Age | Commit message (Collapse) | Author | Files | Lines |
|
Changes:
- Add logic to init.sh to handle autorelabeling the root filesystem
if it is tagged as requiring it. In practice this should only be
required when booting images built on hosts that have xattr support,
or if relabeling is manually triggered on subsequent boots. There
was a stated goal of avoiding the reboot from the later userspace
handling of autorelabeling in CI, so this hook aims to enable that
for the non-xattr build host corner case.
- Add a resolv-conf-relabel recipe that installs a systemd unit to
relabel /etc/resolv.conf when netbooting. This is required because
the file always gets modified inside init.sh, and it does not seem
worthwhile to always do the extra policy load required to relabel it
in the initramfs. This may need to be revisited if it proves
difficult to handle denials in early booting when netbooting.
- Add the required extra packages for relabeling to IMAGE_INSTALL.
Bug-AGL: SPEC-4332
Signed-off-by: Scott Murray <scott.murray@konsulko.com>
Change-Id: I26b27c1cea68a029264352bd206c160cac3d451e
Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27791
Tested-by: Jenkins Job builder account
ci-image-build: Jenkins Job builder account
ci-image-boot-test: Jenkins Job builder account
Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
|
|
make them more standardized
Bug-AGL: SPEC-4374
Signed-off-by: duerpei <duep.fnst@fujitsu.com>
Change-Id: Ie11168254ab76acd11382b33501fb4881710a5bf
Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27479
Tested-by: Jenkins Job builder account
ci-image-build: Jenkins Job builder account
ci-image-boot-test: Jenkins Job builder account
Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
|
|
An increasing number of advanced systemd features with respect to
immutable systems and sandboxing are effectively dependent on the
usrmerge distro feature, so it seems reasonable to enable it since
upstream AGL currently requires systemd usage. See SPEC-4352 for
more detailed discussion of rationale.
Changes:
- Add usrmerge to AGL_DEFAULT_DISTRO_FEATURES in poky-agl.conf.
- Add workarounds via bbappends in meta-agl-bsp for the assumption
of using /lib instead of ${nonarch_base_libdir} in various
meta-rcar-gen3 kernel module recipes. This will be followed up
with upstream to hopefully fix the recipes.
- Replaced some explicit /sbin usage with ${sbindir} in the
initramfs-netboot recipe used by the agl-netboot feature to avoid
packaging errors.
Bug-AGL: SPEC-4352
Signed-off-by: Scott Murray <scott.murray@konsulko.com>
Change-Id: Ibc0ae1e2628aca6474401e0852bbb97085f4ecfa
Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27437
Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
Tested-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
Tested-by: Jenkins Job builder account
ci-image-build: Jenkins Job builder account
ci-image-boot-test: Jenkins Job builder account
|
|
During the last workshop the transition to the new framework was presented.
This change essentially deprecates the SMACK-based application framework.
To prepare the integration of it, we remove the deprecated components:
- meta-agl-core: remove Smack kernel patches
- meta-app-framework
- meta-pipewire/dynamic-layers/meta-app-framework/
v2: rebased
Bug-AGL: SPEC-4121
Signed-off-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
Change-Id: Icdaeadfb5d2193f3a4c535168c88da6073423e67
Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/26752
|
|
This is mostly the result of running a slightly customized version
of the convert-overrides.py script from poky with additional
overrides added. A few minor fixups were done by hand afterwards
during a review of the changes.
The intent of these changes is to minimize the effort to keep the
"next" branch that builds against poky master up to date and tested
in preparation for the switch to the next Yocto LTS release in
early 2022.
Bug-AGL: SPEC-4052
Signed-off-by: Scott Murray <scott.murray@konsulko.com>
Change-Id: Ia3bf63b7cb1aa1d95ada373d1a3ab56def0a125d
Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/26564
Tested-by: Jenkins Job builder account
ci-image-build: Jenkins Job builder account
ci-image-boot-test: Jenkins Job builder account
Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
|
|
Use -persist option for nbd.
Bug-AGL: SPEC-3221
Bug-AGL: SPEC-3232
Signed-off-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
Change-Id: Ia2eb94eeb3882b6546ebe9df04befdd42c99bd15
|
|
This patch changes the method to detect the current network interface
used for netboot. Instead of using the 'ip' command, it parses the content
of /sys/class/net/* to detect the first running ethernet interface.
Two new messages are now visible on the console in initramfs phase:
--------------------------------------------------
/sbin/init[1]: find_active_interface: first active interface is eth0
/sbin/init[1]: Adjusting Connman command line. Will be: 'connmand -r -n -I eth0'
--------------------------------------------------
Background:
When booting using netboot, it's necessary to update connman command line
options to ignore the network interface used for NBD connection.
For this, the initramfs script tries to detect the interface in use by
running 'ip -o link show state'.
'ip' command comes with iproute2 package but for various reasons, some AGL
images like m3ulcb-nogfx don't have iproute2 installed. In this case, the
'ip' command is implemented by busybox, which doesn't support the '-o' option.
This leads to issues when running connman as the command line is not properly
updated.
Bug-AGL: SPEC-2921
Change-Id: I5691f04ab462a148219b741d235247a2bfbc2e24
Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
|
|
When using netboot, the kernel is responsible for establishing the IP connection.
For this reason, connman is instructed to "forget" this boot interface and
/etc/resolv.conf is generated by the initrd script (from /proc/net/pnp).
This patch removes the previously set SMACK label 'System' so file has label _,
which makes it readable by any process.
Bug-AGL: SPEC-2640
Change-Id: I13704827434a795aab2264755dc01ec796be8847
Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
|
|
When using netboot, the initrd script mounts /tmp and /run before pivoting on
the new rootfs and then running systemd. As a consequence, systemd doesn't try
to remount /tmp or /run (and the correct smack labels are not applied on /tmp
and /run, leading to many issues).
This patch unmounts /tmp and /run just before running systemd which will
then mount them with correct labels.
Bug-AGL: SPEC-2596
Change-Id: I4cd7b67f04c232a6e48c777fb5fefa6c46f6744a
Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
|
|
Add a new cmdline argument using option 'nbd.v3' that could be parsed by the initrd
script used for netboot.
Bug-AGL: SPEC-1423
Change-Id: I1cd189c343672631feda5bcee2e393eb46b9d000
Signed-off-by: Ronan Le Martret <ronan.lemartret@iot.bzh>
|
|
Change-Id: I5867a08162b1d9405c769c25d066c2d1e813bca8
Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
|
|
Change-Id: I7486c7b785673f0833409267f52db5c09663fcba
Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
|
|
To enable the build of network bootable images, the following line must be
added to conf/local.conf:
INHERIT += "netboot"
This layer contains recipes for the following components:
* busybox: activate the built-in NBD client
* initramfs-netboot: contains the init script started by the kernel,
responsible for mounting the remote root filesystem then pivoting and
exec'ing systemd
* initramfs-netboot-image: image to specify for building the initrd
More details are available in meta-netboot/README.
Bug-AGL: SPEC-175
Change-Id: Id2328dd9233d238cde77311e64e58344be244988
Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
|