Date   

subtree …/tmp/deploy/… , files named Packages

keydi <krzysztof.dudziak@...>
 

Hello,

This is about two projects Projects A and B. Both use Yocto to build embedded-Linux distribution. However different Yocto release each. Also different target platform each. One puts Linux software packages to RPM, another one to IPK. For only one of those two Yocto generates plain-text files named 'Packages' and places it to image subdirectories of /tmp/deploy/rpm or /tmp/deploy/ipk subtree. The another one doesn't. Is this (files 'Packages' to be generated or not) any configuration point platform vendor can had set for its code-base to non-standard setting? Any means available for project Packages files (as of time being) not being generated to activate these files generation?

Background: Tool-chain used here to generate software bill of materials and all artifacts needed for fulfillment of used software license terms processes these files. Might it be good/bad idea to use files addressed in this message for software composition evaluation?


Which recipes put qtwebkit in my image?

Mauro Ziliani
 

Hi all.I need to find which recipe installs qtwebkit in my final image.

I look in on every recipes I make but  I don't find who put qtwebkit in my image.
I have the same matter with *-dev packages

I use bitbake -g but I don't find the "source" of qtwebkit.


Thanks all

Mz

Sent from Mailspring, the best free email app for work


Re: Building test code?

jchludzinski
 

I'm 'bitbaking' now.

On 2021-03-16 10:53, jchludzinski via lists.yoctoproject.org wrote:
Well, because time is of the essence, could you give me a little
assist here and explain how I might build spidev-test using
OpenEmbedded?
THANKS for your help!
---John
On 2021-03-16 05:58, Josef Holzmayr wrote:
Am Di., 16. März 2021 um 10:49 Uhr schrieb Nicolas Dechesne
<nicolas.dechesne@...>:
On Tue, Mar 16, 2021 at 8:07 AM jchludzinski via
lists.yoctoproject.org
<jchludzinski=vivaldi.net@...> wrote:

It certainly appears to be BUT I'm not certain what I'm looking at?

What is meta-openembedded?

Is it a GIT repo that can be cloned and built?
Short answer is yes. The whole Yocto Project / Open Embedded concept
is based around 'layers. A layer is a repository that contains recipes
(and/or machine/distro, ..). The Yocto Project releases include a
couple of common/core layers, but there are plenty of layers out there
which can be used
I am sure there are quite a bit of documentation on this topic, but
perhaps you might want to start with:
https://docs.yoctoproject.org/overview-manual/yp-intro.html#the-yocto-project-layer-model
Or grab a beer and start bingewatching
https://www.youtube.com/playlist?list=PLD4M5FoHz-TxMfBFrDKfIS_GLY25Qsfyj
</SCNR>





How do I use this to build spidev-test?


---John


On 2021-03-15 19:54, akuster wrote:

On 3/15/21 4:11 PM, jchludzinski via lists.yoctoproject.org wrote:

I got a piece of code from github:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/tools/spi/spidev_test.c

I'd like to add it somewhere under /*tools/testing*/ and build it there.

Not sure if this is appropriate? If so, how do I go about this?

If not, what's the best way to build this?


Is this what you are looking for?
https://git.openembedded.org/meta-openembedded/tree/meta-oe/recipes-kernel/spidev-test/spidev-test.bb

-armin










Yocto Technical Team Minutes, Engineering Sync, for March 16, 2021

Trevor Woerner
 

Yocto Technical Team Minutes, Engineering Sync, for March 16, 2021
archive: https://docs.google.com/document/d/1ly8nyhO14kDNnFcW2QskANXW3ZT7QwKC5wWVDg9dDH4/edit

== disclaimer ==
Best efforts are made to ensure the below is accurate and valid. However,
errors sometimes happen. If any errors or omissions are found, please feel
free to reply to this email with any corrections.

== attendees ==
Trevor Woerner, Stephen Jolley, Jan-Simon Möller, Armin Kuster, Steve
Sakoman, Scott Murray, Michael Halstead, Jon Mason, Richard Purdie, Bruce
Ashfield, Saul Wold, Randy MacLeod, Paul Barker, Joshua Watt, Denys
Dmytriyenko

== notes ==
- -m3 built and in QA
- bitbake preferred version mandatory
- ovmf, meson updates for reproducibility (issues in Go remain)
- qemu risc-v machines added
- new storage fetcher added to bitbake
- AB-int issues increasing

== general ==
RP: time to update layer names to hardknott


RP: some high-profile issues have highlighted the need for reproducible
builds, which puts us in a good light. good timing. all that’s left now
are ruby-docs and Go, so that’s really good
SS: some of these things are version-specific, so they can’t all go in
dunfell
RP: might want to update the version of diffoscope for dunfell, lots of
improvements
JPEW: on the reproducibility website you can select a branch, but it doesn’t
work for dunfell
RP: does gatesgarth work?
JPEW: hmm… gatesgarth doesn’t work either
RP: the test results are there and those should work, there’s probably an
issue with the interface or formatting
JPEW: i’ll look into it


RP: util-linux split caused build failures (“files already exist”). there
is high-level code that was supposed to catch this, but it was missed
because the collision isn’t caused by different packages. i’m hoping
to take a look at this issue, although it sounds like it might be too big
of a change for -m4.


Re: dunfell: regression linux-fimware installed in rootfs in actual dunfell master

Steve Sakoman
 

On Thu, Mar 11, 2021 at 11:44 AM Marek Belisko <marek.belisko@...> wrote:

Hi,

I've bumped from poky dunfell: dunfell-23.0.6 to actual dunfell branch
and I have an problem that all linux-firmware packages are installed
in my rootfs (even I have in IMAGE_INSTALL only
linux-firmware-bcm43430). Any ideas? In the commit log I saw that
linux-firmware package was bumped.
It appears that the upstream directory layout changed, so this is also
an issue in master.

A patch has been submitted to resolve the issue and I will cherry-pick
it to dunfell after it appears in master.

https://lists.openembedded.org/g/openembedded-core/message/149552

Steve

Thanks and BR,

marek

--
as simple and primitive as possible
-------------------------------------------------
Marek Belisko - OPEN-NANDRA
Freelance Developer

Ruska Nova Ves 219 | Presov, 08005 Slovak Republic
Tel: +421 915 052 184
skype: marekwhite
twitter: #opennandra
web: http://open-nandra.com



Re: Building test code?

jchludzinski
 

Well, because time is of the essence, could you give me a little assist here and explain how I might build spidev-test using OpenEmbedded?

