Date   

[PATCH] salt: upgrade to 2016.3

Alejandro del Castillo <alejandro.delcastillo@...>
 

* Update conffiles
* Add PKGCONFIG options for zeromq and TCP transports.

Signed-off-by: Alejandro del Castillo <alejandro.delcastillo@...>
---
meta-openstack/recipes-support/salt/files/cloud | 7 +-
meta-openstack/recipes-support/salt/files/master | 541 ++++++++++++++++-----
meta-openstack/recipes-support/salt/files/minion | 366 ++++++++++----
meta-openstack/recipes-support/salt/files/roster | 1 +
.../salt/{salt_2015.8.0.bb => salt_2016.3.0.bb} | 22 +-
5 files changed, 718 insertions(+), 219 deletions(-)
rename meta-openstack/recipes-support/salt/{salt_2015.8.0.bb => salt_2016.3.0.bb} (88%)

diff --git a/meta-openstack/recipes-support/salt/files/cloud b/meta-openstack/recipes-support/salt/files/cloud
index 2ea54f1..5bd28df 100644
--- a/meta-openstack/recipes-support/salt/files/cloud
+++ b/meta-openstack/recipes-support/salt/files/cloud
@@ -1,4 +1,4 @@
-# This file should normally be installed at: /etc/salt/cloud
+# This file should normally be installed at: /etc/salt/cloud


##########################################
@@ -28,6 +28,9 @@
# The level of messages to send to the console.
# One of 'garbage', 'trace', 'debug', info', 'warning', 'error', 'critical'.
#
+# The following log levels are considered INSECURE and may log sensitive data:
+# ['garbage', 'trace', 'debug']
+#
# Default: 'info'
#
#log_level: info
@@ -65,7 +68,9 @@
# the coloring of the messages, these color formatters also include padding as
# well. Color LogRecord attributes are only available for console logging.
#
+#log_fmt_console: '%(colorlevel)s %(colormsg)s'
#log_fmt_console: '[%(levelname)-8s] %(message)s'
+#
#log_fmt_logfile: '%(asctime)s,%(msecs)03.0f [%(name)-17s][%(levelname)-8s] %(message)s'


diff --git a/meta-openstack/recipes-support/salt/files/master b/meta-openstack/recipes-support/salt/files/master
index 8129a4f..821f5fc 100644
--- a/meta-openstack/recipes-support/salt/files/master
+++ b/meta-openstack/recipes-support/salt/files/master
@@ -1,125 +1,235 @@
##### Primary configuration settings #####
##########################################
-# This configuration file is used to manage the behavior of the Salt Master
-# Values that are commented out but have no space after the comment are
-# defaults that need not be set in the config. If there is a space after the
-# comment that the value is presented as an example and is not the default.
+# This configuration file is used to manage the behavior of the Salt Master.
+# Values that are commented out but have an empty line after the comment are
+# defaults that do not need to be set in the config. If there is no blank line
+# after the comment then the value is presented as an example and is not the
+# default.

# Per default, the master will automatically include all config files
# from master.d/*.conf (master.d is a directory in the same directory
-# as the main master config file)
+# as the main master config file).
#default_include: master.d/*.conf

-# The address of the interface to bind to
+# The address of the interface to bind to:
#interface: 0.0.0.0

# Whether the master should listen for IPv6 connections. If this is set to True,
-# the interface option must be adjusted too (for example: "interface: '::'")
+# the interface option must be adjusted, too. (For example: "interface: '::'")
#ipv6: False

-# The tcp port used by the publisher
+# The tcp port used by the publisher:
#publish_port: 4505

-# The user to run the salt-master as. Salt will update all permissions to
-# allow the specified user to run the master. If the modified files cause
-# conflicts set verify_env to False.
+# The user under which the salt master will run. Salt will update all
+# permissions to allow the specified user to run the master. The exception is
+# the job cache, which must be deleted if this user is changed. If the
+# modified files cause conflicts, set verify_env to False.
#user: root

-# Max open files
-# Each minion connecting to the master uses AT LEAST one file descriptor, the
-# master subscription connection. If enough minions connect you might start
-# seeing on the console(and then salt-master crashes):
-# Too many open files (tcp_listener.cpp:335)
-# Aborted (core dumped)
-#
-# By default this value will be the one of `ulimit -Hn`, ie, the hard limit for
-# max open files.
-#
-# If you wish to set a different value than the default one, uncomment and
-# configure this setting. Remember that this value CANNOT be higher than the
-# hard limit. Raising the hard limit depends on your OS and/or distribution,
-# a good way to find the limit is to search the internet for(for example):
-# raise max open files hard limit debian
-#
-#max_open_files: 100000
-
-# The number of worker threads to start, these threads are used to manage
-# return calls made from minions to the master, if the master seems to be
-# running slowly, increase the number of threads
-#worker_threads: 5
-
# The port used by the communication interface. The ret (return) port is the
-# interface used for the file server, authentication, job returnes, etc.
+# interface used for the file server, authentication, job returns, etc.
#ret_port: 4506

-# Specify the location of the daemon process ID file
+# Specify the location of the daemon process ID file:
#pidfile: /var/run/salt-master.pid

# The root directory prepended to these options: pki_dir, cachedir,
-# sock_dir, log_file, autosign_file, extension_modules, key_logfile, pidfile.
+# sock_dir, log_file, autosign_file, autoreject_file, extension_modules,
+# key_logfile, pidfile:
#root_dir: /

-# Directory used to store public key data
+# Directory used to store public key data:
#pki_dir: /etc/salt/pki/master

-# Directory to store job and cache data
+# Directory to store job and cache data:
+# This directory may contain sensitive data and should be protected accordingly.
+#
#cachedir: /var/cache/salt/master

-# Verify and set permissions on configuration directories at startup
+# Directory for custom modules. This directory can contain subdirectories for
+# each of Salt's module types such as "runners", "output", "wheel", "modules",
+# "states", "returners", etc.
+#extension_modules: <no default>
+
+# Directory for custom modules. This directory can contain subdirectories for
+# each of Salt's module types such as "runners", "output", "wheel", "modules",
+# "states", "returners", etc.
+# Like 'extension_modules' but can take an array of paths
+#module_dirs: <no default>
+# - /var/cache/salt/minion/extmods
+
+# Verify and set permissions on configuration directories at startup:
#verify_env: True

-# Set the number of hours to keep old job information in the job cache
+# Set the number of hours to keep old job information in the job cache:
#keep_jobs: 24

-# Set the default timeout for the salt command and api, the default is 5
-# seconds
+# Set the default timeout for the salt command and api. The default is 5
+# seconds.
#timeout: 5

-# The loop_interval option controls the seconds for the master's maintinance
+# The loop_interval option controls the seconds for the master's maintenance
# process check cycle. This process updates file server backends, cleans the
# job cache and executes the scheduler.
#loop_interval: 60

-# Set the default outputter used by the salt command. The default is "nested"
+# Set the default outputter used by the salt command. The default is "nested".
#output: nested

-# By default output is colored, to disable colored output set the color value
-# to False
+# Return minions that timeout when running commands like test.ping
+#show_timeout: True
+
+# By default, output is colored. To disable colored output, set the color value
+# to False.
#color: True

-# Set the directory used to hold unix sockets
+# Do not strip off the colored output from nested results and state outputs
+# (true by default).
+# strip_colors: False
+
+# Set the directory used to hold unix sockets:
#sock_dir: /var/run/salt/master

# The master can take a while to start up when lspci and/or dmidecode is used
# to populate the grains for the master. Enable if you want to see GPU hardware
# data for your master.
-#
# enable_gpu_grains: False

-# The master maintains a job cache, while this is a great addition it can be
+# The master maintains a job cache. While this is a great addition, it can be
# a burden on the master for larger deployments (over 5000 minions).
# Disabling the job cache will make previously executed jobs unavailable to
# the jobs system and is not generally recommended.
-#
#job_cache: True

# Cache minion grains and pillar data in the cachedir.
#minion_data_cache: True

+# Store all returns in the given returner.
+# Setting this option requires that any returner-specific configuration also
+# be set. See various returners in salt/returners for details on required
+# configuration values. (See also, event_return_queue below.)
+#
+#event_return: mysql
+
+# On busy systems, enabling event_returns can cause a considerable load on
+# the storage system for returners. Events can be queued on the master and
+# stored in a batched fashion using a single transaction for multiple events.
+# By default, events are not queued.
+#event_return_queue: 0
+
+# Only events returns matching tags in a whitelist
+# event_return_whitelist:
+# - salt/master/a_tag
+# - salt/master/another_tag
+
+# Store all event returns _except_ the tags in a blacklist
+# event_return_blacklist:
+# - salt/master/not_this_tag
+# - salt/master/or_this_one
+
+# Passing very large events can cause the minion to consume large amounts of
+# memory. This value tunes the maximum size of a message allowed onto the
+# master event bus. The value is expressed in bytes.
+#max_event_size: 1048576
+
+# By default, the master AES key rotates every 24 hours. The next command
+# following a key rotation will trigger a key refresh from the minion which may
+# result in minions which do not respond to the first command after a key refresh.
+#
+# To tell the master to ping all minions immediately after an AES key refresh, set
+# ping_on_rotate to True. This should mitigate the issue where a minion does not
+# appear to initially respond after a key is rotated.
+#
+# Note that ping_on_rotate may cause high load on the master immediately after
+# the key rotation event as minions reconnect. Consider this carefully if this
+# salt master is managing a large number of minions.
+#
+# If disabled, it is recommended to handle this event by listening for the
+# 'aes_key_rotate' event with the 'key' tag and acting appropriately.
+# ping_on_rotate: False
+
+# By default, the master deletes its cache of minion data when the key for that
+# minion is removed. To preserve the cache after key deletion, set
+# 'preserve_minion_cache' to True.
+#
+# WARNING: This may have security implications if compromised minions auth with
+# a previous deleted minion ID.
+#preserve_minion_cache: False
+
+# If max_minions is used in large installations, the master might experience
+# high-load situations because of having to check the number of connected
+# minions for every authentication. This cache provides the minion-ids of
+# all connected minions to all MWorker-processes and greatly improves the
+# performance of max_minions.
+# con_cache: False
+
# The master can include configuration from other files. To enable this,
# pass a list of paths to this option. The paths can be either relative or
# absolute; if relative, they are considered to be relative to the directory
# the main master configuration file lives in (this file). Paths can make use
# of shell-style globbing. If no files are matched by a path passed to this
-# option then the master will log a warning message.
-#
+# option, then the master will log a warning message.
#
# Include a config file from some other path:
-#include: /etc/salt/extra_config
+# include: /etc/salt/extra_config
#
# Include config from several files and directories:
-#include:
-# - /etc/salt/extra_config
+# include:
+# - /etc/salt/extra_config
+
+
+##### Large-scale tuning settings #####
+##########################################
+# Max open files
+#
+# Each minion connecting to the master uses AT LEAST one file descriptor, the
+# master subscription connection. If enough minions connect you might start
+# seeing on the console (and then salt-master crashes):
+# Too many open files (tcp_listener.cpp:335)
+# Aborted (core dumped)
+#
+# By default this value will be the one of `ulimit -Hn`, ie, the hard limit for
+# max open files.
+#
+# If you wish to set a different value than the default one, uncomment and
+# configure this setting. Remember that this value CANNOT be higher than the
+# hard limit. Raising the hard limit depends on your OS and/or distribution,
+# a good way to find the limit is to search the internet. For example:
+# raise max open files hard limit debian
+#
+#max_open_files: 100000
+
+# The number of worker threads to start. These threads are used to manage
+# return calls made from minions to the master. If the master seems to be
+# running slowly, increase the number of threads. This setting can not be
+# set lower than 3.
+#worker_threads: 5
+
+# Set the ZeroMQ high water marks
+# http://api.zeromq.org/3-2:zmq-setsockopt
+
+# The publisher interface ZeroMQPubServerChannel
+#pub_hwm: 1000
+
+# These two ZMQ HWM settings, salt_event_pub_hwm and event_publisher_pub_hwm
+# are significant for masters with thousands of minions. When these are
+# insufficiently high it will manifest in random responses missing in the CLI
+# and even missing from the job cache. Masters that have fast CPUs and many
+# cores with appropriate worker_threads will not need these set as high.
+
+# On deployment with 8,000 minions, 2.4GHz CPUs, 24 cores, 32GiB memory has
+# these settings:
+#
+# salt_event_pub_hwm: 128000
+# event_publisher_pub_hwm: 64000
+
+# ZMQ high-water-mark for SaltEvent pub socket
+#salt_event_pub_hwm: 20000
+
+# ZMQ high-water-mark for EventPublisher pub socket
+#event_publisher_pub_hwm: 10000
+


##### Security settings #####
@@ -134,53 +244,68 @@
# public keys from the minions. Note that this is insecure.
#auto_accept: False

-# If the autosign_file is specified only incoming keys specified in
-# the autosign_file will be automatically accepted. This is insecure.
-# Regular expressions as well as globing lines are supported.
+# Time in minutes that a incoming public key with a matching name found in
+# pki_dir/minion_autosign/keyid is automatically accepted. Expired autosign keys
+# are removed when the master checks the minion_autosign directory.
+# 0 equals no timeout
+# autosign_timeout: 120
+
+# If the autosign_file is specified, incoming keys specified in the
+# autosign_file will be automatically accepted. This is insecure. Regular
+# expressions as well as globing lines are supported.
#autosign_file: /etc/salt/autosign.conf

-# Enable permissive access to the salt keys. This allows you to run the
+# Works like autosign_file, but instead allows you to specify minion IDs for
+# which keys will automatically be rejected. Will override both membership in
+# the autosign_file and the auto_accept setting.
+#autoreject_file: /etc/salt/autoreject.conf
+
+# Enable permissive access to the salt keys. This allows you to run the
# master or minion as root, but have a non-root group be given access to
-# your pki_dir. To make the access explicit, root must belong to the group
-# you've given access to. This is potentially quite insecure.
-# If an autosign_file is specified, enabling permissive_pki_access will allow group access
-# to that specific file.
+# your pki_dir. To make the access explicit, root must belong to the group
+# you've given access to. This is potentially quite insecure. If an autosign_file
+# is specified, enabling permissive_pki_access will allow group access to that
+# specific file.
#permissive_pki_access: False

# Allow users on the master access to execute specific commands on minions.
# This setting should be treated with care since it opens up execution
# capabilities to non root users. By default this capability is completely
# disabled.
-#
-#client_acl:
+#pulisher_acl:
# larry:
# - test.ping
# - network.*
#
-
# Blacklist any of the following users or modules
#
# This example would blacklist all non sudo users, including root from
# running any commands. It would also blacklist any use of the "cmd"
-# module.
-# This is completely disabled by default.
+# module. This is completely disabled by default.
#
-#client_acl_blacklist:
+#publisher_acl_blacklist:
# users:
# - root
# - '^(?!sudo_).*$' # all non sudo users
# modules:
# - cmd
+#
+# WARNING: client_acl and client_acl_blacklist options are deprecated and will
+# be removed in the future releases. Use publisher_acl and
+# publisher_acl_blacklist instead.
+
+# Enforce publisher_acl & publisher_acl_blacklist when users have sudo
+# access to the salt command.
+#
+#sudo_acl: False

# The external auth system uses the Salt auth modules to authenticate and
# validate users to access areas of the Salt system.
-#
#external_auth:
# pam:
# fred:
# - test.*
#
-
# Time (in seconds) for a newly generated token to live. Default: 12 hours
#token_expire: 43200

@@ -188,6 +313,10 @@
# security purposes.
#file_recv: False

+# Set a hard-limit on the size of the files that can be pushed to the master.
+# It will be interpreted as megabytes. Default: 100
+#file_recv_max_size: 100
+
# Signature verification on messages published from the master.
# This causes the master to cryptographically sign all messages published to its event
# bus, and minions then verify that signature before acting on the message.
@@ -199,20 +328,30 @@
# no signature, it will still be accepted, and a warning message will be logged.
# Conversely, if sign_pub_messages is False, but a minion receives a signed
# message it will be accepted, the signature will not be checked, and a warning message
-# will be logged. This behavior will go away in Salt 0.17.6 (or Hydrogen RC1, whichever
-# comes first) and these two situations will cause minion to throw an exception and
-# drop the message.
-#
+# will be logged. This behavior went away in Salt 2014.1.0 and these two situations
+# will cause minion to throw an exception and drop the message.
# sign_pub_messages: False

+##### Salt-SSH Configuration #####
+##########################################
+
+# Pass in an alternative location for the salt-ssh roster file
+#roster_file: /etc/salt/roster
+
+# Pass in minion option overrides that will be inserted into the SHIM for
+# salt-ssh calls. The local minion config is not used for salt-ssh. Can be
+# overridden on a per-minion basis in the roster (`minion_opts`)
+#ssh_minion_opts:
+# gpg_keydir: /root/gpg
+
##### Master Module Management #####
##########################################
-# Manage how master side modules are loaded
+# Manage how master side modules are loaded.

