Re: [OE-core] [PATCH 12/21] libpam: update 1.5.2 -> 1.5.3
fails on musl/arm64 https://errors.yoctoproject.org/Errors/Details/711268/ On Sun, Jun 25, 2023 at 2:23 PM Alexander Kanavin wrote: > > Signed-off-by: Alexander Kanavin > --- > ...rely-on-all-filesystems-providing-a-.patch | 108 - > ...-xtests.sh-check-whether-files-exist.patch | 65 -- > .../pam/libpam/CVE-2022-28321-0002.patch | 205 -- > .../pam/{libpam_1.5.2.bb => libpam_1.5.3.bb} | 5 +- > 4 files changed, 1 insertion(+), 382 deletions(-) > delete mode 100644 > meta/recipes-extended/pam/libpam/0001-pam_motd-do-not-rely-on-all-filesystems-providing-a-.patch > delete mode 100644 > meta/recipes-extended/pam/libpam/0001-run-xtests.sh-check-whether-files-exist.patch > delete mode 100644 meta/recipes-extended/pam/libpam/CVE-2022-28321-0002.patch > rename meta/recipes-extended/pam/{libpam_1.5.2.bb => libpam_1.5.3.bb} (95%) > > diff --git > a/meta/recipes-extended/pam/libpam/0001-pam_motd-do-not-rely-on-all-filesystems-providing-a-.patch > > b/meta/recipes-extended/pam/libpam/0001-pam_motd-do-not-rely-on-all-filesystems-providing-a-.patch > deleted file mode 100644 > index 94dcb04f0aa..000 > --- > a/meta/recipes-extended/pam/libpam/0001-pam_motd-do-not-rely-on-all-filesystems-providing-a-.patch > +++ /dev/null > @@ -1,108 +0,0 @@ > -From 42404548721c653317c911c83d885e2fc7fbca70 Mon Sep 17 00:00:00 2001 > -From: Per Jessen > -Date: Fri, 22 Apr 2022 18:15:36 +0200 > -Subject: [PATCH] pam_motd: do not rely on all filesystems providing a > filetype > - > -When using scandir() to look for MOTD files to display, we wrongly > -relied on all filesystems providing a filetype. This is a fix to divert > -to lstat() when we have no filetype. To maintain MT safety, it isn't > -possible to use lstat() in the scandir() filter function, so all of the > -filtering has been moved to an additional loop after scanning all the > -motd dirs. > -Also, remove superfluous alphasort from scandir(), we are doing > -a qsort() later. > - > -Resolves: https://github.com/linux-pam/linux-pam/issues/455 > - > -Upstream-Status: Backport > [https://github.com/linux-pam/linux-pam/commit/42404548721c653317c911c83d885e2fc7fbca70] > - > -Signed-off-by: Per Jessen > -Signed-off-by: Zhixiong Chi > > - modules/pam_motd/pam_motd.c | 49 ++--- > - 1 file changed, 40 insertions(+), 9 deletions(-) > - > -diff --git a/modules/pam_motd/pam_motd.c b/modules/pam_motd/pam_motd.c > -index 6ac8cba2..5ca486e4 100644 > a/modules/pam_motd/pam_motd.c > -+++ b/modules/pam_motd/pam_motd.c > -@@ -166,11 +166,6 @@ static int compare_strings(const void *a, const void *b) > - } > - } > - > --static int filter_dirents(const struct dirent *d) > --{ > --return (d->d_type == DT_REG || d->d_type == DT_LNK); > --} > -- > - static void try_to_display_directories_with_overrides(pam_handle_t *pamh, > - char **motd_dir_path_split, unsigned int num_motd_dirs, int > report_missing) > - { > -@@ -199,8 +194,7 @@ static void > try_to_display_directories_with_overrides(pam_handle_t *pamh, > - > - for (i = 0; i < num_motd_dirs; i++) { > - int rv; > -- rv = scandir(motd_dir_path_split[i], &(dirscans[i]), > -- filter_dirents, alphasort); > -+ rv = scandir(motd_dir_path_split[i], &(dirscans[i]), NULL, NULL); > - if (rv < 0) { > - if (errno != ENOENT || report_missing) { > - pam_syslog(pamh, LOG_ERR, "error scanning directory %s: %m", > -@@ -215,6 +209,41 @@ static void > try_to_display_directories_with_overrides(pam_handle_t *pamh, > - if (dirscans_size_total == 0) > - goto out; > - > -+/* filter out unwanted names, directories, and complement data with > lstat() */ > -+for (i = 0; i < num_motd_dirs; i++) { > -+ struct dirent **d = dirscans[i]; > -+ for (unsigned int j = 0; j < dirscans_sizes[i]; j++) { > -+ int rc; > -+ char *fullpath; > -+ struct stat s; > -+ > -+ switch(d[j]->d_type) {/* the filetype determines how to > proceed */ > -+ case DT_REG: /* regular files and */ > -+ case DT_LNK: /* symlinks */ > -+ continue; /* are good. */ > -+ case DT_UNKNOWN: /* for file systems that do not provide */ > -+ /* a filetype, we use lstat() */ > -+ if (join_dir_strings(, motd_dir_path_split[i], > -+ d[j]->d_name) <= 0) > -+ break; > -+ rc = lstat(fullpath, ); > -+ _pam_drop(fullpath); /* free the memory alloc'ed by > join_dir_strings */ > -+ if (rc != 0) /* if the lstat() somehow failed */ > -+ break; > -+ > -+ if (S_ISREG(s.st_mode) || /* regular files and */ > -+ S_ISLNK(s.st_mode)) continue; /* symlinks are good */ > -+
Re: [OE-core] [PATCH] kernel-module-split add systemd modulesloaddir and modprobedir config
Hi, Forgot the colon in "kernel-module-split:" is it necessary to send a v2 for this? Jose Jose Quaresma escreveu no dia sexta, 30/06/2023 à(s) 16:49: > Signed-off-by: Jose Quaresma > --- > meta/classes-recipe/kernel-module-split.bbclass | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > > diff --git a/meta/classes-recipe/kernel-module-split.bbclass > b/meta/classes-recipe/kernel-module-split.bbclass > index 0e4f9a6ec3..c1208d55e0 100644 > --- a/meta/classes-recipe/kernel-module-split.bbclass > +++ b/meta/classes-recipe/kernel-module-split.bbclass > @@ -30,8 +30,8 @@ fi > > PACKAGE_WRITE_DEPS += "kmod-native depmodwrapper-cross" > > -modulesloaddir ??= "${sysconfdir}/modules-load.d" > -modprobedir ??= "${sysconfdir}/modprobe.d" > +modulesloaddir ??= "${@bb.utils.contains('DISTRO_FEATURES', 'systemd', > '${nonarch_libdir}', '${sysconfdir}', d)}/modules-load.d" > +modprobedir ??= "${@bb.utils.contains('DISTRO_FEATURES', 'systemd', > '${nonarch_base_libdir}', '${sysconfdir}', d)}/modprobe.d" > > KERNEL_SPLIT_MODULES ?= "1" > PACKAGESPLITFUNCS =+ "split_kernel_module_packages" > -- > 2.34.1 > > -- Best regards, José Quaresma -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#183705): https://lists.openembedded.org/g/openembedded-core/message/183705 Mute This Topic: https://lists.openembedded.org/mt/99875687/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH] kernel-module-split add systemd modulesloaddir and modprobedir config
