[PATCH 0/7] Vacation hacks

[PATCH 0/7] Vacation hacks

[Jan Kiszka]

These patches are mostly the outcome of modeling the base and rescue
image of a family machine with Isar. They
 - fix file permissions of dpkg-raw content
 - allow to boot via grub-efi from secondary disks
 - enhance locale settings
 - overcome meta-isar as dependency for most projects

Jan


CC: Claudius Heine <ch@denx.de>
CC: Henning Schild <henning.schild@siemens.com>

Jan Kiszka (7):
  dpkg-raw: Respect file permissions defined by recipe
  bootimg-efi-isar: Run grub-mkimage without own config
  bootimg-efi-isar: Retrieve boot disk during runtime
  isar-cfg-localepurge: Also set /etc/default/locale
  Fix LIC_FILES_CHKSUM paths
  Move repo variables to proper conf file
  Move debian distro conf files to meta

 meta-isar/conf/distro/raspbian-jessie.conf                 |  2 +-
 meta-isar/conf/layer.conf                                  | 11 -----------
 meta-isar/recipes-app/example-hello/example-hello.bb       |  2 +-
 meta-isar/recipes-app/libhello/libhello.bb                 |  2 +-
 meta-isar/recipes-core/images/isar-image-base.bb           |  2 +-
 meta/classes/dpkg-raw.bbclass                              |  4 +++-
 meta/classes/isar-image.bbclass                            |  4 ++--
 meta/conf/bitbake.conf                                     | 11 +++++++++++
 {meta-isar => meta}/conf/distro/debian-buster.conf         |  0
 {meta-isar => meta}/conf/distro/debian-buster.list         |  0
 {meta-isar => meta}/conf/distro/debian-common.conf         |  0
 {meta-isar => meta}/conf/distro/debian-configscript.sh     |  0
 {meta-isar => meta}/conf/distro/debian-jessie.conf         |  0
 {meta-isar => meta}/conf/distro/debian-jessie.list         |  0
 {meta-isar => meta}/conf/distro/debian-stretch.conf        |  0
 {meta-isar => meta}/conf/distro/debian-stretch.list        |  0
 meta/recipes-core/isar-bootstrap/isar-bootstrap.inc        |  2 +-
 meta/recipes-devtools/buildchroot/buildchroot.inc          |  2 +-
 meta/recipes-devtools/sdkchroot/sdkchroot.bb               |  2 +-
 meta/recipes-support/isar-cfg-localepurge/files/postinst   |  2 ++
 .../isar-cfg-localepurge/isar-cfg-localepurge.bb           |  5 +++++
 meta/scripts/lib/wic/plugins/source/bootimg-efi-isar.py    | 14 +++-----------
 22 files changed, 33 insertions(+), 32 deletions(-)
 rename {meta-isar => meta}/conf/distro/debian-buster.conf (100%)
 rename {meta-isar => meta}/conf/distro/debian-buster.list (100%)
 rename {meta-isar => meta}/conf/distro/debian-common.conf (100%)
 rename {meta-isar => meta}/conf/distro/debian-configscript.sh (100%)
 rename {meta-isar => meta}/conf/distro/debian-jessie.conf (100%)
 rename {meta-isar => meta}/conf/distro/debian-jessie.list (100%)
 rename {meta-isar => meta}/conf/distro/debian-stretch.conf (100%)
 rename {meta-isar => meta}/conf/distro/debian-stretch.list (100%)

-- 
2.16.4

[PATCH 1/7] dpkg-raw: Respect file permissions defined by recipe

[Jan Kiszka]

From: Jan Kiszka <jan.kiszka@siemens.com>

dh_fixperms overwrites the permissions do_install defined carefully.
Skip this step to avoid that.

Fixes: f301ccb2b5b1 ("meta/dpkg-raw: build raw packages like all others")
CC: Henning Schild <henning.schild@siemens.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
---
 meta/classes/dpkg-raw.bbclass | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/meta/classes/dpkg-raw.bbclass b/meta/classes/dpkg-raw.bbclass
index 8d11433..10fb1b9 100644
--- a/meta/classes/dpkg-raw.bbclass
+++ b/meta/classes/dpkg-raw.bbclass
@@ -56,9 +56,11 @@ EOF
 deb_create_rules() {
 	cat << EOF > ${S}/debian/rules
 #!/usr/bin/make -f
+
+override_dh_fixperms:
+
 %:
 	dh \$@
-
 EOF
 	chmod +x ${S}/debian/rules
 }
-- 
2.16.4

[PATCH 2/7] bootimg-efi-isar: Run grub-mkimage without own config

[Jan Kiszka]

From: Jan Kiszka <jan.kiszka@siemens.com>

This avoids hard-coding hd0 into the generated image. Rather rely on
grub automatically setting 'prefix' to 'cmdpath', the location where the
firmware started the grub executable.

CC: Henning Schild <henning.schild@siemens.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
---
 meta/scripts/lib/wic/plugins/source/bootimg-efi-isar.py | 9 ---------
 1 file changed, 9 deletions(-)

diff --git a/meta/scripts/lib/wic/plugins/source/bootimg-efi-isar.py b/meta/scripts/lib/wic/plugins/source/bootimg-efi-isar.py
index 44ce399..0d5d018 100644
--- a/meta/scripts/lib/wic/plugins/source/bootimg-efi-isar.py
+++ b/meta/scripts/lib/wic/plugins/source/bootimg-efi-isar.py
@@ -91,12 +91,6 @@ class BootimgEFIPlugin(SourcePlugin):
         cfg.write(grubefi_conf)
         cfg.close()
 
