diff options
| author | Mark Hatle <mark.hatle@amd.com> | 2024-11-12 15:23:11 -0600 |
|---|---|---|
| committer | Steve Sakoman <steve@sakoman.com> | 2025-01-18 06:26:44 -0800 |
| commit | 85ceda54ce3ae726dc1b50e3900f89b07fe1c88a (patch) | |
| tree | 50b0957e5fa3f140f0ee85875bad6b7388ef85b9 | |
| parent | 7117d115eab7351ecf21388ec720a3bb5f4a9b30 (diff) | |
| download | poky-85ceda54ce3ae726dc1b50e3900f89b07fe1c88a.tar.gz | |
cve-update-nvd2-native: Handle BB_NO_NETWORK and missing db
The custom do_fetch routine is ignoring BB_NO_NETWORK, add a check for this
as the correct behavior for the user is to set:
CVE_DB_UPDATE_INTERVAL = "-1"
If CVE_DB_UPDATE_INTERNAL is set to -1, check that a DB file exists, if not
we need to error so the user can deal with this.
Note, MIRRORs are NOT handled by this code.
(From OE-Core rev: 062c125f41c3fc3fec0938b24f847ed566357c84)
Signed-off-by: Mark Hatle <mark.hatle@amd.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 337c0806d2784d74bee8d6420fb8b4d48795d5fa)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
(cherry picked from commit 2bc4623a910dfa3a22cd054ea1e0f2dd59d74eea)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
| -rw-r--r-- | meta/recipes-core/meta/cve-update-nvd2-native.bb | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/meta/recipes-core/meta/cve-update-nvd2-native.bb b/meta/recipes-core/meta/cve-update-nvd2-native.bb index c05c47d42e..441559471f 100644 --- a/meta/recipes-core/meta/cve-update-nvd2-native.bb +++ b/meta/recipes-core/meta/cve-update-nvd2-native.bb | |||
| @@ -68,6 +68,8 @@ python do_fetch() { | |||
| 68 | update_interval = int(d.getVar("CVE_DB_UPDATE_INTERVAL")) | 68 | update_interval = int(d.getVar("CVE_DB_UPDATE_INTERVAL")) |
| 69 | if update_interval < 0: | 69 | if update_interval < 0: |
| 70 | bb.note("CVE database update skipped") | 70 | bb.note("CVE database update skipped") |
| 71 | if not os.path.exists(db_file): | ||
| 72 | bb.error("CVE database %s not present, database fetch/update skipped" % db_file) | ||
| 71 | return | 73 | return |
| 72 | if time.time() - os.path.getmtime(db_file) < update_interval: | 74 | if time.time() - os.path.getmtime(db_file) < update_interval: |
| 73 | bb.note("CVE database recently updated, skipping") | 75 | bb.note("CVE database recently updated, skipping") |
| @@ -77,6 +79,9 @@ python do_fetch() { | |||
| 77 | except OSError: | 79 | except OSError: |
| 78 | pass | 80 | pass |
| 79 | 81 | ||
| 82 | if bb.utils.to_boolean(d.getVar("BB_NO_NETWORK")): | ||
| 83 | bb.error("BB_NO_NETWORK attempted to disable fetch, this recipe uses CVE_DB_UPDATE_INTERVAL to control download, set to '-1' to disable fetch or update") | ||
| 84 | |||
| 80 | bb.utils.mkdirhier(db_dir) | 85 | bb.utils.mkdirhier(db_dir) |
| 81 | bb.utils.mkdirhier(os.path.dirname(db_tmp_file)) | 86 | bb.utils.mkdirhier(os.path.dirname(db_tmp_file)) |
| 82 | if os.path.exists(db_file): | 87 | if os.path.exists(db_file): |