[yocto] [meta-security][PATCH 2/2] scap-security-guide: fix typo
Fix typo: RDEPNEDS_${PN} -> RDEPENDS_${PN}
Signed-off-by: Yi Zhao
---
.../recipes-openscap/scap-security-guide/scap-security-guide.inc| 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git
a/meta-security-compliance/recipes-openscap/scap-security-guide/scap-security-guide.inc
b/meta-security-compliance/recipes-openscap/scap-security-guide/scap-security-guide.inc
index d123561..341721a 100644
---
a/meta-security-compliance/recipes-openscap/scap-security-guide/scap-security-guide.inc
+++
b/meta-security-compliance/recipes-openscap/scap-security-guide/scap-security-guide.inc
@@ -7,7 +7,7 @@ LIC_FILES_CHKSUM =
"file://LICENSE;md5=97662e4486d9a1d09f358851d9f41a1a"
LICENSE = "LGPL-2.1"
DEPENDS = "openscap-native python3 python3-pyyaml-native python3-jinja2-native
libxml2-native"
-RDEPNEDS_${PN} = "openscap"
+RDEPENDS_${PN} = "openscap"
S = "${WORKDIR}/git"
--
2.7.4
--
___
yocto mailing list
yocto@yoctoproject.org
https://lists.yoctoproject.org/listinfo/yocto
[yocto] [meta-security][PATCH 1/2] openscap: cleanup DEPENDS
Remove autoconf-archive from DEPENDS because it is using CMake/Ninjia
build now. Also remove unused dpkg-native dependency from
DEPENDS_class-native.
Signed-off-by: Yi Zhao
---
meta-security-compliance/recipes-openscap/openscap/openscap.inc | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/meta-security-compliance/recipes-openscap/openscap/openscap.inc
b/meta-security-compliance/recipes-openscap/openscap/openscap.inc
index f23ea99..53309e8 100644
--- a/meta-security-compliance/recipes-openscap/openscap/openscap.inc
+++ b/meta-security-compliance/recipes-openscap/openscap/openscap.inc
@@ -6,8 +6,8 @@ HOME_URL = "https://www.open-scap.org/tools/openscap-base/;
LIC_FILES_CHKSUM = "file://COPYING;md5=fbc093901857fcd118f065f900982c24"
LICENSE = "LGPL-2.1"
-DEPENDS = "autoconf-archive dbus acl bzip2 pkgconfig gconf procps curl libxml2
libxslt libcap swig"
-DEPENDS_class-native = "autoconf-archive-native pkgconfig-native swig-native
curl-native libxml2-native libxslt-native libcap-native dpkg-native"
+DEPENDS = "dbus acl bzip2 pkgconfig gconf procps curl libxml2 libxslt libcap
swig"
+DEPENDS_class-native = "pkgconfig-native swig-native curl-native
libxml2-native libxslt-native libcap-native"
S = "${WORKDIR}/git"
--
2.7.4
--
___
yocto mailing list
yocto@yoctoproject.org
https://lists.yoctoproject.org/listinfo/yocto
Re: [yocto] [meta-security 2/3] kernel-modsign.bbclass: add support for kernel modules signing
Hellol,
вс, 4 авг. 2019 г. в 23:53, akuster808 :
> On 8/4/19 1:24 PM, Dmitry Eremin-Solenikov wrote:
> > вс, 4 авг. 2019 г. в 18:30, akuster808 :
> >> On 7/28/19 8:31 AM, Dmitry Eremin-Solenikov wrote:
> >>> From: Dmitry Eremin-Solenikov
> >>>
> >>> Add bbclass responsible for handling signing of kernel modules.