-        cfg = open("%s/hdd/boot/EFI/BOOT/grub-mkimage.cfg" % cr_workdir, "w")
-        mkimage_conf = "set root='hd0,gpt%d'\n" % bootpart.realnum
-        mkimage_conf += "set prefix=($root)/EFI/BOOT\n"
-        cfg.write(mkimage_conf)
-        cfg.close()
-
     @classmethod
     def do_configure_systemdboot(cls, hdddir, creator, cr_workdir, source_params):
         """
@@ -211,8 +205,6 @@ class BootimgEFIPlugin(SourcePlugin):
             if source_params['loader'] == 'grub-efi':
                 shutil.copyfile("%s/hdd/boot/EFI/BOOT/grub.cfg" % cr_workdir,
                                 "%s/grub.cfg" % cr_workdir)
-                shutil.copyfile("%s/hdd/boot/EFI/BOOT/grub-mkimage.cfg" % cr_workdir,
-                                "%s/grub-mkimage.cfg" % cr_workdir)
                 for mod in [x for x in os.listdir(kernel_dir) if x.startswith("grub-efi-")]:
                     cp_cmd = "cp %s/%s %s/EFI/BOOT/%s" % (kernel_dir, mod, hdddir, mod[9:])
                     exec_cmd(cp_cmd, True)
@@ -245,7 +237,6 @@ class BootimgEFIPlugin(SourcePlugin):
 
                     # TODO: check that grub-mkimage is available
                     grub_cmd = "grub-mkimage -p /EFI/BOOT "
-                    grub_cmd += "-c %s/grub-mkimage.cfg " % cr_workdir
                     grub_cmd += "-O %s -o %s/EFI/BOOT/%s " \
                                 % (grub_target, bootimg_dir, grub_image)
                     grub_cmd += "part_gpt part_msdos ntfs ntfscomp fat ext2 "
-- 
2.16.4

[PATCH 3/7] bootimg-efi-isar: Retrieve boot disk during runtime

[Jan Kiszka]

From: Jan Kiszka <jan.kiszka@siemens.com>

Use regexp on 'prefix' in order to define the boot disk. This still
binds boot and root partition to the same disk but at least removes the
assumption that this is hd0.

CC: Henning Schild <henning.schild@siemens.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
---
 meta/scripts/lib/wic/plugins/source/bootimg-efi-isar.py | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/meta/scripts/lib/wic/plugins/source/bootimg-efi-isar.py b/meta/scripts/lib/wic/plugins/source/bootimg-efi-isar.py
index 0d5d018..1ca200f 100644
--- a/meta/scripts/lib/wic/plugins/source/bootimg-efi-isar.py
+++ b/meta/scripts/lib/wic/plugins/source/bootimg-efi-isar.py
@@ -71,7 +71,8 @@ class BootimgEFIPlugin(SourcePlugin):
             grubefi_conf += "timeout=%s\n" % bootloader.timeout
             for part in creator.parts:
                 if part.mountpoint == "/":
-                    grubefi_conf += "set root='hd0,gpt%d'\n" % part.realnum
+                    grubefi_conf += "regexp --set bootdisk '(hd[0-9]*),' $prefix\n"
+                    grubefi_conf += "set root=$bootdisk',gpt%d'\n" % part.realnum
             grubefi_conf += "menuentry 'boot'{\n"
 
             kernel = "/vmlinuz"
@@ -245,7 +246,7 @@ class BootimgEFIPlugin(SourcePlugin):
                     grub_cmd += "terminal minicmd test loadenv echo help "
                     grub_cmd += "reboot serial terminfo iso9660 loopback tar "
                     grub_cmd += "memdisk ls search_fs_uuid udf btrfs xfs lvm "
-                    grub_cmd += "reiserfs " + grub_modules
+                    grub_cmd += "reiserfs regexp " + grub_modules
                     exec_cmd(grub_cmd)
             elif source_params['loader'] == 'systemd-boot':
                 for mod in [x for x in os.listdir(kernel_dir) if x.startswith("systemd-")]:
-- 
2.16.4

[PATCH 4/7] isar-cfg-localepurge: Also set /etc/default/locale

[Jan Kiszka]

From: Jan Kiszka <jan.kiszka@siemens.com>

This is required in order to localize more applications, such as desktop
environments.

CC: Claudius Heine <ch@denx.de>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
---
 meta/recipes-support/isar-cfg-localepurge/files/postinst          | 2 ++
 meta/recipes-support/isar-cfg-localepurge/isar-cfg-localepurge.bb | 5 +++++
 2 files changed, 7 insertions(+)

diff --git a/meta/recipes-support/isar-cfg-localepurge/files/postinst b/meta/recipes-support/isar-cfg-localepurge/files/postinst
index c5f1c51..9dfd6f9 100644
--- a/meta/recipes-support/isar-cfg-localepurge/files/postinst
+++ b/meta/recipes-support/isar-cfg-localepurge/files/postinst
@@ -3,6 +3,8 @@ set -e
 
 cat /usr/lib/isar-cfg-localepurge/locale.gen \
 	>> /etc/locale.gen
+cat /usr/lib/isar-cfg-localepurge/locale.default \
+	> /etc/default/locale
 cat /usr/lib/isar-cfg-localepurge/locale.nopurge \
 	> /etc/locale.nopurge
 
diff --git a/meta/recipes-support/isar-cfg-localepurge/isar-cfg-localepurge.bb b/meta/recipes-support/isar-cfg-localepurge/isar-cfg-localepurge.bb
index bdbc2b1..62b4b2d 100644
--- a/meta/recipes-support/isar-cfg-localepurge/isar-cfg-localepurge.bb
+++ b/meta/recipes-support/isar-cfg-localepurge/isar-cfg-localepurge.bb
@@ -42,6 +42,9 @@ do_gen_config() {
 		locales     locales/locales_to_be_generated    multiselect ${@get_dc_locale_gen(d)}
 		locales     locales/default_environment_locale select      ${LOCALE_DEFAULT}
 	__EOF__
+	cat<<-__EOF__ > ${WORKDIR}/locale.default
+		LANG=${LOCALE_DEFAULT}
+	__EOF__
 	cat<<-__EOF__ > ${WORKDIR}/locale.nopurge
 		#USE_DPKG
 		MANDELETE
@@ -60,6 +63,8 @@ do_install() {
                           ${D}/usr/lib/${PN}/locale.debconf
 	install -v -m 644 ${WORKDIR}/locale.gen \
                           ${D}/usr/lib/${PN}/locale.gen
+	install -v -m 644 ${WORKDIR}/locale.default \
+			  ${D}/usr/lib/${PN}/locale.default
 	install -v -m 644 ${WORKDIR}/locale.nopurge \
                           ${D}/usr/lib/${PN}/locale.nopurge
 }
-- 
2.16.4

[PATCH 5/7] Fix LIC_FILES_CHKSUM paths

[Jan Kiszka]

