[yocto] How to remove -rpath and -rpath-link from BUILD_LDFLAGS env variable to solve following error: QA Issue: package python3-scipy contains bad RPATH? #python #bitbake

2021-08-30 Thread surfinride via lists.yoctoproject.org 
Hey there. I am building a Boot2Qt image for my Jetson Nano. Yocto release is 
dunfell. Currently I am trying to build the scipy library release 1.5.3. This 
is the recipe I am using:

> 
> inherit pypi setuptools3
> 
> SUMMARY = "SciPy: Scientific Library for Python"
> HOMEPAGE = "https://www.scipy.org";
> LICENSE = "BSD"
> LIC_FILES_CHKSUM =
> "file://LICENSE.txt;md5=8256119827cf2bbe63512d4868075867"
> 
> SRC_URI += " file://0001-Allow-passing-flags-via-FARCH-for-mach.patch"
> SRC_URI[md5sum] = "ecf5c58e4df1d257abf1634d51cb9205"
> SRC_URI[sha256sum] =
> "ddae76784574cc4c172f3d5edd7308be16078dd3b977e8746860c76c195fa707"
> 
> DEPENDS += "${PYTHON_PN}-numpy ${PYTHON_PN}-numpy-native
> ${PYTHON_PN}-pybind11-native lapack"
> RDEPENDS_${PN} += "${PYTHON_PN}-numpy lapack"
> 
> CLEANBROKEN = "1"
> 
> export LAPACK = "${STAGING_LIBDIR}"
> export BLAS = "${STAGING_LIBDIR}"
> 
> export F90 = "${TARGET_PREFIX}gfortran"
> export FARCH = "${TUNE_CCARGS}"
> # Numpy expects the LDSHARED env variable to point to a single
> # executable, but OE sets it to include some flags as well. So we split
> # the existing LDSHARED variable into the base executable and flags, and
> # prepend the flags into LDFLAGS
> LDFLAGS_prepend := "${@" ".join(d.getVar('LDSHARED', True).split()[1:])} "
> 
> export LDSHARED := "${@d.getVar('LDSHARED', True).split()[0]}"
> 
> # Tell Numpy to look in target sysroot site-packages directory for
> libraries
> LDFLAGS_append = "
> -L${STAGING_LIBDIR}/${PYTHON_DIR}/site-packages/numpy/core/lib"

This recipe fails with the bad RPATH error. Complete error log here ( 
https://pastebin.ubuntu.com/p/2K9sqxkhSn/ ).

This is what the Yocto documentation has to say about the bad RPATH error:

> 
> -package  contains bad RPATH  in file 
> [rpaths]The specified binary produced by the recipe contains dynamic
> library load paths (rpaths) that contain build system paths such as
> TMPDIR, which are incorrect for the target and could potentially be a
> security issue. Check for bad -rpathoptions being passed to the linker in
> your do_compile log. Depending on the build system used by the software
> being built, there might be a configure option to disable rpath usage
> completely within the build of the software.

I looked in the run.do_configure file. This is what the BUILD_LDFLAGS variable 
is set like:
> 
> 
> export
> BUILD_LDFLAGS="-L/media/dell/ext4_volume/jetson-nano-build-files/tmp/work/aarch64-poky-linux/python3-scipy/1.5.3-r0/recipe-sysroot-native/usr/lib
> -L/media/dell/ext4_volume/jetson-nano-build-files/tmp/work/aarch64-poky-linux/python3-scipy/1.5.3-r0/recipe-sysroot-native/lib
> -Wl,--enable-new-dtags
> -Wl,-rpath-link,/media/dell/ext4_volume/jetson-nano-build-files/tmp/work/aarch64-poky-linux/python3-scipy/1.5.3-r0/recipe-sysroot-native/usr/lib
> -Wl,-rpath-link,/media/dell/ext4_volume/jetson-nano-build-files/tmp/work/aarch64-poky-linux/python3-scipy/1.5.3-r0/recipe-sysroot-native/lib
> -Wl,-rpath,/media/dell/ext4_volume/jetson-nano-build-files/tmp/work/aarch64-poky-linux/python3-scipy/1.5.3-r0/recipe-sysroot-native/usr/lib
> -Wl,-rpath,/media/dell/ext4_volume/jetson-nano-build-files/tmp/work/aarch64-poky-linux/python3-scipy/1.5.3-r0/recipe-sysroot-native/lib
> -Wl,-O1 -Wl,--allow-shlib-undefined
> -Wl,--dynamic-linker=/media/dell/ext4_volume/jetson-nano-build-files/tmp/sysroots-uninative/x86_64-linux/lib/ld-linux-x86-64.so.2"
> 

So I created a copy of bitbake.conf in my custom layer and set the priority of 
the layer above the poky/meta/ layer. With this the -rpath and -rpath-link 
options are removed from the BUILD_LDFLAGS variable. Now if I build the 
package, the build still fails with the same error.
Running grep on the tmp/work/aarch64-poky-linux/python3-scipy/1.5.3-r0/temp/ 
showed that -rpath option is still being passed to gcc. Complete log.do_compile 
here. ( https://pastebin.ubuntu.com/p/tvpn8zTZ7q/ )

Right now I am kind of clueless as to how I should approach debugging this. 
Would really appreciate any help. Thanks.

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#54597): https://lists.yoctoproject.org/g/yocto/message/54597
Mute This Topic: https://lists.yoctoproject.org/mt/85245864/21656
Mute #python:https://lists.yoctoproject.org/g/yocto/mutehashtag/python
Mute #bitbake:https://lists.yoctoproject.org/g/yocto/mutehashtag/bitbake
Group Owner: yocto+ow...@lists.yoctoproject.org
Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [yocto] kcrash package compile issue

2021-08-30 Thread Andreas Müller 
On Mon, Aug 30, 2021 at 6:46 AM Zoran  wrote:
>
> > CMake Error in src/CMakeLists.txt:
> >
> > Imported target "KF5::WindowSystem" includes non-existent path
>
> You somehow mixed Windows and Linux Cmake build systems. Not sure how...
>
> Solution 1: fix on the fly current problem:
> You should inspect the file: src/CMakeLists.txt and try to fix Windows
> paths to match Linux paths.
>
> Solution 2: delete the current Cmake setup and execute it from scratch:
> Error should not happen, since you need to delete the Cmake setup and
> do the whole thing from scratch.
> 1) configure <<= This step causes you problems!
> 2) make
> 3) make install
>
> Zee
> ___
>
>
> On Mon, Aug 30, 2021 at 6:10 AM sateesh m  wrote:
> >
> > Hi Team,
> >
> >  I am trying to build kcrash package. I got below error.Can 
> > anybody know how to fix this please guide me.
> >
> > ERROR: kcrash-5.85.0-r0 do_configure: Execution of 
> > '/home/yocto/sources/fu540-build/tmp-glibc/work/riscv64-oe-linux/kcrash/5.85.0-r0/temp/run.do_configure.12650'
> >  failed with exit code 1:
> >
> > -- The C compiler identification is GNU 10.2.0
> >
> > -- The CXX compiler identification is GNU 10.2.0
> >
> > -- Detecting C compiler ABI info
> >
> > -- Detecting C compiler ABI info - done
> >
> > -- Check for working C compiler: 
> > /home/yocto/sources/fu540-build/tmp-glibc/work/riscv64-oe-linux/kcrash/5.85.0-r0/recipe-sysroot-native/usr/bin/riscv64-oe-linux/riscv64-oe-linux-gcc
> >  - skipped
> >
> > -- Detecting C compile features
> >
> > -- Detecting C compile features - done
> >
> > -- Detecting CXX compiler ABI info
> >
> > -- Detecting CXX compiler ABI info - done
> >
> > -- Check for working CXX compiler: 
> > /home/yocto/sources/fu540-build/tmp-glibc/work/riscv64-oe-linux/kcrash/5.85.0-r0/recipe-sysroot-native/usr/bin/riscv64-oe-linux/riscv64-oe-linux-g++
> >  - skipped
> >
> > -- Detecting CXX compile features
> >
> > -- Detecting CXX compile features - done
> >
> > --
> >
> >
> >
> > Installing in /usr. Run 
> > /home/yocto/sources/fu540-build/tmp-glibc/work/riscv64-oe-linux/kcrash/5.85.0-r0/build/prefix.sh
> >  to set the environment for KCrash.
> >
> > -- Looking for __GLIBC__
> >
> > -- Looking for __GLIBC__ - found
> >
> > -- Performing Test _OFFT_IS_64BIT
> >
> > -- Performing Test _OFFT_IS_64BIT - Success
> >
> > -- Performing Test HAVE_DATE_TIME
> >
> > -- Performing Test HAVE_DATE_TIME - Success
> >
> > -- Performing Test BSYMBOLICFUNCTIONS_AVAILABLE
> >
> > -- Performing Test BSYMBOLICFUNCTIONS_AVAILABLE - Success
> >
> > fatal: not a git repository (or any of the parent directories): .git
> >
> > -- Found X11: 
> > /home/yocto/sources/fu540-build/tmp-glibc/work/riscv64-oe-linux/kcrash/5.85.0-r0/recipe-sysroot/usr/include
> >
> > -- Looking for XOpenDisplay in 
> > /home/yocto/sources/fu540-build/tmp-glibc/work/riscv64-oe-linux/kcrash/5.85.0-r0/recipe-sysroot/usr/lib/libX11.so;/home/sateesh/yocto/sources/fu540-build/tmp-glibc/work/riscv64-oe-linux/kcrash/5.85.0-r0/recipe-sysroot/usr/lib/libXext.so
> >
> > -- Looking for XOpenDisplay in 
> > /home/yocto/sources/fu540-build/tmp-glibc/work/riscv64-oe-linux/kcrash/5.85.0-r0/recipe-sysroot/usr/lib/libX11.so;/home/sateesh/yocto/sources/fu540-build/tmp-glibc/work/riscv64-oe-linux/kcrash/5.85.0-r0/recipe-sysroot/usr/lib/libXext.so
> >  - found
> >
> > -- Looking for gethostbyname
> >
> > -- Looking for gethostbyname - found
> >
> > -- Looking for connect
> >
> > -- Looking for connect - found
> >
> > -- Looking for remove
> >
> > -- Looking for remove - found
> >
> > -- Looking for shmat
> >
> > -- Looking for shmat - found
> >
> > -- Looking for IceConnectionNumber in ICE
> >
> > -- Looking for IceConnectionNumber in ICE - found
> >
> > -- Performing Test COMPILER_HAS_HIDDEN_VISIBILITY
> >
> > -- Performing Test COMPILER_HAS_HIDDEN_VISIBILITY - Success
> >
> > -- Performing Test COMPILER_HAS_HIDDEN_INLINE_VISIBILITY
> >
> > -- Performing Test COMPILER_HAS_HIDDEN_INLINE_VISIBILITY - Success
> >
> > -- Performing Test COMPILER_HAS_DEPRECATED_ATTR
> >
> > -- Performing Test COMPILER_HAS_DEPRECATED_ATTR - Success
> >
> > -- The following features have been enabled:
> >
> >
> >
> > * Core Pattern Raising, Raising signals to kernel core patterns (iff the 
> > pattern is a process). You may wish to not install drkonqi if this can 
> > cause a UI conflict.
> >
> >
> >
> > -- The following OPTIONAL packages have been found:
> >
> >
> >
> > * X11
> >
> >
> >
> > -- The following REQUIRED packages have been found:
> >
> >
> >
> > * ECM (required version >= 5.85.0), Extra CMake Modules., 
> > 
> >
> > * Qt5 (required version >= 5.15.0)
> >
> > * Qt5Core (required version >= 5.15.0)
> >
> > * KF5CoreAddons (required version >= 5.85.0)
> >
> > * Qt5Gui (required version >= 5.15.0)
> >
> > * KF5WindowSystem (required version >= 5.85.0)
> >
> > * Qt5X11Extras (required version >= 5.15.0)
> >
> >
> >
> > -- The following features have

Re: [yocto] kcrash package compile issue

2021-08-30 Thread Zoran 
> That means that kwindowsystem did not install all necessary bits.

Oh, I see... It has everything to do with Xwindows systems in X11
Client/Server domain.

kwindoes => KDE desktop.

Apology for the confusion!

