On 2019年07月26日 10:46, Bruce Ashfield wrote:
On Thu, Jul 25, 2019 at 10:28 PM Yu, Mingli <mingli...@windriver.com
<mailto:mingli...@windriver.com>> wrote:
On 2019年07月25日 21:45, Bruce Ashfield wrote:
> On Thu, Jul 25, 2019 at 3:06 AM <mingli...@windriver.com
<mailto:mingli...@windriver.com>> wrote:
>>
>> From: Mingli Yu <mingli...@windriver.com
<mailto:mingli...@windriver.com>>
>
> Can you share some details as to why this should be pulled from
> meta-security into a different repo ?
Considering there is also some security related recipe under
meta-oe/recipes-security/, I think it's not strange to add a new one
libseccomp and libseccomp also provides a basic common filtering
mechanism.
.. but it is literally churn for the sake of churn.
Meaning, that isn't a great reason to move something. If Armin wanted to
put the recipe in meta-oe, he would have done it himself.
^_^, I noticed Armin did try to do this in this thread "[oe]
[meta-oe][PATCH 1/2] libseccomp: move lib from meta-security to meta-oe"
in Jun 1, 2018.
Meanwhile, the below yocto compliance check error disappears once we
move libseccomp from meta-security to meta-oe.
ERROR: Nothing PROVIDES 'libseccomp' (but
/buildarea/layers/meta-virtualization/recipes-containers/cri-o/cri-o_git.bb
<http://cri-o_git.bb>
DEPENDS on or otherwise requires it).
Close matches:
libcomps
ERROR: Required build target 'meta-world-pkgdata' has no buildable
providers.
Missing or unbuildable dependency chain was: ['meta-world-pkgdata',
'cri-o', 'libseccomp']
Also not a valid reason. We've just fixed meta-virtualization, so
there's no need to shuffle something like this around, just to keep
another layers compliance check working.
Bruce
Thanks,
>
> It seems to fit the mandate of meta-security quite nicely ;)
>
> Is there some sort of dependency issue, or other technical problem
> that is causing a problem ?
>
> Bruce
>
>>
>> Signed-off-by: Mingli Yu <mingli...@windriver.com
<mailto:mingli...@windriver.com>>
>> ---
>> .../recipes-security/libseccomp/files/run-ptest | 4 +++
>> .../libseccomp/libseccomp_2.4.1.bb
<http://libseccomp_2.4.1.bb> | 41 ++++++++++++++++++++++
>> 2 files changed, 45 insertions(+)
>> create mode 100644
meta-oe/recipes-security/libseccomp/files/run-ptest
>> create mode 100644
meta-oe/recipes-security/libseccomp/libseccomp_2.4.1.bb
<http://libseccomp_2.4.1.bb>
>>
>> diff --git a/meta-oe/recipes-security/libseccomp/files/run-ptest
b/meta-oe/recipes-security/libseccomp/files/run-ptest
>> new file mode 100644
>> index 0000000..54b4a63
>> --- /dev/null
>> +++ b/meta-oe/recipes-security/libseccomp/files/run-ptest
>> @@ -0,0 +1,4 @@
>> +#!/bin/sh
>> +
>> +cd tests
>> +./regression -a
>> diff --git
a/meta-oe/recipes-security/libseccomp/libseccomp_2.4.1.bb
<http://libseccomp_2.4.1.bb>
b/meta-oe/recipes-security/libseccomp/libseccomp_2.4.1.bb
<http://libseccomp_2.4.1.bb>
>> new file mode 100644
>> index 0000000..dba1be5
>> --- /dev/null
>> +++ b/meta-oe/recipes-security/libseccomp/libseccomp_2.4.1.bb
<http://libseccomp_2.4.1.bb>
>> @@ -0,0 +1,41 @@
>> +SUMMARY = "interface to seccomp filtering mechanism"
>> +DESCRIPTION = "The libseccomp library provides and easy to use,
platform independent,interface to the Linux Kernel's syscall
filtering mechanism: seccomp."
>> +SECTION = "security"
>> +LICENSE = "LGPL-2.1"
>> +LIC_FILES_CHKSUM =
"file://LICENSE;beginline=0;endline=1;md5=8eac08d22113880357ceb8e7c37f989f"
>> +
>> +SRCREV = "fb43972ea1aab24f2a70193fb7445c2674f594e3"
>> +
>> +SRC_URI =
"git://github.com/seccomp/libseccomp.git;branch=release-2.4
<http://github.com/seccomp/libseccomp.git;branch=release-2.4> \
>> + file://run-ptest \
>> +"
>> +
>> +S = "${WORKDIR}/git"
>> +
>> +inherit autotools-brokensep pkgconfig ptest
>> +
>> +PACKAGECONFIG ??= ""
>> +PACKAGECONFIG[python] = "--enable-python, --disable-python, python"
>> +
>> +do_compile_ptest() {
>> + oe_runmake -C tests check-build
>> +}
>> +
>> +do_install_ptest() {
>> + install -d ${D}${PTEST_PATH}/tests
>> + install -d ${D}${PTEST_PATH}/tools
>> + for file in $(find tests/* -executable -type f); do
>> + install -m 744 ${S}/${file} ${D}/${PTEST_PATH}/tests
>> + done
>> + for file in $(find tests/*.tests -type f); do
>> + install -m 744 ${S}/${file} ${D}/${PTEST_PATH}/tests
>> + done
>> + for file in $(find tools/* -executable -type f); do
>> + install -m 744 ${S}/${file} ${D}/${PTEST_PATH}/tools
>> + done
>> +}
>> +
>> +FILES_${PN} = "${bindir} ${libdir}/${BPN}.so*"
>> +FILES_${PN}-dbg += "${libdir}/${PN}/tests/.debug/*
${libdir}/${PN}/tools/.debug"
>> +
>> +RDEPENDS_${PN}-ptest = "bash"
>> --
>> 2.7.4
>>
>> --
>> _______________________________________________
>> Openembedded-devel mailing list
>> Openembedded-devel@lists.openembedded.org
<mailto:Openembedded-devel@lists.openembedded.org>
>> http://lists.openembedded.org/mailman/listinfo/openembedded-devel
>
>
>
--
- Thou shalt not follow the NULL pointer, for chaos and madness await
thee at its end
- "Use the force Harry" - Gandalf, Star Trek II
--
_______________________________________________
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel
