Richard Purdie [Thu, 24 Jul 2014 21:09:09 +0000 (22:09 +0100)]
populate_sdk_base: Extend TOOLCHAIN_TARGET_TASK to include multilib variants
Most people expect the toolchain from a multilib build to contain multilib
components. This change makes that happen and is easy for users to override
should they want something different.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
libomxil-0.9.3: Remove versioning for bellagio .so files.
The so files installed under ${libdir}/bellagio are not versioned and should
be installed without version-based symlinks so that omxregister-bellagio
can properly find and register them.
Signed-off-by: Drew Moseley <drew_moseley@mentor.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Mike Crowe [Thu, 24 Jul 2014 11:24:53 +0000 (12:24 +0100)]
allarch: Generate same package for MIPS and non-MIPS targets
LINKER_HASH_STYLE differs between MIPS and non-MIPS targets. This means
that LDFLAGS differs too. LDFLAGS is exported so it influences all task
hashes. Unfortunately this means that packages with architecture "all"
differ depending on whether they are built for a MIPS or non-MIPS target.
This causes a lot of unnecessary churn in the ipk/all directory when
switching build targets.
The simplest way to fix this is to ensure that LDFLAGS stays the same for
architecture "all" packages by clearing it. It shouldn't being used by such
packages anyway.
Signed-off-by: Mike Crowe <mac@mcrowe.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Thu, 24 Jul 2014 19:47:08 +0000 (20:47 +0100)]
libice: fix non-deterministic libbsd dependency
libice 1.0.9 added automatic detection of arc4random(), which is in libbsd on
Linux. As this is automatic and leads to failing builds when ssstate is reused,
seed the autoconf cache as relevant to implement a PACKAGECONFIG for the
functionality.
Default to not using arc4random() as the fallback has been in use for many
years, but people interested in security may wish to turn this on to increase
the security of the X authentication cookies.
Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Bruce Ashfield [Tue, 22 Jul 2014 20:40:39 +0000 (16:40 -0400)]
linux-yocto/3.14: libata and generic CPU modalias handling
Updating the 3.14 yocto kernel to incorporate the following fix
and feature of interest.
5724bf17acbf x86: align x86 arch with generic CPU modalias handling 6b9a52451a78 cpu: add generic support for CPU feature based module 38367de316bb libata: support the ata host which implements a queue depth less than 32
[YOCTO: #6489]
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Bruce Ashfield [Mon, 21 Jul 2014 18:09:11 +0000 (14:09 -0400)]
kernel: don't copy .so.dbg files into kernel source install
In 3.16+ x86-64 kernel builds produce a vdso64.so.dbg file. If this file is
copied into the kernel source install multiple QA failures are triggered.
Specifically, this file triggers a debug package split that results in
files installed but not shipped, and invalid .debug file errors.
By ensuring that .so files are not copied, we avoid this incorrect split
with no impact on future build phases.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Bruce Ashfield [Thu, 17 Jul 2014 19:15:32 +0000 (15:15 -0400)]
lttng-modules: update to 2.5.0
During the uprev of the yocto kernel to 3.16, lttng-modules failed to build.
To grab the latest stable content, we update to 2.5.0, and add two patches
to also make it build against 3.16+.
We also drop the older 2.3.3 lttng-modules, since it is no longer required
to support ARM builds.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Richard Purdie [Wed, 9 Jul 2014 20:26:56 +0000 (21:26 +0100)]
insane: Add build depends check
Now that we can get the task dependency tree from bitbake, we can start
to use this to strengthen our QA checks. If a dependency is added on
something which isn't in our dependency tree, that is obviously a bad
thing for example.
This patch therefore checks the RDEPENDS against the list of tasks and
ensures we do have a dependency present, if not a QA warning or error
can be issued through the usual mechanism.
The implementation is complicated by needing to resolve the RDEPENDS to
a PN using pkgdata. Its possible that can be an RPROVIDES of another
package so we need to check that too if it isn't a direct RDEPENDS.