From: Jan Kiszka <jan.kiszka@siemens.com>

The licenses are located in the core layer.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
---
 meta-isar/recipes-app/example-hello/example-hello.bb | 2 +-
 meta-isar/recipes-app/libhello/libhello.bb           | 2 +-
 meta-isar/recipes-core/images/isar-image-base.bb     | 2 +-
 meta/recipes-core/isar-bootstrap/isar-bootstrap.inc  | 2 +-
 meta/recipes-devtools/buildchroot/buildchroot.inc    | 2 +-
 meta/recipes-devtools/sdkchroot/sdkchroot.bb         | 2 +-
 6 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/meta-isar/recipes-app/example-hello/example-hello.bb b/meta-isar/recipes-app/example-hello/example-hello.bb
index d23ee6c..9b35537 100644
--- a/meta-isar/recipes-app/example-hello/example-hello.bb
+++ b/meta-isar/recipes-app/example-hello/example-hello.bb
@@ -6,7 +6,7 @@
 DESCRIPTION = "Sample application for ISAR"
 
 LICENSE = "gpl-2.0"
-LIC_FILES_CHKSUM = "file://${LAYERDIR_isar}/licenses/COPYING.GPLv2;md5=751419260aa954499f7abaabaa882bbe"
+LIC_FILES_CHKSUM = "file://${LAYERDIR_core}/licenses/COPYING.GPLv2;md5=751419260aa954499f7abaabaa882bbe"
 
 PV = "0.2-86cc719"
 
diff --git a/meta-isar/recipes-app/libhello/libhello.bb b/meta-isar/recipes-app/libhello/libhello.bb
index 4e75f98..ab271b5 100644
--- a/meta-isar/recipes-app/libhello/libhello.bb
+++ b/meta-isar/recipes-app/libhello/libhello.bb
@@ -6,7 +6,7 @@
 DESCRIPTION = "Sample shared library for ISAR"
 
 LICENSE = "gpl-2.0"
-LIC_FILES_CHKSUM = "file://${LAYERDIR_isar}/licenses/COPYING.GPLv2;md5=751419260aa954499f7abaabaa882bbe"
+LIC_FILES_CHKSUM = "file://${LAYERDIR_core}/licenses/COPYING.GPLv2;md5=751419260aa954499f7abaabaa882bbe"
 
 PV = "0.1-98f2e41"
 
diff --git a/meta-isar/recipes-core/images/isar-image-base.bb b/meta-isar/recipes-core/images/isar-image-base.bb
index 074e566..c86e63b 100644
--- a/meta-isar/recipes-core/images/isar-image-base.bb
+++ b/meta-isar/recipes-core/images/isar-image-base.bb
@@ -6,7 +6,7 @@
 DESCRIPTION = "Isar target filesystem"
 
 LICENSE = "gpl-2.0"
-LIC_FILES_CHKSUM = "file://${LAYERDIR_isar}/licenses/COPYING.GPLv2;md5=751419260aa954499f7abaabaa882bbe"
+LIC_FILES_CHKSUM = "file://${LAYERDIR_core}/licenses/COPYING.GPLv2;md5=751419260aa954499f7abaabaa882bbe"
 
 PV = "1.0"
 
diff --git a/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc b/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc
index f411ad1..8f7ed04 100644
--- a/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc
+++ b/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc
@@ -6,7 +6,7 @@
 # SPDX-License-Identifier: MIT
 
 LICENSE = "gpl-2.0"
-LIC_FILES_CHKSUM = "file://${LAYERDIR_isar}/licenses/COPYING.GPLv2;md5=751419260aa954499f7abaabaa882bbe"
+LIC_FILES_CHKSUM = "file://${LAYERDIR_core}/licenses/COPYING.GPLv2;md5=751419260aa954499f7abaabaa882bbe"
 FILESPATH_prepend := "${THISDIR}/files:"
 SRC_URI = " \
     file://isar-apt.conf \
diff --git a/meta/recipes-devtools/buildchroot/buildchroot.inc b/meta/recipes-devtools/buildchroot/buildchroot.inc
index 2c44db9..764bc5e 100644
--- a/meta/recipes-devtools/buildchroot/buildchroot.inc
+++ b/meta/recipes-devtools/buildchroot/buildchroot.inc
@@ -4,7 +4,7 @@
 # Copyright (C) 2015-2018 ilbers GmbH
 
 LICENSE = "gpl-2.0"
-LIC_FILES_CHKSUM = "file://${LAYERDIR_isar}/licenses/COPYING.GPLv2;md5=751419260aa954499f7abaabaa882bbe"
+LIC_FILES_CHKSUM = "file://${LAYERDIR_core}/licenses/COPYING.GPLv2;md5=751419260aa954499f7abaabaa882bbe"
 
 FILESPATH_prepend := "${THISDIR}/files:"
 SRC_URI = "file://configscript.sh \
diff --git a/meta/recipes-devtools/sdkchroot/sdkchroot.bb b/meta/recipes-devtools/sdkchroot/sdkchroot.bb
index ba84d53..f6b9cce 100644
--- a/meta/recipes-devtools/sdkchroot/sdkchroot.bb
+++ b/meta/recipes-devtools/sdkchroot/sdkchroot.bb
@@ -6,7 +6,7 @@
 DESCRIPTION = "Isar SDK Root filesystem"
 
 LICENSE = "gpl-2.0"
-LIC_FILES_CHKSUM = "file://${LAYERDIR_isar}/licenses/COPYING.GPLv2;md5=751419260aa954499f7abaabaa882bbe"
+LIC_FILES_CHKSUM = "file://${LAYERDIR_core}/licenses/COPYING.GPLv2;md5=751419260aa954499f7abaabaa882bbe"
 
 SRC_URI = "file://configscript.sh"
 PV = "0.1"
-- 
2.16.4

[PATCH 6/7] Move repo variables to proper conf file

[Jan Kiszka]

