On 2019年07月26日 10:46, Bruce Ashfield wrote:
On Thu, Jul 25, 2019 at 10:28 PM Yu, Mingli <mingli...@windriver.com <mailto:mingli...@windriver.com>> wrote: On 2019年07月25日 21:45, Bruce Ashfield wrote: > On Thu, Jul 25, 2019 at 3:06 AM <mingli...@windriver.com <mailto:mingli...@windriver.com>> wrote: >> >> From: Mingli Yu <mingli...@windriver.com <mailto:mingli...@windriver.com>> > > Can you share some details as to why this should be pulled from > meta-security into a different repo ? Considering there is also some security related recipe under meta-oe/recipes-security/, I think it's not strange to add a new one libseccomp and libseccomp also provides a basic common filtering mechanism. .. but it is literally churn for the sake of churn. Meaning, that isn't a great reason to move something. If Armin wanted to put the recipe in meta-oe, he would have done it himself.
^_^, I noticed Armin did try to do this in this thread "[oe] [meta-oe][PATCH 1/2] libseccomp: move lib from meta-security to meta-oe" in Jun 1, 2018.
Meanwhile, the below yocto compliance check error disappears once we move libseccomp from meta-security to meta-oe. ERROR: Nothing PROVIDES 'libseccomp' (but /buildarea/layers/meta-virtualization/recipes-containers/cri-o/cri-o_git.bb <http://cri-o_git.bb> DEPENDS on or otherwise requires it). Close matches: libcomps ERROR: Required build target 'meta-world-pkgdata' has no buildable providers. Missing or unbuildable dependency chain was: ['meta-world-pkgdata', 'cri-o', 'libseccomp'] Also not a valid reason. We've just fixed meta-virtualization, so there's no need to shuffle something like this around, just to keep another layers compliance check working. Bruce Thanks, > > It seems to fit the mandate of meta-security quite nicely ;) > > Is there some sort of dependency issue, or other technical problem > that is causing a problem ? > > Bruce > >> >> Signed-off-by: Mingli Yu <mingli...@windriver.com <mailto:mingli...@windriver.com>> >> --- >> .../recipes-security/libseccomp/files/run-ptest | 4 +++ >> .../libseccomp/libseccomp_2.4.1.bb <http://libseccomp_2.4.1.bb> | 41 ++++++++++++++++++++++ >> 2 files changed, 45 insertions(+) >> create mode 100644 meta-oe/recipes-security/libseccomp/files/run-ptest >> create mode 100644 meta-oe/recipes-security/libseccomp/libseccomp_2.4.1.bb <http://libseccomp_2.4.1.bb> >> >> diff --git a/meta-oe/recipes-security/libseccomp/files/run-ptest b/meta-oe/recipes-security/libseccomp/files/run-ptest >> new file mode 100644 >> index 0000000..54b4a63 >> --- /dev/null >> +++ b/meta-oe/recipes-security/libseccomp/files/run-ptest >> @@ -0,0 +1,4 @@ >> +#!/bin/sh >> + >> +cd tests >> +./regression -a >> diff --git a/meta-oe/recipes-security/libseccomp/libseccomp_2.4.1.bb <http://libseccomp_2.4.1.bb> b/meta-oe/recipes-security/libseccomp/libseccomp_2.4.1.bb <http://libseccomp_2.4.1.bb> >> new file mode 100644 >> index 0000000..dba1be5 >> --- /dev/null >> +++ b/meta-oe/recipes-security/libseccomp/libseccomp_2.4.1.bb <http://libseccomp_2.4.1.bb> >> @@ -0,0 +1,41 @@ >> +SUMMARY = "interface to seccomp filtering mechanism" >> +DESCRIPTION = "The libseccomp library provides and easy to use, platform independent,interface to the Linux Kernel's syscall filtering mechanism: seccomp." >> +SECTION = "security" >> +LICENSE = "LGPL-2.1" >> +LIC_FILES_CHKSUM = "file://LICENSE;beginline=0;endline=1;md5=8eac08d22113880357ceb8e7c37f989f" >> + >> +SRCREV = "fb43972ea1aab24f2a70193fb7445c2674f594e3" >> + >> +SRC_URI = "git://github.com/seccomp/libseccomp.git;branch=release-2.4 <http://github.com/seccomp/libseccomp.git;branch=release-2.4> \ >> + file://run-ptest \ >> +" >> + >> +S = "${WORKDIR}/git" >> + >> +inherit autotools-brokensep pkgconfig ptest >> + >> +PACKAGECONFIG ??= "" >> +PACKAGECONFIG[python] = "--enable-python, --disable-python, python" >> + >> +do_compile_ptest() { >> + oe_runmake -C tests check-build >> +} >> + >> +do_install_ptest() { >> + install -d ${D}${PTEST_PATH}/tests >> + install -d ${D}${PTEST_PATH}/tools >> + for file in $(find tests/* -executable -type f); do >> + install -m 744 ${S}/${file} ${D}/${PTEST_PATH}/tests >> + done >> + for file in $(find tests/*.tests -type f); do >> + install -m 744 ${S}/${file} ${D}/${PTEST_PATH}/tests >> + done >> + for file in $(find tools/* -executable -type f); do >> + install -m 744 ${S}/${file} ${D}/${PTEST_PATH}/tools >> + done >> +} >> + >> +FILES_${PN} = "${bindir} ${libdir}/${BPN}.so*" >> +FILES_${PN}-dbg += "${libdir}/${PN}/tests/.debug/* ${libdir}/${PN}/tools/.debug" >> + >> +RDEPENDS_${PN}-ptest = "bash" >> -- >> 2.7.4 >> >> -- >> _______________________________________________ >> Openembedded-devel mailing list >> Openembedded-devel@lists.openembedded.org <mailto:Openembedded-devel@lists.openembedded.org> >> http://lists.openembedded.org/mailman/listinfo/openembedded-devel > > > -- - Thou shalt not follow the NULL pointer, for chaos and madness await thee at its end - "Use the force Harry" - Gandalf, Star Trek II
-- _______________________________________________ Openembedded-devel mailing list Openembedded-devel@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-devel