To allow this test to work, we need to extend the do_package_qa
dependencies to include all RDEPENDS. In practise the do_package_write_*
tasks already do this so there should be no new circular dependencies or
any issues like that.
For now the issues are warnings as there are issues this finds in
OE-Core which need to be resolved and certainly will be in other layers
too. This change should simplify and assist some of Martin's dependency
scripts, the idea for this came from a discussion with Martin. It has
changed in that it doesn't just cover shlibs dependencies but checks all
dependencies.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Tue, 22 Jul 2014 07:46:36 +0000 (15:46 +0800)]
gst-ffmpeg: Add CVE patches
Security Advisory - ffmpeg - CVE-2013-0866
The aac_decode_init function in libavcodec/aacdec.c in FFmpeg before
1.0.4 and 1.1.x before 1.1.2 allows remote attackers to have an
unspecified impact via a large number of channels in an AAC file, which
triggers an out-of-bounds array access.
The ff_add_png_paeth_prediction function in libavcodec/pngdec.c in
FFmpeg before 1.1.3 allows remote attackers to have an unspecified
impact via a crafted PNG image, related to an out-of-bounds array
access.
The ff_er_frame_end function in libavcodec/error_resilience.c in FFmpeg
before 1.0.4 and 1.1.x before 1.1.1 does not properly verify that a
frame is fully initialized, which allows remote attackers to trigger a
NULL pointer dereference via crafted picture data.
Double free vulnerability in the vp3_update_thread_context function in
libavcodec/vp3.c in FFmpeg before 0.10 allows remote attackers to have
an unspecified impact via crafted vp3 data.
The ff_h264_decode_sei function in libavcodec/h264_sei.c in FFmpeg
before 0.10 allows remote attackers to have an unspecified impact via
crafted Supplemental enhancement information (SEI) data, which triggers
an infinite loop.
The ff_combine_frame function in libavcodec/parser.c in FFmpeg before
2.1 does not properly handle certain memory-allocation errors, which
allows remote attackers to cause a denial of service (out-of-bounds
array access) or possibly have unspecified other impact via crafted
data.
The rpza_decode_stream function in libavcodec/rpza.c in FFmpeg before
2.1 does not properly maintain a pointer to pixel data, which allows
remote attackers to cause a denial of service (out-of-bounds array
access) or possibly have unspecified other impact via crafted Apple RPZA
data.
Integer overflow in the alac_decode_close function in libavcodec/alac.c
in FFmpeg before 1.1 allows remote attackers to have an unspecified
impact via a large number of samples per frame in Apple Lossless Audio
Codec (ALAC) data, which triggers an out-of-bounds array access.
Buffer overflow in FFmpeg before 0.5.6, 0.6.x before 0.6.4, 0.7.x before
0.7.8, and 0.8.x before 0.8.8 allows remote attackers to execute
arbitrary code via unspecified vectors.
The decode_init function in libavcodec/huffyuv.c in FFmpeg before 1.1
allows remote attackers to have an unspecified impact via a crafted
width in huffyuv data with the predictor set to median and the
colorspace set to YUV422P, which triggers an out-of-bounds array access.
The smacker_decode_header_tree function in libavcodec/smacker.c in
FFmpeg before 0.10 allows remote attackers to have an unspecified impact
via crafted Smacker data.
Multiple integer signedness errors in libavcodec/dsputil.c in FFmpeg
before 2.1 allow remote attackers to cause a denial of service
(out-of-bounds array access) or possibly have unspecified other impact
via crafted data.
The decode_mb function in libavcodec/error_resilience.c in FFmpeg before
0.10 allows remote attackers to have an unspecified impact via vectors
related to an uninitialized block index, which triggers an out-of-bound
write.
Array index error in the qdm2_decode_super_block function in
libavcodec/qdm2.c in FFmpeg before 1.1 allows remote attackers to have
an unspecified impact via crafted QDM2 data, which triggers an
out-of-bounds array access.
