[oe] [meta-oe][PATCH] libteam: add ptest

2018-04-16 Thread wenzong.fan 
From: Wenzong Fan 

The scripts/team_basic_test.py will be called as testcase.

RedHat specific tests have been disabled since they are incampatible
with OE.

Signed-off-by: Wenzong Fan 
---
 ...asic_test.py-disable-RedHat-specific-test.patch | 32 ++
 meta-oe/recipes-support/libteam/libteam/run-ptest  |  3 ++
 meta-oe/recipes-support/libteam/libteam_1.27.bb|  8 +-
 3 files changed, 42 insertions(+), 1 deletion(-)
 create mode 100644 
meta-oe/recipes-support/libteam/libteam/0001-team_basic_test.py-disable-RedHat-specific-test.patch
 create mode 100644 meta-oe/recipes-support/libteam/libteam/run-ptest

diff --git 
a/meta-oe/recipes-support/libteam/libteam/0001-team_basic_test.py-disable-RedHat-specific-test.patch
 
b/meta-oe/recipes-support/libteam/libteam/0001-team_basic_test.py-disable-RedHat-specific-test.patch
new file mode 100644
index 000..468a55f
--- /dev/null
+++ 
b/meta-oe/recipes-support/libteam/libteam/0001-team_basic_test.py-disable-RedHat-specific-test.patch
@@ -0,0 +1,32 @@
+From 00debe6bd4cf5a3133a8fbaab75f7447a39fa655 Mon Sep 17 00:00:00 2001
+From: Wenzong Fan 
+Date: Thu, 12 Apr 2018 01:54:15 +
+Subject: [PATCH] team_basic_test.py: disable RedHat specific test
+
+The test _run_teamd_initscripts() is for RedHat ifcfg scripts which are
+incompatible with OE:
+  /etc/sysconfig/network-scripts/ifcfg-*
+
+Upstream-Status: Inappropriate [OE Specific]
+
+Signed-off-by: Wenzong Fan 
+---
+ scripts/team_basic_test.py | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/scripts/team_basic_test.py b/scripts/team_basic_test.py
+index b05be9e..faabd18 100755
+--- a/scripts/team_basic_test.py
 b/scripts/team_basic_test.py
+@@ -171,7 +171,7 @@ TEAM_PORT_CONFIG='{"prio": 10}'
+ try:
+ for mode_name in self._team_modes:
+ self._run_one_mode(mode_name)
+-self._run_teamd_initscripts()
++#self._run_teamd_initscripts()
+ finally:
+ cmd_exec("modprobe -r team_mode_loadbalance team_mode_roundrobin 
team_mode_activebackup team_mode_broadcast team");
+ 
+-- 
+2.13.3
+
diff --git a/meta-oe/recipes-support/libteam/libteam/run-ptest 
b/meta-oe/recipes-support/libteam/libteam/run-ptest
new file mode 100644
index 000..4ba5acf
--- /dev/null
+++ b/meta-oe/recipes-support/libteam/libteam/run-ptest
@@ -0,0 +1,3 @@
+#!/bin/sh
+
+python $(dirname $0)/team_basic_test.py
diff --git a/meta-oe/recipes-support/libteam/libteam_1.27.bb 
b/meta-oe/recipes-support/libteam/libteam_1.27.bb
index 3222700..442592d 100644
--- a/meta-oe/recipes-support/libteam/libteam_1.27.bb
+++ b/meta-oe/recipes-support/libteam/libteam_1.27.bb
@@ -10,6 +10,8 @@ DEPENDS = "libnl libdaemon jansson"
 SRC_URI = "git://github.com/jpirko/libteam \
file://0001-include-sys-select.h-for-fd_set-definition.patch \
file://0002-teamd-Re-adjust-include-header-order.patch \
+   file://0001-team_basic_test.py-disable-RedHat-specific-test.patch \
+   file://run-ptest \
"
 SRCREV = "91a928a56a501daac5ce8b3c16bd9943661f1d16"
 
@@ -18,7 +20,7 @@ SRC_URI[sha256sum] = 
"d65286379141db141bea33424ec0507bb0f827a0bf03d9c65004bb593e
 
 S = "${WORKDIR}/git"
 
-inherit autotools pkgconfig
+inherit autotools pkgconfig ptest
 
 FILES_${PN} = "${libdir}/libteam${SOLIBS} \
 "
@@ -33,4 +35,8 @@ FILES_${PN}-utils = "${bindir}/bond2team \
 "
 
 RDEPENDS_${PN}-utils = "bash"
+RDEPENDS_${PN}-ptest = "python"
 
+do_install_ptest() {
+   install ${S}/scripts/team_basic_test.py ${D}${PTEST_PATH}/
+}
-- 
2.8.1

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [meta-networking][PATCH] tcpdump: update to 4.9.2 to fix CVEs

2017-09-12 Thread wenzong.fan 
From: Wenzong Fan 

Refer to http://www.tcpdump.org/tcpdump-changes.txt:

Fix buffer overflow vulnerabilities:
  CVE-2017-11543 (SLIP)
  CVE-2017-13011 (bittok2str_internal)
Fix infinite loop vulnerabilities:
  CVE-2017-12989 (RESP)
  CVE-2017-12990 (ISAKMP)
  CVE-2017-12995 (DNS)
  CVE-2017-12997 (LLDP)
Fix buffer over-read vulnerabilities:
  CVE-2017-11541 (safeputs)
  CVE-2017-11542 (PIMv1)
  CVE-2017-12893 (SMB/CIFS)
  CVE-2017-12894 (lookup_bytestring)
  CVE-2017-12895 (ICMP)
  CVE-2017-12896 (ISAKMP)
  CVE-2017-12897 (ISO CLNS)
  CVE-2017-12898 (NFS)
  CVE-2017-12899 (DECnet)
  CVE-2017-12900 (tok2strbuf)
  CVE-2017-12901 (EIGRP)
  CVE-2017-12902 (Zephyr)
  CVE-2017-12985 (IPv6)
  CVE-2017-12986 (IPv6 routing headers)
  CVE-2017-12987 (IEEE 802.11)
  CVE-2017-12988 (telnet)
  CVE-2017-12991 (BGP)
  CVE-2017-12992 (RIPng)
  CVE-2017-12993 (Juniper)
  CVE-2017-11542 (PIMv1)
  CVE-2017-11541 (safeputs)
  CVE-2017-12994 (BGP)
  CVE-2017-12996 (PIMv2)
  CVE-2017-12998 (ISO IS-IS)
  CVE-2017-12999 (ISO IS-IS)
  CVE-2017-13000 (IEEE 802.15.4)
  CVE-2017-13001 (NFS)
  CVE-2017-13002 (AODV)
  CVE-2017-13003 (LMP)
  CVE-2017-13004 (Juniper)
  CVE-2017-13005 (NFS)
  CVE-2017-13006 (L2TP)
  CVE-2017-13007 (Apple PKTAP)
  CVE-2017-13008 (IEEE 802.11)
  CVE-2017-13009 (IPv6 mobility)
  CVE-2017-13010 (BEEP)
  CVE-2017-13012 (ICMP)
  CVE-2017-13013 (ARP)
  CVE-2017-13014 (White Board)
  CVE-2017-13015 (EAP)
  CVE-2017-11543 (SLIP)
  CVE-2017-13016 (ISO ES-IS)
  CVE-2017-13017 (DHCPv6)
  CVE-2017-13018 (PGM)
  CVE-2017-13019 (PGM)
  CVE-2017-13020 (VTP)
  CVE-2017-13021 (ICMPv6)
  CVE-2017-13022 (IP)
  CVE-2017-13023 (IPv6 mobility)
  CVE-2017-13024 (IPv6 mobility)
  CVE-2017-13025 (IPv6 mobility)
  CVE-2017-13026 (ISO IS-IS)
  CVE-2017-13027 (LLDP)
  CVE-2017-13028 (BOOTP)
  CVE-2017-13029 (PPP)
  CVE-2017-13030 (PIM)
  CVE-2017-13031 (IPv6 fragmentation header)
  CVE-2017-13032 (RADIUS)
  CVE-2017-13033 (VTP)
  CVE-2017-13034 (PGM)
  CVE-2017-13035 (ISO IS-IS)
  CVE-2017-13036 (OSPFv3)
  CVE-2017-13037 (IP)
  CVE-2017-13038 (PPP)
  CVE-2017-13039 (ISAKMP)
  CVE-2017-13040 (MPTCP)
  CVE-2017-13041 (ICMPv6)
  CVE-2017-13042 (HNCP)
  CVE-2017-13043 (BGP)
  CVE-2017-13044 (HNCP)
  CVE-2017-13045 (VQP)
  CVE-2017-13046 (BGP)
  CVE-2017-13047 (ISO ES-IS)
  CVE-2017-13048 (RSVP)
  CVE-2017-13049 (Rx)
  CVE-2017-13050 (RPKI-Router)
  CVE-2017-13051 (RSVP)
  CVE-2017-13052 (CFM)
  CVE-2017-13053 (BGP)
  CVE-2017-13054 (LLDP)
  CVE-2017-13055 (ISO IS-IS)
  CVE-2017-13687 (Cisco HDLC)
  CVE-2017-13688 (OLSR)
  CVE-2017-13689 (IKEv1)
  CVE-2017-13690 (IKEv2)
  CVE-2017-13725 (IPv6 routing headers)

Signed-off-by: Wenzong Fan 
---
 .../recipes-support/tcpdump/{tcpdump_4.9.1.bb => tcpdump_4.9.2.bb}| 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
 rename meta-networking/recipes-support/tcpdump/{tcpdump_4.9.1.bb => 
tcpdump_4.9.2.bb} (90%)

diff --git a/meta-networking/recipes-support/tcpdump/tcpdump_4.9.1.bb 
b/meta-networking/recipes-support/tcpdump/tcpdump_4.9.2.bb
similarity index 90%
rename from meta-networking/recipes-support/tcpdump/tcpdump_4.9.1.bb
rename to meta-networking/recipes-support/tcpdump/tcpdump_4.9.2.bb
index 40106975e..d38540e34 100644
--- a/meta-networking/recipes-support/tcpdump/tcpdump_4.9.1.bb
+++ b/meta-networking/recipes-support/tcpdump/tcpdump_4.9.2.bb
@@ -12,8 +12,8 @@ SRC_URI = " \
 file://run-ptest \
 "
 
-SRC_URI[md5sum] = "1e0293210b0dea5ef18e88e4150394b7"
-SRC_URI[sha256sum] = 
"f9448cf4deb2049acf713655c736342662e652ef40dbe0a8f6f8d5b9ce5bd8f3"
+SRC_URI[md5sum] = "9bbc1ee33dab61302411b02dd0515576"
+SRC_URI[sha256sum] = 
"798b3536a29832ce0cbb07fafb1ce5097c95e308a6f592d14052e1ef1505fe79"
 
 export LIBS=" -lpcap"
 
-- 
2.13.0

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [meta-networking][PATCH] tcpdump: fix CVE-2017-11541, 11542, 11543

2017-09-07 Thread wenzong.fan 
From: Wenzong Fan 

Backport patches for fixing:
- CVE-2017-11541:
  https://nvd.nist.gov/vuln/detail/CVE-2017-11541
  
https://github.com/the-tcpdump-group/tcpdump/commit/21d702a136c5c16882e368af7c173df728242280

- CVE-2017-11542:
  https://nvd.nist.gov/vuln/detail/CVE-2017-11542
  
https://github.com/the-tcpdump-group/tcpdump/commit/bed48062a64fca524156d7684af19f5b4a116fae

- CVE-2017-11543:
  https://nvd.nist.gov/vuln/detail/CVE-2017-11543
  
https://github.com/the-tcpdump-group/tcpdump/commit/7039327875525278d17edee59720e29a3e76b7b3

The tests/* changes dropped to workaround patch error:
  File tests/*.pcap: git binary diffs are not supported.

Signed-off-by: Wenzong Fan 
---
 ...541-In-safeputs-check-the-length-before-c.patch | 49 +
 ...1-CVE-2017-11542-PIMv1-Add-a-bounds-check.patch | 43 +++
 ...543-Make-sure-the-SLIP-direction-octet-is.patch | 85 ++
 .../recipes-support/tcpdump/tcpdump_4.9.1.bb   |  3 +
 4 files changed, 180 insertions(+)
 create mode 100644 
meta-networking/recipes-support/tcpdump/tcpdump/0001-CVE-2017-11541-In-safeputs-check-the-length-before-c.patch
 create mode 100644 
meta-networking/recipes-support/tcpdump/tcpdump/0001-CVE-2017-11542-PIMv1-Add-a-bounds-check.patch
 create mode 100644 
meta-networking/recipes-support/tcpdump/tcpdump/0001-CVE-2017-11543-Make-sure-the-SLIP-direction-octet-is.patch

diff --git 
a/meta-networking/recipes-support/tcpdump/tcpdump/0001-CVE-2017-11541-In-safeputs-check-the-length-before-c.patch
 
b/meta-networking/recipes-support/tcpdump/tcpdump/0001-CVE-2017-11541-In-safeputs-check-the-length-before-c.patch
new file mode 100644
index 0..a83214b02
--- /dev/null
+++ 
b/meta-networking/recipes-support/tcpdump/tcpdump/0001-CVE-2017-11541-In-safeputs-check-the-length-before-c.patch
@@ -0,0 +1,49 @@
+From 21d702a136c5c16882e368af7c173df728242280 Mon Sep 17 00:00:00 2001
+From: Guy Harris 
+Date: Tue, 7 Feb 2017 11:40:36 -0800
+Subject: [PATCH] CVE-2017-11541: In safeputs(), check the length before
+ checking for a NUL terminator.
+
+safeputs() doesn't do packet bounds checking of its own; it assumes that
+the caller has checked the availability in the packet data of all maxlen
+bytes of data.  This means we should check that we're within the
+specified limit before looking at the byte.
+
+This fixes a buffer over-read discovered by Kamil Frankowicz.
+
+Add a test using the capture file supplied by the reporter(s).
+
+CVE: CVE-2017-11541
+
+Upstream-Status: Backport
+https://github.com/the-tcpdump-group/tcpdump/commit/21d702a136c5c16882e368af7c173df728242280
+
+Drop the tests/* changes to workaroud patch error:
+File tests/hoobr_safeputs.pcap: git binary diffs are not supported.
+
+Signed-off-by: Wenzong Fan 
+---
+ tests/TESTLIST|   1 +
+ tests/hoobr_safeputs.out  |   2 ++
+ tests/hoobr_safeputs.pcap | Bin 0 -> 88 bytes
+ util-print.c  |   2 +-
+ 4 files changed, 4 insertions(+), 1 deletion(-)
+ create mode 100644 tests/hoobr_safeputs.out
+ create mode 100644 tests/hoobr_safeputs.pcap
+
+diff --git a/util-print.c b/util-print.c
+index 394e7d59..ec3e8de8 100644
+--- a/util-print.c
 b/util-print.c
+@@ -904,7 +904,7 @@ safeputs(netdissect_options *ndo,
+ {
+   u_int idx = 0;
+ 
+-  while (*s && idx < maxlen) {
++  while (idx < maxlen && *s) {
+   safeputchar(ndo, *s);
+   idx++;
+   s++;
+-- 
+2.13.0
+
diff --git 
a/meta-networking/recipes-support/tcpdump/tcpdump/0001-CVE-2017-11542-PIMv1-Add-a-bounds-check.patch
 
b/meta-networking/recipes-support/tcpdump/tcpdump/0001-CVE-2017-11542-PIMv1-Add-a-bounds-check.patch
new file mode 100644
index 0..a177e7c0b
--- /dev/null
+++ 
b/meta-networking/recipes-support/tcpdump/tcpdump/0001-CVE-2017-11542-PIMv1-Add-a-bounds-check.patch
@@ -0,0 +1,43 @@
+From bed48062a64fca524156d7684af19f5b4a116fae Mon Sep 17 00:00:00 2001
+From: Guy Harris 
+Date: Tue, 7 Feb 2017 11:10:04 -0800
+Subject: [PATCH] CVE-2017-11542/PIMv1: Add a bounds check.
+
+This fixes a buffer over-read discovered by Kamil Frankowicz.
+
+Add a test using the capture file supplied by the reporter(s).
+
+CVE: CVE-2017-11542
+
+Upstream-Status: Backport
+https://github.com/the-tcpdump-group/tcpdump/commit/bed48062a64fca524156d7684af19f5b4a116fae
+
+Drop the tests/* changes to workaroud patch error:
+File tests/hoobr_pimv1.pcap: git binary diffs are not supported.
+
+Signed-off-by: Wenzong Fan 
+---
+ print-pim.c|   1 +
+ tests/TESTLIST |   1 +
+ tests/hoobr_pimv1.out  |  25 +
+ tests/hoobr_pimv1.pcap | Bin 0 -> 3321 bytes
+ 4 files changed, 27 insertions(+)
+ create mode 100644 tests/hoobr_pimv1.out
+ create mode 100644 tests/hoobr_pimv1.pcap
+
+diff --git a/print-pim.c b/print-pim.c
+index 25525953..ed880ae7 100644
+--- a/print-pim.c

[oe] [PATCH] python-networkx: add python-2to3 to RDEPENDS

2017-09-04 Thread wenzong.fan 
From: Wenzong Fan 

Fix runtime error:
  File "/usr/lib/python2.7/site-packages/networkx/readwrite/gml.py", \
line 44, in 
from lib2to3.pgen2.parse import ParseError
  ImportError: No module named lib2to3.pgen2.parse

Signed-off-by: Wenzong Fan 
---
 meta-python/recipes-devtools/python/python-networkx_1.11.bb | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/meta-python/recipes-devtools/python/python-networkx_1.11.bb 
b/meta-python/recipes-devtools/python/python-networkx_1.11.bb
index 28a7baae0..bda8ae32e 100644
--- a/meta-python/recipes-devtools/python/python-networkx_1.11.bb
+++ b/meta-python/recipes-devtools/python/python-networkx_1.11.bb
@@ -6,3 +6,5 @@ SRC_URI[md5sum] = "6ef584a879e9163013e9a762e1cf7cd1"
 SRC_URI[sha256sum] = 
"0d0e70e10dfb47601cbb3425a00e03e2a2e97477be6f80638fef91d54dd1e4b8"
 
 inherit pypi setuptools
+
+RDEPENDS_${PN} += "python-2to3"
-- 
2.13.0

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [meta-oe][PATCH] fontforge: update to 20170731 to fix CVEs

2017-08-16 Thread wenzong.fan 
From: Wenzong Fan 

Fixed CVEs & Issues:
  CVE-2017-11577: #3088
  CVE-2017-11576: #3091
  CVE-2017-11575: #3096
  CVE-2017-11574: #3090
  CVE-2017-11572: #3092
  CVE-2017-11571: #3087
  CVE-2017-11569: #3093
  CVE-2017-11568: #3089

Signed-off-by: Wenzong Fan 
---
 .../fontforge/{fontforge_20161012.bb => fontforge_20170731.bb}| 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
 rename meta-oe/recipes-graphics/fontforge/{fontforge_20161012.bb => 
fontforge_20170731.bb} (96%)

diff --git a/meta-oe/recipes-graphics/fontforge/fontforge_20161012.bb 
b/meta-oe/recipes-graphics/fontforge/fontforge_20170731.bb
similarity index 96%
rename from meta-oe/recipes-graphics/fontforge/fontforge_20161012.bb
rename to meta-oe/recipes-graphics/fontforge/fontforge_20170731.bb
index 1c3376d42..d9f086749 100644
--- a/meta-oe/recipes-graphics/fontforge/fontforge_20161012.bb
+++ b/meta-oe/recipes-graphics/fontforge/fontforge_20170731.bb
@@ -14,8 +14,8 @@ inherit autotools pkgconfig pythonnative 
distro_features_check gettext
 REQUIRED_DISTRO_FEATURES_append_class-target = " x11"
 
 SRC_URI = "git://github.com/${BPN}/${BPN}.git"
-# tag 20161012
-SRCREV = "072edb0235cd163d6c3391da9cc3754c3c66f47a"
+# tag 20170731
+SRCREV = "b9149c13e8f9464fc21473f1f676b36a2130775d"
 S = "${WORKDIR}/git"
 
 EXTRA_OECONF_append_class-native = " with_x=no"
-- 
2.13.0

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [meta-networking][PATCH] tcpdump: update to 4.9.1 to fix CVE-2017-11108

2017-08-15 Thread wenzong.fan 
From: Wenzong Fan 

Summary for 4.9.1 tcpdump release
  CVE-2017-11108/Fix bounds checking for STP.
  Make assorted documentation updates and fix a few typos in tcpdump output.
  Fixup -C for file size >2GB (GH #488).
  Show AddressSanitizer presence in version output.
  Fix a bug in test scripts (exposed in GH #613).
  On FreeBSD adjust Capsicum capabilities for netmap.
  On Linux fix a use-after-free when the requested interface does not exist.

Signed-off-by: Wenzong Fan 
---
 .../recipes-support/tcpdump/{tcpdump_4.9.0.bb => tcpdump_4.9.1.bb}| 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
 rename meta-networking/recipes-support/tcpdump/{tcpdump_4.9.0.bb => 
tcpdump_4.9.1.bb} (90%)

diff --git a/meta-networking/recipes-support/tcpdump/tcpdump_4.9.0.bb 
b/meta-networking/recipes-support/tcpdump/tcpdump_4.9.1.bb
similarity index 90%
rename from meta-networking/recipes-support/tcpdump/tcpdump_4.9.0.bb
rename to meta-networking/recipes-support/tcpdump/tcpdump_4.9.1.bb
index 43e388ccc..261c78427 100644
--- a/meta-networking/recipes-support/tcpdump/tcpdump_4.9.0.bb
+++ b/meta-networking/recipes-support/tcpdump/tcpdump_4.9.1.bb
@@ -13,8 +13,8 @@ SRC_URI = " \
 file://run-ptest \
 "
 
-SRC_URI[md5sum] = "2b83364eef53b63ca3181b4eb56dab0c"
-SRC_URI[sha256sum] = 
"eae98121cbb1c9adbedd9a777bf2eae9fa1c1c676424a54740311c8abcee5a5e"
+SRC_URI[md5sum] = "1e0293210b0dea5ef18e88e4150394b7"
+SRC_URI[sha256sum] = 
"f9448cf4deb2049acf713655c736342662e652ef40dbe0a8f6f8d5b9ce5bd8f3"
 
 export LIBS=" -lpcap"
 
-- 
2.13.0

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [meta-python][PATCH v2] python-networkx: add package

2017-02-16 Thread wenzong.fan 
From: Wenzong Fan 

Python package for creating and manipulating graphs and networks.

Signed-off-by: Wenzong Fan 
---
 meta-python/recipes-devtools/python/python-networkx_1.11.bb | 8 
 1 file changed, 8 insertions(+)
 create mode 100644 meta-python/recipes-devtools/python/python-networkx_1.11.bb

diff --git a/meta-python/recipes-devtools/python/python-networkx_1.11.bb 
b/meta-python/recipes-devtools/python/python-networkx_1.11.bb
new file mode 100644
index 000..28a7baa
--- /dev/null
+++ b/meta-python/recipes-devtools/python/python-networkx_1.11.bb
@@ -0,0 +1,8 @@
+DESCRIPTION = "Python package for creating and manipulating graphs and 
networks"
+LICENSE = "BSD-3-Clause"
+LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=925586ea588eb990de840dc71ea3752f"
+
+SRC_URI[md5sum] = "6ef584a879e9163013e9a762e1cf7cd1"
+SRC_URI[sha256sum] = 
"0d0e70e10dfb47601cbb3425a00e03e2a2e97477be6f80638fef91d54dd1e4b8"
+
+inherit pypi setuptools
-- 
2.7.4

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH][meta-python] python-networkx: add package

2017-02-15 Thread wenzong.fan 
From: Wenzong Fan 

Python package for creating and manipulating graphs and networks.

Signed-off-by: Wenzong Fan 
---
 meta-python/recipes-devtools/python/python-networkx_1.11.bb | 8 
 1 file changed, 8 insertions(+)
 create mode 100644 meta-python/recipes-devtools/python/python-networkx_1.11.bb

diff --git a/meta-python/recipes-devtools/python/python-networkx_1.11.bb 
b/meta-python/recipes-devtools/python/python-networkx_1.11.bb
new file mode 100644
index 000..5bc062f
--- /dev/null
+++ b/meta-python/recipes-devtools/python/python-networkx_1.11.bb
@@ -0,0 +1,8 @@
+DESCRIPTION = "Python package for creating and manipulating graphs and 
networks"
+LICENSE = "BSD"
+LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=925586ea588eb990de840dc71ea3752f"
+
+SRC_URI[md5sum] = "6ef584a879e9163013e9a762e1cf7cd1"
+SRC_URI[sha256sum] = 
"0d0e70e10dfb47601cbb3425a00e03e2a2e97477be6f80638fef91d54dd1e4b8"
+
+inherit pypi setuptools
-- 
2.7.4

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [meta-oe][PATCH] opencv: remove DEFAULT_PREFERENCE = "-1" for 3.1

2016-11-16 Thread wenzong.fan 
From: Wenzong Fan 

The opencv 2.4 has been blacklisted, 3.1 should be the default choice
for both opencv and lib32-opencv.

Signed-off-by: Wenzong Fan 
---
 meta-oe/recipes-support/opencv/opencv_3.1.bb | 2 --
 1 file changed, 2 deletions(-)

diff --git a/meta-oe/recipes-support/opencv/opencv_3.1.bb 
b/meta-oe/recipes-support/opencv/opencv_3.1.bb
index 1bbb965..a212f4f 100644
--- a/meta-oe/recipes-support/opencv/opencv_3.1.bb
+++ b/meta-oe/recipes-support/opencv/opencv_3.1.bb
@@ -8,8 +8,6 @@ LIC_FILES_CHKSUM = 
"file://LICENSE;md5=0ea90d28b4de883d7af5e6711f14f7bf"
 ARM_INSTRUCTION_SET_armv4 = "arm"
 ARM_INSTRUCTION_SET_armv5 = "arm"
 
-DEFAULT_PREFERENCE = "-1"
-
 DEPENDS = "python-numpy libtool swig swig-native python bzip2 zlib glib-2.0 
libwebp protobuf protobuf-native"
 
 SRCREV_opencv = "92387b1ef8fad15196dd5f7fb4931444a68bc93a"
-- 
2.8.1

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [meta-oe][PATCH] rsnapshot: fix host path in rsnapshot.conf.default

2016-11-16 Thread wenzong.fan 
From: Wenzong Fan 

Fix host path for commands: mount, umount:

  .../tmp/sysroots/x86_64-linux/bin/mount  -> /bin/mount
  .../tmp/sysroots/x86_64-linux/bin/umount -> /bin/umount

Signed-off-by: Wenzong Fan 
---
 meta-oe/recipes-support/rsnapshot/rsnapshot_git.bb | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/meta-oe/recipes-support/rsnapshot/rsnapshot_git.bb 
b/meta-oe/recipes-support/rsnapshot/rsnapshot_git.bb
index 1ebbb40..aefe362 100644
--- a/meta-oe/recipes-support/rsnapshot/rsnapshot_git.bb
+++ b/meta-oe/recipes-support/rsnapshot/rsnapshot_git.bb
@@ -40,6 +40,8 @@ EXTRA_OECONF += "--without-cp \
  --without-logger \
  --without-rsync \
  ac_cv_path_PERL=${bindir}/perl \
+ ac_cv_path_MOUNT=${base_bindir}/mount \
+ ac_cv_path_UMOUNT=${base_bindir}/umount \
 "
 
 # Create 't/include.ac' before starting the autoreconf to fix configure
-- 
2.8.1

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [meta-oe][PATCH] opencv: checking existence of /usr/lib

2016-11-15 Thread wenzong.fan 
From: Wenzong Fan 

Remove install errors:

  mv: cannot stat '.../tmp/work/mips64-wrs-linux/opencv/3.1+gitAUTOINC
  +92387b1ef8-r0/image/usr/lib/*': No such file or directory

Signed-off-by: Wenzong Fan 
---
 meta-oe/recipes-support/opencv/opencv_3.1.bb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta-oe/recipes-support/opencv/opencv_3.1.bb 
b/meta-oe/recipes-support/opencv/opencv_3.1.bb
index 72bf5b4..1bbb965 100644
--- a/meta-oe/recipes-support/opencv/opencv_3.1.bb
+++ b/meta-oe/recipes-support/opencv/opencv_3.1.bb
@@ -138,7 +138,7 @@ do_install_append() {
 sed -i '/blobtrack/d' ${D}${includedir}/opencv/cvaux.h
 
 # Move Python files into correct library folder (for multilib build)
-if [ "$libdir" != "/usr/lib" ]; then
+if [ "$libdir" != "/usr/lib" -a -d ${D}/usr/lib ]; then
 mv ${D}/usr/lib/* ${D}/${libdir}/
 rm -rf ${D}/usr/lib
 fi
-- 
2.9.3

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [meta-oe][PATCH] libeigen: set tarball name as ${BP}.tar.bz2

2016-11-14 Thread wenzong.fan 
From: Wenzong Fan 

Rename tarball name: 3.2.8.tar.bz2 -> libeigen-3.2.8.tar.bz2

Signed-off-by: Wenzong Fan 
---
 meta-oe/recipes-support/libeigen/libeigen_3.2.8.bb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta-oe/recipes-support/libeigen/libeigen_3.2.8.bb 
b/meta-oe/recipes-support/libeigen/libeigen_3.2.8.bb
index 9e14ee1..dcca2e9 100644
--- a/meta-oe/recipes-support/libeigen/libeigen_3.2.8.bb
+++ b/meta-oe/recipes-support/libeigen/libeigen_3.2.8.bb
@@ -4,7 +4,7 @@ HOMEPAGE = "http://eigen.tuxfamily.org/;
 LICENSE = "MPL-2.0"
 LIC_FILES_CHKSUM = "file://COPYING.MPL2;md5=815ca599c9df247a0c7f619bab123dad"
 
-SRC_URI = "http://bitbucket.org/eigen/eigen/get/${PV}.tar.bz2 \
+SRC_URI = 
"http://bitbucket.org/eigen/eigen/get/${PV}.tar.bz2;downloadfilename=${BP}.tar.bz2
 \
file://0001-CMakeLists.txt-install-FindEigen3.cmake-script.patch"
 SRC_URI[md5sum] = "9e3bfaaab3db18253cfd87ea697b3ab1"
 SRC_URI[sha256sum] = 
"722a63d672b70f39c271c5e2a4a43ba14d12015674331790414fcb167c357e55"
-- 
2.9.3

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [meta-oe][PATCH] opencv: fix QA issue

2016-11-14 Thread wenzong.fan 
From: Wenzong Fan 

Replace '/lib' with '${baselib}' to fix QA issue:

  ERROR: do_package_qa: QA Issue: non -staticdev package contains \
  static .a library: opencv-apps path \
  '.../opencv-apps/usr/share/OpenCV/3rdparty/lib64/libippicv.a' \
  [staticdev]

Signed-off-by: Wenzong Fan 
---
 meta-oe/recipes-support/opencv/opencv_3.1.bb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta-oe/recipes-support/opencv/opencv_3.1.bb 
b/meta-oe/recipes-support/opencv/opencv_3.1.bb
index 2136b07..72bf5b4 100644
--- a/meta-oe/recipes-support/opencv/opencv_3.1.bb
+++ b/meta-oe/recipes-support/opencv/opencv_3.1.bb
@@ -116,7 +116,7 @@ PACKAGES_DYNAMIC += "^libopencv-.*"
 
 FILES_${PN} = ""
 FILES_${PN}-apps = "${bindir}/* ${datadir}/OpenCV"
-FILES_${PN}-dev = "${includedir} ${libdir}/pkgconfig ${datadir}/OpenCV/*.cmake 
${datadir}/OpenCV/3rdparty/lib/*.a"
+FILES_${PN}-dev = "${includedir} ${libdir}/pkgconfig ${datadir}/OpenCV/*.cmake 
${datadir}/OpenCV/3rdparty/${baselib}/*.a"
 FILES_${PN}-doc = "${datadir}/OpenCV/doc"
 FILES_${PN}-java = "${datadir}/OpenCV/java"
 FILES_${PN}-java-dbg = "${datadir}/OpenCV/java/.debug/"
-- 
2.9.3

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [meta-oe][PATCH] openldap: use recommended backend mdb

2016-10-24 Thread wenzong.fan 
From: Kai Kang 

The mdb backend to slapd(8) is the recommended primary backend for a
normal slapd database. Add PACKAGECONFIG 'mdb' to enable it and build
mdb as SLAPD_STATIC_BACKENDS.

This fixes the errors while starting slapd:

  $systemctl start slapd
  Job for slapd.service failed because the control process exited \
  with error code. See "systemctl status slapd.service" and \
  "journalctl -xe" for details.

  $ systemctl status slapd
  ...
  /etc/openldap/slapd.conf: line 53:  failed init (bdb)
  Unrecognized database type (bdb)
  slapd.service: Control process exited, code=exited status=1
  ...

Signed-off-by: Kai Kang 
Signed-off-by: Wenzong Fan 
---
 meta-oe/recipes-support/openldap/openldap_2.4.44.bb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/meta-oe/recipes-support/openldap/openldap_2.4.44.bb 
b/meta-oe/recipes-support/openldap/openldap_2.4.44.bb
index 41f753e..4e95a77 100644
--- a/meta-oe/recipes-support/openldap/openldap_2.4.44.bb
+++ b/meta-oe/recipes-support/openldap/openldap_2.4.44.bb
@@ -53,7 +53,7 @@ EXTRA_OECONF += "--with-yielding-select=yes"
 EXTRA_OECONF += "--enable-dynamic"
 
 PACKAGECONFIG ??= "gnutls modules \
-   ldap meta monitor null passwd shell proxycache dnssrv \
+   mdb ldap meta monitor null passwd shell proxycache dnssrv \
${@bb.utils.contains('DISTRO_FEATURES', 'ipv6', 'ipv6', '', 
d)} \
 "
 #--with-tls  with TLS/SSL support auto|openssl|gnutls [auto]
@@ -97,7 +97,7 @@ PACKAGECONFIG[hdb] = "--enable-hdb=yes,--enable-hdb=no,db"
 PACKAGECONFIG[ldap] = "--enable-ldap=mod,--enable-ldap=no,"
 
 #--enable-mdb  enable mdb database backend no|yes|mod [yes]
-PACKAGECONFIG[mdb] = "--enable-mdb=mod,--enable-mdb=no,"
+PACKAGECONFIG[mdb] = "--enable-mdb=yes,--enable-mdb=no,"
 
 #--enable-meta enable metadirectory backend no|yes|mod no
 PACKAGECONFIG[meta] = "--enable-meta=mod,--enable-meta=no,"
-- 
2.8.1

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [meta-oe][PATCH] rsnapshot: update to 1.4.2

2016-10-20 Thread wenzong.fan 
From: Wenzong Fan 

* update rsnapshot from 1.3.1 to 1.4.2
* fix configure error:
  configure.ac:302: file 't/include.ac' does not exist

Signed-off-by: Wenzong Fan 
---
 meta-oe/recipes-support/rsnapshot/rsnapshot_git.bb | 12 ++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/meta-oe/recipes-support/rsnapshot/rsnapshot_git.bb 
b/meta-oe/recipes-support/rsnapshot/rsnapshot_git.bb
index d680511..1ebbb40 100644
--- a/meta-oe/recipes-support/rsnapshot/rsnapshot_git.bb
+++ b/meta-oe/recipes-support/rsnapshot/rsnapshot_git.bb
@@ -20,8 +20,8 @@ RDEPENDS_${PN} = "rsync \
   perl-module-overloading \
  "
 
-SRCREV = "1047cbb57937c29233388e2fcd847fecd3babe74"
-PV = "1.3.1+git${SRCPV}"
+SRCREV = "27209563f924a22f510698ea225f53ea52f07cb4"
+PV = "1.4.2+git${SRCPV}"
 
 SRC_URI = "git://github.com/DrHyde/${BPN};branch=master;protocol=git \
file://configure-fix-cmd_rsync.patch \
@@ -41,3 +41,11 @@ EXTRA_OECONF += "--without-cp \
  --without-rsync \
  ac_cv_path_PERL=${bindir}/perl \
 "
+
+# Create 't/include.ac' before starting the autoreconf to fix configure
+# error: configure.ac:302: file 't/include.ac' does not exist
+do_configure_prepend(){
+   saved_dir=`pwd`
+   cd ${S}; ./autogen.sh
+   cd ${saved_dir}
+}
-- 
2.8.1

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [meta-oe][PATCH] libsmi: rdepends on wget and set WGET as target path

2016-09-29 Thread wenzong.fan 
From: Wenzong Fan 

* /usr/bin/smicache requires wget:
  + WGET=/usr/bin/wget

* Set the WGET as target path to avoid host contamination.

