subtree updates

meta-openembedded: 0e3f5e5201..491b7592f4:
  Alexander Kanavin (1):
        libadwaita: move recipe to oe-core

  Andrej Valek (1):
        cve_check: convert CVE_CHECK_IGNORE to CVE_STATUS

  Archana Polampalli (1):
        yasm: fix CVE-2023-31975

  Chase Qi (1):
        meta-python: add python3-telnetlib3 package

  Chen Qi (3):
        iperf3: remove incorrect CVE_PRODUCT setting
        open-vm-tools: add CVE_PRODUCT
        grpc: fix CVE-2023-32732

  Chi Xu (1):
        lapack: Add ptest support

  Chris Dimich (1):
        image_types_sparse: Fix syntax error

  Christian Hohnstaedt (1):
        android-tools: fix QA warning about buildpaths

  Christophe Vu-Brugier (2):
        libnvme: add recipe
        nvme-cli: upgrade 1.13 -> 2.5

  Etienne Cordonnier (1):
        uutils-coreutils: upgrade 0.0.19 -> 0.0.20

  Gianfranco Costamagna (3):
        vbxguestdrivers: upgrade 7.0.8 -> 7.0.10
        dlt-daemon: Add patch to fix build with googletest 1.13
        gpsd: make sure gps-utils-python runtime-depends on python3-pyserial

  JD Schroeder (2):
        radvd: Fix groupname gid change warning
        cyrus-sasl: Fix groupname gid change warning

  Jan Vermaete (1):
        openh264: version bump 2.1.1 -> 2.3.1

  Jasper Orschulko (1):
        yaml-cpp: Fix cmake export

  Khem Raj (9):
        openwsman: Link with -lm to get floor() definition
        portaudio-v19: Update to latest tip of trunk
        python3-pyaudio: Fix cross builds
        poco: Fix ptests
        pcmciautils: Pass LD=CC via Make cmdline
        ply: Pass LD via environment to configure
        sip: upgrade 6.7.10 -> 6.7.11
        nodejs: Upgrade to 18.17.0
        python3-m2crypto: Remove __pycache__ files

  Marek Vasut (1):
        libiio: update to version 0.25

  Markus Volk (9):
        pipewire: update 0.3.73 -> 0.3.75
        libcamera: update 0.0.5 -> 0.1.0
        webkitgtk3: add recipe
        geary: update 43.0 -> 44.0
        webkitgtk3: upgrade 2.40.2 -> 2.40.5
        fuse3: update 3.14.1 -> 3.15.1
        pipewire: update 0.3.75 -> 0.3.77
        pipewire: add support for liblc3
        gnome-software: update 44.3 -> 44.4

  Martin Jansa (4):
        libtommath: add recipe for LibTomMath used by dropbear
        libtomcrypt: backport a fix for CVE-2019-17362
        libtomcrypt: add PACKAGECONFIG for ltm enabled by default
        dlm: Do not use -fcf-protection=full on aarch64 platforms

  Michael Opdenacker (7):
        remove unused AUTHOR variable
        remove unused AUTHOR variable
        remove unused AUTHOR variable
        remove unused AUTHOR variable
        remove unused AUTHOR variable
        remove unused AUTHOR variable
        meta-python: Remove unused AUTHOR variable

  Mingli Yu (2):
        dracut: Remove busybox from RRECOMMENDS
        mariadb: Upgrade to 10.11.4

  Nicolas Marguet (2):
        rsyslog: update from 8.2302.0 to 8.2306.0
        rsyslog: Fix function inline errors in debug optimization

  Peter Marko (1):
        cve_check: fix conversion errors

  Ramon Fried (1):
        bitwise: Upgrade 0.43 -> 0.50

  Ross Burton (1):
        cherokee: add CVE_PRODUCT

  Tim Orling (1):
        libmodule-build-tiny-perl: upgrade 0.045 -> 0.046

  Trevor Gamblin (31):
        python3-django: upgrade 4.2.2 -> 4.2.3
        python3-ipython: upgrade 8.12.0 -> 8.14.0
        python3-awesomeversion: upgrade 22.9.0 -> 23.5.0
        python3-binwalk: upgrade 2.3.3 -> 2.3.4
        python3-bitstring: upgrade 3.1.9 -> 4.0.2
        python3-bitstring: add python3-io to RDEPENDS, alphabetize
        python3-blinker: upgrade 1.5 -> 1.6.2
        python3-blinker: add python3-asyncio to RDEPENDS
        python3-execnet: upgrade 1.9.0 -> 2.0.2
        python3-flask: upgrade 2.2.3 -> 2.3.2
        python3-flask: add python3-blinker to RDEPENDS, alphabetize
        python3-greenstalk: upgrade 2.0.0 -> 2.0.2
        python3-humanize: upgrade 4.4.0 -> 4.7.0
        python3-versioneer: add recipe
        python3-parse: upgrade 1.19.0 -> 1.19.1
        python3-pandas: upgrade 1.5.3 -> 2.0.3
        python3-pyperf: upgrade 2.5.0 -> 2.6.1
        python3-rdflib: upgrade 6.2.0 -> 6.3.2
        python3-semver: upgrade 2.13.0 -> 3.0.1
        python3-send2trash: upgrade 1.8.0 -> 1.8.2
        python3-sh: upgrade 1.14.3 -> 2.0.4
        python3-snagboot: upgrade 1.0 -> 1.1
        python3-werkzeug: upgrade 2.2.3 -> 2.3.6
        python3-beautifulsoup4: upgrade 4.11.1 -> 4.12.2
        python3-fastjsonschema: upgrade 2.16.3 -> 2.18.0
        python3-jsonpatch: upgrade 1.32 -> 1.33
        python3-m2crypto: upgrade 0.38.0 -> 0.39.0
        python3-matplotlib: upgrade 3.6.3 -> 3.7.2
        python3-pyaudio: upgrade 0.2.11 -> 0.2.13
        python3-pybind11: upgrade 2.10.3 -> 2.11.1
        python3-sqlparse: upgrade 0.4.3 -> 0.4.4