Zee
___



On Mon, Aug 30, 2021 at 2:19 PM Andreas Müller  wrote:
>
> On Mon, Aug 30, 2021 at 6:46 AM Zoran  wrote:
> >
> > > CMake Error in src/CMakeLists.txt:
> > >
> > > Imported target "KF5::WindowSystem" includes non-existent path
> >
> > You somehow mixed Windows and Linux Cmake build systems. Not sure how...
> >
> > Solution 1: fix on the fly current problem:
> > You should inspect the file: src/CMakeLists.txt and try to fix Windows
> > paths to match Linux paths.
> >
> > Solution 2: delete the current Cmake setup and execute it from scratch:
> > Error should not happen, since you need to delete the Cmake setup and
> > do the whole thing from scratch.
> > 1) configure <<= This step causes you problems!
> > 2) make
> > 3) make install
> >
> > Zee
> > ___
> >
> >
> > On Mon, Aug 30, 2021 at 6:10 AM sateesh m  wrote:
> > >
> > > Hi Team,
> > >
> > >  I am trying to build kcrash package. I got below error.Can 
> > > anybody know how to fix this please guide me.
> > >
> > > ERROR: kcrash-5.85.0-r0 do_configure: Execution of 
> > > '/home/yocto/sources/fu540-build/tmp-glibc/work/riscv64-oe-linux/kcrash/5.85.0-r0/temp/run.do_configure.12650'
> > >  failed with exit code 1:
> > >
> > > -- The C compiler identification is GNU 10.2.0
> > >
> > > -- The CXX compiler identification is GNU 10.2.0
> > >
> > > -- Detecting C compiler ABI info
> > >
> > > -- Detecting C compiler ABI info - done
> > >
> > > -- Check for working C compiler: 
> > > /home/yocto/sources/fu540-build/tmp-glibc/work/riscv64-oe-linux/kcrash/5.85.0-r0/recipe-sysroot-native/usr/bin/riscv64-oe-linux/riscv64-oe-linux-gcc
> > >  - skipped
> > >
> > > -- Detecting C compile features
> > >
> > > -- Detecting C compile features - done
> > >
> > > -- Detecting CXX compiler ABI info
> > >
> > > -- Detecting CXX compiler ABI info - done
> > >
> > > -- Check for working CXX compiler: 
> > > /home/yocto/sources/fu540-build/tmp-glibc/work/riscv64-oe-linux/kcrash/5.85.0-r0/recipe-sysroot-native/usr/bin/riscv64-oe-linux/riscv64-oe-linux-g++
> > >  - skipped
> > >
> > > -- Detecting CXX compile features
> > >
> > > -- Detecting CXX compile features - done
> > >
> > > --
> > >
> > >
> > >
> > > Installing in /usr. Run 
> > > /home/yocto/sources/fu540-build/tmp-glibc/work/riscv64-oe-linux/kcrash/5.85.0-r0/build/prefix.sh
> > >  to set the environment for KCrash.
> > >
> > > -- Looking for __GLIBC__
> > >
> > > -- Looking for __GLIBC__ - found
> > >
> > > -- Performing Test _OFFT_IS_64BIT
> > >
> > > -- Performing Test _OFFT_IS_64BIT - Success
> > >
> > > -- Performing Test HAVE_DATE_TIME
> > >
> > > -- Performing Test HAVE_DATE_TIME - Success
> > >
> > > -- Performing Test BSYMBOLICFUNCTIONS_AVAILABLE
> > >
> > > -- Performing Test BSYMBOLICFUNCTIONS_AVAILABLE - Success
> > >
> > > fatal: not a git repository (or any of the parent directories): .git
> > >
> > > -- Found X11: 
> > > /home/yocto/sources/fu540-build/tmp-glibc/work/riscv64-oe-linux/kcrash/5.85.0-r0/recipe-sysroot/usr/include
> > >
> > > -- Looking for XOpenDisplay in 
> > > /home/yocto/sources/fu540-build/tmp-glibc/work/riscv64-oe-linux/kcrash/5.85.0-r0/recipe-sysroot/usr/lib/libX11.so;/home/sateesh/yocto/sources/fu540-build/tmp-glibc/work/riscv64-oe-linux/kcrash/5.85.0-r0/recipe-sysroot/usr/lib/libXext.so
> > >
> > > -- Looking for XOpenDisplay in 
> > > /home/yocto/sources/fu540-build/tmp-glibc/work/riscv64-oe-linux/kcrash/5.85.0-r0/recipe-sysroot/usr/lib/libX11.so;/home/sateesh/yocto/sources/fu540-build/tmp-glibc/work/riscv64-oe-linux/kcrash/5.85.0-r0/recipe-sysroot/usr/lib/libXext.so
> > >  - found
> > >
> > > -- Looking for gethostbyname
> > >
> > > -- Looking for gethostbyname - found
> > >
> > > -- Looking for connect
> > >
> > > -- Looking for connect - found
> > >
> > > -- Looking for remove
> > >
> > > -- Looking for remove - found
> > >
> > > -- Looking for shmat
> > >
> > > -- Looking for shmat - found
> > >
> > > -- Looking for IceConnectionNumber in ICE
> > >
> > > -- Looking for IceConnectionNumber in ICE - found
> > >
> > > -- Performing Test COMPILER_HAS_HIDDEN_VISIBILITY
> > >
> > > -- Performing Test COMPILER_HAS_HIDDEN_VISIBILITY - Success
> > >
> > > -- Performing Test COMPILER_HAS_HIDDEN_INLINE_VISIBILITY
> > >
> > > -- Performing Test COMPILER_HAS_HIDDEN_INLINE_VISIBILITY - Success
> > >
> > > -- Performing Test COMPILER_HAS_DEPRECATED_ATTR
> > >
> > > -- Performing Test COMPILER_HAS_DEPRECATED_ATTR - Success
> > >
> > > -- The following features have been enabled:
> > >
> > >
> > >
> > > * Core Pattern Raising, Raising signals to kernel core patterns (iff the 
> > > pattern is a process). You may wish to not install drkonqi if this can 
> > > cause a UI conflict.
> > >
> > >
> > >
> > > -- The following OPTIONAL packages have bee

[yocto] extrausers-bbclass: plaintext password (since shadow update to 4.9)

2021-08-30 Thread Matthias Klein 
Hello,

I am trying to find a working alternative for the old -P option.

Previous: 
EXTRA_USERS_PARAMS = "usermod -P toor root;"

The suggestions from this thread don't seem to work: 
https://lists.openembedded.org/g/openembedded-core/topic/84548199

Current: 
hash="$(python3 -c "import crypt; print(crypt.crypt('toor', 
crypt.METHOD_SHA512))")"
EXTRA_USERS_PARAMS = "usermod -p ${hash} root;"

The hashed password does not seem to be escaped properly in the 
extrausers-bbclass. The password in the shadow file is missing $ characters.

Is there a way (with the current master branch) to define a password?

Many greetings,
Matthias


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#54600): https://lists.yoctoproject.org/g/yocto/message/54600
Mute This Topic: https://lists.yoctoproject.org/mt/85249985/21656
Group Owner: yocto+ow...@lists.yoctoproject.org
Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[yocto] downgrade openssl libraryes

2021-08-30 Thread Ivan Riabtsov 
hello i am trying to rollback openssl version from 1.1.1i to 1.0.2j.
Copied the recipe openssl_1.1.1i.bb to openssl_1.0.2j.bb, saved the
openssl_1.1.1i.bb version with the name openssl_1.1.1i.bb.backup

Отредактировал новый файл, вот разница в файлах:

diff -Nau ./openssl_1.1.1i.bb.backup ./openssl_1.0.2j.bb
--- ./openssl_1.1.1i.bb.backup 2021-08-27 14:46:07.085808702 +0300
+++ ./openssl_1.0.2j.bb 2021-08-27 16:12:14.216430734 +0300
@@ -7,23 +7,19 @@
 # "openssl" here actually means both OpenSSL and SSLeay licenses apply
 # (see meta/files/common-licenses/OpenSSL to which "openssl" is
SPDXLICENSEMAPped)
 LICENSE = "openssl"
-LIC_FILES_CHKSUM = "file://LICENSE;md5=d343e62fc9c833710bbbed25f27364c8"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=27ffa5d74bb5a337056c14b2ef93fbf6"

 DEPENDS = "hostperl-runtime-native"

 SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \
file://run-ptest \
-   file://0001-skip-test_symbol_presence.patch \
-   
file://0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch
\
-   file://afalg.patch \
-   file://reproducible.patch \
"

 SRC_URI_append_class-nativesdk = " \
file://environment.d-openssl.sh \
"