Signed-off-by: Wenzong Fan 
---
 meta-oe/recipes-support/libsmi/libsmi_0.5.0.bb | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/meta-oe/recipes-support/libsmi/libsmi_0.5.0.bb 
b/meta-oe/recipes-support/libsmi/libsmi_0.5.0.bb
index b049067..b537ce6 100644
--- a/meta-oe/recipes-support/libsmi/libsmi_0.5.0.bb
+++ b/meta-oe/recipes-support/libsmi/libsmi_0.5.0.bb
@@ -12,9 +12,11 @@ SRC_URI = 
"https://www.ibr.cs.tu-bs.de/projects/${BPN}/download/${BP}.tar.gz \
 SRC_URI[md5sum] = "4bf47483c06c9f07d1b10fbc74eddf11"
 SRC_URI[sha256sum] = 
"f21accdadb1bb328ea3f8a13fc34d715baac6e2db66065898346322c725754d3"
 
+RDEPENDS_${PN} += "wget"
+
 inherit autotools
 
-EXTRA_OECONF = "ac_cv_path_SH=${base_bindir}/sh"
+EXTRA_OECONF = "ac_cv_path_SH=${base_bindir}/sh ac_cv_path_WGET=${bindir}/wget"
 
 do_install_append () {
 install -d ${D}${sysconfdir}
-- 
2.8.1

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [meta-oe][PATCH] mariadb: replace the CC with CC_VERSION and CXX with CXX_VERSION

2016-09-28 Thread wenzong.fan 
From: Yue Tao 

mysqlbug.sh is a bug report script. It makes a report with the build 
information,
including gcc version. The CC is the local path of gcc, which is useless for bug
report, and the path may expose private information, so change it to CC_VERSION.

Signed-off-by: Yue Tao 
Signed-off-by: Wenzong Fan 
---
 meta-oe/recipes-support/mysql/mariadb.inc  |  1 +
 .../mysql/mariadb/change-cc-to-cc-version.patch| 26 ++
 2 files changed, 27 insertions(+)
 create mode 100644 
meta-oe/recipes-support/mysql/mariadb/change-cc-to-cc-version.patch

diff --git a/meta-oe/recipes-support/mysql/mariadb.inc 
b/meta-oe/recipes-support/mysql/mariadb.inc
index 73905b6..9d91aec 100644
--- a/meta-oe/recipes-support/mysql/mariadb.inc
+++ b/meta-oe/recipes-support/mysql/mariadb.inc
@@ -15,6 +15,7 @@ SRC_URI = 
"http://archive.mariadb.org/mariadb-${PV}/source/mariadb-${PV}.tar.gz
file://mysql-systemd-start \
file://configure.cmake-fix-valgrind.patch \
file://fix-a-building-failure.patch \
+   file://change-cc-to-cc-version.patch \
   "
 
 SRC_URI[md5sum] = "5cfb169934170a429589e05f0f5aba9c"
diff --git 
a/meta-oe/recipes-support/mysql/mariadb/change-cc-to-cc-version.patch 
b/meta-oe/recipes-support/mysql/mariadb/change-cc-to-cc-version.patch
new file mode 100644
index 000..02bda24
--- /dev/null
+++ b/meta-oe/recipes-support/mysql/mariadb/change-cc-to-cc-version.patch
@@ -0,0 +1,26 @@
+mariadb: replace the CC with CC_VERSION and CXX with CXX_VERSION
+
+mysqlbug.sh is a bug report script. It makes a report with the build 
information,
+including gcc version. The CC is the local path of gcc, which is useless for 
bug
+report, and the path may expose private information, so change it to 
CC_VERSION.
+
+Upstream-Status: Pending
+
+Signed-off-by: Yue Tao 
+Signed-off-by: Wenzong Fan 
+
+diff --git a/scripts/mysqlbug.sh.old b/scripts/mysqlbug.sh
+index e9df210..d4b8d53 100644
+--- a/scripts/mysqlbug.sh.old
 b/scripts/mysqlbug.sh
+@@ -24,8 +24,8 @@ VERSION="@VERSION@@MYSQL_SERVER_SUFFIX@"
+ COMPILATION_COMMENT="@COMPILATION_COMMENT@"
+ BUGmysql="maria-develop...@lists.launchpad.net"
+ # This is set by configure
+-COMP_CALL_INFO="CC='@SAVE_CC@'  CFLAGS='@SAVE_CFLAGS@'  CXX='@SAVE_CXX@'  
CXXFLAGS='@SAVE_CXXFLAGS@'  LDFLAGS='@SAVE_LDFLAGS@'  ASFLAGS='@SAVE_ASFLAGS@'"
+-COMP_RUN_INFO="CC='@CC@'  CFLAGS='@CFLAGS@'  CXX='@CXX@'  
CXXFLAGS='@CXXFLAGS@'  LDFLAGS='@LDFLAGS@'  ASFLAGS='@ASFLAGS@'"
++COMP_CALL_INFO="CC='@CC_VERSION@'  CFLAGS='@SAVE_CFLAGS@'  
CXX='@CXX_VERSION@'  CXXFLAGS='@SAVE_CXXFLAGS@'  LDFLAGS='@SAVE_LDFLAGS@'  
ASFLAGS='@SAVE_ASFLAGS@'"
++COMP_RUN_INFO="CC='@CC_VERSION@'  CFLAGS='@CFLAGS@'  CXX='@CXX_VERSION@'  
CXXFLAGS='@CXXFLAGS@'  LDFLAGS='@LDFLAGS@'  ASFLAGS='@ASFLAGS@'"
+ CONFIGURE_LINE="@CONF_COMMAND@"
+ 
+ LIBC_INFO=""
-- 
2.8.1

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [meta-webserver][PATCH] webmin: Set PERLLIB to runtime path

2016-09-28 Thread wenzong.fan 
From: Yue Tao 

This fixes:

  # on target
  $ grep PERLLIB /etc/webmin/start
  PERLLIB=/path/to/builddir/.../webmin/1.801-r0/image/usr/libexec/webmin

Signed-off-by: Yue Tao 
Signed-off-by: Wenzong Fan 
---
 meta-webserver/recipes-webadmin/webmin/files/setup.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta-webserver/recipes-webadmin/webmin/files/setup.sh 
b/meta-webserver/recipes-webadmin/webmin/files/setup.sh
index 8d24f92..64e6c9d 100755
--- a/meta-webserver/recipes-webadmin/webmin/files/setup.sh
+++ b/meta-webserver/recipes-webadmin/webmin/files/setup.sh
@@ -18,7 +18,7 @@ ver=`cat "$wadir/version"`
 cd "$wadir"
 
 # Work out perl library path
-PERLLIB=$wadir
+PERLLIB=$wadir_runtime
 
 # Validate source directory
 allmods=`cd "$wadir"; echo */module.info | sed -e 's/\/module.info//g'`
-- 
2.8.1

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [meta-oe][PATCH] rsyslog: upgrade to 7.6.7

2016-09-19 Thread wenzong.fan 
From: Wenzong Fan 

* fix CVEs CVE-2014-3634, CVE-2014-3683

* rebase the patch use-pkgconfig-to-check-libgcrypt.patch

* backport fixes for build error:
  lexer.l:34:14: error: expected identifier or '(' before '__extension__'

* replace the old configure option '--enable-cached-man-pages' with
  '--disable-generate-man-pages'

Signed-off-by: Wenzong Fan 
---
 ...include-config.h-before-any-other-headers.patch | 51 ++
 .../rsyslog/use-pkgconfig-to-check-libgcrypt.patch | 25 +--
 .../rsyslog/{rsyslog_7.6.1.bb => rsyslog_7.6.7.bb} |  7 +--
 3 files changed, 66 insertions(+), 17 deletions(-)
 create mode 100644 
meta-oe/recipes-extended/rsyslog/rsyslog/bugfix-include-config.h-before-any-other-headers.patch
 rename meta-oe/recipes-extended/rsyslog/{rsyslog_7.6.1.bb => rsyslog_7.6.7.bb} 
(96%)

diff --git 
a/meta-oe/recipes-extended/rsyslog/rsyslog/bugfix-include-config.h-before-any-other-headers.patch
 
b/meta-oe/recipes-extended/rsyslog/rsyslog/bugfix-include-config.h-before-any-other-headers.patch
new file mode 100644
index 000..1048b42
--- /dev/null
+++ 
b/meta-oe/recipes-extended/rsyslog/rsyslog/bugfix-include-config.h-before-any-other-headers.patch
@@ -0,0 +1,51 @@
+Backport below commit for fixing:
+
+lexer.l:34:14: error: expected identifier or '(' before '__extension__'
+
+From 876bdd1c85353f7e254f4b4c3e228484860cea57 Mon Sep 17 00:00:00 2001
+From: Tomas Heinrich 
+Date: Mon, 17 Nov 2014 20:53:22 +0100
+Subject: [PATCH] bugfix: include config.h before any other headers
+
+For some reason, flex used to prepend several standard headers before
+config.h. This prevented some conditional extension in these headers
+from being defined.
+
+The explicit prototype for strdup() shouldn't be required anymore as
+it should be provided by string.h.
+
+Upstream-Status: Backport
+---
+ grammar/lexer.l | 7 +--
+ 1 file changed, 5 insertions(+), 2 deletions(-)
+
+diff --git a/grammar/lexer.l b/grammar/lexer.l
+index 359cf9f..c834ef7 100644
+--- a/grammar/lexer.l
 b/grammar/lexer.l
+@@ -28,10 +28,12 @@
+   * limitations under the License.
+   */
+ 
+-%{
++%top{
+ #include "config.h"
++}
++
++%{
+ #include "parserif.h"
+-extern char *strdup(__const char*); /* somehow we may not get this from 
string.h... */
+ %}
+ 
+ %option noyywrap nodefault case-insensitive yylineno
+@@ -67,6 +69,7 @@ extern char *strdup(__const char*); /* somehow we may not 
get this from string.h
+ #include 
+ #include 
+ #include 
++#include 
+ #include 
+ #include 
+ #include "rainerscript.h"
+-- 
+2.7.4
+
diff --git 
a/meta-oe/recipes-extended/rsyslog/rsyslog/use-pkgconfig-to-check-libgcrypt.patch
 
b/meta-oe/recipes-extended/rsyslog/rsyslog/use-pkgconfig-to-check-libgcrypt.patch
index ebc1070..46eddd6 100644
--- 
a/meta-oe/recipes-extended/rsyslog/rsyslog/use-pkgconfig-to-check-libgcrypt.patch
+++ 
b/meta-oe/recipes-extended/rsyslog/rsyslog/use-pkgconfig-to-check-libgcrypt.patch
@@ -9,34 +9,31 @@ libgcrypt does no longer provide libgcrypt-config, and provide
 *.pc, so we should use pkgconfig to check
 
 Signed-off-by: Roy Li 
+Signed-off-by: Wenzong Fan 
 ---
- configure.ac |   19 +--
- 1 file changed, 1 insertion(+), 18 deletions(-)
+ configure.ac | 15 +--
+ 1 file changed, 1 insertion(+), 14 deletions(-)
 
 diff --git a/configure.ac b/configure.ac
-index 017116e..1b880f8 100644
+index 0f31869..d35db42 100644
 --- a/configure.ac
 +++ b/configure.ac
-@@ -784,24 +784,7 @@ AC_ARG_ENABLE(libgcrypt,
+@@ -777,20 +777,7 @@ AC_ARG_ENABLE(libgcrypt,
  [enable_libgcrypt=yes]
  )
  if test "x$enable_libgcrypt" = "xyes"; then
--AC_CHECK_PROG(
--  [HAVE_LIBGCRYPT_CONFIG],
--[libgcrypt-config],
--[yes],,,
--)
--if test "x${HAVE_LIBGCRYPT_CONFIG}" != "xyes"; then
+-  AC_PATH_PROG([LIBGCRYPT_CONFIG],[libgcrypt-config],[no])
+-if test "x${LIBGCRYPT_CONFIG}" = "xno"; then
 -   AC_MSG_FAILURE([libgcrypt-config not found in PATH])
 -fi
 -AC_CHECK_LIB(
 -  [gcrypt],
 -  [gcry_cipher_open],
--  [LIBGCRYPT_CFLAGS="`libgcrypt-config --cflags`"
--  LIBGCRYPT_LIBS="`libgcrypt-config --libs`"
+-  [LIBGCRYPT_CFLAGS="`${LIBGCRYPT_CONFIG} --cflags`"
+-  LIBGCRYPT_LIBS="`${LIBGCRYPT_CONFIG} --libs`"
 -  ],
 -  [AC_MSG_FAILURE([libgcrypt is missing])],
--  [`libgcrypt-config --libs --cflags`]
+-  [`${LIBGCRYPT_CONFIG} --libs --cflags`]
 -  )
 -  AC_DEFINE([ENABLE_LIBGCRYPT], [1], [Indicator that LIBGCRYPT is 
present])
 +  PKG_CHECK_MODULES(LIBGCRYPT, libgcrypt)
@@ -44,5 +41,5 @@ index 017116e..1b880f8 100644
  AM_CONDITIONAL(ENABLE_LIBGCRYPT, test x$enable_libgcrypt = xyes)
  AC_SUBST(LIBGCRYPT_CFLAGS)
 -- 
-1.7.9.5
+2.8.1
 
diff

[oe] [meta-oe][PATCH] openldap: fix CVE-2015-3276

2016-09-14 Thread wenzong.fan 
From: Li Wang 

the patch comes from:
https://bugzilla.redhat.com/show_bug.cgi?id=1238322
https://bugzilla.redhat.com/attachment.cgi?id=1055640

The nss_parse_ciphers function in libraries/libldap/tls_m.c in
OpenLDAP does not properly parse OpenSSL-style multi-keyword mode
cipher strings, which might cause a weaker than intended cipher to
be used and allow remote attackers to have unspecified impact via
unknown vectors.

Signed-off-by: Li Wang 
Signed-off-by: Wenzong Fan 
---
 .../openldap/openldap/openldap-CVE-2015-3276.patch | 59 ++
 .../recipes-support/openldap/openldap_2.4.44.bb|  1 +
 2 files changed, 60 insertions(+)
 create mode 100644 
meta-oe/recipes-support/openldap/openldap/openldap-CVE-2015-3276.patch

diff --git 
a/meta-oe/recipes-support/openldap/openldap/openldap-CVE-2015-3276.patch 
b/meta-oe/recipes-support/openldap/openldap/openldap-CVE-2015-3276.patch
new file mode 100644
index 000..de9ca52
--- /dev/null
+++ b/meta-oe/recipes-support/openldap/openldap/openldap-CVE-2015-3276.patch
@@ -0,0 +1,59 @@
+openldap CVE-2015-3276
+
+the patch comes from:
+https://bugzilla.redhat.com/show_bug.cgi?id=1238322
+https://bugzilla.redhat.com/attachment.cgi?id=1055640
+
+The nss_parse_ciphers function in libraries/libldap/tls_m.c in
+OpenLDAP does not properly parse OpenSSL-style multi-keyword mode
+cipher strings, which might cause a weaker than intended cipher to
+be used and allow remote attackers to have unspecified impact via
+unknown vectors.
+
+Signed-off-by: Li Wang 
+---
+ libraries/libldap/tls_m.c |   27 ---
+ 1 file changed, 16 insertions(+), 11 deletions(-)
+
+diff --git a/libraries/libldap/tls_m.c b/libraries/libldap/tls_m.c
+index 9b101f9..e6f3051 100644
+--- a/libraries/libldap/tls_m.c
 b/libraries/libldap/tls_m.c
+@@ -621,18 +621,23 @@ nss_parse_ciphers(const char *cipherstr, int 
cipher_list[ciphernum])
+*/
+   if (mask || strength || protocol) {
+   for (i=0; i

[oe] [meta-networking][PATCH] mbedtls: upgrade to 1.3.17

2016-09-13 Thread wenzong.fan 
From: Wenzong Fan 

* fix CVE: CVE-2015-8036

Signed-off-by: Wenzong Fan 
---
 .../mbedtls/{mbedtls_1.3.10.bb => mbedtls_1.3.17.bb}  | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
 rename meta-networking/recipes-connectivity/mbedtls/{mbedtls_1.3.10.bb => 
mbedtls_1.3.17.bb} (91%)

diff --git a/meta-networking/recipes-connectivity/mbedtls/mbedtls_1.3.10.bb 
b/meta-networking/recipes-connectivity/mbedtls/mbedtls_1.3.17.bb
similarity index 91%
rename from meta-networking/recipes-connectivity/mbedtls/mbedtls_1.3.10.bb
rename to meta-networking/recipes-connectivity/mbedtls/mbedtls_1.3.17.bb
index d5c7afe..fcfec69 100644
--- a/meta-networking/recipes-connectivity/mbedtls/mbedtls_1.3.10.bb
+++ b/meta-networking/recipes-connectivity/mbedtls/mbedtls_1.3.17.bb
@@ -25,8 +25,8 @@ SECTION = "libdevel"
 
 SRC_URI = "https://tls.mbed.org/download/mbedtls-${PV}-gpl.tgz;
 
-SRC_URI[md5sum] = "19ebbc96feceb430ad958dfe89cb633f"
-SRC_URI[sha256sum] = 
"746fd88e0c6623691fc56c4eed52e40a57b2da0ac80f6dd8995094aa6adb407e"
+SRC_URI[md5sum] = "a6ed92fc377ef60f7c24d42b900e0dad"
+SRC_URI[sha256sum] = 
"f5beb43e850283915e3e0f8d37495eade3bfb5beedfb61e7b8da70d4c68edb82"
 
 DEPENDS = "openssl"
 RDEPENDS_${PN} += "libcrypto"
-- 
2.8.1

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [meta-oe][PATCH] krb5: upgrade to 1.13.6

2016-09-12 Thread wenzong.fan 
From: Wenzong Fan 

* fix CVEs: CVE-2015-8629, CVE-2015-8630, CVE-2015-8631

* update LIC_FILES_CHKSUM, only Copyright changed in NOTICE file:

  -Copyright (C) 1985-2015 by the Massachusetts Institute of Technology.
  +Copyright (C) 1985-2016 by the Massachusetts Institute of Technology.

* remove useless functions: krb5_do_unpack(), do_unpack()

* remove patches that included by new release:
  - 0001-Work-around-uninitialized-warning-in-cc_kcm.c.patch
  - Fix-SPNEGO-context-aliasing-bugs-CVE-2015-2695.patch
  - Fix-IAKERB-context-aliasing-bugs-CVE-2015-2696.patch
  - Fix-build_principal-memory-bug-CVE-2015-2697.patch
  - Fix-IAKERB-context-export-import-CVE-2015-2698.patch
  - krb5-CVE-2016-3119.patch
  - krb5-CVE-2016-3120.patch

Signed-off-by: Wenzong Fan 
---
 ...-around-uninitialized-warning-in-cc_kcm.c.patch |  37 --
 ...AKERB-context-aliasing-bugs-CVE-2015-2696.patch | 739 -
 ...AKERB-context-export-import-CVE-2015-2698.patch | 134 
 ...PNEGO-context-aliasing-bugs-CVE-2015-2695.patch | 572 
 ...-build_principal-memory-bug-CVE-2015-2697.patch |  58 --
 .../krb5/krb5/krb5-CVE-2016-3119.patch |  36 -
 .../krb5/krb5/krb5-CVE-2016-3120.patch |  63 --
 .../krb5/{krb5_1.13.2.bb => krb5_1.13.6.bb}|  25 +-
 8 files changed, 4 insertions(+), 1660 deletions(-)
 delete mode 100644 
meta-oe/recipes-connectivity/krb5/krb5/0001-Work-around-uninitialized-warning-in-cc_kcm.c.patch
 delete mode 100644 
meta-oe/recipes-connectivity/krb5/krb5/Fix-IAKERB-context-aliasing-bugs-CVE-2015-2696.patch
 delete mode 100644 
meta-oe/recipes-connectivity/krb5/krb5/Fix-IAKERB-context-export-import-CVE-2015-2698.patch
 delete mode 100644 
meta-oe/recipes-connectivity/krb5/krb5/Fix-SPNEGO-context-aliasing-bugs-CVE-2015-2695.patch
 delete mode 100644 
meta-oe/recipes-connectivity/krb5/krb5/Fix-build_principal-memory-bug-CVE-2015-2697.patch
 delete mode 100644 
meta-oe/recipes-connectivity/krb5/krb5/krb5-CVE-2016-3119.patch
 delete mode 100644 
meta-oe/recipes-connectivity/krb5/krb5/krb5-CVE-2016-3120.patch
 rename meta-oe/recipes-connectivity/krb5/{krb5_1.13.2.bb => krb5_1.13.6.bb} 
(79%)

diff --git 
a/meta-oe/recipes-connectivity/krb5/krb5/0001-Work-around-uninitialized-warning-in-cc_kcm.c.patch
 
b/meta-oe/recipes-connectivity/krb5/krb5/0001-Work-around-uninitialized-warning-in-cc_kcm.c.patch
deleted file mode 100644
index c6731a9..000
--- 
a/meta-oe/recipes-connectivity/krb5/krb5/0001-Work-around-uninitialized-warning-in-cc_kcm.c.patch
+++ /dev/null
@@ -1,37 +0,0 @@
-From f1b681a44d28946e6d8fc0080f3efe94228d7dfe Mon Sep 17 00:00:00 2001
-From: Tom Yu 
-Date: Wed, 6 Jan 2016 15:24:16 -0500
-Subject: [PATCH] Work around uninitialized warning in cc_kcm.c
-
-Some versions of clang erroneously detect use of an uninitialized
-variable reply_len in kcmio_call() when building on non-Mac platforms.
-Initialize it to work around this warning.
-
-(cherry picked from commit 40b007c0d8e2a12c6f4205ac111dee731c9d970c)
-
-ticket: 8335
-version_fixed: 1.13.4
-tags: -pullup
-status: resolved
-
-Upstream-Status: backport

- src/lib/krb5/ccache/cc_kcm.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/lib/krb5/ccache/cc_kcm.c b/src/lib/krb5/ccache/cc_kcm.c
-index b763ea4..6337b57 100644
 a/src/lib/krb5/ccache/cc_kcm.c
-+++ b/src/lib/krb5/ccache/cc_kcm.c
-@@ -377,7 +377,7 @@ static krb5_error_code
- kcmio_call(krb5_context context, struct kcmio *io, struct kcmreq *req)
- {
- krb5_error_code ret;
--size_t reply_len;
-+size_t reply_len = 0;
- 
- if (k5_buf_status(>reqbuf) != 0)
- return ENOMEM;
--- 
-2.8.2
-
diff --git 
a/meta-oe/recipes-connectivity/krb5/krb5/Fix-IAKERB-context-aliasing-bugs-CVE-2015-2696.patch
 
b/meta-oe/recipes-connectivity/krb5/krb5/Fix-IAKERB-context-aliasing-bugs-CVE-2015-2696.patch
deleted file mode 100644
index b771b41..000
--- 
a/meta-oe/recipes-connectivity/krb5/krb5/Fix-IAKERB-context-aliasing-bugs-CVE-2015-2696.patch
+++ /dev/null
@@ -1,739 +0,0 @@
-From f6e57c402688f4bc386d1a39512657a30f0bafd3 Mon Sep 17 00:00:00 2001
-From: Nicolas Williams 
-Date: Mon, 14 Sep 2015 12:28:36 -0400
-Subject: [PATCH 2/4] Fix IAKERB context aliasing bugs [CVE-2015-2696]
-
-The IAKERB mechanism currently replaces its context handle with the
-krb5 mechanism handle upon establishment, under the assumption that
-most GSS functions are only called after context establishment.  This
-assumption is incorrect, and can lead to aliasing violations for some
-programs.  Maintain the IAKERB context structure after context
-establishment and add new IAKERB entry points to refer to it with that
-type.  Add initiate and established flags to the IAKERB context
-structure for use in gss_inquire_context() prior to context
-establishment.
-
-CVE-2015-2696:
-
-In MIT krb5 1.9 and later, applications which call
-gss_inquire_context() on a

[oe] [PATCH][meta-networking] traceroute: update to 2.1.0

2016-09-08 Thread wenzong.fan 
From: Wenzong Fan 

Signed-off-by: Wenzong Fan 
---
 .../traceroute/{traceroute_2.0.21.bb => traceroute_2.1.0.bb}  | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
 rename meta-networking/recipes-support/traceroute/{traceroute_2.0.21.bb => 
traceroute_2.1.0.bb} (91%)

diff --git a/meta-networking/recipes-support/traceroute/traceroute_2.0.21.bb 
b/meta-networking/recipes-support/traceroute/traceroute_2.1.0.bb
similarity index 91%
rename from meta-networking/recipes-support/traceroute/traceroute_2.0.21.bb
rename to meta-networking/recipes-support/traceroute/traceroute_2.1.0.bb
index 09da1ef..48a0c12 100644
--- a/meta-networking/recipes-support/traceroute/traceroute_2.0.21.bb
+++ b/meta-networking/recipes-support/traceroute/traceroute_2.1.0.bb
@@ -17,8 +17,8 @@ SRC_URI = 
"${SOURCEFORGE_MIRROR}/traceroute/traceroute/${BP}/${BP}.tar.gz \
file://filter-out-the-patches-from-subdirs.patch \
 "
 
-SRC_URI[md5sum] = "79289adabd6f3ebf9160fc0815ab3150"
-SRC_URI[sha256sum] = 
"f7ac93ef30b13a587292b8d6a7e2538a65bc978a3a576eab238c392b884e96e0"
+SRC_URI[md5sum] = "84d329d67abc3fb83fc8cb12aeaddaba"
+SRC_URI[sha256sum] = 
"3669d22a34d3f38ed50caba18cd525ba55c5c00d5465f2d20d7472e5d81603b6"
 
 EXTRA_OEMAKE = "VPATH=${STAGING_LIBDIR}"
 
-- 
2.8.1

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH 1/1 v2] krb5: add systemd support

2016-06-21 Thread wenzong.fan 
From: Wenzong Fan 

Signed-off-by: Wenzong Fan 
---
 .../krb5/krb5/krb5-admin-server.service| 14 +++
 .../krb5/krb5/krb5-kdc.service | 13 ++
 meta-oe/recipes-connectivity/krb5/krb5_1.13.2.bb   | 29 +++---
 3 files changed, 47 insertions(+), 9 deletions(-)
 create mode 100644 
meta-oe/recipes-connectivity/krb5/krb5/krb5-admin-server.service
 create mode 100644 meta-oe/recipes-connectivity/krb5/krb5/krb5-kdc.service

diff --git a/meta-oe/recipes-connectivity/krb5/krb5/krb5-admin-server.service 
b/meta-oe/recipes-connectivity/krb5/krb5/krb5-admin-server.service
new file mode 100644
index 000..1b42716
--- /dev/null
+++ b/meta-oe/recipes-connectivity/krb5/krb5/krb5-admin-server.service
@@ -0,0 +1,14 @@
+[Unit]
+Description=MIT Kerberos KDC administrative daemon
+After=syslog.target network.target
+ConditionPathExists=/etc/krb5.conf
+
+[Service]
+Type=forking
+ExecStartPre=/bin/sh -c "test ! -f /var/log/kadmind.log || test ! -x 
/sbin/restorecon || /sbin/restorecon -F /var/log/kadmind.log"
+ExecStart=/usr/sbin/kadmind
+SuccessExitStatus=1 2 SIGKILL
+TimeoutStopSec=30
+
+[Install]
+WantedBy=multi-user.target
diff --git a/meta-oe/recipes-connectivity/krb5/krb5/krb5-kdc.service 
b/meta-oe/recipes-connectivity/krb5/krb5/krb5-kdc.service
new file mode 100644
index 000..d5e5a95
--- /dev/null
+++ b/meta-oe/recipes-connectivity/krb5/krb5/krb5-kdc.service
@@ -0,0 +1,13 @@
+[Unit]
+Description=MIT Kerberos KDC
+After=syslog.target network.target
+ConditionPathExists=/etc/krb5.conf
+
+[Service]
+Type=forking
+ExecStart=/usr/sbin/krb5kdc
+SuccessExitStatus=1 2 SIGKILL
+TimeoutStopSec=30
+
+[Install]
+WantedBy=multi-user.target
diff --git a/meta-oe/recipes-connectivity/krb5/krb5_1.13.2.bb 
b/meta-oe/recipes-connectivity/krb5/krb5_1.13.2.bb
index 0c566cb..500e194 100644
--- a/meta-oe/recipes-connectivity/krb5/krb5_1.13.2.bb
+++ b/meta-oe/recipes-connectivity/krb5/krb5_1.13.2.bb
@@ -17,7 +17,7 @@ LICENSE = "MIT"
 LIC_FILES_CHKSUM = "file://${S}/../NOTICE;md5=f64248328d2d9928e1f04158b5243e7f"
 DEPENDS = "ncurses util-linux e2fsprogs e2fsprogs-native"
 
-inherit autotools-brokensep binconfig perlnative
+inherit autotools-brokensep binconfig perlnative systemd
 
 SHRT_VER = "${@oe.utils.trim_version("${PV}", 2)}"
 SRC_URI = 
"http://web.mit.edu/kerberos/dist/${BPN}/${SHRT_VER}/${BP}-signed.tar \
@@ -32,6 +32,8 @@ SRC_URI = 
"http://web.mit.edu/kerberos/dist/${BPN}/${SHRT_VER}/${BP}-signed.tar
file://etc/init.d/krb5-admin-server \
file://etc/default/krb5-kdc \
file://etc/default/krb5-admin-server \
+   file://krb5-kdc.service \
+   file://krb5-admin-server.service \
file://krb5-CVE-2016-3119.patch;striplevel=2 \

file://0001-Work-around-uninitialized-warning-in-cc_kcm.c.patch;striplevel=2 \
 "
@@ -40,6 +42,9 @@ SRC_URI[sha256sum] = 
"e528c30b0209c741f6f320cb83122ded92f291802b6a1a1dc1a01dcdb3
 
 S = "${WORKDIR}/${BP}/src"
 
+SYSTEMD_SERVICE_${PN} = "krb5-admin-server.service krb5-kdc.service"
+SYSTEMD_AUTO_ENABLE = "disable"
+
 PACKAGECONFIG ??= "openssl"
 PACKAGECONFIG[libedit] = "--with-libedit,--without-libedit,libedit"
 PACKAGECONFIG[openssl] = "--with-pkinit-crypto-impl=openssl,,openssl"
@@ -79,20 +84,26 @@ do_configure() {
 }
 
 do_install_append() {
-mkdir -p ${D}/${sysconfdir}/init.d ${D}/${sysconfdir}/default
-install -m 0755 ${WORKDIR}/etc/init.d/* ${D}/${sysconfdir}/init.d
-install -m 0644 ${WORKDIR}/etc/default/* ${D}/${sysconfdir}/default
-
 rm -rf ${D}/${localstatedir}/run
-mkdir -p ${D}/${sysconfdir}/default/volatiles
-echo "d root root 0755 ${localstatedir}/run/krb5kdc none" \
-   > ${D}${sysconfdir}/default/volatiles/87_krb5
+
+if ${@bb.utils.contains('DISTRO_FEATURES', 'sysvinit', 'true', 'false', 
d)}; then
+mkdir -p ${D}/${sysconfdir}/init.d ${D}/${sysconfdir}/default
+install -m 0755 ${WORKDIR}/etc/init.d/* ${D}/${sysconfdir}/init.d
+install -m 0644 ${WORKDIR}/etc/default/* ${D}/${sysconfdir}/default
+
+mkdir -p ${D}/${sysconfdir}/default/volatiles
+echo "d root root 0755 ${localstatedir}/run/krb5kdc none" \
+  > ${D}${sysconfdir}/default/volatiles/87_krb5
+fi
 if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', 
d)}; then
 install -d ${D}${sysconfdir}/tmpfiles.d
 echo "d /run/krb5kdc - - - -" \
   > ${D}${sysconfdir}/tmpfiles.d/krb5.conf
-fi
 
+install -d ${D}${systemd_system_unitdir}
+install -m 0644 ${WORKDIR}/krb5-admin-server.service 
${D}${systemd_system_unitdir}
+install -m 0644 ${WORKDIR}/krb5-kdc.service 
${D}${systemd_system_unitdir}
+fi
 }
 
 pkg_postinst_${PN} () {
-- 
2.8.1

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org

[oe] [PATCH 0/1 v2] krb5: add systemd support

2016-06-21 Thread wenzong.fan 
From: Wenzong Fan 

V2 changes:

* replace base_contains with bb.utils.contains
* replace ${systemd_unitdir}/system with ${systemd_system_unitdir}

The changes tested on master branch.

The following changes since commit 9cd117a5dc5f26133a855d1cc3bf9604ae178685:

  chrony: Versatile implementation of NTP (2016-06-16 13:28:16 -0400)

are available in the git repository at:

  git://git.pokylinux.org/poky-contrib wenzong/krb5-systemd
  http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=wenzong/krb5-systemd

Wenzong Fan (1):
  krb5: add systemd support

 .../krb5/krb5/krb5-admin-server.service| 14 +++
 .../krb5/krb5/krb5-kdc.service | 13 ++
 meta-oe/recipes-connectivity/krb5/krb5_1.13.2.bb   | 29 +++---
 3 files changed, 47 insertions(+), 9 deletions(-)
 create mode 100644 
meta-oe/recipes-connectivity/krb5/krb5/krb5-admin-server.service
 create mode 100644 meta-oe/recipes-connectivity/krb5/krb5/krb5-kdc.service

-- 
2.8.1

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH][meta-oe] krb5: add systemd support

2016-06-07 Thread wenzong.fan 
From: Wenzong Fan 

Signed-off-by: Wenzong Fan 
---
 .../krb5/krb5/krb5-admin-server.service| 14 +++
 .../krb5/krb5/krb5-kdc.service | 13 ++
 meta-oe/recipes-connectivity/krb5/krb5_1.13.2.bb   | 29 +++---
 3 files changed, 47 insertions(+), 9 deletions(-)
 create mode 100644 
meta-oe/recipes-connectivity/krb5/krb5/krb5-admin-server.service
 create mode 100644 meta-oe/recipes-connectivity/krb5/krb5/krb5-kdc.service

diff --git a/meta-oe/recipes-connectivity/krb5/krb5/krb5-admin-server.service 
b/meta-oe/recipes-connectivity/krb5/krb5/krb5-admin-server.service
new file mode 100644
index 000..1b42716
--- /dev/null
+++ b/meta-oe/recipes-connectivity/krb5/krb5/krb5-admin-server.service
@@ -0,0 +1,14 @@
+[Unit]
+Description=MIT Kerberos KDC administrative daemon
+After=syslog.target network.target
+ConditionPathExists=/etc/krb5.conf
+
+[Service]
+Type=forking
+ExecStartPre=/bin/sh -c "test ! -f /var/log/kadmind.log || test ! -x 
/sbin/restorecon || /sbin/restorecon -F /var/log/kadmind.log"
+ExecStart=/usr/sbin/kadmind
+SuccessExitStatus=1 2 SIGKILL
+TimeoutStopSec=30
+
+[Install]
+WantedBy=multi-user.target
diff --git a/meta-oe/recipes-connectivity/krb5/krb5/krb5-kdc.service 
b/meta-oe/recipes-connectivity/krb5/krb5/krb5-kdc.service
new file mode 100644
index 000..d5e5a95
--- /dev/null
+++ b/meta-oe/recipes-connectivity/krb5/krb5/krb5-kdc.service
@@ -0,0 +1,13 @@
+[Unit]
+Description=MIT Kerberos KDC
+After=syslog.target network.target
+ConditionPathExists=/etc/krb5.conf
+
+[Service]
+Type=forking
+ExecStart=/usr/sbin/krb5kdc
+SuccessExitStatus=1 2 SIGKILL
+TimeoutStopSec=30
+
+[Install]
+WantedBy=multi-user.target
diff --git a/meta-oe/recipes-connectivity/krb5/krb5_1.13.2.bb 
b/meta-oe/recipes-connectivity/krb5/krb5_1.13.2.bb
index 0c566cb..d60e332 100644
--- a/meta-oe/recipes-connectivity/krb5/krb5_1.13.2.bb
+++ b/meta-oe/recipes-connectivity/krb5/krb5_1.13.2.bb
@@ -17,7 +17,7 @@ LICENSE = "MIT"
 LIC_FILES_CHKSUM = "file://${S}/../NOTICE;md5=f64248328d2d9928e1f04158b5243e7f"
 DEPENDS = "ncurses util-linux e2fsprogs e2fsprogs-native"
 
-inherit autotools-brokensep binconfig perlnative
+inherit autotools-brokensep binconfig perlnative systemd
 
 SHRT_VER = "${@oe.utils.trim_version("${PV}", 2)}"
 SRC_URI = 
"http://web.mit.edu/kerberos/dist/${BPN}/${SHRT_VER}/${BP}-signed.tar \
@@ -32,6 +32,8 @@ SRC_URI = 
"http://web.mit.edu/kerberos/dist/${BPN}/${SHRT_VER}/${BP}-signed.tar
file://etc/init.d/krb5-admin-server \
file://etc/default/krb5-kdc \
file://etc/default/krb5-admin-server \
+   file://krb5-kdc.service \
+   file://krb5-admin-server.service \
file://krb5-CVE-2016-3119.patch;striplevel=2 \

file://0001-Work-around-uninitialized-warning-in-cc_kcm.c.patch;striplevel=2 \
 "
@@ -40,6 +42,9 @@ SRC_URI[sha256sum] = 
"e528c30b0209c741f6f320cb83122ded92f291802b6a1a1dc1a01dcdb3
 
 S = "${WORKDIR}/${BP}/src"
 
+SYSTEMD_SERVICE_${PN} = "krb5-admin-server.service krb5-kdc.service"
+SYSTEMD_AUTO_ENABLE = "disable"
+
 PACKAGECONFIG ??= "openssl"
 PACKAGECONFIG[libedit] = "--with-libedit,--without-libedit,libedit"
 PACKAGECONFIG[openssl] = "--with-pkinit-crypto-impl=openssl,,openssl"
@@ -79,20 +84,26 @@ do_configure() {
 }
 
 do_install_append() {
-mkdir -p ${D}/${sysconfdir}/init.d ${D}/${sysconfdir}/default
-install -m 0755 ${WORKDIR}/etc/init.d/* ${D}/${sysconfdir}/init.d
-install -m 0644 ${WORKDIR}/etc/default/* ${D}/${sysconfdir}/default
-
 rm -rf ${D}/${localstatedir}/run
-mkdir -p ${D}/${sysconfdir}/default/volatiles
-echo "d root root 0755 ${localstatedir}/run/krb5kdc none" \
-   > ${D}${sysconfdir}/default/volatiles/87_krb5
+
+if ${@base_contains('DISTRO_FEATURES', 'sysvinit', 'true', 'false', d)}; 
then
+mkdir -p ${D}/${sysconfdir}/init.d ${D}/${sysconfdir}/default
+install -m 0755 ${WORKDIR}/etc/init.d/* ${D}/${sysconfdir}/init.d
+install -m 0644 ${WORKDIR}/etc/default/* ${D}/${sysconfdir}/default
+
+mkdir -p ${D}/${sysconfdir}/default/volatiles
+echo "d root root 0755 ${localstatedir}/run/krb5kdc none" \
+  > ${D}${sysconfdir}/default/volatiles/87_krb5
+fi
 if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', 
d)}; then
 install -d ${D}${sysconfdir}/tmpfiles.d
 echo "d /run/krb5kdc - - - -" \
   > ${D}${sysconfdir}/tmpfiles.d/krb5.conf
-fi
 
+install -d ${D}${systemd_unitdir}/system
+install -m 0644 ${WORKDIR}/krb5-admin-server.service 
${D}${systemd_unitdir}/system
+install -m 0644 ${WORKDIR}/krb5-kdc.service 
${D}${systemd_unitdir}/system
+fi
 }
 
 pkg_postinst_${PN} () {
-- 
2.8.1

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org

[oe] [PATCH][meta-networking] samba: add PACKAGECONFIG for valgrind

2015-12-14 Thread wenzong.fan 
From: Wenzong Fan 

* Add configure options '--without-valgrind'
* Disable valgrind by default since it doesn't build for all targets

This fixes build errors:

  ../source3/include/includes.h:156:31: fatal error: \
valgrind/memcheck.h: No such file or directory
  compilation terminated.

