Re: [yocto] read-only-rootfs and opkg
RE: variable expansion. Where are you assigning OPKGLIBDIR its new value? If it
is in an opkg bbappends in your own layer, I wonder if the bbappends is not
being parsed during rootfs creation.
RE: the partitions. Hmm, yeah. I agree that it probably isn't sensible to
expect the opkg state information to be placed into /data-os during rootfs
creation.
Does your usecase support running opkg at runtime? If not, you might just
accept that the state information stays on the read-only partition.
If runtime opkg operations are supported, you might make a one-time initscript
that runs on first-boot and moves the sstate information to /data-os.
Sorry if my emails are strangely formatted by the way. I'm in a weird temporary
email setup.
---
Alex Stewart
Software Engineer. PR&D Security, RTOS.
T&M, Emerson Electric Corp. (NI)
From: yocto@lists.yoctoproject.org on behalf of
Martin Siegumfeldt
Sent: Wednesday, September 18, 2024 04:39
To: Stewart, Alex; yocto@lists.yoctoproject.org
Subject: [EXTERNAL] Re: [yocto] read-only-rootfs and opkg
Hi Alex, Thanks for your input - highly appreciated. It appears you have a
point regarding the variable assignment - 'bitbake-getvar OPKGLIBDIR' indeed
indicates the intended assignment does not occur: $ bitbake-getvar --value
OPKGLIBDIR NOTE:
Hi Alex,
Thanks for your input - highly appreciated.
It appears you have a point regarding the variable assignment - 'bitbake-getvar
OPKGLIBDIR' indeed indicates the intended assignment does not occur:
$ bitbake-getvar --value OPKGLIBDIR
NOTE: Starting bitbake server...
/var/lib
Doing the strong assignment (OPKGLIBDIR = "/data-os/opkg") does not make a
difference, which puzzles me as all assigments (I am able to grep) are weak:
$ rg ^OPKGLIBDIR
meta/classes-recipe/rootfs_ipk.bbclass
30:OPKGLIBDIR ??= "${localstatedir}/lib"
meta/recipes-devtools/opkg/opkg_0.6.1.bb
32:OPKGLIBDIR ??= "${target_localstatedir}/lib"
meta/classes-global/package_ipk.bbclass
24:OPKGLIBDIR ??= "${localstatedir}/lib"
However, based on your reply, I am starting to wonder whether what I am trying
to achieve is at all possible. The mount '/data-os' is a dedicated partition
mounted R/W and used by overlayfs-etc, my assumption was to configure opkg to
use this for the meta-data. But if the meta-data is rendered build-time during
rootfs creation, I do not see how this is achievable?
Thanks,
Martin
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#63858):
https://urldefense.com/v3/__https://lists.yoctoproject.org/g/yocto/message/63858__;!!OkyjEqkqqe9UhNQ!xaN31BlkIMYtsVPvKIVGPH0bIS1X45V8P3AS3cvykPFnNeAPXjUJjGlQbLjDmMn7FkXlQwsJMHlIdQw$
Mute This Topic:
https://urldefense.com/v3/__https://lists.yoctoproject.org/mt/108478012/3616788__;!!OkyjEqkqqe9UhNQ!xaN31BlkIMYtsVPvKIVGPH0bIS1X45V8P3AS3cvykPFnNeAPXjUJjGlQbLjDmMn7FkXlQwsJaNEQ6Hg$
Group Owner: yocto+ow...@lists.yoctoproject.org
Unsubscribe:
https://urldefense.com/v3/__https://lists.yoctoproject.org/g/yocto/unsub__;!!OkyjEqkqqe9UhNQ!xaN31BlkIMYtsVPvKIVGPH0bIS1X45V8P3AS3cvykPFnNeAPXjUJjGlQbLjDmMn7FkXlQwsJMLshdPs$
[alex.stew...@emerson.com]
-=-=-=-=-=-=-=-=-=-=-=-
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#63859): https://lists.yoctoproject.org/g/yocto/message/63859
Mute This Topic: https://lists.yoctoproject.org/mt/108478012/21656
Group Owner: yocto+ow...@lists.yoctoproject.org
Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [yocto] read-only-rootfs and opkg
Hey Martin, The opkg config files used during OE rootfs creation and at-runtime are different. The former is supposed to be generated by the opkg package_manager implementation [1]. The latter is written by the opkg recipe via the do_install (that you identified). The files you're seeing installed to he incorrect location (`/var/lib`) are the product of the rootfs installation, I think. So the issue seems to imply an issue in config [1]. Both the recipe and package_manager config files are supposed to handle the OPKGLIBDIR variable. But they might not be handling them *at the same place* in the OE build process. My intuition is that the weak-default OPKGLIBDIR assignment is being immediately-expanded to the upstream value (/var/lib) in the package_manager implementation prior to your bbappend's weak-assignment taking effect [2]. Does this issue reproduce if you assign OPKGLIBDIR more strongly? eg. ``` OPKGLIBDIR = "/data-os/opkg" ``` If it does still, try debugging the values of the package_manager's `self.opkg_dir` attribute [1]. [1] https://git.openembedded.org/openembedded-core/tree/meta/lib/oe/package_manager/ipk/__init__.py#n111 [2] https://docs.yoctoproject.org/bitbake/bitbake-user-manual/bitbake-user-manual-metadata.html?highlight=operators#setting-a-weak-default-value --- Alex Stewart Software Engineer. PR&D Security, RTOS. T&M, Emerson Electric Corp. (NI) From: yocto@lists.yoctoproject.org on behalf of Martin Siegumfeldt Sent: Monday, September 16, 2024 06:00 To: yocto@lists.yoctoproject.org Subject: [EXTERNAL] [yocto] read-only-rootfs and opkg Hi all, I am trying to realize a rootfs backed by opkg as package manager. It appears that the opkg meta-data is directed to a volatile mount (triggered by read-only-rootfs feature in order to achieve write access I assume): $ tail -5 /etc/opkg/opkg. conf Hi all, I am trying to realize a rootfs backed by opkg as package manager. It appears that the opkg meta-data is directed to a volatile mount (triggered by read-only-rootfs feature in order to achieve write access I assume): $ tail -5 /etc/opkg/opkg.conf # Default destination for installed packages dest root / option lists_dir /var/lib/opkg/lists option info_dir/var/lib/opkg/info option status_file /var/lib/opkg/status $ mount | grep var/lib overlay on /var/lib type overlay (rw,relatime,lowerdir=/var/lib,upperdir=/var/volatile/lib,workdir=/var/volatile/.lib-work) $ find /var/lib/opkg/ | head /var/lib/opkg/ /var/lib/opkg/status /var/lib/opkg/info /var/lib/opkg/info/vim-tiny.list /var/lib/opkg/info/libdaemon0.list /var/lib/opkg/info/coreutils.prerm /var/lib/opkg/info/busybox-syslog.control /var/lib/opkg/info/libc6.postinst /var/lib/opkg/info/libmount1.list /var/lib/opkg/info/libpcap1.postinst Consequently, any updated meta-data do no persist across reboots. I have attempted to assign 'OPKGLIBDIR' to a R/W mount: OPKGLIBDIR ?= "/data-os/opkg" , which does appear to update the conf file: $ tail -5 /etc/opkg/opkg.conf # Default destination for installed packages dest root / option lists_dir /data-os/opkg/opkg/lists option info_dir/data-os/opkg/opkg/info option status_file /data-os/opkg/opkg/status but meta-data still appears to reside with '/var/lib' but meta-data still appears residing within '/var/lib': $ find /data-os/opkg/ /data-os/opkg/ /data-os/opkg/opkg /data-os/opkg/opkg/info $ find /var/lib/opkg/ | head /var/lib/opkg/ /var/lib/opkg/status /var/lib/opkg/info /var/lib/opkg/info/vim-tiny.list /var/lib/opkg/info/libdaemon0.list /var/lib/opkg/info/coreutils.prerm /var/lib/opkg/info/busybox-syslog.control /var/lib/opkg/info/libc6.postinst /var/lib/opkg/info/libmount1.list /var/lib/opkg/info/libpcap1.postinst and opkg appears broken (as nothing is indicated installed): $ opkg list-installed; echo $? 0 To clarify, I imagine a process where the ipk file is uploaded to the device, after which the rootfs is remounted R/W and ipk installed/updated through opkg. Installation/update do succeed, but the meta-data do not persist as inteded. Note, I am on baseline Langdale, no obvious changes seem to have been pushed to master though. Am I missing any available configuration to achieve this? Thanks, Martin -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#63854): https://lists.yoctoproject.org/g/yocto/message/63854 Mute This Topic: https://lists.yoctoproject.org/mt/108478012/21656 Group Owner: yocto+ow...@lists.yoctoproject.org Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [yocto] [Openembedded-architecture] Security processes: YP needs
n before a vulnerability becomes public. It requires (in short) private reporting, a security team, and a track of excellent security record. * Becoming a CNA (be able to assign CVEs) Needed if we want to assign CVEs to the software of the YP, like autobuilder, Toaster etc. I'm also interested in this, as the maintainer of our opkg fork. So far, I haven't had to respond to a CVE against the project, but that won't last forever. Kind regards, Marta -- Alex Stewart Software Engineer - NI Real-Time OS NI (National Instruments) alex.stew...@ni.com -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#60986): https://lists.yoctoproject.org/g/yocto/message/60986 Mute This Topic: https://lists.yoctoproject.org/mt/101340098/21656 Group Owner: yocto+ow...@lists.yoctoproject.org Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [yocto] [opkg-utils PATCH V2] opkg-feed: Fix adding feeds with same name as architecture
Pulled to opkg-utils as 67994e62dc598282830385da75ba9b1abbbda941 [1].