Signed-off-by: Jose Quaresma --- meta/classes-recipe/kernel-module-split.bbclass | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/meta/classes-recipe/kernel-module-split.bbclass b/meta/classes-recipe/kernel-module-split.bbclass index 0e4f9a6ec3..c1208d55e0 100644 --- a/meta/classes-recipe/kernel-module-split.bbclass +++ b/meta/classes-recipe/kernel-module-split.bbclass @@ -30,8 +30,8 @@ fi PACKAGE_WRITE_DEPS += "kmod-native depmodwrapper-cross" -modulesloaddir ??= "${sysconfdir}/modules-load.d" -modprobedir ??= "${sysconfdir}/modprobe.d" +modulesloaddir ??= "${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '${nonarch_libdir}', '${sysconfdir}', d)}/modules-load.d" +modprobedir ??= "${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '${nonarch_base_libdir}', '${sysconfdir}', d)}/modprobe.d" KERNEL_SPLIT_MODULES ?= "1" PACKAGESPLITFUNCS =+ "split_kernel_module_packages" -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#183704): https://lists.openembedded.org/g/openembedded-core/message/183704 Mute This Topic: https://lists.openembedded.org/mt/99875687/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH] libssh2: disable rpath to fix curl-native build
When curl is built with PACKAGECONFIG:append = " libssh2", the build fails with the error: gcc: error: unrecognized command-line option '-R' It was trying to set the rpath for libssh2. Signed-off-by: Sudip Mukherjee --- meta/recipes-support/libssh2/libssh2_1.11.0.bb | 1 + 1 file changed, 1 insertion(+) diff --git a/meta/recipes-support/libssh2/libssh2_1.11.0.bb b/meta/recipes-support/libssh2/libssh2_1.11.0.bb index 711bf937f5..edc25db1b1 100644 --- a/meta/recipes-support/libssh2/libssh2_1.11.0.bb +++ b/meta/recipes-support/libssh2/libssh2_1.11.0.bb @@ -18,6 +18,7 @@ inherit autotools pkgconfig ptest EXTRA_OECONF += "\ --with-libz \ --with-libz-prefix=${STAGING_LIBDIR} \ + --disable-rpath \ " DISABLE_STATIC = "" -- 2.30.2 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#183703): https://lists.openembedded.org/g/openembedded-core/message/183703 Mute This Topic: https://lists.openembedded.org/mt/99875373/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [mickledore][PATCH 2/2] rootfs-postcommands.bbclass: add post func remove_unused_dnf_log_lock
On Fri, Jun 30, 2023 at 4:57 AM Richard Purdie wrote: > > On Fri, 2023-06-30 at 04:21 -1000, Steve Sakoman wrote: > > Is this also a problem in master, or is it mickledore specific? > > The same patches have been proposed for master with an "instant" > backport requested. I really don't like this model of development as I > have my doubts about how extensively they've been tested in one or the > other. I typically don't do "instant" backports. If a patch is proposed for both master and a stable branch I wait till it is accepted into master. Then I give it a week or two before backporting to see if any issues develop in master -- if I remember in the midst of all the other patch wrangling for multiple stable branches! I much prefer that people submit to master first, then when it is accepted send a backport patch for the appropriate stable branches. Sending all the branches at once just increases the risk that the backports get forgotten! Steve > I'm also not convinced the patches explain the issue properly or why > things should be fixed as proposed. I think at the very least the > commit messages need to better explain the issues. > > Cheers, > > Richard -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#183702): https://lists.openembedded.org/g/openembedded-core/message/183702 Mute This Topic: https://lists.openembedded.org/mt/99869175/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [master][PATCH 2/2] rootfs-postcommands.bbclass: add post func remove_unused_dnf_log_lock
On Fri, 30 Jun 2023 at 11:14, Changqing Li wrote: > Remove log_lock.pid which maybe created during do_rootfs. In commit > [dnf: only write the log lock to root for native dnf], > native dnf changed to write log lock to root, and target dnf still > use /var/log, so log_lock.pid need to be removed post do_rootfs. This is not making clear why the file needs to be removed. What problems occur if it is left in place? Is it supposed to be added, then removed by dnf during do_rootfs, and if this doesn't happen, is that a problem with dnf that needs to be fixed, rather than removing the file manually after the fact? Alex -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#183701): https://lists.openembedded.org/g/openembedded-core/message/183701 Mute This Topic: https://lists.openembedded.org/mt/99869451/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [PATCH v2] kernel.bbclass: hoist up "unset S" bbfatal from kernel-yocto.bbclass to kernel.bbclass
Hello, This caused the following failures on the AB: stdio: ERROR: linux-yocto-6.1.35+gitAUTOINC+b358c237cf_915f4d2237-r0 do_symlink_kernsrc: S is not set to the linux source directory. Check the recipe and set S to the proper extracted subdirectory. stdio: ERROR: Logfile of failure stored in: /home/pokybuild/yocto-worker/qemuarm/build/build/tmp/work/qemuarm-poky-linux-gnueabi/linux-yocto/6.1.35+gitAUTOINC+b358c237cf_915f4d2237-r0/temp/log.do_symlink_kernsrc.3914759 stdio: ERROR: Task (/home/pokybuild/yocto-worker/qemuarm/build/meta/recipes-kernel/linux/linux-yocto_6.1.bb:do_symlink_kernsrc) failed with exit code '1' stdio: ERROR: Command . ./oe-init-build-env; bitbake core-image-sato core-image-sato-sdk core-image-minimal core-image-minimal-dev core-image-sato:do_populate_sdk -k failed with exit code 1, see errors above. (1687981572.9: 11986.3) On 26/06/2023 15:50:24+0200, Luca Ceresoli via lists.openembedded.org wrote: > From: Luca Ceresoli > > Writing a simple recipe that inherits kernel.bbclass and downloads a kernel > tarball (e.g. a mainline release from kernel.org) via http or ftp fails > with either: > > ERROR: linux-acme-6.3.3-r0 do_configure: oe_runmake failed > ... > | make: *** No rule to make target 'oldnoconfig'. Stop. > > or (seen on a different setup, based on kirkstone): > > ... do_populate_lic: QA Issue: ... LIC_FILES_CHKSUM points to an invalid > file: .../work-shared/.../kernel-source/COPYING [license-checksum] > > This happens when not setting S in the recipe. In