poky: subtree update:c6bc20857c..b23aa6b753
Anatol Belski (1):
bitbake: bitbake: hashserv: Fix localhost sometimes resolved to a wrong IP
Andrew Geissler (1):
systemd: Upgrade v246.2 -> v246.6
Anibal Limon (1):
mesa: update 20.1.6 -> 20.1.8
Bruce Ashfield (2):
linux-yocto/beaglebone: Switch to sdhci-omap driver
kernel-yocto: add KBUILD_DEFCONFIG search location to failure message
Changqing Li (1):
sysklogd: fix parallel build issue
Charlie Davies (2):
bitbake: bitbake: fetch/git: add support for SRC_URI containing spaces in url
bitbake: bitbake: tests/fetch: add unit tests for SRC_URI with spaces in url
Chee Yang Lee (1):
bash : include patch 17 & 18
Chen Qi (2):
populate_sdk_ext.bbclass: add ESDK_MANIFEST_EXCLUDES
testsdk.py: remove workspace/sources to avoid failure in case of multilib
Chris Laplante (3):
bitbake.conf: add name of multiconfig to BUILDCFG_HEADER when multiconfig is active
cve-check: introduce CVE_CHECK_RECIPE_FILE variable to allow changing of per-recipe check file
cve-check: add CVE_CHECK_REPORT_PATCHED variable to suppress reporting of patched CVEs
Christian Eggers (1):
packagegroup: rrecommend perf also for musl on ARM
De Huo (1):
bash: fix CVE-2019-18276
Jean-Francois Dagenais (2):
bitbake: bitbake: tests/siggen: introduce clean_basepath testcases
bitbake: bitbake: siggen: clean_basepath: improve perfo and readability
Jens Rehsack (1):
image-artifact-names: make variables overridable
Jon Mason (1):
Space-comma Cleanups
Jonathan Richardson (1):
cortex-m0.inc: Add tuning for cortex-m0
Kai Kang (2):
systemd: disable xdg-autostart generator by default
kea: fix conflict between multilibs
Khairul Rohaizzat Jamaluddin (1):
sphinx: ref-variables: Added entry for IMAGE_EFI_BOOT_FILES
Khem Raj (6):
ncurses: Create alternative symlinks for st and st-256color
packagegroups: remove strace and lttng-tools for rv32/musl
qemuboot: Add QB_RNG variable
gettext: Fix ptest failure
ptest-runner: Backport patch to fix inappropriate ioctl error
systemd: Drop 0023-Fix-field-efi_loader_entry_one_shot_stat-has-incompl.patch
Konrad Weihmann (1):
testexport: rename create_tarball method
Leif Middelschulte (2):
bitbake: fetch2: fix handling of `\` in file:// SRC_URI
bitbake: tests/fetch: backslash support in file:// URIs
Mark Jonas (2):
Add license text for PSF-2.0
Map license names PSF and PSFv2 to PSF-2.0
Mingli Yu (3):
kea: create /var/lib/kea and /var/run/kea folder
bind: remove -r option for rndc-confgen
debianutils: update the debian snapshot version
Nicolas Dechesne (3):
sphinx: report errors when dependencies are not met
README: include detailed information about sphinx
sphinx: fix up some trademark and branding issues
Norman Stetter (1):
sstate.bbclass: Check file ownership before doing 'touch -a'
Otavio Salvador (1):
openssh: Allow enable/disable of rng-tools recommendation on sshd
Peter A. Bigot (1):
go-mod.bbclass: use append to add `modcacherw`
Quentin Schulz (2):
docs: static: theme_overrides.css: fix responsive design on <640px screens
docs: fix broken links
Randy MacLeod (1):
curl: Change SRC_URI from http to https
Rasmus Villemoes (1):
kernel.bbclass: ensure symlink_kernsrc task gets run even with externalsrc
Richard Purdie (15):
scripts/oe-build-perf-report: Use python3 from the environment
dropbear/openssh: Lower priority of key generation
oeqa/qemurunner: Increase serial timeout
python3-markupsafe: Import from meta-oe/meta-python
python3-jinja2: Import from meta-oe/meta-python
buildtools-tarball: Add python3-jinja2
buildtools-tarball: Fix conflicts with oe-selftest and other tooling
oeqa/selftest/incompatible_lib: Fix append usage
oeqa/selftest/containerimage: Update to match assumptions in configuration
