Re: [yocto] Fix 'PACKAGES' in net-snmp recipe

2018-03-19 Thread Huang, Jie (Jackie) 
> 
> 
> From: Kosta Zertsekel [mailto:kzertse...@advaoptical.com] 
> Sent: Monday, March 19, 2018 14:17
> To: Huang, Jie (Jackie); Khem Raj
> Cc: yocto@yoctoproject.org; Enache, Catalin; Zhou, Li
> Subject: Re: [yocto] Fix 'PACKAGES' in net-snmp recipe
> 
> > are there specific issue you are seeing besides the packages being empty ?
> > I would suggest to apply _remove operation to remove the empty packages
> > if needed from PACKAGES variable
> 
> No any other specific issues are seen.
> 
> > I agree, I don't think it's an issue that the packages
> > being empty, and actually they're handled properly with:
> > 
> > ALLOW_EMPTY_${PN} = "1"
> > ALLOW_EMPTY_${PN}-server = "1"
> > 
> > RDEPENDS_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'perl', 
> > 'net-snmp-perl-modules', '', d)}"
> > RDEPENDS_${PN} += "net-snmp-client"
> > RDEPENDS_${PN}-server += "net-snmp-server-snmpd net-snmp-server-snmptrapd"
> > 
> > So you can assume that "net-snmp" = "net-snmp-client" ( plus 
> > 'net-snmp-perl-modules'
> > if 'perl' packgeconfig is enabled ), and "net-snmp-server" = " 
> > net-snmp-server-snmpd"
> > +"net-snmp-server-snmptrapd " 
> 
> So, you mean that 'PACKAGEs = ...' was changed to 'PACKAGES += ...' in order
> to create the default packages (${PN}, ${PN}-doc, ${PN}-locale, etc.) that are

It was changed for two reasons referred to the commit 5eec0615e:

"""
- Change to use append for PACKAGES so that:
  * ptest package is added from ptest bbcalss
  * the PN is back, allow empty and add rdepends on net-snmp-client
in case the user try to add net-snmp to the image
"""

1) The 'PACKAGEs = ...' will override the definition from bbclass like 
ptest.bbclass
2) We had customers assume that the ${PN} package for each recipe always exist 
so when they wanted to
use net-snmp clients, they tried to install net-snmp but failed.

If you don't like the solution, you can use _remove operation to remove PN from 
PACKAGES.

Other default packages like ${PN}-doc and ${PN}-locale, them are also empty for 
many other recipes,
I don't think it's an issue, so no need to re-define the PACKAGES or remove 
them with _remove operation.

Thanks,
Jackie



> empty? Is there a chance it was done to satisfy a default dependencies in
> bitbake.conf? I just fail to see the original meaning...
> --- Kosta Z.
> ____
> From: Huang, Jie (Jackie) <jackie.hu...@windriver.com>
> Sent: Monday, March 19, 2018 3:56:28 AM
> To: Khem Raj; Kosta Zertsekel
> Cc: yocto@yoctoproject.org; Enache, Catalin; Zhou, Li
> Subject: RE: [yocto] Fix 'PACKAGES' in net-snmp recipe 
>  
> 
> 
> > -Original Message-
> > From: Huang, Jie (Jackie)
> > Sent: Monday, March 19, 2018 09:51
> > To: 'Khem Raj'; Kosta Zertsekel
> > Cc: yocto@yoctoproject.org; Enache, Catalin; Zhou, Li
> > Subject: RE: [yocto] Fix 'PACKAGES' in net-snmp recipe
> > 
> > 
> > 
> > > -Original Message-
> > > From: Khem Raj [mailto:raj.k...@gmail.com]
> > > Sent: Monday, March 19, 2018 05:54
> > > To: Kosta Zertsekel
> > > Cc: yocto@yoctoproject.org; Huang, Jie (Jackie); Enache, Catalin; Zhou, Li
> > > Subject: Re: [yocto] Fix 'PACKAGES' in net-snmp recipe
> > >
> > > On Sat, Mar 17, 2018 at 11:46 PM, Kosta Zertsekel
> > > <kzertse...@advaoptical.com> wrote:
> > > > Hi guys,
> > > >
> > > >
> > > > As for now (master branch) 'PACKAGES' variable in net-snmp equals to:
> > > >
> > > > ```
> > > >
> > > > $ bitbake -e net-snmp | grep "^PACKAGES="
> > > >
> > > > PACKAGES="net-snmp-dbg net-snmp-staticdev net-snmp-dev net-snmp-doc
> > > > net-snmp-locale  net-snmp net-snmp-libs net-snmp-mibs net-snmp-server
> > > > net-snmp-client net-snmp-server-snmpd net-snmp-server-snmptrapd "
> > > > ```
> > > >
> > > > This seems to be wrong as many built packages from 'packages-split'
> > > > directory of net-snmp are empty:
> > > >
> > > > ```
> > > > $ du -a --max-depth=1 . | sort -n
> > > > 4./net-snmp
> > > > 4./net-snmp-client.shlibdeps
> > > > 4./net-snmp-doc
> > > > 4./net-snmp-libs.shlibdeps
> > > > 4./net-snmp-locale
> > > > 4./net-snmp-server
> > > > 4./net-snmp-server-snmpd.shlibdeps
> > > &g

Re: [yocto] Fix 'PACKAGES' in net-snmp recipe

2018-03-18 Thread Huang, Jie (Jackie) 


> -Original Message-
> From: Huang, Jie (Jackie)
> Sent: Monday, March 19, 2018 09:51
> To: 'Khem Raj'; Kosta Zertsekel
> Cc: yocto@yoctoproject.org; Enache, Catalin; Zhou, Li
> Subject: RE: [yocto] Fix 'PACKAGES' in net-snmp recipe
> 
> 
> 
> > -Original Message-
> > From: Khem Raj [mailto:raj.k...@gmail.com]
> > Sent: Monday, March 19, 2018 05:54
> > To: Kosta Zertsekel
> > Cc: yocto@yoctoproject.org; Huang, Jie (Jackie); Enache, Catalin; Zhou, Li
> > Subject: Re: [yocto] Fix 'PACKAGES' in net-snmp recipe
> >
> > On Sat, Mar 17, 2018 at 11:46 PM, Kosta Zertsekel
> > <kzertse...@advaoptical.com> wrote:
> > > Hi guys,
> > >
> > >
> > > As for now (master branch) 'PACKAGES' variable in net-snmp equals to:
> > >
> > > ```
> > >
> > > $ bitbake -e net-snmp | grep "^PACKAGES="
> > >
> > > PACKAGES="net-snmp-dbg net-snmp-staticdev net-snmp-dev net-snmp-doc
> > > net-snmp-locale  net-snmp net-snmp-libs net-snmp-mibs net-snmp-server
> > > net-snmp-client net-snmp-server-snmpd net-snmp-server-snmptrapd "
> > > ```
> > >
> > > This seems to be wrong as many built packages from 'packages-split'
> > > directory of net-snmp are empty:
> > >
> > > ```
> > > $ du -a --max-depth=1 . | sort -n
> > > 4./net-snmp
> > > 4./net-snmp-client.shlibdeps
> > > 4./net-snmp-doc
> > > 4./net-snmp-libs.shlibdeps
> > > 4./net-snmp-locale
> > > 4./net-snmp-server
> > > 4./net-snmp-server-snmpd.shlibdeps
> > > 4./net-snmp-server-snmptrapd.shlibdeps
> > > 4./net-snmp-staticdev
> > > 48./net-snmp-server-snmptrapd
> > > 72./net-snmp-server-snmpd
> > > 1208./net-snmp-dev
> > > 1480./net-snmp-client
> > > 1812./net-snmp-mibs
> > > 2872./net-snmp-libs
> > > 15308./net-snmp-dbg
> > > ```
> > >
> > > Well, the culprit commit is 5eec0615e548f58ecdfadfc45af5805eeb58f69c where
> > > the below change has happened:
> > > ```
> > > -PACKAGES = "${PN}-dbg ${PN}-doc ${PN}-dev ${PN}-staticdev ${PN}-static
> > > ${PN}-libs \
> > > -${PN}-mibs ${PN}-server ${PN}-client ${PN}-server-snmpd
> > > ${PN}-server-snmptrapd"
> > > +PACKAGES += "${PN}-libs ${PN}-mibs ${PN}-server ${PN}-client
> > > ${PN}-server-snmpd ${PN}-server-snmptrapd"
> > > ```
> > >
> > > This new 'PACKAGES' variable is wrong IMHO, because it contains
> > > the 'net-snmp' package and other empty packages.
> > >
> > >
> > > Please review (and apply if ok) the attached commit that fixes it.
> > >
> >
> > are there specific issue you are seeing besides the packages being empty ?
> > I would suggest to apply _remove operation to remove the empty packages
> > if needed from PACKAGES variable
> 
> I agree, I don't think it's an issue that the packages being empty, and 
> actually they're handled properly with:
> 
> ALLOW_EMPTY_${PN} = "1"
> ALLOW_EMPTY_${PN}-server = "1"
> 
> RDEPENDS_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'perl', 
> 'net-snmp-perl-modules', '', d)}"
> RDEPENDS_${PN} += "net-snmp-client"
> RDEPENDS_${PN}-server += "net-snmp-server-snmpd net-snmp-server-snmptrapd"
> 
> So you can assume that "net-snmp" = "net-snmp-client" ( plus 
> 'net-snmp-perl-modules' if 'perl' packgeconfig
> is enabled ), and "net-snmp-server" = " net-snmp-server-snmpd" + 
> "net-snmp-server-snmptrapd "

And if you really want to remove them with _remove operations, you may also 
need to remove the RDEPENDS.

