|
Re: downgrade openssl libraryes
Alexander Kanavin
openssl 1.0.2 went out of support at the end of 2019 and you should not be using it. What is the problem you need to solve? Alex
On Mon, 30 Aug 2021 at 15:33, Ivan Riabtsov <ivriabtsov@...> wrote: hello i am trying to rollback openssl version from 1.1.1i to 1.0.2j.
|
|
|
|
downgrade openssl libraryes
Ivan Riabtsov <ivriabtsov@...>
hello i am trying to rollback openssl version from 1.1.1i to 1.0.2j.
Copied the recipe openssl_1.1.1i.bb to openssl_1.0.2j.bb, saved the openssl_1.1.1i.bb version with the name openssl_1.1.1i.bb.backup Отредактировал новый файл, вот разница в файлах: diff -Nau ./openssl_1.1.1i.bb.backup ./openssl_1.0.2j.bb --- ./openssl_1.1.1i.bb.backup 2021-08-27 14:46:07.085808702 +0300 +++ ./openssl_1.0.2j.bb 2021-08-27 16:12:14.216430734 +0300 @@ -7,23 +7,19 @@ # "openssl" here actually means both OpenSSL and SSLeay licenses apply # (see meta/files/common-licenses/OpenSSL to which "openssl" is SPDXLICENSEMAPped) LICENSE = "openssl" -LIC_FILES_CHKSUM = "file://LICENSE;md5=d343e62fc9c833710bbbed25f27364c8" +LIC_FILES_CHKSUM = "file://LICENSE;md5=27ffa5d74bb5a337056c14b2ef93fbf6" DEPENDS = "hostperl-runtime-native" SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \ file://run-ptest \ - file://0001-skip-test_symbol_presence.patch \ - file://0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch \ - file://afalg.patch \ - file://reproducible.patch \ " SRC_URI_append_class-nativesdk = " \ file://environment.d-openssl.sh \ " -SRC_URI[sha256sum] = "e8be6a35fe41d10603c3cc635e93289ed00bf34b79671a3a4de64fcee00d5242" +SRC_URI[sha256sum] = "e7aff292be21c259c6af26469c7a9b3ba26e9abaaffd325e3dccc9785256c431" inherit lib_package multilib_header multilib_script ptest MULTILIB_SCRIPTS = "${PN}-bin:${bindir}/c_rehash" @@ -122,7 +118,7 @@ # WARNING: do not set compiler/linker flags (-I/-D etc.) in EXTRA_OECONF, as they will fully replace the # environment variables set by bitbake. Adjust the environment variables instead. HASHBANGPERL="/usr/bin/env perl" PERL=perl PERL5LIB="${S}/external/perl/Text-Template-1.46/lib/" \ - perl ${S}/Configure ${EXTRA_OECONF} ${PACKAGECONFIG_CONFARGS} --prefix=$useprefix --openssldir=${libdir}/ssl-1.1 --libdir=${libdir} $target + perl ${S}/Configure ${EXTRA_OECONF} ${PACKAGECONFIG_CONFARGS} --prefix=$useprefix --openssldir=${libdir}/ssl-1.0 --libdir=${libdir} $target perl ${B}/configdata.pm --dump } @@ -134,30 +130,30 @@ # Create SSL structure for packages such as ca-certificates which # contain hard-coded paths to /etc/ssl. Debian does the same. install -d ${D}${sysconfdir}/ssl - mv ${D}${libdir}/ssl-1.1/certs \ - ${D}${libdir}/ssl-1.1/private \ - ${D}${libdir}/ssl-1.1/openssl.cnf \ + mv ${D}${libdir}/ssl-1.0/certs \ + ${D}${libdir}/ssl-1.0/private \ + ${D}${libdir}/ssl-1.0/openssl.cnf \ ${D}${sysconfdir}/ssl/ # Although absolute symlinks would be OK for the target, they become # invalid if native or nativesdk are relocated from sstate. - ln -sf ${@oe.path.relative('${libdir}/ssl-1.1', '${sysconfdir}/ssl/certs')} ${D}${libdir}/ssl-1.1/certs - ln -sf ${@oe.path.relative('${libdir}/ssl-1.1', '${sysconfdir}/ssl/private')} ${D}${libdir}/ssl-1.1/private - ln -sf ${@oe.path.relative('${libdir}/ssl-1.1', '${sysconfdir}/ssl/openssl.cnf')} ${D}${libdir}/ssl-1.1/openssl.cnf + ln -sf ${@oe.path.relative('${libdir}/ssl-1.0', '${sysconfdir}/ssl/certs')} ${D}${libdir}/ssl-1.0/certs + ln -sf ${@oe.path.relative('${libdir}/ssl-1.0', '${sysconfdir}/ssl/private')} ${D}${libdir}/ssl-1.0/private + ln -sf ${@oe.path.relative('${libdir}/ssl-1.0', '${sysconfdir}/ssl/openssl.cnf')} ${D}${libdir}/ssl-1.0/openssl.cnf } do_install_append_class-native () { create_wrapper ${D}${bindir}/openssl \ - OPENSSL_CONF=${libdir}/ssl-1.1/openssl.cnf \ - SSL_CERT_DIR=${libdir}/ssl-1.1/certs \ - SSL_CERT_FILE=${libdir}/ssl-1.1/cert.pem \ - OPENSSL_ENGINES=${libdir}/engines-1.1 + OPENSSL_CONF=${libdir}/ssl-1.0/openssl.cnf \ + SSL_CERT_DIR=${libdir}/ssl-1.0/certs \ + SSL_CERT_FILE=${libdir}/ssl-1.0/cert.pem \ + OPENSSL_ENGINES=${libdir}/engines-1.0 } do_install_append_class-nativesdk () { mkdir -p ${D}${SDKPATHNATIVE}/environment-setup.d install -m 644 ${WORKDIR}/environment.d-openssl.sh ${D}${SDKPATHNATIVE}/environment-setup.d/openssl.sh - sed 's|/usr/lib/ssl/|/usr/lib/ssl-1.1/|g' -i ${D}${SDKPATHNATIVE}/environment-setup.d/openssl.sh + sed 's|/usr/lib/ssl/|/usr/lib/ssl-1.0/|g' -i ${D}${SDKPATHNATIVE}/environment-setup.d/openssl.sh } PTEST_BUILD_HOST_FILES += "configdata.pm" @@ -170,8 +166,8 @@ cp -r ${S}/external ${B}/test ${S}/test ${B}/fuzz ${S}/util ${B}/util ${D}${PTEST_PATH} # For test_shlibload - ln -s ${libdir}/libcrypto.so.1.1 ${D}${PTEST_PATH}/ - ln -s ${libdir}/libssl.so.1.1 ${D}${PTEST_PATH}/ + ln -s ${libdir}/libcrypto.so.1.0 ${D}${PTEST_PATH}/ + ln -s ${libdir}/libssl.so.1.0 ${D}${PTEST_PATH}/ install -d ${D}${PTEST_PATH}/apps ln -s ${bindir}/openssl ${D}${PTEST_PATH}/apps @@ -192,11 +188,11 @@ FILES_libcrypto = "${libdir}/libcrypto${SOLIBS}" FILES_libssl = "${libdir}/libssl${SOLIBS}" FILES_openssl-conf = "${sysconfdir}/ssl/openssl.cnf \ - ${libdir}/ssl-1.1/openssl.cnf* \ + ${libdir}/ssl-1.0/openssl.cnf* \ " -FILES_${PN}-engines = "${libdir}/engines-1.1" -FILES_${PN}-misc = "${libdir}/ssl-1.1/misc" -FILES_${PN} =+ "${libdir}/ssl-1.1/*" +FILES_${PN}-engines = "${libdir}/engines-1.0" +FILES_${PN}-misc = "${libdir}/ssl-1.0/misc" +FILES_${PN} =+ "${libdir}/ssl-1.0/*" FILES_${PN}_append_class-nativesdk = " ${SDKPATHNATIVE}/environment-setup.d/openssl.sh" CONFFILES_openssl-conf = "${sysconfdir}/ssl/openssl.cnf" вот новый получившийся файл: cat openssl_1.0.2j.bb SUMMARY = "Secure Socket Layer" DESCRIPTION = "Secure Socket Layer (SSL) binary and related cryptographic tools." HOMEPAGE = "http://www.openssl.org/" BUGTRACKER = "http://www.openssl.org/news/vulnerabilities.html" SECTION = "libs/network" # "openssl" here actually means both OpenSSL and SSLeay licenses apply # (see meta/files/common-licenses/OpenSSL to which "openssl" is SPDXLICENSEMAPped) LICENSE = "openssl" LIC_FILES_CHKSUM = "file://LICENSE;md5=27ffa5d74bb5a337056c14b2ef93fbf6" DEPENDS = "hostperl-runtime-native" SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \ file://run-ptest \ " SRC_URI_append_class-nativesdk = " \ file://environment.d-openssl.sh \ " SRC_URI[sha256sum] = "e7aff292be21c259c6af26469c7a9b3ba26e9abaaffd325e3dccc9785256c431" inherit lib_package multilib_header multilib_script ptest MULTILIB_SCRIPTS = "${PN}-bin:${bindir}/c_rehash" PACKAGECONFIG ?= "" PACKAGECONFIG_class-native = "" PACKAGECONFIG_class-nativesdk = "" PACKAGECONFIG[cryptodev-linux] = "enable-devcryptoeng,disable-devcryptoeng,cryptodev-linux,,cryptodev-module" B = "${WORKDIR}/build" do_configure[cleandirs] = "${B}" #| ./libcrypto.so: undefined reference to `getcontext' #| ./libcrypto.so: undefined reference to `setcontext' #| ./libcrypto.so: undefined reference to `makecontext' EXTRA_OECONF_append_libc-musl = " no-async" EXTRA_OECONF_append_libc-musl_powerpc64 = " no-asm" # adding devrandom prevents openssl from using getrandom() which is not available on older glibc versions # (native versions can be built with newer glibc, but then relocated onto a system with older glibc) EXTRA_OECONF_class-native = "--with-rand-seed=os,devrandom" EXTRA_OECONF_class-nativesdk = "--with-rand-seed=os,devrandom" # Relying on hardcoded built-in paths causes openssl-native to not be relocateable from sstate. CFLAGS_append_class-native = " -DOPENSSLDIR=/not/builtin -DENGINESDIR=/not/builtin" CFLAGS_append_class-nativesdk = " -DOPENSSLDIR=/not/builtin -DENGINESDIR=/not/builtin" do_configure () { os=${HOST_OS} case $os in linux-gnueabi |\ linux-gnuspe |\ linux-musleabi |\ linux-muslspe |\ linux-musl ) os=linux ;; *) ;; esac target="$os-${HOST_ARCH}" case $target in linux-arm*) target=linux-armv4 ;; linux-aarch64*) target=linux-aarch64 ;; linux-i?86 | linux-viac3) target=linux-x86 ;; linux-gnux32-x86_64 | linux-muslx32-x86_64 ) target=linux-x32 ;; linux-gnu64-x86_64) target=linux-x86_64 ;; linux-mips | linux-mipsel) # specifying