summaryrefslogtreecommitdiffstats
path: root/meta-agl-core/recipes-platform/images/agl-image-boot.inc
AgeCommit message (Collapse)AuthorFilesLines
2023-06-12Remove systemd user session and clean up packagegroups and imagesScott Murray1-16/+0
Remove the use of a systemd user session to align with how upstream runs Weston, and to allow using all systemd sandboxing features with the compositor and homescreen, launcher, etc. applications. The changes for this touched enough packagegroups and images that further rework was done to address some of the cleanup described in SPEC-4813, see below for details. Changes: - Remove agl-session and update various recipes that were manually adding dependencies to the user session it created. The compositor (be it weston or agl-compositor) and Wayland clients now run in the system session as non-root users. - Revive agl-users recipe, this time living in meta-agl-core, with the purpose of creating the agl-driver user. For simplicity, agl-compositor is always run as the agl-driver user, as opposed to trying to wrangle running it as different users depending on build configuration. This can potentially be made more configurable if a downstream user has a usecase to be able to specify another user. - Fully split agl-compositor's systemd unit with a tweaked fork of the weston-init recipe and unit which lives in meta-agl-core. This will be easier to maintain than the attempt to reuse weston-init for builds without meta-app-framework that was done previously. - Create packagegroup-agl-graphical-compositor, distinct from the weston packagegroup. This should make it more straightforward for downstreams that want agl-compositor or weston. - Rename agl-image-agl-compositor to agl-image-compositor to remove redundancy. - Tweak the logic for the inclusion of a few debug packages (e.g. agl-shell-activator) to ensure they only show up in images when agl-devel is enabled. - Split weston-terminal and the required icon resources into separate packages in our weston bbappend to avoid pulling in weston just to get the terminal for testing. - Add a agl-core-image.bbclass to use as a base for images. - Move our cross-SDK configuration to a agl-crosssdk.bbclass to ease reuse. - Remove various empty packagegroups. - Unify image .inc files with their .bb files as a simplification, and to move towards more how upstream Yocto Project does things. - Split pipewire tools into their own -devel packagegroup. - Remove rcar3 additions to packagegroup-agl-graphical-multimedia, as that packagegroup is not machine-specific. They will be added back in via a change in meta-agl-demo. If a downstream user desires a platform-specific packagegroup for such packages in meta-agl-core, this can be revisited, though a different implementation should be used. - Replace some :append usage with += to avoid creating problems for downstream users. Bug-AGL: SPEC-4714, SPEC-4813 Change-Id: I55b29bf749f0d5d50993a362c665bce62b785f67 Signed-off-by: Scott Murray <scott.murray@konsulko.com> Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/28996 Tested-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2022-07-27Add SELinux featureScott Murray1-1/+10
Add agl-selinux feature to enable SELinux support. Notes: - SELinux is in permissive mode by default for now, and using the targeted policy by default. - The linux-yocto specific bbappend in meta-selinux is masked out in favor of adding a more universal kernel configuration fragment with AGL's own scheme. - SELinux specific recipes and bbappends are added via a meta-selinux dynamic-layers addition in meta-agl-core to keep using meta-selinux optional. This will avoid issues with the Yocto autobuilder testing of meta-agl-core. - To avoid the effectively hard-coded autorelabel on first boot, a bbappend is added to the selinux-autorelabel recipe to remove the flag creation. In the off chance that a build happens on a filesystem without xattr support, the logic in the selinux-image bbclass will still touch the /.autorelabel flag and trigger relabeling. - A systemd unit and script are added with a new systemd-selinux-relabel recipe to handle relabeling of some systemd generated files that do not get handled during root filesystem construction. Some of these can be addressed by some upstream tweaks, but /etc/machine-id will always need special handling unless there is a shift to using read-only or stateless root by default. With this workaround we still avoid doing a full relabel and reboot on first boot, which helps simplify CI. Bug-AGL: SPEC-4332 Signed-off-by: Scott Murray <scott.murray@konsulko.com> Change-Id: Ibf469e11eb3a67709074cc6794b3d12cd5071a90 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27790 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