Signed-off-by: Wenzong Fan 
---
 .../21-add-config-option-without-valgrind.patch| 63 ++
 .../recipes-connectivity/samba/samba_4.1.12.bb |  2 +
 2 files changed, 65 insertions(+)
 create mode 100644 
meta-networking/recipes-connectivity/samba/samba-4.1.12/21-add-config-option-without-valgrind.patch

diff --git 
a/meta-networking/recipes-connectivity/samba/samba-4.1.12/21-add-config-option-without-valgrind.patch
 
b/meta-networking/recipes-connectivity/samba/samba-4.1.12/21-add-config-option-without-valgrind.patch
new file mode 100644
index 000..025ac27
--- /dev/null
+++ 
b/meta-networking/recipes-connectivity/samba/samba-4.1.12/21-add-config-option-without-valgrind.patch
@@ -0,0 +1,63 @@
+From 9a2d6315ff206b2a47100dfd85afe3af56576995 Mon Sep 17 00:00:00 2001
+From: Wenzong Fan 
+Date: Thu, 10 Dec 2015 04:20:51 -0500
+Subject: [PATCH] Add config option without-valgrind
+
+Upstream-Status: Pending
+
+Signed-off-by: Wenzong Fan 
+---
+ lib/replace/wscript | 4 +++-
+ source3/wscript | 5 -
+ wscript | 4 
+ 3 files changed, 11 insertions(+), 2 deletions(-)
+
+diff --git a/lib/replace/wscript b/lib/replace/wscript
+index f0040b1..aca73af 100644
+--- a/lib/replace/wscript
 b/lib/replace/wscript
+@@ -101,7 +101,9 @@ struct foo bar = { .y = 'X', .x = 1 };
+ 
+ conf.CHECK_CODE('', headers='rpc/rpc.h rpcsvc/yp_prot.h', 
define='HAVE_RPCSVC_YP_PROT_H')
+ 
+-conf.CHECK_HEADERS('valgrind.h valgrind/valgrind.h valgrind/memcheck.h')
++if not Options.options.disable_valgrind:
++conf.CHECK_HEADERS('valgrind.h valgrind/valgrind.h 
valgrind/memcheck.h')
++
+ conf.CHECK_HEADERS('nss_common.h nsswitch.h ns_api.h')
+ conf.CHECK_HEADERS('sys/extattr.h sys/ea.h sys/proplist.h sys/cdefs.h')
+ conf.CHECK_HEADERS('utmp.h utmpx.h lastlog.h malloc.h')
+diff --git a/source3/wscript b/source3/wscript
+index bac3dd5..a5c51ea 100644
+--- a/source3/wscript
 b/source3/wscript
+@@ -1016,7 +1016,10 @@ syscall(SYS_setgroups32, 0, NULL);
+ Logs.warn("--with-dnsupdate=yes but gssapi support not 
sufficient")
+ else:
+ conf.DEFINE('WITH_DNS_UPDATES', 1)
+-conf.CHECK_HEADERS('valgrind.h valgrind/valgrind.h valgrind/memcheck.h')
++
++if not Options.options.disable_valgrind:
++conf.CHECK_HEADERS('valgrind.h valgrind/valgrind.h 
valgrind/memcheck.h')
++
+ if Options.options.developer:
+ if conf.CONFIG_SET('HAVE_VALGRIND_H') or 
conf.CONFIG_SET('HAVE_VALGRIND_VALGRIND_H'):
+ conf.DEFINE('VALGRIND', '1')
+diff --git a/wscript b/wscript
+index 7679c0f..681ac17 100644
+--- a/wscript
 b/wscript
+@@ -72,6 +72,10 @@ def set_options(opt):
+help=("Disable systemd integration"),
+action='store_false', dest='enable_systemd')
+ 
++opt.add_option('--without-valgrind',
++   help=("Disable use of the valgrind headers"),
++   action="store_true", dest='disable_valgrind', 
default=False)
++
+ gr = opt.option_group('developer options')
+ 
+ opt.tool_options('python') # options for disabling pyc or pyo compilation
+-- 
+1.9.1
+
diff --git a/meta-networking/recipes-connectivity/samba/samba_4.1.12.bb 
b/meta-networking/recipes-connectivity/samba/samba_4.1.12.bb
index cb29ab9..5925a92 100644
--- a/meta-networking/recipes-connectivity/samba/samba_4.1.12.bb
+++ b/meta-networking/recipes-connectivity/samba/samba_4.1.12.bb
@@ -33,6 +33,7 @@ SRC_URI = "${SAMBA_MIRROR}/stable/samba-${PV}.tar.gz \
file://18-avoid-get-config-by-native-ncurses.patch \
file://19-systemd-daemon-is-contained-by-libsystemd.patch \
file://20-do-not-import-target-module-while-cross-compile.patch \
+   file://21-add-config-option-without-valgrind.patch \
   "
 
 SRC_URI[md5sum] = "232016d7581a1ba11e991ec2674553c4"
@@ -65,6 +66,7 @@ PACKAGECONFIG[ldap] = "--with-ldap,--without-ldap,openldap"
 PACKAGECONFIG[systemd] = "--with-systemd,--without-systemd,systemd"
 PACKAGECONFIG[dmapi] = "--with-dmapi,--without-dmapi,dmapi"
 PACKAGECONFIG[zeroconf] = "--enable-avahi,--disable-avahi,avahi"
+PACKAGECONFIG[valgrind] = ",--without-valgrind,valgrind,"
 
 SAMBA4_IDMAP_MODULES="idmap_ad,idmap_rid,idmap_adex,idmap_hash,idmap_tdb2"
 SAMBA4_PDB_MODULES="pdb_tdbsam,${@bb.utils.contains('PACKAGECONFIG', 'ldap', 
'pdb_ldap,', '', d)}pdb_ads,pdb_smbpasswd,pdb_wbc_sam,pdb_samba4"
-- 
1.9.1

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org

[oe] [PATCH][meta-python] python-pygpgme: add ptest support

2015-11-17 Thread wenzong.fan 
From: Wenzong Fan 

* add ptest support
* runtime depends on gnupg

Signed-off-by: Wenzong Fan 
---
 .../recipes-devtools/python/python-pygpgme/run-ptest|  3 +++
 meta-python/recipes-devtools/python/python-pygpgme_0.3.bb   | 13 +++--
 2 files changed, 14 insertions(+), 2 deletions(-)
 create mode 100644 meta-python/recipes-devtools/python/python-pygpgme/run-ptest

diff --git a/meta-python/recipes-devtools/python/python-pygpgme/run-ptest 
b/meta-python/recipes-devtools/python/python-pygpgme/run-ptest
new file mode 100644
index 000..ac867e2
--- /dev/null
+++ b/meta-python/recipes-devtools/python/python-pygpgme/run-ptest
@@ -0,0 +1,3 @@
+#!/bin/sh
+
+GPG_AGENT_INFO= python test_all.py -v
diff --git a/meta-python/recipes-devtools/python/python-pygpgme_0.3.bb 
b/meta-python/recipes-devtools/python/python-pygpgme_0.3.bb
index f06c344..39a7ada 100644
--- a/meta-python/recipes-devtools/python/python-pygpgme_0.3.bb
+++ b/meta-python/recipes-devtools/python/python-pygpgme_0.3.bb
@@ -7,12 +7,21 @@ SECTION = "devel/python"
 LICENSE = "LGPL-2.1"
 LIC_FILES_CHKSUM = 
"file://PKG-INFO;beginline=8;endline=8;md5=6517bdc8f2416f27ab725d4702f7aac3"
 
-SRC_URI = 
"https://pypi.python.org/packages/source/p/pygpgme/pygpgme-${PV}.tar.gz;
+SRC_URI = 
"https://pypi.python.org/packages/source/p/pygpgme/pygpgme-${PV}.tar.gz \
+   file://run-ptest \
+  "
+
 SRC_URI[md5sum] = "d38355af73f0352cde3d410b25f34fd0"
 SRC_URI[sha256sum] = 
"5fd887c407015296a8fd3f4b867fe0fcca3179de97ccde90449853a3dfb802e1"
 
 S = "${WORKDIR}/pygpgme-${PV}"
 
 DEPENDS += "gpgme"
+RDEPENDS_${PN} += "gnupg"
+
+inherit setuptools ptest
 
-inherit setuptools
+do_install_ptest(){
+install ${S}/test_all.py ${D}${PTEST_PATH}
+cp -r ${S}/tests ${D}${PTEST_PATH}
+}
-- 
1.9.1

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH 1/4][meta-oe] krb5: fix CVE-2015-2695

2015-11-14 Thread wenzong.fan 
From: Wenzong Fan 

lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) before
1.14 relies on an inappropriate context handle, which allows remote
attackers to cause a denial of service (incorrect pointer read and
process crash) via a crafted SPNEGO packet that is mishandled during
a gss_inquire_context call.

Backport upstream commit to fix it:
https://github.com/krb5/krb5/commit/b51b33f2bc5d1497ddf5bd107f791c101695000d

Signed-off-by: Wenzong Fan 
---
 ...PNEGO-context-aliasing-bugs-CVE-2015-2695.patch | 572 +
 meta-oe/recipes-connectivity/krb5/krb5_1.13.2.bb   |   1 +
 2 files changed, 573 insertions(+)
 create mode 100644 
meta-oe/recipes-connectivity/krb5/krb5/Fix-SPNEGO-context-aliasing-bugs-CVE-2015-2695.patch

diff --git 
a/meta-oe/recipes-connectivity/krb5/krb5/Fix-SPNEGO-context-aliasing-bugs-CVE-2015-2695.patch
 
b/meta-oe/recipes-connectivity/krb5/krb5/Fix-SPNEGO-context-aliasing-bugs-CVE-2015-2695.patch
new file mode 100644
index 000..227e6c6
--- /dev/null
+++ 
b/meta-oe/recipes-connectivity/krb5/krb5/Fix-SPNEGO-context-aliasing-bugs-CVE-2015-2695.patch
@@ -0,0 +1,572 @@
+From 884913e807414a1e06245918dea71243c5fdd0e6 Mon Sep 17 00:00:00 2001
+From: Nicolas Williams 
+Date: Mon, 14 Sep 2015 12:27:52 -0400
+Subject: [PATCH 1/4] Fix SPNEGO context aliasing bugs [CVE-2015-2695]
+
+The SPNEGO mechanism currently replaces its context handle with the
+mechanism context handle upon establishment, under the assumption that
+most GSS functions are only called after context establishment.  This
+assumption is incorrect, and can lead to aliasing violations for some
+programs.  Maintain the SPNEGO context structure after context
+establishment and refer to it in all GSS methods.  Add initiate and
+opened flags to the SPNEGO context structure for use in
+gss_inquire_context() prior to context establishment.
+
+CVE-2015-2695:
+
+In MIT krb5 1.5 and later, applications which call
+gss_inquire_context() on a partially-established SPNEGO context can
+cause the GSS-API library to read from a pointer using the wrong type,
+generally causing a process crash.  This bug may go unnoticed, because
+the most common SPNEGO authentication scenario establishes the context
+after just one call to gss_accept_sec_context().  Java server
+applications using the native JGSS provider are vulnerable to this
+bug.  A carefully crafted SPNEGO packet might allow the
+gss_inquire_context() call to succeed with attacker-determined
+results, but applications should not make access control decisions
+based on gss_inquire_context() results prior to context establishment.
+
+CVSSv2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C/E:POC/RL:OF/RC:C
+
+[ghud...@mit.edu: several bugfixes, style changes, and edge-case
+behavior changes; commit message and CVE description]
+
+ticket: 8244
+target_version: 1.14
+tags: pullup
+
+Backport upstream commit:
+https://github.com/krb5/krb5/commit/b51b33f2bc5d1497ddf5bd107f791c101695000d
+
+Upstream-Status: Backport
+---
+ src/lib/gssapi/spnego/gssapiP_spnego.h |   2 +
+ src/lib/gssapi/spnego/spnego_mech.c| 254 -
+ 2 files changed, 192 insertions(+), 64 deletions(-)
+
+diff --git a/src/lib/gssapi/spnego/gssapiP_spnego.h 
b/src/lib/gssapi/spnego/gssapiP_spnego.h
+index bc23f56..8e05736 100644
+--- a/src/lib/gssapi/spnego/gssapiP_spnego.h
 b/src/lib/gssapi/spnego/gssapiP_spnego.h
+@@ -102,6 +102,8 @@ typedef struct {
+   int firstpass;
+   int mech_complete;
+   int nego_done;
++  int initiate;
++  int opened;
+   OM_uint32 ctx_flags;
+   gss_name_t internal_name;
+   gss_OID actual_mech;
+diff --git a/src/lib/gssapi/spnego/spnego_mech.c 
b/src/lib/gssapi/spnego/spnego_mech.c
+index f9248ab..3423f22 100644
+--- a/src/lib/gssapi/spnego/spnego_mech.c
 b/src/lib/gssapi/spnego/spnego_mech.c
+@@ -101,7 +101,7 @@ static OM_uint32 get_negotiable_mechs(OM_uint32 *, 
spnego_gss_cred_id_t,
+ gss_cred_usage_t, gss_OID_set *);
+ static void release_spnego_ctx(spnego_gss_ctx_id_t *);
+ static void check_spnego_options(spnego_gss_ctx_id_t);
+-static spnego_gss_ctx_id_t create_spnego_ctx(void);
++static spnego_gss_ctx_id_t create_spnego_ctx(int);
+ static int put_mech_set(gss_OID_set mechSet, gss_buffer_t buf);
+ static int put_input_token(unsigned char **, gss_buffer_t, unsigned int);
+ static int put_mech_oid(unsigned char **, gss_OID_const, unsigned int);
+@@ -439,7 +439,7 @@ check_spnego_options(spnego_gss_ctx_id_t spnego_ctx)
+ }
+ 
+ static spnego_gss_ctx_id_t
+-create_spnego_ctx(void)
++create_spnego_ctx(int initiate)
+ {
+   spnego_gss_ctx_id_t spnego_ctx = NULL;
+   spnego_ctx = (spnego_gss_ctx_id_t)
+@@ -462,6 +462,8 @@ create_spnego_ctx(void)
+   spnego_ctx->mic_rcvd = 0;
+   spnego_ctx->mech_complete = 0;
+   spnego_ctx->nego_done = 0;
++  spnego_ctx->opened = 0;
++

[oe] [PATCH 4/4][meta-oe] krb5: fix CVE-2015-2698

2015-11-14 Thread wenzong.fan 
From: Wenzong Fan 

The iakerb_gss_export_sec_context function in lib/gssapi/krb5/iakerb.c
in MIT Kerberos 5 (aka krb5) 1.14 pre-release 2015-09-14 improperly
accesses a certain pointer, which allows remote authenticated users
to cause a denial of service (memory corruption) or possibly have
unspecified other impact by interacting with an application that calls
the gss_export_sec_context function. NOTE: this vulnerability exists
because of an incorrect fix for CVE-2015-2696.

Backport upstream commit to fix it:
https://github.com/krb5/krb5/commit/3db8dfec1ef50ddd78d6ba9503185995876a39fd

Signed-off-by: Wenzong Fan 
---
 ...AKERB-context-export-import-CVE-2015-2698.patch | 134 +
 meta-oe/recipes-connectivity/krb5/krb5_1.13.2.bb   |   1 +
 2 files changed, 135 insertions(+)
 create mode 100644 
meta-oe/recipes-connectivity/krb5/krb5/Fix-IAKERB-context-export-import-CVE-2015-2698.patch

diff --git 
a/meta-oe/recipes-connectivity/krb5/krb5/Fix-IAKERB-context-export-import-CVE-2015-2698.patch
 
b/meta-oe/recipes-connectivity/krb5/krb5/Fix-IAKERB-context-export-import-CVE-2015-2698.patch
new file mode 100644
index 000..2f45d30
--- /dev/null
+++ 
b/meta-oe/recipes-connectivity/krb5/krb5/Fix-IAKERB-context-export-import-CVE-2015-2698.patch
@@ -0,0 +1,134 @@
+From aa769c8c6905d1abfac66d4d1b0fc73740ccbe7d Mon Sep 17 00:00:00 2001
+From: Greg Hudson 
+Date: Sat, 14 Nov 2015 02:47:04 -0500
+Subject: [PATCH 4/4] Fix IAKERB context export/import [CVE-2015-2698]
+
+The patches for CVE-2015-2696 contained a regression in the newly
+added IAKERB iakerb_gss_export_sec_context() function, which could
+cause it to corrupt memory.  Fix the regression by properly
+dereferencing the context_handle pointer before casting it.
+
+Also, the patches did not implement an IAKERB gss_import_sec_context()
+function, under the erroneous belief that an exported IAKERB context
+would be tagged as a krb5 context.  Implement it now to allow IAKERB
+contexts to be successfully exported and imported after establishment.
+
+CVE-2015-2698:
+
+In any MIT krb5 release with the patches for CVE-2015-2696 applied, an
+application which calls gss_export_sec_context() may experience memory
+corruption if the context was established using the IAKERB mechanism.
+Historically, some vulnerabilities of this nature can be translated
+into remote code execution, though the necessary exploits must be
+tailored to the individual application and are usually quite
+complicated.
+
+CVSSv2 Vector: AV:N/AC:H/Au:S/C:C/I:C/A:C/E:POC/RL:OF/RC:C
+
+ticket: 8273 (new)
+target_version: 1.14
+tags: pullup
+
+Backport upstream commit:
+https://github.com/krb5/krb5/commit/3db8dfec1ef50ddd78d6ba9503185995876a39fd
+
+Upstream-Status: Backport
+---
+ src/lib/gssapi/krb5/gssapiP_krb5.h |  5 +
+ src/lib/gssapi/krb5/gssapi_krb5.c  |  2 +-
+ src/lib/gssapi/krb5/iakerb.c   | 42 +++---
+ 3 files changed, 41 insertions(+), 8 deletions(-)
+
+diff --git a/src/lib/gssapi/krb5/gssapiP_krb5.h 
b/src/lib/gssapi/krb5/gssapiP_krb5.h
+index 05dc321..ac53662 100644
+--- a/src/lib/gssapi/krb5/gssapiP_krb5.h
 b/src/lib/gssapi/krb5/gssapiP_krb5.h
+@@ -1396,6 +1396,11 @@ OM_uint32 KRB5_CALLCONV
+ iakerb_gss_export_sec_context(OM_uint32 *minor_status,
+   gss_ctx_id_t *context_handle,
+   gss_buffer_t interprocess_token);
++
++OM_uint32 KRB5_CALLCONV
++iakerb_gss_import_sec_context(OM_uint32 *minor_status,
++  const gss_buffer_t interprocess_token,
++  gss_ctx_id_t *context_handle);
+ #endif /* LEAN_CLIENT */
+ 
+ OM_uint32 KRB5_CALLCONV
+diff --git a/src/lib/gssapi/krb5/gssapi_krb5.c 
b/src/lib/gssapi/krb5/gssapi_krb5.c
+index 9a23656..d7ba279 100644
+--- a/src/lib/gssapi/krb5/gssapi_krb5.c
 b/src/lib/gssapi/krb5/gssapi_krb5.c
+@@ -945,7 +945,7 @@ static struct gss_config iakerb_mechanism = {
+ NULL,
+ #else
+ iakerb_gss_export_sec_context,
+-NULL,
++iakerb_gss_import_sec_context,
+ #endif
+ krb5_gss_inquire_cred_by_mech,
+ krb5_gss_inquire_names_for_mech,
+diff --git a/src/lib/gssapi/krb5/iakerb.c b/src/lib/gssapi/krb5/iakerb.c
+index 4662bd9..48beaee 100644
+--- a/src/lib/gssapi/krb5/iakerb.c
 b/src/lib/gssapi/krb5/iakerb.c
+@@ -1061,7 +1061,7 @@ iakerb_gss_export_sec_context(OM_uint32 *minor_status,
+   gss_buffer_t interprocess_token)
+ {
+ OM_uint32 maj;
+-iakerb_ctx_id_t ctx = (iakerb_ctx_id_t)context_handle;
++iakerb_ctx_id_t ctx = (iakerb_ctx_id_t)*context_handle;
+ 
+ /* We don't currently support exporting partially established contexts. */
+ if (!ctx->established)
+@@ -1076,13 +1076,41 @@ iakerb_gss_export_sec_context(OM_uint32 *minor_status,
+ return maj;
+ }
+ 
+-/*
+- * Until we implement partial context exports, there are no SPNEGO exported
+- *

[oe] [PATCH 3/4][meta-oe] krb5: fix CVE-2015-2697

2015-11-14 Thread wenzong.fan 
From: Wenzong Fan 

The build_principal_va function in lib/krb5/krb/bld_princ.c in MIT
Kerberos 5 (aka krb5) before 1.14 allows remote authenticated users
to cause a denial of service (out-of-bounds read and KDC crash) via
an initial '\0' character in a long realm field within a TGS request.

Backport upstream commit to fix it:
https://github.com/krb5/krb5/commit/f0c094a1b745d91ef2f9a4eae2149aac026a5789

Signed-off-by: Wenzong Fan 
---
 ...-build_principal-memory-bug-CVE-2015-2697.patch | 58 ++
 meta-oe/recipes-connectivity/krb5/krb5_1.13.2.bb   |  1 +
 2 files changed, 59 insertions(+)
 create mode 100644 
meta-oe/recipes-connectivity/krb5/krb5/Fix-build_principal-memory-bug-CVE-2015-2697.patch

diff --git 
a/meta-oe/recipes-connectivity/krb5/krb5/Fix-build_principal-memory-bug-CVE-2015-2697.patch
 
b/meta-oe/recipes-connectivity/krb5/krb5/Fix-build_principal-memory-bug-CVE-2015-2697.patch
new file mode 100644
index 000..9b0c18b
--- /dev/null
+++ 
b/meta-oe/recipes-connectivity/krb5/krb5/Fix-build_principal-memory-bug-CVE-2015-2697.patch
@@ -0,0 +1,58 @@
+From 9cb63711e63042f22da914ba039c4537b22e8fb0 Mon Sep 17 00:00:00 2001
+From: Greg Hudson 
+Date: Fri, 25 Sep 2015 12:51:47 -0400
+Subject: [PATCH 3/4] Fix build_principal memory bug [CVE-2015-2697]
+
+In build_principal_va(), use k5memdup0() instead of strdup() to make a
+copy of the realm, to ensure that we allocate the correct number of
+bytes and do not read past the end of the input string.  This bug
+affects krb5_build_principal(), krb5_build_principal_va(), and
+krb5_build_principal_alloc_va().  krb5_build_principal_ext() is not
+affected.
+
+CVE-2015-2697:
+
+In MIT krb5 1.7 and later, an authenticated attacker may be able to
+cause a KDC to crash using a TGS request with a large realm field
+beginning with a null byte.  If the KDC attempts to find a referral to
+answer the request, it constructs a principal name for lookup using
+krb5_build_principal() with the requested realm.  Due to a bug in this
+function, the null byte causes only one byte be allocated for the
+realm field of the constructed principal, far less than its length.
+Subsequent operations on the lookup principal may cause a read beyond
+the end of the mapped memory region, causing the KDC process to crash.
+
+CVSSv2: AV:N/AC:L/Au:S/C:N/I:N/A:C/E:POC/RL:OF/RC:C
+
+ticket: 8252 (new)
+target_version: 1.14
+tags: pullup
+
+Backport upstream commit:
+https://github.com/krb5/krb5/commit/f0c094a1b745d91ef2f9a4eae2149aac026a5789
+
+Upstream-Status: Backport
+---
+ src/lib/krb5/krb/bld_princ.c | 6 ++
+ 1 file changed, 2 insertions(+), 4 deletions(-)
+
+diff --git a/src/lib/krb5/krb/bld_princ.c b/src/lib/krb5/krb/bld_princ.c
+index ab6fed8..8604268 100644
+--- a/src/lib/krb5/krb/bld_princ.c
 b/src/lib/krb5/krb/bld_princ.c
+@@ -40,10 +40,8 @@ build_principal_va(krb5_context context, krb5_principal 
princ,
+ data = malloc(size * sizeof(krb5_data));
+ if (!data) { retval = ENOMEM; }
+ 
+-if (!retval) {
+-r = strdup(realm);
+-if (!r) { retval = ENOMEM; }
+-}
++if (!retval)
++r = k5memdup0(realm, rlen, );
+ 
+ while (!retval && (component = va_arg(ap, char *))) {
+ if (count == size) {
+-- 
+1.9.1
+
diff --git a/meta-oe/recipes-connectivity/krb5/krb5_1.13.2.bb 
b/meta-oe/recipes-connectivity/krb5/krb5_1.13.2.bb
index 6c25d82..c6b873a 100644
--- a/meta-oe/recipes-connectivity/krb5/krb5_1.13.2.bb
+++ b/meta-oe/recipes-connectivity/krb5/krb5_1.13.2.bb
@@ -25,6 +25,7 @@ SRC_URI = 
"http://web.mit.edu/kerberos/dist/${BPN}/${SHRT_VER}/${BP}-signed.tar
file://debian-suppress-usr-lib-in-krb5-config.patch;striplevel=2 \

file://Fix-SPNEGO-context-aliasing-bugs-CVE-2015-2695.patch;striplevel=2 \

file://Fix-IAKERB-context-aliasing-bugs-CVE-2015-2696.patch;striplevel=2 \
+   
file://Fix-build_principal-memory-bug-CVE-2015-2697.patch;striplevel=2 \
file://crosscompile_nm.patch \
file://etc/init.d/krb5-kdc \
file://etc/init.d/krb5-admin-server \
-- 
1.9.1

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH][meta-webserver] phpmyadmin: fix CVE-2015-7873

2015-11-14 Thread wenzong.fan 
From: Wenzong Fan 

The redirection feature in url.php in phpMyAdmin 4.4.x before 4.4.15.1
and 4.5.x before 4.5.1 allows remote attackers to spoof content via the
url parameter.

Backport upstream commit to fix it:
https://github.com/phpmyadmin/phpmyadmin/commit/cd097656758f981f80fb9029c7d6b4294582b706

Signed-off-by: Wenzong Fan 
---
 .../Port-content-spoofing-fix-CVE-2015-7873.patch  | 48 ++
 .../recipes-php/phpmyadmin/phpmyadmin_4.5.0.2.bb   |  1 +
 2 files changed, 49 insertions(+)
 create mode 100644 
meta-webserver/recipes-php/phpmyadmin/phpmyadmin/Port-content-spoofing-fix-CVE-2015-7873.patch

diff --git 
a/meta-webserver/recipes-php/phpmyadmin/phpmyadmin/Port-content-spoofing-fix-CVE-2015-7873.patch
 
b/meta-webserver/recipes-php/phpmyadmin/phpmyadmin/Port-content-spoofing-fix-CVE-2015-7873.patch
new file mode 100644
index 000..1e6bcbd
--- /dev/null
+++ 
b/meta-webserver/recipes-php/phpmyadmin/phpmyadmin/Port-content-spoofing-fix-CVE-2015-7873.patch
@@ -0,0 +1,48 @@
+From ae7eae1cc88cbdf2d27a6f10f097ef731823689e Mon Sep 17 00:00:00 2001
+From: Wenzong Fan 
+Date: Sat, 14 Nov 2015 02:01:54 -0500
+Subject: [PATCH] Port content spoofing fix
+
+Backport upstream commit for fixing CVE-2015-7873:
+  
https://github.com/phpmyadmin/phpmyadmin/commit/cd097656758f981f80fb9029c7d6b4294582b706
+
+Upstream-Status: Backport
+
+Signed-off-by: Marc Delisle 
+Signed-off-by: Wenzong Fan 
+---
+ ChangeLog | 4 
+ url.php   | 3 ++-
+ 2 files changed, 6 insertions(+), 1 deletion(-)
+
+diff --git a/ChangeLog b/ChangeLog
+index 4cb6708..96936c8 100644
+--- a/ChangeLog
 b/ChangeLog
+@@ -107,6 +107,10 @@ phpMyAdmin - ChangeLog
+ - issue #11448 Clarify doc about the MemoryLimit directive
+ - issue #11489 Cannot copy a database under certain conditions
+ 
++4.4.15.1 (2015-10-23)
++- issue #11464 phpMyAdmin suggests upgrading to newer version not usable on 
that system
++- issue [security] Content spoofing on url.php
++
+ 4.4.15.0 (not yet released)
+ - issue #11411 Undefined "replace" function on numeric scalar
+ - issue #11421 Stored-proc / routine - broken parameter parsing
+diff --git a/url.php b/url.php
+index eec78a5..9c4c884 100644
+--- a/url.php
 b/url.php
+@@ -32,6 +32,7 @@ if (! PMA_isValid($_REQUEST['url'])
+ }
+ ";
+ // Display redirecting msg on screen.
+-printf(__('Taking you to %s.'), htmlspecialchars($_REQUEST['url']));
++// Do not display the value of $_REQUEST['url'] to avoid showing injected 
content
++echo __('Taking you to the target site.');
+ }
+ die();
+-- 
+1.9.1
+
diff --git a/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.5.0.2.bb 
b/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.5.0.2.bb
index e28b66a..9297d0c 100644
--- a/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.5.0.2.bb
+++ b/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.5.0.2.bb
@@ -6,6 +6,7 @@ LIC_FILES_CHKSUM = 
"file://LICENSE;md5=b234ee4d69f5fce4486a80fdaf4a4263 \
 
file://libraries/tcpdf/LICENSE.TXT;md5=5c87b66a5358ebcc495b03e0afcd342c"
 
 SRC_URI = 
"https://files.phpmyadmin.net/phpMyAdmin/4.5.0.2/phpMyAdmin-4.5.0.2-all-languages.tar.xz
 \
+   file://Port-content-spoofing-fix-CVE-2015-7873.patch \
file://apache.conf"
 
 SRC_URI[md5sum] = "2d08d2fcc8f70f88a11a14723e3ca275"
-- 
1.9.1

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH 0/4][meta-oe] krb5: fix CVEs

2015-11-14 Thread wenzong.fan 
From: Wenzong Fan 

Fix CVEs:

  CVE-2015-2695
  CVE-2015-2696
  CVE-2015-2697
  CVE-2015-2698

The following changes since commit 721a2cabf352085d34dd14c22e71914d3429ca59:

  ntp: upgrade 4.2.8p3 -> 4.2.8p4 (2015-11-11 12:12:08 +0100)

are available in the git repository at:

  git://git.pokylinux.org/poky-contrib wenzong/krb5-new
  http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=wenzong/krb5-new

Wenzong Fan (4):
  krb5: fix CVE-2015-2695
  krb5: fix CVE-2015-2696
  krb5: fix CVE-2015-2697
  krb5: fix CVE-2015-2698

 ...AKERB-context-aliasing-bugs-CVE-2015-2696.patch | 739 +
 ...AKERB-context-export-import-CVE-2015-2698.patch | 134 
 ...PNEGO-context-aliasing-bugs-CVE-2015-2695.patch | 572 
 ...-build_principal-memory-bug-CVE-2015-2697.patch |  58 ++
 meta-oe/recipes-connectivity/krb5/krb5_1.13.2.bb   |   4 +
 5 files changed, 1507 insertions(+)
 create mode 100644 
meta-oe/recipes-connectivity/krb5/krb5/Fix-IAKERB-context-aliasing-bugs-CVE-2015-2696.patch
 create mode 100644 
meta-oe/recipes-connectivity/krb5/krb5/Fix-IAKERB-context-export-import-CVE-2015-2698.patch
 create mode 100644 
meta-oe/recipes-connectivity/krb5/krb5/Fix-SPNEGO-context-aliasing-bugs-CVE-2015-2695.patch
 create mode 100644 
meta-oe/recipes-connectivity/krb5/krb5/Fix-build_principal-memory-bug-CVE-2015-2697.patch

-- 
1.9.1

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH][meta-python] python-pygpgme: add python-pygpgme 0.3

2015-11-03 Thread wenzong.fan 
From: Wenzong Fan 

PyGPGME is a Python module that lets you sign, verify, encrypt and
decrypt messages using the OpenPGP format.

Signed-off-by: Wenzong Fan 
---
 .../recipes-devtools/python/python-pygpgme_0.3.bb  | 18 ++
 1 file changed, 18 insertions(+)
 create mode 100644 meta-python/recipes-devtools/python/python-pygpgme_0.3.bb

diff --git a/meta-python/recipes-devtools/python/python-pygpgme_0.3.bb 
b/meta-python/recipes-devtools/python/python-pygpgme_0.3.bb
new file mode 100644
index 000..f06c344
--- /dev/null
+++ b/meta-python/recipes-devtools/python/python-pygpgme_0.3.bb
@@ -0,0 +1,18 @@
+SUMMARY = "A Python module for working with OpenPGP messages"
+DESCRIPTION = "PyGPGME is a Python module that lets you sign, verify, \
+   encrypt and decrypt messages using the OpenPGP format."
+HOMEPAGE = "https://launchpad.net/pygpgme;
+SECTION = "devel/python"
+
+LICENSE = "LGPL-2.1"
+LIC_FILES_CHKSUM = 
"file://PKG-INFO;beginline=8;endline=8;md5=6517bdc8f2416f27ab725d4702f7aac3"
+
+SRC_URI = 
"https://pypi.python.org/packages/source/p/pygpgme/pygpgme-${PV}.tar.gz;
+SRC_URI[md5sum] = "d38355af73f0352cde3d410b25f34fd0"
+SRC_URI[sha256sum] = 
"5fd887c407015296a8fd3f4b867fe0fcca3179de97ccde90449853a3dfb802e1"
+
+S = "${WORKDIR}/pygpgme-${PV}"
+
+DEPENDS += "gpgme"
+
+inherit setuptools
-- 
1.9.1

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH][meta-networking] ypbind-mt: set path of ypdomainname in ypbind script

2015-11-01 Thread wenzong.fan 
From: Jian Liu 

The script ypbind will cause error if using ypdomainname command
provided by busybox. So add RDEPENDCY on yp-tools and change
the path of ypdomainname.