TARGET_CC_ARCH prevents openssl from (incorrectly) adding target architecture flags target="linux-mips32 ${TARGET_CC_ARCH}" ;; linux-gnun32-mips*) target=linux-mips64 ;; linux-*-mips64 | linux-mips64 | linux-*-mips64el | linux-mips64el) target=linux64-mips64 ;; linux-microblaze* | linux-nios2* | linux-sh3 | linux-sh4 | linux-arc*) target=linux-generic32 ;; linux-powerpc) target=linux-ppc ;; linux-powerpc64) target=linux-ppc64 ;; linux-powerpc64le) target=linux-ppc64le ;; linux-riscv32) target=linux-generic32 ;; linux-riscv64) target=linux-generic64 ;; linux-sparc | linux-supersparc) target=linux-sparcv9 ;; esac useprefix=${prefix} if [ "x$useprefix" = "x" ]; then useprefix=/ fi # WARNING: do not set compiler/linker flags (-I/-D etc.) in EXTRA_OECONF, as they will fully replace the # environment variables set by bitbake. Adjust the environment variables instead. HASHBANGPERL="/usr/bin/env perl" PERL=perl PERL5LIB="${S}/external/perl/Text-Template-1.46/lib/" \ perl ${S}/Configure ${EXTRA_OECONF} ${PACKAGECONFIG_CONFARGS} --prefix=$useprefix --openssldir=${libdir}/ssl-1.0 --libdir=${libdir} $target perl ${B}/configdata.pm --dump } do_install () { oe_runmake DESTDIR="${D}" MANDIR="${mandir}" MANSUFFIX=ssl install oe_multilib_header openssl/opensslconf.h # Create SSL structure for packages such as ca-certificates which # contain hard-coded paths to /etc/ssl. Debian does the same. install -d ${D}${sysconfdir}/ssl mv ${D}${libdir}/ssl-1.0/certs \ ${D}${libdir}/ssl-1.0/private \ ${D}${libdir}/ssl-1.0/openssl.cnf \ ${D}${sysconfdir}/ssl/ # Although absolute symlinks would be OK for the target, they become # invalid if native or nativesdk are relocated from sstate. ln -sf ${@oe.path.relative('${libdir}/ssl-1.0', '${sysconfdir}/ssl/certs')} ${D}${libdir}/ssl-1.0/certs ln -sf ${@oe.path.relative('${libdir}/ssl-1.0', '${sysconfdir}/ssl/private')} ${D}${libdir}/ssl-1.0/private ln -sf ${@oe.path.relative('${libdir}/ssl-1.0', '${sysconfdir}/ssl/openssl.cnf')} ${D}${libdir}/ssl-1.0/openssl.cnf } do_install_append_class-native () { create_wrapper ${D}${bindir}/openssl \ OPENSSL_CONF=${libdir}/ssl-1.0/openssl.cnf \ SSL_CERT_DIR=${libdir}/ssl-1.0/certs \ SSL_CERT_FILE=${libdir}/ssl-1.0/cert.pem \ OPENSSL_ENGINES=${libdir}/engines-1.0 } do_install_append_class-nativesdk () { mkdir -p ${D}${SDKPATHNATIVE}/environment-setup.d install -m 644 ${WORKDIR}/environment.d-openssl.sh ${D}${SDKPATHNATIVE}/environment-setup.d/openssl.sh sed 's|/usr/lib/ssl/|/usr/lib/ssl-1.0/|g' -i ${D}${SDKPATHNATIVE}/environment-setup.d/openssl.sh } PTEST_BUILD_HOST_FILES += "configdata.pm" PTEST_BUILD_HOST_PATTERN = "perl_version =" do_install_ptest () { # Prune the build tree rm -f ${B}/fuzz/*.* ${B}/test/*.* cp ${S}/Configure ${B}/configdata.pm ${D}${PTEST_PATH} cp -r ${S}/external ${B}/test ${S}/test ${B}/fuzz ${S}/util ${B}/util ${D}${PTEST_PATH} # For test_shlibload ln -s ${libdir}/libcrypto.so.1.0 ${D}${PTEST_PATH}/ ln -s ${libdir}/libssl.so.1.0 ${D}${PTEST_PATH}/ install -d ${D}${PTEST_PATH}/apps ln -s ${bindir}/openssl ${D}${PTEST_PATH}/apps install -m644 ${S}/apps/*.pem ${S}/apps/*.srl ${S}/apps/openssl.cnf ${D}${PTEST_PATH}/apps install -m755 ${B}/apps/CA.pl ${D}${PTEST_PATH}/apps install -d ${D}${PTEST_PATH}/engines install -m755 ${B}/engines/ossltest.so ${D}${PTEST_PATH}/engines } # Add the openssl.cnf file to the openssl-conf package. Make the libcrypto # package RRECOMMENDS on this package. This will enable the configuration # file to be installed for both the openssl-bin package and the libcrypto # package since the openssl-bin package depends on the libcrypto package. PACKAGES =+ "libcrypto libssl openssl-conf ${PN}-engines ${PN}-misc" FILES_libcrypto = "${libdir}/libcrypto${SOLIBS}" FILES_libssl = "${libdir}/libssl${SOLIBS}" FILES_openssl-conf = "${sysconfdir}/ssl/openssl.cnf \ ${libdir}/ssl-1.0/openssl.cnf* \ " FILES_${PN}-engines = "${libdir}/engines-1.0" FILES_${PN}-misc = "${libdir}/ssl-1.0/misc" FILES_${PN} =+ "${libdir}/ssl-1.0/*" FILES_${PN}_append_class-nativesdk = " ${SDKPATHNATIVE}/environment-setup.d/openssl.sh" CONFFILES_openssl-conf = "${sysconfdir}/ssl/openssl.cnf" RRECOMMENDS_libcrypto += "openssl-conf" RDEPENDS_${PN}-ptest += "openssl-bin perl perl-modules bash" RDEPENDS_${PN}-bin += "openssl-conf" BBCLASSEXTEND = "native nativesdk" CVE_PRODUCT = "openssl:openssl" # Only affects OpenSSL >= 1.1.1 in combination with Apache < 2.4.37 # Apache in meta-webserver is already recent enough CVE_CHECK_WHITELIST += "CVE-2019-0190" I understand that I need to figure out the configs yourself, but I get this error when executing the bitbake openssl-native ERROR: Execution of '/home/ivr/work/yocto_orig/build/tmp/work/x86_64-linux/openssl-native/1.0.2j-r0/temp/run.do_configure.1071458' failed with exit code 2: | unable to read opensslv.h:No such file or directory | Configuring for linux-x86_64 | no-devcryptoeng [option] OPENSSL_NO_DEVCRYPTOENG (skip dir) | no-ec_nistp_64_gcc_128 [default] OPENSSL_NO_EC_NISTP_64_GCC_128 (skip dir) | no-gmp [default] OPENSSL_NO_GMP (skip dir) | no-jpake [experimental] OPENSSL_NO_JPAKE (skip dir) | no-krb5 [krb5-flavor not specified] OPENSSL_NO_KRB5 | no-libunbound [experimental] OPENSSL_NO_LIBUNBOUND (skip dir) | no-md2 [default] OPENSSL_NO_MD2 (skip dir) | no-rc5 [default] OPENSSL_NO_RC5 (skip dir) | no-rfc3779 [default] OPENSSL_NO_RFC3779 (skip dir) | no-sctp [default] OPENSSL_NO_SCTP (skip dir) | no-shared [default] | no-ssl-trace [default] OPENSSL_NO_SSL_TRACE (skip dir) | no-ssl2 [default] OPENSSL_NO_SSL2 (skip dir) | no-store [experimental] OPENSSL_NO_STORE (skip dir) | no-unit-test [default] OPENSSL_NO_UNIT_TEST (skip dir) | no-weak-ssl-ciphers [default] OPENSSL_NO_WEAK_SSL_CIPHERS (skip dir) | no-zlib [default] | no-zlib-dynamic [default] | IsMK1MF=0 | WARNING: exit code 2 from a shell command. | As far as I can understand, the opensslv.h file is generated just at the configuration stage, why does the configuration stage give an error of the absence of this file?
|
|
|
|
extrausers-bbclass: plaintext password (since shadow update to 4.9)
Matthias Klein
Hello,
I am trying to find a working alternative for the old -P option. Previous: EXTRA_USERS_PARAMS = "usermod -P toor root;" The suggestions from this thread don't seem to work: https://lists.openembedded.org/g/openembedded-core/topic/84548199 Current: hash="$(python3 -c "import crypt; print(crypt.crypt('toor', crypt.METHOD_SHA512))")" EXTRA_USERS_PARAMS = "usermod -p ${hash} root;" The hashed password does not seem to be escaped properly in the extrausers-bbclass. The password in the shadow file is missing $ characters. Is there a way (with the current master branch) to define a password? Many greetings, Matthias
|
|
|
|
Re: kcrash package compile issue
Zoran
That means that kwindowsystem did not install all necessary bits.Oh, I see... It has everything to do with Xwindows systems in X11 Client/Server domain. kwindoes => KDE desktop. Apology for the confusion! Zee _______ On Mon, Aug 30, 2021 at 2:19 PM Andreas Müller <schnitzeltony@...> wrote:
|
|
|
|
Re: kcrash package compile issue
Andreas Müller
On Mon, Aug 30, 2021 at 6:46 AM Zoran <zoran.stojsavljevic@...> wrote:
1. From version 5.85 I assume you use meta-qt5-extra (not meta-kf5) - right?CMake Error in src/CMakeLists.txt:You somehow mixed Windows and Linux Cmake build systems. Not sure how... 2. the important part of the log is: | CMake Error in src/CMakeLists.txt: | Imported target "KF5::WindowSystem" includes non-existent path | "/home/yocto/sources/fu540-build/tmp-glibc/work/riscv64-oe-linux/kwindowsystem/5.85.0-r0/recipe-sysroot/usr/include" That means that kwindowsystem did not install all necessary bits. Do you have x11 in your DISTRO_FEATURES? If not you should add that. Hope that helps Andreas
|
|
|
|
surfinride
Hey there. I am building a Boot2Qt image for my Jetson Nano. Yocto release is dunfell. Currently I am trying to build the scipy library release 1.5.3. This is the recipe I am using:
inherit pypi setuptools3 This recipe fails with the bad RPATH error. Complete error log here.