[1]
https://git.yoctoproject.org/opkg-utils/commit/?id=67994e62dc598282830385da75ba9b1abbbda941
Thanks!
On 5/22/23 12:48, Petar Koynov wrote:
Attempting to add feeds with some special names that match
architecture names was returning an error:
"5 The named feed already exists"
Make sourceTypePattern in createFeedLineRegex only match
feed configuration lines src or dist
Signed-off-by: Petar Koynov
---
opkg-feed | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/opkg-feed b/opkg-feed
index 25ef879..36d4463 100755
--- a/opkg-feed
+++ b/opkg-feed
@@ -171,7 +171,7 @@ createFeedLineRegex()
# 1 = full source type with any quotes
# 2 = source type without quotes if quoted
# 3 = source type if unquoted
- sourceTypePattern='("([^"]*)"|(\S+))\s+';
+ sourceTypePattern='("([^"](src|dist)(/gz)?)"|(src|dist)(/gz)?)\s+';
# Feed name capture groups (4, 5, 6)
# 4 = full feed name with any quotes
--
Alex Stewart
Software Engineer - NI Real-Time OS
NI (National Instruments)
alex.stew...@ni.com
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#60110): https://lists.yoctoproject.org/g/yocto/message/60110
Mute This Topic: https://lists.yoctoproject.org/mt/99070322/21656
Group Owner: yocto+ow...@lists.yoctoproject.org
Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [yocto] [opkg-utils PATCH V2] opkg-feed: Fix adding feeds with same name as architecture
ACK; looks good to me.
I'll pull this tomorrow, if there are no objections.
On 5/22/23 12:48, Petar Koynov wrote:
Attempting to add feeds with some special names that match
architecture names was returning an error:
"5 The named feed already exists"
Make sourceTypePattern in createFeedLineRegex only match
feed configuration lines src or dist
Signed-off-by: Petar Koynov
---
opkg-feed | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/opkg-feed b/opkg-feed
index 25ef879..36d4463 100755
--- a/opkg-feed
+++ b/opkg-feed
@@ -171,7 +171,7 @@ createFeedLineRegex()
# 1 = full source type with any quotes
# 2 = source type without quotes if quoted
# 3 = source type if unquoted
- sourceTypePattern='("([^"]*)"|(\S+))\s+';
+ sourceTypePattern='("([^"](src|dist)(/gz)?)"|(src|dist)(/gz)?)\s+';
# Feed name capture groups (4, 5, 6)
# 4 = full feed name with any quotes
--
Alex Stewart
Software Engineer - NI Real-Time OS
NI (National Instruments)
alex.stew...@ni.com
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#60086): https://lists.yoctoproject.org/g/yocto/message/60086
Mute This Topic: https://lists.yoctoproject.org/mt/99070322/21656
Group Owner: yocto+ow...@lists.yoctoproject.org
Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [yocto] [opkg-devel] [opkg-utils PATCH] CONTRIBUTING: fix yocto ML link
Merged 1 commit to opkg-utils:master. 18f7bfca3ac6f5c4502ce05de6e5e4fa5360e759 Thanks, -- Alex Stewart Software Engineer - NI Real-Time OS NI (National Instruments) alex.stew...@ni.com -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#52525): https://lists.yoctoproject.org/g/yocto/message/52525 Mute This Topic: https://lists.yoctoproject.org/mt/80903631/21656 Group Owner: yocto+ow...@lists.yoctoproject.org Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [yocto] [opkg-devel] [opkg-utils PATCH] opkg-build: make sure destination dir exists
Merged 1 commit to opkg-utils:master. 53ab66853e073f54ef43d3045b38ed0303da72a4 Thanks, -- Alex Stewart Software Engineer - NI Real-Time OS NI (National Instruments) alex.stew...@ni.com -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#52524): https://lists.yoctoproject.org/g/yocto/message/52524 Mute This Topic: https://lists.yoctoproject.org/mt/80903561/21656 Group Owner: yocto+ow...@lists.yoctoproject.org Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [yocto] [opkg-devel] [opkg-utils PATCH] CONTRIBUTING: fix yocto ML link
