[OE-core] [PATCH v3] devtool/copy_buildsystem: adds meta-skeleton layer in the eSDK installation.

From: Juan M Cruz Alcaraz The eSDK installation requires the meta-skeleton layer. The build system might use the meta-skeleton recipes as layout to create custom recipes. An example is the recipetool script that uses the meta-skeleton kernel recipe when creating a custom kernel recipe. [YOCTO #1

Re: [OE-core] [PATCH v3 00/11] Reproducible binaries

Yes, the warning is legit. because the kernel sources are not obtained the usual way via do_unpack (that's where SOURCE_DATE_EPOCH is being determined). This has been addressed in kernel.bbclass, kernel_do_compile() . From: Martin Jansa [martin.ja...@gmail.com] S

Re: [OE-core] [PATCH v3 00/11] Reproducible binaries

Thanks! FWIW: I've refreshed the patches from ML and still see: WARNING: linux-yocto-4.10.17+gitAUTOINC+e92bd55409_6648a34e00-r0 do_unpack: Unable to determine src_date_epoch! path:/OE/build/oe-core/tmp-glibc/work-shared/qemux86/kernel-source On Fri, Aug 18, 2017 at 8:27 PM, Bystricky, Juro wr

Re: [OE-core] [PATCH 1/1] shadow: fix CVE-2017-12424

On 2017-08-16 07:34 AM, Jussi Kukkonen wrote: On 16 August 2017 at 13:28, Chen Qi > wrote: Backport a patch to fix CVE-2017-12424. In shadow before 4.5, the newusers tool could be made to manipulate internal data structures in ways unintended by the aut

[OE-core] [PATCHv3] openssl10: rename back to openssl and make it the default via PREFERRED_VERSION

openssl 1.1 broke 3rd party layers a lot more than was expected; let's flip the switch at the start of next development cycle. Add a PROVIDES = "openssl10" to openssl 1.0 recipe; any dependency that is not compatible with 1.1 should use that in its DEPENDS, as the 1.0 recipe will later be renamed

[OE-core] [PATCHv2] openssl10: rename back to openssl and make it the default via PREFERRED_VERSION

openssl 1.1 broke 3rd party layers a lot more than was expected; let's flip the switch at the start of next development cycle. Add a PROVIDES = "openssl10" to openssl 1.0 recipe; any dependency that is not compatible with 1.1 should use that in its DEPENDS, as the 1.0 recipe will later be renamed

[OE-core] [PATCH] prelink: Change the behavior to avoid checking USER_CLASSES

The behavior before this change was to check USER_CLASSES and adjust the install script to return either exit 0 (don't do anything) or exit 1 (run on first boot). This enabled a user to include the prelink package without enablign the image-prelink bbclass and get a first boot prelink. Checking U

[OE-core] State of bitbake world, Failed tasks 2017-08-17

Another build with openssl-1.1. Next build will use openssl-1.0 again. http://www.openembedded.org/wiki/Bitbake_World_Status == Number of issues - stats == {| class='wikitable' !|Date !!colspan='3'|Failed tasks !!|Signatures !!colspan='14'|QA !!

Re: [OE-core] openssl10 unusable for many components

On 8/18/17 1:41 PM, Alexander Kanavin wrote: > On 08/18/2017 08:56 PM, Mark Hatle wrote: >>> Even with that patch to rename openssl10 back to openssl we still need to >>> solve >>> the openssl-native which wasn't reverted back to 1.0. >>> >>> Upstream nodejs isn't going to be openssl-1.1 for a bit

Re: [OE-core] [PATCH] webkitgtk: Add a recommends on shared-mime-info.

