Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* cifs.idmap links with keyutils as log.do_package shows:
DEBUG: cifs-utils: Dependency libkeyutils.so.1 requires package keyutils (used by files: /home2/mjansa/build/build-starfish-jethro/BUILD/work/h15-starfish-linux-gnueabi/cifs-utils/6.4-r0/packages-split/cifs-utils/usr/sbin/cifs.idmap)
* that causes following QA issue when keyutils are autodetected from
sysroot:
WARNING: QA Issue: cifs-utils rdepends on keyutils, but it isn't a build dependency? [build-deps]
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* otherwise there are unpackaged files:
ERROR: QA Issue: cifs-utils: Files/directories were installed but not shipped in any package:
/usr/lib/security
/usr/lib/security/pam_cifscreds.so
/usr/lib/security/.debug
/usr/lib/security/.debug/pam_cifscreds.so
Please set FILES such that these items are packaged. Alternatively if they are unneeded, avoid installing them or delete them within do_install.
cifs-utils: 4 installed and not shipped files. [installed-vs-shipped]
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
While hostname is numeric, start postfix failed
...
root@qemux86-64:~# hostname 1.2.3.4
root@qemux86-64:~# systemctl restart postfix
|Job for postfix.service failed because the control process exited
with error code. See "systemctl status postfix.service" and
"journalctl -xe" for details.
root@qemux86-64:~# systemctl status postfix -l
Dec 02 08:05:40 1.2.3.4 aliasesdb[535]: /usr/sbin/postconf: fatal: unable to use my own hostname
Dec 02 08:05:41 1.2.3.4 aliasesdb[535]: newaliases: warning: valid_hostname: numeric hostname: 1.2.3.4
Dec 02 08:05:41 1.2.3.4 postfix/sendmail[537]: warning: valid_hostname: numeric hostname: 1.2.3.4
Dec 02 08:05:41 1.2.3.4 aliasesdb[535]: newaliases: fatal: unable to use my own hostname
Dec 02 08:05:42 1.2.3.4 postfix[540]: warning: valid_hostname: numeric hostname: 1.2.3.4
Dec 02 08:05:42 1.2.3.4 postfix[540]: fatal: unable to use my own hostname
...
Refer meta/recipes-core/initscripts/initscripts-1.0/hostname.sh in oe-core,
add check_hostname.sh and invoke it before postfix start, if the hostname
is invalid, set "localhost" to main.cf.
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
samba-pidl is the package containing the perl-extension, so RDEPENDS
must include perl for samba-pidl, not for samba.
Signed-off-by: Jens Rehsack <sno@netbsd.org>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Since entire samba4 package is around 25MB, trying to save some space by
splitting the package into several ones logically grouped as they were
at samba3 in fido.
Signed-off-by: Jens Rehsack <sno@netbsd.org>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
when net-snmp-config is used to configure by other package, and fail since
/libnl3 is not found, in fact, it should be -I/usr/include/libnl3, and is
modified as /libnl3 incorrectly.
instead of modify the net-snmp-config for target, the one under
${bindir_crossscripts} should be replaced with ${TAGING_INCDIR}
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
The element skc_v6_daddr (in struct sock_common) is defined in
kernel source only when CONFIG_IPV6 is enabled. Hence, access
sk_v6_daddr element (i.e __sk_common.skc_v6_daddr) only when CONFIG_IPV6
is defined; to fix below error in world build:
-- snip --
/home/jenkins/oe/world/shr-core/tmp-glibc/work-shared/qemux86/kernel-source/include/net/sock.h:330:33: error: 'struct sock_common' has no member named 'skc_v6_daddr'
-- CUT --
Signed-off-by: Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
It fails to fetch source of libtalloc:
| ERROR: Fetcher failure: Fetch command failed with exit code 8, output:
| https://www.samba.org/ftp/libtalloc/talloc-2.1.3.tar.gz:
| 2015-12-21 10:22:09 ERROR 404: Not Found.
Fix it by replace ${BPN} with original package name talloc.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Matches start-on-boot behaviour of current strongswan.service.
Signed-off-by: Chris Patterson <pattersonc@ainfosec.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Fixes strongswan configure script for systemd >= 209,
where it merged libsystemd-journal and libsystemd-daemon
into libsystemd.
Signed-off-by: Chris Patterson <pattersonc@ainfosec.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
- Add aesni, charon, gmp, openssl, scep, stroke, swanctl, and
systemd-charon.
- Organize the packageconfig list alphabetically.
- Update the default PACKAGECONFIG to match current defaults.
- If swanctl is enabled, use strongswan-swanctl.service instead of
strongswan.service.
Signed-off-by: Chris Patterson <pattersonc@ainfosec.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* Add configure options '--without-valgrind'
* Disable valgrind by default since it doesn't build for all targets
This fixes build errors:
../source3/include/includes.h:156:31: fatal error: \
valgrind/memcheck.h: No such file or directory
compilation terminated.
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* libldb is autodetected from sysroot:
WARN: ctdb: ctdb rdepends on libtdb, but it isn't a build dependency?
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
When compile with gcc 5.x, xl2tpd complains warnings:
| misc.h:68:20: warning: inline function 'swaps' declared but never
defined
| extern inline void swaps (void *, int);
| ^
Backport patch to fix it.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
In ospf6_clean, the variable ospf6 might be NULL causing segment fault
when stopping ospf6d. Check the variable before referencing it.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
7fb5479 added the patch but did not apply it
Rename patch to explicit it differentiate it from other patches
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Since waf doesn't allow override check results via environment, a patch
is needed to remove the bad check when an optional feature is unwanted.
Signed-off-by: Jens Rehsack <sno@netbsd.org>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Since waf configure infrastructure is a body blow compared to reasonable
autoconf script from packager point of view, samba support libs need
feature-disable-patches. This one is for libtevent removing libcap
(introduced by libldap_r) and attr.
Signed-off-by: Jens Rehsack <sno@netbsd.org>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Add a patch to remove the check for openldap but mark prove result negative unless
ldap dependency is enabled explicitely.
Signed-off-by: Jens Rehsack <sno@netbsd.org>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
During fix for distinguishing between lsb flavoured sysv init and pure, on the
rocks version, author introduced a typo.
Signed-off-by: Jens Rehsack <sno@netbsd.org>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
To avoid errors when building dev-images (talloc-dev is missing), and to avoid
insane empty packages for that, rename talloc -> libtalloc as libtevent shows.
With that, remove dependencies to attr/xattr - unless explicitely enabled via
PACKAGECONFIG.
Signed-off-by: Jens Rehsack <sno@netbsd.org>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
mime-construct only provides a perl script and depends on many perl
modules that cause layer meta-networking depends on meta-perl.
Move mime-construct from meta-networking to meta-perl to avoid the
layer dependency.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Update runtime dependencies of mime-construct:
* drop WaitStat.pm and Signal.pm which are from libproc-waitstat-perl
and its dependency libipc-signal-perl
* add patch to return 0 for option '--help'
* replace postfix with msmtp which is more lightweight
* add perl modules which are required for mime-construct to run
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
restore PE
updated comments:
QT is the new default GUI for the binary 'wireshark'. This mode is currently disabled in the build. We build with GTK as the default gui so the resulting binary is now wireshark-gtk.
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Kernel modules may not have the same architecture as user space. So we
tell INSANE_SKIP to skip checking the arch for the modules. This is
consistent with other kernel modules and the kernel recipe.
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
The driver builds are optional, but for deterministic builds,
we should should be able to explicitly enable/disable the
builds for them in a proper place (maybe in BSP).
But we can't use PACKAGECONFIG since there is no option for
each driver, and the options are:
--no-drivers do not compile any driver
--no-drivers= do not compile the given drivers (comma sep.)
--drivers= only compile the given drivers (comma sep.)
So use NETMAP_DRIVERS to list the needed drivers and add proper
configs to EXTRA_OECONF, the default is no drivers, and all
supported drivers are listed in NETMAP_ALL_DRIVERS.
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
onnode is a shell script with bashisms and bash #!.
Signed-off-by: Christopher Larson <chris_larson@mentor.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Upgrade snort from 2.9.6.0 to 2.9.7.5, as its dependency upgrade daq from
2.0.2 to 2.0.6, and accordingly update the patches:
* Add 2 new patches for snort to solve the cross compile issues
* Discard 2 snort patches since it is not needed
* Refresh the patch for daq new version
* Remove redundant '/' to getting round the rpm debugedit bug:
canonicalization unexpectedly shrank character
Signed-off-by: Zhiquan Li <zhiquan.li@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
configure the systemd unit file dir, otherwise it will be auto-checked
by 'pkg-config --variable=systemdsystemunitdir systemd', but if systemd
is not built firstly, and the the unit file will not be installed, and
lead to below error:
ERROR: Function failed: SYSTEMD_SERVICE_lldpd value lldpd.service does not exist
and disable sysusersdir, since sysuser is not used currently.
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
The new release has following important changes, worth noticing:
- fix-libevent-configure patch has been applied upstream
- fix for CVE-2015-8012
Signed-off-by: Fabio Berton <fabio.berton@ossystems.com.br>
Acked-by: Otavio Salvador <otavio@ossystems.com.br>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Upstream ships systemd service file plmcboot.service and plmcd.service now,
so we don't need this anymore.
Signed-off-by: Li Xin <lixin.fnst@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
The script ypbind will cause error if using ypdomainname command
provided by busybox. So add RDEPENDCY on yp-tools and change
the path of ypdomainname.
Signed-off-by: Jian Liu <jian.liu@windriver.com>
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Add "-a" parameter in snmpd.service,it is needed to address logs.
Signed-off-by: Li Xin <lixin.fnst@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
If run bitbake -c patch -f netcat-openbsd twice, the patch conflict
will happen, so replace the patch with quilt to avoid do_patch failed.
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
The previous xl2tpd was significantly out of date, so update the git
recipe and add in a release recipe for anyone looking to use the latest
stable release.
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Based on this thread:
http://comments.gmane.org/gmane.comp.handhelds.openembedded/70890
it seems that lldpd is a more complete implementation of the LLDP
protocol. Remove this implementation to provide better direction to
newcomers and to attempt to focus support for a single implementation in
the meta-networking layer.
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* fixes:
cifs-utils-6.4: cifs-utils rdepends on samba, but it isn't a build dependency? [build-deps]
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* dmapi is in meta-filesystems
* hopefully fixes:
WARN: samba: samba rdepends on cyrus-sasl, but it isn't a build dependency?
WARN: samba: samba rdepends on dmapi, but it isn't a build dependency?
WARN: samba: samba rdepends on libbsd, but it isn't a build dependency?
WARN: samba: samba rdepends on libpam, but it isn't a build dependency?
WARN: samba: samba-python rdepends on libbsd, but it isn't a build dependency?
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* it's also using MACHINE specific variables like:
STAGING_KERNEL_DIR. STAGING_KERNEL_BUILDDIR
* drop suspicious:
do_fetch[depends] += "netmap-modules:do_fetch"
fetcher should use .lock files to prevent updating the same repository
in parallel
* see:
http://lists.openembedded.org/pipermail/openembedded-devel/2015-September/103271.html
* fixes:
ERROR: netmap different signature for task do_configure.sigdata between qemux86copy and qemux86
basehash changed from 748eae270193023d79f7d6a69aa1b8d2 to 9267873ef5fa4474d5f60fc79044ab64
Variable MACHINE value changed from 'qemux86copy' to 'qemux86'
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* see:
http://lists.openembedded.org/pipermail/openembedded-devel/2015-September/103271.html
* fixes:
ERROR: xl2tpd different signature for task do_configure.sigdata between qemux86copy and qemux86
runtaskdeps changed from ['gccgcc-cross_5.2.bb.do_populate_sysroot', 'gccgcc-runtime_5.2.bb.do_populate_sysroot', 'glibcglibc_2.22.bb.do_populate_sysroot', 'linuxlinux-yocto_4.1.bb.do_populate_sysroot', 'pppppp_2.4.7.bb.do_populate_sysroot', 'update-rc.dupdate-rc.d_0.7.bb.do_populate_sysroot', 'update-rc.dupdate-rc.d_0.7.bb.do_populate_sysroot:virtual:native', 'xl2tpdxl2tpd_1.3.6.bb.do_patch']
to
['gccgcc-cross_5.2.bb.do_populate_sysroot', 'gccgcc-runtime_5.2.bb.do_populate_sysroot', 'glibcglibc_2.22.bb.do_populate_sysroot', 'linuxlinux-yocto_4.1.bb.do_populate_sysroot', 'pppppp_2.4.7.bb.do_populate_sysroot', 'update-rc.dupdate-rc.d_0.7.bb.do_populate_sysroot', 'update-rc.dupdate-rc.d_0.7.bb.do_populate_sysroot:virtual:native', 'xl2tpdxl2tpd_1.3.6.bb.do_patch']
openembedded-core/meta/recipes-kernel/linux/linux-yocto_4.1.bb.do_populate_sysroot with hash 1a8aa7a50a6cf3ebf5401af43dd6bf3b
changed to
openembedded-core/meta/recipes-kernel/linux/linux-yocto_4.1.bb.do_populate_sysroot with hash 143d2686a37f592891fb2aa6fa9b752e
Hash for dependent task linuxlinux-yocto_4.1.bb.do_populate_sysroot changed from 1a8aa7a50a6cf3ebf5401af43dd6bf3b to 143d2686a37f592891fb2aa6fa9b752e
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
There is an incorrect m4_define() in configure.in which will result in an
infinite recursion, and it doesn't make sense, since snort 2.9.7 it has been
commented out. We follow this solution to fix it.
Signed-off-by: Zhiquan Li <zhiquan.li@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
A more common place is required for gnulib because of other recipes (e.g
fontforge) will depend on it
Signed-off-by: Andreas Müller <schnitzeltony@googlemail.com>
It hardcoded to assign vmail's userid and groupid with 5000,
which caused the following useradd/groupadd is increased from
5000 at do_root time. Such as 'tracing' group id is 5001
(tracing group is added in lttng-tools).