-SRC_URI[sha256sum] =
"e8be6a35fe41d10603c3cc635e93289ed00bf34b79671a3a4de64fcee00d5242"
+SRC_URI[sha256sum] =
"e7aff292be21c259c6af26469c7a9b3ba26e9abaaffd325e3dccc9785256c431"

 inherit lib_package multilib_header multilib_script ptest
 MULTILIB_SCRIPTS = "${PN}-bin:${bindir}/c_rehash"
@@ -122,7 +118,7 @@
  # WARNING: do not set compiler/linker flags (-I/-D etc.) in
EXTRA_OECONF, as they will fully replace the
  # environment variables set by bitbake. Adjust the environment
variables instead.
  HASHBANGPERL="/usr/bin/env perl" PERL=perl
PERL5LIB="${S}/external/perl/Text-Template-1.46/lib/" \
- perl ${S}/Configure ${EXTRA_OECONF} ${PACKAGECONFIG_CONFARGS}
--prefix=$useprefix --openssldir=${libdir}/ssl-1.1 --libdir=${libdir}
$target
+ perl ${S}/Configure ${EXTRA_OECONF} ${PACKAGECONFIG_CONFARGS}
--prefix=$useprefix --openssldir=${libdir}/ssl-1.0 --libdir=${libdir}
$target
  perl ${B}/configdata.pm --dump
 }

@@ -134,30 +130,30 @@
  # Create SSL structure for packages such as ca-certificates which
  # contain hard-coded paths to /etc/ssl. Debian does the same.
  install -d ${D}${sysconfdir}/ssl
- mv ${D}${libdir}/ssl-1.1/certs \
-${D}${libdir}/ssl-1.1/private \
-${D}${libdir}/ssl-1.1/openssl.cnf \
+ mv ${D}${libdir}/ssl-1.0/certs \
+${D}${libdir}/ssl-1.0/private \
+${D}${libdir}/ssl-1.0/openssl.cnf \
 ${D}${sysconfdir}/ssl/

  # Although absolute symlinks would be OK for the target, they become
  # invalid if native or nativesdk are relocated from sstate.
- ln -sf ${@oe.path.relative('${libdir}/ssl-1.1',
'${sysconfdir}/ssl/certs')} ${D}${libdir}/ssl-1.1/certs
- ln -sf ${@oe.path.relative('${libdir}/ssl-1.1',
'${sysconfdir}/ssl/private')} ${D}${libdir}/ssl-1.1/private
- ln -sf ${@oe.path.relative('${libdir}/ssl-1.1',
'${sysconfdir}/ssl/openssl.cnf')} ${D}${libdir}/ssl-1.1/openssl.cnf
+ ln -sf ${@oe.path.relative('${libdir}/ssl-1.0',
'${sysconfdir}/ssl/certs')} ${D}${libdir}/ssl-1.0/certs
+ ln -sf ${@oe.path.relative('${libdir}/ssl-1.0',
'${sysconfdir}/ssl/private')} ${D}${libdir}/ssl-1.0/private
+ ln -sf ${@oe.path.relative('${libdir}/ssl-1.0',
'${sysconfdir}/ssl/openssl.cnf')} ${D}${libdir}/ssl-1.0/openssl.cnf
 }

 do_install_append_class-native () {
  create_wrapper ${D}${bindir}/openssl \
- OPENSSL_CONF=${libdir}/ssl-1.1/openssl.cnf \
- SSL_CERT_DIR=${libdir}/ssl-1.1/certs \
- SSL_CERT_FILE=${libdir}/ssl-1.1/cert.pem \
- OPENSSL_ENGINES=${libdir}/engines-1.1
+ OPENSSL_CONF=${libdir}/ssl-1.0/openssl.cnf \
+ SSL_CERT_DIR=${libdir}/ssl-1.0/certs \
+ SSL_CERT_FILE=${libdir}/ssl-1.0/cert.pem \
+ OPENSSL_ENGINES=${libdir}/engines-1.0
 }

 do_install_append_class-nativesdk () {
  mkdir -p ${D}${SDKPATHNATIVE}/environment-setup.d
  install -m 644 ${WORKDIR}/environment.d-openssl.sh
${D}${SDKPATHNATIVE}/environment-setup.d/openssl.sh
- sed 's|/usr/lib/ssl/|/usr/lib/ssl-1.1/|g' -i
${D}${SDKPATHNATIVE}/environment-setup.d/openssl.sh
+ sed 's|/usr/lib/ssl/|/usr/lib/ssl-1.0/|g' -i
${D}${SDKPATHNATIVE}/environment-setup.d/openssl.sh
 }

 PTEST_BUILD_HOST_FILES += "configdata.pm"
@@ -170,8 +166,8 @@
  cp -r ${S}/external ${B}/test ${S}/test ${B}/fuzz ${S}/util
${B}/util ${D}${PTEST_PATH}

  # For test_shlibload
- ln -s ${libdir}/libcrypto.so.1.1 ${D}${PTEST_PATH}/
- ln -s ${libdir}/libssl.so.1.1 ${D}${PTEST_PATH}/
+ ln -s ${libdir}/libcrypto.so.1.0 ${D}${PTEST_PATH}/
+ ln -s ${libdir}/libssl.so.1.0 ${D}${PTEST_PATH}/

  install -d ${D}${PTEST_PATH}/apps
  ln -s ${bindir}/openssl ${D}${PTEST_PATH}/apps
@@ -192,11 +188,11 @@
 FILES_libcrypto = "${libdir}/libcrypto${SOLIBS}"
 FILES_libssl = "${libdir}/libssl${SOLIBS}"
 FILES_openssl-conf = "${sysconfdir}/ssl/openssl.cnf \
-  ${libdir}/ssl-1.1/openssl.cnf* \
+

Re: [yocto] downgrade openssl libraryes

2021-08-30 Thread Alexander Kanavin 
openssl 1.0.2 went out of support at the end of 2019 and you should not be
using it. What is the problem you need to solve?

Alex

On Mon, 30 Aug 2021 at 15:33, Ivan Riabtsov  wrote:

> hello i am trying to rollback openssl version from 1.1.1i to 1.0.2j.
> Copied the recipe openssl_1.1.1i.bb to openssl_1.0.2j.bb, saved the
> openssl_1.1.1i.bb version with the name openssl_1.1.1i.bb.backup
>
> Отредактировал новый файл, вот разница в файлах:
>
> diff -Nau ./openssl_1.1.1i.bb.backup ./openssl_1.0.2j.bb
> --- ./openssl_1.1.1i.bb.backup 2021-08-27 14:46:07.085808702 +0300
> +++ ./openssl_1.0.2j.bb 2021-08-27 16:12:14.216430734 +0300
> @@ -7,23 +7,19 @@
>  # "openssl" here actually means both OpenSSL and SSLeay licenses apply
>  # (see meta/files/common-licenses/OpenSSL to which "openssl" is
> SPDXLICENSEMAPped)
>  LICENSE = "openssl"
> -LIC_FILES_CHKSUM = "file://LICENSE;md5=d343e62fc9c833710bbbed25f27364c8"
> +LIC_FILES_CHKSUM = "file://LICENSE;md5=27ffa5d74bb5a337056c14b2ef93fbf6"
>
>  DEPENDS = "hostperl-runtime-native"
>
>  SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \
> file://run-ptest \
> -   file://0001-skip-test_symbol_presence.patch \
> -
>  file://0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch
> \
> -   file://afalg.patch \
> -   file://reproducible.patch \
> "
>
>  SRC_URI_append_class-nativesdk = " \
> file://environment.d-openssl.sh \
> "
>
> -SRC_URI[sha256sum] =
> "e8be6a35fe41d10603c3cc635e93289ed00bf34b79671a3a4de64fcee00d5242"
> +SRC_URI[sha256sum] =
> "e7aff292be21c259c6af26469c7a9b3ba26e9abaaffd325e3dccc9785256c431"
>
>  inherit lib_package multilib_header multilib_script ptest
>  MULTILIB_SCRIPTS = "${PN}-bin:${bindir}/c_rehash"
> @@ -122,7 +118,7 @@
>   # WARNING: do not set compiler/linker flags (-I/-D etc.) in
> EXTRA_OECONF, as they will fully replace the
>   # environment variables set by bitbake. Adjust the environment
> variables instead.
>   HASHBANGPERL="/usr/bin/env perl" PERL=perl
> PERL5LIB="${S}/external/perl/Text-Template-1.46/lib/" \
> - perl ${S}/Configure ${EXTRA_OECONF} ${PACKAGECONFIG_CONFARGS}
> --prefix=$useprefix --openssldir=${libdir}/ssl-1.1 --libdir=${libdir}
> $target
> + perl ${S}/Configure ${EXTRA_OECONF} ${PACKAGECONFIG_CONFARGS}
> --prefix=$useprefix --openssldir=${libdir}/ssl-1.0 --libdir=${libdir}
> $target
>   perl ${B}/configdata.pm --dump
>  }
>
> @@ -134,30 +130,30 @@
>   # Create SSL structure for packages such as ca-certificates which
>   # contain hard-coded paths to /etc/ssl. Debian does the same.
>   install -d ${D}${sysconfdir}/ssl
> - mv ${D}${libdir}/ssl-1.1/certs \
> -${D}${libdir}/ssl-1.1/private \
> -${D}${libdir}/ssl-1.1/openssl.cnf \
> + mv ${D}${libdir}/ssl-1.0/certs \
> +${D}${libdir}/ssl-1.0/private \
> +${D}${libdir}/ssl-1.0/openssl.cnf \
>  ${D}${sysconfdir}/ssl/
>
>   # Although absolute symlinks would be OK for the target, they become
>   # invalid if native or nativesdk are relocated from sstate.
> - ln -sf ${@oe.path.relative('${libdir}/ssl-1.1',
> '${sysconfdir}/ssl/certs')} ${D}${libdir}/ssl-1.1/certs
> - ln -sf ${@oe.path.relative('${libdir}/ssl-1.1',
> '${sysconfdir}/ssl/private')} ${D}${libdir}/ssl-1.1/private
> - ln -sf ${@oe.path.relative('${libdir}/ssl-1.1',
> '${sysconfdir}/ssl/openssl.cnf')} ${D}${libdir}/ssl-1.1/openssl.cnf
> + ln -sf ${@oe.path.relative('${libdir}/ssl-1.0',
> '${sysconfdir}/ssl/certs')} ${D}${libdir}/ssl-1.0/certs
> + ln -sf ${@oe.path.relative('${libdir}/ssl-1.0',
> '${sysconfdir}/ssl/private')} ${D}${libdir}/ssl-1.0/private
> + ln -sf ${@oe.path.relative('${libdir}/ssl-1.0',
> '${sysconfdir}/ssl/openssl.cnf')} ${D}${libdir}/ssl-1.0/openssl.cnf
>  }
>
>  do_install_append_class-native () {
>   create_wrapper ${D}${bindir}/openssl \
> - OPENSSL_CONF=${libdir}/ssl-1.1/openssl.cnf \
> - SSL_CERT_DIR=${libdir}/ssl-1.1/certs \
> - SSL_CERT_FILE=${libdir}/ssl-1.1/cert.pem \
> - OPENSSL_ENGINES=${libdir}/engines-1.1
> + OPENSSL_CONF=${libdir}/ssl-1.0/openssl.cnf \
> + SSL_CERT_DIR=${libdir}/ssl-1.0/certs \
> + SSL_CERT_FILE=${libdir}/ssl-1.0/cert.pem \
> + OPENSSL_ENGINES=${libdir}/engines-1.0
>  }
>
>  do_install_append_class-nativesdk () {
>   mkdir -p ${D}${SDKPATHNATIVE}/environment-setup.d
>   install -m 644 ${WORKDIR}/environment.d-openssl.sh
> ${D}${SDKPATHNATIVE}/environment-setup.d/openssl.sh
> - sed 's|/usr/lib/ssl/|/usr/lib/ssl-1.1/|g' -i
> ${D}${SDKPATHNATIVE}/environment-setup.d/openssl.sh
> + sed 's|/usr/lib/ssl/|/usr/lib/ssl-1.0/|g' -i
> ${D}${SDKPATHNATIVE}/environment-setup.d/openssl.sh
>  }
>
>  PTEST_BUILD_HOST_FILES += "configdata.pm"
> @@ -170,8 +166,8 @@
>   cp -r ${S}/external ${B}/test ${S}/test ${B}/fuzz ${S}/util
> ${B}/util ${D}${PTEST_PATH}
>
>   # For test_shlibload
> - ln -s ${libdir}/libcrypto.so.1.1 ${D}${PTEST_PATH}/
> - ln -s ${libdir}/libssl.so.1.1 ${D}${PTEST_PATH}/
> + ln -s ${libdir}/libcrypto.so.1.0 ${D}${PTEST_PAT

Re: [yocto] downgrade openssl libraryes

2021-08-30 Thread Ivan Riabtsov 
I have phytec imx6ul board with a preinstalled os. On this os opessl
version is 1.0.2j i need to build nginx for this board, but i can't
build yocto same version as i have on board, so I grabbed a newer
version of yocto from phytec site, rolled back glibc and try to roll
back openssl. I do not want to flash the device, as I'm afraid to get
brick