  Vivien Didelot (1):
        libcamera: bump to latest master

  Wang Mingyu (83):
        c-periphery: upgrade 2.4.1 -> 2.4.2
        ctags: upgrade 6.0.20230611.0 -> 6.0.20230716.0
        gensio: upgrade 2.6.6 -> 2.6.7
        gnome-commander: upgrade 1.16.0 -> 1.16.1
        hiredis: upgrade 1.1.0 -> 1.2.0
        iperf3: upgrade 3.13 -> 3.14
        iwd: upgrade 2.6 -> 2.7
        libbytesize: upgrade 2.8 -> 2.9
        libinih: upgrade 56 -> 57
        libnftnl: upgrade 1.2.5 -> 1.2.6
        lvgl: upgrade 8.3.7 -> 8.3.8
        bats: upgrade 1.9.0 -> 1.10.0
        function2: upgrade 4.2.2 -> 4.2.3
        lmdb: upgrade 0.9.29 -> 0.9.31
        redis: upgrade 6.2.12 -> 6.2.13
        ser2net: upgrade 4.3.12 -> 4.3.13
        python3-obd: upgrade 0.7.1 -> 0.7.2
        python3-path: upgrade 16.6.0 -> 16.7.1
        nginx: upgrade 1.24.0 -> 1.25.1
        php: upgrade 8.2.7 -> 8.2.8
        python3-charset-normalizer: upgrade 3.1.0 -> 3.2.0
        python3-click: upgrade 8.1.3 -> 8.1.5
        python3-dnspython: upgrade 2.3.0 -> 2.4.0
        python3-engineio: upgrade 4.4.1 -> 4.5.1
        python3-eth-utils: upgrade 2.1.1 -> 2.2.0
        python3-frozenlist: upgrade 1.3.3 -> 1.4.0
        python3-gevent: upgrade 22.10.2 -> 23.7.0
        python3-google-api-python-client: upgrade 2.92.0 -> 2.93.0
        python3-google-auth: upgrade 2.21.0 -> 2.22.0
        python3-mock: upgrade 5.0.2 -> 5.1.0
        python3-platformdirs: upgrade 3.8.0 -> 3.9.1
        python3-protobuf: upgrade 4.23.3 -> 4.23.4
        python3-pymisp: upgrade 2.4.172 -> 2.4.173
        python3-pymongo: upgrade 4.4.0 -> 4.4.1
        python3-tox: upgrade 4.6.3 -> 4.6.4
        python3-virtualenv: upgrade 20.23.1 -> 20.24.0
        python3-zeroconf: upgrade 0.70.0 -> 0.71.0
        redis-plus-plus: upgrade 1.3.9 -> 1.3.10
        redis: upgrade 7.0.11 -> 7.0.12
        smemstat: upgrade 0.02.11 -> 0.02.12
        tesseract: upgrade 5.3.1 -> 5.3.2
        weechat: upgrade 4.0.1 -> 4.0.2
        wireshark: upgrade 4.0.6 -> 4.0.7
        xterm: upgrade 383 -> 384
        lastlog2: add new recipe
        wtmpdb: add new recipe
        babeld: upgrade 1.12.2 -> 1.13.1
        ctags: upgrade 6.0.20230716.0 -> 6.0.20230730.0
        gspell: upgrade 1.12.1 -> 1.12.2
        libcompress-raw-bzip2-perl: upgrade 2.204 -> 2.206
        libcompress-raw-lzma-perl: upgrade 2.204 -> 2.206
        libcompress-raw-zlib-perl: upgrade 2.204 -> 2.206
        libio-compress-lzma-perl: upgrade 2.204 -> 2.206
        libio-compress-perl: upgrade 2.204 -> 2.206
        libqb: upgrade 2.0.7 -> 2.0.8
        logcheck: upgrade 1.4.2 -> 1.4.3
        mdio-tools,mdio-netlink: Upgrade recipes to 1.3.0
        python3-dill: upgrade 0.3.6 -> 0.3.7
        python3-gunicorn: upgrade 20.1.0 -> 21.2.0
        python3-web3: upgrade 6.3.0 -> 6.7.0
        python3-aiohttp: upgrade 3.8.4 -> 3.8.5
        python3-bitarray: upgrade 2.7.6 -> 2.8.0
        python3-click: upgrade 8.1.5 -> 8.1.6
        python3-cmake: upgrade 3.26.4 -> 3.27.0
        python3-configargparse: upgrade 1.5.5 -> 1.7
        python3-cytoolz: upgrade 0.12.1 -> 0.12.2
        python3-dnspython: upgrade 2.4.0 -> 2.4.1
        python3-elementpath: upgrade 4.1.4 -> 4.1.5
        python3-flask-socketio: upgrade 5.3.4 -> 5.3.5
        python3-gnupg: upgrade 0.5.0 -> 0.5.1
        python3-google-api-python-client: upgrade 2.93.0 -> 2.95.0
        python3-grpcio: upgrade 1.56.0 -> 1.56.2
        python3-jedi: upgrade 0.18.2 -> 0.19.0
        python3-marshmallow: upgrade 3.19.0 -> 3.20.1
        python3-portion: upgrade 2.4.0 -> 2.4.1
        python3-pymodbus: upgrade 3.3.2 -> 3.4.1
        python3-robotframework: upgrade 6.1 -> 6.1.1
        python3-tomlkit: upgrade 0.11.8 -> 0.12.1
        python3-typeguard: upgrade 4.0.0 -> 4.1.0
        python3-virtualenv: upgrade 20.24.0 -> 20.24.2
        python3-zeroconf: upgrade 0.71.0 -> 0.71.4
        rdma-core: upgrade 46.0 -> 47.0
        sip: upgrade 6.7.9 -> 6.7.10

  Willy Tu (1):
        mstpd: Add initial recipe for mstpd

  Yi Zhao (4):
        samba: upgrade 4.18.4 -> 4.18.5
        libnfnetlink: enable native build
        libnetfilter-queue: enable native build
        daq: enable nfq module build

meta-raspberrypi: e3f733cadd..5e2f79a6fa:
  Jan Vermaete (2):
        kas-poky-rpi.yml: renamed ABORT to HALT
        rpi-base.inc: add the disable-wifi overlay