-# Add any additional locations to look for master runners
+# Add any additional locations to look for master runners:
#runner_dirs: []

-# Enable Cython for master side modules
+# Enable Cython for master side modules:
#cython_enable: False


@@ -226,6 +365,7 @@
# The master_tops option replaces the external_nodes option by creating
# a plugable system for the generation of external top data. The external_nodes
# option is deprecated by the master_tops option.
+#
# To gain the capabilities of the classic external_nodes system, use the
# following configuration:
# master_tops:
@@ -242,6 +382,19 @@
# The renderer to use on the minions to render the state data
#renderer: yaml_jinja

+# The Jinja renderer can strip extra carriage returns and whitespace
+# See http://jinja.pocoo.org/docs/api/#high-level-api
+#
+# If this is set to True the first newline after a Jinja block is removed
+# (block, not variable tag!). Defaults to False, corresponds to the Jinja
+# environment init variable "trim_blocks".
+#jinja_trim_blocks: False
+#
+# If this is set to True leading spaces and tabs are stripped from the start
+# of a line to a block. Defaults to False, corresponds to the Jinja
+# environment init variable "lstrip_blocks".
+#jinja_lstrip_blocks: False
+
# The failhard option tells the minions to stop immediately after the first
# failure detected in the state execution, defaults to False
#failhard: False
@@ -256,8 +409,22 @@
# output for each changed state if set to 'full', but if set to 'terse'
# the output will be shortened to a single line. If set to 'mixed', the output
# will be terse unless a state failed, in which case that output will be full.
+# If set to 'changes', the output will be full unless the state didn't change.
#state_output: full

+# Automatically aggregate all states that have support for mod_aggregate by
+# setting to 'True'. Or pass a list of state module names to automatically
+# aggregate just those types.
+#
+# state_aggregate:
+# - pkg
+#
+#state_aggregate: False
+
+# Send progress events as each function in a state run completes execution
+# by setting to 'True'. Progress events are in the format
+# 'salt/job/<JID>/prog/<MID>/<RUN NUM>'.
+#state_events: False

##### File Server settings #####
##########################################
@@ -279,14 +446,34 @@
# prod:
# - /srv/salt/prod/services
# - /srv/salt/prod/states
-
+#
#file_roots:
# base:
# - /srv/salt
+#
+
+# When using multiple environments, each with their own top file, the
+# default behaviour is an unordered merge. To prevent top files from
+# being merged together and instead to only use the top file from the
+# requested environment, set this value to 'same'.
+#top_file_merging_strategy: merge
+
+# To specify the order in which environments are merged, set the ordering
+# in the env_order option. Given a conflict, the last matching value will
+# win.
+#env_order: ['base', 'dev', 'prod']
+
+# If top_file_merging_strategy is set to 'same' and an environment does not
+# contain a top file, the top file in the environment specified by default_top
+# will be used instead.
+#default_top: base

# The hash_type is the hash to use when discovering the hash of a file on
# the master server. The default is md5, but sha1, sha224, sha256, sha384
# and sha512 are also supported.
+#
+# Prior to changing this value, the master should be stopped and all Salt
+# caches should be cleared.
#hash_type: md5

# The buffer size in the file server can be adjusted here:
@@ -298,7 +485,6 @@
# For example, if you manage your custom modules and states in subversion
# and don't want all the '.svn' folders and content synced to your minions,
# you could set this to '/\.svn($|/)'. By default nothing is ignored.
-#
#file_ignore_regex:
# - '/\.svn($|/)'
# - '/\.git($|/)'
@@ -307,58 +493,83 @@
# path before syncing the modules and states to the minions. This is similar
# to file_ignore_regex above, but works on globs instead of regex. By default
# nothing is ignored.
-#
# file_ignore_glob:
# - '*.pyc'
# - '*/somefolder/*.bak'
# - '*.swp'

# File Server Backend
+#
# Salt supports a modular fileserver backend system, this system allows
# the salt master to link directly to third party systems to gather and
# manage the files available to minions. Multiple backends can be
# configured and will be searched for the requested file in the order in which
# they are defined here. The default setting only enables the standard backend
# "roots" which uses the "file_roots" option.
-#
#fileserver_backend:
# - roots
#
# To use multiple backends list them in the order they are searched:
-#
#fileserver_backend:
# - git
# - roots
#
+# Uncomment the line below if you do not want the file_server to follow
+# symlinks when walking the filesystem tree. This is set to True
+# by default. Currently this only applies to the default roots
+# fileserver_backend.
+#fileserver_followsymlinks: False
+#
+# Uncomment the line below if you do not want symlinks to be
+# treated as the files they are pointing to. By default this is set to
+# False. By uncommenting the line below, any detected symlink while listing
+# files on the Master will not be returned to the Minion.
+#fileserver_ignoresymlinks: True
+#
# By default, the Salt fileserver recurses fully into all defined environments
# to attempt to find files. To limit this behavior so that the fileserver only
# traverses directories with SLS files and special Salt directories like _modules,
# enable the option below. This might be useful for installations where a file root
# has a very large number of files and performance is impacted. Default is False.
-#
# fileserver_limit_traversal: False
#
-# Git fileserver backend configuration
+# The fileserver can fire events off every time the fileserver is updated,
+# these are disabled by default, but can be easily turned on by setting this
+# flag to True
+#fileserver_events: False
+
+# Git File Server Backend Configuration
+#
+# Gitfs can be provided by one of two python modules: GitPython or pygit2. If
+# using pygit2, both libgit2 and git must also be installed.
+#gitfs_provider: gitpython
+#
# When using the git fileserver backend at least one git remote needs to be
# defined. The user running the salt master will need read access to the repo.
#
-#gitfs_remotes:
-# - git://github.com/saltstack/salt-states.git
-# - file:///var/git/saltmaster
-#
# The repos will be searched in order to find the file requested by a client
# and the first repo to have the file will return it.
# When using the git backend branches and tags are translated into salt
# environments.
# Note: file:// repos will be treated as a remote, so refs you want used must
# exist in that repo as *local* refs.
+#gitfs_remotes:
+# - git://github.com/saltstack/salt-states.git
+# - file:///var/git/saltmaster
+#
+# The gitfs_ssl_verify option specifies whether to ignore ssl certificate
+# errors when contacting the gitfs backend. You might want to set this to
+# false if you're using a git backend that uses a self-signed certificate but
+# keep in mind that setting this flag to anything other than the default of True
+# is a security concern, you may want to try using the ssh transport.
+#gitfs_ssl_verify: True
#
# The gitfs_root option gives the ability to serve files from a subdirectory
# within the repository. The path is defined relative to the root of the
# repository and defaults to the repository root.
#gitfs_root: somefolder/otherfolder
-
-
+#
+#
##### Pillar settings #####
##########################################
# Salt Pillars allow for the building of global data that can be made selectively
@@ -366,28 +577,59 @@
# Pillar is laid out in the same fashion as the file server, with environments,
# a top file and sls files. However, pillar data does not need to be in the
# highstate format, and is generally just key/value pairs.
-
#pillar_roots:
# base:
# - /srv/pillar
-
+#
#ext_pillar:
# - hiera: /etc/hiera.yaml
# - cmd_yaml: cat /etc/salt/yaml

+# The ext_pillar_first option allows for external pillar sources to populate
+# before file system pillar. This allows for targeting file system pillar from
+# ext_pillar.
+#ext_pillar_first: False
+
+# The pillar_gitfs_ssl_verify option specifies whether to ignore ssl certificate
+# errors when contacting the pillar gitfs backend. You might want to set this to
+# false if you're using a git backend that uses a self-signed certificate but
+# keep in mind that setting this flag to anything other than the default of True
+# is a security concern, you may want to try using the ssh transport.
+#pillar_gitfs_ssl_verify: True
+
# The pillar_opts option adds the master configuration file data to a dict in
# the pillar called "master". This is used to set simple configurations in the
# master config file that can then be used on minions.
-#pillar_opts: True
+#pillar_opts: False
+
+# The pillar_safe_render_error option prevents the master from passing pillar
+# render errors to the minion. This is set on by default because the error could
+# contain templating data which would give that minion information it shouldn't
+# have, like a password! When set true the error message will only show:
+# Rendering SLS 'my.sls' failed. Please see master log for details.
+#pillar_safe_render_error: True
+
+# The pillar_source_merging_strategy option allows you to configure merging strategy
+# between different sources. It accepts four values: recurse, aggregate, overwrite,
+# or smart. Recurse will merge recursively mapping of data. Aggregate instructs
+# aggregation of elements between sources that use the #!yamlex renderer. Overwrite
+# will verwrite elements according the order in which they are processed. This is
+# behavior of the 2014.1 branch and earlier. Smart guesses the best strategy based
+# on the "renderer" setting and is the default value.
+#pillar_source_merging_strategy: smart
+
+# Recursively merge lists by aggregating them instead of replacing them.
+#pillar_merge_lists: False


##### Syndic settings #####
##########################################
# The Salt syndic is used to pass commands through a master from a higher
-# master. Using the syndic is simple, if this is a master that will have
-# syndic servers(s) below it set the "order_masters" setting to True, if this
-# is a master that will be running a syndic daemon for passthrough the
-# "syndic_master" setting needs to be set to the location of the master server
+# master. Using the syndic is simple. If this is a master that will have
+# syndic servers(s) below it, then set the "order_masters" setting to True.
+#
+# If this is a master that will be running a syndic daemon for passthrough, then
+# the "syndic_master" setting needs to be set to the location of the master server
# to receive commands from.

# Set the order_masters setting to True if this master will command lower
@@ -398,15 +640,16 @@
# this master where to receive commands from.
#syndic_master: masterofmaster

-# This is the 'ret_port' of the MasterOfMaster
+# This is the 'ret_port' of the MasterOfMaster:
#syndic_master_port: 4506

-# PID file of the syndic daemon
+# PID file of the syndic daemon:
#syndic_pidfile: /var/run/salt-syndic.pid

-# LOG file of the syndic daemon
+# LOG file of the syndic daemon:
#syndic_log_file: syndic.log

+
##### Peer Publish settings #####
##########################################
# Salt minions can send commands to other minions, but only if the minion is
@@ -418,14 +661,12 @@
# of regular expressions to match functions. The following will allow the
# minion authenticated as foo.example.com to execute functions from the test
# and pkg modules.
-#
#peer:
# foo.example.com:
# - test.*
# - pkg.*
#
# This will allow all minions to execute all commands:
-#
#peer:
# .*:
# - .*
@@ -440,16 +681,34 @@
#
# All peer runner support is turned off by default and must be enabled before
# using. This will enable all peer runners for all minions:
-#
#peer_run:
# .*:
# - .*
#
# To enable just the manage.up runner for the minion foo.example.com:
-#
#peer_run:
# foo.example.com:
# - manage.up
+#
+#
+##### Mine settings #####
+#####################################
+# Restrict mine.get access from minions. By default any minion has a full access
+# to get all mine data from master cache. In acl definion below, only pcre matches
+# are allowed.
+# mine_get:
+# .*:
+# - .*
+#
+# The example below enables minion foo.example.com to get 'network.interfaces' mine
+# data only, minions web* to get all network.* and disk.* mine data and all other
+# minions won't get any mine data.
+# mine_get:
+# foo.example.com:
+# - network.interfaces
+# web.*:
+# - network.*
+# - disk.*


##### Logging settings #####
@@ -468,10 +727,15 @@

# The level of messages to send to the console.
# One of 'garbage', 'trace', 'debug', info', 'warning', 'error', 'critical'.
+#
+# The following log levels are considered INSECURE and may log sensitive data:
+# ['garbage', 'trace', 'debug']
+#
#log_level: warning

# The level of messages to send to the log file.
# One of 'garbage', 'trace', 'debug', info', 'warning', 'error', 'critical'.
+# If using 'log_granular_levels' this must be set to the highest desired level.
#log_level_logfile: warning

# The date and time format used in log messages. Allowed date/time formating
@@ -481,24 +745,37 @@

# The format of the console logging messages. Allowed formatting options can
# be seen here: http://docs.python.org/library/logging.html#logrecord-attributes
+#
+# Console log colors are specified by these additional formatters:
+#
+# %(colorlevel)s
+# %(colorname)s
+# %(colorprocess)s
+# %(colormsg)s
+#
+# Since it is desirable to include the surrounding brackets, '[' and ']', in
+# the coloring of the messages, these color formatters also include padding as
+# well. Color LogRecord attributes are only available for console logging.
+#
+#log_fmt_console: '%(colorlevel)s %(colormsg)s'
#log_fmt_console: '[%(levelname)-8s] %(message)s'
+#
#log_fmt_logfile: '%(asctime)s,%(msecs)03.0f [%(name)-17s][%(levelname)-8s] %(message)s'

# This can be used to control logging levels more specificically. This
# example sets the main salt library at the 'warning' level, but sets
# 'salt.modules' to log at the 'debug' level:
# log_granular_levels:
-# 'salt': 'warning',
+# 'salt': 'warning'
# 'salt.modules': 'debug'
#
#log_granular_levels: {}


-##### Node Groups #####
+##### Node Groups ######
##########################################
-# Node groups allow for logical groupings of minion nodes.
-# A group consists of a group name and a compound target.
-#
+# Node groups allow for logical groupings of minion nodes. A group consists of a group
+# name and a compound target.
#nodegroups:
# group1: 'L@...,bar.domain.com,baz.domain.com and bl*.domain.com'
# group2: 'G@os:Debian and foo.domain.com'
@@ -507,19 +784,43 @@
##### Range Cluster settings #####
##########################################
# The range server (and optional port) that serves your cluster information
-# https://github.com/grierj/range/wiki/Introduction-to-Range-with-YAML-files
+# https://github.com/ytoolshed/range/wiki/%22yamlfile%22-module-file-spec
#
#range_server: range:80


-##### Windows Software Repo settings #####
-##############################################
-# Location of the repo on the master
-#win_repo: '/srv/salt/win/repo'
+##### Windows Software Repo settings #####
+###########################################
+# Location of the repo on the master:
+#winrepo_dir_ng: '/srv/salt/win/repo-ng'
+#
+# List of git repositories to include with the local repo:
+#winrepo_remotes_ng:
+# - 'https://github.com/saltstack/salt-winrepo-ng.git'

-# Location of the master's repo cache file
-#win_repo_mastercachefile: '/srv/salt/win/repo/winrepo.p'

-# List of git repositories to include with the local repo
-#win_gitrepos:
+##### Windows Software Repo settings - Pre 2015.8 #####
+########################################################
+# Legacy repo settings for pre-2015.8 Windows minions.
+#
+# Location of the repo on the master:
+#winrepo_dir: '/srv/salt/win/repo'
+#
+# Location of the master's repo cache file:
+#winrepo_mastercachefile: '/srv/salt/win/repo/winrepo.p'
+#
+# List of git repositories to include with the local repo:
+#winrepo_remotes:
# - 'https://github.com/saltstack/salt-winrepo.git'
+
+
+##### Returner settings ######
+############################################
+# Which returner(s) will be used for minion's result:
+#return: mysql
+
+
+###### Miscellaneous settings ######
+############################################
+# Default match type for filtering events tags: startswith, endswith, find, regex, fnmatch
+#event_match_type: startswith
diff --git a/meta-openstack/recipes-support/salt/files/minion b/meta-openstack/recipes-support/salt/files/minion
index 8fdde14..bd97c43 100644
--- a/meta-openstack/recipes-support/salt/files/minion
+++ b/meta-openstack/recipes-support/salt/files/minion
@@ -1,16 +1,52 @@
##### Primary configuration settings #####
##########################################
+# This configuration file is used to manage the behavior of the Salt Minion.
+# With the exception of the location of the Salt Master Server, values that are
+# commented out but have an empty line after the comment are defaults that need
+# not be set in the config. If there is no blank line after the comment, the
+# value is presented as an example and is not the default.