пн, 30 авг. 2021 г. в 16:51, Alexander Kanavin :
>
> openssl 1.0.2 went out of support at the end of 2019 and you should not be 
> using it. What is the problem you need to solve?
>
> Alex
>
> On Mon, 30 Aug 2021 at 15:33, Ivan Riabtsov  wrote:
>>
>> hello i am trying to rollback openssl version from 1.1.1i to 1.0.2j.
>> Copied the recipe openssl_1.1.1i.bb to openssl_1.0.2j.bb, saved the
>> openssl_1.1.1i.bb version with the name openssl_1.1.1i.bb.backup
>>
>> Отредактировал новый файл, вот разница в файлах:
>>
>> diff -Nau ./openssl_1.1.1i.bb.backup ./openssl_1.0.2j.bb
>> --- ./openssl_1.1.1i.bb.backup 2021-08-27 14:46:07.085808702 +0300
>> +++ ./openssl_1.0.2j.bb 2021-08-27 16:12:14.216430734 +0300
>> @@ -7,23 +7,19 @@
>>  # "openssl" here actually means both OpenSSL and SSLeay licenses apply
>>  # (see meta/files/common-licenses/OpenSSL to which "openssl" is
>> SPDXLICENSEMAPped)
>>  LICENSE = "openssl"
>> -LIC_FILES_CHKSUM = "file://LICENSE;md5=d343e62fc9c833710bbbed25f27364c8"
>> +LIC_FILES_CHKSUM = "file://LICENSE;md5=27ffa5d74bb5a337056c14b2ef93fbf6"
>>
>>  DEPENDS = "hostperl-runtime-native"
>>
>>  SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \
>> file://run-ptest \
>> -   file://0001-skip-test_symbol_presence.patch \
>> -   
>> file://0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch
>> \
>> -   file://afalg.patch \
>> -   file://reproducible.patch \
>> "
>>
>>  SRC_URI_append_class-nativesdk = " \
>> file://environment.d-openssl.sh \
>> "
>>
>> -SRC_URI[sha256sum] =
>> "e8be6a35fe41d10603c3cc635e93289ed00bf34b79671a3a4de64fcee00d5242"
>> +SRC_URI[sha256sum] =
>> "e7aff292be21c259c6af26469c7a9b3ba26e9abaaffd325e3dccc9785256c431"
>>
>>  inherit lib_package multilib_header multilib_script ptest
>>  MULTILIB_SCRIPTS = "${PN}-bin:${bindir}/c_rehash"
>> @@ -122,7 +118,7 @@
>>   # WARNING: do not set compiler/linker flags (-I/-D etc.) in
>> EXTRA_OECONF, as they will fully replace the
>>   # environment variables set by bitbake. Adjust the environment
>> variables instead.
>>   HASHBANGPERL="/usr/bin/env perl" PERL=perl
>> PERL5LIB="${S}/external/perl/Text-Template-1.46/lib/" \
>> - perl ${S}/Configure ${EXTRA_OECONF} ${PACKAGECONFIG_CONFARGS}
>> --prefix=$useprefix --openssldir=${libdir}/ssl-1.1 --libdir=${libdir}
>> $target
>> + perl ${S}/Configure ${EXTRA_OECONF} ${PACKAGECONFIG_CONFARGS}
>> --prefix=$useprefix --openssldir=${libdir}/ssl-1.0 --libdir=${libdir}
>> $target
>>   perl ${B}/configdata.pm --dump
>>  }
>>
>> @@ -134,30 +130,30 @@
>>   # Create SSL structure for packages such as ca-certificates which
>>   # contain hard-coded paths to /etc/ssl. Debian does the same.
>>   install -d ${D}${sysconfdir}/ssl
>> - mv ${D}${libdir}/ssl-1.1/certs \
>> -${D}${libdir}/ssl-1.1/private \
>> -${D}${libdir}/ssl-1.1/openssl.cnf \
>> + mv ${D}${libdir}/ssl-1.0/certs \
>> +${D}${libdir}/ssl-1.0/private \
>> +${D}${libdir}/ssl-1.0/openssl.cnf \
>>  ${D}${sysconfdir}/ssl/
>>
>>   # Although absolute symlinks would be OK for the target, they become
>>   # invalid if native or nativesdk are relocated from sstate.
>> - ln -sf ${@oe.path.relative('${libdir}/ssl-1.1',
>> '${sysconfdir}/ssl/certs')} ${D}${libdir}/ssl-1.1/certs
>> - ln -sf ${@oe.path.relative('${libdir}/ssl-1.1',
>> '${sysconfdir}/ssl/private')} ${D}${libdir}/ssl-1.1/private
>> - ln -sf ${@oe.path.relative('${libdir}/ssl-1.1',
>> '${sysconfdir}/ssl/openssl.cnf')} ${D}${libdir}/ssl-1.1/openssl.cnf
>> + ln -sf ${@oe.path.relative('${libdir}/ssl-1.0',
>> '${sysconfdir}/ssl/certs')} ${D}${libdir}/ssl-1.0/certs
>> + ln -sf ${@oe.path.relative('${libdir}/ssl-1.0',
>> '${sysconfdir}/ssl/private')} ${D}${libdir}/ssl-1.0/private
>> + ln -sf ${@oe.path.relative('${libdir}/ssl-1.0',
>> '${sysconfdir}/ssl/openssl.cnf')} ${D}${libdir}/ssl-1.0/openssl.cnf
>>  }
>>
>>  do_install_append_class-native () {
>>   create_wrapper ${D}${bindir}/openssl \
>> - OPENSSL_CONF=${libdir}/ssl-1.1/openssl.cnf \
>> - SSL_CERT_DIR=${libdir}/ssl-1.1/certs \
>> - SSL_CERT_FILE=${libdir}/ssl-1.1/cert.pem \
>> - OPENSSL_ENGINES=${libdir}/engines-1.1
>> + OPENSSL_CONF=${libdir}/ssl-1.0/openssl.cnf \
>> + SSL_CERT_DIR=${libdir}/ssl-1.0/certs \
>> + SSL_CERT_FILE=${libdir}/ssl-1.0/cert.pem \
>> + OPENSSL_ENGINES=${libdir}/engines-1.0
>>  }
>>
>>  do_install_append_class-nativesdk () {
>>   mkdir -p ${D}${SDKPATHNATIVE}/environment-setup.d
>>   install -m 644 ${WORKDIR}/environment.d-openssl.sh
>> ${D}${SDKPATHNATIVE}/environment-setup.d/openssl.sh
>> - sed 's|/usr/lib/ssl/|/usr/lib/ssl-

Re: [yocto] [meta-hardening][PATCH] meta-hardening/binutils: harden installation permissions

2021-08-30 Thread Marta Rybczynska 
(correcting the wrong list address)

On Fri, Aug 27, 2021 at 6:07 AM akuster808  wrote:

> Marta,
>
> On 8/24/21 11:05 PM, Marta Rybczynska wrote:
> > Compilers and related utils are better restricted on production
> platforms.
> > Change permissions of all installed binutils tools to remove access from
> > users outside of the root group.
> >
> > This also demonstrates how to restrict file permissions in a hardened
> > distribution.
>
> Have you looked into FILESYSTEM_PERMS_TABLES? An example of the format
> can be found @ /meta/files/fs-perms.txt
>
> For more info see
> https://www.yoctoproject.org/docs/3.1/ref-manual/ref-manual.html
>
> Maybe having something like fs-perms.txt in meta-hardening may achieve
> the same?
>
>
It looks like a possibility, I will give it a try. I have a question about
the future,
however. Currently meta-hardening is defining its own distribution. When
hardening
will be in DISTRO_FEATURES (you were working on it some time ago
https://patchwork.openembedded.org/patch/174773/),
it would be less obvious to use, wouldn't it?

A bonus question, do you still plan to make it in DISTRO_FEATURES?

