From wikipedia:
utmp maintains a full accounting of the current status of the
system, system boot time (used by uptime), recording user
logins at which terminals, logouts, system events etc.
This is seldom use, if at all, on an embedded device, and may expose
users' behaviour to others (by observing who logs in from where, for
example).
Forcibly disable support for utmp.
Signed-off-by: Norbert Lange <nolange79@gmail.com>
[yann.morin.1998@free.fr: split off to its own patch]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Systemd enables compatibility with SysV services and utmp by default,
none of which is needed for buildroot as the packages' .mk will install
only the files for the chosen init system.
Furthermore, SysV support requires a setup where *both* /etc/init.d and
/etc/rc.d exists (the latter for the usual /etc/rcN.d). However, in
Buildroot, the latter does not exist; so we would not be able to provide
a working SysV support anyway.
So, just forcibly disable SysV support.
Signed-off-by: Norbert Lange <nolange79@gmail.com>
[yann.morin.1998@free.fr:
- expand commit log
- disable utmp in its own patch
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
All init systems supported by Buildroot have a /run directory and have
a symlink for /var/run -> /run.
Use the /run directory directly.
Signed-off-by: Norbert Lange <nolange79@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Update label as suggested by Stéphane Veyret, as -Ofast is potentially
dangerous, and may break packages.
Fixes:
- https://bugs.buildroot.org/show_bug.cgi?id=13046
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Also separate the fields in the hash file by two spaces.
Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Drop fix rpath patch which is no longer needed.
Drop g-ir-scanner/g-ir-compiler override patch which is now upstream.
Rebase remaining patches.
Meson now requires single quotes for cross-compilation.conf, replace
double quotes with single quotes.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Explicitly do not install udev rules and systemd units when installing
the host version of e2fsprogs, as we do not need those files when
calling host tools provided by e2fsprogs from Buildroot.
This fixes a weird issue I encountered: host-e2fsprogs was built and
installed without any issue when building an image from scratch. But
any attempt to rebuild host-e2fsprogs alone was failing during the
installation steps as it tried to install files to the host system.
This is because e2fsprogs' build system (autotools) is using the
prefix given at configuration time when installing its binaries,
configuration files, man pages, etc... but not when installing its
systemd units and udev rules.
The issue did not arise when building it from scratch, as
host-e2fsprogs do not have a dependency on host-udev/systemd, so its
configure script did not automatically enable udev/systemd
installation steps at first.
Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
go1.13.14 (released 2020/07/16) includes fixes to the compiler, vet, and
the database/sql, net/http, and reflect packages.
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Also remove upstream hashes not available anymore.
Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This CVE is falsely reported because it was fixed in package version
1.24 (which we are using). Ignore this CVE until the database is
updated.
Signed-off-by: Guillaume W. Bres <guillaume.bressaix@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit f1d1347bde added the optional
openssl dependency for mtd however nothing was done for host-mtd
As a result, crypto support on host-mtd depends on the availability of
host-openssl which is not listed in HOST_MTD_DEPENDENCIES
Moreover, crypto support needs host linux-headers as it includes
<linux/hash_info.h> since version 2.1.2 and
a739b59efe
So just disable crypto support for host-mtd
Fixes:
- http://autobuild.buildroot.org/results/e581bd04e1902476afcdc9d9e34f5fb00fcd31be
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Currently, we define the so-called "overflow group" as 'nogroup'.
However, one practical issue is that systemd-sysusers will otherwise
create a 'nobody' group with gid 999, because that's is what is usual to
define the overflow group: users and groups are defined in LSB (Linux
Standard Base):
https://refspecs.linuxfoundation.org/LSB_5.0.0/LSB-Core-generic/LSB-Core-generic/usernames.html
Quoting: "If the username exists on a system,then they should be in the
suggested corresponding group".
Only Debian and derivatives depart from this custom, naming it 'nogroup'
(hence the rationale for commit 908198e756 (system/skeleton: remove
spurious group 'nobody').
See also commit 9c67af2c52 (system/skeleton: use uid/gid 65534 for
nobody/nogroup), and a related discussion on LWN.net (key is "overflow
UID" which also applies to GID):
https://lwn.net/Articles/695478/
Use the recommended groupname 'nobody'. Adapt packages accordingly.
Signed-off-by: Norbert Lange <nolange79@gmail.com>
[yann.morin.1998@free.fr:
- reword commit log
- extend commit log with more references (commits and LWN)
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Group the udev users first, to make clear which software
requires them.
Signed-off-by: Norbert Lange <nolange79@gmail.com>
Reviewed-by: Jérémy Rosen <jeremy.rosen@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This supports 4 plugins, each will be added at the right spot if
enabled, based on the template coming with systemd.
The sed replacements are carefully written to be idempotent, and to
be robust enough to be combined with the other available packages
(nss_mdns4) in any installation order.
nss-systemd is used for the DynamicUser features, which is a defacto
necessity for systemd. It handles transient users/groups without
touching the /etc/{passwd,group} files on disk. To support the
'SupplementaryGroups' feature, groups should be merged.
nss-myhostname allows resolving the hostname, again without touching
files in /etc.
nss-mymachines adds name resolution from containers supported by
machined. Users from the containers might end up in system groups, so
groups should be merged.
nss-resolve, part of resolved, is required for consistent dns lookups.