The av_probe_input_buffer function in libavformat/utils.c in FFmpeg
before 1.0.2, when running with certain -probesize values, allows remote
attackers to cause a denial of service (crash) via a crafted MP3 file,
possibly related to frame size or lack of sufficient frames to estimate
rate.
The prepare_sdp_description function in ffserver.c in FFmpeg before
1.0.2 allows remote attackers to cause a denial of service (crash) via
vectors related to the rtp format.
Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ting Liu [Wed, 23 Jul 2014 03:58:56 +0000 (11:58 +0800)]
perf: remove CFLAGS override
definition of __SANE_USERSPACE_TYPES__ was added in kernel source by
commit e3541ec75219819d3235f80125a1a75d798ff6e1
perf tools, powerpc: Fix compile warnings in tests/attr.c
Overriding the CFLAGS makes it impossible for kernel build system to
append to it, thus making the build fail in various ways as:
| CC /.../perf/1.0-r9/perf-1.0/perf.o
| In file included from builtin.h:4:0,
| from perf.c:9:
| util/util.h:74:24: fatal error: lk/debugfs.h: No such file or directory
| #include <lk/debugfs.h>
| ^
| compilation terminated.
Signed-off-by: Ting Liu <ting.liu@freescale.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
bitbake.conf: move BB_NUMBER_THREADS and PARALLEL_MAKE to bitbake.conf
Currently, BB_NUMBER_THREADS and PARALLEL_MAKE default to unset and
are set in local.conf. Now that we have the automatic probing,
the default values can be set in bitbake.conf and an example of
explicitly defining how many tasks to run can be moved to
local.conf.sample.extended.
[YOCTO #6217]
Signed-off-by: Roxana Ciobanu <roxana.ciobanu@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Wed, 23 Jul 2014 16:05:44 +0000 (17:05 +0100)]
sanity: Check for setgid/setuid TMPDIR
Building in a TMPDIR which has setgid or setuid is a bad idea. We could try and reset
the permissions but since these can also invade into other directories like the cache
or sstate, lets tell the user to fix it instead.
[YOCTO #6519]
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ben Shelton [Wed, 23 Jul 2014 16:22:44 +0000 (11:22 -0500)]
initscripts: fix bashism in bootmisc.sh
In the commit 'initscripts: save /etc/timestamp with seconds accuracy',
a bashism was introduced in the bootmisc.sh script in the code to set
the current date from the stored value in /etc/timestamp. This causes
that operation to fail with the following message when /bin/sh is not
bash:
/etc/init.d/rc: /etc/rcS.d/S55bootmisc.sh: line 73: syntax error: bad substitution
Fixed by using pattern matching removal rather than bash-specific
substring expansion.
[YOCTO #6566]
Signed-off-by: Ben Shelton <ben.shelton@ni.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Richard Tollerton <rich.tollerton@ni.com> Signed-off-by: Ben Shelton <ben.shelton@ni.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
sysvinit: bootlogd: ensure /var/log/boot is created in volatiles
bootlogd does not write to /var/log/boot if it does not exist,
so if using the volatiles facility (presumed to mount /var/log under a
tmpfs), ensure that /var/log/boot gets created.
Signed-off-by: Richard Tollerton <rich.tollerton@ni.com> Signed-off-by: Ben Shelton <ben.shelton@ni.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
sysvinit: bootlogd: Don't run savelog if it's not installed
bootlogd's default log rotation code on stop requires `savelog`, which
is in debianutils, which may not be installed. If it's not installed,
don't try to perform the log rotation.
That is: in the affected code block, `savelog` is what is responsible
for creating "boot.0". When `savelog` doesn't exist, an error message
gets printed on bootup to the effect of "mv: can't find boot.0".
