Commit Graph

24 Commits

Author SHA1 Message Date
Paul Eggleton 779228d7a4 classes: drop image dependencies on TOPDIR variable
We don't need a dependency on this variable changing, and having one
causes locked signature warnings during eSDK installation if you have
INITRAMFS_IMAGE_* set (since TOPDIR will always be different between
the eSDK and the environment in which it was built).

Relates to [YOCTO #12102].

(From OE-Core master rev: 073610af04be326f9245ca91714526b390fb72cd)

(From OE-Core rev: 94a9f9a7dc5a736b7986b889895c736f02110715)

(From OE-Core rev: 8bf158857d7c597c58efc4023bdd9c2785d43ad3)

Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2018-01-07 17:07:56 +00:00
André Draszik 28b8850356 openssh: allow to override OpenSSL HostKeys when read-only-rootfs
With these changes it is possible to have a .bbappend that
- sets SYSCONFDIR to some persistent storage
- modifies SYSCONFDIR/sshd_config to use ssh host keys from
  the (writable) sysconfdir

(From OE-Core rev: 79c7c8342859306750f0af17210a183fdc543caf)

Signed-off-by: André Draszik <adraszik@tycoint.com>
Reviewed-by: Stephane Ayotte <sayotte@tycoint.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>

(cherry picked from commit 106b59d9f96f70d133fa1421091ad280d27a5b6a)
Signed-off-by: André Draszik <adraszik@tycoint.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-11-05 22:39:47 +00:00
Jose Alarcon 44c5efb453 rootfs-postcommands: add test for unsatisfied RRECOMMENDS
The do_rootfs log contains a number of unsatisfied package
recommendations. At the moment those are only visible when
reviewing the rootfs log.

This patch adds an extra check to surface any unsatisfied
recommendation  as WARNINGS to the build output.

Enable this check with:
ROOTFS_POSTPROCESS_COMMAND += "rootfs_log_check_recommends;"

(From OE-Core rev: 9d049bf7941f30e35c51775684559e95185fba96)

(From OE-Core rev: 514cadd28d05f5060b2538ef9b2920370c22bf73)

Signed-off-by: Jose Alarcon <jose.alarcon@ge.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-09-21 16:55:57 +01:00
Jose Alarcon 4d85aa71a0 rootfs-postcommands: remove empty line
(From OE-Core rev: 76a801da7fe5651d9e8310a2b32c275e1700daf3)

(From OE-Core rev: 189ea6f0232f1910736121fb15f80eea97932af8)

Signed-off-by: Jose Alarcon <jose.alarcon@ge.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-09-21 16:55:57 +01:00
Khem Raj 40ce8ca30c rootfs-postcommands.bbclass: Filter out dangling symlinks in ssh_allow_empty_password()
In images built with pam in DISTRO_FEATURES, we end up with dangling symlinks
if su is not packaged into image

$ ls /mnt/a/oe/build/tmp/work/raspberrypi3-bec-linux-gnueabi/core-image-minimal/1.0-r0/rootfs/etc/pam.d/su-l -l
lrwxrwxrwx 1 kraj users 2 Aug  9 07:56 /mnt/a/oe/build/tmp/work/raspberrypi3-bec-linux-gnueabi/core-image-minimal/1.0-r0/rootfs/etc/pam.d/su-l -> su

This causes image do_rootfs to fail

| sed: can't read /mnt/a/oe/build/tmp/work/raspberrypi3-bec-linux-gnueabi/core-image-minimal/1.0-r0/rootfs/etc/pam.d/s
u-l: No such file or directory
| WARNING: /mnt/a/oe/build/tmp/work/raspberrypi3-bec-linux-gnueabi/core-image-minimal/1.0-r0/temp/run.ssh_allow_empty_
password.19238:1 exit 2 from 'sed -i 's/nullok_secure/nullok/' /mnt/a/oe/build/tmp/work/raspberrypi3-bec-linux-gnueabi
/core-image-minimal/1.0-r0/rootfs/etc/pam.d/*'

Therefore we need to filter out dangling symlinks before sed'ing
things out

(From OE-Core rev: b92105e5a085c8cd3c650579644922ed97163e73)

(From OE-Core rev: ed1aaf24bfd4a09132c7e0247c460102ec85254d)

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-09-21 16:55:57 +01:00
Mike Looijmans 9842f64154 rootfs-postcommands.bbclass: Prevent linking testdata to itself
testdata and testdata_link may point to the same file, in particular
when IMAGE_LINK_NAME and IMAGE_NAME are equal.

Check if this is the case before creating a symlink that points to
itself and makes the next build fail.

(From OE-Core rev: f8ceec50af68650d6548738e5b5582e2b25424d7)

Signed-off-by: Mike Looijmans <mike.looijmans@topic.nl>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-08-29 12:22:06 +01:00
brian avery a6275df081 rootfs-postcommands.bbclass: save relative paths
We pass the TOPDIR to do a search/replace in export2json so that we save
relative paths in the testdata.json file rather than absolute paths.
This is to allow the images and kernels to be relocated yet still allow
testimage to work.