On 18/08/17 08:38, Jussi Kukkonen wrote: > There's also https://bugzilla.yoctoproject.org/show_bug.cgi?id=11792 about > whether glib should bring in shared-mime-info so GIO file sniffing wouldn't > be broken (the database is 3.6MB which is not a big number in a webkit > context but can be for other

Re: [OE-core] openssl10 unusable for many components

I don't know why they care about it, but yes it will take long time: https://www.openssl.org/blog/blog/2017/08/17/fips/ On Fri, Aug 18, 2017 at 8:41 PM, Alexander Kanavin < alexander.kana...@linux.intel.com> wrote: > On 08/18/2017 08:56 PM, Mark Hatle wrote: > >> Even with that patch to rename op

Re: [OE-core] openssl10 unusable for many components

On 08/18/2017 08:56 PM, Mark Hatle wrote: Even with that patch to rename openssl10 back to openssl we still need to solve the openssl-native which wasn't reverted back to 1.0. Upstream nodejs isn't going to be openssl-1.1 for a bit longer as explained: https://github.com/nodejs/node/pull/14761

Re: [OE-core] openssl10 unusable for many components

On 08/18/2017 08:41 PM, Martin Jansa wrote: openssl 1.1 goes out of upstream support on 2018-08-31 _more than a year before_ 1.0.2 support, see: https://www.openssl.org/policies/releasestrat.html Version 1.1.0 will be supported until 2018-08-31. Version 1.0.2 will be supported until 2019-12-31 (

Re: [OE-core] [RFC] recipe_links.bbclass: introduction

On Friday, August 18, 2017 10:58:30 AM EDT Andre McCurdy wrote: > On Fri, Aug 18, 2017 at 8:44 AM, Mark Asselstine > > wrote: > > This is a new class which can be used (for example via USER_CLASSES in > > local.conf) to make your build more development friendly. When > > included this class will

Re: [OE-core] [PATCH v3 00/11] Reproducible binaries

I will resend the remaining patches, today & tomorrow. Obviously there are also some other changes, but the error you mention should be fixed. I will rebase them on the current master as of today (0bd2dd08e3daf284a6bb7757651af8d40393aec2) From: Martin Jansa [mar

Re: [OE-core] openssl10 unusable for many components

On 08/18/2017 08:29 PM, Martin Jansa wrote: Even with that patch to rename openssl10 back to openssl we still need to solve the openssl-native which wasn't reverted back to 1.0. That was a simple oversight, I forgot to set PREFERRED_VERSION for native and nativesdk variants. Upstream nodejs

Re: [OE-core] openssl10 unusable for many components

On 08/18/2017 05:41 PM, Khem Raj wrote: FWIW, nodejs from meta-oe does build just fine with openssl10 dependency. no it doesnt try building nodejs-native. Just tried. nodejs-native compiled and installed perfectly against openssl10-native. Alex --

Re: [OE-core] [PATCH v3 00/11] Reproducible binaries

I've seen that some of these patches were already merged to master. Can you please resend remaining patches for oe-core? I'm testing some slightly older version of your patches and I see couple recipes failing e.g. like this one: http://errors.yoctoproject.org/Errors/Details/151939/ On Wed, Aug 9

Re: [OE-core] [RFC] recipe_links.bbclass: introduction

On 8/18/17 12:58 PM, Andre McCurdy wrote: > On Fri, Aug 18, 2017 at 8:44 AM, Mark Asselstine > wrote: >> This is a new class which can be used (for example via USER_CLASSES in >> local.conf) to make your build more development friendly. When >> included this class will create symlinks to the vario

Re: [OE-core] [RFC] recipe_links.bbclass: introduction

On Fri, Aug 18, 2017 at 8:44 AM, Mark Asselstine wrote: > This is a new class which can be used (for example via USER_CLASSES in > local.conf) to make your build more development friendly. When > included this class will create symlinks to the various bb and > bbappend files in WORKDIR. > > Normal

Re: [OE-core] openssl10 unusable for many components

On 8/18/17 12:29 PM, Martin Jansa wrote: > Even with that patch to rename openssl10 back to openssl we still need to > solve > the openssl-native which wasn't reverted back to 1.0. > > Upstream nodejs isn't going to be openssl-1.1 for a bit longer as explained: > https://github.com/nodejs/node/pu