Signed-off-by: Richard Tollerton <rich.tollerton@ni.com> Signed-off-by: Ben Shelton <ben.shelton@ni.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The messages echoed when starting and stopping bootlogd are currently
printed regardless of the setting of VERBOSE. Adjust the initscript so
they're only printed when VERBOSE is enabled.
Signed-off-by: Richard Tollerton <rich.tollerton@ni.com> Signed-off-by: Ben Shelton <ben.shelton@ni.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Tue, 22 Jul 2014 18:38:19 +0000 (19:38 +0100)]
xcb-util-wm: upgrade to 0.4.1
Licence checksums changes as the files previously checksummed were generated and
subsequently removed from the tarball. Change the checksums to use the source
files instead.
Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Chong Lu [Tue, 22 Jul 2014 03:16:52 +0000 (11:16 +0800)]
adt-installer: fix sed input file error
When use default install directory, we can't get the environment setup
script path. The reason is that opkg-cl list incorrect files paths.
This patch sets env_script variable to make us get correct environment
setup script path.
[YOCTO #6443]
Signed-off-by: Chong Lu <Chong.Lu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
When building out a systemd based image, the udev-hwdb postinstall
script always fails at rootfs time. This is because that the 'udevadm'
command used in udev-hwdb postinstall script is now in the udev
package and udev recommends udev-hwdb.
Instead of letting udev recommends udev-hwdb, we let systemd do it
and make udev-hwdb rdepend on udev.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
In systems where bash is not installed and /bin/sh is provided by
busybox. Commands like `su -l -c '/home/root/test' xuser' would fail
complaining the the 'su' applet could not be found.
This patch references the old version of shadow to keep the behaviour
the way it was in old version so that we would avoid the problem mentioned
above.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Darren Hart [Mon, 21 Jul 2014 23:46:50 +0000 (23:46 +0000)]
mkefidisk.sh: Add signal handling
Add basic signal handling to unmount and remove any temporary files.
Correct a quoting issue with the die() function caught testing signal
handling.
Fix a minor typo in "formatting" output.
Signed-off-by: Darren Hart <dvhart@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ben Shelton [Mon, 21 Jul 2014 16:53:47 +0000 (11:53 -0500)]
busybox: mdev: Ensure /dev/initctl exists after tmpfs mount
During boot, there is a brief window during which /dev/initctl is
missing, which breaks initscripts that would need to access it. This
occurs because /etc/init.d/mountall.sh (rcS.d/S02...) attempts to ensure
/dev/initctl is present, but /etc/init.d/mdev (rcS.d/S06...) mounts over
/dev and clobbers the work done by mountall, and then does not wait
synchronously until initctl is ready before continuing.
To close this window, in /etc/init.d/mdev, we check whether /dev/initctl
is present, and if not, we remove it and recreate it. This is the same
thing that is done by /etc/init.d/mountall.sh, and we have verified that
any writers of /dev/initctl will wait synchronously until sysvinit
notices the change in fd and does the read, so no race exists.
Signed-off-by: Richard Tollerton <rich.tollerton@ni.com> Signed-off-by: Ben Shelton <ben.shelton@ni.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Bill Pittman [Mon, 21 Jul 2014 16:53:46 +0000 (11:53 -0500)]
busybox: mdev: Use mdev.seq
/dev/mdev.seq exists to synchronize concurrently running instances of
mdev and to ensure that they execute in the proper order. Without this
synchronization, it is possible to have inconsistent mount points, to
leak device nodes, or to have a node erroneously removed in rapid
hotplug scenarios.
Enable the use of mdev.seq by creating an empty /dev/mdev.seq at boot.
Signed-off-by: Richard Tollerton <rich.tollerton@ni.com> Signed-off-by: Ben Shelton <ben.shelton@ni.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Otherwise, users cannot use named semaphores or shared memory.
