The 'xsm' option adds a dependency for checkpolicy, which
requires an additional layer (meta-selinux).
Signed-off-by: Chris Patterson <cjp256@gmail.com>
This patch moves the optional SDL dependency to a PACKAGECONFIG
entry. It also cleans up dependencies on both the virtual libsdl
and libsdl. The dependency on libgl is also removed. libGL support
should be enabled with the 'opengl' distro feature instead. The
dependency on glib-2.0 is now explicit as well.
Signed-off-by: Philip Tricca <flihp@twobit.us>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
It's not pretty but the mechanisms in sysvinit-inittab assume the
console device name is tty*. The Xen console device doesn't meet
this criteria.
Signed-off-by: Philip Tricca <flihp@twobit.us>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Fix commit ID: cafc94c4a2
The above commit missed a redirect for the final closing
bracket.
Signed-off-by: Paul Barrette <paul.barrette@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
An updated version of the openflow recipe has been added to meta-openembedded
in the meta-networking layer.
commit: 37660c [openflow: import and tweak] in git://git.openembedded.org/meta-openembedded
So we can safely remove the meta-virt variant of this recipe.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
We don't want to leave build order dictating whether or not we get
sasl support in libvirt so add a PACKAGECONFIG for sasl. I have not
added sasl as a default PACKAGECONFIG since out of the box you would
not normally get sasl being built so this mimics this behavior. I have
listed a RDEPENDS in the PACKAGECONFIG as older Yocto builds for some
reason are not picking up the required runtime dependency.
Signed-off-by: Mark Asselstine <asselsm@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Some init scripts call a "begin" or "warning" function to log early init
phase messages, e.g. openvswitch-controller. These functions are not
part of the default /etc/init.d/functions script, which is provided by
oe-core's lsb pkg. Append these two missing commands to
/etc/init.d/functions during the install phase.
Signed-off-by: Paul Barrette <paul.barrette@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
enable/disable stuff will eventually be replaced with appropriate
use of PACKAGECONFIG.
Signed-off-by: Philip Tricca <flihp@twobit.us>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Make sure openvswitch has all the runtime dependencies defined.
Without e.g. sed, an installer may calculate dependencies and order
packages based on the deps, which may install openvswitch before sed.
This would result in an install failure, when the post install step
calls ovs-pki, which uses sed.
Signed-off-by: Paul Barrette <paul.barrette@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
All of the old RRECOMMENDS are confirmed to be handled via PACKAGECONFIG,
so we can clean up the recipe and remove commented out reference to the
old values.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
This pulls in a dependency on the checkpolicy compiler (native)
and adds --enable-xsmpolicy in do_configure when 'xsm'
DISTRO_FEATURE is present.
Signed-off-by: Philip Tricca <flihp@twobit.us>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Upstream patch to fix race condition between creating /boot and
installing the XSM policy. Race would cause policy to be written
to /boot instead of into the /boot directory if it didn't already
exist.
Signed-off-by: Philip Tricca <flihp@twobit.us>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
xen is not the right dependency for --with-libxl/--without-libxl, replace
it to libxl.
Signed-off-by: Yang Shi <yang.shi@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Add LAYERVERSION and LAYERDEPENDS, it needs depend on oe-core and
meta-networking layer.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
The last line lacked a newline (usually '\n', aka CR or CRLF) in the
end, so there was a warning from git diff:
\ No newline at end of file
The last byte of the file should be a newline.
Note:
It seems that nothing is changed in this commit, but it does change the
end of the last line.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Updated linux kernel fragment to match defaults as defined in the 3.10 kernel's Kconfig files. If defaults were not specified, modules were were used unless required by another built-in option. As such, The core frontend drivers are included by default and the backend drivers are built as modules.
This allows privileged, PV, HVM, and PVHVM guests to work properly without additional kernel configuration or modules required in initramfs (from a Xen support perspective).
This also removes CONFIG_KVM_GUEST which was erroneously included previously.
Signed-off-by: Chris Patterson <cjp256@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
The current behavior for libvirt containers is to
configure a set of "basic" mounts in the new container
environment by default. Some of these mounts, such as
securityfs or selinux, might not have kernel support on
all running platforms. The added patchset implements
proper handling for this case and makes some additional
cleanups and refactoring.