[OE-core] [oe-core][PATCH 1/1] ruby: fix CVE-2017-922{6-9}

CVE-2017-9226 : check too big code point value for single byte CVE-2017-9227 : access to invalid address by reg->dmin value CVE-2017-9228 : invalid state(CCS_VALUE) in parse_char_class() CVE-2017-9229 : access to invalid address by reg->dmax value Signed-off-by: Joe Slater --- .../ruby/ruby/ruby

Re: [OE-core] openssl10 unusable for many components

On Thu, Aug 17, 2017 at 02:54:37PM +0300, Alexander Kanavin wrote: > On 08/17/2017 02:46 PM, Martin Jansa wrote: > > I meant "real-world" as builds for any products on the market (which are > > likely using one of the failing recipes) - e.g. in LGE we have many more > > failures over all internal

Re: [OE-core] openssl10 unusable for many components

Even with that patch to rename openssl10 back to openssl we still need to solve the openssl-native which wasn't reverted back to 1.0. Upstream nodejs isn't going to be openssl-1.1 for a bit longer as explained: https://github.com/nodejs/node/pull/14761 https://github.com/nodejs/node/pull/11828 so

Re: [OE-core] [PATCH] packagegroup-python3: add packagegroup

Please disregard this patch. The python3 recipe provides python-modules, which includes all of the listed packages, making a new packagegroup unnecessary. On 08/15/2017 04:05 PM, Jose Lamego wrote: > Many of the most usual python3 modules are missing when > trying to import them to python3 in ima

Re: [OE-core] bussybox: updating to new version

On Fri, 2017-08-18 at 12:16 +0200, Andrej Valek wrote: > Hello everyone, > > I would like to ask you a question about busybox upgrading. > > Is there any reason, why we are still using the version 1.24.1? > I think that, the latest version 1.27.2 has a lot of fixes and it less > vulnerable then t

Re: [OE-core] bussybox: updating to new version

On Fri, Aug 18, 2017 at 3:16 AM, Andrej Valek wrote: > Hello everyone, > > I would like to ask you a question about busybox upgrading. > > Is there any reason, why we are still using the version 1.24.1? > I think that, the latest version 1.27.2 has a lot of fixes and it less > vulnerable then the

[OE-core] [PATCH V2] db: Add --tag parameter to libtool invocation

Fix do_configure to be able to regenerate configure files Use cross libtool as installed by OE, as done in normal autotooled recipes These changes help in invoking the libtool with proper tags for C and C++ compiler and linker invocation and not use same tag across all different invocations Fixe

Re: [OE-core] [PATCH] ca-certificates: prevent executing update-ca-certificates from host system

On 2017-08-18 06:05 AM, Andrej Valek wrote: OK thank You, so please merge it into these branches. Add Armin, who maintains those branches: https://wiki.yoctoproject.org/wiki/Releases Is Krogoth still maintained? It's listed at Stable in the link above. ../Randy Regards, Andrej On 08/1

[OE-core] [RFC] recipe_links.bbclass: introduction

This is a new class which can be used (for example via USER_CLASSES in local.conf) to make your build more development friendly. When included this class will create symlinks to the various bb and bbappend files in WORKDIR. Normally when you are debugging or extending a package's recipe files a de

Re: [OE-core] [PATCH] db: Add --tag parameter to libtool invocation

On Fri, 2017-08-18 at 07:29 -0700, Khem Raj wrote: > On Fri, Aug 18, 2017 at 2:52 AM, Richard Purdie > wrote: > > > > On Tue, 2017-08-15 at 20:33 -0700, Khem Raj wrote: > > > > > > Fixes errors like > > > libtool: compile: unable to infer tagged configuration > > > libtool: compile: specify a ta

Re: [OE-core] openssl10 unusable for many components

On Fri, Aug 18, 2017 at 3:53 AM, Alexander Kanavin wrote: > On 08/18/2017 08:56 AM, Khem Raj wrote: > >> I was trying nodejs and it seems its also broken by this openssl >> upgrade. Meta-oe alone has amost 50 recipes that are broken. there are >> hundreds of other layers. >> Many large packages in

