summaryrefslogtreecommitdiffstats
path: root/meta/classes/rootfs-postcommands.bbclass
Commit message (Collapse)AuthorAgeFilesLines
* lib/oe/utils: add eol to format_pkg_list()grygorii tertychnyi via Openembedded-core2018-10-111-1/+0
| | | | | | | | | | | | | | | | | Append '\n' to the non-empty formatted string before return. If you write it to the (manifest) file, it will ensure file ends with a newline. Many GNU utilities have problems processing the last line of a file if it is not '\n' terminated. E.g. if the last line is not terminated by a newline character, then "read" will read it but return false, leaving the broken partial line in the read variable(s). It can also break or adversely affect some text processing tools, that operate on the file. (From OE-Core rev: ee4d0c879713ba50dc6cc3300f44647faebee2e0) Signed-off-by: grygorii tertychnyi <gtertych@cisco.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* rootfs-postcommands: put image testdata under sstate controlAndré Draszik2018-08-211-7/+8
| | | | | | | | | | | | | | The testdata.json is being written to DEPLOY_DIR_IMAGE directly, thus bypassing sstate, which results in an ever growing list of files. Write them to IMGDEPLOYDIR instead, so as to benefit from the automatic management via sstate. (From OE-Core rev: 1f7399a5e5d12b7ca3faf399a70c1613d522c28d) Signed-off-by: André Draszik <andre.draszik@jci.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* rootfs-postcommands: split ssh_allow_empty_passwordJackie Huang2018-07-091-3/+22
| | | | | | | | | | | | | "allow root login" should not be bundled in ssh_allow_empty_password, because some distro may want only one of "allow root login" and "allow empty password", so split it out into ssh_allow_root_login and add new imagefeature allow-root-login so they can be controlled separately, debug-tweaks will still include both of them. (From OE-Core rev: 1ab494f06a12548a902298afabd0a842161ef10d) Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* rootfs-postcommands.bbclass: drop obsolete sshd UseDNS rootfs postprocessingAndre McCurdy2018-06-151-11/+0
| | | | | | | | | | | | | The sshd UseDNS option has defaulted to "no" since openssh 6.8p1, so it's no longer necessary to postprocess the rootfs to force the option: https://www.openssh.com/txt/release-6.8 (From OE-Core rev: 0cb4f11614bd3b17db8e6b3516761193cd45d082) Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dropbear: drop run time detection of read-only rootfsAndre McCurdy2018-06-041-4/+1
| | | | | | | | | | | | | | | | Previously, when dropbear was started via its init script, relocation of DROPBEAR_RSAKEY_DIR to support read-only rootfs was handled at run time from within the init script. Update the init script to take advantage of the read-only rootfs config setup by read_only_rootfs_hook() and therefore be consistent with startup under systemd (where relocation of DROPBEAR_RSAKEY_DIR is handled by the read_only_rootfs_hook() at build time). (From OE-Core rev: 4990f87b2f6a8b30c8d1c767636e7f5527f595ba) Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* rootfs-postcommands.bbclass: improve binary reproducibilityJuro Bystricky2018-04-181-2/+23
| | | | | | | | | | | | | | | | | | | | Conditionally support binary reproducibility of rootfs images. If REPRODUCIBLE_TIMESTAMP_ROOTFS is specified then: 1. set /etc/timestamp to a reproducible value 2. set /etc/version to a reproducible value 3. set /etc/gconf: set mtime in all %gconf.xml to reproducible values The reproducible value is taken from the variable REPRODUCIBLE_TIMESTAMP_ROOTFS. [YOCTO #11176] [YOCTO #12422] (From OE-Core rev: 11e45082ad00b9c172e59bf6b2a76dd613773f5a) Signed-off-by: Juro Bystricky <juro.bystricky@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* rootfs-postcommands.bbclass: ensure that rootfs gets mounted roPatrick Ohly2017-12-101-0/+8