Thanks,
Jackie

> 
> Thanks,
> Jackie
> 
> >
> > >
> > > Thanks,
> > >
> > > --- Kosta Z.
> > >
> > >
> > > --
> > > ___
> > > yocto mailing list
> > > yocto@yoctoproject.org
> > > https://lists.yoctoproject.org/listinfo/yocto
> > >
-- 
___
yocto mailing list
yocto@yoctoproject.org
https://lists.yoctoproject.org/listinfo/yocto

Re: [yocto] Fix 'PACKAGES' in net-snmp recipe

2018-03-18 Thread Huang, Jie (Jackie) 


> -Original Message-
> From: Khem Raj [mailto:raj.k...@gmail.com]
> Sent: Monday, March 19, 2018 05:54
> To: Kosta Zertsekel
> Cc: yocto@yoctoproject.org; Huang, Jie (Jackie); Enache, Catalin; Zhou, Li
> Subject: Re: [yocto] Fix 'PACKAGES' in net-snmp recipe
> 
> On Sat, Mar 17, 2018 at 11:46 PM, Kosta Zertsekel
> <kzertse...@advaoptical.com> wrote:
> > Hi guys,
> >
> >
> > As for now (master branch) 'PACKAGES' variable in net-snmp equals to:
> >
> > ```
> >
> > $ bitbake -e net-snmp | grep "^PACKAGES="
> >
> > PACKAGES="net-snmp-dbg net-snmp-staticdev net-snmp-dev net-snmp-doc
> > net-snmp-locale  net-snmp net-snmp-libs net-snmp-mibs net-snmp-server
> > net-snmp-client net-snmp-server-snmpd net-snmp-server-snmptrapd "
> > ```
> >
> > This seems to be wrong as many built packages from 'packages-split'
> > directory of net-snmp are empty:
> >
> > ```
> > $ du -a --max-depth=1 . | sort -n
> > 4./net-snmp
> > 4./net-snmp-client.shlibdeps
> > 4./net-snmp-doc
> > 4./net-snmp-libs.shlibdeps
> > 4./net-snmp-locale
> > 4./net-snmp-server
> > 4./net-snmp-server-snmpd.shlibdeps
> > 4./net-snmp-server-snmptrapd.shlibdeps
> > 4./net-snmp-staticdev
> > 48./net-snmp-server-snmptrapd
> > 72./net-snmp-server-snmpd
> > 1208./net-snmp-dev
> > 1480./net-snmp-client
> > 1812./net-snmp-mibs
> > 2872./net-snmp-libs
> > 15308./net-snmp-dbg
> > ```
> >
> > Well, the culprit commit is 5eec0615e548f58ecdfadfc45af5805eeb58f69c where
> > the below change has happened:
> > ```
> > -PACKAGES = "${PN}-dbg ${PN}-doc ${PN}-dev ${PN}-staticdev ${PN}-static
> > ${PN}-libs \
> > -${PN}-mibs ${PN}-server ${PN}-client ${PN}-server-snmpd
> > ${PN}-server-snmptrapd"
> > +PACKAGES += "${PN}-libs ${PN}-mibs ${PN}-server ${PN}-client
> > ${PN}-server-snmpd ${PN}-server-snmptrapd"
> > ```
> >
> > This new 'PACKAGES' variable is wrong IMHO, because it contains
> > the 'net-snmp' package and other empty packages.
> >
> >
> > Please review (and apply if ok) the attached commit that fixes it.
> >
> 
> are there specific issue you are seeing besides the packages being empty ?
> I would suggest to apply _remove operation to remove the empty packages
> if needed from PACKAGES variable

I agree, I don't think it's an issue that the packages being empty, and 
actually they're handled properly with:

ALLOW_EMPTY_${PN} = "1"
ALLOW_EMPTY_${PN}-server = "1"

RDEPENDS_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'perl', 
'net-snmp-perl-modules', '', d)}"
RDEPENDS_${PN} += "net-snmp-client"
RDEPENDS_${PN}-server += "net-snmp-server-snmpd net-snmp-server-snmptrapd"

So you can assume that "net-snmp" = "net-snmp-client" ( plus 
'net-snmp-perl-modules' if 'perl' packgeconfig 
is enabled ), and "net-snmp-server" = " net-snmp-server-snmpd" + 
"net-snmp-server-snmptrapd "

Thanks,
Jackie

> 
> >
> > Thanks,
> >
> > --- Kosta Z.
> >
> >
> > --
> > ___
> > yocto mailing list
> > yocto@yoctoproject.org
> > https://lists.yoctoproject.org/listinfo/yocto
> >
-- 
___
yocto mailing list
yocto@yoctoproject.org
https://lists.yoctoproject.org/listinfo/yocto

Re: [yocto] [opkg-utils PATCH] update-alternatives: fix the sed pattern in remove_alt

2018-01-18 Thread Huang, Jie (Jackie) 
Sorry I forgot adding opkg-devel, so I just re-sent with opkg-devel added in.

Thanks,
Jackie

> -Original Message-
> From: yocto-boun...@yoctoproject.org [mailto:yocto-
> boun...@yoctoproject.org] On Behalf Of jackie.hu...@windriver.com
> Sent: Friday, January 19, 2018 10:54
> To: yocto@yoctoproject.org
> Subject: [yocto] [opkg-utils PATCH] update-alternatives: fix the sed pattern 
> in
> remove_alt
> 
> From: Jackie Huang 
> 
> '\>' is to matches the end of a word, but the executable is
> not always a 'word', e.g. /usr/lib64/busybox/usr/bin/[
> 
> then such alternatives can not be removed.
> 
> So change to use '\s' in the pattern since the following
> character of the $path is whitespace.
> 
> Signed-off-by: Jackie Huang 
> ---
>  update-alternatives | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/update-alternatives b/update-alternatives
> index ffad853..ce7d66c 100644
> --- a/update-alternatives
> +++ b/update-alternatives
> @@ -80,7 +80,7 @@ remove_alt() {
>   [ ! -f $ad/$name ] && return 0
> 
>   path=`echo $path | protect_slashes | protect_special_character`
> - sed -ne "/^$path\>.*/!p" $ad/$name > $ad/$name.new
> + sed -ne "/^$path\s.*/!p" $ad/$name > $ad/$name.new
>   mv $ad/$name.new $ad/$name
>  }
> 
> --
> 2.7.4
> 
> --
> ___
> yocto mailing list
> yocto@yoctoproject.org
> https://lists.yoctoproject.org/listinfo/yocto
-- 
___
yocto mailing list
yocto@yoctoproject.org
https://lists.yoctoproject.org/listinfo/yocto

Re: [yocto] [meta-cgl][PATCH 2/2] cgl-common.inc: append SRC_URI for poky-cgl only

2017-10-11 Thread Huang, Jie (Jackie) 


> -Original Message-
> From: Andre McCurdy [mailto:armccu...@gmail.com]
> Sent: Thursday, October 12, 2017 06:51
> To: Huang, Jie (Jackie)
> Cc: Yocto discussion list
> Subject: Re: [yocto] [meta-cgl][PATCH 2/2] cgl-common.inc: append SRC_URI
> for poky-cgl only
> 
> On Mon, Oct 9, 2017 at 8:30 PM,  <jackie.hu...@windriver.com> wrote:
> > From: Jackie Huang <jackie.hu...@windriver.com>
> >
> > Someone may want to add meta-cgl-common layer into their
> > distro and only use some of the packages, but these kernel
> > features will be also added by the bbappend and may cause
> > unexpected issue, so change to append the SRC_URI for poky-cgl
> > distro only.
> >
> > Signed-off-by: Jackie Huang <jackie.hu...@windriver.com>
> > ---
> >  meta-cgl-common/recipes-kernel/linux/cgl-common.inc | 2 +-
> >  1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/meta-cgl-common/recipes-kernel/linux/cgl-common.inc b/meta-
> cgl-common/recipes-kernel/linux/cgl-common.inc
> > index 52cf773..362a7c4 100644
> > --- a/meta-cgl-common/recipes-kernel/linux/cgl-common.inc
> > +++ b/meta-cgl-common/recipes-kernel/linux/cgl-common.inc
> > @@ -1,6 +1,6 @@
> >  FILESEXTRAPATHS_prepend := "${THISDIR}/files:"
> >
> > -SRC_URI += "file://cfg/1-systemtap.cfg \
> > +SRC_URI_append_poky-cgl = "file://cfg/1-systemtap.cfg \
> 
> Needs a leading space.

Fixed and sent v2.

Thanks,
Jackie

> 
> >  file://cfg/2-oprofile.cfg \
> >  file://cfg/3-lttng.cfg \
> >  file://cfg/4-kgdb.cfg \
> > --
> > 2.11.0
> >
> > --
> > ___
> > yocto mailing list
> > yocto@yoctoproject.org
> > https://lists.yoctoproject.org/listinfo/yocto
-- 
___
yocto mailing list
yocto@yoctoproject.org
https://lists.yoctoproject.org/listinfo/yocto

Re: [yocto] [meta-cloud-services][PATCH] packagegroups: fix invalid license file

2017-09-15 Thread Huang, Jie (Jackie) 


> -Original Message-
> From: Bruce Ashfield [mailto:bruce.ashfi...@windriver.com]
> Sent: Saturday, September 16, 2017 03:19
> To: Huang, Jie (Jackie); yocto@yoctoproject.org
> Subject: Re: [yocto] [meta-cloud-services][PATCH] packagegroups: fix invalid
> license file
> 
> wrong mailing list, but merged anyway.
> 
> use the meta-virtualization mailing list for these.

