From 63eb543752fb9e4f3a2b2d42d781424cb890dd06 Mon Sep 17 00:00:00 2001 From: Anton Gerasimov Date: Fri, 1 Jun 2018 13:03:21 +0200 Subject: Add support for rollback on Raspberry Pi --- classes/sota_raspberrypi.bbclass | 2 ++ .../aktualizr/aktualizr-uboot-env-rollback.bb | 23 ++++++++++++++++++++++ recipes-sota/aktualizr/aktualizr_git.bb | 4 ++++ recipes-sota/aktualizr/files/aktualizr.service | 4 +--- 4 files changed, 30 insertions(+), 3 deletions(-) create mode 100644 recipes-sota/aktualizr/aktualizr-uboot-env-rollback.bb diff --git a/classes/sota_raspberrypi.bbclass b/classes/sota_raspberrypi.bbclass index a5558b4..49aa298 100644 --- a/classes/sota_raspberrypi.bbclass +++ b/classes/sota_raspberrypi.bbclass @@ -18,3 +18,5 @@ KERNEL_DEVICETREE_raspberrypi3_sota ?= " bcm2710-rpi-3-b.dtb overlays/vc4-kms-v3 # Kernel args normally provided by RPi's internal bootloader. Non-updateable OSTREE_KERNEL_ARGS_sota ?= " 8250.nr_uarts=1 bcm2708_fb.fbwidth=720 bcm2708_fb.fbheight=480 bcm2708_fb.fbswap=1 vc_mem.mem_base=0x3ec00000 vc_mem.mem_size=0x40000000 dwc_otg.lpm_enable=0 console=ttyS0,115200 usbhid.mousepoll=0 " + +SOTA_CLIENT_FEATURES_append = " ubootenv" diff --git a/recipes-sota/aktualizr/aktualizr-uboot-env-rollback.bb b/recipes-sota/aktualizr/aktualizr-uboot-env-rollback.bb new file mode 100644 index 0000000..c9753e4 --- /dev/null +++ b/recipes-sota/aktualizr/aktualizr-uboot-env-rollback.bb @@ -0,0 +1,23 @@ +SUMMARY = "Aktualizr configuration snippet to enable uboot bootcount function" +HOMEPAGE = "https://github.com/advancedtelematic/aktualizr" +SECTION = "base" +LICENSE = "MPL-2.0" +LIC_FILES_CHKSUM = "file://${WORKDIR}/LICENSE;md5=9741c346eef56131163e13b9db1241b3" +DEPENDS = "aktualizr-native" +RDEPENDS_${PN} = "aktualizr" + +SRC_URI = " \ + file://LICENSE \ + " + +do_install() { + install -m 0700 -d ${D}${libdir}/sota/conf.d + install -m 0644 ${STAGING_DIR_NATIVE}${libdir}/sota/sota_uboot_env.toml ${D}${libdir}/sota/conf.d/30-rollback.toml +} + +FILES_${PN} = " \ + ${libdir}/sota/conf.d \ + ${libdir}/sota/conf.d/30-rollback.toml \ + " + +# vim:set ts=4 sw=4 sts=4 expandtab: diff --git a/recipes-sota/aktualizr/aktualizr_git.bb b/recipes-sota/aktualizr/aktualizr_git.bb index 7260af6..56ef78e 100755 --- a/recipes-sota/aktualizr/aktualizr_git.bb +++ b/recipes-sota/aktualizr/aktualizr_git.bb @@ -12,6 +12,8 @@ DEPENDS_append_class-native = "glib-2.0-native " RDEPENDS_${PN}_class-target = "lshw " RDEPENDS_${PN}_append_class-target = "${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'serialcan', ' slcand-start', '', d)} " RDEPENDS_${PN}_append_class-target = "${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'hsm', ' softhsm softhsm-testtoken', '', d)}" +RDEPENDS_${PN}_append_class-target = " ${@oe.utils.ifelse(d.getVar('OSTREE_BOOTLOADER', True) == 'u-boot', 'u-boot-fw-utils', '')}" +RDEPENDS_${PN}_append_class-target = " ${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'ubootenv', ' aktualizr-uboot-env-rollback', '', d)} " RDEPENDS_${PN}_append_class-target = " ${PN}-tools " RDEPENDS_${PN}-secondary_append_class-target = " ${PN}-tools " @@ -66,6 +68,7 @@ do_install_append () { install -m 0644 ${S}/config/sota_implicit_prov.toml ${D}/${libdir}/sota/sota_implicit_prov.toml install -m 0644 ${S}/config/sota_implicit_prov_ca.toml ${D}/${libdir}/sota/sota_implicit_prov_ca.toml install -m 0644 ${S}/config/sota_secondary.toml ${D}/${libdir}/sota/sota_secondary.toml + install -m 0644 ${S}/config/sota_uboot_env.toml ${D}/${libdir}/sota/sota_uboot_env.toml install -d ${D}${systemd_unitdir}/system install -m 0644 ${WORKDIR}/aktualizr-secondary.socket ${D}${systemd_unitdir}/system/aktualizr-secondary.socket install -m 0644 ${WORKDIR}/aktualizr-secondary.service ${D}${systemd_unitdir}/system/aktualizr-secondary.service @@ -113,6 +116,7 @@ FILES_${PN}-host-tools = " \ ${libdir}/sota/sota_hsm_prov.toml \ ${libdir}/sota/sota_implicit_prov.toml \ ${libdir}/sota/sota_implicit_prov_ca.toml \ + ${libdir}/sota/sota_uboot_env.toml \ " FILES_${PN}-tools = " \ diff --git a/recipes-sota/aktualizr/files/aktualizr.service b/recipes-sota/aktualizr/files/aktualizr.service index 1c2e1df..6de4474 100644 --- a/recipes-sota/aktualizr/files/aktualizr.service +++ b/recipes-sota/aktualizr/files/aktualizr.service @@ -1,8 +1,6 @@ [Unit] Description=Aktualizr SOTA Client -Wants=network-online.target -After=network.target network-online.target -Requires=network-online.target +After=network.target [Service] RestartSec=10 -- cgit v1.2.3-54-g00ecf From b5ad1622ae622fbda21e0f014f9755496e376e9e Mon Sep 17 00:00:00 2001 From: Laurent Bonnans Date: Thu, 23 Aug 2018 14:56:41 +0200 Subject: Remove aktualizr dep on u-boot-fw-utils in general Should only be needed when using the u-boot env rollback feature --- recipes-sota/aktualizr/aktualizr_git.bb | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/recipes-sota/aktualizr/aktualizr_git.bb b/recipes-sota/aktualizr/aktualizr_git.bb index 56ef78e..83e450d 100755 --- a/recipes-sota/aktualizr/aktualizr_git.bb +++ b/recipes-sota/aktualizr/aktualizr_git.bb @@ -12,8 +12,7 @@ DEPENDS_append_class-native = "glib-2.0-native " RDEPENDS_${PN}_class-target = "lshw " RDEPENDS_${PN}_append_class-target = "${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'serialcan', ' slcand-start', '', d)} " RDEPENDS_${PN}_append_class-target = "${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'hsm', ' softhsm softhsm-testtoken', '', d)}" -RDEPENDS_${PN}_append_class-target = " ${@oe.utils.ifelse(d.getVar('OSTREE_BOOTLOADER', True) == 'u-boot', 'u-boot-fw-utils', '')}" -RDEPENDS_${PN}_append_class-target = " ${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'ubootenv', ' aktualizr-uboot-env-rollback', '', d)} " +RDEPENDS_${PN}_append_class-target = " ${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'ubootenv', ' u-boot-fw-utils aktualizr-uboot-env-rollback', '', d)} " RDEPENDS_${PN}_append_class-target = " ${PN}-tools " RDEPENDS_${PN}-secondary_append_class-target = " ${PN}-tools " -- cgit v1.2.3-54-g00ecf From 2c45541cbf39d53562c436ebc223ad1ac5de1e5e Mon Sep 17 00:00:00 2001 From: Laurent Bonnans Date: Tue, 18 Sep 2018 14:54:41 +0200 Subject: Fix LICENSE check for aktualizr-uboot-env-rollback --- recipes-sota/aktualizr/aktualizr-uboot-env-rollback.bb | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/recipes-sota/aktualizr/aktualizr-uboot-env-rollback.bb b/recipes-sota/aktualizr/aktualizr-uboot-env-rollback.bb index c9753e4..305b5e5 100644 --- a/recipes-sota/aktualizr/aktualizr-uboot-env-rollback.bb +++ b/recipes-sota/aktualizr/aktualizr-uboot-env-rollback.bb @@ -2,13 +2,12 @@ SUMMARY = "Aktualizr configuration snippet to enable uboot bootcount function" HOMEPAGE = "https://github.com/advancedtelematic/aktualizr" SECTION = "base" LICENSE = "MPL-2.0" -LIC_FILES_CHKSUM = "file://${WORKDIR}/LICENSE;md5=9741c346eef56131163e13b9db1241b3" +LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7f619bab123dad" DEPENDS = "aktualizr-native" RDEPENDS_${PN} = "aktualizr" -SRC_URI = " \ - file://LICENSE \ - " +SRC_URI = "" + do_install() { install -m 0700 -d ${D}${libdir}/sota/conf.d -- cgit v1.2.3-54-g00ecf From 06766b2215c43b15057aafeae8f475861810fddd Mon Sep 17 00:00:00 2001 From: Patrick Vacek Date: Tue, 3 Jul 2018 12:36:15 +0200 Subject: softhsm-testtoken: fix complaint about generic license location. --- recipes-support/softhsm-testtoken/softhsm-testtoken.bb | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/recipes-support/softhsm-testtoken/softhsm-testtoken.bb b/recipes-support/softhsm-testtoken/softhsm-testtoken.bb index c5691db..029fe1c 100644 --- a/recipes-support/softhsm-testtoken/softhsm-testtoken.bb +++ b/recipes-support/softhsm-testtoken/softhsm-testtoken.bb @@ -1,8 +1,6 @@ SUMMARY = "Mock smartcard for aktualizr" LICENSE = "MIT" -LIC_FILES_CHKSUM = "file://${COREBASE}/LICENSE;md5=4d92cd373abda3937c2bc47fbc49d690 \ - file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420" - +LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302" inherit systemd -- cgit v1.2.3-54-g00ecf From d47f3237cd5bd2694ad0753a0f10d73b8044155c Mon Sep 17 00:00:00 2001 From: Patrick Vacek Date: Tue, 3 Jul 2018 13:48:48 +0200 Subject: aktualizr tools: use generic MPL license instead of our own copy. --- recipes-sota/aktualizr/aktualizr-auto-prov.bb | 7 +- .../aktualizr/aktualizr-ca-implicit-prov.bb | 3 +- recipes-sota/aktualizr/aktualizr-hsm-prov.bb | 6 +- recipes-sota/aktualizr/aktualizr-implicit-prov.bb | 6 +- recipes-sota/aktualizr/files/LICENSE | 373 --------------------- recipes-sota/config/aktualizr-disable-send-ip.bb | 3 +- recipes-sota/config/aktualizr-example-interface.bb | 3 +- recipes-sota/config/aktualizr-log-debug.bb | 3 +- recipes-sota/config/files/LICENSE | 373 --------------------- 9 files changed, 11 insertions(+), 766 deletions(-) delete mode 100644 recipes-sota/aktualizr/files/LICENSE delete mode 100644 recipes-sota/config/files/LICENSE diff --git a/recipes-sota/aktualizr/aktualizr-auto-prov.bb b/recipes-sota/aktualizr/aktualizr-auto-prov.bb index 77f8f22..9fa95ed 100644 --- a/recipes-sota/aktualizr/aktualizr-auto-prov.bb +++ b/recipes-sota/aktualizr/aktualizr-auto-prov.bb @@ -3,15 +3,14 @@ DESCRIPTION = "Configuration for automatically provisioning Aktualizr, the SOTA HOMEPAGE = "https://github.com/advancedtelematic/aktualizr" SECTION = "base" LICENSE = "MPL-2.0" -LIC_FILES_CHKSUM = "file://${WORKDIR}/LICENSE;md5=9741c346eef56131163e13b9db1241b3" +LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7f619bab123dad" + DEPENDS = "aktualizr-native zip-native" RDEPENDS_${PN} = "aktualizr" PV = "1.0" PR = "6" -SRC_URI = " \ - file://LICENSE \ - " +SRC_URI = "" require environment.inc require credentials.inc diff --git a/recipes-sota/aktualizr/aktualizr-ca-implicit-prov.bb b/recipes-sota/aktualizr/aktualizr-ca-implicit-prov.bb index e00d41a..83504f1 100644 --- a/recipes-sota/aktualizr/aktualizr-ca-implicit-prov.bb +++ b/recipes-sota/aktualizr/aktualizr-ca-implicit-prov.bb @@ -7,12 +7,11 @@ DESCRIPTION = "Configuration for implicitly provisioning Aktualizr using externa HOMEPAGE = "https://github.com/advancedtelematic/aktualizr" SECTION = "base" LICENSE = "MPL-2.0" -LIC_FILES_CHKSUM = "file://${WORKDIR}/LICENSE;md5=9741c346eef56131163e13b9db1241b3" +LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7f619bab123dad" DEPENDS = "aktualizr aktualizr-native openssl-native" SRC_URI = " \ - file://LICENSE \ file://ca.cnf \ " PV = "1.0" diff --git a/recipes-sota/aktualizr/aktualizr-hsm-prov.bb b/recipes-sota/aktualizr/aktualizr-hsm-prov.bb index ce92e9c..0450138 100644 --- a/recipes-sota/aktualizr/aktualizr-hsm-prov.bb +++ b/recipes-sota/aktualizr/aktualizr-hsm-prov.bb @@ -3,13 +3,11 @@ DESCRIPTION = "Configuration for HSM provisioning with Aktualizr, the SOTA Clien HOMEPAGE = "https://github.com/advancedtelematic/aktualizr" SECTION = "base" LICENSE = "MPL-2.0" -LIC_FILES_CHKSUM = "file://${WORKDIR}/LICENSE;md5=9741c346eef56131163e13b9db1241b3" +LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7f619bab123dad" DEPENDS = "aktualizr aktualizr-native" -SRC_URI = " \ - file://LICENSE \ - " +SRC_URI = "" PV = "1.0" PR = "6" diff --git a/recipes-sota/aktualizr/aktualizr-implicit-prov.bb b/recipes-sota/aktualizr/aktualizr-implicit-prov.bb index 6e5f338..5c54e8a 100644 --- a/recipes-sota/aktualizr/aktualizr-implicit-prov.bb +++ b/recipes-sota/aktualizr/aktualizr-implicit-prov.bb @@ -3,13 +3,11 @@ DESCRIPTION = "Configuration for implicitly provisioning Aktualizr, the SOTA Cli HOMEPAGE = "https://github.com/advancedtelematic/aktualizr" SECTION = "base" LICENSE = "MPL-2.0" -LIC_FILES_CHKSUM = "file://${WORKDIR}/LICENSE;md5=9741c346eef56131163e13b9db1241b3" +LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7f619bab123dad" DEPENDS = "aktualizr aktualizr-native" -SRC_URI = " \ - file://LICENSE \ - " +SRC_URI = "" PV = "1.0" PR = "1" diff --git