# Per default the minion will automatically include all config files
# from minion.d/*.conf (minion.d is a directory in the same directory
# as the main minion config file).
#default_include: minion.d/*.conf

-# Set the location of the salt master server, if the master server cannot be
+# Set the location of the salt master server. If the master server cannot be
# resolved, then the minion will fail to start.
#master: salt

-# Set whether the minion should connect to the master via IPv6
+# Set http proxy information for the minion when doing requests
+#proxy_host:
+#proxy_port:
+#proxy_username:
+#proxy_password:
+
+# If multiple masters are specified in the 'master' setting, the default behavior
+# is to always try to connect to them in the order they are listed. If random_master is
+# set to True, the order will be randomized instead. This can be helpful in distributing
+# the load of many minions executing salt-call requests, for example, from a cron job.
+# If only one master is listed, this setting is ignored and a warning will be logged.
+# NOTE: If master_type is set to failover, use master_shuffle instead.
+#random_master: False
+
+# Use if master_type is set to failover.
+#master_shuffle: False
+
+# Minions can connect to multiple masters simultaneously (all masters
+# are "hot"), or can be configured to failover if a master becomes
+# unavailable. Multiple hot masters are configured by setting this
+# value to "str". Failover masters can be requested by setting
+# to "failover". MAKE SURE TO SET master_alive_interval if you are
+# using failover.
+# master_type: str
+
+# Poll interval in seconds for checking if the master is still there. Only
+# respected if master_type above is "failover". To disable the interval entirely,
+# set the value to -1. (This may be necessary on machines which have high numbers
+# of TCP connections, such as load balancers.)
+# master_alive_interval: 30
+
+# Set whether the minion should connect to the master via IPv6:
#ipv6: False

# Set the number of seconds to wait before attempting to resolve
@@ -18,13 +54,19 @@
# Set to zero if the minion should shutdown and not retry.
# retry_dns: 30

-# Set the port used by the master reply and authentication server
+# Set the port used by the master reply and authentication server.
#master_port: 4506

-# The user to run salt
+# The user to run salt.
#user: root

-# Specify the location of the daemon process ID file
+# Setting sudo_user will cause salt to run all execution modules under an sudo
+# to the user given in sudo_user. The user under which the salt minion process
+# itself runs will still be that provided in the user config above, but all
+# execution modules run by the minion will be rerouted through sudo.
+#sudo_user: saltdev
+
+# Specify the location of the daemon process ID file.
#pidfile: /var/run/salt-minion.pid

# The root directory prepended to these options: pki_dir, cachedir, log_file,
@@ -48,7 +90,7 @@

# Custom static grains for this minion can be specified here and used in SLS
# files just like all other grains. This example sets 4 custom grains, with
-# the 'roles' grain having two values that can be matched against:
+# the 'roles' grain having two values that can be matched against.
#grains:
# roles:
# - webserver
@@ -56,36 +98,40 @@
# deployment: datacenter4
# cabinet: 13
# cab_u: 14-15
-
-# Where cache data goes
+#
+# Where cache data goes.
+# This data may contain sensitive data and should be protected accordingly.
#cachedir: /var/cache/salt/minion

-# Verify and set permissions on configuration directories at startup
+# Verify and set permissions on configuration directories at startup.
#verify_env: True

# The minion can locally cache the return data from jobs sent to it, this
# can be a good way to keep track of jobs the minion has executed
-# (on the minion side). By default this feature is disabled, to enable
-# set cache_jobs to True
+# (on the minion side). By default this feature is disabled, to enable, set
+# cache_jobs to True.
#cache_jobs: False

-# set the directory used to hold unix sockets
+# Set the directory used to hold unix sockets.
#sock_dir: /var/run/salt/minion

# Set the default outputter used by the salt-call command. The default is
-# "nested"
+# "nested".
#output: nested
#
-# By default output is colored, to disable colored output set the color value
-# to False
+# By default output is colored. To disable colored output, set the color value
+# to False.
#color: True

+# Do not strip off the colored output from nested results and state outputs
+# (true by default).
+# strip_colors: False
+
# Backup files that are replaced by file.managed and file.recurse under
# 'cachedir'/file_backups relative to their original location and appended
# with a timestamp. The only valid setting is "minion". Disabled by default.
#
# Alternatively this can be specified for each file in state files:
-#
# /etc/ssh/sshd_config:
# file.managed:
# - source: salt://ssh/sshd_config
@@ -103,27 +149,55 @@
# set to zero, the time between reconnection attempts will stay constant.
#acceptance_wait_time_max: 0

+# If the master rejects the minion's public key, retry instead of exiting.
+# Rejected keys will be handled the same as waiting on acceptance.
+#rejected_retry: False
+
# When the master key changes, the minion will try to re-auth itself to receive
# the new master key. In larger environments this can cause a SYN flood on the
# master because all minions try to re-auth immediately. To prevent this and
# have a minion wait for a random amount of time, use this optional parameter.
-# The wait-time will be a random number of seconds between
-# 0 and the defined value.
+# The wait-time will be a random number of seconds between 0 and the defined value.
#random_reauth_delay: 60

+# When waiting for a master to accept the minion's public key, salt will
+# continuously attempt to reconnect until successful. This is the timeout value,
+# in seconds, for each individual attempt. After this timeout expires, the minion
+# will wait for acceptance_wait_time seconds before trying again. Unless your master
+# is under unusually heavy load, this should be left at the default.
+#auth_timeout: 60
+
+# Number of consecutive SaltReqTimeoutError that are acceptable when trying to
+# authenticate.
+#auth_tries: 7
+
+# If authentication fails due to SaltReqTimeoutError during a ping_interval,
+# cause sub minion process to restart.
+#auth_safemode: False
+
+# Ping Master to ensure connection is alive (minutes).
+#ping_interval: 0
+
+# To auto recover minions if master changes IP address (DDNS)
+# auth_tries: 10
+# auth_safemode: False
+# ping_interval: 90
+#
+# Minions won't know master is missing until a ping fails. After the ping fail,
+# the minion will attempt authentication and likely fails out and cause a restart.
+# When the minion restarts it will resolve the masters IP and attempt to reconnect.

-# If you don't have any problems with syn-floods, dont bother with the
+# If you don't have any problems with syn-floods, don't bother with the
# three recon_* settings described below, just leave the defaults!
#
# The ZeroMQ pull-socket that binds to the masters publishing interface tries
# to reconnect immediately, if the socket is disconnected (for example if
# the master processes are restarted). In large setups this will have all
# minions reconnect immediately which might flood the master (the ZeroMQ-default
-# is usually a 100ms delay). To prevent this, these three recon_* settings
+# is usually a 100ms delay). To prevent this, these three recon_* settings
# can be used.
-#
-# recon_default: the interval in milliseconds that the socket should wait before
-# trying to reconnect to the master (100ms = 1 second)
+# recon_default: the interval in milliseconds that the socket should wait before
+# trying to reconnect to the master (1000ms = 1 second)
#
# recon_max: the maximum time a socket should wait. each interval the time to wait
# is calculated by doubling the previous time. if recon_max is reached,
@@ -136,29 +210,26 @@
# reconnect 5: value from previous interval * 2
# reconnect x: if value >= recon_max, it starts again with recon_default
#
-# recon_randomize: generate a random wait time on minion start. The wait time will
-# be a random value between recon_default and recon_default +
-# recon_max. Having all minions reconnect with the same recon_default
-# and recon_max value kind of defeats the purpose of being able to
-# change these settings. If all minions have the same values and your
-# setup is quite large (several thousand minions), they will still
-# flood the master. The desired behaviour is to have timeframe within
-# all minions try to reconnect.
-
-# Example on how to use these settings:
-# The goal: have all minions reconnect within a 60 second timeframe on a disconnect
-#
-# The settings:
-#recon_default: 1000
-#recon_max: 59000
-#recon_randomize: True
+# recon_randomize: generate a random wait time on minion start. The wait time will
+# be a random value between recon_default and recon_default +
+# recon_max. Having all minions reconnect with the same recon_default
+# and recon_max value kind of defeats the purpose of being able to
+# change these settings. If all minions have the same values and your
+# setup is quite large (several thousand minions), they will still
+# flood the master. The desired behavior is to have timeframe within
+# all minions try to reconnect.
+#
+# Example on how to use these settings. The goal: have all minions reconnect within a
+# 60 second timeframe on a disconnect.
+# recon_default: 1000
+# recon_max: 59000
+# recon_randomize: True
#
# Each minion will have a randomized reconnect value between 'recon_default'
# and 'recon_default + recon_max', which in this example means between 1000ms
-# 60000ms (or between 1 and 60 seconds). The generated random-value will be
-# doubled after each attempt to reconnect. Lets say the generated random
-# value is 11 seconds (or 11000ms).
-#
+# 60000ms (or between 1 and 60 seconds). The generated random-value will be
+# doubled after each attempt to reconnect. Lets say the generated random
+# value is 11 seconds (or 11000ms).
# reconnect 1: wait 11 seconds
# reconnect 2: wait 22 seconds
# reconnect 3: wait 33 seconds
@@ -172,29 +243,68 @@
#
# In a setup with ~6000 thousand hosts these settings would average the reconnects
# to about 100 per second and all hosts would be reconnected within 60 seconds.
-#recon_default: 100
-#recon_max: 5000
-#recon_randomize: False
-
+# recon_default: 100
+# recon_max: 5000
+# recon_randomize: False
+#
+#
# The loop_interval sets how long in seconds the minion will wait between
# evaluating the scheduler and running cleanup tasks. This defaults to a
# sane 60 seconds, but if the minion scheduler needs to be evaluated more
# often lower this value
#loop_interval: 60

-# When healing, a dns_check is run. This is to make sure that the originally
-# resolved dns has not changed. If this is something that does not happen in
-# your environment, set this value to False.
-#dns_check: True
+# The grains can be merged, instead of overridden, using this option.
+# This allows custom grains to defined different subvalues of a dictionary
+# grain. By default this feature is disabled, to enable set grains_deep_merge
+# to ``True``.
+#grains_deep_merge: False
+
+# The grains_refresh_every setting allows for a minion to periodically check
+# its grains to see if they have changed and, if so, to inform the master
+# of the new grains. This operation is moderately expensive, therefore
+# care should be taken not to set this value too low.
+#
+# Note: This value is expressed in __minutes__!
+#
+# A value of 10 minutes is a reasonable default.
+#
+# If the value is set to zero, this check is disabled.
+#grains_refresh_every: 1
+
+# Cache grains on the minion. Default is False.
+#grains_cache: False
+
+# Cache rendered pillar data on the minion. Default is False.
+# This may cause 'cachedir'/pillar to contain sensitive data that should be
+# protected accordingly.
+#minion_pillar_cache: False
+
+# Grains cache expiration, in seconds. If the cache file is older than this
+# number of seconds then the grains cache will be dumped and fully re-populated
+# with fresh data. Defaults to 5 minutes. Will have no effect if 'grains_cache'
+# is not enabled.
+# grains_cache_expiration: 300

# Windows platforms lack posix IPC and must rely on slower TCP based inter-
# process communications. Set ipc_mode to 'tcp' on such systems
#ipc_mode: ipc
-#
+
# Overwrite the default tcp ports used by the minion when in tcp mode
#tcp_pub_port: 4510
#tcp_pull_port: 4511

+# Passing very large events can cause the minion to consume large amounts of
+# memory. This value tunes the maximum size of a message allowed onto the
+# minion event bus. The value is expressed in bytes.
+#max_event_size: 1048576
+
+# To detect failed master(s) and fire events on connect/disconnect, set
+# master_alive_interval to the number of seconds to poll the masters for
+# connection events.
+#
+#master_alive_interval: 30
+
# The minion can include configuration from other files. To enable this,
# pass a list of paths to this option. The paths can be either relative or
# absolute; if relative, they are considered to be relative to the directory
@@ -202,7 +312,6 @@
# of shell-style globbing. If no files are matched by a path passed to this
# option then the minion will log a warning message.
#
-#
# Include a config file from some other path:
# include: /etc/salt/extra_config
#
@@ -210,11 +319,13 @@
#include:
# - /etc/salt/extra_config
# - /etc/roles/webserver
-
+#
+#
+#
##### Minion module management #####
##########################################
# Disable specific modules. This allows the admin to limit the level of
-# access the master has to the minion
+# access the master has to the minion.
#disable_modules: [cmd,test]
#disable_returners: []
#
@@ -226,18 +337,22 @@
#returner_dirs: []
#states_dirs: []
#render_dirs: []
+#utils_dirs: []
#
# A module provider can be statically overwritten or extended for the minion
# via the providers option, in this case the default module will be
# overwritten by the specified module. In this example the pkg module will
# be provided by the yumpkg5 module instead of the system default.
-#
#providers:
# pkg: yumpkg5
#
# Enable Cython modules searching and loading. (Default: False)
#cython_enable: False
#
+# Specify a max size (in bytes) for modules on import. This feature is currently
+# only supported on *nix operating systems and requires psutil.
+# modules_max_memory: -1
+

##### State Management Settings #####
###########################################
@@ -256,21 +371,19 @@
#renderer: yaml_jinja
#
# The failhard option tells the minions to stop immediately after the first
-# failure detected in the state execution, defaults to False
+# failure detected in the state execution. Defaults to False.
#failhard: False
#
-# autoload_dynamic_modules Turns on automatic loading of modules found in the
-# environments on the master. This is turned on by default, to turn of
-# autoloading modules when states run set this value to False
+# Reload the modules prior to a highstate run.
#autoload_dynamic_modules: True
#
# clean_dynamic_modules keeps the dynamic modules on the minion in sync with
# the dynamic modules on the master, this means that if a dynamic module is
-# not on the master it will be deleted from the minion. By default this is
-# enabled and can be disabled by changing this value to False
+# not on the master it will be deleted from the minion. By default, this is
+# enabled and can be disabled by changing this value to False.
#clean_dynamic_modules: True
#
-# Normally the minion is not isolated to any single environment on the master
+# Normally, the minion is not isolated to any single environment on the master
# when running states, but the environment can be isolated on the minion side
# by statically setting it. Remember that the recommended way to manage
# environments is to isolate via the top file.
@@ -286,14 +399,23 @@
# 'top' -- Read top_file option and execute based on that file on the Master
#startup_states: ''
#
-# list of states to run when the minion starts up if startup_states is 'sls'
+# List of states to run when the minion starts up if startup_states is 'sls':
#sls_list:
# - edit.vim
# - hyper
#
-# top file to execute if startup_states is 'top'
+# Top file to execute if startup_states is 'top':
#top_file: ''

+# Automatically aggregate all states that have support for mod_aggregate by
+# setting to True. Or pass a list of state module names to automatically
+# aggregate just those types.
+#
+# state_aggregate:
+# - pkg
+#
+#state_aggregate: False
+
##### File Directory Settings #####
##########################################
# The Salt Minion can redirect all file server operations to a local directory,
@@ -303,7 +425,8 @@

# Set the file client. The client defaults to looking on the master server for
# files, but can be directed to look at the local file directory setting
-# defined below by setting it to local.
+# defined below by setting it to "local". Setting a local file_client runs the
+# minion in masterless mode.
#file_client: remote

# The file directory works on environments passed to the minion, each environment
@@ -329,15 +452,16 @@
# to attempt to find files. To limit this behavior so that the fileserver only
# traverses directories with SLS files and special Salt directories like _modules,
# enable the option below. This might be useful for installations where a file root
-# has a very large number of files and performance is negatively impacted.
-#
-# Default is False.
-#
-# fileserver_limit_traversal: False
+# has a very large number of files and performance is negatively impacted. Default
+# is False.
+#fileserver_limit_traversal: False

# The hash_type is the hash to use when discovering the hash of a file in
# the local fileserver. The default is md5, but sha1, sha224, sha256, sha384
# and sha512 are also supported.
+#
+# Warning: Prior to changing this value, the minion should be stopped and all
+# Salt caches should be cleared.
#hash_type: md5

# The Salt pillar is searched for locally if file_client is set to local. If
@@ -346,7 +470,8 @@
#pillar_roots:
# base:
# - /srv/pillar
-
+#
+#
###### Security settings #####
###########################################
# Enable "open mode", this mode still maintains encryption, but turns off
@@ -366,23 +491,34 @@
# The state_verbose setting can be set to True or False, when set to False
# all data that has a result of True and no changes will be suppressed.
#state_verbose: True
-#
+
# The state_output setting changes if the output is the full multi line
# output for each changed state if set to 'full', but if set to 'terse'
# the output will be shortened to a single line.
#state_output: full
-#
-# Fingerprint of the master public key to double verify the master is valid,
-# the master fingerprint can be found by running "salt-key -F master" on the
-# salt master.
+
+# The state_output_diff setting changes whether or not the output from
+# successful states is returned. Useful when even the terse output of these
+# states is cluttering the logs. Set it to True to ignore them.
+#state_output_diff: False
+
+# The state_output_profile setting changes whether profile information
+# will be shown for each state run.
+#state_output_profile: True
+
+# Fingerprint of the master public key to validate the identity of your Salt master
+# before the initial key exchange. The master fingerprint can be found by running
+# "salt-key -F master" on the Salt master.
#master_finger: ''

+
###### Thread settings #####
###########################################
# Disable multiprocessing support, by default when a minion receives a
# publication a new process is spawned and the command is executed therein.
#multiprocessing: True

+
##### Logging settings #####
##########################################
# The location of the minion log file
@@ -396,14 +532,19 @@
#
#log_file: /var/log/salt/minion
#key_logfile: /var/log/salt/key
-#
+
# The level of messages to send to the console.
# One of 'garbage', 'trace', 'debug', info', 'warning', 'error', 'critical'.
+#
+# The following log levels are considered INSECURE and may log sensitive data:
+# ['garbage', 'trace', 'debug']
+#
# Default: 'warning'
#log_level: warning
-#
+
# The level of messages to send to the log file.
# One of 'garbage', 'trace', 'debug', info', 'warning', 'error', 'critical'.
+# If using 'log_granular_levels' this must be set to the highest desired level.
# Default: 'warning'
#log_level_logfile:

@@ -411,21 +552,54 @@
# can be seen here: http://docs.python.org/library/time.html#time.strftime
#log_datefmt: '%H:%M:%S'
#log_datefmt_logfile: '%Y-%m-%d %H:%M:%S'
-#
+
# The format of the console logging messages. Allowed formatting options can
# be seen here: http://docs.python.org/library/logging.html#logrecord-attributes
+#
+# Console log colors are specified by these additional formatters:
+#
+# %(colorlevel)s
+# %(colorname)s
+# %(colorprocess)s
+# %(colormsg)s
+#
+# Since it is desirable to include the surrounding brackets, '[' and ']', in
+# the coloring of the messages, these color formatters also include padding as
+# well. Color LogRecord attributes are only available for console logging.
+#
+#log_fmt_console: '%(colorlevel)s %(colormsg)s'
#log_fmt_console: '[%(levelname)-8s] %(message)s'
-#log_fmt_logfile: '%(asctime)s,%(msecs)03.0f [%(name)-17s][%(levelname)-8s] %(message)s'
#
+#log_fmt_logfile: '%(asctime)s,%(msecs)03.0f [%(name)-17s][%(levelname)-8s] %(message)s'
+
# This can be used to control logging levels more specificically. This
# example sets the main salt library at the 'warning' level, but sets
# 'salt.modules' to log at the 'debug' level:
# log_granular_levels:
-# 'salt': 'warning',
+# 'salt': 'warning'
# 'salt.modules': 'debug'
#
#log_granular_levels: {}