Thanks, I will send there next time.

Thanks,
Jackie

> 
> Bruce
> 
> On 2017-09-15 5:27 AM, jackie.hu...@windriver.com wrote:
> > From: Jackie Huang <jackie.hu...@windriver.com>
> >
> > Use '${COMMON_LICENSE_DIR}/MIT' for MIT License to fix the warning:
> >
> > | WARNING: packagegroup-cloud-compute do_populate_lic:
> >${COREBASE}/LICENSE is not a valid license file, please use
> >'${COMMON_LICENSE_DIR}/MIT' for a MIT License file in
> LIC_FILES_CHKSUM.
> >This will become an error in the future
> >
> > Signed-off-by: Jackie Huang <jackie.hu...@windriver.com>
> > ---
> >   .../recipes-extended/packagegroups/packagegroup-cloud-benchmarking.bb
> | 2 +-
> >   .../recipes-extended/packagegroups/packagegroup-cloud-compute.bb|
> 2 +-
> >   .../recipes-extended/packagegroups/packagegroup-cloud-controller.bb | 
> > 2
> +-
> >   .../recipes-extended/packagegroups/packagegroup-cloud-debug.bb  | 
> > 2
> +-
> >   .../recipes-extended/packagegroups/packagegroup-cloud-extras.bb | 
> > 2
> +-
> >   .../recipes-extended/packagegroups/packagegroup-cloud-network.bb| 
> > 2
> +-
> >   6 files changed, 6 insertions(+), 6 deletions(-)
> >
> > diff --git a/meta-openstack/recipes-extended/packagegroups/packagegroup-
> cloud-benchmarking.bb b/meta-openstack/recipes-
> extended/packagegroups/packagegroup-cloud-benchmarking.bb
> > index 6310b8f..e659c31 100644
> > --- a/meta-openstack/recipes-extended/packagegroups/packagegroup-cloud-
> benchmarking.bb
> > +++ b/meta-openstack/recipes-extended/packagegroups/packagegroup-
> cloud-benchmarking.bb
> > @@ -1,7 +1,7 @@
> >   SUMMARY = "Add benchmarking capabilities to cloud images"
> >   PR = "r0"
> >   LICENSE = "MIT"
> > -LIC_FILES_CHKSUM =
> "file://${COREBASE}/LICENSE;md5=4d92cd373abda3937c2bc47fbc49d690 \
> > +LIC_FILES_CHKSUM =
> "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f
> 302 \
> >
> file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de2
> 0420"
> >
> >   inherit packagegroup
> > diff --git a/meta-openstack/recipes-extended/packagegroups/packagegroup-
> cloud-compute.bb b/meta-openstack/recipes-
> extended/packagegroups/packagegroup-cloud-compute.bb
> > index 21f8f10..2e9446d 100644
> > --- a/meta-openstack/recipes-extended/packagegroups/packagegroup-cloud-
> compute.bb
> > +++ b/meta-openstack/recipes-extended/packagegroups/packagegroup-
> cloud-compute.bb
> > @@ -1,7 +1,7 @@
> >   SUMMARY = "Configuration for OpenStack Compute node"
> >   PR = "r0"
> >   LICENSE = "MIT"
> > -LIC_FILES_CHKSUM =
> "file://${COREBASE}/LICENSE;md5=4d92cd373abda3937c2bc47fbc49d690 \
> > +LIC_FILES_CHKSUM =
> "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f
> 302 \
> >
> file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de2
> 0420"
> >
> >   inherit packagegroup
> > diff --git a/meta-openstack/recipes-extended/packagegroups/packagegroup-
> cloud-controller.bb b/meta-openstack/recipes-
> extended/packagegroups/packagegroup-cloud-controller.bb
> > index f172839..1f0a8de 100644
> > --- a/meta-openstack/recipes-extended/packagegroups/packagegroup-cloud-
> controller.bb
> > +++ b/meta-openstack/recipes-extended/packagegroups/packagegroup-
> cloud-controller.bb
> > @@ -1,7 +1,7 @@
> >   SUMMARY = "Configuration for OpenStack Controller node"
> >   PR = "r0"
> >   LICENSE = "MIT"
> > -LIC_FILES_CHKSUM =
> "file://${COREBASE}/LICENSE;md5=4d92cd373abda3937c2bc47fbc49d690 \
> > +LIC_FILES_CHKSUM =
> "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f
> 302 \
> >
> file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de2
> 0420"
> >
> >   inherit packagegroup
> > diff --git a/meta-openstack/recipes-extended/packagegroups/packagegroup-
> cloud-debug.bb b/meta-openstack/recipes-
> extended/packagegroups/packagegroup-cloud-debug.bb
> > index e5517d2..fecbdc6 100644
> > --- a/meta-openstack/recipes-extended/pack

Re: [yocto] [meta-cgl][PATCH] pacemaker: update to 1.1.16

2017-06-19 Thread Huang, Jie (Jackie) 


> -Original Message-
> From: Adrian Dudau [mailto:adrian.du...@enea.com]
> Sent: Monday, June 19, 2017 16:28
> To: Huang, Jie (Jackie); yocto@yoctoproject.org
> Subject: Re: [yocto] [meta-cgl][PATCH] pacemaker: update to 1.1.16
> 
> On fre, 2017-06-09 at 10:59 +0800, jackie.hu...@windriver.com wrote:
> > From: Jackie Huang <jackie.hu...@windriver.com>
> >
> > * update the licenses and checksum
> > * fix PN -> BPN for multilib builds
> > * add PACKAGECONFIG for systemd and libsmtp
> > * add fix for libgnutls
> >
> > Signed-off-by: Jackie Huang <jackie.hu...@windriver.com>
> > ---
> >  ...006-pacemaker-do-not-use-libgnutls-config.patch | 29
> > ++
> >  .../{pacemaker_1.1.15.bb => pacemaker_1.1.16.bb}   | 22 +---
> > 
> >  2 files changed, 42 insertions(+), 9 deletions(-)
> >  create mode 100755 meta-cgl-common/recipes-
> > cgl/pacemaker/pacemaker/0006-pacemaker-do-not-use-libgnutls-
> > config.patch
> >  rename meta-cgl-common/recipes-cgl/pacemaker/{pacemaker_1.1.15.bb =>
> > pacemaker_1.1.16.bb} (84%)
> >
> > diff --git a/meta-cgl-common/recipes-cgl/pacemaker/pacemaker/0006-
> > pacemaker-do-not-use-libgnutls-config.patch b/meta-cgl-
> > common/recipes-cgl/pacemaker/pacemaker/0006-pacemaker-do-not-use-
> > libgnutls-config.patch
> > new file mode 100755
> > index 000..46e45df
> > --- /dev/null
> > +++ b/meta-cgl-common/recipes-cgl/pacemaker/pacemaker/0006-
> pacemaker-
> > do-not-use-libgnutls-config.patch
> > @@ -0,0 +1,29 @@
> > +commit bb26b7c290473af988aa9d4132ef55ca907091e6
> > +Author: Joe Slater <jsla...@windriver.com>
> > +Date:   Mon Mar 11 15:47:54 2013 -0700
> > +
> > +pacemaker: do not use libgnutls-config
> > +
> > +Do not try to use libgnutls-config when configuring.
> > +It has been deprecated and we do not supply it.  If a
> > +host version is found, bad things can happen.
> 
> This code patch needs an Upstream-Status tag.

Upstream-Status is added and v2 is sent.

Thanks,
Jackie

> 
> > +
> > +Signed-off-by: Joe Slater <jsla...@windriver.com>
> > +Signed-off-by: Jackie Huang <jackie.hu...@windriver.com>
> > +
> > +
> > +--- a/configure.ac
> >  b/configure.ac
> > +@@ -1427,9 +1427,9 @@ dnl 
> > + AC_CHECK_HEADERS(gnutls/gnutls.h)
> > + AC_CHECK_HEADERS(security/pam_appl.h pam/pam_appl.h)
> > +
> >
> 
> 
> 
> >  # Don't package some files
> >  find ${D} -name "*.pyo" -exec rm {} \;
> > --
> > 2.11.0
> >
> 
> Otherwise the patch looks good, so please send a v2 and I'll merge it.
> 
> Best regards,
> --Adrian
-- 
___
yocto mailing list
yocto@yoctoproject.org
https://lists.yoctoproject.org/listinfo/yocto

Re: [yocto] [meta-cgl][PATCH 0/4] resource-agents: update to 4.0.1 and several fixes

2017-06-08 Thread Huang, Jie (Jackie) 


> -Original Message-
> From: Adrian Dudau [mailto:adrian.du...@enea.com]
> Sent: Thursday, June 08, 2017 22:32
> To: Huang, Jie (Jackie); yocto@yoctoproject.org
> Subject: Re: [yocto] [meta-cgl][PATCH 0/4] resource-agents: update to 4.0.1
> and several fixes
> 
> On fre, 2017-06-02 at 16:21 +0800, jackie.hu...@windriver.com wrote:
> > From: Jackie Huang <jackie.hu...@windriver.com>
> >
> > --
> > The following changes since commit
> > c0afa706e9cdb650c0e8bb79f503743632350b00:
> >
> >   core-image-cgl: Remove ROOTFS_PKGMANAGE_BOOTSTRAP (2017-05-24
> > 14:19:13 +0200)
> >
> > are available in the git repository at:
> >
> >   https://github.com/jackiehjm/meta-cgl.git jhuang0/up_resource-
> > agents_170602_0
> >   https://github.com//tree/jhuang0/up_resource-agents_170602_0
> >
> > Jackie Huang (4):
> >   resource-agents: fix dependencies
> >   resource-agents: fix install-sh not found
> >   resource-agents: fix builds error when S != B
> >   resource-agents: update to version 4.0.1
> >
> >  .../resource-agents/fix-install-sh-not-found.patch | 60
> > ++
> >  ...uilds-when-srcdir-and-builddir-are-sepera.patch | 39
> > ++
> >  ...ce-agents_3.9.7.bb => resource-agents_4.0.1.bb} | 20 ++--
> >  3 files changed, 115 insertions(+), 4 deletions(-)
> >  create mode 100644 meta-cgl-common/recipes-cgl/cluster-resource-
> > agents/resource-agents/fix-install-sh-not-found.patch
> >  create mode 100644 meta-cgl-common/recipes-cgl/cluster-resource-
> > agents/resource-agents/fs.sh-fix-builds-when-srcdir-and-builddir-are-
> > sepera.patch
> >  rename meta-cgl-common/recipes-cgl/cluster-resource-
> > agents/{resource-agents_3.9.7.bb => resource-agents_4.0.1.bb} (82%)
> >
> > --
> > 2.11.0
> >
> 
> Same here, patchset is ok but you need to rebase on top of master
> latest.

