From 409e90e04504715028019eb09cb75425a47ab3ee Mon Sep 17 00:00:00 2001
From: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Date: Tue, 3 Nov 2020 10:44:46 +0100
Subject: cleanup: remove run-postinsts, dpkg status-old

- initramfs: remove run-postinsts package, it has no purpose as there is
  no package manager inside the initramfs;
- rootfs: remove run-postinsts if the package manager is DPKG/APT, since
  it duplicates the existing dpkg-configure.service installed by the
  dpkg recipe;
- rootfs: cleanup DPKG backup file 'status-old', it contains information
  about packages before the final installation stages of the rootfs
  build process (completely irrelevant for the end user), saves >500kB;

Change-Id: I6bd257d56805a3dfee4478c88977942e9f210afc
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
---
 images/core-image-minimal-initramfs.bbappend |  4 +++-
 images/enea-nfv-access-common.inc            | 11 +++++++++++
 2 files changed, 14 insertions(+), 1 deletion(-)

diff --git a/images/core-image-minimal-initramfs.bbappend b/images/core-image-minimal-initramfs.bbappend
index e743bb3..5512158 100644
--- a/images/core-image-minimal-initramfs.bbappend
+++ b/images/core-image-minimal-initramfs.bbappend
@@ -4,6 +4,9 @@ PACKAGE_INSTALL += " nfv-installer kernel-modules"
 # ostree version specified in the kernel command line
 PACKAGE_INSTALL_append_sota = " ostree-switchroot"
 
+# run-postinsts does not belong in the minimal initramfs
+PACKAGE_INSTALL_remove = "run-postinsts"
+
 create_enea_symlink() {
     # enea image used in bare metal installation
     cd ${DEPLOY_DIR_IMAGE}
@@ -12,4 +15,3 @@ create_enea_symlink() {
 }
 
 IMAGE_POSTPROCESS_COMMAND_append += " create_enea_symlink;"
-
diff --git a/images/enea-nfv-access-common.inc b/images/enea-nfv-access-common.inc
index 3f9fc84..5472056 100644
--- a/images/enea-nfv-access-common.inc
+++ b/images/enea-nfv-access-common.inc
@@ -7,6 +7,17 @@ IMAGE_INSTALL += " \
     kernel-modules \
     "
 
+# run-postinsts duplicates dpkg-configure if package_deb is used
+PACKAGE_INSTALL_remove = "${@bb.utils.contains('PACKAGE_CLASSES', 'package_deb', 'run-postinsts', '', d)}"
+
+# After installing packages inside the rootfs, remove backup DPKG status file
+rootfs_postinstall_dpkg_cleanup () {
+    if ${@bb.utils.contains('PACKAGE_CLASSES', 'package_deb', 'true', 'false', d)}; then
+        rm -f ${IMAGE_ROOTFS}/var/lib/dpkg/status-old
+    fi
+}
+ROOTFS_POSTINSTALL_COMMAND_append += " rootfs_postinstall_dpkg_cleanup;"
+
 IMAGE_FSTYPES = "ext4 ext4.gz tar.gz"
 
 # Add ostree specific image types if sota support is set
-- 
cgit v1.2.3-54-g00ecf


From 70848fd5efb411cd83ad157323fbf796d688bb56 Mon Sep 17 00:00:00 2001
From: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Date: Thu, 17 Dec 2020 14:59:32 +0100
Subject: grub: Fix backwards compatibility with OSTree

Before NFVA 2.3.0, OSTree only checked for the existence of
/boot/grub2/grub.cfg, skipping creating grub.cfg if that file was not
present.
In NFVA 2.3.0, only /boot/grub/grub.cfg is created, leading to issues
when trying to downgrade to an older NFVA release.

To maintain backwards compatibility with OSTree versions that only
check the old path, create both /boot/{grub,grub2} as symlinks to the
loader directory managed by OSTree.

Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Change-Id: Ic2c89930794e4c9d3ee3b2468d1331e5d7f63834
---
 classes/override_image_types_ota.inc | 1 +
 1 file changed, 1 insertion(+)

diff --git a/classes/override_image_types_ota.inc b/classes/override_image_types_ota.inc
index ded70dd..da920c1 100644
--- a/classes/override_image_types_ota.inc
+++ b/classes/override_image_types_ota.inc
@@ -34,6 +34,7 @@ IMAGE_CMD_otaimg () {
 
 		if [ "${OSTREE_BOOTLOADER}" = "grub" ]; then
 			ln -s loader ${PHYS_SYSROOT}/boot/grub
+			ln -s loader ${PHYS_SYSROOT}/boot/grub2
 			touch ${PHYS_SYSROOT}/boot/grub/grub.cfg
 		elif [ "${OSTREE_BOOTLOADER}" = "u-boot" ]; then
 			touch ${PHYS_SYSROOT}/boot/loader/uEnv.txt
-- 
cgit v1.2.3-54-g00ecf


From 00525946539248e2feadfd852bd9abfd26cc1aae Mon Sep 17 00:00:00 2001
From: Adrian Dudau <adrian.dudau@enea.com>
Date: Tue, 2 Feb 2021 16:19:32 +0100
Subject: distro/eneanfvaccess.conf: Update distro version to 2.4.0

Change-Id: Ia39f1767dead467c0c78a5da085e3fc191f1cd4b
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
---
 conf/distro/eneanfvaccess.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/conf/distro/eneanfvaccess.conf b/conf/distro/eneanfvaccess.conf
index 28f5c2d..ae26b2d 100644
--- a/conf/distro/eneanfvaccess.conf
+++ b/conf/distro/eneanfvaccess.conf
@@ -1,7 +1,7 @@
 require conf/distro/enea.conf
 
 DISTRO_NAME = "Enea NFV Access"
-DISTRO_VERSION_MAJOR ??= "2.3"
+DISTRO_VERSION_MAJOR ??= "2.4"
 DISTRO_VERSION_MINOR ??= ".0"
 DISTRO_VERSION = "${DISTRO_VERSION_MAJOR}${DISTRO_VERSION_MINOR}"
 
-- 
cgit v1.2.3-54-g00ecf


From 79d1957037bc893aa278c025a1c3276b206aead0 Mon Sep 17 00:00:00 2001
From: Adrian Calianu <adrian.calianu@enea.com>
Date: Mon, 22 Feb 2021 14:19:17 +0100
Subject: add ixgbe driver in initramfs

this was disabled from kernel source tree

Change-Id: I82ff784dae6d34de19966b61f194944dba2adbe9
Signed-off-by: Adrian Calianu <adrian.calianu@enea.com>
---
 images/core-image-minimal-initramfs.bbappend | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/images/core-image-minimal-initramfs.bbappend b/images/core-image-minimal-initramfs.bbappend
index 5512158..67ab251 100644
--- a/images/core-image-minimal-initramfs.bbappend
+++ b/images/core-image-minimal-initramfs.bbappend
@@ -1,4 +1,4 @@
-PACKAGE_INSTALL += " nfv-installer kernel-modules"
+PACKAGE_INSTALL += " nfv-installer kernel-modules ixgbe"
 
 # ostree-switchroot is used by the init script to switch root to the
 # ostree version specified in the kernel command line
-- 
cgit v1.2.3-54-g00ecf


From 23ed226a4b4b7c1cac2c52e6808631d9f0d6f652 Mon Sep 17 00:00:00 2001
From: Matei Valeanu <Matei.Valeanu@enea.com>
Date: Fri, 19 Feb 2021 19:17:20 +0100
Subject: Set the users and groups statically

Cannot set USERADD_ERROR_DYNAMIC to error as it breaks the build.
We need to be carefull when adding new users/groups, to also add
them to files/{groups,passwd}

Change-Id: I7ecfa9936af6319ced946e243cbe3bbcd23e8e4c
Signed-off-by: Matei Valeanu <Matei.Valeanu@enea.com>
---
 conf/template.atom-c3000-debug/local.conf.sample | 26 +++++++++++
 conf/template.atom-c3000/local.conf.sample       | 26 +++++++++++
 conf/template.xeon-d-debug/local.conf.sample     | 26 +++++++++++
 conf/template.xeon-d/local.conf.sample           | 26 +++++++++++
 files/group                                      | 56 ++++++++++++++++++++++++
 files/passwd                                     | 29 ++++++++++++
 6 files changed, 189 insertions(+)
 create mode 100644 files/group
 create mode 100644 files/passwd