This is what the Yocto documentation has to say about the bad RPATH error: -package <packagename> contains bad RPATH <rpath> in file <file> [rpaths]The specified binary produced by the recipe contains dynamic library load paths (rpaths) that contain build system paths such as TMPDIR, which are incorrect for the target and could potentially be a security issue. Check for bad -rpathoptions being passed to the linker in your do_compile log. Depending on the build system used by the software being built, there might be a configure option to disable rpath usage completely within the build of the software.I looked in the run.do_configure file. This is what the BUILD_LDFLAGS variable is set like: export BUILD_LDFLAGS="-L/media/dell/ext4_volume/jetson-nano-build-files/tmp/work/aarch64-poky-linux/python3-scipy/1.5.3-r0/recipe-sysroot-native/usr/lib -L/media/dell/ext4_volume/jetson-nano-build-files/tmp/work/aarch64-poky-linux/python3-scipy/1.5.3-r0/recipe-sysroot-native/lib -Wl,--enable-new-dtags -Wl,-rpath-link,/media/dell/ext4_volume/jetson-nano-build-files/tmp/work/aarch64-poky-linux/python3-scipy/1.5.3-r0/recipe-sysroot-native/usr/lib -Wl,-rpath-link,/media/dell/ext4_volume/jetson-nano-build-files/tmp/work/aarch64-poky-linux/python3-scipy/1.5.3-r0/recipe-sysroot-native/lib -Wl,-rpath,/media/dell/ext4_volume/jetson-nano-build-files/tmp/work/aarch64-poky-linux/python3-scipy/1.5.3-r0/recipe-sysroot-native/usr/lib -Wl,-rpath,/media/dell/ext4_volume/jetson-nano-build-files/tmp/work/aarch64-poky-linux/python3-scipy/1.5.3-r0/recipe-sysroot-native/lib -Wl,-O1 -Wl,--allow-shlib-undefined -Wl,--dynamic-linker=/media/dell/ext4_volume/jetson-nano-build-files/tmp/sysroots-uninative/x86_64-linux/lib/ld-linux-x86-64.so.2"So I created a copy of bitbake.conf in my custom layer and set the priority of the layer above the poky/meta/ layer. With this the -rpath and -rpath-link options are removed from the BUILD_LDFLAGS variable. Now if I build the package, the build still fails with the same error. Running grep on the tmp/work/aarch64-poky-linux/python3-scipy/1.5.3-r0/temp/ showed that -rpath option is still being passed to gcc. Complete log.do_compile here. Right now I am kind of clueless as to how I should approach debugging this. Would really appreciate any help. Thanks.
|
|
|
|
Re: kcrash package compile issue
Zoran
CMake Error in src/CMakeLists.txt:You somehow mixed Windows and Linux Cmake build systems. Not sure how... Solution 1: fix on the fly current problem: You should inspect the file: src/CMakeLists.txt and try to fix Windows paths to match Linux paths. Solution 2: delete the current Cmake setup and execute it from scratch: Error should not happen, since you need to delete the Cmake setup and do the whole thing from scratch. 1) configure <<===== This step causes you problems! 2) make 3) make install Zee _______ On Mon, Aug 30, 2021 at 6:10 AM sateesh m <sateesh0457@...> wrote:
|
|
|
|
kcrash package compile issue
sateesh m
Hi Team,
I am trying to build kcrash package. I got below error.Can anybody know how to fix this please guide me. ERROR: kcrash-5.85.0-r0 do_configure: Execution of '/home/yocto/sources/fu540-build/tmp-glibc/work/riscv64-oe-linux/kcrash/5.85.0-r0/temp/run.do_configure.12650' failed with exit code 1: -- The C compiler identification is GNU 10.2.0 -- The CXX compiler identification is GNU 10.2.0 -- Detecting C compiler ABI info -- Detecting C compiler ABI info - done -- Check for working C compiler: /home/yocto/sources/fu540-build/tmp-glibc/work/riscv64-oe-linux/kcrash/5.85.0-r0/recipe-sysroot-native/usr/bin/riscv64-oe-linux/riscv64-oe-linux-gcc - skipped -- Detecting C compile features -- Detecting C compile features - done -- Detecting CXX compiler ABI info -- Detecting CXX compiler ABI info - done -- Check for working CXX compiler: /home/yocto/sources/fu540-build/tmp-glibc/work/riscv64-oe-linux/kcrash/5.85.0-r0/recipe-sysroot-native/usr/bin/riscv64-oe-linux/riscv64-oe-linux-g++ - skipped -- Detecting CXX compile features -- Detecting CXX compile features - done --
Installing in /usr. Run /home/yocto/sources/fu540-build/tmp-glibc/work/riscv64-oe-linux/kcrash/5.85.0-r0/build/prefix.sh to set the environment for KCrash. -- Looking for __GLIBC__ -- Looking for __GLIBC__ - found -- Performing Test _OFFT_IS_64BIT -- Performing Test _OFFT_IS_64BIT - Success -- Performing Test HAVE_DATE_TIME -- Performing Test HAVE_DATE_TIME - Success -- Performing Test BSYMBOLICFUNCTIONS_AVAILABLE -- Performing Test BSYMBOLICFUNCTIONS_AVAILABLE - Success fatal: not a git repository (or any of the parent directories): .git -- Found X11: /home/yocto/sources/fu540-build/tmp-glibc/work/riscv64-oe-linux/kcrash/5.85.0-r0/recipe-sysroot/usr/include -- Looking for XOpenDisplay in /home/yocto/sources/fu540-build/tmp-glibc/work/riscv64-oe-linux/kcrash/5.85.0-r0/recipe-sysroot/usr/lib/libX11.so;/home/sateesh/yocto/sources/fu540-build/tmp-glibc/work/riscv64-oe-linux/kcrash/5.85.0-r0/recipe-sysroot/usr/lib/libXext.so -- Looking for XOpenDisplay in /home/yocto/sources/fu540-build/tmp-glibc/work/riscv64-oe-linux/kcrash/5.85.0-r0/recipe-sysroot/usr/lib/libX11.so;/home/sateesh/yocto/sources/fu540-build/tmp-glibc/work/riscv64-oe-linux/kcrash/5.85.0-r0/recipe-sysroot/usr/lib/libXext.so - found -- Looking for gethostbyname -- Looking for gethostbyname - found -- Looking for connect -- Looking for connect - found -- Looking for remove -- Looking for remove - found -- Looking for shmat -- Looking for shmat - found -- Looking for IceConnectionNumber in ICE -- Looking for IceConnectionNumber in ICE - found -- Performing Test COMPILER_HAS_HIDDEN_VISIBILITY -- Performing Test COMPILER_HAS_HIDDEN_VISIBILITY - Success -- Performing Test COMPILER_HAS_HIDDEN_INLINE_VISIBILITY -- Performing Test COMPILER_HAS_HIDDEN_INLINE_VISIBILITY - Success -- Performing Test COMPILER_HAS_DEPRECATED_ATTR -- Performing Test COMPILER_HAS_DEPRECATED_ATTR - Success -- The following features have been enabled:
* Core Pattern Raising, Raising signals to kernel core patterns (iff the pattern is a process). You may wish to not install drkonqi if this can cause a UI conflict.