Re: [OE-core] [PATCH] db: Add --tag parameter to libtool invocation

On Fri, Aug 18, 2017 at 2:52 AM, Richard Purdie wrote: > On Tue, 2017-08-15 at 20:33 -0700, Khem Raj wrote: >> Fixes errors like >> libtool: compile: unable to infer tagged configuration >> libtool: compile: specify a tag with `--tag' > > The patch seems to do a bit more than this? > Yes, now it

Re: [OE-core] [PATCH] gpg_sign: perform rpm signing serially

On Fri, 2017-08-18 at 11:04 +0300, Markus Lehtonen wrote: > Hi, > Ok so basically I wasted my time on this profiling exercise. Thanks for the clarification. > Using selftest to measure the signing performance is fruitless. The effect of > using "chunks" really depends on the number of subpack

[OE-core] [PATCH] dnf: fix "Unable to detect release version" warning

The release version was actually working correctly; it only makes the warning work properly. Signed-off-by: Alexander Kanavin --- ...eck-conf.releasever-instead-of-releasever.patch | 31 ++ meta/recipes-devtools/dnf/dnf_2.6.3.bb | 1 + 2 files changed, 32 inserti

Re: [OE-core] [PATCH] Revert "kernel: Fix symlinks"

On Wed, Aug 16, 2017 at 3:15 PM, Otavio Salvador wrote: > This reverts commit c7bc46b9bc29dd0953ab8d63b50fa105bb66892e. > > The commit has broken the alternatives concept as it is managed by > links controlled by the alternatives system. That said the failing > case identified (which some bootload

[OE-core] [PATCH] openssl10: rename back to openssl and make it the default via PREFERRED_VERSION

openssl 1.1 broke 3rd party layers a lot more than was expected; let's flip the switch at the start of next development cycle. Add a PROVIDES = "openssl10" to openssl 1.0 recipe; any dependency that is not compatible with 1.1 should use that in its DEPENDS, as the 1.0 recipe will later be renamed

[OE-core] [PATCH] cve-check-tool: Fix progress bar patch for curl 7.55

CURL_FORMAT_OFF_T does not seem to exist anymore, use CURL_FORMAT_CURL_OFF_T instead. This works with old and new curl. Signed-off-by: Jussi Kukkonen --- .../files/0001-print-progress-in-percent-when-downloading-CVE-db.patch | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/m

Re: [OE-core] [PATCH] curl: upgrade to 7.55.1

On 15 August 2017 at 00:09, Oleksandr Kravchuk wrote: > Signed-off-by: Oleksandr Kravchuk > --- > meta/recipes-support/curl/{curl_7.54.1.bb => curl_7.55.1.bb} | 8 ++-- > 1 file changed, 2 insertions(+), 6 deletions(-) > rename meta/recipes-support/curl/{curl_7.54.1.bb => curl_7.55.1.bb} (

Re: [OE-core] [PATCH] curl: upgrade to 7.55.1

Hi RP, On Fri, Aug 18, 2017 at 12:34:52PM +0100, Richard Purdie wrote: > On Mon, 2017-08-14 at 23:09 +0200, Oleksandr Kravchuk wrote: > > Signed-off-by: Oleksandr Kravchuk > > --- > >  meta/recipes-support/curl/{curl_7.54.1.bb => curl_7.55.1.bb} | 8 ++-- > >  1 file changed, 2 insertions(+),

Re: [OE-core] [PATCH 0/3] Restructure python2 and python3 packaging system

On Fri, 2017-08-18 at 12:33 +0100, Richard Purdie wrote: > On Fri, 2017-08-18 at 11:23 +0100, Richard Purdie wrote: > > > > On Thu, 2017-08-17 at 10:11 -0700, Alejandro Hernandez wrote: > > > > > > > > > The reason we have a manifest file for python is that our goal is > > > to > > > keep python

Re: [OE-core] [PATCH] curl: upgrade to 7.55.1

On Mon, 2017-08-14 at 23:09 +0200, Oleksandr Kravchuk wrote: > Signed-off-by: Oleksandr Kravchuk > --- >  meta/recipes-support/curl/{curl_7.54.1.bb => curl_7.55.1.bb} | 8 ++-- >  1 file changed, 2 insertions(+), 6 deletions(-) >  rename meta/recipes-support/curl/{curl_7.54.1.bb => curl_7.55.1.