[YOCTO #11375]

(From OE-Core rev: 7f9f1bdd714fbc6b2adc62f64bf0e4fd1d98ce05)

Signed-off-by: brian avery <brian.avery@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-04-20 07:55:26 +01:00
Ming Liu 5707949f03 rootfs-postcommands.bbclass: drop insert_feed_uris function
The source makes no reference to insert_feed_uris any more, simply drop
the unused reference, to avoid confusing the developers.

(From OE-Core rev: 26dddb7d4a4945abaaefd460a342de6abd609594)

Signed-off-by: Ming Liu <peter.x.liu@external.atlascopco.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-01-31 14:43:02 +00:00
Ming Liu e2280b9e12 meta: remove remaining True option to getVar calls
This is a complementary fix to commit 7c552996:
[ meta: remove True option to getVar calls ]

it intended to remove all True option to getVar calls, but there are
still some remaining.

Search made with the following regex: getVar ?\((.*), True\)

(From OE-Core rev: 87d03ffe03d6f01e360bfd51714be96e62506e0a)

Signed-off-by: Ming Liu <peter.x.liu@external.atlascopco.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-01-31 14:43:02 +00:00
Aníbal Limón 60e5310f56 classes/rootfs-postcommands: Add write_image_test_data
This function will generates testdata.json by image type.

[YOCTO #10231]

(From OE-Core rev: 4c0061422df472395ca0caa76ef92adb860f1167)

Signed-off-by: Aníbal Limón <anibal.limon@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-01-23 12:05:19 +00:00
Patrick Ohly 753471db45 rootfs-postcommands.bbclass: sort passwd entries
The /etc passwd files in a rootfs consist of the default entries from
base-passwd plus anything that gets added via package installation,
EXTRA_USERS_PARAMS and/or system sysusers.

The execution order of preinst scripts is not perfectly deterministic,
or at least unrelated changes caused it to change in a
non-deterministic way, resulting in irrelevant changes in the order of
passwd entries.

useradd-staticids.bbclass ensures that the numeric IDs don't change,
but re-ordering can still occur, which is bad for reproducible builds
and file-based update mechanisms like swupd which work best if changes
are as minimal as possible.

To achieve that, the files get sorted in a post-processing command,
enabled by default. Sorting is based primarily on the numeric IDs, so
for example, the "root" user continues to be listed first. "nobody"
now is at the end, which wasn't the case before.

The order of the entries should not matter, but in obscure cases where
it does (like having multiple entries for the same numeric ID) this
behavior can be disabled by setting SORT_PASSWD_POSTPROCESS_COMMAND to
an empty string.

Fixes: YOCTO #10520

(From OE-Core rev: ba684f436908ac2300a00c174d5aa06b4f824367)

Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-01-16 18:05:12 +00:00
Joshua Lock c4e2c59088 meta: remove True option to getVar calls
getVar() now defaults to expanding by default, thus remove the True
option from getVar() calls with a regex search and replace.

Search made with the following regex: getVar ?\(( ?[^,()]*), True\)

(From OE-Core rev: 7c552996597faaee2fbee185b250c0ee30ea3b5f)

Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2016-12-16 10:23:23 +00:00
Joshua Lock 751cb2c894 Remove RM_OLD_IMAGE, it's no longer useful
Since the move to put image deployment under sstate control in
d54339d4b1a7e884de636f6325ca60409ebd95ff old images are automatically
removed before a new image is deployed (the default behaviour of the
sstate logic).

RM_OLD_IMAGE is therefore no longer required to provide this
behaviour, remove the variable and its users.

(From OE-Core rev: 93631befe8b962bf99524746b49f4ebca336175c)

Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2016-10-15 10:01:42 +01:00
Ed Bartosh 9cc4492732 image: Deploy images to IMGDEPLOYDIR
Changed deployment directory from DEPLOY_DIR_IMAGE to
IMGDEPLOYDIR to make sstate machinery to do final deployment and
generate manifest.

Renamed variable deploy_dir to deploy_dir_image in selftest code
to avoid confusion with DEPLOYDIR variable.

Updated the code of rootfs.py:Rootfs class to use IMGDEPLOYDIR variable
as it's now used as a new deployment destination.

(From OE-Core rev: 6d969bacc718e21a5246d4da9bf9639dcae29b02)

Signed-off-by: Ed Bartosh <ed.bartosh@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2016-09-04 00:07:28 +01:00
Stephano Cetola d4d60218ec systemd: allow add users to groups in rootfs postprocess
Currently the functionality checks for the "u" and "g" flags to create users and
groups, but not the "m" flag to add users to groups. This change first checks to
be sure that the users and groups are created, creates them if necessary, then
adds the user to the group.

(From OE-Core rev: f0a77bee3d092cf79b7e584b943a623eddd6e13d)

Signed-off-by: Stephano Cetola <stephano.cetola@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2016-07-21 07:47:52 +01:00
Stephano Cetola 79be110c1f systemd: allow add users as a rootfs postprocess cmd
Adding all the users / groups to systemd is only available for readonly
file systems. This change allows users to add them to read / write file
systems as well by specifying:

ROOTFS_POSTPROCESS_COMMAND += "systemd_create_users"

Also, add "--shell /sbin/nologin" to each user's add params.

