subtree updates
meta-arm: 3fcafa3a94..d6fac49541:
Abdellatif El Khlifi (1):
arm-bsp/u-boot: corstone1000: upgrade NVMXIP support
Denys Dmytriyenko (1):
optee-os: do not explicitly set CFG_MAP_EXT_DT_SECURE=y
Emekcan Aras (8):
arm-bsp/u-boot: corstone1000: Fix EFI multiple protocol install failure
arm-bsp/u-boot: corstone1000: Enable EFI set/get time services
arm-bsp/trusted-services: corstone1000: GetNextVariableName Fix
arm-bsp/optee-os:corstone1000: Drop SPMC non secure interrupt patches
arm-bsp/u-boot: corstone1000: Fix u-boot compilation warnings
arm-bsp/trusted-services: corstone1000: Fix PSA_RAW_KEY agreement test
arm-bsp/trusted-services: corstone1000: Fix Capsule Update
arm-bsp/trusted-firmware-a: corstone1000: Fix Trusted-Firmware-A version for corstone1000
Jon Mason (3):
trusted-firmware-a: update to the latest TF-A LTS
arm-bsp/tc1: update to use the latest tf-a
arm/scp-firmware: update to v2.12.0
Khem Raj (2):
gn: update to latest
gn: Fix build with gcc13
Ross Burton (8):
arm/trusted-firmware-m: remove -fcanon-prefix-map from DEBUG_PREFIX_MAP
arm-bsp/external-system: remove -fcanon-prefix-map from DEBUG_PREFIX_MAP
arm-toolchain/external-arm: remove -fcanon-prefix-map from DEBUG_PREFIX_MAP
arm/scp-firmware: use concerete toolchain
arm-toolchain/gcc-arm-12.2: remove
arm/gn: fix build with GCC <13
CI: always put the build logs in an artifact
CI: print the name of the documentation when building
Sumit Garg (1):
external-arm-toolchain: Enforce absolute path check
meta-openembedded: def4759e95..2638d458a5:
Adrian Zaharia (2):
meta-python: Add stopit
python3-stopit: add missing run-time dependencies
Alex Kiernan (1):
ostree: Upgrade 2023.3 -> 2023.4
Bartosz Golaszewski (55):
python3-pywbemtools: remove build-time dependencies
python3-pywbem: drop unneeded class from RDEPENDS
python3-pywbem: don't use PYTHON_PN
python3-pywbem: order RDEPENDS alphabetically
python3-pywbem: add missing run-time dependencies
python3-padatious: add missing run-time dependencies
python3-pako: add missing run-time dependencies
python3-paramiko: stop using PYTHON_PN
python3-paramiko: add missing run-time dependencies
python3-path: fix coding style
python3-path: add missing run-time dependencies
python3-ecdsa: don't install tests
python3-et-xmlfile: fix coding style
python3-et-xmlfile: add missing run-time dependencies
python3-flask-user: fix coding style
python3-flask-user: add missing run-time dependencies
python3-isort: fix coding style
python3-isort: add missing run-time dependencies
python3-isodate: stop using PYTHON_PN
python3-isodate: add missing run-time dependencies
python-idna-ssl: add missing run-time dependencies
python3-hpack: add missing run-time dependencies
python3-h11: add missing run-time dependencies
python3-gsocketpool: drop unneeded DEPENDS
python3-gsocketpool: stop using PYTHON_PN
python3-gsocketpool: add missing run-time dependencies
python3-flask-mail: stop using PYTHON_PN
python3-flask-mail: add missing run-time dependencies
python3-flask-sijax: stop using PYTHON_PN
python3-flask-sijax: add missing run-time dependencies
python3-flask-script: remove recipe
python3-aioserial: fix coding style
python3-aioserial: add missing run-time dependencies
python3-aspectlib: add missing run-time dependencies
python3-asyncio-throttle: add missing run-time dependencies
python3-attrdict3: add missing run-time dependencies
python3-betamax: add missing run-time dependencies
python3-binwalk: add missing run-time dependencies
python3-can: fix coding style
python3-can: add missing run-time dependencies
python3-click-spinner: add missing run-time dependencies
python3-colorlog: add missing run-time dependencies
python3-colorzero: add missing run-time dependencies
python3-configobj: fix coding style
python3-configobj: add missing run-time dependencies
python3-configshell-fb: add missing run-time dependencies
python3-coverage: fix coding style and RDEPENDS
python3-custom-inherit: add missing run-time dependencies
python3-dateparser: fix coding style
python3-dateparser: add missing run-time dependencies
python3-tzlocal: fix coding style
python3-tzlocal: add missing run-time dependencies
python3-dbus-next: add missing run-time dependencies
python3-defusedxml: add missing run-time dependencies
python3-setuptools-scm-git-archive: add missing run-time dependencies
Beniamin Sandu (5):
lmsensors: do not pull in unneeded perl modules for run-time dependencies
mdns: remove unneeded headers
mbedtls: add support for v3.x
rasdaemon: upgrade to 0.8.0
unbound: add option to build with libevent
Chen Qi (1):
redis: use the files path correctly
Denys Dmytriyenko (1):
grpc: point to the native protobuf compiler binary
Enguerrand de Ribaucourt (4):
cukinia: remove trailing whitespaces
cukinia: upgrade 0.6.1 -> 0.6.2
cukinia: inherit allarch
cukinia: add libgpiod-tools to RRECOMMENDS
Etienne Cordonnier (1):
uutils-coreutils: upgrade 0.0.18 -> 0.0.19
Joe Slater (2):
libgpiod: modify test 'gpioset: toggle (continuous)'
python3-sqlparse: fix CVE-2023-30608
Johannes Kauffmann (3):
open62541: add multithreading PACKAGECONFIG option
open62541: allow disabling subscriptions
ntpd: switch service type from forking to simple
Khem Raj (16):
ply: Demand BFD linker explicitly
crucible: Upgrade to 2023.04.12 release
schroedinger: Fix building tests
fwts: Fix build issues found with lld linker
xfce4-sensors-plugin: Use bfd linker instead of lld
ostree: Fix build errors found with lld linker
spice-gtk: Fix build with lld linker
sblim-sfcb: Fix build with lld linker
libtracefs: Fix build with clang+musl
gosu: Upgrade to 1.16 release
layers: Move READMEs to markdown format
xdg-desktop-portal-wlr: Fix build with older mesa
geary: Fix build with vala >= 0.56.8
libforms: Replace hardcoded dep on mesa with virtual/libgl
syzkaller: Upgrade to latest tip of trunk
ristretto: Upgrade to 0.13.1 release
Markus Volk (1):
gnome-software: upgrade 44.1 -> 44.2
Martin Jansa (5):
asio: fix malformed Upstream-Status
libgpiod: fix malformed Upstream-Status
postfix: fix malformed Upstream-Status
*.patch: add Upstream-Status to all patches
postfix: remove 2nd Upstream-Status
Michael Heimpold (1):
php: drop explicite ARM_INSTRUCTION_SET
Patrick Williams (1):
libplist_2.3.0: compile fix for version
Peter Kjellerstedt (1):
glog: Correct the packaging of /usr/share/glog/cmake/FindUnwind.cmake
Peter Marko (1):
python3-stopit: fix override syntax
Randolph Sapp (1):
opengl-es-cts: 3.2.8.0 -> 3.2.9.3
Remi Peuvergne (2):
zeromq: consider license exception over LGPL-3.0
zeromq: consider license exception over LGPL-3.0
Sandeep Gundlupet Raju (1):
opencv: Revert fix runtime dependencies
Soumya (1):
opencv: Fix for CVE-2023-2617
Wang Mingyu (57):
ctags: upgrade 6.0.20230604.0 -> 6.0.20230611.0
gjs: upgrade 1.76.0 -> 1.76.1
ipcalc: upgrade 1.0.2 -> 1.0.3
libadwaita: upgrade 1.3.2 -> 1.3.3
libjcat: upgrade 0.1.13 -> 0.1.14
libqb: upgrade 2.0.6 -> 2.0.7
mbpoll: upgrade 1.5.0 -> 1.5.2
mpich: upgrade 4.1.1 -> 4.1.2
nautilus: upgrade 44.2 -> 44.2.1
ntp: upgrade 4.2.8p16 -> 4.2.8p17
python3-eth-account: upgrade 0.8.0 -> 0.9.0
python3-eth-hash: upgrade 0.5.1 -> 0.5.2
python3-eth-typing: upgrade 3.3.0 -> 3.4.0
python3-eth-utils: upgrade 2.1.0 -> 2.1.1
python3-platformdirs: upgrade 3.5.1 -> 3.5.3
pcsc-lite: upgrade 1.9.9 -> 2.0.0
php: upgrade 8.2.6 -> 8.2.7
python3-argcomplete: upgrade 3.0.8 -> 3.1.0
python3-autobahn: upgrade 23.1.2 -> 23.6.1
python3-cassandra-driver: upgrade 3.27.0 -> 3.28.0
python3-cmake: upgrade 3.26.3 -> 3.26.4
python3-django: upgrade 4.2.1 -> 4.2.2
python3-hexbytes: upgrade 0.3.0 -> 0.3.1
python3-imageio: upgrade 2.30.0 -> 2.31.0
python3-pykickstart: upgrade 3.47 -> 3.48
python3-pymisp: upgrade 2.4.171 -> 2.4.172
python3-pymodbus: upgrade 3.3.0 -> 3.3.1
python3-sentry-sdk: upgrade 1.25.0 -> 1.25.1
python3-websocket-client: upgrade 1.5.2 -> 1.5.3
python3-zeroconf: upgrade 0.63.0 -> 0.64.1
remmina: upgrade 1.4.30 -> 1.4.31
tio: upgrade 2.5 -> 2.6
libtracefs: upgrade 1.6.4 -> 1.7.0
adw-gtk3: upgrade 4.7 -> 4.8
evince: upgrade 44.1 -> 44.2
gensio: upgrade 2.6.5 -> 2.6.6
redis-plus-plus: upgrade 1.3.8 -> 1.3.9
python3-click-repl: upgrade 0.2.0 -> 0.3.0
python3-platformdirs: upgrade 3.5.3 -> 3.6.0
python3-pytest-mock: upgrade 3.10.0 -> 3.11.1
python3-croniter: upgrade 1.3.15 -> 1.4.1
python3-elementpath: upgrade 4.1.2 -> 4.1.3
python3-google-api-core: upgrade 2.11.0 -> 2.11.1
python3-google-api-python-client: upgrade 2.88.0 -> 2.89.0
python3-googleapis-common-protos: upgrade 1.59.0 -> 1.59.1
python3-google-auth: upgrade 2.19.1 -> 2.20.0
python3-imageio: upgrade 2.31.0 -> 2.31.1
python3-protobuf: upgrade 4.23.2 -> 4.23.3
python3-pyproj: upgrade 3.5.0 -> 3.6.0
python3-rich: upgrade 13.4.1 -> 13.4.2
python3-robotframework: upgrade 6.0.2 -> 6.1
python3-ujson: upgrade 5.7.0 -> 5.8.0
python3-xmlschema: upgrade 2.3.0 -> 2.3.1
python3-xmodem: upgrade 0.4.6 -> 0.4.7
python3-zeroconf: upgrade 0.64.1 -> 0.68.0