It is better to allocate it dynamically.
BTW, you may google to find the hardcoded 5000 in following site:
https://help.ubuntu.com/community/PostfixVirtualMailBoxClamSmtpHowto
In its main.cf, it also hardcoded virtual_uid_maps and virtual_gid_maps.
...
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
..
But in meta-oe's main.cf_2.0, it assigned virtual_uid_maps and
virtual_gid_maps with a search.
...
virtual_uid_maps = static:`grep vmail /etc/passwd | cut -d ":" -f 3`
virtual_gid_maps = static:`grep vmail /etc/passwd | cut -d ":" -f 4`
...
So please feel free to forget 5000.
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
The permission bits should be 0644 instead of 0755.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
changes include CVE-2015-7830
see https://www.wireshark.org/docs/relnotes/wireshark-1.12.8.html
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Add a dependency on readline because the header
files are required by configure.
Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
When ntp could be correctly built with openssh and libcrypto, we would meet
the following QA issue.
WARNING: QA Issue: package ntp contains bad RPATH ... [rpath]
Fix this problem by adding '--disable-rpath' to EXTRA_OECONF.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Update nftables tools from 0.4 to 0.5, for ChangeLog see
http://git.netfilter.org/nftables/log/
Signed-off-by: Jens Rehsack <sno@netbsd.org>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Update libnftnl from 1.0.3 to 1.0.5 (for Changelog see
http://git.netfilter.org/libnftnl/log/)
Signed-off-by: Jens Rehsack <sno@netbsd.org>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
If multilib is enabled, errors about 'installed-not-shipped' would appear.
This patch fixes this problem.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
If CONFIG_IXGBE is enabled in kernel. This package fails to build with
error messages like below.
| #error "unsupported ixgbe driver version"
| ^
.......
error: request for member 'count' in something not a structure or union
| na.num_rx_desc = NM_IXGBE_RX_RING(adapter, 0)->count;
| ^
| cc1: some warnings being treated as errors
Fix this problem by disabling igxbe driver in netmap-modules.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
VLAs in composite data types like structures and unions
are not a standard feature of C language, gcc has specific
implementations for but other compilers dont have that done specifically clang, and
the community refuses to implement it since its non standard.
Change-Id: I6ae24adb455bf262fe9406a1c8e3b3a4a0cf77d4
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Fix errors seen with gcc5
Change-Id: I9c4361f3a9c25342f5c740263f551c162dce8faf
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
relayd is a daemon to relay and dynamically redirect incoming
connections to a target host.
Signed-off-by: Ioan-Adrian Ratiu <adrian.ratiu@ni.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
The tsocks program is frequently used to easily wrap any generic
program such as telnet, ssh, wget or any other tcp socket program
using an LD_PRELOAD library. One might use an ssh tunnel and wget for
example.
Example of tunnel via ssh to remote url:
ssh -N -D 1080 $REMOTE_HOST_TUNNEL_ENDPOINT &
cat<<EOF>tsocks.conf
server_port = 1080
server = 127.0.0.1
EOF
TSOCKS_CONF_FILE=$PWD/tsocks.conf tsocks curl $REMOTE_URL
Signed-off-by: Jason Wessel <jason.wessel@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Don't enable GNU atomic operations for all targets, it fails on
powerpc and mips:
AtomicWord.h: undefined reference to `__sync_fetch_and_add_8'
collect2: error: ld returned 1 exit status
Refer to https://gcc.gnu.org/bugzilla/show_bug.cgi?id=56300:
There is no hardware support for 8 bytes atomic operations on
32-bit MIPS targets.
The 32-bit PowerPC fails as well.
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
lldpd is a 802.1AB implementation, a L2 network discovery protocol.
It also supports CDP, EDP and various other protocols.
Signed-off-by: Fabio Berton <fabio.berton@ossystems.com.br>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
This issue occurs When we copy file by rcp command between target and host,
if the file > 2GB, it will fail.
The cause is that it used incorrect data type on file size in sink() of rcp.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
this adds netmap, the fast packet I/O framework
http://info.iet.unipi.it/~luigi/netmap/
- updated to latest version to get kernel 4.1 support
- fixed printf type issue
- Fixed manual config options
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
-parallel-make.patch is not needed any more,so delete.
Signed-off-by: Lei Maohui <leimaohui@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
iSCSI Enterprise Target is aimed to develop an
open source iSCSI target with professional features,
that works well in enterprise environment under real
workload, and is scalable and versatile enough to meet the
challenge of future storage needs and developments.
Signed-off-by: Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
1. fix the building failure when host is gcc5
2. fix the building failure when DEBUG_BUILD is 1 by removal of -Werror
Remove -Werror, since it is suitable to develop only; otherwise when
gcc adds -O0 option to compile codes, the error will be generated
since the warning:
//# warning _FORTIFY_SOURCE requires compiling with optimization (-O)
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* update md5sum of license file
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Backport patches from upstream to fix opensaf build failures with gcc 5.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Add package config pam for inetutils. And only check pam_appl.h when pam
is enabled.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
1. upgrade to 1.4.2
2. backport a patch to fix CVE-2015-6496:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6496
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
1. Remove the squid-change-ksh-referen*.patch which is not needed, since
3.5.7 did not use ksh by default.
2. Update the checksum of COPYING,since the date in it has been changed.
3. Define BUILDCXXFLAGS, otherwise the target gcc options -std=c++11 will
add into it, and lead to building failure since host gcc maybe not
support "-std=c++11"
4. Assume to support GNU atomic operations by default, the running check
on cross-compile setup does not work
5. enable basic auth by checking the DISTRO_FEATURE, and the default
dependency on db, opensasl and openldap nis have been set, so enable
them by default.
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
atftp fails to build with gcc 5.2:
git/tftp_def.h:54:14: warning: inline function 'Strncpy' declared but never defined
git/argz.c:44:8: error: redefinition of 'argz_next'
GCC 5 defaults to -std=gnu11 instead of -std=gnu89. The semantics of
inline function changes. Pass '-std=gnu89' to gcc to compile atftp.
Ref:
https://gcc.gnu.org/gcc-5/porting_to.html
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* Change recipe name from drbd to drbd-utils,since
after 8.4.5, the drbd userland tools had been moved to
their own repository at http://git.linbit.com/drbd-utils.git
(tarball at http://oss.linbit.com/drbd)
* Add 0001-Makefile.in-don-t-compile-documentation.patch to
avoid build Errors.
* Dropped drbd.service,since it is provided by Upstream.
Signed-off-by: Li Xin <lixin.fnst@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
-deleted use-ldflags.patch that not needed.
-modified patches for 3.11
Signed-off-by: Lei Maohui <leimaohui@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Delete ptpd-add-dpaa-etsec-support.patch.The reason is the following:
- The ptpd-add-dpaa-etsec-support.patch does not suitable for new version.
- The upstream didn't accept this patch.
Signed-off-by: Lei Maohui <leimaohui@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
LFTP is a sophisticated file transfer program with command line interface.
It supports FTP, HTTP, FISH, SFTP, HTTPS and FTPS protocols.
Every operation in lftp is reliable, that is any non-fatal error is handled and
the operation is retried automatically. So if downloading breaks, it will be
restarted from the point automatically.
Signed-off-by: Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
mime-construct constructs and (by default) mails MIME messages.
It is entirely driven from the command line, it is
designed to be used by other programs, or people who act
like programs."
Signed-off-by: Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Add the "status" command in initscript to check the status of ypbind.
remove ypbind-yocto.init as ypbind.init, which is the initscript, make
its name similar to other recipes
Signed-off-by: Zhu Yanjun <yanjun.zhu@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* libsmi is autodetected in configure, but in most cases disabled because of
cross-compilation so keep it explicitly disabled
* resolves following difference in builds with and without libsmi built
before tcpdump:
4.7.4-r0-with/temp/log.do_configure:checking smi.h usability... yes
4.7.4-r0-with/temp/log.do_configure:checking smi.h presence... yes
4.7.4-r0-with/temp/log.do_configure:checking for smi.h... yes
4.7.4-r0-with/temp/log.do_configure:checking for smiInit in -lsmi... yes
4.7.4-r0-with/temp/log.do_configure:checking whether to enable libsmi... not when cross-compiling
4.7.4-r0-without/temp/log.do_configure:checking smi.h usability... no
4.7.4-r0-without/temp/log.do_configure:checking smi.h presence... no
4.7.4-r0-without/temp/log.do_configure:checking for smi.h... no
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
- Cim-schema-exper(Experimental-MOFs) is dependence of openlmi.
- Cim-schema_2.40.0.bb is renamed to cim-schema-final_2.40.0.bb.
Signed-off-by: Lei Maohui <leimaohui@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Upgrade inetutils from 1.9.2 to 1.9.4.
* add homepage
* update inetutils/version.patch
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Conflicts:
meta-networking/recipes-connectivity/inetutils/inetutils/telnetd-Fix-deadlock-on-cleanup.patch
*Modify SRC_URI.
*Modify chksum of file COPYING and LICENSE,since year changed,
and the LICENSE explanation for file base64.c, md5.c and types.h
was deleted.But the LICENSE has not been changed.
Signed-off-by: Li Xin <lixin.fnst@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
When doing a multilib build, /usr/lib is still created but not collected
into FILES_${PN} by default, resulting in a QA error. Adding both
${libdir} and ${nonarch_libdir} catches all scenarios.
It also turns out that the previous do_install_append would throw an error
in a multilib build since systemd always installs to .../lib/... but
${libdir] would point at .../lib64/...
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
When more than one SRCREV is defined, we need to specify
how to construct a composite revision. Failure to do this
can result in parsing errors.
Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Li Xin <lixin.fnst@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Lei Maohui <leimaohui@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
We will need the conditional dependency on systemd.
Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Li Xin <lixin.fnst@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Fix mib representation of timeout values,correct conversion
factor from microseconds to centiseconds.
Signed-off-by: Wenlin Kang <wenlin.kang@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
replace to run "make install" with directly calling install command,
since "make install" asks "bin" user and group, and maybe fail when
system has not;
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Li Xin <lixin.fnst@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Changes can be found at http://www.litech.org/radvd/CHANGES-2.txt
Signed-off-by: Li Xin <lixin.fnst@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
5.3.2 includes the fixes for CVE-2015-3991 and CVE-2015-4171
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
4.2.8p3 fixed CVE-2015-5146 and Bugs.
Signed-off-by: Li Xin <lixin.fnst@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Dropped building-rquota_xdr.c-depend-on-rquota.h.patch,since 2.2.18 fixed the problem.
Update 0001-configure.ac-convert-AC_TRY_RUN-to-AC_TRY_LINK-state.patch,since
the file configure.ac has been changed.
Signed-off-by: Li Xin <lixin.fnst@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Upgrade to fix CVE-2014-9403
Remove backport patch
Add CSocket submodule, which split from znc
Add the dependency on icu
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
OpenSAF uses OpenHPI if available. If openhpi happens to be in
PACKAGECONFIG from the build, turn on support in OpenSAF and add it to the
DEPENDS list.
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Remove three very minor bashisms, all about redirecting stdout/stderr.
The initscript identifies as /bin/sh, this change ensures that the script
should work with a non-bash /bin/sh as well.
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
tcpd from tcp-wrapper is installed into /usr/sbin/, not /usr/bin/
using sed to dynamical update the path to add the robust
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
1) WARNING: The recipe opensaf is trying to install files into a
shared area when those files already exist,so set
--libdir=${libdir}/opensaf
2) Add systemd service file plmcboot.service and plmcd.service.
Signed-off-by: Li Xin <lixin.fnst@cn.fujitsu.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
1.Remove postfix-add-db6-support.patch which is not needed,
since it is backported from upstream.
2.update install.patch and makedefs.patch that context changes.
3.Install smtp-sink which listens on the named host (or address) and port.
It takes SMTP messages from the network and throws them away.
Ref: http://www.postfix.org/smtp-sink.1.html
Signed-off-by: Li Xin <lixin.fnst@cn.fujitsu.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
the snmp_pdu_parse() function could leave incompletely parsed varBind
variables in the list of variables in case the parsing of the SNMP
PDU failed. If later processing tries to operate on the stale and
incompletely processed varBind (e.g. when printing the variables),
this can lead to e.g. crashes or, possibly, execution of arbitrary
code.
The snmp_pdu_parse() function stores varBind variables in a list of
netsnmp_variable_list structures. Each time the function parses a new
varBind, a new netsnmp_variable_list item is allocated on the heap
and linked to the list of variables. The problem is that this item
is not removed from the list, even if snmp_pdu_parse() fails to
complete the parsing.
The "type" member of the stale netsnmp_variable_list is not
properly initialized in case snmp_pdu_parse() returns early from the
parsing. However, the "type" member is used to determine later code
paths, which is why we see crashes in a variety of functions,
although the root cause for all of these is the same.
This patch come from
f23bcd3ac6/
Written-by: Robert Story
Signed-off-by: Jian Liu <jian.liu@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
move daemon servers from bin to sbin directory:
tftpd, telnetd, rshd, rexecd and rlogind
Signed-off-by: Li Wang <li.wang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Bitbake is likely to require this parameter in future, add
the default value.
Patch generated with the command:
sed -e 's:\(getVar([^,()]*\)\s*):\1, False):g' -i `grep -ril getVar *`
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
The named packages explicitly install some items under /lib,
but the recipes assume they are in base_libdir. We change
the recipes.
Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
daemon_directory is set to /usr/lib/postfix which causes daemon postfix
fails to start on 64 bits target if enable multilib. Set daemon_directory
with libexecdir to fix it.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
include a security fixes but no CVE #
The following vulnerabilities have been fixed.
* [1]wnpa-sec-2015-19
WCCP dissector crash. ([2]Bug 11153)
* [3]wnpa-sec-2015-20
GSM DTAP dissector crash. ([4]Bug 11201)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
The bug is: after the service stopped,the pid file still exists.
So modidy the service files.
Signed-off-by: Li Xin <lixin.fnst@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
1. 1.3.5a includes the fix for CVE-2015-3306:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3306
2. replace the proftpd generated libtool with the native libtool
which support the sysroot
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
1. PolarSSL is now rebranded as mbed TLS.
2. upgrade to include CVE-2015-1182 fix:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1182
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
fixed broken url and cleaned up the PACKAGECONFIG
removed patch as it is included in this release
The following vulnerabilities have been fixed.
* [1]wnpa-sec-2015-12
The LBMR dissector could go into an infinite loop. ([2]Bug 11036)
[3]CVE-2015-3808 [4]CVE-2015-3809
* [5]wnpa-sec-2015-13
The WebSocket dissector could recurse excessively. ([6]Bug 10989)
[7]CVE-2015-3810
* [8]wnpa-sec-2015-14
The WCP dissector could crash while decompressing data. ([9]Bug
10978) [10]CVE-2015-3811
* [11]wnpa-sec-2015-15
The X11 dissector could leak memory. ([12]Bug 11088)
[13]CVE-2015-3812
* [14]wnpa-sec-2015-16
The packet reassembly code could leak memory. ([15]Bug 11129)
[16]CVE-2015-3813
* [17]wnpa-sec-2015-17
The IEEE 802.11 dissector could go into an infinite loop. ([18]Bug
11110) [19]CVE-2015-3814
* [20]wnpa-sec-2015-18
The Android Logcat file parser could crash. Discovered by Hanno
Böck. ([21]Bug 11188) [22]CVE-2015-3815
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
SECTION has been used inconsistently throughout the recipes in this layer.
Convert them to all use the same convention.
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Li Xin <lixin.fnst@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
The error is as follows:
error: unrecognized command line option '-V'
conftest.c:9:28: fatal error: ac_nonexistent.h:
No such file or directory #include <ac_nonexistent.h>.
Signed-off-by: Li Xin <lixin.fnst@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
This fixed the CVE-2015-4047:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4047
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
http://netfilter.org/projects/nftables/index.html
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
libnftnl is needed by nftable, so add it
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
upgrade to include the fix for CVE-2015-3644:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3644
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Ntimed is an unreleased ntpd replacement being sponsored by the Linux
Foundation. Currently it only includes a work-in-progress client, but for
future use this recipe emits an ntimed-client package and an ntimed meta
package which will pull in client and server.
Signed-off-by: Christopher Larson <kergoth@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
- `geoipupdate` now verifies the MD5 of the new database before deploying it.
If the database MD5 does not match the expected MD5, `geoipupdate` will
exit with an error.
- The copy of `base64.c` and `base64.h` was switched to a version under GPL 2+
to prevent a license conflict.
- The `LICENSE` file was added to the distribution.
- Several issues in the documentation were fixed.
Signed-off-by: Lei Maohui <leimaohui@cn.fujitsu.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
The default configuration of ntp includes a large number of reference
clock drivers. Provide a PACKAGECONFIG to allow control over whether
or not these refclock drivers are built. Leave enabled by default.
http://doc.ntp.org/4.2.8/refclock.html
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Remove two unneeded patches, configure.patch and tcpdump-cross-getaddrinfo.patch
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
ERROR: Nothing PROVIDES 'libdnet' (but /home/akuster/oss/clean/meta-openembedded/meta-oe/recipes-connectivity/daq/daq_2.0.2.bb DEPENDS on or otherwise requires it). Close matches:
libnet
libnewt
libidn
ERROR: Required build target 'daq' has no buildable providers.
Missing or unbuildable dependency chain was: ['daq', 'libdnet']
world build fails for meta-oe.
move daq to meta-networking where snort and libdnet both reside.
Signed-off-by: Armin Kuster <akuster808@gmail.com>
when check the CC, only compile the object by CC, not run the object.
MCONFIG file includes more configuration, we can not clear it
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
The perl_trapd_handler function in perl/TrapReceiver/TrapReceiver.xs in
Net-SNMP 5.7.3.pre3 and earlier, when using certain Perl versions, allows
remote attackers to cause a denial of service (snmptrapd crash) via an
empty community string in an SNMP trap, which triggers a NULL pointer
dereference within the newSVpv function in Perl.
Refer to: https://bugzilla.redhat.com/show_bug.cgi?id=1072044
Signed-off-by: Junling Zheng <zhengjunling@huawei.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
6.4 fixed a CVE defect:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2830
Stack-based buffer overflow in cifskey.c or cifscreds.c in cifs-utils
before 6.4, as used in pam_cifscreds, allows remote attackers to have
unspecified impact via unknown vectors.
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
ipsec-tools-0.8.2: ipsec-tools: Files/directories were installed but not shipped
/lib
/lib/systemd
/lib/systemd/system
/lib/systemd/system/racoon.service [installed-vs-shipped]
Signed-off-by: Bian Naimeng <biannm@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Fixed when systemd:
ERROR: Function failed: SYSTEMD_SERVICE_opensaf value opensafd.service does not exist
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Taken Patch from fedora to fix CVE-2015-1419, deny_file parsing to do
more what is expected.
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
ntp 4.2.8p2 has more CVE fixes, like CVE-2015-1799, CVE-2015-1798;
and remove ntp-4.2.8-ntp-keygen-no-openssl.patch which 4.2.8p2 has integrated
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Neither -utils nor -ptest packages make sense w/o actual kernel support
for SCTP protocol. Make both packages RRECOMMEND kernel-module-sctp.
Signed-off-by: Dmitry Eremin-Solenikov <dmitry_eremin@mentor.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Keep compatibility with chkconfig tool.
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Keep compatibility with chkconfig tool.
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Kernel modules may be built-in, so rrecommend it instead.
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
CyaSSL is now called wolfSSL. Recipe updates included RPROVIDE and
PROVIDE lines, with updates to sha/md5 sums.
Signed-off-by: lchristina26 <leah@wolfssl.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
When building for a system including systemd ypbind-mt will link against
libsystemd creating an implicit dependency. Make that explicit.
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
An update in OpenSSL removed the -lcrypto from libssl's pkg-config
options. The old behaviour always linked it with -lssl, so revert to that
for now.
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
We should set group of ${localstatedir}/lib/postfix to 'nogroup' not 'postfix',
actually it's done at the below, so remove this useless code.
Signed-off-by: Bian Naimeng <biannm@cn.fujitsu.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Issue: TA79430
- Change to use append for PACKAGES so that:
* ptest package is added from ptest bbcalss
* the PN is back, allow empty and add rdepends on net-snmp-client
in case the user try to add net-snmp to the image
- Add a patch to fix the output format for ptest
- Add run-ptest
- Add rdepends on perl for ptest
(LOCAL REV: NOT UPSTREAM) -- Sent to meta-networking on 20150114
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Since net-snmp-config is a common tool, move it from dev package
to client package.
Signed-off-by: yzhu1 <yanjun.zhu@windriver.com>
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Changes:
1. Add source function and status command.
2. make it possible to change the start arguments with a default file
in the same way as debian.
3. change the default INITSCRIPT_PARAMS
4. Add PIDFILE and fix restart
5. remove the postrm sicne we use the one from update-rc.d
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
LIB_LDCONFIG_CMD failed since it is using a host dir $(libdir)
which is /usr/lib64 does not exist on host when compile 64bit
image.
In fact, configuring dynamic linker run-time bindings is meaningless
at this step, If it is needed, Poky would write ldconfig scripts to
rpm-postinst for each recipe while do_package, in package.bbclass.
Signed-off-by: Roy.Li <rongqing.li@windriver.com>
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Move persistent dir to /var/lib/net-snmp and fix security contexts for
them.
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
According to the following commit, net-snmp needs to have
mib-modules=smux enabled:
commit f64db3011c
Author: Aws Ismail <aws.ismail@windriver.com>
Date: Mon Mar 25 11:30:06 2013 -0400
Quagga has no snmp support, unrecognized options --enable-tcp-md5
1. Quagga's tcp-md5 has been renamed to linux24-tcp-md5
2. net-snmp needs to have mib-modules=smux enabled to enable
quagga to support snmp. Make the net-snmp option dependent
on the DISTRO_FEATURE snmp.
3. Misc: install the sample conf files for quagga. Also,
Make sure that the post install script is being run
on the target rather than during the rootfs creation
stage.
Signed-off-by: Amy Fong <amy.fong@windriver.com>
Signed-off-by: Aws Ismail <aws.ismail@windriver.com>
Signed-off-by: Joe MacDonald <joe.macdonald@windriver.com>
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Previously, it still was checked when there was no nlish.h in sysroots directory.
Add knob to decide whether nlist.h are checked or not.
Fixed by using PACKAGECONFIG to check elf, with default disabled set.
Signed-off-by: Chong Lu <Chong.Lu@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Link file /usr/lib/sendmail points to /usr/sbin/sendmail is required by
LSB core test according to Linux FHS[Ref2]: "For historical reasons,
/usr/lib/sendmail must be a symbolic link to /usr/sbin/sendmail if the
latter exists."
The linke file was provided by package lsb before, but should be
provided by packages which provides command sendmail such as msmtp,
postfix and esmtp etc.
Refs:
1 http://refspecs.linuxfoundation.org/LSB_4.1.0/LSB-Core-generic/LSB-Core-generic/normativerefs.html#STD.
2 http://www.pathname.com/fhs/pub/fhs-2.3.html#SPECIFICOPTIONS13
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
esmtp use 'sbinsendmail' to define alternative ${sbindir}/sendmail, but
other packages msmtp and postfix use 'sendmail'. When remove esmtp, it
removes ${sbindir}/sendmail even msmtp or postfix is installed which has
alternative ${sbindir}/sendmail.
Make esmtp use 'sendmail' too to fix this issue.
Remove ${libdir}/sendmail which is only used by LSB core test for
historical reasons. And only create link file with fixed path
/usr/lib/sendmail for LSB images even for 64 bits system.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
crda has a build time dependence on libgcrypt, so move the dependence
from RDEPENDS to DEPENDS.
Otherwise the build fails with:
reglib.c:28:20: fatal error: gcrypt.h: No such file or directory
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
The following vulnerabilities have been fixed.
* [1]wnpa-sec-2015-06
The ATN-CPDLC dissector could crash. ([2]Bug 9952) [3]CVE-2015-2187
* [4]wnpa-sec-2015-07
The WCP dissector could crash. ([5]Bug 10844) [6]CVE-2015-2188
* [7]wnpa-sec-2015-08
The pcapng file parser could crash. ([8]Bug 10895) [9]CVE-2015-2189
* [10]wnpa-sec-2015-09
The LLDP dissector could crash. ([11]Bug 10983) [12]CVE-2015-2190
* [13]wnpa-sec-2015-10
The TNEF dissector could go into an infinite loop. Discovered by
Vlad Tsyrklevich. ([14]Bug 11023) [15]CVE-2015-2191
* [16]wnpa-sec-2015-11
The SCSI OSD dissector could go into an infinite loop. Discovered
by Vlad Tsyrklevich. ([17]Bug 11024) [18]CVE-2015-2192
For more information see
https://www.wireshark.org/docs/relnotes/wireshark-1.12.4.html
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Sven Ebenfeld <sven.ebenfeld@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
The updated yp-tools fails on qemuarm:
/home/jenkins/oe/world/shr-core/tmp-glibc/work/armv5e-oe-linux-gnueabi/yp-tools/3.3-r0/yp-tools-3.3/lib/do_ypcall.c: In function 'do_ypcall_tr':
/home/jenkins/oe/world/shr-core/tmp-glibc/work/armv5e-oe-linux-gnueabi/yp-tools/3.3-r0/yp-tools-3.3/lib/do_ypcall.c:461:27:
error: cast increases required alignment of target type [-Werror=cast-align]
status = ypprot_err (((struct ypresp_val *) resp)->status);
http://errors.yoctoproject.org/Errors/Details/9221/
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Update to the latest stable NIS tools. The yp-tools libraries and headers
conflict with the RPC headers provided by glibc, so install them to a
different location. Systems that intend to build using the NIS-provided
versions will need to specify the alternate location, but that is covered
by pkg-config, so it should only be necessary to point pkg-config at the
alternate .pc file.
The older stable versions are suitable for IPv4-only setups, so keep them
around in case those are required for some systems.
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Both yp-tools and ypbind-mt were out of date with their latest released
versions, so bump them up to current. Remove two dead patches at the same
time and reorganize the recipes to better follow the preferred OE style.
Finally, the new release includes a new version of the GPLv2 COPYING file,
with a significant amount of whitespace fixes, so update the license
checksum.
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
pcap-config should not be used for determining how to build against
libpcap in a yocto environment.
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Typically the major-version-only link for shared libs are included in the
base package. Move the links into the base packages here, leaving the
un-versioned links in the -dev packages.
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Specifying the plugin directory with a trailing '/' hit this failure in
the install rule:
... snip ...
install-exec-local: $(INSTALLOSX)
@if test "$(plugindir)" != "$(prefix)/lib/sasl2"; then \
echo "********************************************************"; \
echo "* WARNING:"; \
echo "* Plugins are being installed into $(prefix)/lib/sasl2,"; \
echo "* but the library will look for them in $(plugindir)."; \
echo "* You need to make sure that the plugins will eventually"; \
echo "* be in $(plugindir) -- the easiest way is to make a"; \
echo "* symbolic link from $(plugindir) to $(prefix)/lib/sasl2,"; \
echo "* but this may not be appropriate for your site, so this"; \
echo "* installation procedure won't do it for you."; \
echo "*"; \
echo "* If you don't want to do this for some reason, you can"; \
echo "* set the location where the library will look for plugins"; \
echo "* by setting the environment variable SASL_PATH to the path"; \
echo "* the library should use."; \
echo "********************************************************"; \
fi
Work around that.
Signed-off-by: Bian Naimeng <biannm@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
configure: error: Header file pcap.h not found; if you installed libpcap
don't use pcap. Use the internal version.