Regards,
Marta

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#54604): https://lists.yoctoproject.org/g/yocto/message/54604
Mute This Topic: https://lists.yoctoproject.org/mt/85129693/21656
Group Owner: yocto+ow...@lists.yoctoproject.org
Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [yocto] extrausers-bbclass: plaintext password (since shadow update to 4.9)

2021-08-30 Thread Markus Volk 
I also have problems with setting passwords in current master branch. I 
only can provide a hacky workaround. I added the following lines to my 
image recipe to inject the passwords manually after rootfs creation:


RETRO_USER_PASSWORD ?= "retro"
ROOT_USER_PASSWORD ?= "root"
ROOTFS_POSTPROCESS_COMMAND += "set_root_passwd;"
ROOTFS_POSTPROCESS_COMMAND += "set_retro_passwd;"

set_root_passwd() {
   ROOTPW_ENCRYPTED="$(openssl passwd -6 -salt xyz ${ROOT_USER_PASSWORD})"
   sed -i "s%^root:[^:]*:%root:${ROOTPW_ENCRYPTED}:%" 
${IMAGE_ROOTFS}/etc/shadow

}

set_retro_passwd() {
   RETROPW_ENCRYPTED="$(openssl passwd -6 -salt xyz 
${RETRO_USER_PASSWORD})"
   sed -i "s%^retro:[^:]*:%retro:${RETROPW_ENCRYPTED}:%" 
${IMAGE_ROOTFS}/etc/shadow

}


Am 30.08.21 um 14:54 schrieb Matthias Klein:

Hello,

I am trying to find a working alternative for the old -P option.

Previous:
EXTRA_USERS_PARAMS = "usermod -P toor root;"

The suggestions from this thread don't seem to work: 
https://lists.openembedded.org/g/openembedded-core/topic/84548199

Current:
hash="$(python3 -c "import crypt; print(crypt.crypt('toor', 
crypt.METHOD_SHA512))")"
EXTRA_USERS_PARAMS = "usermod -p ${hash} root;"

The hashed password does not seem to be escaped properly in the 
extrausers-bbclass. The password in the shadow file is missing $ characters.

Is there a way (with the current master branch) to define a password?

Many greetings,
Matthias





-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#54605): https://lists.yoctoproject.org/g/yocto/message/54605
Mute This Topic: https://lists.yoctoproject.org/mt/85249985/21656
Group Owner: yocto+ow...@lists.yoctoproject.org
Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [yocto] extrausers-bbclass: plaintext password (since shadow update to 4.9)

2021-08-30 Thread Peter Bergin 

On 2021-08-30 14:54, Matthias Klein wrote:


Hello,

I am trying to find a working alternative for the old -P option.

Previous:
EXTRA_USERS_PARAMS = "usermod -P toor root;"

The suggestions from this thread don't seem to work: 
https://lists.openembedded.org/g/openembedded-core/topic/84548199

Current:
hash="$(python3 -c "import crypt; print(crypt.crypt('toor', 
crypt.METHOD_SHA512))")"
EXTRA_USERS_PARAMS = "usermod -p ${hash} root;"

The hashed password does not seem to be escaped properly in the 
extrausers-bbclass. The password in the shadow file is missing $ characters.

Is there a way (with the current master branch) to define a password?


You have to escape the password string in the recipe. Use '\\\$' to 
escape the '$' token. There are some levels of evaluation of the 
expression and that's the reason for multiple '\'. Just iterate until 
you have the correct string in the shadow file, also check the 
log.do_rootfs where you can see the parameters to usermod.


/Peter



-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#54606): https://lists.yoctoproject.org/g/yocto/message/54606
Mute This Topic: https://lists.yoctoproject.org/mt/85249985/21656
Group Owner: yocto+ow...@lists.yoctoproject.org
Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[yocto] Yocto Project Newcomer & Unassigned Bugs - Help Needed

2021-08-30 Thread Stephen Jolley 
All,

 

The triage team is starting to try and collect up and classify bugs which a
newcomer to the project would be able to work on in a way which means people
can find them. They're being listed on the triage page under the appropriate
heading:

https://wiki.yoctoproject.org/wiki/Bug_Triage#Newcomer_Bugs  Also please
review:
https://www.openembedded.org/wiki/How_to_submit_a_patch_to_OpenEmbedded and
how to create a bugzilla account at:

https://bugzilla.yoctoproject.org/createaccount.cgi

The idea is these bugs should be straight forward for a person to help work
on who doesn't have deep experience with the project.  If anyone can help,
please take ownership of the bug and send patches!  If anyone needs
help/advice there are people on irc who can likely do so, or some of the
more experienced contributors will likely be happy to help too.

 

Also, the triage team meets weekly and does its best to handle the bugs
reported into the Bugzilla. The number of people attending that meeting has
fallen, as have the number of people available to help fix bugs. One of the
things we hear users report is they don't know how to help. We (the triage
team) are therefore going to start reporting out the currently 382
unassigned or newcomer bugs.

 

We're hoping people may be able to spare some time now and again to help out
with these.  Bugs are split into two types, "true bugs" where things don't
work as they should and "enhancements" which are features we'd want to add
to the system.  There are also roughly four different "priority" classes
right now, "3.4", "3.5, "3.99" and "Future", the more pressing/urgent issues
being in "3.4" and then "3.5".

 

Please review this link and if a bug is something you would be able to help
with either take ownership of the bug, or send me (sjolley.yp...@gmail.com
 ) an e-mail with the bug number you would
like and I will assign it to you (please make sure you have a Bugzilla
account).  The list is at:
https://wiki.yoctoproject.org/wiki/Bug_Triage_Archive#Unassigned_or_Newcomer
_Bugs

 

Thanks,

 

Stephen K. Jolley

Yocto Project Program Manager

*Cell:(208) 244-4460

* Email:  sjolley.yp...@gmail.com
 

 


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#54607): https://lists.yoctoproject.org/g/yocto/message/54607
Mute This Topic: https://lists.yoctoproject.org/mt/85265433/21656
Group Owner: yocto+ow...@lists.yoctoproject.org
Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[yocto] Current high bug count owners for Yocto Project 3.4

2021-08-30 Thread Stephen Jolley 
All,

Below is the list as of top 50 bug owners as of the end of WW35 of who have
open medium or higher bugs and enhancements against YP 3.4.   There are 42
possible work days left until the final release candidates for YP 3.4 needs
to be released.


