[oe] [meta-oe][PATCH] libseccomp: import from meta-security
Yu, Mingli
mingli.yu at windriver.com
Fri Jul 26 08:51:05 UTC 2019
On 2019年07月26日 11:23, Bruce Ashfield wrote:
> On Thu, Jul 25, 2019 at 11:01 PM Yu, Mingli <mingli.yu at windriver.com> wrote:
>>
>>
>>
>> On 2019年07月26日 10:46, Bruce Ashfield wrote:
>>>
>>>
>>> On Thu, Jul 25, 2019 at 10:28 PM Yu, Mingli <mingli.yu at windriver.com
>>> <mailto:mingli.yu at windriver.com>> wrote:
>>>
>>>
>>>
>>> On 2019年07月25日 21:45, Bruce Ashfield wrote:
>>> > On Thu, Jul 25, 2019 at 3:06 AM <mingli.yu at windriver.com
>>> <mailto:mingli.yu at windriver.com>> wrote:
>>> >>
>>> >> From: Mingli Yu <Mingli.Yu at windriver.com
>>> <mailto:Mingli.Yu at windriver.com>>
>>> >
>>> > Can you share some details as to why this should be pulled from
>>> > meta-security into a different repo ?
>>>
>>> Considering there is also some security related recipe under
>>> meta-oe/recipes-security/, I think it's not strange to add a new one
>>> libseccomp and libseccomp also provides a basic common filtering
>>> mechanism.
>>>
>>>
>>> .. but it is literally churn for the sake of churn.
>>>
>>> Meaning, that isn't a great reason to move something. If Armin wanted to
>>> put the recipe in meta-oe, he would have done it himself.
>>
>> ^_^, I noticed Armin did try to do this in this thread "[oe]
>> [meta-oe][PATCH 1/2] libseccomp: move lib from meta-security to meta-oe"
>> in Jun 1, 2018.
>
> In that case, follow up to that thread so folks can remember why it
> didn't happen, or check to see if it was simply forgotten. Putting the
> maintainers on the cc' from the start of something like this helps
> immensely.
>
> But I see you added Armin to this thread, so that should be enough.
Hi Bruce,
I'm okay to keep libseccomp under meta-security and can consider moving
it to meta-oe if anyone thinks it is worth.
>
> Bruce
>
>>
>>>
>>>
>>> Meanwhile, the below yocto compliance check error disappears once we
>>> move libseccomp from meta-security to meta-oe.
>>> ERROR: Nothing PROVIDES 'libseccomp' (but
>>> /buildarea/layers/meta-virtualization/recipes-containers/cri-o/cri-o_git.bb
>>> <http://cri-o_git.bb>
>>> DEPENDS on or otherwise requires it).
>>> Close matches:
>>> libcomps
>>> ERROR: Required build target 'meta-world-pkgdata' has no buildable
>>> providers.
>>>
>>> Missing or unbuildable dependency chain was: ['meta-world-pkgdata',
>>> 'cri-o', 'libseccomp']
I will find other solution to solve the above error related to yocto
compliance check.
Thanks,
>>>
>>>
>>> Also not a valid reason. We've just fixed meta-virtualization, so
>>> there's no need to shuffle something like this around, just to keep
>>> another layers compliance check working.
>>>
>>> Bruce
>>>
>>>
>>> Thanks,
>>>
>>> >
>>> > It seems to fit the mandate of meta-security quite nicely ;)
>>> >
>>> > Is there some sort of dependency issue, or other technical problem
>>> > that is causing a problem ?
