summaryrefslogtreecommitdiffstats
path: root/meta-agl-core/conf/include
AgeCommit message (Collapse)AuthorFilesLines
2022-07-27Add SELinux featureScott Murray1-0/+20
Add agl-selinux feature to enable SELinux support. Notes: - SELinux is in permissive mode by default for now, and using the targeted policy by default. - The linux-yocto specific bbappend in meta-selinux is masked out in favor of adding a more universal kernel configuration fragment with AGL's own scheme. - SELinux specific recipes and bbappends are added via a meta-selinux dynamic-layers addition in meta-agl-core to keep using meta-selinux optional. This will avoid issues with the Yocto autobuilder testing of meta-agl-core. - To avoid the effectively hard-coded autorelabel on first boot, a bbappend is added to the selinux-autorelabel recipe to remove the flag creation. In the off chance that a build happens on a filesystem without xattr support, the logic in the selinux-image bbclass will still touch the /.autorelabel flag and trigger relabeling. - A systemd unit and script are added with a new systemd-selinux-relabel recipe to handle relabeling of some systemd generated files that do not get handled during root filesystem construction. Some of these can be addressed by some upstream tweaks, but /etc/machine-id will always need special handling unless there is a shift to using read-only or stateless root by default. With this workaround we still avoid doing a full relabel and reboot on first boot, which helps simplify CI. Bug-AGL: SPEC-4332 Signed-off-by: Scott Murray <scott.murray@konsulko.com> Change-Id: Ibf469e11eb3a67709074cc6794b3d12cd5071a90 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27790 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-07-14Add feature for SPDX SBOM generationJan-Simon Moeller1-0/+1
We enable the built-in features of YP in kirkstone to create an spdx file that can serve as SBOM. Bug-AGL: SPEC-4384 Signed-off-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Change-Id: I98907fc07aee8c6eefbb6f0e12d30583268832d7 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27694 Tested-by: Jenkins Job builder account
2022-06-15Feature cleanup for Nifty NeedlefishJan-Simon Moeller1-8/+0
Remove features with upstream deprecated or unmaintained: - meta-gplv2 Bug-AGL: SPEC-4407 Signed-off-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Change-Id: I39a08b3ebd26a0187a8fd31e6f154dd53471bb9c Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27658 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Scott Murray <scott.murray@konsulko.com>
2021-11-20Follow-up removal of deprecated recipes after appfw removalJan-Simon Moeller1-2/+0
A follow-up cleanup to the previous changes. - the aws+azure binders are deprecated in master, thus remove meta-iot-cloud - meta-security is no longer a dependency - rm agl-sota (due to meta-updater deprecation) - rm agl-sign-wgts feature - cleanup poky-agl.conf Bug-AGL: SPEC-4121 Signed-off-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Change-Id: I274179ab1fb74b274e955bd9a3eeccccac615770 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/26870 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Scott Murray <scott.murray@konsulko.com>
2021-08-23Convert to new override syntaxScott Murray2-6/+6
This is mostly the result of running a slightly customized version of the convert-overrides.py script from poky with additional overrides added. A few minor fixups were done by hand afterwards during a review of the changes. The intent of these changes is to minimize the effort to keep the "next" branch that builds against poky master up to date and tested in preparation for the switch to the next Yocto LTS release in early 2022. Bug-AGL: SPEC-4052 Signed-off-by: Scott Murray <scott.murray@konsulko.com> Change-Id: Ia3bf63b7cb1aa1d95ada373d1a3ab56def0a125d Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/26564 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2021-06-23Remove default inclusion of kernel-modulesScott Murray1-6/+2
Remove the kernel-modules meta package append to IMAGE_INSTALL from the default base-agl.inc aglsetup.sh template, as it essentially turns a developer convenience into default behavior that may not be desirable by all users. Note that this does change the contents of agl-image-(boot|minimal|weston) with respect to kernel modules on most platforms, but if this proves problematic it is recommended that kernel-modules be added back elsewhere in a more transparent fashion. A corresponding change will be made in meta-agl-demo to retain the behavior for the demo platform images. Bug-AGL: SPEC-3983 Signed-off-by: Scott Murray <scott.murray@konsulko.com> Change-Id: Ie1098f25d69e721345d13db3681278543d594e78 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/26431 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2021-06-08Add agl-package-management featureScott Murray1-0/+6
Changes: - Move addition of package-management to IMAGE_FEATURES and associated package feed variables to a new agl-package-management feature template. The feature is not included by default in the base set. - To somewhat maintain the previous developer experience the new feature has been made a dependency of the agl-devel feature. In practice, the only images affected by this change are agl-image-minimal and agl-image-weston from meta-agl-core, the demo platform images in meta-agl have package management enabled by default. Bug-AGL: SPEC-3971 Signed-off-by: Scott Murray <scott.murray@konsulko.com> Change-Id: I56665e1cd82db19a697fdae2551a9276eab08961 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/26393 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2021-01-14meta-agl: move open-vm-tools and vboxguestdrivers to meta-agl-demoJan-Simon Möller1-2/+0
open-vm-tools and vboxguestdrivers do have a dependency to meta-networking which is no longer included in meta-agl-core . Move the inclusion into meta-agl-demo . Bug-AGL: SPEC-3769 Signed-off-by: Jan-Simon Möller <jsmoeller@linuxfoundation.org> Change-Id: I19b3400d1eb3e2b5e3338d10f584025a16645982 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/25912 Tested-by: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org> ci-image-build: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org> ci-image-boot-test: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org>
2020-12-17SPEC-3723: restructure meta-aglJan-Simon Moeller3-0/+50
Goal is to reach a minimal meta-agl-core as base for IVI and IC work at the same time. Trim dependencies and move most 'demo' related recipes to meta-agl-demo. v2: changed to bbapend + .inc , added description v3: testbuild of all images v4: restore -test packagegroup and -qa images, compare manifests and adapt packagegroups. v5: rebased v6: merged meta-agl-distro into meta-agl-core, due to dependency on meta-oe, moved -test packagegroup and -qa images to own layer meta-agl-core-test v7: Fixed comments from Paul Barker v8: Update the markdown files v9: restore wayland/weston/agl-compositor recipes/appends, reworked to move app f/w specific changes to bbappends in meta-app-framework and only demo specific weston-init changes to meta-agl-demo v10: fix s/agldemo/aglcore/ missed in weston-init.bbappend Description: This patch is part 1 out of 2 large patches that implement the layer rework discussed during the previous workshop. Essentially meta-agl-core is the small but versatile new core layer of AGL serving as basis for the work done by the IC and IVI EGs. All demo related work is moved to meta-agl-demo in the 2nd patchset. This should be applied together as atomic change. The resulting meta-agl/* follows these guidelines: - only bsp adaptations in meta-agl-bsp - remove the agl-profile-* layers for simplicity -- the packagegroup-agl(-profile)-graphical and so on have been kept in meta-agl-demo - meta-agl-profile-core is now meta-agl-core - meta-agl-core does pass yocto-check-layer -- therefore use the bbappend + conditional + .inc file construct found in meta-virtualization - meta-agl/meta-security has been merged into meta-agl/meta-app-framework - meta-netboot does pass yocto-check-layer - meta-pipewire does pass yocto-check-layer Migration: All packagegroups are preserved but they're now enabled by 'agl-demo'. Bug-AGL: SPEC-3723 Signed-off-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Signed-off-by: Scott Murray <scott.murray@konsulko.com> Change-Id: Ia6c6e5e6ce2b4ffa69ea94959cdc57c310ba7c53 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/25769