summaryrefslogtreecommitdiffstats
path: root/meta/recipes-connectivity
Commit message (Collapse)AuthorAgeFilesLines
* bluez5: update to 5.55Chee Yang Lee2020-11-291-2/+2
| | | | | | | | | | | | | Release note: https://github.com/bluez/bluez/commit/5a180f2ec9edfacafd95e5fed20d36fe8e077f07 (From OE-Core rev: 6ed12979194b8fb73d6f7365128b5451e580cdba) Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit c2895e3e4eabca64cbcc8682e72d25026df5e5f0) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh: whitelist CVE-2014-9278Steve Sakoman2020-11-201-0/+4
| | | | | | | | | | | | | | | | | | The OpenSSH server, as used in Fedora and Red Hat Enterprise Linux 7 and when running in a Kerberos environment, allows remote authenticated users to log in as another user when they are listed in the .k5users file of that user, which might bypass intended authentication requirements that would force a local login. Whitelist the CVE since this issue is Redhat specific. (From OE-Core rev: b43201dd7459c2e408889fd8a81a52719308b5fe) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 309132e50d23b1e3f15ef8db1a101166b35f7ca4) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* kea: add init scriptsakuster2020-10-175-1/+174
| | | | | | | | | | | | | | | | | | [ Yocto # 14074 ] Add init scripts for dhcp4,6 and ddns (From OE-Core rev: 6d20bfda696fc6c6c3989ecf9996d2494953e232) Signed-off-by: Armin kuster <akuster808@gmail.com> -- V2] remove 'status' from usage add patch to fix ps -p in keactrl.in Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dhcpcd: add PACKAGECONFIG for ntp/chrony/ypbind hooksYi Zhao2020-10-171-0/+8
| | | | | | | | | | | By default, the dhcpcd will search ntp/chrony/ypbind in host path when configuring and install the hooks once it find them. Add PACKAGECONFIG for these hooks to avoid the host contamination. (From OE-Core rev: 5039d313df6cb2c477766ada936806e4ffd5a8ec) Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: upgrade 9.16.5 -> 9.16.7zangrc2020-09-3010-1/+1
| | | | | | | (From OE-Core rev: 129e1f748685368f45a5022218cd83872e22ab61) Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh: Allow enable/disable of rng-tools recommendation on sshdOtavio Salvador2020-09-251-2/+8
| | | | | | | | | | | We are adding a new PACKAGECONFIG option ('rng-tools') to control if we wish the openssh-sshd to RRECOMMENDS the 'rng-tools' package. We are enabling it by default so there is no behavior change. (From OE-Core rev: fe99349c1bd72b69d22ab0dc52b8825d3157b8e7) Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dhcpcd: set service to conflict with connmanYi Zhao2020-09-242-0/+2
| | | | | | | | | | | As the default network manager, connman has its own internal DHCP implement. If run dhcpcd and connman simultaneously, they may conflict with each other. (From OE-Core rev: c02fce3b42513d8c741d74091b20a6a52cea32d2) Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ssh-pregen-hostkeys: Add a recipe with pregenerated ssh host keysRichard Purdie2020-09-238-0/+76
| | | | | | | | | | | | Host keys are getting bigger and taking an ever increasing amount of time to generate. Whilst we do need to test that works, we don't need to test it in every image. Add a recipe which can be added to images with pre-generated keys, allowing us to speed up tests on the autobuilder where it makes sense to. (From OE-Core rev: c6c7d16437cbd5ccbee1b99a2154c33fdbac9299) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dhcpcd: add dhcpcd user to support priviledge separationYi Zhao2020-09-231-1/+7
| | | | | | | | | | The dhcpcd enables privsep by default. It requires a user added to the system. Add dhcpcd user and group to support it. (From OE-Core rev: 31c13dc5bbdde0e6ba1510b684eba0aa2ff2c937) Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dhcpcd: set --runstatedir to /runYi Zhao2020-09-232-1/+2
| | | | | | | | | Set --runstatedir to /run/dhcpcd rather than /var/run/dhcpcd (From OE-Core rev: e3aabde595a443ded2cab9a966f43dc07062ca99) Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dhcpcd: pass --dbdir to EXTRA_OECONF to set database directoryYi Zhao2020-09-231-1/+3