+# To diagnose issues with minions disconnecting or missing returns, ZeroMQ
+# supports the use of monitor sockets to log connection events. This
+# feature requires ZeroMQ 4.0 or higher.
+#
+# To enable ZeroMQ monitor sockets, set 'zmq_monitor' to 'True' and log at a
+# debug level or higher.
+#
+# A sample log event is as follows:
+#
+# [DEBUG ] ZeroMQ event: {'endpoint': 'tcp://127.0.0.1:4505', 'event': 512,
+# 'value': 27, 'description': 'EVENT_DISCONNECTED'}
+#
+# All events logged will include the string 'ZeroMQ event'. A connection event
+# should be logged as the minion starts up and initially connects to the
+# master. If not, check for debug log level and that the necessary version of
+# ZeroMQ is installed.
+#
+#zmq_monitor: False
+
###### Module configuration #####
###########################################
# Salt allows for modules to be passed arbitrary configuration data, any data
@@ -445,8 +619,8 @@
#
# A dict for the test module:
#test.baz: {spam: sausage, cheese: bread}
-
-
+#
+#
###### Update settings ######
###########################################
# Using the features in Esky, a salt minion can both run as a frozen app and
@@ -468,27 +642,39 @@
# the risk that it could tear down the connection the master and minion
# without informing either party that their connection has been taken away.
# Enabling TCP Keepalives prevents this from happening.
-#
+
# Overall state of TCP Keepalives, enable (1 or True), disable (0 or False)
# or leave to the OS defaults (-1), on Linux, typically disabled. Default True, enabled.
#tcp_keepalive: True
-#
+
# How long before the first keepalive should be sent in seconds. Default 300
# to send the first keepalive after 5 minutes, OS default (-1) is typically 7200 seconds
# on Linux see /proc/sys/net/ipv4/tcp_keepalive_time.
#tcp_keepalive_idle: 300
-#
+
# How many lost probes are needed to consider the connection lost. Default -1
# to use OS defaults, typically 9 on Linux, see /proc/sys/net/ipv4/tcp_keepalive_probes.
#tcp_keepalive_cnt: -1
-#
+
# How often, in seconds, to send keepalives after the first one. Default -1 to
# use OS defaults, typically 75 seconds on Linux, see
# /proc/sys/net/ipv4/tcp_keepalive_intvl.
#tcp_keepalive_intvl: -1


-###### Windows Software settings ######
+###### Windows Software settings ######
############################################
-# Location of the repository cache file on the master
+# Location of the repository cache file on the master:
#win_repo_cachefile: 'salt://win/repo/winrepo.p'
+
+
+###### Returner settings ######
+############################################
+# Which returner(s) will be used for minion's result:
+#return: mysql
+
+
+###### Miscellaneous settings ######
+############################################
+# Default match type for filtering events tags: startswith, endswith, find, regex, fnmatch
+#event_match_type: startswith
diff --git a/meta-openstack/recipes-support/salt/files/roster b/meta-openstack/recipes-support/salt/files/roster
index 3eac2fa..e5a8318 100644
--- a/meta-openstack/recipes-support/salt/files/roster
+++ b/meta-openstack/recipes-support/salt/files/roster
@@ -6,3 +6,4 @@
# sudo: True # Whether to sudo to root, not enabled by default
#web2:
# host: 192.168.42.2
+
diff --git a/meta-openstack/recipes-support/salt/salt_2015.8.0.bb b/meta-openstack/recipes-support/salt/salt_2016.3.0.bb
similarity index 88%
rename from meta-openstack/recipes-support/salt/salt_2015.8.0.bb
rename to meta-openstack/recipes-support/salt/salt_2016.3.0.bb
index b22b827..c5620c6 100644
--- a/meta-openstack/recipes-support/salt/salt_2015.8.0.bb
+++ b/meta-openstack/recipes-support/salt/salt_2016.3.0.bb
@@ -1,18 +1,20 @@
HOMEPAGE = "http://saltstack.com/"
SECTION = "admin"
LICENSE = "Apache-2.0"
-LIC_FILES_CHKSUM = "file://LICENSE;md5=b59c9134761722281bb895f65cb15e9a"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=fb92f464675f6b5df90f540d60237915"
DEPENDS = "\
python-msgpack \
python-pyyaml \
python-jinja2 \
python-markupsafe \
- python-pyzmq \
- python-pycrypto \
"

+PACKAGECONFIG ??= "zeromq"
+PACKAGECONFIG[zeromq] = ",,python-pyzmq python-pycrypto,"
+PACKAGECONFIG[tcp] = ",,python-pycrypto"
+
SRCNAME = "salt"
-SRC_URI = "http://pypi.python.org/packages/source/s/${SRCNAME}/${SRCNAME}-${PV}.tar.gz \
+SRC_URI = "http://pypi.python.org/packages/75/db/c072687e77ad616ba395cc8be50fff093fb71b7fc1f5c225f42eee130bf5/${SRCNAME}-${PV}.tar.gz \
file://set_python_location_hashbang.patch \
file://minion \
file://salt-minion \
@@ -26,8 +28,8 @@ SRC_URI = "http://pypi.python.org/packages/source/s/${SRCNAME}/${SRCNAME}-${PV}.
file://roster \
"

-SRC_URI[md5sum] = "a15842ef0582cca9d26143fe0a6180b7"
-SRC_URI[sha256sum] = "71e1cb2eb1d4b30f3247f5590c00a2089190b8f9a90c9330dc9a65fae517ec9b"
+SRC_URI[md5sum] = "8ed82cfb3f9b1764a035edbdacf0fea9"
+SRC_URI[sha256sum] = "e316dd103b7faeaa97820197e4d0d7d358519f0ca2a6dcb1d9b718eea801ed30"

S = "${WORKDIR}/${SRCNAME}-${PV}"

@@ -77,7 +79,9 @@ Between the remote execution system, and state management Salt addresses the bac

SUMMARY_${PN}-minion = "client package for salt, the distributed remote execution system"
DESCRIPTION_${PN}-minion = "${DESCRIPTION_COMMON} This particular package provides the worker agent for salt."
-RDEPENDS_${PN}-minion = "python (>=2.6), ${PN}-common (= ${EXTENDPKGV}) python-pycrypto python-msgpack python-pyzmq (>= 13.1.0)"
+RDEPENDS_${PN}-minion = "python (>=2.6), ${PN}-common (= ${EXTENDPKGV}) python-msgpack"
+RDEPENDS_${PN}-minion += "${@bb.utils.contains('PACKAGECONFIG', 'zeromq', 'python-pycrypto python-pyzmq (>= 13.1.0)', '',d)}"
+RDEPENDS_${PN}-minion += "${@bb.utils.contains('PACKAGECONFIG', 'tcp', 'python-pycrypto', '',d)}"
RRECOMMENDS_${PN}-minion_append_x64 = "dmidecode"
RSUGGESTS_${PN}-minion = "python-augeas"
CONFFILES_${PN}-minion = "${sysconfdir}/${PN}/minion ${sysconfdir}/init.d/${PN}-minion"
@@ -118,7 +122,9 @@ INITSCRIPT_PARAMS_${PN}-api = "defaults"

SUMMARY_${PN}-master = "remote manager to administer servers via salt"
DESCRIPTION_${PN}-master ="${DESCRIPTION_COMMON} This particular package provides the salt controller."
-RDEPENDS_${PN}-master = "python (>= 2.6) ${PN}-common (= ${EXTENDPKGV}) python-pycrypto python-msgpack python-pyzmq (>= 13.1.0)"
+RDEPENDS_${PN}-master = "python (>= 2.6) ${PN}-common (= ${EXTENDPKGV}) python-msgpack"
+RDEPENDS_${PN}-master += "${@bb.utils.contains('PACKAGECONFIG', 'zeromq', 'python-pycrypto python-pyzmq (>= 13.1.0)', '',d)}"
+RDEPENDS_${PN}-master += "${@bb.utils.contains('PACKAGECONFIG', 'tcp', 'python-pycrypto', '',d)}"
CONFFILES_${PN}-master="${sysconfdir}/init.d/${PN}-master ${sysconfdir}/${PN}/master"
RSUGGESTS_${PN}-master = "python-git"
FILES_${PN}-master = "${bindir}/${PN} ${bindir}/${PN}-cp ${bindir}/${PN}-key ${bindir}/${PN}-master ${bindir}/${PN}-run ${bindir}/${PN}-unity ${bindir}/spm ${CONFFILES_${PN}-master}"
--
1.9.1


Re: [krogoth] Golang errors when building Docker

Fabio Berton
 

Hi Bruce,

Now I see commit 77e846b14f4b1ea824b345a0e8594a776d3f45f7 that remove go-net and go-sqlite. This commit can be backported to krogoth?

The go-cross and go-native errors it's only seen if I remove
tmpdir and run cleansstate for go-cross and go-native.

For example if I run:
    bitbake go-cross -c cleansstate
    rm -rf tmp
    bitbake go-cross

I get error that I post above. And if I run bitbake go-cross again errors doesn't appears anymore. My toolchain is aarch64.

Fabio

On Thu, Jun 9, 2016 at 3:39 PM, Bruce Ashfield <bruce.ashfield@...> wrote:


On Thu, Jun 9, 2016 at 8:47 AM, Fabio Berton <fabio.berton@...> wrote:
Hi all!

I'm getting some errors when building Docker. First, go-cross and go-native
print these messages:

-----------------------------------------------------------------------
ERROR: go-cross-1.5.2-r0 do_populate_sysroot_setscene: '('patchelf-uninative',
'--set-interpreter',
'/home/user/src/prj/build/tmp/sysroots-uninative/x86_64-linux/lib/ld-linux-x86-64.so.2',
'/home/user/src/prj/build/tmp/work/x86_64-linux/go-cross/1.5.2-r0/sstate-install-populate_sysroot/x86_64-linux/usr/bin/aarch64-prj-linux/go')'
failed with exit code 1 and the following output:
cannot find section .rela.dyn

WARNING: Logfile for failed setscene task is
/home/user/src/prj/build/tmp/work/x86_64-linux/go-cross/1.5.2-r0/temp/log.do_populate_sysroot_setscene.28109
WARNING: Setscene task 458
(/home/user/src/prj/sources/meta-virtualization/recipes-devtools/go-cross/go-cross_1.5.bb,
do_populate_sysroot_setscene) failed with exit code '1' - real task will be run
instead
-----------------------------------------------------------------------

ERROR: go-native-1.4.3-r0 do_populate_sysroot_setscene: '('patchelf-uninative',
'--set-interpreter',
'/home/user/src/prj/build/tmp/sysroots-uninative/x86_64-linux/lib/ld-linux-x86-64.so.2',
'/home/user/src/prj/build/tmp/work/x86_64-linux/go-native/1.4.3-r0/sstate-install-populate_sysroot/x86_64-linux/usr/lib/go/bin/go')'
failed with exit code 1 and the following output:
cannot find section .rela.dyn

WARNING: Logfile for failed setscene task is
/home/user/src/prj/build/tmp/work/x86_64-linux/go-native/1.4.3-r0/temp/log.do_populate_sysroot_setscene.29146
WARNING: Setscene task 908
(/home/user/src/prj/sources/meta-virtualization/recipes-devtools/go-cross/go-native_1.4.bb,
do_populate_sysroot_setscene) failed with exit code '1' - real task will be run
instead

I've never seen these ones before.
 
-----------------------------------------------------------------------

And there are two Docker dependencies, go-net and go-sqlite, that cannot fetch
sources.

-----------------------------------------------------------------------
WARNING: go-net-hg-r0 do_fetch: Failed to fetch URL hg://code.google.com/p;module=go.net, attempting MIRRORS if available
ERROR: go-net-hg-r0 do_fetch: Fetcher failure: Fetch command failed with exit code 255, output:
abort: HTTP Error 404: Not Found

ERROR: go-net-hg-r0 do_fetch: Function failed: Fetcher failure for URL: 'hg://code.google.com/p;module=go.net'. Unable to fetch URL from any source.
-----------------------------------------------------------------------

WARNING: go-sqlite-hg-r0 do_fetch: Failed to fetch URL hg://code.google.com/p;module=gosqlite, attempting MIRRORS if available
ERROR: go-sqlite-hg-r0 do_fetch: Fetcher failure: Fetch command failed with exit code 255, output:
abort: HTTP Error 404: Not Found

ERROR: go-sqlite-hg-r0 do_fetch: Function failed: Fetcher failure for URL: 'hg://code.google.com/p;module=gosqlite'. Unable to fetch URL from any source.
-----------------------------------------------------------------------

Can someone help me to resolve these errors? I'm using krogoth branch for oe-core, meta-oe and meta-virtualization.


Check what I've done in mater. I was able to drop those two dependencies, sine they
are in the core of go-cross and not something that needs to be separately fetched
any more.

Over the last few months, go-net and sqlite have been bouncing around as available
and unavailable, so I finally dropped them.

Bruce
 
Regards,

Fabio

--
_______________________________________________
meta-virtualization mailing list
meta-virtualization@...
https://lists.yoctoproject.org/listinfo/meta-virtualization




--
"Thou shalt not follow the NULL pointer, for chaos and madness await thee at its end"


Re: [krogoth] Golang errors when building Docker

Bruce Ashfield
 



On Thu, Jun 9, 2016 at 8:47 AM, Fabio Berton <fabio.berton@...> wrote:
Hi all!

I'm getting some errors when building Docker. First, go-cross and go-native
print these messages:

-----------------------------------------------------------------------
ERROR: go-cross-1.5.2-r0 do_populate_sysroot_setscene: '('patchelf-uninative',
'--set-interpreter',
'/home/user/src/prj/build/tmp/sysroots-uninative/x86_64-linux/lib/ld-linux-x86-64.so.2',
'/home/user/src/prj/build/tmp/work/x86_64-linux/go-cross/1.5.2-r0/sstate-install-populate_sysroot/x86_64-linux/usr/bin/aarch64-prj-linux/go')'
failed with exit code 1 and the following output:
cannot find section .rela.dyn

WARNING: Logfile for failed setscene task is
/home/user/src/prj/build/tmp/work/x86_64-linux/go-cross/1.5.2-r0/temp/log.do_populate_sysroot_setscene.28109
WARNING: Setscene task 458
(/home/user/src/prj/sources/meta-virtualization/recipes-devtools/go-cross/go-cross_1.5.bb,
do_populate_sysroot_setscene) failed with exit code '1' - real task will be run
instead
-----------------------------------------------------------------------

ERROR: go-native-1.4.3-r0 do_populate_sysroot_setscene: '('patchelf-uninative',
'--set-interpreter',
'/home/user/src/prj/build/tmp/sysroots-uninative/x86_64-linux/lib/ld-linux-x86-64.so.2',
'/home/user/src/prj/build/tmp/work/x86_64-linux/go-native/1.4.3-r0/sstate-install-populate_sysroot/x86_64-linux/usr/lib/go/bin/go')'
failed with exit code 1 and the following output:
cannot find section .rela.dyn

WARNING: Logfile for failed setscene task is
/home/user/src/prj/build/tmp/work/x86_64-linux/go-native/1.4.3-r0/temp/log.do_populate_sysroot_setscene.29146
WARNING: Setscene task 908
(/home/user/src/prj/sources/meta-virtualization/recipes-devtools/go-cross/go-native_1.4.bb,
do_populate_sysroot_setscene) failed with exit code '1' - real task will be run
instead

I've never seen these ones before.
 
-----------------------------------------------------------------------

And there are two Docker dependencies, go-net and go-sqlite, that cannot fetch
sources.

-----------------------------------------------------------------------
WARNING: go-net-hg-r0 do_fetch: Failed to fetch URL hg://code.google.com/p;module=go.net, attempting MIRRORS if available
ERROR: go-net-hg-r0 do_fetch: Fetcher failure: Fetch command failed with exit code 255, output:
abort: HTTP Error 404: Not Found

ERROR: go-net-hg-r0 do_fetch: Function failed: Fetcher failure for URL: 'hg://code.google.com/p;module=go.net'. Unable to fetch URL from any source.
-----------------------------------------------------------------------

WARNING: go-sqlite-hg-r0 do_fetch: Failed to fetch URL hg://code.google.com/p;module=gosqlite, attempting MIRRORS if available
ERROR: go-sqlite-hg-r0 do_fetch: Fetcher failure: Fetch command failed with exit code 255, output:
abort: HTTP Error 404: Not Found

ERROR: go-sqlite-hg-r0 do_fetch: Function failed: Fetcher failure for URL: 'hg://code.google.com/p;module=gosqlite'. Unable to fetch URL from any source.
-----------------------------------------------------------------------

Can someone help me to resolve these errors? I'm using krogoth branch for oe-core, meta-oe and meta-virtualization.


Check what I've done in mater. I was able to drop those two dependencies, sine they
are in the core of go-cross and not something that needs to be separately fetched
any more.

Over the last few months, go-net and sqlite have been bouncing around as available
and unavailable, so I finally dropped them.

Bruce
 
Regards,

Fabio

--
_______________________________________________
meta-virtualization mailing list
meta-virtualization@...
https://lists.yoctoproject.org/listinfo/meta-virtualization




--
"Thou shalt not follow the NULL pointer, for chaos and madness await thee at its end"


[krogoth] Golang errors when building Docker

Fabio Berton
 

Hi all!