Signed-off-by: Richard Tollerton <rich.tollerton@ni.com> Signed-off-by: Ben Shelton <ben.shelton@ni.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Darren Hart [Mon, 21 Jul 2014 16:12:48 +0000 (09:12 -0700)]
mkefidisk.sh: Remove initrd entry for gummiboot
My previous patch adding gummiboot support was missing the line to
remove the initrd line from the boot config. This was an oversight in
copying over the grub setup to gummiboot. Add the necessary logic to
remove it.
Signed-off-by: Darren Hart <dvhart@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
image.bbclass/rootfs.py: add variables to rootfs[vardeps]
Added base variables and package backend specific variables to
rootfs[vardeps] in order for rootfs to rebuild when changes are made.
Set some variables as [func] to inform bitbake that they are shell
scripts, so that it invokes its shell dependency parsing. Without
marking them as functions, changes in the actual function body would
not trigger rootfs rebuilds.
[YOCTO #6502]
Signed-off-by: Roxana Ciobanu <roxana.ciobanu@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Otavio Salvador [Fri, 18 Jul 2014 16:47:06 +0000 (13:47 -0300)]
alsa-tools: Disable use of GTK+ when not using X11
The GTK+3 does not provide support for DirectFB backend so we cannot
enable GTK+ features of alsa-tools in this case; GTK+2 does not provide
support for Wayland.
This patch changes GTK+ support to be enabled only when X11 support is
enabled.
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
buildtools-tarball: Add wget to buildtools-tarball
GNU Wget cannot be upgrated to a newer that 1.12 version on supported
Centos distro. GNU Wget 1.12 and earlier uses a server-provided filename
instead of the original URL to determine the destination filename of a
download.
This means the files downloaded when fetching cannot be properly used:
$ wget http://www.balabit.com/downloads/files/syslog-ng/open-source-edition/3.4.2/source/eventlog_0.2.13.tar.gz
$ ls
eventlog_0.2.13.tar.gz?AWSAccessKeyId=AKIAICTJ5MANGPMOH7JA&Expires=1400838672&Signature=TjakOBpOvHtEKKDgF14iVinWpY0=
This in turn lead to build errors like:
WARNING: Failed to fetch URL http://www.balabit.com/downloads/files/syslog-ng/open-source-edition/3.4.2/source/eventlog_0.2.13.tar.gz, attempting MIRRORS if available
ERROR: Fetcher failure for URL: 'http://www.balabit.com/downloads/files/syslog-ng/open-source-edition/3.4.2/source/eventlog_0.2.13.tar.gz'. The fetch command returned success for url http://www.balabit.com/downloads/files/syslog-ng/open-source-edition/3.4.2/source/eventlog_0.2.13.tar.gz but /path/to/downloads/eventlog_0.2.13.tar.gz doesn't exist?!
ERROR: Function failed: Fetcher failure for URL: 'http://www.balabit.com/downloads/files/syslog-ng/open-source-edition/3.4.2/source/eventlog_0.2.13.tar.gz'. Unable to fetch URL from any source.
ERROR: Logfile of failure stored in: /path/to/tmp/work/ppce500v2-enea-linux-gnuspe/eventlog/0.2.13-r0/temp/log.do_fetch.28302
ERROR: Task 4 (/path/to/poky/meta-openembedded/meta-oe/recipes-support/eventlog/eventlog_0.2.13.bb, do_fetch) failed with exit code '1'
[YOCTO #6549]
Signed-off-by: Tudor Florea <tudor.florea@enea.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The so files installed by libomxil are not versioned and should
be installed without version-based symlinks so that omxregister-bellagio
can properly find and register them.
Signed-off-by: Drew Moseley <drew_moseley@mentor.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Peter Seebach [Fri, 18 Jul 2014 18:49:25 +0000 (13:49 -0500)]
pseudo: uprev to 1.6.1
Pseudo now automatically tries to shut down the server after running
single commands under pseudo ("pseudo <cmd>"), which means it can
print a useless "server already offline" message in some cases. The
message has been changed to a debugging message only.