a/recipes-sota/aktualizr/files/LICENSE b/recipes-sota/aktualizr/files/LICENSE deleted file mode 100644 index a612ad9..0000000 --- a/recipes-sota/aktualizr/files/LICENSE +++ /dev/null @@ -1,373 +0,0 @@ -Mozilla Public License Version 2.0 -================================== - -1. Definitions --------------- - -1.1. "Contributor" - means each individual or legal entity that creates, contributes to - the creation of, or owns Covered Software. - -1.2. "Contributor Version" - means the combination of the Contributions of others (if any) used - by a Contributor and that particular Contributor's Contribution. - -1.3. "Contribution" - means Covered Software of a particular Contributor. - -1.4. "Covered Software" - means Source Code Form to which the initial Contributor has attached - the notice in Exhibit A, the Executable Form of such Source Code - Form, and Modifications of such Source Code Form, in each case - including portions thereof. - -1.5. "Incompatible With Secondary Licenses" - means - - (a) that the initial Contributor has attached the notice described - in Exhibit B to the Covered Software; or - - (b) that the Covered Software was made available under the terms of - version 1.1 or earlier of the License, but not also under the - terms of a Secondary License. - -1.6. "Executable Form" - means any form of the work other than Source Code Form. - -1.7. "Larger Work" - means a work that combines Covered Software with other material, in - a separate file or files, that is not Covered Software. - -1.8. "License" - means this document. - -1.9. "Licensable" - means having the right to grant, to the maximum extent possible, - whether at the time of the initial grant or subsequently, any and - all of the rights conveyed by this License. - -1.10. "Modifications" - means any of the following: - - (a) any file in Source Code Form that results from an addition to, - deletion from, or modification of the contents of Covered - Software; or - - (b) any new file in Source Code Form that contains any Covered - Software. - -1.11. "Patent Claims" of a Contributor - means any patent claim(s), including without limitation, method, - process, and apparatus claims, in any patent Licensable by such - Contributor that would be infringed, but for the grant of the - License, by the making, using, selling, offering for sale, having - made, import, or transfer of either its Contributions or its - Contributor Version. - -1.12. "Secondary License" - means either the GNU General Public License, Version 2.0, the GNU - Lesser General Public License, Version 2.1, the GNU Affero General - Public License, Version 3.0, or any later versions of those - licenses. - -1.13. "Source Code Form" - means the form of the work preferred for making modifications. - -1.14. "You" (or "Your") - means an individual or a legal entity exercising rights under this - License. For legal entities, "You" includes any entity that - controls, is controlled by, or is under common control with You. For - purposes of this definition, "control" means (a) the power, direct - or indirect, to cause the direction or management of such entity, - whether by contract or otherwise, or (b) ownership of more than - fifty percent (50%) of the outstanding shares or beneficial - ownership of such entity. - -2. License Grants and Conditions --------------------------------- - -2.1. Grants - -Each Contributor hereby grants You a world-wide, royalty-free, -non-exclusive license: - -(a) under intellectual property rights (other than patent or trademark) - Licensable by such Contributor to use, reproduce, make available, - modify, display, perform, distribute, and otherwise exploit its - Contributions, either on an unmodified basis, with Modifications, or - as part of a Larger Work; and - -(b) under Patent Claims of such Contributor to make, use, sell, offer - for sale, have made, import, and otherwise transfer either its - Contributions or its Contributor Version. - -2.2. Effective Date - -The licenses granted in Section 2.1 with respect to any Contribution -become effective for each Contribution on the date the Contributor first -distributes such Contribution. - -2.3. Limitations on Grant Scope - -The licenses granted in this Section 2 are the only rights granted under -this License. No additional rights or licenses will be implied from the -distribution or licensing of Covered Software under this License. -Notwithstanding Section 2.1(b) above, no patent license is granted by a -Contributor: - -(a) for any code that a Contributor has removed from Covered Software; - or - -(b) for infringements caused by: (i) Your and any other third party's - modifications of Covered Software, or (ii) the combination of its - Contributions with other software (except as part of its Contributor - Version); or - -(c) under Patent Claims infringed by Covered Software in the absence of - its Contributions. - -This License does not grant any rights in the trademarks, service marks, -or logos of any Contributor (except as may be necessary to comply with -the notice requirements in Section 3.4). - -2.4. Subsequent Licenses - -No Contributor makes additional grants as a result of Your choice to -distribute the Covered Software under a subsequent version of this -License (see Section 10.2) or under the terms of a Secondary License (if -permitted under the terms of Section 3.3). - -2.5. Representation - -Each Contributor represents that the Contributor believes its -Contributions are its original creation(s) or it has sufficient rights -to grant the rights to its Contributions conveyed by this License. - -2.6. Fair Use - -This License is not intended to limit any rights You have under -applicable copyright doctrines of fair use, fair dealing, or other -equivalents. - -2.7. Conditions - -Sections 3.1, 3.2, 3.3, and 3.4 are conditions of the licenses granted -in Section 2.1. - -3. Responsibilities -------------------- - -3.1. Distribution of Source Form - -All distribution of Covered Software in Source Code Form, including any -Modifications that You create or to which You contribute, must be under -the terms of this License. You must inform recipients that the Source -Code Form of the Covered Software is governed by the terms of this -License, and how they can obtain a copy of this License. You may not -attempt to alter or restrict the recipients' rights in the Source Code -Form. - -3.2. Distribution of Executable Form - -If You distribute Covered Software in Executable Form then: - -(a) such Covered Software must also be made available in Source Code - Form, as described in Section 3.1, and You must inform recipients of - the Executable Form how they can obtain a copy of such Source Code - Form by reasonable means in a timely manner, at a charge no more - than the cost of distribution to the recipient; and - -(b) You may distribute such Executable Form under the terms of this - License, or sublicense it under different terms, provided that the - license for the Executable Form does not attempt to limit or alter - the recipients' rights in the Source Code Form under this License. - -3.3. Distribution of a Larger Work - -You may create and distribute a Larger Work under terms of Your choice, -provided that You also comply with the requirements of this License for -the Covered Software. If the Larger Work is a combination of Covered -Software with a work governed by one or more Secondary Licenses, and the -Covered Software is not Incompatible With Secondary Licenses, this -License permits You to additionally distribute such Covered Software -under the terms of such Secondary License(s), so that the recipient of -the Larger Work may, at their option, further distribute the Covered -Software under the terms of either this License or such Secondary -License(s). - -3.4. Notices - -You may not remove or alter the substance of any license notices -(including copyright notices, patent notices, disclaimers of warranty, -or limitations of liability) contained within the Source Code Form of -the Covered Software, except that You may alter any license notices to -the extent required to remedy known factual inaccuracies. - -3.5. Application of Additional Terms - -You may choose to offer, and to charge a fee for, warranty, support, -indemnity or liability obligations to one or more recipients of Covered -Software. However, You may do so only on Your own behalf, and not on -behalf of any Contributor. You must make it absolutely clear that any -such warranty, support, indemnity, or liability obligation is offered by -You alone, and You hereby agree to indemnify every Contributor for any -liability incurred by such Contributor as a result of warranty, support, -indemnity or liability terms You offer. You may include additional -disclaimers of warranty and limitations of liability specific to any -jurisdiction. - -4. Inability to Comply Due to Statute or Regulation ---------------------------------------------------- - -If it is impossible for You to comply with any of the terms of this -License with respect to some or all of the Covered Software due to -statute, judicial order, or regulation then You must: (a) comply with -the terms of this License to the maximum extent possible; and (b) -describe the limitations and the code they affect. Such description must -be placed in a text file included with all distributions of the Covered -Software under this License. Except to the extent prohibited by statute -or regulation, such description must be sufficiently detailed for a -recipient of ordinary skill to be able to understand it. - -5. Termination --------------- - -5.1. The rights granted under this License will terminate automatically -if You fail to comply with any of its terms. However, if You become -compliant, then the rights granted under this License from a particular -Contributor are reinstated (a) provisionally, unless and until such -Contributor explicitly and finally terminates Your grants, and (b) on an -ongoing basis, if such Contributor fails to notify You of the -non-compliance by some reasonable means prior to 60 days after You have -come back into compliance. Moreover, Your grants from a particular -Contributor are reinstated on an ongoing basis if such Contributor -notifies You of the non-compliance by some reasonable means, this is the -first time You have received notice of non-compliance with this License -from such Contributor, and You become compliant prior to 30 days after -Your receipt of the notice. - -5.2. If You initiate litigation against any entity by asserting a patent -infringement claim (excluding declaratory judgment actions, -counter-claims, and cross-claims) alleging that a Contributor Version -directly or indirectly infringes any patent, then the rights granted to -You by any and all Contributors for the Covered Software under Section -2.1 of this License shall terminate. - -5.3. In the event of termination under Sections 5.1 or 5.2 above, all -end user license agreements (excluding distributors and resellers) which -have been validly granted by You or Your distributors under this License -prior to termination shall survive termination. - -************************************************************************ -* * -* 6. Disclaimer of Warranty * -* ------------------------- * -* * -* Covered Software is provided under this License on an "as is" * -* basis, without warranty of any kind, either expressed, implied, or * -* statutory, including, without limitation, warranties that the * -* Covered Software is free of defects, merchantable, fit for a * -* particular purpose or non-infringing. The entire risk as to the * -* quality and performance of the Covered Software is with You. * -* Should any Covered Software prove defective in any respect, You * -* (not any Contributor) assume the cost of any necessary servicing, * -* repair, or correction. This