The patchset is taken from the upstream libvirt mailing
list. Please refer to:
https://www.redhat.com/archives/libvir-list/2013-October/msg00270.html
Signed-off-by: Bogdan Purcareata <bogdan.purcareata@freescale.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
It make make sense to break this out into its own package in the
future for those that want to ship a monolithic policy without the
tools but for now we should at least get it in the flask package.
Signed-off-by: Philip Tricca <flihp@twobit.us>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
commit 6807238d87fd [Ensure securityfs is mounted readonly in
container] from upstream libvirt requires securityfs to be mounted,
always. Failing to use a kernel without SECURITYFS support results in
the following error when you attempt to start a lxc guest:
error : lxcContainerMountBasicFS:807 : Failed to mkdir securityfs: No
such file or directory Input/output error
Here we apply an upstream fix for this which allows you to use userns
support instead of SECURITYFS, by using <idmap> in your guest config.
A similar situation exists for SELINUX so here we are bringing in 2
more upstream commits, the first for context and the second, which
like the securityfs patch, doesn't force selinux to be mounted if
userns is used.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Cc: Bogdan Purcareata <bogdan.purcareata@freescale.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Just a bit of clean up. I know xend is deprecated and hopefully no
one will use it but it should end up in the right package.
Signed-off-by: Philip Tricca <flihp@twobit.us>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
1.1.2 is available and fixes a number of issues with 1.1.1 (segfaults
and more).
Since 1.1.1 has been available for a while, with no significant issues
reported, I'm also removing the fallback 1.0.3 and 1.1.1 recipes with
this update.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Add recipe for 1.0.6 version. And, add status and reload commands into
init script.
Signed-off-by: Yang Shi <yang.shi@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
redefining THISDIR and using FILESPATH is no longer required in a
"modern" bbappend, and in fact breaks other layers that also patch
python.
Removing THISDIR and using FILESEXTRAPATHS_prepend fixes both issues.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
During the 1.1.1 uprev, a debug change of overly aggressive packaging
was left in place. The restores the previous packaging divisions.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
The libvirt-python.inc manipulation of PACKAGECONFIG meant that the default
configuration options of the libvirt recipe never fired, since the variable
had an assignment and the lazy set of the configuration values never
applied to the build.
Moving the python PACKAGE_CONFIG options into the main recipe, and ensuring
that PACKAGE_CONFIG_${PN} is used for libvirt-python means that most builds
will now use the default configuration.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Updating to the 1.1.1 libvirt release. Changes from the 1.0.3 recipe include
a fix/workaround for the:
../src/.libs/libvirt.so: undefined reference to `virNetTLSInit'
That is seen on some machines. The current fix is to explicilty link against
the library which provides the definition. A smarter fix via libtool may
be possible, but was elusive at the time of writing this patch.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
In a systemd based build, /var/run is translated to /run. Since ovs doesn't
currently package this directory, it results in a QA error. Adding it to the
main ovs package fixes the QA issue and provides the proper runtime support.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
libvirt generates several python scripts using its python/generator.py
script. This uses the PYTHON variable, which in our case will be a
full path to the sysroot that will not exist on the target. For this
we are patching libvirt to allow for (but not require) TARGET_PYTHON
to be defined and used when generating these python scripts.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
The iasl package is licensed under the Intel ACPI license. This is a
variation of the MIT license but with enough modification that we
don't want to mark it as MIT. Previously building this package would
warn about the missing license. With this change we are providing a
clear text copy of the license and calling this license out in the
iasl recipe to make the warning go away and to ensure we are clearly
defining this package's license information.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
RPM doesn't guarantee the order in which postinstalls are ran.
Added code to ensure the pki directory is initialized.
Signed-off-by: Mihai Prica <mihai.prica@intel.com>
Many LXC templates expect the cache directory to exist and use it without
necessarily checking if it exists. Normally the Makefile would create this
directory but since /var/cache is volatile we must use the volatile system to
create this directory at boot, or when the package is installed.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