this case, kernel.bbclass > sets it to ${STAGING_KERNEL_DIR} > (${TMPDIR}/work-shared/${MACHINE}/kernel-source). This means that in > do_symlink_kernsrc(), the 'if s != kernsrc' never triggers and thus the > kernel tree will not be moved into work-shared, which results in an empty > work-shared/.../kernel-source directory. > > Setting S in recipes is usually not required when downloading a tarball, so > it is not obvious here and the error message does not point to the problem > or its solution. > > There is such a check in kernel-yocto.bbclass though. Move it to > kernel.bbclass so that even kernel recipes not based on kernel-yocto can > benefit from it. > > The check is moved: > > - from the beginning of do_kernel_checkout() in kernel-yocto > - to the end of do_symlink_kernsrc() in kernel.bbclass > > and since do_kernel_checkout is executed 'after do_symlink_kernsrc', the > code flow does not change in a relevant way when using linux-yocto. > > As an additional benefit, the check is now taking place both when > downloading a tarball and when downloading from git, so even when using git > the recipe writer will be presented the explanatory error message. > > Signed-off-by: Luca Ceresoli > > --- > > Changed in v2: > - don't check for WORKDIR/git dir existence (Suggested by Richard) > --- > meta/classes-recipe/kernel-yocto.bbclass | 8 > meta/classes-recipe/kernel.bbclass | 6 ++ > 2 files changed, 6 insertions(+), 8 deletions(-) > > diff --git a/meta/classes-recipe/kernel-yocto.bbclass > b/meta/classes-recipe/kernel-yocto.bbclass > index 4ac977b12207..3f2ce17aeb88 100644 > --- a/meta/classes-recipe/kernel-yocto.bbclass > +++ b/meta/classes-recipe/kernel-yocto.bbclass > @@ -394,16 +394,8 @@ do_kernel_checkout() { > # case: we have no git repository at all. > # To support low bandwidth options for building the kernel, > we'll just > # convert the tree to a git repo and let the rest of the > process work unchanged > - > - # if ${S} hasn't been set to the proper subdirectory a default > of "linux" is > - # used, but we can't initialize that empty directory. So check > it and throw a > - # clear error > > cd ${S} > - if [ ! -f "Makefile" ]; then > - bberror "S is not set to the linux source directory. > Check " > - bbfatal "the recipe and set S to the proper extracted > subdirectory" > - fi > rm -f .gitignore > git init > check_git_config > diff --git a/meta/classes-recipe/kernel.bbclass > b/meta/classes-recipe/kernel.bbclass > index e82b696d1a14..75f43cb1134e 100644 > --- a/meta/classes-recipe/kernel.bbclass > +++ b/meta/classes-recipe/kernel.bbclass > @@ -195,6 +195,12 @@ python do_symlink_kernsrc () { > import shutil > shutil.move(s, kernsrc) > os.symlink(kernsrc, s) > + > +# Setting S is required with this class when fetching a tarball because > +# we cannot figure out automatically the extracted directory name. The > +# check is beneficial even when using git so don't check for git here. > +if not os.path.exists(os.path.join(s, "Makefile")): > +bb.fatal("S is not set to the linux source directory. Check the > recipe and set S to the proper extracted subdirectory.") > } > #
Re: [OE-core] [mickledore][PATCH 2/2] rootfs-postcommands.bbclass: add post func remove_unused_dnf_log_lock
On Fri, 2023-06-30 at 04:21 -1000, Steve Sakoman wrote: > Is this also a problem in master, or is it mickledore specific? The same patches have been proposed for master with an "instant" backport requested. I really don't like this model of development as I have my doubts about how extensively they've been tested in one or the other. I'm also not convinced the patches explain the issue properly or why things should be fixed as proposed. I think at the very least the commit messages need to better explain the issues. Cheers, Richard -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#183699): https://lists.openembedded.org/g/openembedded-core/message/183699 Mute This Topic: https://lists.openembedded.org/mt/99869175/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe-core][mickledore][PATCH 1/1] perl: Fix CVE-2023-31484 & CVE-2023-31486
CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS. HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates. References: https://nvd.nist.gov/vuln/detail/CVE-2023-31484 https://nvd.nist.gov/vuln/detail/CVE-2023-31486 Upstream patches: https://github.com/andk/cpanpm/commit/9c98370287f4e709924aee7c58ef21c85289a7f0 https://github.com/chansen/p5-http-tiny/commit/77f557ef84698efeb6eed04e4a9704eaf85b741d https://github.com/chansen/p5-http-tiny/commit/a22785783b17cbaa28afaee4a024d81a1903701d Signed-off-by: Soumya --- .../perl/files/CVE-2023-31484.patch | 29 +++ .../perl/files/CVE-2023-31486-0001.patch | 217 ++ .../perl/files/CVE-2023-31486-0002.patch | 30 +++ meta/recipes-devtools/perl/perl_5.36.0.bb | 3 + 4 files changed, 279 insertions(+) create mode 100644 meta/recipes-devtools/perl/files/CVE-2023-31484.patch create mode 100644 meta/recipes-devtools/perl/files/CVE-2023-31486-0001.patch create mode 100644 meta/recipes-devtools/perl/files/CVE-2023-31486-0002.patch diff --git a/meta/recipes-devtools/perl/files/CVE-2023-31484.patch b/meta/recipes-devtools/perl/files/CVE-2023-31484.patch new file mode 100644 index 00..1f7cbd0da1 --- /dev/null +++ b/meta/recipes-devtools/perl/files/CVE-2023-31484.patch @@ -0,0 +1,29 @@ +From a625ec2cc3a0b6116c1f8b831d3480deb621c245 Mon Sep 17 00:00:00 2001 +From: Stig Palmquist +Date: Tue, 28 Feb 2023 11:54:06 +0100 +Subject: [PATCH] Add verify_SSL=>1 to HTTP::Tiny to verify https server + identity + +Upstream-Status: Backport [https://github.com/andk/cpanpm/commit/9c98370287f4e709924aee7c58ef21c85289a7f0] + +CVE: CVE-2023-31484 + +Signed-off-by: Soumya +--- + cpan/CPAN/lib/CPAN/HTTP/Client.pm | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/cpan/CPAN/lib/CPAN/HTTP/Client.pm b/cpan/CPAN/lib/CPAN/HTTP/Client.pm +index 4fc792c..a616fee 100644 +--- a/cpan/CPAN/lib/CPAN/HTTP/Client.pm b/cpan/CPAN/lib/CPAN/HTTP/Client.pm +@@ -32,6 +32,7 @@ sub mirror { + + my $want_proxy = $self->_want_proxy($uri); + my $http = HTTP::Tiny->new( ++verify_SSL => 1, + $want_proxy ? (proxy => $self->{proxy}) : () + ); + +-- +2.40.0 diff --git a/meta/recipes-devtools/perl/files/CVE-2023-31486-0001.patch b/meta/recipes-devtools/perl/files/CVE-2023-31486-0001.patch new file mode 100644 index 00..e2a2216a0d --- /dev/null +++ b/meta/recipes-devtools/perl/files/CVE-2023-31486-0001.patch @@ -0,0 +1,217 @@ +From e1ca8defeff496000fc96600ebfca7250065c1f1 Mon Sep 17 00:00:00 2001 +From: Stig Palmquist +Date: Thu, 29 Jun 2023 14:36:05 + +Subject: [PATCH] Change verify_SSL default to 1, add ENV var to enable + insecure default + +- Changes the `verify_SSL` default parameter from `0` to `1` + + Based on patch by Dominic Hargreaves: + https://salsa.debian.org/perl-team/interpreter/perl/-/commit/1490431e40e22052f75a0b3449f1f53cbd27ba92 + + Fixes CVE-2023-31486 + +- Add check for `$ENV{PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT}` that + enables the previous insecure default behaviour if set to `1`. + + This provides a workaround for users who encounter problems with the + new `verify_SSL` default. + + Example to disable certificate checks: + ``` +$ PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT=1 ./script.pl + ``` + +- Updates to documentation: + - Describe changing the verify_SSL value + - Describe the escape-hatch environment variable + - Remove rationale for not enabling verify_SSL + - Add missing certificate search paths + - Replace "SSL" with "TLS/SSL" where appropriate + - Use "machine-in-the-middle" instead of "man-in-the-middle" + +Upstream-Status: Backport [https://github.com/chansen/p5-http-tiny/commit/77f557ef84698efeb6eed04e4a9704eaf85b741d] + +Signed-off-by: Soumya +--- + cpan/HTTP-Tiny/lib/HTTP/Tiny.pm | 86 ++--- + 1 file changed, 57 insertions(+), 29 deletions(-) + +diff --git a/cpan/HTTP-Tiny/lib/HTTP/Tiny.pm b/cpan/HTTP-Tiny/lib/HTTP/Tiny.pm +index 83ca06d..5f6ced8 100644 +--- a/cpan/HTTP-Tiny/lib/HTTP/Tiny.pm b/cpan/HTTP-Tiny/lib/HTTP/Tiny.pm +@@ -40,10 +40,14 @@ sub _croak { require Carp; Carp::croak(@_) } + #pod * C ??? Request timeout in seconds (default is 60) If a socket open, + #pod read or write takes longer than the timeout, the request response status code + #pod will be 599. +-#pod * C ??? A boolean that indicates whether to validate the SSL +-#pod certificate of an C ??? connection (default is false) ++#pod * C ??? A boolean that indicates whether to validate the TLS/SSL ++#pod certificate of an C ??? connection (default is true). Changed from false ++#pod to true in version 0.083. + #pod * C ??? A hashref of C ??? options to pass through to + #pod L ++#pod * C<$ENV{PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT}> - Changes the default ++#pod certificate
Re: [OE-core] [mickledore][PATCH 2/2] rootfs-postcommands.bbclass: add post func remove_unused_dnf_log_lock
Is this also a problem in master, or is it mickledore specific? Steve On Thu, Jun 29, 2023 at 10:32 PM Changqing Li wrote: > > From: Changqing Li > > Remove log_lock.pid which maybe created during do_rootfs. In commit > [dnf: only write the log lock to root for native dnf], > native dnf changed to write log lock to root, and target dnf still > use /var/log, so log_lock.pid need to be removed post do_rootfs. > > Signed-off-by: Changqing Li > --- > meta/classes-recipe/rootfs-postcommands.bbclass | 7 +++ > 1 file changed, 7 insertions(+) > > diff --git a/meta/classes-recipe/rootfs-postcommands.bbclass > b/meta/classes-recipe/rootfs-postcommands.bbclass > index 690fa976aa..7538c8b0b5 100644 > --- a/meta/classes-recipe/rootfs-postcommands.bbclass > +++ b/meta/classes-recipe/rootfs-postcommands.bbclass > @@ -49,6 +49,8 @@ ROOTFS_POSTPROCESS_COMMAND += 'empty_var_volatile;' > > ROOTFS_POSTPROCESS_COMMAND += '${@bb.utils.contains("DISTRO_FEATURES", > "overlayfs", "overlayfs_qa_check; overlayfs_postprocess;", "", d)}' > > +ROOTFS_POSTPROCESS_COMMAND += 'remove_unused_dnf_log_lock;' > + > inherit image-artifact-names > > # Sort the user and group entries in /etc by ID in order to make the content > @@ -276,6 +278,11 @@ empty_var_volatile () { > fi > } > > +remove_unused_dnf_log_lock() { > + if [ -e ${IMAGE_ROOTFS}/log_lock.pid ]; then > + rm -rf ${IMAGE_ROOTFS}/log_lock.pid > + fi > +} > # Turn any symbolic /sbin/init link into a file > remove_init_link () { > if [ -h ${IMAGE_ROOTFS}/sbin/init ]; then > -- > 2.35.5 > > > > -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#183697): https://lists.openembedded.org/g/openembedded-core/message/183697 Mute This Topic: https://lists.openembedded.org/mt/99869175/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH] mdadm: re-add mdadm-ptest to PTESTS_SLOW
From: Ovidiu Panait The ptest problems reported in e21021dc00ec ("mdadm: drop from PTESTS_SLOW") should now be fixed, so mdadm can be added back to PTESTS_SLOW (a qemux86-64 test run takes about ~12 minutes to execute with kvm). root@qemux86-64:~# ptest-runner mdadm START: ptest-runner 2023-06-30T08:25 BEGIN: /usr/lib/mdadm/ptest PASS: /usr/lib/mdadm/ptest/tests/00linear PASS: /usr/lib/mdadm/ptest/tests/00multipath ... PASS: /usr/lib/mdadm/ptest/tests/19repair-does-not-destroy PASS: /usr/lib/mdadm/ptest/tests/20raid5journal PASS: /usr/lib/mdadm/ptest/tests/21raid5cache DURATION: 723 END: /usr/lib/mdadm/ptest 2023-06-30T09:16 STOP: ptest-runner TOTAL: 1 FAIL: 0 For the testcases to run correctly, there must be enough rootfs space to create 13 loop devices. Similar to strace and lttng-tools, add a new IMAGE_ROOTFS_EXTRA_SPACE entry for mdadm-ptest. Signed-off-by: Ovidiu Panait --- meta/conf/distro/include/ptest-packagelists.inc | 3 +-- meta/recipes-core/images/core-image-ptest.bb| 1 + 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/meta/conf/distro/include/ptest-packagelists.inc b/meta/conf/distro/include/ptest-packagelists.inc index da9153b998..6250cf081e 100644 --- a/meta/conf/distro/include/ptest-packagelists.inc +++ b/meta/conf/distro/include/ptest-packagelists.inc @@ -99,6 +99,7 @@ PTESTS_SLOW = "\ libgcrypt \ libmodule-build-perl \ lttng-tools \ +mdadm \ openssh \ openssl \ parted \ @@ -122,7 +123,6 @@ PTESTS_PROBLEMS:append:x86 = " valgrind" #rt-tests \ # Needs to be checked whether it runs at all #bash \ # Test outcomes are non-deterministic by design #ifupdown \ # Tested separately in lib/oeqa/selftest/cases/imagefeatures.py -#mdadm \ # Tests rely on non-deterministic sleep() amounts #libinput \ # Tests need an unloaded system to be reliable #libpam \ # Needs pam DISTRO_FEATURE #numactl \ # qemu not (yet) configured for numa; all tests are skipped @@ -134,7 +134,6 @@ PTESTS_PROBLEMS = "\ rt-tests \ bash \ ifupdown \ -mdadm \ libinput \ libpam \ libseccomp \ diff --git a/meta/recipes-core/images/core-image-ptest.bb b/meta/recipes-core/images/core-image-ptest.bb index 90c26641ba..ddc56c8f9f 100644 --- a/meta/recipes-core/images/core-image-ptest.bb +++ b/meta/recipes-core/images/core-image-ptest.bb @@ -19,6 +19,7 @@ BBCLASSEXTEND = "${@' '.join(['mcextend:'+x for x in d.getVar('PTESTS').split()] # strace-ptest in particular needs more than 500MB IMAGE_OVERHEAD_FACTOR = "1.0" IMAGE_ROOTFS_EXTRA_SPACE = "324288" +IMAGE_ROOTFS_EXTRA_SPACE:virtclass-mcextend-mdadm = "1524288" IMAGE_ROOTFS_EXTRA_SPACE:virtclass-mcextend-strace = "1024288" IMAGE_ROOTFS_EXTRA_SPACE:virtclass-mcextend-lttng-tools = "1524288" -- 2.39.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#183696): https://lists.openembedded.org/g/openembedded-core/message/183696 Mute This Topic: https://lists.openembedded.org/mt/99873178/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [PATCH 2/3] libxcrypt: Limit to enabling strong hash algos only
Hello Khem, This causes python ptest failures: {'python3': ['test_crypt', 'test_methods', 'test_sha2_rounds']} We should probably disable those On 23/06/2023 22:32:21-0700, Khem Raj wrote: > This ensures that weak algorithms are not included, which should improve > the defauls to be more secure > > Signed-off-by: Khem Raj > --- > meta/recipes-core/libxcrypt/libxcrypt.inc | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/meta/recipes-core/libxcrypt/libxcrypt.inc > b/meta/recipes-core/libxcrypt/libxcrypt.inc > index 997e83fb004..db43a34b11d 100644 > --- a/meta/recipes-core/libxcrypt/libxcrypt.inc > +++ b/meta/recipes-core/libxcrypt/libxcrypt.inc > @@ -29,7 +29,7 @@ BUILD_CPPFLAGS = "-I${STAGING_INCDIR_NATIVE}" > TARGET_CPPFLAGS = "-I${STAGING_DIR_TARGET}${includedir} -Wno-error" > CPPFLAGS:append:class-nativesdk = " -Wno-error" > > -API = "--disable-obsolete-api" > +API = "--disable-obsolete-api --enable-hashes=strong" > EXTRA_OECONF += "${API}" > > BBCLASSEXTEND = "native nativesdk" > -- > 2.41.0 > > > > -- Alexandre Belloni, co-owner and COO, Bootlin Embedded Linux and Kernel engineering https://bootlin.com -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#183695): https://lists.openembedded.org/g/openembedded-core/message/183695 Mute This Topic: https://lists.openembedded.org/mt/99749300/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [meta-oe][PATCH v2] uninative-tarball.xz - reproducibility fix
added --clamp-mtime --mtime to the tar command see: https://bugzilla.yoctoproject.org/show_bug.cgi?id=15148 Signed-off-by: Robert Berger --- meta/classes-recipe/populate_sdk_base.bbclass | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/classes-recipe/populate_sdk_base.bbclass b/meta/classes-recipe/populate_sdk_base.bbclass index b23ea26d40..24db703534 100644 --- a/meta/classes-recipe/populate_sdk_base.bbclass +++ b/meta/classes-recipe/populate_sdk_base.bbclass @@ -285,7 +285,7 @@ python check_sdk_sysroots() { dir_walk(SCAN_ROOT) } -SDKTAROPTS = "--owner=root --group=root" +SDKTAROPTS = "--owner=root --group=root --clamp-mtime --mtime=@${SOURCE_DATE_EPOCH}" fakeroot archive_sdk() { # Package it up -- 2.17.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#183694): https://lists.openembedded.org/g/openembedded-core/message/183694 Mute This Topic: https://lists.openembedded.org/mt/99872409/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [qa-build-notification] QA notification for completed autobuilder build (yocto-4.0.11.rc1)
Hi All, QA for yocto-4.0.11.rc1 is completed. This is the full report for this release: https://git.yoctoproject.org/cgit/cgit.cgi/yocto-testresults-contrib/tree/?h=intel-yocto-testresults === Summary No high milestone defects. No new issue found. Thanks, Jing Hui > -Original Message- > From: qa-build-notificat...@lists.yoctoproject.org notificat...@lists.yoctoproject.org> On Behalf Of Pokybuild User > Sent: Saturday, June 24, 2023 3:08 AM > To: yo...@lists.yoctoproject.org > Cc: qa-build-notificat...@lists.yoctoproject.org > Subject: [qa-build-notification] QA notification for completed autobuilder > build (yocto-4.0.11.rc1) > > > A build flagged for QA (yocto-4.0.11.rc1) was completed on the autobuilder > and is available at: > > > https://autobuilder.yocto.io/pub/releases/yocto-4.0.11.rc1 > > > Build hash information: > > bitbake: 0c6f86b60cfba67c20733516957c0a654eb2b44c > meta-agl: 1b0cad77090b75fc040f9de5db06374203fe34c5 > meta-arm: 96aad3b29aa7a5ee4df5cf617a6336e5218fa9bd > meta-aws: 7c498bc8f0d51b9c2546b8f7e3347cc6e61d74ec > meta-gplv2: d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a > meta-intel: 7fab6b8f1a3030bc6d2f1cf48789599af3dc3e78 > meta-mingw: a90614a6498c3345704e9611f2842eb933dc51c1 > meta-openembedded: a82d92c8a6525da01524bf8f4a60bf6b35dcbb3d > meta-virtualization: b3b3dbc67504e8cd498d6db202ddcf5a9dd26a9d > oecore: 7949e786cf8e50f716ff1f1c4797136637205e0c > poky: fc697fe87412b9b179ae3a68d266ace85bb1fcc6 > > > > This is an automated message from the Yocto Project Autobuilder > Git: git://git.yoctoproject.org/yocto-autobuilder2 > Email: richard.pur...@linuxfoundation.org > > > > > > > -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#183693): https://lists.openembedded.org/g/openembedded-core/message/183693 Mute This Topic: https://lists.openembedded.org/mt/99780177/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] Backport of libxcrypt fix to kirkstone branch
