pstore is used to collect crash logs in the journal after a crash. As it
needs a correctly configured kernel, it's not always enabled. Add a
PACKAGECONFIG to enable it when needed.
Signed-off-by: Jan Luebbe
---
meta/recipes-core/systemd/systemd_252.4.bb | 1 +
1 file changed, 1 insertion
This recipe is needed to build softhsm (in meta-oe) in with p11-kit
support, which is useful when multiple PKCS#11 modules need to be used.
Signed-off-by: Jan Luebbe
---
meta/recipes-support/p11-kit/p11-kit_0.24.1.bb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta
On Fri, 2022-08-19 at 09:57 +, Peter Kjellerstedt wrote:
> > > +Include /etc/ssh/ssh_config.d/*.conf
> > > +
> > Generally looks ok.
> > I wonder if this increases security concerns with such blanket includes.
>
> If you have the permissions to add a file to /etc/ssh/ssh_config.d or
>
Changes are caused by the removal of deprecated options.
ChallengeResponseAuthentication was replaced by
KbdInteractiveAuthentication in the SSHv2 protocol, see
https://www.openssh.com/txt/release-8.7
Signed-off-by: Jan Luebbe
---
.../openssh/openssh/ssh_config| 4
.
These specific directories are also used in Debian's default
configuration.
Signed-off-by: Jan Luebbe
---
meta/recipes-connectivity/openssh/openssh/ssh_config | 2 ++
meta/recipes-connectivity/openssh/openssh/sshd_config | 2 ++
2 files changed, 4 insertions(+)
diff --git a/meta/recipes
Hi Martin,
I just noticed that since this change, syslogd is compiled in by default, even I
have SRC_URI:remove = "file://syslog.cfg" in a bbappend. Is this intentional?
Otherwise, I'd prefer change the back to disabled by default (SRC_URI still
contains syslog.cfg by default).
Regards,
Jan
On
Hi,
On Mon, 2020-06-15 at 11:29 +, mikko.rap...@bmw.de wrote:
> On Wed, Jun 03, 2020 at 10:12:37AM +0200, Jan Luebbe wrote:
> > As the PACKAGECONFIG variable has a large influence on the
> > resulting
> > package sizes and dependencies, it's useful to capture it in
As the PACKAGECONFIG variable has a large influence on the resulting
package sizes and dependencies, it's useful to capture it in the
recipe-level buildhistory. This makes it straightforward to analyze the
impact of PACKAGECONFIG changes on the resulting image size.
Signed-off-by: Jan Luebbe
On Tue, 2020-04-28 at 10:09 -0700, akuster wrote:
>
> On 4/28/20 9:13 AM, Jan Lübbe wrote:
> > On Mon, 2020-04-27 at 19:15 -0700, akuster wrote:
> > > Adrian Bunk (1):
> > > openssl: Upgrade 1.1.1d -> 1.1.1e
> > >
> > > Alexander Kanavin (1):
> > > openssl: update to 1.1.1f
> > As 1.1.1g has
This also fixes CVE-2020-1967.
Signed-off-by: Jan Luebbe
---
.../openssl/{openssl_1.1.1f.bb => openssl_1.1.1g.bb}| 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
rename meta/recipes-connectivity/openssl/{openssl_1.1.1f.bb =>
openssl_1.1.1g.bb} (98%)
diff --git a/meta/r
On Mon, 2020-04-27 at 19:15 -0700, akuster wrote:
>
> Adrian Bunk (1):
> openssl: Upgrade 1.1.1d -> 1.1.1e
>
> Alexander Kanavin (1):
> openssl: update to 1.1.1f
As 1.1.1g has been released to fix CVE-2020-1967
https://www.openssl.org/news/secadv/20200421.txt
maybe we should just update
Hi Armin and Anuj,
this fix has landed in master as
4292387ef6c4e80428bad6a07c844a288b27d9a1 and I'd like to request it to
be cherry-picked for zeus. The cherry-pick should simply work without
conflicts.
Thanks,
Jan
On Mon, 2020-04-06 at 15:23 +0200, Jan Luebbe wrote:
> With --force-overwr
pendencies, this makes the simple case of
conflicting files hard to debug.
Instead of finding all possibly required force options, only disable
overwrite for now.
Signed-off-by: Jan Luebbe
---
meta/recipes-devtools/apt/files/apt.conf | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --
apt install can decide to remove already installed packages if there are
conflicts. Avoid this by explicitly specifying --no-remove. This will
then cause a "E: Packages need to be removed but remove is disabled."
message.