THANKS for your help!
---John

On 2021-03-16 05:58, Josef Holzmayr wrote:
Am Di., 16. März 2021 um 10:49 Uhr schrieb Nicolas Dechesne
<nicolas.dechesne@...>:
On Tue, Mar 16, 2021 at 8:07 AM jchludzinski via
lists.yoctoproject.org
<jchludzinski=vivaldi.net@...> wrote:

It certainly appears to be BUT I'm not certain what I'm looking at?

What is meta-openembedded?

Is it a GIT repo that can be cloned and built?
Short answer is yes. The whole Yocto Project / Open Embedded concept
is based around 'layers. A layer is a repository that contains recipes
(and/or machine/distro, ..). The Yocto Project releases include a
couple of common/core layers, but there are plenty of layers out there
which can be used
I am sure there are quite a bit of documentation on this topic, but
perhaps you might want to start with:
https://docs.yoctoproject.org/overview-manual/yp-intro.html#the-yocto-project-layer-model
Or grab a beer and start bingewatching
https://www.youtube.com/playlist?list=PLD4M5FoHz-TxMfBFrDKfIS_GLY25Qsfyj
</SCNR>





How do I use this to build spidev-test?


---John


On 2021-03-15 19:54, akuster wrote:

On 3/15/21 4:11 PM, jchludzinski via lists.yoctoproject.org wrote:

I got a piece of code from github:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/tools/spi/spidev_test.c

I'd like to add it somewhere under /*tools/testing*/ and build it there.

Not sure if this is appropriate? If so, how do I go about this?

If not, what's the best way to build this?


Is this what you are looking for?
https://git.openembedded.org/meta-openembedded/tree/meta-oe/recipes-kernel/spidev-test/spidev-test.bb

-armin










Yocto Project Status WW11`21

Stephen Jolley
 

Current Dev Position: YP 3.3 M4 (Feature Freeze)

Next Deadline: 5th April 2021 YP 3.3 M4 build

 

Next Team Meetings:

 

Key Status/Updates:

  • YP 3.3 M3 has been built and is now in QA.
  • We were able to track down the parsing performance regressions and patches in master have addressed those (thanks Peter).
  • We have merged REQUIRED_VERSION support to bitbake which works in a similar way to PREFERRED_VERSION but is a mandatory directive rather than optional.
  • Reproducibility has improved again with ltp fixed, perf fixed and fixes pending for meson and ovmf. This leaves ruby-docs and the Go Language issues,

https://www.yoctoproject.org/reproducible-build-results/

  • qemuppc64 and qemuriscv32 machines were added. These are not officially supported/tested but have been added to oe-core to allow development to focus around them rather than happening ad hoc externally. For official support of these platforms there would need to be some funding for the autobuilder resources needed through project members sponsoring that work.
  • A new Azure Storage fetcher was added to bitbake.
  • “Pending” state patch review is still needed, we have some really old stale ones which really need decisions to be made about their future. It would help a lot if recipe maintainers could review recipe patchsets and upstream them or remove them if they are no longer relevant. 
  • Intermittent autobuilder issues continue to occur and are now at a record high level. You can see the list of failures we’re continuing to see by searching for the “AB-INT” tag in bugzilla: https://bugzilla.yoctoproject.org/buglist.cgi?quicksearch=AB-INT

We are working to identify the load pattern on the infrastructure that seems to trigger these. We have seen a sharp rise in numbers of issues with the new more rigorous swat process.

 

Ways to contribute:

 

YP 3.3 Milestone Dates:

  • YP 3.3 M3 is in QA
  • YP 3.3 M3 Release date 2021/03/12
  • YP 3.3 M4 build date 2021/04/05
  • YP 3.3 M4 Release date 2021/04/30

 

Planned upcoming dot releases:

  • YP 3.2.3 build date 2021/03/22
  • YP 3.2.3 release date 2021/04/02
  • YP 3.1.7 build date 2021/03/29
  • YP 3.1.7 release date 2021/04/09
  • YP 3.2.4 build date 2021/05/3
  • YP 3.2.4 release date 2021/05/14
  • YP 3.1.8 build date 2021/05/17
  • YP 3.1.8 release date 2021/05/28

 

Tracking Metrics:

 

The Yocto Project’s technical governance is through its Technical Steering Committee, more information is available at:

https://wiki.yoctoproject.org/wiki/TSC

 

The Status reports are now stored on the wiki at: https://wiki.yoctoproject.org/wiki/Weekly_Status

 

[If anyone has suggestions for other information you’d like to see on this weekly status update, let us know!]

 

Thanks,

 

Stephen K. Jolley

Yocto Project Program Manager

(    Cell:                (208) 244-4460

* Email:              sjolley.yp.pm@...

 


Re: Yocto Project Status WW04'20

DUDZIAK Krzysztof <krzysztof.dudziak@...>
 

Sorry for be that late. Just for fellows who in future look answers to above question (like me today).
I really like Philips feedback, thanks for that:
https://lists.openembedded.org/g/openembedded-architecture/message/1194


Re: Building test code?

Josef Holzmayr
 

Am Di., 16. März 2021 um 10:49 Uhr schrieb Nicolas Dechesne
<nicolas.dechesne@...>:

On Tue, Mar 16, 2021 at 8:07 AM jchludzinski via
lists.yoctoproject.org
<jchludzinski=vivaldi.net@...> wrote:

It certainly appears to be BUT I'm not certain what I'm looking at?

What is meta-openembedded?

Is it a GIT repo that can be cloned and built?
Short answer is yes. The whole Yocto Project / Open Embedded concept
is based around 'layers. A layer is a repository that contains recipes
(and/or machine/distro, ..). The Yocto Project releases include a
couple of common/core layers, but there are plenty of layers out there
which can be used
I am sure there are quite a bit of documentation on this topic, but
perhaps you might want to start with:
https://docs.yoctoproject.org/overview-manual/yp-intro.html#the-yocto-project-layer-model
Or grab a beer and start bingewatching
https://www.youtube.com/playlist?list=PLD4M5FoHz-TxMfBFrDKfIS_GLY25Qsfyj

</SCNR>






How do I use this to build spidev-test?


---John


On 2021-03-15 19:54, akuster wrote:

On 3/15/21 4:11 PM, jchludzinski via lists.yoctoproject.org wrote:

I got a piece of code from github:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/tools/spi/spidev_test.c

I'd like to add it somewhere under /*tools/testing*/ and build it there.

Not sure if this is appropriate? If so, how do I go about this?