The glibc symbol versions for memcpy were being applied to non-x86
targets, unintentionally, which broke builds for at least some targets.
(But pseudo doesn't usually get built for targets so it didn't
get noticed right away.)
Signed-off-by: Peter Seebach <peter.seebach@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Darren Hart [Fri, 18 Jul 2014 23:01:52 +0000 (23:01 +0000)]
kernelshark: Remove trace-cmd from the kernelshark package
Fixes [YOCTO 6550]
Images installing both trace-cmd and kernelshark would fail with:
error: file /usr/bin/trace-cmd conflicts between attempted installs of
kernelshark-1.2+git0+7055ffd37b-r3.core2_32 and
trace-cmd-1.2+git0+7055ffd37b-r3.core2_32
This patch removes ${bindir}/trace-cmd from the install prior to
packaging, as is already done with the ${datadir}.
Reported-by: California Sullivan <california.l.sullivan@intel.com> Signed-off-by: Darren Hart <dvhart@linux.intel.com>
(cherry picked from commit eb08ae8f729ef77329892d19b23ddfdaa7953de0) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Thu, 17 Jul 2014 16:41:18 +0000 (17:41 +0100)]
xf86-video-intel: disable non-deterministic tests for libX11
libX11 et al are checked for at confgure time and tests optionally built. As
these don't get installed we don't want to add build dependencies, but the
non-determinism means that builds can fail.
Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ming Liu [Tue, 15 Jul 2014 05:26:59 +0000 (13:26 +0800)]
insane.bbclass: avoid QA errors for n32 kernel
A series of commits had been integrated to avoid qa checking code
throwing the bitsize not matched error for x32 kernel files, the
same logic is also needed by n32 kernel which was not addressed in
that series.
This commit extends the condition for n32 kernel files.
Signed-off-by: Ming Liu <ming.liu@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ting Liu [Wed, 16 Jul 2014 10:35:58 +0000 (18:35 +0800)]
gcc: update *LIBC_* linker relocation reglex
* GLIBC_DYNAMIC_LINKER64 reglex does not work for rs6000/linux64.h,
update it.
* it turns out that UCLIBC_DYNAMIC_LINKER reglex will strip the 32/64
chars from UCLIBC_DYNAMIC_LINKER64/UCLIBC_DYNAMIC_LINKER32, add '\b'.
my two PCs: Centos 6.5 (python 2.7.5) and Fedora 13 (python 2.7.3)
Signed-off-by: Ting Liu <ting.liu@freescale.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Stopping sshd must only kill the listening (top-level) daemon; it must
not stop any other sshd process, because those are forked ssh
connections which may include e.g. the connection that called
/etc/init.d/sshd stop.
This initscript uses "start-stop-daemon -x <exe>" for starting/stopping.
When that is provided by busybox, this behavior is broken:
`/etc/init.d/sshd stop` stops *all* sshd processes. This was caused by a
fix to busybox 1.20: 17eedcad9406c43beddab3906c8c693626c351fb
"ssd: compat: match -x EXECUTABLE by /proc/pid/exe too".
The fix is to use a pidfile. All initscripts in upstream openssh do this,
as does dropbear.
Acked-by: Gratian Crisan <gratian.crisan@ni.com> Acked-by: Ken Sharp <ken.sharp@ni.com> Signed-off-by: Richard Tollerton <rich.tollerton@ni.com> Signed-off-by: Ben Shelton <ben.shelton@ni.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
eglibc: rewritten tzselect as posix sh and move it to tzcode package
The problem is that this would cause bash installed to meta-toolchain,
the dependencies chain is:
meta-toolchain -> eglibc-utils -> bash
We should eliminate bash dependencies in anything core to a tiny system.
The eglibc-utils also provides eglibc-utils/usr/bin/zdump,
eglibc-utils/usr/bin/zic which all of them belonged to tzcode, so we
should split these three utils as tzcode package.
