Age | Commit message (Collapse) | Author | Files | Lines |
|
It is important for developement process and for monitoring
hacking to track violations and to monitor wrong uses or problems.
By activating audit with Smack we ensure that detection and reporting
of hazardous or malicious violations will be possible.
Change-Id: I7808ff17b5b8ba1fb09742fd273f46f06917d26b
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
|
|
integration code"
|
|
integration code
Bug-AGL: SPEC-194
Change-Id: I650e190bbda67ad48233bc5aedc0c10ff14aa58f
Signed-off-by: Anton Gerasimov <anton@advancedtelematic.com>
|
|
the target machine
Change-Id: Ifa04f2fb5f6cd5e0ecd2a14af07128e030a44a8b
Signed-off-by: Anton Gerasimov <anton@advancedtelematic.com>
|
|
|
|
* Backwards compatibilty for sota.toml files
* Run 'sync' after installing a package (prevents RPM database corruption)
* Stability fixes
Change-Id: Ie3d3e436b754c1950d8ca6e63e2e214f300cf7d5
Signed-off-by: Phil Wise <phil@advancedtelematic.com>
|
|
Change-Id: Ib92ceda385e5e4d9771b4bb999bff983e18d68a6
Signed-off-by: Ronan <ronan.lemartret@iot.bzh>
|
|
|
|
|
|
The sockets created by kernel thread will now be
tagged @ instead of _.
This problem was occuring during creation of AF_BLUETOOTH (but is
also latent AF_ALG, AF_IUCV, AF_SCTP, AF_TIPC as they don't go
through the normal socket creation process within linux).
Having the tag @ allows read/write to sockets without special
rules and tus solve the problem.
This solution from upstream linux patches backported and from
a patch made by Samsung for Tizen and that is currently
discussed within kernel lists.
Also add some improvements of the LSM Smack (valid caching and signal 0).
These improvements are backports of patches already available for
linux 4.9-rc3.
AGL-bug: SPEC-293 (https://jira.automotivelinux.org/browse/SPEC-293)
Change-Id: I5999a951a4bbeba7947ebfe5df091de07d59e57e
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
|
|
|
|
Bug-AGL: SPEC-307
Change-Id: I74ddc2622048a50243b82fbf023aa05c33322af4
Signed-off-by: Anton Gerasimov <anton@advancedtelematic.com>
|
|
Change-Id: Ic78464d6e9c07e205b222b3f0f3d49ed1b928ed6
Signed-off-by: Ronan <ronan.lemartret@iot.bzh>
|
|
Change-Id: I1d5ceb776427298d46ab26dab2c822041dff00e0
Signed-off-by: Anton Gerasimov <anton@advancedtelematic.com>
|
|
Bug-AGL: SPEC-254
Change-Id: Ic87171163ad81b8fd9f96a5e1d22b9b9522485c2
Signed-off-by: Anton Gerasimov <anton@advancedtelematic.com>
|
|
Change-Id: Iaf00906eb44f50490a67e5f5e5ca229fd1f76028
Signed-off-by: Anton Gerasimov <anton@advancedtelematic.com>
|
|
The ramdisk size on qemux86-64 was 9MB, decompressed, which was causing a
kernel panic on boot. Double it to 16MB.
Change-Id: I11e28977b1342d3d8cb5c43de5105ac288d097f2
Signed-off-by: Phil Wise <phil@advancedtelematic.com>
|
|
|
|
Bug-AGL: SPEC-254
v2 [jsmoeller]: change rpi fdt addr to 200M (fix cma),
re-add inherit gobject-introspection (!)
v3 [oytis]: move boot logic to editable uEnv.txt
Change-Id: Ic54aadc8377ed1e2a8f2f4ab87db2a7a6660cd15
Signed-off-by: Anton Gerasimov <anton@advancedtelematic.com>
Signed-off-by: Jan-Simon Möller <jsmoeller@linuxfoundation.org>
|
|
Host systems without gobject-introspection natively will fail the build.
Add the proper dependencies and wrappers to the recipe.
Fixes:
tmp/sysroots/x86_64-linux/usr/bin/g-ir-compiler --includedir=. OSTree-1.0.gir -o OSTree-1.0.typelib
| Could not find GIR file 'Gio-2.0.gir'; check XDG_DATA_DIRS or use --includedir
| error parsing file OSTree-1.0.gir: Failed to parse included gir Gio-2.0
Change-Id: I2ae926c10aec0bb93c25707917f47ea22da3b870
Signed-off-by: Jan-Simon Möller <jsmoeller@linuxfoundation.org>
|
|
Upgrade OSTree to v2016.12 which was released
on 24 October 2016.
Bug-AGL: SPEC-194
Change-Id: Ia4d937df4386925407d7e3187172be52a9154ae3
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
|
|
Since introduction of ambient capabilities,
systemd deprecated the use of Capabilities.
With systemd 229 activated with krogoth,
the use of Capabilities does nothing.
This commits avoids to use SecureBits and Capabilities.