If not, what's the best way to build this?


Is this what you are looking for?
https://git.openembedded.org/meta-openembedded/tree/meta-oe/recipes-kernel/spidev-test/spidev-test.bb

-armin











Re: Building test code?

Nicolas Dechesne
 

On Tue, Mar 16, 2021 at 8:07 AM jchludzinski via
lists.yoctoproject.org
<jchludzinski=vivaldi.net@...> wrote:

It certainly appears to be BUT I'm not certain what I'm looking at?

What is meta-openembedded?

Is it a GIT repo that can be cloned and built?
Short answer is yes. The whole Yocto Project / Open Embedded concept
is based around 'layers. A layer is a repository that contains recipes
(and/or machine/distro, ..). The Yocto Project releases include a
couple of common/core layers, but there are plenty of layers out there
which can be used
I am sure there are quite a bit of documentation on this topic, but
perhaps you might want to start with:
https://docs.yoctoproject.org/overview-manual/yp-intro.html#the-yocto-project-layer-model





How do I use this to build spidev-test?


---John


On 2021-03-15 19:54, akuster wrote:

On 3/15/21 4:11 PM, jchludzinski via lists.yoctoproject.org wrote:

I got a piece of code from github:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/tools/spi/spidev_test.c

I'd like to add it somewhere under /*tools/testing*/ and build it there.

Not sure if this is appropriate? If so, how do I go about this?

If not, what's the best way to build this?


Is this what you are looking for?
https://git.openembedded.org/meta-openembedded/tree/meta-oe/recipes-kernel/spidev-test/spidev-test.bb

-armin










[meta-selinux][PATCH] openssh: don't overwrite sshd_config unconditionally

Purushottam choudhary
 

The current implementation was overwriting the sshd_config and sshd
assuming PAM is needed by default.

openssh should use the default sshd_config packaged with the component
if no distro specific needs are present and not overwrite the full
sshd_config file.

1. If PAM is enabled as a distro then enable the UsePAM option in sshd_config.
2. Moved the file sshd to pam directory so that when pam is enabled,
then replace the default from poky by installing the same.

Signed-off-by: Purushottam Choudhary <purushottam.choudhary@...>
---
recipes-connectivity/openssh/files/{ => pam}/sshd | 0
recipes-connectivity/openssh/files/sshd_config | 118 ----------------------
recipes-connectivity/openssh/openssh_%.bbappend | 14 +++
3 files changed, 14 insertions(+), 118 deletions(-)
rename recipes-connectivity/openssh/files/{ => pam}/sshd (100%)
delete mode 100644 recipes-connectivity/openssh/files/sshd_config

diff --git a/recipes-connectivity/openssh/files/sshd b/recipes-connectivity/openssh/files/pam/sshd
similarity index 100%
rename from recipes-connectivity/openssh/files/sshd
rename to recipes-connectivity/openssh/files/pam/sshd
diff --git a/recipes-connectivity/openssh/files/sshd_config b/recipes-connectivity/openssh/files/sshd_config
deleted file mode 100644
index 1c33ad0..0000000
--- a/recipes-connectivity/openssh/files/sshd_config
+++ /dev/null
@@ -1,118 +0,0 @@
-# $OpenBSD: sshd_config,v 1.102 2018/02/16 02:32:40 djm Exp $
-
-# This is the sshd server system-wide configuration file. See
-# sshd_config(5) for more information.
-
-# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
-
-# The strategy used for options in the default sshd_config shipped with
-# OpenSSH is to specify options with their default value where
-# possible, but leave them commented. Uncommented options override the
-# default value.
-
-#Port 22
-#AddressFamily any
-#ListenAddress 0.0.0.0
-#ListenAddress ::
-
-#HostKey /etc/ssh/ssh_host_rsa_key
-#HostKey /etc/ssh/ssh_host_ecdsa_key
-#HostKey /etc/ssh/ssh_host_ed25519_key
-
-# Ciphers and keying
-#RekeyLimit default none
-
-# Logging
-#SyslogFacility AUTH
-#LogLevel INFO
-
-# Authentication:
-
-#LoginGraceTime 2m
-#PermitRootLogin prohibit-password
-#StrictModes yes
-#MaxAuthTries 6
-#MaxSessions 10
-
-#PubkeyAuthentication yes
-
-# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
-# but this is overridden so installations will only check .ssh/authorized_keys
-#AuthorizedKeysFile .ssh/authorized_keys
-
-#AuthorizedPrincipalsFile none
-
-#AuthorizedKeysCommand none
-#AuthorizedKeysCommandUser nobody
-
-# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
-#HostbasedAuthentication no
-# Change to yes if you don't trust ~/.ssh/known_hosts for
-# HostbasedAuthentication
-#IgnoreUserKnownHosts no
-# Don't read the user's ~/.rhosts and ~/.shosts files
-#IgnoreRhosts yes
-
-# To disable tunneled clear text passwords, change to no here!
-#PasswordAuthentication yes
-#PermitEmptyPasswords no
-
-# Change to yes to enable challenge-response passwords (beware issues with
-# some PAM modules and threads)
-ChallengeResponseAuthentication no
-
-# Kerberos options
-#KerberosAuthentication no
-#KerberosOrLocalPasswd yes
-#KerberosTicketCleanup yes
-#KerberosGetAFSToken no
-
-# GSSAPI options
-#GSSAPIAuthentication no
-#GSSAPICleanupCredentials yes
-
-# Set this to 'yes' to enable PAM authentication, account processing,
-# and session processing. If this is enabled, PAM authentication will
-# be allowed through the ChallengeResponseAuthentication and
-# PasswordAuthentication. Depending on your PAM configuration,
-# PAM authentication via ChallengeResponseAuthentication may bypass
-# the setting of "PermitRootLogin without-password".
-# If you just want the PAM account and session checks to run without
-# PAM authentication, then enable this but set PasswordAuthentication
-# and ChallengeResponseAuthentication to 'no'.
-UsePAM yes
-
-#AllowAgentForwarding yes
-#AllowTcpForwarding yes
-#GatewayPorts no
-#X11Forwarding no
-#X11DisplayOffset 10
-#X11UseLocalhost yes
-#PermitTTY yes
-#PrintMotd yes
-#PrintLastLog yes
-#TCPKeepAlive yes
-#UseLogin no
-#PermitUserEnvironment no
-Compression no
-ClientAliveInterval 15
-ClientAliveCountMax 4
-#UseDNS no
-#PidFile /var/run/sshd.pid
-#MaxStartups 10:30:100
-#PermitTunnel no
-#ChrootDirectory none
-#VersionAddendum none
-
-# no default banner path
-#Banner none
-
-# override default of no subsystems
-Subsystem sftp /usr/libexec/sftp-server
-
-# Example of overriding settings on a per-user basis
-#Match User anoncvs
-# X11Forwarding no
-# AllowTcpForwarding no
-# PermitTTY no
-# ForceCommand cvs server
diff --git a/recipes-connectivity/openssh/openssh_%.bbappend b/recipes-connectivity/openssh/openssh_%.bbappend
index 7719d3b..b541c3e 100644
--- a/recipes-connectivity/openssh/openssh_%.bbappend
+++ b/recipes-connectivity/openssh/openssh_%.bbappend
@@ -1 +1,15 @@
require ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', '${BPN}_selinux.inc', '', d)}
+
+# if pam feature is enabled in the distro then take sshd from the pam directory.
+FILESEXTRAPATHS_prepend := "${@bb.utils.contains('DISTRO_FEATURES', 'pam', '${THISDIR}/files/pam:', ' ', d)}"
+
+do_install_append(){
+
+ if [ "${@bb.utils.filter('DISTRO_FEATURES', 'pam', d)}" ]; then
+ # Make sure UsePAM entry is in the sshd_config file.
+ # If entry not present then append it.
+ grep -q 'UsePAM' "${D}/etc/ssh/sshd_config" && \
+ sed -i 's/.*UsePAM.*/UsePAM yes/' "${D}/etc/ssh/sshd_config" || \
+ echo 'UsePAM yes' >> "${D}/etc/ssh/sshd_config"
+ fi
+}
--
2.7.4