  Khem Raj (1):
        rpi-base: Remove customizing SPLASH var

  Martin Jansa (1):
        libcamera: update PACKAGECONFIG for libcamera-0.1.0

  Vincent Davis Jr (1):
        rpidistro-vlc: fix error uint64_t does not name

  Vivien Didelot (10):
        rpi-libcamera-apps: fix Illegal Instruction
        rpi-libcamera-apps: add opencv build dependency
        rpi-libcamera-apps: add drm support
        rpi-libcamera-apps: replace tensorflow config
        rpi-libcamera-apps: don't force COMPATIBLE_MACHINE
        rpi-libcamera-apps: rename to libcamera-apps
        libcamera-apps: move recipe to dynamic-layers
        libcamera-apps: bump to 3d9ac10
        libcamera-apps: switch from CMake to meson
        libcamera-apps: bump to latest main

meta-arm: b4d50a273d..992c07f7c0:
  Abdellatif El Khlifi (2):
        arm-bsp/trusted-firmware-a: corstone1000: psci: SMCCC_ARCH_FEATURES discovery through PSCI_FEATURES
        arm-bsp/u-boot: corstone1000: upgrade to v2023.07

  Adam Johnston (1):
        arm-bsp/trusted-firmware-a: Reserve OP-TEE memory from NWd on N1SDP

  Emekcan Aras (1):
        arm-bsp/u-boot: corstone1000: increase the kernel size

  Jon Mason (9):
        CI: add defaults for get-binary-toolchains
        CI: workaround 32bit timer warning in binary toolchain
        arm-bsp/corstone1000: update u-boot preferred version
        arm-toolchain/gcc-aarch64-none-elf: upgrade to 12.3.rel1
        arm/edk2: move 202211 recipe to meta-arm-bsp
        arm-bsp: clean-up patch noise
        arm/optee-test: update musl workaround patch
        arm-bsp/tc1: remove trusted-firmware-m target
        arm/trusted-firmware-m: upgrade to v1.8.0

  Robbie Cao (1):
        arm/recipes-kernel: Add preempt-rt support for generic-arm64

  Ross Burton (5):
        arm-toolchain/androidclang: remove
        arm-toolchain/arm-binary-toolchain: install to a versioned directory
        arm-toolchain/gcc-arm-none-eabi-11.2: add new recipe
        arm/trusted-firmware-m: explicitly use Arm GCC 11.2
        arm-toolchain/gcc-arm-none-eabi: upgrade to 12.3.rel1

  Ziad Elhanafy (1):
        arm/recipes-devtools,doc: Update FVP version

poky: b398c7653e..71282bbc53:
  Alex Kiernan (3):
        base-passwd: Add the sgx group
        udev: eudev: Revert add group to sgx
        poky/poky-tiny: Explicitly exclude `shadow`

  Alexander Kanavin (25):
        meta: add missing summaries for image recipes
        insane.bbclass: add do_recipe_qa task
        devtool: do not run recipe_qa task when extracting source
        insane.bbclass: add a SUMMARY/HOMEPAGE check (oe-core recipes only)
        insane.bbclass: add a RECIPE_MAINTAINER check (oe-core recipes only)
        librsvg: fix upstream version check
        acpica: tarball and homepage relocated to intel.com
        gnu-efi: upgrade 3.0.15 -> 3.0.17
        gettext-minimal-native: obtain the needed files directly from gettext source tarball
        kbd: upgrade 2.6.0 -> 2.6.1
        systemd: upgrade 253.3 -> 253.7
        jquery: upgrade 3.6.3 -> 3.7.0
        strace: upgrade 6.3 -> 6.4
        sudo: update 1.9.13p3 -> 1.9.14p2
        libadwaita: add recipe from meta-gnome
        epiphany: upgrade 43.1 -> 44.5
        glibc-locale: use stricter matching for metapackages' runtime dependencies
        uninative-tarball: install the full set of gconv modules
        buildtools-extended-tarball: install the full set of gconv modules
        procps: address failure with gettext 0.22
        util-linux: upgrade 2.38.1 -> 2.39.1
        ref-manual: document image-specific variant of INCOMPATIBLE_LICENSE
        devtool/upgrade: raise an error if extracting source produces more than one directory
        scripts/lib/scriptutils.py: add recipe_qa artifacts to exclusion list in filter_src_subdirs()
        curl: ensure all ptest failures are caught

  Alexandre Belloni (2):
        base-files: bump PR because conf files are now sorted
        wic: bootimg-efi: Stop hardcoding VMA offsets

  Alexis Lothoré (3):
        scripts/resulttool: add mention about new detected tests
        scripts/resulttool: allow to replace test raw status with custom string
        scripts/resulttool: define custom string for "not found" test results

  Andrej Valek (2):
        maintainers.inc: Modify email address
        ref-manual: document CVE_STATUS and CVE_CHECK_STATUSMAP

  Anuj Mittal (4):
        glibc/check-test-wrapper: don't emit warnings from ssh
        selftest/cases/glibc.py: increase the memory for testing
        oeqa/utils/nfs: allow requesting non-udp ports
        selftest/cases/glibc.py: switch to using NFS over TCP

  BELOUARGA Mohamed (3):
        linux-firmware : Add firmware of RTL8822 serie
        bitbake: bitbake: fetch2/npmsw: Check if there are dependencies before trying to fetch them
        bitbake: fetch2: Check if path is 'None' before calculating checksums

  Bruce Ashfield (11):
        kernel: make LOCALVERSION consistent between recipes
        linux-yocto/6.4: fix CONFIG_LEDS_TRIGGER_GPIO kernel audit warning
        linux-yocto/6.4: update to v6.4.6
        linux-yocto/6.1: update to v6.1.41
        linux-yocto/6.4: update to v6.4.7
        linux-yocto-dev: bump to v6.5+
        linux-yocto/6.4: update to v6.4.8
        linux-yocto/6.1: update to v6.1.43
        linux-yocto/6.4: update to v6.4.9
        linux-yocto/6.4: fix qemuarm boot failure
        linux-yocto-tiny/6.4: fix HID configuration warning

  Chen Qi (4):
        ncurses: fix CVE-2023-29491
        multilib.conf: explicitly make MULTILIB_VARIANTS vardeps on MULTILIBS
        gcc-crosssdk: ignore MULTILIB_VARIANTS in signature computation
        openssh: sync with upstream's default

  Christopher Larson (6):
        bitbake: tests.data: add test for inline python calling a def'd function
        bitbake: tests.codeparser: add test for exec of builtin from inline python
        bitbake: data_smart: check for python builtins directly for context lookup
        bitbake: tests.data: add test for builtin preferred over metadata value
        bitbake: data_smart: directly check for methodpool functions in context lookup
        bitbake: bb.tests.data: don't require the func flag for context functions

  Denis OSTERLAND-HEIM (1):
        kernel-fitImage: add machine compatible to config section