Signed-off-by: Jian Liu 
Signed-off-by: Wenzong Fan 
---
 meta-networking/recipes-support/nis/files/ypbind.init | 11 ++-
 meta-networking/recipes-support/nis/ypbind-mt_1.38.bb |  2 ++
 2 files changed, 8 insertions(+), 5 deletions(-)

diff --git a/meta-networking/recipes-support/nis/files/ypbind.init 
b/meta-networking/recipes-support/nis/files/ypbind.init
index 244dc78..669c19c 100644
--- a/meta-networking/recipes-support/nis/files/ypbind.init
+++ b/meta-networking/recipes-support/nis/files/ypbind.init
@@ -26,6 +26,7 @@
 
 YPBIND_BIN=/usr/sbin/ypbind
 pidfile=/var/run/ypbind.pid
+YPDOMAINNAME_bin=/usr/bin/ypdomainname
 
 [ -f /etc/default/ypbind ] && . /etc/default/ypbind
 
@@ -34,14 +35,14 @@ case "$1" in
echo -n "Starting ypbind"
## If the domainname is not set, skip starting of ypbind
## and return with "program not configured"
-/bin/ypdomainname >/dev/null 2>&1
-if [ $? -ne 0 -o -z "`/bin/ypdomainname 2>/dev/null`" ]; then
+$YPDOMAINNAME_bin >/dev/null 2>&1
+if [ $? -ne 0 -o -z "`$YPDOMAINNAME_bin 2>/dev/null`" ]; then
if [ -f /etc/defaultdomain ]; then
  XDOMAINNAME=`cat /etc/defaultdomain`
- /bin/ypdomainname "$XDOMAINNAME"
+ $YPDOMAINNAME_bin "$XDOMAINNAME"
   fi
-   /bin/ypdomainname >/dev/null 2>&1
-   if [ $? -ne 0 -o -z "`/bin/ypdomainname 2>/dev/null`" ]; then
+   $YPDOMAINNAME_bin >/dev/null 2>&1
+   if [ $? -ne 0 -o -z "`$YPDOMAINNAME_bin 2>/dev/null`" ]; then
 # Tell the user this has skipped
 echo -n " . . . . . . . . . . No domainname set"
  # service is not configured
diff --git a/meta-networking/recipes-support/nis/ypbind-mt_1.38.bb 
b/meta-networking/recipes-support/nis/ypbind-mt_1.38.bb
index 5702cd6..d113b82 100644
--- a/meta-networking/recipes-support/nis/ypbind-mt_1.38.bb
+++ b/meta-networking/recipes-support/nis/ypbind-mt_1.38.bb
@@ -21,6 +21,8 @@ DEPENDS = " \
yp-tools \
${@base_contains('DISTRO_FEATURES', 'systemd', 'systemd', '', d)} \
   "
+RDEPENDS_${PN} += "yp-tools"
+
 # ypbind-mt now provides all the functionality of ypbind
 # and is used in place of it.
 PROVIDES += "ypbind"
-- 
1.9.1

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH][meta-networking] netcat-openbsd: replace patch with quilt

2015-11-01 Thread wenzong.fan 
From: Yue Tao 

If run bitbake -c patch -f netcat-openbsd twice, the patch conflict
will happen, so replace the patch with quilt to avoid do_patch failed.

Signed-off-by: Yue Tao 
Signed-off-by: Wenzong Fan 
---
 meta-networking/recipes-support/netcat/netcat-openbsd_1.105.bb | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/meta-networking/recipes-support/netcat/netcat-openbsd_1.105.bb 
b/meta-networking/recipes-support/netcat/netcat-openbsd_1.105.bb
index 12409d4..89a646f 100644
--- a/meta-networking/recipes-support/netcat/netcat-openbsd_1.105.bb
+++ b/meta-networking/recipes-support/netcat/netcat-openbsd_1.105.bb
@@ -20,7 +20,8 @@ do_configure[noexec] = "1"
 
 netcat_do_patch() {
 cd ${S}
-while read line; do patch -p1 < ${WORKDIR}/debian/patches/$line; done < 
${WORKDIR}/debian/patches/series
+quilt pop -a || true
+QUILT_PATCHES=${WORKDIR}/debian/patches 
QUILT_SERIES=${WORKDIR}/debian/patches/series quilt push -a
 }
 
 python do_patch() {
-- 
1.9.1

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH][meta-networking] ntp: upgrade 4.2.8p3 -> 4.2.8p4

2015-10-23 Thread wenzong.fan 
From: Wenzong Fan 

4.2.8p4 fixed following 13 low- and medium-severity vulnerabilities:

  * Bug 2941 CVE-2015-7871
  * Bug 2922 CVE-2015-7855
  * Bug 2921 CVE-2015-7854
  * Bug 2920 CVE-2015-7853
  * Bug 2919 CVE-2015-7852
  * Bug 2918 CVE-2015-7851
  * Bug 2917 CVE-2015-7850
  * Bug 2916 CVE-2015-7849
  * Bug 2913 CVE-2015-7848
  * Bug 2909 CVE-2015-7701
  * Bug 2902 CVE-2015-7703
  * Bug 2901 CVE-2015-7704, CVE-2015-7705
  * Bug 2899 CVE-2015-7691, CVE-2015-7692, CVE-2015-7702

And three bugs: Bug 2382, 1774, 1593

Details at:
  http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities

Signed-off-by: Wenzong Fan 
---
 .../recipes-support/ntp/{ntp_4.2.8p3.bb => ntp_4.2.8p4.bb}| 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
 rename meta-networking/recipes-support/ntp/{ntp_4.2.8p3.bb => ntp_4.2.8p4.bb} 
(97%)

diff --git a/meta-networking/recipes-support/ntp/ntp_4.2.8p3.bb 
b/meta-networking/recipes-support/ntp/ntp_4.2.8p4.bb
similarity index 97%
rename from meta-networking/recipes-support/ntp/ntp_4.2.8p3.bb
rename to meta-networking/recipes-support/ntp/ntp_4.2.8p4.bb
index 7ce993f..f9f900e 100644
--- a/meta-networking/recipes-support/ntp/ntp_4.2.8p3.bb
+++ b/meta-networking/recipes-support/ntp/ntp_4.2.8p4.bb
@@ -23,8 +23,8 @@ SRC_URI = 
"http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2/ntp-${PV}.tar.g
file://ntpd.list \
 "
 
-SRC_URI[md5sum] = "b98b0cbb72f6df04608e1dd5f313808b"
-SRC_URI[sha256sum] = 
"818ca4f2ed6ca845b1c5ec43f5e6ad905eaa0fc0aab2d509ed6b962a37fbf38f"
+SRC_URI[md5sum] = "6af96862b09324a8ef965ca76b759c8b"
+SRC_URI[sha256sum] = 
"0d6961572548d2c4af96f58f763e22ac620f5afef717384ddc317a0e365cfdb9"
 
 inherit autotools update-rc.d useradd systemd pkgconfig
 
-- 
1.9.1

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH v2][meta-multimedia] gst-plugins-good: fix depends to libgudev

2015-10-23 Thread wenzong.fan 
From: Wenzong Fan 

Depends on libgudev directly base on oe-core commit:

  commit e11801d031896351364e7723db3392012f58b603
  Author: Andreas Müller 
  Date:   Fri Oct 2 22:27:21 2015 +0200

udev: add PROVIDES = "libgudev"

With the last update of systemd libgudev was splitted out of systemd. To 
make
packages depending on libgudev happy, a recipe building libgudev was 
created in
meta-oe and the dependencies were modified from udev to libgudev.

This works fine for distros using systemd as init system, but distros not 
using
build udev which provides libgudev.

Signed-off-by: Andreas Müller 
Signed-off-by: Richard Purdie 

Signed-off-by: Wenzong Fan 
---
 .../recipes-multimedia/gstreamer-0.10/gst-plugins-good_0.10.31.bb   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git 
a/meta-multimedia/recipes-multimedia/gstreamer-0.10/gst-plugins-good_0.10.31.bb 
b/meta-multimedia/recipes-multimedia/gstreamer-0.10/gst-plugins-good_0.10.31.bb
index af18281..eaf3b1f 100644
--- 
a/meta-multimedia/recipes-multimedia/gstreamer-0.10/gst-plugins-good_0.10.31.bb
+++ 
b/meta-multimedia/recipes-multimedia/gstreamer-0.10/gst-plugins-good_0.10.31.bb
@@ -16,7 +16,7 @@ PACKAGECONFIG[jack] = "--enable-jack,--disable-jack,jack"
 PACKAGECONFIG[jpeg] = "--enable-jpeg,--disable-jpeg,jpeg"
 PACKAGECONFIG[wavpack] = "--enable-wavpack,--disable-wavpack,wavpack"
 PACKAGECONFIG[gdkpixbuf] = 
"--enable-gdk_pixbuf,--disable-gdk_pixbuf,gdk-pixbuf"
-PACKAGECONFIG[v4l] = "--enable-gst_v4l2 --with-gudev,--disable-gst_v4l2 
--without-gudev,udev"
+PACKAGECONFIG[v4l] = "--enable-gst_v4l2 --with-gudev,--disable-gst_v4l2 
--without-gudev,libgudev"
 # sub-feature of v4l, but control separately since libv4l is not part of 
oe-core
 PACKAGECONFIG[libv4l] = "--with-libv4l2,--without-libv4l2,libv4l"
 PACKAGECONFIG[bzip2] = "--enable-bz2,--disable-bz2,bzip2"
-- 
1.9.1

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH][meta-multimedia] gst-plugins-good: fix depends to libgudev

2015-10-21 Thread wenzong.fan 
From: Wenzong Fan 

* udev provides libgudev but it won't be built with systemd;
* systemd provides udev but no libgudev, libgudev has been removed
  from systemd and it's a independent project now; libgudev only be
  built if systemd distro feature enabled.

Signed-off-by: Wenzong Fan 
---
 .../recipes-multimedia/gstreamer-0.10/gst-plugins-good_0.10.31.bb| 5 -
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git 
a/meta-multimedia/recipes-multimedia/gstreamer-0.10/gst-plugins-good_0.10.31.bb 
b/meta-multimedia/recipes-multimedia/gstreamer-0.10/gst-plugins-good_0.10.31.bb
index af18281..3f3478f 100644
--- 
a/meta-multimedia/recipes-multimedia/gstreamer-0.10/gst-plugins-good_0.10.31.bb
+++ 
b/meta-multimedia/recipes-multimedia/gstreamer-0.10/gst-plugins-good_0.10.31.bb
@@ -11,12 +11,15 @@ PACKAGECONFIG ?= "jpeg v4l \
 ${@bb.utils.contains('DISTRO_FEATURES', 'pulseaudio', 'pulseaudio', '', 
d)} \
 ${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'x11', '', d)} \
 "
+
+GUDEV="${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'libgudev', 'udev', 
d)}"
+
 PACKAGECONFIG[pulseaudio] = "--enable-pulse,--disable-pulse,pulseaudio"
 PACKAGECONFIG[jack] = "--enable-jack,--disable-jack,jack"
 PACKAGECONFIG[jpeg] = "--enable-jpeg,--disable-jpeg,jpeg"
 PACKAGECONFIG[wavpack] = "--enable-wavpack,--disable-wavpack,wavpack"
 PACKAGECONFIG[gdkpixbuf] = 
"--enable-gdk_pixbuf,--disable-gdk_pixbuf,gdk-pixbuf"
-PACKAGECONFIG[v4l] = "--enable-gst_v4l2 --with-gudev,--disable-gst_v4l2 
--without-gudev,udev"
+PACKAGECONFIG[v4l] = "--enable-gst_v4l2 --with-gudev,--disable-gst_v4l2 
--without-gudev,${GUDEV}"
 # sub-feature of v4l, but control separately since libv4l is not part of 
oe-core
 PACKAGECONFIG[libv4l] = "--with-libv4l2,--without-libv4l2,libv4l"
 PACKAGECONFIG[bzip2] = "--enable-bz2,--disable-bz2,bzip2"
-- 
1.9.1

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH][meta-gnome] libgtop/metacity: add x11 to required DISTRO_FEATURES [ LIN8-343 ]

2015-10-21 Thread wenzong.fan 
From: Wenzong Fan 

The recipes depend on virtual/libx11 indirectly, they only can be
built with x11 in DISTRO_FEATURES.

Signed-off-by: Wenzong Fan 
---
 meta-gnome/recipes-gnome/libgtop/libgtop_2.30.0.bb| 5 -
 meta-gnome/recipes-gnome/metacity/metacity_2.34.13.bb | 4 +++-
 2 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/meta-gnome/recipes-gnome/libgtop/libgtop_2.30.0.bb 
b/meta-gnome/recipes-gnome/libgtop/libgtop_2.30.0.bb
index 51c51d4..8568274 100644
--- a/meta-gnome/recipes-gnome/libgtop/libgtop_2.30.0.bb
+++ b/meta-gnome/recipes-gnome/libgtop/libgtop_2.30.0.bb
@@ -2,7 +2,10 @@ SUMMARY = "LibGTop2"
 LICENSE = "GPLv2+"
 LIC_FILES_CHKSUM = "file://copyright.txt;md5=dbc839bf158d19a20e661db14db7a58c"
 
-inherit gnomebase lib_package gtk-doc
+inherit gnomebase lib_package gtk-doc distro_features_check
+# depends on libxau
+REQUIRED_DISTRO_FEATURES = "x11"
+
 SRC_URI[archive.md5sum] = "ee29a9ef60659ebf4b075ac281f71cb2"
 SRC_URI[archive.sha256sum] = 
"463bcbe5737b1b93f3345ee34abf601e8eb864f507c49ff1921c2737abafc1e5"
 
diff --git a/meta-gnome/recipes-gnome/metacity/metacity_2.34.13.bb 
b/meta-gnome/recipes-gnome/metacity/metacity_2.34.13.bb
index 9c48238..662c90d 100644
--- a/meta-gnome/recipes-gnome/metacity/metacity_2.34.13.bb
+++ b/meta-gnome/recipes-gnome/metacity/metacity_2.34.13.bb
@@ -7,7 +7,9 @@ LIC_FILES_CHKSUM = 
"file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f \
 DEPENDS = "gsettings-desktop-schemas startup-notification gtk+ gconf 
gdk-pixbuf-native libcanberra gnome-doc-utils libgtop intltool-native"
 PR = "r1"
 
-inherit gnomebase update-alternatives
+inherit gnomebase update-alternatives distro_features_check
+# depends on startup-notification which depends on virtual/libx11
+REQUIRED_DISTRO_FEATURES = "x11"
 
 GNOME_COMPRESS_TYPE = "xz"
 
-- 
1.9.1

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH 2/2][meta-oe] libcap-ng: remove package

2015-10-07 Thread wenzong.fan 
From: Wenzong Fan 

libcap-ng 0.7.7 has been added to oe-core:
  ad509d7644803ff9386affefe2ec1a3664027074

Signed-off-by: Wenzong Fan 
---
 .../libcap-ng/libcap-ng/python.patch   | 58 --
 .../recipes-support/libcap-ng/libcap-ng_0.7.7.bb   | 39 ---
 2 files changed, 97 deletions(-)
 delete mode 100644 meta-oe/recipes-support/libcap-ng/libcap-ng/python.patch
 delete mode 100644 meta-oe/recipes-support/libcap-ng/libcap-ng_0.7.7.bb

diff --git a/meta-oe/recipes-support/libcap-ng/libcap-ng/python.patch 
b/meta-oe/recipes-support/libcap-ng/libcap-ng/python.patch
deleted file mode 100644
index 59591eb..000
--- a/meta-oe/recipes-support/libcap-ng/libcap-ng/python.patch
+++ /dev/null
@@ -1,58 +0,0 @@
-From b01bb2694f66cd981e6d61523433dc3eb5ed32f2 Mon Sep 17 00:00:00 2001
-From: Li xin 
-Date: Sat, 18 Jul 2015 23:03:30 +0900
-Subject: [PATCH] configure.ac - Avoid an incorrect check for python.
- Makefile.am - avoid hard coded host include paths.
-
-Upstream-Status: pending
-
-Signed-off-by: Mark Hatle 
-Signed-off-by: Li Xin 

- bindings/python/Makefile.am |  3 ++-
- configure.ac| 15 ++-
- 2 files changed, 4 insertions(+), 14 deletions(-)
-
-diff --git a/bindings/python/Makefile.am b/bindings/python/Makefile.am
-index 82b9bb8..f9fe7a8 100644
 a/bindings/python/Makefile.am
-+++ b/bindings/python/Makefile.am
-@@ -23,7 +23,8 @@ SUBDIRS = test
- CONFIG_CLEAN_FILES = *.loT *.rej *.orig
- AM_CFLAGS = -fPIC -DPIC
- PYLIBVER ?= python$(PYTHON_VERSION)
--AM_CPPFLAGS = -I. -I$(top_builddir) -I@PYINCLUDEDIR@
-+PYINC ?= /usr/include/$(PYLIBVER)
-+AM_CPPFLAGS = -I. -I$(top_builddir) -I$(PYINC)
- LIBS = $(top_builddir)/src/libcap-ng.la
- SWIG_FLAGS = -python
- SWIG_INCLUDES = ${AM_CPPFLAGS}
-diff --git a/configure.ac b/configure.ac
-index 1d777d5..9d90f64 100644
 a/configure.ac
-+++ b/configure.ac
-@@ -123,19 +123,8 @@ if test x$use_python = xno ; then
- else
- AC_MSG_RESULT(testing)
- AM_PATH_PYTHON
--PYINCLUDEDIR=`python${am_cv_python_version} -c "from distutils import 
sysconfig; print(sysconfig.get_config_var('INCLUDEPY'))"`
--if test -f ${PYINCLUDEDIR}/Python.h ; then
--  python_found="yes"
--  AC_SUBST(PYINCLUDEDIR)
--  AC_MSG_NOTICE(Python bindings will be built)
--else
--  python_found="no"
--  if test x$use_python = xyes ; then
--  AC_MSG_ERROR([Python explicitly required and python headers 
found])
--  else
--  AC_MSG_WARN("Python headers not found - python bindings will 
not be made")
--  fi
--fi
-+python_found="yes"
-+AC_MSG_NOTICE(Python bindings will be built)
- fi
- AM_CONDITIONAL(HAVE_PYTHON, test ${python_found} = "yes")
- 
--- 
-1.8.4.2
-
diff --git a/meta-oe/recipes-support/libcap-ng/libcap-ng_0.7.7.bb 
b/meta-oe/recipes-support/libcap-ng/libcap-ng_0.7.7.bb
deleted file mode 100644
index a31d5dc..000
--- a/meta-oe/recipes-support/libcap-ng/libcap-ng_0.7.7.bb
+++ /dev/null
@@ -1,39 +0,0 @@
-SUMMARY = "An alternate posix capabilities library"
-DESCRIPTION = "The libcap-ng library is intended to make programming \
-with POSIX capabilities much easier than the traditional libcap library."
-HOMEPAGE = "http://freecode.com/projects/libcap-ng;
-SECTION = "base"
-LICENSE = "GPLv2+ & LGPLv2.1+"
-LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f \
-   file://COPYING.LIB;md5=e3eda01d9815f8d24aae2dbd89b68b06"
-
-SRC_URI = "http://people.redhat.com/sgrubb/libcap-ng/libcap-ng-${PV}.tar.gz \
-   file://python.patch"
-
-inherit lib_package autotools pythonnative
-
-SRC_URI[md5sum] = "3d7d126b29e2869a0257c17c8b0d9b2e"
-SRC_URI[sha256sum] = 
"615549ce39b333f6b78baee0c0b4ef18bc726c6bf1cca123dfd89dd963f6d06b"
-
-DEPENDS += "swig-native python"
-
-EXTRA_OECONF += "--without-python3"
-
-EXTRA_OEMAKE += "PYLIBVER='python${PYTHON_BASEVERSION}' 
PYINC='${STAGING_INCDIR}/${PYLIBVER}'"
-
-PACKAGES += "${PN}-python"
-
-FILES_${PN}-dbg += "${libdir}/python${PYTHON_BASEVERSION}/*/.debug"
-FILES_${PN}-python = "${libdir}/python${PYTHON_BASEVERSION}"
-
-BBCLASSEXTEND = "native"
-
-do_install_append() {
-   # Moving libcap-ng to base_libdir
-   if [ ! ${D}${libdir} -ef ${D}${base_libdir} ]; then
-   mkdir -p ${D}/${base_libdir}/
-   mv -f ${D}${libdir}/libcap-ng.so.* ${D}${base_libdir}/
-   relpath=${@os.path.relpath("${base_libdir}", "${libdir}")}
-   ln -sf ${relpath}/libcap-ng.so.0.0.0 ${D}${libdir}/libcap-ng.so
-   fi
-}
-- 
1.9.1

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH 0/2][meta-oe] remove packages: libcap-ng, swig

2015-10-07 Thread wenzong.fan 
From: Wenzong Fan 

They have been moved to oe-core.

The following changes since commit f4533380c8a5c1d229f69ee0c2ef9d187ef8:

  dracut: install modules to /usr/lib (2015-09-23 16:10:57 +0200)

are available in the git repository at:

  git://git.pokylinux.org/poky-contrib wenzong/libcap-1
  http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=wenzong/libcap-1

Wenzong Fan (2):
  swig: remove package
  libcap-ng: remove package

 meta-oe/recipes-devtools/swig/swig.inc | 63 
 ...lf-exe-for-swig-swiglib-on-non-Win32-plat.patch | 69 --
 ...nfigure-use-pkg-config-for-pcre-detection.patch | 64 
 meta-oe/recipes-devtools/swig/swig_3.0.6.bb|  8 ---
 .../libcap-ng/libcap-ng/python.patch   | 58 --
 .../recipes-support/libcap-ng/libcap-ng_0.7.7.bb   | 39 
 6 files changed, 301 deletions(-)
 delete mode 100644 meta-oe/recipes-devtools/swig/swig.inc
 delete mode 100644 
meta-oe/recipes-devtools/swig/swig/0001-Use-proc-self-exe-for-swig-swiglib-on-non-Win32-plat.patch
 delete mode 100644 
meta-oe/recipes-devtools/swig/swig/0001-configure-use-pkg-config-for-pcre-detection.patch
 delete mode 100644 meta-oe/recipes-devtools/swig/swig_3.0.6.bb
 delete mode 100644 meta-oe/recipes-support/libcap-ng/libcap-ng/python.patch
 delete mode 100644 meta-oe/recipes-support/libcap-ng/libcap-ng_0.7.7.bb

-- 
1.9.1

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH 1/2][meta-oe] swig: remove package

2015-10-07 Thread wenzong.fan 
From: Wenzong Fan 

swig 3.0.6 has been moved to oe-croe:
  66923c6776da13bd4513a73c3f7c5e60d74eb0f3

Signed-off-by: Wenzong Fan 
---
 meta-oe/recipes-devtools/swig/swig.inc | 63 
 ...lf-exe-for-swig-swiglib-on-non-Win32-plat.patch | 69 --
 ...nfigure-use-pkg-config-for-pcre-detection.patch | 64 
 meta-oe/recipes-devtools/swig/swig_3.0.6.bb|  8 ---
 4 files changed, 204 deletions(-)
 delete mode 100644 meta-oe/recipes-devtools/swig/swig.inc
 delete mode 100644 
meta-oe/recipes-devtools/swig/swig/0001-Use-proc-self-exe-for-swig-swiglib-on-non-Win32-plat.patch
 delete mode 100644 
meta-oe/recipes-devtools/swig/swig/0001-configure-use-pkg-config-for-pcre-detection.patch
 delete mode 100644 meta-oe/recipes-devtools/swig/swig_3.0.6.bb

diff --git a/meta-oe/recipes-devtools/swig/swig.inc 
b/meta-oe/recipes-devtools/swig/swig.inc
deleted file mode 100644
index 9821fa5..000
--- a/meta-oe/recipes-devtools/swig/swig.inc
+++ /dev/null
@@ -1,63 +0,0 @@
-DESCRIPTION = "SWIG - Simplified Wrapper and Interface Generator"
-HOMEPAGE = "http://swig.sourceforge.net/;
-LICENSE = "BSD & GPLv3"
-LIC_FILES_CHKSUM = "file://LICENSE;md5=e7807a6282784a7dde4c846626b08fc6 \
-file://LICENSE-GPL;md5=d32239bcb673463ab874e80d47fae504 \
-
file://LICENSE-UNIVERSITIES;md5=8ce9dcc8f7c994de4a408b205c72ba08"
-
-SECTION = "devel"
-
-DEPENDS = "libpcre python"
-
-SRC_URI = "${SOURCEFORGE_MIRROR}/${BPN}/${BPN}-${PV}.tar.gz"
-
-inherit autotools pythonnative
-
-EXTRA_OECONF = " \
---with-python=${PYTHON} \
---without-allegrocl \
---without-android \
---without-boost \
---without-chicken \
---without-clisp \
---without-csharp \
---without-d \
---without-gcj \
---without-go \
---without-guile \
---without-java \
---without-lua \
---without-mzscheme \
---without-ocaml \
---without-octave \
---without-perl5 \
---without-pike \
---without-php \
---without-python3 \
---without-r \
---without-ruby \
---without-tcl \
-"
-
-BBCLASSEXTEND = "native nativesdk"
-
-do_configure() {
-install -m 0755 ${STAGING_DATADIR_NATIVE}/gnu-config/config.guess 
${S}/Tools/config
-install -m 0755 ${STAGING_DATADIR_NATIVE}/gnu-config/config.sub 
${S}/Tools/config
-install -m 0755 ${STAGING_DATADIR_NATIVE}/gnu-config/config.guess ${S}
-install -m 0755 ${STAGING_DATADIR_NATIVE}/gnu-config/config.sub ${S}
-oe_runconf
-}
-
-do_install_append_class-nativesdk() {
-cd ${D}${bindir}
-ln -s swig swig2.0
-}
-
-def swiglib_relpath(d):
-swiglib = d.getVar('datadir', True) + "/" + d.getVar('BPN', True) + "/" + 
d.getVar('PV', True)
-return os.path.relpath(swiglib, d.getVar('bindir', True))
-
-do_install_append_class-native() {
-create_wrapper ${D}${bindir}/swig SWIG_LIB='`dirname 
$''realpath`'/${@swiglib_relpath(d)}
-}
diff --git 
a/meta-oe/recipes-devtools/swig/swig/0001-Use-proc-self-exe-for-swig-swiglib-on-non-Win32-plat.patch
 
b/meta-oe/recipes-devtools/swig/swig/0001-Use-proc-self-exe-for-swig-swiglib-on-non-Win32-plat.patch
deleted file mode 100644
index 81df3e2..000
--- 
a/meta-oe/recipes-devtools/swig/swig/0001-Use-proc-self-exe-for-swig-swiglib-on-non-Win32-plat.patch
+++ /dev/null
@@ -1,69 +0,0 @@
-From a4a0440a644c6c5e5da096efe3cf05ba309a284f Mon Sep 17 00:00:00 2001
-From: "NODA, Kai" 
-Date: Sun, 22 Apr 2012 17:01:02 +0900
-Subject: [PATCH] Use /proc/self/exe for "swig -swiglib" on non-Win32
- platforms.
-
-If it wasn't found, then fall back to a fixed string just as before.
-
-Upstream-Status: Submitted
-http://sourceforge.net/mailarchive/message.php?msg_id=29179733
-

- Source/Modules/main.cxx |   24 ++--
- 1 file changed, 22 insertions(+), 2 deletions(-)
-
-diff --git a/Source/Modules/main.cxx b/Source/Modules/main.cxx
-index d2f5d3b..cbb0a12 100644
 a/Source/Modules/main.cxx
-+++ b/Source/Modules/main.cxx
-@@ -26,6 +26,11 @@ char cvsroot_main_cxx[] = "$Id$";
- #include "cparse.h"
- #include 
- #include// for INT_MAX
-+#ifndef _WIN32
-+#include 
-+#include// for readlink
-+#include  // for stat
-+#endif
- 
- // Global variables
- 
-@@ -902,9 +907,9 @@ int SWIG_main(int argc, char *argv[], Language *l) {
- 
-   // Check for SWIG_LIB environment variable
-   if ((c = getenv("SWIG_LIB")) == (char *) 0) {
-+char *p;
- #if defined(_WIN32)
- char buf[MAX_PATH];
--char *p;
- if (!(GetModuleFileName(0, buf, MAX_PATH) == 0 || (p = strrchr(buf, 
'\\')) == 0)) {
-   *(p + 1) = '\0';
-   SwigLib = NewStringf("%sLib", buf); // Native windows installation path
-@@ -914,7 +919,22 @@ int SWIG_main(int argc, char *argv[], Language *l) {
- if (Len(SWIG_LIB_WIN_UNIX) > 0)
-   SwigLibWinUnix = NewString(SWIG_LIB_WIN_UNIX); // Unix installation 
path using a drive letter

[oe] [PATCH][meta-webserver] apache2: cleanup buildpaths for target stuffs

2015-09-29 Thread wenzong.fan 
From: Wenzong Fan 

Those buildpaths were generated from configure substitutions, they are
required for cross-compiling, but obviously they should be cleaned up
from target stuffs.

Cleanup buildpaths from config_vars.mk and config.nice:

* remove ${STAGING_DIR_HOST} from CC, CFLAGS ...
* set APU_INCLUDEDIR, APU_CONFIG as empty
* remove buildpath from configure line

Signed-off-by: Wenzong Fan 
---
 meta-webserver/recipes-httpd/apache2/apache2_2.4.16.bb | 9 +
 1 file changed, 9 insertions(+)

diff --git a/meta-webserver/recipes-httpd/apache2/apache2_2.4.16.bb 
b/meta-webserver/recipes-httpd/apache2/apache2_2.4.16.bb
index a44babd..af5c72a 100644
--- a/meta-webserver/recipes-httpd/apache2/apache2_2.4.16.bb
+++ b/meta-webserver/recipes-httpd/apache2/apache2_2.4.16.bb
@@ -97,6 +97,15 @@ do_install_append() {
 sed -i -e 's,@BASE_BINDIR@,${base_bindir},g' 
${D}${systemd_unitdir}/system/apache2.service
 }
 
+do_install_append_class-target() {
+sed -i -e 's,${STAGING_DIR_HOST},,g' \
+   -e 's,APU_INCLUDEDIR = .*,APU_INCLUDEDIR = ,g' \
+   -e 's,APU_CONFIG = .*,APU_CONFIG = ,g' 
${D}${datadir}/apache2/build/config_vars.mk
+
+sed -i -e 's,${STAGING_DIR_HOST},,g' \
+   -e 's,".*/configure","configure",g' 
${D}${datadir}/apache2/build/config.nice
+}
+
 SYSROOT_PREPROCESS_FUNCS += "apache_sysroot_preprocess"
 
 apache_sysroot_preprocess () {
-- 
1.9.1

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH][meta-oe] gd: cleanup buildpaths from gdlib.pc

2015-09-24 Thread wenzong.fan 
From: Wenzong Fan 

* gdlib.pc:
  -L/path/to/tmp/sysroots/qemux86-64/usr/lib64 -> -L/usr/lib64

Signed-off-by: Wenzong Fan 
---
 meta-oe/recipes-support/gd/gd_2.1.1.bb | 5 +
 1 file changed, 5 insertions(+)

diff --git a/meta-oe/recipes-support/gd/gd_2.1.1.bb 
b/meta-oe/recipes-support/gd/gd_2.1.1.bb
index 62008df..85c7e6a 100644
--- a/meta-oe/recipes-support/gd/gd_2.1.1.bb
+++ b/meta-oe/recipes-support/gd/gd_2.1.1.bb
@@ -32,6 +32,11 @@ EXTRA_OECONF += " --disable-rpath \
 
 EXTRA_OEMAKE = 'LDFLAGS="${LDFLAGS}"'
 
+do_install_append() {
+   # cleanup buildpaths from gdlib.pc
+   sed -i -e 's#${STAGING_DIR_HOST}##g' ${D}${libdir}/pkgconfig/gdlib.pc
+}
+
 PACKAGES += "${PN}-tools"
 
 FILES_${PN} = "${libdir}/lib*${SOLIBS}"
-- 
1.9.1

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH][meta-networking] squid: disable atomic operations for powerpc/mips

2015-09-23 Thread wenzong.fan 
From: Wenzong Fan 

Don't enable GNU atomic operations for all targets, it fails on
powerpc and mips:

  AtomicWord.h: undefined reference to `__sync_fetch_and_add_8'
  collect2: error: ld returned 1 exit status

Refer to https://gcc.gnu.org/bugzilla/show_bug.cgi?id=56300:

  There is no hardware support for 8 bytes atomic operations on
  32-bit MIPS targets.

The 32-bit PowerPC fails as well.

Signed-off-by: Wenzong Fan 
---
 meta-networking/recipes-daemons/squid/squid_3.5.7.bb | 6 --
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/meta-networking/recipes-daemons/squid/squid_3.5.7.bb 
b/meta-networking/recipes-daemons/squid/squid_3.5.7.bb
index 5d058dc..5b27d46 100644
--- a/meta-networking/recipes-daemons/squid/squid_3.5.7.bb
+++ b/meta-networking/recipes-daemons/squid/squid_3.5.7.bb
@@ -34,8 +34,11 @@ inherit autotools useradd ptest
 USERADD_PACKAGES = "${PN}"
 USERADD_PARAM_${PN} = "--system --no-create-home --home-dir /var/run/squid 
--shell /bin/false --user-group squid"
 
-PACKAGECONFIG ??= ""
+PACKAGECONFIG ??= "${@base_contains('TARGET_ARCH', 'powerpc', 'noatomics', '', 
d)} \
+   ${@base_contains('TARGET_ARCH', 'mips', 'noatomics', '', 
d)} \
+  "
 PACKAGECONFIG[libnetfilter-conntrack] = 
"--with-netfilter-conntrack=${includedir}, --without-netfilter-conntrack, 
libnetfilter-conntrack"
+PACKAGECONFIG[noatomics] = "squid_cv_gnu_atomics=no,squid_cv_gnu_atomics=yes,,"
 
 BASIC_AUTH = "DB SASL LDAP NIS"
 DEPENDS += "${@base_contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}"
@@ -43,7 +46,6 @@ BASIC_AUTH += "${@base_contains('DISTRO_FEATURES', 'pam', 
'PAM', '', d)}"
 
 EXTRA_OECONF += "--with-default-user=squid --enable-auth-basic='${BASIC_AUTH}'"
 export BUILDCXXFLAGS="${BUILD_CXXFLAGS}"
-CACHED_CONFIGUREVARS += "squid_cv_gnu_atomics=yes"
 
 TESTDIR = "test-suite"
 do_compile_ptest() {
-- 
1.9.1

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH 0/2 v2] [meta-initramfs] dracut: RDEPEND on systemd optionally & install modules to /usr/lib

2015-09-17 Thread wenzong.fan 
From: Wenzong Fan 

V2 changes:

* Move the "PACKAGECONFIG" next to "EXTRA_OECONF".

The following changes since commit 1692d5c3020434404fc1ee6911a60b88287a5efb:

  netmap: add new package (2015-09-15 10:49:30 -0400)

are available in the git repository at:

  git://git.pokylinux.org/poky-contrib wenzong/dracut
  http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=wenzong/dracut

Robert Yang (1):
  dracut: RDEPEND on systemd optionally

Wenzong Fan (1):
  dracut: install modules to /usr/lib

 meta-initramfs/recipes-devtools/dracut/dracut_git.bb | 20 +---
 1 file changed, 13 insertions(+), 7 deletions(-)

-- 
1.9.1

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH 1/2 v2][meta-initramfs] dracut: RDEPEND on systemd optionally

2015-09-17 Thread wenzong.fan 
From: Robert Yang 

Use PACKAGECONFIG to depend on systemd optionally.