This message contains information that may be privileged or confidential and is the property of the KPIT Technologies Ltd. It is intended only for the person to whom it is addressed. If you are not the intended recipient, you are not authorized to read, print, retain copy, disseminate, distribute, or use this message or any part thereof. If you receive this message in error, please notify the sender immediately and delete all copies of this message. KPIT Technologies Ltd. does not accept any liability for virus infected mails.


Re: [meta-selinux][PATCH] openssh: don't overwrite sshd_config unconditionally

Purushottam choudhary
 

Hi Joe,

Also, we're using many system users and in addition are separating services using SELinux, and since none of the users have passwords (or any other authentication methods, for that matter) configured, we don't need PAM.

Thanks & Regards,
Purushottam


From: Purushottam Choudhary
Sent: Tuesday, March 16, 2021 2:41 PM
To: Joe MacDonald <joe@...>
Cc: yocto@... <yocto@...>; Nisha Parrakat <Nisha.Parrakat@...>
Subject: Re: [yocto] [meta-selinux][PATCH] openssh: don't overwrite sshd_config unconditionally
 
Hi Joe,

PAM is an option distro feature and SElinux is also a different distro feature.
Ours is an embedded system with no requirement of the users to login to the system.
The project wide requirement considers selinux and pam as two different features.
Selinux doesn't depend on pam so there should be at least an option to not use pam with meta-selinux.
From security point of view, in our project, we do not need PAM but we need selinux
and we may not test PAM at all ,that could cause us to overlook the vulnerabilities and patches.

this patch is for two reasons
1. We find that the current implementation completely replaced the sshd_config from yocto
just to set the UsePAM = yes , which is not such a good idea considering the fact the rest of the
sshd_config changes are currently the same as in yocto.
2. the sshd is also completely replaced by just selecting the selinux distro and even if the user doesn't select PAM as distro in our case.


Thanks & Regards,
Purushottam


From: Joe MacDonald
Sent: Friday, March 12, 2021 9:39 PM
To: Purushottam Choudhary
Cc: yocto@...; Nisha Parrakat
Subject: Re: [yocto] [meta-selinux][PATCH] openssh: don't overwrite sshd_config unconditionally

Hi Purushottam,

[Re: [yocto] [meta-selinux][PATCH] openssh: don't overwrite sshd_config unconditionally] On 21.03.12 (Fri 12:05) Purushottam choudhary wrote:

> Hi,
>
> Please let me know if there any update on this change
> & the tentative week when this change is going to merge in the code.

Sorry about that, I haven't merged it for a couple of reasons, but I
should have followed up before now on it.  It doesn't appear to be against
the currnet head of tree, so I'd suggest a quick rebase on your part and
resend if you think it is still relevant.

At a more basic level, though, I don't know who or how many projects are
intending to use meta-selinux without PAM.  The layer documentation does
make it clear we expect PAM to always be present:

 45 1.2 - How does this layer do to enable SELinux features?
 46
 47 To enable SELinux features, this layers has done these works:
 48
 49    * new DISTRO_FEATURES "selinux" defined
 50    * new DISTRO "poky-selinux" defined, with DISTRO_FEATURES += "pam selinux"
 51    * config file for Linux kernel to enable SELinux
 52    * recipes for SELinux userland libraries and tools
 53    * package group (packagegroup-core-selinux) for SELinux userland packages
 54    * bbappends for SELinux related recipes to build with SELinux enabled
 55    * recipes for SELinux policy modified from refpolicy
 
The documentation is certainly in need of some updating, but I think the
majority of our users (if not all) are including PAM in their projects.  I
would be interested to hear about your PAM-less meta-selinux project if
you can share some details.

It is certainly arguable whether the config file should be dumped in place
as it is being today, but I do think it's functioning as intended right
now.  Shifting the PAM sshd configuration to a different directory is fine
with me, I don't have any particular love of everything in one files/
directory, but I also don't have any strong aversion to it until it
becomes an obvious problem (eg. two separate files that should have the
same name and different purposes, such as something to be installed in
/etc/defaults/ and /etc/X11/, maybe).

I hope that clears things up a bit.  Thanks.

-Joe.

