Patches are currently, crossing across repo boundaries, between glibc
and localedef, therefore it is better to divide the patches
accordiningly, with this patchset makery patch is spun out since that
applies to localedef alone.
There are no other code changes
(From OE-Core rev: 85b86bc810dcde3357d681ca8043883f2f4fdba0)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Cc: Jason Wessel <jason.wessel@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The script scans for services, parses them and makes sure those targets are still
there. The exists file check fails if the target is an alias, such as default.target
so add an additional test.
[YOCTO #13685]
(From OE-Core rev: 10bdbf033e51c97f6408c9114d480372135a2c2e)
Signed-off-by: Werner Grift <sky.captin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
busybox as well as vlock utility from meta-oe provides vlock utility
which can conflict when with kbd if pam is a enabled distro_feature
Fixes image build errors
update-alternatives: Error: not linking <rootfs>/usr/bin/vlock to /bin/busybox.suid since <rootfs>/usr/bin/vlock exists and is not a link
ERROR: yoe-qt5-wayland-image-1.0-r0 do_rootfs: Postinstall scriptlets of ['busybox'] have failed. If the intention is to defer them to first boot,
then please place them into pkg_postinst_ontarget_${PN} ().
Deferring to first boot via 'exit 1' is no longer supported.
(From OE-Core rev: 08636708f6ca677a6ee6c88fa2999c7b70b7d474)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The vlock doesn't exist if PAM isn't enabled.
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Switch to recently released version 1.1 of NVD CVE JSON feed, as in
https://nvd.nist.gov/General/News/JSON-1-1-Vulnerability-Feed-Release
it is mentioned that
Due to changes required to support CVSS v3.1 scoring, the JSON
vulnerability feeds must be modified. This will require the consumers
of this data to update their internal processes. We will be providing
the JSON 1.1 schema on the data feeds page and the information below
to prepare for this transition.
...
The JSON 1.1 data feeds will be available on September 9th, 2019. At
that time the current JSON 1.0 data feeds will no longer available.
This change was tested briefly by issuing 'bitbake core-image-minimal'
with 'cve-check.bbclass' inherited via local.conf, and then comparing
the content between the resulting two
'DEPLOY_DIR_IMAGE/core-image-minimal-qemux86.cve' files, which did not
seem to contain any other change, except total of 167 entries like
CVSS v3 BASE SCORE: 0.0
were replaced with similar 'CVSS v3 BASE SCORE:' entries which had
scores that were greater than '0.0' (up to '9.8').
(From OE-Core rev: cc20e4d8ff2f3aa52a2658404af9a0ff358cc323)
Signed-off-by: Niko Mauno <niko.mauno@iki.fi>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Remove 0001-This-fixes-an-issue-that-clang-reports-about-mutlipl.patch,
the problem has been fixed upstream.
Rebase the other patches.
License-Update: copyright years
(From OE-Core rev: 5372e1acdd68367e64d13e19d1beb2d7b3e3c224)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Rebase set-proper-path-of-resources.patch
Add a patch to address a string format error; as it modifies
a .l file, add a dependency on flex which is processing that into
C source code.
License-Update: file with copyright statements was replaced with original GPLv2 text
(From OE-Core rev: 729ac34dce472378cec5447c366a28de2081e7de)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
With this change, python 2.x recipes are ready to be moved to an external layer.
Once that happens, they will be removed from oe-core.
(From OE-Core rev: 3f8d803b76254e3bd2294cfd96a6a53859053423)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Change all recipes to https where we get an http 301 permanent redirect.
(From OE-Core rev: e514acda9e12bccde6d3974e0fd1a37b3837191a)
Signed-off-by: Stefan Müller-Klieser <s.mueller-klieser@phytec.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
netbase-add-rpcbind-as-an-alias-to-sunrpc.patch
Removed since it is included in 5.7
(From OE-Core rev: 18799b309e4ae221aef6a8e70ec5f1c1a3d11475)
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
ldconfig should be prior to glibc-utils in PACKAGES variable, or else
ldconfig binary would not be split to its own package, hence will lead
to runtime issues for the packages that depending on ldconfig, like
systemd.
(From OE-Core rev: 5101aecacfb5a8e48bba74b538742bef9409b999)
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Remove the generation of the testglibc script which could be used to run
the glibc test suite with a remote target. The same functionality can
now be achieved with the 'do_check' task of glibc-testsuite or with
oe-selftest (for automation of execution against qemu-user/qemu-system
targets).
(From OE-Core rev: 6d6fb46631d7d551cc2de48b51172cfcf36e8dd3)
Signed-off-by: Nathan Rossi <nathan@nathanrossi.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
rpm 4.15 no longer allows it, which makes sense.
(From OE-Core rev: 017d0f34619cf56dd223ba8c075af5f7e128e61b)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
We're about to need to use this variable in the main include file so
restructure the users of it to all set it appropriately.
(From OE-Core rev: 4a247e7c961286cbed73b6dc0f4074ecf856402a)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Make sure that the (newer) /dev/pts/ptmx is accessible by users. This
is useful e.g. when running containers which symlink /dev/ptmx to
/dev/pts/ptmx on start. The default mode (000) does not allow to
create ptys inside the container.