ssh-pregen-hostkeys: Add a recipe with pregenerated ssh host keys
build-appliance-image: Update to master head revision
bitbake: Revert "bitbake-layers: add signal hander to avoid exception"
staging: Ensure cleaned dependencies are added
oeqa/selftest/devtool: Add sync call to test teardown
bitbake: cooker: Avoid tracebacks if data was never setup
Ross Burton (11):
gettext: no need to depend on bison-native
meta: add/fix invalid Upstream-Status tags
bitbake: taskexp: update for GTK API changes
glibc: make nscd optional
utils: respect scheduler affinity in cpu_count()
rpm: disable libarchive use
sstate: set mode explicitly when creating directories in sstate-cache
rpm: add PACKAGECONFIG for the systemd inhibit plugin
boost: move the build directory outside of S
bitbake: utils: add umask changing context manager
bitbake: siggen: use correct umask when writing siginfo
Saul Wold (2):
testimage: Add testimage_dump_target to kwargs
target/ssh.py: Add dump_target support
Teoh Jay Shen (1):
oeqa/runtime : add test for RTC(Real Time Clock)
Tim Orling (1):
oeqa/selftest/cases/devtool.py: avoid .pyc race
Usama Arif (1):
ref-manual: document authentication key variables
Wang Mingyu (1):
maintainers.inc: Add Zang Ruochen and Wang Mingyu for several recipes
Yi Zhao (4):
dhcpcd: pass --dbdir to EXTRA_OECONF to set database directory
dhcpcd: set --runstatedir to /run
dhcpcd: add dhcpcd user to support priviledge separation
dhcpcd: set service to conflict with connman
akuster (1):
libdrm: fix build failure
zangrc (4):
bind: upgrade 9.16.5 -> 9.16.7
stress-ng: upgrade 0.11.19 -> 0.11.21
pango: upgrade 1.46.1 -> 1.46.2
sudo: upgrade 1.9.2 -> 1.9.3
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
Change-Id: I2c19d3b3793ee5a6f42e04817147d75f315943a5
diff --git a/poky/meta/recipes-connectivity/bind/bind-9.16.5/0001-avoid-start-failure-with-bind-user.patch b/poky/meta/recipes-connectivity/bind/bind-9.16.7/0001-avoid-start-failure-with-bind-user.patch
similarity index 100%
rename from poky/meta/recipes-connectivity/bind/bind-9.16.5/0001-avoid-start-failure-with-bind-user.patch
rename to poky/meta/recipes-connectivity/bind/bind-9.16.7/0001-avoid-start-failure-with-bind-user.patch
diff --git a/poky/meta/recipes-connectivity/bind/bind-9.16.5/0001-named-lwresd-V-and-start-log-hide-build-options.patch b/poky/meta/recipes-connectivity/bind/bind-9.16.7/0001-named-lwresd-V-and-start-log-hide-build-options.patch
similarity index 100%
rename from poky/meta/recipes-connectivity/bind/bind-9.16.5/0001-named-lwresd-V-and-start-log-hide-build-options.patch
rename to poky/meta/recipes-connectivity/bind/bind-9.16.7/0001-named-lwresd-V-and-start-log-hide-build-options.patch
diff --git a/poky/meta/recipes-connectivity/bind/bind-9.16.5/bind-ensure-searching-for-json-headers-searches-sysr.patch b/poky/meta/recipes-connectivity/bind/bind-9.16.7/bind-ensure-searching-for-json-headers-searches-sysr.patch
similarity index 100%
rename from poky/meta/recipes-connectivity/bind/bind-9.16.5/bind-ensure-searching-for-json-headers-searches-sysr.patch
rename to poky/meta/recipes-connectivity/bind/bind-9.16.7/bind-ensure-searching-for-json-headers-searches-sysr.patch
diff --git a/poky/meta/recipes-connectivity/bind/bind-9.16.5/bind9 b/poky/meta/recipes-connectivity/bind/bind-9.16.7/bind9
similarity index 100%
rename from poky/meta/recipes-connectivity/bind/bind-9.16.5/bind9
rename to poky/meta/recipes-connectivity/bind/bind-9.16.7/bind9
diff --git a/poky/meta/recipes-connectivity/bind/bind-9.16.5/conf.patch b/poky/meta/recipes-connectivity/bind/bind-9.16.7/conf.patch
similarity index 100%
rename from poky/meta/recipes-connectivity/bind/bind-9.16.5/conf.patch
rename to poky/meta/recipes-connectivity/bind/bind-9.16.7/conf.patch