Rebased and re-sent as v2.

Thanks,
Jackie

> 
> Best regards,
> --Adrian
-- 
___
yocto mailing list
yocto@yoctoproject.org
https://lists.yoctoproject.org/listinfo/yocto

Re: [yocto] [meta-cgl][PATCH] poky-cgl: avoid installing multiple syslogs

2017-06-08 Thread Huang, Jie (Jackie) 


> -Original Message-
> From: Adrian Dudau [mailto:adrian.du...@enea.com]
> Sent: Thursday, June 08, 2017 20:01
> To: Huang, Jie (Jackie); yocto@yoctoproject.org
> Subject: Re: [yocto] [meta-cgl][PATCH] poky-cgl: avoid installing multiple
> syslogs
> 
> On fre, 2017-06-02 at 15:59 +0800, jackie.hu...@windriver.com wrote:
> > From: Jackie Huang <jackie.hu...@windriver.com>
> >
> > do_rootfs fails if multiple syslogs are installed:
> > >
> > > Error: package syslog-ng-3.8.1-r0.i586 conflicts with sysklogd
> > > provided
> >   by sysklogd-1.5.1-r0.i586
> >
> > core-image-cgl requires packagegroup-core-full-cmdline which depends
> > on VIRTUAL-RUNTIME_syslog (default to sysklogd), so set the
> > VIRTUAL-RUNTIME_syslog in distro conf and no need to depends
> > on any syslog in packagegroup-cgl-applications, then we ensure
> > that only one syslog is installed to avoid conflicts.
> >
> > Signed-off-by: Jackie Huang <jackie.hu...@windriver.com>
> > ---
> >  meta-cgl-common/conf/distro/poky-cgl.conf  | 4
> > 
> >  meta-cgl-common/packagegroups/packagegroup-cgl-applications.bb | 2
> > --
> >  2 files changed, 4 insertions(+), 2 deletions(-)
> >
> > diff --git a/meta-cgl-common/conf/distro/poky-cgl.conf b/meta-cgl-
> > common/conf/distro/poky-cgl.conf
> > index 90cc82b..69f6200 100644
> > --- a/meta-cgl-common/conf/distro/poky-cgl.conf
> > +++ b/meta-cgl-common/conf/distro/poky-cgl.conf
> > @@ -5,3 +5,7 @@ DISTRO = "poky-cgl"
> >
> >  IMAGE_CLASSES += "image_types_uboot"
> >  PREFERRED_PROVIDER_virtual/refpolicy="refpolicy-targeted"
> > +
> > +# we want to use rsyslog as the default syslog, but it's GPLv3, so
> > need this
> > +# check to switch to syslog-ng if GLPv3 is blacklisted.
> > +VIRTUAL-RUNTIME_syslog ?= "${@bb.utils.contains('INCOMPATIBLE_LICENS
> > E', 'GPLv3', 'syslog-ng', 'rsyslog', d)}"
> > diff --git a/meta-cgl-common/packagegroups/packagegroup-cgl-
> > applications.bb b/meta-cgl-common/packagegroups/packagegroup-cgl-
> > applications.bb
> > index b566e2d..be36075 100644
> > --- a/meta-cgl-common/packagegroups/packagegroup-cgl-applications.bb
> > +++ b/meta-cgl-common/packagegroups/packagegroup-cgl-applications.bb
> > @@ -40,7 +40,6 @@ RDEPENDS_${PN} = " \
> >  quota \
> >  smartmontools \
> >  monit \
> > -syslog-ng \
> >  ocfs2-tools \
> >  logcheck \
> >  samhain-client \
> > @@ -48,7 +47,6 @@ RDEPENDS_${PN} = " \
> >  audit \
> >  pam-passwdqc \
> >  libpam \
> > -rsyslog \
> >  makedumpfile \
> >  "
> >
> > --
> > 2.11.0
> >
> 
> Patch   good but doesn't apply. Please rebase on origin/master and send
> again.

Rebased and re-sent as v2.

Thanks,
Jackie

> 
> best regards
> --Adrian
-- 
___
yocto mailing list
yocto@yoctoproject.org
https://lists.yoctoproject.org/listinfo/yocto

Re: [yocto] [meta-security][PATCH 2/2 v3] ecryptfs-utils: add new recipe

2017-05-23 Thread Huang, Jie (Jackie) 
Adding the v3 in the subject.

> -Original Message-
> From: yocto-boun...@yoctoproject.org [mailto:yocto-
> boun...@yoctoproject.org] On Behalf Of jackie.hu...@windriver.com
> Sent: Wednesday, May 24, 2017 10:23
> To: yocto@yoctoproject.org
> Subject: [yocto] [meta-security][PATCH 2/2] ecryptfs-utils: add new recipe
> 
> From: Jackie Huang 
> 
> eCryptfs is a stacked cryptographic filesystem that ships
> in Linux kernel versions 2.6.19 and above. This package
> provides the mount helper and supporting libraries to
> perform key management and mount functions.
> 
> Signed-off-by: Jackie Huang 
> ---
>  .../ecryptfs-utils/ecryptfs-utils_111.bb   | 63 +
>  .../files/ecryptfs-utils-CVE-2016-6224.patch   | 65 
> ++
>  .../ecryptfs-utils/files/ecryptfs.service  |  9 +++
>  3 files changed, 137 insertions(+)
>  create mode 100644 recipes-security/ecryptfs-utils/ecryptfs-utils_111.bb
>  create mode 100644 recipes-security/ecryptfs-utils/files/ecryptfs-utils-CVE-
> 2016-6224.patch
>  create mode 100644 recipes-security/ecryptfs-utils/files/ecryptfs.service
> 
> diff --git a/recipes-security/ecryptfs-utils/ecryptfs-utils_111.bb b/recipes-
> security/ecryptfs-utils/ecryptfs-utils_111.bb
> new file mode 100644
> index 000..f55b0c3
> --- /dev/null
> +++ b/recipes-security/ecryptfs-utils/ecryptfs-utils_111.bb
> @@ -0,0 +1,63 @@
> +SUMMARY = "The eCryptfs mount helper and support libraries"
> +DESCRIPTION = "eCryptfs is a stacked cryptographic filesystem \
> +that ships in Linux kernel versions 2.6.19 and above. This \
> +package provides the mount helper and supporting libraries \
> +to perform key management and mount functions."
> +HOMEPAGE = "https://launchpad.net/ecryptfs;
> +SECTION = "base"
> +
> +LICENSE = "GPL-2.0"
> +LIC_FILES_CHKSUM =
> "file://COPYING;md5=8ca43cbc842c2336e835926c2166c28b"
> +
> +DEPENDS = "keyutils libgcrypt intltool-native glib-2.0-native"
> +
> +SRC_URI = "\
> +
> https://launchpad.net/ecryptfs/trunk/${PV}/+download/${BPN}_${PV}.orig.tar.
> gz \
> +file://ecryptfs-utils-CVE-2016-6224.patch \
> +file://ecryptfs.service \
> +"
> +
> +SRC_URI[md5sum] = "83513228984f671930752c3518cac6fd"
> +SRC_URI[sha256sum] =
> "112cb3e37e81a1ecd8e39516725dec0ce55c5f3df6284e0f4cc0f118750a987f"
> +
> +inherit autotools pkgconfig systemd
> +
> +SYSTEMD_PACKAGES = "${PN}"
> +SYSTEMD_SERVICE_${PN} = "ecryptfs.service"
> +
> +EXTRA_OECONF = "\
> +--libdir=${base_libdir} \
> +--disable-pywrap \
> +--disable-nls \
> +"
> +
> +PACKAGECONFIG ??= "nss \
> +${@bb.utils.filter('DISTRO_FEATURES', 'pam', d)} \
> +"
> +PACKAGECONFIG[nss] = "--enable-nss,--disable-nss,nss,"
> +PACKAGECONFIG[openssl] = "--enable-openssl,--disable-openssl,openssl,"
> +PACKAGECONFIG[pam] = "--enable-pam,--disable-pam,libpam,"
> +
> +do_configure_prepend() {
> +export NSS_CFLAGS="-I${STAGING_INCDIR}/nspr4 -
> I${STAGING_INCDIR}/nss3"
> +export NSS_LIBS="-L${STAGING_BASELIBDIR} -lssl3 -lsmime3 -lnss3 -
> lsoftokn3 -lnssutil3"
> +export KEYUTILS_CFLAGS="-I${STAGING_INCDIR}"
> +export KEYUTILS_LIBS="-L${STAGING_LIBDIR} -lkeyutils"
> +}
> +
> +do_install_append() {
> +chmod 4755 ${D}${base_sbindir}/mount.ecryptfs_private
> +mkdir -p ${D}/${libdir}
> +mv ${D}/${base_libdir}/pkgconfig ${D}/${libdir}
> +sed -i -e 's:-I${STAGING_INCDIR}::' \
> +   -e 's:-L${STAGING_LIBDIR}::' 
> ${D}/${libdir}/pkgconfig/libecryptfs.pc
> +sed -i -e "s: ${base_sbindir}/cryptsetup: ${sbindir}/cryptsetup:"
> ${D}${bindir}/ecryptfs-setup-swap
> +if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; 
> then
> +install -D -m 0644 ${WORKDIR}/ecryptfs.service
> ${D}${systemd_system_unitdir}/ecryptfs.service
> +fi
> +}
> +
> +FILES_${PN} += "${base_libdir}/security/* ${base_libdir}/ecryptfs/*"
> +
> +RDEPENDS_${PN} += "cryptsetup"
> +RRECOMMENDS_${PN} = "gettext-runtime"
> diff --git a/recipes-security/ecryptfs-utils/files/ecryptfs-utils-CVE-2016-
> 6224.patch b/recipes-security/ecryptfs-utils/files/ecryptfs-utils-CVE-2016-
> 6224.patch
> new file mode 100644
> index 000..4252f97
> --- /dev/null
> +++ b/recipes-security/ecryptfs-utils/files/ecryptfs-utils-CVE-2016-6224.patch
> @@ -0,0 +1,65 @@
> +From 558a513ba3100ea5190de1a24cf1fed663367765 Mon Sep 17 00:00:00
> 2001
> +From: Li Zhou 
> +Date: Mon, 5 Sep 2016 10:28:08 +0800
> +Subject: [PATCH] ecryptfs-utils: CVE-2016-6224
> +
> +src/utils/ecryptfs-setup-swap: Prevent unencrypted swap partitions from
> +being automatically enabled by systemd. This bug affected GPT partitioned
> +NVMe/MMC drives and resulted in the swap partition being used without
> +encryption. It also resulted in a usability issue in that users were
> +erroneously prompted to enter a pass-phrase to unlock their swap partition
> +at boot. (LP: #1597154)
> +
> +the patch comes from:
>