| | | | | | | | | | Set --dbdir to /var/lib/dhcpcd rather than /var/db/dhcpcd to satisfy FHS compliance (From OE-Core rev: 18d0c08b357236eb157e0b008faa413f31bd0214) Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* kea: fix conflict between multilibsKai Kang2020-09-232-0/+56
| | | | | | | | | | | | | | | | | | There are conflict of config files between kea and lib32-kea: | Error: Transaction test error: | file /etc/kea/kea-ctrl-agent.conf conflicts between attempted installs of lib32-kea-1.7.10-r0.core2_32 and kea-1.7.10-r0.core2_64 | file /etc/kea/kea-dhcp4.conf conflicts between attempted installs of lib32-kea-1.7.10-r0.core2_32 and kea-1.7.10-r0.core2_64 Because they are all commented out, replace the expanded libdir path with '$libdir' in the config files to avoid conflict. (From OE-Core rev: 2cc07c4685c95e1d7a7f8e84947ea4f01e8357d3) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: remove -r option for rndc-confgenMingli Yu2020-09-212-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The named service fail to start as below: # systemctl status named.service named.service - Berkeley Internet Name Domain (DNS) Loaded: loaded (/lib/systemd/system/named.service; enabled; vendor preset: enabled) Active: failed (Result: exit-code) since Wed 2020-09-16 06:07:49 UTC; 9s ago Process: 134206 ExecStartPre=/usr/sbin/generate-rndc-key.sh (code=exited, status=1/FAILURE) Sep 16 06:07:49 intel-x86-64 systemd[1]: Starting Berkeley Internet Name Domain (DNS)... Sep 16 06:07:49 intel-x86-64 generate-rndc-key.sh[134206]: Generating /etc/bind/rndc.key: Sep 16 06:07:49 intel-x86-64 generate-rndc-key.sh[134207]: rndc-confgen: The -r option has been deprecated. Sep 16 06:07:49 intel-x86-64 generate-rndc-key.sh[134208]: chown: cannot access '/etc/bind/rndc.key': No such file or directory Sep 16 06:07:49 intel-x86-64 generate-rndc-key.sh[134209]: chmod: cannot access '/etc/bind/rndc.key': No such file or directory Sep 16 06:07:49 intel-x86-64 systemd[1]: named.service: Control process exited, code=exited, status=1/FAILURE Sep 16 06:07:49 intel-x86-64 systemd[1]: named.service: Failed with result 'exit-code'. Sep 16 06:07:49 intel-x86-64 systemd[1]: Failed to start Berkeley Internet Name Domain (DNS). It is because fail to execute "/usr/sbin/generate-rndc-key.sh" as -r is deprecated since bind 9.13.x and the random function changes in [1], so remove -r option to fix the above issue. DNSSEC validation is now active by default after bind upgrade to 9.16.x, but it is not in 9.11.x. So disable DNSSEC validation explicitly to silence below message. Sep 18 03:21:37 intel-x86-64 named[23272]: managed-keys-zone: Unable to fetch DNSKEY set '.': timed out [1]: https://gitlab.isc.org/isc-projects/bind9/-/commit/3a4f820d625c214cfb21f5e6d18ce9160d2a193b (From OE-Core rev: 884cc4196c75b5107082a188cf5f7a4dee4fc5c3) Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* kea: create /var/lib/kea and /var/run/kea folderMingli Yu2020-09-212-1/+41
| | | | | | | | | | | | | | | | | | | Create /var/lib/kea and /var/run/kea folder if they don't exist to fix below error: # keactrl start INFO/keactrl: Starting /usr/sbin/kea-dhcp4 -c /etc/kea/kea-dhcp4.conf INFO/keactrl: Starting /usr/sbin/kea-dhcp6 -c /etc/kea/kea-dhcp6.conf INFO/keactrl: Starting /usr/sbin/kea-ctrl-agent -c /etc/kea/kea-ctrl-agent.conf Unable to use interprocess sync lockfile (No such file or directory): /var/run/kea/logger_lockfile Service failed: Launch failed: Unable to open PID file '/var/run/kea/kea-ctrl-agent.kea-ctrl-agent.pid' for write [snip] ERROR [kea-dhcp4.dhcp4/615.140641792751488] DHCP4_CONFIG_LOAD_FAIL configuration error using file: /etc/kea/kea-dhcp4.conf, reason: Unable to open database: unable to open '/var/lib/kea/kea-leases4.csv' [snip] (From OE-Core rev: 0183ad73526ddcff094c7f8c159c03d22ca760a3) Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dropbear/openssh: Lower priority of key generationRichard Purdie2020-09-201-0/+1