From: Jan Kiszka <jan.kiszka@siemens.com>

These definitely do not belong to a layer.conf. Rather, they are so
essential that placing them in the custom bitbake.conf is justified.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
---
 meta-isar/conf/layer.conf | 11 -----------
 meta/conf/bitbake.conf    | 11 +++++++++++
 2 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/meta-isar/conf/layer.conf b/meta-isar/conf/layer.conf
index 5d3ae88..9939bdc 100644
--- a/meta-isar/conf/layer.conf
+++ b/meta-isar/conf/layer.conf
@@ -17,14 +17,3 @@ LAYERVERSION_isar = "3"
 LAYERSERIES_COMPAT_isar = "v0.6"
 
 LAYERDIR_isar = "${LAYERDIR}"
-
-# Codename of the repository created by the caching class
-DEBDISTRONAME = "isar"
-
-# Isar apt repository paths
-REPO_ISAR_DIR ?= "${DEPLOY_DIR}/isar-apt/apt"
-REPO_ISAR_DB_DIR ?= "${DEPLOY_DIR}/isar-apt/db"
-
-# Base apt repository paths
-REPO_BASE_DIR ?= "${DL_DIR}/base-apt/apt"
-REPO_BASE_DB_DIR ?= "${DL_DIR}/base-apt/db"
diff --git a/meta/conf/bitbake.conf b/meta/conf/bitbake.conf
index 7e8dea1..b067a0d 100644
--- a/meta/conf/bitbake.conf
+++ b/meta/conf/bitbake.conf
@@ -55,6 +55,17 @@ BUILDCHROOT_HOST_DIR = "${TMPDIR}/work/${DISTRO}-${DISTRO_ARCH}/buildchroot-host
 BUILDCHROOT_TARGET_DIR = "${TMPDIR}/work/${DISTRO}-${DISTRO_ARCH}/buildchroot-target/rootfs"
 CACHE = "${TMPDIR}/cache"
 
+# Codename of the repository created by the caching class
+DEBDISTRONAME = "isar"
+
+# Isar apt repository paths
+REPO_ISAR_DIR = "${DEPLOY_DIR}/isar-apt/apt"
+REPO_ISAR_DB_DIR = "${DEPLOY_DIR}/isar-apt/db"
+
+# Base apt repository paths
+REPO_BASE_DIR = "${DL_DIR}/base-apt/apt"
+REPO_BASE_DB_DIR = "${DL_DIR}/base-apt/db"
+
 OVERRIDES_append = ":${DISTRO}:${DISTRO_ARCH}"
 
 BB_HASHBASE_WHITELIST ?= "TMPDIR FILE PATH PWD BB_TASKHASH BBPATH BBSERVER DL_DIR \
-- 
2.16.4

[PATCH 7/7] Move debian distro conf files to meta

[Jan Kiszka]

From: Jan Kiszka <jan.kiszka@siemens.com>

This only keeps specialties and examples in meta-isar, allowing to base
normal Debian layers solely on meta.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
---
 meta-isar/conf/distro/raspbian-jessie.conf             | 2 +-
 meta/classes/isar-image.bbclass                        | 4 ++--
 {meta-isar => meta}/conf/distro/debian-buster.conf     | 0
 {meta-isar => meta}/conf/distro/debian-buster.list     | 0
 {meta-isar => meta}/conf/distro/debian-common.conf     | 0
 {meta-isar => meta}/conf/distro/debian-configscript.sh | 0
 {meta-isar => meta}/conf/distro/debian-jessie.conf     | 0
 {meta-isar => meta}/conf/distro/debian-jessie.list     | 0
 {meta-isar => meta}/conf/distro/debian-stretch.conf    | 0
 {meta-isar => meta}/conf/distro/debian-stretch.list    | 0
 10 files changed, 3 insertions(+), 3 deletions(-)
 rename {meta-isar => meta}/conf/distro/debian-buster.conf (100%)
 rename {meta-isar => meta}/conf/distro/debian-buster.list (100%)
 rename {meta-isar => meta}/conf/distro/debian-common.conf (100%)
 rename {meta-isar => meta}/conf/distro/debian-configscript.sh (100%)
 rename {meta-isar => meta}/conf/distro/debian-jessie.conf (100%)
 rename {meta-isar => meta}/conf/distro/debian-jessie.list (100%)
 rename {meta-isar => meta}/conf/distro/debian-stretch.conf (100%)
 rename {meta-isar => meta}/conf/distro/debian-stretch.list (100%)

diff --git a/meta-isar/conf/distro/raspbian-jessie.conf b/meta-isar/conf/distro/raspbian-jessie.conf
index de8b5a1..5e907e5 100644
--- a/meta-isar/conf/distro/raspbian-jessie.conf
+++ b/meta-isar/conf/distro/raspbian-jessie.conf
@@ -8,5 +8,5 @@ BASE_DISTRO_CODENAME = "jessie"
 
 DISTRO_APT_SOURCES += "conf/distro/raspbian-jessie.list"
 DISTRO_APT_KEYS += "https://archive.raspbian.org/raspbian.public.key;sha256sum=ca59cd4f2bcbc3a1d41ba6815a02a8dc5c175467a59bd87edeac458f4a5345de"
-DISTRO_CONFIG_SCRIPT?= "raspbian-configscript.sh"
+DISTRO_CONFIG_SCRIPT ?= "${LAYERDIR_isar}/conf/distro/raspbian-configscript.sh"
 DISTRO_KERNELS ?= "rpi rpi2 rpi-rpfv rpi2-rpfv"
diff --git a/meta/classes/isar-image.bbclass b/meta/classes/isar-image.bbclass
index 4992800..1ab01a0 100644
--- a/meta/classes/isar-image.bbclass
+++ b/meta/classes/isar-image.bbclass
@@ -6,7 +6,7 @@
 inherit image
 inherit isar-bootstrap-helper
 
-FILESPATH =. "${LAYERDIR_isar}/conf/distro:"
+FILESPATH =. "${LAYERDIR_core}/conf/distro:"
 SRC_URI += "${@ 'file://${DISTRO_CONFIG_SCRIPT}' if '${DISTRO_CONFIG_SCRIPT}' else '' }"
 
 DEPENDS += "${IMAGE_INSTALL} ${IMAGE_TRANSIENT_PACKAGES}"
@@ -15,7 +15,7 @@ IMAGE_TRANSIENT_PACKAGES += "isar-cfg-localepurge"
 
 WORKDIR = "${TMPDIR}/work/${DISTRO}-${DISTRO_ARCH}/${PN}"
 