[ YOCTO #9497 ]

(From OE-Core rev: 98a4c642444a524f547f5d978a28814d20c12354)

Signed-off-by: Stephano Cetola <stephano.cetola@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2016-06-01 12:38:43 +01:00
Ross Burton a43991d530 rootfs-postcommands: handle broken links when writing manifest
If the manifest link is broken then os.path.exists() returns False so the link
isn't removed, resulting in the os.symlink() call failing as the file already
exists.  Prevent this by using os.path.lexists to check that the symlink itself
exists, not the target.

(From OE-Core rev: 018e3f9f215607a1d7c9fb7780236cc467f3103b)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2016-04-14 10:58:33 +01:00
Joshua Lock 036167693a rootfs-postcommands: don't write manifest when IMAGE_MANIFEST empty
Return early in write_image_manifest () if the IMAGE_MANIFEST
variable is unset. This allows us to prevent writing of the
manifest where we prevent images being created for a recipe by
unsetting IMAGE_FSTYPES.

(From OE-Core rev: 54387be24d6a157574496f1b20b21c7fc2a51d3e)

Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2016-03-28 15:55:49 +01:00
Jonathan Liu 0011760663 rootfs-postcommands: fix ssh_allow_empty_password checking
The ssh_allow_empty_password function doesn't check if
sshd_config_readonly exists before running sed which can result in an
error if sshd_config exists but sshd_config_readonly doesn't.

(From OE-Core rev: dc4e3d31852084a75faf224882d1ab19d07de8fe)

Signed-off-by: Jonathan Liu <net147@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2016-02-28 11:33:06 +00:00
Ross Burton 88ca2276c1 rootfs-postcommands: fix allow-empty-password on read-only rootfs
When a read-only rootfs is being used sshd uses a different sshd_config file,
which also needs to be editted.

[ YOCTO #8680 ]

(From OE-Core rev: cff11495cc376f080e06028655e4eb6c7f8a8094)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2016-01-26 18:05:13 +00:00
Mariano Lopez 6ebda8e659 lib/oe/rootfs: Use list_pkgs() instead of list()
This patch changes the use list_pkgs() instead of list()
from class RpmPkgsList. The change is in two functions,
image_list_installed_packages from rootfs.py and
sdk_list_installed_packages from sdk.py.

With this change the functions calling the functions
listed above, must format the output as they required.
The formatting can be done using format_pkg_list() from
oe.utils.

The classes calling the afected functions are changed too
with this patch, to keep the same functionality using the
new data structure.

[YOCTO #7427]

(From OE-Core rev: 983ea373362514e5888bd1d7d9c4f136c94b00f2)

Signed-off-by: Mariano Lopez <mariano.lopez@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2016-01-20 17:07:15 +00:00
Richard Purdie 1c869a96b2 rootfs-postcommands: Ensure license manifests respect RM_OLD_IMAGE
When RM_OLD_IMAGE is set, old manifest files should be removed
along with old image files and our QA tests expect this.

This patch ensures this happens.

(From OE-Core rev: fc951851a0e172641e2f24a4edce87ca2eb5cecd)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2016-01-19 17:24:47 +00:00
Richard Purdie 0a4e1f968a image: Create separate tasks for rootfs construction
This patch splits the code in lib/oe/image into separate tasks, one per
image type. This removes the need for the simple task graph code and defers
to the bitbake task management code to handle this instead.

This is a good step forward in splitting up the monolithic code and starting
to make it more accessible to people.

It should also make it easier for people to hook in other tasks and processes
into the rootfs code.

Incidentally, the reason this code was all combined originally was due to
limitations of fakeroot where if you exited the session, you lost permissions
data. With pseudo this constraint was removed.

We did start to rework the rootfs/image code previously and got so far with
untangling it however we did prioritise some performance tweaks over splitting
into separate tasks and in hindsight, this was a mistake and should have been done
the other way around. That work was suspended due to changes in the people working
on the project but this split has always been intended, now is the time to finish
it IMO.

There were some side effects of doing this:

* The symlink for the manifest moves to the rootfs-postcommands class and into
  the manifest function.
* There is no seperate "symlink removal" and "symlink creation", they are merged
* The date/time stamps of the manifest and the built images can now be different since
  the tasks can be run separately and the datetime stamp will then be different
  between do_rootfs and the do_image_* tasks.

(From OE-Core rev: c2dab181c1cdabac3be6197f4b9ea4235cbbc140)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2016-01-11 23:26:29 +00:00
Richard Purdie 0051510ae3 image/rootfs-postcommands: Separate out post rootfs commands to separate class
Reading image.bbclass is a little difficult as it has many post rootfs
helper functions and its hard to separate those from the core contents
of the rootfs/image code.

Moving it to a separate class would be one way of making it clearer
what these functions are. There are some comment layout improvements
but no code changes.

(From OE-Core rev: df4cb51c8e60fa46d4d15be8da3d84287ff08ae7)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2016-01-06 15:27:33 +00:00