diff --git a/poky/meta/recipes-connectivity/bind/bind-9.16.5/generate-rndc-key.sh b/poky/meta/recipes-connectivity/bind/bind-9.16.7/generate-rndc-key.sh
similarity index 76%
rename from poky/meta/recipes-connectivity/bind/bind-9.16.5/generate-rndc-key.sh
rename to poky/meta/recipes-connectivity/bind/bind-9.16.7/generate-rndc-key.sh
index ef915c0..633e29c 100644
--- a/poky/meta/recipes-connectivity/bind/bind-9.16.5/generate-rndc-key.sh
+++ b/poky/meta/recipes-connectivity/bind/bind-9.16.7/generate-rndc-key.sh
@@ -2,7 +2,7 @@
if [ ! -s /etc/bind/rndc.key ]; then
echo -n "Generating /etc/bind/rndc.key:"
- /usr/sbin/rndc-confgen -a -b 512 -r /dev/urandom
+ /usr/sbin/rndc-confgen -a -b 512
chown root:bind /etc/bind/rndc.key
chmod 0640 /etc/bind/rndc.key
fi
diff --git a/poky/meta/recipes-connectivity/bind/bind-9.16.5/init.d-add-support-for-read-only-rootfs.patch b/poky/meta/recipes-connectivity/bind/bind-9.16.7/init.d-add-support-for-read-only-rootfs.patch
similarity index 100%
rename from poky/meta/recipes-connectivity/bind/bind-9.16.5/init.d-add-support-for-read-only-rootfs.patch
rename to poky/meta/recipes-connectivity/bind/bind-9.16.7/init.d-add-support-for-read-only-rootfs.patch
diff --git a/poky/meta/recipes-connectivity/bind/bind-9.16.5/make-etc-initd-bind-stop-work.patch b/poky/meta/recipes-connectivity/bind/bind-9.16.7/make-etc-initd-bind-stop-work.patch
similarity index 100%
rename from poky/meta/recipes-connectivity/bind/bind-9.16.5/make-etc-initd-bind-stop-work.patch
rename to poky/meta/recipes-connectivity/bind/bind-9.16.7/make-etc-initd-bind-stop-work.patch
diff --git a/poky/meta/recipes-connectivity/bind/bind-9.16.5/named.service b/poky/meta/recipes-connectivity/bind/bind-9.16.7/named.service
similarity index 100%
rename from poky/meta/recipes-connectivity/bind/bind-9.16.5/named.service
rename to poky/meta/recipes-connectivity/bind/bind-9.16.7/named.service
diff --git a/poky/meta/recipes-connectivity/bind/bind_9.16.5.bb b/poky/meta/recipes-connectivity/bind/bind_9.16.7.bb
similarity index 95%
rename from poky/meta/recipes-connectivity/bind/bind_9.16.5.bb
rename to poky/meta/recipes-connectivity/bind/bind_9.16.7.bb
index 1031924..5fc2c1d 100644
--- a/poky/meta/recipes-connectivity/bind/bind_9.16.5.bb
+++ b/poky/meta/recipes-connectivity/bind/bind_9.16.7.bb
@@ -19,7 +19,7 @@
file://0001-avoid-start-failure-with-bind-user.patch \
"
-SRC_URI[sha256sum] = "6378b3e51fef11a8be4794dc48e8111ba92d211c0dfd129a0c296ed06a3dc075"
+SRC_URI[sha256sum] = "9f7d1812ebbd26a699f62b6fa8522d5dec57e4bf43af0042a0d60d39ed8314d1"
UPSTREAM_CHECK_URI = "https://ftp.isc.org/isc/bind9/"
# stay at 9.16 follow the ESV versions divisible by 4
@@ -34,7 +34,7 @@
PACKAGECONFIG[libedit] = "--with-readline=-ledit,,libedit"
PACKAGECONFIG[python3] = "--with-python=yes --with-python-install-dir=${PYTHON_SITEPACKAGES_DIR} , --without-python, python3-ply-native,"
-EXTRA_OECONF = " --with-libtool --disable-devpoll --enable-epoll \
+EXTRA_OECONF = " --with-libtool --disable-devpoll --disable-auto-validation --enable-epoll \
--with-gssapi=no --with-lmdb=no --with-zlib \
--sysconfdir=${sysconfdir}/bind \
--with-openssl=${STAGING_DIR_HOST}${prefix} \
diff --git a/poky/meta/recipes-connectivity/dhcpcd/dhcpcd_9.2.0.bb b/poky/meta/recipes-connectivity/dhcpcd/dhcpcd_9.2.0.bb
index 292cb5b..4344841 100644
--- a/poky/meta/recipes-connectivity/dhcpcd/dhcpcd_9.2.0.bb
+++ b/poky/meta/recipes-connectivity/dhcpcd/dhcpcd_9.2.0.bb
@@ -19,7 +19,7 @@
SRC_URI[sha256sum] = "fcb2d19672d445bbfd38678fdee4f556ef967a3ea6bd81092d10545df2cb9666"
-inherit pkgconfig autotools-brokensep systemd
+inherit pkgconfig autotools-brokensep systemd useradd
SYSTEMD_SERVICE_${PN} = "dhcpcd.service"
@@ -28,12 +28,21 @@