| | | | | | | | | | | | | | | Where we have images with PAM+systemd, serial login can be extremely slow. The load generated by key generation does slow down the rest of the boot process. Lower the priority level of these systemd services, since we'd prefer to have the rest of the system boot more effectively. This doesn't "solve" the slow systemd boot issues but does help. (From OE-Core rev: 087700665284c08ba846e52b6b86276629f5f1cd) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: Inherit update-alternativesKhem Raj2020-09-151-1/+1
| | | | | | | | | | | We are setting u-a for nslookup and it won't work unless we inherit this class (From OE-Core rev: 0cccb2ae6508c0b3d4a5362e61b24ee314c2fb02) Signed-off-by: Khem Raj <raj.khem@gmail.com> Cc: Andrey Zhizhikin <andrey.z@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dhcpcd: 9.1.4 -> 9.2.0Kai Kang2020-09-123-4/+40
| | | | | | | | | | | | Upgrade dhcpcd from 9.1.4 to 9.2.0. And add systemd services files dhcpcd.service and dhcpcd@.service from Fedora: https://src.fedoraproject.org/rpms/dhcpcd/tree/master (From OE-Core rev: 3e729e918ca7f42446517abfcd1eced72db7a7f1) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* kea: bump to 1.7.10Ross Burton2020-09-052-37/+1
| | | | | | | | | | | This is the latest release in the 1.7.x series so should be a safe upgrade, and means we can drop a patch as the AC_TRY_RUN has an optimistic fallback for cross-compiling now. (From OE-Core rev: 49ce9c09d86d645f3fa30e41430075b1ffa8c768) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* kea: don't use PACKAGECONFIG inappropriatelyRoss Burton2020-09-051-6/+6
| | | | | | | | | | | | | | The Kea recipe has PACKAGECONFIG options for boost, openssl, and log4cplus. However, these are not optional but mandatory dependencies. Remove the PACKAGECONFIGs and replace with explicit DEPENDS and EXTRA_OECONF. Also the RDEPENDS in the PACKAGECONFIGs are redundant as the library dependencies are generated correctly. (From OE-Core rev: d58dc77ab71ea85f8f12ea4ca2e28e0afee60440) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* kea: no need to depend on kea-nativeRoss Burton2020-09-051-8/+2
| | | | | | | | | | | | | | | kea-msg-compiler is only needed if you alter the messages and the generated sources need to be rebuilt. When this is the case, there are better ways to build kea-msg-compiler that don't involve building all of Kea. Don't depend on kea-native, remove BBCLASSEXTEND=native, and the target overrides. (From OE-Core rev: 5e6174c58d5e3a95eccee773b6670242cb9ab8f4) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* resolvconf: upgrade 1.82 -> 1.83Alexander Kanavin2020-09-031-1/+1
| | | | | | | (From OE-Core rev: f1b27d8afc0cda36d58c9b78926e9d014289e375) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libuv: upgrade 1.38.1 -> 1.39.0Alexander Kanavin2020-09-031-1/+1
| | | | | | | (From OE-Core rev: 7e9e9fb2f98259be9d93422bcf2a7ed84e13bebc) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: 9.11 removeakuster2020-09-0211-747/+0
| | | | | | | (From OE-Core rev: 29949cd7cf3a660fb3bcf251f5127a4cdb2804ec) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: Add 9.16.xakuster2020-09-0210-0/+701
| | | | | | | | | | | | | | | | | | | | | | Removed obsolete packageconfig options License change to MPL-2.0 https://gitlab.isc.org/isc-projects/bind9/blob/master/LICENSE Refreshed: bind-ensure-searching-for-json-headers-searches-sysr.patch 0001-named-lwresd-V-and-start-log-hide-build-options.patch bind-ensure-searching-for-json-headers-searches-sysr.patch Drop obsolete patch: 0001-configure.in-remove-useless-L-use_openssl-lib.patch RP: Dropped the multilib scripts handling as those scripts are no longer present in this version. (From OE-Core rev: d7cc84de47fad1dfbae68c32bb2165c708bec66b) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dhcp: remove from coreakuster2020-09-0223-1092/+0
| | | | | | | | | update maintainers.inc too (From OE-Core rev: 7e3357892f204788162747e907d68f857118cf42) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dhcpcd: Move from meta-network as OE-Core needs a clientakuster2020-09-022-0/+73
