUM = "file://COPYING;md5=95f3a93a5c3c7888de623b46ea085a84" + +# util-linux for libblkid +DEPENDS = "libcap libevent util-linux sqlite3 libtirpc" +RDEPENDS:${PN} = "${PN}-client" +RRECOMMENDS:${PN} = "kernel-module-nfsd" + +inherit useradd + +USERADD_PACKAGES = "${PN}-client" +USERADD_PARAM:${PN}-client = "--system --home-dir /var/lib/nfs \ + --shell /bin/false --user-group rpcuser" + +SRC_URI = "${KERNELORG_MIRROR}/linux/utils/nfs-utils/${PV}/nfs-utils-${PV}.tar.xz \ + file://nfsserver \ + file://nfscommon \ + file://nfs-utils.conf \ + file://nfs-server.service \ + file://nfs-mountd.service \ + file://nfs-statd.service \ + file://proc-fs-nfsd.mount \ + file://nfs-utils-debianize-start-statd.patch \ + file://bugfix-adjust-statd-service-name.patch \ + file://0001-Makefile.am-fix-undefined-function-for-libnsm.a.patch \ + file://clang-warnings.patch \ + file://0005-mountd-Check-for-return-of-stat-function.patch \ + file://0006-Fix-function-prototypes.patch \ + " +SRC_URI[sha256sum] = "5200873e81c4d610e2462fc262fe18135f2dbe78b7979f95accd159ae64d5011" + +# Only kernel-module-nfsd is required here (but can be built-in) - the nfsd module will +# pull in the remainder of the dependencies. + +INITSCRIPT_PACKAGES = "${PN} ${PN}-client" +INITSCRIPT_NAME = "nfsserver" +INITSCRIPT_PARAMS = "defaults" +INITSCRIPT_NAME:${PN}-client = "nfscommon" +INITSCRIPT_PARAMS:${PN}-client = "defaults 19 21" + +inherit autotools-brokensep update-rc.d systemd pkgconfig + +SYSTEMD_PACKAGES = "${PN} ${PN}-client" +SYSTEMD_SERVICE:${PN} = "nfs-server.service nfs-mountd.service" +SYSTEMD_SERVICE:${PN}-client = "nfs-statd.service" + +# --enable-uuid is need for cross-compiling +EXTRA_OECONF = "--with-statduser=rpcuser \ + --enable-mountconfig \ + --enable-libmount-mount \ + --enable-uuid \ + --disable-gss \ + --disable-nfsdcltrack \ + --with-statdpath=/var/lib/nfs/statd \ + --with-rpcgen=${HOSTTOOLS_DIR}/rpcgen \ + " + +PACKAGECONFIG ??= "tcp-wrappers \ + ${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)} \ +" +PACKAGECONFIG:remove:libc-musl = "tcp-wrappers" +PACKAGECONFIG[tcp-wrappers] = "--with-tcp-wrappers,--without-tcp-wrappers,tcp-wrappers" +PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6," +# libdevmapper is available in meta-oe +PACKAGECONFIG[nfsv41] = "--enable-nfsv41,--disable-nfsv41,libdevmapper,libdevmapper" +# keyutils is available in meta-oe +PACKAGECONFIG[nfsv4] = "--enable-nfsv4,--disable-nfsv4,keyutils,python3-core" + +PACKAGES =+ "${PN}-client ${PN}-mount ${PN}-stats ${PN}-rpcctl" + +CONFFILES:${PN}-client += "${localstatedir}/lib/nfs/etab \ + ${localstatedir}/lib/nfs/rmtab \ + ${localstatedir}/lib/nfs/xtab \ + ${localstatedir}/lib/nfs/statd/state \ + ${sysconfdir}/nfsmount.conf" + +FILES:${PN}-client = "${sbindir}/*statd \ + ${sbindir}/rpc.idmapd ${sbindir}/sm-notify \ + ${sbindir}/showmount ${sbindir}/nfsstat \ + ${localstatedir}/lib/nfs \ + ${sysconfdir}/nfs-utils.conf \ + ${sysconfdir}/nfsmount.conf \ + ${sysconfdir}/init.d/nfscommon \ + ${systemd_system_unitdir}/nfs-statd.service" +RDEPENDS:${PN}-client = "${PN}-mount rpcbind" + +FILES:${PN}-mount = "${base_sbindir}/*mount.nfs*" + +FILES:${PN}-stats = "${sbindir}/mountstats ${sbindir}/nfsiostat ${sbindir}/nfsdclnts" +RDEPENDS:${PN}-stats = "python3-core" + +FILES:${PN}-rpcctl = "${sbindir}/rpcctl" +RDEPENDS:${PN}-rpcctl = "python3-core" + +FILES:${PN}-staticdev += "${libdir}/libnfsidmap/*.a" + +FILES:${PN} += "${systemd_unitdir} ${libdir}/libnfsidmap/ ${nonarch_libdir}/modprobe.d" + +do_configure:prepend() { + sed -i -e 's,sbindir = /sbin,sbindir = ${base_sbindir},g' \ + ${S}/utils/mount/Makefile.am +} + +# Make clean needed because the package comes with +# precompiled 64-bit objects that break the build +do_compile:prepend() { + make clean +} + +# Works on systemd only +HIGH_RLIMIT_NOFILE ??