strongswan: upgrade 5.9.10 -> 5.9.11
rdfind: upgrade 1.5.0 -> 1.6.0
Xiangyu Chen (1):
meta-oe: add pahole to NON_MULTILIB_RECIPES
Zoltán Böszörményi (3):
mpich: Upgrade to 4.1.1
python3-meson-python: New recipe
python_mesonpy: New class
poky: 00f3d58064..13b646c0e1:
Adrian Freihofer (9):
runqemu-ifup: remove uid parameter
runqemu-ifup: configurable tap names
runqemu-ifup: fix tap index
runqemu-ifup: remove only our taps
runqemu-gen-tapdevs: remove staging dir parameter
runqemu-gen-tapdevs: remove uid parameter
runqemu-gen-tapdevs: configurable tap names
runqemu-gen-tapdevs: remove only our taps
runqemu: configurable tap names
Alberto Planas (2):
bitbake.conf: add unzstd in HOSTTOOLS
rpm2cpio.sh: update to the last 4.x version
Alejandro Hernandez Samaniego (2):
baremetal-helloworld: Update SRCREV to fix entry addresses for ARM architectures
runqemu: Stop passing bindir to the runqemu-ifup call
Alex Kiernan (1):
eudev: Upgrade 3.2.11 -> 3.2.12
Alexander Kanavin (60):
scripts/runqemu: split lock dir creation into a reusable function
scripts/runqemu: allocate unfsd ports in a way that doesn't race or clash with unrelated processes
apmd: remove recipe and apm MACHINE_FEATURE
qemu: a pending patch was submitted and accepted upstream
maintainers.inc: unassign Adrian Bunk from wireless-regdb
maintainers.inc: unassign Alistair Francis from opensbi
maintainers.inc: unassign Chase Qi from libc-test
maintainers.inc: unassign Oleksandr Kravchuk from python3 and all other items
maintainers.inc: unassign Ricardo Neri from ovmf
grub: submit determinism.patch upstream
apr: upgrade 1.7.3 -> 1.7.4
at-spi2-core: upgrade 2.48.0 -> 2.48.3
btrfs-tools: upgrade 6.3 -> 6.3.1
attr: package /etc/xattr.conf with the library that consumes it
glib-2.0: backport a patch to address ptest fails caused by coreutils 9.2+
diffoscope: upgrade 236 -> 242
dnf: upgrade 4.14.0 -> 4.16.1
ethtool: upgrade 6.2 -> 6.3
gawk: upgrade 5.2.1 -> 5.2.2
strace: upgrade 6.2 -> 6.3
coreutils: upgrade 9.1 -> 9.3
gnupg: upgrade 2.4.0 -> 2.4.2
gobject-introspection: upgrade 1.74.0 -> 1.76.1
kmscube: upgrade to latest revision
libmodulemd: upgrade 2.14.0 -> 2.15.0
libuv: license file was split in two in the 1.45.0 version update
libx11: upgrade 1.8.4 -> 1.8.5
libxslt: upgrade 1.1.37 -> 1.1.38
linux-firmware: upgrade 20230404 -> 20230515
ltp: upgrade 20230127 -> 20230516
mesa: upgrade 23.0.3 -> 23.1.1
meson: upgrade 1.1.0 -> 1.1.1
mmc-utils: upgrade to latest revision
nettle: upgrade 3.8.1 -> 3.9
nghttp2: upgrade 1.52.0 -> 1.53.0
parted: upgrade 3.5 -> 3.6
puzzles: upgrade to latest revision
python3: upgrade 3.11.2 -> 3.11.3
python3-certifi: upgrade 2022.12.7 -> 2023.5.7
python3-docutils: upgrade 0.19 -> 0.20.1
python3-flit-core: upgrade 3.8.0 -> 3.9.0
python3-importlib-metadata: upgrade 6.2.0 -> 6.6.0
python3-pyasn1: upgrade 0.4.8 -> 0.5.0
python3-pyopenssl: upgrade 23.1.1 -> 23.2.0
python3-sphinx: remove BSD-3-Clause from LICENSE
serf: upgrade 1.3.9 -> 1.3.10
shaderc: upgrade 2023.2 -> 2023.4
squashfs-tools: upgrade 4.5.1 -> 4.6.1
vala: upgrade 0.56.6 -> 0.56.8
vulkan: upgrade 1.3.243.0 -> 1.3.250.0
wget: upgrade 1.21.3 -> 1.21.4
wireless-regdb: upgrade 2023.02.13 -> 2023.05.03
xf86-input-libinput: upgrade 1.2.1 -> 1.3.0
xf86-input-mouse: upgrade 1.9.4 -> 1.9.5
zstd: upgrade 1.5.4 -> 1.5.5
gdb: upgrade 13.1 -> 13.2
libxcrypt: upgrade 4.4.33 -> 4.4.34
zstd: fix a reproducibility issue in 1.5.5
sysfsutils: fetch a supported fork from github
sysfsutils: update 2.1.0 -> 2.1.1
Alexandre Belloni (1):
base-passwd: fix patchreview warning
Alexis Lothoré (3):
oeqa/core/runner: add helper to know about expected failures
oeqa/target/ssh: update options for SCP
testimage: implement test artifacts retriever for failing tests
Anuj Mittal (1):
glib-2.0: upgrade 2.76.2 -> 2.76.3
BELOUARGA Mohamed (1):
meta: lib: oe: npm_registry: Add more safe caracters
Bruce Ashfield (4):
linux-yocto/6.1: update to v6.1.33
linux-yocto/6.1: fix intermittent x86 boot hangs
linux-yocto/6.1: update to v6.1.34
linux-yocto/6.1: update to v6.1.35
Charlie Wu (1):
devtool: Fix the wrong variable in srcuri_entry
Chen Qi (7):
sdk.py: error out when moving file fails
sdk.py: fix moving dnf contents
rpm: write macros under libdir
zip: fix configure check by using _Static_assert
zip: remove unnecessary LARGE_FILE_SUPPORT CLFAGS
unzip: fix configure check for cross compilation
unzip: remove hardcoded LARGE_FILE_SUPPORT
Denys Dmytriyenko (1):
binutils: move packaging of gprofng static lib into common .inc
Ed Beroset (1):
Add clarification for SRCREV
Fabien Mahot (2):
useradd-example: package typo correction
oeqa/selftest/bbtests: add non-existent prefile/postfile tests
Hannu Lounento (1):
profile-manual: fix blktrace remote usage instructions
Ian Ray (1):
systemd-systemctl: support instance expansion in WantedBy
Jermain Horsman (1):
logrotate: Do not create logrotate.status file
Jose Quaresma (1):
selftest/reproducible: Allow chose the package manager
Jörg Sommer (2):
runqemu-gen-tapdevs: Refactoring
runqemu-ifupdown/get-tapdevs: Add support for ip tuntap
Khem Raj (12):
llvm: Upgrade to 16.0.5
glibc: Pass linker choice via compiler flags
libgcc: Always use BFD linker
efivar: Upgrade to tip of trunk
babeltrace2: Always use BFD linker when building tests with ld-is-lld distro feature
parted: Add missing libuuid to linker cmdline for libparted-fs-resize.so
kernel: Add kernel specific STRIP variable
libxml2: Do not use lld linker when building with tests on rv64
llvm: Bump to 16.0.6
go-helloworld: Upgrade to tip of trunk
rpcsvc-proto: Upgrade to 1.4.4
python3-bcrypt: Use BFD linker when building tests
Louis Rannou (3):
rootfs-postcommands: change sysusers.d command
systemd: replace the sysusers.d basic configuration
base-passwd: add the wheel group
Luca Ceresoli (1):
ref-manual: classes: devicetree: fix sentence saying the same thing twice
Markus Volk (2):
gtk4: upgrade 4.10.3 -> 4.10.4
gstreamer1.0-plugins-bad: use oneVPL instead of intel-mediasdk for msdk
Martin Jansa (1):
libstd-rs, rust: use bfd linker instead of gold
Michael Opdenacker (5):
psplash: replace Yocto .h by .png splashscreen
migration-guides: release-notes-4.3: update documentation notes
bitbake: bitbake-user-manual: explicit variables taking a colon separated list
bitbake: bitbake-user-manual: revert change about PREFERRED_PROVIDERS
ref-manual: variables.rst: explicit variables accepting colon separated lists
Mikko Rapeli (4):
useradd-staticids.bbclass: improve error message
selftest reproducible.py: support different build targets
variables.rst: document OEQA_REPRODUCIBLE_TEST_TARGET and OEQA_REPRODUCIBLE_TEST_SSTATE_TARGETS
reproducible-builds.rst: document OEQA_REPRODUCIBLE_TEST_TARGET and OEQA_REPRODUCIBLE_TEST_SSTATE_TARGETS
Ming Liu (2):
weston-init: introduce xwayland PACKAGECONFIG
meta: introduce KCONFIG_CONFIG_ENABLE_MENUCONFIG
Mingli Yu (2):
qemu: Split the qemu package
u-boot-tools: Use PATH_MAX for path length
Petr Gotthard (1):
lighttpd: upgrade 1.4.69 -> 1.4.71
Quentin Schulz (5):
bitbake: docs: bitbake-user-manual: bitbake-user-manual-hello: add links and highlights for variables
docs: bsp-guide: bsp: fix typo
docs: ref-manual: terms: fix typos in SPDX term
docs: fix unnecessary double white space
docs: ref-manual: terms: fix incorrect note directive
Randolph Sapp (6):
weston-init: make sure the render group exists
weston-init: add weston user to the render group
weston-init: add the weston user to the wayland group
weston-init: fix the mixed indentation
weston-init: guard against systemd configs
weston-init: add profile to point users to global socket
Remi Peuvergne (1):
common-licenses: Add LGPL-3.0-with-zeromq-exception
Richard Purdie (18):
runqemu/qemu-helper: Drop tunctl
runqemu-if*: Rename confusing variable name
oeqa/selftest/oescripts: Fix qemu-helper selftest
oeqa/logparser: Fix ptest No-section exception
strace: Disable failing test
strace: Merge two similar patches
testimage: Only note missing target directories, don't warn
ptest-runner: Pull in sync fix to improve log warnings
scripts/runqemu-ifup: Fix extra parameter issue
scripts/runqemu-ifup: Fix 10 or more tap devices
bitbake: runqueue: Fix handling of virtual files in layername calculation
ptest-runner: Ensure data writes don't race
bitbake.conf: Add layer-<layername> override support
insane: Improve patch-status layer filtering
genericx86: Drop gma500-gfx-check
bitbake: doc: Document FILE_LAYERNAME
migration-guides: add notes on FILE_LAYERNAME
migration-guides: add notes on systemd/usrmerge changes
Ross Burton (15):
nettle: rewrite ptest integration
nettle: inherit lib_package
cve-extra-exclusions: add more ignores for 2023 kernel CVEs
cve-extra-exclusions: remove 2019 blanket ignores
poky-altconfig: enable usrmerge DISTRO_FEATURE
gi-docgen: correct comment
gobject-introspection: remove obsolete DEPENDS
coreutils: fix build when the host has fr_FR.