Re: [yocto] [meta-security][PATCH 2/2 v2] ecryptfs-utils: add new recipe

2017-05-23 Thread Huang, Jie (Jackie) 


> -Original Message-
> From: Khem Raj [mailto:raj.k...@gmail.com]
> Sent: Tuesday, May 23, 2017 22:53
> To: Huang, Jie (Jackie)
> Cc: yocto@yoctoproject.org
> Subject: Re: [yocto] [meta-security][PATCH 2/2 v2] ecryptfs-utils: add new
> recipe
> 
> On Mon, May 22, 2017 at 10:30 PM,  <jackie.hu...@windriver.com> wrote:
> > +install -d ${D}${systemd_system_unitdir}
> > +install -m 0644 ${WORKDIR}/ecryptfs.service
> ${D}${systemd_system_unitdir}
> 
> you could squash above into install -D -m 0644
> ${WORKDIR}/ecryptfs.service
> ${D}${systemd_system_unitdir}/ecryptfs.service

Ok, I will change and send v3 for this, thanks!

Thanks,
Jackie

-- 
___
yocto mailing list
yocto@yoctoproject.org
https://lists.yoctoproject.org/listinfo/yocto

Re: [yocto] [meta-security][PATCH 2/2] ecryptfs-utils: add new recipe

2017-05-22 Thread Huang, Jie (Jackie) 
Hi Martin,

Thanks for the reference, but the one in meta-ivi is an older version and
also has the same pam issue, I will fix it with PACKAGECONFIG and
DISTRO_FEATURES check for PAM, and also add the systemd support.

Thanks,
Jackie

From: Martin Jansa [mailto:martin.ja...@gmail.com]
Sent: Friday, May 19, 2017 23:27
To: Huang, Jie (Jackie)
Cc: akuster808; yocto@yoctoproject.org
Subject: Re: [yocto] [meta-security][PATCH 2/2] ecryptfs-utils: add new recipe

How does this one relate to:
http://git.yoctoproject.org/cgit/cgit.cgi/meta-ivi/tree/meta-ivi/recipes-support-ivi/ecryptfs-utils/ecryptfs-utils_106.bb?h=master

the later has also support for systemd, not sure if it has the issue with pam 
or not.

On Fri, May 19, 2017 at 4:56 PM, Huang, Jie (Jackie) 
<jackie.hu...@windriver.com<mailto:jackie.hu...@windriver.com>> wrote:


> -Original Message-
> From: akuster808 [mailto:akuster...@gmail.com<mailto:akuster...@gmail.com>]
> Sent: Friday, May 19, 2017 22:50
> To: Huang, Jie (Jackie); yocto@yoctoproject.org<mailto:yocto@yoctoproject.org>
> Subject: Re: [yocto] [meta-security][PATCH 2/2] ecryptfs-utils: add new recipe
>
>
>
> On 05/17/2017 12:56 AM, 
> jackie.hu...@windriver.com<mailto:jackie.hu...@windriver.com> wrote:
> > From: Jackie Huang 
> > <jackie.hu...@windriver.com<mailto:jackie.hu...@windriver.com>>
> >
> > eCryptfs is a stacked cryptographic filesystem that ships
> > in Linux kernel versions 2.6.19 and above. This package
> > provides the mount helper and supporting libraries to
> > perform key management and mount functions.
> >
> > Signed-off-by: Jackie Huang 
> > <jackie.hu...@windriver.com<mailto:jackie.hu...@windriver.com>>
>
> This has the following warning:
> WARNING: libpam-1.3.0-r5 do_pam_sanity: Building libpam but 'pam' isn't
> in DISTRO_FEATURES, PAM won't work correctly
>
> I noticed this package has the ability to disable-pam so maybe
> PACKAGECONFIG with the DISTRO_FEATURES check for PAM would be
> applicable
> in this case?
>
> please investigate.

I will investigate and fix the warning.

Thanks,
Jackie

>
> everything else looks fine for inclusion to meta-security.
>
> regards,
> Armin
>
> > ---
> >   .../ecryptfs-utils/ecryptfs-utils_111.bb<http://ecryptfs-utils_111.bb>
> >| 52 +
> >   .../files/ecryptfs-utils-CVE-2016-6224.patch   | 65
> ++
> >   2 files changed, 117 insertions(+)
> >   create mode 100644 
> > recipes-security/ecryptfs-utils/ecryptfs-utils_111.bb<http://ecryptfs-utils_111.bb>
> >   create mode 100644 
> > recipes-security/ecryptfs-utils/files/ecryptfs-utils-CVE-
> 2016-6224.patch
> >
> > diff --git 
> > a/recipes-security/ecryptfs-utils/ecryptfs-utils_111.bb<http://ecryptfs-utils_111.bb>
> >  b/recipes-
> security/ecryptfs-utils/ecryptfs-utils_111.bb<http://ecryptfs-utils_111.bb>
> > new file mode 100644
> > index 000..49c2605
> > --- /dev/null
> > +++ 
> > b/recipes-security/ecryptfs-utils/ecryptfs-utils_111.bb<http://ecryptfs-utils_111.bb>
> > @@ -0,0 +1,52 @@
> > +SUMMARY = "The eCryptfs mount helper and support libraries"
> > +DESCRIPTION = "eCryptfs is a stacked cryptographic filesystem \
> > +that ships in Linux kernel versions 2.6.19 and above. This \
> > +package provides the mount helper and supporting libraries \
> > +to perform key management and mount functions."
> > +HOMEPAGE = "https://launchpad.net/ecryptfs;
> > +SECTION = "base"
> > +
> > +LICENSE = "GPL-2.0"
> > +LIC_FILES_CHKSUM =
> "file://COPYING;md5=8ca43cbc842c2336e835926c2166c28b"
> > +
> > +DEPENDS = "keyutils libgcrypt libpam nss intltool-native glib-2.0-native"
> > +
> > +inherit autotools pkgconfig
> > +
> > +SRC_URI = "\
> > +
> https://launchpad.net/ecryptfs/trunk/${PV}/+download/${BPN}_${PV}.orig.tar<https://launchpad.net/ecryptfs/trunk/$%7bPV%7d/+download/$%7bBPN%7d_$%7bPV%7d.orig.tar>.
> gz \
> > +
> > file://ecryptfs-utils-CVE-2016-6224.patch
> >  \
> > +"
> > +
> > +SRC_URI[md5sum] = "83513228984f671930752c3518cac6fd"
> > +SRC_URI[sha256sum] =
> "112cb3e37e81a1ecd8e39516725dec0ce55c5f3df6284e0f4cc0f118750a987f"
> > +
> > +PARALLEL_MAKEINST=""
> > +
> > +EXTRA_OECONF = "\
> > +--libdir=${base_libdir} \
> > +--disable-pywrap \
> > +--disable-nls \
> > +--enable-openssl=no \
> > +"
> > +
> > +

Re: [yocto] [meta-security][PATCH 2/2] ecryptfs-utils: add new recipe

2017-05-19 Thread Huang, Jie (Jackie) 


> -Original Message-
> From: akuster808 [mailto:akuster...@gmail.com]
> Sent: Friday, May 19, 2017 22:50
> To: Huang, Jie (Jackie); yocto@yoctoproject.org
> Subject: Re: [yocto] [meta-security][PATCH 2/2] ecryptfs-utils: add new recipe
> 
> 
> 
> On 05/17/2017 12:56 AM, jackie.hu...@windriver.com wrote:
> > From: Jackie Huang <jackie.hu...@windriver.com>
> >
> > eCryptfs is a stacked cryptographic filesystem that ships
> > in Linux kernel versions 2.6.19 and above. This package
> > provides the mount helper and supporting libraries to
> > perform key management and mount functions.
> >
> > Signed-off-by: Jackie Huang <jackie.hu...@windriver.com>
> 
> This has the following warning:
> WARNING: libpam-1.3.0-r5 do_pam_sanity: Building libpam but 'pam' isn't
> in DISTRO_FEATURES, PAM won't work correctly
> 
> I noticed this package has the ability to disable-pam so maybe
> PACKAGECONFIG with the DISTRO_FEATURES check for PAM would be
> applicable
> in this case?
> 
> please investigate.