PACKAGECONFIG[udev] = "--with-udev,--without-udev,udev,udev"
PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6"
-EXTRA_OECONF = "--enable-ipv4"
+EXTRA_OECONF = "--enable-ipv4 \
+ --dbdir=${localstatedir}/lib/${BPN} \
+ --runstatedir=/run \
+ "
+
+USERADD_PACKAGES = "${PN}"
+USERADD_PARAM_${PN} = "--system -d ${localstatedir}/lib/${BPN} -M -s /bin/false -U dhcpcd"
do_install_append () {
# install systemd unit files
install -d ${D}${systemd_unitdir}/system
install -m 0644 ${WORKDIR}/dhcpcd*.service ${D}${systemd_unitdir}/system
+
+ chmod 700 ${D}${localstatedir}/lib/${BPN}
+ chown dhcpcd:dhcpcd ${D}${localstatedir}/lib/${BPN}
}
FILES_${PN}-dbg += "${libdir}/dhcpcd/dev/.debug"
diff --git a/poky/meta/recipes-connectivity/dhcpcd/files/dhcpcd.service b/poky/meta/recipes-connectivity/dhcpcd/files/dhcpcd.service
index 86b5a43..bbed6d8 100644
--- a/poky/meta/recipes-connectivity/dhcpcd/files/dhcpcd.service
+++ b/poky/meta/recipes-connectivity/dhcpcd/files/dhcpcd.service
@@ -2,6 +2,7 @@
Description=A minimalistic network configuration daemon with DHCPv4, rdisc and DHCPv6 support
Wants=network.target
Before=network.target
+Conflicts=connman.service
[Service]
ExecStart=/usr/sbin/dhcpcd -q --nobackground
diff --git a/poky/meta/recipes-connectivity/dhcpcd/files/dhcpcd@.service b/poky/meta/recipes-connectivity/dhcpcd/files/dhcpcd@.service
index c81bb05..389b076 100644
--- a/poky/meta/recipes-connectivity/dhcpcd/files/dhcpcd@.service
+++ b/poky/meta/recipes-connectivity/dhcpcd/files/dhcpcd@.service
@@ -4,10 +4,11 @@
Before=network.target
BindsTo=sys-subsystem-net-devices-%i.device
After=sys-subsystem-net-devices-%i.device
+Conflicts=connman.service
[Service]
Type=forking
-PIDFile=/run/dhcpcd-%I.pid
+PIDFile=/run/dhcpcd/%I.pid
ExecStart=/usr/sbin/dhcpcd -q %I
ExecStop=/usr/sbin/dhcpcd -x %I
diff --git a/poky/meta/recipes-connectivity/kea/files/0001-keactrl.in-create-var-lib-kea-and-var-run-kea-folder.patch b/poky/meta/recipes-connectivity/kea/files/0001-keactrl.in-create-var-lib-kea-and-var-run-kea-folder.patch
new file mode 100644
index 0000000..ab3fd83
--- /dev/null
+++ b/poky/meta/recipes-connectivity/kea/files/0001-keactrl.in-create-var-lib-kea-and-var-run-kea-folder.patch
@@ -0,0 +1,39 @@
+From 639dc25cdabc9d1846000a542c8cc19158b69994 Mon Sep 17 00:00:00 2001
+From: Mingli Yu <mingli.yu@windriver.com>
+Date: Fri, 18 Sep 2020 08:18:08 +0000
+Subject: [PATCH] keactrl.in: create /var/lib/kea and /var/run/kea folder
+
+Create /var/lib/kea and /var/run/kea folder to fix below error:
+ # keactrl start
+ INFO/keactrl: Starting /usr/sbin/kea-dhcp4 -c /etc/kea/kea-dhcp4.conf
+ INFO/keactrl: Starting /usr/sbin/kea-dhcp6 -c /etc/kea/kea-dhcp6.conf
+ INFO/keactrl: Starting /usr/sbin/kea-ctrl-agent -c /etc/kea/kea-ctrl-agent.conf
+ Unable to use interprocess sync lockfile (No such file or directory): /var/run/kea/logger_lockfile
+ Service failed: Launch failed: Unable to open PID file '/var/run/kea/kea-ctrl-agent.kea-ctrl-agent.pid' for write
+ [snip]
+ ERROR [kea-dhcp4.dhcp4/615.140641792751488] DHCP4_CONFIG_LOAD_FAIL configuration error using file: /etc/kea/kea-dhcp4.conf, reason: Unable to open database: unable to open '/var/lib/kea/kea-leases4.csv'
+ [snip]
+
+Upstream-Status: Inappropriate [config specific]
+
+Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
+---
+ src/bin/keactrl/keactrl.in | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/src/bin/keactrl/keactrl.in b/src/bin/keactrl/keactrl.in
+index 12b2b3f..47cf6f9 100644
+--- a/src/bin/keactrl/keactrl.in
++++ b/src/bin/keactrl/keactrl.in
+@@ -482,6 +482,8 @@ case ${command} in
+ # The variables (dhcp4_srv, dhcp6_serv, dhcp_ddns_srv etc) are set in the
+ # keactrl.conf file that shellcheck is unable to read.
