Age | Commit message (Collapse) | Author |
|
Specify tmpdir for opkg via '-t' option so that opkg does not use
the default 'TMPDIR' which usually is '/tmp' on build host.
This would solve race problems like below.
sh: /tmp/opkg-rOG6Tl/opkg-intercept-iPoEp5/depmod: Permission denied
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Order is not preserved in dict() and this code depends on the order of
these lists of package architectures used when multilibs are enabled.
This caused 'random' breakage where sometimes the correct order was present
and sometimes it wasn't.
Use collections.OrderedDict() to avoid this problem.
Kudos to Bill Randle and Alejandro Hernandez who did most of the work debugging
this, I simply took the problem they identified and wrote a patch to fix it.
This unblocks the M1 build but this code needs auditing as there are clearly
other ordering issues (e.g. the set() usage).
[YOCTO #9717]
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Adds decoding needed by some commands output later used as
strings.
[YOCTO #9702]
Signed-off-by: Mariano Lopez <mariano.lopez@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
string.rstrip() doesn't exist in Python 3, so use the .rstrip method on the
object itself instead.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This patch contains all the other misc pieces of the transition to
python3 which didn't make sense to be broken into individual patches.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Iterators now return views, not lists in python3. Where we need
lists, handle this explicitly.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
In python3, strings are unicode by default. We need to encode/decode
from command pipelines and other places where we interface with the
real world using the correct locales. This patch updates various
call sites to use the correct encoding/decodings.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The syntax for octal values changed in python3, adapt to it.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Having the package path with all the other package info allows to
reuse more code and have this information outside the package manager,
without additional processing.
[YOCTO #8536]
Signed-off-by: Mariano Lopez <mariano.lopez@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
|
|
This new method extract the content of RPM file to a tmpdir,
without actually installing the package.
[YOCTO #9569]
Signed-off-by: Mariano Lopez <mariano.lopez@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Sometimes it is needed to have the content of a package outside
the recipe context. This new method extract the content of an
IPK/DEB file to a tmpdir, without actually installing the package.
A new OpkgDpkgPM class was added to share the code for opkg and dpkg.
There were need some changes to opkg_query() in order to use it
with apt-cache output. Also set default values to avoid UnboundLocalError
[YOCTO #9569]
Signed-off-by: Mariano Lopez <mariano.lopez@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
When using the opkg and apt-get package managers the function
opkg_query() can be useful when query for package information.
This change moves the function outside the Indexer class so
the Indexer, OpkgPM, DpkgPM can benefit from it.
[YOCTO #9569]
Signed-off-by: Mariano Lopez <mariano.lopez@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
opkg does not return a non-zero exit code even if it found
errors. When that happens, parsing the output leads to strange
follow-up errors.
To avoid this we need to check explicitly for non-empty
stderr. Reporting only that on a failure also leads to shorter error
messages (stdout may be very large).
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Simplify the RPM code by removing support for RPM 4 now that we've
dropped the RPM 4 recipe.
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
When writing the index using ipk packages there could be a race condition
when populate the index. This happens because the architectures
are repeated (specially all) and the commands generated to write the index
run in parallel.
This change avoid the duplication of commands using a set instead of a list.
[YOCTO #8924]
Signed-off-by: Mariano Lopez <mariano.lopez@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signing package feeds will default to ascii armored signatures (ASC) the
other option being binary (BIN). This is for both rpm and ipk backends.
Signed-off-by: Ioan-Adrian Ratiu <adrian.ratiu@ni.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Create gpg signed ipk package feeds using the gpg backend if configured
Signed-off-by: Ioan-Adrian Ratiu <adrian.ratiu@ni.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
meta/lib/oe/package_manager.py was also updated. This ensures that any
diagnostic messages are ignored from the output of rpmresolve.
The patches have been split into bug fixes (things that belong upstream)
and local changes that are OE specific.
The following patches are obsolete and have been removed:
rpm-remove-sykcparse-decl.patch
fstack-protector-configure-check.patch
rpm-disable-Wno-override-init.patch
rpm-lua-fix-print.patch
rpm-rpmpgp-fix.patch
verify-fix-broken-logic-for-ghost-avoidance-Mark-Hat.patch
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
|
|
Previously the keys were put into the os-release package. The package
indexing code was also deploying the keys rather than only using the keys.