And minor configure cleanups
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Directory /var/run/openvpn is required by service.
Signed-off-by: Bian Naimeng <biannm@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
CRDA has been relicensed under the copyleft-next license.
Regulatory bins license remains ISC.
There is an new internal library called libreg.so which was
placed in the same directory of the regulatory bin. The call
to make was adjusted accordingly.
Remove version 1.1.3.
Signed-off-by: Hugo Vasconcelos Saldanha <hugo.saldanha@aker.com.br>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Details: http://errors.yoctoproject.org/Errors/Details/8936/
The configure failure can cause an OOM on the system, so we will shut this
down immediately.
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Option -LS does not work, we should instead it by -Ls as usage said.
Deprecated options:
-l FILE use -Lf <FILE> instead
-P use -p instead
-s use -Lsd instead
-S d|i|0-7 use -Ls <facility> instead
Signed-off-by: Bian Naimeng <biannm@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
postfix should be started by default, so that the root user can
receive mail, and if init is not systemd, it is started by default
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Fix typo in systemd service file ripngd.service.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
netkit-telnet includes the telnetd and client.
telnetd: daemon for telnet protocol.
telnet: client for telnet protocol.
Signed-off-by: Li Xin <lixin.fnst@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Use a better filename for the local copy of the
source.
Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
The old ones are invalid.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Fixed:
xmlto: Can't continue, xsltproc tool not found or not executable.
Makefile:20: recipe for target 'dnssec-configure.8' failed
make: *** [dnssec-configure.8] Error 3
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
The following vulnerabilities have been fixed.
* [1]wnpa-sec-2015-01
The WCCP dissector could crash. ([2]Bug 10720, ws-buglink:10806)
CVE-2015-0559, CVE-2015-0560
* [3]wnpa-sec-2015-02
The LPP dissector could crash. ([4]Bug 10773)
CVE-2015-0561
* [5]wnpa-sec-2015-03
The DEC DNA Routing Protocol dissector could crash. ([6]Bug 10724)
CVE-2015-0562
* [7]wnpa-sec-2015-04
The SMTP dissector could crash. ([8]Bug 10823)
CVE-2015-0563
* wnpa-sec-2015-05
Wireshark could crash while decypting TLS/SSL sessions.
Discovered by Noam Rathaus.
CVE-2015-0564
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
iscsid is installed into ${sbindir}, which is /usr/sbin, not /sbin/,
so fix it in /etc/iscsi/iscsid.conf
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
busybox provides traceroute command and uses the default priority to
update-alternatives, if traceroute is not defined the priority, the
traceroute maybe link to busybox's
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Some updates for lksctp-tools:
* add ptest subpackage
* only blacklist lksctp-tools when gold ld is used. Refer to:
https://bugs.gentoo.org/show_bug.cgi?id=530318
* update licenses and add homepage.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
WARNING: radvd: No generic license file exists for: radvd in any provider
Signed-off-by: Li Xin <lixin.fnst@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
vlan sources explicitly adds ~/linux/include to compiler include path.
If that directory does exist, this leads to various issues. Drop this
explicit exclude path.
Signed-off-by: Dmitry Eremin-Solenikov <dmitry_eremin@mentor.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
The package includes a few data files. Despite the names,
these are very small databases only useful for running the
perl test scripts.
Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
OpenL2TP is an open source L2TP client / server, written specifically
for Linux. It has been designed for use as an enterprise L2TP VPN server
or in commercial, Linux-based, embedded networking products and is able
to support hundreds of sessions, each with different configuration.
It is used by several ISPs to provide L2TP services and by corporations
to implement L2TP VPNs.
Signed-off-by: Li Xin <lixin.fnst@cn.fujitsu.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
The default configuration for OpenSAF creates /run and /var/lock during
install time. Tweak the recipe to use ${localstatedir} as other recipes
do, and clean up at the end of do_install.
Swap the hard-coded SRC_URI with ${SOURCEFORGE_MIRROR} while we're at it.
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
OpenSAF is an open source implementation of the SAF AIS specification
Signed-off-by: Bian Naimeng <biannm@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Fix perl path in ntp-wait and calc_tickadj.
Signed-off-by: Gyorgy Szombathelyi <gyurco@freemail.hu>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Also fix LICENSE to be "or any later version" (as specified in the
upstream source headers); both licenses apply so use &.
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* Newer automake compatibility fixed upstream, so drop patches.
* LIC_FILES_CHKSUM changed due to a trailing space being removed, no
actual change to the license text.
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
The ntp-utils package contains at least one perl-using script as well as
a supporting perl module, therefore we need a dependency on perl.
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
After the upgrade to 4.2.8, ntp's configure process now uses a custom
script which looks at the host to determine what install locations it
should use. This resulted in the recipe working on some people's
machines and failing during do_install on others. Force it to use the
"redhat" configuration as this seems closest to what we used to be
using prior to the upgrade (this means that binaries are now back in
sbindir as they used to be).
Thanks to Philip Balister for reporting this.
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Drivers and tools to support ATM networking under Linux
Signed-off-by: Bian Naimeng <biannm@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
for update the IP geolocation databases
Signed-off-by: leimh <leimaohui@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
GeoIP app allow you to look up information about a given IP address.
Signed-off-by: leimh <leimaohui@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Fixed:
ERROR: Function failed: Fetcher failure for URL:
'http://ncu.dl.sourceforge.net/project/dnrd/dnrd/2.20.3/dnrd-2.20.3.tar.gz'.
Unable to fetch URL from any source.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
The sysroot/${libdir}/sendmail conflicts with lsb's, and it's a
symlink to ${bindir}/esmtp which is meaningless for sysroot, so
remove it.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
dnssec-conf builds manpages using xmlto. Remove the raw manpages and add
a dependency on xmlto-native to support building the manapages from the
actual source.
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
dropped proftpd-sftp.patch as it is included in update.
combined make.patch, move-pidfile-to-var-run.patch, move-runfile-to-var-run.patch into
build_fixup
Added several packagesconfig options (too much eggnog)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* Upgrade to 4.2.8 which fixes several security issues, including
CVE-2014-9293, CVE-2014-9294, CVE-2014-9295, and CVE-2014-9296. For
more details please see:
https://ics-cert.us-cert.gov/advisories/ICSA-14-353-01A
* LIC_FILES_CHKSUM changed due to a number of copyright year and patch
list changes; nothing material about the license text changed.
* This version moves a number of binaries from sbindir to bindir;
there's supposed to be a configure option --with-locfile=legacy to use
the old layout but it does not seem to work. I guess we'll just have
to live with the change.
* Drop patches which are no longer applicable.
* Merge inc file into recipe; there were too many changes required to
the inc file in this version and it's unlikely it was much use split
out in any case.
* Move remaining files in files/ to ntp/
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Fixed:
rusers.x: No such file or directory
Makefile:44: recipe for target 'rusers_xdr.c' failed
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
dnrd is a proxying nameserver. It forwards DNS queries to the appropriate
nameserver, but can also act as the primary nameserver for a subnet behind
a firewall. It also has features such as caching DNS requests, support for
DNS servers, cache poisoning prevention, TCP support, etc.
Signed-off-by: Qian Lei <qianl.fnst@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
DNSSEC configuration and priming tool. Dnssec-conf includes a commandline
configuration client for Bind and Unbound, known DNSSEC keys, URL's to
official publication pages of keys, and harvested keys, as well a script
to harvest DNSKEY's from DNS.
Signed-off-by: Qian Lei <qianl.fnst@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
The purpose of this patch as below.
1. upgrade openvpn to 2.3.6 in order to fix CVE-2014-8104
2. enable systemd
3. provide new packages named ${PN}-sample to help user create config file
easily and check whether is openvpn work.
Signed-off-by: Bian Naimeng <biannm@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
LLDPAD contains the Linux user space daemon and configuration tool for
Intel LLDP Agent with Enhanced Ethernet support for the Data Center.
Signed-off-by: Qian Lei <qianl.fnst@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Add a test to find libpcap if testdir/.. is a sysroot.
Upstream-Status: Pending
Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
DRBD is a block device which is designed to build high availability
clusters.
Signed-off-by: Bian Naimeng <biannm@cn.fujitsu.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
ncftp is a sophisticated console ftp client.
Signed-off-by: Li Xin <lixin.fnst@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
RADIUS protocol client library.
It is Portable, easy-to-use and standard compliant library suitable
for developing free and commercial software that need support for a
RADIUS protocol (RFCs 2128 and 2139).
Signed-off-by: Li Xin <lixin.fnst@cn.fujitsu.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Open-iSCSI project is a high performance, transport
independent, multi-platform implementation of RFC3720.
Signed-off-by: Li Xin <lixin.fnst@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* Clean INCLUDES to fix the host contamination errors:
In file included from /usr/src/linux/include/linux/posix_types.h:47:0,
from /usr/src/linux/include/linux/types.h:17,
from /usr/src/linux/include/linux/if.h:22,
from sethdlc.c:23:
/usr/src/linux/include/asm-generic/posix_types.h:91:3: \
error: conflicting types for '__kernel_fsid_t'
} __kernel_fsid_t;
^
.../tmp/sysroots/qemumips/usr/include/asm/posix_types.h:26:3: \
note: previous declaration of '__kernel_fsid_t' was here
} __kernel_fsid_t;
^
* Correct LIC_FILES_CHKSUM to checkout license infos from sethdl.c
instead of Makefile.
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
A minor typo was causing LAYERDEPENDS to be overwritten instead of
appended to in our layer.conf.
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
The esmtp is not longer being maintained since 1.2,
but it's used at many distribution now such as Ubuntu trusty(14.04LTS).
Signed-off-by: Bian Naimeng <biannm@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
polarssl compiles with openssl to build unit test cases. If openssl
doesn't exist, native libssl.so will be used. Then causes error:
| .../bitbake_build/tmp/sysroots/x86_64-linux/usr/lib/libssl.so: error adding symbols: File in wrong format
Add dependency openssl for polarssl to fix it.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
This patch is for Freescale QorIQ DPAA and eTSEC which support 1588 hardware
assist module, and mainly uses SO_TIMESTAMPING API for HW timestamp and PHC
API.
Signed-off-by: Yangbo Lu <yangbo.lu@freescale.com>
Signed-off-by: Zhenhua Luo <zhenhua.luo@freescale.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
aliases.db should be created by postinstall script, but failed since
queue_directory is not includes root dir ${D}:
------
|newaliases: fatal: chdir /var/spool/postfix: No such file or directory
------
initscript will recall newaliases before start postfix daemon, the similar
method, which run aliasesdb to create aliases.db when using systemd, is
introduced to fix this issue.
Signed-off-by: Roy.Li <rongqing.li@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
The previous do_install is empty and do nothing.
Tweak install doc dir, so the man doc could be installed to /usr/share/man
rather than /usr/locale/man.
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
The previous do_install is empty and do nothing.
Unset variables datadir and mandir, use pimd's default set.
So it could install doc files correctly.
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Fixed:
make[1]: *** No rule to make target '-lm', needed by 'traceroute'. Stop.
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
inhert perlnative and make sure we use nativeperl
to run perl scripts when compile.
fixed:
| ./makeman.pl
| Can't locate Fatal.pm in @INC
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
This solves the following warning:
squid-3.4.7: squid requires /bin/bash, /usr/bin/perl, but no providers in its
RDEPENDS [file-rdeps]
Signed-off-by: Chong Lu <Chong.Lu@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
This solves the following warning:
polarssl-1.3.8: polarssl: Files/directories were installed but not shipped
/usr/lib
/usr/lib/libpolarssl.so.1.3.8
/usr/lib/libpolarssl.so.7
/usr/lib/libpolarssl.so
/usr/lib/libpolarssl.a
/usr/lib/.debug
/usr/lib/.debug/libpolarssl.so.1.3.8 [installed-vs-shipped]
polarssl-1.3.8: polarssl requires libpolarssl.so.7()(64bit), but no providers
in its RDEPENDS [file-rdeps]
Signed-off-by: Chong Lu <Chong.Lu@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
snmplib/mib.c in net-snmp 5.7.0 and earlier, when the -OQ option is used,
allows remote attackers to cause a denial of service (snmptrapd crash) via
a crafted SNMP trap message, which triggers a conversion to the variable
type designated in the MIB file, as demonstrated by a NULL type in an ifMtu
trap message.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3565
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Fix the service so that the ntpd daemon is run under ntp:ntp.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Acked-by: Peter A. Bigot <pab@pabigot.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
This solves the following warning:
lib32-ntp-4.2.6p5: lib32-ntp: Files/directories were installed but not shipped
/lib/systemd/system/sntp.service [installed-vs-shipped]
Signed-off-by: Chong Lu <Chong.Lu@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
In the commit 'openvpn: use default iproute2 path', the configure flag
to explicitly set the iproute2 path was removed, since busybox now
provides the 'ip' applet at the default path. However, setting this
flag is necessary to bypass the configure-time check for /sbin/ip on the
host, which will otherwise fail if iproute2 is not installed on the
host. Add back the flag (pointing to the correct path), and add a
comment to describe why this is necessary.
Signed-off-by: Ben Shelton <ben.shelton@ni.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
inherit texinfo to use native command instead of host command
Signed-off-by: Roy.Li <rongqing.li@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
This solves the following warning:
WARNING: QA Issue: squid rdepends on libnetfilter-conntrack, but it isn't a
build dependency? [build-deps]
Signed-off-by: Chong Lu <Chong.Lu@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
1. Fix radvd.service to start daemon correctly.
2. Make the daemon run under 'radvd' user by default.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
There have been occasions that net-snmp sees valgrind and then later it's
not available, adding this setting ensures determinism by disabling it by
default
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
make write_behind to return 0 if a empty file is written, to
distinguish a true writing failure[on which the write_behind
will return -1], then the annoying wrong log will disappear.
____
|Error code 3: Disk full or allocation exceeded
-----
Signed-off-by: Roy.Li <rongqing.li@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
This reverts commit b2eb21a5fbcb065e84ed582e87de21bdc3082f00.