Using 666 when symlinking /dev/ptmx is also recommended by the kernel
documentation when /dev/ptmx is symlinked:
https://www.kernel.org/doc/Documentation/filesystems/devpts.txt
Also buildroot uses ptmxmode=0666. The patch introducing the change
explains related use cases why this is necessary a bit more in depth:
8196b299ba (diff-2d4604b9e565eb19fa52ce31f282f06c)
(From OE-Core rev: c999bc5ddd9beb5274f77b885e2ac71205e42266)
Signed-off-by: Stefan Agner <stefan.agner@toradex.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
texi2html isn't a build requirement and hasn't been since 2012 (oe-core
aa1c451).
(From OE-Core rev: 362fcae816e6985193c06e3848c20b6fa0bd1180)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Very little software needs intltool to build, and we don't need it on the host
to build Poky.
(From OE-Core rev: 0ba27bd08e9e5b20edbcb00316f785184c9d9fc7)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Intltool is deprecated these days, as gettext can handle almost everything
intltool could. Remove it from the SDK packagegroups, if it is needed then the
user can add it explicitly.
(From OE-Core rev: 52558efc0f401b665e5060c51d956e2337c47da8)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The last release of this was in 2002(!), kbd is the modern,
supported alternative.
(From OE-Core rev: 320319f24dd1be300bc89c52b97d1703eab83029)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
urllib handles adding proxy handlers if the proxies are set in the environment,
so call bb.utils.export_proxies() to do that and remove the manual setup.
(From OE-Core rev: 6b73004668b3b71c9c38814b79fbb58c893ed434)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Create an index on the PRODUCTS table which contains a row for each CPE,
drastically increasing the performance of lookups for a specific CVE.
(From OE-Core rev: b4048b05b3a00d85c40d09961f846eadcebd812e)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Don't hardcode the database filename, there's a variable for this in
cve-check.bbclass.
(From OE-Core rev: 0d188a9dc4ae64c64cd661e9d9c3841e86f226ab)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
In 50-systemd-user.sh which is packaged to sub-package
${PN}-xorg-xinitrc, it exports environment variables DISPLAY and
XAUTHORITY to systemd. It fails to start systemd services which require
these environment variables such as thunar.service:
root@qemux86-64:~# systemctl --user status thunar
● thunar.service - Thunar file manager
Loaded: loaded (/usr/lib/systemd/user/thunar.service; disabled; vendor preset: enabled)
Active: inactive (dead)
Docs: man:Thunar(1)
Nov 14 07:47:29 qemux86-64 systemd[352]: Starting Thunar file manager...
Nov 14 07:47:29 qemux86-64 Thunar[873]: cannot open display:
Nov 14 07:47:29 qemux86-64 systemd[352]: thunar.service: Main process exited, code=exited, status=1/FAILURE
Nov 14 07:47:29 qemux86-64 systemd[352]: thunar.service: Failed with result 'exit-code'.
Nov 14 07:47:29 qemux86-64 systemd[352]: Failed to start Thunar file manager.
It is not convenient to make all such kind of packages require package
${PN}-xorg-xinitrc, so remove the sub-package and merge the only file
provided by it to main package.
No recipe depends on ${PN}-xorg-xinitrc in oe-core and meta-openembedded
now, so no need to set rprovides for it.
(From OE-Core rev: 9b7d65aa52171cb559cc12ca3fdeaee54b9022c1)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Besides checking DISTRO_FEATURES for required or conflicting features,
being able to check MACHINE_FEATURES and/or COMBINED_FEATURES may also
be useful at times.
Temporarily support the old class name with a warning about future
deprecation.
(From OE-Core rev: 5f4875b950ce199e91f99c8e945a0c709166dc14)
Signed-off-by: Denys Dmytriyenko <denys@ti.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
We already fetch the yearly CVE metadata and check that for updates before
downloading the full data, but we can speed up CVE checking further by only
checking the CVE metadata once an hour.
(From OE-Core rev: 50d898fd360c58fe85460517d965f62b7654771a)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Instead of depending on iasl-native, depend on ovmf-native as iasl was merged
into that recipe some time ago.
bc-native doesn't appear to be a build requirement anymore, and for clarity
merge two overridden DEPENDS into a single DEPENDS.
(From OE-Core rev: 78d2f68a956ff49410b238456ce0a23c5a0667aa)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
export OPENSSL_CONF to aviod SDK openssl can not find openssl.cnf.
(From OE-Core rev: 0aaf3dd17dcde959e9c0d62543cb91c9b33551b4)
Signed-off-by: Liwei Song <liwei.song@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The whole D-Bus source has no reference to the netdev group. It
seems that the netdev group is nowhere used. Early avahi package
versions used this group for the D-Bus specific rules. However,
today avahi uses --with-avahi-priv-access-group=adm and hence
uses the adm group for its D-Bus policy rules.
If a package is using the netdev group in its D-Bus policy rules,
that package should add the group instead.
(From OE-Core rev: 70354028811c874434fe1a54cbdd9a4d2c267350)
Signed-off-by: Stefan Agner <stefan.agner@toradex.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
