Age | Commit message (Collapse) | Author |
|
The script scans for services, parses them and makes sure those targets are still
there. The exists file check fails if the target is an alias, such as default.target
so add an additional test.
[YOCTO #13685]
Signed-off-by: Werner Grift <sky.captin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
busybox as well as vlock utility from meta-oe provides vlock utility
which can conflict when with kbd if pam is a enabled distro_feature
Fixes image build errors
update-alternatives: Error: not linking <rootfs>/usr/bin/vlock to /bin/busybox.suid since <rootfs>/usr/bin/vlock exists and is not a link
ERROR: yoe-qt5-wayland-image-1.0-r0 do_rootfs: Postinstall scriptlets of ['busybox'] have failed. If the intention is to defer them to first boot,
then please place them into pkg_postinst_ontarget_${PN} ().
Deferring to first boot via 'exit 1' is no longer supported.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The vlock doesn't exist if PAM isn't enabled.
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Switch to recently released version 1.1 of NVD CVE JSON feed, as in
https://nvd.nist.gov/General/News/JSON-1-1-Vulnerability-Feed-Release
it is mentioned that
Due to changes required to support CVSS v3.1 scoring, the JSON
vulnerability feeds must be modified. This will require the consumers
of this data to update their internal processes. We will be providing
the JSON 1.1 schema on the data feeds page and the information below
to prepare for this transition.
...
The JSON 1.1 data feeds will be available on September 9th, 2019. At
that time the current JSON 1.0 data feeds will no longer available.
This change was tested briefly by issuing 'bitbake core-image-minimal'
with 'cve-check.bbclass' inherited via local.conf, and then comparing
the content between the resulting two
'DEPLOY_DIR_IMAGE/core-image-minimal-qemux86.cve' files, which did not
seem to contain any other change, except total of 167 entries like
CVSS v3 BASE SCORE: 0.0
were replaced with similar 'CVSS v3 BASE SCORE:' entries which had
scores that were greater than '0.0' (up to '9.8').
Signed-off-by: Niko Mauno <niko.mauno@iki.fi>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Bugfix-only changes on the 243 stable branch.
Backported patch removed.
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Remove 0001-This-fixes-an-issue-that-clang-reports-about-mutlipl.patch,
the problem has been fixed upstream.
Rebase the other patches.
License-Update: copyright years
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Rebase set-proper-path-of-resources.patch
Add a patch to address a string format error; as it modifies
a .l file, add a dependency on flex which is processing that into
C source code.
License-Update: file with copyright statements was replaced with original GPLv2 text
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
With this change, python 2.x recipes are ready to be moved to an external layer.
Once that happens, they will be removed from oe-core.
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Change all recipes to https where we get an http 301 permanent redirect.
Signed-off-by: Stefan Müller-Klieser <s.mueller-klieser@phytec.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
netbase-add-rpcbind-as-an-alias-to-sunrpc.patch
Removed since it is included in 5.7
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
ldconfig should be prior to glibc-utils in PACKAGES variable, or else
ldconfig binary would not be split to its own package, hence will lead
to runtime issues for the packages that depending on ldconfig, like
systemd.
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Remove the generation of the testglibc script which could be used to run
the glibc test suite with a remote target. The same functionality can
now be achieved with the 'do_check' task of glibc-testsuite or with
oe-selftest (for automation of execution against qemu-user/qemu-system
targets).
Signed-off-by: Nathan Rossi <nathan@nathanrossi.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Backport from 2.30 stable branch and drop NEWS section.
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
rpm 4.15 no longer allows it, which makes sense.
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
We're about to need to use this variable in the main include file so
restructure the users of it to all set it appropriately.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Make sure that the (newer) /dev/pts/ptmx is accessible by users. This
is useful e.g. when running containers which symlink /dev/ptmx to
/dev/pts/ptmx on start. The default mode (000) does not allow to
create ptys inside the container.
Using 666 when symlinking /dev/ptmx is also recommended by the kernel
documentation when /dev/ptmx is symlinked:
https://www.kernel.org/doc/Documentation/filesystems/devpts.txt
Also buildroot uses ptmxmode=0666. The patch introducing the change
explains related use cases why this is necessary a bit more in depth:
https://github.com/buildroot/buildroot/commit/8196b299ba12bd6741bf7f4462cad180dab77fb0#diff-2d4604b9e565eb19fa52ce31f282f06c
Signed-off-by: Stefan Agner <stefan.agner@toradex.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
texi2html isn't a build requirement and hasn't been since 2012 (oe-core
aa1c451).