I'm getting some errors when building Docker. First, go-cross and go-native
print these messages:

-----------------------------------------------------------------------
ERROR: go-cross-1.5.2-r0 do_populate_sysroot_setscene: '('patchelf-uninative',
'--set-interpreter',
'/home/user/src/prj/build/tmp/sysroots-uninative/x86_64-linux/lib/ld-linux-x86-64.so.2',
'/home/user/src/prj/build/tmp/work/x86_64-linux/go-cross/1.5.2-r0/sstate-install-populate_sysroot/x86_64-linux/usr/bin/aarch64-prj-linux/go')'
failed with exit code 1 and the following output:
cannot find section .rela.dyn

WARNING: Logfile for failed setscene task is
/home/user/src/prj/build/tmp/work/x86_64-linux/go-cross/1.5.2-r0/temp/log.do_populate_sysroot_setscene.28109
WARNING: Setscene task 458
(/home/user/src/prj/sources/meta-virtualization/recipes-devtools/go-cross/go-cross_1.5.bb,
do_populate_sysroot_setscene) failed with exit code '1' - real task will be run
instead
-----------------------------------------------------------------------

ERROR: go-native-1.4.3-r0 do_populate_sysroot_setscene: '('patchelf-uninative',
'--set-interpreter',
'/home/user/src/prj/build/tmp/sysroots-uninative/x86_64-linux/lib/ld-linux-x86-64.so.2',
'/home/user/src/prj/build/tmp/work/x86_64-linux/go-native/1.4.3-r0/sstate-install-populate_sysroot/x86_64-linux/usr/lib/go/bin/go')'
failed with exit code 1 and the following output:
cannot find section .rela.dyn

WARNING: Logfile for failed setscene task is
/home/user/src/prj/build/tmp/work/x86_64-linux/go-native/1.4.3-r0/temp/log.do_populate_sysroot_setscene.29146
WARNING: Setscene task 908
(/home/user/src/prj/sources/meta-virtualization/recipes-devtools/go-cross/go-native_1.4.bb,
do_populate_sysroot_setscene) failed with exit code '1' - real task will be run
instead
-----------------------------------------------------------------------

And there are two Docker dependencies, go-net and go-sqlite, that cannot fetch
sources.

-----------------------------------------------------------------------
WARNING: go-net-hg-r0 do_fetch: Failed to fetch URL hg://code.google.com/p;module=go.net, attempting MIRRORS if available
ERROR: go-net-hg-r0 do_fetch: Fetcher failure: Fetch command failed with exit code 255, output:
abort: HTTP Error 404: Not Found

ERROR: go-net-hg-r0 do_fetch: Function failed: Fetcher failure for URL: 'hg://code.google.com/p;module=go.net'. Unable to fetch URL from any source.
-----------------------------------------------------------------------

WARNING: go-sqlite-hg-r0 do_fetch: Failed to fetch URL hg://code.google.com/p;module=gosqlite, attempting MIRRORS if available
ERROR: go-sqlite-hg-r0 do_fetch: Fetcher failure: Fetch command failed with exit code 255, output:
abort: HTTP Error 404: Not Found

ERROR: go-sqlite-hg-r0 do_fetch: Function failed: Fetcher failure for URL: 'hg://code.google.com/p;module=gosqlite'. Unable to fetch URL from any source.
-----------------------------------------------------------------------

Can someone help me to resolve these errors? I'm using krogoth branch for oe-core, meta-oe and meta-virtualization.

Regards,

Fabio


[PATCH] Remove the duplicated recipe of iscsi-initiator-utils

Kevin Hao
 

The iscsi-initiator-utils recipe has already been integrated into
meta-networking layer. We have no reason to keep a duplicated one
in meta-cloud-services layer. It also kill two QA warnings caused
by this recipe.

Signed-off-by: Kevin Hao <kexin.hao@...>
---
.../iscsi-initiator-utils/files/initd.debian | 119 ----------
.../iscsi-initiator-utils-dont-use-static.patch | 20 --
.../iscsi-initiator-utils-use-var-for-config.patch | 239 ---------------------
.../iscsi-initiator-utils.inc | 109 ----------
.../iscsi-initiator-utils_2.0-873.bb | 14 --
5 files changed, 501 deletions(-)
delete mode 100644 meta-openstack/recipes-extended/iscsi-initiator-utils/files/initd.debian
delete mode 100644 meta-openstack/recipes-extended/iscsi-initiator-utils/files/iscsi-initiator-utils-dont-use-static.patch
delete mode 100644 meta-openstack/recipes-extended/iscsi-initiator-utils/files/iscsi-initiator-utils-use-var-for-config.patch
delete mode 100644 meta-openstack/recipes-extended/iscsi-initiator-utils/iscsi-initiator-utils.inc
delete mode 100644 meta-openstack/recipes-extended/iscsi-initiator-utils/iscsi-initiator-utils_2.0-873.bb

diff --git a/meta-openstack/recipes-extended/iscsi-initiator-utils/files/initd.debian b/meta-openstack/recipes-extended/iscsi-initiator-utils/files/initd.debian
deleted file mode 100644
index eb8eea714528..000000000000
--- a/meta-openstack/recipes-extended/iscsi-initiator-utils/files/initd.debian
+++ /dev/null
@@ -1,119 +0,0 @@
-#! /bin/sh
-### BEGIN INIT INFO
-# Provides:
-# Required-Start:
-# Required-Stop:
-# Default-Start:
-# Default-Stop:
-# Short-Description: Starts and stops the iSCSI initiator services and logins to default targets
-### END INIT INFO
-#set -x
-PATH=/sbin:/bin:/usr/sbin:/usr/bin
-DAEMON=/sbin/iscsid
-ADM=/sbin/iscsiadm
-PIDFILE=/var/run/iscsid.pid
-
-[ -x "$DAEMON" ] || exit 0
-
-if [ ! -d /sys/class/ ]; then
- echo "Failure:" "iSCSI requires a mounted sysfs, not started."
- exit 1
-fi
-
-nodestartup_re='s/^node\.conn\[0]\.startup[ ]*=[ ]*//p'
-
-RETVAL=0
-
-start() {
- echo "Starting iSCSI initiator service" "iscsid"
- modprobe -q iscsi_tcp 2>/dev/null || :
- modprobe -q ib_iser 2>/dev/null || :
- if [ ! -f /etc/iscsi/initiatorname.iscsi ]; then
- INITIATORNAME=$(iscsi-iname)
- cat >/etc/iscsi/initiatorname.iscsi <<EOF
-## DO NOT EDIT OR REMOVE THIS FILE!
-## If you remove this file, the iSCSI daemon will not start.
-## If you change the InitiatorName, existing access control lists
-## may reject this initiator. The InitiatorName must be unique
-## for each iSCSI initiator. Do NOT duplicate iSCSI InitiatorNames.
-InitiatorName=$INITIATORNAME
-EOF
- fi
- start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON
- RETVAL=$?
- starttargets
-}
-
-starttargets() {
- echo "Setting up iSCSI targets"
- $ADM -m node --loginall=automatic
-}
-
-stoptargets() {
- echo "Disconnecting iSCSI targets"
- sync
- $ADM -m node --logoutall=all
- RETVAL=$?
- #if RETVAL is 21, means no active sessions, consider ok
- if [ "$RETVAL" = "21" ]; then
- RETVAL=0
- fi
-}
-
-stop() {
- stoptargets
- if [ $RETVAL -ne 0 ]; then
- echo "Failure:" "Could not stop all targets, try again later"
- return $RETVAL
- fi
-
- echo "Stopping iSCSI initiator service"
- start-stop-daemon --stop --quiet --pidfile $PIDFILE --exec $DAEMON
- rm -f $PIDFILE
- status=0
- modprobe -r ib_iser 2>/dev/null
- if [ "$?" -ne "0" -a "$?" -ne "1" ]; then
- status=1
- fi
- modprobe -r iscsi_tcp 2>/dev/null
- if [ "$?" -ne "0" -a "$?" -ne "1" ]; then
- status=1
- fi
-}
-
-restart() {
- stop
- if [ $RETVAL -ne 0 ]; then
- echo "Failure:" "Stopping iSCSI initiator service failed, not starting"
- return $RETVAL
- fi
- start
-}
-
-restarttargets() {
- stoptargets
- if [ $RETVAL -ne 0 ]; then
- echo "Failure:" "Could not stop all targets, try again later"
- return $RETVAL
- fi
- starttargets
-}
-
-status() {
- #XXX FIXME: what to do here?
- #status iscsid
- # list active sessions
- echo Current active iSCSI sessions:
- $ADM -m session
-}
-
-case "$1" in
- start|starttargets|stop|stoptargets|restart|restarttargets|status)
- $1
- ;;
- *)
- echo "Usage: $0 {start|stop|restart|status}"
- exit 1
- ;;
-esac
-exit $RETVAL
diff --git a/meta-openstack/recipes-extended/iscsi-initiator-utils/files/iscsi-initiator-utils-dont-use-static.patch b/meta-openstack/recipes-extended/iscsi-initiator-utils/files/iscsi-initiator-utils-dont-use-static.patch
deleted file mode 100644
index 8645587e2310..000000000000
--- a/meta-openstack/recipes-extended/iscsi-initiator-utils/files/iscsi-initiator-utils-dont-use-static.patch
+++ /dev/null
@@ -1,20 +0,0 @@
-iscsi-initiator-utils not to use static
-
-This patch is from fedora17.
-
-Signed-off-by: Yao Zhao <yao.zhao@...>
-Signed-off-by: Vu Tran <vu.tran@...>
-
-diff --git a/usr/Makefile b/usr/Makefile
-index 673b7f1..fd14a10 100644
---- a/usr/Makefile
-+++ b/usr/Makefile
-@@ -61,7 +61,7 @@ iscsiadm: $(ISCSI_LIB_SRCS) $(DISCOVERY_SRCS) iscsiadm.o session_mgmt.o
-
- iscsistart: $(ISCSI_LIB_SRCS) $(INITIATOR_SRCS) $(FW_BOOT_SRCS) \
- iscsistart.o statics.o
-- $(CC) $(CFLAGS) -static $^ -o $@
-+ $(CC) $(CFLAGS) $^ -o $@
- clean:
- rm -f *.o $(PROGRAMS) .depend $(LIBSYS)
-
diff --git a/meta-openstack/recipes-extended/iscsi-initiator-utils/files/iscsi-initiator-utils-use-var-for-config.patch b/meta-openstack/recipes-extended/iscsi-initiator-utils/files/iscsi-initiator-utils-use-var-for-config.patch
deleted file mode 100644
index b0ce88960d4b..000000000000
--- a/meta-openstack/recipes-extended/iscsi-initiator-utils/files/iscsi-initiator-utils-use-var-for-config.patch
+++ /dev/null
@@ -1,239 +0,0 @@
-iscsi-initiator-utils to use var for config
-
-This patch is from fedora.
-
-Use /var/lib/iscsi/ instead of /etc/iscsi/ for holding
-state files.
-
-Signed-off-by: Yao Zhao <yao.zhao@...>
-Signed-off-by: Vu Tran <vu.tran@...>
-
-diff --git a/README b/README
-index 7364b2d..5e8bff8 100644
---- a/README
-+++ b/README
-@@ -164,10 +164,10 @@ available on all Linux installations.
-
- The database contains two tables:
-
--- Discovery table (/etc/iscsi/send_targets);
--- Node table (/etc/iscsi/nodes).
-+- Discovery table (/var/lib/iscsi/send_targets);
-+- Node table (/var/lib/iscsi/nodes).
-
--The regular place for iSCSI database files: /etc/iscsi/nodes
-+The regular place for iSCSI database files: /var/lib/iscsi/nodes
-
- The iscsiadm utility is a command-line tool to manage (update, delete,
- insert, query) the persistent database.
-@@ -444,7 +444,7 @@ a scsi_host per HBA port).
- To manage both types of initiator stacks, iscsiadm uses the interface (iface)
- structure. For each HBA port or for software iscsi for each network
- device (ethX) or NIC, that you wish to bind sessions to you must create
--a iface config /etc/iscsi/ifaces.
-+a iface config /var/lib/iscsi/ifaces.
-
- Prep:
-
-@@ -478,29 +478,29 @@ Running:
- iface0 qla4xxx,00:c0:dd:08:63:e8,20.15.0.7,default,iqn.2005-06.com.redhat:madmax
- iface1 qla4xxx,00:c0:dd:08:63:ea,20.15.0.9,default,iqn.2005-06.com.redhat:madmax
-
--Will report iface configurations that are setup in /etc/iscsi/ifaces.
-+Will report iface configurations that are setup in /var/lib/iscsi/ifaces.
- The format is:
-
- iface_name transport_name,hwaddress,ipaddress,net_ifacename,initiatorname
-
- For software iscsi, you can create the iface configs by hand, but it is
- reccomended that you use iscsiadm's iface mode. There is a iface.example in
--/etc/iscsi/ifaces which can be used as a template for the daring.
-+/var/lib/iscsi/ifaces which can be used as a template for the daring.
-
- For each network object you wish to bind a session to you must create
--a seperate iface config in /etc/iscsi/ifaces and each iface config file
-+a seperate iface config in /var/lib/iscsi/ifaces and each iface config file
- must have a unique name which is less than or equal to 64 characters.
-
- Example:
-
- If you have NIC1 with MAC address 00:0F:1F:92:6B:BF and NIC2 with
- MAC address 00:C0:DD:08:63:E7 and you wanted to do software iscsi over
--TCP/IP. Then in /etc/iscsi/ifaces/iface0 you would enter:
-+TCP/IP. Then in /var/lib/iscsi/ifaces/iface0 you would enter:
-
- iface.transport_name = tcp
- iface.hwaddress = 00:0F:1F:92:6B:BF
-
--and in /etc/iscsi/ifaces/iface1 you would enter:
-+and in /var/lib/iscsi/ifaces/iface1 you would enter:
-
- iface.transport_name = tcp
- iface.hwaddress = 00:C0:DD:08:63:E7
-@@ -550,7 +550,7 @@ cxgb3i.00:07:43:05:97:07 cxgb3i,00:07:43:05:97:07,<empty>,<empty>,<empty>
- qla4xxx.00:0e:1e:04:8b:2e qla4xxx,00:0e:1e:04:8b:2e,<empty>,<empty>,<empty>
-
-
--Will report iface configurations that are setup in /etc/iscsi/ifaces.
-+Will report iface configurations that are setup in /var/lib/iscsi/ifaces.
- The format is:
-
- iface_name transport_name,hwaddress,ipaddress,net_ifacename,initiatorname
-@@ -636,7 +636,7 @@ need a seperate network connection to the target for discovery purposes.
- *This will be fixed in the next version of open-iscsi*
-
- For compatibility reasons, when you run iscsiadm to do discovery, it
--will check for interfaces in /etc/iscsi/iscsi/ifaces that are using
-+will check for interfaces in /var/lib/iscsi/iscsi/ifaces that are using
- tcp for the iface.transport and it will bind the portals that are discovered
- so that they will be logged in through those ifaces. This behavior can also
- be overriden by passing in the interfaces you want to use. For the case
-@@ -654,7 +654,7 @@ we do not bind a session to a iface, then you can use the special iface
-
- iscsiadm -m discoverydb -t st -p ip:port -I default --discover -P 1
-
--And if you did not define any interfaces in /etc/iscsi/ifaces and do
-+And if you did not define any interfaces in /var/lib/iscsi/ifaces and do
- not pass anything into iscsiadm, running iscsiadm will do the default
- behavior, where we allow the network subsystem to decide which
- device to use.
-@@ -696,7 +696,7 @@ To now log into targets it is the same as with sofware iscsi. See section
-
- ./iscsiadm -m discoverydb -t st -p 192.168.1.1:3260 --discover
-
-- This will search /etc/iscsi/send_targets for a record with the
-+ This will search /var/lib/iscsi/send_targets for a record with the
- ID [portal = 192.168.1.1:3260 and type = sendtargets. If found it
- will perform discovery using the settings stored in the record.
- If a record does not exist, it will be created using the iscsid.conf
-@@ -705,7 +705,7 @@ To now log into targets it is the same as with sofware iscsi. See section
- The argument to -p may also be a hostname instead of an address.
- ./iscsiadm -m discoverydb -t st -p smoehost --discover
-
-- For the ifaces, iscsiadm will first search /etc/iscsi/ifaces for
-+ For the ifaces, iscsiadm will first search /var/lib/iscsi/ifaces for
- interfaces using software iscsi. If any are found then nodes found
- during discovery will be setup so that they can logged in through
- those interfaces. To specify a specific iface, pass the
-@@ -761,7 +761,7 @@ To now log into targets it is the same as with sofware iscsi. See section
- This command will perform discovery, but not manipulate the node DB.
-
- - SendTargets iSCSI Discovery with a specific interface. If you
-- wish to only use a subset of the interfaces in /etc/iscsi/ifaces
-+ wish to only use a subset of the interfaces in /var/lib/iscsi/ifaces
- then you can pass them in during discovery:
-
- ./iscsiadm -m discoverydb -t sendtargets -p 192.168.1.1:3260 \
-@@ -1072,8 +1072,8 @@ where targetname is the name of the target and ip_address:port is the address
- and port of the portal. tpgt, is the portal group tag of
- the portal, and is not used in iscsiadm commands except for static
- record creation. And iface name is the name of the iscsi interface
--defined in /etc/iscsi/ifaces. If no interface was defined in
--/etc/iscsi/ifaces or passed in, the default behavior is used.
-+defined in /var/lib/iscsi/ifaces. If no interface was defined in
-+/var/lib/iscsi/ifaces or passed in, the default behavior is used.
- Default here is iscsi_tcp/tcp to be used over which ever NIC the
- network layer decides is best.
-
-@@ -1188,7 +1188,7 @@ If set, iscsid will perform discovery to the address every
- discovery.isns.discoveryd_poll_inval or
- discovery.sendtargets.discoveryd_poll_inval seconds,
- and it will log into any portals found from the discovery source using
--the ifaces in /etc/iscsi/ifaces.
-+the ifaces in /var/lib/iscsi/ifaces.
-
- Note that for iSNS the poll_interval does not have to be set. If not set,
- iscsid will only perform rediscovery when it gets a SCN from the server.
-diff --git a/doc/iscsiadm.8 b/doc/iscsiadm.8
-index 7c209f6..e94cca0 100644
---- a/doc/iscsiadm.8
-+++ b/doc/iscsiadm.8
-@@ -89,7 +89,7 @@ This option is only valid for ping submode.
- .TP
- \fB\-I\fR, \fB\-\-interface=\fI[iface]\fR
- The interface argument specifies the iSCSI interface to use for the operation.
--iSCSI interfaces (iface) are defined in /etc/iscsi/ifaces. For hardware
-+iSCSI interfaces (iface) are defined in /var/lib/iscsi/ifaces. For hardware
- iSCSI (qla4xxx) the iface config must have the hardware address
- (iface.hwaddress = port's MAC address)
- and the driver/transport_name (iface.transport_name). The iface's name is
-@@ -166,7 +166,7 @@ If no other options are specified: for \fIdiscoverydb\fR and \fInode\fR, all
- of their respective records are displayed; for \fIsession\fR, all active
- sessions and connections are displayed; for \fIfw\fR, all boot firmware
- values are displayed; for \fIhost\fR, all iSCSI hosts are displayed; and
--for \fIiface\fR, all ifaces setup in /etc/iscsi/ifaces are displayed.
-+for \fIiface\fR, all ifaces setup in /var/lib/iscsi/ifaces are displayed.
-
- .TP
- \fB\-n\fR, \fB\-\-name=\fIname\fR
-@@ -535,10 +535,10 @@ The configuration file read by \fBiscsid\fR and \fBiscsiadm\fR on startup.
- The file containing the iSCSI InitiatorName and InitiatorAlias read by
- \fBiscsid\fR and \fBiscsiadm\fR on startup.
- .TP
--/etc/iscsi/nodes/
-+/var/lib/iscsi/nodes/
- This directory contains the nodes with their targets.
- .TP
--/etc/iscsi/send_targets
-+/var/lib/iscsi/send_targets
- This directory contains the portals.
-
- .SH "SEE ALSO"
-diff --git a/usr/idbm.c b/usr/idbm.c
-index 4d30aa9..316e54f 100644
---- a/usr/idbm.c
-+++ b/usr/idbm.c
-@@ -2468,9 +2468,9 @@ free_info:
- int idbm_init(idbm_get_config_file_fn *fn)
- {
- /* make sure root db dir is there */
-- if (access(ISCSI_CONFIG_ROOT, F_OK) != 0) {
-- if (mkdir(ISCSI_CONFIG_ROOT, 0660) != 0) {
-- log_error("Could not make %s %d\n", ISCSI_CONFIG_ROOT,
-+ if (access(ISCSIVAR, F_OK) != 0) {
-+ if (mkdir(ISCSIVAR, 0660) != 0) {
-+ log_error("Could not make %s %d\n", ISCSIVAR,
- errno);
- return errno;
- }
-diff --git a/usr/idbm.h b/usr/idbm.h
-index 245f046..f45e86e 100644
---- a/usr/idbm.h
-+++ b/usr/idbm.h
-@@ -28,12 +28,16 @@
- #include "config.h"
- #include "list.h"
-
--#define NODE_CONFIG_DIR ISCSI_CONFIG_ROOT"nodes"
--#define SLP_CONFIG_DIR ISCSI_CONFIG_ROOT"slp"
--#define ISNS_CONFIG_DIR ISCSI_CONFIG_ROOT"isns"
--#define STATIC_CONFIG_DIR ISCSI_CONFIG_ROOT"static"
--#define FW_CONFIG_DIR ISCSI_CONFIG_ROOT"fw"
--#define ST_CONFIG_DIR ISCSI_CONFIG_ROOT"send_targets"
-+#define ISCSIVAR "/var/lib/iscsi/"
-+
-+#define NODE_CONFIG_DIR ISCSIVAR"nodes"
-+#define SLP_CONFIG_DIR ISCSIVAR"slp"
-+#define ISNS_CONFIG_DIR ISCSIVAR"isns"
-+#define STATIC_CONFIG_DIR ISCSIVAR"static"
-+#define FW_CONFIG_DIR ISCSIVAR"fw"
-+#define ST_CONFIG_DIR ISCSIVAR"send_targets"
-+
-+
- #define ST_CONFIG_NAME "st_config"
- #define ISNS_CONFIG_NAME "isns_config"
-
-diff --git a/usr/iface.h b/usr/iface.h
-index 01f7074..2c6ef72 100644
---- a/usr/iface.h
-+++ b/usr/iface.h
-@@ -20,7 +20,8 @@
- #ifndef ISCSI_IFACE_H
- #define ISCSI_IFACE_H
-
--#define IFACE_CONFIG_DIR ISCSI_CONFIG_ROOT"ifaces"
-+#include "idbm.h"
-+#define IFACE_CONFIG_DIR ISCSIVAR"ifaces"
-
- struct iface_rec;
- struct list_head;
diff --git a/meta-openstack/recipes-extended/iscsi-initiator-utils/iscsi-initiator-utils.inc b/meta-openstack/recipes-extended/iscsi-initiator-utils/iscsi-initiator-utils.inc
deleted file mode 100644
index 30dcffc8efad..000000000000
--- a/meta-openstack/recipes-extended/iscsi-initiator-utils/iscsi-initiator-utils.inc
+++ /dev/null
@@ -1,109 +0,0 @@
-#
-# Copyright (C) 2014 Wind River Systems, Inc.
-#
-SUMMARY = "iSCSI daemon and utility programs"
-DESCRIPTION = \
-"Open-iSCSI project is a high performance, transport independent, \
-multi-platform implementation of RFC3720. The iscsi package provides \
-the server daemon for the iSCSI protocol, as well as the utility \
-programs used to manage it. iSCSI is a protocol for distributed \
-disk access using SCSI commands sent over Internet Protocol networks."
-SECTION = "console/network"
-
-HOMEPAGE = "http://www.open-iscsi.org/"
-INC_PR = "r4"
-
-UPSTREAM_name = "open-iscsi"
-
-#iscsi-initiator-utils-{use-var-for-config}.patch are from fedora
-#change nodes,send_targets... from /etc/iscsi to /var/lib/iscsi
-SRC_URI = "http://www.open-iscsi.org/bits/${UPSTREAM_name}-${PV}.tar.gz \
- file://iscsi-initiator-utils-use-var-for-config.patch \
- file://iscsi-initiator-utils-dont-use-static.patch \
- file://initd.debian \
-"
-S = "${WORKDIR}/${UPSTREAM_name}-${PV}"
-TARGET_CC_ARCH += "${LDFLAGS}"
-
-#utils/fwparam_ibft/prom_parse.y utils/fwparam_ibft/prom_lex.l
-#already parsed in source 2.0 but still depends on flex and bison
-#native in case future version they are not parsed
-DEPENDS += "openssl flex-native bison-native"
-
-PACKAGES =+ "${PN}-tests"
-
-FILES_${PN}-tests = "/opt/${BPN}-tests/*"
-RDEPENDS_${PN}-tests = "perl"
-
-inherit update-rc.d
-
-do_configure () {
- #need to support cross-compiling in open-isns only
- (cd utils/open-isns; \
- ./configure --host=${TARGET_SYS} --build=${BUILD_SYS} --with-security=no )
-}
-
-do_compile () {
- #make iscsistart one of PROGRAMS if install_user in do_install
- #sed -i -e '/^PROGRAMS = /s;$; usr/iscsistart;' Makefile
-
- #fix the ar used in open-isns
- sed -i -e 's:ar cr :$(AR) cr :' ${S}/utils/open-isns/Makefile
- oe_runmake user
-
-}
-
-do_install () {
- #completely override the install_user as bugs in Makefile
- #oe_runmake DESTDIR="${D}" install_user
-
- #install necessary directories
- install -d ${D}${base_sbindir} \
- ${D}${sysconfdir}/init.d \
- ${D}${sysconfdir}/iscsi \
- ${D}${localstatedir}/lib/iscsi/nodes \
- ${D}${localstatedir}/lib/iscsi/send_targets \
- ${D}${localstatedir}/lib/iscsi/static \
- ${D}${localstatedir}/lib/iscsi/isns \
- ${D}${localstatedir}/lib/iscsi/slp \
- ${D}${localstatedir}/lib/iscsi/ifaces \
- ${D}${localstatedir}/lock/iscsi ${D}/${mandir}/man8
-
- install -p -m 755 ${S}/usr/iscsid ${S}/usr/iscsiadm \
- ${S}/utils/iscsi-iname \
- ${S}/usr/iscsistart ${D}/${base_sbindir}
-
- install -p -m 644 ${S}/doc/iscsiadm.8 ${S}/doc/iscsid.8 ${D}/${mandir}/man8
- install -p -m 644 ${S}/etc/iscsid.conf ${D}${sysconfdir}/iscsi
- install -p -m 755 ${WORKDIR}/initd.debian ${D}${sysconfdir}/init.d/iscsid
-
- #install regression tests
- [ ! -d ${D}/opt/${BPN}-tests ] && mkdir -p ${D}/opt/${BPN}-tests
- install ${S}/test/regression.dat ${S}/test/regression.sh ${D}/opt/${BPN}-tests/
-
- #open-isns tests
- mkdir -p ${D}/opt/${BPN}-tests/isns-tests
- install ${S}/utils/open-isns/tests/*.pl ${D}/opt/${BPN}-tests/isns-tests/
- install ${S}/utils/open-isns/tests/genkey \
- ${S}/utils/open-isns/tests/client.conf \
- ${S}/utils/open-isns/tests/server.conf \
- ${D}/opt/${BPN}-tests/isns-tests/
- cp -a ${S}/utils/open-isns/tests/data ${D}/opt/${BPN}-tests/isns-tests/
-}
-
-pkg_postinst_${PN}() {
- #default there is no initiatorname.iscsi installed
- #but it is needed or iscsid will fail
-
- #will run only when postinst on target
- if [ "x$D" != "x" ]; then
- exit 1
- fi
- if [ ! -f ${sysconfdir}/iscsi/initiatorname.iscsi ]; then
- echo "InitiatorName=$(${base_sbindir}/iscsi-iname)" > \
- ${sysconfdir}/iscsi/initiatorname.iscsi
- fi
-}
-
-INITSCRIPT_NAME = "iscsid"
-INITSCRIPT_PARAMS = "start 30 1 2 3 4 5 . stop 70 0 1 2 3 4 5 6 ."
diff --git a/meta-openstack/recipes-extended/iscsi-initiator-utils/iscsi-initiator-utils_2.0-873.bb b/meta-openstack/recipes-extended/iscsi-initiator-utils/iscsi-initiator-utils_2.0-873.bb
deleted file mode 100644
index cb7429ddd264..000000000000
--- a/meta-openstack/recipes-extended/iscsi-initiator-utils/iscsi-initiator-utils_2.0-873.bb
+++ /dev/null
@@ -1,14 +0,0 @@
-#
-# Copyright (C) 2014 Wind River Systems, Inc.
-#
-LICENSE = "GPLv2 & LGPLv2.1"
-LIC_FILES_CHKSUM = \
- "file://COPYING;md5=393a5ca445f6965873eca0259a17f833 \
- file://utils/open-isns/COPYING;md5=7fbc338309ac38fefcd64b04bb903e34"
-
-PR = "${INC_PR}.0"
-
-SRC_URI[md5sum] = "8b8316d7c9469149a6cc6234478347f7"
-SRC_URI[sha256sum] = "7dd9f2f97da417560349a8da44ea4fcfe98bfd5ef284240a2cc4ff8e88ac7cd9"
-
-require ${PN}.inc
--
2.8.1