>
> Thanks & Regards,
> Purushottam
>
> ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
> From: Purushottam Choudhary <purushottam.choudhary@...>
> Sent: Friday, February 26, 2021 2:29 PM
> To: yocto@... <yocto@...>
> Cc: Nisha Parrakat <Nisha.Parrakat@...>
> Subject: [meta-selinux][PATCH] openssh: don't overwrite sshd_config
> unconditionally

> The current implementation was overwriting the sshd_config and sshd
> assuming PAM is needed by default.
>
> openssh should use the default sshd_config packaged with the component
> if no distro specific needs are present and not overwrite the full
> sshd_config file.
>
> 1. If PAM is enabled as a distro then enable the UsePAM option in sshd_config.
> 2. Moved the file sshd to pam directory so that when pam is enabled,
>    then replace the default from poky by installing the same.
>
> Signed-off-by: Purushottam Choudhary <purushottam.choudhary@...>
> ---
>  recipes-connectivity/openssh/files/{ => pam}/sshd |   0
>  recipes-connectivity/openssh/files/sshd_config    | 118 ----------------------
>  recipes-connectivity/openssh/openssh_%.bbappend   |  14 +++
>  3 files changed, 14 insertions(+), 118 deletions(-)
>  rename recipes-connectivity/openssh/files/{ => pam}/sshd (100%)
>  delete mode 100644 recipes-connectivity/openssh/files/sshd_config
>
> diff --git a/recipes-connectivity/openssh/files/sshd b/recipes-connectivity/
> openssh/files/pam/sshd
> similarity index 100%
> rename from recipes-connectivity/openssh/files/sshd
> rename to recipes-connectivity/openssh/files/pam/sshd
> diff --git a/recipes-connectivity/openssh/files/sshd_config b/
> recipes-connectivity/openssh/files/sshd_config
> deleted file mode 100644
> index 1c33ad0..0000000
> --- a/recipes-connectivity/openssh/files/sshd_config
> +++ /dev/null
> @@ -1,118 +0,0 @@
> -#      $OpenBSD: sshd_config,v 1.102 2018/02/16 02:32:40 djm Exp $
> -
> -# This is the sshd server system-wide configuration file.  See
> -# sshd_config(5) for more information.
> -
> -# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
> -
> -# The strategy used for options in the default sshd_config shipped with
> -# OpenSSH is to specify options with their default value where
> -# possible, but leave them commented.  Uncommented options override the
> -# default value.
> -
> -#Port 22
> -#AddressFamily any
> -#ListenAddress 0.0.0.0
> -#ListenAddress ::
> -
> -#HostKey /etc/ssh/ssh_host_rsa_key
> -#HostKey /etc/ssh/ssh_host_ecdsa_key
> -#HostKey /etc/ssh/ssh_host_ed25519_key
> -
> -# Ciphers and keying
> -#RekeyLimit default none
> -
> -# Logging
> -#SyslogFacility AUTH
> -#LogLevel INFO
> -
> -# Authentication:
> -
> -#LoginGraceTime 2m
> -#PermitRootLogin prohibit-password
> -#StrictModes yes
> -#MaxAuthTries 6
> -#MaxSessions 10
> -
> -#PubkeyAuthentication yes
> -
> -# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
> -# but this is overridden so installations will only check .ssh/authorized_keys
> -#AuthorizedKeysFile    .ssh/authorized_keys
> -
> -#AuthorizedPrincipalsFile none
> -
> -#AuthorizedKeysCommand none
> -#AuthorizedKeysCommandUser nobody
> -
> -# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
> -#HostbasedAuthentication no
> -# Change to yes if you don't trust ~/.ssh/known_hosts for
> -# HostbasedAuthentication
> -#IgnoreUserKnownHosts no
> -# Don't read the user's ~/.rhosts and ~/.shosts files
> -#IgnoreRhosts yes
> -
> -# To disable tunneled clear text passwords, change to no here!
> -#PasswordAuthentication yes
> -#PermitEmptyPasswords no
> -
> -# Change to yes to enable challenge-response passwords (beware issues with
> -# some PAM modules and threads)
> -ChallengeResponseAuthentication no
> -
> -# Kerberos options
> -#KerberosAuthentication no
> -#KerberosOrLocalPasswd yes
> -#KerberosTicketCleanup yes
> -#KerberosGetAFSToken no
> -
> -# GSSAPI options
> -#GSSAPIAuthentication no
> -#GSSAPICleanupCredentials yes
> -
> -# Set this to 'yes' to enable PAM authentication, account processing,
> -# and session processing. If this is enabled, PAM authentication will
> -# be allowed through the ChallengeResponseAuthentication and
> -# PasswordAuthentication.  Depending on your PAM configuration,
> -# PAM authentication via ChallengeResponseAuthentication may bypass
> -# the setting of "PermitRootLogin without-password".
> -# If you just want the PAM account and session checks to run without
> -# PAM authentication, then enable this but set PasswordAuthentication
> -# and ChallengeResponseAuthentication to 'no'.
> -UsePAM yes
> -
> -#AllowAgentForwarding yes
> -#AllowTcpForwarding yes
> -#GatewayPorts no
> -#X11Forwarding no
> -#X11DisplayOffset 10
> -#X11UseLocalhost yes
> -#PermitTTY yes
> -#PrintMotd yes
> -#PrintLastLog yes
> -#TCPKeepAlive yes
> -#UseLogin no
> -#PermitUserEnvironment no
> -Compression no
> -ClientAliveInterval 15
> -ClientAliveCountMax 4
> -#UseDNS no
> -#PidFile /var/run/sshd.pid
> -#MaxStartups 10:30:100
> -#PermitTunnel no
> -#ChrootDirectory none
> -#VersionAddendum none
> -
> -# no default banner path
> -#Banner none
> -
> -# override default of no subsystems
> -Subsystem      sftp    /usr/libexec/sftp-server
> -
> -# Example of overriding settings on a per-user basis
> -#Match User anoncvs
> -#      X11Forwarding no
> -#      AllowTcpForwarding no
> -#      PermitTTY no
> -#      ForceCommand cvs server
> diff --git a/recipes-connectivity/openssh/openssh_%.bbappend b/
> recipes-connectivity/openssh/openssh_%.bbappend
> index 7719d3b..b541c3e 100644
> --- a/recipes-connectivity/openssh/openssh_%.bbappend
> +++ b/recipes-connectivity/openssh/openssh_%.bbappend
> @@ -1 +1,15 @@
>  require ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', '${BPN}
> _selinux.inc', '', d)}
> +
> +# if pam feature is enabled in the distro then take sshd from the pam
> directory.
> +FILESEXTRAPATHS_prepend := "${@bb.utils.contains('DISTRO_FEATURES', 'pam', '$
> {THISDIR}/files/pam:', ' ', d)}"
> +
> +do_install_append(){
> +
> +    if [ "${@bb.utils.filter('DISTRO_FEATURES', 'pam', d)}" ]; then
> +        # Make sure UsePAM entry is in the sshd_config file.
> +        # If entry not present then append it.
> +        grep -q 'UsePAM' "${D}/etc/ssh/sshd_config" && \
> +        sed -i 's/.*UsePAM.*/UsePAM yes/' "${D}/etc/ssh/sshd_config" || \
> +        echo 'UsePAM yes' >> "${D}/etc/ssh/sshd_config"
> +    fi
> +}
> --
> 2.7.4
>
> This message contains information that may be privileged or confidential and is
> the property of the KPIT Technologies Ltd. It is intended only for the person
> to whom it is addressed. If you are not the intended recipient, you are not
> authorized to read, print, retain copy, disseminate, distribute, or use this
> message or any part thereof. If you receive this message in error, please
> notify the sender immediately and delete all copies of this message. KPIT
> Technologies Ltd. does not accept any liability for virus infected mails.

