poky: subtree update:745e38ff0f..81f9e815d3
Adrian Bunk (6):
openssl: Upgrade 1.1.1c -> 1.1.1d
glib-2.0: Upgrade 2.60.6 -> 2.60.7
lttng-modules: Upgrade 2.10.10 -> 2.10.11
lttng-ust: Upgrade 2.10.4 -> 2.10.5
squashfs-tools: Remove UPSTREAM_CHECK_COMMITS
libmpc: Remove dead UPSTREAM_CHECK_URI
Alexander Kanavin (2):
runqemu: decouple gtk and gl options
strace: add a timeout for running ptests
Alistair Francis (1):
gdb: Mark gdbserver as ALLOW_EMPTY for riscv32
Andre McCurdy (9):
busybox: drop unused mount.busybox and umount.busybox wrappers
busybox: drop inittab from SRC_URI ( now moved to busybox-inittab )
busybox-inittab: minor formatting tweaks
base-files: drop legacy empty file /etc/default/usbd
busybox: rcS and rcK should not be writeable by everyone
ffmpeg: add PACKAGECONFIG controls for alsa and zlib (enable by default)
libwebp: apply ARM specific config options to big endian ARM
initscripts: enable alignment.sh init script for big endian ARM
libunwind: apply configure over-ride to both big and little endian ARM
Andrew F. Davis (4):
libepoxy: Disable x11 when not building for x11
cogl: Set depends to the virtual needed not explicitly on Mesa
gtk+3: Set depends to the virtual needed not explicitly on Mesa
weston: Set depends to the virtual needed not explicitly on Mesa
Armin Kuster (1):
gcc: Security fix for CVE-2019-15847
Changhyeok Bae (1):
iw: upgrade to 5.3
Changqing Li (2):
classextend.py: don't extend file for file dependency
report-error.bbclass: add local.conf/auto.conf into error report
Chen Qi (1):
python-numpy: fix build for libn32
Daniel Gomez (1):
lttng-modules: Add missing SRCREV_FORMAT
Diego Rondini (1):
initramfs-framework: support PARTLABEL option
Dmitry Eremin-Solenikov (7):
image-uefi.conf: add config file holding configuration for UEFI images
grub-bootconf: switch to image-uefi.conf
grub-efi: switch to image-uefi.conf
grub-efi.bbclass: switch to image-uefi.conf
systemd-boot: switch to image-uefi.conf
systemd-boot.bbclass: switch to image-uefi.conf
live-vm-common.bbclass: provide efi population functions for live images
Hector Palacios (1):
udev-extraconf: skip mounting partitions already mounted by systemd
Henning Schild (6):
oe-git-proxy: allow setting SOCAT from outside
oeqa: add case for oe-git-proxy
Revert "oe-git-proxy: Avoid resolving NO_PROXY against local files"
oe-git-proxy: disable shell pathname expansion for the whole script
oe-git-proxy: NO_PROXY suffix matching without wildcard for match_host
oe-git-proxy: fix dash "Bad substitution"
Hongxu Jia (1):
elfutils: 0.176 -> 0.177
Jack Mitchell (1):
iptables: add systemd helper unit to load/restore rules
Jaewon Lee (1):
populate_sdk_ext: Introduce mechanism to keep nativesdk* sstate in esdk
Jason Wessel (1):
gnupg: Extend -native wrapper to fix gpgme-native's gpgconf problems
Jiang Lu (2):
glib-networking:enable glib-networking build as native package
libsoup:enable libsoup build as native package
Joshua Watt (4):
sstatesig: Update server URI
Remove SSTATE_HASHEQUIV_SERVER
bitbake: bitbake: Rework hash equivalence
classes/archiver: Fix WORKDIR for shared source
Kai Kang (1):
systemd: provides ${base_sbindir}/udevadm
Khem Raj (10):
ptrace: Drop ptrace aid for musl/ppc
elfutils: Fix build on ppc/musl
cogl: Do not depend PN-dev on empty PN
musl: Update to latest master
glibc: Move DISTRO_FEATURE specific do_install code for target recipe only
populate_sdk_base.bbclass: nativesdk-glibc-locale is required on musl too
nativesdk.bbclass: Clear out LIBCEXTENSION and ABIEXTENSION
openssl: Enable os option for with-rand-seed as well
weston-init: Add possibility to run weston as non-root user
layer.conf: Remove weston-conf from SIGGEN_EXCLUDE_SAFE_RECIPE_DEPS
Li Zhou (1):
qemu: Security Advisory - qemu - CVE-2019-15890
Limeng (1):
tune-cortexa57-cortexa53: add tunes for ARM Cortex-A53-Cortex-A57
Martin Jansa (2):
perf: fix build on kernels which don't have ${S}/tools/include/linux/bits.h
bitbake: Revert "bitbake: cooker: Ensure bbappends are found in stable order"
Maxime Roussin-BĂ©langer (1):
meta: add missing descriptions and homepage in bsp
Mikko Rapeli (2):
busybox.inc: handle empty DEBUG_PREFIX_MAP
bitbake: svn fetcher: allow "svn propget svn:externals" to fail
Nathan Rossi (7):
resulttool: Handle multiple series containing ptestresults
gcc-cross.inc: Process binaries in build dir to be relocatable