| | | | | | | (From OE-Core rev: 087e4fafeef82cfd3d71402d6b200fe831f48697) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* kea: Move from meta-networkingakuster2020-09-025-0/+140
| | | | | | | (From OE-Core rev: 2b911fc989cf88cd0040581f82da0be308c702dd) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* iw: upgrade 5.4 -> 5.8Changhyeok Bae2020-09-021-2/+2
| | | | | | | (From OE-Core rev: 42e6b9d12db36004d1fd6b81f53f9bc071bf7f8b) Signed-off-by: Changhyeok Bae <changhyeok.bae@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bluez5: fix builds that require ell supportPeter A. Bigot2020-08-261-2/+2
| | | | | | | | | | | | | | | | | | Shortly after the recipe was updated to add ell as a mesh dependency the way ell was integrated into bluez5 was changed. BlueZ requires ell only for mesh and for btpclient (external test programs). It will be ignored unless either mesh or btpclient are selected. ell can be supplied externally, or it can be copied into the bluez build directory from an existing sibling source directory. Since bitbake builds do not provide a sibling source directory tell bluez to look for it as an external library in the conditions where it's required. (From OE-Core rev: f22b4eba98b3707d7f6daa4277414cecb3e5ee6b) Signed-off-by: Peter A. Bigot <pab@pabigot.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* connman-gnome/matchbox-desktop: Remove file:// globbingRichard Purdie2020-08-261-1/+1
| | | | | | | | | | | | A directory can be specified in SRC_URI, there is no need to use globbing. This means that the files are checksummed correctly and the recipe rebuilds when the files change as globbing breaks that. We're about to remove the use of globbing in SRC_URI so improve these. (From OE-Core rev: 007c7d7ebe6b6b7b18c84f4f57b09ffee5522807) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: update to 9.11.22 ESVArmin Kuster2020-08-251-1/+1
| | | | | | | | | | | | | | | | | | | | | | | Source: isc.org MR: 105232, 105246, 105260 Type: Security Fix Disposition: Backport from https://www.isc.org/bind/ ChangeID: 655cfdf1e91c4107321e63a2012302e1cc184366 Description: Bug fix only update Three CVE fixes CVE-2020-8622 CVE-2020-8623 CVE-2020-8624 For more information see: https://downloads.isc.org/isc/bind9/9.11.22/RELEASE-NOTES-bind-9.11.22.pdf (From OE-Core rev: 1c85f26b1bd3475699d54f18c6b5b4924bcd8eb2) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh: Drop StandardError=syslog from systemd unitAlex Kiernan2020-08-211-1/+0
| | | | | | | | | | | With systemd v246 the syslog target now generates a warning (and has been deprecated for some time). Drop the target and allow the default to take effect. (From OE-Core rev: 2ba088d8373d9d54930bc3f5ec1799ea1a6ffafc) Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* nfs-utils: Drop StandardError=syslog from systemd unitAlex Kiernan2020-08-211-1/+0
| | | | | | | | | | | With systemd v246 the syslog target now generates a warning (and has been deprecated for some time). Drop the target and allow the default to take effect. (From OE-Core rev: 81cc21e57ac309ba728cb4f13fd70d3367b93ab7) Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* iproute2: upgrade 5.7.0 -> 5.8.0Changhyeok Bae2020-08-203-13/+12
| | | | | | | (From OE-Core rev: a38527357f4255f0f4cf888f640f38f2ef5942e0) Signed-off-by: Changhyeok Bae <changhyeok.bae@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* inetutils: Fix build with -fno-commonKhem Raj2020-08-062-0/+59
| | | | | | | | | | | | Fixes errors like telnetd/state.c:69: multiple definition of `not42'; utility.o:/usr/src/debug/inetutils/1.9.4-r0/build/telnetd/../../inetutils-1.9.4/telnetd/utility.c:66: first defined here | clang-11: error: linker command failed with exit code 1 (use -v to see invocation) (From OE-Core rev: 555bb1191459aa2a05a4ed9e044c0eba085a7162) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dhcp: Use -fcommon compiler optionKhem Raj2020-08-061-0/+2