>
>
>


--
-Joe MacDonald.
:wq
This message contains information that may be privileged or confidential and is the property of the KPIT Technologies Ltd. It is intended only for the person to whom it is addressed. If you are not the intended recipient, you are not authorized to read, print, retain copy, disseminate, distribute, or use this message or any part thereof. If you receive this message in error, please notify the sender immediately and delete all copies of this message. KPIT Technologies Ltd. does not accept any liability for virus infected mails.


Re: [meta-selinux][PATCH] openssh: don't overwrite sshd_config unconditionally

Purushottam choudhary
 

Hi Joe,

PAM is an option distro feature and SElinux is also a different distro feature.
Ours is an embedded system with no requirement of the users to login to the system.
The project wide requirement considers selinux and pam as two different features.
Selinux doesn't depend on pam so there should be at least an option to not use pam with meta-selinux.
From security point of view, in our project, we do not need PAM but we need selinux
and we may not test PAM at all ,that could cause us to overlook the vulnerabilities and patches.

this patch is for two reasons
1. We find that the current implementation completely replaced the sshd_config from yocto
just to set the UsePAM = yes , which is not such a good idea considering the fact the rest of the
sshd_config changes are currently the same as in yocto.
2. the sshd is also completely replaced by just selecting the selinux distro and even if the user doesn't select PAM as distro in our case.


Thanks & Regards,
Purushottam


From: Joe MacDonald
Sent: Friday, March 12, 2021 9:39 PM
To: Purushottam Choudhary
Cc: yocto@...; Nisha Parrakat
Subject: Re: [yocto] [meta-selinux][PATCH] openssh: don't overwrite sshd_config unconditionally

Hi Purushottam,

[Re: [yocto] [meta-selinux][PATCH] openssh: don't overwrite sshd_config unconditionally] On 21.03.12 (Fri 12:05) Purushottam choudhary wrote:

> Hi,
>
> Please let me know if there any update on this change
> & the tentative week when this change is going to merge in the code.

Sorry about that, I haven't merged it for a couple of reasons, but I
should have followed up before now on it.  It doesn't appear to be against
the currnet head of tree, so I'd suggest a quick rebase on your part and
resend if you think it is still relevant.

At a more basic level, though, I don't know who or how many projects are
intending to use meta-selinux without PAM.  The layer documentation does
make it clear we expect PAM to always be present:

 45 1.2 - How does this layer do to enable SELinux features?
 46
 47 To enable SELinux features, this layers has done these works:
 48
 49    * new DISTRO_FEATURES "selinux" defined
 50    * new DISTRO "poky-selinux" defined, with DISTRO_FEATURES += "pam selinux"
 51    * config file for Linux kernel to enable SELinux
 52    * recipes for SELinux userland libraries and tools
 53    * package group (packagegroup-core-selinux) for SELinux userland packages
 54    * bbappends for SELinux related recipes to build with SELinux enabled
 55    * recipes for SELinux policy modified from refpolicy
 
The documentation is certainly in need of some updating, but I think the
majority of our users (if not all) are including PAM in their projects.  I
would be interested to hear about your PAM-less meta-selinux project if
you can share some details.

It is certainly arguable whether the config file should be dumped in place
as it is being today, but I do think it's functioning as intended right
now.  Shifting the PAM sshd configuration to a different directory is fine
with me, I don't have any particular love of everything in one files/
directory, but I also don't have any strong aversion to it until it
becomes an obvious problem (eg. two separate files that should have the
same name and different purposes, such as something to be installed in
/etc/defaults/ and /etc/X11/, maybe).

I hope that clears things up a bit.  Thanks.

-Joe.

>
> Thanks & Regards,
> Purushottam
>
> ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
> From: Purushottam Choudhary <purushottam.choudhary@...>
> Sent: Friday, February 26, 2021 2:29 PM
> To: yocto@... <yocto@...>
> Cc: Nisha Parrakat <Nisha.Parrakat@...>
> Subject: [meta-selinux][PATCH] openssh: don't overwrite sshd_config
> unconditionally