This change makes signing-keys.bb the only publisher of the keys and also
uses standard tasks that already have sstate.
Signed-off-by: Randy Witt <randy.e.witt@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Refactor the LocalSigner class. Do not store keyid or passphrase file in
the signer object as they are only needed for some of the methods. For
example, the newly added verify() method does not need any key
parameters and export_pubkey only uses keyid.
Signed-off-by: Markus Lehtonen <markus.lehtonen@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This if branch is causing the following error during do_rootfs:
"Exception: UnboundLocalError: local variable 'cfg_file' referenced
before assignment". This happends because the cfg_file variable is
defined at a deeper nesting level (just above the if branch).
Signed-off-by: Ioan-Adrian Ratiu <adrian.ratiu@ni.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Remove opkg package feed lists after generating the rootfs. The
lists have been generated by the local feed but are no longer
necessary after image generation. This still leaves the package
management fully usable (and hence is different from omitting
package-management from IMAGE_FEATURES).
Signed-off-by: Stefan Agner <stefan.agner@toradex.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Add a new Python module (oe.gpg_sign) for handling GPG signing
operations, i.e. currently package and package feed signing. The purpose
is to be able to more easily support various signing backends and to be
able to centralise signing functionality into one place (e.g. package
signing and sstate signing). Currently, only local signing with gpg is
implemented.
[YOCTO #8755]
Signed-off-by: Markus Lehtonen <markus.lehtonen@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
This prevents an error in do_populate_sdk when building
buildtools-tarball with ipk as the package manager:
Exception: UnboundLocalError: local variable 'pkg' referenced
before assignment
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Now that the method list() is not used anymore, remove it.
[YOCTO #7427]
Signed-off-by: Mariano Lopez <mariano.lopez@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
This patch changes the use list_pkgs() instead of list()
from class RpmPkgsList. The change is in two functions,
image_list_installed_packages from rootfs.py and
sdk_list_installed_packages from sdk.py.
With this change the functions calling the functions
listed above, must format the output as they required.
The formatting can be done using format_pkg_list() from
oe.utils.
The classes calling the afected functions are changed too
with this patch, to keep the same functionality using the
new data structure.
[YOCTO #7427]
Signed-off-by: Mariano Lopez <mariano.lopez@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Currently the class PkgList returns a formated string of the
installed packages. It would be more clean to pass a standard
data structure to the callers instead to format the output
inside PkgsList class.
This patch adds list_pkgs() method to PkgsList class to get the
all the information for installed packages and return a dictionary
with the info.
[YOCTO #7427]
Signed-off-by: Mariano Lopez <mariano.lopez@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
* tmp/deploy/deb subdirectories do not get hyphens replaced
with underscores, so don't do that translation when building
the sources list.
* Fix MULTILIB_VARIANTS handling to be more general and
work for all architectures
* Also include a fix for a warning generated by apt
due to missing apt/preferences.d directory.
Signed-off-by: Matt Madison <matt@madison.systems>
Signed-off-by: Aníbal Limón <anibal.limon@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
By default, smart is invoked with --log-level=warning, which hides all
output from pre/post install scriptlets. That makes it hard to debug
scriptlet failure or why they get postponed to first-boot via
/etc/rpm-postinst.
The new ROOTFS_RPM_DEBUG variabled is expected to be set to an integer in
local.conf an incrementally adds more output:
0 = default, only warnings
1 = --log-level=info (includes information about executing scriptlets and their output)
2 = --log-level=debug
3 = --log-level=debug plus dumps of scriplet content and command invocation
The default behavior is not changed yet, but it seems that level 1 would
be a better default.
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
The recently introduced PACKAGE_FEED_PREFIX is not flexible enough for
constructing URIs, because the same PREFIX is used for all PACKAGE_FEED_URIS.
Also, the string 'PREFIX' is confusing because it is not at the beginning of
the URI. The variable PACKAGE_FEED_BASE_PATHS replaces PACKAGE_FEED_PREFIX,
allowing multiple base paths to be appended on each PACKAGE_FEED_URIS. In the
other hand, a new variable called PACKAGE_FEED_ARCHS, similar in concept to
PACKAGE_BASE_PATHS, defines package architectures defined by the user.
