Various changes needed to enable to run Toaster in the
Build Appliance:
1. Pre-install packages as specified by the file
"bitbake/toaster-requirements.txt"
2. Include pip3 in the image
3. Include tzdata in the image (needed by django)
4. Bump SRCREV to a commit with proper settings.py (ALLOWED_HOSTS)
for Django 1.8.16
5. Added README_VirtualBox_Toaster.txt to provide steps for
configuring VirtualBox network adapters (NAT or Bridged)
and steps to launch Toaster
[YOCTO#10767]
(From OE-Core rev: dffbac64bbf86c91247ba7373b3b5bd6af24103f)
Signed-off-by: Juro Bystricky <juro.bystricky@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
valgrind doesn't seem to support x32 at this time, even in current upstream.
(From OE-Core rev: 0203ae47dacc1a4b37007062f962fa8d4bd602e2)
Signed-off-by: Christopher Larson <chris_larson@mentor.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Upstream have removed the file from zlib.net as a new version has
been released, switch to fetching from the official sourceforge
mirror.
[YOCTO #10879]
(From OE-Core rev: bb99e4a620efd59556539c156cd98ea23aae74c8)
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
If the file is expected to exist, then we should always be using require
so that if it doesn't we get an error rather than some other more
obscure failure later on.
(From OE-Core rev: 603ae6eb487489e65da69c68e532cb767ccc1fc2)
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
After systemd-boot was introduced, its been tested for a while with no major
issues being found until now, this patch completely replaces all gummiboot
instances with systemd-boot ones, taking the next step into cleaning
up systemd-boot/gummiboot.
[YOCTO #10332]
(From OE-Core rev: f9a61d3400ad9068a6d83b8eb6aefe3098c58e68)
Signed-off-by: Alejandro Hernandez <alejandro.hernandez@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
There were a few straggling expansion parameter removals left for
getVar/getVarFlag where the odd whitespace meant they were missed
on previous passes. There were also some plain broken ussages such
as:
d.getVar('ALTERNATIVE_TARGET', old_name, True)
path = d.getVar('PATH', d, True)
d.getVar('IMAGE_ROOTFS', 'True')
which I've corrected (they happend to work by luck).
(From OE-Core rev: 688f7a64917a5ce5cbe12f8e5da4d47e265d240f)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This rdepends on libgl.
(From OE-Core rev: a7cab6a9d416b5a53de206c9c2cf020c1fc70201)
Signed-off-by: Christopher Larson <chris_larson@mentor.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Refreshed the following patch:
* inet-6-.defn-fix-inverted-checks-for-loopback.patch
(From OE-Core rev: 1daa09aa82c528dcc7682553dd6704a93aafdc88)
Signed-off-by: Maxin B. John <maxin.john@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
If you want to be able to use -fstack-protector then you need the
runtime support - you can either write this yourself or use libssp
supplied with GCC. If you're using GCC then it seems likely that you'd
just be using libssp, so include in the SDK by default; however use
RRECOMMENDS just in case it's been disabled or you aren't using GCC.
(From OE-Core rev: 6c990655e35bb3a14d59555662ec5802c9980028)
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
rm: can't remove '/etc/resolv.conf': Read-only file system
ln: /etc/resolv.conf: File exists
/etc/default/volatiles contains an entry:
l root root 0644 /etc/resolv.conf /var/run/resolv.conf
which causes populate-volatile.sh to execute the following in link_file():
if [ -L \"$2\" ]; then
[ \"\$(readlink -f \"$2\")\" != \"\$(readlink -f \"$1\")\" ] && { rm -f \"$2\"; ln -sf \"$1\" \"$2\"; };
elif [ -d \"$2\" ]; then
...
At the time the image is created, /etc/resolv.conf is already a
symlink to /var/run/resolv.conf, but at boot time when
populate-volatiles.sh is run, /var/run/resolv.conf doesn't
exist, causing it to try to rm -f and ln -sf which of course
fails due to the read-only filesystem.
[YOCTO #10814]
(From OE-Core rev: 765ee275f5499254b1f09e394c757072bea5f459)
Signed-off-by: André Draszik <adraszik@tycoint.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
If commands are run asynchronously they may be completed out of
order causing problems if later entries depend on earlier ones.