diff --git a/conf/template.atom-c3000-debug/local.conf.sample b/conf/template.atom-c3000-debug/local.conf.sample
index c749b24..60e8955 100644
--- a/conf/template.atom-c3000-debug/local.conf.sample
+++ b/conf/template.atom-c3000-debug/local.conf.sample
@@ -250,3 +250,29 @@ SOTA_MACHINE ?= "${MACHINE}"
 DISTRO_FEATURES_append = " sota"
 DISTRO_FEATURES_NATIVE_append = " sota"
 INHERIT += " sota"
+
+# Various packages dynamically add users and groups to the system at package
+# install time.  For programs that do not care what the uid/gid is of the
+# resulting users/groups, the order of the install will determine the final
+# uid/gid.  This can lead to non-deterministic uid/gid values from one build
+# to another.  Use the following settings to specify that all user/group adds
+# should be created based on a static passwd/group file.
+#
+# Note, if you enable or disable the useradd-staticids in a configured system,
+# the TMPDIR may contain incorrect uid/gid values.  Clearing the TMPDIR
+# will correct this condition.
+#
+# By default the system looks in the BBPATH for files/passwd and files/group
+# the default can be overriden by spefying USERADD_UID/GID_TABLES.
+#
+USERADDEXTENSION = "useradd-staticids"
+USERADD_UID_TABLES = "files/passwd"
+USERADD_GID_TABLES = "files/group"
+#
+# In order to prevent generating a system where a dynamicly assigned uid/gid
+# can exist, you should enable the following setting.  This will force the
+# system to error out if the user/group name is not defined in the
+# files/passwd or files/group (or specified replacements.)
+# Unfortunately, setting the variable below breaks the build, so do not set it
+# for now
+# USERADD_ERROR_DYNAMIC = "1"
diff --git a/conf/template.atom-c3000/local.conf.sample b/conf/template.atom-c3000/local.conf.sample
index 8c24e77..b015f43 100644
--- a/conf/template.atom-c3000/local.conf.sample
+++ b/conf/template.atom-c3000/local.conf.sample
@@ -247,3 +247,29 @@ SOTA_MACHINE ?= "${MACHINE}"
 DISTRO_FEATURES_append = " sota"
 DISTRO_FEATURES_NATIVE_append = " sota"
 INHERIT += " sota"
+
+# Various packages dynamically add users and groups to the system at package
+# install time.  For programs that do not care what the uid/gid is of the
+# resulting users/groups, the order of the install will determine the final
+# uid/gid.  This can lead to non-deterministic uid/gid values from one build
+# to another.  Use the following settings to specify that all user/group adds
+# should be created based on a static passwd/group file.
+#
+# Note, if you enable or disable the useradd-staticids in a configured system,
+# the TMPDIR may contain incorrect uid/gid values.  Clearing the TMPDIR
+# will correct this condition.
+#
+# By default the system looks in the BBPATH for files/passwd and files/group
+# the default can be overriden by spefying USERADD_UID/GID_TABLES.
+#
+USERADDEXTENSION = "useradd-staticids"
+USERADD_UID_TABLES = "files/passwd"
+USERADD_GID_TABLES = "files/group"
+#
+# In order to prevent generating a system where a dynamicly assigned uid/gid
+# can exist, you should enable the following setting.  This will force the
+# system to error out if the user/group name is not defined in the
+# files/passwd or files/group (or specified replacements.)
+# Unfortunately, setting the variable below breaks the build, so do not set it
+# for now
+# USERADD_ERROR_DYNAMIC = "1"
diff --git a/conf/template.xeon-d-debug/local.conf.sample b/conf/template.xeon-d-debug/local.conf.sample
index e898db6..6474a37 100644
--- a/conf/template.xeon-d-debug/local.conf.sample
+++ b/conf/template.xeon-d-debug/local.conf.sample
@@ -251,3 +251,29 @@ SOTA_MACHINE ?= "${MACHINE}"
 DISTRO_FEATURES_append = " sota"
 DISTRO_FEATURES_NATIVE_append = " sota"
 INHERIT += " sota"
+
+# Various packages dynamically add users and groups to the system at package
+# install time.  For programs that do not care what the uid/gid is of the
+# resulting users/groups, the order of the install will determine the final