cve-extra-exclusions: call out an Ubuntu-specific issue explicitly
cve-extra-exclusions: CVE-2023-3141 was backported in Linux 6.1.30
erofs-utils: backport fixes for CVE-2023-33551 and CVE-2023-33552
ghostscript: mostly rewrite recipe
python3-dbusmock: only recommend python3-pygobject
sysfsutils: don't install to base_libdir
base: improve LICENSE_FLAGS_DETAILS output
Sakib Sajal (1):
go: Upgrade 1.20.4 -> 1.20.5
Soumya (1):
perl: fix CVE-2023-31484
Stefano Babic (2):
libubootenv: upgrade 0.3.3 -> 0.3.4
mtd-utils: export headers and libraries for MTD and UBI
Sudip Mukherjee (2):
dpkg: upgrade to v1.21.22
cmake: upgrade to v3.26.4
Tan Wen Yan (1):
linux-yocto/6.1: update genericx86* machines to v6.1.30
Tom Hochstein (1):
weston: Cleanup and fix x11 and xwayland dependencies
Trevor Gamblin (2):
runqemu-gen-tapdevs: fix missing variable quote
glib-networking: use correct error code in ptest
Vincent Davis Jr (4):
spirv-tools: fix INTERFACE_LINK_LIBRARIES cmake prop
vulkan-validation-layers: add new recipe v1.3.243.0
spirv-tools: Use baselib instead of base_libdir
vulkan-validation-layers: cleanup recipe
Xiangyu Chen (1):
dbus: upgrade 1.14.6 -> 1.14.8
nikhil (1):
libwebp: Fix CVE-2023-1999
schitrod=cisco.com@lists.openembedded.org (1):
cups: Fix CVE-2023-32324
meta-security: 180dac9aec..405cca4028:
Ahmed Abdelfattah (1):
swtpm: fix parser error when using USERADDEXTENSION="useradd-staticids"
Armin Kuster (25):
scap-security-guide: update to 0.1.67
scap-security-guide: update to tip
scap-security-guide_git: drop oe version
openscap-daemon: This is now obsolete
oe-scap: Not maintained nor upstreamed
openscap: Fix native build missing depends
openscap: Drop OE specific recipe
lynis: move to main meta-security layer
openscap: move to main meta-security layer
meta-security-compliance: remove layer
openscap: add support for OpenEmbedded nodistro and Poky
scap-security-guide: add OE support
packagegroup-core-security: add compliance pkg group
kas: ci changes do to meta-security-compliance being removed
meta-security-isafw: drop layer isafw project archived
openscap: Update to tip to get OE/Poky support
scap-security-guide: bump the number of test that pass
clamav: drop unused patch
isic: fine tune Upstream-Status
scap-security-guide: Add Poky
arpwatch: Fix typo in COMPATIBLE_HOST:libc-musl = "null"
scap-security-guide: add Upstream-Status
scap-security-guide: Does not build for musl
openscap: update to 1.3.8
packagegroup-core-security: add os-release
Chen Qi (1):
complicance/isafw: remove oeqa addpylib
Kevin Hao (1):
dmverity: Suppress the realpath errors
Martin Jansa (5):
*.patch: add Upstream-Status to all patches
meta-tpm: *.patch: fix malformed Upstream-Status lines
dynamic-layers: *.patch: fix malformed and missing Upstream-Status lines
*.patch: fix malformed Upstream-Status and SOB lines
.patch: remove probably unused patches
Paul Gortmaker (7):
dm-verity: add descriptive strings for "wic list images"
dm-verity: restructure the veritysetup arg parsing
dm-verity: save veritysetup args beside runtime environment
dm-verity: add support for hash storage on separate partition
dm-verity: add wks.in fragment with dynamic build hash data
dm-verity: hook separate hash into initramfs framework
dm-verity: add sample systemd separate hash example and doc
Samantha Jalabert (1):
buck-security: fix missing dependencies to perl modules
meta-raspberrypi: 8e07f0d328..dff85b9a9f:
Khem Raj (1):
linux-raspberrypi-6.1: Update to 6.1.34 release
Martin Jansa (1):
*.patch: add Upstream-Status to all patches
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Change-Id: If34dfa008a81d778c7bc02627388238f5125d85c
diff --git a/meta-openembedded/meta-oe/recipes-extended/redis/redis-7.0.11/0001-src-Do-not-reset-FINAL_LIBS.patch b/meta-openembedded/meta-oe/recipes-extended/redis/redis-7.0.11/0001-src-Do-not-reset-FINAL_LIBS.patch
new file mode 100644
index 0000000..e8d8b1d
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-extended/redis/redis-7.0.11/0001-src-Do-not-reset-FINAL_LIBS.patch
@@ -0,0 +1,30 @@
+From e97a572d4aef099a961e43d528c0268e10d9f1e2 Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@gmail.com>
+Date: Tue, 10 Sep 2019 20:04:26 -0700
+Subject: [PATCH] src: Do not reset FINAL_LIBS
+
+This helps case where additional libraries are needed to be passed from
+environment to get it going
+
+e.g. -latomic is needed on clang/x86 to provide for 64bit atomics
+
+Upstream-Status: Pending
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+
+---
+ src/Makefile | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/Makefile b/src/Makefile
+index ddabd44..5133884 100644
+--- a/src/Makefile
++++ b/src/Makefile
+@@ -118,7 +118,7 @@ endif
+
+ FINAL_CFLAGS=$(STD) $(WARN) $(OPT) $(DEBUG) $(CFLAGS) $(REDIS_CFLAGS)
+ FINAL_LDFLAGS=$(LDFLAGS) $(REDIS_LDFLAGS) $(DEBUG)
+-FINAL_LIBS=-lm
++FINAL_LIBS+=-lm
+ DEBUG=-g -ggdb
+
+ # Linux ARM32 needs -latomic at linking time
diff --git a/meta-openembedded/meta-oe/recipes-extended/redis/redis-7.0.11/0006-Define-correct-gregs-for-RISCV32.patch b/meta-openembedded/meta-oe/recipes-extended/redis/redis-7.0.11/0006-Define-correct-gregs-for-RISCV32.patch
new file mode 100644
index 0000000..385b0ae
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-extended/redis/redis-7.0.11/0006-Define-correct-gregs-for-RISCV32.patch
@@ -0,0 +1,62 @@
+From b6b2c652abfa98093401b232baca8719c50cadf4 Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@gmail.com>
+Date: Mon, 26 Oct 2020 21:32:22 -0700
+Subject: [PATCH] Define correct gregs for RISCV32
+
+Upstream-Status: Pending
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+
+Updated patch for 6.2.8
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ src/debug.c | 26 ++++++++++++++++++++++++--
+ 1 file changed, 24 insertions(+), 2 deletions(-)
+
+diff --git a/src/debug.c b/src/debug.c
+index ebda858..90bc450 100644
+--- a/src/debug.c
++++ b/src/debug.c
+@@ -1168,7 +1168,9 @@ static void* getAndSetMcontextEip(ucontext_t *uc, void *eip) {
+ #endif
+ #elif defined(__linux__)
+ /* Linux */
+- #if defined(__i386__) || ((defined(__X86_64__) || defined(__x86_64__)) && defined(__ILP32__))
++ #if defined(__riscv) && __riscv_xlen == 32
++ return (void*) uc->uc_mcontext.__gregs[REG_PC];
++ #elif defined(__i386__) || ((defined(__X86_64__) || defined(__x86_64__)) && defined(__ILP32__))
+ GET_SET_RETURN(uc->uc_mcontext.gregs[14], eip);
+ #elif defined(__X86_64__) || defined(__x86_64__)
+ GET_SET_RETURN(uc->uc_mcontext.gregs[16], eip);
+@@ -1350,8 +1352,28 @@ void logRegisters(ucontext_t *uc) {
+ #endif
+ /* Linux */
+ #elif defined(__linux__)
++ /* Linux RISCV32 */
++ #if defined(__riscv) && __riscv_xlen == 32
++ serverLog(LL_WARNING,
++ "\n"
++ "RA:%08lx S0:%08lx S1:%08lx S2:%08lx\n"
++ "SP:%08lx PC:%08lx A0:%08lx A1:%08lx\n"
++ "A2 :%08lx A3:%08lx A4:%08lx",
++ (unsigned long) uc->uc_mcontext.__gregs[REG_RA],
++ (unsigned long) uc->uc_mcontext.__gregs[REG_S0],
++ (unsigned long) uc->uc_mcontext.__gregs[REG_S1],
++ (unsigned long) uc->uc_mcontext.__gregs[REG_S2],
++ (unsigned long) uc->uc_mcontext.__gregs[REG_SP],
++ (unsigned long) uc->uc_mcontext.__gregs[REG_PC],
++ (unsigned long) uc->uc_mcontext.__gregs[REG_A0 + 0],
++ (unsigned long) uc->uc_mcontext.__gregs[REG_A0 + 1],
++ (unsigned long) uc->uc_mcontext.__gregs[REG_A0 + 2],
++ (unsigned long) uc->uc_mcontext.__gregs[REG_A0 + 3],
++ (unsigned long) uc->uc_mcontext.__gregs[REG_A0 + 4]
++ );
++ logStackContent((void**)uc->uc_mcontext.__gregs[REG_SP]);
+ /* Linux x86 */
+- #if defined(__i386__) || ((defined(__X86_64__) || defined(__x86_64__)) && defined(__ILP32__))
++ #elif defined(__i386__) || ((defined(__X86_64__) || defined(__x86_64__)) && defined(__ILP32__))
+ serverLog(LL_WARNING,
+ "\n"
+ "EAX:%08lx EBX:%08lx ECX:%08lx EDX:%08lx\n"
+--
+2.25.1
+
diff --git a/meta-openembedded/meta-oe/recipes-extended/redis/redis-7.0.11/GNU_SOURCE-7.patch b/meta-openembedded/meta-oe/recipes-extended/redis/redis-7.0.11/GNU_SOURCE-7.patch
new file mode 100644
index 0000000..6e07c25
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-extended/redis/redis-7.0.11/GNU_SOURCE-7.patch
@@ -0,0 +1,29 @@
+From a22512ac1cbd6de1f5646219722e49752d1f60ac Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@gmail.com>
+Date: Sat, 21 Dec 2019 12:09:51 -0800
+Subject: [PATCH] Define _GNU_SOURCE to get PTHREAD_MUTEX_INITIALIZER
+
+Fixes
+| zmalloc.c:87:37: error: 'PTHREAD_MUTEX_DEFAULT' undeclared here (not in a function)
+| 87 | pthread_mutex_t used_memory_mutex = PTHREAD_MUTEX_INITIALIZER;
+| | ^~~~~~~~~~~~~~~~~~~~~~~~~
+
+Upstream-Status: Pending
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+
+---
+ src/zmalloc.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/src/zmalloc.c b/src/zmalloc.c
+index ba03685..322304f 100644
+--- a/src/zmalloc.c
++++ b/src/zmalloc.c
+@@ -32,6 +32,7 @@
+ #include "config.h"
+ #include "solarisfixes.h"
+
++#define _GNU_SOURCE
+ #include <stdio.h>
+ #include <stdlib.h>
+ #include <stdint.h>
diff --git a/meta-openembedded/meta-oe/recipes-extended/redis/redis-7.0.11/hiredis-use-default-CC-if-it-is-set.patch b/meta-openembedded/meta-oe/recipes-extended/redis/redis-7.0.11/hiredis-use-default-CC-if-it-is-set.patch
new file mode 100644
index 0000000..250fdd0
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-extended/redis/redis-7.0.11/hiredis-use-default-CC-if-it-is-set.patch
@@ -0,0 +1,38 @@
+From 9da2d12c9fabfff4b4460accf887658db89687e4 Mon Sep 17 00:00:00 2001
+From: Venture Research <tech@ventureresearch.com>
+Date: Fri, 8 Feb 2013 17:39:52 -0600
+Subject: [PATCH] hiredis: use default CC if it is set
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Instead of trying to automagically figure out CC, which breaks with OE
+as CC has spaces in it, just skip it if one was already passed in.
+
+Signed-off-by: Venture Research <tech@ventureresearch.com>
+
+Update to work with 4.0.8
+Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
+
+Reworked for 6.0.4
+Signed-off-by: Andreas Müller <schnitzeltony@gmail.com>
+
+---
+Upstream-Status: Pending
+
+ deps/hiredis/Makefile | 2 --
+ 1 file changed, 2 deletions(-)
+
+diff --git a/deps/hiredis/Makefile b/deps/hiredis/Makefile
+index 7e41c97..54717e3 100644
+--- a/deps/hiredis/Makefile
++++ b/deps/hiredis/Makefile
+@@ -42,8 +42,6 @@ endef
+ export REDIS_TEST_CONFIG
+
+ # Fallback to gcc when $CC is not in $PATH.
+-CC:=$(shell sh -c 'type $${CC%% *} >/dev/null 2>/dev/null && echo $(CC) || echo gcc')
+-CXX:=$(shell sh -c 'type $${CXX%% *} >/dev/null 2>/dev/null && echo $(CXX) || echo g++')
+ OPTIMIZATION?=-O3
+ WARNINGS=-Wall -W -Wstrict-prototypes -Wwrite-strings -Wno-missing-field-initializers
+ DEBUG_FLAGS?= -g -ggdb
diff --git a/meta-openembedded/meta-oe/recipes-extended/redis/redis-7.0.11/init-redis-server b/meta-openembedded/meta-oe/recipes-extended/redis/redis-7.0.11/init-redis-server
new file mode 100755
index 0000000..c5f335f
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-extended/redis/redis-7.0.11/init-redis-server
@@ -0,0 +1,71 @@
+#!/bin/sh
+#
+### BEGIN INIT INFO
+# Provides: redis-server
+# Required-Start: $network
+# Required-Stop: $network
+# Default-Start: S 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: Redis, a key-value store
+# Description: Redis is an open source, advanced key-value store.
+# http://redis.io
+### END INIT INFO
+
+test -f /usr/bin/redis-server || exit 0
+
+ARGS="/etc/redis/redis.conf"
+
+case "$1" in
+ start)
+ echo "Starting redis-server..."