  Dit Kozmaj (1):
        bitbake: fetch2: Set maxsplit to match expected variables

  Dmitry Baryshkov (5):
        kmscube: bump SRCREV to get offscreen rendering to work
        linux-firmware: package firmare for Dragonboard 410c
        mesa: simplify overriding GALLIUMDRIVERS_LLVM
        mesa: enable swrast Vulkan driver if LLVM drivers are enabled
        linux-firmware: split platform-specific Adreno shaders to separate packages

  Frederic Martinsons (4):
        ptest-cargo.bbclass: Support of cargo workspaces
        cargo.bbclass: Use --frozen flag for cargo operations
        cargo_common.bbclass: Handle Cargo.lock modifications for git dependencies
        rust-hello-world: Drop recipe

  Jean-Marie Lemetayer (1):
        package: always sort the conffiles

  Joel Stanley (1):
        kernel: don't fail if Modules.symvers doesn't exist

  Jose Quaresma (1):
        systemd: fix efi stubs

  Joshua Watt (1):
        bitbake: contrib: vim: Fix up a few errors when reloading

  Julien Stephan (1):
        libexif: add ptest support

  Khem Raj (16):
        nfs-utils: Fix host path contamination building locktest
        ltp: Use bfd linker when lld is distro linker default
        ffmpeg: Use bfd linker on i386 when lld is distro linker default
        ltp: Use bfd linker for KVM_LD as well when ld-is-lld
        autoconf: Backport upstreamed patches
        Revert "site: merged common-glibc from OE"
        x32-linux: Do not cache ac_cv_sys_file_offset_bits
        gcc: Upgrade to 13.2 release
        gnu-efi: Fix build break on riscv64
        ffmpeg: Fix wrong code found with gas/2.41
        systemd: Point to target binary paths for loadkeys and setfont
        systemd: Make 254 work on musl
        musl: Upgrade to tip of trunk
        binutils: Upgrade to 2.41 release
        systemd-boot: Ensure EFI_LD is also passed to compiler driver
        pm-utils: Do not require GNU grep at runtime

  Lee Chee Yang (2):
        migration-guides: add release notes for 4.0.11
        migration-guides: add release notes for 4.2.2

  Luca Boccassi (2):
        systemd: update to v254
        systemd: add usrmerge to REQUIRED_DISTRO_FEATURES

  Marek Vasut (1):
        linux-firmware: Fix mediatek mt7601u firmware path

  Mark Hatle (1):
        tcf-agent: Update to 1.8.0 release

  Markus Volk (4):
        gcr3: remove recipe
        systemd: add a packageconfig to support colored logs
        webkitgtk: upgrade 2.40.2 -> 2.40.5
        epiphany: upgrade 44.5 -> 44.6

  Martin Jansa (3):
        patchelf: add 3 fixes to optimize and fix uninative
        alsa-utils: backport a fix to build with glibc-2.38
        efivar: drop -fuse-ld=bfd

  Michael Halstead (1):
        yocto-uninative: Update hashes for uninative 4.1

  Michael Opdenacker (4):
        ref-manual: releases.svg: updates
        ref-manual: LTS releases now supported for 4 years
        poky.conf: update SANITY_TESTED_DISTROS to match autobuilder
        recipes: remove unused AUTHOR variable

  Oleksandr Hnatiuk (2):
        file: return wrapper to fix builds when file is in buildtools-tarball
        file: fix the way path is written to environment-setup.d

  Ovidiu Panait (2):
        mdadm: add util-linux-blockdev ptest dependency
        mdadm: save ptest logs

  Peter Marko (4):
        cve-extra-exclusions: fix syntax error
        libarchive: ignore CVE-2023-30571
        cve-exclusion_6.1: correct typo in exclusion list name
        bluez5: correct CVE status of ignored CVEs

  Peter Suti (1):
        externalsrc: fix dependency chain issues

  Quentin Schulz (1):
        docs: sdk-manual: appendix-obtain: fix literal block content

  Richard Purdie (21):
        createrepo-c: Fix 32 bit architecture segfaults with 64 bit time
        build-appliance-image: Update to master head revision
        oeqa/target/ssh: Ensure EAGAIN doesn't truncate output
        createrepo-c: Update patch status
        oeqa/runtime/ltp: Increase ltp test output timeout
        oeqa/ltp: Show warning for non-zero exit codes
        ltp: Add kernel loopback module dependency
        target/ssh: Ensure exit code set for commands
        autoconf: Upgrade to 2.72c
        oeqa/ssh: Further improve process exit handling
        oeqa/selftest/rust: Round test execution time to integer
        qemuboot/runqemu: Fix 6.2 and later kernel network device naming
        bitbake: siggen: Improve runtaskdeps data to fix sstate debugging
        sstatesig: Update to match bitbake changes to runtaskdeps
        Revert "kea: upgrade to v2.5.0"
        selftest/reproducible: Update config to match ongoing changes
        gnupg: Fix reproducibility failure
        selftest: Ensure usrmerge is enabled with systemd
        conf/init-mamager-systemd: Add usrmerge to DISTRO_FEATURES
        bitbake.conf: Drop PE and PR from WORKDIR and STAMP
        qemuboot: Update hardcoded path to match new layout

  Robert Joslyn (2):
        curl: Update from 8.1.2 to 8.2.0
        curl: Refine ptest perl RDEPENDS

  Ross Burton (8):
        systemd: set correct paths for kdb binaries
        systemd: depend on util-linux's swapon/off
        linux-yocto: add script to generate kernel CVE_STATUS entries
        ghostscript: backport fix for CVE-2023-38559
        ghostscript: ignore CVE-2023-38560
        openssh: upgrade to 9.3p2
        librsvg: upgrade to 2.56.3
        linux-yocto: extract generic kernel CVE_STATUS

  Sakib Sajal (1):
        go: upgrade 1.20.6 -> 1.20.7

  Sudip Mukherjee (3):
        libgit2: upgrade to v1.7.0
        bind: upgrade to v9.18.17
        kea: upgrade to v2.5.0

  Tim Orling (10):
        python3-urllib3: upgrade 2.0.3 -> 2.0.4
        python3-hypothesis: upgrade 6.81.2 -> 6.82.0
        python3-pyyaml: upgrade 6.0 -> 6.0.1
        python_setuptools3_rust: inherit ...build_meta
        python3-sphinx: upgrade 7.0.1 -> 7.1.1
        python3-certifi: upgrade 2023.5.7 -> 2023.7.22
        python3-more-itertools: upgrade 9.1.0 -> 10.0.0
        python3-wheel: upgrade 0.40.0 -> 0.41.0
        python3-chardet: upgrade 5.1.0 -> 5.2.0
        python3-cryptography{-vectors}: upgrade -> 41.0.3