oeqa/core/case.py: Add OEPTestResultTestCase for ptestresult helpers
oeqa/selftest: Rework toolchain tests to use OEPTestResultTestCase
glibc-testsuite: SkipRecipe if libc is not glibc
cmake: 3.15.2 -> 3.15.3
meson.bbclass: Handle microblaze* mapping to cpu family
Oleksandr Kravchuk (5):
python3-pygobject: update to 3.34.0
font-util: update to 1.3.2
expat: update to 2.2.8
curl: update to 7.66.0
python3-dbus: update to 1.2.12
Otavio Salvador (1):
mesa: Upgrade 19.1.1 -> 19.1.6
Peter Kjellerstedt (3):
glibc: Make it build without ldconfig in DISTRO_FEATURES
package_rpm.bbclass: Remove a misleading bb.note()
tzdata: Correct the packaging of /etc/localtime and /etc/timezone
Quentin Schulz (1):
externalsrc: stop rebuilds of 2+ externalsrc recipes sharing the same git repo
Randy MacLeod (4):
valgrind: enable ~500 more ptests
valgrind: make a few more ptests pass
valgrind: ptest improvements to run-ptest and more
valgrind: disable 256 ptests for aarch64
Richard Purdie (8):
bitbake: runqueue/siggen: Optimise hash equiv queries
runqemu: Mention snapshot in the help output
initramfs-framework: support PARTLABEL option
systemd: Handle slow to boot mips hwdb update timeouts
meta-extsdk: Either an sstate task is a proper task or it isn't
oeqa/concurrenttest: Use ionice to delete build directories
bitbake: utils: Add ionice option to prunedir
build-appliance-image: Update to master head revision
Robert Yang (2):
conf/multilib.conf: Add ovmf to NON_MULTILIB_RECIPES
bitbake: runqueue: validate_hashes(): currentcount should be a number
Ross Burton (16):
libtasn1: fix build with api-documentation enabled
gstreamer1.0-libav: enable gtk-doc again
python3: handle STAGING_LIBDIR/INCDIR being unset
mesa: no need to depend on target python3
adwaita-icon-theme: fix rare install race
oeqa/selftest/wic: improve assert messages in test_fixed_size
oeqa/selftest/imagefeatures: dump the JSON if it can't be parsed
libical: upgrade to 3.0.6
acpica: upgrade 20190509 -> 20190816
gdk-pixbuf: upgrade 2.38.1 -> 2.38.2
piglit: upgrade to latest revision
libinput: upgrade 1.14.0 -> 1.14.1
rootfs-postcommands: check /etc/gconf exists before working on it
systemd-systemctl-native: don't care about line endings
opkg-utils: respect SOURCE_DATE_EPOCH when building ipkgs
bitbake: fetch2/git: add git-lfs toggle option
Scott Murray (1):
systemd: upgrade to 243
Stefan Ghinea (1):
ghostscript: CVE-2019-14811, CVE-2019-14817
Tim Blechmann (1):
icecc: blacklist pixman
Yeoh Ee Peng (3):
bitbake: bitbake-layers: show-recipes: Show recipes only
bitbake: bitbake-layers: show-recipes: Select recipes from selected layer
bitbake: bitbake-layers: show-recipes: Enable bare output
Yi Zhao (3):
screen: add /etc/screenrc as global config file
nfs-utils: fix nfs mount error on 32bit nfs server
grub: remove diffutils and freetype runtime dependencies
Zang Ruochen (2):
btrfs-tools:upgrade 5.2.1 -> 5.2.2
timezone:upgrade 2019b -> 2019c
Change-Id: I1ec24480a8964e474cd99d60a0cb0975e49b46b8
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
diff --git a/poky/meta/recipes-extended/iptables/iptables_1.8.3.bb b/poky/meta/recipes-extended/iptables/iptables_1.8.3.bb
index 6ac3fc6..ff9fcb1 100644
--- a/poky/meta/recipes-extended/iptables/iptables_1.8.3.bb
+++ b/poky/meta/recipes-extended/iptables/iptables_1.8.3.bb
@@ -10,12 +10,14 @@
SRC_URI = "http://netfilter.org/projects/iptables/files/iptables-${PV}.tar.bz2 \
file://0001-configure-Add-option-to-enable-disable-libnfnetlink.patch \
file://0002-configure.ac-only-check-conntrack-when-libnfnetlink-enabled.patch \
+ file://iptables.service \
+ file://iptables.rules \
"
SRC_URI[md5sum] = "29de711d15c040c402cf3038c69ff513"
SRC_URI[sha256sum] = "a23cac034181206b4545f4e7e730e76e08b5f3dd78771ba9645a6756de9cdd80"
-inherit autotools pkgconfig
+inherit autotools pkgconfig systemd
EXTRA_OECONF = "--with-kernel=${STAGING_INCDIR}"
@@ -56,6 +58,19 @@
ALLOW_EMPTY_${PN}-modules = "1"
+do_install_append() {
+
+ install -d ${D}${sysconfdir}/iptables
+ install -m 0644 ${WORKDIR}/iptables.rules ${D}${sysconfdir}/iptables
+
+ install -d ${D}${systemd_system_unitdir}
+ install -m 0644 ${WORKDIR}/iptables.service ${D}${systemd_system_unitdir}
+
+ sed -i -e 's,@SBINDIR@,${sbindir},g' ${D}${systemd_system_unitdir}/iptables.service
+}
+
+SYSTEMD_SERVICE_${PN} = "iptables.service"
+
RDEPENDS_${PN} = "${PN}-module-xt-standard"
RRECOMMENDS_${PN} = " \
${PN}-modules \