| | | | | | | | | | | | When read-only-rootfs is active, we need to ensure that the rootfs does not get mounted read/write by the kernel or initramfs. Adding "ro" to the boot parameters achieves that. (From OE-Core rev: cfc09de06ecc12bb42181004689e881c75072665) Signed-off-by: Patrick Ohly <patrick.ohly@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* meta: drop True option to getVar callsMing Liu2017-09-261-1/+1
| | | | | | | | | Search made with the following regex: getVar ?\((.*), True\). (From OE-Core rev: dbc0eaf478feb3f752ae22fd184984494fc85d0a) Signed-off-by: Ming Liu <liu.ming50@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* classes: drop image dependencies on TOPDIR variablePaul Eggleton2017-09-251-0/+1
| | | | | | | | | | | | | | We don't need a dependency on this variable changing, and having one causes locked signature warnings during eSDK installation if you have INITRAMFS_IMAGE_* set (since TOPDIR will always be different between the eSDK and the environment in which it was built). Relates to [YOCTO #12102]. (From OE-Core rev: 073610af04be326f9245ca91714526b390fb72cd) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* rootfs-postcommands: add test for unsatisfied RRECOMMENDSJose Alarcon2017-09-051-0/+12
| | | | | | | | | | | | | | | | | The do_rootfs log contains a number of unsatisfied package recommendations. At the moment those are only visible when reviewing the rootfs log. This patch adds an extra check to surface any unsatisfied recommendation as WARNINGS to the build output. Enable this check with: ROOTFS_POSTPROCESS_COMMAND += "rootfs_log_check_recommends;" (From OE-Core rev: 9d049bf7941f30e35c51775684559e95185fba96) Signed-off-by: Jose Alarcon <jose.alarcon@ge.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* rootfs-postcommands: remove empty lineJose Alarcon2017-09-051-1/+0
| | | | | | | (From OE-Core rev: 76a801da7fe5651d9e8310a2b32c275e1700daf3) Signed-off-by: Jose Alarcon <jose.alarcon@ge.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* rootfs-postcommands.bbclass: Filter out dangling symlinks in ↵Khem Raj2017-08-181-1/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | ssh_allow_empty_password() In images built with pam in DISTRO_FEATURES, we end up with dangling symlinks if su is not packaged into image $ ls /mnt/a/oe/build/tmp/work/raspberrypi3-bec-linux-gnueabi/core-image-minimal/1.0-r0/rootfs/etc/pam.d/su-l -l lrwxrwxrwx 1 kraj users 2 Aug 9 07:56 /mnt/a/oe/build/tmp/work/raspberrypi3-bec-linux-gnueabi/core-image-minimal/1.0-r0/rootfs/etc/pam.d/su-l -> su This causes image do_rootfs to fail | sed: can't read /mnt/a/oe/build/tmp/work/raspberrypi3-bec-linux-gnueabi/core-image-minimal/1.0-r0/rootfs/etc/pam.d/s u-l: No such file or directory | WARNING: /mnt/a/oe/build/tmp/work/raspberrypi3-bec-linux-gnueabi/core-image-minimal/1.0-r0/temp/run.ssh_allow_empty_ password.19238:1 exit 2 from 'sed -i 's/nullok_secure/nullok/' /mnt/a/oe/build/tmp/work/raspberrypi3-bec-linux-gnueabi /core-image-minimal/1.0-r0/rootfs/etc/pam.d/*' Therefore we need to filter out dangling symlinks before sed'ing things out (From OE-Core rev: b92105e5a085c8cd3c650579644922ed97163e73) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* rootfs-postcommands.bbclass: Prevent linking testdata to itselfMike Looijmans2017-08-181-3/+4
| | | | | | | | | | | | | testdata and testdata_link may point to the same file, in particular when IMAGE_LINK_NAME and IMAGE_NAME are equal. Check if this is the case before creating a symlink that points to itself and makes the next build fail. (From OE-Core rev: b516394f9e7858062aa7b042aa4a1bdef9d3a941) Signed-off-by: Mike Looijmans <mike.looijmans@topic.nl> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh: allow to override OpenSSL HostKeys when read-only-rootfsAndré Draszik2017-06-121-2/+2