> >>>
> >>> Signed-off-by: Dmitry Eremin-Solenikov
> >>>
> >>> ---
> >>> meta-integrity/classes/kernel-modsign.bbclass | 29 +++
> >>> .../data/debug-keys/privkey_modsign.pem | 28 ++
> >>> .../data/debug-keys/x509_modsign.crt | 22 ++
> >>> 3 files changed, 79 insertions(+)
> >>> create mode 100644 meta-integrity/classes/kernel-modsign.bbclass
> >>> create mode 100644 meta-integrity/data/debug-keys/privkey_modsign.pem
> >>> create mode 100644 meta-integrity/data/debug-keys/x509_modsign.crt
> >>>
> >>> diff --git a/meta-integrity/classes/kernel-modsign.bbclass
> >>> b/meta-integrity/classes/kernel-modsign.bbclass
> >>> new file mode 100644
> >>> index ..1e4d94b79091
> >>> --- /dev/null
> >>> +++ b/meta-integrity/classes/kernel-modsign.bbclass
> >>> @@ -0,0 +1,29 @@
> >>> +# No default! Either this or MODSIGN_PRIVKEY/MODSIGN_X509 have to be
> >>> +# set explicitly in a local.conf before activating kernel-modsign.
> >>> +# To use the insecure (because public) example keys, use
> >>> +# MODSIGN_KEY_DIR = "${INTEGRITY_BASE}/data/debug-keys"
> >>> +MODSIGN_KEY_DIR ?= "MODSIGN_KEY_DIR_NOT_SET"
> >>> +
> >>> +# Private key for modules signing. The default is okay when
> >>> +# using the example key directory.
> >>> +MODSIGN_PRIVKEY ?= "${MODSIGN_KEY_DIR}/privkey_modsign.pem"
> >>> +
> >>> +# Public part of certificates used for modules signing.
> >>> +# The default is okay when using the example key directory.
> >>> +MODSIGN_X509 ?= "${MODSIGN_KEY_DIR}/x509_modsign.crt"
> >>> +
> >>> +# If this class is enabled, disable stripping signatures from modules
> >>> +INHIBIT_PACKAGE_STRIP = "1"
> >>> +
> >>> +do_configure_prepend() {
> >> This is being pulled in with every configure task and causing parsing
> >> issues.
> >>
> >> I changed it to "kernel_do_configure_prepend" and that fixed the issue I
> >> was seeing.
> > Interesting. I haven't seen this issue. Could you please share any details?
> >
> > Changed bbclass appears to work for me, so either of them is fine from my
> > point of view.
> with 'INHERIT += "kernel-modsign"' added to my local.conf I see this.
I see. My intent is to use DISTRO_FEATURES_append += "modsign".
A corresponding patch for oe-core/meta/classes/module.bbclass will be submitted
after this one goes in.
> bitbake integrity-image-minimal
> WARNING:
> /home/build/releases/master/poky/meta/recipes-multimedia/alsa/alsa-tools_1.1.7.bb:
> Exception during build_dependencies for do_configure
> WARNING:
> /home/build/releases/master/poky/meta/recipes-multimedia/alsa/alsa-tools_1.1.7.bb:
> Error during finalise of
> /home/build/releases/master/poky/meta/recipes-multimedia/alsa/alsa-tools_1.1.7.bb
> ERROR: Unable to parse
> /home/build/releases/master/poky/meta/recipes-multimedia/alsa/alsa-tools_1.1.7.bb
> Traceback (most recent call last):
> File "/home/build/releases/master/poky/bitbake/lib/bb/siggen.py", line
> 149, in
> SignatureGeneratorOEBasicHash.finalise(fn='/home/build/releases/master/poky/meta/recipes-multimedia/alsa/alsa-tools_1.1.7.bb',
> d=, variant=None):
> try:
> >taskdeps = self._build_data(fn, d)
> except bb.parse.SkipRecipe:
> File "/home/build/releases/master/poky/bitbake/lib/bb/siggen.py", line
> 120, in