> The current implementation was overwriting the sshd_config and sshd
> assuming PAM is needed by default.
>
> openssh should use the default sshd_config packaged with the component
> if no distro specific needs are present and not overwrite the full
> sshd_config file.
>
> 1. If PAM is enabled as a distro then enable the UsePAM option in sshd_config.
> 2. Moved the file sshd to pam directory so that when pam is enabled,
>    then replace the default from poky by installing the same.
>
> Signed-off-by: Purushottam Choudhary <purushottam.choudhary@...>
> ---
>  recipes-connectivity/openssh/files/{ => pam}/sshd |   0
>  recipes-connectivity/openssh/files/sshd_config    | 118 ----------------------
>  recipes-connectivity/openssh/openssh_%.bbappend   |  14 +++
>  3 files changed, 14 insertions(+), 118 deletions(-)
>  rename recipes-connectivity/openssh/files/{ => pam}/sshd (100%)
>  delete mode 100644 recipes-connectivity/openssh/files/sshd_config
>
> diff --git a/recipes-connectivity/openssh/files/sshd b/recipes-connectivity/
> openssh/files/pam/sshd
> similarity index 100%
> rename from recipes-connectivity/openssh/files/sshd
> rename to recipes-connectivity/openssh/files/pam/sshd
> diff --git a/recipes-connectivity/openssh/files/sshd_config b/
> recipes-connectivity/openssh/files/sshd_config
> deleted file mode 100644
> index 1c33ad0..0000000
> --- a/recipes-connectivity/openssh/files/sshd_config
> +++ /dev/null
> @@ -1,118 +0,0 @@
> -#      $OpenBSD: sshd_config,v 1.102 2018/02/16 02:32:40 djm Exp $
> -
> -# This is the sshd server system-wide configuration file.  See
> -# sshd_config(5) for more information.
> -
> -# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
> -
> -# The strategy used for options in the default sshd_config shipped with
> -# OpenSSH is to specify options with their default value where
> -# possible, but leave them commented.  Uncommented options override the
> -# default value.
> -
> -#Port 22
> -#AddressFamily any
> -#ListenAddress 0.0.0.0
> -#ListenAddress ::
> -
> -#HostKey /etc/ssh/ssh_host_rsa_key
> -#HostKey /etc/ssh/ssh_host_ecdsa_key
> -#HostKey /etc/ssh/ssh_host_ed25519_key
> -
> -# Ciphers and keying
> -#RekeyLimit default none
> -
> -# Logging
> -#SyslogFacility AUTH
> -#LogLevel INFO
> -
> -# Authentication:
> -
> -#LoginGraceTime 2m
> -#PermitRootLogin prohibit-password
> -#StrictModes yes
> -#MaxAuthTries 6
> -#MaxSessions 10
> -
> -#PubkeyAuthentication yes
> -
> -# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
> -# but this is overridden so installations will only check .ssh/authorized_keys
> -#AuthorizedKeysFile    .ssh/authorized_keys
> -
> -#AuthorizedPrincipalsFile none
> -
> -#AuthorizedKeysCommand none
> -#AuthorizedKeysCommandUser nobody
> -
> -# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
> -#HostbasedAuthentication no
> -# Change to yes if you don't trust ~/.ssh/known_hosts for
> -# HostbasedAuthentication
> -#IgnoreUserKnownHosts no
> -# Don't read the user's ~/.rhosts and ~/.shosts files
> -#IgnoreRhosts yes
> -
> -# To disable tunneled clear text passwords, change to no here!
> -#PasswordAuthentication yes
> -#PermitEmptyPasswords no
> -
> -# Change to yes to enable challenge-response passwords (beware issues with
> -# some PAM modules and threads)
> -ChallengeResponseAuthentication no
> -
> -# Kerberos options
> -#KerberosAuthentication no
> -#KerberosOrLocalPasswd yes
> -#KerberosTicketCleanup yes
> -#KerberosGetAFSToken no
> -
> -# GSSAPI options
> -#GSSAPIAuthentication no
> -#GSSAPICleanupCredentials yes
> -
> -# Set this to 'yes' to enable PAM authentication, account processing,
> -# and session processing. If this is enabled, PAM authentication will
> -# be allowed through the ChallengeResponseAuthentication and
> -# PasswordAuthentication.  Depending on your PAM configuration,
> -# PAM authentication via ChallengeResponseAuthentication may bypass
> -# the setting of "PermitRootLogin without-password".
> -# If you just want the PAM account and session checks to run without
> -# PAM authentication, then enable this but set PasswordAuthentication
> -# and ChallengeResponseAuthentication to 'no'.
> -UsePAM yes
> -
> -#AllowAgentForwarding yes
> -#AllowTcpForwarding yes
> -#GatewayPorts no
> -#X11Forwarding no
> -#X11DisplayOffset 10
> -#X11UseLocalhost yes
> -#PermitTTY yes
> -#PrintMotd yes
> -#PrintLastLog yes
> -#TCPKeepAlive yes
> -#UseLogin no
> -#PermitUserEnvironment no
> -Compression no
> -ClientAliveInterval 15
> -ClientAliveCountMax 4
> -#UseDNS no
> -#PidFile /var/run/sshd.pid
> -#MaxStartups 10:30:100
> -#PermitTunnel no
> -#ChrootDirectory none
> -#VersionAddendum none
> -
> -# no default banner path
> -#Banner none
> -
> -# override default of no subsystems
> -Subsystem      sftp    /usr/libexec/sftp-server
> -
> -# Example of overriding settings on a per-user basis
> -#Match User anoncvs
> -#      X11Forwarding no
> -#      AllowTcpForwarding no
> -#      PermitTTY no
> -#      ForceCommand cvs server
> diff --git a/recipes-connectivity/openssh/openssh_%.bbappend b/
> recipes-connectivity/openssh/openssh_%.bbappend
> index 7719d3b..b541c3e 100644
> --- a/recipes-connectivity/openssh/openssh_%.bbappend
> +++ b/recipes-connectivity/openssh/openssh_%.bbappend
> @@ -1 +1,15 @@
>  require ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', '${BPN}
> _selinux.inc', '', d)}
> +
> +# if pam feature is enabled in the distro then take sshd from the pam
> directory.
> +FILESEXTRAPATHS_prepend := "${@bb.utils.contains('DISTRO_FEATURES', 'pam', '$
> {THISDIR}/files/pam:', ' ', d)}"
> +
> +do_install_append(){
> +
> +    if [ "${@bb.utils.filter('DISTRO_FEATURES', 'pam', d)}" ]; then
> +        # Make sure UsePAM entry is in the sshd_config file.
> +        # If entry not present then append it.
> +        grep -q 'UsePAM' "${D}/etc/ssh/sshd_config" && \
> +        sed -i 's/.*UsePAM.*/UsePAM yes/' "${D}/etc/ssh/sshd_config" || \
> +        echo 'UsePAM yes' >> "${D}/etc/ssh/sshd_config"
> +    fi
> +}
> --
> 2.7.4
>
> This message contains information that may be privileged or confidential and is
> the property of the KPIT Technologies Ltd. It is intended only for the person
> to whom it is addressed. If you are not the intended recipient, you are not
> authorized to read, print, retain copy, disseminate, distribute, or use this
> message or any part thereof. If you receive this message in error, please
> notify the sender immediately and delete all copies of this message. KPIT
> Technologies Ltd. does not accept any liability for virus infected mails.

>
>
>


--
-Joe MacDonald.
:wq
This message contains information that may be privileged or confidential and is the property of the KPIT Technologies Ltd. It is intended only for the person to whom it is addressed. If you are not the intended recipient, you are not authorized to read, print, retain copy, disseminate, distribute, or use this message or any part thereof. If you receive this message in error, please notify the sender immediately and delete all copies of this message. KPIT Technologies Ltd. does not accept any liability for virus infected mails.


Avahi in yocto #yocto

lavkhush2208@...
 

I am getting issue in Avahi
Issue- trying to remove PID file.(/run/avahi-daemon/ /pid)

Due to this issue, i am not able to get "Service name" on host machine. please help me.


Re: Building test code?

jchludzinski
 

It certainly appears to be BUT I'm not certain what I'm looking at?