= "4096" + +do_install:append () { + install -d ${D}${sysconfdir}/init.d + install -m 0755 ${WORKDIR}/nfsserver ${D}${sysconfdir}/init.d/nfsserver + install -m 0755 ${WORKDIR}/nfscommon ${D}${sysconfdir}/init.d/nfscommon + + install -m 0755 ${WORKDIR}/nfs-utils.conf ${D}${sysconfdir} + install -m 0755 ${S}/utils/mount/nfsmount.conf ${D}${sysconfdir} + + install -d ${D}${systemd_system_unitdir} + install -m 0644 ${WORKDIR}/nfs-server.service ${D}${systemd_system_unitdir}/ + install -m 0644 ${WORKDIR}/nfs-mountd.service ${D}${systemd_system_unitdir}/ + install -m 0644 ${WORKDIR}/nfs-statd.service ${D}${systemd_system_unitdir}/ + sed -i -e 's,@SBINDIR@,${sbindir},g' \ + -e 's,@SYSCONFDIR@,${sysconfdir},g' \ + -e 's,@HIGH_RLIMIT_NOFILE@,${HIGH_RLIMIT_NOFILE},g' \ + ${D}${systemd_system_unitdir}/*.service + if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then + install -m 0644 ${WORKDIR}/proc-fs-nfsd.mount ${D}${systemd_system_unitdir}/ + install -d ${D}${systemd_system_unitdir}/sysinit.target.wants/ + ln -sf ../proc-fs-nfsd.mount ${D}${systemd_system_unitdir}/sysinit.target.wants/proc-fs-nfsd.mount + fi + + # kernel code as of 3.8 hard-codes this path as a default + install -d ${D}/var/lib/nfs/v4recovery + + # chown the directories and files + chown -R rpcuser:rpcuser ${D}${localstatedir}/lib/nfs/statd + chmod 0644 ${D}${localstatedir}/lib/nfs/statd/state + + # Make python tools use python 3 + sed -i -e '1s,#!.*python.*,#!${bindir}/python3,' ${D}${sbindir}/mountstats ${D}${sbindir}/nfsiostat +} diff --git a/poky/meta/recipes-connectivity/openssh/openssh/ssh_config b/poky/meta/recipes-connectivity/openssh/openssh/ssh_config index e0d023803e..ca70f37375 100644 --- a/poky/meta/recipes-connectivity/openssh/openssh/ssh_config +++ b/poky/meta/recipes-connectivity/openssh/openssh/ssh_config @@ -1,4 +1,4 @@ -# $OpenBSD: ssh_config,v 1.33 2017/05/07 23:12:57 djm Exp $ +# $OpenBSD: ssh_config,v 1.35 2020/07/17 03:43:42 dtucker Exp $ # This is the ssh client system-wide configuration file. See # ssh_config(5) for more information. This file provides defaults for @@ -17,6 +17,8 @@ # list of available options, their meanings and defaults, please see the # ssh_config(5) man page. +Include /etc/ssh/ssh_config.d/*.conf + Host * ForwardAgent yes ForwardX11 yes @@ -36,7 +38,6 @@ Host * # IdentityFile ~/.ssh/id_ecdsa # IdentityFile ~/.ssh/id_ed25519 # Port 22 -# Protocol 2 # Ciphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc # MACs hmac-md5,hmac-sha1,umac-64@openssh.com # EscapeChar ~ @@ -46,3 +47,4 @@ Host * # VisualHostKey no # ProxyCommand ssh -q -W %h:%p gateway.example.com # RekeyLimit 1G 1h +# UserKnownHostsFile ~/.ssh/known_hosts.d/%k diff --git a/poky/meta/recipes-connectivity/openssh/openssh/sshd_config b/poky/meta/recipes-connectivity/openssh/openssh/sshd_config index 15f061b570..e9eaf93157 100644 --- a/poky/meta/recipes-connectivity/openssh/openssh/sshd_config +++ b/poky/meta/recipes-connectivity/openssh/openssh/sshd_config @@ -1,4 +1,4 @@ -# $OpenBSD: sshd_config,v 1.102 2018/02/16 02:32:40 djm Exp $ +# $OpenBSD: sshd_config,v 1.104 2021/07/02 05:11:21 dtucker Exp $ # This is the sshd server system-wide configuration file. See # sshd_config(5) for more information. @@ -10,6 +10,8 @@ # possible, but leave them commented. Uncommented options override the # default value. +Include /etc/ssh/sshd_config.d/*.conf + #Port 22 #AddressFamily any #ListenAddress 0.0.0.0 @@ -57,9 +59,9 @@ AuthorizedKeysFile .ssh/authorized_keys #PasswordAuthentication yes #PermitEmptyPasswords no -# Change to yes to enable challenge-response passwords (beware issues with -# some PAM modules and threads) -ChallengeResponseAuthentication no +# Change to yes to enable keyboard-interactive authentication (beware issues +# with some PAM modules and threads) +KbdInteractiveAuthentication no # Kerberos options #KerberosAuthentication no @@ -73,13 +75,13 @@ ChallengeResponseAuthentication no # Set this to 'yes' to enable PAM authentication, account processing, # and session processing. If this is enabled, PAM authentication will -# be allowed through the ChallengeResponseAuthentication and +# be allowed through the KbdInteractiveAuthentication and # PasswordAuthentication. Depending on your PAM configuration, -# PAM authentication via ChallengeResponseAuthentication may bypass +# PAM authentication via KbdInteractiveAuthentication may bypass # the setting of "PermitRootLogin without-password". # If you just want the PAM account and session checks to run without # PAM authentication, then enable this but set PasswordAuthentication -# and ChallengeResponseAuthentication to 'no'. +# and KbdInteractiveAuthentication to 'no'. #UsePAM no #AllowAgentForwarding yes @@ -92,7 +94,6 @@ ChallengeResponseAuthentication no #PrintMotd yes #PrintLastLog yes #TCPKeepAlive yes -#UseLogin no #PermitUserEnvironment no Compression no ClientAliveInterval 15 -- cgit v1.2.3