| | | | | | | | | | | | | | With these changes it is possible to have a .bbappend that - sets SYSCONFDIR to some persistent storage - modifies SYSCONFDIR/sshd_config to use ssh host keys from the (writable) sysconfdir (From OE-Core rev: 106b59d9f96f70d133fa1421091ad280d27a5b6a) Signed-off-by: André Draszik <adraszik@tycoint.com> Reviewed-by: Stephane Ayotte <sayotte@tycoint.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* rootfs-postcommands.bbclass: Check if "/etc/fstab" existsPanagiotis Tamtamis2017-05-161-1/+3
| | | | | | | | | | | | Using "read-only-rootfs" feature in minimal or special purpose images (eg mounted images) makes build to fail because ${IMAGE_ROOTFS}/etc/fstab file does not exist. (From OE-Core rev: 43714514fb29a40830e6619552980d7f88d77fb7) Signed-off-by: Panagiotis Tamtamis <panagiotis.tamtamis@unify.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* rootfs-postcommands.bbclass: save relative pathsbrian avery2017-04-201-3/+5
| | | | | | | | | | | | | | | We pass the TOPDIR to do a search/replace in export2json so that we save relative paths in the testdata.json file rather than absolute paths. This is to allow the images and kernels to be relocated yet still allow testimage to work. [YOCTO #11375] (From OE-Core rev: 7f9f1bdd714fbc6b2adc62f64bf0e4fd1d98ce05) Signed-off-by: brian avery <brian.avery@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* rootfs-postcommands.bbclass: drop insert_feed_uris functionMing Liu2017-01-311-18/+0
| | | | | | | | | | | The source makes no reference to insert_feed_uris any more, simply drop the unused reference, to avoid confusing the developers. (From OE-Core rev: 26dddb7d4a4945abaaefd460a342de6abd609594) Signed-off-by: Ming Liu <peter.x.liu@external.atlascopco.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* meta: remove remaining True option to getVar callsMing Liu2017-01-311-2/+2
| | | | | | | | | | | | | | | | This is a complementary fix to commit 7c552996: [ meta: remove True option to getVar calls ] it intended to remove all True option to getVar calls, but there are still some remaining. Search made with the following regex: getVar ?\((.*), True\) (From OE-Core rev: 87d03ffe03d6f01e360bfd51714be96e62506e0a) Signed-off-by: Ming Liu <peter.x.liu@external.atlascopco.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* classes/rootfs-postcommands: Add write_image_test_dataAníbal Limón2017-01-231-0/+18
| | | | | | | | | | | This function will generates testdata.json by image type. [YOCTO #10231] (From OE-Core rev: 4c0061422df472395ca0caa76ef92adb860f1167) Signed-off-by: Aníbal Limón <anibal.limon@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* rootfs-postcommands.bbclass: sort passwd entriesPatrick Ohly2017-01-161-0/+22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The /etc passwd files in a rootfs consist of the default entries from base-passwd plus anything that gets added via package installation, EXTRA_USERS_PARAMS and/or system sysusers. The execution order of preinst scripts is not perfectly deterministic, or at least unrelated changes caused it to change in a non-deterministic way, resulting in irrelevant changes in the order of passwd entries. useradd-staticids.bbclass ensures that the numeric IDs don't change, but re-ordering can still occur, which is bad for reproducible builds and file-based update mechanisms like swupd which work best if changes are as minimal as possible. To achieve that, the files get sorted in a post-processing command, enabled by default. Sorting is based primarily on the numeric IDs, so for example, the "root" user continues to be listed first. "nobody" now is at the end, which wasn't the case before. The order of the entries should not matter, but in obscure cases where it does (like having multiple entries for the same numeric ID) this behavior can be disabled by setting SORT_PASSWD_POSTPROCESS_COMMAND to an empty string. Fixes: YOCTO #10520 (From OE-Core rev: ba684f436908ac2300a00c174d5aa06b4f824367) Signed-off-by: Patrick Ohly <patrick.ohly@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* meta: remove True option to getVar callsJoshua Lock2016-12-161-3/+3
