- rebased patches
- added two more small patches
- Option --enable-polkit-agent is not available with current NM, removed
- Option --with-libnm-glib is not available with current NM, removed
- New package NM-cloud-setup for new experimental cloud setup feature
- NM tries to re-license from GPL to LGPL, added LGPL to LICENSES
- Removed empty packages libnmutil libnmglib libnmglib-vpn
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
net-snmp/net-snmp-config.h:
- encodes type sizes
- encodes pathing into the libdir
net-snmp-config:
- encodes build configuration data and lib pathing.
Signed-off-by: Jeremy A. Puhlman <jpuhlman@mvista.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
macro-prefix-map points to build WORKDIR which will
cause reproducibilty failures.
Signed-off-by: Jeremy A. Puhlman <jpuhlman@mvista.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
version.h contains the configure options passed during the build
which differs between multilibs
Signed-off-by: Jeremy A. Puhlman <jpuhlman@mvista.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
version.h contains the options passed to configure, which includes
the path to the recipe-sysroot on the build host.
Signed-off-by: Jeremy A. Puhlman <jpuhlman@mvista.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
- Drop unused 0001-dlm-fix-package-qa-error.patch
- Merge appends into main task
- remove explicitly mentioning systemd in deps, systemd bbclass will add it
- Add a patch to fix install using cp cmd to preserve file permissions
Fixes
dlm: /usr/lib/libdlmcontrol.so.3 is owned by uid 1000, which is the same as the user running bitbake. This may be due to host contamination [host-user-contaminated]
Signed-off-by: Khem Raj <raj.khem@gmail.com>
* because sysdig from meta-oe depends on it now, since:
commit ed798c7643
Author: Khem Raj <raj.khem@gmail.com>
Date: Wed Jan 2 17:59:20 2019 -0800
sysdig: Upgrade to 0.26.5
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Building an SDK with this included fails:
* calculate_dependencies_for: Cannot satisfy the following dependencies for ncp-dev:
* libowfat (= 0.32-r0) *
* opkg_solver_install: Cannot install package ncp-dev.
libowfat only provides a static library, so there no
${PN} package is created by default.
Add ALLOW_EMPTY_${PN} = "1" to allow creation of an empty
${PN} package.
Signed-off-by: André Draszik <andre.draszik@jci.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
| DEBUG: Executing shell function autotools_preconfigure
| NOTE: make clean
| (cd ftp && make clean)
| make[1]: Entering directory '/project/tmp/work/i586-oe-linux/netkit-ftp/0.17-r0/netkit-ftp-0.17/ftp'
| Makefile:3: ../MCONFIG: No such file or directory
| make[1]: *** No rule to make target '../MCONFIG'. Stop.
Signed-off-by: Jeremy A. Puhlman <jpuhlman@mvista.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
0001-librdmacm-Use-sched_yield-instead-of-pthread_yield.patch
removed because it is included in 28.0.
refresh 0001-Remove-man-files-which-cant-be-built.patch
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
ipmi_serial_bmc_emu.c-include-readline.h-from-readli.patch
removed because it is included in 2.0.28.
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Open-LLDP provides a Link Layer Discovery Protocol agent that supports
DCB (Data Center Bridging). The tc utility from iproute is needed to
manipulate traffic control settings in the kernel.
Signed-off-by: Jonathan Richardson <jonathan.richardson@broadcom.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
* nodejs from meta-oe depends on this since:
commit 76dd3dac1f
Author: André Draszik <git@andred.net>
Date: Tue Oct 29 16:42:24 2019 +0000
nodejs: allow use of system c-ares (and make default)
Use system c-ares via PACKAGECONFIG by default. So far,
nodejs had been built using its embedded copy of c-ares,
which we generally try to avoid, for the known reasons
(independent updates, cve & license checks, etc).
Notes:
* otherwise nodejs uses its bundled version of c-ares
* the PACKAGECONFIG variable is 'ares' so as to be in
line with other uses of this (wget & curl recipes in
OE core)
Signed-off-by: André Draszik <git@andred.net>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Package-owned tmpfiles snippets belong in /usr/lib/tmpfiles.d,
/etc/tmpfiles.d is for administrator customisations.
Signed-off-by: Dan Callaghan <dan.callaghan@opengear.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
openconnect puts the default absolute path to the vpnc-script into
its binary from the --with-vpnc-script configure options.
So do not prepend the value with the path to the OE sysroot.
RDEPEND on vpnc-script to have the script from vpnc installed on target.
Signed-off-by: Max Krummenacher <max.krummenacher@toradex.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The vpnc-script can be used unchanged with the openconnect package. Provide
it in its own package and make vpnc RDEPEND on it.
Signed-off-by: Max Krummenacher <max.krummenacher@toradex.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Apple's default implementation of the Posix backend for mDNSResponder
has a number of weaknesses. Address several of them, most notably:
* Improve interface tracking, preventing confusion to mdns's state
machine. Prevents spurious removal/republication cycles whenever
network interfaces are added or removed.