disclaimer of warranty constitutes an * -* essential part of this License. No use of any Covered Software is * -* authorized under this License except under this disclaimer. * -* * -************************************************************************ - -************************************************************************ -* * -* 7. Limitation of Liability * -* -------------------------- * -* * -* Under no circumstances and under no legal theory, whether tort * -* (including negligence), contract, or otherwise, shall any * -* Contributor, or anyone who distributes Covered Software as * -* permitted above, be liable to You for any direct, indirect, * -* special, incidental, or consequential damages of any character * -* including, without limitation, damages for lost profits, loss of * -* goodwill, work stoppage, computer failure or malfunction, or any * -* and all other commercial damages or losses, even if such party * -* shall have been informed of the possibility of such damages. This * -* limitation of liability shall not apply to liability for death or * -* personal injury resulting from such party's negligence to the * -* extent applicable law prohibits such limitation. Some * -* jurisdictions do not allow the exclusion or limitation of * -* incidental or consequential damages, so this exclusion and * -* limitation may not apply to You. * -* * -************************************************************************ - -8. Litigation -------------- - -Any litigation relating to this License may be brought only in the -courts of a jurisdiction where the defendant maintains its principal -place of business and such litigation shall be governed by laws of that -jurisdiction, without reference to its conflict-of-law provisions. -Nothing in this Section shall prevent a party's ability to bring -cross-claims or counter-claims. - -9. Miscellaneous ----------------- - -This License represents the complete agreement concerning the subject -matter hereof. If any provision of this License is held to be -unenforceable, such provision shall be reformed only to the extent -necessary to make it enforceable. Any law or regulation which provides -that the language of a contract shall be construed against the drafter -shall not be used to construe this License against a Contributor. - -10. Versions of the License ---------------------------- - -10.1. New Versions - -Mozilla Foundation is the license steward. Except as provided in Section -10.3, no one other than the license steward has the right to modify or -publish new versions of this License. Each version will be given a -distinguishing version number. - -10.2. Effect of New Versions - -You may distribute the Covered Software under the terms of the version -of the License under which You originally received the Covered Software, -or under the terms of any subsequent version published by the license -steward. - -10.3. Modified Versions - -If you create software not governed by this License, and you want to -create a new license for such software, you may create and use a -modified version of this License if you rename the license and remove -any references to the name of the license steward (except to note that -such modified license differs from this License). - -10.4. Distributing Source Code Form that is Incompatible With Secondary -Licenses - -If You choose to distribute Source Code Form that is Incompatible With -Secondary Licenses under the terms of this version of the License, the -notice described in Exhibit B of this License must be attached. - -Exhibit A - Source Code Form License Notice -------------------------------------------- - - This Source Code Form is subject to the terms of the Mozilla Public - License, v. 2.0. If a copy of the MPL was not distributed with this - file, You can obtain one at http://mozilla.org/MPL/2.0/. - -If it is not possible or desirable to put the notice in a particular -file, then You may include the notice in a location (such as a LICENSE -file in a relevant directory) where a recipient would be likely to look -for such a notice. - -You may add additional accurate notices of copyright ownership. - -Exhibit B - "Incompatible With Secondary Licenses" Notice ---------------------------------------------------------- - - This Source Code Form is "Incompatible With Secondary Licenses", as - defined by the Mozilla Public License, v. 2.0. diff --git a/recipes-sota/config/aktualizr-disable-send-ip.bb b/recipes-sota/config/aktualizr-disable-send-ip.bb index cab7696..8dd2647 100644 --- a/recipes-sota/config/aktualizr-disable-send-ip.bb +++ b/recipes-sota/config/aktualizr-disable-send-ip.bb @@ -3,10 +3,9 @@ DESCRIPTION = "Configures aktualizr to disable IP reporting to the server" HOMEPAGE = "https://github.com/advancedtelematic/aktualizr" SECTION = "base" LICENSE = "MPL-2.0" -LIC_FILES_CHKSUM = "file://${WORKDIR}/LICENSE;md5=9741c346eef56131163e13b9db1241b3" +LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7f619bab123dad" SRC_URI = " \ - file://LICENSE \ file://30-disable-send-ip.toml \ " diff --git a/recipes-sota/config/aktualizr-example-interface.bb b/recipes-sota/config/aktualizr-example-interface.bb index 37a9184..ac75352 100644 --- a/recipes-sota/config/aktualizr-example-interface.bb +++ b/recipes-sota/config/aktualizr-example-interface.bb @@ -3,10 +3,9 @@ DESCRIPTION = "Aktualizr example interface for legacy secondaries" HOMEPAGE = "https://github.com/advancedtelematic/aktualizr" SECTION = "base" LICENSE = "MPL-2.0" -LIC_FILES_CHKSUM = "file://${WORKDIR}/LICENSE;md5=9741c346eef56131163e13b9db1241b3" +LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7f619bab123dad" SRC_URI = " \ - file://LICENSE \ file://30-example-interface.toml \ " diff --git a/recipes-sota/config/aktualizr-log-debug.bb b/recipes-sota/config/aktualizr-log-debug.bb index e628616..098faf4 100644 --- a/recipes-sota/config/aktualizr-log-debug.bb +++ b/recipes-sota/config/aktualizr-log-debug.bb @@ -3,10 +3,9 @@ DESCRIPTION = "Configures aktualizr to log at a debugging level" HOMEPAGE = "https://github.com/advancedtelematic/aktualizr" SECTION = "base" LICENSE = "MPL-2.0" -LIC_FILES_CHKSUM = "file://${WORKDIR}/LICENSE;md5=9741c346eef56131163e13b9db1241b3" +LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7f619bab123dad" SRC_URI = " \ - file://LICENSE \ file://05-log-debug.toml \ " diff --git a/recipes-sota/config/files/LICENSE b/recipes-sota/config/files/LICENSE deleted file mode 100644 index a612ad9..0000000 --- a/recipes-sota/config/files/LICENSE +++ /dev/null @@ -1,373 +0,0 @@ -Mozilla Public License Version 2.0 -================================== - -1. Definitions --------------- - -1.1. "Contributor" - means each individual or legal entity that creates, contributes to - the creation of, or owns Covered Software. - -1.2. "Contributor Version" - means the combination of the Contributions of others (if any) used - by a Contributor and that particular Contributor's Contribution. - -1.3. "Contribution" - means Covered Software of a particular Contributor. - -1.4. "Covered Software" - means Source Code Form to which the initial Contributor has attached - the notice in Exhibit A, the Executable Form of such Source Code - Form, and Modifications of such Source Code Form, in each case - including portions thereof. - -1.5. "Incompatible With Secondary Licenses" - means - - (a) that the initial Contributor has attached the notice described - in Exhibit B to the Covered Software; or - - (b) that the Covered Software was made available under the terms of - version 1.1 or earlier of the License, but not also under the - terms of a Secondary License. - -1.6. "Executable Form" - means any form of the work other than Source Code Form. - -1.7. "Larger Work" - means a work that combines Covered Software with other material, in - a separate file or files, that is not Covered Software. - -1.8. "License" - means this document. - -1.9. "Licensable" - means having the right to grant, to the maximum extent possible, - whether at the time of the initial grant or subsequently, any and - all of the rights conveyed by this License. - -1.10. "Modifications" - means any of the following: - - (a) any file in Source Code Form that results from an addition to, - deletion from, or modification of the contents of Covered - Software; or - - (b) any new file in Source Code Form that contains any Covered - Software. - -1.11. "Patent Claims" of a Contributor - means any patent claim(s), including without limitation, method, - process, and apparatus claims, in any patent Licensable by such - Contributor that would be infringed, but for the grant of the - License, by the making, using, selling, offering for sale, having - made, import, or transfer of either its Contributions or its - Contributor Version. - -1.12. "Secondary License" - means either the GNU General Public License, Version 2.0, the GNU - Lesser General Public License, Version 2.1, the GNU Affero General - Public License, Version 3.0, or any later versions of those - licenses. - -1.13. "Source Code Form" - means the form of the work preferred for making modifications. - -1.14. "You" (or "Your") - means an individual or a legal entity exercising rights under this - License. For legal entities, "You" includes any entity that - controls, is controlled by, or is under common control with You. For - purposes of this definition, "control" means (a) the power, direct - or indirect, to cause the direction or management of such entity, - whether by contract or otherwise, or (b) ownership of more than - fifty percent (50%) of the outstanding shares or beneficial - ownership of such entity. - -2. License Grants and Conditions --------------------------------- - -2.1. Grants - -Each Contributor hereby grants You a world-wide, royalty-free, -non-exclusive license: - -(a) under intellectual property rights (other than patent or trademark) - Licensable by such Contributor to use, reproduce, make available, - modify, display, perform, distribute, and otherwise exploit its - Contributions, either on an unmodified basis, with Modifications, or - as part of a Larger Work; and - -(b) under Patent Claims of such Contributor to make, use, sell, offer - for sale, have made, import, and otherwise transfer either its - Contributions or its Contributor Version. - -2.2. Effective Date - -The licenses granted in Section 2.1 with respect to any Contribution -become effective for each Contribution on the date the Contributor first -distributes such Contribution. - -2.3. Limitations on Grant Scope - -The licenses granted in this Section 2 are the only rights granted under -this License. No additional rights or licenses will be implied from the -distribution or licensing of Covered Software under this License. -Notwithstanding Section 2.1(b) above, no patent license is granted by a -Contributor: - -(a) for any code that a Contributor has removed from Covered Software; - or - -(b) for infringements caused by: (i) Your and any other third party's - modifications of Covered Software, or (ii) the combination of its - Contributions with other software (except as part of its Contributor - Version); or - -(c) under Patent Claims infringed by Covered Software in the absence of - its Contributions. - -This License does not grant any rights in the trademarks, service marks, -or logos of any Contributor (except as may be necessary to comply with -the notice requirements in Section 3.4). - -2.4. Subsequent Licenses - -No Contributor makes additional grants as a result of Your choice to -distribute the Covered Software under a subsequent version of this -License (see Section 10.2) or under the terms of a Secondary License (if -permitted under the terms of Section 3.3). - -2.5. Representation - -Each Contributor represents that the Contributor believes its -Contributions are its original creation(s) or