| | | | | | | | | | | | | getVar() now defaults to expanding by default, thus remove the True option from getVar() calls with a regex search and replace. Search made with the following regex: getVar ?\(( ?[^,()]*), True\) (From OE-Core rev: 7c552996597faaee2fbee185b250c0ee30ea3b5f) Signed-off-by: Joshua Lock <joshua.g.lock@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Remove RM_OLD_IMAGE, it's no longer usefulJoshua Lock2016-10-151-3/+0
| | | | | | | | | | | | | | | | Since the move to put image deployment under sstate control in d54339d4b1a7e884de636f6325ca60409ebd95ff old images are automatically removed before a new image is deployed (the default behaviour of the sstate logic). RM_OLD_IMAGE is therefore no longer required to provide this behaviour, remove the variable and its users. (From OE-Core rev: 93631befe8b962bf99524746b49f4ebca336175c) Signed-off-by: Joshua Lock <joshua.g.lock@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* image: Deploy images to IMGDEPLOYDIREd Bartosh2016-09-041-2/+2
| | | | | | | | | | | | | | | | | Changed deployment directory from DEPLOY_DIR_IMAGE to IMGDEPLOYDIR to make sstate machinery to do final deployment and generate manifest. Renamed variable deploy_dir to deploy_dir_image in selftest code to avoid confusion with DEPLOYDIR variable. Updated the code of rootfs.py:Rootfs class to use IMGDEPLOYDIR variable as it's now used as a new deployment destination. (From OE-Core rev: 6d969bacc718e21a5246d4da9bf9639dcae29b02) Signed-off-by: Ed Bartosh <ed.bartosh@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* systemd: allow add users to groups in rootfs postprocessStephano Cetola2016-07-211-0/+9
| | | | | | | | | | | | | Currently the functionality checks for the "u" and "g" flags to create users and groups, but not the "m" flag to add users to groups. This change first checks to be sure that the users and groups are created, creates them if necessary, then adds the user to the group. (From OE-Core rev: f0a77bee3d092cf79b7e584b943a623eddd6e13d) Signed-off-by: Stephano Cetola <stephano.cetola@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* systemd: allow add users as a rootfs postprocess cmdStephano Cetola2016-06-011-23/+20
| | | | | | | | | | | | | | | | | Adding all the users / groups to systemd is only available for readonly file systems. This change allows users to add them to read / write file systems as well by specifying: ROOTFS_POSTPROCESS_COMMAND += "systemd_create_users" Also, add "--shell /sbin/nologin" to each user's add params. [ YOCTO #9497 ] (From OE-Core rev: 98a4c642444a524f547f5d978a28814d20c12354) Signed-off-by: Stephano Cetola <stephano.cetola@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* rootfs-postcommands: handle broken links when writing manifestRoss Burton2016-04-141-3/+1
| | | | | | | | | | | | If the manifest link is broken then os.path.exists() returns False so the link isn't removed, resulting in the os.symlink() call failing as the file already exists. Prevent this by using os.path.lexists to check that the symlink itself exists, not the target. (From OE-Core rev: 018e3f9f215607a1d7c9fb7780236cc467f3103b) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* rootfs-postcommands: don't write manifest when IMAGE_MANIFEST emptyJoshua Lock2016-03-281-1/+4
| | | | | | | | | | | | Return early in write_image_manifest () if the IMAGE_MANIFEST variable is unset. This allows us to prevent writing of the manifest where we prevent images being created for a recipe by unsetting IMAGE_FSTYPES. (From OE-Core rev: 54387be24d6a157574496f1b20b21c7fc2a51d3e) Signed-off-by: Joshua Lock <joshua.g.lock@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* rootfs-postcommands: fix ssh_allow_empty_password checkingJonathan Liu2016-02-281-4/+6
