linux/poky.git/meta/classes, branch nanbield-4.3.2Mirror of git.yoctoproject.org/pokyhttps://git.enea.com/cgit/linux/poky.git/atom?h=nanbield-4.3.22024-01-04T14:09:43+00:00useradd_base: Fix sed command line for passwd-expire2024-01-04T14:09:43+00:00Adam Johnstonadam.johnston@arm.com2023-11-21T19:05:28+00:00urn:sha1:dc33087410ae71ca6e2d4ac63ff4c948ac78d495
A previous commit tried to add the --follow-symlinks option to
the perform_passwd_expire function in useradd_base.bbclass, however it used
a single -.
This is interpreted as --file=ollow-symlinks which results in...
sed: couldn't open file ollow-symlinks: No such file or directory
and...
ERROR: <image name>: passwd --expire operation did not succeed.
Fix by adding the missing -
(From OE-Core rev: 67721b71bf677097645b9150a31ac833125c0c23)
Signed-off-by: Adam Johnston <adam.johnston@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 3c0deafcfcea3f610c7dd9a2d2884a16fbfe0497)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
sed -i destroys symlinks2024-01-04T14:09:43+00:00Joakim Tjernlundjoakim.tjernlund@infinera.com2023-11-14T13:28:42+00:00urn:sha1:d2d9fd706364e9901a5575ffa0e7579383cff01e
If /etc/passwd is a symlink, sed -i on same file will replace the
symlink with a new file. Prevent that by adding --follow-symlinks
option to sed
(From OE-Core rev: 7b4343a30a02d8f8664ac4c4bc09e5acfb4fa60e)
Signed-off-by: Joakim Tjernlund <joakim.tjernlund@infinera.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 6ec004b2e7b4342465af8e5e6cc66041834821a0)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
cve-check: sort the package list in the JSON report2023-11-03T13:49:23+00:00Ross Burtonross.burton@arm.com2023-11-03T13:28:09+00:00urn:sha1:7b119ca128afbdb599259484bf1cccb09b19ee76
The JSON report generated by the cve-check class is basically a huge
list of packages. This list of packages is, however, unsorted.
To make things easier for people comparing the JSON, or more
specifically for git when archiving the JSON over time in a git
repository, we can sort the list by package name.
(From OE-Core rev: f3d9dd947e678078b57b4b607e231b702c26dd4a)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
externalsrc.bbclass: Support specifying patterns in CONFIGURE_FILES2023-10-06T10:51:11+00:00Peter Kjellerstedtpeter.kjellerstedt@axis.com2023-10-03T01:05:27+00:00urn:sha1:d066ec92dc6453b372cf5796f43c484400c060e8
This allows, e.g., *.cmake to be added to CONFIGURE_FILES to make the
do_configure task depend on changes to any cmake file.
(From OE-Core rev: 09873b3fb24a00cfbd73282d29e4c5821774f579)
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
classes/create-spdx-2.2: Show error if document is not found2023-09-29T22:11:59+00:00Joshua WattJPEWhacker@gmail.com2023-09-28T18:34:13+00:00urn:sha1:7b7a439953443aa35a3462e43e34579198d3a33f
As in other places, print a more helpful error if a SPDX document is not
found when assembling documents for the final SPDX archive.
(From OE-Core rev: 0a3f7e0b41552e113347d6f5edefe84fd4e47fdf)
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
cve-check: add CVSS vector string to CVE database and reports2023-09-28T11:37:46+00:00Antoine Lubineauantoine.lubineau@easymile.com2023-09-21T08:23:52+00:00urn:sha1:8e680771d29230a0be432546c8b6c4efa8787728
This allows building detailed vulnerability analysis tools without
relying on external resources.
(From OE-Core rev: 048ff0ad927f4d37cc5547ebeba9e0c221687ea6)
Signed-off-by: Antoine Lubineau <antoine.lubineau@easymile.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
create-spdx: Ensure it is clear where the message comes from2023-09-26T09:25:42+00:00Richard Purdierichard.purdie@linuxfoundation.org2023-09-25T13:28:21+00:00urn:sha1:f69017a713803a0e47fe3f0207c1a5b22ad30030
This message can appear in do_rootfs and the users tend to think this is
some kind of packaging issue. Add SPDX to the message so users like me
think in the right direction.
(From OE-Core rev: ddcf15134b5ec4bf4c728156461c2e45194d71ca)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
spdx: use TOOLCHAIN_OUTPUTNAME for SDK filename prefix2023-09-26T09:25:42+00:00Denys Dmytriyenkodenis@denix.org2023-09-22T22:20:43+00:00urn:sha1:fc59af1998af4347c5992f01231291557bc8f3cd
Replace SDK_NAME with TOOLCHAIN_OUTPUTNAME when naming SDK host and
target SPDX archives.
In most cases TOOLCHAIN_OUTPUTNAME is almost identical to SDK_NAME,
but sometimes custom meta-toolchain recipes have some variations and
populate_sdk_base.bbclass already uses TOOLCHAIN_OUTPUTNAME to name
corresponding host and target manifests:
SDK_HOST_MANIFEST = "${SDKDEPLOYDIR}/${TOOLCHAIN_OUTPUTNAME}.host.manifest"
SDK_TARGET_MANIFEST = "${SDKDEPLOYDIR}/${TOOLCHAIN_OUTPUTNAME}.target.manifest"
To match the naming convention, also use TOOLCHAIN_OUTPUTNAME here
for naming SPDX archives as well, resulting in:
${TOOLCHAIN_OUTPUTNAME}-host.spdx.tar.zst
${TOOLCHAIN_OUTPUTNAME}-target.spdx.tar.zst
(From OE-Core rev: 38158670256e2ce803aa45f609108d29523b3135)
Signed-off-by: Denys Dmytriyenko <denys@konsulko.com>
Signed-off-by: Denys Dmytriyenko <denis@denix.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
create-spdx/sbom: Ensure files don't overlap between machines2023-09-22T06:45:17+00:00Richard Purdierichard.purdie@linuxfoundation.org2023-09-21T15:04:20+00:00urn:sha1:b0b0b89ad763a50cb02429b31f24400ddd4491b7
Currently the by-id and by-namespace SPDX files are created without reference
to PACKAGE_ARCH. This means that for two machines using a common package architecture
(e.g. genericx86-64 and qqemux86-64), there would be overlapping files. This means
that the build of one can remove files from the other leading to build failures. An
example would be:
MACHINE=qemux86-64 bitbake core-image-minimal
MACHINE=genericx86-64 bitbake core-image-minimal
MACHINE=qemux86-64 bitbake linux-yocto -c clean
MACHINE=genericx86-64 bitbake core-image-minimal -C rootfs
To fix this, add PACKAGE_ARCH to the path used for the files and use a search
path based upon PACKAGE_ARCHS to access them.
(From OE-Core rev: b2db10e966438071d00d2057b84d5f347613d841)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
multilib: fix SSTATE_ARCHS for multilib usage2023-09-20T22:51:11+00:00Richard Purdierichard.purdie@linuxfoundation.org2023-09-19T17:05:31+00:00urn:sha1:84e17003c6098007f896ef301449a4748f9720fe
When building multilibs, we need to inject the multilib sstate pkgarch
into SSTATE_ARCHS so the list forms a complete search path. Add a tweak
to do this.
PACKAGE_ARCH defaults to TUNE_PKGARCH so this is equivalent and just
guards against recipes changing the value which may have other unwanted
side effects.
(From OE-Core rev: 37126ffc7ccbd3df57ebbd8e581d158f03bb3b4c)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>