ERROR: packagegroup-security-tpm-1.0-r0 do_package_write_rpm: An allarch packagegroup shouldn't depend on packages which are dynamically renamed (libtpm-dbg to libtpms-dbg)
ERROR: packagegroup-security-tpm-1.0-r0 do_package_write_rpm: An allarch packagegroup shouldn't depend on packages which are dynamically renamed (libtpm to libtpms0)
ERROR: packagegroup-security-tpm-1.0-r0 do_package_write_rpm: An allarch packagegroup shouldn't depend on packages which are dynamically renamed (libtpm-dev to libtpms-dev)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Update the layers to use the kirkstone namespace. No compatibility is made
for honister due to the variable renaming.
Signed-off-by: Armin Kuster <akuster808@gmail.com>
The RDEPENDS variable was misspelled and as a result was never fixed up
with the `_${PN}` to `:${PN}` transition. Fix both aspects.
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Update the installed_OS_is_openembedded check to drop the quotes
in the VERSION_ID string to match f451c68667cca of openembedded-core.
Without this fix, all tests are reported as "notapplicable".
Signed-off-by: Akshay Bhat <akshay.bhat@timesys.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
see https://github.com/lkrg-org/lkrg
Support new stable and mainline kernels 5.14 to at least 5.16-rc*
Support new longterm kernels 5.4.118+, 4.19.191+, 4.14.233+
update SRC_URI as location changed.
refresh patch.
Signed-off-by: Armin Kuster <akuster808@gmail.com>
fixes:
packagegroup-security-tpm2-1.0-r0 do_package_write_rpm: An allarch packagegroup shouldn't depend on packages which are dynamically renamed (libtss2-tcti-device to libtss2-tcti-device0)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
CONVERSION_DEPENDS hasn't been converted to the new syntax.
Fixes: a23ceef ("dm-verity-img.bbclass: more overided fixups")
Signed-off-by: Kristian Klausen <kristian@klausen.dk>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
WARNING: security-build-image-1.0-r0 do_rootfs: [log_check] security-build-image: found 2 warning messages in the logfile:
[log_check] warning: user clamav does not exist - using root
[log_check] warning: group clamav does not exist - using root
clamav-freshclam is the package needing to have its user/group set.
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Fixes:
WARNING: openssl-tpm-engine_0.5.0.bb: CFLAGS:append += is not a
recommended operator combination, please replace it.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Fix warning for apparmor:
| WARNING: /path/to/meta-security/recipes-mac/AppArmor/apparmor_3.0.1.bb:
| RDEPENDS:${PN}:remove += is not a recommended operator combination,
| please replace it.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Fixes:
ERROR: python3-fail2ban-0.11.2-r0 do_package_qa: QA Issue: python3-fail2ban installs files in /run, but it is expected to be empty [empty-dirs]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
/var/log is normally a link to /var/volatile/log and /var/volatile is a
tmpfs mount. So anything created in /var/log will not be available when
the tmpfs is mounted.
[Thanks to Peter Kjellerstedt for example]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
When enabling fapi, the build breaks with:
| configure: error: Package requirements (libcurl) were not met:
| No package 'libcurl' found
This adds the missing dependency and bundles the additional config files
in the base package.
Signed-off-by: Stefan Müller-Klieser <s.mueller-klieser@phytec.de>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
This patch updates SRC_URIs using git to include branch=master if no branch is set
and also to use protocol=https for github urls as generated by the conversion script
in OE-Core.
Signed-off-by: Armin Kuster <akuster808@gmail.com>
ERROR: openssl-tpm-engine-0.5.0-r0 do_package: QA Issue: openssl-tpm-engine: Files/directories were installed but not shipped in any package:
/usr/lib/engines-3/tpm.so
fix engine locations
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Rust is now in core. No need to include the layer referenece.
Drop Priority and ref from repo definition. Not used
Signed-off-by: Armin Kuster <akuster808@gmail.com>
[v2]
fixup mailing list
It packages all file in ${libdir} to package sssd, including the .so
symlink files. Then it causes QA issues:
| ERROR: QA Issue: sssd rdepends on dbus-dev [dev-deps]
| ERROR: QA Issue: sssd rdepends on ding-libs-dev [dev-deps]
So re-package sssd then the .so symlink files and .pc files are packaged
to sssd-dev which should be.
File ${libdir}/libsss_sudo.so is not a symlink file but packaged to
sssd-dev too. Then causes another QA issue:
| ERROR: sssd-2.5.2-r0 do_package_qa: QA Issue:
-dev package sssd-dev contains non-symlink .so '/usr/lib/libsss_sudo.so' [dev-elf]
So create a new sub-package libsss-sudo to package file libsss_sudo.so
and make sssd rdepends on it.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Fixes:
error in fail2ban setup command: use_2to3 is invalid.
ERROR: 'python3 setup.py build ' execution failed.
drop custom fail2ban_setup.py
remove pyhton-fail2ban as its a symlink to python3
Update to tip for 11.2 branch
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Add chipsec, tools to dump and analyzing hardware, system firmware
components, like PCH register, ioport or iomem configuration space.
Signed-off-by: Liwei Song <liwei.song@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Also, rearrange the runtime-dependencies a little so
clamav-freshclam is installed later than clamav.
The issue is that clamav-freshclam ships /var/lib/clamav
and the main clamav package uses chown in pkg_postinst to set
the ownership of this directory. But pkg_postinst is not
marked as "ontarget" so this chown only took effect when
upgrading or reinstalling the package.
So when clamav is part of an OS image out of the box, freshclamd
cannot populate this directory since it's running under the clamav
user.
Fix this by creating /var/lib/clamav with the proper ownership
in do_install and rearrange runtime-dependencies, so clamav-freshclam
RDEPENDS on clamav and clamav relaxes its runtime-dependency into
RRECOMMENDS so clamav-freshclam is installed later than clamav,
avoiding these warnings:
Installing : clamav-freshclam-... 487/1954
warning: user clamav does not exist - using root
warning: group clamav does not exist - using root
Signed-off-by: Zoltán Böszörményi <zboszor@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Armin Kuster
Anton Antonov
Patrick Williams
Akshay Bhat
Yi Zhao
Kristian Klausen
Kai Kang
Stefan Mueller-Klieser
Liwei Song
Zoltán Böszörményi