> SignatureGeneratorOEBasicHash._build_data(fn='/home/build/releases/master/poky/meta/recipes-multimedia/alsa/alsa-tools_1.1.7.bb',
> d=):
> ignore_mismatch = ((d.getVar("BB_HASH_IGNORE_MISMATCH") or
> '') == '1')
> >tasklist, gendeps, lookupcache =
> bb.data.generate_dependencies(d)
>
> File "/home/build/releases/master/poky/bitbake/lib/bb/data.py", line
> 379, in generate_dependencies(d= 0x7f9905e4e7f0>):
> for task in tasklist:
> >deps[task], values[task] = build_dependencies(task, keys,
> shelldeps, varflagsexcl, d)
> newdeps = deps[task]
> File "/home/build/releases/master/poky/bitbake/lib/bb/data.py", line
> 312, in build_dependencies(key='do_configure',
> keys={'OLDEST_KERNEL_riscv64', 'BBFILE_PATTERN_perl-layer',
> 'patch_do_patch', 'PREFERRED_PROVIDER_nativesdk-linux-libc-headers',
> 'RECIPE_MAINTAINER_pn-help2man-native', 'sstate_package', 'PKGDESTWORK',
> 'EXCLUDE_FROM_WORLD_pn-prelink_libc-musl', 'LAYERVERSION_core',
> 'IMAGE_FSTYPES', 'RECIPE_MAINTAINER_pn-opkg',
> 'RECIPE_MAINTAINER_pn-libsdl2', 'DEFAULT_TEST_SUITES',
> 'SYSVINIT_ENABLED_GETTYS', 'SDK_ARCH', 'PYTHON',
> 'RECIPE_MAINTAINER_pn-initramfs-framework', 'SANITY_SITECONF_SAMPLE',
> 'get_patches_cves', 'base_bindir_nativesdk',
> 'RECIPE_MAINTAINER_pn-dbus-glib', 'RECIPE_MAINTAINER_pn-libpsl',
> 'TARGET_CPPFLAGS',
Re: [yocto] [meta-security 2/3] kernel-modsign.bbclass: add support for kernel modules signing
On 8/4/19 1:24 PM, Dmitry Eremin-Solenikov wrote:
> вс, 4 авг. 2019 г. в 18:30, akuster808 :
>> On 7/28/19 8:31 AM, Dmitry Eremin-Solenikov wrote:
>>> From: Dmitry Eremin-Solenikov
>>>
>>> Add bbclass responsible for handling signing of kernel modules.
>>>
>>> Signed-off-by: Dmitry Eremin-Solenikov
>>> ---
>>> meta-integrity/classes/kernel-modsign.bbclass | 29 +++
>>> .../data/debug-keys/privkey_modsign.pem | 28 ++
>>> .../data/debug-keys/x509_modsign.crt | 22 ++
>>> 3 files changed, 79 insertions(+)
>>> create mode 100644 meta-integrity/classes/kernel-modsign.bbclass
>>> create mode 100644 meta-integrity/data/debug-keys/privkey_modsign.pem
>>> create mode 100644 meta-integrity/data/debug-keys/x509_modsign.crt
>>>
>>> diff --git a/meta-integrity/classes/kernel-modsign.bbclass
>>> b/meta-integrity/classes/kernel-modsign.bbclass
>>> new file mode 100644
>>> index ..1e4d94b79091
>>> --- /dev/null
>>> +++ b/meta-integrity/classes/kernel-modsign.bbclass
>>> @@ -0,0 +1,29 @@
>>> +# No default! Either this or MODSIGN_PRIVKEY/MODSIGN_X509 have to be
>>> +# set explicitly in a local.conf before activating kernel-modsign.
>>> +# To use the insecure (because public) example keys, use
>>> +# MODSIGN_KEY_DIR = "${INTEGRITY_BASE}/data/debug-keys"
>>> +MODSIGN_KEY_DIR ?= "MODSIGN_KEY_DIR_NOT_SET"
>>> +
>>> +# Private key for modules signing. The default is okay when
>>> +# using the example key directory.
>>> +MODSIGN_PRIVKEY ?= "${MODSIGN_KEY_DIR}/privkey_modsign.pem"
>>> +
>>> +# Public part of certificates used for modules signing.
>>> +# The default is okay when using the example key directory.
>>> +MODSIGN_X509 ?= "${MODSIGN_KEY_DIR}/x509_modsign.crt"
>>> +
>>> +# If this class is enabled, disable stripping signatures from modules
>>> +INHIBIT_PACKAGE_STRIP = "1"
>>> +
>>> +do_configure_prepend() {
>> This is being pulled in with every configure task and causing parsing
>> issues.