it has sufficient rights -to grant the rights to its Contributions conveyed by this License. - -2.6. Fair Use - -This License is not intended to limit any rights You have under -applicable copyright doctrines of fair use, fair dealing, or other -equivalents. - -2.7. Conditions - -Sections 3.1, 3.2, 3.3, and 3.4 are conditions of the licenses granted -in Section 2.1. - -3. Responsibilities -------------------- - -3.1. Distribution of Source Form - -All distribution of Covered Software in Source Code Form, including any -Modifications that You create or to which You contribute, must be under -the terms of this License. You must inform recipients that the Source -Code Form of the Covered Software is governed by the terms of this -License, and how they can obtain a copy of this License. You may not -attempt to alter or restrict the recipients' rights in the Source Code -Form. - -3.2. Distribution of Executable Form - -If You distribute Covered Software in Executable Form then: - -(a) such Covered Software must also be made available in Source Code - Form, as described in Section 3.1, and You must inform recipients of - the Executable Form how they can obtain a copy of such Source Code - Form by reasonable means in a timely manner, at a charge no more - than the cost of distribution to the recipient; and - -(b) You may distribute such Executable Form under the terms of this - License, or sublicense it under different terms, provided that the - license for the Executable Form does not attempt to limit or alter - the recipients' rights in the Source Code Form under this License. - -3.3. Distribution of a Larger Work - -You may create and distribute a Larger Work under terms of Your choice, -provided that You also comply with the requirements of this License for -the Covered Software. If the Larger Work is a combination of Covered -Software with a work governed by one or more Secondary Licenses, and the -Covered Software is not Incompatible With Secondary Licenses, this -License permits You to additionally distribute such Covered Software -under the terms of such Secondary License(s), so that the recipient of -the Larger Work may, at their option, further distribute the Covered -Software under the terms of either this License or such Secondary -License(s). - -3.4. Notices - -You may not remove or alter the substance of any license notices -(including copyright notices, patent notices, disclaimers of warranty, -or limitations of liability) contained within the Source Code Form of -the Covered Software, except that You may alter any license notices to -the extent required to remedy known factual inaccuracies. - -3.5. Application of Additional Terms - -You may choose to offer, and to charge a fee for, warranty, support, -indemnity or liability obligations to one or more recipients of Covered -Software. However, You may do so only on Your own behalf, and not on -behalf of any Contributor. You must make it absolutely clear that any -such warranty, support, indemnity, or liability obligation is offered by -You alone, and You hereby agree to indemnify every Contributor for any -liability incurred by such Contributor as a result of warranty, support, -indemnity or liability terms You offer. You may include additional -disclaimers of warranty and limitations of liability specific to any -jurisdiction. - -4. Inability to Comply Due to Statute or Regulation ---------------------------------------------------- - -If it is impossible for You to comply with any of the terms of this -License with respect to some or all of the Covered Software due to -statute, judicial order, or regulation then You must: (a) comply with -the terms of this License to the maximum extent possible; and (b) -describe the limitations and the code they affect. Such description must -be placed in a text file included with all distributions of the Covered -Software under this License. Except to the extent prohibited by statute -or regulation, such description must be sufficiently detailed for a -recipient of ordinary skill to be able to understand it. - -5. Termination --------------- - -5.1. The rights granted under this License will terminate automatically -if You fail to comply with any of its terms. However, if You become -compliant, then the rights granted under this License from a particular -Contributor are reinstated (a) provisionally, unless and until such -Contributor explicitly and finally terminates Your grants, and (b) on an -ongoing basis, if such Contributor fails to notify You of the -non-compliance by some reasonable means prior to 60 days after You have -come back into compliance. Moreover, Your grants from a particular -Contributor are reinstated on an ongoing basis if such Contributor -notifies You of the non-compliance by some reasonable means, this is the -first time You have received notice of non-compliance with this License -from such Contributor, and You become compliant prior to 30 days after -Your receipt of the notice. - -5.2. If You initiate litigation against any entity by asserting a patent -infringement claim (excluding declaratory judgment actions, -counter-claims, and cross-claims) alleging that a Contributor Version -directly or indirectly infringes any patent, then the rights granted to -You by any and all Contributors for the Covered Software under Section -2.1 of this License shall terminate. - -5.3. In the event of termination under Sections 5.1 or 5.2 above, all -end user license agreements (excluding distributors and resellers) which -have been validly granted by You or Your distributors under this License -prior to termination shall survive termination. - -************************************************************************ -* * -* 6. Disclaimer of Warranty * -* ------------------------- * -* * -* Covered Software is provided under this License on an "as is" * -* basis, without warranty of any kind, either expressed, implied, or * -* statutory, including, without limitation, warranties that the * -* Covered Software is free of defects, merchantable, fit for a * -* particular purpose or non-infringing. The entire risk as to the * -* quality and performance of the Covered Software is with You. * -* Should any Covered Software prove defective in any respect, You * -* (not any Contributor) assume the cost of any necessary servicing, * -* repair, or correction. This disclaimer of warranty constitutes an * -* essential part of this License. No use of any Covered Software is * -* authorized under this License except under this disclaimer. * -* * -************************************************************************ - -************************************************************************ -* * -* 7. Limitation of Liability * -* -------------------------- * -* * -* Under no circumstances and under no legal theory, whether tort * -* (including negligence), contract, or otherwise, shall any * -* Contributor, or anyone who distributes Covered Software as * -* permitted above, be liable to You for any direct, indirect, * -* special, incidental, or consequential damages of any character * -* including, without limitation, damages for lost profits, loss of * -* goodwill, work stoppage, computer failure or malfunction, or any * -* and all other commercial damages or losses, even if such party * -* shall have been informed of the possibility of such damages. This * -* limitation of liability shall not apply to liability for death or * -* personal injury resulting from such party's negligence to the * -* extent applicable law prohibits such limitation. Some * -* jurisdictions do not allow the exclusion or limitation of * -* incidental or consequential damages, so this exclusion and * -* limitation may not apply to You. * -* * -************************************************************************ - -8. Litigation -------------- - -Any litigation relating to this License may be brought only in the -courts of a jurisdiction where the defendant maintains its principal -place of business and such litigation shall be governed by laws of that -jurisdiction, without reference to its conflict-of-law provisions. -Nothing in this Section shall prevent a party's ability to bring -cross-claims or counter-claims. - -9. Miscellaneous ----------------- - -This License represents the complete agreement concerning the subject -matter hereof. If any provision of this License is held to be -unenforceable, such provision shall be reformed only to the extent -necessary to make it enforceable. Any law or regulation which provides -that the language of a contract shall be construed against the drafter -shall not be used to construe this License against a Contributor. - -10. Versions of the License ---------------------------- - -10.1. New Versions - -Mozilla Foundation is the license steward. Except as provided in Section -10.3, no one other than the license steward has the right to modify or -publish new versions of this License. Each version will be given a -distinguishing version number. - -10.2. Effect of New Versions - -You may distribute the Covered Software under the terms of the version -of the License under which You originally received the Covered Software, -or under the terms of any subsequent version published by the license -steward. - -10.3. Modified Versions - -If you create software not governed by this License, and you want to -create a new license for such software, you may create and use a -modified version of this License if you rename the license and remove -any references to the name of the license steward (except to note that -such modified license differs from this License). - -10.4. Distributing Source Code Form that is Incompatible With Secondary -Licenses - -If You choose to distribute Source Code Form that is Incompatible With -Secondary Licenses under the terms of this version of the License, the -notice described in Exhibit B of this License must be attached. - -Exhibit A - Source Code Form License Notice -------------------------------------------- - - This Source Code Form is subject to the terms of the Mozilla Public - License, v. 2.0. If a copy of the MPL was not distributed with this - file, You can obtain one at http://mozilla.org/MPL/2.0/. - -If it is not possible or desirable to put the notice in a particular -file, then You may include the notice in a location (such as a LICENSE -file in a relevant directory) where a recipient would be likely to look -for such a notice. - -You may add additional accurate notices of copyright ownership. - -Exhibit B - "Incompatible With Secondary Licenses" Notice ---------------------------------------------------------- - - This Source Code Form is "Incompatible With Secondary Licenses", as - defined by the Mozilla Public License, v. 2.0. -- cgit v1.2.3-54-g00ecf From 01171e3e4badd099dd7a52951078a85c66e910fd Mon Sep 17 00:00:00 2001 From: Anton Gerasimov Date: Wed, 5 Sep 2018 16:22:07 +0200 Subject: Add SOTA_DEPLOY_CREDENTIALS variable to control whether the built image should be provisioned --- README.adoc | 1 + classes/sota.bbclass | 2 + .../aktualizr/aktualizr-auto-prov-creds.bb | 23 ++++++++++ recipes-sota/aktualizr/aktualizr-auto-prov.bb | 20 +++------ .../aktualizr/aktualizr-ca-implicit-prov-creds.bb | 50 ++++++++++++++++++++++ .../aktualizr/aktualizr-ca-implicit-prov.bb | 41 +----------------- recipes-sota/aktualizr/aktualizr-hsm-prov.bb | 6 +-- recipes-sota/aktualizr/aktualizr-implicit-prov.bb | 34 --------------- recipes-sota/aktualizr/aktualizr_git.bb | 7 ++- 9 files changed, 87 insertions(+), 97 deletions(-) create mode 100644 recipes-sota/aktualizr/aktualizr-auto-prov-creds.bb create mode 100644 recipes-sota/aktualizr/aktualizr-ca-implicit-prov-creds.bb delete mode 100644 recipes-sota/aktualizr/aktualizr-implicit-prov.bb diff --git a/README.adoc b/README.adoc index d2bd4b5..d8e5f4d 100644 --- a/README.adoc +++ b/README.adoc @@ -80,6 +80,7 @@ Although we have used U-Boot so far, other boot loaders can be configured work w * `OSTREE_OSNAME` - OS deployment name on your target device. For more information about deployments and osnames see the https://ostree.readthedocs.io/en/latest/manual/deployment/[OSTree documentation]. Defaults to "poky". * `OSTREE_INITRAMFS_IMAGE` - initramfs/initrd image that is used as a proxy while booting into OSTree deployment. Do not change this setting unless you are sure that your initramfs can serve as such a proxy. * `SOTA_PACKED_CREDENTIALS` - when set, your ostree commit will be pushed to a remote repo as a bitbake step. This should be the path to a zipped credentials file in https://github.com/advancedtelematic/aktualizr/blob/master/docs/credentials.adoc[the format accepted by garage-push]. +* `SOTA_DEPLOY_CREDENTIALS` - when set to '1' (default value), deploys credentials to the built image. Override it in `local.conf` to built a generic image that can be provisioned manually after the build. * `SOTA_CLIENT_PROV` - which provisioning method to use. Valid options are https://github.com/advancedtelematic/aktualizr/blob/master/docs/automatic-provisioning.adoc[`aktualizr-auto-prov`], https://github.com/advancedtelematic/aktualizr/blob/master/docs/implicit-provisioning.adoc[`aktualizr-implicit-prov`], and https://github.com/advancedtelematic/aktualizr/blob/master/docs/hsm-provisioning.adoc[`aktualizr-hsm-prov`]. The default is `aktualizr-auto-prov`. This can also be set to an empty string to avoid using a provisioning recipe. * `SOTA_CLIENT_FEATURES` - extensions to aktualizr. The only valid options are `hsm` (to build with HSM support) and `secondary-network` (to set up a simulated 'in-vehicle' network with support for a primary node with a DHCP server and a secondary node with a DHCP client). * `SOTA_SECONDARY_ECUS` - a list of paths separated by spaces of JSON configuration files for virtual secondaries on the host. These will be installed into `/var/sota/ecus` on the device. diff --git a/classes/sota.bbclass b/classes/sota.bbclass index e1c5ecd..06da674 100644 --- a/classes/sota.bbclass +++ b/classes/sota.bbclass @@ -9,6 +9,8 @@ HOSTTOOLS_NONFATAL += "java" SOTA_CLIENT ??= "aktualizr" SOTA_CLIENT_PROV ??= "aktualizr-auto-prov" +SOTA_DEPLOY_CREDENTIALS ?= "1" + IMAGE_INSTALL_append_sota = " ostree os-release ${SOTA_CLIENT} ${SOTA_CLIENT_PROV}" IMAGE_CLASSES += " image_types_ostree image_types_ota" IMAGE_FSTYPES += "${@bb.utils.contains('DISTRO_FEATURES', 'sota', 'ostreepush garagesign garagecheck otaimg wic', ' ', d)}" diff --git a/recipes-sota/aktualizr/aktualizr-auto-prov-creds.bb b/recipes-sota/aktualizr/aktualizr-auto-prov-creds.bb new file mode 100644 index 0000000..d964a0a --- /dev/null +++ b/recipes-sota/aktualizr/aktualizr-auto-prov-creds.bb @@ -0,0 +1,23 @@ +SUMMARY = "Credentials for autoprovisioning scenario" +SECTION = "base" +LICENSE = "MPL-2.0" +LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7f619bab123dad" + +DEPENDS = "aktualizr-native zip-native" + +require credentials.inc + +do_install() { + if [ -n ${SOTA_PACKED_CREDENTIALS} ]; then + install -m 0700 -d ${D}${localstatedir}/sota + cp ${SOTA_PACKED_CREDENTIALS} ${D}${localstatedir}/sota/sota_provisioning_credentials.zip + # Device should not be able to push data to treehub + zip -d ${D}${localstatedir}/sota/sota_provisioning_credentials.zip treehub.json + fi +} + +FILES_${PN} = " \ + ${localstatedir}/sota/sota_provisioning_credentials.zip \ + " + +# vim:set ts=4 sw=4 sts=4 expandtab: diff --git a/recipes-sota/aktualizr/aktualizr-auto-prov.bb b/recipes-sota/aktualizr/aktualizr-auto-prov.bb index 9fa95ed..65e89bd 100644 --- a/recipes-sota/aktualizr/aktualizr-auto-prov.bb +++ b/recipes-sota/aktualizr/aktualizr-auto-prov.bb @@ -6,7 +6,8 @@ LICENSE = "MPL-2.0" LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7f619bab123dad" DEPENDS = "aktualizr-native zip-native" -RDEPENDS_${PN} = "aktualizr" +RDEPENDS_${PN}_append = "${@' aktualizr-auto-prov-creds' if d.getVar('SOTA_DEPLOY_CREDENTIALS', True) == '1' else ''}" +RDEPENDS_${PN} = " aktualizr" PV = "1.0" PR = "6" @@ -31,19 +32,10 @@ do_install() { install -m 0700 -d ${D}${libdir}/sota/conf.d install -m 0700 -d ${D}${localstatedir}/sota - if [ -n "${SOTA_PACKED_CREDENTIALS}" ]; then - aktualizr_toml=${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'secondary-network', 'sota_autoprov_primary.toml', 'sota_autoprov.toml', d)} - - install -m 0644 ${STAGING_DIR_NATIVE}${libdir}/sota/${aktualizr_toml} \ - ${D}${libdir}/sota/conf.d/20-${aktualizr_toml} - - # deploy SOTA credentials - if [ -e ${SOTA_PACKED_CREDENTIALS} ]; then - cp ${SOTA_PACKED_CREDENTIALS} ${D}${localstatedir}/sota/sota_provisioning_credentials.zip - # Device should not be able to push data to treehub - zip -d ${D}${localstatedir}/sota/sota_provisioning_credentials.zip treehub.json - fi - fi + aktualizr_toml=${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'secondary-network', 'sota_autoprov_primary.toml', 'sota_autoprov.toml', d)} + + install -m 0644 ${STAGING_DIR_NATIVE}${libdir}/sota/${aktualizr_toml} \ + ${D}${libdir}/sota/conf.d/20-${aktualizr_toml} } FILES_${PN} = " \ diff --git a/recipes-sota/aktualizr/aktualizr-ca-implicit-prov-creds.bb b/recipes-sota/aktualizr/aktualizr-ca-implicit-prov-creds.bb new file mode 100644 index 0000000..5debc19 --- /dev/null +++ b/recipes-sota/aktualizr/aktualizr-ca-implicit-prov-creds.bb @@ -0,0 +1,50 @@ +SUMMARY = "Credentials for implicit provisioning with CA certificate" +SECTION = "base" +LICENSE = "MPL-2.0" +LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7f619bab123dad" + +DEPENDS = "aktualizr aktualizr-native" + +SRC_URI = " \ + file://ca.cnf \ + " + +require credentials.inc + +export SOTA_CACERT_PATH +export SOTA_CAKEY_PATH + +do_install() { + if [ -n "${SOTA_PACKED_CREDENTIALS}" ]; then + if [ -z ${SOTA_CACERT_PATH} ]; then + SOTA_CACERT_PATH=${DEPLOY_DIR_IMAGE}/CA/cacert.pem + SOTA_CAKEY_PATH=${DEPLOY_DIR_IMAGE}/CA/ca.private.pem + mkdir -p ${DEPLOY_DIR_IMAGE}/CA + bbwarn "SOTA_CACERT_PATH is not specified, use default one at $SOTA_CACERT_PATH" + + if [ ! -f ${SOTA_CACERT_PATH} ]; then + bbwarn "${SOTA_CACERT_PATH} does not exist, generate a new CA" + SOTA_CACERT_DIR_PATH="$(dirname "$SOTA_CACERT_PATH")" + openssl genrsa -out ${SOTA_CACERT_DIR_PATH}/ca.private.pem 4096 + openssl req -key ${SOTA_CACERT_DIR_PATH}/ca.private.pem -new -x509 -days 7300 -out ${SOTA_CACERT_PATH} -subj "/C=DE/ST=Berlin/O=Reis und Kichererbsen e.V/commonName=meta-updater" -batch -config ${WORKDIR}/ca.cnf -extensions cacert + bbwarn "${SOTA_CACERT_PATH} has been created, you'll need to upload it to the server" + fi + fi + + if [ -z ${SOTA_CAKEY_PATH} ]; then + bberror "SOTA_CAKEY_PATH should be set when using implicit provisioning" + fi + + install -m 0700 -d ${D}${localstatedir}/sota + aktualizr_cert_provider --credentials ${SOTA_PACKED_CREDENTIALS} \ + --device-ca ${SOTA_CACERT_PATH} \ + --device-ca-key ${SOTA_CAKEY_PATH} \ + --root-ca \ + --server-url \ + --local ${D} \ + --config ${STAGING_DIR_HOST}${libdir}/sota/sota_implicit_prov_ca.toml + fi +} + +FILES_${PN} = " \ + ${localstatedir}/sota/*" diff --git a/recipes-sota/aktualizr/aktualizr-ca-implicit-prov.bb b/recipes-sota/aktualizr/aktualizr-ca-implicit-prov.bb index 83504f1..2763185 100644 --- a/recipes-sota/aktualizr/aktualizr-ca-implicit-prov.bb +++ b/recipes-sota/aktualizr/aktualizr-ca-implicit-prov.bb @@ -10,62 +10,23 @@ LICENSE = "MPL-2.0" LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7f619bab123dad" DEPENDS = "aktualizr aktualizr-native openssl-native" +RDEPENDS_${PN}_append = "${@' aktualizr-ca-implicit-prov-creds' if d.getVar('SOTA_DEPLOY_CREDENTIALS', True) == '1' else ''}" -SRC_URI = " \ - file://ca.cnf \ - " PV = "1.0" PR = "1" require environment.inc require credentials.inc -export SOTA_CACERT_PATH -export SOTA_CAKEY_PATH - do_install() { install -m 0700 -d ${D}${libdir}/sota/conf.d - if [ -z "${SOTA_PACKED_CREDENTIALS}" ]; then - bberror "SOTA_PACKED_CREDENTIALS are required for implicit provisioning" - fi - - if [ -z ${SOTA_CACERT_PATH} ]; then - SOTA_CACERT_PATH=${DEPLOY_DIR_IMAGE}/CA/cacert.pem - SOTA_CAKEY_PATH=${DEPLOY_DIR_IMAGE}/CA/ca.private.pem - mkdir -p ${DEPLOY_DIR_IMAGE}/CA - bbwarn "SOTA_CACERT_PATH is not specified, use default one at $SOTA_CACERT_PATH" - - if [ ! -f ${SOTA_CACERT_PATH} ]; then - bbwarn "${SOTA_CACERT_PATH} does not exist, generate a new CA" - SOTA_CACERT_DIR_PATH="$(dirname "$SOTA_CACERT_PATH")" - openssl genrsa -out ${SOTA_CACERT_DIR_PATH}/ca.private.pem 4096 - openssl req -key ${SOTA_CACERT_DIR_PATH}/ca.private.pem -new -x509 -days 7300 -out ${SOTA_CACERT_PATH} -subj "/C=DE/ST=Berlin/O=Reis und Kichererbsen e.V/commonName=meta-updater" -batch -config ${WORKDIR}/ca.cnf -extensions cacert - bbwarn "${SOTA_CACERT_PATH} has been created, you'll need to upload it to the server" - fi - fi - - if [ -z ${SOTA_CAKEY_PATH} ]; then - bberror "SOTA_CAKEY_PATH should be set when using implicit provisioning" - fi - - install -m 0700 -d ${D}${localstatedir}/sota install -m 0644 ${STAGING_DIR_HOST}${libdir}/sota/sota_implicit_prov_ca.toml \ ${D}${libdir}/sota/conf.d/20-sota_implicit_prov_ca.toml - aktualizr_cert_provider --credentials ${SOTA_PACKED_CREDENTIALS} \ - --device-ca ${SOTA_CACERT_PATH} \ - --device-ca-key ${SOTA_CAKEY_PATH} \ - --root-ca \ - --server-url \ - --local ${D}${localstatedir}/sota \ - --config ${STAGING_DIR_HOST}${libdir}/sota/sota_implicit_prov_ca.toml } FILES_${PN} = " \ - ${libdir}/sota/conf.d \ ${libdir}/sota/conf.d/20-sota_implicit_prov_ca.toml \ - ${libdir}/sota/root.crt \ - ${localstatedir}/sota/* \ " # vim:set ts=4 sw=4 sts=4 expandtab: diff --git a/recipes-sota/aktualizr/aktualizr-hsm-prov.bb b/recipes-sota/aktualizr/aktualizr-hsm-prov.bb index 0450138..e915046 100644 --- a/recipes-sota/aktualizr/aktualizr-hsm-prov.bb +++ b/recipes-sota/aktualizr/aktualizr-hsm-prov.bb @@ -6,6 +6,7 @@ LICENSE = "MPL-2.0" LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7f619bab123dad" DEPENDS = "aktualizr aktualizr-native" +RDEPENDS_${PN}_append = "${@' aktualizr-ca-implicit-prov-creds softhsm-testtoken' if d.getVar('SOTA_DEPLOY_CREDENTIALS', True) == '1' else ''}" SRC_URI = "" PV = "1.0" @@ -18,16 +19,11 @@ do_install() { install -m 0700 -d ${D}${libdir}/sota/conf.d install -m 0644 ${STAGING_DIR_HOST}${libdir}/sota/sota_hsm_prov.toml \ ${D}${libdir}/sota/conf.d/20-sota_hsm_prov.toml - if [ -n "${SOTA_PACKED_CREDENTIALS}" ]; then - aktualizr_implicit_writer -c ${SOTA_PACKED_CREDENTIALS} --no-root-ca \ - -o ${D}${libdir}/sota/conf.d/30-implicit_server.toml -p ${D} - fi } FILES_${PN} = " \ ${libdir}/sota/conf.d \ ${libdir}/sota/conf.d/20-sota_hsm_prov.toml \ - ${libdir}/sota/conf.d/30-implicit_server.toml \ " # vim:set ts=4 sw=4 sts=4 expandtab: diff --git a/recipes-sota/aktualizr/aktualizr-implicit-prov.bb b/recipes-sota/aktualizr/aktualizr-implicit-prov.bb deleted file mode 100644 index 5c54e8a..0000000 --- a/recipes-sota/aktualizr/aktualizr-implicit-prov.bb +++ /dev/null @@ -1,34 +0,0 @@ -SUMMARY = "Aktualizr configuration for implicit provisioning" -DESCRIPTION = "Configuration for implicitly provisioning Aktualizr, the SOTA Client application written in C++" -HOMEPAGE = "https://github.com/advancedtelematic/aktualizr" -SECTION = "base" -LICENSE = "MPL-2.0" -LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7f619bab123dad" - -DEPENDS = "aktualizr aktualizr-native" - -SRC_URI = "" -PV = "1.0" -PR = "1" - -require environment.inc -require credentials.inc - -do_install() { - install -m 0700 -d ${D}${libdir}/sota/conf.d - install -m 0644 ${STAGING_DIR_HOST}${libdir}/sota/sota_implicit_prov.toml \ - ${D}${libdir}/sota/conf.d/20-sota_implicit_prov.toml - if [ -n "${SOTA_PACKED_CREDENTIALS}" ]; then - aktualizr_implicit_writer -c ${SOTA_PACKED_CREDENTIALS} \ - -o ${D}${libdir}/sota/conf.d/30-implicit_server.toml -p ${D} - fi -} - -FILES_${PN} = " \ - ${libdir}/sota/conf.d \ - ${libdir}/sota/conf.d/20-implicit_prov.toml \ - ${libdir}/sota/conf.d/30-implicit_server.toml \ - ${libdir}/sota/root.crt \ - " - -# vim:set ts=4 sw=4 sts=4 expandtab: diff --git a/recipes-sota/aktualizr/aktualizr_git.bb b/recipes-sota/aktualizr/aktualizr_git.bb index 83e450d..b67114f 100755 --- a/recipes-sota/aktualizr/aktualizr_git.bb +++ b/recipes-sota/aktualizr/aktualizr_git.bb @@ -11,12 +11,13 @@ DEPENDS_append_class-native = "glib-2.0-native " RDEPENDS_${PN}_class-target = "lshw " RDEPENDS_${PN}_append_class-target = "${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'serialcan', ' slcand-start', '', d)} " -RDEPENDS_${PN}_append_class-target = "${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'hsm', ' softhsm softhsm-testtoken', '', d)}" RDEPENDS_${PN}_append_class-target = " ${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'ubootenv', ' u-boot-fw-utils aktualizr-uboot-env-rollback', '', d)} " RDEPENDS_${PN}_append_class-target = " ${PN}-tools " RDEPENDS_${PN}-secondary_append_class-target = " ${PN}-tools " +RDEPENDS_${PN}_class-target = " openssl-bin " + PV = "1.0+git${SRCPV}" PR = "7" @@ -27,7 +28,7 @@ SRC_URI = " \ file://aktualizr-secondary.socket \ file://aktualizr-serialcan.service \ " -SRCREV = "487905ccb2a4b7e8b01becd051242fe504e85950" +SRCREV = "097c763ab4b4b057fa6bedfdac2049e53df93539" BRANCH ?