Signed-off-by: Jan Luebbe
---
meta/lib/oe/package_manager.py
.
Signed-off-by: Jan Luebbe
---
meta/lib/oe/package_manager.py | 8 +---
1 file changed, 1 insertion(+), 7 deletions(-)
diff --git a/meta/lib/oe/package_manager.py b/meta/lib/oe/package_manager.py
index dfe4197ce1fb..072372892732 100644
--- a/meta/lib/oe/package_manager.py
+++ b/meta/lib/oe
As opkglibdir starts with a /, os.path.join will ignore
self.target_rootfs, leading to an attempt to remove /var/lib/opkg.
This only fails if it exists on the host, explaining why this remained
undiscovered for long.
Signed-off-by: Jan Luebbe
---
meta/lib/oe/package_manager.py | 3 +--
1 file
ion, which is allowed to fail with a
warning, this leads to an SDK which is missing the -dev/-dbg packages.
This issue also affects zeus, so I'd be grateful if they could be
applied there as well, to avoid having to maintain a modified OE-core
locally. I've tested them on master and zeus.
Jan Luebbe (5)
. In that case, no -dev/-dbg packages are installed to the SDK.
Avoid this problem by checking which packages are already provided and
removing them from the list to be installed. Also sort the list to make
it easier to read when debugging.
Signed-off-by: Jan Luebbe
---
meta/lib/oe/package_manager.py | 14
This is needed for a later change to avoid installing packages which are
already provided by an installed package.
Signed-off-by: Jan Luebbe
---
meta/lib/oe/package_manager.py | 10 --
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/meta/lib/oe/package_manager.py b/meta
Hi,
On Mon, 2020-01-20 at 17:10 +, Ross Burton wrote:
> On 20/01/2020 15:45, Khem Raj wrote:
> > pseudo needs some love since it alters syscalls which go out of bounds
> > what is allowed by libseccomp until then pin your file version to 5.37
> > in arch till a supported distro is affected by
This is needed as a dependency when using SoftHSM from the PKCS#11
OpenSSL engine for code singing.
Signed-off-by: Jan Luebbe
---
meta-oe/recipes-support/libp11/libp11_0.4.10.bb | 2 ++
1 file changed, 2 insertions(+)
diff --git a/meta-oe/recipes-support/libp11/libp11_0.4.10.bb
b/meta-oe
This is needed as a dependency when using SoftHSM from the PKCS#11
OpenSSL engine for code singing.
Signed-off-by: Jan Luebbe
---
meta-oe/recipes-support/opensc/opensc_0.19.0.bb | 2 ++
1 file changed, 2 insertions(+)
diff --git a/meta-oe/recipes-support/opensc/opensc_0.19.0.bb
b/meta-oe
-off-by: Jan Luebbe
---
meta-oe/recipes-support/opensc/opensc_0.19.0.bb | 9 ++---
1 file changed, 6 insertions(+), 3 deletions(-)
diff --git a/meta-oe/recipes-support/opensc/opensc_0.19.0.bb
b/meta-oe/recipes-support/opensc/opensc_0.19.0.bb
index bc1722e394f6..440859a37a93 100644
--- a/meta
There is no reason why both should be used in the same recipe. Merge
them.
Signed-off-by: Jan Luebbe
---
meta-oe/recipes-support/openct/openct_0.6.20.bb | 6 ++
1 file changed, 2 insertions(+), 4 deletions(-)
diff --git a/meta-oe/recipes-support/openct/openct_0.6.20.bb
b/meta-oe/recipes
This is needed as a dependency when using SoftHSM from the PKCS#11
OpenSSL engine for code singing.
Add a udev PACKAGECONFIG, as this is only useful on the target. Also
don't RRECOMMEND ccid for the native variant.
Signed-off-by: Jan Luebbe
---
meta-oe/recipes-support/pcsc-lite/pcsc
This is useful for consolidation of code-signing interfaces when
building an image with verified boot mechanisms or signed update
artifacts. It can also be used on the target as a backend for software
which uses the PKCS#11 API to access private key material.
Signed-off-by: Jan Luebbe
This fixes building of tcpdump on hosts where libpcap-dev is installed.
Also introduce INC_PR.
Signed-off-by: Jan Luebbe jlue...@debian.org
---
meta/recipes-connectivity/libpcap/libpcap.inc |4 +++-
meta/recipes-connectivity/libpcap/libpcap_1.1.1.bb |2 +-
2 files changed, 4
27 matches
Mail list logo