-- The following OPTIONAL packages have been found:
* X11
-- The following REQUIRED packages have been found:
* ECM (required version >= 5.85.0), Extra CMake Modules., <https://commits.kde.org/extra-cmake-modules> * Qt5 (required version >= 5.15.0) * Qt5Core (required version >= 5.15.0) * KF5CoreAddons (required version >= 5.85.0) * Qt5Gui (required version >= 5.15.0) * KF5WindowSystem (required version >= 5.85.0) * Qt5X11Extras (required version >= 5.15.0)
-- The following features have been disabled:
* QCH, API documentation in QCH format (for e.g. Qt Assistant, Qt Creator & KDevelop)
-- Configuring done CMake Error in src/CMakeLists.txt: Imported target "KF5::WindowSystem" includes non-existent path
"/home/yocto/sources/fu540-build/tmp-glibc/work/riscv64-oe-linux/kwindowsystem/5.85.0-r0/recipe-sysroot/usr/include"
in its INTERFACE_INCLUDE_DIRECTORIES. Possible reasons include:
* The path was deleted, renamed, or moved to another location.
* An install or uninstall procedure did not complete successfully.
* The installation package was faulty and references files it does not provide.
CMake Error in src/CMakeLists.txt: Imported target "KF5::WindowSystem" includes non-existent path
"/home/yocto/sources/fu540-build/tmp-glibc/work/riscv64-oe-linux/kwindowsystem/5.85.0-r0/recipe-sysroot/usr/include"
in its INTERFACE_INCLUDE_DIRECTORIES. Possible reasons include:
* The path was deleted, renamed, or moved to another location.
* An install or uninstall procedure did not complete successfully.
* The installation package was faulty and references files it does not provide.
-- Generating done CMake Warning: Manually-specified variables were not used by the project:
BUILD_DESIGNERPLUGIN LIB_SUFFIX OE_KF5_PATH_HOST_ROOT OE_QMAKE_PATH_ARCHDATA OE_QMAKE_PATH_BINS OE_QMAKE_PATH_DATA OE_QMAKE_PATH_DOCS OE_QMAKE_PATH_EXAMPLES OE_QMAKE_PATH_HEADERS OE_QMAKE_PATH_HOST_BINS OE_QMAKE_PATH_HOST_DATA OE_QMAKE_PATH_HOST_LIBS OE_QMAKE_PATH_HOST_PREFIX OE_QMAKE_PATH_LIBEXECS OE_QMAKE_PATH_LIBS OE_QMAKE_PATH_PLUGINS OE_QMAKE_PATH_PREFIX OE_QMAKE_PATH_QML OE_QMAKE_PATH_QT_ARCHDATA OE_QMAKE_PATH_QT_BINS OE_QMAKE_PATH_QT_DATA OE_QMAKE_PATH_QT_DOCS OE_QMAKE_PATH_QT_EXAMPLES OE_QMAKE_PATH_QT_HEADERS OE_QMAKE_PATH_QT_SETTINGS OE_QMAKE_PATH_QT_TESTS OE_QMAKE_PATH_QT_TRANSLATIONS OE_QMAKE_PATH_SETTINGS OE_QMAKE_PATH_TESTS OE_QMAKE_PATH_TRANSLATIONS PYTHON_EXECUTABLE Python3_EXECUTABLE Python_EXECUTABLE
CMake Generate step failed. Build files cannot be regenerated correctly. WARNING: exit code 1 from a shell command.
ERROR: Logfile of failure stored in: /home/yocto/sources/fu540-build/tmp-glibc/work/riscv64-oe-linux/kcrash/5.85.0-r0/temp/log.do_configure.12650 --Regards, Sateesh
|
|
|
|
Re: Pyinstaller error in yocto
#yocto
Hi,
Please don't use screen shots, but pastebin instead. I already mentioned this on fb. My comments are inline. On 29/08/2021 13:48, yasminebenghozzi6@... wrote: Hello,It misses ldd. It's here: https://git.yoctoproject.org/cgit/cgit.cgi/poky/tree/meta/recipes-core/glibc/glibc-package.inc You might want to try something like: IMAGE_INSTALL += "ldd" Regards, Robert
|
|
|
|
Pyinstaller error in yocto
#yocto
yasminebenghozzi6@...
Hello,
I successfully installed pyinstaller in my yocto image , but while executing the command it doesn't work
|
|
|
|
Re: [oe][meta-security][PATCH] meta: Fix typos
Martin Jansa
Please merge this one.
