[bitbake-devel] [PATCH v3] fetch2: Add BB_ALLOWED_NETWORKS support

Tue Jun 16 19:25:57 UTC 2015

>-----Original Message-----
>From: Liam R. Howlett [mailto:Liam.Howlett at windriver.com]
>Sent: Tuesday, June 16, 2015 12:24 PM
>To: Rifenbark, Scott M
>Cc: Paul Eggleton; Bernhard Reutner-Fischer; Gary Thomas; bitbake-
>devel at lists.openembedded.org
>Subject: Re: [bitbake-devel] [PATCH v3] fetch2: Add
>BB_ALLOWED_NETWORKS support
>
>* Rifenbark, Scott M <scott.m.rifenbark at intel.com> [150616 11:25]:
>>
>>
>> >-----Original Message-----
>> >From: Liam R. Howlett [mailto:Liam.Howlett at windriver.com]
>> >Sent: Tuesday, June 16, 2015 6:42 AM
>> >To: Paul Eggleton
>> >Cc: Bernhard Reutner-Fischer; Rifenbark, Scott M; Gary Thomas;
>> >bitbake- devel at lists.openembedded.org
>> >Subject: Re: [bitbake-devel] [PATCH v3] fetch2: Add
>> >BB_ALLOWED_NETWORKS support
>> >
>> >* Paul Eggleton <paul.eggleton at linux.intel.com> [150616 04:40]:
>> >> On Monday 15 June 2015 23:47:29 Bernhard Reutner-Fischer wrote:
>> >> > On June 15, 2015 4:03:11 PM GMT+02:00, "Rifenbark, Scott M"
>> >> <scott.m.rifenbark at intel.com> wrote:
>> >> > >Hi,
>> >> > >
>> >> > >Here is a first draft of documenting the BB_ALLOWED_NETWORKS
>> >> > >variable in the BitBake User Manual.  I re-wrote the original
>> >> > >text to be active voice and applied some different organization
>> >> > >of the facts to help the flow out.  Regarding Gary's input about
>> >> > >BB_NO_NETWORK..... I took a half guess at incorporating it.
>> >> > >Please look this new description over and let me know of any
>> >> > >corrections I need
>> >to make.
>> >> > >http://www.yoctoproject.org/docs/1.9/bitbake-user-manual/bitbake
>> >> > >-us
>> >> > >er-manua
>> >> > >l.html#var-BB_ALLOWED_NETWORKS.
>> >
>> >Hi,
>> >
>> >The documentation looks correct, however it might be worth noting
>> >that adding the host you'd like to use to PREMIRROR will result in
>> >the source code being fetched from an allowed location and avoid
>> >raising an error when a host that is not allowed is in a SRC_URI
>> >because the fetcher will not attempt to use the SRC_URI host after a
>> >successful fetch from the PREMIRROR.  Using BB_ALLOWED_NETWORK in
>> >conjunction with PREMIRROR is where this feature is very useful.
>>
>> Check the link to the variable description out now Liam.  Let me know if this
>addition is okay.
>
>This looks good!
>
>Thanks,
>Liam

Awesome... I will get the commit into the Bitbake repo and then duplicate the entry in the YP ref-manual.

Thanks,
Scott

>
>>
>> >
>> >
>> >> > Was the v3 fixed / extended to allow for netmasks, btw?
>> >> > Think
>> >> > /etc/hosts
>> >> > foo.example.com 10.0.0.1
>> >> > bar.example.com 10.0.0.254
>> >> > baz.example.com ::1
>> >> >
>> >> > BB_ALLOWED_NETWORKS = 10.0.0.0/24 1.1.1.1/31 ::1/127
>> >>
>> >> I don't believe so. You can see what actually went in here:
>> >>
>> >> http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/?id=59ce7d02a
>> >> 57e
>> >> 0a642d839ab48677f6ac1886180f
>> >>
>> >> Cheers,
>> >> Paul
>> >
>> >
>> >There isn't netmask support, but you can achieve the same result in
>> >your example above by using BB_ALLOWED_NETWORKS =
>"*.example.com"
>> >
>> >Version 2 updated the host matching and added a few more tests.
>> >
>> >Version 3 changed the name from BB_TRUSTED_NETWORKS to
>> >BB_ALLOWED_NETWORKS.
>> >
>> >
>> >Thanks,
>> >Liam R. Howlett
>> >
>> >>
>> >> --
>> >>
>> >> Paul Eggleton
>> >> Intel Open Source Technology Centre