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Very little software needs intltool to build, and we don't need it on the host
to build Poky.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Intltool is deprecated these days, as gettext can handle almost everything
intltool could. Remove it from the SDK packagegroups, if it is needed then the
user can add it explicitly.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
The last release of this was in 2002(!), kbd is the modern,
supported alternative.
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
urllib handles adding proxy handlers if the proxies are set in the environment,
so call bb.utils.export_proxies() to do that and remove the manual setup.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Create an index on the PRODUCTS table which contains a row for each CPE,
drastically increasing the performance of lookups for a specific CVE.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Don't hardcode the database filename, there's a variable for this in
cve-check.bbclass.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
In 50-systemd-user.sh which is packaged to sub-package
${PN}-xorg-xinitrc, it exports environment variables DISPLAY and
XAUTHORITY to systemd. It fails to start systemd services which require
these environment variables such as thunar.service:
root@qemux86-64:~# systemctl --user status thunar
● thunar.service - Thunar file manager
Loaded: loaded (/usr/lib/systemd/user/thunar.service; disabled; vendor preset: enabled)
Active: inactive (dead)
Docs: man:Thunar(1)
Nov 14 07:47:29 qemux86-64 systemd[352]: Starting Thunar file manager...
Nov 14 07:47:29 qemux86-64 Thunar[873]: cannot open display:
Nov 14 07:47:29 qemux86-64 systemd[352]: thunar.service: Main process exited, code=exited, status=1/FAILURE
Nov 14 07:47:29 qemux86-64 systemd[352]: thunar.service: Failed with result 'exit-code'.
Nov 14 07:47:29 qemux86-64 systemd[352]: Failed to start Thunar file manager.
It is not convenient to make all such kind of packages require package
${PN}-xorg-xinitrc, so remove the sub-package and merge the only file
provided by it to main package.
No recipe depends on ${PN}-xorg-xinitrc in oe-core and meta-openembedded
now, so no need to set rprovides for it.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
rename
Besides checking DISTRO_FEATURES for required or conflicting features,
being able to check MACHINE_FEATURES and/or COMBINED_FEATURES may also
be useful at times.
Temporarily support the old class name with a warning about future
deprecation.
Signed-off-by: Denys Dmytriyenko <denys@ti.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Fix "systemd-pstore: Failed to log pstore entry: Invalid argument"
by backporting 1b3156edd291e0882d80a695d035dd30521345d1 from upstream.
Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
We already fetch the yearly CVE metadata and check that for updates before
downloading the full data, but we can speed up CVE checking further by only
checking the CVE metadata once an hour.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Instead of depending on iasl-native, depend on ovmf-native as iasl was merged
into that recipe some time ago.
bc-native doesn't appear to be a build requirement anymore, and for clarity
merge two overridden DEPENDS into a single DEPENDS.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
export OPENSSL_CONF to aviod SDK openssl can not find openssl.cnf.
Signed-off-by: Liwei Song <liwei.song@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The whole D-Bus source has no reference to the netdev group. It
seems that the netdev group is nowhere used. Early avahi package
versions used this group for the D-Bus specific rules. However,
today avahi uses --with-avahi-priv-access-group=adm and hence
uses the adm group for its D-Bus policy rules.
If a package is using the netdev group in its D-Bus policy rules,
that package should add the group instead.
Signed-off-by: Stefan Agner <stefan.agner@toradex.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Only recommend its installation, if it's enabled in distro features.
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Without this change, efibootmgr is unable to recover BootOrder if lost
during a previous write operation, e.g. exceeded storage capacity. This
is problematic using EFI to manage boot flow from Linux (E.g. via RAUC).
https://www.kernel.org/doc/Documentation/filesystems/efivarfs.txt
Signed-off-by: Haris Okanovic <haris.okanovic@ni.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The change in 5cea0448c5c75b9defc5fc2582e9b0c14e26a4e9 cases the
following to be printed during boot:
/etc/rcS.d/S00psplash.sh: line 28: [: -q: binary operator expected
and the volume is thus never mounted, neither when invoked during
boot nor shutdown/reboot.
Signed-off-by: Torbjörn Svensson <azoff@svenskalinuxforeningen.se>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Changelog:
- Fix issue with memory leak and TLS certificates
- Fix issue with buffer size and TLS PRF handling
- Add support for D-Bus non-root ObjectManager
Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
The coreutils implementation of stdbuf uses LD_PRELOAD
to dynamically load libstdbuf which calls setvbuf().
This can't be implemented simply in busybox since it produces
one or two statically linked executables. Therefore, stdbuf
should be packaged separately for people who are using busybox
instead of coreutils for the other tools.
coreutils depends on the new package,
so nothing changes when installing coreutils.
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|