+ # shellcheck disable=SC2154
++ [ -d @LOCALSTATEDIR@/run/kea ] || mkdir -p @LOCALSTATEDIR@/run/kea
++ [ -d @LOCALSTATEDIR@/lib/kea ] || mkdir -p @LOCALSTATEDIR@/lib/kea
+ run_conditional "dhcp4" "start_server ${dhcp4_srv} -c ${kea_dhcp4_config_file} ${args}" 1
+ run_conditional "dhcp6" "start_server ${dhcp6_srv} -c ${kea_dhcp6_config_file} ${args}" 1
+ # shellcheck disable=SC2154
+--
+2.26.2
+
diff --git a/poky/meta/recipes-connectivity/kea/files/fix-multilib-conflict.patch b/poky/meta/recipes-connectivity/kea/files/fix-multilib-conflict.patch
new file mode 100644
index 0000000..733adf5
--- /dev/null
+++ b/poky/meta/recipes-connectivity/kea/files/fix-multilib-conflict.patch
@@ -0,0 +1,55 @@
+There are conflict of config files between kea and lib32-kea:
+
+| Error: Transaction test error:
+| file /etc/kea/kea-ctrl-agent.conf conflicts between attempted installs of
+ lib32-kea-1.7.10-r0.core2_32 and kea-1.7.10-r0.core2_64
+| file /etc/kea/kea-dhcp4.conf conflicts between attempted installs of
+ lib32-kea-1.7.10-r0.core2_32 and kea-1.7.10-r0.core2_64
+
+Because they are all commented out, replace the expanded libdir path with
+'$libdir' in the config files to avoid conflict.
+
+Signed-off-by: Kai Kang <kai.kang@windriver.com>
+---
+ src/bin/keactrl/kea-ctrl-agent.conf.pre | 3 ++-
+ src/bin/keactrl/kea-dhcp4.conf.pre | 6 ++++--
+ 2 files changed, 6 insertions(+), 3 deletions(-)
+
+diff --git a/src/bin/keactrl/kea-ctrl-agent.conf.pre b/src/bin/keactrl/kea-ctrl-agent.conf.pre
+index 211b7ff..d710ec7 100644
+--- a/src/bin/keactrl/kea-ctrl-agent.conf.pre
++++ b/src/bin/keactrl/kea-ctrl-agent.conf.pre
+@@ -45,7 +45,8 @@
+ // Agent will fail to start.
+ "hooks-libraries": [
+ // {
+-// "library": "@libdir@/kea/hooks/control-agent-commands.so",
++// // Replace $libdir with real library path /usr/lib or /usr/lib64
++// "library": "$libdir/kea/hooks/control-agent-commands.so",
+ // "parameters": {
+ // "param1": "foo"
+ // }
+diff --git a/src/bin/keactrl/kea-dhcp4.conf.pre b/src/bin/keactrl/kea-dhcp4.conf.pre
+index 5f77a32..70ae3d9 100644
+--- a/src/bin/keactrl/kea-dhcp4.conf.pre
++++ b/src/bin/keactrl/kea-dhcp4.conf.pre
+@@ -252,7 +252,8 @@
+ // // of all devices serviced by Kea, including their identifiers
+ // // (like MAC address), their location in the network, times
+ // // when they were active etc.
+- // "library": "@libdir@/kea/hooks/libdhcp_legal_log.so"
++ // // Replace $libdir with real library path /usr/lib or /usr/lib64
++ // "library": "$libdir/kea/hooks/libdhcp_legal_log.so"
+ // "parameters": {
+ // "path": "/var/lib/kea",
+ // "base-name": "kea-forensic4"
+@@ -269,7 +270,8 @@
+ // // of specific options or perhaps even a combination of several
+ // // options and fields to uniquely identify a client. Those scenarios
+ // // are addressed by the Flexible Identifiers hook application.
+- // "library": "@libdir@/kea/hooks/libdhcp_flex_id.so",
++ // // Replace $libdir with real library path /usr/lib or /usr/lib64
++ // "library": "$libdir/kea/hooks/libdhcp_flex_id.so",
+ // "parameters": {
+ // "identifier-expression": "substring(relay6[0].option[18],0,8)"
+ // }
diff --git a/poky/meta/recipes-connectivity/kea/kea_1.7.10.bb b/poky/meta/recipes-connectivity/kea/kea_1.7.10.bb
index e2560b2..2ea4b12 100644
--- a/poky/meta/recipes-connectivity/kea/kea_1.7.10.bb
+++ b/poky/meta/recipes-connectivity/kea/kea_1.7.10.bb