What is meta-openembedded?

Is it a GIT repo that can be cloned and built?

How do I use this to build spidev-test?

---John


On 2021-03-15 19:54, akuster wrote:
On 3/15/21 4:11 PM, jchludzinski via lists.yoctoproject.org wrote:
I got a piece of code from github:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/tools/spi/spidev_test.c

I'd like to add it somewhere under /*tools/testing*/ and build it there.

Not sure if this is appropriate? If so, how do I go about this?

If not, what's the best way to build this?

Is this what you are looking for?
 https://git.openembedded.org/meta-openembedded/tree/meta-oe/recipes-kernel/spidev-test/spidev-test.bb

-armin







Re: QA notification for completed autobuilder build (yocto-3.3_M3.rc1)

Sangeeta Jain
 

Hi all,

Intel and WR YP QA is planning for QA execution for YP build yocto-3.3_M3.rc1. We are planning to execute following tests for this cycle:

OEQA-manual tests for following module:
1. OE-Core
2. BSP-hw

Runtime auto test for following platforms:
1. MinnowTurbot 32-bit
2. Coffee Lake
3. NUC 7
4. NUC 6
5. Edgerouter
6. Beaglebone

ETA for completion is next Thursday, March 21.

Thanks,
Sangeeta

-----Original Message-----
From: yocto@... <yocto@...> On Behalf
Of Pokybuild User
Sent: Tuesday, 16 March, 2021 6:16 AM
To: yocto@...
Cc: qa-build-notification@...
Subject: [yocto] QA notification for completed autobuilder build (yocto-
3.3_M3.rc1)


A build flagged for QA (yocto-3.3_M3.rc1) was completed on the autobuilder
and is available at:


https://autobuilder.yocto.io/pub/releases/yocto-3.3_M3.rc1


Build hash information:

bitbake: 53c30efec4099035d19e6717059dfceff8ff88fd
meta-arm: a949ebfd06dcae26ca3c625195e1a3ed703b2c6e
meta-gplv2: 9e119f333cc8f53bd3cf64326f826dbc6ce3db0f
meta-intel: 850940e3e5ebc75328fa75e718235342cb6c2172
meta-kernel: 29329d7cacc71595cecfdd05a455a0cfb164564d
meta-mingw: 422b96cb2b6116442be1f40dfb5bd77447d1219e
oecore: fa1e1fbc082e82e41ccfeae58af97fe048c9aac7
poky: 9fbbf40317743beacd8ac9d3f602765ed9d9fa6f



This is an automated message from the Yocto Project Autobuilder
Git: git://git.yoctoproject.org/yocto-autobuilder2
Email: richard.purdie@...



Re: Building test code?

Armin Kuster
 

On 3/15/21 4:11 PM, jchludzinski via lists.yoctoproject.org wrote:
I got a piece of code from github:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/tools/spi/spidev_test.c

I'd like to add it somewhere under /*tools/testing*/ and build it there.

Not sure if this is appropriate? If so, how do I go about this?

If not, what's the best way to build this?
Is this what you are looking for?
 https://git.openembedded.org/meta-openembedded/tree/meta-oe/recipes-kernel/spidev-test/spidev-test.bb

-armin



GPT instead of MBR in my WKS file

Jonas Vautherin
 

Hello :-),

Learning Yocto with my Pocketbeagle, I have been looking at the WKS file recently. Starting with the default beaglebone-yocto.wks, it is working fine for an MBR partition table:

```
part /boot --source bootimg-partition --ondisk mmcblk0 --fstype=vfat --label boot --active --align 4 --size 16 --sourceparams="loader=u-boot" --use-uuid
part / --source rootfs --ondisk mmcblk --fstype=ext4 --label root --align 4 --use-uuid
bootloader --append="console=ttyS0,115200"
```

Looking at the documentation and some examples online, I wanted to try moving that to a GPT partition table. But whatever I do, I always end up with an image that just does not boot at all (and my FTDI connection does not give me any serial output at all, not even an error). For instance I tried something like this:

```
part /boot --source bootimg-efi --ondisk mmcblk0 --fstype=vfat --label boot --part-name boot --active --align 1024 --sourceparams="loader=grub-efi" --use-uuid
part / --source rootfs --ondisk mmcblk --fstype=ext4 --label root --part-name system --align 1024 --use-uuid
bootloader --ptable gpt --append="console=ttyS0,115200"
```

So I obviously started with `--ptable gpt`, and then gradually tried to change other things (like `bootimg-efi` instead of `bootimg-partition`, changing the `--align` value, etc. Honestly I don't really know what I am doing, but I have not found references that helped me online (probably because I'm a beginner and I do not know what to search for).

I would love to get some insights about this. Like how could I verify if my pocketbeagle can run from GPT at all (I have read that some ROMs do not support it because it is too big)? And does GPT require EFI and/or grub at all, or is that independent?

After all, I would just like to have a GPT partition table that looks very similar to my MBR table, except that with GPT I could benefit from the `--part-name` for fastboot. I don't think I want grub at all, for instance.

Best Regards,
Jonas


Building test code?

jchludzinski
 

I got a piece of code from github:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/tools/spi/spidev_test.c

I'd like to add it somewhere under tools/testing and build it there.

Not sure if this is appropriate? If so, how do I go about this?

If not, what's the best way to build this?


QA notification for completed autobuilder build (yocto-3.3_M3.rc1)

Pokybuild User <pokybuild@...>
 

A build flagged for QA (yocto-3.3_M3.rc1) was completed on the autobuilder and is available at:


https://autobuilder.yocto.io/pub/releases/yocto-3.3_M3.rc1


Build hash information:

bitbake: 53c30efec4099035d19e6717059dfceff8ff88fd
meta-arm: a949ebfd06dcae26ca3c625195e1a3ed703b2c6e
meta-gplv2: 9e119f333cc8f53bd3cf64326f826dbc6ce3db0f
meta-intel: 850940e3e5ebc75328fa75e718235342cb6c2172
meta-kernel: 29329d7cacc71595cecfdd05a455a0cfb164564d
meta-mingw: 422b96cb2b6116442be1f40dfb5bd77447d1219e
oecore: fa1e1fbc082e82e41ccfeae58af97fe048c9aac7
poky: 9fbbf40317743beacd8ac9d3f602765ed9d9fa6f



This is an automated message from the Yocto Project Autobuilder
Git: git://git.yoctoproject.org/yocto-autobuilder2
Email: richard.purdie@...

4681 - 4700 of 57387