  Trevor Gamblin (7):
        python3-dtschema: upgrade 2023.4 -> 2023.6.1
        python3-dtc: add from meta-virtualization
        python3-dtschema: add python3-dtc to RDEPENDS
        nfs-utils: upgrade 2.6.2 -> 2.6.3
        iproute2: upgrade 6.3.0 -> 6.4.0
        git: upgrade 2.39.3 -> 2.41.0
        python3: add additional timing-related test skips

  Ulrich Ölmann (3):
        ref-manual: classes: kernel-fitimage: fix source of imagetype
        ref-manual: classes: kernel-fitimage: fix typos
        ref-manual: classes: kernel-fitimage: refine role of INITRAMFS_IMAGE_BUNDLE

  Yang Xu (2):
        oeqa/selftest/ssate: Add test for find_siginfo
        bitbake: server/process: fix sig handle

  Yash Shinde (5):
        rust: Fix BOOTSTRAP_CARGO failure during Rust Oe-selftest
        oeqa/selftest/rust: Add failed test cases to exclude list for Rust Oe-selftest
        oeqa/selftest/binutils: Add elapsed time for binutils test report.
        oeqa/selftest/gcc: Add elapsed time for gcc test report.
        oeqa/selftest/glibc: Add elapsed time for glibc test report.

  Yoann Congal (1):
        bitbake: fetch2/gitsm: Document that we won't support propagating user parameter

meta-security: 405cca4028..b9bc938785:
  Armin Kuster (21):
        bastille: bastille/config should not be world writeable.
        ossec-hids: Fix usermod
        python3-flask-script: add package
        python3-segno: add new package
        python3-privacyidea: fixup REDPENDS
        qemu: move qemu setting to image and out of layer.conf
        packagegroup-core-security: only include firejail x86-64 and arch64
        firejail: only allow x86-64 and arm64 to build
        python3-tpm2-pytss: add python tss2 support
        packagegroup: add python3-tpm2-pytss
        clamav: update SRC_URI
        scap-security-guide: refactor patches
        packagegroup-security-tpm2: add more pkgs
        scap-security-guide: enable ptest
        python3-yamlpath: Add new pkg
        python3-json2html: add new pkg
        python3-json2html: add new pkg
        meta-integrity: drop ima.cfg in favor of new k-cache
        sshguard: Update to 2.4.3
        meta-tpm linux-yocto-rt: Add the bbappend for rt kernel
        layer: add QA_WARNINGS to all layers

  Kai Kang (2):
        openscap: fix buildpaths issue
        sssd: 2.7.4 -> 2.9.1

  Kevin Hao (1):
        linux-yocto-rt: Add the bbappend for rt kernel

  Luke Granger-Brown (1):
        glome: update to tip

  Wurm, Stephan (1):
        dm-verity-image-initramfs: Allow compressed image types

Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Change-Id: Icf1ba0c270d53f4c3c3838d4305116e5d6f794de
diff --git a/meta-security/dynamic-layers/meta-perl/recipes-security/bastille/bastille_3.2.1.bb b/meta-security/dynamic-layers/meta-perl/recipes-security/bastille/bastille_3.2.1.bb
index e7852d9..f2ef335 100644
--- a/meta-security/dynamic-layers/meta-perl/recipes-security/bastille/bastille_3.2.1.bb
+++ b/meta-security/dynamic-layers/meta-perl/recipes-security/bastille/bastille_3.2.1.bb
@@ -138,7 +138,7 @@
 	install -m 0644 OSMap/OSX.bastille    ${D}${datadir}/Bastille/OSMap
 	install -m 0644 OSMap/OSX.system    ${D}${datadir}/Bastille/OSMap
 
-	install -m 0777 ${WORKDIR}/config ${D}${sysconfdir}/Bastille/config
+	install -m 0644 ${WORKDIR}/config ${D}${sysconfdir}/Bastille/config
 