| | | | | | | | | | | | | This ensures -fcommon is still used when compiler defaults to -fno-common in gcc10 and clang11 Fixes dhcp-4.4.2/server/mdb.c:70: multiple definition of `dhcp_type_host'; dhcpd-omapi.o:/usr/src/debug/dhcp/4.4.2-r0/dhcp-4.4.2/server/omapi.c:50: first defined here (From OE-Core rev: ee585ced8e48bca508c03ce71741bbcd672ee80d) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: upgrade 9.11.19 -> 9.11.21Yi Zhao2020-07-221-1/+1
| | | | | | | (From OE-Core rev: c6749532f94f435e6771d66d3fa225e676753478) Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: openssl-bin requires openssl-conf to runRobert Yang2020-07-191-0/+2
| | | | | | | | | | | | Fixed: $ dnf install openssl-bin $ openssl req -new -x509 -keyout lighttpd.pem -out lighttpd.pem -days 365 -nodes -batch Can't open /usr/lib/ssl-1.1/openssl.cnf for reading, No such file or directory (From OE-Core rev: e93cd3b83a255294c9ab728adc7e237eb1321dab) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libuv: upgrade 1.38.0 -> 1.38.1Richard Purdie2020-07-181-1/+1
| | | | | | (From OE-Core rev: 4f4a2efcee140cec1c0a34990958f084167e381e) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* nfs-utils: use rpcgen tool from HOSTTOOLS_DIRTaras Kondratiuk2020-07-121-0/+1
| | | | | | | | | | | | | | | | nfs-utils configure searches for rpcgen tool only in default locations: "/usr/local/bin/rpcgen /usr/bin/rpcgen /bin/rpcgen". On some of our build machines the rpcgen is not present there and configure fails: | configure: error: Please install rpcgen or use --with-rpcgen HOSTTOOLS_DIR already contains a correct pointer to host rpcgen tool, so use it from there. (From OE-Core rev: 2e0b4c99f5d49c84a3a2992fb686d27693f3d8c6) Signed-off-by: Taras Kondratiuk <takondra@cisco.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* avahi: Fix typo in recipeChristian Eggers2020-07-121-1/+1
| | | | | | | | | | | According to the PACKAGES variable, LICENSE_avahi-client is misspelled. Additionally, the libavahi-client package actually only includes LGPLv2.1+ software (as opposed to the global LICENSE variable). (From OE-Core rev: d8837b4735b5e96ae0f5542319e711dbda8c3849) Signed-off-by: Christian Eggers <ceggers@arri.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: move ${libdir}/[...]/openssl.cnf to ${PN}-confHannu Lounento2020-07-081-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Some openssl command line operations like creating an X.509 CSR require the file /usr/lib/ssl-1.1/openssl.cnf to exist and fail if it doesn't root@qemux86-64:~# openssl req -out my.csr -new -newkey rsa:2048 -nodes -keyout my.key Can't open /usr/lib/ssl-1.1/openssl.cnf for reading, No such file or directory 140289168594176:error:02001002:system library:fopen:No such file or directory:../openssl-1.1.1g/crypto/bio/bss_file.c:69:fopen('/usr/lib/ssl-1.1/openssl.cnf','r') 140289168594176:error:2006D080:BIO routines:BIO_new_file:no such file:../openssl-1.1.1g/crypto/bio/bss_file.c:76: which is the case e.g. in core-image-minimal with just the package openssl-bin added to the image by declaring IMAGE_INSTALL_append = " openssl-bin" e.g. in local.conf. The file did not exist in the aforementioned image / configuration because it was packaged to the main openssl package FILES_${PN} =+ "${libdir}/ssl-1.1/*" (there is no other FILES specification that would match the file either) and path/to/poky/build$ rpm --query --package --list tmp/deploy/rpm/core2_64/openssl-1.1.1g-r0.core2_64.rpm [...] /usr/lib/ssl-1.1/openssl.cnf [...] Hence move /usr/lib/ssl-1.1/openssl.cnf (and openssl.cnf.dist as it seems closely related) to the ${PN}-conf package to have it installed with ${PN}-bin, which already (indirectly) depends on ${PN}-conf. Note that the openssl recipe has the comment Add the openssl.cnf file to the openssl-conf package. Make the libcrypto package RRECOMMENDS on this package. This will enable the configuration file to be installed for both the openssl-bin package and the libcrypto package since the openssl-bin package depends on the