Who

Count


michael.opdenac...@bootlin.com

32


r...@burtonini.com

31


david.re...@windriver.com

22


richard.pur...@linuxfoundation.org

22


bruce.ashfi...@gmail.com

16


randy.macl...@windriver.com

15


trevor.gamb...@windriver.com

13


timothy.t.orl...@intel.com

12


jpewhac...@gmail.com

10


sakib.sa...@windriver.com

10


bluelightn...@bluelightning.org

7


kai.k...@windriver.com

7


mhalst...@linuxfoundation.org

6


tony.tascio...@windriver.com

5


qi.c...@windriver.com

4


hongxu@windriver.com

4


chee.yang@intel.com

3


mingli...@windriver.com

3


alexandre.bell...@bootlin.com

2


jae...@xilinx.com

2


yi.z...@windriver.com

2


yf...@uwaterloo.ca

2


ms...@mvista.com

2


akuster...@gmail.com

2


alejan...@enedino.org

2


jay.shen.t...@intel.com

1


diego.sue...@arm.com

1


john.kaldas.e...@gmail.com

1


sangeeta.j...@intel.com

1


douglas.ro...@taitradio.com

1


mostthings...@gmail.com

1


mister...@web.de

1


raj.k...@gmail.com

1


devendra.tew...@gmail.com

1


kerg...@gmail.com

1


thomas.per...@bootlin.com

1


dl...@gmx.de

1


to...@cybernetics.com

1


open.sou...@oleksandr-kravchuk.com

1


fransmeulenbro...@yahoo.com

1


martin.ja...@gmail.com

1


yoctoproj...@cookiesoft.de

1


nicolas.deche...@linaro.org

1


naveen.kumar.sa...@intel.com

1


jon.ma...@arm.com

1


jason.wes...@windriver.com

1


jeanmarie.lemeta...@gmail.com

1


ydir...@free.fr

1


aeh...@gmail.com

1


pokyli...@reliableembeddedsystems.com

1


matthew...@posteo.net

1

Thanks,

 

Stephen K. Jolley

Yocto Project Program Manager

*Cell:(208) 244-4460

* Email:  sjolley.yp...@gmail.com
 

 


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#54608): https://lists.yoctoproject.org/g/yocto/message/54608
Mute This Topic: https://lists.yoctoproject.org/mt/85265448/21656
Group Owner: yocto+ow...@lists.yoctoproject.org
Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[yocto] Enhancements/Bugs closed WW35!

2021-08-30 Thread Stephen Jolley 
All,

The below were the owners of enhancements or bugs closed during the last
week!


Who

Count


richard.pur...@linuxfoundation.org

1


randy.macl...@windriver.com

1


Grand Total

2

Thanks,

 

Stephen K. Jolley

Yocto Project Program Manager

*Cell:(208) 244-4460

* Email:  sjolley.yp...@gmail.com
 

 


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#54609): https://lists.yoctoproject.org/g/yocto/message/54609
Mute This Topic: https://lists.yoctoproject.org/mt/85265502/21656
Group Owner: yocto+ow...@lists.yoctoproject.org
Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[yocto] M+ & H bugs with Milestone Movements WW35

2021-08-30 Thread Stephen Jolley 
All,

YP M+ or high bugs which moved to a new milestone in WW35 are listed below: 


Priority

Bug ID

Short Description

Changer

Owner

Was

Became


Medium+

  13025

WIC image install support

kexin@windriver.com

kexin@windriver.com

3.5

3.5 M1

Thanks, 

 

Stephen K. Jolley

Yocto Project Program Manager

*Cell:(208) 244-4460

* Email:  sjolley.yp...@gmail.com  

 


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#54610): https://lists.yoctoproject.org/g/yocto/message/54610
Mute This Topic: https://lists.yoctoproject.org/mt/85265518/21656
Group Owner: yocto+ow...@lists.yoctoproject.org
Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [yocto] [oe][meta-security][PATCH] meta: Fix typos

2021-08-30 Thread Armin Kuster 


On 8/29/21 1:04 AM, Martin Jansa wrote:
> Please merge this one.
you are right. Some how dropped that one. Its merged not.

thanks for the reminder.

-armin
>
> On Wed, Aug 4, 2021 at 1:20 PM Martin Jansa via lists.yoctoproject.org
> 
>  > wrote:
>
> Acked-by: Martin Jansa  >
>
> On Mon, Aug 2, 2021 at 11:02 AM George Liu  > wrote:
>
> Fix the variable spelling errors
> s/SKIP_META_SECUIRTY_SANITY_CHECK/SKIP_META_SECURITY_SANITY_CHECK
>
> Signed-off-by: George Liu  >
> ---
>  classes/sanity-meta-security.bbclass | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/classes/sanity-meta-security.bbclass
> b/classes/sanity-meta-security.bbclass
> index b6c6b9c..f9e2698 100644
> --- a/classes/sanity-meta-security.bbclass
> +++ b/classes/sanity-meta-security.bbclass
> @@ -1,7 +1,7 @@
>  addhandler security_bbappend_distrocheck
>  security_bbappend_distrocheck[eventmask] = "bb.event.SanityCheck"
>  python security_bbappend_distrocheck() {
> -    skip_check =
> e.data.getVar('SKIP_META_SECUIRTY_SANITY_CHECK') == "1"
> +    skip_check =
> e.data.getVar('SKIP_META_SECURITY_SANITY_CHECK') == "1"
>      if 'security' not in
> e.data.getVar('DISTRO_FEATURES').split() and not skip_check:
>          bb.warn("You have included the meta-security layer, but \
>  'security' has not been enabled in your DISTRO_FEATURES. Some
> bbappend files \
> -- 
> 2.30.2
>
>
>
>
>
> 
>


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#54611): https://lists.yoctoproject.org/g/yocto/message/54611
Mute This Topic: https://lists.yoctoproject.org/mt/84659479/21656
Group Owner: yocto+ow...@lists.yoctoproject.org
Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[yocto] editing Makefile after configure stage to disable -Werror

2021-08-30 Thread Ivan Riabtsov 
Hello, I have the following error:

../../elfutils-0.166/libelf/libelfP.h:53:30: error: ‘__elf64_msize’
specifies less restrictive attribute than its target ‘elf64_fsize’:
‘const’ [-Werror=missing-attributes]

i try to solve this by patch:

diff -Naur elfutils-0.166_orig/libelf/libelfP.h elfutils-0.166/libelf/libelfP.h
--- elfutils-0.166_orig/libelf/libelfP.h 2016-01-12 15:49:19.0 +0300
+++ elfutils-0.166/libelf/libelfP.h 2021-08-30 19:38:44.866175082 +0300
@@ -48,6 +48,8 @@


 /* Helper Macros to write 32 bit and 64 bit functions.  */
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wmissing-attributes"
 #define __elfw2_(Bits, Name) __elf##Bits##_##Name
 #define elfw2_(Bits, Name) elf##Bits##_##Name
 #define ElfW2_(Bits, Name) Elf##Bits##_##Name
@@ -632,4 +634,5 @@
 #define INVALID_NDX(ndx, type, data) \
   unlikely ((data)->d_size / sizeof (type) <= (unsigned int) (ndx))

+#pragma GCC diagnostic pop
 #endif  /* libelfP.h */


But the patch does  not work, error appears again.


i try to add --disable-werror to configure flags, but i have follows warning:

configure: WARNING: unrecognized options: --disable-werror.


The only solution to the problem I could think of is editing the
Makefile after configuration, please tell me how this can be done?

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#54612): https://lists.yoctoproject.org/g/yocto/message/54612
Mute This Topic: https://lists.yoctoproject.org/mt/85270906/21656
Group Owner: yocto+ow...@lists.yoctoproject.org
Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-