 	for file in `cat Modules.txt` ; do
 		install -m 0644 Questions/$file.txt ${D}${datadir}/Bastille/Questions
diff --git a/meta-security/dynamic-layers/meta-python/recipes-devtools/python/python3-flask-script_2.0.6.bb b/meta-security/dynamic-layers/meta-python/recipes-devtools/python/python3-flask-script_2.0.6.bb
new file mode 100644
index 0000000..377ad02
--- /dev/null
+++ b/meta-security/dynamic-layers/meta-python/recipes-devtools/python/python3-flask-script_2.0.6.bb
@@ -0,0 +1,14 @@
+DESCRIPTION = "Scripting support for flask"
+LICENSE = "BSD-3-Clause"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=e686048adb69341fc8a08caeda528b41"
+
+SRC_URI[md5sum] = "3fbd91fe13cebedfb2431331f6eabb68"
+SRC_URI[sha256sum] = "6425963d91054cfcc185807141c7314a9c5ad46325911bd24dcb489bd0161c65"
+
+PYPI_PACKAGE = "Flask-Script"
+
+inherit pypi setuptools3
+
+RDEPENDS:${PN} += "\
+    ${PYTHON_PN}-flask \
+    "
diff --git a/meta-security/dynamic-layers/meta-python/recipes-devtools/python/python3-json2html_1.3.0.bb b/meta-security/dynamic-layers/meta-python/recipes-devtools/python/python3-json2html_1.3.0.bb
new file mode 100644
index 0000000..638c56f
--- /dev/null
+++ b/meta-security/dynamic-layers/meta-python/recipes-devtools/python/python3-json2html_1.3.0.bb
@@ -0,0 +1,9 @@
+DESCRIPTION="Python wrapper to convert JSON into a human readable HTML Table representation."
+LICENSE = "MIT"
+LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=8065590663ea0c10aa131841ea806767"
+
+SRC_URI[sha256sum] = "8951a53662ae9cfd812685facdba693fc950ffc1c1fd1a8a2d3cf4c34600689c"
+
+PYPI_PACKAGE = "json2html"
+
+inherit pypi setuptools3
diff --git a/meta-security/dynamic-layers/meta-python/recipes-devtools/python/python3-segno_1.5.2.bb b/meta-security/dynamic-layers/meta-python/recipes-devtools/python/python3-segno_1.5.2.bb
new file mode 100644
index 0000000..f8a6552
--- /dev/null
+++ b/meta-security/dynamic-layers/meta-python/recipes-devtools/python/python3-segno_1.5.2.bb
@@ -0,0 +1,9 @@
+DESCRIPTION = "QR Code and Micro QR Code generator for Python 2 and Python 3"
+LICENSE = "BSD-3-Clause"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=8e8db3765a57bcb968140e0a353c1a35"
+
+SRC_URI[sha256sum] = "983424b296e62189d70fc73460cd946cf56dcbe82b9bda18c066fc1b24371cdc"
+
+#PYPI_PACKAGE = "Flask-Script"
+
+inherit pypi setuptools3
diff --git a/meta-security/dynamic-layers/meta-python/recipes-devtools/python/python3-xmldiff_2.6.3.bb b/meta-security/dynamic-layers/meta-python/recipes-devtools/python/python3-xmldiff_2.6.3.bb
new file mode 100644
index 0000000..517ed87
--- /dev/null
+++ b/meta-security/dynamic-layers/meta-python/recipes-devtools/python/python3-xmldiff_2.6.3.bb
@@ -0,0 +1,9 @@
+DESCRIPTION="Creates diffs of XML files"
+LICENSE = "MIT"
+LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=0d0e9e3949e163c3edd1e097b8b0ed62"
+
+SRC_URI[sha256sum] = "19b030b3fa37d1f0b5c5ad9ada9059884c3bf2c751c5dd8f1eb4ed49cfe3fc60"
+
+PYPI_PACKAGE = "xmldiff"
+
+inherit pypi setuptools3
diff --git a/meta-security/dynamic-layers/meta-python/recipes-devtools/python/python3-yamlpath_3.8.0.bb b/meta-security/dynamic-layers/meta-python/recipes-devtools/python/python3-yamlpath_3.8.0.bb
new file mode 100644
index 0000000..5d88951
--- /dev/null
+++ b/meta-security/dynamic-layers/meta-python/recipes-devtools/python/python3-yamlpath_3.8.0.bb
@@ -0,0 +1,9 @@
+DESCRIPTION="YAML Path and Command-Line Tools"
+LICENSE = "ISC"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=5abda174c5040dd12ed2b225e3a096f0"
+
+SRC_URI[sha256sum] = "81d5b8baba60c255b519ccd31a691f9bc064223ff196709d41119bde81bba49e"
+
+PYPI_PACKAGE = "yamlpath"
+
+inherit pypi setuptools3
diff --git a/meta-security/dynamic-layers/meta-python/recipes-security/mfa/python3-privacyidea_3.8.1.bb b/meta-security/dynamic-layers/meta-python/recipes-security/mfa/python3-privacyidea_3.8.1.bb
index 8bb88f1..aa7bafa 100644
--- a/meta-security/dynamic-layers/meta-python/recipes-security/mfa/python3-privacyidea_3.8.1.bb
+++ b/meta-security/dynamic-layers/meta-python/recipes-security/mfa/python3-privacyidea_3.8.1.bb
@@ -21,8 +21,7 @@
 
 FILES:${PN} += " ${prefix}/etc/privacyidea/* ${prefix}/lib/privacyidea/*"
 