+ start-stop-daemon --start --quiet --exec /usr/bin/redis-server -- $ARGS
+ ;;
+ stop)
+ echo "Stopping redis-server..."
+ start-stop-daemon --stop --quiet --exec /usr/bin/redis-server
+ ;;
+ restart)
+ echo "Stopping redis-server..."
+ start-stop-daemon --stop --quiet --exec /usr/bin/redis-server
+
+ # Since busybox implementation ignores --retry arguments repeatedly check
+ # if the process is still running and try another signal after a timeout,
+ # efectively simulating a stop with --retry=TERM/5/KILL/5 schedule.
+ waitAfterTerm=5000000 # us / 5000 ms / 5 s
+ waitAfterKill=5000000 # us / 5000 ms / 5 s
+ waitStep=100000 # us / 100 ms / 0.1 s
+ waited=0
+ start-stop-daemon --stop --test --quiet --exec /usr/bin/redis-server
+ processOff=$?
+ while [ $processOff -eq 0 ] && [ $waited -le $waitAfterTerm ] ; do
+ usleep ${waitStep}
+ ((waited+=${waitStep}))
+ start-stop-daemon --stop --test --quiet --exec /usr/bin/redis-server
+ processOff=$?
+ done
+ if [ $processOff -eq 0 ] ; then
+ start-stop-daemon --stop --signal KILL --exec /usr/bin/redis-server
+ start-stop-daemon --stop --test --quiet --exec /usr/bin/redis-server
+ processOff=$?
+ fi
+ waited=0
+ while [ $processOff -eq 0 ] && [ $waited -le $waitAfterKill ] ; do
+ usleep ${waitStep}
+ ((waited+=${waitStep}))
+ start-stop-daemon --stop --test --quiet --exec /usr/bin/redis-server
+ processOff=$?
+ done
+ # Here $processOff will indicate if waiting and retrying according to
+ # the schedule ended in a successfull stop or not.
+
+ echo "Starting redis-server..."
+ start-stop-daemon --start --quiet --exec /usr/bin/redis-server -- $ARGS
+ ;;
+ *)
+ echo "Usage: /etc/init.d/redis-server {start|stop|restart}"
+ exit 1
+ ;;
+esac
+
+exit 0
+
diff --git a/meta-openembedded/meta-oe/recipes-extended/redis/redis-7.0.11/lua-update-Makefile-to-use-environment-build-setting.patch b/meta-openembedded/meta-oe/recipes-extended/redis/redis-7.0.11/lua-update-Makefile-to-use-environment-build-setting.patch
new file mode 100644
index 0000000..bff0753
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-extended/redis/redis-7.0.11/lua-update-Makefile-to-use-environment-build-setting.patch
@@ -0,0 +1,78 @@
+From 734ab2f7879c6f94fc18ea6a10adb9bd156ba769 Mon Sep 17 00:00:00 2001
+From: Venture Research <tech@ventureresearch.com>
+Date: Fri, 8 Feb 2013 20:22:19 -0600
+Subject: [PATCH] lua: update Makefile to use environment build settings
+
+OE-specific parameters, instead of overriding all of these simply use
+the ones that are already passed in. Also configure for only Linux...
+
+Signed-off-by: Venture Research <tech@ventureresearch.com>
+
+Updated to work with 3.0.x
+
+Signed-off-by: Armin Kuster <akust808@gmail.com>
+
+updated to work wtih 6.2.1
+Signed-off-by: Yi Fan Yu <yifan.yu@windriver.com>
+
+---
+Upstream-Status: Pending
+
+ deps/Makefile | 1 -
+ deps/lua/Makefile | 1 -
+ deps/lua/src/Makefile | 16 ++++++----------
+ 3 files changed, 6 insertions(+), 12 deletions(-)
+
+diff --git a/deps/Makefile b/deps/Makefile
+index 8592e17..1807af5 100644
+--- a/deps/Makefile
++++ b/deps/Makefile
+@@ -81,7 +81,6 @@ endif
+ # lua's Makefile defines AR="ar rcu", which is unusual, and makes it more
+ # challenging to cross-compile lua (and redis). These defines make it easier
+ # to fit redis into cross-compilation environments, which typically set AR.
+-AR=ar
+ ARFLAGS=rc
+
+ lua: .make-prerequisites
+diff --git a/deps/lua/Makefile b/deps/lua/Makefile
+index 209a132..72f4b2b 100644
+--- a/deps/lua/Makefile
++++ b/deps/lua/Makefile
+@@ -33,7 +33,6 @@ INSTALL_DATA= $(INSTALL) -m 0644
+
+ # Utilities.
+ MKDIR= mkdir -p
+-RANLIB= ranlib
+
+ # == END OF USER SETTINGS. NO NEED TO CHANGE ANYTHING BELOW THIS LINE =========
+
+diff --git a/deps/lua/src/Makefile b/deps/lua/src/Makefile
+index f3bba2f..1555ec0 100644
+--- a/deps/lua/src/Makefile
++++ b/deps/lua/src/Makefile
+@@ -5,18 +5,14 @@
+ # == CHANGE THE SETTINGS BELOW TO SUIT YOUR ENVIRONMENT =======================
+
+ # Your platform. See PLATS for possible values.
+-PLAT= none
++PLAT= linux
+
+-CC?= gcc
+-CFLAGS= -O2 -Wall $(MYCFLAGS)
+-AR= ar rcu
+-RANLIB= ranlib
+-RM= rm -f
+-LIBS= -lm $(MYLIBS)
+-
+-MYCFLAGS=
++MYCFLAGS=-DLUA_USE_LINUX
+ MYLDFLAGS=
+-MYLIBS=
++MYLIBS=-Wl,-E -ldl -lreadline -lhistory -lncurses
++
++CFLAGS += $(MYCFLAGS)
++LIBS += -lm $(MYLIBS)
+
+ # == END OF USER SETTINGS. NO NEED TO CHANGE ANYTHING BELOW THIS LINE =========
+
diff --git a/meta-openembedded/meta-oe/recipes-extended/redis/redis-7.0.11/oe-use-libc-malloc.patch b/meta-openembedded/meta-oe/recipes-extended/redis/redis-7.0.11/oe-use-libc-malloc.patch
new file mode 100644
index 0000000..bf05fc4
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-extended/redis/redis-7.0.11/oe-use-libc-malloc.patch
@@ -0,0 +1,36 @@
+From 88da6b19ecd00747769663e913aba5e9569c489d Mon Sep 17 00:00:00 2001
+From: Venture Research <tech@ventureresearch.com>
+Date: Wed, 6 Feb 2013 20:51:02 -0600
+Subject: [PATCH] hack to force use of libc malloc
+
+Hack to force libc usage as it seems the option to pass it in has been
+removed in favor of magic.
+
+Note that this of course doesn't allow tcmalloc and jemalloc, however
+jemalloc wasn't building correctly.
+
+Signed-off-by: Venture Research <tech@ventureresearch.com>
+
+Update to work with 4.0.8
+Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
+
+---
+Upstream-Status: Pending
+
+ src/Makefile | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/src/Makefile b/src/Makefile
+index 2a0d74d..ddabd44 100644
+--- a/src/Makefile
++++ b/src/Makefile
+@@ -13,7 +13,8 @@
+ # Just use 'make dep', but this is only needed by developers.
+
+ release_hdr := $(shell sh -c './mkreleasehdr.sh')
+-uname_S := $(shell sh -c 'uname -s 2>/dev/null || echo not')
++# use fake uname option to force use of generic libc
++uname_S := "USE_LIBC_MALLOC"
+ uname_M := $(shell sh -c 'uname -m 2>/dev/null || echo not')
+ OPTIMIZATION?=-O2
+ DEPENDENCY_TARGETS=hiredis linenoise lua hdr_histogram
diff --git a/meta-openembedded/meta-oe/recipes-extended/redis/redis-7.0.11/redis.conf b/meta-openembedded/meta-oe/recipes-extended/redis/redis-7.0.11/redis.conf
new file mode 100644
index 0000000..75037d6
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-extended/redis/redis-7.0.11/redis.conf
@@ -0,0 +1,1314 @@
+# Redis configuration file example.
+#
+# Note that in order to read the configuration file, Redis must be
+# started with the file path as first argument:
+#
+# ./redis-server /path/to/redis.conf
+
+# Note on units: when memory size is needed, it is possible to specify
+# it in the usual form of 1k 5GB 4M and so forth:
+#
+# 1k => 1000 bytes
+# 1kb => 1024 bytes
+# 1m => 1000000 bytes
+# 1mb => 1024*1024 bytes
+# 1g => 1000000000 bytes
+# 1gb => 1024*1024*1024 bytes
+#
+# units are case insensitive so 1GB 1Gb 1gB are all the same.
+
+################################## INCLUDES ###################################
+
+# Include one or more other config files here. This is useful if you
+# have a standard template that goes to all Redis servers but also need
+# to customize a few per-server settings. Include files can include
+# other files, so use this wisely.
+#
+# Notice option "include" won't be rewritten by command "CONFIG REWRITE"
+# from admin or Redis Sentinel. Since Redis always uses the last processed
+# line as value of a configuration directive, you'd better put includes
+# at the beginning of this file to avoid overwriting config change at runtime.
+#
+# If instead you are interested in using includes to override configuration
+# options, it is better to use include as the last line.
+#
+# include /path/to/local.conf
+# include /path/to/other.conf
+
+################################## MODULES #####################################
+
+# Load modules at startup. If the server is not able to load modules
+# it will abort. It is possible to use multiple loadmodule directives.
+#
+# loadmodule /path/to/my_module.so
+# loadmodule /path/to/other_module.so
+
+################################## NETWORK #####################################
+
+# By default, if no "bind" configuration directive is specified, Redis listens
+# for connections from all the network interfaces available on the server.
+# It is possible to listen to just one or multiple selected interfaces using
+# the "bind" configuration directive, followed by one or more IP addresses.
+#
+# Examples:
+#
+# bind 192.168.1.100 10.0.0.1
+# bind 127.0.0.1 ::1
+#
+# ~~~ WARNING ~~~ If the computer running Redis is directly exposed to the
+# internet, binding to all the interfaces is dangerous and will expose the
+# instance to everybody on the internet. So by default we uncomment the
+# following bind directive, that will force Redis to listen only into
+# the IPv4 lookback interface address (this means Redis will be able to
+# accept connections only from clients running into the same computer it
+# is running).
+#
+# IF YOU ARE SURE YOU WANT YOUR INSTANCE TO LISTEN TO ALL THE INTERFACES
+# JUST COMMENT THE FOLLOWING LINE.
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+bind 127.0.0.1
+
+# Protected mode is a layer of security protection, in order to avoid that
+# Redis instances left open on the internet are accessed and exploited.
+#
+# When protected mode is on and if:
+#
+# 1) The server is not binding explicitly to a set of addresses using the
+# "bind" directive.
+# 2) No password is configured.
+#
+# The server only accepts connections from clients connecting from the
+# IPv4 and IPv6 loopback addresses 127.0.0.1 and ::1, and from Unix domain
+# sockets.
+#
+# By default protected mode is enabled. You should disable it only if
+# you are sure you want clients from other hosts to connect to Redis
+# even if no authentication is configured, nor a specific set of interfaces
+# are explicitly listed using the "bind" directive.
+protected-mode yes
+
+# Accept connections on the specified port, default is 6379 (IANA #815344).
+# If port 0 is specified Redis will not listen on a TCP socket.
+port 6379
+
+# TCP listen() backlog.
+#
+# In high requests-per-second environments you need an high backlog in order
+# to avoid slow clients connections issues. Note that the Linux kernel
+# will silently truncate it to the value of /proc/sys/net/core/somaxconn so
+# make sure to raise both the value of somaxconn and tcp_max_syn_backlog
+# in order to get the desired effect.
+tcp-backlog 511
+
+# Unix socket.
+#
+# Specify the path for the Unix socket that will be used to listen for
+# incoming connections. There is no default, so Redis will not listen
+# on a unix socket when not specified.
+#
+# unixsocket /tmp/redis.sock
+# unixsocketperm 700
+
+# Close the connection after a client is idle for N seconds (0 to disable)
+timeout 0
+
+# TCP keepalive.
