summaryrefslogtreecommitdiffstats
path: root/meta/classes-recipe
diff options
context:
space:
mode:
authorRoss Burton <ross.burton@arm.com>2024-11-07 13:47:52 +0000
committerRichard Purdie <richard.purdie@linuxfoundation.org>2024-11-07 22:17:24 +0000
commit43b8b3fa72d75d8d82a478613a4d9bf4645b5389 (patch)
treefca85b34d6faae9c904159aef0da40fe045bf6f2 /meta/classes-recipe
parent226ec2ce7487d35d1aba0e80c23b892f3a47442a (diff)
downloadpoky-43b8b3fa72d75d8d82a478613a4d9bf4645b5389.tar.gz
classes-recipe/core-image: drop debug-tweaks IMAGE_FEATURE
Remove the 'debug-tweaks' IMAGE_FEATURE. It sounds friendly and kind to developers, but it results primarily in an image which root can login remotely without a password. This is incredibly useful for local development and testing purposes, but we really want to be explicit that this is what is happening instead of hiding it behind a vague "debug tweaks" statement. To preserve the eixsting behaviour, debug-tweaks should be replaced with these features: allow-empty-password empty-root-password allow-root-login post-install-logging (From OE-Core rev: 2c229f9542c6ba608912e14c9c3f783c3fa89349) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/classes-recipe')
-rw-r--r--meta/classes-recipe/core-image.bbclass11
-rw-r--r--meta/classes-recipe/image.bbclass2
-rw-r--r--meta/classes-recipe/rootfs-postcommands.bbclass16
3 files changed, 15 insertions, 14 deletions
diff --git a/meta/classes-recipe/core-image.bbclass b/meta/classes-recipe/core-image.bbclass
index 40fc15cb04..4072e420c5 100644
--- a/meta/classes-recipe/core-image.bbclass
+++ b/meta/classes-recipe/core-image.bbclass
@@ -26,11 +26,6 @@
26# - ssh-server-openssh - SSH server (openssh) 26# - ssh-server-openssh - SSH server (openssh)
27# - hwcodecs - Install hardware acceleration codecs 27# - hwcodecs - Install hardware acceleration codecs
28# - package-management - installs package management tools and preserves the package manager database 28# - package-management - installs package management tools and preserves the package manager database
29# - debug-tweaks - makes an image suitable for development, e.g. allowing passwordless root logins
30# - empty-root-password
31# - allow-empty-password
32# - allow-root-login
33# - post-install-logging
34# - serial-autologin-root - with 'empty-root-password': autologin 'root' on the serial console 29# - serial-autologin-root - with 'empty-root-password': autologin 'root' on the serial console
35# - dev-pkgs - development packages (headers, etc.) for all installed packages in the rootfs 30# - dev-pkgs - development packages (headers, etc.) for all installed packages in the rootfs
36# - dbg-pkgs - debug symbol packages for all installed packages in the rootfs 31# - dbg-pkgs - debug symbol packages for all installed packages in the rootfs
@@ -43,6 +38,12 @@
43# - stateless-rootfs - systemctl-native not run, image populated by systemd at runtime 38# - stateless-rootfs - systemctl-native not run, image populated by systemd at runtime
44# - splash - bootup splash screen 39# - splash - bootup splash screen
45# 40#
41# Features for development purposes (previously part of debug-tweaks):
42# - empty-root-password - the root user has no password set
43# - allow-empty-password - users can have an empty password
44# - allow-root-login - the root user can login
45# - post-install-logging - log the output of postinstall scriptlets
46#
46FEATURE_PACKAGES_weston = "packagegroup-core-weston" 47FEATURE_PACKAGES_weston = "packagegroup-core-weston"
47FEATURE_PACKAGES_x11 = "packagegroup-core-x11" 48FEATURE_PACKAGES_x11 = "packagegroup-core-x11"
48FEATURE_PACKAGES_x11-base = "packagegroup-core-x11-base" 49FEATURE_PACKAGES_x11-base = "packagegroup-core-x11-base"
diff --git a/meta/classes-recipe/image.bbclass b/meta/classes-recipe/image.bbclass
index 00f1d58f23..eda3c6d0f3 100644
--- a/meta/classes-recipe/image.bbclass
+++ b/meta/classes-recipe/image.bbclass
@@ -40,7 +40,7 @@ INHIBIT_DEFAULT_DEPS = "1"
40# IMAGE_FEATURES may contain any available package group 40# IMAGE_FEATURES may contain any available package group
41IMAGE_FEATURES ?= "" 41IMAGE_FEATURES ?= ""
42IMAGE_FEATURES[type] = "list" 42IMAGE_FEATURES[type] = "list"
43IMAGE_FEATURES[validitems] += "debug-tweaks read-only-rootfs read-only-rootfs-delayed-postinsts stateless-rootfs empty-root-password allow-empty-password allow-root-login serial-autologin-root post-install-logging overlayfs-etc" 43IMAGE_FEATURES[validitems] += "read-only-rootfs read-only-rootfs-delayed-postinsts stateless-rootfs empty-root-password allow-empty-password allow-root-login serial-autologin-root post-install-logging overlayfs-etc"
44 44
45# Generate companion debugfs? 45# Generate companion debugfs?