-RDEPENDS:${PN} += " bash perl freeradius-mysql freeradius-utils"
-
+RDEPENDS:${PN} = " bash perl freeradius-mysql freeradius-utils"
 RDEPENDS:${PN} += "python3 python3-alembic python3-babel python3-bcrypt"
 RDEPENDS:${PN} += "python3-beautifulsoup4 python3-cbor2 python3-certifi python3-cffi python3-chardet"
 RDEPENDS:${PN} += "python3-click python3-configobj python3-croniter python3-cryptography python3-defusedxml"
@@ -34,5 +33,5 @@
 RDEPENDS:${PN} += "python3-pyasn1 python3-pyasn1-modules python3-pycparser python3-pyjwt python3-pymysql"
 RDEPENDS:${PN} += "python3-pyopenssl python3-pyrad python3-dateutil python3-editor python3-gnupg"
 RDEPENDS:${PN} += "python3-pytz python3-pyyaml python3-qrcode python3-redis python3-requests python3-rsa"
-RDEPENDS:${PN} += "python3-six python3-smpplib python3-soupsieve python3-soupsieve "
-RDEPENDS:${PN} += "python3-sqlalchemy python3-sqlsoup python3-urllib3 python3-werkzeug"
+RDEPENDS:${PN} += "python3-smpplib python3-soupsieve python3-segno python3-importlib-metadata"
+RDEPENDS:${PN} += "python3-sqlalchemy python3-urllib3 python3-werkzeug"
diff --git a/meta-security/dynamic-layers/networking-layer/recipes-security/sssd/files/0001-sssctl-add-error-analyzer.patch b/meta-security/dynamic-layers/networking-layer/recipes-security/sssd/files/0001-sssctl-add-error-analyzer.patch
new file mode 100644
index 0000000..6880405
--- /dev/null
+++ b/meta-security/dynamic-layers/networking-layer/recipes-security/sssd/files/0001-sssctl-add-error-analyzer.patch
@@ -0,0 +1,318 @@
+Backport patch to fix interpreter of sss_analyze.
+
+Upstream-Status: Backport [https://github.com/SSSD/sssd/commit/ed3726c]
+
+Signed-off-by: Kai Kang <kai.kang@windriver.com>
+
+From ed3726c37fe07aab788404bfa2f9003db15f4210 Mon Sep 17 00:00:00 2001
+From: roy214 <abroy@redhat.com>
+Date: Tue, 25 Apr 2023 20:01:24 +0530
+Subject: [PATCH] sssctl: add error analyzer
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Also removing unused variable and import.
+
+Reviewed-by: Justin Stephenson <jstephen@redhat.com>
+Reviewed-by: Tomáš Halman <thalman@redhat.com>
+---
+ src/tools/analyzer/Makefile.am        |  2 +
+ src/tools/analyzer/modules/error.py   | 61 +++++++++++++++++++++++++++
+ src/tools/analyzer/modules/request.py | 54 +++++-------------------
+ src/tools/analyzer/sss_analyze        |  2 +-
+ src/tools/analyzer/sss_analyze.py     |  3 ++
+ src/tools/analyzer/util.py            | 44 +++++++++++++++++++
+ 6 files changed, 121 insertions(+), 45 deletions(-)
+ create mode 100644 src/tools/analyzer/modules/error.py
+ create mode 100644 src/tools/analyzer/util.py
+
+diff --git a/src/tools/analyzer/Makefile.am b/src/tools/analyzer/Makefile.am
+index b40043d043..7692af8528 100644
+--- a/src/tools/analyzer/Makefile.am
++++ b/src/tools/analyzer/Makefile.am
+@@ -13,10 +13,12 @@ dist_pkgpython_DATA = \
+     source_reader.py \
+     parser.py \
+     sss_analyze.py \
++    util.py \
+     $(NULL)
+ 
+ modulesdir = $(pkgpythondir)/modules
+ dist_modules_DATA = \
+     modules/__init__.py \
+     modules/request.py \
++    modules/error.py \
+     $(NULL)
+diff --git a/src/tools/analyzer/modules/error.py b/src/tools/analyzer/modules/error.py
+new file mode 100644
+index 0000000000..71173670c5
+--- /dev/null
++++ b/src/tools/analyzer/modules/error.py
+@@ -0,0 +1,61 @@
++from sssd import util
++from sssd.parser import SubparsersAction
++from sssd import sss_analyze
++
++class ErrorAnalyzer:
++    """
++    An error analyzer module, list if there is any error reported by sssd_be
++    """
++    module_parser = None
++    print_opts = []
++
++    def print_module_help(self, args):
++        """
++        Print the module parser help output
++
++        Args:
++            args (Namespace): argparse parsed arguments
++        """
++        self.module_parser.print_help()
++
++    def setup_args(self, parser_grp, cli):
++        """
++        Setup module parser, subcommands, and options
++
++        Args:
++            parser_grp (argparse.Action): Parser group to nest
++               module and subcommands under
++        """
++        desc = "Analyze error check module"
++        self.module_parser = parser_grp.add_parser('error',
++                                                   description=desc,
++                                                   help='Error checker')
++
++        subparser = self.module_parser.add_subparsers(title=None,
++                                                      dest='subparser',
++                                                      action=SubparsersAction,
++                                                      metavar='COMMANDS')
++
++        subcmd_grp = subparser.add_parser_group('Operation Modes')
++        cli.add_subcommand(subcmd_grp, 'list', 'Print error messages found in backend',
++                           self.print_error, self.print_opts)
++
++        self.module_parser.set_defaults(func=self.print_module_help)
++
++        return self.module_parser
++
++    def print_error(self, args):
++        err = 0
++        utl = util.Utils()
++        source = utl.load(args)
++        component = source.Component.BE
++        source.set_component(component, False)
++        patterns = ['sdap_async_sys_connect request failed', 'terminated by own WATCHDOG',
++            'ldap_sasl_interactive_bind_s failed', 'Communication with KDC timed out', 'SSSD is offline', 'Backend is offline',
++            'tsig verify failure', 'ldap_install_tls failed', 's2n exop request failed']
++        for line in utl.matched_line(source, patterns):
++            err +=1
++            print(line)
++        if err > 0:
++            print("For possible solutions please refer to https://sssd.io/troubleshooting/errors.html")
++        return
+diff --git a/src/tools/analyzer/modules/request.py b/src/tools/analyzer/modules/request.py
+index d661dddb84..e4d5f060c7 100644
+--- a/src/tools/analyzer/modules/request.py
++++ b/src/tools/analyzer/modules/request.py
+@@ -1,6 +1,6 @@
+ import re
+ import logging
+-
++from sssd import util
+ from sssd.parser import SubparsersAction
+ from sssd.parser import Option
+ 
+@@ -38,7 +38,6 @@ def print_module_help(self, args):
+     def setup_args(self, parser_grp, cli):
+         """
+         Setup module parser, subcommands, and options
+-
+         Args:
+             parser_grp (argparse.Action): Parser group to nest
+                module and subcommands under
+@@ -63,42 +62,6 @@ def setup_args(self, parser_grp, cli):
+ 
+         return self.module_parser
+ 
+-    def load(self, args):
+-        """
+-        Load the appropriate source reader.
+-
+-        Args:
+-            args (Namespace): argparse parsed arguments
+-
+-        Returns:
+-            Instantiated source object
+-        """
+-        if args.source == "journald":
+-            from sssd.source_journald import Journald
+-            source = Journald()
+-        else:
+-            from sssd.source_files import Files
+-            source = Files(args.logdir)
+-        return source
+-
+-    def matched_line(self, source, patterns):
+-        """
+-        Yield lines which match any number of patterns (OR) in
+-        provided patterns list.
+-
+-        Args:
+-            source (Reader): source Reader object
+-        Yields:
+-            lines matching the provided pattern(s)
+-        """
+-        for line in source:
+-            for pattern in patterns:
+-                re_obj = re.compile(pattern)
+-                if re_obj.search(line):
+-                    if line.startswith('   *  '):
+-                        continue
+-                    yield line
+-
+     def get_linked_ids(self, source, pattern, regex):
+         """
+         Retrieve list of associated REQ_TRACE ids. Filter
+@@ -114,8 +77,9 @@ def get_linked_ids(self, source, pattern, regex):
+         Returns:
+             List of linked ids discovered
+         """
++        utl = util.Utils()
+         linked_ids = []
+-        for match in self.matched_line(source, pattern):
++        for match in utl.matched_line(source, pattern):
+             id_re = re.compile(regex)
+             match = id_re.search(match)
+             if match:
+@@ -250,7 +214,8 @@ def list_requests(self, args):
+         Args:
+             args (Namespace):  populated argparse namespace
+         """
+-        source = self.load(args)
++        utl = util.Utils()
++        source = utl.load(args)
+         component = source.Component.NSS
+         resp = "nss"
+         # Log messages matching the following regex patterns contain
+@@ -266,7 +231,7 @@ def list_requests(self, args):
+         if args.verbose:
+             self.print_formatted_verbose(source)
+         else:
+-            for line in self.matched_line(source, patterns):
++            for line in utl.matched_line(source, patterns):
+                 if type(source).__name__ == 'Journald':
+                     print(line)
+                 else:
+@@ -279,7 +244,8 @@ def track_request(self, args):
+         Args:
+             args (Namespace):  populated argparse namespace
+         """
+-        source = self.load(args)
++        utl = util.Utils()
++        source = utl.load(args)
+         cid = args.cid
+         resp_results = False
+         be_results = False
+@@ -294,7 +260,7 @@ def track_request(self, args):
+         logger.info(f"******** Checking {resp} responder for Client ID"
+                     f" {cid} *******")
+         source.set_component(component, args.child)
+-        for match in self.matched_line(source, pattern):
++        for match in utl.matched_line(source, pattern):
+             resp_results = self.consume_line(match, source, args.merge)
+ 
+         logger.info(f"********* Checking Backend for Client ID {cid} ********")
+@@ -307,7 +273,7 @@ def track_request(self, args):
+         pattern.clear()
+         [pattern.append(f'\\{id}') for id in be_ids]
+ 
+-        for match in self.matched_line(source, pattern):
++        for match in utl.matched_line(source, pattern):
+             be_results = self.consume_line(match, source, args.merge)
+ 
+         if args.merge:
+diff --git a/src/tools/analyzer/sss_analyze b/src/tools/analyzer/sss_analyze
+index 3f1beaf38b..6d4b5b30c6 100755
+--- a/src/tools/analyzer/sss_analyze
++++ b/src/tools/analyzer/sss_analyze
+@@ -1,4 +1,4 @@
+-#!/usr/bin/env python
++#!/usr/bin/env python3
+ 
+ from sssd import sss_analyze
+ 
+diff --git a/src/tools/analyzer/sss_analyze.py b/src/tools/analyzer/sss_analyze.py
+index 18b998f380..dafc84fc03 100644
+--- a/src/tools/analyzer/sss_analyze.py
++++ b/src/tools/analyzer/sss_analyze.py
+@@ -1,6 +1,7 @@
+ import argparse
+ 
+ from sssd.modules import request
++from sssd.modules import error
+ from sssd.parser import SubparsersAction
+ 
+ 
+@@ -55,9 +56,11 @@ def load_modules(self, parser, parser_grp):
+         """
+         # Currently only the 'request' module exists
+         req = request.RequestAnalyzer()
++        err = error.ErrorAnalyzer()
+         cli = Analyzer()
+ 
+         req.setup_args(parser_grp, cli)
++        err.setup_args(parser_grp, cli)
+ 
+     def setup_args(self):
+         """
+diff --git a/src/tools/analyzer/util.py b/src/tools/analyzer/util.py
+new file mode 100644
+index 0000000000..2a8d153a71
+--- /dev/null
++++ b/src/tools/analyzer/util.py
+@@ -0,0 +1,44 @@
++import re
++import logging
++
++from sssd.source_files import Files
++from sssd.source_journald import Journald
++
++logger = logging.getLogger()
++
++
++class Utils:
++
++    def load(self, args):
++        """
++        Load the appropriate source reader.
++
++        Args:
++            args (Namespace): argparse parsed arguments
++
++        Returns:
++            Instantiated source object
++        """
++        if args.source == "journald":
++            source = Journald()
++        else:
++            source = Files(args.logdir)
++        return source
++
++    def matched_line(self, source, patterns):
++        """
++        Yield lines which match any number of patterns (OR) in
++        provided patterns list.
++
++        Args:
++            source (Reader): source Reader object
++        Yields:
++            lines matching the provided pattern(s)
++        """
++        for line in source:
++            for pattern in patterns:
++                re_obj = re.compile(pattern)
++                if re_obj.search(line):
++                    if line.startswith('   *  '):
++                        continue
++                    yield line
diff --git a/meta-security/dynamic-layers/networking-layer/recipes-security/sssd/sssd_2.7.4.bb b/meta-security/dynamic-layers/networking-layer/recipes-security/sssd/sssd_2.9.1.bb
similarity index 95%
rename from meta-security/dynamic-layers/networking-layer/recipes-security/sssd/sssd_2.7.4.bb
rename to meta-security/dynamic-layers/networking-layer/recipes-security/sssd/sssd_2.9.1.bb
index 78d29c3..9fa9d3b 100644
--- a/meta-security/dynamic-layers/networking-layer/recipes-security/sssd/sssd_2.7.4.bb
+++ b/meta-security/dynamic-layers/networking-layer/recipes-security/sssd/sssd_2.9.1.bb
@@ -16,7 +16,7 @@
 DEPENDS += "${@bb.utils.contains('PACKAGECONFIG', 'nss', '', \
                bb.utils.contains('PACKAGECONFIG', 'crypto', '', 'nss', d), d)}"
 