It now relies on the fact that post installations are
setting the capabilities to the file:
- setcap cap_mac_override,cap_dac_override=ep afm-system-daemon
- setcap cap_mac_override,cap_mac_admin,cap_setgid=ep afm-user-daemon
Using p (permitted) instead of i (inherited) that was
previously used.
It also includes evolutions of the security model to be synchronized
with the deletion of 'User'. The recommended version to use now
is the commit 20bbb97f6d5400b126ae96ef446c3e60c7e16285.
Change-Id: Id24ce7c7651e2fdf8d66b6e8286268e7d88508a0
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
|
|
by live image recipe
Bug-AGL: SPEC-296
Change-Id: Idbb00f33fd04b2a2d9fa8c615347f9b85d917d4a
Signed-off-by: Anton Gerasimov <anton@advancedtelematic.com>
|
|
libgsystem_git.bb needs gobject-introspection in the inherit statements.
Add it there to fix the build.
Change-Id: I43c25ed02b15b7a1f53ab5111813c09a5c6b84fa
Signed-off-by: Jan-Simon Möller <jsmoeller@linuxfoundation.org>
|
|
|
|
|
|
Bug-AGL: SPEC-285
Change-Id: Ie76e8bbad1f272cfc0bc34654a708d3ae233dde0
Signed-off-by: Anton Gerasimov <anton@advancedtelematic.com>
|
|
The initramfs_fstypes default to cpio.gz, we need ext4.gz.
Change-Id: Ib35e7ff23767fbe02b25f7605a22fcfb7b5899c8
Signed-off-by: Jan-Simon Möller <jsmoeller@linuxfoundation.org>
|
|
Without this changeset, we have a multiple provider warning when building
for the rpi.
NOTE: multiple providers are available for virtual/bootloader (u-boot, u-boot-ota)
NOTE: consider defining a PREFERRED_PROVIDER entry to match virtual/bootloader
Change-Id: I5dbf98841ac171bbd4a925786fd7f2849fb7e36b
Signed-off-by: Jan-Simon Möller <jsmoeller@linuxfoundation.org>
|
|
security attributes.
Bug-AGL: SPEC-259
Change-Id: I44499ce3f5f1924aecf63689a93d1f20e779225e
Signed-off-by: Anton Gerasimov <anton@advancedtelematic.com>
|
|
building.
Bug-AGL: SPEC-253
Change-Id: Iaba028604f164f16e05015fe34ff0013ff6e1865
Signed-off-by: Anton Gerasimov <anton@advancedtelematic.com>
|
|
bootable as an OSTree deployment
Bug-AGL: SPEC-253
Change-Id: If636a282d51a64c73c46ce70a361518c1f70cdd6
Signed-off-by: Anton Gerasimov <anton@advancedtelematic.com>
|
|
Within app-framework-binder:
- fixes read and write lock (EAGAIN)
- fixes SIGPIPE handling
- improves the documentation
Within app-framework-main:
- improves documentation (for config.xml)
- fixes setting of permissions
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
Change-Id: If860d00204f82ee85ed1fd4ca9ac9820b844085f
|
|
Upgrade OSTree to v2016.10 which was released
on 08 September 2016.
Bug-AGL: SPEC-194
Change-Id: I20d8214a227259635a388fdd037a0144451e7ac5
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
|
|
Minor bug fix to deploy installed files of OSTree
in /usr/lib/girepository-1.0.
Bug-AGL: SPEC-194
Change-Id: I31fdffbf248623eeff7e7ba5607e3534d700be50
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
|
|
|
|
|
|
|
|
|
|
Bug-AGL: SPEC-249
Change-Id: Ib5d725f203c0b0545b7c6b3196afb149ac8015c2
Signed-off-by: Anton Gerasimov <anton@advancedtelematic.com>
|
|
|
|
Bug-AGL: SPEC-245
Change-Id: Ia5631d786c3375ba3aa0bc6ac75ebaeb358e7b03
Signed-off-by: Anton Gerasimov <anton@advancedtelematic.com>
|
|
- Adds the handling of a root for HTTP files with the option --roothttp
- Improves API for openning localized data
- Adds the handling of language
Change-Id: Ia0c6e840265595b6e0415e8ea7a9e6585d8bb88d
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
OSTree has been upgraded to the latest version
v2016.9 which was released on 31 August. This
release contains mostly minor fixes.
Bug-AGL: SPEC-194
Change-Id: Id7a1cce825aacbb069fd86bc7e81bb7fca46042b
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
|
|
Fixes for OSTree recipe:
* Export staging directories, host and build system,
* Deploy installed files in /usr/lib and /usr/share.
Bug-AGL: SPEC-194
Change-Id: Ieda8c03f24c571827e91b0e72acad515f0cf14ff
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
|
|
Fixes for LibGSystem recipe:
* Export staging directories, host and build system,
* Deploy installed files in /usr/lib and /usr/share.
Bug-AGL: SPEC-194
Change-Id: I9e564088d545525c791426f6a80a870f5b6b45b5
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
|
|
build with otaimg"
|