I will investigate and fix the warning.

Thanks,
Jackie

> 
> everything else looks fine for inclusion to meta-security.
> 
> regards,
> Armin
> 
> > ---
> >   .../ecryptfs-utils/ecryptfs-utils_111.bb   | 52 +
> >   .../files/ecryptfs-utils-CVE-2016-6224.patch   | 65
> ++
> >   2 files changed, 117 insertions(+)
> >   create mode 100644 recipes-security/ecryptfs-utils/ecryptfs-utils_111.bb
> >   create mode 100644 
> > recipes-security/ecryptfs-utils/files/ecryptfs-utils-CVE-
> 2016-6224.patch
> >
> > diff --git a/recipes-security/ecryptfs-utils/ecryptfs-utils_111.bb 
> > b/recipes-
> security/ecryptfs-utils/ecryptfs-utils_111.bb
> > new file mode 100644
> > index 000..49c2605
> > --- /dev/null
> > +++ b/recipes-security/ecryptfs-utils/ecryptfs-utils_111.bb
> > @@ -0,0 +1,52 @@
> > +SUMMARY = "The eCryptfs mount helper and support libraries"
> > +DESCRIPTION = "eCryptfs is a stacked cryptographic filesystem \
> > +that ships in Linux kernel versions 2.6.19 and above. This \
> > +package provides the mount helper and supporting libraries \
> > +to perform key management and mount functions."
> > +HOMEPAGE = "https://launchpad.net/ecryptfs;
> > +SECTION = "base"
> > +
> > +LICENSE = "GPL-2.0"
> > +LIC_FILES_CHKSUM =
> "file://COPYING;md5=8ca43cbc842c2336e835926c2166c28b"
> > +
> > +DEPENDS = "keyutils libgcrypt libpam nss intltool-native glib-2.0-native"
> > +
> > +inherit autotools pkgconfig
> > +
> > +SRC_URI = "\
> > +
> https://launchpad.net/ecryptfs/trunk/${PV}/+download/${BPN}_${PV}.orig.tar.
> gz \
> > +file://ecryptfs-utils-CVE-2016-6224.patch \
> > +"
> > +
> > +SRC_URI[md5sum] = "83513228984f671930752c3518cac6fd"
> > +SRC_URI[sha256sum] =
> "112cb3e37e81a1ecd8e39516725dec0ce55c5f3df6284e0f4cc0f118750a987f"
> > +
> > +PARALLEL_MAKEINST=""
> > +
> > +EXTRA_OECONF = "\
> > +--libdir=${base_libdir} \
> > +--disable-pywrap \
> > +--disable-nls \
> > +--enable-openssl=no \
> > +"
> > +
> > +do_configure_prepend() {
> > +export NSS_CFLAGS="-I${STAGING_INCDIR}/nspr4 -
> I${STAGING_INCDIR}/nss3"
> > +export NSS_LIBS="-L${STAGING_BASELIBDIR} -lssl3 -lsmime3 -lnss3 -
> lsoftokn3 -lnssutil3"
> > +export KEYUTILS_CFLAGS="-I${STAGING_INCDIR}"
> > +export KEYUTILS_LIBS="-L${STAGING_LIBDIR} -lkeyutils"
> > +}
> > +
> > +do_install_append() {
> > +chmod 4755 ${D}${base_sbindir}/mount.ecryptfs_private
> > +mkdir -p ${D}/${libdir}
> > +mv ${D}/${base_libdir}/pkgconfig ${D}/${libdir}
> > +sed -i -e 's:-I${STAGING_INCDIR}::' \
> > +   -e 's:-L${STAGING_LIBDIR}::' 
> > ${D}/${libdir}/pkgconfig/libecryptfs.pc
> > +sed -i -e "s: ${base_sbindir}/cryptsetup: ${sbindir}/cryptsetup:"
> ${D}${bindir}/ecryptfs-setup-swap
> > +}
> > +
> > +FILES_${PN} += "${base_libdir}/security/* ${base_libdir}/ecryptfs/*"
> > +
> > +RDEPENDS_${PN} += "cryptsetup"
> > +RRECOMMENDS_${PN} = "gettext-runtime"
> > diff --git a/recipes-security/ecryptfs-utils/files/ecryptfs-utils-CVE-2016-
> 6224.patch b/recipes-security/ecryptfs-utils/files/ecryptfs-utils-CVE-2016-
> 6224.patch
> > new file mode 100644
> > index 000..4252f97
> >

Re: [yocto] [meta-selinux][PATCH] systemd: no need to inherit enable-selinux

2017-05-16 Thread Huang, Jie (Jackie) 


> -Original Message-
> From: Joe MacDonald [mailto:joe_macdon...@mentor.com]
> Sent: Tuesday, May 16, 2017 19:55
> To: Huang, Jie (Jackie)
> Cc: yocto@yoctoproject.org
> Subject: Re: [yocto] [meta-selinux][PATCH] systemd: no need to inherit enable-
> selinux
> 
> [RE: [yocto] [meta-selinux][PATCH] systemd: no need to inherit enable-selinux]
> On 17.05.08 (Mon 01:40) Huang, Jie (Jackie) wrote:
> 
> >
> >
> > > -Original Message-
> > > From: Joe MacDonald [mailto:joe_macdon...@mentor.com]
> > > Sent: Tuesday, May 02, 2017 21:14
> > > To: Huang, Jie (Jackie)
> > > Cc: yocto@yoctoproject.org
> > > Subject: Re: [yocto] [meta-selinux][PATCH] systemd: no need to inherit
> enable-
> > > selinux
> > >
> > > [[yocto] [meta-selinux][PATCH] systemd: no need to inherit enable-selinux]
> On
> > > 17.02.22 (Wed 14:44) jackie.hu...@windriver.com wrote:
> > >
> > > > From: Jackie Huang <jackie.hu...@windriver.com>
> > > >
> > > > The selinux PACKAGECONFIG is properly handled in
> > > > the recipe in oe-core, no need to inherit the
> > > > enable-selinux bbclass.
> > >
> > > That might be true, but other than belt-and-suspenders, what's the
> > > harm in this being in the recipe?  I don't necessarily think it's an
> > > invalid change but my quick count shows ~44 instances of 'inherit
> > > enable-selinux' and 'inherit with-selinux' in meta-selinux, why's this
> > > one significant?
> >
> > That's because I have a patch to change the PACKAGECONFIG for selinux
> > in oe-core to fix a dependency issue:
> >
> > -PACKAGECONFIG[selinux] = "--enable-selinux,--disable-selinux,libselinux"
> > +PACKAGECONFIG[selinux] = "--enable-selinux,--disable-
> selinux,libselinux,initscripts-sushell"
> >
> > But it would be overrode by the one in enable-selinux.bbclass:
> > $ grep PACKAGECONFIG enable-selinux.bbclass
> > PACKAGECONFIG_append = " ${@target_selinux(d)}"
> > PACKAGECONFIG[selinux] = "--enable-selinux,--disable-selinux,libselinux,"
> >
> > So I need to remove the inherit here in meta-selinux.
> 
> Sorry, this fell between the cracks.
> 
> So, let me make sure I understand what you're saying.  This oe-core
> commit:
> 
> commit 1881c5e0c426a193630e5eed5b629b69ff3741d5
> Author: Kai Kang <kai.k...@windriver.com>
> Date:   Wed Jul 8 14:26:01 2015 +0800
> 
> systemd: add PACKAGECONFIG selinux
> 
> Add PACKAGECONFIG 'selinux' for systemd. debug-shell.service starts
> different shell according whether selinux is enabled.
> 
> (From OE-Core rev: 3d1aa27191fe4c21428eaf4ae036acb1496b7df7)
> 
> Signed-off-by: Kai Kang <kai.k...@windriver.com>
> Signed-off-by: Richard Purdie <richard.pur...@linuxfoundation.org>
> 
> conflicts with the --enable/--disable settings in meta-selinux and  you
> want to remove the setting in meta-selinux?  Again, I don't specifically
> object to this, but I'd like to understand the why of it.  Is there a
> valid scenario to include meta-selinux in your project but have selinux
> disabled?  If so, I would think the settings in meta-selinux should

The conflicts is not the --enable/--disable settings, it's the dependency:

oe-core: PACKAGECONFIG[selinux] = 
"--enable-selinux,--disable-selinux,libselinux,initscripts-sushell"
meta-selinux: PACKAGECONFIG[selinux] = 
"--enable-selinux,--disable-selinux,libselinux,"

There is an extra runtime dependency on initscripts-sushell (which is reauired 
by debug-shell.service),
so if inheriting the enable-selinux in meta-selinux, the selinux will still be 
enabled, but the dependency
on initscripts-sushell will be lost.