>>
>> I changed it to "kernel_do_configure_prepend" and that fixed the issue I
>> was seeing.
> Interesting. I haven't seen this issue. Could you please share any details?
>
> Changed bbclass appears to work for me, so either of them is fine from my
> point of view.
with 'INHERIT += "kernel-modsign"' added to my local.conf I see this.
bitbake integrity-image-minimal
WARNING:
/home/build/releases/master/poky/meta/recipes-multimedia/alsa/alsa-tools_1.1.7.bb:
Exception during build_dependencies for do_configure
WARNING:
/home/build/releases/master/poky/meta/recipes-multimedia/alsa/alsa-tools_1.1.7.bb:
Error during finalise of
/home/build/releases/master/poky/meta/recipes-multimedia/alsa/alsa-tools_1.1.7.bb
ERROR: Unable to parse
/home/build/releases/master/poky/meta/recipes-multimedia/alsa/alsa-tools_1.1.7.bb
Traceback (most recent call last):
File "/home/build/releases/master/poky/bitbake/lib/bb/siggen.py", line
149, in
SignatureGeneratorOEBasicHash.finalise(fn='/home/build/releases/master/poky/meta/recipes-multimedia/alsa/alsa-tools_1.1.7.bb',
d=, variant=None):
try:
> taskdeps = self._build_data(fn, d)
except bb.parse.SkipRecipe:
File "/home/build/releases/master/poky/bitbake/lib/bb/siggen.py", line
120, in
SignatureGeneratorOEBasicHash._build_data(fn='/home/build/releases/master/poky/meta/recipes-multimedia/alsa/alsa-tools_1.1.7.bb',
d=):
ignore_mismatch = ((d.getVar("BB_HASH_IGNORE_MISMATCH") or
'') == '1')
> tasklist, gendeps, lookupcache =
bb.data.generate_dependencies(d)
File "/home/build/releases/master/poky/bitbake/lib/bb/data.py", line
379, in generate_dependencies(d=):
for task in tasklist:
> deps[task], values[task] = build_dependencies(task, keys,
shelldeps, varflagsexcl, d)
newdeps = deps[task]
File "/home/build/releases/master/poky/bitbake/lib/bb/data.py", line
312, in build_dependencies(key='do_configure',
keys={'OLDEST_KERNEL_riscv64', 'BBFILE_PATTERN_perl-layer',
'patch_do_patch', 'PREFERRED_PROVIDER_nativesdk-linux-libc-headers',
'RECIPE_MAINTAINER_pn-help2man-native', 'sstate_package', 'PKGDESTWORK',
'EXCLUDE_FROM_WORLD_pn-prelink_libc-musl', 'LAYERVERSION_core',
'IMAGE_FSTYPES', 'RECIPE_MAINTAINER_pn-opkg',
'RECIPE_MAINTAINER_pn-libsdl2', 'DEFAULT_TEST_SUITES',
'SYSVINIT_ENABLED_GETTYS', 'SDK_ARCH', 'PYTHON',
'RECIPE_MAINTAINER_pn-initramfs-framework', 'SANITY_SITECONF_SAMPLE',
'get_patches_cves', 'base_bindir_nativesdk',
'RECIPE_MAINTAINER_pn-dbus-glib', 'RECIPE_MAINTAINER_pn-libpsl',
'TARGET_CPPFLAGS', 'LAYERSERIES_COMPAT_meta-python',
'INHIBIT_DEFAULT_DEPS', 'RECIPE_MAINTAINER_pn-pulseaudio',
'PATCHDEPENDENCY', 'TCLIBCAPPEND', 'P', 'BBFILE_PATTERN_yocto',
'BB_HASHCHECK_FUNCTION', 'RECIPE_MAINTAINER_pn-texinfo-dummy-native',
'RECIPE_MAINTAINER_pn-watchdog', 'STAGING_FIRMWARE_DIR', 'TARGET_FPU',
'SDK_NAME', 'RREPLACES', 'LINUXLIBCVERSION', 'USERADD_ERROR_DYNAMIC',
'RECIPE_MAINTAINER_pn-wic-tools', 'EXTENDPKGEVER',
Re: [yocto] [meta-security 2/3] kernel-modsign.bbclass: add support for kernel modules signing
вс, 4 авг. 2019 г. в 18:30, akuster808 :
> On 7/28/19 8:31 AM, Dmitry Eremin-Solenikov wrote:
> > From: Dmitry Eremin-Solenikov
> >
> > Add bbclass responsible for handling signing of kernel modules.