+#
+# If non-zero, use SO_KEEPALIVE to send TCP ACKs to clients in absence
+# of communication. This is useful for two reasons:
+#
+# 1) Detect dead peers.
+# 2) Take the connection alive from the point of view of network
+# equipment in the middle.
+#
+# On Linux, the specified value (in seconds) is the period used to send ACKs.
+# Note that to close the connection the double of the time is needed.
+# On other kernels the period depends on the kernel configuration.
+#
+# A reasonable value for this option is 300 seconds, which is the new
+# Redis default starting with Redis 3.2.1.
+tcp-keepalive 300
+
+################################# GENERAL #####################################
+
+# OE: run as a daemon.
+daemonize yes
+
+# If you run Redis from upstart or systemd, Redis can interact with your
+# supervision tree. Options:
+# supervised no - no supervision interaction
+# supervised upstart - signal upstart by putting Redis into SIGSTOP mode
+# supervised systemd - signal systemd by writing READY=1 to $NOTIFY_SOCKET
+# supervised auto - detect upstart or systemd method based on
+# UPSTART_JOB or NOTIFY_SOCKET environment variables
+# Note: these supervision methods only signal "process is ready."
+# They do not enable continuous liveness pings back to your supervisor.
+supervised no
+
+# If a pid file is specified, Redis writes it where specified at startup
+# and removes it at exit.
+#
+# When the server runs non daemonized, no pid file is created if none is
+# specified in the configuration. When the server is daemonized, the pid file
+# is used even if not specified, defaulting to "/var/run/redis.pid".
+#
+# Creating a pid file is best effort: if Redis is not able to create it
+# nothing bad happens, the server will start and run normally.
+
+# When running daemonized, Redis writes a pid file in /var/run/redis.pid by
+# default. You can specify a custom pid file location here.
+pidfile /var/run/redis.pid
+
+# Specify the server verbosity level.
+# This can be one of:
+# debug (a lot of information, useful for development/testing)
+# verbose (many rarely useful info, but not a mess like the debug level)
+# notice (moderately verbose, what you want in production probably)
+# warning (only very important / critical messages are logged)
+loglevel notice
+
+# Specify the log file name. Also the empty string can be used to force
+# Redis to log on the standard output. Note that if you use standard
+# output for logging but daemonize, logs will be sent to /dev/null
+logfile ""
+
+# To enable logging to the system logger, just set 'syslog-enabled' to yes,
+# and optionally update the other syslog parameters to suit your needs.
+syslog-enabled yes
+
+# Specify the syslog identity.
+syslog-ident redis
+
+# Specify the syslog facility. Must be USER or between LOCAL0-LOCAL7.
+# syslog-facility local0
+
+# Set the number of databases. The default database is DB 0, you can select
+# a different one on a per-connection basis using SELECT <dbid> where
+# dbid is a number between 0 and 'databases'-1
+databases 16
+
+# By default Redis shows an ASCII art logo only when started to log to the
+# standard output and if the standard output is a TTY. Basically this means
+# that normally a logo is displayed only in interactive sessions.
+#
+# However it is possible to force the pre-4.0 behavior and always show a
+# ASCII art logo in startup logs by setting the following option to yes.
+always-show-logo yes
+
+################################ SNAPSHOTTING ################################
+#
+# Save the DB on disk:
+#
+# save <seconds> <changes>
+#
+# Will save the DB if both the given number of seconds and the given
+# number of write operations against the DB occurred.
+#
+# In the example below the behaviour will be to save:
+# after 900 sec (15 min) if at least 1 key changed
+# after 300 sec (5 min) if at least 10 keys changed
+# after 60 sec if at least 10000 keys changed
+#
+# Note: you can disable saving completely by commenting out all "save" lines.
+#
+# It is also possible to remove all the previously configured save
+# points by adding a save directive with a single empty string argument
+# like in the following example:
+#
+# save ""
+
+#save 900 1
+#save 300 10
+#save 60 10000
+
+# OE: tune for a small embedded system with a limited # of keys.
+save 120 1
+save 60 100
+save 30 1000
+
+# By default Redis will stop accepting writes if RDB snapshots are enabled
+# (at least one save point) and the latest background save failed.
+# This will make the user aware (in a hard way) that data is not persisting
+# on disk properly, otherwise chances are that no one will notice and some
+# disaster will happen.
+#
+# If the background saving process will start working again Redis will
+# automatically allow writes again.
+#
+# However if you have setup your proper monitoring of the Redis server
+# and persistence, you may want to disable this feature so that Redis will
+# continue to work as usual even if there are problems with disk,
+# permissions, and so forth.
+stop-writes-on-bgsave-error yes
+
+# Compress string objects using LZF when dump .rdb databases?
+# For default that's set to 'yes' as it's almost always a win.
+# If you want to save some CPU in the saving child set it to 'no' but
+# the dataset will likely be bigger if you have compressible values or keys.
+rdbcompression yes
+
+# Since version 5 of RDB a CRC64 checksum is placed at the end of the file.
+# This makes the format more resistant to corruption but there is a performance
+# hit to pay (around 10%) when saving and loading RDB files, so you can disable it
+# for maximum performances.
+#
+# RDB files created with checksum disabled have a checksum of zero that will
+# tell the loading code to skip the check.
+rdbchecksum yes
+
+# The filename where to dump the DB
+dbfilename dump.rdb
+
+# The working directory.
+#
+# The DB will be written inside this directory, with the filename specified
+# above using the 'dbfilename' configuration directive.
+#
+# The Append Only File will also be created inside this directory.
+#
+# Note that you must specify a directory here, not a file name.
+dir /var/lib/redis/
+
+################################# REPLICATION #################################
+
+# Master-Slave replication. Use slaveof to make a Redis instance a copy of
+# another Redis server. A few things to understand ASAP about Redis replication.
+#
+# 1) Redis replication is asynchronous, but you can configure a master to
+# stop accepting writes if it appears to be not connected with at least
+# a given number of slaves.
+# 2) Redis slaves are able to perform a partial resynchronization with the
+# master if the replication link is lost for a relatively small amount of
+# time. You may want to configure the replication backlog size (see the next
+# sections of this file) with a sensible value depending on your needs.
+# 3) Replication is automatic and does not need user intervention. After a
+# network partition slaves automatically try to reconnect to masters
+# and resynchronize with them.
+#
+# slaveof <masterip> <masterport>
+
+# If the master is password protected (using the "requirepass" configuration
+# directive below) it is possible to tell the slave to authenticate before
+# starting the replication synchronization process, otherwise the master will
+# refuse the slave request.
+#
+# masterauth <master-password>
+
+# When a slave loses its connection with the master, or when the replication
+# is still in progress, the slave can act in two different ways:
+#
+# 1) if slave-serve-stale-data is set to 'yes' (the default) the slave will
+# still reply to client requests, possibly with out of date data, or the
+# data set may just be empty if this is the first synchronization.
+#
+# 2) if slave-serve-stale-data is set to 'no' the slave will reply with
+# an error "SYNC with master in progress" to all the kind of commands
+# but to INFO and SLAVEOF.
+#
+slave-serve-stale-data yes
+
+# You can configure a slave instance to accept writes or not. Writing against
+# a slave instance may be useful to store some ephemeral data (because data
+# written on a slave will be easily deleted after resync with the master) but
+# may also cause problems if clients are writing to it because of a
+# misconfiguration.
+#
+# Since Redis 2.6 by default slaves are read-only.
+#
+# Note: read only slaves are not designed to be exposed to untrusted clients
+# on the internet. It's just a protection layer against misuse of the instance.
+# Still a read only slave exports by default all the administrative commands
+# such as CONFIG, DEBUG, and so forth. To a limited extent you can improve
+# security of read only slaves using 'rename-command' to shadow all the
+# administrative / dangerous commands.
+slave-read-only yes
+
+# Replication SYNC strategy: disk or socket.
+#
+# -------------------------------------------------------
+# WARNING: DISKLESS REPLICATION IS EXPERIMENTAL CURRENTLY
+# -------------------------------------------------------
+#
+# New slaves and reconnecting slaves that are not able to continue the replication
+# process just receiving differences, need to do what is called a "full
+# synchronization". An RDB file is transmitted from the master to the slaves.
+# The transmission can happen in two different ways:
+#
+# 1) Disk-backed: The Redis master creates a new process that writes the RDB
+# file on disk. Later the file is transferred by the parent
+# process to the slaves incrementally.
+# 2) Diskless: The Redis master creates a new process that directly writes the
+# RDB file to slave sockets, without touching the disk at all.
+#
+# With disk-backed replication, while the RDB file is generated, more slaves
+# can be queued and served with the RDB file as soon as the current child producing
+# the RDB file finishes its work. With diskless replication instead once
+# the transfer starts, new slaves arriving will be queued and a new transfer
+# will start when the current one terminates.
+#
+# When diskless replication is used, the master waits a configurable amount of
+# time (in seconds) before starting the transfer in the hope that multiple slaves
+# will arrive and the transfer can be parallelized.
+#
+# With slow disks and fast (large bandwidth) networks, diskless replication
+# works better.
+repl-diskless-sync no
+
+# When diskless replication is enabled, it is possible to configure the delay
+# the server waits in order to spawn the child that transfers the RDB via socket
+# to the slaves.
+#
+# This is important since once the transfer starts, it is not possible to serve
+# new slaves arriving, that will be queued for the next RDB transfer, so the server
+# waits a delay in order to let more slaves arrive.
+#
+# The delay is specified in seconds, and by default is 5 seconds. To disable
+# it entirely just set it to 0 seconds and the transfer will start ASAP.
+repl-diskless-sync-delay 5
+
+# Slaves send PINGs to server in a predefined interval. It's possible to change
+# this interval with the repl_ping_slave_period option. The default value is 10
+# seconds.
+#
+# repl-ping-slave-period 10
+
+# The following option sets the replication timeout for:
+#
+# 1) Bulk transfer I/O during SYNC, from the point of view of slave.
+# 2) Master timeout from the point of view of slaves (data, pings).
+# 3) Slave timeout from the point of view of masters (REPLCONF ACK pings).
+#
+# It is important to make sure that this value is greater than the value
+# specified for repl-ping-slave-period otherwise a timeout will be detected
+# every time there is low traffic between the master and the slave.
+#
+# repl-timeout 60
+
+# Disable TCP_NODELAY on the slave socket after SYNC?
+#
+# If you select "yes" Redis will use a smaller number of TCP packets and
+# less bandwidth to send data to slaves. But this can add a delay for
+# the data to appear on the slave side, up to 40 milliseconds with
+# Linux kernels using a default configuration.
+#
+# If you select "no" the delay for data to appear on the slave side will
+# be reduced but more bandwidth will be used for replication.
+#
+# By default we optimize for low latency, but in very high traffic conditions
+# or when the master and slaves are many hops away, turning this to "yes" may
+# be a good idea.
+repl-disable-tcp-nodelay no
+
+# Set the replication backlog size. The backlog is a buffer that accumulates
+# slave data when slaves are disconnected for some time, so that when a slave
+# wants to reconnect again, often a full resync is not needed, but a partial
+# resync is enough, just passing the portion of data the slave missed while
+# disconnected.
+#
+# The bigger the replication backlog, the longer the time the slave can be
+# disconnected and later be able to perform a partial resynchronization.
+#
+# The backlog is only allocated once there is at least a slave connected.
+#
+# repl-backlog-size 1mb
+
+# After a master has no longer connected slaves for some time, the backlog
+# will be freed. The following option configures the amount of seconds that
+# need to elapse, starting from the time the last slave disconnected, for
+# the backlog buffer to be freed.
+#
+# Note that slaves never free the backlog for timeout, since they may be
+# promoted to masters later, and should be able to correctly "partially
+# resynchronize" with the slaves: hence they should always accumulate backlog.
+#
+# A value of 0 means to never release the backlog.
+#
+# repl-backlog-ttl 3600
+
+# The slave priority is an integer number published by Redis in the INFO output.
+# It is used by Redis Sentinel in order to select a slave to promote into a
+# master if the master is no longer working correctly.