On Wed, Aug 4, 2021 at 1:20 PM Martin Jansa via lists.yoctoproject.org <Martin.Jansa=gmail.com@...> wrote:
|
|
|
|
Re: [meta-tpm][PATCH v2] README: fix mailing lists and a typo
merged
toggle quoted messageShow quoted text
thanks
On 8/25/21 6:25 AM, Marta Rybczynska wrote:
A number of typo fixes:
|
|
|
|
Re: [PATCH] meta-integrity: kernel-modsign: Change weak default value
merged
toggle quoted messageShow quoted text
thanks
On 8/26/21 10:14 AM, Daiane Angolini wrote:
Assign a weak default value for MODSIGN_KEY_DIR so the other layers can
|
|
|
|
Re: [meta-hardening][PATCH] README: fix mailing lists
merged
toggle quoted messageShow quoted text
thanks
On 8/24/21 11:20 PM, Marta Rybczynska wrote:
The address included in the meta-hardening documentation
|
|
|
|
Re: [meta-mingw] [PATCH] grpc: use the new PACKAGECONFIG to disable shared
Sinan Kaya <okaya@...>
On 8/27/2021 8:41 AM, Joshua Watt wrote:
@@ -1,5 +1,4 @@ My research says libnsl is a soft requirement for c-ares. GRPC assumes libnsl to be present and used by default. However, it will build without it too. https://www.linuxfromscratch.org/blfs/view/svn/basicnet/libnsl.html We should be turning libnsl off if you want to enable GRPC's backward compatibility mode. Maybe, because previous versions didn't support libnsl. c-ares ------------- CMakeLists.txt:CARES_FUNCTION_IN_LIBRARY (gethostbyname nsl HAVE_LIBNSL) CMakeLists.txt: LIST (APPEND CARES_DEPENDENT_LIBS nsl) grpc ------------- if(gRPC_BACKWARDS_COMPATIBILITY_MODE) # See https://github.com/grpc/grpc/issues/17255 set(HAVE_LIBNSL OFF CACHE BOOL "avoid cares dependency on libnsl") endif() CMakeLists.txt:option(gRPC_BACKWARDS_COMPATIBILITY_MODE "Build libraries that are binary compatible across a larger number of OS and libc versions" OFF) CMakeLists.txt:if(gRPC_BACKWARDS_COMPATIBILITY_MODE)
|
|
|
|
Re: Extensible SDK - runtime packages installation
d0ku
Ok, I was able to find the answer to the third point: The bolded sentence is not actually true. Adding perl-native to the DEPENDS of a recipe, does not cause it to be automatically picked up during the build. For this to happen the perlnative bbclass has to be inherited. Same design is in place for at least python, probably more packages. This brings me to the followup question: How can I mimic the perlnative or python3native behaviour on the eSDK level? Is this only possible via the devtool and recipes, and so can't be done "outside" of the Yocto environment, e.g. using ${CC} and ${CXX} variables? Regards, Jakub
|
|
|
|
[meta-security][PATCH 6/6] harden-image-minimal: fix useradd inherit
Signed-off-by: Armin Kuster <akuster808@...>
--- .../recipes-core/images/harden-image-minimal.bb | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/meta-hardening/recipes-core/images/harden-image-minimal.bb b/meta-hardening/recipes-core/images/harden-image-minimal.bb index c35c257..38771cd 100644 --- a/meta-hardening/recipes-core/images/harden-image-minimal.bb +++ b/meta-hardening/recipes-core/images/harden-image-minimal.bb @@ -10,7 +10,8 @@ LICENSE = "MIT" IMAGE_ROOTFS_SIZE ?= "8192" -inherit core-image extrausers +inherit core-image +IMAGE_CLASSES:append = " extrausers" ROOT_DEFAULT_PASSWORD ?= "1SimplePw!" DEFAULT_ADMIN_ACCOUNT ?= "myadmin" @@ -19,7 +20,7 @@ DEFAULT_ADMIN_ACCOUNT_PASSWORD ?= "1SimplePw!" EXTRA_USERS_PARAMS = "${@bb.utils.contains('DISABLE_ROOT', 'True', "usermod -L root;", "usermod -P '${ROOT_DEFAULT_PASSWORD}' root;", d)}" -EXTRA_USERS_PARAMS += "useradd ${DEFAULT_ADMIN_ACCOUNT};" -EXTRA_USERS_PARAMS += "groupadd ${DEFAULT_ADMIN_GROUP};" -EXTRA_USERS_PARAMS += "usermod -P '${DEFAULT_ADMIN_ACCOUNT_PASSWORD}' ${DEFAULT_ADMIN_ACCOUNT};" -EXTRA_USERS_PARAMS += "usermod -aG ${DEFAULT_ADMIN_GROUP} ${DEFAULT_ADMIN_ACCOUNT};" +EXTRA_USERS_PARAMS:append = " useradd ${DEFAULT_ADMIN_ACCOUNT};" +EXTRA_USERS_PARAMS:append = " groupadd ${DEFAULT_ADMIN_GROUP};" +EXTRA_USERS_PARAMS:append = " usermod -P '${DEFAULT_ADMIN_ACCOUNT_PASSWORD}' ${DEFAULT_ADMIN_ACCOUNT};" +EXTRA_USERS_PARAMS:append = " usermod -aG ${DEFAULT_ADMIN_GROUP} ${DEFAULT_ADMIN_ACCOUNT};" -- 2.25.1
|
|
|
|
[meta-security][PATCH 5/6] layer.conf: drop meta-rust
Signed-off-by: Armin Kuster <akuster808@...>
--- meta-parsec/conf/layer.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-parsec/conf/layer.conf b/meta-parsec/conf/layer.conf index 86d41b2..2eeb71b 100644 --- a/meta-parsec/conf/layer.conf +++ b/meta-parsec/conf/layer.conf @@ -10,5 +10,5 @@ BBFILE_PRIORITY_parsec-layer = "5" LAYERSERIES_COMPAT_parsec-layer = "honister" -LAYERDEPENDS_parsec-layer = "core rust-layer clang-layer tpm-layer" +LAYERDEPENDS_parsec-layer = "core clang-layer tpm-layer" BBLAYERS_LAYERINDEX_NAME_parsec-layer = "meta-parsec" -- 2.25.1
|
|
|
|