(From OE-Core rev: bead9e59768209dd70f9cba51d2f1e5925cc284d)
Signed-off-by: Mans Rullgard <mans@mansr.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
latest systemd has changed the resolved defaults which points to
127.0.0.53 port 53 on local network. If someone wants to use
host-local IP address then it can be pointed to copy in /lib/systemd
(From OE-Core rev: 99d1199fd0961f94732a1a533d66472ca17cf6f5)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
There is no break in busybox's "defconfig" file to show where Runit
settings suddenly morph into SELinux settings, so add some comments.
(From OE-Core rev: 0fa590ed6c26aa065a9da8edbf65436fa1f6d04f)
(From OE-Core rev: 21c3d1b354dbb6cd6f3d574785f70858d828d977)
Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
getVar() now defaults to expanding by default, thus remove the True
option from getVar() calls with a regex search and replace.
Search made with the following regex: getVar ?\(( ?[^,()]*), True\)
(From OE-Core rev: 7c552996597faaee2fbee185b250c0ee30ea3b5f)
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
When building systemd with multilib support enabled in your build you
will get the following QA warnings (if the 'libdir' QA check is
enabled.)
WARNING: systemd-1_232-r0 do_package_qa: QA Issue: systemd-dbg: found \
library in wrong location: /lib/systemd/.debug/libsystemd-shared-232.so
systemd: found library in wrong location: /lib/systemd/libsystemd-shared.so
systemd: found library in wrong location: /lib/systemd/libsystemd-shared-232.so [libdir]
Since systemd 231 upstream has included an 'internal' library which
they explicitly place in the application specific /lib/systemd
directory. You can see some of the discussion about this placement
here https://github.com/systemd/systemd/issues/3810
This placement is being picked up by the QA checker since when
multilibs are enabled it expects all libraries to be in lib32 or
lib64. Since the systemd and systemd-dbg packages don't contain any
other libraries we can respect the upstream placement and skip this QA
check for these packages. Unfortunately the QA mechanism doesn't allow
us to specify individual files so this approach is the best we can do.
(From OE-Core rev: 422077ff91c4147f08108fe8510b238730f2367c)
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The NULL pointer dereferencing could produced some
security problems.
This is a preventive security fix.
(From OE-Core rev: 8f3008114d5000a0865f50833db7c3a3f9808601)
Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Pascal Bach <pascal.bach@siemens.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Namespace nodes must be copied to avoid use-after-free errors.
But they don't necessarily have a physical representation in a
document, so simply disallow them in XPointer ranges.
(From OE-Core rev: 00e928bd1c2aed9caeaf9e411743805d2139a023)
Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Pascal Bach <pascal.bach@siemens.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
xpath:
- Check for errors after evaluating first operand.
- Add sanity check for empty stack.
- Include comparation in changes from xmlXPathCmpNodesExt to xmlXPathCmpNodes
(From OE-Core rev: 96ef568f75dded56a2123b63dcc8b443f796afe0)
Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Pascal Bach <pascal.bach@siemens.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
getty devices were not being removed in some cases because device name
was not at the end of the line, for example a ttyS1 device:
S1:12345:respawn:/bin/start_getty 115200 ttyS1 vt102
Removing this limitation allows sed to remove any line containing
the device.
(From OE-Core rev: 2e0b36981c1f91ed0d3d457c370df10a099407af)
Signed-off-by: Leonardo Sandoval <leonardo.sandoval.gonzalez@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
These changes are required for compatibility with ConnMan, which by default
uses table ids greater than 255.
(From OE-Core rev: e9114bdd8a83b88f59526780910c49e3092fdd57)
Signed-off-by: Lukasz Nowak <lnowak@tycoint.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
ARM stack frames for abort and raise were limited to the the actual
abort and raise call, such as:
Obtained 4 stack frames.
./test-app(print_trace+0x1c) [0x10a08]
./test-app() [0x10b3c]
/lib/libc.so.6(__default_sa_restorer+0) [0x4adae1e0]
/lib/libc.so.6(gsignal+0xa0) [0x4adacf74]
This is not terribly useful when trying to figure out what function
may have called called the abort, especially when using pthreads.
After the change the trace would now look like:
Obtained 8 stack frames.