-ISAR_RELEASE_CMD_DEFAULT = "git -C ${LAYERDIR_isar} describe --tags --dirty --match 'v[0-9].[0-9]*'"
+ISAR_RELEASE_CMD_DEFAULT = "git -C ${LAYERDIR_core} describe --tags --dirty --match 'v[0-9].[0-9]*'"
 ISAR_RELEASE_CMD ?= "${ISAR_RELEASE_CMD_DEFAULT}"
 
 do_rootfs[root_cleandirs] = "${IMAGE_ROOTFS} \
diff --git a/meta-isar/conf/distro/debian-buster.conf b/meta/conf/distro/debian-buster.conf
similarity index 100%
rename from meta-isar/conf/distro/debian-buster.conf
rename to meta/conf/distro/debian-buster.conf
diff --git a/meta-isar/conf/distro/debian-buster.list b/meta/conf/distro/debian-buster.list
similarity index 100%
rename from meta-isar/conf/distro/debian-buster.list
rename to meta/conf/distro/debian-buster.list
diff --git a/meta-isar/conf/distro/debian-common.conf b/meta/conf/distro/debian-common.conf
similarity index 100%
rename from meta-isar/conf/distro/debian-common.conf
rename to meta/conf/distro/debian-common.conf
diff --git a/meta-isar/conf/distro/debian-configscript.sh b/meta/conf/distro/debian-configscript.sh
similarity index 100%
rename from meta-isar/conf/distro/debian-configscript.sh
rename to meta/conf/distro/debian-configscript.sh
diff --git a/meta-isar/conf/distro/debian-jessie.conf b/meta/conf/distro/debian-jessie.conf
similarity index 100%
rename from meta-isar/conf/distro/debian-jessie.conf
rename to meta/conf/distro/debian-jessie.conf
diff --git a/meta-isar/conf/distro/debian-jessie.list b/meta/conf/distro/debian-jessie.list
similarity index 100%
rename from meta-isar/conf/distro/debian-jessie.list
rename to meta/conf/distro/debian-jessie.list
diff --git a/meta-isar/conf/distro/debian-stretch.conf b/meta/conf/distro/debian-stretch.conf
similarity index 100%
rename from meta-isar/conf/distro/debian-stretch.conf
rename to meta/conf/distro/debian-stretch.conf
diff --git a/meta-isar/conf/distro/debian-stretch.list b/meta/conf/distro/debian-stretch.list
similarity index 100%
rename from meta-isar/conf/distro/debian-stretch.list
rename to meta/conf/distro/debian-stretch.list
-- 
2.16.4

[PATCH 8/7] bootimg-efi-isar: Fix serial console setup for grub

[Jan Kiszka]

From: Jan Kiszka <jan.kiszka@siemens.com>

We were lacking terminal_input/output to make the serial console truly
work.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
---
 meta/scripts/lib/wic/plugins/source/bootimg-efi-isar.py | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/meta/scripts/lib/wic/plugins/source/bootimg-efi-isar.py b/meta/scripts/lib/wic/plugins/source/bootimg-efi-isar.py
index 1ca200f..c6a6a02 100644
--- a/meta/scripts/lib/wic/plugins/source/bootimg-efi-isar.py
+++ b/meta/scripts/lib/wic/plugins/source/bootimg-efi-isar.py
@@ -65,8 +65,10 @@ class BootimgEFIPlugin(SourcePlugin):
             # Create grub configuration using parameters from wks file
             bootloader = creator.ks.bootloader
 
-            grubefi_conf = ""
-            grubefi_conf += "serial --unit=0 --speed=115200 --word=8 --parity=no --stop=1\n"
+            grubefi_conf =  "serial --unit=0 --speed=115200 --word=8 --parity=no --stop=1\n"
+            grubefi_conf += "terminal_input --append serial\n"
+            grubefi_conf += "terminal_output --append serial\n"
+            grubefi_conf += "\n"
             grubefi_conf += "default=boot\n"
             grubefi_conf += "timeout=%s\n" % bootloader.timeout
             for part in creator.parts:
-- 
2.16.4

[PATCH 9/7] bootimg-efi-isar: Reformat generated grub.cfg

[Jan Kiszka]

From: Jan Kiszka <jan.kiszka@siemens.com>

Remove unneeded variables for kernel and initrd to make the code more
readable. Indent menu entry to make the conf file more readable.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
---
 meta/scripts/lib/wic/plugins/source/bootimg-efi-isar.py | 14 ++++----------
 1 file changed, 4 insertions(+), 10 deletions(-)

diff --git a/meta/scripts/lib/wic/plugins/source/bootimg-efi-isar.py b/meta/scripts/lib/wic/plugins/source/bootimg-efi-isar.py
index c6a6a02..25b12ca 100644
--- a/meta/scripts/lib/wic/plugins/source/bootimg-efi-isar.py
+++ b/meta/scripts/lib/wic/plugins/source/bootimg-efi-isar.py
@@ -75,17 +75,11 @@ class BootimgEFIPlugin(SourcePlugin):
                 if part.mountpoint == "/":
                     grubefi_conf += "regexp --set bootdisk '(hd[0-9]*),' $prefix\n"
                     grubefi_conf += "set root=$bootdisk',gpt%d'\n" % part.realnum
+            grubefi_conf += "\n"
             grubefi_conf += "menuentry 'boot'{\n"
-
-            kernel = "/vmlinuz"
-
-            grubefi_conf += "linux %s root=%s rootwait %s\n" \
-                            % (kernel, creator.rootdev, bootloader.append or "")
-
-            initrd = "/initrd.img"
-
-            grubefi_conf += "initrd %s\n" % initrd
-
+            grubefi_conf += "    linux /vmlinuz root=%s rootwait %s\n" \
+                            % (creator.rootdev, bootloader.append or "")
+            grubefi_conf += "    initrd /initrd.img\n"
             grubefi_conf += "}\n"
 
         logger.debug("Writing grubefi config %s/hdd/boot/EFI/BOOT/grub.cfg",
-- 
2.16.4

[PATCH 10/7] bitbake.conf: Clean up and enhance OVERRIDES

[Jan Kiszka]