> >
> > Signed-off-by: Dmitry Eremin-Solenikov
> > ---
> > meta-integrity/classes/kernel-modsign.bbclass | 29 +++
> > .../data/debug-keys/privkey_modsign.pem | 28 ++
> > .../data/debug-keys/x509_modsign.crt | 22 ++
> > 3 files changed, 79 insertions(+)
> > create mode 100644 meta-integrity/classes/kernel-modsign.bbclass
> > create mode 100644 meta-integrity/data/debug-keys/privkey_modsign.pem
> > create mode 100644 meta-integrity/data/debug-keys/x509_modsign.crt
> >
> > diff --git a/meta-integrity/classes/kernel-modsign.bbclass
> > b/meta-integrity/classes/kernel-modsign.bbclass
> > new file mode 100644
> > index ..1e4d94b79091
> > --- /dev/null
> > +++ b/meta-integrity/classes/kernel-modsign.bbclass
> > @@ -0,0 +1,29 @@
> > +# No default! Either this or MODSIGN_PRIVKEY/MODSIGN_X509 have to be
> > +# set explicitly in a local.conf before activating kernel-modsign.
> > +# To use the insecure (because public) example keys, use
> > +# MODSIGN_KEY_DIR = "${INTEGRITY_BASE}/data/debug-keys"
> > +MODSIGN_KEY_DIR ?= "MODSIGN_KEY_DIR_NOT_SET"
> > +
> > +# Private key for modules signing. The default is okay when
> > +# using the example key directory.
> > +MODSIGN_PRIVKEY ?= "${MODSIGN_KEY_DIR}/privkey_modsign.pem"
> > +
> > +# Public part of certificates used for modules signing.
> > +# The default is okay when using the example key directory.
> > +MODSIGN_X509 ?= "${MODSIGN_KEY_DIR}/x509_modsign.crt"
> > +
> > +# If this class is enabled, disable stripping signatures from modules
> > +INHIBIT_PACKAGE_STRIP = "1"
> > +
> > +do_configure_prepend() {
>
> This is being pulled in with every configure task and causing parsing
> issues.
>
> I changed it to "kernel_do_configure_prepend" and that fixed the issue I
> was seeing.
Interesting. I haven't seen this issue. Could you please share any details?
Changed bbclass appears to work for me, so either of them is fine from my
point of view.
> things appear to be still working, Can you double check.
--
With best wishes
Dmitry
--
___
yocto mailing list
yocto@yoctoproject.org
https://lists.yoctoproject.org/listinfo/yocto
Re: [yocto] [meta-security 2/3] kernel-modsign.bbclass: add support for kernel modules signing
On 7/28/19 8:31 AM, Dmitry Eremin-Solenikov wrote:
> From: Dmitry Eremin-Solenikov
>
> Add bbclass responsible for handling signing of kernel modules.
>
> Signed-off-by: Dmitry Eremin-Solenikov
> ---
> meta-integrity/classes/kernel-modsign.bbclass | 29 +++
> .../data/debug-keys/privkey_modsign.pem | 28 ++
> .../data/debug-keys/x509_modsign.crt | 22 ++
> 3 files changed, 79 insertions(+)
> create mode 100644 meta-integrity/classes/kernel-modsign.bbclass
> create mode 100644 meta-integrity/data/debug-keys/privkey_modsign.pem
> create mode 100644 meta-integrity/data/debug-keys/x509_modsign.crt
>
> diff --git a/meta-integrity/classes/kernel-modsign.bbclass
> b/meta-integrity/classes/kernel-modsign.bbclass
> new file mode 100644
> index ..1e4d94b79091
> --- /dev/null
> +++ b/meta-integrity/classes/kernel-modsign.bbclass
> @@ -0,0 +1,29 @@
> +# No default! Either this or MODSIGN_PRIVKEY/MODSIGN_X509 have to be
> +# set explicitly in a local.conf before activating kernel-modsign.