@@ -9,9 +9,11 @@
SRC_URI = "\
http://ftp.isc.org/isc/kea/${PV}/${BP}.tar.gz \
+ file://0001-keactrl.in-create-var-lib-kea-and-var-run-kea-folder.patch \
file://kea-dhcp4.service \
file://kea-dhcp6.service \
file://kea-dhcp-ddns.service \
+ file://fix-multilib-conflict.patch \
"
SRC_URI[sha256sum] = "4e121f0e58b175a827581c69cb1d60778647049fa47f142940dddc9ce58f3c82"
@@ -46,7 +48,7 @@
install -m 0644 ${WORKDIR}/kea-dhcp*service ${D}${systemd_system_unitdir}
sed -i -e 's,@SBINDIR@,${sbindir},g' -e 's,@BASE_BINDIR@,${base_bindir},g' \
-e 's,@LOCALSTATEDIR@,${localstatedir},g' -e 's,@SYSCONFDIR@,${sysconfdir},g' \
- ${D}${systemd_system_unitdir}/kea-dhcp*service
+ ${D}${systemd_system_unitdir}/kea-dhcp*service ${D}${sbindir}/keactrl
}
do_install_append() {
diff --git a/poky/meta/recipes-connectivity/openssh/openssh/sshdgenkeys.service b/poky/meta/recipes-connectivity/openssh/openssh/sshdgenkeys.service
index 603c337..fd81793 100644
--- a/poky/meta/recipes-connectivity/openssh/openssh/sshdgenkeys.service
+++ b/poky/meta/recipes-connectivity/openssh/openssh/sshdgenkeys.service
@@ -6,3 +6,4 @@
ExecStart=@LIBEXECDIR@/sshd_check_keys
Type=oneshot
RemainAfterExit=yes
+Nice=10
diff --git a/poky/meta/recipes-connectivity/openssh/openssh_8.3p1.bb b/poky/meta/recipes-connectivity/openssh/openssh_8.3p1.bb
index fad3218..e007328 100644
--- a/poky/meta/recipes-connectivity/openssh/openssh_8.3p1.bb
+++ b/poky/meta/recipes-connectivity/openssh/openssh_8.3p1.bb
@@ -42,12 +42,15 @@
inherit autotools-brokensep ptest
-PACKAGECONFIG ??= ""
+PACKAGECONFIG ??= "rng-tools"
PACKAGECONFIG[kerberos] = "--with-kerberos5,--without-kerberos5,krb5"
PACKAGECONFIG[ldns] = "--with-ldns,--without-ldns,ldns"
PACKAGECONFIG[libedit] = "--with-libedit,--without-libedit,libedit"
PACKAGECONFIG[manpages] = "--with-mantype=man,--with-mantype=cat"
+# Add RRECOMMENDS to rng-tools for sshd package
+PACKAGECONFIG[rng-tools] = ""
+
EXTRA_AUTORECONF += "--exclude=aclocal"
# login path is hardcoded in sshd
@@ -149,7 +152,10 @@
RDEPENDS_${PN} += "${PN}-scp ${PN}-ssh ${PN}-sshd ${PN}-keygen"
RDEPENDS_${PN}-sshd += "${PN}-keygen ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'pam-plugin-keyinit pam-plugin-loginuid', '', d)}"
-RRECOMMENDS_${PN}-sshd_append_class-target = " rng-tools"
+RRECOMMENDS_${PN}-sshd_append_class-target = "\
+ ${@bb.utils.filter('PACKAGECONFIG', 'rng-tools', d)} \
+"
+
# gdb would make attach-ptrace test pass rather than skip but not worth the build dependencies
RDEPENDS_${PN}-ptest += "${PN}-sftp ${PN}-misc ${PN}-sftp-server make sed sudo coreutils"
diff --git a/poky/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/dropbear_rsa_host_key b/poky/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/dropbear_rsa_host_key
new file mode 100644
index 0000000..30443c9
--- /dev/null
+++ b/poky/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/dropbear_rsa_host_key
Binary files differ
diff --git a/poky/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_ecdsa_key b/poky/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_ecdsa_key
new file mode 100644
index 0000000..86c2104
--- /dev/null
+++ b/poky/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_ecdsa_key
@@ -0,0 +1,9 @@
+-----BEGIN OPENSSH PRIVATE KEY-----
+b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAaAAAABNlY2RzYS