./test-app(print_trace+0x1c) [0x10a08]
./test-app() [0x10b3c]
/lib/libc.so.6(__default_sa_restorer+0) [0x4befe1e0]
/lib/libc.so.6(gsignal+0xa0) [0x4befcf74]
/lib/libc.so.6(abort+0x134) [0x4befe358]
./test-app(dummy_function+0x50) [0x10adc]
./test-app(main+0xd4) [0x10c24]
/lib/libc.so.6(__libc_start_main+0x114) [0x4bee7a58]
(From OE-Core rev: 93bf8713d8e13c278543baea94fb8dad0cb80e49)
Signed-off-by: Yuanjie Huang <yuanjie.huang@windriver.com>
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
There is a critical regression in the default behavior with systemd
232 which prevents lxc, docker, and opencontainers from working
properly out of the box. The change was already committed to the
systemd 233 code stream.
The failure looks like what is shown below.
% lxc-start -n container -F
lxc-start: cgfsng.c: parse_hierarchies: 825 Failed to find current cgroup for controller 'name=systemd'
lxc-start: cgfsng.c: all_controllers_found: 431 no systemd controller mountpoint found
lxc-start: start.c: lxc_spawn: 1082 failed initializing cgroup support
lxc-start: start.c: __lxc_start: 1332 failed to spawn 'container'
lxc-start: lxc_start.c: main: 344 The container failed to start.
lxc-start: lxc_start.c: main: 348 Additional information can be obtained by setting the --logfile and --logpriority options.
Commit 843d5baf6aad6c53fc00ea8d95d83209a4f92de1 from the systemd git
has been backported and can be dropped in a future uprev.
(From OE-Core rev: d212e97aeae502cd0d11cb922f7711aee5c1ace0)
Signed-off-by: Jason Wessel <jason.wessel@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This improves the config file parsing to permit blank lines and
comments following an entry or preceeded by whitespace.
(From OE-Core rev: 415eaacb83b1c6df5210fb423e3e96e530b1dc42)
Signed-off-by: Mans Rullgard <mans@mansr.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Drop support for rcS.d SysV init scripts.
These are prone to cause dependency loops, and almost all packages with
rcS scripts now ship a native systemd service.
* Drop mount propagation patch, it only happens with libseccomp, OE doesnt
enable it
* kdbus option has disappeared from configure
* Ignore dev-so for PN now since systemd introduced private .so see
https://github.com/systemd/systemd/issues/3810
* Add libnss* to PACKAGES_DYNAMIC for libnss-resolve to work correctly
* Forward port systemd-boot patches to systemd-232
(From OE-Core rev: e6c1765a05c1321f08f3d1fb521dfe6b07bc8e92)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
CVE-2016-5131 libxml2: Use-after-free vulnerability in libxml2 through
2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote
attackers to cause a denial of service or possibly have unspecified
other impact via vectors related to the XPointer range-to function.
External References:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5131
Patch from:
https://git.gnome.org/browse/libxml2/commit/?id=9ab01a277d71f54d3143c2cf333c5c2e9aaedd9e
(From OE-Core rev: 640bd2b98ff33e49b42f1087650ebe20d92259a4)
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Fractional durations (e.g. 0.5s) for the sleep command are useful and
not terribly uncommon in practice, especially in scripts associated
with test cases (e.g. mdadm, lttng-tools). Enable FEATURE_FLOAT_SLEEP
by default in order to avoid having to patch every instance of a
script using a fractional sleep.
The busybox binary gains a few hundred bytes in text (armv5e shown):
$ size -x busybox.nosuid.{before,after}
text data bss dec hex filename
0x89382 0x71d 0x2250 572655 8bcef busybox.nosuid.before
0x8954e 0x721 0x2250 573119 8bebf busybox.nosuid.after
(From OE-Core rev: 0f53db8a63ed35031b1fcc85057b39ad43c9abd1)
Signed-off-by: Nathan Lynch <nathan_lynch@mentor.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Bobby Bingham (2):
treat null vdso base same as missing
add s390x port
Rich Felker (2):
generalize ELF hash table types not to assume 32-bit entries
work around gdb issues recognizing sigreturn trampoline on x86_64
(From OE-Core rev: 39829ef1b8bba3499255c59a4b9713e68a33ddc1)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Currently systemd depends on systemd-container due to a dangling
symlink deployed with systemd.