It make 3d8520a0b411[tftp-hpa: add error check for disk filled up]
unable to work
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
postfix 2.11.1 adds overriding config check. In postinstall script, it
calls command newaliases to read configure file main.cf_2.0.
config_directory is set in config main.cf_2.0, but it is an overriding
config and warning shows when build an image:
WARNING: log_check: There is a warn message in the logfile
WARNING: log_check: Matched keyword: [warn]
WARNING: log_check: newaliases: warning:
/buildarea3/kkang/poky/qemuarm-build/tmp/work/qemuarm-poky-linux-gnueabi/core-
image-minimal/1.0-r0/rootfs/etc/postfix/main.cf, line 27: overriding
earlier entry: config_directory=/buildarea3/kkang/
poky/qemuarm-build/tmp/work/qemuarm-poky-linux-gnueabi/core-image-minimal/1.0-r0/rootfs/etc/postfix
Remove config_directory setting in main.cf_2.0 to avoid this warning.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
When we start with sysvinit, watchquagga uses quagga init script to
monitor zebra daemon. But we need not do this in systemd environment.
Signed-off-by: Chong Lu <Chong.Lu@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
The solution mainly references Fedora20.
Extract the common part of the code and install it into ${sbindir}.
Add systemd service file.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
squid is a fully-featured http proxy and web-cache daemon for Linux.
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
The default path of ntp drift file is /etc/ntp.drift, ntp daemon
maybe fails to create this file since the user ntp is not always
permitted to write /etc.
Refer to other distributions such as RedHat, Debian, just moving
the file to /var/lib/ntp which the home dir of user ntp.
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
This allows the base recipe and bbappends to reference persistent
mutable state such as a drift file.
Signed-off-by: Peter A. Bigot <pab@pabigot.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
PolarSSL is a lightweight crypto and SSL/TLS library with a strong
focus on embedded systems.
Signed-off-by: Eduardo Silva <eduardo@monkey.io>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
We need subpkgs to start quagga, so add them to RDEPENDS.
Signed-off-by: Chong Lu <Chong.Lu@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Fix pkg_postinst to not exit if "$D" is not empty.
Otherwise, postinsts from update-rc.d.bbclass would not run and the
symlinks under /etc/rc?.d/ would not be created.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
The package provides the server daemon for the iSCSI protocol, as
well as the utility programs used to manage it. iSCSI is a protocol
for distributed disk access using SCSI commands sent over Internet
Protocol networks
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Add systemd service for for radvd.
The unit is disabled by default, just as Fedora20 does.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
With the feature that checking the disk filled up, the return value of
function write_behind was checked and used to detect the disk status.
While for empty file, without data being written, this function will
return -1 thus the disk filled up error was miss-raised. Fix it.
Signed-off-by: Zhang Xiao <xiao.zhang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Integrate a patch from proftpd upstream to fix an integer overflow bug
described in the CVE-2013-4359, which allows remote attachers to cause
a denial of service (memory consumption) attack.
Refer: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4359
Signed-off-by: Shan Hai <shan.hai@windriver.com>
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Bashism:
possible bashism in memcached/etc/init.d/memcached line 40 (bash arrays, ${name[0|*|@]}):
if [ -r "${FILES[0]}" ]; then
possible bashism in memcached/etc/init.d/memcached line 42 (bash arrays, ${name[0|*|@]}):
for FILE in "${FILES[@]}";
possible bashism in memcached/etc/init.d/memcached line 53 (should be VAR="${VAR}foo"):
CONFIGS+=($NAME)
possible bashism in memcached/etc/init.d/memcached line 54 (should be 'b = a'):
elif [ "memcached_$2" == "$NAME" ];
possible bashism in memcached/etc/init.d/memcached line 62 (bash arrays, ${name[0|*|@]}):
if [ ${#CONFIGS[@]} == 0 ];
possible bashism in memcached/etc/init.d/memcached line 71 (bash arrays, ${name[0|*|@]}):
CONFIG_NUM=${#CONFIGS[@]}
possible bashism in memcached/etc/init.d/memcached line 72 ('((' should be '$(('):
for ((i=0; i < $CONFIG_NUM; i++)); do
possible bashism in memcached/etc/init.d/memcached line 73 (bash arrays, ${name[0|*|@]}):
NAME=${CONFIGS[${i}]}
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Bashism:
possible bashism in arptables/etc/init.d/arptables line 14 (should be '.', not 'source'):
source /etc/init.d/functions
possible bashism in arptables/etc/init.d/arptables line 96 ($"foo" should be eval_gettext "foo"):
echo $"Usage $0 {start|stop|restart|condrestart|save|status}"
Use "." to replace of "source", and change /bin/bash to /bin/sh, the
echo $"foo" works well in our busybox.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
No changes except to source version.
Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
No changes other than source checksum.
Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Add a little processing to find correct directory
for source upstream.
Update LIC_FILES_CHKSUM since the latest package
doesn't include a COPYRIGHT file anymore.
Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
tcpslice is a tool for extracting parts of a tcpdump packet trace,
so put it under tcpdump dir
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Refreshed lua.patch due to whitespace changes in top-level Makefile.
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
While kernel is processing the UPDATE message which is sent from racoon,
it maybe interrupted by certain system signal and if this case happens,
kernel responds with an EINTR message to racoon and kernel fails to
establish the corresponding SA.
Fix this problem by resend the UPDATE message when EINTR(Interrupted
system call) error happens.
Signed-off-by: Xufeng Zhang <xufeng.zhang@windriver.com>
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
1. remove unneeded patches:
inetutils-1.9.1/disable-pre-ANSI-compilers.patch
inetutils-1.9.1/remove-gets.patch
2. Update the version from 1.9.1 to 1.9.2 in version.patch
3. remove PR
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Add knob to detect whether hugetlbfs are checked or not.
This patch fixed the error:
ld: cannot find -lhugetlbfs
Signed-off-by: Chong Lu <Chong.Lu@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
since python recipes are now spun out into its own layer
and there are recipes like crda which depend on M2Crypto
python module, of which the recipe is now moved from meta-oe
into meta-python, we need to express this change of layers
otherwise if you are not using meta-python then you end up
with errors e.g.
Nothing PROVIDES 'python-m2crypto-native' (but
meta-networking/recipes-connectivity/crda/crda_1.1.3.bb
DEPENDS on or otherwise requires it).
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
ntp checks for presence of sys/timepps.h to determine whether the kernel
supports the RFC 2783 KPPS interface. Under Linux the pps-tools package
installs this header. Without this feature the ATOM clock driver does
not work, and other drivers like NMEA have reduced precision. Remove
the feature non-determinism and increase ntpd capabilities by adding an
explicit dependency.
See: http://doc.ntp.org/4.2.6/kernpps.html
Signed-off-by: Peter A. Bigot <pab@pabigot.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
The description in a previous patch to disable debugging is incorrect.
Although the option is default-enabled in configure.ac, configure does
respect the option that disables it.
In ntp 4.2.7 the option code is refactored to ntp_debug.m4 and has an
effect in sntp as well. Adding --disable-debugging to the top-level
configure options overrides the default for both 4.2.6 and 4.2.7 without
patching the distribution.
Make the selection explicit and configurable, but restore the historical
default. Absence of debugging capability in the server makes it
difficult to validate complex configurations.
Signed-off-by: Peter A. Bigot <pab@pabigot.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
1. Uprev it to 5.1.0, add remove the unneed patches
2. fix a building failure since not include stdarg.h
3. using pkg-config to check xml and krb5
4. force STRIP to empty to not strip the file
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* removed two patches which were already integrated in 5.2.0:
strongswan-4.3.3-5.1.1_asn1_unwrap.patch
strongswan-5.0.0-5.1.2_reject_child_sa.patch
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
1. uprev to 2.0.20
2. Update the license md5sum, since the address is changed in COPYING*:
From:
Copyright (C) 1989, 1991 Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
To:
Copyright (C) 1989, 1991 Free Software Foundation, Inc.
59 Temple Place, Suite 330, Boston, MA 02111-1307
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
1. uprev to 4.6.1
2. remove three obsolete patches
3. use PACKAGECONFIG, and the default value is ipv6 openssl
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
The monlist feature in ntp_request.c in ntpd in NTP before
4.2.7p26 allows remote attackers to cause a denial of service
(traffic amplification) via forged (1) REQ_MON_GETLIST or
(2) REQ_MON_GETLIST_1 requests, as exploited in the wild
in December 2013.
Signed-off-by: Zhang Xiao <xiao.zhang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
There is a problem in configure.ac file that whether or not
'--enable-debugging' is specified in configure cmdline, debugging
is always enabled.
We should disable ntp debugging by default.
Signed-off-by: Xufeng Zhang <xufeng.zhang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Below error appears as login was auto-detected by default:
| telnetd: /usr/bin/login -p -h 192.168.2.1 : No such file or directory.
| Connection closed by foreign host.
Signed-off-by: Ting Liu <ting.liu@freescale.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
uprev it to 0.99.23
remove patches which have been in the latest version
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
The deprecated test code was no longer used, so remove it
to avoid compiling failure with -Werror=unused-function
...
| example21.cpp:51:8: error: 'size_t {anonymous}::readData(char*,
size_t, size_t)' defined but not used [-Werror=unused-function]
| size_t readData(char *buffer, size_t size, size_t nitems)
...
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Remove 0001-Fix-warning-with-gcc-4.8.patch, it has been in 0.8.2
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Patches really belong in the recipe, not the .inc, given patches are generally
version-bound.
Signed-off-by: Christopher Larson <chris_larson@mentor.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
dnsmasq runs pkg-config to get cflags/libs for its dependencies.
Signed-off-by: Christopher Larson <chris_larson@mentor.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* fixes floating dependency:
WARNING: QA Issue: snort rdepends on util-linux-libuuid but it isn't a build dependency? [build-deps]
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
init script should be installed under /etc/init.d/, not /etc/rc.d/init.d
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
The dnsmasq target depends on .configured and $(objs). .configured does an rm
-f *.o. Yet the only thing telling make to build the .configured target before
the $(objs) target was the order of the dependencies of the dnsmasq target. We
can't rely on that order when doing a paralllel make build, so add an explicit
rule to enforce that order.
Signed-off-by: Christopher Larson <kergoth@gmail.com>
Signed-off-by: Shrikant Bobade <Shrikant_Bobade@mentor.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Commit 6d781369 warranted a PE bump but didn't include it. Update it,
correct a typo in EXTRA_OECONF and explicitly disable c-ares resolver at
the same time.
Acked-by: Armin Kuster <akuster@mvista.com>
Acked-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Minor tweaks to the README to make the email suggestion follow the format
used in other meta-openembedded README files and adding clarification on
building wireshark in a GUI environment.
Acked-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
There are a few recipes in meta-networking that depend unconditionally on
components in meta-oe, so indicate that in the README.
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
ZNC 1.0 allows remote authenticated users to cause a denial of service
(NULL pointer reference and crash) via a crafted request to the (1) editnetwork,
(2) editchan, (3) addchan, or (4) delchan page in modules/webadmin.cpp.
Per: http://cwe.mitre.org/data/definitions/476.html
CWE-476: NULL Pointer Dereference
Signed-off-by: Xufeng Zhang <xufeng.zhang@windriver.com>
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Stack-based buffer overflow in the new_msg_lsa_change_notify function in
the OSPFD API (ospf_api.c) in Quagga before 0.99.22.2, when
--enable-opaque-lsa and the -a command line option are used, allows
remote attackers to cause a denial of service (crash) via a large LSA.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2236
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
strongSwan before 5.1.2 allows remote attackers to cause a denial of
service (NULL pointer dereference and IKE daemon crash) via a crafted
ID_DER_ASN1_DN ID payload.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2891
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
This should address issues found in test-dependencies 2014-07-25
wireshark/wireshark/latest lost dependency on libcap libnl libnl-genl libnl-nf libnl-route portaudio-v19 sbc
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* Inital wireshark support on gtk+, gtk3
* README with additional info
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* Dead peer detection (DPD) is a method that network devices use to verify
the current existence and availability of other peer devices.
* NAT traversal (sometimes abbreviated as NAT-T) is a general term for
techniques that establish and maintain Internet protocol connections
traversing network address translation (NAT) gateways
Signed-off-by: Ting Liu <b28495@freescale.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
1. use PACKAGECONFIG
2. add three patches which will add the address check, to avoid SEGFAULT
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
libdir is defined as ${pref_exec}/lib/, but we want it to support multilib path
Signed-off-by: Roy.Li <rongqing.li@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
it will lead to QA failure, since .debug dir can not be installed into dbg package
ERROR: QA Issue: non debug package contains .debug directory: openvpn path
/work/core2-64-wrs-linux/openvpn/2.3.4-r0/packages-split/openvpn/usr/lib64i
/openvpn/plugins/.debug/openvpn-plugin-down-root.so [debug-files]
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* otherwise the result isn't deterministic
WARN: packages/armv5te-oe-linux-gnueabi/snort/snort/latest lost dependency on libcrypto
* enable it by default, disabling currently doesn't work, because there are --with flags for
openssl, but then configure.in still checks for sha.h header with
AC_CHECK_HEADERS([openssl/sha.h],, SHA_H="no")
and autodetects it, I'll leave patching configure to someone who
is actually using snort (this issue was reported many times and
nobody seems to care).
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* otherwise m4 eats all memory and is killed by OOMK
[1051138.019784] Out of memory: Kill process 26264 (m4) score 860 or sacrifice child
[1051138.019788] Killed process 26264 (m4) total-vm:23062712kB, anon-rss:15066516kB, file-rss:100kB
* very strange, but m4 and snort sometimes have strange side-effects,
from first google result:
http://www.hipforums.com/newforums/showthread.php?t=466568
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
- Added .bb for version 2.3.4.
- The download URL was broken; it's changed to reflect where the website
points to.