Re: [meta-cloud-services] [PATCH] python-repoze.lru: Add license to avoid warning

Bruce Ashfield
 



On Tue, Jun 7, 2016 at 1:47 AM, <zhe.he@...> wrote:
From: He Zhe <zhe.he@...>

"WARNING: python-repoze.lru: No generic license file exists for:
BSD-derived in any provider"

Add BSD Modification Variant license with copyright descriptions.


merged.

Bruce
 
Signed-off-by: He Zhe <zhe.he@...>
---
 meta-openstack/licenses/BSD-Modification-copyright | 41 ++++++++++++++++++++++
 .../python/python-repoze.lru_0.6.bb                |  2 +-
 2 files changed, 42 insertions(+), 1 deletion(-)
 create mode 100644 meta-openstack/licenses/BSD-Modification-copyright

diff --git a/meta-openstack/licenses/BSD-Modification-copyright b/meta-openstack/licenses/BSD-Modification-copyright
new file mode 100644
index 0000000..5ced96e
--- /dev/null
+++ b/meta-openstack/licenses/BSD-Modification-copyright
@@ -0,0 +1,41 @@
+License
+
+  A copyright notice accompanies this license document that identifies
+  the copyright holders.
+
+  Redistribution and use in source and binary forms, with or without
+  modification, are permitted provided that the following conditions are
+  met:
+
+  1.  Redistributions in source code must retain the accompanying
+      copyright notice, this list of conditions, and the following
+      disclaimer.
+
+  2.  Redistributions in binary form must reproduce the accompanying
+      copyright notice, this list of conditions, and the following
+      disclaimer in the documentation and/or other materials provided
+      with the distribution.
+
+  3.  Names of the copyright holders must not be used to endorse or
+      promote products derived from this software without prior
+      written permission from the copyright holders.
+
+  4.  If any files are modified, you must cause the modified files to
+      carry prominent notices stating that you changed the files and
+      the date of any change.
+
+  Disclaimer
+
+    THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS ``AS IS'' AND
+    ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+    TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+    PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+    HOLDERS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+    EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+    TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+    DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+    ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
+    TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
+    THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+    SUCH DAMAGE.
+
diff --git a/meta-openstack/recipes-devtools/python/python-repoze.lru_0.6.bb b/meta-openstack/recipes-devtools/python/python-repoze.lru_0.6.bb
index 60a749f..bdf2f25 100644
--- a/meta-openstack/recipes-devtools/python/python-repoze.lru_0.6.bb
+++ b/meta-openstack/recipes-devtools/python/python-repoze.lru_0.6.bb
@@ -5,7 +5,7 @@ than keys and values that are used frequently. \
 "
 HOMEPAGE = "https://pypi.python.org/pypi/repoze.lru"
 SECTION = "devel/python"
-LICENSE = "BSD-derived"
+LICENSE = "BSD-Modification-copyright"
 LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=2c33cdbc6bc9ae6e5d64152fdb754292"

 SRCNAME = "repoze.lru"
--
2.8.1




--
"Thou shalt not follow the NULL pointer, for chaos and madness await thee at its end"


Re: [PATCH] python-keystone: fix QA warning of host uid contamination

Bruce Ashfield
 



On Mon, Jun 6, 2016 at 9:47 PM, Xulin Sun <xulin.sun@...> wrote:
QA Issue: python-keystone:
/keystone/usr/share/openstack-dashboard/openstack_dashboard/api/keystone-httpd.py
is owned by gid 100, which is the same as the user running bitbake. This may be
due to host contamination [host-user-contaminated]

merged.

Bruce
 

Signed-off-by: Xulin Sun <xulin.sun@...>
---
 meta-openstack/recipes-devtools/python/python-keystone_git.bb | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/meta-openstack/recipes-devtools/python/python-keystone_git.bb b/meta-openstack/recipes-devtools/python/python-keystone_git.bb
index a8d1181..4bd739a 100644
--- a/meta-openstack/recipes-devtools/python/python-keystone_git.bb
+++ b/meta-openstack/recipes-devtools/python/python-keystone_git.bb
@@ -91,11 +91,11 @@ do_install_append() {
         ${KEYSTONE_CONF_DIR}/policy.json
     install -m 644 ${S}${sysconfdir}/keystone-paste.ini \
         ${KEYSTONE_CONF_DIR}/keystone-paste.ini
-    install -g users -m 644 ${S}/httpd/keystone.py \
+    install -m 644 ${S}/httpd/keystone.py \
         ${KEYSTONE_PY_DIR}/keystone-httpd.py
-    install -g users -m 644 ${S}/httpd/keystone.py \
+    install -m 644 ${S}/httpd/keystone.py \
         ${KEYSTONE_CGI_DIR}/admin
-    install -g users -m 644 ${S}/httpd/keystone.py \
+    install -m 644 ${S}/httpd/keystone.py \
         ${KEYSTONE_CGI_DIR}/main

     cp -r ${S}/examples ${KEYSTONE_PACKAGE_DIR}
--
2.5.0

--
_______________________________________________
meta-virtualization mailing list
meta-virtualization@...
https://lists.yoctoproject.org/listinfo/meta-virtualization



--
"Thou shalt not follow the NULL pointer, for chaos and madness await thee at its end"


[meta-cloud-services] [PATCH] python-repoze.lru: Add license to avoid warning

He Zhe
 

From: He Zhe <zhe.he@...>

"WARNING: python-repoze.lru: No generic license file exists for:
BSD-derived in any provider"

Add BSD Modification Variant license with copyright descriptions.