+1zaGEyLW5pc3RwMjU2AAAACG5pc3RwMjU2AAAAQQRJR6iZxr/NTqQN9NOwV+WPtu42r2eF
+rJ0xsnlqw5bpmfz6aDR8RQvVHUZjRGQfR/RXPbQ5x+bjjdm176TuXNhHAAAAqAoE27MKBN
+uzAAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBElHqJnGv81OpA30
+07BX5Y+27javZ4WsnTGyeWrDlumZ/PpoNHxFC9UdRmNEZB9H9Fc9tDnH5uON2bXvpO5c2E
+cAAAAgLiHv/IWhxwosz9BiNILOOPlXaueL5hVTBKUJkpOi48sAAAANcm9vdEBxZW11bWlw
+cwECAw==
+-----END OPENSSH PRIVATE KEY-----
diff --git a/poky/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_ecdsa_key.pub b/poky/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_ecdsa_key.pub
new file mode 100644
index 0000000..a358aeb
--- /dev/null
+++ b/poky/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_ecdsa_key.pub
@@ -0,0 +1 @@
+ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBElHqJnGv81OpA3007BX5Y+27javZ4WsnTGyeWrDlumZ/PpoNHxFC9UdRmNEZB9H9Fc9tDnH5uON2bXvpO5c2Ec= root@qemupregen
diff --git a/poky/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_ed25519_key b/poky/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_ed25519_key
new file mode 100644
index 0000000..00ed9ad
--- /dev/null
+++ b/poky/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_ed25519_key
@@ -0,0 +1,7 @@
+-----BEGIN OPENSSH PRIVATE KEY-----
+b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
+QyNTUxOQAAACDHSFTAbJ3OTd1r1E8G5JleCmsJEpQHmdTGtMcYqwWbbwAAAJChFtV0oRbV
+dAAAAAtzc2gtZWQyNTUxOQAAACDHSFTAbJ3OTd1r1E8G5JleCmsJEpQHmdTGtMcYqwWbbw
+AAAEA8UiUsygsTbP0HkDi5leXpQaVXihDyCHeitkBCItJGhcdIVMBsnc5N3WvUTwbkmV4K
+awkSlAeZ1Ma0xxirBZtvAAAADXJvb3RAcWVtdW1pcHM=
+-----END OPENSSH PRIVATE KEY-----
diff --git a/poky/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_ed25519_key.pub b/poky/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_ed25519_key.pub
new file mode 100644
index 0000000..cc0e2f4
--- /dev/null
+++ b/poky/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_ed25519_key.pub
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMdIVMBsnc5N3WvUTwbkmV4KawkSlAeZ1Ma0xxirBZtv root@qemupregen
diff --git a/poky/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_rsa_key b/poky/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_rsa_key
new file mode 100644
index 0000000..a8e4406
--- /dev/null
+++ b/poky/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_rsa_key
@@ -0,0 +1,38 @@
+-----BEGIN OPENSSH PRIVATE KEY-----
+b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABlwAAAAdzc2gtcn
+NhAAAAAwEAAQAAAYEA2Q6dzF1xziCQCFq+e+Fv6w0607gNlyKnkhuoRq8G7/HEqXU2eEtC
+i3AMUrAP8k7s9kP5vI5CyfSgFuC9MxDV2YL2bsmvRxBSKgg6KbNxkoTaFBqyqHopuWQca8
+KRahvzt5dh9fsmeqamIwgMWKTSwtDHcsbyt84nmO2Z2ZrNXobgueMIj+HiJVgmWn86FQFL
+EoONAA+qb4SciPsxvmTlaQ/DMAh3llVo/IMLD9oyAyAI2kbHNnZttlYv5TmY7ICd3yCW8z
+PXrxNcEF3Qs1d68gVJxLjLKTlYGzJW2J+RwY+1DJZ0w4lozeQiZXTXVtzcJB0tm2DcvQMz
+kqyARmncSUwcPbEClEW6Y2xQnLeSHjexzlCCndiUbBTeG5iRl4OL6DN40iI9Lw2VROtj2Y
+59n9PCfaoUs08dsgJLaNrDbRHrCRLSdZJ6OQFiC/nAx/t4e4+wdUgNOqLyJqomdNdaLXPq
+tzr9ssrcY5j1DmmwKtzfTI5VM9LRQo+REIiUCNTFAAAFiFh232tYdt9rAAAAB3NzaC1yc2
+EAAAGBANkOncxdcc4gkAhavnvhb+sNOtO4DZcip5IbqEavBu/xxKl1NnhLQotwDFKwD/JO
+7PZD+byOQsn0oBbgvTMQ1dmC9m7Jr0cQUioIOimzcZKE2hQasqh6KblkHGvCkWob87eXYf
+X7JnqmpiMIDFik0sLQx3LG8rfOJ5jtmdmazV6G4LnjCI/h4iVYJlp/OhUBSxKDjQAPqm+E
+nIj7Mb5k5WkPwzAId5ZVaPyDCw/aMgMgCNpGxzZ2bbZWL+U5mOyAnd8glvMz168TXBBd0L
+NXevIFScS4yyk5WBsyVtifkcGPtQyWdMOJaM3kImV011bc3CQdLZtg3L0DM5KsgEZp3ElM