* Support network interfaces whose indeces are great than 31. Indices
grow past that range surprisingly quickly, especially with multi-
homed, mobile, wifi, Bluetooth, VPN, VLANs, or other interfaces
present.
* Correctly handle edge cases during removal of a network interface.
The fixes are kept as a patch series for clarity.
Signed-off-by: Matt Hoosier <matt.hoosier@garmin.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
nng is the nanomsg project's rewrite of their libnanomsg library. Just
like nanomsg it is a socket library that provides several common
communication patterns.
Unlike nanomsg it does not normally provide a number of tools and we do
not attempt to add them here. We allow for optional mbedtls support.
Signed-off-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
dnssec-conf relies heavily on python2 code and was not updated since
2010.
Signed-off-by: Andrey Zhizhikin <andrey.z@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Update recipe to include support for python3. Introduce a patch which
converts samples to utilize pytho3 on the target.
Signed-off-by: Andrey Zhizhikin <andrey.z@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This aids cross-building, otherwise configure goes into weeks to find
these especially python-config and starts to poke at host files e.g.
if /etc/debian_release exists then it errors out, but if it does not
then it deploys a workaround and continues build, as a result we see
ntop fail the build on debian-like build hosts but not on others eg.
archlinux
Ensure that linking with libpython happens therefore use
python3-config --libs --embed
Fixes
checking for arm-yoe-linux-gnueabi-python-config... no
checking for python-config... no
Please install python-dev and rerun configure
Signed-off-by: Khem Raj <raj.khem@gmail.com>
coreutils-native tool dependency was implicitly met while building with
source GCC tool-set which isn't the case with external tool-set.
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
gettext tool dependency was implicitly met while building with source
GCC tool-set which isn't the case with external tool-set.
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
As TARGET_PREFIX may vary from source GCC tool-set to external GCC
tool-set. Also, libtool-cross is installed in recipe sysroot using
HOST_SYS variable only.
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
flex-native tool dependency was implicitly met while building with
source GCC tool-set which isn't the case with external tool-set.
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This change makes the parsing go though, we still might have build
issues, which will be reported in world builds seprately
Signed-off-by: Khem Raj <raj.khem@gmail.com>
-files/0001-dhcpcd-Fix-build-error-with-musl.patch
Removed since this is included in 8.1.5.
Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Backport the CVE patch from the upstream to fix the memory leak.
Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
plugins tab and about dialog have created dependency with commit[1]
this fails to build when qt5 is in bblayers
Fixes
wireshark-3.2.0/ui/qt/about_dialog.cpp:137:29: error: 'plugins_add_description' was not declared in this scope; did you mean 'plugins_get_descriptions'?
137 | extcap_get_descriptions(plugins_add_description, &plugin_data);
| ^~~~~~~~~~~~~~~~~~~~~~~
| plugins_get_descriptions
[1] 5dfde7ff83
Signed-off-by: Khem Raj <raj.khem@gmail.com>
fix-gcc-6-conflicts-signbit.patch
Removed since they are included in 4.9.0
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Security fixes:
CVE-2019-14861: Samba AD DC zone-named record Denial of Service in DNS
management server (dnsserver).
CVE-2019-14870: DelegationNotAllowed not being enforced in protocol transition
on Samba AD DC.
See: https://www.samba.org/samba/history/samba-4.10.11.html
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The current NTP server responds to mode 6 queries from any clients.
Devices that respond to these queries have the potential to be used in
NTP amplification attacks. An unauthenticated, remote attacker could
potentially exploit this, via a specially crafted mode 6 query, to cause
a reflected denial of service condition.
See: https://www.tenable.com/plugins/nessus/97861https://scan.shadowserver.org/ntpversion/
Update ntp.conf to restrict NTP mode 6 queries.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Guest accounts for Samba are a known potential vulnerability
(see https://www.tenable.com/plugins/nessus/26919) where info
about the host can be obtained without proper access. The option
"map to guest = bad user" allows login attempts with usernames
that don't exist to map to the guest account, while the
"restrict anonymous" value (implicitly set to 0 before this patch)
would allow any queries to obtain user and group list information.
Raise the default security level by setting "restrict anonymous"
to "1" and "map to guest" to "never" to avoid providing user/group
info to unauthenticated users and reject login attempts with an
invalid password, respectively.
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Fixes
error: 'runtime_error' is not a member of 'std'
throw std::runtime_error("Allocation error.");
^~~~~~~~~~~~~
Signed-off-by: Khem Raj <raj.khem@gmail.com>
ERROR: firewalld-0.7.2-r0 do_package: QA Issue: firewalld: Files/directories were installed but not shipped in any package:
/usr/lib
/usr/lib/firewalld
/usr/lib/firewalld/zones
Signed-off-by: Khem Raj <raj.khem@gmail.com>