Hello, can you please cherry-pick / backport following commit to the kirkstone branch: "libxcrypt: fix hard-coded ".so" extension" ( 2639746ba7f8a651fffaa9819ef9d9df776108e3 in poky and 7ed6bfa2428b4f1ba7f09d6e9e67c462ff355153 in openembedded-core). It is needed to be able to build meta-darwin's kirkstone branch with the latest kirkstone branch of meta-clang. Thanks! -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#183692): https://lists.openembedded.org/g/openembedded-core/message/183692 Mute This Topic: https://lists.openembedded.org/mt/99870169/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [PATCH 4/4] mdadm: skip running known broken ptests
On Fri, 30 Jun 2023 at 11:17, Ovidiu Panait wrote: > > Thanks for working on reenabling this. mdadm is currently taken out of > > ptest lists because > > #mdadm \ # Tests rely on non-deterministic sleep() amounts > > > > Is this resolved, and can we re-add mdadm to SLOW or FAST lists? > I did multiple test runs with a qemu-x86-64 image and kvm and the > results seem consistent - always ~12 min per run, no failures: > # ptest-runner mdadm > ... > PASS: /usr/lib/mdadm/ptest/tests/21raid5cache > DURATION: 724 > END: /usr/lib/mdadm/ptest > 2023-06-30T08:37 > STOP: ptest-runner > TOTAL: 1 FAIL: 0 > > I think mdadm-ptest can be added back to PTESTS_SLOW. Cool, can you make a patch for this please? Alex -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#183691): https://lists.openembedded.org/g/openembedded-core/message/183691 Mute This Topic: https://lists.openembedded.org/mt/99851485/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [PATCH 4/4] mdadm: skip running known broken ptests
Hi Alex, On 6/29/23 17:54, Alexander Kanavin wrote: CAUTION: This email comes from a non Wind River email account! Do not click links or open attachments unless you recognize the sender and know the content is safe. Thanks for working on reenabling this. mdadm is currently taken out of ptest lists because #mdadm \ # Tests rely on non-deterministic sleep() amounts Is this resolved, and can we re-add mdadm to SLOW or FAST lists? I did multiple test runs with a qemu-x86-64 image and kvm and the results seem consistent - always ~12 min per run, no failures: # ptest-runner mdadm ... PASS: /usr/lib/mdadm/ptest/tests/21raid5cache DURATION: 724 END: /usr/lib/mdadm/ptest 2023-06-30T08:37 STOP: ptest-runner TOTAL: 1 FAIL: 0 I think mdadm-ptest can be added back to PTESTS_SLOW. Ovidiu Alex On Thu, 29 Jun 2023 at 16:19, Ovidiu Panait via lists.openembedded.org wrote: From: Ovidiu Panait Upstream marked some testcases as "KNOWN BROKEN" and introduced the "--skip-broken" flag to ignore them when running the testsuite (commits [1] and [2]). Backport these two commits to get rid of the last remaining ptest failures. Also, add the "--skip-broken" option to the run-ptest script. [1] https://git.kernel.org/pub/scm/utils/mdadm/mdadm.git/commit/?id=28520bf114b3 [2] https://git.kernel.org/pub/scm/utils/mdadm/mdadm.git/commit/?id=daa86d663476 Signed-off-by: Ovidiu Panait --- ...Mark-and-ignore-broken-test-failures.patch | 128 + ...dd-broken-files-for-all-broken-tests.patch | 454 ++ meta/recipes-extended/mdadm/files/run-ptest | 2 +- meta/recipes-extended/mdadm/mdadm_4.2.bb | 2 + 4 files changed, 585 insertions(+), 1 deletion(-) create mode 100644 meta/recipes-extended/mdadm/files/0005-mdadm-test-Mark-and-ignore-broken-test-failures.patch create mode 100644 meta/recipes-extended/mdadm/files/0006-tests-Add-broken-files-for-all-broken-tests.patch diff --git a/meta/recipes-extended/mdadm/files/0005-mdadm-test-Mark-and-ignore-broken-test-failures.patch b/meta/recipes-extended/mdadm/files/0005-mdadm-test-Mark-and-ignore-broken-test-failures.patch new file mode 100644 index 00..c55bfb125b --- /dev/null +++ b/meta/recipes-extended/mdadm/files/0005-mdadm-test-Mark-and-ignore-broken-test-failures.patch @@ -0,0 +1,128 @@ +From feab1f72fcf032a4d21d0a69eb61b23a5ddb3352 Mon Sep 17 00:00:00 2001 +From: Logan Gunthorpe +Date: Wed, 22 Jun 2022 14:25:18 -0600 +Subject: [PATCH 5/6] mdadm/test: Mark and ignore broken test failures + +Add functionality to continue if a test marked as broken fails. + +To mark a test as broken, a file with the same name but with the suffix +'.broken' should exist. The first line in the file will be printed with +a KNOWN BROKEN message; the rest of the file can describe the how the +test is broken. + +Also adds --skip-broken and --skip-always-broken to skip all the tests +that have a .broken file or to skip all tests whose .broken file's first +line contains the keyword always. + +Signed-off-by: Logan Gunthorpe +Signed-off-by: Jes Sorensen + +Upstream-Status: Backport + +Reference to upstream patch: +https://git.kernel.org/pub/scm/utils/mdadm/mdadm.git/commit/?id=28520bf114b3 + +[OP: adjusted context for mdadm-4.2] +Signed-off-by: Ovidiu Panait +--- + test | 37 +++-- + 1 file changed, 35 insertions(+), 2 deletions(-) + +diff --git a/test b/test +index 8f189d9..ee8fba1 100755 +--- a/test b/test +@@ -10,6 +10,8 @@ devlist= + + savelogs=0 + exitonerror=1 ++ctrl_c_error=0 ++skipbroken=0 + prefix='[0-9][0-9]' + + # use loop devices by default if doesn't specify --dev +@@ -35,6 +37,7 @@ die() { + + ctrl_c() { + exitonerror=1 ++ ctrl_c_error=1 + } + + # mdadm always adds --quiet, and we want to see any unexpected messages +@@ -79,8 +82,21 @@ mdadm() { + do_test() { + _script=$1 + _basename=`basename $_script` ++ _broken=0 ++ + if [ -f "$_script" ] + then ++ if [ -f "${_script}.broken" ]; then ++ _broken=1 ++ _broken_msg=$(head -n1 "${_script}.broken" | tr -d '\n') ++ if [ "$skipbroken" == "all" ]; then ++ return ++ elif [ "$skipbroken" == "always" ] && ++ [[ "$_broken_msg" == *always* ]]; then ++ return ++ fi ++ fi ++ + rm -f $targetdir/stderr + # this might have been reset: restore the default. + echo 2000 > /proc/sys/dev/raid/speed_limit_max +@@ -97,10 +113,15 @@ do_test() { + else + save_log fail + _fail=1 ++ if [ "$_broken" == "1" ]; then ++ echo " (KNOWN BROKEN TEST: $_broken_msg)" ++ fi + fi + [ "$savelogs" == "1" ] && + mv -f
[OE-core] [master][PATCH 1/2] dnf: only write the log lock to root for native dnf