+HD2xApRFumNsUJy3kh43sc5Qgp3YlGwU3huYkZeDi+gzeNIiPS8NlUTrY9mOfZ/Twn2qFL
+NPHbICS2jaw20R6wkS0nWSejkBYgv5wMf7eHuPsHVIDTqi8iaqJnTXWi1z6rc6/bLK3GOY
+9Q5psCrc30yOVTPS0UKPkRCIlAjUxQAAAAMBAAEAAAGAGIj+bUtiwdoMbeVUAszIydkE/U
+mgv6S7LFjT/KlsL1M017LYJWDcdMaFnhMouksRngSxBg9OnWV5cxyURmFwytVy5bMGjRHb
+N8UWTgBqphU+UWdzKngkn0AhtkyYA1aFhgsml5d8EgEkZnFSc/KtoDfZU7AJX519/FtfOK
+m27Shx3pE7Nohh97avHyuidR1gTwdvuMIMke57g0BhrxPYmredaKCMZAHjjCeD6JbRcGj+
+ly3I9u8MF8BGSbLpBlLDUFCwP8G5CdmMua8bPJYhPSRqMLQhclI7hc6FaYk+gZV9B74Iv/
+SAxcCwI97dNbE0IAsbbWoUdoKGpAYQ5gOdhu5ioqZwKWjNjB3Xx48mq8xtmIR9HEnYzEnk
+b/tDWNRWrGkvNK7vpLvnbsSSKBqOAbMzmQdJxogTgjE5doSmu2/krIMR6KUcUox2ZrR8Ot
+JM6bXyNFBviiXmYvw/SZTDrVJu8BPMu5EMS5pBl8jPFBGI/ePk4qg7lWAJeQ89ThtBAAAA
+wQDEU4HjomWwJsn9UWdoodXTV5aPY9B1OPkmYnRPtsjSAcXgtBzUXMEOsmXODOK3aQjsE0
+jQKpWDAUcUf6KKZKRehxUN4MlwujCG9czn65S6B8BsP1YUfZQjpNyub8vDBfeKzlxKBEEM
+lb4iBT+LEGkihK13H5CbqRg1GDAThZzwrV4pj3S40zgyHhn8JjK4x4djEY6NwkWH8E2DgD
+8vYG/FKh5E/VIZtCgtAHa4QNAgGB4VMRn1VpSJzxjCxb1wancAAADBAPT7F34WYEI3Vc52
+p1U5rPa6dZtg5QM14V0+KtMlb3frd0/F+JVj4t6COQ8J9pkOuD0YjOYJuFXIWAAYIjCdWt
+cbTi/sSERawOWxrgSwJo2vjt5izrBQtr3N8tiB6KDGa5sdgJl5XzJ0SsdStfBbyhcJO4RV
+p9lc+X8OsUfFsClmyIs45vlxBRH06DP6/zmYCAmqvlrfZJKqlpKAEWDDObRy/3+mSNhZ0J
+BdmncASiASRlPPIoIHznyA1COUn6+TnwAAAMEA4tH89Dez2JauyPVeCyHAC680vrBKjmMx
+WYdpq2Xzd/LNl2L9oc0IEZzerLTuaCh6qsbbk2wWj1nrYXvefz/xUtDR427tvRXckcsWhP
+2HYohdYBkwTpp9QuscIV76GdwbTImuNEzvABH1hpTG6DSzqeyf/EVmSq07nptJIs5lpU49
+tW2aWraSvswHR9xfts1U79w9f4BNDy1rTmfuLERTRNF/T9CIFsk9tArLUNT64mhHtoEs8F
+9AyGuq6v49bN0bAAAADXJvb3RAcWVtdW1pcHMBAgMEBQ==
+-----END OPENSSH PRIVATE KEY-----
diff --git a/poky/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_rsa_key.pub b/poky/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_rsa_key.pub
new file mode 100644
index 0000000..9eb8c38
--- /dev/null
+++ b/poky/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys/openssh/ssh_host_rsa_key.pub
@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDZDp3MXXHOIJAIWr574W/rDTrTuA2XIqeSG6hGrwbv8cSpdTZ4S0KLcAxSsA/yTuz2Q/m8jkLJ9KAW4L0zENXZgvZuya9HEFIqCDops3GShNoUGrKoeim5ZBxrwpFqG/O3l2H1+yZ6pqYjCAxYpNLC0MdyxvK3zieY7ZnZms1ehuC54wiP4eIlWCZafzoVAUsSg40AD6pvhJyI+zG+ZOVpD8MwCHeWVWj8gwsP2jIDIAjaRsc2dm22Vi/lOZjsgJ3fIJbzM9evE1wQXdCzV3ryBUnEuMspOVgbMlbYn5HBj7UMlnTDiWjN5CJldNdW3NwkHS2bYNy9AzOSrIBGadxJTBw9sQKURbpjbFCct5IeN7HOUIKd2JRsFN4bmJGXg4voM3jSIj0vDZVE62PZjn2f08J9qhSzTx2yAkto2sNtEesJEtJ1kno5AWIL+cDH+3h7j7B1SA06ovImqiZ011otc+q3Ov2yytxjmPUOabAq3N9MjlUz0tFCj5EQiJQI1MU= root@qemupregen
diff --git a/poky/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys_1.0.bb b/poky/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys_1.0.bb
new file mode 100644
index 0000000..ddd10e6
--- /dev/null
+++ b/poky/meta/recipes-connectivity/ssh-pregen-hostkeys/ssh-pregen-hostkeys_1.0.bb
@@ -0,0 +1,19 @@
+SUMMARY = "Pre generated host keys mainly for speeding up our qemu tests"
+
+SRC_URI = "file://dropbear_rsa_host_key \
+ file://openssh"
+
+LICENSE = "MIT"
+LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302"
+
+INHIBIT_DEFAULT_DEPS = "1"
+
+do_install () {
+ install -d ${D}${sysconfdir}/dropbear
+ install ${WORKDIR}/dropbear_rsa_host_key -m 0600 ${D}${sysconfdir}/dropbear/
+
+ install -d ${D}${sysconfdir}/ssh
+ install ${WORKDIR}/openssh/* ${D}${sysconfdir}/ssh/
+ chmod 0600 ${D}${sysconfdir}/ssh/*
+ chmod 0644 ${D}${sysconfdir}/ssh/*.pub
+}
\ No newline at end of file