From: Jan Kiszka <jan.kiszka@siemens.com>

We do no use any "local" override, and there is no TARGET_OS and
TARGET_ARCH in Isar. Rather adopt the OE core ordering of
arch:machine:distro and also add the "forcevariable" the OE provides.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
---
 meta/conf/bitbake.conf | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/meta/conf/bitbake.conf b/meta/conf/bitbake.conf
index b067a0d..0e521bb 100644
--- a/meta/conf/bitbake.conf
+++ b/meta/conf/bitbake.conf
@@ -28,7 +28,6 @@ FILE_DIRNAME = "${@os.path.dirname(d.getVar('FILE', False))}"
 GITDIR = "${DL_DIR}/git"
 IMAGE_CMD = "_NO_DEFINED_IMAGE_TYPES_"
 IMAGE_ROOTFS = "${TMPDIR}/rootfs"
-OVERRIDES = "local:${MACHINE}:${TARGET_OS}:${TARGET_ARCH}"
 P = "${PN}-${PV}"
 PF = "${PN}-${PV}-${PR}"
 PN = "${@bb.parse.BBHandler.vars_from_file(d.getVar('FILE', False),d)[0] or 'defaultpkgname'}"
@@ -55,6 +54,8 @@ BUILDCHROOT_HOST_DIR = "${TMPDIR}/work/${DISTRO}-${DISTRO_ARCH}/buildchroot-host
 BUILDCHROOT_TARGET_DIR = "${TMPDIR}/work/${DISTRO}-${DISTRO_ARCH}/buildchroot-target/rootfs"
 CACHE = "${TMPDIR}/cache"
 
+OVERRIDES = "${DISTRO_ARCH}:${MACHINE}:${DISTRO}:forcevariable"
+
 # Codename of the repository created by the caching class
 DEBDISTRONAME = "isar"
 
@@ -66,8 +67,6 @@ REPO_ISAR_DB_DIR = "${DEPLOY_DIR}/isar-apt/db"
 REPO_BASE_DIR = "${DL_DIR}/base-apt/apt"
 REPO_BASE_DB_DIR = "${DL_DIR}/base-apt/db"
 
-OVERRIDES_append = ":${DISTRO}:${DISTRO_ARCH}"
-
 BB_HASHBASE_WHITELIST ?= "TMPDIR FILE PATH PWD BB_TASKHASH BBPATH BBSERVER DL_DIR \
     SSTATE_DIR THISDIR FILESEXTRAPATHS FILE_DIRNAME HOME LOGNAME SHELL TERM \
     USER FILESPATH STAGING_DIR_HOST STAGING_DIR_TARGET COREBASE PRSERV_HOST \
-- 
2.16.4

Re: [PATCH 10/7] bitbake.conf: Clean up and enhance OVERRIDES

[Claudius Heine]

Hi Jan,

On 07/01/2019 07.06, [ext] Jan Kiszka wrote:
> From: Jan Kiszka <jan.kiszka@siemens.com>
> 
> We do no use any "local" override, and there is no TARGET_OS and
> TARGET_ARCH in Isar. Rather adopt the OE core ordering of
> arch:machine:distro and also add the "forcevariable" the OE provides.
> 
> Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
> ---
>   meta/conf/bitbake.conf | 5 ++---
>   1 file changed, 2 insertions(+), 3 deletions(-)
> 
> diff --git a/meta/conf/bitbake.conf b/meta/conf/bitbake.conf
> index b067a0d..0e521bb 100644
> --- a/meta/conf/bitbake.conf
> +++ b/meta/conf/bitbake.conf
> @@ -28,7 +28,6 @@ FILE_DIRNAME = "${@os.path.dirname(d.getVar('FILE', False))}"
>   GITDIR = "${DL_DIR}/git"
>   IMAGE_CMD = "_NO_DEFINED_IMAGE_TYPES_"
>   IMAGE_ROOTFS = "${TMPDIR}/rootfs"
> -OVERRIDES = "local:${MACHINE}:${TARGET_OS}:${TARGET_ARCH}"
>   P = "${PN}-${PV}"
>   PF = "${PN}-${PV}-${PR}"
>   PN = "${@bb.parse.BBHandler.vars_from_file(d.getVar('FILE', False),d)[0] or 'defaultpkgname'}"
> @@ -55,6 +54,8 @@ BUILDCHROOT_HOST_DIR = "${TMPDIR}/work/${DISTRO}-${DISTRO_ARCH}/buildchroot-host
>   BUILDCHROOT_TARGET_DIR = "${TMPDIR}/work/${DISTRO}-${DISTRO_ARCH}/buildchroot-target/rootfs"
>   CACHE = "${TMPDIR}/cache"
>   
> +OVERRIDES = "${DISTRO_ARCH}:${MACHINE}:${DISTRO}:forcevariable"
> +

OE uses MACHINEOVERRIDES and DISTROOVERRIDES to model compatibility of 
machines and distros. Also having the 'pn-${PN}' entry in there can be 
useful as well if a certain variable from one recipe should be 
overwritten from local.conf/kas-project file.

Not in scope of this, but maybe something to think about would be the 
CLASSOVERRIDES. Maybe the cross-compile/native-compile mechanism could 
be changed to use different classes and then variables that need to have 
different values for each class can be specified with the class name 
override, like its done in OE.

regards and a happy new year to everyone,
Claudius

>   # Codename of the repository created by the caching class
>   DEBDISTRONAME = "isar"
>   
> @@ -66,8 +67,6 @@ REPO_ISAR_DB_DIR = "${DEPLOY_DIR}/isar-apt/db"
>   REPO_BASE_DIR = "${DL_DIR}/base-apt/apt"
>   REPO_BASE_DB_DIR = "${DL_DIR}/base-apt/db"
>   
> -OVERRIDES_append = ":${DISTRO}:${DISTRO_ARCH}"
> -
>   BB_HASHBASE_WHITELIST ?= "TMPDIR FILE PATH PWD BB_TASKHASH BBPATH BBSERVER DL_DIR \
>       SSTATE_DIR THISDIR FILESEXTRAPATHS FILE_DIRNAME HOME LOGNAME SHELL TERM \
>       USER FILESPATH STAGING_DIR_HOST STAGING_DIR_TARGET COREBASE PRSERV_HOST \
> 