+#
+# A slave with a low priority number is considered better for promotion, so
+# for instance if there are three slaves with priority 10, 100, 25 Sentinel will
+# pick the one with priority 10, that is the lowest.
+#
+# However a special priority of 0 marks the slave as not able to perform the
+# role of master, so a slave with priority of 0 will never be selected by
+# Redis Sentinel for promotion.
+#
+# By default the priority is 100.
+slave-priority 100
+
+# It is possible for a master to stop accepting writes if there are less than
+# N slaves connected, having a lag less or equal than M seconds.
+#
+# The N slaves need to be in "online" state.
+#
+# The lag in seconds, that must be <= the specified value, is calculated from
+# the last ping received from the slave, that is usually sent every second.
+#
+# This option does not GUARANTEE that N replicas will accept the write, but
+# will limit the window of exposure for lost writes in case not enough slaves
+# are available, to the specified number of seconds.
+#
+# For example to require at least 3 slaves with a lag <= 10 seconds use:
+#
+# min-slaves-to-write 3
+# min-slaves-max-lag 10
+#
+# Setting one or the other to 0 disables the feature.
+#
+# By default min-slaves-to-write is set to 0 (feature disabled) and
+# min-slaves-max-lag is set to 10.
+
+# A Redis master is able to list the address and port of the attached
+# slaves in different ways. For example the "INFO replication" section
+# offers this information, which is used, among other tools, by
+# Redis Sentinel in order to discover slave instances.
+# Another place where this info is available is in the output of the
+# "ROLE" command of a master.
+#
+# The listed IP and address normally reported by a slave is obtained
+# in the following way:
+#
+# IP: The address is auto detected by checking the peer address
+# of the socket used by the slave to connect with the master.
+#
+# Port: The port is communicated by the slave during the replication
+# handshake, and is normally the port that the slave is using to
+# list for connections.
+#
+# However when port forwarding or Network Address Translation (NAT) is
+# used, the slave may be actually reachable via different IP and port
+# pairs. The following two options can be used by a slave in order to
+# report to its master a specific set of IP and port, so that both INFO
+# and ROLE will report those values.
+#
+# There is no need to use both the options if you need to override just
+# the port or the IP address.
+#
+# slave-announce-ip 5.5.5.5
+# slave-announce-port 1234
+
+################################## SECURITY ###################################
+
+# Require clients to issue AUTH <PASSWORD> before processing any other
+# commands. This might be useful in environments in which you do not trust
+# others with access to the host running redis-server.
+#
+# This should stay commented out for backward compatibility and because most
+# people do not need auth (e.g. they run their own servers).
+#
+# Warning: since Redis is pretty fast an outside user can try up to
+# 150k passwords per second against a good box. This means that you should
+# use a very strong password otherwise it will be very easy to break.
+#
+# requirepass foobared
+
+# Command renaming.
+#
+# It is possible to change the name of dangerous commands in a shared
+# environment. For instance the CONFIG command may be renamed into something
+# hard to guess so that it will still be available for internal-use tools
+# but not available for general clients.
+#
+# Example:
+#
+# rename-command CONFIG b840fc02d524045429941cc15f59e41cb7be6c52
+#
+# It is also possible to completely kill a command by renaming it into
+# an empty string:
+#
+# rename-command CONFIG ""
+#
+# Please note that changing the name of commands that are logged into the
+# AOF file or transmitted to slaves may cause problems.
+
+################################### CLIENTS ####################################
+
+# Set the max number of connected clients at the same time. By default
+# this limit is set to 10000 clients, however if the Redis server is not
+# able to configure the process file limit to allow for the specified limit
+# the max number of allowed clients is set to the current file limit
+# minus 32 (as Redis reserves a few file descriptors for internal uses).
+#
+# Once the limit is reached Redis will close all the new connections sending
+# an error 'max number of clients reached'.
+#
+# maxclients 10000
+
+############################## MEMORY MANAGEMENT ################################
+
+# Set a memory usage limit to the specified amount of bytes.
+# When the memory limit is reached Redis will try to remove keys
+# according to the eviction policy selected (see maxmemory-policy).
+#
+# If Redis can't remove keys according to the policy, or if the policy is
+# set to 'noeviction', Redis will start to reply with errors to commands
+# that would use more memory, like SET, LPUSH, and so on, and will continue
+# to reply to read-only commands like GET.
+#
+# This option is usually useful when using Redis as an LRU or LFU cache, or to
+# set a hard memory limit for an instance (using the 'noeviction' policy).
+#
+# WARNING: If you have slaves attached to an instance with maxmemory on,
+# the size of the output buffers needed to feed the slaves are subtracted
+# from the used memory count, so that network problems / resyncs will
+# not trigger a loop where keys are evicted, and in turn the output
+# buffer of slaves is full with DELs of keys evicted triggering the deletion
+# of more keys, and so forth until the database is completely emptied.
+#
+# In short... if you have slaves attached it is suggested that you set a lower
+# limit for maxmemory so that there is some free RAM on the system for slave
+# output buffers (but this is not needed if the policy is 'noeviction').
+#
+# maxmemory <bytes>
+
+# MAXMEMORY POLICY: how Redis will select what to remove when maxmemory
+# is reached. You can select among five behaviors:
+#
+# volatile-lru -> Evict using approximated LRU among the keys with an expire set.
+# allkeys-lru -> Evict any key using approximated LRU.
+# volatile-lfu -> Evict using approximated LFU among the keys with an expire set.
+# allkeys-lfu -> Evict any key using approximated LFU.
+# volatile-random -> Remove a random key among the ones with an expire set.
+# allkeys-random -> Remove a random key, any key.
+# volatile-ttl -> Remove the key with the nearest expire time (minor TTL)
+# noeviction -> Don't evict anything, just return an error on write operations.
+#
+# LRU means Least Recently Used
+# LFU means Least Frequently Used
+#
+# Both LRU, LFU and volatile-ttl are implemented using approximated
+# randomized algorithms.
+#
+# Note: with any of the above policies, Redis will return an error on write
+# operations, when there are no suitable keys for eviction.
+#
+# At the date of writing these commands are: set setnx setex append
+# incr decr rpush lpush rpushx lpushx linsert lset rpoplpush sadd
+# sinter sinterstore sunion sunionstore sdiff sdiffstore zadd zincrby
+# zunionstore zinterstore hset hsetnx hmset hincrby incrby decrby
+# getset mset msetnx exec sort
+#
+# The default is:
+#
+# maxmemory-policy noeviction
+
+# LRU, LFU and minimal TTL algorithms are not precise algorithms but approximated
+# algorithms (in order to save memory), so you can tune it for speed or
+# accuracy. For default Redis will check five keys and pick the one that was
+# used less recently, you can change the sample size using the following
+# configuration directive.
+#
+# The default of 5 produces good enough results. 10 Approximates very closely
+# true LRU but costs more CPU. 3 is faster but not very accurate.
+#
+# maxmemory-samples 5
+
+############################# LAZY FREEING ####################################
+
+# Redis has two primitives to delete keys. One is called DEL and is a blocking
+# deletion of the object. It means that the server stops processing new commands
+# in order to reclaim all the memory associated with an object in a synchronous
+# way. If the key deleted is associated with a small object, the time needed
+# in order to execute the DEL command is very small and comparable to most other
+# O(1) or O(log_N) commands in Redis. However if the key is associated with an
+# aggregated value containing millions of elements, the server can block for
+# a long time (even seconds) in order to complete the operation.
+#
+# For the above reasons Redis also offers non blocking deletion primitives
+# such as UNLINK (non blocking DEL) and the ASYNC option of FLUSHALL and
+# FLUSHDB commands, in order to reclaim memory in background. Those commands
+# are executed in constant time. Another thread will incrementally free the
+# object in the background as fast as possible.
+#
+# DEL, UNLINK and ASYNC option of FLUSHALL and FLUSHDB are user-controlled.
+# It's up to the design of the application to understand when it is a good
+# idea to use one or the other. However the Redis server sometimes has to
+# delete keys or flush the whole database as a side effect of other operations.
+# Specifically Redis deletes objects independently of a user call in the
+# following scenarios:
+#
+# 1) On eviction, because of the maxmemory and maxmemory policy configurations,
+# in order to make room for new data, without going over the specified
+# memory limit.
+# 2) Because of expire: when a key with an associated time to live (see the
+# EXPIRE command) must be deleted from memory.
+# 3) Because of a side effect of a command that stores data on a key that may
+# already exist. For example the RENAME command may delete the old key
+# content when it is replaced with another one. Similarly SUNIONSTORE
+# or SORT with STORE option may delete existing keys. The SET command
+# itself removes any old content of the specified key in order to replace
+# it with the specified string.
+# 4) During replication, when a slave performs a full resynchronization with
+# its master, the content of the whole database is removed in order to
+# load the RDB file just transfered.
+#
+# In all the above cases the default is to delete objects in a blocking way,
+# like if DEL was called. However you can configure each case specifically
+# in order to instead release memory in a non-blocking way like if UNLINK
+# was called, using the following configuration directives:
+
+lazyfree-lazy-eviction no
+lazyfree-lazy-expire no
+lazyfree-lazy-server-del no
+slave-lazy-flush no
+
+############################## APPEND ONLY MODE ###############################
+
+# By default Redis asynchronously dumps the dataset on disk. This mode is
+# good enough in many applications, but an issue with the Redis process or
+# a power outage may result into a few minutes of writes lost (depending on
+# the configured save points).
+#
+# The Append Only File is an alternative persistence mode that provides
+# much better durability. For instance using the default data fsync policy
+# (see later in the config file) Redis can lose just one second of writes in a
+# dramatic event like a server power outage, or a single write if something
+# wrong with the Redis process itself happens, but the operating system is
+# still running correctly.
+#
+# AOF and RDB persistence can be enabled at the same time without problems.
+# If the AOF is enabled on startup Redis will load the AOF, that is the file
+# with the better durability guarantees.
+#
+# Please check http://redis.io/topics/persistence for more information.
+
+# OE: changed default to enable this
+appendonly yes
+
+# The name of the append only file (default: "appendonly.aof")
+
+appendfilename "appendonly.aof"
+
+# The fsync() call tells the Operating System to actually write data on disk
+# instead of waiting for more data in the output buffer. Some OS will really flush
+# data on disk, some other OS will just try to do it ASAP.
+#
+# Redis supports three different modes:
+#
+# no: don't fsync, just let the OS flush the data when it wants. Faster.
+# always: fsync after every write to the append only log. Slow, Safest.
+# everysec: fsync only one time every second. Compromise.
+#
+# The default is "everysec", as that's usually the right compromise between
+# speed and data safety. It's up to you to understand if you can relax this to
+# "no" that will let the operating system flush the output buffer when
+# it wants, for better performances (but if you can live with the idea of
+# some data loss consider the default persistence mode that's snapshotting),
+# or on the contrary, use "always" that's very slow but a bit safer than
+# everysec.
+#
+# More details please check the following article:
+# http://antirez.com/post/redis-persistence-demystified.html
+#
+# If unsure, use "everysec".
+
+# appendfsync always
+appendfsync everysec
+# appendfsync no
+
+# When the AOF fsync policy is set to always or everysec, and a background
+# saving process (a background save or AOF log background rewriting) is
+# performing a lot of I/O against the disk, in some Linux configurations
+# Redis may block too long on the fsync() call. Note that there is no fix for
+# this currently, as even performing fsync in a different thread will block
+# our synchronous write(2) call.
+#
+# In order to mitigate this problem it's possible to use the following option
+# that will prevent fsync() from being called in the main process while a
+# BGSAVE or BGREWRITEAOF is in progress.
+#
+# This means that while another child is saving, the durability of Redis is
+# the same as "appendfsync none". In practical terms, this means that it is
+# possible to lose up to 30 seconds of log in the worst scenario (with the
+# default Linux settings).
+#
+# If you have latency problems turn this to "yes". Otherwise leave it as
+# "no" that is the safest pick from the point of view of durability.
+
+no-appendfsync-on-rewrite no
+
+# Automatic rewrite of the append only file.
+# Redis is able to automatically rewrite the log file implicitly calling
+# BGREWRITEAOF when the AOF log size grows by the specified percentage.