> +# To use the insecure (because public) example keys, use
> +# MODSIGN_KEY_DIR = "${INTEGRITY_BASE}/data/debug-keys"
> +MODSIGN_KEY_DIR ?= "MODSIGN_KEY_DIR_NOT_SET"
> +
> +# Private key for modules signing. The default is okay when
> +# using the example key directory.
> +MODSIGN_PRIVKEY ?= "${MODSIGN_KEY_DIR}/privkey_modsign.pem"
> +
> +# Public part of certificates used for modules signing.
> +# The default is okay when using the example key directory.
> +MODSIGN_X509 ?= "${MODSIGN_KEY_DIR}/x509_modsign.crt"
> +
> +# If this class is enabled, disable stripping signatures from modules
> +INHIBIT_PACKAGE_STRIP = "1"
> +
> +do_configure_prepend() {
This is being pulled in with every configure task and causing parsing
issues.
I changed it to "kernel_do_configure_prepend" and that fixed the issue I
was seeing.
things appear to be still working, Can you double check.
- armin
> +if [ -f "${MODSIGN_PRIVKEY}" -a -f "${MODSIGN_X509}" ]; then
> +cat "${MODSIGN_PRIVKEY}" "${MODSIGN_X509}" \
> +> "${B}/modsign_key.pem"
> +else
> +bberror "Either modsign key or certificate are invalid"
> +fi
> +}
> +
> +do_shared_workdir_append() {
> +cp modsign_key.pem $kerneldir/
> +}
> diff --git a/meta-integrity/data/debug-keys/privkey_modsign.pem
> b/meta-integrity/data/debug-keys/privkey_modsign.pem
> new file mode 100644
> index ..4cac00ae303a
> --- /dev/null
> +++ b/meta-integrity/data/debug-keys/privkey_modsign.pem
> @@ -0,0 +1,28 @@
> +-BEGIN PRIVATE KEY-
> +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDEWsJjB2pA5Ih6
> +EelXvVjwWY1ix1azMciNRNPPQN1AMXF0K/VUkfOYbaPajg1cQYEf9gk3q7OZ5Axk
> +UY/e5piZORaPcsmj0lV0L+NSlRYydR5M/QxtEz26585FgqRGdAe6umStPmVKdqa2
> +d68O4PgQgJJtVuz6ndm+0uNEUDCVLwhkGQSwNB3qBbZAUX9escZ/a8eUiBfMYKaO
> +k8JRyM+2br9dgpTFg4UfBYexgNSQo8g5TIBGc8KgQiKCuFj1fQEhV5z4RusHthjc
> +NYXa3RHmdclxyrGeYr5ZRc47HqE1gd5NDR0WeHn4C4YKcfK1rZZz/2+6hfsIRfGx
> +6cQKk23hAgMBAAECggEAJ0ULiWirPG04SkmYxF5vEiqm1zGMymvTc0VnoxSS60q4
> +KQa9mvtRn5OV6JjuXRwQqga30zV4xvdP7yRMxMSTkllThL7tSuE/C+yj5xlABjlc
> +JQOa35mwh9fibg5xslF0Vkj+55MKCPlv4CBRl4Uwt4QvRMTUwk6dhMeCgmATR1J1
> +2/7AipjtfFYreDx7sLbRVvSzUhmZS0iCbNOhtTWPLNW+9YKHTOffKa04HzNtnAXq
> +OjJ0IRZD/C6LfkBUsnHg2eEiA97QXh/Srsl9nc8DaUK1IXRywEdmYIoNMWMav2Hm
> +RO8kkU30BqKW+/EO2ZbH2GmkxvwWd0ocBnLC3FRWEQKBgQDu4T8CB3YsOcVjqem4