Signed-off-by: Robert Yang 
Signed-off-by: Wenzong Fan 
---
 meta-initramfs/recipes-devtools/dracut/dracut_git.bb | 11 ++-
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/meta-initramfs/recipes-devtools/dracut/dracut_git.bb 
b/meta-initramfs/recipes-devtools/dracut/dracut_git.bb
index b7d88fd..3be78ed 100644
--- a/meta-initramfs/recipes-devtools/dracut/dracut_git.bb
+++ b/meta-initramfs/recipes-devtools/dracut/dracut_git.bb
@@ -13,9 +13,6 @@ SRC_URI = 
"git://git.kernel.org/pub/scm/boot/dracut/dracut.git"
 
 S = "${WORKDIR}/git"
 
-inherit distro_features_check
-REQUIRED_DISTRO_FEATURES = "systemd"
-
 EXTRA_OECONF = "--prefix=${prefix} \
 --libdir=${libdir} \
 --datadir=${datadir} \
@@ -25,7 +22,11 @@ EXTRA_OECONF = "--prefix=${prefix} \
 --bindir=${bindir} \
 --includedir=${includedir} \
 --localstatedir=${localstatedir} \
---systemdsystemunitdir=${systemd_unitdir}/system"
+   "
+
+# RDEPEND on systemd optionally
+PACKAGECONFIG ??= "${@base_contains('DISTRO_FEATURES', 'systemd', 'systemd', 
'', d)}"
+PACKAGECONFIG[systemd] = 
"--with-systemdsystemunitdir=${systemd_unitdir}/system/,,,systemd"
 
 do_configure() {
 ./configure ${EXTRA_OECONF}
@@ -44,7 +45,7 @@ FILES_${PN} += " ${libdir}/kernel \
"
 CONFFILES_${PN} += "${sysconfdir}/dracut.conf"
 
-RDEPENDS_${PN} = "systemd findutils cpio util-linux-blkid util-linux-getopt 
bash ldd"
+RDEPENDS_${PN} = "findutils cpio util-linux-blkid util-linux-getopt bash ldd"
 RDEPENDS_${PN}-bash-completion = "bash-completion"
 
 # This could be optimized a bit, but let's avoid non-booting systems :)
-- 
1.9.1

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH 2/2 v2][meta-initramfs] dracut: install modules to /usr/lib

2015-09-17 Thread wenzong.fan 
From: Wenzong Fan 

The dracut modules will be installed to /usr/lib64 while building 64bit
targets with multilib enabled, this causes runtime errors:

  dracut: Cannot find /usr/lib/dracut/dracut-functions.sh.
  dracut: Are you running from a git checkout?
  dracut: Try passing -l as an argument to /usr/bin/dracut

The dracut modules, 50-dracut.install and 51-dracut-rescue.install must
be installed to /usr/lib as Fedora 20 does.

Signed-off-by: Wenzong Fan 
---
 meta-initramfs/recipes-devtools/dracut/dracut_git.bb | 9 +++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/meta-initramfs/recipes-devtools/dracut/dracut_git.bb 
b/meta-initramfs/recipes-devtools/dracut/dracut_git.bb
index 3be78ed..8733d54 100644
--- a/meta-initramfs/recipes-devtools/dracut/dracut_git.bb
+++ b/meta-initramfs/recipes-devtools/dracut/dracut_git.bb
@@ -14,7 +14,7 @@ SRC_URI = 
"git://git.kernel.org/pub/scm/boot/dracut/dracut.git"
 S = "${WORKDIR}/git"
 
 EXTRA_OECONF = "--prefix=${prefix} \
---libdir=${libdir} \
+--libdir=${prefix}/lib \
 --datadir=${datadir} \
 --sysconfdir=${sysconfdir} \
 --sbindir=${sbindir} \
@@ -28,6 +28,8 @@ EXTRA_OECONF = "--prefix=${prefix} \
 PACKAGECONFIG ??= "${@base_contains('DISTRO_FEATURES', 'systemd', 'systemd', 
'', d)}"
 PACKAGECONFIG[systemd] = 
"--with-systemdsystemunitdir=${systemd_unitdir}/system/,,,systemd"
 
+EXTRA_OEMAKE += 'libdir=${prefix}/lib'
+
 do_configure() {
 ./configure ${EXTRA_OECONF}
 }
@@ -40,9 +42,12 @@ PACKAGES =+ "${PN}-bash-completion"
 
 FILES_${PN}-bash-completion = "${datadir}/bash-completion"
 
-FILES_${PN} += " ${libdir}/kernel \
+FILES_${PN} += "${prefix}/lib/kernel \
+${prefix}/lib/dracut \
 ${systemd_unitdir} \
"
+FILES_${PN}-dbg += "${prefix}/lib/dracut/.debug"
+
 CONFFILES_${PN} += "${sysconfdir}/dracut.conf"
 
 RDEPENDS_${PN} = "findutils cpio util-linux-blkid util-linux-getopt bash ldd"
-- 
1.9.1

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH][meta-oe] rsyslog: fix ptest

2015-09-15 Thread wenzong.fan 
From: Wenzong Fan 

After rsyslog updated to 7.6.1, ptest fails to build & run since the
serial-tests config patch was dropped:

 - rsyslog-use-serial-tests-config-needed-by-ptest.patch

This patch involved serial test harness:

 + AM_INIT_AUTOMAKE([serial-tests])

Which is deprecated in favour of parallel test harness. Automake
generated a parallel test harness by default. It features automatic
collection of the test scripts output in .log files ...

More details please refer to:

 
http://www.gnu.org/software/automake/manual/html_node/Parallel-Test-Harness.html

To enable the ptest with new changes, we should:

* add target 'buildtest-TESTS' for building test components;
* fix 'top_srcdir' and install required script 'test-driver';
* run testcases with target 'check-TESTS'.

Signed-off-by: Wenzong Fan 
---
 meta-oe/recipes-extended/rsyslog/rsyslog/run-ptest | 2 +-
 meta-oe/recipes-extended/rsyslog/rsyslog_7.6.1.bb  | 8 ++--
 2 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/meta-oe/recipes-extended/rsyslog/rsyslog/run-ptest 
b/meta-oe/recipes-extended/rsyslog/rsyslog/run-ptest
index 38a1d1b..3770a75 100644
--- a/meta-oe/recipes-extended/rsyslog/rsyslog/run-ptest
+++ b/meta-oe/recipes-extended/rsyslog/rsyslog/run-ptest
@@ -1,3 +1,3 @@
 #!/bin/sh
 #
-make -C tests -k runtest-TESTS
+make -C tests -k check-TESTS
diff --git a/meta-oe/recipes-extended/rsyslog/rsyslog_7.6.1.bb 
b/meta-oe/recipes-extended/rsyslog/rsyslog_7.6.1.bb
index 15b0f29..b7a8140 100644
--- a/meta-oe/recipes-extended/rsyslog/rsyslog_7.6.1.bb
+++ b/meta-oe/recipes-extended/rsyslog/rsyslog_7.6.1.bb
@@ -70,7 +70,7 @@ PACKAGECONFIG[valgrind] = 
"--enable-valgrind,--disable-valgrind,valgrind,"
 
 TESTDIR = "tests"
 do_compile_ptest() {
-sed -i 's/\(^buildtest-TESTS: \)/\1 $(check_PROGRAMS) /' 
${TESTDIR}/Makefile
+echo 'buildtest-TESTS: $(check_PROGRAMS)' >> ${TESTDIR}/Makefile
 oe_runmake -C ${TESTDIR} buildtest-TESTS
 }
 
@@ -82,8 +82,9 @@ do_install_ptest() {
 # do NOT need to rebuild Makefile itself
 sed -i 's/^Makefile:.*$/Makefile:/' ${D}${PTEST_PATH}/${TESTDIR}/Makefile
 
-# fix the srcdir
+# fix the srcdir, top_srcdir
 sed -i 's,^\(srcdir = \).*,\1${PTEST_PATH}/tests,' 
${D}${PTEST_PATH}/${TESTDIR}/Makefile
+sed -i 's,^\(top_srcdir = \).*,\1${PTEST_PATH}/tests,' 
${D}${PTEST_PATH}/${TESTDIR}/Makefile
 
 # valgrind is not compatible with arm and mips,
 # so remove related test cases if there is no valgrind.
@@ -91,6 +92,9 @@ do_install_ptest() {
 sed -i '/udp-msgreduc-/d' ${D}${PTEST_PATH}/${TESTDIR}/Makefile
 fi
 
+# install test-driver
+install -m 644 ${S}/test-driver ${D}${PTEST_PATH}/${TESTDIR}
+
 # install necessary links
 install -d ${D}${PTEST_PATH}/tools
 ln -sf ${sbindir}/rsyslogd ${D}${PTEST_PATH}/tools/rsyslogd
-- 
1.9.1

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH 2/2][meta-initramfs] dracut: install modules to /usr/lib

2015-09-10 Thread wenzong.fan 
From: Wenzong Fan 

The dracut modules will be installed to /usr/lib64 while building 64bit
targets with multilib enabled, this causes runtime errors:

  dracut: Cannot find /usr/lib/dracut/dracut-functions.sh.
  dracut: Are you running from a git checkout?
  dracut: Try passing -l as an argument to /usr/bin/dracut

The dracut modules, 50-dracut.install and 51-dracut-rescue.install must
be installed to /usr/lib as Fedora 20 does.

Signed-off-by: Wenzong Fan 
---
 meta-initramfs/recipes-devtools/dracut/dracut_git.bb | 9 +++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/meta-initramfs/recipes-devtools/dracut/dracut_git.bb 
b/meta-initramfs/recipes-devtools/dracut/dracut_git.bb
index 3a72251..8c02a4f 100644
--- a/meta-initramfs/recipes-devtools/dracut/dracut_git.bb
+++ b/meta-initramfs/recipes-devtools/dracut/dracut_git.bb
@@ -14,7 +14,7 @@ SRC_URI = 
"git://git.kernel.org/pub/scm/boot/dracut/dracut.git"
 S = "${WORKDIR}/git"
 
 EXTRA_OECONF = "--prefix=${prefix} \
---libdir=${libdir} \
+--libdir=${prefix}/lib \
 --datadir=${datadir} \
 --sysconfdir=${sysconfdir} \
 --sbindir=${sbindir} \
@@ -24,6 +24,8 @@ EXTRA_OECONF = "--prefix=${prefix} \
 --localstatedir=${localstatedir} \
"
 
+EXTRA_OEMAKE += 'libdir=${prefix}/lib'
+
 do_configure() {
 ./configure ${EXTRA_OECONF}
 }
@@ -36,9 +38,12 @@ PACKAGES =+ "${PN}-bash-completion"
 
 FILES_${PN}-bash-completion = "${datadir}/bash-completion"
 
-FILES_${PN} += " ${libdir}/kernel \
+FILES_${PN} += "${prefix}/lib/kernel \
+${prefix}/lib/dracut \
 ${systemd_unitdir} \
"
+FILES_${PN}-dbg += "${prefix}/lib/dracut/.debug"
+
 CONFFILES_${PN} += "${sysconfdir}/dracut.conf"
 
 RDEPENDS_${PN} = "findutils cpio util-linux-blkid util-linux-getopt bash ldd"
-- 
1.9.1

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH 1/2][meta-initramfs] dracut: RDEPEND on systemd optionally

2015-09-10 Thread wenzong.fan 
From: Robert Yang 

Use PACKAGECONFIG to depend on systemd optionally.

Signed-off-by: Robert Yang 
Signed-off-by: Wenzong Fan 
---
 meta-initramfs/recipes-devtools/dracut/dracut_git.bb | 11 ++-
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/meta-initramfs/recipes-devtools/dracut/dracut_git.bb 
b/meta-initramfs/recipes-devtools/dracut/dracut_git.bb
index b7d88fd..3a72251 100644
--- a/meta-initramfs/recipes-devtools/dracut/dracut_git.bb
+++ b/meta-initramfs/recipes-devtools/dracut/dracut_git.bb
@@ -13,9 +13,6 @@ SRC_URI = 
"git://git.kernel.org/pub/scm/boot/dracut/dracut.git"
 
 S = "${WORKDIR}/git"
 
-inherit distro_features_check
-REQUIRED_DISTRO_FEATURES = "systemd"
-
 EXTRA_OECONF = "--prefix=${prefix} \
 --libdir=${libdir} \
 --datadir=${datadir} \
@@ -25,7 +22,7 @@ EXTRA_OECONF = "--prefix=${prefix} \
 --bindir=${bindir} \
 --includedir=${includedir} \
 --localstatedir=${localstatedir} \
---systemdsystemunitdir=${systemd_unitdir}/system"
+   "
 
 do_configure() {
 ./configure ${EXTRA_OECONF}
@@ -44,9 +41,13 @@ FILES_${PN} += " ${libdir}/kernel \
"
 CONFFILES_${PN} += "${sysconfdir}/dracut.conf"
 
-RDEPENDS_${PN} = "systemd findutils cpio util-linux-blkid util-linux-getopt 
bash ldd"
+RDEPENDS_${PN} = "findutils cpio util-linux-blkid util-linux-getopt bash ldd"
 RDEPENDS_${PN}-bash-completion = "bash-completion"
 
+# RDEPEND on systemd optionally
+PACKAGECONFIG ??= "${@base_contains('DISTRO_FEATURES', 'systemd', 'systemd', 
'', d)}"
+PACKAGECONFIG[systemd] = 
"--with-systemdsystemunitdir=${systemd_unitdir}/system/,,,systemd"
+
 # This could be optimized a bit, but let's avoid non-booting systems :)
 RRECOMMENDS_${PN} = " \
  kernel-modules \
-- 
1.9.1

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH 0/2][meta-initramfs] dracut: RDEPEND on systemd optionally & install modules to /usr/lib

2015-09-10 Thread wenzong.fan 
From: Wenzong Fan 

* Get dracut RDEPEND on systemd optionally;
* install modules to /usr/lib for fixing runtime issues.

The following changes since commit d36e2d1066f50036080f978583a58fe79ecfac54:

  libunique: add a recipe from oe-core (2015-09-08 16:30:24 +0200)

are available in the git repository at:

  git://git.pokylinux.org/poky-contrib wenzong/dracut
  http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=wenzong/dracut

Robert Yang (1):
  dracut: RDEPEND on systemd optionally

Wenzong Fan (1):
  dracut: install modules to /usr/lib

 meta-initramfs/recipes-devtools/dracut/dracut_git.bb | 20 +---
 1 file changed, 13 insertions(+), 7 deletions(-)

-- 
1.9.1

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH][meta-oe] imagemagick: add alternatives for binaries/docs

2015-09-07 Thread wenzong.fan 
From: Wenzong Fan 

The binaries/docs that generated by imagemagick has suffix '.im6',
use update-alternatives to add alternatives for them.

Signed-off-by: Wenzong Fan 
---
 .../imagemagick/imagemagick_6.9.2.bb   | 45 +-
 1 file changed, 44 insertions(+), 1 deletion(-)

diff --git a/meta-oe/recipes-support/imagemagick/imagemagick_6.9.2.bb 
b/meta-oe/recipes-support/imagemagick/imagemagick_6.9.2.bb
index 2ef3e75..12604c0 100644
--- a/meta-oe/recipes-support/imagemagick/imagemagick_6.9.2.bb
+++ b/meta-oe/recipes-support/imagemagick/imagemagick_6.9.2.bb
@@ -16,7 +16,7 @@ SRC_URI[sha256sum] = 
"07a2de28f7f9ab888ef47c02eb7e10cc3e0dd0e9797c5d71d6e71d19f8
 
 S = "${WORKDIR}/ImageMagick-${PV}-${PATCHSET}"
 
-inherit autotools pkgconfig
+inherit autotools pkgconfig update-alternatives
 
 # xml disabled because it's using xml2-config --prefix to determine prefix 
which returns just /usr with our libxml2
 # if someone needs xml support then fix it first
@@ -43,3 +43,46 @@ FILES_${PN}-dev += 
"${libdir}/ImageMagick-${PV}/modules-Q16/*/*.a"
 FILES_${PN}-dbg += "${libdir}/ImageMagick-${PV}/modules-Q16/*/.debug/*"
 
 BBCLASSEXTEND = "native"
+
+ALTERNATIVE_PRIORITY = "100"
+
+ALTERNATIVE_${PN} = "animate compare composite conjure convert display \
+identify import mogrify montage stream"
+
+ALTERNATIVE_TARGET[animate] = "${bindir}/animate.im6"
+ALTERNATIVE_TARGET[compare] = "${bindir}/compare.im6"
+ALTERNATIVE_TARGET[composite] = "${bindir}/composite.im6"
+ALTERNATIVE_TARGET[conjure] = "${bindir}/conjure.im6"
+ALTERNATIVE_TARGET[convert] = "${bindir}/convert.im6"
+ALTERNATIVE_TARGET[display] = "${bindir}/display.im6"
+ALTERNATIVE_TARGET[identify] = "${bindir}/identify.im6"
+ALTERNATIVE_TARGET[import] = "${bindir}/import.im6"
+ALTERNATIVE_TARGET[mogrify] = "${bindir}/mogrify.im6"
+ALTERNATIVE_TARGET[montage] = "${bindir}/montage.im6"
+ALTERNATIVE_TARGET[stream] = "${bindir}/stream.im6"
+
+ALTERNATIVE_${PN}-doc = "animate.1 compare.1 composite.1 conjure.1 \
+convert.1 display.1 identify.1 import.1 mogrify.1 montage.1 stream.1"
+
+ALTERNATIVE_LINK_NAME[animate.1] = "${mandir}/man1/animate.1"
+ALTERNATIVE_TARGET[animate.1] = "${mandir}/man1/animate.im6.1"
+ALTERNATIVE_LINK_NAME[compare.1] = "${mandir}/man1/compare.1"
+ALTERNATIVE_TARGET[compare.1] = "${mandir}/man1/compare.im6.1"
+ALTERNATIVE_LINK_NAME[composite.1] = "${mandir}/man1/composite.1"
+ALTERNATIVE_TARGET[composite.1] = "${mandir}/man1/composite.im6.1"
+ALTERNATIVE_LINK_NAME[conjure.1] = "${mandir}/man1/conjure.1"
+ALTERNATIVE_TARGET[conjure.1] = "${mandir}/man1/conjure.im6.1"
+ALTERNATIVE_LINK_NAME[convert.1] = "${mandir}/man1/convert.1"
+ALTERNATIVE_TARGET[convert.1] = "${mandir}/man1/convert.im6.1"
+ALTERNATIVE_LINK_NAME[display.1] = "${mandir}/man1/display.1"
+ALTERNATIVE_TARGET[display.1] = "${mandir}/man1/display.im6.1"
+ALTERNATIVE_LINK_NAME[identify.1] = "${mandir}/man1/identify.1"
+ALTERNATIVE_TARGET[identify.1] = "${mandir}/man1/identify.im6.1"
+ALTERNATIVE_LINK_NAME[import.1] = "${mandir}/man1/import.1"
+ALTERNATIVE_TARGET[import.1] = "${mandir}/man1/import.im6.1"
+ALTERNATIVE_LINK_NAME[mogrify.1] = "${mandir}/man1/mogrify.1"
+ALTERNATIVE_TARGET[mogrify.1] = "${mandir}/man1/mogrify.im6.1"
+ALTERNATIVE_LINK_NAME[montage.1] = "${mandir}/man1/montage.1"
+ALTERNATIVE_TARGET[montage.1] = "${mandir}/man1/montage.im6.1"
+ALTERNATIVE_LINK_NAME[stream.1] = "${mandir}/man1/stream.1"
+ALTERNATIVE_TARGET[stream.1] = "${mandir}/man1/stream.im6.1"
-- 
1.9.1

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH][meta-networking] znc: provide SRCREV_FORMAT

2015-08-05 Thread wenzong.fan 
From: Wenzong Fan wenzong@windriver.com

Add SRCREV_FORMAT to provide a composite version number for
get_srcrev() in fetch2 code. This fixes error:

  * FetchError: Fetcher failure: The SRCREV_FORMAT variable \
must be set when multiple SCMs are used.

Signed-off-by: Wenzong Fan wenzong@windriver.com
---
 meta-networking/recipes-irc/znc/znc_git.bb | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/meta-networking/recipes-irc/znc/znc_git.bb 
b/meta-networking/recipes-irc/znc/znc_git.bb
index d81c170..091db49 100644
--- a/meta-networking/recipes-irc/znc/znc_git.bb
+++ b/meta-networking/recipes-irc/znc/znc_git.bb
@@ -13,6 +13,8 @@ SRC_URI = git://github.com/znc/znc.git;name=znc \
 SRCREV_znc = f47e8465efa4e1cd948b9caae93ac401b4355df8
 SRCREV_Csocket = 07b4437396122650e5b8fb3d014e820a5decf4ee
 
+SRCREV_FORMAT = znc_Csocket
+
 S = ${WORKDIR}/git
 
 inherit autotools-brokensep pkgconfig
-- 
1.9.1

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH v2] libxml-libxml-perl: update from 2.0116 to 2.0121

2015-07-13 Thread wenzong.fan 
From: Wenzong Fan wenzong@windriver.com

update to 2.0121 and clean unused logic:

  - do_configure_prepend() {
  -rm -rf ${S}/.pc/*
  - }

Signed-off-by: Wenzong Fan wenzong@windriver.com
---
 ...{libxml-libxml-perl_2.0116.bb = libxml-libxml-perl_2.0121.bb} | 8 ++--
 1 file changed, 2 insertions(+), 6 deletions(-)
 rename meta-perl/recipes-perl/libxml/{libxml-libxml-perl_2.0116.bb = 
libxml-libxml-perl_2.0121.bb} (87%)

diff --git a/meta-perl/recipes-perl/libxml/libxml-libxml-perl_2.0116.bb 
b/meta-perl/recipes-perl/libxml/libxml-libxml-perl_2.0121.bb
similarity index 87%
rename from meta-perl/recipes-perl/libxml/libxml-libxml-perl_2.0116.bb
rename to meta-perl/recipes-perl/libxml/libxml-libxml-perl_2.0121.bb
index 2a6dbc2..8997a04 100644
--- a/meta-perl/recipes-perl/libxml/libxml-libxml-perl_2.0116.bb
+++ b/meta-perl/recipes-perl/libxml/libxml-libxml-perl_2.0121.bb
@@ -26,8 +26,8 @@ SRC_URI = 
http://search.cpan.org/CPAN/authors/id/S/SH/SHLOMIF/XML-LibXML-${PV}.
 
 LIC_FILES_CHKSUM = 
file://debian/copyright;md5=75e021e35a906347f46c9ff163653e2a \
file://LICENSE;md5=97871bde150daeb5e61ad95137ff2446
-SRC_URI[libxml.md5sum] = a53a743bf053a0cb4afb41513fb8a684
-SRC_URI[libxml.sha256sum] = 
b154f2dad3033b30d22ac81b8985b69ad35450b0c552db394cd03bb36845812a
+SRC_URI[libxml.md5sum] = 1544ab9ac110f5da296015346561ce02
+SRC_URI[libxml.sha256sum] = 
ec431011cb37a04640fd2316f64d0405a274eece2c6f3847f7fbd336eb1c0dc9
 
 S = ${WORKDIR}/XML-LibXML-${PV}
 
@@ -40,8 +40,4 @@ BBCLASSEXTEND = native
 CFLAGS +=  -D_GNU_SOURCE 
 BUILD_CFLAGS +=  -D_GNU_SOURCE 
 
-do_configure_prepend() {
-   rm -rf ${S}/.pc/*
-}
-
 FILES_${PN}-dbg =+ ${libdir}/perl/vendor_perl/*/auto/XML/LibXML/.debug/
-- 
1.9.1

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH][meta-perl] libxml-libxml-perl: update from 2.0116 to 2.0121

2015-07-10 Thread wenzong.fan 
From: Wenzong Fan wenzong@windriver.com

Signed-off-by: Wenzong Fan wenzong@windriver.com
---
 .../libxml/libxml-libxml-perl_2.0116.bb| 47 --
 .../libxml/libxml-libxml-perl_2.0121.bb| 47 ++
 2 files changed, 47 insertions(+), 47 deletions(-)
 delete mode 100644 meta-perl/recipes-perl/libxml/libxml-libxml-perl_2.0116.bb
 create mode 100644 meta-perl/recipes-perl/libxml/libxml-libxml-perl_2.0121.bb

diff --git a/meta-perl/recipes-perl/libxml/libxml-libxml-perl_2.0116.bb 
b/meta-perl/recipes-perl/libxml/libxml-libxml-perl_2.0116.bb
deleted file mode 100644
index 2a6dbc2..000
--- a/meta-perl/recipes-perl/libxml/libxml-libxml-perl_2.0116.bb
+++ /dev/null
@@ -1,47 +0,0 @@
-SUMMARY = Perl interface to the libxml2 library
-DESCRIPTION = This module is an interface to libxml2, providing XML and HTML 
parsers \ 
-with DOM, SAX and XMLReader interfaces, a large subset of DOM Layer 3 \
-interface and a XML::XPath-like interface to XPath API of libxml2. \
-The module is split into several packages which are not described in this \
-section; unless stated otherwise, you only need to use XML::LibXML; in \
-your programs.
-
-HOMEPAGE = http://search.cpan.org/dist/XML-LibXML-1.99/;
-SECTION = libs
-LICENSE = Artistic-1.0|GPLv1+
-DEPENDS += libxml2 \
-libxml-sax-perl-native \
-zlib \
-
-RDEPENDS_${PN} += libxml2 \
-libxml-sax-perl \
-libxml-sax-base-perl \
-zlib \
-
-
-SRC_URI = 
http://search.cpan.org/CPAN/authors/id/S/SH/SHLOMIF/XML-LibXML-${PV}.tar.gz;name=libxml
 \
-   file://disable-libxml2-check.patch \
-   file://fix-CATALOG-conditional-compile.patch \
-   file://using-DOCB-conditional.patch \
-
-LIC_FILES_CHKSUM = 
file://debian/copyright;md5=75e021e35a906347f46c9ff163653e2a \
-   file://LICENSE;md5=97871bde150daeb5e61ad95137ff2446
-SRC_URI[libxml.md5sum] = a53a743bf053a0cb4afb41513fb8a684
-SRC_URI[libxml.sha256sum] = 
b154f2dad3033b30d22ac81b8985b69ad35450b0c552db394cd03bb36845812a
-
-S = ${WORKDIR}/XML-LibXML-${PV}
-
-inherit cpan
-
-EXTRA_CPANFLAGS = INC=-I${STAGING_INCDIR}/libxml2 LIBS=-L${STAGING_LIBDIR}
-
-BBCLASSEXTEND = native
-
-CFLAGS +=  -D_GNU_SOURCE 
-BUILD_CFLAGS +=  -D_GNU_SOURCE 
-
-do_configure_prepend() {
-   rm -rf ${S}/.pc/*
-}
-
-FILES_${PN}-dbg =+ ${libdir}/perl/vendor_perl/*/auto/XML/LibXML/.debug/
diff --git a/meta-perl/recipes-perl/libxml/libxml-libxml-perl_2.0121.bb 
b/meta-perl/recipes-perl/libxml/libxml-libxml-perl_2.0121.bb
new file mode 100644
index 000..9066000
--- /dev/null
+++ b/meta-perl/recipes-perl/libxml/libxml-libxml-perl_2.0121.bb
@@ -0,0 +1,47 @@
+SUMMARY = Perl interface to the libxml2 library
+DESCRIPTION = This module is an interface to libxml2, providing XML and HTML 
parsers \ 
+with DOM, SAX and XMLReader interfaces, a large subset of DOM Layer 3 \
+interface and a XML::XPath-like interface to XPath API of libxml2. \
+The module is split into several packages which are not described in this \
+section; unless stated otherwise, you only need to use XML::LibXML; in \
+your programs.
+
+HOMEPAGE = http://search.cpan.org/dist/XML-LibXML-1.99/;
+SECTION = libs
+LICENSE = Artistic-1.0|GPLv1+
+DEPENDS += libxml2 \
+libxml-sax-perl-native \
+zlib \
+
+RDEPENDS_${PN} += libxml2 \
+libxml-sax-perl \
+libxml-sax-base-perl \
+zlib \
+
+
+SRC_URI = 
http://search.cpan.org/CPAN/authors/id/S/SH/SHLOMIF/XML-LibXML-${PV}.tar.gz;name=libxml
 \
+   file://disable-libxml2-check.patch \
+   file://fix-CATALOG-conditional-compile.patch \
+   file://using-DOCB-conditional.patch \
+
+LIC_FILES_CHKSUM = 
file://debian/copyright;md5=75e021e35a906347f46c9ff163653e2a \
+   file://LICENSE;md5=97871bde150daeb5e61ad95137ff2446
+SRC_URI[libxml.md5sum] = 1544ab9ac110f5da296015346561ce02
+SRC_URI[libxml.sha256sum] = 
ec431011cb37a04640fd2316f64d0405a274eece2c6f3847f7fbd336eb1c0dc9
+
+S = ${WORKDIR}/XML-LibXML-${PV}
+
+inherit cpan
+
+EXTRA_CPANFLAGS = INC=-I${STAGING_INCDIR}/libxml2 LIBS=-L${STAGING_LIBDIR}
+
+BBCLASSEXTEND = native
+
+CFLAGS +=  -D_GNU_SOURCE 
+BUILD_CFLAGS +=  -D_GNU_SOURCE 
+
+do_configure_prepend() {
+   rm -rf ${S}/.pc/*
+}
+
+FILES_${PN}-dbg =+ ${libdir}/perl/vendor_perl/*/auto/XML/LibXML/.debug/
-- 
1.9.1

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH][meta-oe] mercurial-native: update from 3.0.1 to 3.4.1

2015-06-05 Thread wenzong.fan 
From: Wenzong Fan wenzong@windriver.com

Update mercurial to fix CVE-2014-9462:
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9462

Signed-off-by: Wenzong Fan wenzong@windriver.com
---
 .../mercurial/mercurial-native_3.0.1.bb| 26 --
 .../mercurial/mercurial-native_3.4.1.bb| 26 ++
 2 files changed, 26 insertions(+), 26 deletions(-)
 delete mode 100644 meta-oe/recipes-devtools/mercurial/mercurial-native_3.0.1.bb
 create mode 100644 meta-oe/recipes-devtools/mercurial/mercurial-native_3.4.1.bb

diff --git a/meta-oe/recipes-devtools/mercurial/mercurial-native_3.0.1.bb 
b/meta-oe/recipes-devtools/mercurial/mercurial-native_3.0.1.bb
deleted file mode 100644
index 9a5eebe..000
--- a/meta-oe/recipes-devtools/mercurial/mercurial-native_3.0.1.bb
+++ /dev/null
@@ -1,26 +0,0 @@
-SUMMARY = The Mercurial distributed SCM
-HOMEPAGE = http://mercurial.selenic.com/;
-SECTION = console/utils
-LICENSE = GPLv2
-LIC_FILES_CHKSUM = file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263
-DEPENDS = python-native
-
-SRC_URI = http://mercurial.selenic.com/release/mercurial-${PV}.tar.gz;
-SRC_URI[md5sum] = 15de301a673b77f839325dba10ed4fc0
-SRC_URI[sha256sum] = 
36e48b59a84ef5a222d06596971e955ac8217e56b076dfb94c8ce5a0c29fd705
-
-S = ${WORKDIR}/mercurial-${PV}
-
-inherit native
-
-EXTRA_OEMAKE = STAGING_LIBDIR=${STAGING_LIBDIR} 
STAGING_INCDIR=${STAGING_INCDIR} \
-BUILD_SYS=${BUILD_SYS} HOST_SYS=${HOST_SYS} PREFIX=${prefix}
-
-do_configure_append () {
-sed -i -e 
's:PYTHON=python:PYTHON=${STAGING_BINDIR_NATIVE}/python-native/python:g' 
${S}/Makefile
-}
-
-do_install () {
-oe_runmake -e install-bin DESTDIR=${D} PREFIX=${prefix}
-}
-
diff --git a/meta-oe/recipes-devtools/mercurial/mercurial-native_3.4.1.bb 
b/meta-oe/recipes-devtools/mercurial/mercurial-native_3.4.1.bb
new file mode 100644
index 000..303a032
--- /dev/null
+++ b/meta-oe/recipes-devtools/mercurial/mercurial-native_3.4.1.bb
@@ -0,0 +1,26 @@
+SUMMARY = The Mercurial distributed SCM
+HOMEPAGE = http://mercurial.selenic.com/;
+SECTION = console/utils
+LICENSE = GPLv2
+LIC_FILES_CHKSUM = file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263
+DEPENDS = python-native
+
+SRC_URI = http://mercurial.selenic.com/release/mercurial-${PV}.tar.gz;
+SRC_URI[md5sum] = 65783a60aefb46a11296b587e9403537
+SRC_URI[sha256sum] = 
7a8acf7329beda38ceea29c689212574d9a6bfffe24cf565015ea0066f7cee3f
+
+S = ${WORKDIR}/mercurial-${PV}
+
+inherit native
+
+EXTRA_OEMAKE = STAGING_LIBDIR=${STAGING_LIBDIR} 
STAGING_INCDIR=${STAGING_INCDIR} \
+BUILD_SYS=${BUILD_SYS} HOST_SYS=${HOST_SYS} PREFIX=${prefix}
+
+do_configure_append () {
+sed -i -e 
's:PYTHON=python:PYTHON=${STAGING_BINDIR_NATIVE}/python-native/python:g' 
${S}/Makefile
+}
+
+do_install () {
+oe_runmake -e install-bin DESTDIR=${D} PREFIX=${prefix}
+}
+
-- 
1.9.1

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH 1/2][meta-oe] libyaml: update from 0.1.5 to 0.1.6

2015-05-18 Thread wenzong.fan 
From: Wenzong Fan wenzong@windriver.com

removed patch:
- libyaml-CVE-2014-2525.patch (included by 0.1.6)

Signed-off-by: Wenzong Fan wenzong@windriver.com
---
 .../libyaml/files/libyaml-CVE-2014-2525.patch  | 42 --
 meta-oe/recipes-support/libyaml/libyaml_0.1.5.bb   | 21 ---
 meta-oe/recipes-support/libyaml/libyaml_0.1.6.bb   | 20 +++
 3 files changed, 20 insertions(+), 63 deletions(-)
 delete mode 100644 
meta-oe/recipes-support/libyaml/files/libyaml-CVE-2014-2525.patch
 delete mode 100644 meta-oe/recipes-support/libyaml/libyaml_0.1.5.bb
 create mode 100644 meta-oe/recipes-support/libyaml/libyaml_0.1.6.bb

diff --git a/meta-oe/recipes-support/libyaml/files/libyaml-CVE-2014-2525.patch 
b/meta-oe/recipes-support/libyaml/files/libyaml-CVE-2014-2525.patch
deleted file mode 100644
index 2fdcba3..000
--- a/meta-oe/recipes-support/libyaml/files/libyaml-CVE-2014-2525.patch
+++ /dev/null
@@ -1,42 +0,0 @@
-Heap-based buffer overflow in the yaml_parser_scan_uri_escapes function
-in LibYAML before 0.1.6 allows context-dependent attackers to execute
-arbitrary code via a long sequence of percent-encoded characters in a
-URI in a YAML file.
-
-Upstream-Status: Backport
-
-Signed-off-by: Kai Kang kai.k...@windriver.com

-diff --git a/src/scanner.c.old b/src/scanner.c
-index a2e8619..c6cde3b 100644
 a/src/scanner.c.old
-+++ b/src/scanner.c
-@@ -2619,6 +2619,9 @@ yaml_parser_scan_tag_uri(yaml_parser_t *parser, int 
directive,
- /* Check if it is a URI-escape sequence. */
- 
- if (CHECK(parser-buffer, '%')) {
-+if (!STRING_EXTEND(parser, string))
-+goto error;
-+
- if (!yaml_parser_scan_uri_escapes(parser,
- directive, start_mark, string)) goto error;
- }
-diff --git a/src/yaml_private.h.old b/src/yaml_private.h
-index ed5ea66..d72acb4 100644
 a/src/yaml_private.h.old
-+++ b/src/yaml_private.h
-@@ -132,9 +132,12 @@ yaml_string_join(
-  (string).start = (string).pointer = (string).end = 0)
- 
- #define STRING_EXTEND(context,string) 
  \
--(((string).pointer+5  (string).end)  
  \
-+string).pointer+5  (string).end) 
  \
- || yaml_string_extend((string).start,
  \
--(string).pointer, (string).end))
-+(string).pointer, (string).end)) ?  
  \
-+ 1 :  
  \
-+((context)-error = YAML_MEMORY_ERROR,
  \
-+ 0))
- 
- #define CLEAR(context,string) 
  \
- ((string).pointer = (string).start,   
  \
diff --git a/meta-oe/recipes-support/libyaml/libyaml_0.1.5.bb 
b/meta-oe/recipes-support/libyaml/libyaml_0.1.5.bb
deleted file mode 100644
index 1279541..000
--- a/meta-oe/recipes-support/libyaml/libyaml_0.1.5.bb
+++ /dev/null
@@ -1,21 +0,0 @@
-SUMMARY = LibYAML is a YAML 1.1 parser and emitter written in C.
-DESCRIPTION = LibYAML is a C library for parsing and emitting data in YAML 
1.1, \
-a human-readable data serialization format. 
-HOMEPAGE = http://pyyaml.org/wiki/LibYAML;
-SECTION = libs/devel
-
-LICENSE = MIT
-LIC_FILES_CHKSUM = file://LICENSE;md5=6015f088759b10e0bc2bf64898d4ae17
-
-SRC_URI = http://pyyaml.org/download/libyaml/yaml-${PV}.tar.gz \
-   file://libyaml-CVE-2014-2525.patch \
-  
-
-SRC_URI[md5sum] = 24f6093c1e840ca5df2eb09291a1dbf1
-SRC_URI[sha256sum] = 
fa87ee8fb7b936ec04457bc044cd561155e1000a4d25029867752e543c2d3bef
-
-S = ${WORKDIR}/yaml-${PV}
-
-inherit autotools
-
-BBCLASSEXTEND = native
diff --git a/meta-oe/recipes-support/libyaml/libyaml_0.1.6.bb 
b/meta-oe/recipes-support/libyaml/libyaml_0.1.6.bb
new file mode 100644
index 000..8a624f7
--- /dev/null
+++ b/meta-oe/recipes-support/libyaml/libyaml_0.1.6.bb
@@ -0,0 +1,20 @@
+SUMMARY = LibYAML is a YAML 1.1 parser and emitter written in C.
+DESCRIPTION = LibYAML is a C library for parsing and emitting data in YAML 
1.1, \
+a human-readable data serialization format. 
+HOMEPAGE = http://pyyaml.org/wiki/LibYAML;
+SECTION = libs/devel
+
+LICENSE = MIT
+LIC_FILES_CHKSUM = file://LICENSE;md5=6015f088759b10e0bc2bf64898d4ae17
+
+SRC_URI = http://pyyaml.org/download/libyaml/yaml-${PV}.tar.gz \
+  
+
+SRC_URI[md5sum] = 5fe00cda18ca5daeb43762b80c38e06e
+SRC_URI[sha256sum] = 
7da6971b4bd08a986dd2a61353bc422362bd0edcc67d7ebaac68c95f74182749
+
+S = ${WORKDIR}/yaml-${PV}
+
+inherit autotools
+
+BBCLASSEXTEND = native
-- 
1.9.1

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH 2/2][meta-oe] libyaml: Security Advisory - libyaml - CVE-2014-9130

2015-05-18 Thread wenzong.fan 
From: Yue Tao yue@windriver.com

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9130

The patch comes from:
https://bitbucket.org/xi/libyaml/commits/2b9156756423e967cfd09a61d125d883fca6f4f2

Removed invalid simple key assertion (thank to Jonathan Gray)

Signed-off-by: Yue Tao yue@windriver.com
Signed-off-by: Wenzong Fan wenzong@windriver.com
---
 .../libyaml/files/libyaml-CVE-2014-9130.patch  | 32 ++
 meta-oe/recipes-support/libyaml/libyaml_0.1.6.bb   |  1 +
 2 files changed, 33 insertions(+)
 create mode 100644 
meta-oe/recipes-support/libyaml/files/libyaml-CVE-2014-9130.patch

diff --git a/meta-oe/recipes-support/libyaml/files/libyaml-CVE-2014-9130.patch 
b/meta-oe/recipes-support/libyaml/files/libyaml-CVE-2014-9130.patch
new file mode 100644
index 000..3c4a00e
--- /dev/null
+++ b/meta-oe/recipes-support/libyaml/files/libyaml-CVE-2014-9130.patch
@@ -0,0 +1,32 @@
+# HG changeset patch
+# User Kirill Simonov x...@resolvent.net
+# Date 1417197312 21600
+# Node ID 2b9156756423e967cfd09a61d125d883fca6f4f2
+# Parent  053f53a381ff6adbbc93a31ab7fdee06a16c8a33
+Removed invalid simple key assertion (thank to Jonathan Gray).
+
+The patch comes from 
+
+https://bitbucket.org/xi/libyaml/commits/2b9156756423e967cfd09a61d125d883fca6f4f2
+
+Upstream-Status: Backport
+
+Signed-off-by: Yue Tao yue@windriver.com
+
+diff -r 053f53a381ff -r 2b9156756423 src/scanner.c
+--- a/src/scanner.cWed Mar 26 13:55:54 2014 -0500
 b/src/scanner.cFri Nov 28 11:55:12 2014 -0600
+@@ -1106,13 +1106,6 @@
+  parser-indent == (ptrdiff_t)parser-mark.column);
+ 
+ /*
+- * A simple key is required only when it is the first token in the current
+- * line.  Therefore it is always allowed.  But we add a check anyway.
+- */
+-
+-assert(parser-simple_key_allowed || !required);/* Impossible. */
+-
+-/*
+  * If the current position may start a simple key, save it.
+  */
+ 
diff --git a/meta-oe/recipes-support/libyaml/libyaml_0.1.6.bb 
b/meta-oe/recipes-support/libyaml/libyaml_0.1.6.bb
index 8a624f7..b015577 100644
--- a/meta-oe/recipes-support/libyaml/libyaml_0.1.6.bb
+++ b/meta-oe/recipes-support/libyaml/libyaml_0.1.6.bb
@@ -8,6 +8,7 @@ LICENSE = MIT
 LIC_FILES_CHKSUM = file://LICENSE;md5=6015f088759b10e0bc2bf64898d4ae17
 
 SRC_URI = http://pyyaml.org/download/libyaml/yaml-${PV}.tar.gz \
+   file://libyaml-CVE-2014-9130.patch \
   
 
 SRC_URI[md5sum] = 5fe00cda18ca5daeb43762b80c38e06e
-- 
1.9.1

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH 1/2][meta-networking] vsftpd / init: add LSB init infos

2015-03-30 Thread wenzong.fan 
From: Wenzong Fan wenzong@windriver.com

Keep compatibility with chkconfig tool.