+#
+# This is how it works: Redis remembers the size of the AOF file after the
+# latest rewrite (if no rewrite has happened since the restart, the size of
+# the AOF at startup is used).
+#
+# This base size is compared to the current size. If the current size is
+# bigger than the specified percentage, the rewrite is triggered. Also
+# you need to specify a minimal size for the AOF file to be rewritten, this
+# is useful to avoid rewriting the AOF file even if the percentage increase
+# is reached but it is still pretty small.
+#
+# Specify a percentage of zero in order to disable the automatic AOF
+# rewrite feature.
+
+auto-aof-rewrite-percentage 100
+auto-aof-rewrite-min-size 64mb
+
+# An AOF file may be found to be truncated at the end during the Redis
+# startup process, when the AOF data gets loaded back into memory.
+# This may happen when the system where Redis is running
+# crashes, especially when an ext4 filesystem is mounted without the
+# data=ordered option (however this can't happen when Redis itself
+# crashes or aborts but the operating system still works correctly).
+#
+# Redis can either exit with an error when this happens, or load as much
+# data as possible (the default now) and start if the AOF file is found
+# to be truncated at the end. The following option controls this behavior.
+#
+# If aof-load-truncated is set to yes, a truncated AOF file is loaded and
+# the Redis server starts emitting a log to inform the user of the event.
+# Otherwise if the option is set to no, the server aborts with an error
+# and refuses to start. When the option is set to no, the user requires
+# to fix the AOF file using the "redis-check-aof" utility before to restart
+# the server.
+#
+# Note that if the AOF file will be found to be corrupted in the middle
+# the server will still exit with an error. This option only applies when
+# Redis will try to read more data from the AOF file but not enough bytes
+# will be found.
+aof-load-truncated yes
+
+# When rewriting the AOF file, Redis is able to use an RDB preamble in the
+# AOF file for faster rewrites and recoveries. When this option is turned
+# on the rewritten AOF file is composed of two different stanzas:
+#
+# [RDB file][AOF tail]
+#
+# When loading Redis recognizes that the AOF file starts with the "REDIS"
+# string and loads the prefixed RDB file, and continues loading the AOF
+# tail.
+#
+# This is currently turned off by default in order to avoid the surprise
+# of a format change, but will at some point be used as the default.
+aof-use-rdb-preamble no
+
+################################ LUA SCRIPTING ###############################
+
+# Max execution time of a Lua script in milliseconds.
+#
+# If the maximum execution time is reached Redis will log that a script is
+# still in execution after the maximum allowed time and will start to
+# reply to queries with an error.
+#
+# When a long running script exceeds the maximum execution time only the
+# SCRIPT KILL and SHUTDOWN NOSAVE commands are available. The first can be
+# used to stop a script that did not yet called write commands. The second
+# is the only way to shut down the server in the case a write command was
+# already issued by the script but the user doesn't want to wait for the natural
+# termination of the script.
+#
+# Set it to 0 or a negative value for unlimited execution without warnings.
+lua-time-limit 5000
+
+################################ REDIS CLUSTER ###############################
+#
+# ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+# WARNING EXPERIMENTAL: Redis Cluster is considered to be stable code, however
+# in order to mark it as "mature" we need to wait for a non trivial percentage
+# of users to deploy it in production.
+# ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+#
+# Normal Redis instances can't be part of a Redis Cluster; only nodes that are
+# started as cluster nodes can. In order to start a Redis instance as a
+# cluster node enable the cluster support uncommenting the following:
+#
+# cluster-enabled yes
+
+# Every cluster node has a cluster configuration file. This file is not
+# intended to be edited by hand. It is created and updated by Redis nodes.
+# Every Redis Cluster node requires a different cluster configuration file.
+# Make sure that instances running in the same system do not have
+# overlapping cluster configuration file names.
+#
+# cluster-config-file nodes-6379.conf
+
+# Cluster node timeout is the amount of milliseconds a node must be unreachable
+# for it to be considered in failure state.
+# Most other internal time limits are multiple of the node timeout.
+#
+# cluster-node-timeout 15000
+
+# A slave of a failing master will avoid to start a failover if its data
+# looks too old.
+#
+# There is no simple way for a slave to actually have an exact measure of
+# its "data age", so the following two checks are performed:
+#
+# 1) If there are multiple slaves able to failover, they exchange messages
+# in order to try to give an advantage to the slave with the best
+# replication offset (more data from the master processed).
+# Slaves will try to get their rank by offset, and apply to the start
+# of the failover a delay proportional to their rank.
+#
+# 2) Every single slave computes the time of the last interaction with
+# its master. This can be the last ping or command received (if the master
+# is still in the "connected" state), or the time that elapsed since the
+# disconnection with the master (if the replication link is currently down).
+# If the last interaction is too old, the slave will not try to failover
+# at all.
+#
+# The point "2" can be tuned by user. Specifically a slave will not perform
+# the failover if, since the last interaction with the master, the time
+# elapsed is greater than:
+#
+# (node-timeout * slave-validity-factor) + repl-ping-slave-period
+#
+# So for example if node-timeout is 30 seconds, and the slave-validity-factor
+# is 10, and assuming a default repl-ping-slave-period of 10 seconds, the
+# slave will not try to failover if it was not able to talk with the master
+# for longer than 310 seconds.
+#
+# A large slave-validity-factor may allow slaves with too old data to failover
+# a master, while a too small value may prevent the cluster from being able to
+# elect a slave at all.
+#
+# For maximum availability, it is possible to set the slave-validity-factor
+# to a value of 0, which means, that slaves will always try to failover the
+# master regardless of the last time they interacted with the master.
+# (However they'll always try to apply a delay proportional to their
+# offset rank).
+#
+# Zero is the only value able to guarantee that when all the partitions heal
+# the cluster will always be able to continue.
+#
+# cluster-slave-validity-factor 10
+
+# Cluster slaves are able to migrate to orphaned masters, that are masters
+# that are left without working slaves. This improves the cluster ability
+# to resist to failures as otherwise an orphaned master can't be failed over
+# in case of failure if it has no working slaves.
+#
+# Slaves migrate to orphaned masters only if there are still at least a
+# given number of other working slaves for their old master. This number
+# is the "migration barrier". A migration barrier of 1 means that a slave
+# will migrate only if there is at least 1 other working slave for its master
+# and so forth. It usually reflects the number of slaves you want for every
+# master in your cluster.
+#
+# Default is 1 (slaves migrate only if their masters remain with at least
+# one slave). To disable migration just set it to a very large value.
+# A value of 0 can be set but is useful only for debugging and dangerous
+# in production.
+#
+# cluster-migration-barrier 1
+
+# By default Redis Cluster nodes stop accepting queries if they detect there
+# is at least an hash slot uncovered (no available node is serving it).
+# This way if the cluster is partially down (for example a range of hash slots
+# are no longer covered) all the cluster becomes, eventually, unavailable.
+# It automatically returns available as soon as all the slots are covered again.
+#
+# However sometimes you want the subset of the cluster which is working,
+# to continue to accept queries for the part of the key space that is still
+# covered. In order to do so, just set the cluster-require-full-coverage
+# option to no.
+#
+# cluster-require-full-coverage yes
+
+# In order to setup your cluster make sure to read the documentation
+# available at http://redis.io web site.
+
+########################## CLUSTER DOCKER/NAT support ########################
+
+# In certain deployments, Redis Cluster nodes address discovery fails, because
+# addresses are NAT-ted or because ports are forwarded (the typical case is
+# Docker and other containers).
+#
+# In order to make Redis Cluster working in such environments, a static
+# configuration where each node knows its public address is needed. The
+# following two options are used for this scope, and are:
+#
+# * cluster-announce-ip
+# * cluster-announce-port
+# * cluster-announce-bus-port
+#
+# Each instruct the node about its address, client port, and cluster message
+# bus port. The information is then published in the header of the bus packets
+# so that other nodes will be able to correctly map the address of the node
+# publishing the information.
+#
+# If the above options are not used, the normal Redis Cluster auto-detection
+# will be used instead.
+#
+# Note that when remapped, the bus port may not be at the fixed offset of
+# clients port + 10000, so you can specify any port and bus-port depending
+# on how they get remapped. If the bus-port is not set, a fixed offset of
+# 10000 will be used as usually.
+#
+# Example:
+#
+# cluster-announce-ip 10.1.1.5
+# cluster-announce-port 6379
+# cluster-announce-bus-port 6380
+
+################################## SLOW LOG ###################################
+
+# The Redis Slow Log is a system to log queries that exceeded a specified
+# execution time. The execution time does not include the I/O operations
+# like talking with the client, sending the reply and so forth,
+# but just the time needed to actually execute the command (this is the only
+# stage of command execution where the thread is blocked and can not serve
+# other requests in the meantime).
+#
+# You can configure the slow log with two parameters: one tells Redis
+# what is the execution time, in microseconds, to exceed in order for the
+# command to get logged, and the other parameter is the length of the
+# slow log. When a new command is logged the oldest one is removed from the
+# queue of logged commands.
+
+# The following time is expressed in microseconds, so 1000000 is equivalent
+# to one second. Note that a negative number disables the slow log, while
+# a value of zero forces the logging of every command.
+slowlog-log-slower-than 10000
+
+# There is no limit to this length. Just be aware that it will consume memory.
+# You can reclaim memory used by the slow log with SLOWLOG RESET.
+slowlog-max-len 128
+
+################################ LATENCY MONITOR ##############################
+
+# The Redis latency monitoring subsystem samples different operations
+# at runtime in order to collect data related to possible sources of
+# latency of a Redis instance.
+#
+# Via the LATENCY command this information is available to the user that can
+# print graphs and obtain reports.
+#
+# The system only logs operations that were performed in a time equal or
+# greater than the amount of milliseconds specified via the
+# latency-monitor-threshold configuration directive. When its value is set
+# to zero, the latency monitor is turned off.
+#
+# By default latency monitoring is disabled since it is mostly not needed
+# if you don't have latency issues, and collecting data has a performance
+# impact, that while very small, can be measured under big load. Latency
+# monitoring can easily be enabled at runtime using the command
+# "CONFIG SET latency-monitor-threshold <milliseconds>" if needed.
+latency-monitor-threshold 0
+
+############################# EVENT NOTIFICATION ##############################
+
+# Redis can notify Pub/Sub clients about events happening in the key space.
+# This feature is documented at http://redis.io/topics/notifications
+#
+# For instance if keyspace events notification is enabled, and a client
+# performs a DEL operation on key "foo" stored in the Database 0, two
+# messages will be published via Pub/Sub:
+#
+# PUBLISH __keyspace@0__:foo del
+# PUBLISH __keyevent@0__:del foo
+#
+# It is possible to select the events that Redis will notify among a set
+# of classes. Every class is identified by a single character:
+#
+# K Keyspace events, published with __keyspace@<db>__ prefix.
+# E Keyevent events, published with __keyevent@<db>__ prefix.
+# g Generic commands (non-type specific) like DEL, EXPIRE, RENAME, ...
+# $ String commands
+# l List commands
+# s Set commands
+# h Hash commands
+# z Sorted set commands
+# x Expired events (events generated every time a key expires)
+# e Evicted events (events generated when a key is evicted for maxmemory)
+# A Alias for g$lshzxe, so that the "AKE" string means all the events.
+#
+# The "notify-keyspace-events" takes as argument a string that is composed
+# of zero or multiple characters. The empty string means that notifications
+# are disabled.
+#
+# Example: to enable list and generic events, from the point of view of the
+# event name, use:
+#
+# notify-keyspace-events Elg
+#
+# Example 2: to get the stream of the expired keys subscribing to channel
+# name __keyevent@0__:expired use:
+#
+# notify-keyspace-events Ex
+#
+# By default all notifications are disabled because most users don't need
+# this feature and the feature has some overhead. Note that if you don't
+# specify at least one of K or E, no events will be delivered.
+notify-keyspace-events ""
+
+############################### ADVANCED CONFIG ###############################
+
+# Hashes are encoded using a memory efficient data structure when they have a
+# small number of entries, and the biggest entry does not exceed a given
+# threshold. These thresholds can be configured using the following directives.