- Force use of iproute2, which is generally recommended when running
OpenVPN as an unprivileged user. Ref:
http://community.openvpn.net/openvpn/wiki/UnprivilegedUser
- Explicitly add libpam to DEPENDS if pam is enabled, and disable the
auth-pam plugin if pam is not enabled.
- Pass the path to the 'ip' utility to the configure script to keep it
from trying to find it on the host.
Signed-off-by: Richard Tollerton <rich.tollerton@ni.com>
Signed-off-by: Ben Shelton <ben.shelton@ni.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
WARNING: QA Issue: vsftpd: Files/directories were installed but not shipped
/run
/run/vsftpd
/run/vsftpd/empty
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
1. update the patch tcpdump_configure_no_-O2.patch
2. do not check libdlpi dependence on cross-compile, or else it will
cause do_qa_configure to fail.
3. do not check libpcap dependence, since the libpcap has been added
into DEPENDS, or else it will cause do_qa_configure to fail
4. make the check of getaddrinfo work on cross-compile
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Postfix is Wietse Venema's mail server that started life at IBM
research as an alternative to the widely-used Sendmail program.
Postfix attempts to be fast, easy to administer, and secure.
The outside has a definite Sendmail-ish flavor, but the inside
is completely different.
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Add a '\n' to the last line of the file to fix:
No newline at end of file
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Fixed SRC_URI:
* ${PN} -> ${BPN}, use ${BP} if it was ${PN}-${PV}
* ${P} -> ${BP}
Otherwise we would meet do_fetch errors when we do the multilib, native
or nativesdk build.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
These recipes were all missing pkgconfig dependencies.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
memcached 1.4.15 has some configuration errors:
configure:5798: error: cannot run test program while cross compiling
Uprev has the needed fix for the configuration error and some other fixes.
Signed-off-by: Amy Fong <amy.fong@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
AR is defined as "ar cq" in MCONFIG.in, then "cq" is no longer needed in
Makefile of common and libs subdir.
#grep AR MCONFIG.in
AR = ar cq
#
#grep AR common/Makefile
$(AR) $(LIB) $(OBJS)
#
But MCONFIG maybe not able to be generated by MCONFIG.in, common/Makefile
allows this condition [Note the - before include]
#grep MCONFIG common/Makefile
-include ../MCONFIG
#
then AR from building environment is used, but it not included the parameter
"cq", and lead to below error, so add the "cq" to AR to fix this issue.
i586-wrs-linux-ar libcommon.a tftpsubs.
i586-wrs-linux-ar: two different operation options specified
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* These recipes all use pkg-config in some way but were missing
dependencies on the tool, this patch adds them.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
building rquota_xdr.c depends on a head file, which is generated
when building, so add the dependency to ensure the header file is
generated firstly.
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
The bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and earlier
allows remote attackers to cause a denial of service (assertion failure
and daemon exit) by leveraging a BGP peering relationship and sending a
malformed Outbound Route Filtering (ORF) capability TLV in an OPEN
message.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1820
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
In ascii mode, if the CR and LF was separated into different transfer
blocks, This LF will be just dropped instead of replacing the previous
CR. Add a checking on the first character to fix it.
Signed-off-by: Zhang Xiao <xiao.zhang@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
It needs autotools-brokensep, otherwise do_configure error:
cat: config/pthread.c: No such file or directory
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
It needs autotools-brokensep, otherwise do_configure error:
LifetimeLibrary.cpp:1:49: fatal error: utilspp/singleton/SingletonHolder.hpp: No such file or directory
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
It needs autotools-brokensep, otherwise do_compile error:
src/defines.h:5:18: fatal error: tcpr.h: No such file or directory
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
It needs autotools-brokensep, otherwise do_install error:
install: cannot stat `vblade-20/vblade': No such file or directory
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
It needs autotools-brokensep, otherwise do_install error:
make: *** No rule to make target `install'. Stop.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
It needs autotools-brokensep, otherwise do_install error:
install: cannot stat `doc/sync/ftfw/conntrackd.conf': No such file or directory
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
It needs autotools-brokensep, otherwise do_install error:
make: *** No rule to make target `install'. Stop.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Otherwise do_configure failed:
sed: can't read configure.in: No such file or directory
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Otherwise do_compile failed:
No rule to make target `pppoe.c', needed by `pppoe.o'. Stop.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
It needs autotools-brokensep, otherwise do_configure error:
sed: can't read sasldb/db_berkeley.c: No such file or directory
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
It needs autotools-brokensep, otherwise do_compile error:
proftpd-1.3.4b/include/version.h:1:24: fatal error: buildstamp.h: No such file or directory
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
It needs autotools-brokensep, otherwise do_configure error:
automake: error: 'configure.ac' is required
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
It needs autotools-brokensep, otherwise do_configure error:
run.do_configure.22953: line 109: ./boot.sh: No such file or directory
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Common Information Model (CIM) is a model for describing overall
management information in a network or enterprise environment. CIM
consists of a specification and a schema. The specification defines the
details for integration with other management models. The schema
provides the actual model descriptions.
Signed-off-by: Yao Xinpan <yaoxp@cn.fujitsu.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Some files are in "S" that are needed for install.
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
1. looks like snort dropped reference to barnyard2. At least it's missing in configure.
Also download link to barnyard2 is not available now. Drop this package.
2. update snort version from 2.9.4.6 to 2.9.6.0.
3. fix libdnet paths.
Signed-off-by: Maxim Uvarov <maxim.uvarov@linaro.org>
Signed-off-by: Joe MacDonald <joe@deserted.net>
Do the patching in the do_patch phase instead of the compile
phase. That way if the compile phase needs to be rerun
patching isn't attempted a second time.
Signed-off-by: Dan McGregor <dan.mcgregor@usask.ca>
Signed-off-by: Joe MacDonald <joe@deserted.net>
This recipe was installing net-snmp-config script to STAGING_BINDIR
instead of STAGING_BINDIR_CROSS, during the do_install. It is not
recommended and must be done after staging.
Changes:
* Remove STAGING_BINDIR manipulations from do_install_append
* Add net_snmp_sysroot_preprocess function instead
* Append net_snmp_sysroot_preprocess to SYSROOT_PREPROCESS_FUNCS
Signed-off-by: Alexandre Fournier <alexandre.fournier@kiplink.fr>
Signed-off-by: Joe MacDonald <joe@deserted.net>
* The variables (SAVANNAH_MIRROR)
are defined in oe-core/meta/conf/bitbake.conf.
* MIRRORS in quagga and libunwind is removed.
because the MIRRORS of savannah is globally defined
in oe-core/meta/classes/mirrors.bbclass
Signed-off-by: Changhyeok Bae <changhyeok.bae@lge.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
IKEv2 in strongSwan 4.0.7 before 5.1.3 allows remote attackers to bypass
authentication by rekeying an IKE_SA during (1) initiation or (2)
re-authentication, which triggers the IKE_SA state to be set to
established.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2338
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
The perl_trapd_handler function in perl/TrapReceiver/TrapReceiver.xs
in Net-SNMP 5.7.3.pre3 and earlier, when using certain Perl versions,
allows remote attackers to cause a denial of service (snmptrapd
crash) via an empty community string in an SNMP trap, which triggers
a NULL pointer dereference within the newSVpv function in Perl.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2285
Signed-off-by: yzhu1 <yanjun.zhu@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
The Linux implementation of the ICMP-MIB in Net-SNMP 5.5 before
5.5.2.1, 5.6.x before 5.6.2.1, and 5.7.x before 5.7.2.1 does
not properly validate input, which allows remote attackers
to cause a denial of service via unspecified vectors.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2284
Signed-off-by: yanjun.zhu <yanjun.zhu@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
Set the PERLPROG to target perl to avoid host contamination.
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
Correct the information that printed by radvd initscript.
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
Backport patch to fix CVE-2013-6051.
Signed-off-by: Hu <yadi.hu@windriver.com>
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
When build quagga, it shows QA warnings:
WARNING: QA Issue: ELF binary '/home/build/poky/build/tmp/work/i586-poky-linux/quagga/0.99.21-r2.0/packages-split/quagga-bgpd/usr/sbin/bgpd' has relocations in .text
WARNING: QA Issue: ELF binary '/home/build/poky/build/tmp/work/i586-poky-linux/quagga/0.99.21-r2.0/packages-split/quagga-ripngd/usr/sbin/ripngd' has relocations in .text
The configure script tests compiler whether support option '-fPIE'. If
support, it pass option '-fPIE' to compiler then cause these QA
warnings.
Disable configure script to check option '-fPIC'.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
FILES_${PN} is set to null in original .bb file, this would cause
ndisc6 main package is missing, then one build error will happen:
ERROR: ndisc6 not found in the base feeds (qemux86 i586 x86 noarch any all).
To fix this, need to set ALLOW_EMPTY_${PN} = "1".
Signed-off-by: Xudong.zhu <xudong.zhu@windriver.com>
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
This patch properly uses the path variables and fixes ntptrace and
ntp-wait, just in case perl is not installed with the hardcode path.
Signed-off-by: Rahat Mahbub <rahat.mahbub@windriver.com>
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
Fixes a bug with libvirt and DHCP, which is fixed in 2.66.
"Handle the situation where libc headers define
SO_REUSEPORT, but the kernel in use doesn't, to cope with
the introduction of this option to Linux. Thanks to Rich
Felker for the bug report."
Signed-off-by: Christian Ziethén <Christian.Ziethen@enea.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
This fixes:
dovecot/dovecot/latest lost dependency on libcap
Signed-off-by: Koen Kooi <koen@dominion.thruhere.net>
Signed-off-by: Joe MacDonald <joe@deserted.net>
'--with-ssl=DIR' configure parameter expects the location of the
libraries and include files in the sysroot. This means the directory
containing the 'lib' and 'include' subdirectories, not the include
directory itself.
This fixes an error at configure time:
checking
<local-path>/tmp/sysroots/ccimx6adpt/usr/include/include/openssl/engine.h
usability... no
(notice duplicated include entry in above line)
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
* The SRC_URI is not accessible.
So need to add mirror site referred by the original site.
* The problem is that
http://download.savannah.nongnu.org/releases redirects to closest mirror
and few mirrors (e.g. .jp) weren't working correctly while
http://download-mirror.savannah.gnu.org/releases/ seems to be reliable.
Signed-off-by: Changhyeok Bae <changhyeok.bae@lge.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
If ntp is built without libcap, it refuses to start with the following
message:
Starting ntpd: /usr/sbin/ntpd: The ``user'' option has been disabled -- built
without --enable-clockctl or --enable-linuxcaps
ntpd - NTP daemon program - Ver. 4.2.6p5
USAGE: ntpd [ -<flag> [<val>] | --<name>[{=| }<val>] ]...
By adding cap to the PACKAGECONFIG the default runs. In the
future, someone could add an option for using clockctl.
Signed-off-by: Philip Balister <philip@balister.org>
Signed-off-by: Joe MacDonald <joe@deserted.net>
* when sysv script is removed QA warn is shown:
atftp-0.7.1+gitAUTOINC+be3291a18c: atftp: Files/directories were installed but not shipped
/etc
empty dir doesn't cost much, so just include it
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
The packages tftpd, telnetd and rshd conflict with the ones
provided by netkit, so add the corresponding -dbg packages
for them to avoid the following confliction between the dbg
package of inetutils and netkit:
error: file /usr/sbin/.debug/in.rexecd conflicts between attempted installs of inetutils-dbg-1.9.1-r1.0.armv7a_vfp_neon and netkit-rsh-dbg-0.17-r0.0.armv7a_vfp_neon
error: file /usr/sbin/.debug/in.telnetd conflicts between attempted installs of inetutils-dbg-1.9.1-r1.0.armv7a_vfp_neon and netkit-telnet-dbg-0.17-r0.0.armv7a_vfp_neon
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
Trying to build stunnel fails with:
ERROR 404: Not Found.
Seems that after the new release (5.x) they have moved the old tarball
under a 'archive/4.x' subdirectory.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
...
./bootstrap: Bootstrapping from checked-out netcf sources...
./bootstrap: consider installing git-merge-changelog from gnulib
./bootstrap: line 641:
tmp/sysroots/qemux86/usr/share/gnulib/gnulib-tool: No such file or
directory
...
The gnulib source was incorrectly populated to ${STAGING_DATADIR}.
While the build shared an existed sstate cache, the gnulib's
${SYSROOT_DESTDIR} was empty, the gnulib source code was not
found in sysroots.
We should use do_install task to install them to ${D}, and the
default do_populate_sysroot task will populate them to
${STAGING_DATADIR}.
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Joe MacDonald <joe.macdonald@windriver.com>
The $(subdirs) contains all the dirs under the ${B}, and this one:
do_unpack[cleandirs] = "${S}/patches"
will create a "patches" dir, then there will be compile errors, filter
out the patches will fix the problem.
Note: poky doesn't have this problem since it separates the ${S} and
${B}
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Joe MacDonald <joe.macdonald@windriver.com>
traceroute6 for the name is misleading and will interfere
with traceroute6 in iputils making an alternate link to
the traceroute6 binary, so we change the name to traceroute.
Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Joe MacDonald <joe.macdonald@windriver.com>
* sethdlc: get/set Linux HDLC packet radio modem driver port information
* sethdlc is a program designed to set and/or report the configuration
information associated with a soundcard radio modem port. This information
includes the modem type, what I/O port, IRQ and DMA channel a particular
modem port is using, and where to output a transmitter keying (PTT) signal.
Signed-off-by: Chunrong Guo <B40290@freescale.com>
Signed-off-by: Joe MacDonald <joe.macdonald@windriver.com>
The Function and CPPFunction had been removed by in readline 6.3, use
the new functions to replace them.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Joe MacDonald <joe.macdonald@windriver.com>
We can remove all references to yywrap by adding "%option noyywrap" statements
to each flex source file which doesn't override yywrap. After this, we no longer
need to link against libfl and so no longer get errors about undefined
references to yylex.
Also change the dependency on flex to flex-native as we no longer need libfl
compiled for the target - the lexer is now self-contained.