> still take precedence.  Otherwise, I'm confused why the other 40-ish

Others don't have the extra dependency, the setting in oe-core and
meta-selinux are the same(at least for now), so others aren't covered.

Thanks,
Jackie

> cases aren't also covered.  I haven't investigated, but are all the
> others in non-oe-core layers, maybe?
> 
> Thanks,
> -J.
> 
> >
> > Thanks,
> > Jackie
> >
> > >
> > > -J.
> > >
> > > >
> > > > Signed-off-by: Jackie Huang <jackie.hu...@windriver.com>
> > > > ---
> > > >  recipes-core/systemd/systemd_%.bbappend | 1 -
> > > >  1 file changed, 1 deletion(-)
> > > >
> > > > diff --git a/recipes-core/systemd/systemd_%.bbappend b/recipes-
> > > core/systemd/systemd_%.bbappend
> > > > index 8d9029b..f1bdaf8 100644
> > > > --- a/recipes-core/systemd/systemd_%.bbappend
> > > > +++ b/recipes-core/systemd/systemd_%.bbappend
> > > > @@ -1,2 +1 @@
> > > >  inherit enable-audit
> > > > -inherit enable-selinux
> > > > --
> > > > 2.8.3
> > > >
> > > --
> > > -Joe MacDonald.
> > > :wq
> 
> --
> -Joe MacDonald.
> :wq
-- 
___
yocto mailing list
yocto@yoctoproject.org
https://lists.yoctoproject.org/listinfo/yocto

Re: [yocto] [meta-selinux][PATCH] systemd: no need to inherit enable-selinux

2017-05-07 Thread Huang, Jie (Jackie) 


> -Original Message-
> From: Joe MacDonald [mailto:joe_macdon...@mentor.com]
> Sent: Tuesday, May 02, 2017 21:14
> To: Huang, Jie (Jackie)
> Cc: yocto@yoctoproject.org
> Subject: Re: [yocto] [meta-selinux][PATCH] systemd: no need to inherit enable-
> selinux
> 
> [[yocto] [meta-selinux][PATCH] systemd: no need to inherit enable-selinux] On
> 17.02.22 (Wed 14:44) jackie.hu...@windriver.com wrote:
> 
> > From: Jackie Huang <jackie.hu...@windriver.com>
> >
> > The selinux PACKAGECONFIG is properly handled in
> > the recipe in oe-core, no need to inherit the
> > enable-selinux bbclass.
> 
> That might be true, but other than belt-and-suspenders, what's the
> harm in this being in the recipe?  I don't necessarily think it's an
> invalid change but my quick count shows ~44 instances of 'inherit
> enable-selinux' and 'inherit with-selinux' in meta-selinux, why's this
> one significant?

That's because I have a patch to change the PACKAGECONFIG for selinux
in oe-core to fix a dependency issue:

-PACKAGECONFIG[selinux] = "--enable-selinux,--disable-selinux,libselinux"
+PACKAGECONFIG[selinux] = 
"--enable-selinux,--disable-selinux,libselinux,initscripts-sushell"

But it would be overrode by the one in enable-selinux.bbclass:
$ grep PACKAGECONFIG enable-selinux.bbclass
PACKAGECONFIG_append = " ${@target_selinux(d)}"
PACKAGECONFIG[selinux] = "--enable-selinux,--disable-selinux,libselinux,"

So I need to remove the inherit here in meta-selinux.

Thanks,
Jackie

> 
> -J.
> 
> >
> > Signed-off-by: Jackie Huang <jackie.hu...@windriver.com>
> > ---
> >  recipes-core/systemd/systemd_%.bbappend | 1 -
> >  1 file changed, 1 deletion(-)
> >
> > diff --git a/recipes-core/systemd/systemd_%.bbappend b/recipes-
> core/systemd/systemd_%.bbappend
> > index 8d9029b..f1bdaf8 100644
> > --- a/recipes-core/systemd/systemd_%.bbappend
> > +++ b/recipes-core/systemd/systemd_%.bbappend
> > @@ -1,2 +1 @@
> >  inherit enable-audit
> > -inherit enable-selinux
> > --
> > 2.8.3
> >
> --
> -Joe MacDonald.
> :wq
-- 
___
yocto mailing list
yocto@yoctoproject.org
https://lists.yoctoproject.org/listinfo/yocto

Re: [yocto] [meta-selinux][PATCHv2 6/8] e2fsprogs: Copy xattr block from source file.

2015-08-23 Thread Huang, Jie (Jackie) 


 -Original Message-
 From: Philip Tricca [mailto:fl...@twobit.us]
 Sent: Monday, August 24, 2015 6:25 AM
 To: Huang, Jie (Jackie)
 Cc: yocto@yoctoproject.org
 Subject: Re: [yocto] [meta-selinux][PATCHv2 6/8] e2fsprogs: Copy xattr block 
 from source file.
 
 Hello Jackie,
 
 On 08/20/2015 11:25 PM, Huang, Jie (Jackie) wrote:
  -Original Message-
  From: yocto-boun...@yoctoproject.org
  [mailto:yocto-boun...@yoctoproject.org] On Behalf Of Philip Tricca
  Sent: Thursday, June 18, 2015 6:31 AM
  To: yocto@yoctoproject.org
  Subject: [yocto] [meta-selinux][PATCHv2 6/8] e2fsprogs: Copy xattr block 
  from source file.
 
  Signed-off-by: Philip Tricca fl...@twobit.us
  ---
   .../e2fsprogs/misc-xattr-create-xattr-block.patch  | 341 
  +
   .../e2fsprogs/e2fsprogs_1.42.9.bbappend|   1 +
   2 files changed, 342 insertions(+)
   create mode 100644
  recipes-devtools/e2fsprogs/e2fsprogs/misc-xattr-create-xattr-block.pa
  tch
 
  diff --git
  a/recipes-devtools/e2fsprogs/e2fsprogs/misc-xattr-create-xattr-block.
  patch b/recipes-
  devtools/e2fsprogs/e2fsprogs/misc-xattr-create-xattr-block.patch
  new file mode 100644
  index 000..5955b44
  --- /dev/null
  +++ b/recipes-devtools/e2fsprogs/e2fsprogs/misc-xattr-create-xattr-bl
  +++ ock
  +++ .patch
  @@ -0,0 +1,341 @@
  +To build the xattr disk block we process the output from listxattr
  +and lgetxattr from the source file system object. This data is
  +formated in a disk block according to the format specified in the kernel 
  ext2 file system driver.
  +See the comment block at the beginning of fs/ext2/xattr.c for details.
  +
  +Currently we only process attributes with the 'security.' prefix as
  +our use case is SELinux labels and IMA. Additional prefixes can
  +likely be supported with minimal effort but none have been tested.
  +
  +Once the xattr block has been created it is written to disk. The
  +xattr block is associated with the appropriate file system object
  +through the i_file_acl inode member and the inode is updated on disk.
  +
  +Signed-off-by: Philip Tricca fl...@twobit.us
  +
  +Index: e2fsprogs-1.42.9/misc/xattr.c
  +===
  +--- e2fsprogs-1.42.9.orig/misc/xattr.c
   e2fsprogs-1.42.9/misc/xattr.c
  +@@ -1,6 +1,23 @@
  + #include xattr.h
  +
  ++#include attr/xattr.h
  ++#include ctype.h
  ++#include errno.h
  ++#include ext2fs/ext2_ext_attr.h
  ++#include linux/xattr.h
  ++#include stdint.h
  + #include stdio.h
  ++#include stdlib.h
  ++#include string.h
  ++#include sys/stat.h
  ++#include sys/types.h
  ++#include unistd.h
  ++
  ++#define MIN(X, Y) (((X)  (Y)) ? (X) : (Y)) #define HEADER(ptr)
  ++((struct ext2_ext_attr_header *)(ptr)) #define ENTRY(ptr)  ((struct
  ++ext2_ext_attr_entry *)(ptr)) #define FIRST_ENTRY(ptr)
  ++ENTRY(HEADER(ptr) + 1) #define VALUE(hdr, ent) (((char*)hdr) +
  ++(ent-e_value_offs))
  +
  + #ifdef XATTR_DEBUG
  + #define XATTR_STDERR(fmt, args...) fprintf (stderr, fmt, ##args) @@
  +-8,6 +25,28 @@  #define XATTR_STDERR(fmt, args...) do {} while (0)
  +#endif
  +
  ++/* structure for mapping xattr name prefix data */ typedef struct
  ++xattr_prefix {
  ++ int index;
  ++ char *name;
  ++ size_t length;
  ++} xattr_prefix_t;
  ++
  ++xattr_prefix_t xattr_prefixes [] = {
  ++/* Only interested in security prefix. Can support others though.
  ++ {
  ++ .index = EXT2_XATTR_INDEX_USER,
  ++ .name = XATTR_USER_PREFIX,
  ++ .length = XATTR_USER_PREFIX_LEN,
  ++ },
  ++*/
  ++ {
  ++ .index = EXT2_XATTR_INDEX_SECURITY,
  ++ .name = XATTR_SECURITY_PREFIX,
  ++ .length = XATTR_SECURITY_PREFIX_LEN,
 
  Hi Philip,
 
  This cause build errors on some host OS when building e2fsprogs-native:
 
  | 
  /build/yp/y_x64_150821/tmp/work/x86_64-linux/e2fsprogs-native/1.42.9-r0/e2fsprogs-
 1.42.9/debugfs/../misc/xattr.c:62:11: error: 'XATTR_SECURITY_PREFIX' 
 undeclared here (not in a
 function)
  |.name = XATTR_SECURITY_PREFIX,
  |^
  | 
  /build/yp/y_x64_150821/tmp/work/x86_64-linux/e2fsprogs-native/1.42.9-r0/e2fsprogs-
 1.42.9/debugfs/../misc/xattr.c:63:13: error: 'XATTR_SECURITY_PREFIX_LEN' 
 undeclared here (not in a
 function)
  |.length = XATTR_SECURITY_PREFIX_LEN,
  |  ^
 
  I did some investigate and found that your patch needs the header
  linux/xattr.h, which is provided by linux-libc-headers, but for
  -native package, there is no linux-libc-headers-native, so it search
  the one from host OS, but the problem is, there is no XATTR_SECURITY_PREFIX 
  definition in the
 linux/xattr.h on some host OS like: SUSE 11.x, centos 6, etc.
 
