Hi, Has anyone tried using AppArmor with Yocto? The recipe in the meta-security layer is broken, and when fixed so it actually builds, it turns out the installed init script relies on functions not fo

I ended up replacing the recipe with one combining the one from meta-security and from the OpenSwitch project[1]. This allowed me to get rid of the sysvinit and apache2 dependencies. I’ll have to look

Hi Tom, Your commit fixes most of the problems, but /usr/bin/aa-easyprof still gets installed with a shebang referring to the host python3 interpreter. The script is processed and installed by utils/p

Hi, We've been trying out a setup using multiconfigs to select the source control branch some set of recipes to build. The building part goes well, but whenever we run package-index, the packages buil

Hi, I'm hoping someone could clarify how the symlink generation from /etc/resolv.conf to systemd's runtime /run/systemd/resolve/resolv.conf is supposed to work when resolved is not enabled. In the sys

Hi, I'm looking into using the useradd-staticids class for reproducible builds. Is there any way to delay the warning/error about missing ids until a recipe is actually built rather than getting them

Thanks for the explanation. It’s not a huge deal, just a bit unexpected. Regards, Anders

Hi, It seems to me that the tzdata package will overwrite whatever the current time zone is with its default. This is not great if you’re upgrading the package on an existing system. Should the creati

Hi, A colleague pointed out that although ${sysconfdir}/localtime is added to CONFFILES, the get_conffiles() function in package.bbclass explicitly removes symlinks from the list of configuration file

Hi, I was experimenting with building on an AArch64 host, and ran into the issue that image_types_wic.bbclass unconditionally adds syslinux-native to the dependencies, while syslinux is only compatibl

You probably want a timer unit that triggers the service unit: <https://www.freedesktop.org/software/systemd/man/systemd.timer.html> Regards, Anders

This series backports two patches from master, and fixes one xargs incompatibility. Together, this allows AppArmor run on an Arm target under systemd. Anders Montonen (1): apparmor: Fix xargs error Ar

From: Armin Kuster <akuster808@...> exclude arm and aarch64 ptest tasks [v2&3] Sent before committing. Signed-off-by: Armin Kuster <akuster808@...> (cherry picked from commit 27ddb455543b6

From: Armin Kuster <akuster808@...> [Yocto # 13568] Signed-off-by: Armin Kuster <akuster808@...> (cherry picked from commit 5d049e7ef8a0a0a811e2ea1353521c6898e54e4d) Signed-off-by: Anders

The functions script uses flags specific to GNU xargs. Add findutils to RDEPENDS. Fixes: /lib/apparmor/functions: line 92: echo: write error: Broken pipe Signed-off-by: Anders Montonen <Anders.Montone

Hi, These look like typos: of -> if iam -> ima iam -> ima Regards, Anders

Hi, What's the best way for handling name collisions when using the cve-checker tool? For example, there's a ton of Adobe Flex vulnerabilities that are reported against the Flex lexical analyzer gener

Thanks (and to Mikko too), that worked, though I’m a bit curious how one would find the proper vendor name, especially for a project like this where there’s no clear company name. Regards, Anders

Hi, It looks like you have a typo here, the last letter of SRC_URI isn’t capitalized. -a

If you’re using systemd, you can use systemd-analyze to get some boot performance statistics. They can help identify slow-starting services, dependency chains, and other bottlenecks. -a