Signed-off-by: Paul Barker <paul@paulbarker.me.uk>
Signed-off-by: Joe MacDonald <joe@deserted.net>
"--with-binsubdir" controls whether we use bin_PROGRAMS or
sbin_PROGRAMS while installing executable files in ntp
Makefile, in order to install all the relevant files in
/usr/sbin instead of /usr/bin, we can pass "--with-binsubdir=sbin"
in ntp configure cmdline.
Accordingly, updating the path for the files which are
contained in rpm packages.
Signed-off-by: Xufeng Zhang <xufeng.zhang@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
Adding ntp:ntp(user:group) to system and running
ntpd dameon as ntp:ntp.
Signed-off-by: Xufeng Zhang <xufeng.zhang@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
* Add a patch to fix the function parameter.
* Add PACKAGECONFIG for optional packages instead of explicitly
disable, and set sqlite and curl as default.
* Remove the split package strongswan-plugins.
* Add configure option --without-lib-prefix so it doesn't
search for libraries in includedir and libdir to avoid QA error.
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
The netcf downloaded gnulib source to ${S} at the configure time,
while the network disconnected, if sstate cache was cleaned, the
netcf rebuilding failed.
Added a new recipe named 'gnulib' to download gnulib source to
${GITDIR} and populate it to the staging data dir.
So netcf could specify this local directory where gnulib sources
reside to save the bandwidth downloading.
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
The SBINDIR variable in makefile's install rule needs to have a trailing
slash so the path to the 'crda' binary in the udev rule is correct.
Otherwise the udev rule has a wrong path:
KERNEL=="regulatory*", ACTION=="change", SUBSYSTEM=="platform", RUN+="/usr/sbincrda"
and at runtime udev complains:
failed to execute '/usr/sbincrda'
when a regulatory domain event is triggered.
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Acked-by: Koen Kooi <koen@dominion.thruhere.net>
Signed-off-by: Joe MacDonald <joe@deserted.net>
When run 'service radvd stop' in case radvd is not started/running,
we'll get warnings like this:
Stopping radvd: no /usr/sbin/radvd found; none killed
/etc/init.d/radvd: warning: cannot restore settings
radvd.
We could by pass these OPs by just check if the service is running
or not so eliminate possible warnings.
Signed-off-by: Liang Li <liang.li@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
update-alternatives.bbclass does not create the brctl symbolic links for
multilib, since the wrong use of PN generates
/usr/sbin/brctl.lib32-bridge-utils, not /usr/sbin/brctl.bridge-utils;
In fact, no need to rename brctl by calling mv, since update-alternatives
will handle it
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
Changes:
- rename SUMMARY with length > 80 to DESCRIPTION
- rename DESCRIPTION with length < 80 to (non present tag) SUMMARY
- drop final point character at the end of SUMMARY string
- remove trailing whitespace of SUMMARY line
Note: don't bump PR
Signed-off-by: Matthieu Crapet <Matthieu.Crapet@ingenico.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Once babald becomes a background daemon, it should not output information to
stdout, so need to close stdout.
In fact, other daemons close their stdout when they run into background, like
ospfd, isisd and bgpd, by calling daemon() which is in lib/daemon.c
Closing the stdout can fix a tee hang issue { #/usr/sbin/babeld -d |tee tmp }
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
This library is usefull for userspace netfilter log messages
(c.f. iptables and -j NFLOG target).
libnetfilter-conntrack, libnetfilter-cttimeout, libnetfilter-cthelper and
libnetfilter-queue are already available since december of 2012.
Signed-off-by: Matthieu Crapet <Matthieu.Crapet@ingenico.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
it should be CPP, not cpp; this typOS makes vtysh unable to work.
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
The rpath, which configuration computers, is a host-related path in
cross-compile environment; In fact, need to not add rpath into elf
file.
WARNING: QA Issue: package inetutils-ftp contains bad RPATH
/buildarea/build/new/bitbake_build/tmp/sysroots/qemux86-64/usr/lib64 in file
/buildarea/build/new/bitbake_build/tmp/work/x86_64-wrs-linux/inetutils/1.9.1-r1/packages-split/inetutils-ftp/usr/bin/ftp.inetutils
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Reviewed-by: Otavio Salvador <otavio@ossystems.com.br>
Signed-off-by: Joe MacDonald <joe@deserted.net>
Update radvd to version 1.9.8
* remove change-scanner-dependency.patch which is merged
* add 'status' subcommand for radvd.init
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
If wrong path set, inetutils configure script will add a absolute
rpath, which result in the below QA errors:
| ERROR: QA Issue: package inetutils-ftp contains bad RPATH
| ERROR: QA Issue: package inetutils-telnet contains bad RPATH
| ERROR: QA Issue: package inetutils-telnetd contains bad RPATH
| ERROR: QA run found fatal errors. Please consider fixing them.
| ERROR: Function failed: do_package_qa
Signed-off-by: Ting Liu <b28495@freescale.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
The configure script of netcf checks the HOST setup to identify the
network interface. This means it checks for Red Hat, SuSE, debian,
Ubuntu, etc. As this is an embedded cross build, it doesn't seem to
make sense to check the HOST in the first place to determine info for
the TARGET.
Signed-off-by: Ting Liu <b28495@freescale.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
We will get the following ERROR/WARN if we enable systemd and
the installed-vs-shipped check in QA:
ERROR: QA Issue: ntp: Files/directories were installed but not shipped
/lib/systemd/ntp-units.d
/lib/systemd/ntp-units.d/60-ntpd.list
Signed-off-by: Stefan Herbrechtsmeier <stefan@herbrechtsmeier.net>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Use /bin/false as the login shell, just like what Ubuntu does,
otherwise there might be secure issue; add /var/lib/ftp as user
ftp home-dir.
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
WARNING: QA Issue: inetutils: configure was passed unrecognised options: --with-path-login --with-path-procnet-dev
Neither of these appear to be valid for inetutils-1.9.1, so remove them.
Signed-off-by: Joe MacDonald <joe@deserted.net>
Correct the usage of alternative link and target:
ALTERNATIVE_LINK_NAME[name] = "target"
ALTERNATIVE_TARGET[name] = "target"
Signed-off-by: Li Wang <li.wang@windriver.com>
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
The default ntp.conf file does the right thing but one of the comments is
a bit misleading based on the active parts of the file changing a few
times. Update the comment to accurately describe what is happening in the
configuration file and what a user should do next.
Signed-off-by: Joe MacDonald <joe@deserted.net>
When ntpd starts, it will create a daemon to connect this invalid server,
and fail, then ntpd will create other daemon to connect the local-only
(127.127.1.0) server.
The users should be aware that they need to configure the correct ntp
servers, a invalid server will lead to a redundant daemon, so it is better
to comment this example server to wait user to configure
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
tcpreplay - a suite of GPLv3 licensed tools for UNIX operating systems
which gives you the ability to use previously captured traffic in libpcap
format to test a variety of network devices.
Signed-off-by: Zongchun Yu <Zongchun.Yu@freescale.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
/var/run/ is more suitable to store pidfile for OE, and this fixes
"/etc/init.d/proftpd stop" failure too, since this script assumes
the pidfile is under /var/run
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
According to DISTRO_FEATURES to add pam support for quagga, and import
configure file from Fedora.
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
Change the default config file for making watchquagga can startup successful
Signed-off-by: Bopeng Liu <Bopeng.Liu@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
commit 27ba970b9("quagga/ripd: Fix two bugs after received SIGHUP signal")
introduces an regression: ifp->connected list is cleaned up when ripd is
restarting, however, for interface addresses which are not specified in
ripd configuration file, they are never to be added into ifp->connected
again, this will lead to some abnormal behavior for route advertising.
Instead of cleaning up the ifp->connected list to avoid duplicated
connected address being added into this list, we can check this
condition during interface address adding process and return early
when an identical address has already been added.
Signed-off-by: Xufeng Zhang <xufeng.zhang@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
Use /bin/false as the login shell, just like what Ubuntu does,
otherwise there might be secure issue.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
If ntpd script is being called by a non-root user using sudo,
it will fail as follows:
/etc/init.d/ntpd restart
Stopping ntpd: /etc/init.d/ntpd: line 29: start-stop-daemon:
command not found
done
Starting ntpd: /etc/init.d/ntpd: line 24: start-stop-daemon:
command not found
done
This is because /etc/init.d/ntpd calls start-stop-daemon which
is in /sbin (not in the default path for non-root users)
Explicitly configure the PATH to include /sbin.
Signed-off-by: Qiang Chen <qiang.chen@windriver.com>
Signed-off-by: Jeff Polk <jeff.polk@windriver.com>
Reworked to set PATH instead of hardcode the location of start-stop-daemon
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
60-ntpd.list should be installed into the same path as ntp systemd service
file, like Fedora core; Orignal path refers
http://www.freedesktop.org/wiki/Software/systemd/timedated/, but where
systemd_unitdir is assumed as /usr/lib/systemd, not /lib/systemd
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
We don't have a proper help2man so building the manpages fails; just
disable building them to fix this as we do elsewhere.
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
Proftpd is meant to be a system user, not a normal user of the
system so lets pass the correct parameters to the system.
Just add --system param when creating ftp group.
Signed-off-by: Qiang Chen <qiang.chen@windriver.com>
Signed-off-by: Jeff Polk <jeff.polk@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
*snort - a free lightweight network intrusion detection
system for UNIX and Windows
Signed-off-by: Chunrong Guo <B40290@freescale.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
While multilib enabled on qemux86-64, accel-ppp-lib should be installed to
'${baselib}/accel-ppp', but the accel-ppp's CMakeLists.txt hardcoded
to install to 'lib/accel-ppp', such as:
...
INSTALL(TARGETS log_file
LIBRARY DESTINATION lib/accel-ppp
)
...
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
A minimum dnsmasq version of 2.5.9 is required deal with IPv6 link local
addresses. So instead of just going to the minimum version, we can go
all the way to 2.6.3.
As part of this update, the following changes have been made in addition to
the pure version update:
- PR is dropped in favour of PRSERVER functionality
- dhcp_release is added to the default build, since it is used in the
cleanup phase for virtual machines.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
netcf was orginally introduced in meta-virtualization, since it provides
functionality required by libvirt, but it is otherwise not bound to
virtualization.
So we can move it to meta-networking, and in the process uprev to the
the latest 0.2.3 functinality.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
regdbdump and crda are installed in /sbin/ and still link against stuff in
/usr/lib, causing QA warnings / errors:
WARNING: QA Issue: crda: /sbin/regdbdump, installed in the base_prefix, requires a shared library under exec_prefix (/usr): libgcrypt.so.11 => /usr/lib64/libgcrypt.so.11 (0x00000000dead1000)
WARNING: QA Issue: crda: /sbin/regdbdump, installed in the base_prefix, requires a shared library under exec_prefix (/usr): libgpg-error.so.0 => /usr/lib64/libgpg-error.so.0 (0x00000000dead3000)
WARNING: QA Issue: crda: /sbin/crda, installed in the base_prefix, requires a shared library under exec_prefix (/usr): libgcrypt.so.11 => /usr/lib64/libgcrypt.so.11 (0x00000000dead1000)
WARNING: QA Issue: crda: /sbin/crda, installed in the base_prefix, requires a shared library under exec_prefix (/usr): libnl-genl-3.so.200 => /usr/lib64/libnl-genl-3.so.200 (0x00000000dead2000)
WARNING: QA Issue: crda: /sbin/crda, installed in the base_prefix, requires a shared library under exec_prefix (/usr): libnl-3.so.200 => /usr/lib64/libnl-3.so.200 (0x00000000dead3000)
WARNING: QA Issue: crda: /sbin/crda, installed in the base_prefix, requires a shared library under exec_prefix (/usr): libnl-nf-3.so.200 => /usr/lib64/libnl-nf-3.so.200 (0x00000000dead4000)
WARNING: QA Issue: crda: /sbin/crda, installed in the base_prefix, requires a shared library under exec_prefix (/usr): libnl-route-3.so.200 => /usr/lib64/libnl-route-3.so.200 (0x00000000dead5000)
WARNING: QA Issue: crda: /sbin/crda, installed in the base_prefix, requires a shared library under exec_prefix (/usr): libgpg-error.so.0 => /usr/lib64/libgpg-error.so.0 (0x00000000dead7000)
relocate them to /usr/sbin to squelch the warning.
Signed-off-by: Joe MacDonald <joe@deserted.net>
If we build a project without systemd support on a system that has systemd
enabled, the following QA items get flagged:
/lib
/lib/systemd
/lib/systemd/system
/lib/systemd/system/autofs.service
Trying to keep the solution to the problem as contained as possible in a
way that may be accepted up-stream by adding an optional parameter to the
--with-systemd flag.
Signed-off-by: Joe MacDonald <joe@deserted.net>
* Remove all PR = "r0" from all .bb files in meta-oe repo. This was done
with the command sed -e '/^PR.*=.*r0\"/d' meta*/recipes*/*/*.bb -i
* We've switching to the PR server, PR bumps are no longer needed and
this saves people either accidentally bumping them or forgetting to
remove the lines (r0 is the default anyway).
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* make files in bindir/sbindir a bit more deterministic
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
We can use chmod to set the SUID bit for applications in the do_install
task. If we do so, the pkg_postinsts are no longer needed.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
This patch mainly involves two changes.
1. Create necessary files at do_install task. Add these configuration
files to the CONFFILES variable.
2. Move the `chmod' and `chown' commands to do_install task.
After these two changes, qugga can run successfully at rootfs time.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
`/etc/init.d/populate-volatile.sh update' only needs to run in case
of an on-target installation. And it should have a prerequisite that
the script is executable.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
saslpasswd2 is used by an administrator to set a user's sasl password,
setting a default one in pkg_postinst in not only unnecessary but also
inappropriate.
Besides, running saslpasswd2 takes a significant amount of time to finish,
so this pkg_postinst will make the first boot take longer time.