libcrypto package. but openssl-conf only contained /etc/ssl/openssl.cnf path/to/poky/build$ rpm --query --package --list tmp/deploy/rpm/core2_64/openssl-conf-1.1.1g-r0.core2_64.rpm /etc /etc/ssl /etc/ssl/openssl.cnf /usr/lib/ssl-1.1/openssl.cnf is actually only a symlink that points to ../../../etc/ssl/openssl.cnf. Other files and directories in /usr/lib/ssl-1.1/ were considered as well because they seem to be configuration files and / or related to (symlinks pointing to) /etc. They were not moved though, because based on our use case and testing moving the openssl.cnf symlink is sufficient for fixing the immediate problem and we lack knowledge about the other files in order to make a decision to change their packaging. (From OE-Core rev: c1632d7041fe0c18ec61abfa79a9c025af43c033) Signed-off-by: Hannu Lounento <hannu.lounento@vaisala.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* nfs-utils: upgrade 2.4.3 -> 2.5.1Andreas Müller2020-06-282-50/+9
| | | | | | | | | | | | | * cacheio was fixed upstream slightly different * nfsdclnts is a python3 script for printing various nfs client information pack it in ${PN}-stats * replace leading spaces by tabs in shell tasks * remove SRC_URI[md5sum] (From OE-Core rev: 489fe278443e7376a5b51789daff2449f19c87ab) Signed-off-by: Andreas Müller <schnitzeltony@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libuv: update to the last version in meta-oeakuster2020-06-281-1/+1
| | | | | | | | | | | | | | Looks like I forgot to update the contrib branch. This is a squished set of these changes: https://git.openembedded.org/meta-openembedded/commit/?id=e03b48481438c747322f07ac1e1f04add541ffac https://git.openembedded.org/meta-openembedded/commit/?id=9b61f412d36b390f8d71ad1fb5875f5f6e32fd8a https://git.openembedded.org/meta-openembedded/commit/?id=644ea1ee145902b00e4e66856ebe8d8800dfc1f0 (From OE-Core rev: 3a336db61ff5cd2a1981b2f26df421363f639ed1) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* wpa-supplicant: Security fix CVE-2020-12695Armin Kuster2020-06-284-1/+267
| | | | | | | | | | | | Source: http://w1.fi/security/ Disposition: Backport from http://w1.fi/security/2020-1/ Affects <= 2.9 wpa-supplicant (From OE-Core rev: e9c696397ae1b4344b8329a13076f265980ee74d) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libuv: move from meta-oe to core for bind updateArmin Kuster2020-06-231-0/+19
| | | | | | | (From OE-Core rev: 07bcc80df1118c0bcc5b4b60beaa3e5674f1855e) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: update to 9.11.19akuster2020-06-163-240/+2
| | | | | | | | | | | | | | | | Bug fix only updates. suitable for Stable branch updates where applicable. Drop CVE patches included in update LIC_FILES_CHKSUM update copyright year to 2020 Full changes found at : https://gitlab.isc.org/isc-projects/bind9/-/blob/v9_11/CHANGES (From OE-Core rev: a6ba66cf5e754cdcd41f01d233fbef7b94a10225) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* meta: Don't inherit 'features_check' in recipes that don't utilize itJacob Kroon2020-06-121-1/+1
| | | | | | | (From OE-Core rev: e5591eb5165b1b7287a12928e2b179ae2b5ce5d6) Signed-off-by: Jacob Kroon <jacob.kroon@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* avahi-dnsconfd: rdepends on avahi-daemonKai Kang2020-06-121-0/+1
| | | | | | | | | | | Systemd service avahi-dnsconfd.service requires avahi-daemon.socket and avahi-daemon.service which are from avahi-daemon. So make avahi-dnsconfd rdepends on avahi-daemon. (From OE-Core rev: 0a7277fda81d48960937ee91ceebc528aaf4272e) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* wpa-supplicant: remove service templates from SYSTEMD_SERVICEKai Kang2020-06-091-3/+3
| | | | | | | | | | | Remove service templates wpa_supplicant-nl80211@.service and wpa_supplicant-wired@.service from SYSTEMD_SERVICE that they should NOT be started/stopped by calling 'systemctl' in postinst and prerm scripts. (From OE-Core rev: fe9b8e50461ab00ab3ad8b065ebd32f0eea2a255) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-05-10 16:07:45 +0000