Signed-off-by: Wenzong Fan wenzong@windriver.com
---
 meta-networking/recipes-daemons/vsftpd/files/init | 9 +
 1 file changed, 9 insertions(+)

diff --git a/meta-networking/recipes-daemons/vsftpd/files/init 
b/meta-networking/recipes-daemons/vsftpd/files/init
index d0ec010..72adf0d 100755
--- a/meta-networking/recipes-daemons/vsftpd/files/init
+++ b/meta-networking/recipes-daemons/vsftpd/files/init
@@ -1,4 +1,13 @@
 #!/bin/sh
+### BEGIN INIT INFO
+# Provides: vsftpd
+# Default-Start:  2345
+# Default-Stop:   016
+# Short-Description: Very Secure Ftp Daemon
+# Description: vsftpd is a Very Secure FTP daemon. It was written completely 
from
+#  scratch
+### END INIT INFO
+
 DAEMON=/usr/sbin/vsftpd
 NAME=vsftpd
 DESC=FTP Server
-- 
1.9.1

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH][meta-oe] samba: disable services for sysvinit

2015-03-03 Thread wenzong.fan 
From: Wenzong Fan wenzong@windriver.com

The smb, nmb, winbind services have been disabled for systemd system
by default, disable them for sysvinit as well.

Signed-off-by: Wenzong Fan wenzong@windriver.com
---
 meta-oe/recipes-connectivity/samba/samba.inc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta-oe/recipes-connectivity/samba/samba.inc 
b/meta-oe/recipes-connectivity/samba/samba.inc
index abfd5ca..99216ce 100644
--- a/meta-oe/recipes-connectivity/samba/samba.inc
+++ b/meta-oe/recipes-connectivity/samba/samba.inc
@@ -69,7 +69,7 @@ INITSCRIPT_NAME_winbind = winbind
 # No dependencies, goes in at level 20 (NOTE: take care with the
 # level, later levels put the shutdown later too - see the links
 # in rc6.d, the shutdown must precede network shutdown).
-INITSCRIPT_PARAMS = defaults
+INITSCRIPT_PARAMS = disable
 CONFFILES_${PN} = ${sysconfdir}/samba/smb.conf
 
 do_configure_prepend () {
-- 
1.9.1

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH][meta-networking] iscsi-initiator-utils: fix SELinux label for initiatorname.iscsi

2015-02-04 Thread wenzong.fan 
From: Wenzong Fan wenzong@windriver.com

* /etc/iscsi/initiatorname.iscsi: etc_runtime_t - etc_t

This config file was created by postinstall or initscript, fix SELinux
label for it to remove:

  avc: denied { read } for pid=6094 comm=iscsid \
  name=initiatorname.iscsi dev=sda3 ino=1057846 \
  scontext=system_u:system_r:iscsid_t:s0-s15:c0.c1023 \
  tcontext=system_u:object_r:etc_runtime_t:s0 tclass=file

Signed-off-by: Wenzong Fan wenzong@windriver.com
---
 .../recipes-daemons/iscsi-initiator-utils/files/initd.debian  | 4 
 1 file changed, 4 insertions(+)

diff --git 
a/meta-networking/recipes-daemons/iscsi-initiator-utils/files/initd.debian 
b/meta-networking/recipes-daemons/iscsi-initiator-utils/files/initd.debian
index 99a7638..43fb348 100644
--- a/meta-networking/recipes-daemons/iscsi-initiator-utils/files/initd.debian
+++ b/meta-networking/recipes-daemons/iscsi-initiator-utils/files/initd.debian
@@ -39,6 +39,10 @@ start() {
 InitiatorName=$INITIATORNAME
 EOF
fi
+
+   # Fix label for /etc/iscsi/initiatorname.iscsi if SELinux was enabled
+   test ! -x /sbin/restorecon || /sbin/restorecon -F 
/etc/iscsi/initiatorname.iscsi
+
start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON
RETVAL=$?
starttargets
-- 
1.9.1

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH v2][meta-oe] collectd: add PACKAGECONFIG for libvirt, libesmtp

2014-12-23 Thread wenzong.fan 
From: Wenzong Fan wenzong@windriver.com

Add PACKAGECONFIG for libvirt, libesmtp to fix below warnings:

WARN: collectd: collectd rdepends on libvirt, but it isn't a build dependency?
WARN: collectd: collectd rdepends on libcrypto, but it isn't a build dependency?
WARN: collectd: collectd rdepends on libesmtp, but it isn't a build dependency?
WARN: collectd: collectd rdepends on libssl, but it isn't a build dependency?

Signed-off-by: Wenzong Fan wenzong@windriver.com
---
 meta-oe/recipes-extended/collectd/collectd_5.4.1.bb | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/meta-oe/recipes-extended/collectd/collectd_5.4.1.bb 
b/meta-oe/recipes-extended/collectd/collectd_5.4.1.bb
index 46752c8..92b231c 100644
--- a/meta-oe/recipes-extended/collectd/collectd_5.4.1.bb
+++ b/meta-oe/recipes-extended/collectd/collectd_5.4.1.bb
@@ -35,8 +35,10 @@ PACKAGECONFIG[sensors] = --enable-sensors 
--with-libsensors=yes, \
 --disable-sensors --with-libsensors=no,lmsensors
 PACKAGECONFIG[amqp] = --enable-amqp --with-librabbitmq=yes, \
 --disable-amqp --with-librabbitmq=no,rabbitmq-c
-# protobuf-c that is currently only available in meta-virtualization layer
+# protobuf-c, libvirt that are currently only available in meta-virtualization 
layer
 PACKAGECONFIG[pinba] = --enable-pinba,--disable-pinba,protobuf-c-native 
protobuf-c
+PACKAGECONFIG[libvirt] = --enable-libvirt,--disable-libvirt,libvirt
+PACKAGECONFIG[libesmtp] = --with-libesmtp,--without-libesmtp,libesmtp
 
 EXTRA_OECONF =  \
 ${FPLAYOUT} \
-- 
1.9.1

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH][meta-webserver] phpmyadmin: don't install patches

2014-12-15 Thread wenzong.fan 
From: Wenzong Fan wenzong@windriver.com

Don't install local patch files to target.

Signed-off-by: Wenzong Fan wenzong@windriver.com
---
 meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.2.7.bb |2 ++
 1 file changed, 2 insertions(+)

diff --git a/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.2.7.bb 
b/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.2.7.bb
index 49ca7da..7cc3604 100644
--- a/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.2.7.bb
+++ b/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.2.7.bb
@@ -21,6 +21,8 @@ inherit allarch
 do_install() {
 install -d ${D}${datadir}/${BPN}
 cp -a * ${D}${datadir}/${BPN}
+# Don't install patches to target
+rm -rf ${D}${datadir}/${BPN}/patches
 
 install -d ${D}${sysconfdir}/apache2/conf.d
 install -m 0644 ${WORKDIR}/apache.conf 
${D}${sysconfdir}/apache2/conf.d/phpmyadmin.conf
-- 
1.7.10.4

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH][meta-oe] collectd: add PACKAGECONFIG for libvirt

2014-12-15 Thread wenzong.fan 
From: Wenzong Fan wenzong@windriver.com

Add PACKAGECONFIG for 'libvirt', otherwise there would be warnings
like below:

WARN: collectd: collectd rdepends on libvirt, but it isn't a build
dependency?

Signed-off-by: Wenzong Fan wenzong@windriver.com
---
 meta-oe/recipes-extended/collectd/collectd_5.4.1.bb |3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/meta-oe/recipes-extended/collectd/collectd_5.4.1.bb 
b/meta-oe/recipes-extended/collectd/collectd_5.4.1.bb
index 46752c8..6e82bbc 100644
--- a/meta-oe/recipes-extended/collectd/collectd_5.4.1.bb
+++ b/meta-oe/recipes-extended/collectd/collectd_5.4.1.bb
@@ -35,8 +35,9 @@ PACKAGECONFIG[sensors] = --enable-sensors 
--with-libsensors=yes, \
 --disable-sensors --with-libsensors=no,lmsensors
 PACKAGECONFIG[amqp] = --enable-amqp --with-librabbitmq=yes, \
 --disable-amqp --with-librabbitmq=no,rabbitmq-c
-# protobuf-c that is currently only available in meta-virtualization layer
+# protobuf-c, libvirt that are currently only available in meta-virtualization 
layer
 PACKAGECONFIG[pinba] = --enable-pinba,--disable-pinba,protobuf-c-native 
protobuf-c
+PACKAGECONFIG[libvirt] = --enable-libvirt,--disable-libvirt,libvirt
 
 EXTRA_OECONF =  \
 ${FPLAYOUT} \
-- 
1.7.10.4

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH][meta-oe] ltrace: add PACKAGECONFIG for selinux

2014-12-02 Thread wenzong.fan 
From: Wenzong Fan wenzong@windriver.com

Add PACKAGECONFIG for 'selinux', otherwise there would be warnings like
below:

WARN: ltrace: ltrace rdepends on libselinux, but it isn't a build dependency?

Signed-off-by: Wenzong Fan wenzong@windriver.com
---
 ...onfigure-allow-to-disable-selinux-support.patch |   36 
 meta-oe/recipes-devtools/ltrace/ltrace_git.bb  |3 ++
 2 files changed, 39 insertions(+)
 create mode 100644 
meta-oe/recipes-devtools/ltrace/ltrace/configure-allow-to-disable-selinux-support.patch

diff --git 
a/meta-oe/recipes-devtools/ltrace/ltrace/configure-allow-to-disable-selinux-support.patch
 
b/meta-oe/recipes-devtools/ltrace/ltrace/configure-allow-to-disable-selinux-support.patch
new file mode 100644
index 000..4f89d8f
--- /dev/null
+++ 
b/meta-oe/recipes-devtools/ltrace/ltrace/configure-allow-to-disable-selinux-support.patch
@@ -0,0 +1,36 @@
+From 887a403e38f590ebf1d04ce600d94cb7a351744c Mon Sep 17 00:00:00 2001
+From: Wenzong Fan wenzong@windriver.com
+Date: Mon, 1 Dec 2014 00:57:42 -0500
+Subject: [PATCH] ltrace: allow to enable/disable selinux support
+
+Upstream-Status: Pending
+
+Signed-off-by: Wenzong Fan wenzong@windriver.com
+---
+ configure.ac |   10 --
+ 1 file changed, 8 insertions(+), 2 deletions(-)
+
+diff --git a/configure.ac b/configure.ac
+index 6fe5e3b..189885a 100644
+--- a/configure.ac
 b/configure.ac
+@@ -125,8 +125,14 @@ AC_SUBST(libstdcxx_LIBS)
+ 
+ 
+ dnl Check security_get_boolean_active availability.
+-AC_CHECK_HEADERS(selinux/selinux.h)
+-AC_CHECK_LIB(selinux, security_get_boolean_active)
++AC_ARG_ENABLE([selinux],
++AS_HELP_STRING([--enable-selinux],[enable SELinux support 
[default=auto]]),
++[], [enable_selinux=auto])
++
++if test x$enable_selinux != xno; then
++AC_CHECK_HEADERS(selinux/selinux.h)
++AC_CHECK_LIB(selinux, security_get_boolean_active)
++fi
+ 
+ dnl Whether (and which) elfutils libdw.so to use for unwinding.
+ AC_ARG_WITH(elfutils,
+-- 
+1.7.9.5
+
diff --git a/meta-oe/recipes-devtools/ltrace/ltrace_git.bb 
b/meta-oe/recipes-devtools/ltrace/ltrace_git.bb
index 507747a..6984848 100644
--- a/meta-oe/recipes-devtools/ltrace/ltrace_git.bb
+++ b/meta-oe/recipes-devtools/ltrace/ltrace_git.bb
@@ -17,12 +17,15 @@ DEPENDS = elfutils
 RDEPENDS_${PN} = elfutils
 SRC_URI = git://anonscm.debian.org/collab-maint/ltrace.git \
file://ltrace-0.7.2-unused-typedef.patch \
+   file://configure-allow-to-disable-selinux-support.patch \
   
 S = ${WORKDIR}/git
 
 inherit autotools
 
+PACKAGECONFIG ?= ${@base_contains('DISTRO_FEATURES', 'selinux', 'selinux', 
'', d)}
 PACKAGECONFIG[unwind] = --with-libunwind,--without-libunwind,libunwind
+PACKAGECONFIG[selinux] = 
--enable-selinux,--disable-selinux,libselinux,libselinux
 
 do_configure_prepend () {
( cd ${S}; ./autogen.sh )
-- 
1.7.9.5

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH][meta-webserver] apache2: add PACKAGECONFIG for selinux

2014-12-02 Thread wenzong.fan 
From: Wenzong Fan wenzong@windriver.com

Add PACKAGECONFIG for 'selinux', otherwise there would be warnings like
below:

WARN: apache2: apache2 rdepends on libselinux, but it isn't a build dependency?

Signed-off-by: Wenzong Fan wenzong@windriver.com
---
 .../recipes-httpd/apache2/apache2_2.4.10.bb|4 ++
 ...onfigure-allow-to-disable-selinux-support.patch |   40 
 2 files changed, 44 insertions(+)
 create mode 100644 
meta-webserver/recipes-httpd/apache2/files/configure-allow-to-disable-selinux-support.patch

diff --git a/meta-webserver/recipes-httpd/apache2/apache2_2.4.10.bb 
b/meta-webserver/recipes-httpd/apache2/apache2_2.4.10.bb
index d79d40b..55d507f 100644
--- a/meta-webserver/recipes-httpd/apache2/apache2_2.4.10.bb
+++ b/meta-webserver/recipes-httpd/apache2/apache2_2.4.10.bb
@@ -17,6 +17,7 @@ SRC_URI = 
http://www.apache.org/dist/httpd/httpd-${PV}.tar.bz2 \
file://httpd-2.4.3-fix-race-issue-of-dir-install.patch \
file://npn-patch-2.4.7.patch \
file://0001-configure-use-pkg-config-for-PCRE-detection.patch \
+   file://configure-allow-to-disable-selinux-support.patch \
file://init \
file://apache2-volatile.conf \
file://apache2.service \
@@ -58,6 +59,9 @@ EXTRA_OECONF = --enable-ssl \
 --enable-mpms-shared \
 ac_cv_have_threadsafe_pollset=no
 
+PACKAGECONFIG ?= ${@base_contains('DISTRO_FEATURES', 'selinux', 'selinux', 
'', d)}
+PACKAGECONFIG[selinux] = 
--enable-selinux,--disable-selinux,libselinux,libselinux
+
 do_install_append() {
 install -d ${D}/${sysconfdir}/init.d
 cat ${WORKDIR}/init | \
diff --git 
a/meta-webserver/recipes-httpd/apache2/files/configure-allow-to-disable-selinux-support.patch
 
b/meta-webserver/recipes-httpd/apache2/files/configure-allow-to-disable-selinux-support.patch
new file mode 100644
index 000..5b5c297
--- /dev/null
+++ 
b/meta-webserver/recipes-httpd/apache2/files/configure-allow-to-disable-selinux-support.patch
@@ -0,0 +1,40 @@
+From d23dd33e373340f6fddf11904839d1a118824401 Mon Sep 17 00:00:00 2001
+From: Wenzong Fan wenzong@windriver.com
+Date: Mon, 1 Dec 2014 02:08:27 -0500
+Subject: [PATCH] apache2: allow to disable selinux support
+
+Upstream-Status: Pending
+
+Signed-off-by: Wenzong Fan wenzong@windriver.com
+---
+ configure.in |   14 ++
+ 1 file changed, 10 insertions(+), 4 deletions(-)
+
+diff --git a/configure.in b/configure.in
+index df94ee5..8c3ab21 100644
+--- a/configure.in
 b/configure.in
+@@ -466,10 +466,16 @@ getloadavg
+ dnl confirm that a void pointer is large enough to store a long integer
+ APACHE_CHECK_VOID_PTR_LEN
+ 
+-AC_CHECK_LIB(selinux, is_selinux_enabled, [
+-   AC_DEFINE(HAVE_SELINUX, 1, [Defined if SELinux is supported])
+-   APR_ADDTO(AP_LIBS, [-lselinux])
+-])
++# SELinux support
++AC_ARG_ENABLE(selinux,APACHE_HELP_STRING(--enable-selinux,Enable SELinux 
support [default=auto]),
++[],[enable_selinux=auto])
++
++if test x$enable_selinux != xno; then
++AC_CHECK_LIB(selinux, is_selinux_enabled, [
++AC_DEFINE(HAVE_SELINUX, 1, [Defined if SELinux is supported])
++APR_ADDTO(AP_LIBS, [-lselinux])
++])
++fi
+ 
+ AC_CACHE_CHECK([for gettid()], ac_cv_gettid,
+ [AC_TRY_RUN(#define _GNU_SOURCE
+-- 
+1.7.9.5
+
-- 
1.7.9.5

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH][meta-networking] sethdlc: fix host contamination

2014-11-24 Thread wenzong.fan 
From: Wenzong Fan wenzong@windriver.com

* Clean INCLUDES to fix the host contamination errors:

  In file included from /usr/src/linux/include/linux/posix_types.h:47:0,
  from /usr/src/linux/include/linux/types.h:17,
  from /usr/src/linux/include/linux/if.h:22,
  from sethdlc.c:23:
  /usr/src/linux/include/asm-generic/posix_types.h:91:3: \
error: conflicting types for '__kernel_fsid_t'
  } __kernel_fsid_t;
  ^
  .../tmp/sysroots/qemumips/usr/include/asm/posix_types.h:26:3: \
note: previous declaration of '__kernel_fsid_t' was here
  } __kernel_fsid_t;
  ^

* Correct LIC_FILES_CHKSUM to checkout license infos from sethdl.c
  instead of Makefile.

Signed-off-by: Wenzong Fan wenzong@windriver.com
---
 .../files/sethdlc-fix-host-contamination.patch |   42 
 .../recipes-connectivity/sethdlc/sethdlc.bb|3 +-
 2 files changed, 44 insertions(+), 1 deletion(-)
 create mode 100644 
meta-networking/recipes-connectivity/sethdlc/files/sethdlc-fix-host-contamination.patch

diff --git 
a/meta-networking/recipes-connectivity/sethdlc/files/sethdlc-fix-host-contamination.patch
 
b/meta-networking/recipes-connectivity/sethdlc/files/sethdlc-fix-host-contamination.patch
new file mode 100644
index 000..f25a02c
--- /dev/null
+++ 
b/meta-networking/recipes-connectivity/sethdlc/files/sethdlc-fix-host-contamination.patch
@@ -0,0 +1,42 @@
+From 9a9137c3df5309ac359737d6ebd67fb4ff5f3cf2 Mon Sep 17 00:00:00 2001
+From: Wenzong Fan wenzong@windriver.com
+Date: Mon, 24 Nov 2014 22:05:18 -0500
+Subject: [PATCH] sethdlc: fix host contamination
+
+Clean INCLUDES to fix the host contamination errors:
+
+  In file included from /usr/src/linux/include/linux/posix_types.h:47:0,
+  from /usr/src/linux/include/linux/types.h:17,
+  from /usr/src/linux/include/linux/if.h:22,
+  from sethdlc.c:23:
+  /usr/src/linux/include/asm-generic/posix_types.h:91:3: \
+error: conflicting types for '__kernel_fsid_t'
+  } __kernel_fsid_t;
+  ^
+  .../tmp/sysroots/qemumips/usr/include/asm/posix_types.h:26:3: \
+note: previous declaration of '__kernel_fsid_t' was here
+  } __kernel_fsid_t;
+  ^
+
+Upstream-Status: Pending
+
+Signed-off-by: Wenzong Fan wenzong@windriver.com
+---
+ Makefile |2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/Makefile b/Makefile
+index 0492f2b..97dec22 100644
+--- a/Makefile
 b/Makefile
+@@ -1,6 +1,6 @@
+ CC = gcc
+ CFLAGS = -O2 -Wall -W -Wno-long-long -pipe
+-INCLUDES = -I/usr/src/linux/include -I/usr/src/linux-2.6/include
++INCLUDES =
+ 
+ all:  sethdlc
+ 
+-- 
+1.7.9.5
+
diff --git a/meta-networking/recipes-connectivity/sethdlc/sethdlc.bb 
b/meta-networking/recipes-connectivity/sethdlc/sethdlc.bb
index cf74827..5e8d9d9 100644
--- a/meta-networking/recipes-connectivity/sethdlc/sethdlc.bb
+++ b/meta-networking/recipes-connectivity/sethdlc/sethdlc.bb
@@ -1,10 +1,11 @@
 DESCRIPTION = set Linux HDLC packet radio modem driver port information
 HOMEPAGE = https://www.kernel.org/pub/linux/utils/net/hdlc;
 LICENSE = GPLv2  GPLv2+ 
-LIC_FILES_CHKSUM = file://Makefile;md5=19aada31930b2be84bf7138420d77263
+LIC_FILES_CHKSUM = 
file://sethdlc.c;endline=10;md5=90f936879e9f8b755a138aeb348782eb
 
 
 SRC_URI = https://www.kernel.org/pub/linux/utils/net/hdlc/${BPN}-1.18.tar.gz \
+   file://sethdlc-fix-host-contamination.patch \
 
 SRC_URI[md5sum] = 9016878156a5eadb06c0bae71cc5c9ab
 SRC_URI[sha256sum] = 
21b1e2e1cb0e288b0ec8fcfd9fed449914e0f8e6fc273706bd5b3d4f6ab6b04e
-- 
1.7.9.5

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH 0/1][meta-oe] krb5: fix CVE-2014-5351

2014-11-12 Thread wenzong.fan 
From: Wenzong Fan wenzong@windriver.com

The kadm5_randkey_principal_3 function in lib/kadm5/srv/svr_principal.c
in kadmind in MIT Kerberos 5 (aka krb5) before 1.13 sends old keys in a
response to a -randkey -keepold request, which allows remote authentic-
ated users to forge tickets by leveraging administrative access.

This back-ported patch fixes CVE-2014-5351.

The following changes since commit c78eca1ea7452a62f86b740ec59f1cd39e399d73:

  postfix: create or update aliases.db when using systemd (2014-11-10 15:18:55 
-0500)

are available in the git repository at:

  git://git.pokylinux.org/poky-contrib wenzong/cve-krb5
  http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=wenzong/cve-krb5

Wenzong Fan (1):
  krb5: fix CVE-2014-5351

 ...rn-only-new-keys-in-randkey-CVE-2014-5351.patch |   92 
 meta-oe/recipes-connectivity/krb5/krb5_1.12.2.bb   |1 +
 2 files changed, 93 insertions(+)
 create mode 100644 
meta-oe/recipes-connectivity/krb5/krb5/0001-Return-only-new-keys-in-randkey-CVE-2014-5351.patch

-- 
1.7.9.5

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH 1/1][meta-oe] krb5: fix CVE-2014-5351

2014-11-12 Thread wenzong.fan 
From: Wenzong Fan wenzong@windriver.com

The kadm5_randkey_principal_3 function in lib/kadm5/srv/svr_principal.c
in kadmind in MIT Kerberos 5 (aka krb5) before 1.13 sends old keys in a
response to a -randkey -keepold request, which allows remote authentic-
ated users to forge tickets by leveraging administrative access.

This back-ported patch fixes CVE-2014-5351.

Signed-off-by: Wenzong Fan wenzong@windriver.com
---
 ...rn-only-new-keys-in-randkey-CVE-2014-5351.patch |   92 
 meta-oe/recipes-connectivity/krb5/krb5_1.12.2.bb   |1 +
 2 files changed, 93 insertions(+)
 create mode 100644 
meta-oe/recipes-connectivity/krb5/krb5/0001-Return-only-new-keys-in-randkey-CVE-2014-5351.patch

diff --git 
a/meta-oe/recipes-connectivity/krb5/krb5/0001-Return-only-new-keys-in-randkey-CVE-2014-5351.patch
 
b/meta-oe/recipes-connectivity/krb5/krb5/0001-Return-only-new-keys-in-randkey-CVE-2014-5351.patch
new file mode 100644
index 000..0852661
--- /dev/null
+++ 
b/meta-oe/recipes-connectivity/krb5/krb5/0001-Return-only-new-keys-in-randkey-CVE-2014-5351.patch
@@ -0,0 +1,92 @@
+From af0ed4df4dfae762ab5fb605f5a0c8f59cb4f6ca Mon Sep 17 00:00:00 2001
+From: Greg Hudson ghud...@mit.edu
+Date: Thu, 21 Aug 2014 13:52:07 -0400
+Subject: [PATCH] Return only new keys in randkey [CVE-2014-5351]
+
+In kadmind's randkey operation, if a client specifies the keepold
+flag, do not include the preserved old keys in the response.
+
+CVE-2014-5351:
+
+An authenticated remote attacker can retrieve the current keys for a
+service principal when generating a new set of keys for that
+principal.  The attacker needs to be authenticated as a user who has
+the elevated privilege for randomizing the keys of other principals.
+
+Normally, when a Kerberos administrator randomizes the keys of a
+service principal, kadmind returns only the new keys.  This prevents
+an administrator who lacks legitimate privileged access to a service
+from forging tickets to authenticate to that service.  If the
+keepold flag to the kadmin randkey RPC operation is true, kadmind
+retains the old keys in the KDC database as intended, but also
+unexpectedly returns the old keys to the client, which exposes the
+service to ticket forgery attacks from the administrator.
+
+A mitigating factor is that legitimate clients of the affected service
+will start failing to authenticate to the service once they begin to
+receive service tickets encrypted in the new keys.  The affected
+service will be unable to decrypt the newly issued tickets, possibly
+alerting the legitimate administrator of the affected service.
+
+CVSSv2: AV:N/AC:H/Au:S/C:P/I:N/A:N/E:POC/RL:OF/RC:C
+
+[t...@mit.edu: CVE description and CVSS score]
+
+ticket: 8018 (new)
+target_version: 1.13
+tags: pullup
+
+Upstream-Status: Backport
+---
+ src/lib/kadm5/srv/svr_principal.c |   21 ++---
+ 1 files changed, 18 insertions(+), 3 deletions(-)
+
+diff --git a/lib/kadm5/srv/svr_principal.c b/lib/kadm5/srv/svr_principal.c
+index 5d358bd..d4e74cc 100644
+--- a/lib/kadm5/srv/svr_principal.c
 b/lib/kadm5/srv/svr_principal.c
+@@ -344,6 +344,20 @@ check_1_6_dummy(kadm5_principal_ent_t entry, long mask,
+ *passptr = NULL;
+ }
+ 
++/* Return the number of keys with the newest kvno.  Assumes that all key data
++ * with the newest kvno are at the front of the key data array. */
++static int
++count_new_keys(int n_key_data, krb5_key_data *key_data)
++{
++int n;
++
++for (n = 1; n  n_key_data; n++) {
++if (key_data[n - 1].key_data_kvno != key_data[n].key_data_kvno)
++return n;
++}
++return n_key_data;
++}
++
+ kadm5_ret_t
+ kadm5_create_principal(void *server_handle,
+kadm5_principal_ent_t entry, long mask,
+@@ -1593,7 +1607,7 @@ kadm5_randkey_principal_3(void *server_handle,
+ osa_princ_ent_rec   adb;
+ krb5_int32  now;
+ kadm5_policy_ent_recpol;
+-int ret, last_pwd;
++int ret, last_pwd, n_new_keys;
+ krb5_booleanhave_pol = FALSE;
+ kadm5_server_handle_t   handle = server_handle;
+ krb5_keyblock   *act_mkey;
+@@ -1686,8 +1700,9 @@ kadm5_randkey_principal_3(void *server_handle,
+ kdb-fail_auth_count = 0;
+ 
+ if (keyblocks) {
+-ret = decrypt_key_data(handle-context,
+-   kdb-n_key_data, kdb-key_data,
++/* Return only the new keys added by krb5_dbe_crk. */
++n_new_keys = count_new_keys(kdb-n_key_data, kdb-key_data);
++ret = decrypt_key_data(handle-context, n_new_keys, kdb-key_data,
+keyblocks, n_keys);
+ if (ret)
+ goto done;
+-- 
+1.7.4.1
+
diff --git a/meta-oe/recipes-connectivity/krb5/krb5_1.12.2.bb 
b/meta-oe/recipes-connectivity/krb5/krb5_1.12.2.bb
index f3f16b9..c492496 100644
--- a/meta-oe/recipes-connectivity/krb5/krb5_1.12.2.bb
+++

[oe] [PATCH 0/1][meta-networking] ntp: add status for initscript

2014-10-20 Thread wenzong.fan 
From: Wenzong Fan wenzong@windriver.com

Get /etc/init.d/ntpd support options 'status'.

The following changes since commit 71d2fe7c9e2681fede255d7f5b430d63a122ab18:

  vim: add ncurses-terminfo-base as a runtime dependency (2014-10-18 10:47:43 
+0200)

are available in the git repository at:

  git://git.pokylinux.org/poky-contrib wenzong/ntpd-status
  http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=wenzong/ntpd-status

Wenzong Fan (1):
  ntp: add status for initscript

 meta-networking/recipes-support/ntp/files/ntpd |9 -
 1 file changed, 8 insertions(+), 1 deletion(-)

-- 
1.7.9.5

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH 1/1][meta-networking] ntp: add status for initscript

2014-10-20 Thread wenzong.fan 
From: Wenzong Fan wenzong@windriver.com

Signed-off-by: Wenzong Fan wenzong@windriver.com
---
 meta-networking/recipes-support/ntp/files/ntpd |9 -
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/meta-networking/recipes-support/ntp/files/ntpd 
b/meta-networking/recipes-support/ntp/files/ntpd
index 3cd1c6c..d1b9c49 100755
--- a/meta-networking/recipes-support/ntp/files/ntpd
+++ b/meta-networking/recipes-support/ntp/files/ntpd
@@ -20,6 +20,9 @@ test -x $DAEMON -a -r /etc/ntp.conf || exit 0
 # rcS contains TICKADJ
 test -r /etc/default/rcS  . /etc/default/rcS
 
+# Source function library.
+. /etc/init.d/functions
+
 # Functions to do individual actions
 settick(){
# If TICKADJ is set we *must* adjust it before we start, because the
@@ -68,8 +71,12 @@ case $1 in
stopdaemon
startdaemon
;;
+  status)
+   status /usr/sbin/ntpd;
+   exit $?
+   ;;
   *)
-   echo Usage: ntpd { start | stop | restart | reload } 2
+   echo Usage: ntpd { start | stop | status | restart | reload } 2
exit 1
;;
 esac
-- 
1.7.9.5

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH 1/1][meta-oe] rsnapshot: fix rsnapshot.conf.default

2014-10-17 Thread wenzong.fan 
From: Wenzong Fan wenzong@windriver.com

This change is used for fixing cmd path in rsnapshot.conf.default.

The options --without-* disable checking command * on host and get
the default path used, otherwise the host path will be injected into
target configs.

The runtime dependencies to ssh, logger, cp, du are optional and
could be customized in rsnapshot.conf, so it's not needed that
using PACKAGECONFIG to define the runtime dependencies.