+hash-max-ziplist-entries 512
+hash-max-ziplist-value 64
+
+# Lists are also encoded in a special way to save a lot of space.
+# The number of entries allowed per internal list node can be specified
+# as a fixed maximum size or a maximum number of elements.
+# For a fixed maximum size, use -5 through -1, meaning:
+# -5: max size: 64 Kb <-- not recommended for normal workloads
+# -4: max size: 32 Kb <-- not recommended
+# -3: max size: 16 Kb <-- probably not recommended
+# -2: max size: 8 Kb <-- good
+# -1: max size: 4 Kb <-- good
+# Positive numbers mean store up to _exactly_ that number of elements
+# per list node.
+# The highest performing option is usually -2 (8 Kb size) or -1 (4 Kb size),
+# but if your use case is unique, adjust the settings as necessary.
+list-max-ziplist-size -2
+
+# Lists may also be compressed.
+# Compress depth is the number of quicklist ziplist nodes from *each* side of
+# the list to *exclude* from compression. The head and tail of the list
+# are always uncompressed for fast push/pop operations. Settings are:
+# 0: disable all list compression
+# 1: depth 1 means "don't start compressing until after 1 node into the list,
+# going from either the head or tail"
+# So: [head]->node->node->...->node->[tail]
+# [head], [tail] will always be uncompressed; inner nodes will compress.
+# 2: [head]->[next]->node->node->...->node->[prev]->[tail]
+# 2 here means: don't compress head or head->next or tail->prev or tail,
+# but compress all nodes between them.
+# 3: [head]->[next]->[next]->node->node->...->node->[prev]->[prev]->[tail]
+# etc.
+list-compress-depth 0
+
+# Sets have a special encoding in just one case: when a set is composed
+# of just strings that happen to be integers in radix 10 in the range
+# of 64 bit signed integers.
+# The following configuration setting sets the limit in the size of the
+# set in order to use this special memory saving encoding.
+set-max-intset-entries 512
+
+# Similarly to hashes and lists, sorted sets are also specially encoded in
+# order to save a lot of space. This encoding is only used when the length and
+# elements of a sorted set are below the following limits:
+zset-max-ziplist-entries 128
+zset-max-ziplist-value 64
+
+# HyperLogLog sparse representation bytes limit. The limit includes the
+# 16 bytes header. When an HyperLogLog using the sparse representation crosses
+# this limit, it is converted into the dense representation.
+#
+# A value greater than 16000 is totally useless, since at that point the
+# dense representation is more memory efficient.
+#
+# The suggested value is ~ 3000 in order to have the benefits of
+# the space efficient encoding without slowing down too much PFADD,
+# which is O(N) with the sparse encoding. The value can be raised to
+# ~ 10000 when CPU is not a concern, but space is, and the data set is
+# composed of many HyperLogLogs with cardinality in the 0 - 15000 range.
+hll-sparse-max-bytes 3000
+
+# Active rehashing uses 1 millisecond every 100 milliseconds of CPU time in
+# order to help rehashing the main Redis hash table (the one mapping top-level
+# keys to values). The hash table implementation Redis uses (see dict.c)
+# performs a lazy rehashing: the more operation you run into a hash table
+# that is rehashing, the more rehashing "steps" are performed, so if the
+# server is idle the rehashing is never complete and some more memory is used
+# by the hash table.
+#
+# The default is to use this millisecond 10 times every second in order to
+# actively rehash the main dictionaries, freeing memory when possible.
+#
+# If unsure:
+# use "activerehashing no" if you have hard latency requirements and it is
+# not a good thing in your environment that Redis can reply from time to time
+# to queries with 2 milliseconds delay.
+#
+# use "activerehashing yes" if you don't have such hard requirements but
+# want to free memory asap when possible.
+activerehashing yes
+
+# The client output buffer limits can be used to force disconnection of clients
+# that are not reading data from the server fast enough for some reason (a
+# common reason is that a Pub/Sub client can't consume messages as fast as the
+# publisher can produce them).
+#
+# The limit can be set differently for the three different classes of clients:
+#
+# normal -> normal clients including MONITOR clients
+# slave -> slave clients
+# pubsub -> clients subscribed to at least one pubsub channel or pattern
+#
+# The syntax of every client-output-buffer-limit directive is the following:
+#
+# client-output-buffer-limit <class> <hard limit> <soft limit> <soft seconds>
+#
+# A client is immediately disconnected once the hard limit is reached, or if
+# the soft limit is reached and remains reached for the specified number of
+# seconds (continuously).
+# So for instance if the hard limit is 32 megabytes and the soft limit is
+# 16 megabytes / 10 seconds, the client will get disconnected immediately
+# if the size of the output buffers reach 32 megabytes, but will also get
+# disconnected if the client reaches 16 megabytes and continuously overcomes
+# the limit for 10 seconds.
+#
+# By default normal clients are not limited because they don't receive data
+# without asking (in a push way), but just after a request, so only
+# asynchronous clients may create a scenario where data is requested faster
+# than it can read.
+#
+# Instead there is a default limit for pubsub and slave clients, since
+# subscribers and slaves receive data in a push fashion.
+#
+# Both the hard or the soft limit can be disabled by setting them to zero.
+client-output-buffer-limit normal 0 0 0
+client-output-buffer-limit slave 256mb 64mb 60
+client-output-buffer-limit pubsub 32mb 8mb 60
+
+# Client query buffers accumulate new commands. They are limited to a fixed
+# amount by default in order to avoid that a protocol desynchronization (for
+# instance due to a bug in the client) will lead to unbound memory usage in
+# the query buffer. However you can configure it here if you have very special
+# needs, such us huge multi/exec requests or alike.
+#
+# client-query-buffer-limit 1gb
+
+# In the Redis protocol, bulk requests, that are, elements representing single
+# strings, are normally limited ot 512 mb. However you can change this limit
+# here.
+#
+# proto-max-bulk-len 512mb
+
+# Redis calls an internal function to perform many background tasks, like
+# closing connections of clients in timeout, purging expired keys that are
+# never requested, and so forth.
+#
+# Not all tasks are performed with the same frequency, but Redis checks for
+# tasks to perform according to the specified "hz" value.
+#
+# By default "hz" is set to 10. Raising the value will use more CPU when
+# Redis is idle, but at the same time will make Redis more responsive when
+# there are many keys expiring at the same time, and timeouts may be
+# handled with more precision.
+#
+# The range is between 1 and 500, however a value over 100 is usually not
+# a good idea. Most users should use the default of 10 and raise this up to
+# 100 only in environments where very low latency is required.
+hz 10
+
+# When a child rewrites the AOF file, if the following option is enabled
+# the file will be fsync-ed every 32 MB of data generated. This is useful
+# in order to commit the file to the disk more incrementally and avoid
+# big latency spikes.
+aof-rewrite-incremental-fsync yes
+
+# Redis LFU eviction (see maxmemory setting) can be tuned. However it is a good
+# idea to start with the default settings and only change them after investigating
+# how to improve the performances and how the keys LFU change over time, which
+# is possible to inspect via the OBJECT FREQ command.
+#
+# There are two tunable parameters in the Redis LFU implementation: the
+# counter logarithm factor and the counter decay time. It is important to
+# understand what the two parameters mean before changing them.
+#
+# The LFU counter is just 8 bits per key, it's maximum value is 255, so Redis
+# uses a probabilistic increment with logarithmic behavior. Given the value
+# of the old counter, when a key is accessed, the counter is incremented in
+# this way:
+#
+# 1. A random number R between 0 and 1 is extracted.
+# 2. A probability P is calculated as 1/(old_value*lfu_log_factor+1).
+# 3. The counter is incremented only if R < P.
+#
+# The default lfu-log-factor is 10. This is a table of how the frequency
+# counter changes with a different number of accesses with different
+# logarithmic factors:
+#
+# +--------+------------+------------+------------+------------+------------+
+# | factor | 100 hits | 1000 hits | 100K hits | 1M hits | 10M hits |
+# +--------+------------+------------+------------+------------+------------+
+# | 0 | 104 | 255 | 255 | 255 | 255 |
+# +--------+------------+------------+------------+------------+------------+
+# | 1 | 18 | 49 | 255 | 255 | 255 |
+# +--------+------------+------------+------------+------------+------------+
+# | 10 | 10 | 18 | 142 | 255 | 255 |
+# +--------+------------+------------+------------+------------+------------+
+# | 100 | 8 | 11 | 49 | 143 | 255 |
+# +--------+------------+------------+------------+------------+------------+
+#
+# NOTE: The above table was obtained by running the following commands:
+#
+# redis-benchmark -n 1000000 incr foo
+# redis-cli object freq foo
+#
+# NOTE 2: The counter initial value is 5 in order to give new objects a chance
+# to accumulate hits.
+#
+# The counter decay time is the time, in minutes, that must elapse in order
+# for the key counter to be divided by two (or decremented if it has a value
+# less <= 10).
+#
+# The default value for the lfu-decay-time is 1. A Special value of 0 means to
+# decay the counter every time it happens to be scanned.
+#
+# lfu-log-factor 10
+# lfu-decay-time 1
+
+########################### ACTIVE DEFRAGMENTATION #######################
+#
+# WARNING THIS FEATURE IS EXPERIMENTAL. However it was stress tested
+# even in production and manually tested by multiple engineers for some
+# time.
+#
+# What is active defragmentation?
+# -------------------------------
+#
+# Active (online) defragmentation allows a Redis server to compact the
+# spaces left between small allocations and deallocations of data in memory,
+# thus allowing to reclaim back memory.
+#
+# Fragmentation is a natural process that happens with every allocator (but
+# less so with Jemalloc, fortunately) and certain workloads. Normally a server
+# restart is needed in order to lower the fragmentation, or at least to flush
+# away all the data and create it again. However thanks to this feature
+# implemented by Oran Agra for Redis 4.0 this process can happen at runtime
+# in an "hot" way, while the server is running.
+#
+# Basically when the fragmentation is over a certain level (see the
+# configuration options below) Redis will start to create new copies of the
+# values in contiguous memory regions by exploiting certain specific Jemalloc
+# features (in order to understand if an allocation is causing fragmentation
+# and to allocate it in a better place), and at the same time, will release the
+# old copies of the data. This process, repeated incrementally for all the keys
+# will cause the fragmentation to drop back to normal values.
+#
+# Important things to understand:
+#
+# 1. This feature is disabled by default, and only works if you compiled Redis
+# to use the copy of Jemalloc we ship with the source code of Redis.
+# This is the default with Linux builds.
+#
+# 2. You never need to enable this feature if you don't have fragmentation
+# issues.
+#
+# 3. Once you experience fragmentation, you can enable this feature when
+# needed with the command "CONFIG SET activedefrag yes".
+#
+# The configuration parameters are able to fine tune the behavior of the
+# defragmentation process. If you are not sure about what they mean it is
+# a good idea to leave the defaults untouched.
+
+# Enabled active defragmentation
+# activedefrag yes
+
+# Minimum amount of fragmentation waste to start active defrag
+# active-defrag-ignore-bytes 100mb
+
+# Minimum percentage of fragmentation to start active defrag
+# active-defrag-threshold-lower 10
+
+# Maximum percentage of fragmentation at which we use maximum effort
+# active-defrag-threshold-upper 100
+
+# Minimal effort for defrag in CPU percentage
+# active-defrag-cycle-min 25
+
+# Maximal effort for defrag in CPU percentage
+# active-defrag-cycle-max 75
diff --git a/meta-openembedded/meta-oe/recipes-extended/redis/redis-7.0.11/redis.service b/meta-openembedded/meta-oe/recipes-extended/redis/redis-7.0.11/redis.service
new file mode 100644
index 0000000..a52204c
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-extended/redis/redis-7.0.11/redis.service
@@ -0,0 +1,16 @@
+[Unit]
+Description=Redis In-Memory Data Store
+After=network.target
+
+[Service]
+User=redis
+Group=redis
+ExecStart=/usr/bin/redis-server /etc/redis/redis.conf
+ExecStop=/usr/bin/redis-cli shutdown
+Restart=always
+LimitNOFILE=10032
+Type=notify
+
+[Install]
+WantedBy=multi-user.target
+