-- 
DENX Software Engineering GmbH,      Managing Director: Wolfgang Denk
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
Phone: (+49)-8142-66989-54 Fax: (+49)-8142-66989-80 Email: ch@denx.de

Re: [PATCH 1/7] dpkg-raw: Respect file permissions defined by recipe

[Henning Schild]

Am Wed, 2 Jan 2019 12:34:11 +0100
schrieb Jan Kiszka <jan.kiszka@siemens.com>:

> From: Jan Kiszka <jan.kiszka@siemens.com>
> 
> dh_fixperms overwrites the permissions do_install defined carefully.
> Skip this step to avoid that.
> 
> Fixes: f301ccb2b5b1 ("meta/dpkg-raw: build raw packages like all
> others") CC: Henning Schild <henning.schild@siemens.com>
> Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
> ---
>  meta/classes/dpkg-raw.bbclass | 4 +++-
>  1 file changed, 3 insertions(+), 1 deletion(-)
> 
> diff --git a/meta/classes/dpkg-raw.bbclass
> b/meta/classes/dpkg-raw.bbclass index 8d11433..10fb1b9 100644
> --- a/meta/classes/dpkg-raw.bbclass
> +++ b/meta/classes/dpkg-raw.bbclass
> @@ -56,9 +56,11 @@ EOF
>  deb_create_rules() {
>  	cat << EOF > ${S}/debian/rules
>  #!/usr/bin/make -f
> +
> +override_dh_fixperms:
> +
>  %:
>  	dh \$@
> -

I think it is not a good idea to do that in general. While you might
have found an example where dh_fixperms caused problems, there are
probably many where it helps. Say people use "cp" to fill ${D} or
"echo" to fill ${D}/bin/

Henning

>  EOF
>  	chmod +x ${S}/debian/rules
>  }

Re: [PATCH 2/7] bootimg-efi-isar: Run grub-mkimage without own config

[Henning Schild]

Am Wed, 2 Jan 2019 12:34:12 +0100
schrieb Jan Kiszka <jan.kiszka@siemens.com>:

> From: Jan Kiszka <jan.kiszka@siemens.com>
> 
> This avoids hard-coding hd0 into the generated image. Rather rely on
> grub automatically setting 'prefix' to 'cmdpath', the location where
> the firmware started the grub executable.

This is a fork of a file from upstream wic, probably with minimal
changes. Could you double check the diff against the original file, and
check if a wic update would fix that?

Henning

> CC: Henning Schild <henning.schild@siemens.com>
> Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
> ---
>  meta/scripts/lib/wic/plugins/source/bootimg-efi-isar.py | 9 ---------
>  1 file changed, 9 deletions(-)
> 
> diff --git a/meta/scripts/lib/wic/plugins/source/bootimg-efi-isar.py
> b/meta/scripts/lib/wic/plugins/source/bootimg-efi-isar.py index
> 44ce399..0d5d018 100644 ---
> a/meta/scripts/lib/wic/plugins/source/bootimg-efi-isar.py +++
> b/meta/scripts/lib/wic/plugins/source/bootimg-efi-isar.py @@ -91,12
> +91,6 @@ class BootimgEFIPlugin(SourcePlugin): cfg.write(grubefi_conf)
>          cfg.close()
>  
> -        cfg = open("%s/hdd/boot/EFI/BOOT/grub-mkimage.cfg" %
> cr_workdir, "w")
> -        mkimage_conf = "set root='hd0,gpt%d'\n" % bootpart.realnum
> -        mkimage_conf += "set prefix=($root)/EFI/BOOT\n"
> -        cfg.write(mkimage_conf)
> -        cfg.close()
> -
>      @classmethod
>      def do_configure_systemdboot(cls, hdddir, creator, cr_workdir,
> source_params): """
> @@ -211,8 +205,6 @@ class BootimgEFIPlugin(SourcePlugin):
>              if source_params['loader'] == 'grub-efi':
>                  shutil.copyfile("%s/hdd/boot/EFI/BOOT/grub.cfg" %
> cr_workdir, "%s/grub.cfg" % cr_workdir)
> -
> shutil.copyfile("%s/hdd/boot/EFI/BOOT/grub-mkimage.cfg" % cr_workdir,
> -                                "%s/grub-mkimage.cfg" % cr_workdir)
>                  for mod in [x for x in os.listdir(kernel_dir) if
> x.startswith("grub-efi-")]: cp_cmd = "cp %s/%s %s/EFI/BOOT/%s" %
> (kernel_dir, mod, hdddir, mod[9:]) exec_cmd(cp_cmd, True)
> @@ -245,7 +237,6 @@ class BootimgEFIPlugin(SourcePlugin):
>  
>                      # TODO: check that grub-mkimage is available
>                      grub_cmd = "grub-mkimage -p /EFI/BOOT "
> -                    grub_cmd += "-c %s/grub-mkimage.cfg " %
> cr_workdir grub_cmd += "-O %s -o %s/EFI/BOOT/%s " \
>                                  % (grub_target, bootimg_dir,
> grub_image) grub_cmd += "part_gpt part_msdos ntfs ntfscomp fat ext2 "

Re: [PATCH 1/7] dpkg-raw: Respect file permissions defined by recipe

[Jan Kiszka]

On 07.01.19 14:20, Henning Schild wrote:
> Am Wed, 2 Jan 2019 12:34:11 +0100
> schrieb Jan Kiszka <jan.kiszka@siemens.com>:
> 
>> From: Jan Kiszka <jan.kiszka@siemens.com>
>>
>> dh_fixperms overwrites the permissions do_install defined carefully.
>> Skip this step to avoid that.
>>
>> Fixes: f301ccb2b5b1 ("meta/dpkg-raw: build raw packages like all
>> others") CC: Henning Schild <henning.schild@siemens.com>
>> Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
>> ---
>>   meta/classes/dpkg-raw.bbclass | 4 +++-
>>   1 file changed, 3 insertions(+), 1 deletion(-)
>>
>> diff --git a/meta/classes/dpkg-raw.bbclass
>> b/meta/classes/dpkg-raw.bbclass index 8d11433..10fb1b9 100644
>> --- a/meta/classes/dpkg-raw.bbclass
>> +++ b/meta/classes/dpkg-raw.bbclass
>> @@ -56,9 +56,11 @@ EOF
>>   deb_create_rules() {
>>   	cat << EOF > ${S}/debian/rules
>>   #!/usr/bin/make -f
>> +
>> +override_dh_fixperms:
>> +
>>   %:
>>   	dh \$@
>> -
> 
> I think it is not a good idea to do that in general. While you might
> have found an example where dh_fixperms caused problems, there are
> probably many where it helps. Say people use "cp" to fill ${D} or
> "echo" to fill ${D}/bin/

I'm open for better suggestions.