Signed-off-by: Wenzong Fan wenzong@windriver.com
---
 .../rsnapshot/configure-fix-cmd_rsync.patch|   44 
 meta-oe/recipes-support/rsnapshot/rsnapshot_git.bb |   12 +-
 2 files changed, 54 insertions(+), 2 deletions(-)
 create mode 100644 
meta-oe/recipes-support/rsnapshot/rsnapshot/configure-fix-cmd_rsync.patch

diff --git 
a/meta-oe/recipes-support/rsnapshot/rsnapshot/configure-fix-cmd_rsync.patch 
b/meta-oe/recipes-support/rsnapshot/rsnapshot/configure-fix-cmd_rsync.patch
new file mode 100644
index 000..7b2361b
--- /dev/null
+++ b/meta-oe/recipes-support/rsnapshot/rsnapshot/configure-fix-cmd_rsync.patch
@@ -0,0 +1,44 @@
+From 26ad431e19788898fb4ed19ff91392e8b20f1bab Mon Sep 17 00:00:00 2001
+From: Wenzong Fan wenzong@windriver.com
+Date: Thu, 16 Oct 2014 04:06:55 -0400
+Subject: [PATCH] fix cmd_rsync
+
+Don't break configure if rsync is not installed on host.
+
+rsync is a runtime dependency and this change is only used for
+generating rsnapshot.conf.default. It allows cmd_rsync to use
+default path if options --without-rsync is specfied.
+
+Upstream-Status: Pending
+
+Signed-off-by: Wenzong Fan wenzong@windriver.com
+---
+ configure.ac |5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/configure.ac b/configure.ac
+index bc9df9e..2a33d29 100644
+--- a/configure.ac
 b/configure.ac
+@@ -55,7 +55,7 @@ AC_ARG_WITH(rsync,
+   AC_MSG_ERROR(rsync not found)
+   fi
+   else
+-  AC_MSG_ERROR(rsync is required)
++  RSYNC=no
+   fi
+   ]
+ )
+@@ -67,7 +67,8 @@ if test $RSYNC = ; then
+ fi
+ dnl bail out if we can't find it
+ if test $RSYNC = no; then
+-  AC_MSG_ERROR(rsync is required)
++  RSYNC=/usr/bin/rsync
++  AC_SUBST(CMD_RSYNC, cmd_rsync  $RSYNC)
+ fi
+ 
+ 
+-- 
+1.7.9.5
+
diff --git a/meta-oe/recipes-support/rsnapshot/rsnapshot_git.bb 
b/meta-oe/recipes-support/rsnapshot/rsnapshot_git.bb
index afd3678..3f919b5 100644
--- a/meta-oe/recipes-support/rsnapshot/rsnapshot_git.bb
+++ b/meta-oe/recipes-support/rsnapshot/rsnapshot_git.bb
@@ -24,11 +24,19 @@ SRCREV = 1047cbb57937c29233388e2fcd847fecd3babe74
 PV = 1.3.1+git${SRCPV}
 
 SRC_URI = git://github.com/DrHyde/${BPN};branch=master;protocol=git \
+   file://configure-fix-cmd_rsync.patch \
   
 
 S = ${WORKDIR}/git
 
 inherit autotools
 
-PACKAGECONFIG ??= logger
-PACKAGECONFIG[logger] = 
--with-logger=${bindir}/logger,--without-logger,,util-linux
+# Fix rsnapshot.conf.default:
+# don't inject the host path into target configs.
+EXTRA_OECONF += --without-cp \
+ --without-rm \
+ --without-du \
+ --without-ssh \
+ --without-logger \
+ --without-rsync \
+
-- 
1.7.9.5

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH 0/1][meta-oe] rsnapshot: fix rsnapshot.conf.default

2014-10-17 Thread wenzong.fan 
From: Wenzong Fan wenzong@windriver.com

This change is used for fixing cmd path in rsnapshot.conf.default.

The options --without-* disable checking command * on host and get
the default path used, otherwise the host path will be injected into
target configs.

The runtime dependencies to ssh, logger, cp, du are optional and
could be customized in rsnapshot.conf, so it's not needed that
using PACKAGECONFIG to define the runtime dependencies.

The following changes since commit fa04f43dee6994bb63374995a6444e72d65bc658:

  libgphoto2: add bash to RDEPENDS (2014-10-16 07:01:01 +0200)

are available in the git repository at:

  git://git.pokylinux.org/poky-contrib wenzong/fix-rsnapshot
  http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=wenzong/fix-rsnapshot

Wenzong Fan (1):
  rsnapshot: fix rsnapshot.conf.default

 .../rsnapshot/configure-fix-cmd_rsync.patch|   44 
 meta-oe/recipes-support/rsnapshot/rsnapshot_git.bb |   12 +-
 2 files changed, 54 insertions(+), 2 deletions(-)
 create mode 100644 
meta-oe/recipes-support/rsnapshot/rsnapshot/configure-fix-cmd_rsync.patch

-- 
1.7.9.5

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH 1/1 v3][meta-networking] ntp: fix path to drift file

2014-10-13 Thread wenzong.fan 
From: Wenzong Fan wenzong@windriver.com

The default path of ntp drift file is /etc/ntp.drift, ntp daemon
maybe fails to create this file since the user ntp is not always
permitted to write /etc.

Refer to other distributions such as RedHat, Debian, just moving
the file to /var/lib/ntp which the home dir of user ntp.

Signed-off-by: Wenzong Fan wenzong@windriver.com
---
 meta-networking/recipes-support/ntp/files/ntp.conf |2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta-networking/recipes-support/ntp/files/ntp.conf 
b/meta-networking/recipes-support/ntp/files/ntp.conf
index 875b7eb..676e186 100644
--- a/meta-networking/recipes-support/ntp/files/ntp.conf
+++ b/meta-networking/recipes-support/ntp/files/ntp.conf
@@ -1,7 +1,7 @@
 # This is the most basic ntp configuration file
 # The driftfile must remain in a place specific to this
 # machine - it records the machine specific clock error
-driftfile /etc/ntp.drift
+driftfile /var/lib/ntp/drift
 # This should be a server that is close (in IP terms)
 # to the machine.  Add other servers as required.
 # Unless you un-comment the line below ntpd will sync
-- 
1.7.9.5

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH 0/1 v3][meta-networking] ntp: fix path to drift file

2014-10-13 Thread wenzong.fan 
From: Wenzong Fan wenzong@windriver.com

v3 changes:

* Update the drift file path in recipes-support/ntp/files/ntp.conf;
* Drop the logic for creating /var/lib/ntp, This addressed by Peter A. Bigot's 
patch:

  [oe] [meta-networking][PATCH] ntp: create and package ntp home directory

The following changes since commit a4bdcbdbca05bbb4a452e06982038f0a38bcb91f:

  openldap: use PN for PACKAGES_DYNAMIC (2014-10-10 12:47:35 +0200)

are available in the git repository at:

  git://git.pokylinux.org/poky-contrib wenzong/ntp-fix
  http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=wenzong/ntp-fix

Wenzong Fan (1):
  ntp: fix path to drift file

 meta-networking/recipes-support/ntp/files/ntp.conf |2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

-- 
1.7.9.5

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH 0/1 v2][meta-networking] ntp: fix path to drift file

2014-10-11 Thread wenzong.fan 
From: Wenzong Fan wenzong@windriver.com

v2 changes:

Update the commit logs:
---
* fix the path to drift file:

The default path of ntp drift file is /etc/ntp.drift, ntp daemon
maybe fails to create this file since the user ntp is not always
permitted to write /etc.

Refer to other distributions such as RedHat, Debian, just moving
the file to /var/lib/ntp which the home dir of user ntp.

* add tmpfile support:

Make sure the /var/lib/ntp is always created by sysvinit/systemd.


The following changes since commit a4bdcbdbca05bbb4a452e06982038f0a38bcb91f:

  openldap: use PN for PACKAGES_DYNAMIC (2014-10-10 12:47:35 +0200)

are available in the git repository at:

  git://git.pokylinux.org/poky-contrib wenzong/ntp-fix
  http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=wenzong/ntp-fix

Wenzong Fan (1):
  ntp: fix path to drift file

 meta-networking/recipes-support/ntp/ntp.inc |   15 +++
 1 file changed, 15 insertions(+)

-- 
1.7.9.5

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH 1/1 v2][meta-networking] ntp: fix path to drift file

2014-10-11 Thread wenzong.fan 
From: Wenzong Fan wenzong@windriver.com

* fix the path to drift file:

The default path of ntp drift file is /etc/ntp.drift, ntp daemon
maybe fails to create this file since the user ntp is not always
permitted to write /etc.

Refer to other distributions such as RedHat, Debian, just moving
the file to /var/lib/ntp which the home dir of user ntp.

* add tmpfile support:

Make sure the /var/lib/ntp is always created by sysvinit/systemd.

Signed-off-by: Wenzong Fan wenzong@windriver.com
---
 meta-networking/recipes-support/ntp/ntp.inc |   15 +++
 1 file changed, 15 insertions(+)

diff --git a/meta-networking/recipes-support/ntp/ntp.inc 
b/meta-networking/recipes-support/ntp/ntp.inc
index f55a39a..f685274 100644
--- a/meta-networking/recipes-support/ntp/ntp.inc
+++ b/meta-networking/recipes-support/ntp/ntp.inc
@@ -53,6 +53,7 @@ PACKAGECONFIG[debug] = 
--enable-debugging,--disable-debugging
 do_install_append() {
 install -d ${D}${sysconfdir}/init.d
 install -m 644 ${WORKDIR}/ntp.conf ${D}${sysconfdir}
+sed -i 's!/etc/ntp.drift!/var/lib/ntp/drift!g' ${D}${sysconfdir}/ntp.conf
 install -m 755 ${WORKDIR}/ntpd ${D}${sysconfdir}/init.d
 install -d ${D}${bindir}
 install -m 755 ${WORKDIR}/ntpdate ${D}${bindir}/ntpdate-sync
@@ -72,6 +73,18 @@ do_install_append() {
 install -m 644 ${WORKDIR}/ntpdate.default ${D}${sysconfdir}/default/ntpdate
 install -m 0644 ${WORKDIR}/sntp ${D}${sysconfdir}/default/
 
+# Create tmpfiles
+if ${@bb.utils.contains('DISTRO_FEATURES', 'sysvinit', 'true', 'false', 
d)}; then
+install -d ${D}/${sysconfdir}/default/volatiles
+echo d ntp ntp 0755 /var/lib/ntp none \
+ ${D}/${sysconfdir}/default/volatiles/99_ntpd
+fi
+if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', 
d)}; then
+install -d ${D}${sysconfdir}/tmpfiles.d
+echo d /var/lib/ntp 0755 ntp ntp - \
+ ${D}${sysconfdir}/tmpfiles.d/99-ntpd.conf
+fi
+
 install -d ${D}/${sysconfdir}/network/if-up.d
 ln -s ${bindir}/ntpdate-sync ${D}/${sysconfdir}/network/if-up.d
 
@@ -112,6 +125,8 @@ RSUGGESTS_${PN} = iana-etc
 
 FILES_${PN} = ${sbindir}/ntpd ${sysconfdir}/ntp.conf 
${sysconfdir}/init.d/ntpd ${libdir} \
 ${systemd_unitdir}/ntp-units.d/60-ntpd.list \
+${sysconfdir}/default/volatiles \
+${sysconfdir}/tmpfiles.d \
 
 FILES_${PN}-tickadj = ${sbindir}/tickadj
 FILES_${PN}-utils = ${sbindir}
-- 
1.7.9.5

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH 1/1][meta-networking] ntp: fix path to driftfile

2014-10-09 Thread wenzong.fan 
From: Wenzong Fan wenzong@windriver.com

Default path to driftfile is /etc/ntp.drift, that doesn't work since
ntp daemon is always started with ntp user. It should be created at
the home directory of ntp which is /var/lib/ntp/.

Signed-off-by: Wenzong Fan wenzong@windriver.com
---
 meta-networking/recipes-support/ntp/ntp.inc |   15 +++
 1 file changed, 15 insertions(+)

diff --git a/meta-networking/recipes-support/ntp/ntp.inc 
b/meta-networking/recipes-support/ntp/ntp.inc
index f55a39a..f685274 100644
--- a/meta-networking/recipes-support/ntp/ntp.inc
+++ b/meta-networking/recipes-support/ntp/ntp.inc
@@ -53,6 +53,7 @@ PACKAGECONFIG[debug] = 
--enable-debugging,--disable-debugging
 do_install_append() {
 install -d ${D}${sysconfdir}/init.d
 install -m 644 ${WORKDIR}/ntp.conf ${D}${sysconfdir}
+sed -i 's!/etc/ntp.drift!/var/lib/ntp/drift!g' ${D}${sysconfdir}/ntp.conf
 install -m 755 ${WORKDIR}/ntpd ${D}${sysconfdir}/init.d
 install -d ${D}${bindir}
 install -m 755 ${WORKDIR}/ntpdate ${D}${bindir}/ntpdate-sync
@@ -72,6 +73,18 @@ do_install_append() {
 install -m 644 ${WORKDIR}/ntpdate.default ${D}${sysconfdir}/default/ntpdate
 install -m 0644 ${WORKDIR}/sntp ${D}${sysconfdir}/default/
 
+# Create tmpfiles
+if ${@bb.utils.contains('DISTRO_FEATURES', 'sysvinit', 'true', 'false', 
d)}; then
+install -d ${D}/${sysconfdir}/default/volatiles
+echo d ntp ntp 0755 /var/lib/ntp none \
+ ${D}/${sysconfdir}/default/volatiles/99_ntpd
+fi
+if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', 
d)}; then
+install -d ${D}${sysconfdir}/tmpfiles.d
+echo d /var/lib/ntp 0755 ntp ntp - \
+ ${D}${sysconfdir}/tmpfiles.d/99-ntpd.conf
+fi
+
 install -d ${D}/${sysconfdir}/network/if-up.d
 ln -s ${bindir}/ntpdate-sync ${D}/${sysconfdir}/network/if-up.d
 
@@ -112,6 +125,8 @@ RSUGGESTS_${PN} = iana-etc
 
 FILES_${PN} = ${sbindir}/ntpd ${sysconfdir}/ntp.conf 
${sysconfdir}/init.d/ntpd ${libdir} \
 ${systemd_unitdir}/ntp-units.d/60-ntpd.list \
+${sysconfdir}/default/volatiles \
+${sysconfdir}/tmpfiles.d \
 
 FILES_${PN}-tickadj = ${sbindir}/tickadj
 FILES_${PN}-utils = ${sbindir}
-- 
1.7.9.5

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH 0/1][meta-networking] ntp: fix path to driftfile

2014-10-09 Thread wenzong.fan 
From: Wenzong Fan wenzong@windriver.com

Default path to driftfile is /etc/ntp.drift, that doesn't work since
ntp daemon is always started with ntp user. It should be created at
the home directory of ntp which is /var/lib/ntp/.

The following changes since commit 17ff23b4a4a0e5ed7efde107fb00296f1ebd5fdd:

  xf86-video-geode: fix build with new glibc-2.20 (2014-10-06 01:07:53 +0200)

are available in the git repository at:

  git://git.pokylinux.org/poky-contrib wenzong/ntp
  http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=wenzong/ntp

Wenzong Fan (1):
  ntp: fix path to driftfile

 meta-networking/recipes-support/ntp/ntp.inc |   15 +++
 1 file changed, 15 insertions(+)

-- 
1.7.9.5

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH 0/1][meta-oe] rsnapshot: add new package

2014-09-30 Thread wenzong.fan 
From: Wenzong Fan wenzong@windriver.com

rsnapshot is a filesystem snapshot utility based on rsync.

rsnapshot makes it easy to make periodic snapshots of local machines,
and remote machines over ssh. The code makes extensive use of hard links
whenever possible, to greatly reduce the disk space required.

Homepage: http://www.rsnapshot.org/

The following changes since commit 0d01e1b72333f49c29d1a27ad844c4cd9f90341c:

  smartmontools: add systemd service file (2014-09-26 05:42:54 +0200)

are available in the git repository at:

  git://git.pokylinux.org/poky-contrib wenzong/rsnapshot
  http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=wenzong/rsnapshot

Wenzong Fan (1):
  rsnapshot: add new package

 meta-oe/recipes-support/rsnapshot/rsnapshot_git.bb |   34 
 1 file changed, 34 insertions(+)
 create mode 100644 meta-oe/recipes-support/rsnapshot/rsnapshot_git.bb

-- 
1.7.9.5

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH 1/1][meta-oe] rsnapshot: add new package

2014-09-30 Thread wenzong.fan 
From: Wenzong Fan wenzong@windriver.com

rsnapshot is a filesystem snapshot utility based on rsync.

rsnapshot makes it easy to make periodic snapshots of local machines,
and remote machines over ssh. The code makes extensive use of hard links
whenever possible, to greatly reduce the disk space required.

Homepage: http://www.rsnapshot.org/

Signed-off-by: Wenzong Fan wenzong@windriver.com
---
 meta-oe/recipes-support/rsnapshot/rsnapshot_git.bb |   34 
 1 file changed, 34 insertions(+)
 create mode 100644 meta-oe/recipes-support/rsnapshot/rsnapshot_git.bb

diff --git a/meta-oe/recipes-support/rsnapshot/rsnapshot_git.bb 
b/meta-oe/recipes-support/rsnapshot/rsnapshot_git.bb
new file mode 100644
index 000..afd3678
--- /dev/null
+++ b/meta-oe/recipes-support/rsnapshot/rsnapshot_git.bb
@@ -0,0 +1,34 @@
+SUMMARY = A filesystem snapshot utility based on rsync
+HOMEPAGE = http://www.rsnapshot.org;
+BUGTRACKER = https://sourceforge.net/projects/rsnapshot/;
+SECTION = console/network
+
+LICENSE = GPLv2
+LIC_FILES_CHKSUM = file://COPYING;md5=892f569a555ba9c07a568a7c0c4fa63a
+
+RDEPENDS_${PN} = rsync \
+  perl \
+  perl-module-dirhandle \
+  perl-module-cwd \
+  perl-module-getopt-std \
+  perl-module-file-path \
+  perl-module-file-stat \
+  perl-module-posix \
+  perl-module-fcntl \
+  perl-module-io-file \
+  perl-module-constant \
+  perl-module-overloading \
+ 
+
+SRCREV = 1047cbb57937c29233388e2fcd847fecd3babe74
+PV = 1.3.1+git${SRCPV}
+
+SRC_URI = git://github.com/DrHyde/${BPN};branch=master;protocol=git \
+  
+
+S = ${WORKDIR}/git
+
+inherit autotools
+
+PACKAGECONFIG ??= logger
+PACKAGECONFIG[logger] = 
--with-logger=${bindir}/logger,--without-logger,,util-linux
-- 
1.7.9.5

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH 1/1][meta-oe] imagemagick: do not install magick-baseconfig.h repeatedly

2014-09-18 Thread wenzong.fan 
From: Wenzong Fan wenzong@windriver.com

Both targets install-data-local  install-includeHEADERS will install
header file magick-baseconfig.h to the same location, and they might
be run in the same time while enabling parallel build:

* target dependencies:
  + install-data-am: ... install-data-local ... install-includeHEADERS

* make install error:
  /usr/bin/install: cannot create regular file \
  `.../usr/include/ImageMagick-6/magick/magick-baseconfig.h': \
  File exists \
  make[3]: *** [install-magickincarchHEADERS] Error 1

* reproduce the error:
  $ /usr/bin/install test /tmp  /usr/bin/install test /tmp
  [1] 4052
  /usr/bin/install: cannot create regular file `/tmp/test': File exists
  [1]+  Exit 1  /usr/bin/install test /tmp

Just disable the one from install-data-local to remove this race issue.

Signed-off-by: Wenzong Fan wenzong@windriver.com
---
 ...ot-install-magick-baseconfig.h-repeatedly.patch |   49 
 .../imagemagick/imagemagick_6.8.8.bb   |1 +
 2 files changed, 50 insertions(+)
 create mode 100644 
meta-oe/recipes-support/imagemagick/imagemagick/do-not-install-magick-baseconfig.h-repeatedly.patch

diff --git 
a/meta-oe/recipes-support/imagemagick/imagemagick/do-not-install-magick-baseconfig.h-repeatedly.patch
 
b/meta-oe/recipes-support/imagemagick/imagemagick/do-not-install-magick-baseconfig.h-repeatedly.patch
new file mode 100644
index 000..114fb5e
--- /dev/null
+++ 
b/meta-oe/recipes-support/imagemagick/imagemagick/do-not-install-magick-baseconfig.h-repeatedly.patch
@@ -0,0 +1,49 @@
+From bbdd42384d0b5f3ccb11465f63d90097579a1897 Mon Sep 17 00:00:00 2001
+From: Konrad Scherer konrad.sche...@windriver.com
+Date: Tue, 10 Jun 2014 15:43:16 +0800
+Subject: [PATCH] imagemagick: do not install magick-baseconfig.h repeatedly
+
+Both targets install-data-local  install-includeHEADERS will install
+header file magick-baseconfig.h to the same location, and they might
+be run in the same time while enabling parallel build:
+
+* target dependencies:
+  + install-data-am: ... install-data-local ... install-includeHEADERS
+
+* make install error:
+  /usr/bin/install: cannot create regular file \
+  `.../usr/include/ImageMagick-6/magick/magick-baseconfig.h': \
+  File exists \
+  make[3]: *** [install-magickincarchHEADERS] Error 1
+
+* reproduce the error:
+  $ /usr/bin/install test /tmp  /usr/bin/install test /tmp
+  [1] 4052
+  /usr/bin/install: cannot create regular file `/tmp/test': File exists
+  [1]+  Exit 1  /usr/bin/install test /tmp
+
+Just disable the one from install-data-local to remove this race issue.
+
+Upstream-Status: pending
+
+Signed-off-by: Wenzong Fan wenzong@windriver.com
+---
+ magick/Makefile.am | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/magick/Makefile.am b/magick/Makefile.am
+index 2f72461..e45466c 100644
+--- a/magick/Makefile.am
 b/magick/Makefile.am
+@@ -468,7 +468,7 @@ MAGICK_EXTRA_DIST = \
+   magick/xwdfile.h_vms 
+ 
+ # Install magick-baseconfig.h
+-MAGICK_INSTALL_DATA_LOCAL_TARGETS = magick-install-data-local
++MAGICK_INSTALL_DATA_LOCAL_TARGETS =
+ magick-install-data-local:
+   $(mkinstalldirs) $(DESTDIR)$(magickincarchdir)
+   $(INSTALL_HEADER) magick/magick-baseconfig.h 
$(DESTDIR)$(magickincarchdir)/magick-baseconfig.h
+-- 
+1.8.2.1
+
diff --git a/meta-oe/recipes-support/imagemagick/imagemagick_6.8.8.bb 
b/meta-oe/recipes-support/imagemagick/imagemagick_6.8.8.bb
index 31207da..847ab34 100644
--- a/meta-oe/recipes-support/imagemagick/imagemagick_6.8.8.bb
+++ b/meta-oe/recipes-support/imagemagick/imagemagick_6.8.8.bb
@@ -8,6 +8,7 @@ DEPENDS = lcms bzip2 jpeg libpng librsvg tiff zlib fftw 
freetype
 PATCHSET = 10
 SRC_URI = 
http://www.imagemagick.org/download/legacy/ImageMagick-${PV}-${PATCHSET}.tar.bz2
 \
file://remove.dist-lzip.patch \
+   file://do-not-install-magick-baseconfig.h-repeatedly.patch \
 
 SRC_URI[md5sum] = a3a0fa301965d6fde68fccd066f62b0b
 SRC_URI[sha256sum] = 
8c0982b2bc0c1cea8ac9627b4e1e5d37f8171ef8282ee09aef32529cf68e1820
-- 
1.7.9.5

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH 0/1][meta-oe] imagemagick: do not install magick-baseconfig.h repeatedly

2014-09-18 Thread wenzong.fan 
From: Wenzong Fan wenzong@windriver.com

Both targets install-data-local  install-includeHEADERS will install
header file magick-baseconfig.h to the same location, and they might
be run in the same time while enabling parallel build:

* target dependencies:
  + install-data-am: ... install-data-local ... install-includeHEADERS

* make install error:
  /usr/bin/install: cannot create regular file \
  `.../usr/include/ImageMagick-6/magick/magick-baseconfig.h': \
  File exists \
  make[3]: *** [install-magickincarchHEADERS] Error 1

* reproduce the error:
  $ /usr/bin/install test /tmp  /usr/bin/install test /tmp
  [1] 4052
  /usr/bin/install: cannot create regular file `/tmp/test': File exists
  [1]+  Exit 1  /usr/bin/install test /tmp

Just disable the one from install-data-local to remove this race issue.

The following changes since commit 28e26a9b0ad37d0c92ba42b2727215eef1edf5a2:

  tcpslice: add recipe under tcpdump (2014-09-09 10:32:51 -0400)

are available in the git repository at:

  git://git.pokylinux.org/poky-contrib wenzong/imagemagick
  http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=wenzong/imagemagick

Wenzong Fan (1):
  imagemagick: do not install magick-baseconfig.h repeatedly

 ...ot-install-magick-baseconfig.h-repeatedly.patch |   49 
 .../imagemagick/imagemagick_6.8.8.bb   |1 +
 2 files changed, 50 insertions(+)
 create mode 100644 
meta-oe/recipes-support/imagemagick/imagemagick/do-not-install-magick-baseconfig.h-repeatedly.patch

-- 
1.7.9.5

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH 2/2][meta-oe] talloc: fixes for sstate cache reuse

2014-09-16 Thread wenzong.fan 
From: Robert Yang liezhi.y...@windriver.com

Fixes for sstate cache reuse between different build dirs. The
${SWIGLIBDIR##${STAGING_DIR_NATIVE}} had confused bitbake, bitbake would
add the SWIGLIBDIR##${STAGING_DIR_NATIVE} to the deps of do_install,
which caused the sstate cached can't be re-used.

Use another way for SWIGLIBDIR to fix the problem.

Signed-off-by: Robert Yang liezhi.y...@windriver.com
Signed-off-by: Wenzong Fan wenzong@windriver.com
---
 meta-oe/recipes-support/talloc/talloc_2.0.1.bb |   10 +-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/meta-oe/recipes-support/talloc/talloc_2.0.1.bb 
b/meta-oe/recipes-support/talloc/talloc_2.0.1.bb
index 9cf3e43..7bbfbc2 100644
--- a/meta-oe/recipes-support/talloc/talloc_2.0.1.bb
+++ b/meta-oe/recipes-support/talloc/talloc_2.0.1.bb
@@ -23,7 +23,15 @@ DEPENDS += swig-native
 do_install_prepend() {
 # Hack the way swig interface for talloc is installed
 # This hack is accompanied by install-swig-interface-in-SWINGLIBDIR.patch
-type swig  /dev/null 21  SWIGLIBDIR=`swig -swiglib`  
SWIGLIBDIR=`readlink -f ${SWIGLIBDIR}`  
SWIGLIBDIR=${SWIGLIBDIR##${STAGING_DIR_NATIVE}}  export SWIGLIBDIR || echo 
No swig found
+if which swig  /dev/null; then
+SWIGLIBDIR=$(echo $(readlink -f $(swig -swiglib)) | \
+sed -e 's#^${STAGING_DIR_NATIVE}##')
+fi
+if [ -n $SWIGLIBDIR ]; then
+export SWIGLIBDIR
+else
+echo No swig found
+fi
 }
 
 do_install_append() {
-- 
1.7.9.5

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH 0/2][meta-oe] talloc: fixes for sstate cache reuse swig dependencies

2014-09-16 Thread wenzong.fan 
From: Wenzong Fan wenzong@windriver.com

Patch 2/2:

Fixes for sstate cache reuse between different build dirs. The
${SWIGLIBDIR##${STAGING_DIR_NATIVE}} had confused bitbake, bitbake would
add the SWIGLIBDIR##${STAGING_DIR_NATIVE} to the deps of do_install,
which caused the sstate cached can't be re-used.

Use another way for SWIGLIBDIR to fix the problem.

Patch 1/2:

* talloc: fix swig dependencies

This patch had been sent before, to avoid merge conflict just put them
to the same contrib branch.

The following changes since commit 28e26a9b0ad37d0c92ba42b2727215eef1edf5a2:

  tcpslice: add recipe under tcpdump (2014-09-09 10:32:51 -0400)

are available in the git repository at:

  git://git.pokylinux.org/poky-contrib wenzong/fix-talloc
  http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=wenzong/fix-talloc

Robert Yang (1):
  talloc: fixes for sstate cache reuse

Wenzong Fan (1):
  talloc: fix swig dependencies

 .../install-swig-interface-in-SWINGLIBDIR.patch|2 +-
 meta-oe/recipes-support/talloc/talloc_2.0.1.bb |   13 +++--
 2 files changed, 12 insertions(+), 3 deletions(-)

-- 
1.7.9.5

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH 1/2][meta-oe] talloc: fix swig dependencies

2014-09-16 Thread wenzong.fan 
From: Wenzong Fan wenzong@windriver.com

* depens on swig-native to make sure that the talloc.i always be
  installed;

* remove relative path that from `swig -swiglib`:

${D}/usr/bin/../share - ${D}/usr/share

  This prevents 'install' from creraing empty dir: ${D}${bindir};

* fix the path to talloc.i for separate build.

Signed-off-by: Wenzong Fan wenzong@windriver.com
---
 .../install-swig-interface-in-SWINGLIBDIR.patch|2 +-
 meta-oe/recipes-support/talloc/talloc_2.0.1.bb |5 +++--
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git 
a/meta-oe/recipes-support/talloc/talloc/install-swig-interface-in-SWINGLIBDIR.patch
 
b/meta-oe/recipes-support/talloc/talloc/install-swig-interface-in-SWINGLIBDIR.patch
index e1339a0..635c60e 100644
--- 
a/meta-oe/recipes-support/talloc/talloc/install-swig-interface-in-SWINGLIBDIR.patch
+++ 
b/meta-oe/recipes-support/talloc/talloc/install-swig-interface-in-SWINGLIBDIR.patch
@@ -17,7 +17,7 @@ Index: talloc-2.0.1/talloc.mk
 -  which swig /dev/null 21  ${INSTALLCMD} -d $(DESTDIR)`swig 
-swiglib` || true
 -  which swig /dev/null 21  ${INSTALLCMD} -m 644 talloc.i 
$(DESTDIR)`swig -swiglib` || true
 +  which swig /dev/null 21  ${INSTALLCMD} -d $(DESTDIR)/$(SWIGLIBDIR) 
|| true
-+  which swig /dev/null 21  ${INSTALLCMD} -m 644 talloc.i 
$(DESTDIR)/$(SWIGLIBDIR) || true
++  which swig /dev/null 21  ${INSTALLCMD} -m 644 
$(srcdir)/$(tallocdir)/talloc.i $(DESTDIR)/$(SWIGLIBDIR) || true
  
  doc:: talloc.3 talloc.3.html
  
diff --git a/meta-oe/recipes-support/talloc/talloc_2.0.1.bb 
b/meta-oe/recipes-support/talloc/talloc_2.0.1.bb
index 48c0915..9cf3e43 100644
--- a/meta-oe/recipes-support/talloc/talloc_2.0.1.bb
+++ b/meta-oe/recipes-support/talloc/talloc_2.0.1.bb
@@ -18,10 +18,12 @@ PR = r2
 
 EXTRA_AUTORECONF = --exclude=autopoint --exclude=aclocal
 
+DEPENDS += swig-native
+
 do_install_prepend() {
 # Hack the way swig interface for talloc is installed
 # This hack is accompanied by install-swig-interface-in-SWINGLIBDIR.patch
-type swig  /dev/null 21  SWIGLIBDIR=`swig -swiglib`  
SWIGLIBDIR=${SWIGLIBDIR##${STAGING_DIR_NATIVE}}  export SWIGLIBDIR || echo 
No swig found
+type swig  /dev/null 21  SWIGLIBDIR=`swig -swiglib`  
SWIGLIBDIR=`readlink -f ${SWIGLIBDIR}`  
SWIGLIBDIR=${SWIGLIBDIR##${STAGING_DIR_NATIVE}}  export SWIGLIBDIR || echo 
No swig found
 }
 
 do_install_append() {
@@ -29,7 +31,6 @@ do_install_append() {
 ln -s libtalloc.so.2.0.1 ${D}${libdir}/libtalloc.so.2.0
 ln -s libtalloc.so.2.0 ${D}${libdir}/libtalloc.so.2
 ln -s libtalloc.so.2 ${D}${libdir}/libtalloc.so
-rmdir ${D}${bindir}
 }
 
 PACKAGES += ${PN}-swig
-- 
1.7.9.5

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH 0/1][meta-oe] talloc: fix swig dependencies

2014-09-12 Thread wenzong.fan 
From: Wenzong Fan wenzong@windriver.com

Changes include:

* depens on swig-native to make sure that the talloc.i always be
  installed;

* remove relative path that from `swig -swiglib`:

${D}/usr/bin/../share - ${D}/usr/share

  This prevents 'install' from creraing empty dir: ${D}${bindir};

* fix the path to talloc.i for separate build.

The following changes since commit 28e26a9b0ad37d0c92ba42b2727215eef1edf5a2:

  tcpslice: add recipe under tcpdump (2014-09-09 10:32:51 -0400)

are available in the git repository at:

  git://git.pokylinux.org/poky-contrib wenzong/talloc-swig
  http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=wenzong/talloc-swig

Wenzong Fan (1):
  talloc: fix swig dependencies

 .../install-swig-interface-in-SWINGLIBDIR.patch|2 +-
 meta-oe/recipes-support/talloc/talloc_2.0.1.bb |5 +++--
 2 files changed, 4 insertions(+), 3 deletions(-)

-- 
1.7.9.5

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH 1/1][meta-oe] talloc: fix swig dependencies

2014-09-12 Thread wenzong.fan 
From: Wenzong Fan wenzong@windriver.com

* depens on swig-native to make sure that the talloc.i always be
  installed;

* remove relative path that from `swig -swiglib`:

${D}/usr/bin/../share - ${D}/usr/share

  This prevents 'install' from creraing empty dir: ${D}${bindir};

* fix the path to talloc.i for separate build.

Signed-off-by: Wenzong Fan wenzong@windriver.com
---
 .../install-swig-interface-in-SWINGLIBDIR.patch|2 +-
 meta-oe/recipes-support/talloc/talloc_2.0.1.bb |5 +++--
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git 
a/meta-oe/recipes-support/talloc/talloc/install-swig-interface-in-SWINGLIBDIR.patch
 
b/meta-oe/recipes-support/talloc/talloc/install-swig-interface-in-SWINGLIBDIR.patch
index e1339a0..635c60e 100644
--- 
a/meta-oe/recipes-support/talloc/talloc/install-swig-interface-in-SWINGLIBDIR.patch
+++ 
b/meta-oe/recipes-support/talloc/talloc/install-swig-interface-in-SWINGLIBDIR.patch
@@ -17,7 +17,7 @@ Index: talloc-2.0.1/talloc.mk
 -  which swig /dev/null 21  ${INSTALLCMD} -d $(DESTDIR)`swig 
-swiglib` || true
 -  which swig /dev/null 21  ${INSTALLCMD} -m 644 talloc.i 
$(DESTDIR)`swig -swiglib` || true
 +  which swig /dev/null 21  ${INSTALLCMD} -d $(DESTDIR)/$(SWIGLIBDIR) 
|| true
-+  which swig /dev/null 21  ${INSTALLCMD} -m 644 talloc.i 
$(DESTDIR)/$(SWIGLIBDIR) || true
++  which swig /dev/null 21  ${INSTALLCMD} -m 644 
$(srcdir)/$(tallocdir)/talloc.i $(DESTDIR)/$(SWIGLIBDIR) || true
  
  doc:: talloc.3 talloc.3.html
  
diff --git a/meta-oe/recipes-support/talloc/talloc_2.0.1.bb 
b/meta-oe/recipes-support/talloc/talloc_2.0.1.bb
index 48c0915..9cf3e43 100644
--- a/meta-oe/recipes-support/talloc/talloc_2.0.1.bb
+++ b/meta-oe/recipes-support/talloc/talloc_2.0.1.bb
@@ -18,10 +18,12 @@ PR = r2
 
 EXTRA_AUTORECONF = --exclude=autopoint --exclude=aclocal
 
+DEPENDS += swig-native
+
 do_install_prepend() {
 # Hack the way swig interface for talloc is installed
 # This hack is accompanied by install-swig-interface-in-SWINGLIBDIR.patch
-type swig  /dev/null 21  SWIGLIBDIR=`swig -swiglib`  
SWIGLIBDIR=${SWIGLIBDIR##${STAGING_DIR_NATIVE}}  export SWIGLIBDIR || echo 
No swig found
+type swig  /dev/null 21  SWIGLIBDIR=`swig -swiglib`  
SWIGLIBDIR=`readlink -f ${SWIGLIBDIR}`  
SWIGLIBDIR=${SWIGLIBDIR##${STAGING_DIR_NATIVE}}  export SWIGLIBDIR || echo 
No swig found
 }
 
 do_install_append() {
@@ -29,7 +31,6 @@ do_install_append() {
 ln -s libtalloc.so.2.0.1 ${D}${libdir}/libtalloc.so.2.0
 ln -s libtalloc.so.2.0 ${D}${libdir}/libtalloc.so.2
 ln -s libtalloc.so.2 ${D}${libdir}/libtalloc.so
-rmdir ${D}${bindir}
 }
 
 PACKAGES += ${PN}-swig
-- 
1.7.9.5

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH 0/1][meta-oe] talloc: ignore exit status of rmdir

2014-09-09 Thread wenzong.fan 
From: Wenzong Fan wenzong@windriver.com

* fix do_insall errors:
  rmdir: failed to remove `.../talloc/2.0.1-r2/image/usr/bin': \
  No such file or directory

The following changes since commit 46824934fa4ac6a61bebe2c92faa31c0a8e85392:

  meta-networking: Update layer dependency information (2014-09-08 16:34:25 
-0400)

are available in the git repository at:

  git://git.pokylinux.org/poky-contrib wenzong/fix-talloc
  http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=wenzong/fix-talloc

Wenzong Fan (1):
  talloc: ignore exit status of rmdir

 meta-oe/recipes-support/talloc/talloc_2.0.1.bb |2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

-- 
1.7.9.5

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [PATCH 1/1][meta-oe] talloc: ignore exit status of rmdir

2014-09-09 Thread wenzong.fan 
From: Wenzong Fan wenzong@windriver.com

* fix do_insall errors:
  rmdir: failed to remove `.../talloc/2.0.1-r2/image/usr/bin': \
  No such file or directory

Signed-off-by: Wenzong Fan wenzong@windriver.com
---
 meta-oe/recipes-support/talloc/talloc_2.0.1.bb |2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta-oe/recipes-support/talloc/talloc_2.0.1.bb 
b/meta-oe/recipes-support/talloc/talloc_2.0.1.bb
index 48c0915..ed3e2c1 100644
--- a/meta-oe/recipes-support/talloc/talloc_2.0.1.bb
+++ b/meta-oe/recipes-support/talloc/talloc_2.0.1.bb
@@ -29,7 +29,7 @@ do_install_append() {
 ln -s libtalloc.so.2.0.1 ${D}${libdir}/libtalloc.so.2.0
 ln -s libtalloc.so.2.0 ${D}${libdir}/libtalloc.so.2
 ln -s libtalloc.so.2 ${D}${libdir}/libtalloc.so
-rmdir ${D}${bindir}
+rmdir ${D}${bindir} || true
 }
 
 PACKAGES += ${PN}-swig
-- 
1.7.9.5

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [meta-oe][PATCH] postgresql: Use pkg-config for libxml2 dependency

2014-06-20 Thread wenzong.fan 
From: Wenzong Fan wenzong@windriver.com

Use pkg-config for the libxml2 dependency, not the -config script.