= "master" S = "${WORKDIR}/git" @@ -64,7 +65,6 @@ do_install_append () { install -m 0644 ${S}/config/sota_autoprov.toml ${D}/${libdir}/sota/sota_autoprov.toml install -m 0644 ${S}/config/sota_autoprov_primary.toml ${D}/${libdir}/sota/sota_autoprov_primary.toml install -m 0644 ${S}/config/sota_hsm_prov.toml ${D}/${libdir}/sota/sota_hsm_prov.toml - install -m 0644 ${S}/config/sota_implicit_prov.toml ${D}/${libdir}/sota/sota_implicit_prov.toml install -m 0644 ${S}/config/sota_implicit_prov_ca.toml ${D}/${libdir}/sota/sota_implicit_prov_ca.toml install -m 0644 ${S}/config/sota_secondary.toml ${D}/${libdir}/sota/sota_secondary.toml install -m 0644 ${S}/config/sota_uboot_env.toml ${D}/${libdir}/sota/sota_uboot_env.toml @@ -113,7 +113,6 @@ FILES_${PN}-host-tools = " \ ${libdir}/sota/sota_autoprov.toml \ ${libdir}/sota/sota_autoprov_primary.toml \ ${libdir}/sota/sota_hsm_prov.toml \ - ${libdir}/sota/sota_implicit_prov.toml \ ${libdir}/sota/sota_implicit_prov_ca.toml \ ${libdir}/sota/sota_uboot_env.toml \ " -- cgit v1.2.3-54-g00ecf From d195901f2195eace365045046394dff944a94846 Mon Sep 17 00:00:00 2001 From: Anton Gerasimov Date: Fri, 21 Sep 2018 18:41:25 +0200 Subject: Fix creating SoftHSM token --- recipes-support/softhsm-testtoken/files/createtoken.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/recipes-support/softhsm-testtoken/files/createtoken.sh b/recipes-support/softhsm-testtoken/files/createtoken.sh index b142945..fa4569d 100644 --- a/recipes-support/softhsm-testtoken/files/createtoken.sh +++ b/recipes-support/softhsm-testtoken/files/createtoken.sh @@ -13,7 +13,8 @@ fi mkdir -p /var/lib/softhsm/tokens softhsm2-util --init-token --slot 0 --label "Virtual token" --pin 1234 --so-pin 1234 -softhsm2-util --import /var/sota/import/pkey.pem --label "pkey" --id 02 --token 'Virtual token' --pin 1234 +openssl pkcs8 -topk8 -inform PEM -outform PEM -nocrypt -in /var/sota/import/pkey.pem -out /var/sota/import/pkey.p8 +softhsm2-util --import /var/sota/import/pkey.p8 --label "pkey" --id 02 --token 'Virtual token' --pin 1234 openssl x509 -outform der -in /var/sota/import/client.pem -out /var/sota/import/client.der pkcs11-tool --module=/usr/lib/softhsm/libsofthsm2.so --id 1 --write-object /var/sota/import/client.der --type cert --login --pin 1234 -- cgit v1.2.3-54-g00ecf From 6d4b851b3604af8f05d0f32d31fcf2d58ca83a21 Mon Sep 17 00:00:00 2001 From: Anton Gerasimov Date: Fri, 21 Sep 2018 18:44:42 +0200 Subject: Document delayed provisioning --- README.adoc | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/README.adoc b/README.adoc index d8e5f4d..8b761b6 100644 --- a/README.adoc +++ b/README.adoc @@ -81,7 +81,7 @@ Although we have used U-Boot so far, other boot loaders can be configured work w * `OSTREE_INITRAMFS_IMAGE` - initramfs/initrd image that is used as a proxy while booting into OSTree deployment. Do not change this setting unless you are sure that your initramfs can serve as such a proxy. * `SOTA_PACKED_CREDENTIALS` - when set, your ostree commit will be pushed to a remote repo as a bitbake step. This should be the path to a zipped credentials file in https://github.com/advancedtelematic/aktualizr/blob/master/docs/credentials.adoc[the format accepted by garage-push]. * `SOTA_DEPLOY_CREDENTIALS` - when set to '1' (default value), deploys credentials to the built image. Override it in `local.conf` to built a generic image that can be provisioned manually after the build. -* `SOTA_CLIENT_PROV` - which provisioning method to use. Valid options are https://github.com/advancedtelematic/aktualizr/blob/master/docs/automatic-provisioning.adoc[`aktualizr-auto-prov`], https://github.com/advancedtelematic/aktualizr/blob/master/docs/implicit-provisioning.adoc[`aktualizr-implicit-prov`], and https://github.com/advancedtelematic/aktualizr/blob/master/docs/hsm-provisioning.adoc[`aktualizr-hsm-prov`]. The default is `aktualizr-auto-prov`. This can also be set to an empty string to avoid using a provisioning recipe. +* `SOTA_CLIENT_PROV` - which provisioning method to use. Valid options are https://github.com/advancedtelematic/aktualizr/blob/master/docs/automatic-provisioning.adoc[`aktualizr-auto-prov`], https://github.com/advancedtelematic/aktualizr/blob/master/docs/implicit-provisioning.adoc[`aktualizr-ca-implicit-prov`], and https://github.com/advancedtelematic/aktualizr/blob/master/docs/hsm-provisioning.adoc[`aktualizr-hsm-prov`]. The default is `aktualizr-auto-prov`. This can also be set to an empty string to avoid using a provisioning recipe. * `SOTA_CLIENT_FEATURES` - extensions to aktualizr. The only valid options are `hsm` (to build with HSM support) and `secondary-network` (to set up a simulated 'in-vehicle' network with support for a primary node with a DHCP server and a secondary node with a DHCP client). * `SOTA_SECONDARY_ECUS` - a list of paths separated by spaces of JSON configuration files for virtual secondaries on the host. These will be installed into `/var/sota/ecus` on the device. * `SOTA_VIRTUAL_SECONDARIES` - a list of paths separated by spaces of JSON configuration files for virtual secondaries installed on the device. If `SOTA_SECONDARY_ECUS` is used to install them, then you can expect them to be installed in `/var/sota/ecus`. @@ -198,3 +198,16 @@ oe-selftest --run-tests updater ``` For more information about oe-selftest, including details about how to run individual test modules or classes, please refer to the https://wiki.yoctoproject.org/wiki/Oe-selftest[Yocto Project wiki]. + +== Manual provisoning +As described in <> section you can set `SOTA_DEPLOY_CREDENTIALS` to `0` to prevent deploying credentials to the built `wic` image. In this case you get a generic image that you can use e.g. on a production line to flash a series of devices. The cost of this approach is that this image is half-baked and should be provisioned before it can connect to the backend. + +Provisioning procedure depends on your provisioning recipe, i.e. the value of `SOTA_CLIENT_PROV` (equal to `aktualizr-auto-prov` by default). +* For `aktualizr-auto-prov` put your `credentials.zip` to `/var/sota/sota_provisioning_credentials.zip` on the filesystem of a running device. If you have the filesystem of our device mounted to your build machine, prefix all paths with `/ostree/deploy/poky` as in `/ostree/deploy/poky/var/sota/sota_provisioning_credentials.zip`. +* For `aktualizr-ca-implicit-prov` +** put URL to the used backend (together with protocol prefix and port number) to `/var/sota/gateway.url`. If you're using HERE OTA Connect, you can find the URL in `autoprov.url` file in your credentials archive. +** put client certificate, private key and root CA certificate (for the *server*, not for the *device*) to `/var/sota/import/client.pem`, `/var/sota/import/pkey.pem` and `/var/sota/import/root.crt` respectively. +* For `aktualizr-hsm-prov` +** put URL to the used backend (together with protocol prefix and port number) to `/var/sota/gateway.url`. If you're using HERE OTA Connect, you can find the URL in `autoprov.url` file in your credentials archive. +** put root CA certificate (for the *server*, not for the *device*) to `/var/sota/import/root.crt`. +** put client certificate and private key to slots 1 and 2 of the PKCS#11-compatible device. -- cgit v1.2.3-54-g00ecf From 73df03543c44db34709564f28d8ffcb7e2fabbd0 Mon Sep 17 00:00:00 2001 From: Anton Gerasimov Date: Mon, 24 Sep 2018 18:02:30 +0200 Subject: Fixes for oe-selftest --- lib/oeqa/selftest/cases/updater.py | 30 ++++++++++++---------- .../aktualizr/aktualizr-auto-prov-creds.bb | 3 ++- recipes-sota/aktualizr/aktualizr-auto-prov.bb | 1 - .../aktualizr/aktualizr-ca-implicit-prov-creds.bb | 1 + recipes-sota/aktualizr/aktualizr_git.bb | 4 +-- 5 files changed, 21 insertions(+), 18 deletions(-) diff --git a/lib/oeqa/selftest/cases/updater.py b/lib/oeqa/selftest/cases/updater.py index a3fe407..38bdcbf 100644 --- a/lib/oeqa/selftest/cases/updater.py +++ b/lib/oeqa/selftest/cases/updater.py @@ -110,25 +110,25 @@ class AktualizrToolsTests(OESelftestTestCase): def test_cert_provider_local_output(self): logger = logging.getLogger("selftest") - logger.info('Running bitbake to build aktualizr-implicit-prov') - bitbake('aktualizr-implicit-prov') + logger.info('Running bitbake to build aktualizr-ca-implicit-prov') + bitbake('aktualizr-ca-implicit-prov') bb_vars = get_bb_vars(['SOTA_PACKED_CREDENTIALS', 'T'], 'aktualizr-native') creds = bb_vars['SOTA_PACKED_CREDENTIALS'] temp_dir = bb_vars['T'] - bb_vars_prov = get_bb_vars(['STAGING_DIR_HOST', 'libdir'], 'aktualizr-implicit-prov') - config = bb_vars_prov['STAGING_DIR_HOST'] + bb_vars_prov['libdir'] + '/sota/sota_implicit_prov.toml' + bb_vars_prov = get_bb_vars(['STAGING_DIR_HOST', 'libdir'], 'aktualizr-ca-implicit-prov') + config = bb_vars_prov['STAGING_DIR_HOST'] + bb_vars_prov['libdir'] + '/sota/sota_implicit_prov_ca.toml' akt_native_run(self, 'aktualizr_cert_provider -c {creds} -r -l {temp} -g {config}' .format(creds=creds, temp=temp_dir, config=config)) # Might be nice if these names weren't hardcoded. - cert_path = temp_dir + '/client.pem' + cert_path = temp_dir + '/var/sota/import/client.pem' self.assertTrue(os.path.isfile(cert_path), "Client certificate not found at %s." % cert_path) self.assertTrue(os.path.getsize(cert_path) > 0, "Client certificate at %s is empty." % cert_path) - pkey_path = temp_dir + '/pkey.pem' + pkey_path = temp_dir + '/var/sota/import/pkey.pem' self.assertTrue(os.path.isfile(pkey_path), "Private key not found at %s." % pkey_path) self.assertTrue(os.path.getsize(pkey_path) > 0, "Private key at %s is empty." % pkey_path) - ca_path = temp_dir + '/root.crt' + ca_path = temp_dir + '/var/sota/import/root.crt' self.assertTrue(os.path.isfile(ca_path), "Client certificate not found at %s." % ca_path) self.assertTrue(os.path.getsize(ca_path) > 0, "Client certificate at %s is empty." % ca_path) @@ -390,8 +390,9 @@ class ImplProvTests(OESelftestTestCase): else: self.meta_qemu = None self.append_config('MACHINE = "qemux86-64"') - self.append_config('SOTA_CLIENT_PROV = " aktualizr-implicit-prov "') - runCmd('bitbake -c cleanall aktualizr aktualizr-implicit-prov') + self.append_config('SOTA_CLIENT_PROV = " aktualizr-ca-implicit-prov "') + self.append_config('SOTA_DEPLOY_CREDENTIALS = "0"') + runCmd('bitbake -c cleanall aktualizr aktualizr-ca-implicit-prov') self.qemu, self.s = qemu_launch(machine='qemux86-64') def tearDownLocal(self): @@ -436,10 +437,11 @@ class ImplProvTests(OESelftestTestCase): # Run cert_provider. bb_vars = get_bb_vars(['SOTA_PACKED_CREDENTIALS'], 'aktualizr-native') creds = bb_vars['SOTA_PACKED_CREDENTIALS'] - bb_vars_prov = get_bb_vars(['STAGING_DIR_HOST', 'libdir'], 'aktualizr-implicit-prov') - config = bb_vars_prov['STAGING_DIR_HOST'] + bb_vars_prov['libdir'] + '/sota/sota_implicit_prov.toml' + bb_vars_prov = get_bb_vars(['STAGING_DIR_HOST', 'libdir'], 'aktualizr-ca-implicit-prov') + config = bb_vars_prov['STAGING_DIR_HOST'] + bb_vars_prov['libdir'] + '/sota/sota_implicit_prov_ca.toml' - akt_native_run(self, 'aktualizr_cert_provider -c {creds} -t root@localhost -p {port} -s -g {config}' + print('Provisining at root@localhost:%d' % self.qemu.ssh_port) + akt_native_run(self, 'aktualizr_cert_provider -c {creds} -t root@localhost -p {port} -s -u -r -g {config}' .format(creds=creds, port=self.qemu.ssh_port, config=config)) verifyProvisioned(self, machine) @@ -462,7 +464,9 @@ class HsmTests(OESelftestTestCase): self.meta_qemu = None self.append_config('MACHINE = "qemux86-64"') self.append_config('SOTA_CLIENT_PROV = "aktualizr-hsm-prov"') + self.append_config('SOTA_DEPLOY_CREDENTIALS = "0"') self.append_config('SOTA_CLIENT_FEATURES = "hsm"') + self.append_config('IMAGE_INSTALL_append = " softhsm-testtoken"') runCmd('bitbake -c cleanall aktualizr aktualizr-hsm-prov') self.qemu, self.s = qemu_launch(machine='qemux86-64') @@ -521,7 +525,7 @@ class HsmTests(OESelftestTestCase): bb_vars_prov = get_bb_vars(['STAGING_DIR_HOST', 'libdir'], 'aktualizr-hsm-prov') config = bb_vars_prov['STAGING_DIR_HOST'] + bb_vars_prov['libdir'] + '/sota/sota_hsm_prov.toml' - akt_native_run(self, 'aktualizr_cert_provider -c {creds} -t root@localhost -p {port} -r -s -g {config}' + akt_native_run(self, 'aktualizr_cert_provider -c {creds} -t root@localhost -p {port} -r -s -u -g {config}' .format(creds=creds, port=self.qemu.ssh_port, config=config)) # Verify that HSM is able to initialize. diff --git a/recipes-sota/aktualizr/aktualizr-auto-prov-creds.bb b/recipes-sota/aktualizr/aktualizr-auto-prov-creds.bb index d964a0a..34460af 100644 --- a/recipes-sota/aktualizr/aktualizr-auto-prov-creds.bb +++ b/recipes-sota/aktualizr/aktualizr-auto-prov-creds.bb @@ -4,11 +4,12 @@ LICENSE = "MPL-2.0" LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7f619bab123dad" DEPENDS = "aktualizr-native zip-native" +ALLOW_EMPTY_${PN} = "1" require credentials.inc do_install() { - if [ -n ${SOTA_PACKED_CREDENTIALS} ]; then + if [ -n "${SOTA_PACKED_CREDENTIALS}" ]; then install -m 0700 -d ${D}${localstatedir}/sota cp ${SOTA_PACKED_CREDENTIALS} ${D}${localstatedir}/sota/sota_provisioning_credentials.zip # Device should not be able to push data to treehub diff --git a/recipes-sota/aktualizr/aktualizr-auto-prov.bb b/recipes-sota/aktualizr/aktualizr-auto-prov.bb index 65e89bd..01f21fa 100644 --- a/recipes-sota/aktualizr/aktualizr-auto-prov.bb +++ b/recipes-sota/aktualizr/aktualizr-auto-prov.bb @@ -7,7 +7,6 @@ LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7 DEPENDS = "aktualizr-native zip-native" RDEPENDS_${PN}_append = "${@' aktualizr-auto-prov-creds' if d.getVar('SOTA_DEPLOY_CREDENTIALS', True) == '1' else ''}" -RDEPENDS_${PN} = " aktualizr" PV = "1.0" PR = "6" diff --git a/recipes-sota/aktualizr/aktualizr-ca-implicit-prov-creds.bb b/recipes-sota/aktualizr/aktualizr-ca-implicit-prov-creds.bb index 5debc19..a729e6b 100644 --- a/recipes-sota/aktualizr/aktualizr-ca-implicit-prov-creds.bb +++ b/recipes-sota/aktualizr/aktualizr-ca-implicit-prov-creds.bb @@ -4,6 +4,7 @@ LICENSE = "MPL-2.0" LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7f619bab123dad" DEPENDS = "aktualizr aktualizr-native" +ALLOW_EMPTY_${PN} = "1" SRC_URI = " \ file://ca.cnf \ diff --git a/recipes-sota/aktualizr/aktualizr_git.bb b/recipes-sota/aktualizr/aktualizr_git.bb index b67114f..ccaf475 100755 --- a/recipes-sota/aktualizr/aktualizr_git.bb +++ b/recipes-sota/aktualizr/aktualizr_git.bb @@ -16,8 +16,6 @@ RDEPENDS_${PN}_append_class-target = " ${@bb.utils.contains('SOTA_CLIENT_FEATURE RDEPENDS_${PN}_append_class-target = " ${PN}-tools " RDEPENDS_${PN}-secondary_append_class-target = " ${PN}-tools " -RDEPENDS_${PN}_class-target = " openssl-bin " - PV = "1.0+git${SRCPV}" PR = "7" @@ -28,7 +26,7 @@ SRC_URI = " \ file://aktualizr-secondary.socket \ file://aktualizr-serialcan.service \ " -SRCREV = "097c763ab4b4b057fa6bedfdac2049e53df93539" +SRCREV = "803fa9f75ed96993775dc0aa5e65e71920125157" BRANCH ?= "master" S = "${WORKDIR}/git" -- cgit v1.2.3-54-g00ecf From 8b8dc5612d0400945be87b134062806c16779d7d Mon Sep 17 00:00:00 2001 From: Patrick Vacek Date: Tue, 2 Oct 2018 12:48:41 +0200 Subject: aktualizr: bump to latest. Includes test fixes and async downloads. --- recipes-sota/aktualizr/aktualizr_git.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/recipes-sota/aktualizr/aktualizr_git.bb b/recipes-sota/aktualizr/aktualizr_git.bb index ccaf475..29164ed 100755 --- a/recipes-sota/aktualizr/aktualizr_git.bb +++ b/recipes-sota/aktualizr/aktualizr_git.bb @@ -26,7 +26,7 @@ SRC_URI = " \ file://aktualizr-secondary.socket \ file://aktualizr-serialcan.service \ " -SRCREV = "803fa9f75ed96993775dc0aa5e65e71920125157" +SRCREV = "512ad74c0b5339ca7775d8c9461b565a9e6ff5b3" BRANCH ?= "master" S = "${WORKDIR}/git" -- cgit v1.2.3-54-g00ecf From 4c9b968f0884587eed5075b95e400bd3d8a054be Mon Sep 17 00:00:00 2001 From: Ricardo Salveti Date: Fri, 4 May 2018 22:41:20 -0300 Subject: ostree: cosmetics: fix indentation Signed-off-by: Ricardo Salveti --- recipes-sota/ostree/ostree_git.bb | 21 ++++++++++----------- 1 file changed, 10 insertions(+), 11 deletions(-) diff --git a/recipes-sota/ostree/ostree_git.bb b/recipes-sota/ostree/ostree_git.bb index afb767f..50afca5 100644 --- a/recipes-sota/ostree/ostree_git.bb +++ b/recipes-sota/ostree/ostree_git.bb @@ -48,27 +48,27 @@ export STAGING_INCDIR export STAGING_LIBDIR do_configure() { - unset docdir - NOCONFIGURE=1 "${S}/autogen.sh" - oe_runconf + unset docdir + NOCONFIGURE=1 "${S}/autogen.sh" + oe_runconf } do_compile_prepend() { - export BUILD_SYS="${BUILD_SYS}" - export HOST_SYS="${HOST_SYS}" + export BUILD_SYS="${BUILD_SYS}" + export HOST_SYS="${HOST_SYS}" } export SYSTEMD_REQUIRED do_install_append() { - if [ -n ${SYSTEMD_REQUIRED} ]; then - install -m 0644 -D ${S}/src/boot/ostree-prepare-root.service ${D}${systemd_unitdir}/system/ostree-prepare-root.service - install -m 0644 -D ${S}/src/boot/ostree-remount.service ${D}${systemd_unitdir}/system/ostree-remount.service - fi + if [ -n ${SYSTEMD_REQUIRED} ]; then + install -m 0644 -D ${S}/src/boot/ostree-prepare-root.service ${D}${systemd_unitdir}/system/ostree-prepare-root.service + install -m 0644 -D ${S}/src/boot/ostree-remount.service ${D}${systemd_unitdir}/system/ostree-remount.service + fi } do_install_append_class-native() { - create_wrapper ${D}${bindir}/ostree OSTREE_GRUB2_EXEC="${STAGING_LIBDIR_NATIVE}/ostree/ostree-grub-generator" + create_wrapper ${D}${bindir}/ostree OSTREE_GRUB2_EXEC="${STAGING_LIBDIR_NATIVE}/ostree/ostree-grub-generator" } @@ -89,4 +89,3 @@ PACKAGES =+ "${PN}-switchroot" FILES_${PN}-switchroot = "${libdir}/ostree/ostree-prepare-root" RDEPENDS_${PN}-switchroot = "" DEPENDS_remove_class-native = "systemd-native" - -- cgit v1.2.3-54-g00ecf From d2b8af2ef6e930e8387410ad2b60b487b6ea4729 Mon Sep 17 00:00:00 2001 From: Ricardo Salveti Date: Fri, 4 May 2018 22:42:09 -0300 Subject: ostree: fix license and add homepage description Ostree is LGPLv2+ and not GPLv2+. Signed-off-by: Ricardo Salveti --- recipes-sota/ostree/ostree_git.bb | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/recipes-sota/ostree/ostree_git.bb b/recipes-sota/ostree/ostree_git.bb index 50afca5..112d05c 100644 --- a/recipes-sota/ostree/ostree_git.bb +++ b/recipes-sota/ostree/ostree_git.bb @@ -1,5 +1,6 @@ SUMMARY = "Tool for managing bootable, immutable, versioned filesystem trees" -LICENSE = "GPLv2+" +HOMEPAGE = "https://ostree.readthedocs.io/en/latest/" +LICENSE = "LGPLv2+" LIC_FILES_CHKSUM = "file://COPYING;md5=5f30f0716dfdd0d91eb439ebec522ec2" inherit autotools pkgconfig systemd gobject-introspection -- cgit v1.2.3-54-g00ecf From 6ede2d18b0b22b6679089b9a833d3383684221c2 Mon Sep 17 00:00:00 2001 From: Ricardo Salveti Date: Fri, 4 May 2018 22:45:25 -0300 Subject: ostree: use do_configure_prepend and avoid customizing do_compile Prefer prepend (autogen) and also avoid customizing do_compile as exporting BUILD_SYS and HOST_SYS is already enough. Signed-off-by: Ricardo Salveti --- recipes-sota/ostree/ostree_git.bb | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/recipes-sota/ostree/ostree_git.bb b/recipes-sota/ostree/ostree_git.bb index 112d05c..240860a 100644 --- a/recipes-sota/ostree/ostree_git.bb +++ b/recipes-sota/ostree/ostree_git.bb @@ -45,18 +45,14 @@ PACKAGECONFIG[systemd] = "--with-systemdsystemunitdir=${systemd_unitdir}/system/ FILES_${PN} += "${libdir}/ostree/ ${libdir}/ostbuild" +export BUILD_SYS +export HOST_SYS export STAGING_INCDIR export STAGING_LIBDIR -do_configure() { +do_configure_prepend() { unset docdir NOCONFIGURE=1 "${S}/autogen.sh" - oe_runconf -} - -do_compile_prepend() { - export BUILD_SYS="${BUILD_SYS}" - export HOST_SYS="${HOST_SYS}" } export SYSTEMD_REQUIRED -- cgit v1.2.3-54-g00ecf From ae955c8fbe7e8ae8b08ca48b8ea072eabe2fa563 Mon Sep 17 00:00:00 2001 From: Ricardo Salveti Date: Fri, 4 May 2018 22:48:37 -0300 Subject: ostree: cleanup configure and build flags Set the standard CFLAGS variable instead of defining it via EXTRA_OECONF and also remove the configure flags that are automatically enabled based on the build depends. Signed-off-by: Ricardo Salveti --- recipes-sota/ostree/ostree_git.bb | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/recipes-sota/ostree/ostree_git.bb b/recipes-sota/ostree/ostree_git.bb index 240860a..b948131 100644 --- a/recipes-sota/ostree/ostree_git.bb +++ b/recipes-sota/ostree/ostree_git.bb @@ -24,7 +24,8 @@ DEPENDS_remove_class-native = "systemd-native" RDEPENDS_${PN} = "util-linux-libuuid util-linux-libblkid util-linux-libmount libcap bash" -EXTRA_OECONF = "CFLAGS='-Wno-error=missing-prototypes' --with-libarchive --disable-gtk-doc --disable-gtk-doc-html --disable-gtk-doc-pdf --disable-man --with-smack --with-builtin-grub2-mkconfig --with-curl --without-soup" +CFLAGS_append = " -Wno-error=missing-prototypes" +EXTRA_OECONF = "--disable-gtk-doc --disable-man --with-smack --with-builtin-grub2-mkconfig --with-curl --without-soup" EXTRA_OECONF_append_class-native = " --enable-wrpseudo-compat" # Path to ${prefix}/lib/ostree/ostree-grub-generator is hardcoded on the -- cgit v1.2.3-54-g00ecf From fa3ee917a25cd0b8e7a910f784e5c8fe348d967b Mon Sep 17 00:00:00 2001 From: Ricardo Salveti Date: Fri, 4 May 2018 22:51:23 -0300 Subject: ostree: no need to disable systemd when building native Maintaining different build flags for target and native just makes it harder to maintain the recipe and it is not really needed as systemd-native is already available for systems building systemd. Signed-off-by: Ricardo Salveti --- recipes-sota/ostree/ostree_git.bb | 7 ------- 1 file changed, 7 deletions(-) diff --git a/recipes-sota/ostree/ostree_git.bb b/recipes-sota/ostree/ostree_git.bb index b948131..39d3c48 100644 --- a/recipes-sota/ostree/ostree_git.bb +++ b/recipes-sota/ostree/ostree_git.bb @@ -5,8 +5,6 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=5f30f0716dfdd0d91eb439ebec522ec2" inherit autotools pkgconfig systemd gobject-introspection -INHERIT_remove_class-native = "systemd" - SRC_URI = "gitsm://github.com/ostreedev/ostree.git;branch=master" SRCREV="854a823e05d6fe8b610c02c2a71eaeb2bf1e98a6" @@ -20,7 +18,6 @@ BBCLASSEXTEND = "native" DEPENDS += "attr libarchive glib-2.0 pkgconfig gpgme libgsystem fuse e2fsprogs gtk-doc-native curl xz" DEPENDS_append = "${@bb.utils.contains('DISTRO_FEATURES', 'systemd', ' systemd', '', d)}" -DEPENDS_remove_class-native = "systemd-native" RDEPENDS_${PN} = "util-linux-libuuid util-linux-libblkid util-linux-libmount libcap bash" @@ -35,13 +32,10 @@ SYSROOT_DIR_class-native = "${STAGING_DIR_NATIVE}" do_configure[vardeps] += "SYSROOT_DIR" SYSTEMD_REQUIRED = "${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}" -SYSTEMD_REQUIRED_class-native = "" SYSTEMD_SERVICE_${PN} = "ostree-prepare-root.service ostree-remount.service" -SYSTEMD_SERVICE_${PN}_class-native = "" PACKAGECONFIG ??