Signed-off-by: He Zhe <zhe.he@...>
---
meta-openstack/licenses/BSD-Modification-copyright | 41 ++++++++++++++++++++++
.../python/python-repoze.lru_0.6.bb | 2 +-
2 files changed, 42 insertions(+), 1 deletion(-)
create mode 100644 meta-openstack/licenses/BSD-Modification-copyright

diff --git a/meta-openstack/licenses/BSD-Modification-copyright b/meta-openstack/licenses/BSD-Modification-copyright
new file mode 100644
index 0000000..5ced96e
--- /dev/null
+++ b/meta-openstack/licenses/BSD-Modification-copyright
@@ -0,0 +1,41 @@
+License
+
+ A copyright notice accompanies this license document that identifies
+ the copyright holders.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are
+ met:
+
+ 1. Redistributions in source code must retain the accompanying
+ copyright notice, this list of conditions, and the following
+ disclaimer.
+
+ 2. Redistributions in binary form must reproduce the accompanying
+ copyright notice, this list of conditions, and the following
+ disclaimer in the documentation and/or other materials provided
+ with the distribution.
+
+ 3. Names of the copyright holders must not be used to endorse or
+ promote products derived from this software without prior
+ written permission from the copyright holders.
+
+ 4. If any files are modified, you must cause the modified files to
+ carry prominent notices stating that you changed the files and
+ the date of any change.
+
+ Disclaimer
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS ``AS IS'' AND
+ ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+ ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
+ TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
+ THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ SUCH DAMAGE.
+
diff --git a/meta-openstack/recipes-devtools/python/python-repoze.lru_0.6.bb b/meta-openstack/recipes-devtools/python/python-repoze.lru_0.6.bb
index 60a749f..bdf2f25 100644
--- a/meta-openstack/recipes-devtools/python/python-repoze.lru_0.6.bb
+++ b/meta-openstack/recipes-devtools/python/python-repoze.lru_0.6.bb
@@ -5,7 +5,7 @@ than keys and values that are used frequently. \
"
HOMEPAGE = "https://pypi.python.org/pypi/repoze.lru"
SECTION = "devel/python"
-LICENSE = "BSD-derived"
+LICENSE = "BSD-Modification-copyright"
LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=2c33cdbc6bc9ae6e5d64152fdb754292"

SRCNAME = "repoze.lru"
--
2.8.1


[PATCH] python-keystone: fix QA warning of host uid contamination

Xulin Sun
 

QA Issue: python-keystone:
/keystone/usr/share/openstack-dashboard/openstack_dashboard/api/keystone-httpd.py
is owned by gid 100, which is the same as the user running bitbake. This may be
due to host contamination [host-user-contaminated]

Signed-off-by: Xulin Sun <xulin.sun@...>
---
meta-openstack/recipes-devtools/python/python-keystone_git.bb | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/meta-openstack/recipes-devtools/python/python-keystone_git.bb b/meta-openstack/recipes-devtools/python/python-keystone_git.bb
index a8d1181..4bd739a 100644
--- a/meta-openstack/recipes-devtools/python/python-keystone_git.bb
+++ b/meta-openstack/recipes-devtools/python/python-keystone_git.bb
@@ -91,11 +91,11 @@ do_install_append() {
${KEYSTONE_CONF_DIR}/policy.json
install -m 644 ${S}${sysconfdir}/keystone-paste.ini \
${KEYSTONE_CONF_DIR}/keystone-paste.ini
- install -g users -m 644 ${S}/httpd/keystone.py \
+ install -m 644 ${S}/httpd/keystone.py \
${KEYSTONE_PY_DIR}/keystone-httpd.py
- install -g users -m 644 ${S}/httpd/keystone.py \
+ install -m 644 ${S}/httpd/keystone.py \
${KEYSTONE_CGI_DIR}/admin
- install -g users -m 644 ${S}/httpd/keystone.py \
+ install -m 644 ${S}/httpd/keystone.py \
${KEYSTONE_CGI_DIR}/main

cp -r ${S}/examples ${KEYSTONE_PACKAGE_DIR}
--
2.5.0


Re: [PATCH] criu: fix build-deps qa warning

kai
 

On 2016年06月06日 14:46, Bruce Ashfield wrote:


On Sun, Jun 5, 2016 at 10:42 PM, Kang Kai <Kai.Kang@...> wrote:
On 2016年06月01日 16:35, kai.kang@... wrote:
From: Kai Kang <kai.kang@...>

It shows warning when build crius if libselinux has been built already:

   WARNING: QA Issue: criu rdepends on libselinux, but it isn't a build dependency? [build-deps]

Add a patch to disable selinux support when 'selinux' is not in PACKAGECONF.

And update indentation at same time.

Hi Bruce,

Any comment on this commit, please?


I just hadn't gotten to it yet.

This looks fine to me, and is now merged to master.

Thanks.

--Kai


Bruce
 


Regards,
Kai



Signed-off-by: Kai Kang <kai.kang@...>
---
  recipes-containers/criu/criu_git.bb                | 12 ++++++----
  .../criu/files/disable-selinux.patch               | 26 ++++++++++++++++++++++
  2 files changed, 34 insertions(+), 4 deletions(-)
  create mode 100644 recipes-containers/criu/files/disable-selinux.patch

diff --git a/recipes-containers/criu/criu_git.bb b/recipes-containers/criu/criu_git.bb
index 816c806..c8be78f 100644
--- a/recipes-containers/criu/criu_git.bb
+++ b/recipes-containers/criu/criu_git.bb
@@ -18,10 +18,11 @@ PR = "r0"
  PV = "1.6+git${SRCPV}"
    SRC_URI = "git://github.com/xemul/criu.git;protocol=git \
-          file://0001-criu-Fix-toolchain-hardcode.patch \
-          file://0002-criu-Skip-documentation-install.patch \
-       file://0001-criu-Change-libraries-install-directory.patch \
-         "
+           file://0001-criu-Fix-toolchain-hardcode.patch \
+           file://0002-criu-Skip-documentation-install.patch \
+           file://0001-criu-Change-libraries-install-directory.patch \
+           ${@bb.utils.contains('PACKAGECONFIG', 'selinux', '', 'file://disable-selinux.patch', d)} \
+          "
    COMPATIBLE_HOST = "(x86_64|arm|aarch64).*-linux"
  @@ -51,6 +52,9 @@ export HOST_SYS
    inherit setuptools
  +PACKAGECONFIG ??= ""
+PACKAGECONFIG[selinux] = ",,libselinux"
+
  do_compile_prepend() {
      rm -rf ${S}/protobuf/google/protobuf/descriptor.proto
      ln -s  ${PKG_CONFIG_SYSROOT_DIR}/usr/include/google/protobuf/descriptor.proto ${S}/protobuf/google/protobuf/descriptor.proto
diff --git a/recipes-containers/criu/files/disable-selinux.patch b/recipes-containers/criu/files/disable-selinux.patch
new file mode 100644
index 0000000..da881dd
--- /dev/null
+++ b/recipes-containers/criu/files/disable-selinux.patch
@@ -0,0 +1,26 @@
+Upstream-Status: Inappropriate [disable feature]
+
+It shows warning when build crius if libselinux has been built already:
+
+  WARNING: QA Issue: criu rdepends on libselinux, but it isn't a build dependency? [build-deps]
+
+Apply this patch to disable selinux support when 'selinux' is not in PACKAGECONF.
+
+Signed-off-by: Kai Kang <kai.kang@...>
+
+diff --git a/Makefile.config b/Makefile.config
+index ce4b8d8..3ac2780 100644
+--- a/Makefile.config
++++ b/Makefile.config
+@@ -8,11 +8,6 @@ ifeq ($(call try-cc,$(LIBBSD_DEV_TEST),-lbsd),y)
+       DEFINES += -DCONFIG_HAS_LIBBSD
+ endif
+
+-ifeq ($(call pkg-config-check,libselinux),y)
+-      LIBS := -lselinux $(LIBS)
+-      DEFINES += -DCONFIG_HAS_SELINUX
+-endif
+-
+ $(CONFIG): scripts/utilities.mak scripts/feature-tests.mak include/config-base.h
+       $(E) "  GEN     " $@
+       $(Q) @echo '#ifndef __CR_CONFIG_H__' > $@


--
Regards,
Neil | Kai Kang


--
_______________________________________________
meta-virtualization mailing list
meta-virtualization@...
https://lists.yoctoproject.org/listinfo/meta-virtualization



--
"Thou shalt not follow the NULL pointer, for chaos and madness await thee at its end"


-- 
Regards,
Neil | Kai Kang


Re: [PATCH] criu: fix build-deps qa warning

Bruce Ashfield
 



On Sun, Jun 5, 2016 at 10:42 PM, Kang Kai <Kai.Kang@...> wrote:
On 2016年06月01日 16:35, kai.kang@... wrote:
From: Kai Kang <kai.kang@...>

It shows warning when build crius if libselinux has been built already:

   WARNING: QA Issue: criu rdepends on libselinux, but it isn't a build dependency? [build-deps]

Add a patch to disable selinux support when 'selinux' is not in PACKAGECONF.

And update indentation at same time.

Hi Bruce,

Any comment on this commit, please?


I just hadn't gotten to it yet.

This looks fine to me, and is now merged to master.

Bruce
 


Regards,
Kai



Signed-off-by: Kai Kang <kai.kang@...>
---
  recipes-containers/criu/criu_git.bb                | 12 ++++++----
  .../criu/files/disable-selinux.patch               | 26 ++++++++++++++++++++++
  2 files changed, 34 insertions(+), 4 deletions(-)
  create mode 100644 recipes-containers/criu/files/disable-selinux.patch

diff --git a/recipes-containers/criu/criu_git.bb b/recipes-containers/criu/criu_git.bb
index 816c806..c8be78f 100644
--- a/recipes-containers/criu/criu_git.bb
+++ b/recipes-containers/criu/criu_git.bb
@@ -18,10 +18,11 @@ PR = "r0"
  PV = "1.6+git${SRCPV}"
    SRC_URI = "git://github.com/xemul/criu.git;protocol=git \
-          file://0001-criu-Fix-toolchain-hardcode.patch \
-          file://0002-criu-Skip-documentation-install.patch \
-       file://0001-criu-Change-libraries-install-directory.patch \
-         "
+           file://0001-criu-Fix-toolchain-hardcode.patch \
+           file://0002-criu-Skip-documentation-install.patch \
+           file://0001-criu-Change-libraries-install-directory.patch \
+           ${@bb.utils.contains('PACKAGECONFIG', 'selinux', '', 'file://disable-selinux.patch', d)} \
+          "
    COMPATIBLE_HOST = "(x86_64|arm|aarch64).*-linux"
  @@ -51,6 +52,9 @@ export HOST_SYS
    inherit setuptools
  +PACKAGECONFIG ??= ""
+PACKAGECONFIG[selinux] = ",,libselinux"
+
  do_compile_prepend() {
      rm -rf ${S}/protobuf/google/protobuf/descriptor.proto
      ln -s  ${PKG_CONFIG_SYSROOT_DIR}/usr/include/google/protobuf/descriptor.proto ${S}/protobuf/google/protobuf/descriptor.proto
diff --git a/recipes-containers/criu/files/disable-selinux.patch b/recipes-containers/criu/files/disable-selinux.patch
new file mode 100644
index 0000000..da881dd
--- /dev/null
+++ b/recipes-containers/criu/files/disable-selinux.patch
@@ -0,0 +1,26 @@
+Upstream-Status: Inappropriate [disable feature]
+
+It shows warning when build crius if libselinux has been built already:
+
+  WARNING: QA Issue: criu rdepends on libselinux, but it isn't a build dependency? [build-deps]
+
+Apply this patch to disable selinux support when 'selinux' is not in PACKAGECONF.
+
+Signed-off-by: Kai Kang <kai.kang@...>
+
+diff --git a/Makefile.config b/Makefile.config
+index ce4b8d8..3ac2780 100644
+--- a/Makefile.config
++++ b/Makefile.config
+@@ -8,11 +8,6 @@ ifeq ($(call try-cc,$(LIBBSD_DEV_TEST),-lbsd),y)
+       DEFINES += -DCONFIG_HAS_LIBBSD
+ endif
+
+-ifeq ($(call pkg-config-check,libselinux),y)
+-      LIBS := -lselinux $(LIBS)
+-      DEFINES += -DCONFIG_HAS_SELINUX
+-endif
+-
+ $(CONFIG): scripts/utilities.mak scripts/feature-tests.mak include/config-base.h
+       $(E) "  GEN     " $@
+       $(Q) @echo '#ifndef __CR_CONFIG_H__' > $@


--
Regards,
Neil | Kai Kang


--
_______________________________________________
meta-virtualization mailing list
meta-virtualization@...
https://lists.yoctoproject.org/listinfo/meta-virtualization



--
"Thou shalt not follow the NULL pointer, for chaos and madness await thee at its end"


Re: [PATCH] criu: fix build-deps qa warning

kai
 

On 2016年06月01日 16:35, kai.kang@... wrote:
From: Kai Kang <kai.kang@...>

It shows warning when build crius if libselinux has been built already:

WARNING: QA Issue: criu rdepends on libselinux, but it isn't a build dependency? [build-deps]

Add a patch to disable selinux support when 'selinux' is not in PACKAGECONF.

And update indentation at same time.
Hi Bruce,

Any comment on this commit, please?


Regards,
Kai


Signed-off-by: Kai Kang <kai.kang@...>
---
recipes-containers/criu/criu_git.bb | 12 ++++++----
.../criu/files/disable-selinux.patch | 26 ++++++++++++++++++++++
2 files changed, 34 insertions(+), 4 deletions(-)
create mode 100644 recipes-containers/criu/files/disable-selinux.patch

diff --git a/recipes-containers/criu/criu_git.bb b/recipes-containers/criu/criu_git.bb
index 816c806..c8be78f 100644
--- a/recipes-containers/criu/criu_git.bb
+++ b/recipes-containers/criu/criu_git.bb
@@ -18,10 +18,11 @@ PR = "r0"
PV = "1.6+git${SRCPV}"
SRC_URI = "git://github.com/xemul/criu.git;protocol=git \
- file://0001-criu-Fix-toolchain-hardcode.patch \
- file://0002-criu-Skip-documentation-install.patch \
- file://0001-criu-Change-libraries-install-directory.patch \
- "
+ file://0001-criu-Fix-toolchain-hardcode.patch \
+ file://0002-criu-Skip-documentation-install.patch \
+ file://0001-criu-Change-libraries-install-directory.patch \
+ ${@bb.utils.contains('PACKAGECONFIG', 'selinux', '', 'file://disable-selinux.patch', d)} \
+ "
COMPATIBLE_HOST = "(x86_64|arm|aarch64).*-linux"
@@ -51,6 +52,9 @@ export HOST_SYS
inherit setuptools
+PACKAGECONFIG ??= ""
+PACKAGECONFIG[selinux] = ",,libselinux"
+
do_compile_prepend() {
rm -rf ${S}/protobuf/google/protobuf/descriptor.proto
ln -s ${PKG_CONFIG_SYSROOT_DIR}/usr/include/google/protobuf/descriptor.proto ${S}/protobuf/google/protobuf/descriptor.proto
diff --git a/recipes-containers/criu/files/disable-selinux.patch b/recipes-containers/criu/files/disable-selinux.patch
new file mode 100644
index 0000000..da881dd
--- /dev/null
+++ b/recipes-containers/criu/files/disable-selinux.patch
@@ -0,0 +1,26 @@
+Upstream-Status: Inappropriate [disable feature]
+
+It shows warning when build crius if libselinux has been built already:
+
+ WARNING: QA Issue: criu rdepends on libselinux, but it isn't a build dependency? [build-deps]
+
+Apply this patch to disable selinux support when 'selinux' is not in PACKAGECONF.
+
+Signed-off-by: Kai Kang <kai.kang@...>
+
+diff --git a/Makefile.config b/Makefile.config
+index ce4b8d8..3ac2780 100644
+--- a/Makefile.config
++++ b/Makefile.config
+@@ -8,11 +8,6 @@ ifeq ($(call try-cc,$(LIBBSD_DEV_TEST),-lbsd),y)
+ DEFINES += -DCONFIG_HAS_LIBBSD
+ endif
+
+-ifeq ($(call pkg-config-check,libselinux),y)
+- LIBS := -lselinux $(LIBS)
+- DEFINES += -DCONFIG_HAS_SELINUX
+-endif
+-
+ $(CONFIG): scripts/utilities.mak scripts/feature-tests.mak include/config-base.h
+ $(E) " GEN " $@
+ $(Q) @echo '#ifndef __CR_CONFIG_H__' > $@

--
Regards,
Neil | Kai Kang


Re: interest to integrate virt-manager?