To demonstrate the usage of the PACKAGE_FEED_URIS, PACKAGE_FEED_BASE_PATHS and
PACKAGE_FEED_ARCHS, let's assume these variables are set on local.conf
PACKAGE_FEED_URIS = "https://example.com/packagerepos/release \
https://example.com/packagerepos/updates"
PACKAGE_FEED_BASE_PATHS = "rpm rpm-dev"
PACKAGE_FEED_ARCHS = "all core2-64"
the resulting feeds would be
https://example.com/packagerepos/release/rpm/all
https://example.com/packagerepos/release/rpm/core2-64
https://example.com/packagerepos/release/rpm-dev/all
https://example.com/packagerepos/release/rpm-dev/core2-64
https://example.com/packagerepos/updates/rpm/all
https://example.com/packagerepos/updates/rpm/core2-64
https://example.com/packagerepos/updates/rpm-dev/all
https://example.com/packagerepos/updates/rpm-dev/core2-64
Signed-off-by: Leonardo Sandoval <leonardo.sandoval.gonzalez@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
the default
* without this the do_rootfs task doesn't respect OPKGLIBDIR and
info, status are created in different directory than opkg on
target expects
* people who modify OPKGLIBDIR need to make sure that opkg.conf included
in opkg package also sets info_dir and status_file options
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
This change removes the file installed_pkgs.txt after it
was used for installation of complementary packages. This
file was causing confusion when left in the WORKDIR after
the build.
Signed-off-by: Mariano Lopez <mariano.lopez@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed package feeds are not yet implemented for these package formats.
Signed-off-by: Markus Lehtonen <markus.lehtonen@linux.intel.com>
|
|
If defined, use GPG_PATH as the gpg home directory when signing package
feeds. This setting is only used by package_manager if package feed
singning has been enabled, i.e. PACKAGE_FEED_SIGN="1".
Signed-off-by: Markus Lehtonen <markus.lehtonen@linux.intel.com>
|
|
Without explicit sorting, the output generated by OpkgPkgsList().list
follows the order of packages in /var/lib/opkg/status, which appears
to be "random". Add sorting to make OpkgPkgsList().list behaviour
consistent with that of RpmPkgsList().list.
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
If you build buildtools-tarball with opkg as the package manager, it
passes in an empty target packages list and fails.
This allows the code to cope with an empty package list (in sync
with the rpm backend).
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
When configure multilib, "bitbake <image_bb> -c populate_sdk" should
install all arch toolchains (for example, 32 and 64bit), but rpm not
handle the multilib requires correctly, for example:
lib32-packagegroup-core-standalone-sdk-target requires lib32-libc6, rpm
may pull in libc6 rather than lib32-libc6, there are the similar issue
when:
IMAGE_INSTALL_append += "lib32-packagegroup-foo foo"
Use bitbake to expand the RDEPENDS will fix the problem since bitbake
knows mlprefix and handle it well, but rpm doesn't.
This patch only affects when:
IMAGE_INSTALL = "lib32-foo foo"
Doesn't affect:
IMAGE_INSTALL = "lib32-foo1 lib32-foo2"
Or:
IMAGE_INSTALL = "foo1 foo2"
[YOCTO #8089]
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Fixed when:
PACKAGE_CLASSES = "package_rpm"
IMAGE_INSTALL_append = " perl-module-warnings-register"
$ bitbake core-image-minimal
[snip]
ERROR: perl-module-warnings-register not found in the base feeds
[snip]
And it works well when PACKAGE_CLASSES = "package_ipk" since perl
provides perl-module-warnings-register, the "smart install
perl-module-warnings-register" also works well, this was because
_search_pkg_name_in_feeds() only searched pkg name, but no provides,
this patch fixes the problem.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Instead of hardcode paths (/rpm/, /ipk/, /deb/), use a user-defined prefix
when creating the URI feeds. URIs now will have the following syntax:
PACKAGE_FEED_URIS_1/PACKAGE_FEED_PREFIX
PACKAGE_FEED_URIS_2/PACKAGE_FEED_PREFIX
.
where PACKAGE_FEED_URIS = "PACKAGE_FEED_URIS_1 PACKAGE_FEED_URIS_2 ...."
[YOCTO #5407]
Signed-off-by: Leonardo Sandoval <leonardo.sandoval.gonzalez@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This change makes it possible to create GPG signed RPM package feeds -
i.e. package feed with GPG signed metadata (repodata). All deployed RPM
repositories will be signed and the GPG public key is copied to the rpm
deployment directory.