-SRC_URI = "https://github.com/SSSD/sssd/releases/download/${PV}/sssd-${PV}.tar.gz \
+SRC_URI = "https://github.com/SSSD/sssd/releases/download/${PV}/${BP}.tar.gz \
            file://sssd.conf \
            file://volatiles.99_sssd \
            file://no_gen.patch \
@@ -24,9 +24,10 @@
            file://drop_ntpdate_chk.patch \
            file://fix-ldblibdir.patch \
            file://musl_fixup.patch \
+           file://0001-sssctl-add-error-analyzer.patch \
            "
 
-SRC_URI[sha256sum] = "10ef90c63fdbfda905145077679035bd5ad16b24daad13160de8d0ff82ea9950"
+SRC_URI[sha256sum] = "97703d38159994a869aad1c852de4582c76f189cf044f51e15ba26e1e4b75298"
 
 UPSTREAM_CHECK_URI = "https://github.com/SSSD/${BPN}/releases"
 
@@ -58,7 +59,7 @@
 PACKAGECONFIG[selinux] = "--with-selinux, --with-selinux=no --with-semanage=no, libselinux"
 PACKAGECONFIG[ssh] = "--with-ssh, --with-ssh=no, "
 PACKAGECONFIG[sudo] = "--with-sudo, --with-sudo=no, "
-PACKAGECONFIG[systemd] = "--with-initscript=systemd,--with-initscript=sysv"
+PACKAGECONFIG[systemd] = "--with-initscript=systemd,--with-initscript=sysv,,python3-systemd"
 
 EXTRA_OECONF += " \
     --disable-cifs-idmap-plugin \
@@ -146,6 +147,7 @@
 
 FILES:${PN} += "${base_libdir}/security/pam_sss*.so  \
                 ${nonarch_libdir}/tmpfiles.d \
+                ${datadir}/dbus-1/system.d/*.conf \
                 ${datadir}/dbus-1/system-services/*.service \
                 ${libdir}/krb5/* \
                 ${libdir}/ldb/* \