From: Changqing Li >From commit 742a1b7124, log_lock.pid is writen to root, but following file is not changed, which will make it never deleted, and an unexpected file exist in root dir after boot target. $ tail -n 1 etc/tmpfiles.d/dnf.conf r /var/log/log_lock.pid Besides, root dir may be read-only, so it is better still keep the log_lock.pid under /var/log, only write the log lock to root for native dnf for fixing issue mentioned in 742a1b7124 Signed-off-by: Changqing Li --- meta/recipes-devtools/dnf/dnf_4.16.1.bb | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/meta/recipes-devtools/dnf/dnf_4.16.1.bb b/meta/recipes-devtools/dnf/dnf_4.16.1.bb index ff79701dc7..9134411fa9 100644 --- a/meta/recipes-devtools/dnf/dnf_4.16.1.bb +++ b/meta/recipes-devtools/dnf/dnf_4.16.1.bb @@ -15,9 +15,10 @@ SRC_URI = "git://github.com/rpm-software-management/dnf.git;branch=master;protoc file://0029-Do-not-set-PYTHON_INSTALL_DIR-by-running-python.patch \ file://0030-Run-python-scripts-using-env.patch \ file://0001-set-python-path-for-completion_helper.patch \ - file://0001-dnf-write-the-log-lock-to-root.patch \ " +SRC_URI:append:class-native = "file://0001-dnf-write-the-log-lock-to-root.patch" + SRCREV = "94b7cc7956580405b219329541d6b40db6499cf1" UPSTREAM_CHECK_GITTAGREGEX = "(?P\d+(\.\d+)+)" -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#183689): https://lists.openembedded.org/g/openembedded-core/message/183689 Mute This Topic: https://lists.openembedded.org/mt/99869452/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [master][PATCH 2/2] rootfs-postcommands.bbclass: add post func remove_unused_dnf_log_lock
From: Changqing Li Remove log_lock.pid which maybe created during do_rootfs. In commit [dnf: only write the log lock to root for native dnf], native dnf changed to write log lock to root, and target dnf still use /var/log, so log_lock.pid need to be removed post do_rootfs. Signed-off-by: Changqing Li --- meta/classes-recipe/rootfs-postcommands.bbclass | 7 +++ 1 file changed, 7 insertions(+) diff --git a/meta/classes-recipe/rootfs-postcommands.bbclass b/meta/classes-recipe/rootfs-postcommands.bbclass index 4492c9c0aa..53b241413e 100644 --- a/meta/classes-recipe/rootfs-postcommands.bbclass +++ b/meta/classes-recipe/rootfs-postcommands.bbclass @@ -49,6 +49,8 @@ ROOTFS_POSTPROCESS_COMMAND += 'empty_var_volatile;' ROOTFS_POSTPROCESS_COMMAND += '${@bb.utils.contains("DISTRO_FEATURES", "overlayfs", "overlayfs_qa_check; overlayfs_postprocess;", "", d)}' +ROOTFS_POSTPROCESS_COMMAND += 'remove_unused_dnf_log_lock;' + inherit image-artifact-names # Sort the user and group entries in /etc by ID in order to make the content @@ -361,6 +363,11 @@ empty_var_volatile () { fi } +remove_unused_dnf_log_lock() { + if [ -e ${IMAGE_ROOTFS}/log_lock.pid ]; then + rm -rf ${IMAGE_ROOTFS}/log_lock.pid + fi +} # Turn any symbolic /sbin/init link into a file remove_init_link () { if [ -h ${IMAGE_ROOTFS}/sbin/init ]; then -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#183688): https://lists.openembedded.org/g/openembedded-core/message/183688 Mute This Topic: https://lists.openembedded.org/mt/99869451/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [PATCH] util-linux: fix the pylibmount installation path
On 29/06/2023 16:04, Richard Purdie wrote: On Thu, 2023-06-29 at 15:50 +0200, Louis Rannou wrote: On 29/06/2023 14:59, Richard Purdie wrote: On Thu, 2023-06-29 at 12:37 +, Louis Rannou wrote: Append the install task to move the python library from ${base_libdir} to ${PYTHON_SITEPACKAGES_DIR}. Signed-off-by: Louis Rannou --- As we install libraries of util-linux in ${base_libdir} (/lib), the python library pylibmount is also installed there. An issue was raised when pylibmount was added to PACKAGECONFIG. --- meta/recipes-core/util-linux/util-linux_2.38.1.bb | 11 ++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/meta/recipes-core/util-linux/util-linux_2.38.1.bb b/meta/recipes-core/util-linux/util-linux_2.38.1.bb index 9ea7a04e8a..f9a9fdcfaf 100644 --- a/meta/recipes-core/util-linux/util-linux_2.38.1.bb +++ b/meta/recipes-core/util-linux/util-linux_2.38.1.bb @@ -1,7 +1,7 @@ require util-linux.inc #gtk-doc is not enabled as it requires xmlto which requires util-linux -inherit autotools gettext manpages pkgconfig systemd update-alternatives python3-dir bash-completion ptest +inherit autotools gettext manpages pkgconfig systemd update-alternatives python3-dir python3targetconfig bash-completion ptest DEPENDS = "libcap-ng ncurses virtual/crypt zlib util-linux-libuuid" PACKAGES =+ "${PN}-swaponoff" @@ -320,3 +320,12 @@ do_install_ptest() { rm -rf ${D}${PTEST_PATH}/tests/ts/chfn fi } + +do_install:append() { +if [ -d ${D}${base_libdir}/${PYTHON_DIR}/site-packages/libmount ] +then +install -d ${D}${PYTHON_SITEPACKAGES_DIR} +mv ${D}${base_libdir}/${PYTHON_DIR}/site-packages/libmount ${D}${PYTHON_SITEPACKAGES_DIR}/ +rm -rf ${D}${base_libdir}/${PYTHON_DIR} +fi +} When it is being installed, can we not pass the right path into the build system so it ends up in the right place? I would love that. But the build system installs the libraries and the python package using the same prefix which we specify to ${base_libdir}. I have asked a quick question on IRC. I'll send a mail to the util-linux mailing list if I get no answer. Perhaps we should just let util-linux install to libdir instead of base_libdir. The reasons for using base_libdir are effectively historical now anyway... I can do that, but if /lib and /usr/lib are distincts we probably require util-linux to be in /lib, don't we ? For example, if /usr is a separate partition. Thanks, Louis -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#183687): https://lists.openembedded.org/g/openembedded-core/message/183687 Mute This Topic: https://lists.openembedded.org/mt/99849709/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [mickledore][PATCH 2/2] rootfs-postcommands.bbclass: add post func remove_unused_dnf_log_lock