[YOCTO #6544]
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Darren Hart [Wed, 16 Jul 2014 14:16:02 +0000 (14:16 +0000)]
mkefidisk.sh: Add die() and cleanup() routines
Currently the script will attempt to continue even after a fatal error.
Add a die() routine which will abort in the case of a fatal error and
call a cleanup() routine to unmount any images or devices and remove the
TMPDIR.
Move the variable assignment and directory creation earlier in the
script, making it more obvious what we need to clean up.
Signed-off-by: Darren Hart <dvhart@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Darren Hart [Wed, 16 Jul 2014 14:16:01 +0000 (14:16 +0000)]
mkefidisk.sh: Improve logging
Add logging functions: error, warn, info, and success, using tput to add
color highlighting.
Use these routines throughout the script, replacing echo statements and
adding "|| error" in several places to eliminate silent failures. Add a
simple exit block which checks for issues encountered while running.
Signed-off-by: Darren Hart <dvhart@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Darren Hart [Wed, 16 Jul 2014 14:16:00 +0000 (14:16 +0000)]
mkefidisk.sh: Copy the EFI dir recursively
Rather than only copying the EFI/BOOT dir, copy the entire EFI dir
recursively. This allows for custom configurations to be enabled
implicitly with no extra work required.
Signed-off-by: Darren Hart <dvhart@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Source /etc/default/urandom if present. This allows the rootfs to
remain read-only while enabling the user to override the location of the
random seed file.
Signed-off-by: Richard Tollerton <rich.tollerton@ni.com> Signed-off-by: Ben Shelton <ben.shelton@ni.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
initscripts: make hostname.sh coreutils-compatible
inetutils and busybox hostname utils support `hostname -F`; coreutils
hostname doesn't. So just use `cat` instead.
Signed-off-by: Richard Tollerton <rich.tollerton@ni.com> Signed-off-by: Ben Shelton <ben.shelton@ni.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ken Sharp [Thu, 17 Jul 2014 21:56:55 +0000 (16:56 -0500)]
initscripts: Use current date as an additional source of entropy
If the seed file is empty or does not exist, the date is an extremely
poor backup source of entropy, but it is better than nothing.
Signed-off-by: Richard Tollerton <rich.tollerton@ni.com> Signed-off-by: Ben Shelton <ben.shelton@ni.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
initscripts: parametrize random seed file location
Currently, the random seed file location is hardcoded to
/var/lib/urandom/random-seed. Refactor it to a parameter
(RANDOM_SEED_FILE) so the file location is defined in only one place.
Signed-off-by: Richard Tollerton <rich.tollerton@ni.com> Signed-off-by: Ben Shelton <ben.shelton@ni.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
initscripts: save /etc/timestamp with seconds accuracy
Currently, /etc/timestamp is saved with minutes accuracy. To increase
the accuracy, modify the save-rtc.sh and bootmisc.sh scripts to save and
read /etc/timestamp respectively with seconds accuracy.
Signed-off-by: Richard Tollerton <rich.tollerton@ni.com> Signed-off-by: Ben Shelton <ben.shelton@ni.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
initscripts: bootmisc.sh: Make sysctl -p honor VERBOSE
busybox sysctl may lack the "-q" setting, so simulate it with redirects.
Signed-off-by: Richard Tollerton <rich.tollerton@ni.com> Signed-off-by: Ben Shelton <ben.shelton@ni.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Tim Orling [Thu, 17 Jul 2014 23:07:45 +0000 (16:07 -0700)]
libgpg-error: fix pkgconfig.patch
Typo in pkgconfig.patch:
-Libs: -L{libdir} -lgpg-error
vs.
+Libs: -L${libdir} -lgpg-error
This patch fixes failure in libgcrypt-native do_configure.
| ../x86_64-linux-libtool: line 6001: cd: {libdir}: No such file or directory
| x86_64-linux-libtool: link: cannot determine absolute directory name of `{libdir}'
Signed-off-by: Tim Orling <TicoTimo@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