+# uid/gid.  This can lead to non-deterministic uid/gid values from one build
+# to another.  Use the following settings to specify that all user/group adds
+# should be created based on a static passwd/group file.
+#
+# Note, if you enable or disable the useradd-staticids in a configured system,
+# the TMPDIR may contain incorrect uid/gid values.  Clearing the TMPDIR
+# will correct this condition.
+#
+# By default the system looks in the BBPATH for files/passwd and files/group
+# the default can be overriden by spefying USERADD_UID/GID_TABLES.
+#
+USERADDEXTENSION = "useradd-staticids"
+USERADD_UID_TABLES = "files/passwd"
+USERADD_GID_TABLES = "files/group"
+#
+# In order to prevent generating a system where a dynamicly assigned uid/gid
+# can exist, you should enable the following setting.  This will force the
+# system to error out if the user/group name is not defined in the
+# files/passwd or files/group (or specified replacements.)
+# Unfortunately, setting the variable below breaks the build, so do not set it
+# for now
+# USERADD_ERROR_DYNAMIC = "1"
diff --git a/conf/template.xeon-d/local.conf.sample b/conf/template.xeon-d/local.conf.sample
index 3b1063e..5cfebf5 100644
--- a/conf/template.xeon-d/local.conf.sample
+++ b/conf/template.xeon-d/local.conf.sample
@@ -248,3 +248,29 @@ SOTA_MACHINE ?= "${MACHINE}"
 DISTRO_FEATURES_append = " sota"
 DISTRO_FEATURES_NATIVE_append = " sota"
 INHERIT += " sota"
+
+# Various packages dynamically add users and groups to the system at package
+# install time.  For programs that do not care what the uid/gid is of the
+# resulting users/groups, the order of the install will determine the final
+# uid/gid.  This can lead to non-deterministic uid/gid values from one build
+# to another.  Use the following settings to specify that all user/group adds
+# should be created based on a static passwd/group file.
+#
+# Note, if you enable or disable the useradd-staticids in a configured system,
+# the TMPDIR may contain incorrect uid/gid values.  Clearing the TMPDIR
+# will correct this condition.
+#
+# By default the system looks in the BBPATH for files/passwd and files/group
+# the default can be overriden by spefying USERADD_UID/GID_TABLES.
+#
+USERADDEXTENSION = "useradd-staticids"
+USERADD_UID_TABLES = "files/passwd"
+USERADD_GID_TABLES = "files/group"
+#
+# In order to prevent generating a system where a dynamicly assigned uid/gid
+# can exist, you should enable the following setting.  This will force the
+# system to error out if the user/group name is not defined in the
+# files/passwd or files/group (or specified replacements.)
+# Unfortunately, setting the variable below breaks the build, so do not set it
+# for now
+# USERADD_ERROR_DYNAMIC = "1"
diff --git a/files/group b/files/group
new file mode 100644
index 0000000..99cb628
--- /dev/null
+++ b/files/group
@@ -0,0 +1,56 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+input:x:19:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+shutdown:x:70:
+users:x:100:
+systemd-bus-proxy:x:985:
+systemd-resolve:x:986:
+systemd-network:x:987:
+systemd-timesync:x:988:
+systemd-journal:x:989:
+lock:x:990:
+sshd:x:991:
+qemu:x:992:
+polkitd:x:993:
+ntp:x:994:
+docker:x:995:
+messagebus:x:996:
+netdev:x:997:
+bind:x:998:
+_apt:x:999:
+nogroup:x:65534:
diff --git a/files/passwd b/files/passwd
new file mode 100644
index 0000000..2c21e09
--- /dev/null
+++ b/files/passwd
@@ -0,0 +1,29 @@
+root:x:0:0:root:/home/root:/bin/sh
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+systemd-bus-proxy:x:989:985::/:/bin/nologin
+systemd-resolve:x:990:986::/:/bin/nologin
+systemd-network:x:991:987::/:/bin/nologin
+systemd-timesync:x:992:988::/:/bin/nologin
+sshd:x:993:991::/var/run/sshd:/bin/false
+qemu:x:994:992::/home/qemu:/bin/sh
+polkitd:x:995:993::/etc/polkit-1:/bin/sh
+ntp:x:996:994::/var/lib/ntp:/bin/false
+messagebus:x:997:996::/var/lib/dbus:/bin/false
+bind:x:998:998::/var/cache/bind:/bin/sh
+_apt:x:999:999::/nonexistent:/bin/false
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
-- 
cgit v1.2.3-54-g00ecf