>>> >
>>> > Bruce
>>> >
>>> >>
>>> >> Signed-off-by: Mingli Yu <Mingli.Yu at windriver.com
>>> <mailto:Mingli.Yu at windriver.com>>
>>> >> ---
>>> >> .../recipes-security/libseccomp/files/run-ptest | 4 +++
>>> >> .../libseccomp/libseccomp_2.4.1.bb
>>> <http://libseccomp_2.4.1.bb> | 41 ++++++++++++++++++++++
>>> >> 2 files changed, 45 insertions(+)
>>> >> create mode 100644
>>> meta-oe/recipes-security/libseccomp/files/run-ptest
>>> >> create mode 100644
>>> meta-oe/recipes-security/libseccomp/libseccomp_2.4.1.bb
>>> <http://libseccomp_2.4.1.bb>
>>> >>
>>> >> diff --git a/meta-oe/recipes-security/libseccomp/files/run-ptest
>>> b/meta-oe/recipes-security/libseccomp/files/run-ptest
>>> >> new file mode 100644
>>> >> index 0000000..54b4a63
>>> >> --- /dev/null
>>> >> +++ b/meta-oe/recipes-security/libseccomp/files/run-ptest
>>> >> @@ -0,0 +1,4 @@
>>> >> +#!/bin/sh
>>> >> +
>>> >> +cd tests
>>> >> +./regression -a
>>> >> diff --git
>>> a/meta-oe/recipes-security/libseccomp/libseccomp_2.4.1.bb
>>> <http://libseccomp_2.4.1.bb>
>>> b/meta-oe/recipes-security/libseccomp/libseccomp_2.4.1.bb
>>> <http://libseccomp_2.4.1.bb>
>>> >> new file mode 100644
>>> >> index 0000000..dba1be5
>>> >> --- /dev/null
>>> >> +++ b/meta-oe/recipes-security/libseccomp/libseccomp_2.4.1.bb
>>> <http://libseccomp_2.4.1.bb>
>>> >> @@ -0,0 +1,41 @@
>>> >> +SUMMARY = "interface to seccomp filtering mechanism"
>>> >> +DESCRIPTION = "The libseccomp library provides and easy to use,
>>> platform independent,interface to the Linux Kernel's syscall
>>> filtering mechanism: seccomp."
>>> >> +SECTION = "security"
>>> >> +LICENSE = "LGPL-2.1"
>>> >> +LIC_FILES_CHKSUM =
>>> "file://LICENSE;beginline=0;endline=1;md5=8eac08d22113880357ceb8e7c37f989f"
>>> >> +
>>> >> +SRCREV = "fb43972ea1aab24f2a70193fb7445c2674f594e3"
>>> >> +
>>> >> +SRC_URI =
>>> "git://github.com/seccomp/libseccomp.git;branch=release-2.4
>>> <http://github.com/seccomp/libseccomp.git;branch=release-2.4> \
>>> >> + file://run-ptest \
>>> >> +"
>>> >> +
>>> >> +S = "${WORKDIR}/git"
>>> >> +
>>> >> +inherit autotools-brokensep pkgconfig ptest
>>> >> +
>>> >> +PACKAGECONFIG ??= ""
>>> >> +PACKAGECONFIG[python] = "--enable-python, --disable-python, python"
>>> >> +
>>> >> +do_compile_ptest() {
>>> >> + oe_runmake -C tests check-build
>>> >> +}
>>> >> +
>>> >> +do_install_ptest() {
>>> >> + install -d ${D}${PTEST_PATH}/tests
>>> >> + install -d ${D}${PTEST_PATH}/tools
>>> >> + for file in $(find tests/* -executable -type f); do
>>> >> + install -m 744 ${S}/${file} ${D}/${PTEST_PATH}/tests
>>> >> + done
>>> >> + for file in $(find tests/*.tests -type f); do
>>> >> + install -m 744 ${S}/${file} ${D}/${PTEST_PATH}/tests
>>> >> + done
>>> >> + for file in $(find tools/* -executable -type f); do
>>> >> + install -m 744 ${S}/${file} ${D}/${PTEST_PATH}/tools
>>> >> + done
>>> >> +}
>>> >> +
>>> >> +FILES_${PN} = "${bindir} ${libdir}/${BPN}.so*"
>>> >> +FILES_${PN}-dbg += "${libdir}/${PN}/tests/.debug/*
>>> ${libdir}/${PN}/tools/.debug"
>>> >> +
>>> >> +RDEPENDS_${PN}-ptest = "bash"
>>> >> --
>>> >> 2.7.4
>>> >>
>>> >> --
>>> >> _______________________________________________
>>> >> Openembedded-devel mailing list
>>> >> Openembedded-devel at lists.openembedded.org
>>> <mailto:Openembedded-devel at lists.openembedded.org>
>>> >> http://lists.openembedded.org/mailman/listinfo/openembedded-devel
>>> >
>>> >
>>> >
>>>
>>>
>>>
>>> --
>>> - Thou shalt not follow the NULL pointer, for chaos and madness await
>>> thee at its end
>>> - "Use the force Harry" - Gandalf, Star Trek II
>>>
>
>
>
More information about the Openembedded-devel
mailing list