From: Changqing Li Remove log_lock.pid which maybe created during do_rootfs. In commit [dnf: only write the log lock to root for native dnf], native dnf changed to write log lock to root, and target dnf still use /var/log, so log_lock.pid need to be removed post do_rootfs. Signed-off-by: Changqing Li --- meta/classes-recipe/rootfs-postcommands.bbclass | 7 +++ 1 file changed, 7 insertions(+) diff --git a/meta/classes-recipe/rootfs-postcommands.bbclass b/meta/classes-recipe/rootfs-postcommands.bbclass index 690fa976aa..7538c8b0b5 100644 --- a/meta/classes-recipe/rootfs-postcommands.bbclass +++ b/meta/classes-recipe/rootfs-postcommands.bbclass @@ -49,6 +49,8 @@ ROOTFS_POSTPROCESS_COMMAND += 'empty_var_volatile;' ROOTFS_POSTPROCESS_COMMAND += '${@bb.utils.contains("DISTRO_FEATURES", "overlayfs", "overlayfs_qa_check; overlayfs_postprocess;", "", d)}' +ROOTFS_POSTPROCESS_COMMAND += 'remove_unused_dnf_log_lock;' + inherit image-artifact-names # Sort the user and group entries in /etc by ID in order to make the content @@ -276,6 +278,11 @@ empty_var_volatile () { fi } +remove_unused_dnf_log_lock() { + if [ -e ${IMAGE_ROOTFS}/log_lock.pid ]; then + rm -rf ${IMAGE_ROOTFS}/log_lock.pid + fi +} # Turn any symbolic /sbin/init link into a file remove_init_link () { if [ -h ${IMAGE_ROOTFS}/sbin/init ]; then -- 2.35.5 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#183686): https://lists.openembedded.org/g/openembedded-core/message/183686 Mute This Topic: https://lists.openembedded.org/mt/99869175/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [mickledore][PATCH 1/2] dnf: only write the log lock to root for native dnf
From: Changqing Li >From commit 742a1b7124, log_lock.pid is writen to root, but following file is not changed, which will make it never deleted, and an unexpected file exist in root dir after boot target. $ tail -n 1 etc/tmpfiles.d/dnf.conf r /var/log/log_lock.pid Besides, root dir may be read-only, so it is better still keep the log_lock.pid under /var/log, only write the log lock to root for native dnf for fixing issue mentioned in 742a1b7124 Signed-off-by: Changqing Li --- meta/recipes-devtools/dnf/dnf_4.14.0.bb | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/meta/recipes-devtools/dnf/dnf_4.14.0.bb b/meta/recipes-devtools/dnf/dnf_4.14.0.bb index 62df8c4ace..95007c9c4b 100644 --- a/meta/recipes-devtools/dnf/dnf_4.14.0.bb +++ b/meta/recipes-devtools/dnf/dnf_4.14.0.bb @@ -15,9 +15,10 @@ SRC_URI = "git://github.com/rpm-software-management/dnf.git;branch=master;protoc file://0029-Do-not-set-PYTHON_INSTALL_DIR-by-running-python.patch \ file://0030-Run-python-scripts-using-env.patch \ file://0001-set-python-path-for-completion_helper.patch \ - file://0001-dnf-write-the-log-lock-to-root.patch \ " +SRC_URI:append:class-native = "file://0001-dnf-write-the-log-lock-to-root.patch" + SRCREV = "e50875b3f5790f70720bdb670e1dd2bf4d828744" UPSTREAM_CHECK_GITTAGREGEX = "(?P\d+(\.\d+)+)" -- 2.35.5 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#183685): https://lists.openembedded.org/g/openembedded-core/message/183685 Mute This Topic: https://lists.openembedded.org/mt/99869174/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [meta-oe][PATCH] uninative-tarball.xz - reproducibility fix
On Fri, 2023-06-30 at 09:03 +0200, Robert Berger wrote: > Hi, > > My comments are inline > > On 29/06/2023 16:07, Richard Purdie wrote: > > > +SDKTAROPTS_ADDON ?= "--clamp-mtime --mtime=@${SOURCE_DATE_EPOCH}" > > > > > > > Thanks, looks good. I did wonder if we could just put this in > > SDKTAROPTS though? Do we really need to add a new variable? > > > > Functionality-wise it's fine to add it to SDKTAROPTS. The default value > I added would give people the chance to experiment with different > options as well. > > If you want me to "hard code" it I'll create a v2. > > Just let me know. Lets just add to the existing variable, I don't think we need another one for this. Cheers, Richard -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#183684): https://lists.openembedded.org/g/openembedded-core/message/183684 Mute This Topic: https://lists.openembedded.org/mt/99851149/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [meta-oe][PATCH] uninative-tarball.xz - reproducibility fix
Hi, Not sure my previous reply made it to the list. So I try it again here. On 29/06/2023 16:07, Richard Purdie wrote: On Thu, 2023-06-29 at 16:02 +0200, Robert Berger wrote: added --clamp-mtime --mtime to the tar command see: https://bugzilla.yoctoproject.org/show_bug.cgi?id=15148 Signed-off-by: Robert Berger --- meta/classes-recipe/populate_sdk_base.bbclass | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/meta/classes-recipe/populate_sdk_base.bbclass b/meta/classes-recipe/populate_sdk_base.bbclass index b23ea26d40..c804e7520a 100644 --- a/meta/classes-recipe/populate_sdk_base.bbclass +++ b/meta/classes-recipe/populate_sdk_base.bbclass @@ -86,7 +86,7 @@ python () { d.setVar('SDK_ARCHIVE_CMD', 'cd ${SDK_OUTPUT}/${SDKPATH}; zip -r ${SDK_ZIP_OPTIONS} ${SDKDEPLOYDIR}/${TOOLCHAIN_OUTPUTNAME}.${SDK_ARCHIVE_TYPE} .') else: d.setVar('SDK_ARCHIVE_DEPENDS', 'xz-native') - d.setVar('SDK_ARCHIVE_CMD', 'cd ${SDK_OUTPUT}/${SDKPATH}; tar ${SDKTAROPTS} -cf - . | xz ${SDK_XZ_OPTIONS} > ${SDKDEPLOYDIR}/${TOOLCHAIN_OUTPUTNAME}.${SDK_ARCHIVE_TYPE}') + d.setVar('SDK_ARCHIVE_CMD', 'cd ${SDK_OUTPUT}/${SDKPATH}; tar ${SDKTAROPTS} ${SDKTAROPTS_ADDON} -cf - . | xz ${SDK_XZ_OPTIONS} > ${SDKDEPLOYDIR}/${TOOLCHAIN_OUTPUTNAME}.${SDK_ARCHIVE_TYPE}') } SDK_RDEPENDS = "${TOOLCHAIN_TARGET_TASK} ${TOOLCHAIN_HOST_TASK}" @@ -286,6 +286,7 @@ python check_sdk_sysroots() { } SDKTAROPTS = "--owner=root --group=root" +SDKTAROPTS_ADDON ?= "--clamp-mtime --mtime=@${SOURCE_DATE_EPOCH}" Thanks, looks good. I did wonder if we could just put this in SDKTAROPTS though? Do we really need to add a new variable? Functionality-wise it's fine to add it to SDKTAROPTS. The default value I added would give people the chance to experiment with different options as well. If you want me to "hard code" it I'll create a v2. Just let me know. Cheers, Richard Regards, Robert -- Robert Berger Embedded Software Evangelist Reliable Embedded Systems Consulting Training Engineering URL: https://www.reliableembeddedsystems.com Schedule a web meeting: https://calendly.com/reliableembeddedsystems/ ~~~ -- -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#183683): https://lists.openembedded.org/g/openembedded-core/message/183683 Mute This Topic: https://lists.openembedded.org/mt/99851149/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-