2021-06-01meta-agl-core: Rework packagegroup-agl-core-bootScott Murray1-1/+1
To avoid the problem of it drift with respect to the upstream packagegroup-core-boot that it was originally derived from, rework packagegroup-agl-core-boot to just RDEPEND on it instead. This has the benefit of making the AGL additions more clearly visible. Additionally: - Define VIRTUAL-RUNTIME_base-utils-syslog for packagegroup-core-boot to match AGL's current default. - Add a VIRTUAL-RUNTIME_rngd variable to allow downstream users to remove or replace rng-tools in their distro configuration. - Explicitly add the packagegroup to IMAGE_INSTALL in the base agl-image-boot.inc to better match upstream core-image-minimal in definition, and make sure that any derived image that is created by including the inc file (instead of the bb file) is usable. Bug-AGL: SPEC-3932 Signed-off-by: Scott Murray <scott.murray@konsulko.com> Change-Id: Ib82d5d6b561eca4d059c56b01a0caddefcb48776 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/26376 Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Tested-by: Jenkins Job builder account
2021-05-05meta-agl-core: remove IMAGE_FSTYPES overrideScott Murray1-3/+0
Remove the anonymous python logic added to override any changes to IMAGE_FSTYPES via _append/_remove by BSPs to fix SPEC-3741. The updated Renesas BSP no longer does so, and removing this logic avoids issues when using meta-agl-core with distribution configurations other than poky-agl. Additionally: - Change the IMAGE_FSTYPES and INITRAMFS_FSTYPES assignments in poky-agl.conf back to regular ("=") instead of immediate (":=") so that things like the _appends being done to AGL_DEFAULT_IMAGE_FSTYPES for netboot and CI usecases will take affect. They were only currently working because of the later evaluation in the anonymous python logic that is being removed. - Rationalize agl-image-minimal.inc to just include agl-image-boot.inc, and remove the unnecessary use of the AGL_EXTRA_IMAGE_FSTYPES variable in agl-image-boot.inc. Bug-AGL: SPEC-3897 Signed-off-by: Scott Murray <scott.murray@konsulko.com> Change-Id: Id655683c705678dd3ab1caff8980dba06f46a1bc Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/26292 Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Tested-by: Jenkins Job builder account
2020-12-17SPEC-3723: restructure meta-aglJan-Simon Moeller1-0/+10
Goal is to reach a minimal meta-agl-core as base for IVI and IC work at the same time. Trim dependencies and move most 'demo' related recipes to meta-agl-demo. v2: changed to bbapend + .inc , added description v3: testbuild of all images v4: restore -test packagegroup and -qa images, compare manifests and adapt packagegroups. v5: rebased v6: merged meta-agl-distro into meta-agl-core, due to dependency on meta-oe, moved -test packagegroup and -qa images to own layer meta-agl-core-test v7: Fixed comments from Paul Barker v8: Update the markdown files v9: restore wayland/weston/agl-compositor recipes/appends, reworked to move app f/w specific changes to bbappends in meta-app-framework and only demo specific weston-init changes to meta-agl-demo v10: fix s/agldemo/aglcore/ missed in weston-init.bbappend Description: This patch is part 1 out of 2 large patches that implement the layer rework discussed during the previous workshop. Essentially meta-agl-core is the small but versatile new core layer of AGL serving as basis for the work done by the IC and IVI EGs. All demo related work is moved to meta-agl-demo in the 2nd patchset. This should be applied together as atomic change. The resulting meta-agl/* follows these guidelines: - only bsp adaptations in meta-agl-bsp - remove the agl-profile-* layers for simplicity -- the packagegroup-agl(-profile)-graphical and so on have been kept in meta-agl-demo - meta-agl-profile-core is now meta-agl-core - meta-agl-core does pass yocto-check-layer -- therefore use the bbappend + conditional + .inc file construct found in meta-virtualization - meta-agl/meta-security has been merged into meta-agl/meta-app-framework - meta-netboot does pass yocto-check-layer - meta-pipewire does pass yocto-check-layer Migration: All packagegroups are preserved but they're now enabled by 'agl-demo'. Bug-AGL: SPEC-3723 Signed-off-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org> Signed-off-by: Scott Murray <scott.murray@konsulko.com> Change-Id: Ia6c6e5e6ce2b4ffa69ea94959cdc57c310ba7c53 Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/25769