| | | | | | | | | | | | The ssh_allow_empty_password function doesn't check if sshd_config_readonly exists before running sed which can result in an error if sshd_config exists but sshd_config_readonly doesn't. (From OE-Core rev: dc4e3d31852084a75faf224882d1ab19d07de8fe) Signed-off-by: Jonathan Liu <net147@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* rootfs-postcommands: fix allow-empty-password on read-only rootfsRoss Burton2016-01-261-2/+2
| | | | | | | | | | | | When a read-only rootfs is being used sshd uses a different sshd_config file, which also needs to be editted. [ YOCTO #8680 ] (From OE-Core rev: cff11495cc376f080e06028655e4eb6c7f8a8094) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* lib/oe/rootfs: Use list_pkgs() instead of list()Mariano Lopez2016-01-201-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | This patch changes the use list_pkgs() instead of list() from class RpmPkgsList. The change is in two functions, image_list_installed_packages from rootfs.py and sdk_list_installed_packages from sdk.py. With this change the functions calling the functions listed above, must format the output as they required. The formatting can be done using format_pkg_list() from oe.utils. The classes calling the afected functions are changed too with this patch, to keep the same functionality using the new data structure. [YOCTO #7427] (From OE-Core rev: 983ea373362514e5888bd1d7d9c4f136c94b00f2) Signed-off-by: Mariano Lopez <mariano.lopez@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* rootfs-postcommands: Ensure license manifests respect RM_OLD_IMAGERichard Purdie2016-01-191-0/+3
| | | | | | | | | | | When RM_OLD_IMAGE is set, old manifest files should be removed along with old image files and our QA tests expect this. This patch ensures this happens. (From OE-Core rev: fc951851a0e172641e2f24a4edce87ca2eb5cecd) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* image: Create separate tasks for rootfs constructionRichard Purdie2016-01-111-1/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch splits the code in lib/oe/image into separate tasks, one per image type. This removes the need for the simple task graph code and defers to the bitbake task management code to handle this instead. This is a good step forward in splitting up the monolithic code and starting to make it more accessible to people. It should also make it easier for people to hook in other tasks and processes into the rootfs code. Incidentally, the reason this code was all combined originally was due to limitations of fakeroot where if you exited the session, you lost permissions data. With pseudo this constraint was removed. We did start to rework the rootfs/image code previously and got so far with untangling it however we did prioritise some performance tweaks over splitting into separate tasks and in hindsight, this was a mistake and should have been done the other way around. That work was suspended due to changes in the people working on the project but this split has always been intended, now is the time to finish it IMO. There were some side effects of doing this: * The symlink for the manifest moves to the rootfs-postcommands class and into the manifest function. * There is no seperate "symlink removal" and "symlink creation", they are merged * The date/time stamps of the manifest and the built images can now be different since the tasks can be run separately and the datetime stamp will then be different between do_rootfs and the do_image_* tasks. (From OE-Core rev: c2dab181c1cdabac3be6197f4b9ea4235cbbc140) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* image/rootfs-postcommands: Separate out post rootfs commands to separate classRichard Purdie2016-01-061-0/+258
Reading image.bbclass is a little difficult as it has many post rootfs helper functions and its hard to separate those from the core contents of the rootfs/image code. Moving it to a separate class would be one way of making it clearer what these functions are. There are some comment layout improvements but no code changes. (From OE-Core rev: df4cb51c8e60fa46d4d15be8da3d84287ff08ae7) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>