In order to enable the new feature one needs to define four variables in
bitbake configuration.
1. 'PACKAGE_FEED_SIGN = "1"' enabling the feature
2. 'PACKAGE_FEED_GPG_NAME = "<key_id>"' defining the GPG key to use for
signing
3. 'PACKAGE_FEED_GPG_PASSPHRASE_FILE = "<path_to_file>"' pointing to a
file containing the passphrase for the secret signing key
4. 'PACKAGE_FEED_GPG_PUBKEY = "<path_to_pubkey>"' pointing to the
corresponding public key (in "armor" format)
The user may define "GPG_BIN" in the bitbake configuration in order to
specify a specific the gpg binary/wrapper to use for signing.
[YOCTO #8134]
Signed-off-by: Markus Lehtonen <markus.lehtonen@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This patch adds a new bbclass for generating rpm packages that are
signed with a user defined key. The packages are signed as part of the
"package_write_rpm" task.
In order to enable the feature you need to
1. 'INHERIT += " sign_rpm"' in bitbake config (e.g. local or
distro)
2. Create a file that contains the passphrase to your gpg secret key
3. 'RPM_GPG_PASSPHRASE_FILE = "<path_to_file>" in bitbake config,
pointing to the passphrase file created in 2.
4. Define GPG key name to use by either defining
'RPM_GPG_NAME = "<key_id>" in bitbake config OR by defining
%_gpg_name <key_id> in your ~/.oerpmmacros file
5. 'RPM_GPG_PUBKEY = "<path_to_pubkey>" in bitbake config pointing to
the public key (in "armor" format)
The user may optionally define "GPG_BIN" variable in the bitbake
configuration in order to specify a specific gpg binary/wrapper to use.
The sign_rpm.bbclass implements a simple scenario of locally signing the
packages. It could be replaced by a more advanced class that would
utilize a separate signing server for signing the packages, for example.
[YOCTO #8134]
Signed-off-by: Markus Lehtonen <markus.lehtonen@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Changes required:
- Rename opkg-cl to opkg
- Add libarchive dependency
- Drop backport patches
- Drop obsolete directory options
- Add patch to handle empty index files
Based on initial work by Paul Barker.
Signed-off-by: Alejandro del Castillo <alejandro.delcastillo@ni.com>
CC: Paul Barker <paul@paulbarker.me.uk>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
A few short fixes to splitting/iteration done over package lists
in license.bbclass, package_manager.py and rootfs.py.
[YOCTO #7664]
Signed-off-by: Alex Franco <alejandro.franco@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The insert_feed_uris() method of OpkgPM was creating an initial
entry in the feeds list which pointed to the root of the ipk
directory, however the on-device package manager can't consume
this feed resulting in runtime errors - therefore we remove the
code to generate that initial feed uri.
Signed-off-by: Joshua Lock <joshua.lock@collabora.co.uk>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
quiet means that no warnings are shown on the console and really is too
quiet for our needs. This is more verbose but that is better than too
little and does aid debugging things when they go wrong.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Rather than just use d.getVar(X), use the more explict d.getVar(X, False)
since at some point in the future, having the default of expansion would
be nice. This is the first step towards that.
This patch was mostly made using the command:
sed -e 's:\(getVar([^,()]*\)\s*):\1, False):g' -i `grep -ril getVar *`
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
If you were using deb packaging, had buildhistory enabled and produced
an SDK that contained no packages in one of the sysroots (such as with
uninative-tarball) then the do_populate_sdk was failing with a python
traceback because there were no fields to split in the output line.
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Path of rpm post install script is different between rpm 4 and 5
Signed-off-by: Jean-Benoit MARTIN <jean-benoit.martin@open.eurogiciel.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Rpm database in staging area is used only by createrepo.
createrepo fails with the error
"rpmdb: BDB0060 PANIC: fatal region error detected"
if rpm database is broken during previous run of createrepo.
Made createrepo to create rpm db in $WORKDIR/rpmdb/ from scratch
for every build and architecture. This should potentially fix the
failure as every run of createrepo will be using separate db.
[YOCTO #6571]
Signed-off-by: Ed Bartosh <ed.bartosh@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|