Move the symlink to systemd-container.
| DEBUG: systemd contains dangling link /lib/systemd/system/systemd-machined.service
| DEBUG: target found in systemd-container
(From OE-Core rev: e12912ac7484654c201d167831b302a821e14972)
Signed-off-by: Max Krummenacher <max.krummenacher@toradex.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This patch has been superseded by 2907b1 in gobject-introspection, which we're
now shipping.
(From OE-Core rev: f5c11a40008801aef5ab8df10ee837ad23c24b8d)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This makes more sense than the default TERM=linux (as set
by the linux kernel).
In addition, when using busybox init, it tries to achieve
the same (in a different way).
Both agetty, and busybox getty support the terminal type as
the last argument.
(From OE-Core rev: a23004f32dda9310c7efc29720fa9c3027a7c329)
Signed-off-by: André Draszik <adraszik@tycoint.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Backport patch to fix CVE-2016-6323 of glibc. And remove the section of
file ChangeLog which can't be applied.
Ref:
https://sourceware.org/bugzilla/show_bug.cgi?id=20435
(From OE-Core rev: a3c2acee40c8875e311e03bff6906e7c93c491fc)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
glib-networking 2.50 moved away from intltool to modern gettext, so remove the build dependency.
(From OE-Core rev: 709004afe9f55126400f4ca70454b3e69a19fa6a)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Add awareness of /dev/nvme* block devices to install scripts. As presently
written, installer knows only of /dev/sd* and /dev/mmcblk* block devices.
Building upon scaffolding put in place by Awais in...
80ec9f627915 ("initrdscripts: handle mmc device as installer medium")
(From OE-Core rev: b5a036ce958e3fe24690531712071abc14b48033)
Signed-off-by: Joe Konno <joe.konno@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Reduce duplication in MIPS variants now that the MACHINEOVERRIDES
variable is defined
(From OE-Core rev: ca5fef0fe8fad2010049790ebf34bc9e9ede39f0)
Signed-off-by: Zubair Lutfullah Kakakhel <Zubair.Kakakhel@imgtec.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Reduce duplication in MIPS variants now that the MACHINEOVERRIDES
variable is defined
(From OE-Core rev: 5013504b8b406b47a66c84413cb7f8beb5c336c3)
Signed-off-by: Zubair Lutfullah Kakakhel <Zubair.Kakakhel@imgtec.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Reduce duplication in MIPS variants now that the MACHINEOVERRIDES
variable is defined
(From OE-Core rev: ed1ba311fbfc6365da91b867d22b77c7c44cae75)
Signed-off-by: Zubair Lutfullah Kakakhel <Zubair.Kakakhel@imgtec.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The su binary is handled by alternatives but the man page wasn't, so
installing both util-linux-doc and shadow-doc produces errors.
Also use d.expand() to neaten the code.
(From OE-Core rev: 70a161ee88d3d54fec6d59039c181b43f1857dc3)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
eMMC devices may report block devices like "mmcblk0rpmb" and
"mmcblk0boot0". These are not actually block devices and any
read/write operation on them will fail. To prevent spamming error
messages attempting to mount them, just ignore these devices.
(From OE-Core rev: 9f4a85eb929f67420d9689d7dddadd120ed49843)
Signed-off-by: Mike Looijmans <mike.looijmans@topic.nl>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The manager_invoke_notify_message function in systemd 231 and earlier allows
local users to cause a denial of service (assertion failure and PID 1 hang)
via a zero-length message received over a notify socket.
The patch is a backport from the latest git repo.
Please see the link below for more information.
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7795
(From OE-Core rev: 543570cafa8d7f595b489d03d05f0aa4478f8539)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
When modifying the PATH variable in .bashrc, double quote characters
were used, resulting in expanding the variable $PATH with the value of
PATH of the system building the Build Appliance.
The original intent was to enter an un-expanded (literal) $PATH.
In order to that, one must use single quotes instead of double quotes.
[YOCTO#10434] [YOCTO#10504]
(From OE-Core rev: 6238faf901956e2a350315a66ca1ce557deaa513)
Signed-off-by: Juro Bystricky <juro.bystricky@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>