Thanks for catching that and putting in a fix! ACK from me. -- Alex Stewart Software Engineer - NI Real-Time OS NI (National Instruments) alex.stew...@ni.com -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#52486): https://lists.yoctoproject.org/g/yocto/message/52486 Mute This Topic: https://lists.yoctoproject.org/mt/80903631/21656 Group Owner: yocto+ow...@lists.yoctoproject.org Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [yocto] [opkg-devel] [opkg-utils PATCH] opkg-build: make sure destination dir exists
Looks good to me. I'll pull tomorrow if there are no objections. Thanks, -- Alex Stewart Software Engineer - NI Real-Time OS NI (National Instruments) alex.stew...@ni.com -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#52485): https://lists.yoctoproject.org/g/yocto/message/52485 Mute This Topic: https://lists.yoctoproject.org/mt/80903561/21656 Group Owner: yocto+ow...@lists.yoctoproject.org Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [yocto] [opkg-devel] [opkg-utils PATCH v2] Makefile: separate manpages and utils install
Merged 1 commit to opkg-utils:master. 74ccbee0f798822041dba5c6564df62a0c60d86b Thanks, -- Alex Stewart Software Engineer - NI Real-Time OS NI (National Instruments) alex.stew...@ni.com -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#52465): https://lists.yoctoproject.org/g/yocto/message/52465 Mute This Topic: https://lists.yoctoproject.org/mt/80863712/21656 Group Owner: yocto+ow...@lists.yoctoproject.org Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [yocto] [opkg-devel] [opkg-utils PATCH v2] Makefile: separate manpages and utils install
Hey Ryan, This looks good to me. I'll merge this patch tomorrow, if there are no objections. Thanks, -- Alex Stewart Software Engineer - NI Real-Time OS NI (National Instruments) alex.stew...@ni.com -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#52434): https://lists.yoctoproject.org/g/yocto/message/52434 Mute This Topic: https://lists.yoctoproject.org/mt/80832966/21656 Group Owner: yocto+ow...@lists.yoctoproject.org Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[yocto] [opkg-utils PATCH] Makefile: add opkg-feed to UTILS
* Add the opkg-feed script to UTILS so that it is installed with a `make install`. * Clean up the UTILS variable declaration to be a little more diffable. Signed-off-by: Alex Stewart --- Makefile | 17 ++--- 1 file changed, 14 insertions(+), 3 deletions(-) diff --git a/Makefile b/Makefile index 817a8c1..4049654 100644 --- a/Makefile +++ b/Makefile @@ -1,6 +1,17 @@ -UTILS = opkg-build opkg-unbuild opkg-make-index opkg.py opkg-list-fields \ - arfile.py opkg-buildpackage opkg-diff opkg-extract-file opkg-show-deps \ - opkg-compare-indexes update-alternatives +UTILS = \ + arfile.py \ + opkg-build \ + opkg-buildpackage \ + opkg-compare-indexes \ + opkg-diff \ + opkg-extract-file \ + opkg-feed \ + opkg-list-fields \ + opkg-make-index \ + opkg-show-deps \ + opkg-unbuild \ + opkg.py \ + update-alternatives MANPAGES = opkg-build.1 -- 2.25.0 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#48462): https://lists.yoctoproject.org/g/yocto/message/48462 Mute This Topic: https://lists.yoctoproject.org/mt/71363224/21656 Group Owner: yocto+ow...@lists.yoctoproject.org Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