Re: [OE-core] [PATCH 0/3] Restructure python2 and python3 packaging system

On Fri, 2017-08-18 at 11:23 +0100, Richard Purdie wrote: > On Thu, 2017-08-17 at 10:11 -0700, Alejandro Hernandez wrote: > > > > The reason we have a manifest file for python is that our goal is to > > keep python-core as small as posible and add other python packages > > only when the user needs

Re: [OE-core] openssl10 unusable for many components

On 08/18/2017 08:56 AM, Khem Raj wrote: I was trying nodejs and it seems its also broken by this openssl upgrade. Meta-oe alone has amost 50 recipes that are broken. there are hundreds of other layers. Many large packages in external layers are now broken, and the fact that openssl10 is almost u

Re: [OE-core] [PATCH] ca-certificates: prevent executing update-ca-certificates from host system

OK thank You, so please merge it into these branches. Regards, Andrej On 08/18/2017 11:35 AM, Richard Purdie wrote: > On Fri, 2017-08-18 at 08:26 +0200, Andrej Valek wrote: >> Yes, for actual branch is not required. But for branches like krogoth >> and morty, where HOSTTOOLS is not implemented, i

Re: [OE-core] [PATCH 0/3] Restructure python2 and python3 packaging system

On Thu, 2017-08-17 at 10:11 -0700, Alejandro Hernandez wrote: > The reason we have a manifest file for python is that our goal is to > keep python-core as small as posible and add other python packages > only when the user needs them, hence why we split upstream python > into several packages. > >

[OE-core] bussybox: updating to new version

Hello everyone, I would like to ask you a question about busybox upgrading. Is there any reason, why we are still using the version 1.24.1? I think that, the latest version 1.27.2 has a lot of fixes and it less vulnerable then the current. I have checked a license and it has not been changed. T

[OE-core] [PATCH 2/2] qemu conf: replace deprecated option with new option

Replace the deprecated '-usbdevice' option with '-device usb-xx' option. This would fix runqemu boot error like below. '-usbdevice' is deprecated, please use '-device usb-...' instead Signed-off-by: Chen Qi --- meta/conf/machine/include/qemuboot-mips.inc | 2 +- meta/conf/machine/include/qemu

[OE-core] [PATCH 1/2] qemu: backport patches to fix boot failure

Backport two patches to fix the following error when booting qemu. Failed to unlock byte 100 Signed-off-by: Chen Qi --- ...0001-osdep-Add-runtime-OFD-lock-detection.patch | 141 + ...e-posix-Do-runtime-check-for-ofd-lock-API.patch | 71 +++ meta/recipes-devtools/q

[OE-core] [PATCH 0/2] Fix runqemu startup failure

The following changes since commit 55bf88603927469de9aa9f6fd4d449230d2e61e3: poky: Add nios2 to list of qemu targets (2017-08-17 00:21:35 +0100) are available in the git repository at: git://git.pokylinux.org/poky-contrib ChenQi/runqemu_boot_error http://git.pokylinux.org/cgit.cgi/poky-co

Re: [OE-core] [PATCH] oe/path.py: copyhardlinktree: don't overwrite existing symlinks

On Wed, 2017-08-16 at 14:13 +0300, Ioan-Adrian Ratiu wrote: > Starting with tar>=1.26 the default behaviour when extracting is to > overwrite symlinks and a '-h' flag was added for tar to follow them. > > The primary use case for this is to allow ${DEPLOY_DIR_IPK/RPM/DEB} > to > be symlinks and av