= "${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'systemd', '', d)}" -PACKAGECONFIG_class-native = "" PACKAGECONFIG[systemd] = "--with-systemdsystemunitdir=${systemd_unitdir}/system/ --with-dracut" FILES_${PN} += "${libdir}/ostree/ ${libdir}/ostbuild" @@ -86,4 +80,3 @@ PACKAGES =+ "${PN}-switchroot" FILES_${PN}-switchroot = "${libdir}/ostree/ostree-prepare-root" RDEPENDS_${PN}-switchroot = "" -DEPENDS_remove_class-native = "systemd-native" -- cgit v1.2.3-54-g00ecf From a27a7fd041f99c9c4bd3d0a136fd4852ce76591a Mon Sep 17 00:00:00 2001 From: Ricardo Salveti Date: Fri, 4 May 2018 22:54:08 -0300 Subject: ostree: cleanup depends and rdepends Remove gtk-doc-native from DEPENDS and also remove util-linux-* packages from RDEPENDS as the dependencies for the required libraries are already populated by OE. Signed-off-by: Ricardo Salveti --- recipes-sota/ostree/ostree_git.bb | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/recipes-sota/ostree/ostree_git.bb b/recipes-sota/ostree/ostree_git.bb index 39d3c48..58f30a7 100644 --- a/recipes-sota/ostree/ostree_git.bb +++ b/recipes-sota/ostree/ostree_git.bb @@ -16,10 +16,9 @@ S = "${WORKDIR}/git" BBCLASSEXTEND = "native" -DEPENDS += "attr libarchive glib-2.0 pkgconfig gpgme libgsystem fuse e2fsprogs gtk-doc-native curl xz" +DEPENDS += "attr libarchive libcap glib-2.0 gpgme libgsystem fuse e2fsprogs curl xz" DEPENDS_append = "${@bb.utils.contains('DISTRO_FEATURES', 'systemd', ' systemd', '', d)}" - -RDEPENDS_${PN} = "util-linux-libuuid util-linux-libblkid util-linux-libmount libcap bash" +RDEPENDS_${PN} = "bash" CFLAGS_append = " -Wno-error=missing-prototypes" EXTRA_OECONF = "--disable-gtk-doc --disable-man --with-smack --with-builtin-grub2-mkconfig --with-curl --without-soup" -- cgit v1.2.3-54-g00ecf From 16dbe39af34a74576929bcf5ebebe66a10bfbc7a Mon Sep 17 00:00:00 2001 From: Ricardo Salveti Date: Fri, 4 May 2018 23:03:21 -0300 Subject: ostree: improve systemd dependency checks No need to define SYSTEMD_REQUIRED and no need to manually install the service files, as that is already handled by ostree and the systemd bbclass. Signed-off-by: Ricardo Salveti --- recipes-sota/ostree/ostree_git.bb | 22 +++++----------------- 1 file changed, 5 insertions(+), 17 deletions(-) diff --git a/recipes-sota/ostree/ostree_git.bb b/recipes-sota/ostree/ostree_git.bb index 58f30a7..dc31efe 100644 --- a/recipes-sota/ostree/ostree_git.bb +++ b/recipes-sota/ostree/ostree_git.bb @@ -17,26 +17,24 @@ S = "${WORKDIR}/git" BBCLASSEXTEND = "native" DEPENDS += "attr libarchive libcap glib-2.0 gpgme libgsystem fuse e2fsprogs curl xz" -DEPENDS_append = "${@bb.utils.contains('DISTRO_FEATURES', 'systemd', ' systemd', '', d)}" +DEPENDS += "${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)}" RDEPENDS_${PN} = "bash" CFLAGS_append = " -Wno-error=missing-prototypes" EXTRA_OECONF = "--disable-gtk-doc --disable-man --with-smack --with-builtin-grub2-mkconfig --with-curl --without-soup" EXTRA_OECONF_append_class-native = " --enable-wrpseudo-compat" +PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)}" +PACKAGECONFIG[systemd] = "--with-systemdsystemunitdir=${systemd_unitdir}/system/ --with-dracut" + # Path to ${prefix}/lib/ostree/ostree-grub-generator is hardcoded on the # do_configure stage so we do depend on it SYSROOT_DIR = "${STAGING_DIR_TARGET}" SYSROOT_DIR_class-native = "${STAGING_DIR_NATIVE}" do_configure[vardeps] += "SYSROOT_DIR" -SYSTEMD_REQUIRED = "${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}" - SYSTEMD_SERVICE_${PN} = "ostree-prepare-root.service ostree-remount.service" -PACKAGECONFIG ??= "${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'systemd', '', d)}" -PACKAGECONFIG[systemd] = "--with-systemdsystemunitdir=${systemd_unitdir}/system/ --with-dracut" - FILES_${PN} += "${libdir}/ostree/ ${libdir}/ostbuild" export BUILD_SYS @@ -49,23 +47,13 @@ do_configure_prepend() { NOCONFIGURE=1 "${S}/autogen.sh" } -export SYSTEMD_REQUIRED - -do_install_append() { - if [ -n ${SYSTEMD_REQUIRED} ]; then - install -m 0644 -D ${S}/src/boot/ostree-prepare-root.service ${D}${systemd_unitdir}/system/ostree-prepare-root.service - install -m 0644 -D ${S}/src/boot/ostree-remount.service ${D}${systemd_unitdir}/system/ostree-remount.service - fi -} - do_install_append_class-native() { create_wrapper ${D}${bindir}/ostree OSTREE_GRUB2_EXEC="${STAGING_LIBDIR_NATIVE}/ostree/ostree-grub-generator" } FILES_${PN} += " \ - ${@'${systemd_unitdir}/system/' if d.getVar('SYSTEMD_REQUIRED', True) else ''} \ - ${@'${libdir}/dracut/modules.d/98ostree/module-setup.sh' if d.getVar('SYSTEMD_REQUIRED', True) else ''} \ + ${@bb.utils.contains('DISTRO_FEATURES','systemd','${libdir}/dracut', '', d)} \ ${datadir}/gir-1.0 \ ${datadir}/gir-1.0/OSTree-1.0.gir \ ${libdir}/girepository-1.0 \ -- cgit v1.2.3-54-g00ecf From 310eddc80f2866bad4988dd91ee5ac6df1442de7 Mon Sep 17 00:00:00 2001 From: Ricardo Salveti Date: Fri, 4 May 2018 23:04:42 -0300 Subject: ostree: improve package split logic and define extra packages Define extra packages to cover the bash-completion and dracut related files, as they are not necessarily required by ostree. Signed-off-by: Ricardo Salveti --- recipes-sota/ostree/ostree_git.bb | 34 +++++++++++++++++----------------- 1 file changed, 17 insertions(+), 17 deletions(-) diff --git a/recipes-sota/ostree/ostree_git.bb b/recipes-sota/ostree/ostree_git.bb index dc31efe..6fa6ad4 100644 --- a/recipes-sota/ostree/ostree_git.bb +++ b/recipes-sota/ostree/ostree_git.bb @@ -3,7 +3,7 @@ HOMEPAGE = "https://ostree.readthedocs.io/en/latest/" LICENSE = "LGPLv2+" LIC_FILES_CHKSUM = "file://COPYING;md5=5f30f0716dfdd0d91eb439ebec522ec2" -inherit autotools pkgconfig systemd gobject-introspection +inherit autotools pkgconfig systemd bash-completion gobject-introspection SRC_URI = "gitsm://github.com/ostreedev/ostree.git;branch=master" @@ -18,7 +18,7 @@ BBCLASSEXTEND = "native" DEPENDS += "attr libarchive libcap glib-2.0 gpgme libgsystem fuse e2fsprogs curl xz" DEPENDS += "${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)}" -RDEPENDS_${PN} = "bash" +RDEPENDS_${PN}-dracut = "bash" CFLAGS_append = " -Wno-error=missing-prototypes" EXTRA_OECONF = "--disable-gtk-doc --disable-man --with-smack --with-builtin-grub2-mkconfig --with-curl --without-soup" @@ -35,8 +35,6 @@ do_configure[vardeps] += "SYSROOT_DIR" SYSTEMD_SERVICE_${PN} = "ostree-prepare-root.service ostree-remount.service" -FILES_${PN} += "${libdir}/ostree/ ${libdir}/ostbuild" - export BUILD_SYS export HOST_SYS export STAGING_INCDIR @@ -51,19 +49,21 @@ do_install_append_class-native() { create_wrapper ${D}${bindir}/ostree OSTREE_GRUB2_EXEC="${STAGING_LIBDIR_NATIVE}/ostree/ostree-grub-generator" } - -FILES_${PN} += " \ - ${@bb.utils.contains('DISTRO_FEATURES','systemd','${libdir}/dracut', '', d)} \ - ${datadir}/gir-1.0 \ - ${datadir}/gir-1.0/OSTree-1.0.gir \ - ${libdir}/girepository-1.0 \ - ${libdir}/girepository-1.0/OSTree-1.0.typelib \ - ${libdir}/tmpfiles.d/ostree-tmpfiles.conf \ - ${datadir}/bash-completion/completions/ostree \ - ${systemd_unitdir}/system-generators/ostree-system-generator \ +PACKAGES += " \ + ${PN}-switchroot \ + ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'ostree-dracut', '', d)} \ " -PACKAGES =+ "${PN}-switchroot" - +FILES_${PN} = "${bindir} \ + ${sysconfdir}/ostree \ + ${datadir}/ostree \ + ${libdir}/*.so.* \ + ${libdir}/ostree/ostree-grub-generator \ + ${libdir}/ostree/ostree-remount \ + ${libdir}/girepository-1.0/* \ + ${@bb.utils.contains('DISTRO_FEATURES','systemd','${libdir}/tmpfiles.d', '', d)} \ + ${@bb.utils.contains('DISTRO_FEATURES','systemd','${systemd_unitdir}/system-generators', '', d)} \ +" +FILES_${PN}-dev += " ${datadir}/gir-1.0" +FILES_${PN}-dracut = "${sysconfdir}/dracut.conf.d ${libdir}/dracut" FILES_${PN}-switchroot = "${libdir}/ostree/ostree-prepare-root" -RDEPENDS_${PN}-switchroot = "" -- cgit v1.2.3-54-g00ecf From 3d31c69898881228a2229bcf9c54d90f4f890c2b Mon Sep 17 00:00:00 2001 From: Ricardo Salveti Date: Thu, 9 Aug 2018 23:28:38 -0300 Subject: ostree: upgrade to v2018.7+ Upgrade OSTree to a git revision ahead of the v2018.7 release in order to include additional memory leak fixes. Upstream release notes since v2017.13+: - https://github.com/ostreedev/ostree/releases/tag/v2017.14 - https://github.com/ostreedev/ostree/releases/tag/v2017.15 - https://github.com/ostreedev/ostree/releases/tag/v2018.1 - https://github.com/ostreedev/ostree/releases/tag/v2018.2 - https://github.com/ostreedev/ostree/releases/tag/v2018.3 - https://github.com/ostreedev/ostree/releases/tag/v2018.4 - https://github.com/ostreedev/ostree/releases/tag/v2018.5 - https://github.com/ostreedev/ostree/releases/tag/v2018.6 - https://github.com/ostreedev/ostree/releases/tag/v2018.7 Signed-off-by: Ricardo Salveti --- recipes-sota/ostree/ostree_git.bb | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/recipes-sota/ostree/ostree_git.bb b/recipes-sota/ostree/ostree_git.bb index 6fa6ad4..2e794a5 100644 --- a/recipes-sota/ostree/ostree_git.bb +++ b/recipes-sota/ostree/ostree_git.bb @@ -7,10 +7,9 @@ inherit autotools pkgconfig systemd bash-completion gobject-introspection SRC_URI = "gitsm://github.com/ostreedev/ostree.git;branch=master" -SRCREV="854a823e05d6fe8b610c02c2a71eaeb2bf1e98a6" +SRCREV="3e96ec9811b5cfc5481f8b6b06c8d34d9a35408e" -PV = "v2017.13" -PR = "2" +PV = "v2018.7" S = "${WORKDIR}/git" @@ -33,7 +32,7 @@ SYSROOT_DIR = "${STAGING_DIR_TARGET}" SYSROOT_DIR_class-native = "${STAGING_DIR_NATIVE}" do_configure[vardeps] += "SYSROOT_DIR" -SYSTEMD_SERVICE_${PN} = "ostree-prepare-root.service ostree-remount.service" +SYSTEMD_SERVICE_${PN} = "ostree-prepare-root.service ostree-remount.service ostree-finalize-staged.service" export BUILD_SYS export HOST_SYS -- cgit v1.2.3-54-g00ecf From 52e96526643bb47ed1b5e9bc704cd1b9b47b47fc Mon Sep 17 00:00:00 2001 From: Patrick Vacek Date: Fri, 17 Aug 2018 11:44:10 +0200 Subject: ostree: add missing bison dependency. --- recipes-sota/ostree/ostree_git.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/recipes-sota/ostree/ostree_git.bb b/recipes-sota/ostree/ostree_git.bb index 2e794a5..adb6666 100644 --- a/recipes-sota/ostree/ostree_git.bb +++ b/recipes-sota/ostree/ostree_git.bb @@ -15,7 +15,7 @@ S = "${WORKDIR}/git" BBCLASSEXTEND = "native" -DEPENDS += "attr libarchive libcap glib-2.0 gpgme libgsystem fuse e2fsprogs curl xz" +DEPENDS += "attr bison libarchive libcap glib-2.0 gpgme libgsystem fuse e2fsprogs curl xz" DEPENDS += "${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)}" RDEPENDS_${PN}-dracut = "bash" -- cgit v1.2.3-54-g00ecf From ac78d605dfa06c1b8549203d4f3d9bde58015bc5 Mon Sep 17 00:00:00 2001 From: Patrick Vacek Date: Fri, 17 Aug 2018 14:44:05 +0200 Subject: ostree: Correction: it depends on bison-native for configuration. --- recipes-sota/ostree/ostree_git.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/recipes-sota/ostree/ostree_git.bb b/recipes-sota/ostree/ostree_git.bb index adb6666..501d636 100644 --- a/recipes-sota/ostree/ostree_git.bb +++ b/recipes-sota/ostree/ostree_git.bb @@ -15,7 +15,7 @@ S = "${WORKDIR}/git" BBCLASSEXTEND = "native" -DEPENDS += "attr bison libarchive libcap glib-2.0 gpgme libgsystem fuse e2fsprogs curl xz" +DEPENDS += "attr bison-native libarchive libcap glib-2.0 gpgme libgsystem fuse e2fsprogs curl xz" DEPENDS += "${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)}" RDEPENDS_${PN}-dracut = "bash" -- cgit v1.2.3-54-g00ecf