[meta-security][PATCH 4/6] layer.conf: drop dynamic-layer
Signed-off-by: Armin Kuster <akuster808@...>
--- conf/layer.conf | 4 ---- 1 file changed, 4 deletions(-) diff --git a/conf/layer.conf b/conf/layer.conf index cdcfaee..ad9da56 100644 --- a/conf/layer.conf +++ b/conf/layer.conf @@ -16,7 +16,3 @@ LAYERDEPENDS_security = "core openembedded-layer perl-layer networking-layer met # Sanity check for meta-security layer. # Setting SKIP_META_SECURITY_SANITY_CHECK to "1" would skip the bbappend files check. INHERIT += "sanity-meta-security" - -BBFILES_DYNAMIC += " \ -rust-layer:${LAYERDIR}/dynamic-layers/meta-rust/recipes-*/*/*.bb \ -" -- 2.25.1
|
|
|
|
[meta-security][PATCH 3/6] suricata: rust is in core
drop dynamic-layer
Signed-off-by: Armin Kuster <akuster808@...> --- .../recipes-ids => recipes-ids}/suricata/files/fixup.patch | 0 .../recipes-ids => recipes-ids}/suricata/files/run-ptest | 0 .../recipes-ids => recipes-ids}/suricata/files/suricata.service | 0 .../recipes-ids => recipes-ids}/suricata/files/suricata.yaml | 0 .../recipes-ids => recipes-ids}/suricata/files/tmpfiles.suricata | 0 .../suricata/files/volatiles.03_suricata | 0 .../recipes-ids => recipes-ids}/suricata/libhtp_0.5.38.bb | 0 .../meta-rust/recipes-ids => recipes-ids}/suricata/suricata.inc | 0 .../recipes-ids => recipes-ids}/suricata/suricata_6.0.3.bb | 0 9 files changed, 0 insertions(+), 0 deletions(-) rename {dynamic-layers/meta-rust/recipes-ids => recipes-ids}/suricata/files/fixup.patch (100%) rename {dynamic-layers/meta-rust/recipes-ids => recipes-ids}/suricata/files/run-ptest (100%) rename {dynamic-layers/meta-rust/recipes-ids => recipes-ids}/suricata/files/suricata.service (100%) rename {dynamic-layers/meta-rust/recipes-ids => recipes-ids}/suricata/files/suricata.yaml (100%) rename {dynamic-layers/meta-rust/recipes-ids => recipes-ids}/suricata/files/tmpfiles.suricata (100%) rename {dynamic-layers/meta-rust/recipes-ids => recipes-ids}/suricata/files/volatiles.03_suricata (100%) rename {dynamic-layers/meta-rust/recipes-ids => recipes-ids}/suricata/libhtp_0.5.38.bb (100%) rename {dynamic-layers/meta-rust/recipes-ids => recipes-ids}/suricata/suricata.inc (100%) rename {dynamic-layers/meta-rust/recipes-ids => recipes-ids}/suricata/suricata_6.0.3.bb (100%) diff --git a/dynamic-layers/meta-rust/recipes-ids/suricata/files/fixup.patch b/recipes-ids/suricata/files/fixup.patch similarity index 100% rename from dynamic-layers/meta-rust/recipes-ids/suricata/files/fixup.patch rename to recipes-ids/suricata/files/fixup.patch diff --git a/dynamic-layers/meta-rust/recipes-ids/suricata/files/run-ptest b/recipes-ids/suricata/files/run-ptest similarity index 100% rename from dynamic-layers/meta-rust/recipes-ids/suricata/files/run-ptest rename to recipes-ids/suricata/files/run-ptest diff --git a/dynamic-layers/meta-rust/recipes-ids/suricata/files/suricata.service b/recipes-ids/suricata/files/suricata.service similarity index 100% rename from dynamic-layers/meta-rust/recipes-ids/suricata/files/suricata.service rename to recipes-ids/suricata/files/suricata.service diff --git a/dynamic-layers/meta-rust/recipes-ids/suricata/files/suricata.yaml b/recipes-ids/suricata/files/suricata.yaml similarity index 100% rename from dynamic-layers/meta-rust/recipes-ids/suricata/files/suricata.yaml rename to recipes-ids/suricata/files/suricata.yaml diff --git a/dynamic-layers/meta-rust/recipes-ids/suricata/files/tmpfiles.suricata b/recipes-ids/suricata/files/tmpfiles.suricata similarity index 100% rename from dynamic-layers/meta-rust/recipes-ids/suricata/files/tmpfiles.suricata rename to recipes-ids/suricata/files/tmpfiles.suricata diff --git a/dynamic-layers/meta-rust/recipes-ids/suricata/files/volatiles.03_suricata b/recipes-ids/suricata/files/volatiles.03_suricata similarity index 100% rename from dynamic-layers/meta-rust/recipes-ids/suricata/files/volatiles.03_suricata rename to recipes-ids/suricata/files/volatiles.03_suricata diff --git a/dynamic-layers/meta-rust/recipes-ids/suricata/libhtp_0.5.38.bb b/recipes-ids/suricata/libhtp_0.5.38.bb similarity index 100% rename from dynamic-layers/meta-rust/recipes-ids/suricata/libhtp_0.5.38.bb rename to recipes-ids/suricata/libhtp_0.5.38.bb diff --git a/dynamic-layers/meta-rust/recipes-ids/suricata/suricata.inc b/recipes-ids/suricata/suricata.inc similarity index 100% rename from dynamic-layers/meta-rust/recipes-ids/suricata/suricata.inc rename to recipes-ids/suricata/suricata.inc diff --git a/dynamic-layers/meta-rust/recipes-ids/suricata/suricata_6.0.3.bb b/recipes-ids/suricata/suricata_6.0.3.bb similarity index 100% rename from dynamic-layers/meta-rust/recipes-ids/suricata/suricata_6.0.3.bb rename to recipes-ids/suricata/suricata_6.0.3.bb -- 2.25.1
|
|
|