Mihaylov, Emil <Emil.Mihaylov@...>
 

Hi

anybody added virt-viewer/virt-manager  receipt to  meta-virtualization

Thanks Emil

 





Spirent Communications e-mail confidentiality.
------------------------------------------------------------------------
This e-mail contains confidential and / or privileged information belonging to Spirent Communications plc, its affiliates and / or subsidiaries. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution and / or the taking of any action based upon reliance on the contents of this transmission is strictly forbidden. If you have received this message in error please notify the sender by return e-mail and delete it from your system.

Spirent Communications plc
Northwood Park, Gatwick Road, Crawley, West Sussex, RH10 9XN, United Kingdom.
Tel No. +44 (0) 1293 767676
Fax No. +44 (0) 1293 767677

Registered in England Number 470893
Registered at Northwood Park, Gatwick Road, Crawley, West Sussex, RH10 9XN, United Kingdom.

Or if within the US,

Spirent Communications,
27349 Agoura Road, Calabasas, CA, 91301, USA.
Tel No. 1-818-676- 2300


[PATCH] criu: fix build-deps qa warning

kai
 

From: Kai Kang <kai.kang@...>

It shows warning when build crius if libselinux has been built already:

WARNING: QA Issue: criu rdepends on libselinux, but it isn't a build dependency? [build-deps]

Add a patch to disable selinux support when 'selinux' is not in PACKAGECONF.

And update indentation at same time.

Signed-off-by: Kai Kang <kai.kang@...>
---
recipes-containers/criu/criu_git.bb | 12 ++++++----
.../criu/files/disable-selinux.patch | 26 ++++++++++++++++++++++
2 files changed, 34 insertions(+), 4 deletions(-)
create mode 100644 recipes-containers/criu/files/disable-selinux.patch

diff --git a/recipes-containers/criu/criu_git.bb b/recipes-containers/criu/criu_git.bb
index 816c806..c8be78f 100644
--- a/recipes-containers/criu/criu_git.bb
+++ b/recipes-containers/criu/criu_git.bb
@@ -18,10 +18,11 @@ PR = "r0"
PV = "1.6+git${SRCPV}"

SRC_URI = "git://github.com/xemul/criu.git;protocol=git \
- file://0001-criu-Fix-toolchain-hardcode.patch \
- file://0002-criu-Skip-documentation-install.patch \
- file://0001-criu-Change-libraries-install-directory.patch \
- "
+ file://0001-criu-Fix-toolchain-hardcode.patch \
+ file://0002-criu-Skip-documentation-install.patch \
+ file://0001-criu-Change-libraries-install-directory.patch \
+ ${@bb.utils.contains('PACKAGECONFIG', 'selinux', '', 'file://disable-selinux.patch', d)} \
+ "

COMPATIBLE_HOST = "(x86_64|arm|aarch64).*-linux"

@@ -51,6 +52,9 @@ export HOST_SYS

inherit setuptools

+PACKAGECONFIG ??= ""
+PACKAGECONFIG[selinux] = ",,libselinux"
+
do_compile_prepend() {
rm -rf ${S}/protobuf/google/protobuf/descriptor.proto
ln -s ${PKG_CONFIG_SYSROOT_DIR}/usr/include/google/protobuf/descriptor.proto ${S}/protobuf/google/protobuf/descriptor.proto
diff --git a/recipes-containers/criu/files/disable-selinux.patch b/recipes-containers/criu/files/disable-selinux.patch
new file mode 100644
index 0000000..da881dd
--- /dev/null
+++ b/recipes-containers/criu/files/disable-selinux.patch
@@ -0,0 +1,26 @@
+Upstream-Status: Inappropriate [disable feature]
+
+It shows warning when build crius if libselinux has been built already:
+
+ WARNING: QA Issue: criu rdepends on libselinux, but it isn't a build dependency? [build-deps]
+
+Apply this patch to disable selinux support when 'selinux' is not in PACKAGECONF.
+
+Signed-off-by: Kai Kang <kai.kang@...>
+
+diff --git a/Makefile.config b/Makefile.config
+index ce4b8d8..3ac2780 100644
+--- a/Makefile.config
++++ b/Makefile.config
+@@ -8,11 +8,6 @@ ifeq ($(call try-cc,$(LIBBSD_DEV_TEST),-lbsd),y)
+ DEFINES += -DCONFIG_HAS_LIBBSD
+ endif
+
+-ifeq ($(call pkg-config-check,libselinux),y)
+- LIBS := -lselinux $(LIBS)
+- DEFINES += -DCONFIG_HAS_SELINUX
+-endif
+-
+ $(CONFIG): scripts/utilities.mak scripts/feature-tests.mak include/config-base.h
+ $(E) " GEN " $@
+ $(Q) @echo '#ifndef __CR_CONFIG_H__' > $@
--
2.6.1


Re: [meta-cloud-services][PATCH] spice: add PACKAGECONFIG for xinerama

Bruce Ashfield <bruce.ashfield@...>
 

On 2016-05-31 3:08 AM, jackie.huang@... wrote:
From: Jackie Huang <jackie.huang@...>

spice auto detect Xinerama library to enable the feature,
but it causes error when using sstate between different
builds, e.g. previous build have xinerama but the later
one doesn't, then it fails on the later one with:

"Package 'xinerama', required by 'spice-server', not found"

Add PACKAGECONFIG for xinerama to ensure we have
deterministic builds.
merged.

Bruce


Signed-off-by: Jackie Huang <jackie.huang@...>
---
recipes-support/spice/spice_git.bb | 1 +
1 file changed, 1 insertion(+)

diff --git a/recipes-support/spice/spice_git.bb b/recipes-support/spice/spice_git.bb
index 95f7156..0524c27 100644
--- a/recipes-support/spice/spice_git.bb
+++ b/recipes-support/spice/spice_git.bb
@@ -53,6 +53,7 @@ PACKAGECONFIG[sasl] = "--with-sasl,--without-sasl,cyrus-sasl,"
PACKAGECONFIG[client] = "--enable-client,--disable-client,,"
PACKAGECONFIG[gui] = "--enable-gui,--disable-gui,,"
PACKAGECONFIG[opengl] = "--enable-opengl,--disable-opengl,,"
+PACKAGECONFIG[xinerama] = "--enable-xinerama,--disable-xinerama,libxinerama,"

PACKAGES =+ "${PN}-protocol"
LICENSE_${PN}-protocol = "BSD"


[meta-cloud-services][PATCH] spice: add PACKAGECONFIG for xinerama

Jackie Huang
 

From: Jackie Huang <jackie.huang@...>

spice auto detect Xinerama library to enable the feature,
but it causes error when using sstate between different
builds, e.g. previous build have xinerama but the later
one doesn't, then it fails on the later one with:

"Package 'xinerama', required by 'spice-server', not found"

Add PACKAGECONFIG for xinerama to ensure we have
deterministic builds.

Signed-off-by: Jackie Huang <jackie.huang@...>
---
recipes-support/spice/spice_git.bb | 1 +
1 file changed, 1 insertion(+)

diff --git a/recipes-support/spice/spice_git.bb b/recipes-support/spice/spice_git.bb
index 95f7156..0524c27 100644
--- a/recipes-support/spice/spice_git.bb
+++ b/recipes-support/spice/spice_git.bb
@@ -53,6 +53,7 @@ PACKAGECONFIG[sasl] = "--with-sasl,--without-sasl,cyrus-sasl,"
PACKAGECONFIG[client] = "--enable-client,--disable-client,,"
PACKAGECONFIG[gui] = "--enable-gui,--disable-gui,,"
PACKAGECONFIG[opengl] = "--enable-opengl,--disable-opengl,,"
+PACKAGECONFIG[xinerama] = "--enable-xinerama,--disable-xinerama,libxinerama,"

PACKAGES =+ "${PN}-protocol"
LICENSE_${PN}-protocol = "BSD"
--
2.8.1


Re: [PATCH] docker: override GOROOT at build time

Bruce Ashfield
 

merged.

Bruce

On Mon, May 30, 2016 at 3:34 AM, Yunguo Wei <yunguo.wei@...> wrote:
Usually $GOROOT is set by go tool, but if sstate is specified, $GOROOT
is set to the path in the first project. If docker is built in the
another project(with same SSTATE_DIR) later, and the first project is removed,
the following error will be seen:

| go: cannot find GOROOT directory:
/path/to/previous/project/bitbake_build/tmp/sysroots/x86_64-linux/usr/lib/x86_64-wrs-linux/go

This commit is overriding $GOROOT stored in the go tool in sstate cache,
making sure it is set to the correct path in current project.

See more information here: https://golang.org/doc/install#install

Signed-off-by: Yunguo Wei <yunguo.wei@...>
---
 recipes-containers/docker/docker_git.bb | 1 +
 1 file changed, 1 insertion(+)

diff --git a/recipes-containers/docker/docker_git.bb b/recipes-containers/docker/docker_git.bb
index 597ff4f..4eea3f4 100644
--- a/recipes-containers/docker/docker_git.bb
+++ b/recipes-containers/docker/docker_git.bb
@@ -82,6 +82,7 @@ do_compile() {
        mkdir -p .gopath/src/"$(dirname "${DOCKER_PKG}")"
        ln -sf ../../../.. .gopath/src/"${DOCKER_PKG}"
        export GOPATH="${S}/.gopath:${S}/vendor:${STAGING_DIR_TARGET}/${prefix}/local/go"
+       export GOROOT="${STAGING_DIR_NATIVE}/${nonarch_libdir}/${HOST_SYS}/go"
        cd -

        # Pass the needed cflags/ldflags so that cgo
--
1.9.1




--
"Thou shalt not follow the NULL pointer, for chaos and madness await thee at its end"


[PATCH] docker: override GOROOT at build time

Yunguo Wei
 

Usually $GOROOT is set by go tool, but if sstate is specified, $GOROOT
is set to the path in the first project. If docker is built in the
another project(with same SSTATE_DIR) later, and the first project is removed,
the following error will be seen:

| go: cannot find GOROOT directory:
/path/to/previous/project/bitbake_build/tmp/sysroots/x86_64-linux/usr/lib/x86_64-wrs-linux/go

This commit is overriding $GOROOT stored in the go tool in sstate cache,
making sure it is set to the correct path in current project.

See more information here: https://golang.org/doc/install#install

Signed-off-by: Yunguo Wei <yunguo.wei@...>
---
recipes-containers/docker/docker_git.bb | 1 +
1 file changed, 1 insertion(+)

diff --git a/recipes-containers/docker/docker_git.bb b/recipes-containers/docker/docker_git.bb
index 597ff4f..4eea3f4 100644
--- a/recipes-containers/docker/docker_git.bb
+++ b/recipes-containers/docker/docker_git.bb
@@ -82,6 +82,7 @@ do_compile() {
mkdir -p .gopath/src/"$(dirname "${DOCKER_PKG}")"
ln -sf ../../../.. .gopath/src/"${DOCKER_PKG}"
export GOPATH="${S}/.gopath:${S}/vendor:${STAGING_DIR_TARGET}/${prefix}/local/go"
+ export GOROOT="${STAGING_DIR_NATIVE}/${nonarch_libdir}/${HOST_SYS}/go"
cd -

# Pass the needed cflags/ldflags so that cgo
--
1.9.1


Re: [PATCH] libvirt-python: backport a patch to fix crash in getAllDomainStats

Bruce Ashfield
 



On Tue, May 24, 2016 at 1:28 AM, <rongqing.li@...> wrote:
From: Roy Li <rongqing.li@...>


We should have a better commit log here .. so I copied the one from your patch into
the main log.

I also tend to prefer uprev's versus backports .. but we can carry this for now, until
I get around to bumping the version.

Bruce
 
Signed-off-by: Roy Li <rongqing.li@...>
---
 recipes-extended/libvirt/libvirt-python.inc        |  1 +
 .../0001-fix-crash-in-getAllDomainStats.patch      | 57 ++++++++++++++++++++++
 2 files changed, 58 insertions(+)
 create mode 100644 recipes-extended/libvirt/libvirt/0001-fix-crash-in-getAllDomainStats.patch

diff --git a/recipes-extended/libvirt/libvirt-python.inc b/recipes-extended/libvirt/libvirt-python.inc
index c1dafe9..405d5f7 100644
--- a/recipes-extended/libvirt/libvirt-python.inc
+++ b/recipes-extended/libvirt/libvirt-python.inc
@@ -17,6 +17,7 @@ FILES_${PN}-python = "${bindir}/* ${libdir}/* ${libdir}/${PYTHON_DIR}/*"

 SRC_URI += "http://libvirt.org/sources/python/libvirt-python-${PV}.tar.gz;name=libvirt_python"
 SRC_URI += "file://libvirt_api_xml_path.patch;patchdir=../libvirt-python-${PV}"
+SRC_URI += "file://0001-fix-crash-in-getAllDomainStats.patch;patchdir=../libvirt-python-${PV}"

 SRC_URI[libvirt_python.md5sum] = "ed018c714d7ddbe93221c796dff283ed"
 SRC_URI[libvirt_python.sha256sum] = "6d35ae9e7801573393b9c92471f39e6700d479f10b641df81d041b469f160bf8"
diff --git a/recipes-extended/libvirt/libvirt/0001-fix-crash-in-getAllDomainStats.patch b/recipes-extended/libvirt/libvirt/0001-fix-crash-in-getAllDomainStats.patch
new file mode 100644
index 0000000..0583a94
--- /dev/null
+++ b/recipes-extended/libvirt/libvirt/0001-fix-crash-in-getAllDomainStats.patch
@@ -0,0 +1,57 @@
+From e9c4e2abffef007a28112ebb40a9586b0128f10b Mon Sep 17 00:00:00 2001
+From: Pavel Hrdina <phrdina@...>
+Date: Mon, 18 Apr 2016 16:53:50 +0200
+Subject: [PATCH] fix crash in getAllDomainStats
+
+Upstream-Status: Backport
+
+Commits 1d39dbaf and 827ed9b4 broke the libvirt-python API by removing
+virDomainRef() and virDomainFree().  virDomainStatsRecordListFree() will
+free that domain pointer and later when virDomain (python object) call
+its destructor and tries to free that same pointer again.
+
+Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1326839
+
+Signed-off-by: Pavel Hrdina <phrdina@...>
+---
+ libvirt-override.c | 8 +++++++-
+ 1 file changed, 7 insertions(+), 1 deletion(-)
+
+diff --git a/libvirt-override.c b/libvirt-override.c
+index 4640ed5..2de95ce 100644
+--- a/libvirt-override.c
++++ b/libvirt-override.c
+@@ -8381,6 +8381,7 @@ convertDomainStatsRecord(virDomainStatsRecordPtr *records,
+     PyObject *py_retval;
+     PyObject *py_record;
+     PyObject *py_record_stats = NULL;
++    virDomainPtr dom = NULL;
+     size_t i;
+
+     if (!(py_retval = PyList_New(nrecords)))
+@@ -8392,9 +8393,12 @@ convertDomainStatsRecord(virDomainStatsRecordPtr *records,
+
+         VIR_PY_LIST_SET_GOTO(py_retval, i, py_record, error);
+
++        dom = records[i]->dom;
++        virDomainRef(dom);
+         VIR_PY_TUPLE_SET_GOTO(py_record, 0,
+-                              libvirt_virDomainPtrWrap(records[i]->dom),
++                              libvirt_virDomainPtrWrap(dom),
+                               error);
++        dom = NULL;
+
+         if (!(py_record_stats = getPyVirTypedParameter(records[i]->params,
+                                                        records[i]->nparams)))
+@@ -8406,6 +8410,8 @@ convertDomainStatsRecord(virDomainStatsRecordPtr *records,
+     return py_retval;
+
+  error:
++    if (dom)
++        virDomainFree(dom);
+     Py_XDECREF(py_retval);
+     return NULL;
+ }
+--
+2.8.1
+
--
2.8.1

--
_______________________________________________
meta-virtualization mailing list
meta-virtualization@...
https://lists.yoctoproject.org/listinfo/meta-virtualization



--
"Thou shalt not follow the NULL pointer, for chaos and madness await thee at its end"


Re: [PATCH] protobuf: Add RDEPENDS for ptest

Bruce Ashfield
 

merged.

Bruce

On Sun, May 22, 2016 at 11:15 PM, <zhe.he@...> wrote:
From: He Zhe <zhe.he@...>

This patch adds bash and python to ptest's RDEPENDS to avoid the following
warning:
"WARNING: QA Issue: /usr/lib64/protobuf/ptest/run-ptest_protobuf-ptest contained
in package protobuf-ptest requires /bin/bash, but no providers found in its
RDEPENDS [file-rdeps]"

Signed-off-by: He Zhe <zhe.he@...>
---
 recipes-devtools/protobuf/protobuf_2.5.0.bb | 1 +
 1 file changed, 1 insertion(+)

diff --git a/recipes-devtools/protobuf/protobuf_2.5.0.bb b/recipes-devtools/protobuf/protobuf_2.5.0.bb
index e1c7254..23b74a7 100644
--- a/recipes-devtools/protobuf/protobuf_2.5.0.bb
+++ b/recipes-devtools/protobuf/protobuf_2.5.0.bb
@@ -22,6 +22,7 @@ EXTRA_OECONF += " --with-protoc=${STAGING_BINDIR_NATIVE}/protoc"
 inherit autotools setuptools ptest

 DEPENDS += "protobuf-native"
+RDEPENDS_${PN}-ptest = "bash python"

 PYTHON_SRC_DIR="python"
 TEST_SRC_DIR="examples"
--
1.9.1




--
"Thou shalt not follow the NULL pointer, for chaos and madness await thee at its end"

5521 - 5540 of 7513