Signed-off-by: Wenzong Fan wenzong@windriver.com
---
 .../use-pkg-config-for-libxml2-dependency.patch|   44 
 .../recipes-support/postgresql/postgresql_9.2.4.bb |1 +
 2 files changed, 45 insertions(+)
 create mode 100644 
meta-oe/recipes-support/postgresql/postgresql-9.2.4/use-pkg-config-for-libxml2-dependency.patch

diff --git 
a/meta-oe/recipes-support/postgresql/postgresql-9.2.4/use-pkg-config-for-libxml2-dependency.patch
 
b/meta-oe/recipes-support/postgresql/postgresql-9.2.4/use-pkg-config-for-libxml2-dependency.patch
new file mode 100644
index 000..d26701f
--- /dev/null
+++ 
b/meta-oe/recipes-support/postgresql/postgresql-9.2.4/use-pkg-config-for-libxml2-dependency.patch
@@ -0,0 +1,44 @@
+From 744bbd99a779deac244cebc30f21db9b77946eab Mon Sep 17 00:00:00 2001
+From: Wenzong Fan wenzong@windriver.com
+Date: Thu, 19 Jun 2014 22:34:21 -0400
+Subject: [PATCH] postgresql: Use pkg-config for libxml2 dependency
+
+Use pkg-config for the libxml2 dependency, not the -config script.
+
+Upstream-Status: Pending
+
+Signed-off-by: Wenzong Fan wenzong@windriver.com
+---
+ configure.in |   16 
+ 1 file changed, 4 insertions(+), 12 deletions(-)
+
+diff --git a/configure.in b/configure.in
+index 3bf9728..d768e9f 100644
+--- a/configure.in
 b/configure.in
+@@ -709,18 +709,10 @@ PGAC_ARG_BOOL(with, libxml, no, [build with XML support],
+   [AC_DEFINE([USE_LIBXML], 1, [Define to 1 to build with XML 
support. (--with-libxml)])])
+ 
+ if test $with_libxml = yes ; then
+-  AC_CHECK_PROGS(XML2_CONFIG, xml2-config)
+-  if test -n $XML2_CONFIG; then
+-for pgac_option in `$XML2_CONFIG --cflags`; do
+-  case $pgac_option in
+--I*|-D*) CPPFLAGS=$CPPFLAGS $pgac_option;;
+-  esac
+-done
+-for pgac_option in `$XML2_CONFIG --libs`; do
+-  case $pgac_option in
+--L*) LDFLAGS=$LDFLAGS $pgac_option;;
+-  esac
+-done
++  PKG_CHECK_MODULES(PKG_XML2, [libxml-2.0],,)
++  if test x$PKG_XML2_CFLAGS != x; then
++CPPFLAGS=$CPPFLAGS $PKG_XML2_CFLAGS
++LDFLAGS=$LDFLAGS $PKG_XML2_LIBS
+   fi
+ fi
+ 
+-- 
+1.7.9.5
+
diff --git a/meta-oe/recipes-support/postgresql/postgresql_9.2.4.bb 
b/meta-oe/recipes-support/postgresql/postgresql_9.2.4.bb
index 49ca53f..e45638d 100644
--- a/meta-oe/recipes-support/postgresql/postgresql_9.2.4.bb
+++ b/meta-oe/recipes-support/postgresql/postgresql_9.2.4.bb
@@ -7,6 +7,7 @@ PR = ${INC_PR}.0
 SRC_URI += \
 file://remove.autoconf.version.check.patch \
 file://ecpg-parallel-make-fix.patch \
+file://use-pkg-config-for-libxml2-dependency.patch \
 
 
 SRC_URI[md5sum] = 6ee5bb53b97da7c6ad9cb0825d3300dd
-- 
1.7.9.5

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [meta-networking][PATCH 2/2] ntp: fix hardcode to /usr/bin/perl

2014-04-20 Thread wenzong.fan 
From: Wenzong Fan wenzong@windriver.com

This patch properly uses the path variables and fixes ntptrace and
ntp-wait, just in case perl is not installed with the hardcode path.

Signed-off-by: Rahat Mahbub rahat.mah...@windriver.com
Signed-off-by: Wenzong Fan wenzong@windriver.com
---
 meta-networking/recipes-support/ntp/ntp.inc |4 
 1 file changed, 4 insertions(+)

diff --git a/meta-networking/recipes-support/ntp/ntp.inc 
b/meta-networking/recipes-support/ntp/ntp.inc
index 9c3e0d1..d4adfd8 100644
--- a/meta-networking/recipes-support/ntp/ntp.inc
+++ b/meta-networking/recipes-support/ntp/ntp.inc
@@ -58,6 +58,10 @@ do_install_append() {
 sed -i 's!/etc/!${sysconfdir}/!g' ${D}${sysconfdir}/init.d/ntpd 
${D}${bindir}/ntpdate-sync
 sed -i 's!/var/!${localstatedir}/!g' ${D}${sysconfdir}/init.d/ntpd 
${D}${bindir}/ntpdate-sync
 sed -i 
's!^PATH=.*!PATH=${base_sbindir}:${base_bindir}:${sbindir}:${bindir}!' 
${D}${bindir}/ntpdate-sync
+sed -i '1s,#!.*perl -w,#! ${bindir}/env perl,' ${D}${sbindir}/ntptrace
+sed -i '/use/i use warnings;' ${D}${sbindir}/ntptrace
+sed -i '1s,#!.*perl -w,#! ${bindir}/env perl,' ${D}${sbindir}/ntp-wait
+sed -i '/use/i use warnings;' ${D}${sbindir}/ntp-wait
 
 install -d ${D}/${sysconfdir}/default
 install -m 644 ${WORKDIR}/ntpdate.default ${D}${sysconfdir}/default/ntpdate
-- 
1.7.9.5

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [meta-networking][PATCH 1/2] vsftpd: fix install warning

2014-04-20 Thread wenzong.fan 
From: Wenzong Fan wenzong@windriver.com

WARNING: QA Issue: vsftpd: Files/directories were installed but not shipped
  /run
  /run/vsftpd
  /run/vsftpd/empty

Signed-off-by: Li Wang li.w...@windriver.com
Signed-off-by: Wenzong Fan wenzong@windriver.com
---
 .../recipes-daemons/vsftpd/vsftpd_3.0.0.bb |9 -
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/meta-networking/recipes-daemons/vsftpd/vsftpd_3.0.0.bb 
b/meta-networking/recipes-daemons/vsftpd/vsftpd_3.0.0.bb
index 0698a63..2cf9ac3 100644
--- a/meta-networking/recipes-daemons/vsftpd/vsftpd_3.0.0.bb
+++ b/meta-networking/recipes-daemons/vsftpd/vsftpd_3.0.0.bb
@@ -70,7 +70,6 @@ do_install() {
 sed -i s:/lib/security:${base_libdir}/security: 
${D}${sysconfdir}/pam.d/vsftpd
 sed -i s:ftpusers:vsftpd.ftpusers: ${D}${sysconfdir}/pam.d/vsftpd
 fi
-install -d ${D}${localstatedir}/run/vsftpd/empty
 }
 
 INITSCRIPT_PACKAGES = ${PN}
@@ -82,3 +81,11 @@ USERADD_PARAM_${PN} = --system --home-dir /var/lib/ftp 
--no-create-home -g ftp
--shell /bin/false ftp 
 GROUPADD_PARAM_${PN} = -r ftp
 
+pkg_postinst_${PN}() {
+   if [ -n $D ]; then
+   exit 0
+   fi
+   if [ -e /etc/init.d/populate-volatile.sh ]; then
+   /etc/init.d/populate-volatile.sh update
+   fi
+}
-- 
1.7.9.5

-- 
___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

[oe] [meta-selinux][PATCH 00/10] selinux userspace: uprev packages to release 20131030

2014-01-08 Thread wenzong.fan 
From: Wenzong Fan wenzong@windriver.com

Changes:
1) Uprev selinux packages to release 20131030;
2) Fix build dependency to libsemanage;
3) Fix QA issues to policycoreutils;
4) Update LIC_FILES_CHKSUM for selinux packagegroups.

Some Tests:
1) build test:
- add meta-selinux path to conf/bblayers.conf;
- add DISTRO_FEATURES_append= pam selinux to conf/local.conf;
- build selinux image:
  $ bitbake core-image-selinux

- add below configs to conf/local.conf and run image build:
  PREFERRED_VERSION_checkpolicy = 2.2+gitAUTOINC+edc2e99687
  PREFERRED_VERSION_libselinux = 2.2+gitAUTOINC+edc2e99687
  PREFERRED_VERSION_libsemanage = 2.2+gitAUTOINC+edc2e99687
  PREFERRED_VERSION_libsepol = 2.2+gitAUTOINC+edc2e99687
  PREFERRED_VERSION_policycoreutils = 2.2.5+gitAUTOINC+edc2e99687
  PREFERRED_VERSION_sepolgen = 1.2.1+gitAUTOINC+edc2e99687

All builds successfully.

2) basic verification on target:
$ runqemu qemux86 core-image-selinux ext3 nographic qemuparams=-m 1024

qemux86 login: root
root@qemux86:~# id -Z
root:sysadm_r:sysadm_t:s0-s15:c0.c1023

root@qemux86:~# sestatus
SELinux status: enabled
SELinuxfs mount:/sys/fs/selinux
SELinux root directory: /etc/selinux
Loaded policy name: mls
Current mode:   enforcing
Mode from config file:  enforcing
Policy MLS status:  enabled
Policy deny_unknown status: allowed
Max kernel policy version:  28


The following changes since commit 2209cb5fc21c1ad5a7471897528ed64170f70219:

  policy: Create compressed_policy distro feature (2013-12-05 09:03:41 -0500)

are available in the git repository at:

  git://git.pokylinux.org/poky-contrib wenzong/selinux-uprev
  http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=wenzong/selinux-uprev

Wenzong Fan (10):
  selinux userspace: uprev packages to release 20131030
  checkpolicy: migrate SRC_URI to 2.2
  libselinux: migrate SRC_URI and patches to 2.2
  libsemanage: migrate SRC_URI to 2.2
  libsepol: migrate SRC_URI to 2.2
  policycoreutils: migrate SRC_URI and patches to 2.2.5
  sepolgen: migrate SRC_URI to 1.2.1
  libsemanage: add audit dependency
  policycoreutils: fix QA issues
  selinux packagegroups: update LIC_FILES_CHKSUM

 recipes-security/audit/audit_2.3.2.bb  |8 -
 .../packagegroups/packagegroup-core-selinux.bb |2 +-
 .../packagegroups/packagegroup-selinux-minimal.bb  |2 +-
 .../packagegroup-selinux-policycoreutils.bb|2 +-
 recipes-security/selinux/checkpolicy_2.1.12.bb |9 --
 recipes-security/selinux/checkpolicy_2.2.bb|9 ++
 recipes-security/selinux/checkpolicy_git.bb|2 +-
 .../libselinux-fix-init-load-policy.patch  |   27 
 .../libselinux/libselinux-pcre-link-order.patch|   31 --
 .../{libselinux_2.1.13.bb = libselinux_2.2.bb}|8 ++---
 recipes-security/selinux/libselinux_git.bb |   10 --
 recipes-security/selinux/libsemanage.inc   |2 +-
 .../libsemanage/libsemanage-fix-path-nologin.patch |9 +++---
 .../{libsemanage_2.1.10.bb = libsemanage_2.2.bb}  |6 ++--
 recipes-security/selinux/libsemanage_git.bb|3 +-
 recipes-security/selinux/libsepol.inc  |5 ++-
 ...ibsepol-Change-ranlib-for-cross-compiling.patch |   31 --
 recipes-security/selinux/libsepol_2.1.9.bb |   11 ---
 recipes-security/selinux/libsepol_2.2.bb   |9 ++
 recipes-security/selinux/libsepol_git.bb   |4 +--
 recipes-security/selinux/policycoreutils.inc   |   12 ---
 ...policycoreutils-fix-sepolicy-install-path.patch |   18 +--
 .../policycoreutils-fix-strict-prototypes.patch|   34 
 .../policycoreutils-make-O_CLOEXEC-optional.patch  |   28 
 ...oreutils_2.1.14.bb = policycoreutils_2.2.5.bb} |9 +++---
 recipes-security/selinux/policycoreutils_git.bb|8 +++--
 recipes-security/selinux/selinux_20130423.inc  |   12 ---
 recipes-security/selinux/selinux_20131030.inc  |   12 +++
 recipes-security/selinux/selinux_git.inc   |4 +--
 recipes-security/selinux/sepolgen_1.1.9.bb |9 --
 recipes-security/selinux/sepolgen_1.2.1.bb |9 ++
 recipes-security/selinux/sepolgen_git.bb   |2 +-
 32 files changed, 117 insertions(+), 230 deletions(-)
 delete mode 100644 recipes-security/selinux/checkpolicy_2.1.12.bb
 create mode 100644 recipes-security/selinux/checkpolicy_2.2.bb
 delete mode 100644 
recipes-security/selinux/libselinux/libselinux-fix-init-load-policy.patch
 delete mode 100644 
recipes-security/selinux/libselinux/libselinux-pcre-link-order.patch
 rename recipes-security/selinux/{libselinux_2.1.13.bb = libselinux_2.2.bb} 
(58%)
 rename recipes-security/selinux/{libsemanage_2.1.10.bb = libsemanage_2.2.bb} 
(70%)
 delete mode 100644

[oe] [meta-selinux][PATCH 01/10] selinux userspace: uprev packages to release 20131030

2014-01-08 Thread wenzong.fan 
From: Wenzong Fan wenzong@windriver.com

Upreved packages:
 - checkpolicy to 2.2
 - libselinux to 2.2
 - libsemanage to 2.2
 - libsepol to 2.2
 - policycoreutils to 2.2.5
 - sepolgen to 1.2.1

Migrate patches in next commits.

Signed-off-by: Wenzong Fan wenzong@windriver.com
---
 .../{checkpolicy_2.1.12.bb = checkpolicy_2.2.bb}  |0
 .../{libselinux_2.1.13.bb = libselinux_2.2.bb}|0
 .../{libsemanage_2.1.10.bb = libsemanage_2.2.bb}  |0
 .../selinux/{libsepol_2.1.9.bb = libsepol_2.2.bb} |0
 ...oreutils_2.1.14.bb = policycoreutils_2.2.5.bb} |0
 recipes-security/selinux/selinux_20130423.inc  |   12 
 recipes-security/selinux/selinux_20131030.inc  |   12 
 recipes-security/selinux/selinux_git.inc   |4 +---
 .../{sepolgen_1.1.9.bb = sepolgen_1.2.1.bb}   |0
 9 files changed, 13 insertions(+), 15 deletions(-)
 rename recipes-security/selinux/{checkpolicy_2.1.12.bb = checkpolicy_2.2.bb} 
(100%)
 rename recipes-security/selinux/{libselinux_2.1.13.bb = libselinux_2.2.bb} 
(100%)
 rename recipes-security/selinux/{libsemanage_2.1.10.bb = libsemanage_2.2.bb} 
(100%)
 rename recipes-security/selinux/{libsepol_2.1.9.bb = libsepol_2.2.bb} (100%)
 rename recipes-security/selinux/{policycoreutils_2.1.14.bb = 
policycoreutils_2.2.5.bb} (100%)
 delete mode 100644 recipes-security/selinux/selinux_20130423.inc
 create mode 100644 recipes-security/selinux/selinux_20131030.inc
 rename recipes-security/selinux/{sepolgen_1.1.9.bb = sepolgen_1.2.1.bb} (100%)

diff --git a/recipes-security/selinux/checkpolicy_2.1.12.bb 
b/recipes-security/selinux/checkpolicy_2.2.bb
similarity index 100%
rename from recipes-security/selinux/checkpolicy_2.1.12.bb
rename to recipes-security/selinux/checkpolicy_2.2.bb
diff --git a/recipes-security/selinux/libselinux_2.1.13.bb 
b/recipes-security/selinux/libselinux_2.2.bb
similarity index 100%
rename from recipes-security/selinux/libselinux_2.1.13.bb
rename to recipes-security/selinux/libselinux_2.2.bb
diff --git a/recipes-security/selinux/libsemanage_2.1.10.bb 
b/recipes-security/selinux/libsemanage_2.2.bb
similarity index 100%
rename from recipes-security/selinux/libsemanage_2.1.10.bb
rename to recipes-security/selinux/libsemanage_2.2.bb
diff --git a/recipes-security/selinux/libsepol_2.1.9.bb 
b/recipes-security/selinux/libsepol_2.2.bb
similarity index 100%
rename from recipes-security/selinux/libsepol_2.1.9.bb
rename to recipes-security/selinux/libsepol_2.2.bb
diff --git a/recipes-security/selinux/policycoreutils_2.1.14.bb 
b/recipes-security/selinux/policycoreutils_2.2.5.bb
similarity index 100%
rename from recipes-security/selinux/policycoreutils_2.1.14.bb
rename to recipes-security/selinux/policycoreutils_2.2.5.bb
diff --git a/recipes-security/selinux/selinux_20130423.inc 
b/recipes-security/selinux/selinux_20130423.inc
deleted file mode 100644
index d692a57..000
--- a/recipes-security/selinux/selinux_20130423.inc
+++ /dev/null
@@ -1,12 +0,0 @@
-SELINUX_RELEASE = 20130423
-
-SRC_URI = 
http://userspace.selinuxproject.org/releases/${SELINUX_RELEASE}/${BPN}-${PV}.tar.gz;
-
-PREFERRED_VERSION_checkpolicy = 2.1.12
-PREFERRED_VERSION_libselinux = 2.1.13
-PREFERRED_VERSION_libsemanage = 2.1.10
-PREFERRED_VERSION_libsepol = 2.1.9
-PREFERRED_VERSION_policycoreutils = 2.1.14
-PREFERRED_VERSION_sepolgen = 1.1.9
-
-include selinux_common.inc
diff --git a/recipes-security/selinux/selinux_20131030.inc 
b/recipes-security/selinux/selinux_20131030.inc
new file mode 100644
index 000..807a37c
--- /dev/null
+++ b/recipes-security/selinux/selinux_20131030.inc
@@ -0,0 +1,12 @@
+SELINUX_RELEASE = 20131030
+
+SRC_URI = 
http://userspace.selinuxproject.org/releases/${SELINUX_RELEASE}/${BPN}-${PV}.tar.gz;
+
+PREFERRED_VERSION_checkpolicy = 2.2
+PREFERRED_VERSION_libselinux = 2.2
+PREFERRED_VERSION_libsemanage = 2.2
+PREFERRED_VERSION_libsepol = 2.2
+PREFERRED_VERSION_policycoreutils = 2.2.5
+PREFERRED_VERSION_sepolgen = 1.2.1
+
+include selinux_common.inc
diff --git a/recipes-security/selinux/selinux_git.inc 
b/recipes-security/selinux/selinux_git.inc
index 37ea8e8..bb64d0d 100644
--- a/recipes-security/selinux/selinux_git.inc
+++ b/recipes-security/selinux/selinux_git.inc
@@ -1,8 +1,6 @@
-SRCREV = 3f52a123af40bae33bde2a1f2ecfb2320b61f9ad
+SRCREV = edc2e99687b050d5be21a78a66d038aa1fc068d9
 
 SRC_URI = git://oss.tresys.com/git/selinux.git;protocol=http
-SRC_URI[md5sum] = 4ec64a0d24aaa77c80b86e74d271e464
-SRC_URI[sha256sum] = 
9c8a8643c9a4dd0eb76fcda1420d636b750b84b27656c6f8bc6886a829d7e520
 
 S = ${WORKDIR}/git/${BPN}
 
diff --git a/recipes-security/selinux/sepolgen_1.1.9.bb 
b/recipes-security/selinux/sepolgen_1.2.1.bb
similarity index 100%
rename from recipes-security/selinux/sepolgen_1.1.9.bb
rename to recipes-security/selinux/sepolgen_1.2.1.bb
-- 
1.7.9.5

___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org

[oe] [meta-selinux][PATCH 06/10] policycoreutils: migrate SRC_URI and patches to 2.2.5

2014-01-08 Thread wenzong.fan 
From: Wenzong Fan wenzong@windriver.com

This patch is removed since it is merged by new version:
 - policycoreutils-fix-strict-prototypes.patch

These two patches are updated:
 - policycoreutils-fix-sepolicy-install-path.patch
 - policycoreutils-make-O_CLOEXEC-optional.patch

Signed-off-by: Wenzong Fan wenzong@windriver.com
---
 recipes-security/selinux/policycoreutils.inc   |2 +-
 ...policycoreutils-fix-sepolicy-install-path.patch |   18 +--
 .../policycoreutils-fix-strict-prototypes.patch|   34 
 .../policycoreutils-make-O_CLOEXEC-optional.patch  |   28 
 recipes-security/selinux/policycoreutils_2.2.5.bb  |9 +++---
 recipes-security/selinux/policycoreutils_git.bb|8 +++--
 6 files changed, 32 insertions(+), 67 deletions(-)
 delete mode 100644 
recipes-security/selinux/policycoreutils/policycoreutils-fix-strict-prototypes.patch

diff --git a/recipes-security/selinux/policycoreutils.inc 
b/recipes-security/selinux/policycoreutils.inc
index a474cb0..430b03f 100644
--- a/recipes-security/selinux/policycoreutils.inc
+++ b/recipes-security/selinux/policycoreutils.inc
@@ -1,4 +1,4 @@
-PRINC = 3
+PRINC = 1
 
 SUMMARY = SELinux policy core utilities
 DESCRIPTION = policycoreutils contains the policy core utilities that are 
required \
diff --git 
a/recipes-security/selinux/policycoreutils/policycoreutils-fix-sepolicy-install-path.patch
 
b/recipes-security/selinux/policycoreutils/policycoreutils-fix-sepolicy-install-path.patch
index aaf2e66..617908a 100644
--- 
a/recipes-security/selinux/policycoreutils/policycoreutils-fix-sepolicy-install-path.patch
+++ 
b/recipes-security/selinux/policycoreutils/policycoreutils-fix-sepolicy-install-path.patch
@@ -1,35 +1,33 @@
-From 086f715e2a0dd05c07f0428f424017cc96acc387 Mon Sep 17 00:00:00 2001
-From: Xin Ouyang xin.ouy...@windriver.com
-Date: Thu, 22 Aug 2013 16:40:26 +0800
 Subject: [PATCH] policycoreutils: fix install path for new pymodule sepolicy
 
 Signed-off-by: Xin Ouyang xin.ouy...@windriver.com
+Signed-off-by: Wenzong Fan wenzong@windriver.com
 ---
  sepolicy/Makefile |4 +++-
  1 file changed, 3 insertions(+), 1 deletion(-)
 
 diff --git a/sepolicy/Makefile b/sepolicy/Makefile
-index 11b534f..9e46b74 100644
+index 2b8716c..70f4bdd 100644
 --- a/sepolicy/Makefile
 +++ b/sepolicy/Makefile
-@@ -11,6 +11,8 @@ BASHCOMPLETIONDIR ?= $(DESTDIR)/etc/bash_completion.d/
+@@ -12,6 +12,8 @@ BASHCOMPLETIONDIR ?= 
$(DESTDIR)/usr/share/bash-completion/completions
  SHAREDIR ?= $(PREFIX)/share/sandbox
- override CFLAGS = $(LDFLAGS) -I$(PREFIX)/include -DPACKAGE=policycoreutils 
-Wall -Werror -Wextra -W  -DSHARED -shared
+ override CFLAGS = -I$(PREFIX)/include -DPACKAGE=policycoreutils -Wall 
-Werror -Wextra -W  -DSHARED -shared
  
 +PYLIBVER ?= $(shell python -c 'import sys;print python%d.%d % 
sys.version_info[0:2]')
 +
- BASHCOMPLETIONS=sepolicy-bash-completion.sh 
+ BASHCOMPLETIONS=sepolicy-bash-completion.sh
  
  all: python-build
-@@ -23,7 +25,7 @@ clean:
-   -rm -rf build *~ \#* *pyc .#*
+@@ -30,7 +32,7 @@ test:
+   @python test_sepolicy.py -v
  
  install:
 -  $(PYTHON) setup.py install `test -n $(DESTDIR)  echo --root 
$(DESTDIR)`
 +  $(PYTHON) setup.py install --install-lib 
$(LIBDIR)/$(PYLIBVER)/site-packages
[ -d $(BINDIR) ] || mkdir -p $(BINDIR)
install -m 755 sepolicy.py $(BINDIR)/sepolicy
-   -mkdir -p $(MANDIR)/man8
+   (cd $(BINDIR); ln -sf sepolicy sepolgen)
 -- 
 1.7.9.5
 
diff --git 
a/recipes-security/selinux/policycoreutils/policycoreutils-fix-strict-prototypes.patch
 
b/recipes-security/selinux/policycoreutils/policycoreutils-fix-strict-prototypes.patch
deleted file mode 100644
index 9bb353a..000
--- 
a/recipes-security/selinux/policycoreutils/policycoreutils-fix-strict-prototypes.patch
+++ /dev/null
@@ -1,34 +0,0 @@
-From 5944e9908fc12d69d19a1d24128cbc6d1a423c3d Mon Sep 17 00:00:00 2001
-From: Xin Ouyang xin.ouy...@windriver.com
-Date: Tue, 18 Jun 2013 12:29:00 +0800
-Subject: [PATCH] policycoreutils: fix build strict-prototypes failure
-
-| policy.c:90:6: error: function declaration isn't a prototype
-[-Werror=strict-prototypes]
-| cc1: all warnings being treated as errors
-| error: command 'i586-poky-linux-gcc' failed with exit status 1
-| make[1]: *** [python-build] Error 1
-
-Upstream-Status: pending
-
-Signed-off-by: Xin Ouyang xin.ouy...@windriver.com

- sepolicy/policy.c |2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/sepolicy/policy.c b/sepolicy/policy.c
-index 4eca22d..e454e75 100644
 a/sepolicy/policy.c
-+++ b/sepolicy/policy.c
-@@ -87,7 +87,7 @@ static PyMethodDef methods[] = {
-   {NULL, NULL, 0, NULL}   /* sentinel */
- };
- 
--void init_policy() {
-+void init_policy(void) {
- PyObject *m;
- m = Py_InitModule(_policy, methods);
- init_info(m);
--- 
-1.7.9.5
-
diff --git 
a/recipes-security/selinux/policycoreutils/policycoreutils-make-O_CLOEXEC-optional.patch

[oe] [meta-selinux][PATCH 03/10] libselinux: migrate SRC_URI and patches to 2.2

2014-01-08 Thread wenzong.fan 
From: Wenzong Fan wenzong@windriver.com

These two patches are removed since they are merged by new version:
 - libselinux-fix-init-load-policy.patch
 - libselinux-pcre-link-order.patch

Signed-off-by: Wenzong Fan wenzong@windriver.com
---
 .../libselinux-fix-init-load-policy.patch  |   27 -
 .../libselinux/libselinux-pcre-link-order.patch|   31 
 recipes-security/selinux/libselinux_2.2.bb |8 ++---
 recipes-security/selinux/libselinux_git.bb |   10 +--
 4 files changed, 10 insertions(+), 66 deletions(-)
 delete mode 100644 
recipes-security/selinux/libselinux/libselinux-fix-init-load-policy.patch
 delete mode 100644 
recipes-security/selinux/libselinux/libselinux-pcre-link-order.patch

diff --git 
a/recipes-security/selinux/libselinux/libselinux-fix-init-load-policy.patch 
b/recipes-security/selinux/libselinux/libselinux-fix-init-load-policy.patch
deleted file mode 100644
index 67e32d6..000
--- a/recipes-security/selinux/libselinux/libselinux-fix-init-load-policy.patch
+++ /dev/null
@@ -1,27 +0,0 @@
-From ac70ca3b336b52b01cdc38157d25bf7e85098ee1 Mon Sep 17 00:00:00 2001
-From: Xin Ouyang xin.ouy...@windriver.com
-Date: Thu, 12 Apr 2012 16:10:10 +0800
-Subject: [PATCH] libselinux: fix init load policy
-
-selinux_init_load_policy() would fail if we use the new mount point
-for selinuxfs(/sys/fs/selinux) while sysfs(/sys) is still not
-mounted.

- src/load_policy.c |1 +
- 1 files changed, 1 insertions(+), 0 deletions(-)
-
-diff --git a/src/load_policy.c b/src/load_policy.c
-index f569664..60e7efd 100644
 a/src/load_policy.c
-+++ b/src/load_policy.c
-@@ -370,6 +370,7 @@ int selinux_init_load_policy(int *enforce)
-* mount it if present for use in the calls below.  
-*/
-   const char *mntpoint = NULL;
-+  rc = mount(sysfs, /sys, sysfs, 0, 0);
-   if (mount(SELINUXFS, SELINUXMNT, SELINUXFS, 0, 0) == 0 || errno == 
EBUSY) {
-   mntpoint = SELINUXMNT;
-   } else {
--- 
-1.7.5.4
-
diff --git 
a/recipes-security/selinux/libselinux/libselinux-pcre-link-order.patch 
b/recipes-security/selinux/libselinux/libselinux-pcre-link-order.patch
deleted file mode 100644
index f011f1a..000
--- a/recipes-security/selinux/libselinux/libselinux-pcre-link-order.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-Subject: [PATCH] libselinux: Put -lpcre in LDADD for correct linking order
-
-Upstream-Status: pending
-
-Signed-off-by: Xin Ouyang xin.ouy...@windriver.com

- src/Makefile |4 ++--
- 1 files changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/src/Makefile b/src/Makefile
-index c4f5d4c..8f5aec5 100644
 a/src/Makefile
-+++ b/src/Makefile
-@@ -20,7 +20,7 @@ RUBYINC ?= $(shell pkg-config --cflags ruby)
- RUBYINSTALL ?= $(LIBDIR)/ruby/site_ruby/$(RUBYLIBVER)/$(RUBYPLATFORM)
- LIBBASE=$(shell basename $(LIBDIR))
- 
--LDFLAGS ?= -lpcre -lpthread
-+LDADD ?= -lpcre -lpthread
- 
- VERSION = $(shell cat ../VERSION)
- LIBVERSION = 1
-@@ -116,7 +116,7 @@ $(LIBA): $(OBJS)
-   $(RANLIB) $@
- 
- $(LIBSO): $(LOBJS)
--  $(CC) $(CFLAGS) -shared -o $@ $^ -ldl $(LDFLAGS) -L$(LIBDIR) 
-Wl,-soname,$(LIBSO),-z,defs,-z,relro
-+  $(CC) $(CFLAGS) -shared -o $@ $^ -ldl $(LDFLAGS) -L$(LIBDIR) 
-Wl,-soname,$(LIBSO),-z,defs,-z,relro $(LDADD)
-   ln -sf $@ $(TARGET) 
- 
- $(LIBPC): $(LIBPC).in ../VERSION
diff --git a/recipes-security/selinux/libselinux_2.2.bb 
b/recipes-security/selinux/libselinux_2.2.bb
index caed650..23bb9cb 100644
--- a/recipes-security/selinux/libselinux_2.2.bb
+++ b/recipes-security/selinux/libselinux_2.2.bb
@@ -1,16 +1,14 @@
 PR = r0
 
-include selinux_20130423.inc
+include selinux_20131030.inc
 include ${BPN}.inc
 
 LIC_FILES_CHKSUM = file://LICENSE;md5=84b4d2c6ef954a2d4081e775a270d0d0
 
-SRC_URI[md5sum] = 32bf7b5182977a8a9248a1eeefe49a22
-SRC_URI[sha256sum] = 
57aad47c06b7ec18a76e8d9870539277a84cb40109cfdcf70ed3260bdb04447a
+SRC_URI[md5sum] = d82beab880749a017f2737e6687fec30
+SRC_URI[sha256sum] = 
e9dc64216543a7283d786f623ac28e8867f8794138e7deba474a3aa8d02dce33
 
 SRC_URI += \
-file://libselinux-fix-init-load-policy.patch \
-file://libselinux-pcre-link-order.patch \
 file://libselinux-drop-Wno-unused-but-set-variable.patch \
 file://libselinux-make-O_CLOEXEC-optional.patch \
 file://libselinux-make-SOCK_CLOEXEC-optional.patch \
diff --git a/recipes-security/selinux/libselinux_git.bb 
b/recipes-security/selinux/libselinux_git.bb
index 6f93fd4..fb4fef2 100644
--- a/recipes-security/selinux/libselinux_git.bb
+++ b/recipes-security/selinux/libselinux_git.bb
@@ -1,10 +1,14 @@
 PR = r0
-PV = 2.1.13+git${SRCPV}
+PV = 2.2+git${SRCPV}
 
 include selinux_git.inc
 include ${BPN}.inc
 
 LIC_FILES_CHKSUM = file://LICENSE;md5=84b4d2c6ef954a2d4081e775a270d0d0
 
-SRC_URI += file://libselinux-fix-init-load-policy.patch \
-   file://libselinux-pcre-link-order.patch
+SRC_URI += \
+   file://libselinux-drop-Wno-unused-but-set-variable.patch \

[oe] [meta-selinux][PATCH 02/10] checkpolicy: migrate SRC_URI to 2.2

2014-01-08 Thread wenzong.fan 
From: Wenzong Fan wenzong@windriver.com

Signed-off-by: Wenzong Fan wenzong@windriver.com
---
 recipes-security/selinux/checkpolicy_2.2.bb |6 +++---
 recipes-security/selinux/checkpolicy_git.bb |2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/recipes-security/selinux/checkpolicy_2.2.bb 
b/recipes-security/selinux/checkpolicy_2.2.bb
index 198de31..8388e0f 100644
--- a/recipes-security/selinux/checkpolicy_2.2.bb
+++ b/recipes-security/selinux/checkpolicy_2.2.bb
@@ -1,9 +1,9 @@
 PR = r0
 
-include selinux_20130423.inc
+include selinux_20131030.inc
 include ${BPN}.inc
 
 LIC_FILES_CHKSUM = file://COPYING;md5=393a5ca445f6965873eca0259a17f833
 
-SRC_URI[md5sum] = b82c55a95855611b67ac99c7e8f48552
-SRC_URI[sha256sum] = 
e6a0ac539b74859b4262b317eb90d9914deb15e7aa509659f47724d50fe2ecc6
+SRC_URI[md5sum] = 9662eaa1163de67cf3d392b58d262552
+SRC_URI[sha256sum] = 
9ff6698f4d4cb59c9c916e348187d533ada4107f90c253ef7304905934e9adf8
diff --git a/recipes-security/selinux/checkpolicy_git.bb 
b/recipes-security/selinux/checkpolicy_git.bb
index bd59001..bf6250d 100644
--- a/recipes-security/selinux/checkpolicy_git.bb
+++ b/recipes-security/selinux/checkpolicy_git.bb
@@ -1,5 +1,5 @@
 PR = r0
-PV = 2.1.12+git${SRCPV}
+PV = 2.2+git${SRCPV}
 
 include selinux_git.inc
 include ${BPN}.inc
-- 
1.7.9.5

___
Openembedded-devel mailing list
Openembedded-devel@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-devel

  1   2   >