Re: [OE-core] [PATCH] db: Add --tag parameter to libtool invocation

On Tue, 2017-08-15 at 20:33 -0700, Khem Raj wrote: > Fixes errors like > libtool: compile: unable to infer tagged configuration > libtool: compile: specify a tag with `--tag' The patch seems to do a bit more than this? Cheers, Richard -- ___ Openembed

Re: [OE-core] [PATCH] Perl: No reference conversion for Porting/Glossary

On Wed, 2017-08-16 at 09:18 +0800, cinly@intel.com wrote: > From: Ooi Cinly > > do_configure() will no longer convert references to > /usr/include into /path/to/recipes-sysroot/usr/include > for the file "Porting/Glossary". > > [YOCTO #11243] > > Signed-off-by: Ooi Cinly > --- >  meta/reci

Re: [OE-core] [PATCH 6/8] gnupg: 2.1.20 -> 2.1.23

On Wed, 2017-08-16 at 04:31 -0400, Hongxu Jia wrote: > COPYING.LIB: Rename to COPYING.LGPL3. > https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=3419a > 339d9c4e800bf30e9021e05982d8c1021c1 > > Rebase patches: > - pkgconfig.patch -> 0001 > - use-pkgconfig-instead-of-npth-config.patch

Re: [OE-core] [PATCH 0/3] Restructure python2 and python3 packaging system

On 08/17/2017 08:11 PM, Alejandro Hernandez wrote: There are many problems with our current implementation of the manifest file, this patch tries to deal with all of them along with adding several other features. Thanks for doing this; does it mean that python 3.6 update is coming soon? :) A

Re: [OE-core] [PATCH] ca-certificates: prevent executing update-ca-certificates from host system

On Fri, 2017-08-18 at 08:26 +0200, Andrej Valek wrote: > Yes, for actual branch is not required. But for branches like krogoth > and morty, where HOSTTOOLS is not implemented, is this necessary. Lets just apply this to krogoth/morty then... Cheers, Richard -- ___

[OE-core] [PATCH] oeqa: increase verbosity of dnf commands in dnf packagefeed test

Makes diagnosing failures easier. [YOCTO #11209] Signed-off-by: Markus Lehtonen --- meta-selftest/lib/oeqa/runtime/cases/dnf_runtime.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/meta-selftest/lib/oeqa/runtime/cases/dnf_runtime.py b/meta-selftest/lib/oeqa/runtime/c

Re: [OE-core] [PATCH] gpg_sign: perform rpm signing serially

Hi, Using selftest to measure the signing performance is fruitless. The effect of using "chunks" really depends on the number of subpackages the recipe produces. Selftest uses one of the smallest recipes , i.e. "ed", so you won't see any difference. But with hundreds of subpackages you get dif

[OE-core] [V2 PATCH 1/2] bash: 4.3.30 -> 4.4

1. Rebase patches: - fix-run-coproc-run-heredoc-run-execscript-run-test-f.patch - test-output.patch 2. Drop backported patches: - CVE-2016-9401.patch - fix-run-intl.patch 3. Add ${PN}-loadable for loadable builtins which is new features in Bash 4.4 4. The 4.4 fixed CVE-2017-5932 and CVE-2016-063

[OE-core] [PATCH 2/2] logrotate: fix systemd service not found while multilib

... |ERROR: lib32-logrotate-3.12.3-r0 do_package: SYSTEMD_SERVICE_lib32-logrotate value lib32-logrotate.service does not exist |ERROR: lib32-logrotate-3.12.3-r0 do_package: Function failed: systemd_populate_packages ... The systemd sercie file should not be multilib expend. Signed-off-by: Hongxu

[OE-core] [PATCH 0/2] upgrade bash v2 && fix multilib issues

Test steps: vim local.conf: ... MACHINE ?= "qemux86-64" require conf/multilib.conf MULTILIBS = "multilib:lib32" DEFAULTTUNE_virtclass-multilib-lib32 = "x86" IMAGE_INSTALL_append = " bash" VIRTUAL-RUNTIME_init_manager = "systemd" DISTRO_FEATURES_append = " systemd" DISTRO_FEATURES_BACKFILL_CONSIDE