> +iBlaSht/b46YQc7A1SOqZCimehmmXNSxQOkapIG3wlIr5edtXQA+xv09+WrproUB
> +SjAnqaH6pYeCvbNlY5k344gtYs+Kco2rq5GYa+LumAeX2Sam8F7u4LxvEogCecX7
> +e4rnG3lt3AVuuRE7zpCQtaWcJQKBgQDSbUvea9pcYli9pssTl+ijQKkgG9DdaYbA
> +I5w5bY1TPYZ/Ocysljefv/ssaHFh4DPxE1MQ5JHwZgZRo1EICxxYzGsLjyR/fmjz
> +1c/NJlTtalCNtLvWaf7b02ag/abnP8neiSpLL5xqHvGo5ikWwgYQD+9HVKGvL3S1
> +kI7x/ziADQKBgQCqFbkuMa/jh3LTJp0iZc1fa1qu3vhx0pFq3Zeab9w9xLxUps5O
> +MwCGltFBzNuDJBwm00wkZrzTjq6gGkHbjD5DT1XkyE13OqjsLQFgOOKyJiPN2Qik
> +TfHJzC91YMwvQ09xF78QaPXiRBiRYrEkAXACY56PKVS45I6vvcFTN/Ll/QKBgA9m
> +KDMyuVwhZlUaq6nXaBLqXHYZEwPhARd2g6xANCNvUTRmSnAm3hM2vW7WhdWfzq1J
> +uL53u6ZYEQZQaVGpXn2xF/RUmVsrKQsPDpH4yCZHrXVxUH20bA4yPkRxy5EIvgEn
> +EI1IAq5RbWXq0f70W/U49U3HB74GPwg6d/uFreDRAoGAN+v9gMQA6A1vM7LvbYR8
> +5CwwyqS/CfI9zKPLn53QstguXC/ObafIYQzVRqGb9lCQgtlmmKw4jMY0B/lDzpcH
> +zS8rqoyvDj/m7i17NYkqXErJKLRQ0ptXKdLXHlG0u185e7Y5p4O3Z5dk8bACkpHi
> +hp764y+BtU4qIcVaPsPK4uU=
> +-END PRIVATE KEY-
> diff --git a/meta-integrity/data/debug-keys/x509_modsign.crt
> b/meta-integrity/data/debug-keys/x509_modsign.crt
> new file mode 100644
> index ..5fa2a9062a89
> --- /dev/null
> +++ b/meta-integrity/data/debug-keys/x509_modsign.crt
> @@ -0,0 +1,22 @@
> +-BEGIN CERTIFICATE-
> +MIIDnjCCAoagAwIBAgIUUqmBj5Q8edHMMTXsoGVGEEKdwV4wDQYJKoZIhvcNAQEL
> +BQAwZzEqMCgGA1UEAxMhbWV0YS1zZWN1cml0eSBtb2R1bGVzIHNpZ25pbmcga2V5
> +MRQwEgYDVQQKEwtleGFtcGxlLmNvbTEjMCEGCSqGSIb3DQEJARYUam9obi5kb2VA
> +ZXhhbXBsZS5jb20wIBcNMTkwNzI3MjIzOTA3WhgPMjExOTA3MjcyMjM5MTVaMGcx
> +KjAoBgNVBAMTIW1ldGEtc2VjdXJpdHkgbW9kdWxlcyBzaWduaW5nIGtleTEUMBIG
[yocto] QA issue applibrary rdepends on app-dev [dev-deps], where is the do_package_qa?
Hi,
I was running my Yocto build fine until I had a minor change to move
libapplibrary.so to libapplibrry.so.${PN} and made libapplibrary.so to
a symbolic link of libapplibrry.so.${PN}. Now it got an error of QA
issue applibrary rdepends on app-dev [dev-deps], QA run found fatal
errors, please consider fixing them.
Even I reverse the changes back the, it still complained the same error.
I don't have do_package_qa in my bb file, where is it from? What is
that error about? How to fix it?
Thank you.
Kind regards,
- jh
--
___
yocto mailing list
yocto@yoctoproject.org
https://lists.yoctoproject.org/listinfo/yocto