  I'm not sure if your patch is really needed by the e2fsprogs-native,
  if not, I think we can make this patch only apply for target package.
  If yes, you may need to make it avoid the dependency on host's header or 
  you may have a better
 idea about this.
 
 I took a look at this yesterday

Re: [yocto] [meta-selinux][PATCHv2 6/8] e2fsprogs: Copy xattr block from source file.

2015-08-21 Thread Huang, Jie (Jackie) 


 -Original Message-
 From: yocto-boun...@yoctoproject.org [mailto:yocto-boun...@yoctoproject.org] 
 On Behalf Of Philip
 Tricca
 Sent: Thursday, June 18, 2015 6:31 AM
 To: yocto@yoctoproject.org
 Subject: [yocto] [meta-selinux][PATCHv2 6/8] e2fsprogs: Copy xattr block from 
 source file.
 
 Signed-off-by: Philip Tricca fl...@twobit.us
 ---
  .../e2fsprogs/misc-xattr-create-xattr-block.patch  | 341 
 +
  .../e2fsprogs/e2fsprogs_1.42.9.bbappend|   1 +
  2 files changed, 342 insertions(+)
  create mode 100644 
 recipes-devtools/e2fsprogs/e2fsprogs/misc-xattr-create-xattr-block.patch
 
 diff --git 
 a/recipes-devtools/e2fsprogs/e2fsprogs/misc-xattr-create-xattr-block.patch 
 b/recipes-
 devtools/e2fsprogs/e2fsprogs/misc-xattr-create-xattr-block.patch
 new file mode 100644
 index 000..5955b44
 --- /dev/null
 +++ b/recipes-devtools/e2fsprogs/e2fsprogs/misc-xattr-create-xattr-block
 +++ .patch
 @@ -0,0 +1,341 @@
 +To build the xattr disk block we process the output from listxattr and
 +lgetxattr from the source file system object. This data is formated in
 +a disk block according to the format specified in the kernel ext2 file 
 system driver.
 +See the comment block at the beginning of fs/ext2/xattr.c for details.
 +
 +Currently we only process attributes with the 'security.' prefix as our
 +use case is SELinux labels and IMA. Additional prefixes can likely be
 +supported with minimal effort but none have been tested.
 +
 +Once the xattr block has been created it is written to disk. The xattr
 +block is associated with the appropriate file system object through the
 +i_file_acl inode member and the inode is updated on disk.
 +
 +Signed-off-by: Philip Tricca fl...@twobit.us
 +
 +Index: e2fsprogs-1.42.9/misc/xattr.c
 +===
 +--- e2fsprogs-1.42.9.orig/misc/xattr.c
  e2fsprogs-1.42.9/misc/xattr.c
 +@@ -1,6 +1,23 @@
 + #include xattr.h
 +
 ++#include attr/xattr.h
 ++#include ctype.h
 ++#include errno.h
 ++#include ext2fs/ext2_ext_attr.h
 ++#include linux/xattr.h
 ++#include stdint.h
 + #include stdio.h
 ++#include stdlib.h
 ++#include string.h
 ++#include sys/stat.h
 ++#include sys/types.h
 ++#include unistd.h
 ++
 ++#define MIN(X, Y) (((X)  (Y)) ? (X) : (Y)) #define HEADER(ptr)
 ++((struct ext2_ext_attr_header *)(ptr)) #define ENTRY(ptr)  ((struct
 ++ext2_ext_attr_entry *)(ptr)) #define FIRST_ENTRY(ptr)
 ++ENTRY(HEADER(ptr) + 1) #define VALUE(hdr, ent) (((char*)hdr) +
 ++(ent-e_value_offs))
 +
 + #ifdef XATTR_DEBUG
 + #define XATTR_STDERR(fmt, args...) fprintf (stderr, fmt, ##args) @@
 +-8,6 +25,28 @@  #define XATTR_STDERR(fmt, args...) do {} while (0)
 +#endif
 +
 ++/* structure for mapping xattr name prefix data */ typedef struct
 ++xattr_prefix {
 ++int index;
 ++char *name;
 ++size_t length;
 ++} xattr_prefix_t;
 ++
 ++xattr_prefix_t xattr_prefixes [] = {
 ++/* Only interested in security prefix. Can support others though.
 ++{
 ++.index = EXT2_XATTR_INDEX_USER,
 ++.name = XATTR_USER_PREFIX,
 ++.length = XATTR_USER_PREFIX_LEN,
 ++},
 ++*/
 ++{
 ++.index = EXT2_XATTR_INDEX_SECURITY,
 ++.name = XATTR_SECURITY_PREFIX,
 ++.length = XATTR_SECURITY_PREFIX_LEN,

Hi Philip,

This cause build errors on some host OS when building e2fsprogs-native:

| 
/build/yp/y_x64_150821/tmp/work/x86_64-linux/e2fsprogs-native/1.42.9-r0/e2fsprogs-1.42.9/debugfs/../misc/xattr.c:62:11:
 error: 'XATTR_SECURITY_PREFIX' undeclared here (not in a function)
|.name = XATTR_SECURITY_PREFIX,
|^
| 
/build/yp/y_x64_150821/tmp/work/x86_64-linux/e2fsprogs-native/1.42.9-r0/e2fsprogs-1.42.9/debugfs/../misc/xattr.c:63:13:
 error: 'XATTR_SECURITY_PREFIX_LEN' undeclared here (not in a function)
|.length = XATTR_SECURITY_PREFIX_LEN,
|  ^

I did some investigate and found that your patch needs the header linux/xattr.h,
which is provided by linux-libc-headers, but for -native package, there is no 
linux-libc-headers-native,
so it search the one from host OS, but the problem is, there is no 
XATTR_SECURITY_PREFIX definition
in the linux/xattr.h on some host OS like: SUSE 11.x, centos 6, etc.

I'm not sure if your patch is really needed by the e2fsprogs-native, if not, I 
think we can make this
patch only apply for target package. If yes, you may need to make it avoid the 
dependency on host's
header or you may have a better idea about this.

Thanks,
Jackie

 ++},
 ++{ 0 },
 ++};
 +
 + /* Free remaining resources after all files have been processed. */
 +void @@ -16,6 +55,211 @@ xattr_cleanup ()
 + XATTR_STDERR (Cleaning up resources from xattrs.\n);  }
 +
 ++/* Get value for named xattr from file at path.
 ++ * Returns pointer to allocated block for value and length in length param.
 ++ * If no value, return NULL pointer and length of 0.
 ++ * On error return NULL pointer and length set to -1.
 ++ */
 ++static

Re: [yocto] [meta-realtime][PATCH] meta-realtime: Add LAYERVERSION and LAYERDEPENDS

2014-12-02 Thread Huang, Jie (Jackie) 


 -Original Message-
 From: Bruce Ashfield [mailto:bruce.ashfi...@windriver.com]
 Sent: Wednesday, December 03, 2014 12:17 PM
 To: Huang, Jie (Jackie); yocto@yoctoproject.org
 Subject: Re: [yocto] [meta-realtime][PATCH] meta-realtime: Add LAYERVERSION 
 and LAYERDEPENDS
 
 On 2014-12-02, 9:18 PM, jackie.hu...@windriver.com wrote:
  From: Jackie Huang jackie.hu...@windriver.com
 
 I happened to notice this and have grabbed the change. But make sure
 your workflow adds maintainers to the cc on patches, otherwise you
 can't blame anyone if they are missed/dropped.

Sorry, I will add maintainers next time.

Thanks,
Jackie

 
 Bruce
 
 
  According to README, it depends on oe-core layer
 
  Signed-off-by: Jackie Huang jackie.hu...@windriver.com
  ---
conf/layer.conf |6 ++
1 files changed, 6 insertions(+), 0 deletions(-)
 
  diff --git a/conf/layer.conf b/conf/layer.conf
  index 5a5c460..473158e 100644
  --- a/conf/layer.conf
  +++ b/conf/layer.conf
  @@ -11,3 +11,9 @@ BBFILE_PRIORITY_realtime = 5
 
# Additional license directories.
# LICENSE_PATH += ${LAYERDIR}/custom-licenses
  +
  +# This should only be incremented on significant changes that will
  +# cause compatibility issues with other layers
  +LAYERVERSION_realtime = 1
  +
  +LAYERDEPENDS_realtime = core
 

-- 
___
yocto mailing list
yocto@yoctoproject.org
https://lists.yoctoproject.org/listinfo/yocto