46IMAGE_GEN_DEBUGFS ?= "0" 46IMAGE_GEN_DEBUGFS ?= "0"
diff --git a/meta/classes-recipe/rootfs-postcommands.bbclass b/meta/classes-recipe/rootfs-postcommands.bbclass
index 5f4d67f93c..50e77dca76 100644
--- a/meta/classes-recipe/rootfs-postcommands.bbclass
+++ b/meta/classes-recipe/rootfs-postcommands.bbclass
@@ -4,20 +4,20 @@
4# SPDX-License-Identifier: MIT 4# SPDX-License-Identifier: MIT
5# 5#
6 6
7# Zap the root password if debug-tweaks and empty-root-password features are not enabled 7# Zap the root password if empty-root-password feature is not enabled
8ROOTFS_POSTPROCESS_COMMAND += '${@bb.utils.contains_any("IMAGE_FEATURES", [ 'debug-tweaks', 'empty-root-password' ], "", "zap_empty_root_password ",d)}' 8ROOTFS_POSTPROCESS_COMMAND += '${@bb.utils.contains("IMAGE_FEATURES", "empty-root-password", "", "zap_empty_root_password ",d)}'
9 9
10# Allow dropbear/openssh to accept logins from accounts with an empty password string if debug-tweaks or allow-empty-password is enabled 10# Allow dropbear/openssh to accept logins from accounts with an empty password string if allow-empty-password is enabled
11ROOTFS_POSTPROCESS_COMMAND += '${@bb.utils.contains_any("IMAGE_FEATURES", [ 'debug-tweaks', 'allow-empty-password' ], "ssh_allow_empty_password ", "",d)}' 11ROOTFS_POSTPROCESS_COMMAND += '${@bb.utils.contains("IMAGE_FEATURES", "allow-empty-password", "ssh_allow_empty_password ", "",d)}'
12 12
13# Allow dropbear/openssh to accept root logins if debug-tweaks or allow-root-login is enabled 13# Allow dropbear/openssh to accept root logins if allow-root-login is enabled
14ROOTFS_POSTPROCESS_COMMAND += '${@bb.utils.contains_any("IMAGE_FEATURES", [ 'debug-tweaks', 'allow-root-login' ], "ssh_allow_root_login ", "",d)}' 14ROOTFS_POSTPROCESS_COMMAND += '${@bb.utils.contains("IMAGE_FEATURES", "allow-root-login", "ssh_allow_root_login ", "",d)}'
15 15
16# Autologin the root user on the serial console, if empty-root-password and serial-autologin-root are active 16# Autologin the root user on the serial console, if empty-root-password and serial-autologin-root are active
17ROOTFS_POSTPROCESS_COMMAND += '${@bb.utils.contains("IMAGE_FEATURES", [ 'empty-root-password', 'serial-autologin-root' ], "serial_autologin_root ", "",d)}' 17ROOTFS_POSTPROCESS_COMMAND += '${@bb.utils.contains("IMAGE_FEATURES", [ 'empty-root-password', 'serial-autologin-root' ], "serial_autologin_root ", "",d)}'
18 18
19# Enable postinst logging if debug-tweaks or post-install-logging is enabled 19# Enable postinst logging if post-install-logging is enabled
20ROOTFS_POSTPROCESS_COMMAND += '${@bb.utils.contains_any("IMAGE_FEATURES", [ 'debug-tweaks', 'post-install-logging' ], "postinst_enable_logging ", "",d)}' 20ROOTFS_POSTPROCESS_COMMAND += '${@bb.utils.contains("IMAGE_FEATURES", "post-install-logging", "postinst_enable_logging ", "",d)}'
21 21
22# Create /etc/timestamp during image construction to give a reasonably sane default time setting 22# Create /etc/timestamp during image construction to give a reasonably sane default time setting
23ROOTFS_POSTPROCESS_COMMAND += "rootfs_update_timestamp " 23ROOTFS_POSTPROCESS_COMMAND += "rootfs_update_timestamp "