According to the above two reasons, the patch remove the pkg_postint.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
While making use of the cyrus-sasl library an external application
will most likely include sasl.h which will cause compilation failures
if steps haven't been taken to define size_t. This should not be the
responsibility of the application building against the sasl library
but rather handled already in sasl.h. Here we ensure sasl.h has the
proper includes to have size_t defined before it is used.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
There are two problems for ripd implementation after received
SIGHUP signal:
1). ripd didn't clean up ifp->connected list before reload
configuration file which makes the same advertise packet
being sent multiple times(depends on how many SIGHUP was recieved).
2). ripd reset ri->split_horizon flag to RIP_NO_SPLIT_HORIZON
during restart which is different from the flag when ripd is
firstly started up, leading to unnecessary route to be advertised.
[YOCTO #5266]
Signed-off-by: Xufeng Zhang <xufeng.zhang@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
configure python files installation path or else it will use the
default value /usr/lib/python*, which is wrong on 64bit and multilibs
enabled system
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
The tftp-hpa package installs /var/lib/tftpboot and tftpd-hpa is
configured to use that directory, but the default points at /svc/tftpboot.
Correct that so the default points to a location that exists when the
package is installed.
Signed-off-by: Joe MacDonald <joe@deserted.net>
Add --ignore-fail-on-non-empty for rmdir in case there are files in the
directories.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
If ${D}/run doesn't exist, the following statement will have non-zero
exit code, which leads to do_install failure.
test -d ${D}/run && rmdir ${D}/run
Modify it to use the if statement to make the do_install task succeed
no matter ${D}/run exists or not.
Also, this patch removes the unused /var/run directory. Leaving that
directory there will result in /run directory created before splitting
package, which in turn lead to 'installed-vs-shipped' QA error or QA
warning.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
"test -z ${PAMLIB}" in do_install() may report error if ${PAMLIB}
has space chars. This commit added double quotes to wrap it in
case of errors.
Signed-off-by: Qiang Chen <qiang.chen@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
Otherwise, configure will try to auto-detect using host paths.
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
Signed-off-by: Joe MacDonald <joe@deserted.net>
standalone daemon exits as recipe installs file as tftpd-hpa
* Changed script so it can consult /etc/default, as daemon name may be
subject to change.
* Changed the default name to match the recipe
Signed-off-by: David Turgeon <david.turgeon@gmail.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
Without this patch, netperf2.6 can only
support files smaller than 2GB with TCP_SENDFILE item.
Signed-off-by: Ting Liu <b28495@freescale.com>
Tested-by: Jianhua Xie<jianhua.xie@freescale.com>
Reviewed-by: Otavio Salvador <otavio@ossystems.com.br>
Signed-off-by: Joe MacDonald <joe@deserted.net>
Based on work by David Nyström (meta-virtualization) and Laszlo Papp
(meta-oe).
- Import OpenFlow 1.0 from meta-virtualization and provide an updated
version of the recipe for the head of tree in the OpenFlow git
repository.
- Minor tweak in both recipes for do_install_append() spacing.
- Update 'libssl' PACKAGECONFIG flag in both to follow the 'openssl'
convention used elsewhere in meta-oe.
- Create common include file for both versioned and git recipes.
Signed-off-by: Joe MacDonald <joe@deserted.net>
The 0.3 release was a year ago and git HEAD contains fixes to make it
work with contiki, so build from git instead of backporting all of the
patches.
Based on a patch by Koen Kooi <koen@dominion.thruhere.net>
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
Change default value of secure_chroot_dir to /var/run/vsftpd/empty, add
volatiles entry for it, to ensure it won't fail to start with error:
"500 OOPS: vsftpd: not found: directory given in 'secure_chroot_dir':/var/share/empty"
This shows up in both standalone mode or started by xined.
Signed-off-by: Ming Liu <ming.liu@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
Taken from [1]:
"However, if the difference between the client time and server time is greater
than the panic threshold, which defaults to 1000 s, the daemon will send a
message to the system log and shut down without setting the clock."
On RTC-less or 'fresh' systems with unpredicatble inital date ntpd will stop
with work undone (note: I did NOT find the message mentioned above - so it
took long way to fix). This is a wide use case for using NTP in production:
No need for initial datetime setup by some operator.
[1] http://doc.ntp.org/4.1.1/debug.htm
Signed-off-by: Andreas Müller <schnitzeltony@googlemail.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
This directory is empty and is flagged by QA checker
ERROR: QA Issue: inetutils: Files/directories were installed but not
shipped
/usr/lib
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
Correct the warning:
quagga-0.99.21: The /usr/share/info/dir file is not meant to be shipped in a particular package.
Simply remove the installed 'dir' file if info docs are installed.
Signed-off-by: Joe MacDonald <joe@deserted.net>
Add error check when the write-buffer is finally flushed to the file,
the caller can detect if the disk filled up (or had an i/o error) and
return a NOSAPCE nak to the other side.
Signed-off-by: Roy.Li <rongqing.li@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
It's not necessary to specify the protocol parameter when it's the
default protocol for the fetcher, e.g. the default protocol for
git fetcher it git, "protocol=git" isn't needed.
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
1. quagga should depend on iproute2, since ip from busybox is not sufficient
2. fix a typOS(should chmod, not chown)
Signed-off-by: Roy.Li <rongqing.li@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
This fixes the build on at least Fedora 19 x86_64 as a host; we were
trying to link a non-PIC static object into a shared library.
Signed-off-by: Colin Walters <walters@verbum.org>
Signed-off-by: Joe MacDonald <joe.macdonald@windriver.com>
A minor bit of reorganization of the cyrus-sasl recipe directory in
preparation for a build fix.
Signed-off-by: Joe MacDonald <joe.macdonald@windriver.com>
* read-only rootfs cannot run postinsts on first boot and in this case
it doesn't really have to as we can create cron task in do_rootfs
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe.macdonald@windriver.com>
Ebtables needs some kernel configs options to work properly. The standard yocto
kernel config includes these as modules. Add code to load the ebtables module.
Signed-off-by: Mihai Prica <mihai.prica@intel.com>
Signed-off-by: Joe MacDonald <joe.macdonald@windriver.com>
* it fails in do_configure without it
configure.ac:99: error: possibly undefined macro: AC_MSG_ERROR
If this token and others are legitimate, please use m4_pattern_allow.
See the Autoconf documentation.
configure.ac:140: error: possibly undefined macro: AC_MSG_WARN
autoreconf: sysroots/x86_64-linux/usr/bin/autoconf failed with exit status: 1
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Upgrade vsftpd to 3.0.0 with below modification:
1. more strict access limitation, like: do not allow anonymous access
2. use vsftpd.ftpusers and vsftpd.user_list to confine user access
3. enable pam if DISTRO_FEATURE includes pam
4. enable tcp-wrapper
5. install vsftpd.conf with 0600 permission, not 0755
Signed-off-by: Roy.Li <rongqing.li@windriver.com>
Signed-off-by: Joe MacDonald <joe.macdonald@windriver.com>
1. Fix hardcoded libdir
2. configure cyrus-sasl based on PACKAGECONFIG
3. create user by inherit useradd
4. add -fPIC to CFLAG to fix the below building failure:
ld: ../sasldb/.libs/libsasldb.a(db_berkeley.o): relocation R_X86_64_32S against
`.rodata' can not be used when making a shared object; recompile with -fPIC
../sasldb/.libs/libsasldb.a(db_berkeley.o): could not read symbols: Bad value
The cause is that libsasldb.a is built twice since {.c.o: and .c.lo} co-exist, one
with -fPIC, other without -fPIC. if no -fPIC library follows behind, this error
will appear. so we enable -fPIC no matter whatever objects are built.
5. The version of db in oe-core is 5.0
Signed-off-by: Roy.Li <rongqing.li@windriver.com>
Signed-off-by: Joe MacDonald <joe.macdonald@windriver.com>
1. fix a running issue on PPC, since 'char' type has different range of values
on x86 and on PPC.
2. fix a building issue.
Signed-off-by: Roy.Li <rongqing.li@windriver.com>
Signed-off-by: Joe MacDonald <joe.macdonald@windriver.com>
ipsec-tools depends on bison-native
enable ipv6 support by DISTRO_FEATURE, and enable shared library support.
Signed-off-by: Roy.Li <rongqing.li@windriver.com>
Signed-off-by: Joe MacDonald <joe.macdonald@windriver.com>
The ip is being installed into /sbin as of the latest busybox, or oe-core.
Signed-off-by: Roy.Li <rongqing.li@windriver.com>
Signed-off-by: Joe MacDonald <joe.macdonald@windriver.com>
Add the missing dependency on libbsd
it was not building otherwise. libbsd recipes for OE-Core
has been ported please wait until they are applied
| netcat.c:99:24: fatal error: bsd/stdlib.h: No such file or directory
| #include <bsd/stdlib.h>
| ^
| compilation terminated.
| make: *** [netcat.o] Error 1
| make: *** Waiting for unfinished jobs....
| socks.c:41:32: fatal error: bsd/readpassphrase.h: No such file or directory
| #include <bsd/readpassphrase.h>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Joe MacDonald <joe.macdonald@windriver.com>
If the gssapi libraries are compiled before cyrus-sasl, configure will call
AC_TRY_RUN to check if gssapi libraries support SPNEGO, but calling AC_TRY_RUN
will fail on cross-compile environment.
Signed-off-by: Roy.Li <rongqing.li@windriver.com>
Signed-off-by: Joe MacDonald <joe.macdonald@windriver.com>
The Cyrus SASL plugins are loaded without their version number so the
plugin *.so symbolic links need to be placed in the cyrus-sasl package
rather than the cyrus-sasl-dev package.
Signed-off-by: Jonathan Liu <net147@gmail.com>
Signed-off-by: Joe MacDonald <joe.macdonald@windriver.com>
autofs's lib sources have a dependency on a number of files that are
generated by rpcgen during buildtime.
fix a typo in configure.in
Signed-off-by: Roy.Li <rongqing.li@windriver.com>
Signed-off-by: Joe MacDonald <joe.macdonald@windriver.com>
Added Signed-off-by for backport patch refresh. Bumped PR.
Signed-off-by: Thomas Fitzsimmons <fitzsim@cisco.com>
Signed-off-by: Joe MacDonald <joe.macdonald@windriver.com>
WARNING: QA Issue: proftpd: Files/directories were installed but not shipped
/home
/home/ftp
/home/ftp/pub
Signed-off-by: Andreas Müller <schnitzeltony@googlemail.com>
Signed-off-by: Joe MacDonald <joe.macdonald@windriver.com>
Generated package contains perl script but dependecy to perl was missing.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Signed-off-by: Joe MacDonald <joe.macdonald@windriver.com>
When interface goes down, and there are some static routes that are
made with ip route, they are going to be deleted from kernel fib.
That's what kernel does by default. But they are not going to be
deleted from zebra's fib. They will be declared inactive.
This issue was originally discussed in [1] and a patch was proposed.
[1] http://www.gossamer-threads.com/lists/quagga/dev/22609
Signed-off-by: Aws Ismail <aws.ismail@windriver.com>
Signed-off-by: Joe MacDonald <joe.macdonald@windriver.com>
${PN}-utils has greedy expression of capturing all in ${bindir}
and sntp gets swept in too. This move in PACKAGES fixes the problem
and now sntp binary is packaged in sntp package itself.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Joe MacDonald <joe.macdonald@windriver.com>
1.0.15 is latest
1.0.7 is required by HipHopVM
Signed-off-by: Marcin Juszkiewicz <marcin.juszkiewicz@linaro.org>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* Set SUMMARY instead of DESCRIPTION
* Move SRC_URI checksums under SRC_URI
* Move packaging definitions to the end
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
sntp provides the functionality of obsoleted ntpdate
so we have option of using ntpd as well as sntp
sntp does the immediate one time sync with time
server and corrects the tme immediately. it
replaces ntpdate nicely.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Acked-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* Add origin and Upstream-Status to patches
* Set SUMMARY instead of DESCRIPTION
* Add ${PN}d to PACKAGES instead of atftpd to be consistent with the
rest of the recipe
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* Add purpose and Upstream-Status to patch
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* Make dbus a PACKAGECONFIG option and remove dnsmasq-dbus recipe
* Set LICENSE to correctly indicate choice of licenses
* Set SUMMARY instead of DESCRIPTION
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* Move packaging definitions to the end
* Move SRC_URI checksums next to SRC_URI
* Set SUMMARY instead of DESCRIPTION
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* Update HOMEPAGE
* Set SUMMARY instead of DESCRIPTION
* Move DEPENDS up towards the top
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* Move SRC_URI checksums next to SRC_URI
* Move packaging definitions to the end
* Set SUMMARY instead of DESCRIPTION
* Drop unused inc file
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* Fix stripped file QA warning
* Add proper headers to patches (and split makefile.patch into two
parts, one of which may be upstreamable)
* Use PV in SRC_URI instead of hardcoded version
* Move SRC_URI checksums up next to SRC_URI
* Set SUMMARY instead of DESCRIPTION
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* This change is only aesthetic (unlike indentation in Python
tasks).
* Some recipes were using tabs.
* Some were using 8 spaces.
* Some were using mix or different number of spaces.
* Make them consistently use 4 spaces everywhere.
* Yocto styleguide advises to use tabs (but the only reason to keep
tabs is the need to update a lot of recipes). Lately this advice
was also merged into the styleguide on the OE wiki.
* Using 4 spaces in both types of tasks is better because it's less
error prone when someone is not sure if e.g.
do_generate_toolchain_file() is Python or shell task and also allows
to highlight every tab used in .bb, .inc, .bbappend, .bbclass as
potentially bad (shouldn't be used for indenting of multiline
variable assignments and cannot be used for Python tasks).
* Don't indent closing quote on multiline variables
we're quite inconsistent wheater it's first character on line
under opening quote or under first non-whitespace character in
previous line.
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Acked-by: Koen Kooi <koen@dominion.thruhere.net>
