yocto@lists.yoctoproject.org | Recipe with kernel configuration fragment

Home Messages Hashtags Subgroups

Date Date 1 - 2 of 2

Recipe with kernel configuration fragment

Maik Vermeulen #57818 Hi, For a firewall recipe using nftables we need to make some kernel configuration changes. At first we added the needed CONFIG_ lines to a bbappend in the recipes-kernel directory of our own layer, but I think it would be neater to include the CONFIG_ changes in the recipe that needs them, if possible. So I tried: SRC_URI = " \ file://nftables.service \ file://nftables.conf \ " RDEPENDS_${PN} += " \ nftables \ " inherit systemd SYSTEMD_AUTO_ENABLE = "enable" SYSTEMD_SERVICE_${PN} = "nftables.service" do_install_append() { install -d ${D}/${systemd_unitdir}/system install -m 0644 ${WORKDIR}/nftables.service ${D}/${systemd_unitdir}/system install -d ${D}/${sysconfdir}/nftables install -m 0644 ${WORKDIR}/nftables.conf ${D}/${sysconfdir}/nftables } FILES_${PN} += "${systemd_unitdir}/system/nftables.service" FILES_${PN} += "${sysconfdir}/nftables/nftables.conf" # Make the required changes to the kernel configuration FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}-${PV}:" SRC_URI += " \ file://nftables-kernel.cfg \ " But unfortunately, the CONFIG_ changes in the nftables-kernel.cfg are not being applied.. Any hints? Thanks! Kind regards, Maik Vermeulen Embedded Software Engineer — Lightyear +31 6 16 82 73 79 Automotive Campus 70 —5708 JZ Helmond, the Netherlands www.lightyear.one This email may contain information which is privileged and/or confidential. If you received this e-mail in error, please notify us immediately by e-mail and delete the email without copying or disclosing its contents to any other person. Lightyear is a trade name of Atlas Technologies B.V. and is registered at the Dutch Chamber of Commerce under number 67264298.
More All Messages By This Member
Quentin Schulz #57819 Hi Maik, On 8/10/22 17:19, Maik Vermeulen wrote: Hi, For a firewall recipe using nftables we need to make some kernel configuration changes. At first we added the needed CONFIG_ lines to a bbappend in the recipes-kernel directory of our own layer, but I think it would be neater to include the CONFIG_ changes in the recipe that needs them, if possible. This is not possible because recipe data is local to the recipe, you cannot impact a recipe from another one. The only way to have 2+ recipes doing some things in sync is by having a variable set in a global scope. Such is the case for configuration files (distro and machine). Since the selection of nftables or not is not related to HW but policy, it should be in a distro configruation file. You could add a custom DISTRO_FEATURES to your own distro and check the presence of this feature in your kernel recipe and apply the config fragment with required changes. And you can make the nftables package or whatever require this feature with REQUIRED_DISTRO_FEATURES. Cheers, Quentin
More All Messages By This Member

1 - 2 of 2

1

Previous Topic Next Topic

Home Hashtags Subgroups Terms