As per the documentation (nss-resolve(8)), DNS queries shall not
continue past the resolve service, unless the service is not available.
We anchor nss_resolve to appear after files, if mymachines is also used,
remove that first (and add it back later). Other packages (mdns4) move
around the dns entry, so replacing that is not a good option.
If mdns4 is installed aswell, then resolved will take precedence for
host lookups.
Signed-off-by: Norbert Lange <nolange79@gmail.com>
[yann.morin.1998@free.fr:
- exp[lain why 'host: resolve' uses !UNAVAIL=return
- rewrap commit log
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The rule to create the staging symlink has it depend on BASE_DIR, and
the symlink is created in BASE_DIR, which means that when the symlink
is created, BASE_DIR is updated, and thus made more recent than the
symlink itself.
As a consequence, every time one runs 'make', the symlink will be older
than BASE_DIR, and so will be re-created.
Ditto for the host symlink when the user has elected to have an
out-of-tree host dir.
Fix that by changing to using an order-only dependency.
Signed-off-by: Danomi Manchego <danomimanchego123@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
lm-sensors dropped MACHINE variable since version 3.6.0 and
0863eff8fa
instead it uses $(CC) -dumpmachine to guess the architecture
However, as $(TARGET_CONFIGURE_OPTS) is only passed to build step and
not to install steps, this result in some binaries being built for the
host during install step and raising a build failure on some autobuilders
Fixes:
- http://autobuild.buildroot.org/results/0180989afdd9272ecd5010a787931e0b10a6cdcf
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
In latest patch the SDMA installation was limited to platforms whose
name was mentioned in the binary but this approach wasn't flexible to
manage cases like imx8m using imx7 sdma binary, so this patch does:
- change VPU/SDMA FW options to string to allow specifying the name
(suggested by Thomas)
- remove imx27 sdma case as non-existent
- add imx8m family support (using imx7d binary)
- get rid of FIRMWARE_IMX_PLATFORM_LOWER macro
Fixes: fad2df39b9 ("package/freescale-imx/firmware-imx: clarify installation of firmware files")
Signed-off-by: Gary Bisson <gary.bisson@boundarydevices.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Same version as NXP release 5.4.24-2.1.0
- No changelog provided by NXP
- Tested on Nitrogen8M device with Weston (DRM backend) as follows:
# cd /usr/share/examples/viv_samples/vdk/
# ./tutorial7
Signed-off-by: Gary Bisson <gary.bisson@boundarydevices.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Same version as NXP release 5.4.24-2.1.0
- No changelog provided by NXP
- COPYING/EULA update: LA_OPT_NXP_Software_License v11 February 2020
- Tested on Nitrogen8M device with Weston (DRM backend) as follows:
# cd /usr/share/examples/viv_samples/vdk/
# ./tutorial7
Signed-off-by: Gary Bisson <gary.bisson@boundarydevices.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Same version as NXP release 5.4.24-2.1.0
- No changelog provided by NXP
- COPYING/EULA update: LA_OPT_NXP_Software_License v11 February 2020
Signed-off-by: Gary Bisson <gary.bisson@boundarydevices.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- based on NXP imx_5.4.24_2.1.0 release
- includes latest stable releases, hence 5.4.x naming
- includes support for all Boundary Devices platforms + accessories
Signed-off-by: Gary Bisson <gary.bisson@boundarydevices.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This brings to the swupdate package two fixes [2][3] that have also
been backported in the meta-swupdate Yocto layer, see [1].
[1]: 3fccf23e28
[2]: 1078af97a5
[3]: e3a6b120ff
Signed-off-by: Joris Offouga <offougajoris@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
gtkvncviewer has been added since version 0.9.13 and
2650cfc17b,
disable it as it is only an example
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
go1.13.13 (released 2020/07/14) includes security fixes to the
crypto/x509 and net/http packages.
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add support for imx6ullevk_defconfig that allows booting a mainline
kernel and mainline U-Boot.
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Separate the fields in the hash file by two spaces and remove hash of
old version.
Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Separate the fields in the hash file by two spaces.
Change the hash of the license:
- Copyright message changed from 2018,2019 to 2019,2020
Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Change the hash of the license:
- Copyright message changed from 'present' to 2020
- Link to BSD 2-Clause License changed from http to https
Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Also separate the fields in the hash file by two spaces.
Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Also separate the fields in the hash file by two spaces.
Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Without this backslash, any attempt to run make will result in the error:
package/mender/mender.mk:44: *** recipe commences before first target. Stop
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Mender has support for performing other types of updates other than
just overwriting the rootfs partition that isn't currently in use on
the target.
Some of the default provided modules provide support for:
- Updating a docker container.
- Running a script.
- Installing an RPM.
- Overwriting a directory.
- Updating a single-file.
The single-file update module is used by upstream for onboarding a new
device to a server, and this fails with Buildroot devices because the
modules are currently not installed.
Install the directory, script, and single-file modules by default, and
install the docker or rpm script if their respective packages are
selected.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Version 3 scripts have been supported since version 2.0 and should be the
default.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>