Jan

-- 
Siemens AG, Corporate Technology, CT RDA IOT SES-DE
Corporate Competence Center Embedded Linux

Re: [PATCH 2/7] bootimg-efi-isar: Run grub-mkimage without own config

[Jan Kiszka]

On 07.01.19 14:22, Henning Schild wrote:
> Am Wed, 2 Jan 2019 12:34:12 +0100
> schrieb Jan Kiszka <jan.kiszka@siemens.com>:
> 
>> From: Jan Kiszka <jan.kiszka@siemens.com>
>>
>> This avoids hard-coding hd0 into the generated image. Rather rely on
>> grub automatically setting 'prefix' to 'cmdpath', the location where
>> the firmware started the grub executable.
> 
> This is a fork of a file from upstream wic, probably with minimal
> changes. Could you double check the diff against the original file, and
> check if a wic update would fix that?

Upstream never had a grub-mkimage.cfg, that was already local deviation.

But upstream shares many of the deficits that my follow-up patches address.

Jan

> 
> Henning
> 
>> CC: Henning Schild <henning.schild@siemens.com>
>> Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
>> ---
>>   meta/scripts/lib/wic/plugins/source/bootimg-efi-isar.py | 9 ---------
>>   1 file changed, 9 deletions(-)
>>
>> diff --git a/meta/scripts/lib/wic/plugins/source/bootimg-efi-isar.py
>> b/meta/scripts/lib/wic/plugins/source/bootimg-efi-isar.py index
>> 44ce399..0d5d018 100644 ---
>> a/meta/scripts/lib/wic/plugins/source/bootimg-efi-isar.py +++
>> b/meta/scripts/lib/wic/plugins/source/bootimg-efi-isar.py @@ -91,12
>> +91,6 @@ class BootimgEFIPlugin(SourcePlugin): cfg.write(grubefi_conf)
>>           cfg.close()
>>   
>> -        cfg = open("%s/hdd/boot/EFI/BOOT/grub-mkimage.cfg" %
>> cr_workdir, "w")
>> -        mkimage_conf = "set root='hd0,gpt%d'\n" % bootpart.realnum
>> -        mkimage_conf += "set prefix=($root)/EFI/BOOT\n"
>> -        cfg.write(mkimage_conf)
>> -        cfg.close()
>> -
>>       @classmethod
>>       def do_configure_systemdboot(cls, hdddir, creator, cr_workdir,
>> source_params): """
>> @@ -211,8 +205,6 @@ class BootimgEFIPlugin(SourcePlugin):
>>               if source_params['loader'] == 'grub-efi':
>>                   shutil.copyfile("%s/hdd/boot/EFI/BOOT/grub.cfg" %
>> cr_workdir, "%s/grub.cfg" % cr_workdir)
>> -
>> shutil.copyfile("%s/hdd/boot/EFI/BOOT/grub-mkimage.cfg" % cr_workdir,
>> -                                "%s/grub-mkimage.cfg" % cr_workdir)
>>                   for mod in [x for x in os.listdir(kernel_dir) if
>> x.startswith("grub-efi-")]: cp_cmd = "cp %s/%s %s/EFI/BOOT/%s" %
>> (kernel_dir, mod, hdddir, mod[9:]) exec_cmd(cp_cmd, True)
>> @@ -245,7 +237,6 @@ class BootimgEFIPlugin(SourcePlugin):
>>   
>>                       # TODO: check that grub-mkimage is available
>>                       grub_cmd = "grub-mkimage -p /EFI/BOOT "
>> -                    grub_cmd += "-c %s/grub-mkimage.cfg " %
>> cr_workdir grub_cmd += "-O %s -o %s/EFI/BOOT/%s " \
>>                                   % (grub_target, bootimg_dir,
>> grub_image) grub_cmd += "part_gpt part_msdos ntfs ntfscomp fat ext2 "
> 

-- 
Siemens AG, Corporate Technology, CT RDA IOT SES-DE
Corporate Competence Center Embedded Linux

Re: [PATCH 1/7] dpkg-raw: Respect file permissions defined by recipe

[Henning Schild]

Am Mon, 7 Jan 2019 14:28:47 +0100
schrieb Jan Kiszka <jan.kiszka@siemens.com>:

> On 07.01.19 14:20, Henning Schild wrote:
> > Am Wed, 2 Jan 2019 12:34:11 +0100
> > schrieb Jan Kiszka <jan.kiszka@siemens.com>:
> >   
> >> From: Jan Kiszka <jan.kiszka@siemens.com>
> >>
> >> dh_fixperms overwrites the permissions do_install defined
> >> carefully. Skip this step to avoid that.
> >>
> >> Fixes: f301ccb2b5b1 ("meta/dpkg-raw: build raw packages like all
> >> others") CC: Henning Schild <henning.schild@siemens.com>
> >> Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
> >> ---
> >>   meta/classes/dpkg-raw.bbclass | 4 +++-
> >>   1 file changed, 3 insertions(+), 1 deletion(-)
> >>
> >> diff --git a/meta/classes/dpkg-raw.bbclass
> >> b/meta/classes/dpkg-raw.bbclass index 8d11433..10fb1b9 100644
> >> --- a/meta/classes/dpkg-raw.bbclass
> >> +++ b/meta/classes/dpkg-raw.bbclass
> >> @@ -56,9 +56,11 @@ EOF
> >>   deb_create_rules() {
> >>   	cat << EOF > ${S}/debian/rules
> >>   #!/usr/bin/make -f
> >> +
> >> +override_dh_fixperms:
> >> +
> >>   %:
> >>   	dh \$@
> >> -  
> > 
> > I think it is not a good idea to do that in general. While you might
> > have found an example where dh_fixperms caused problems, there are
> > probably many where it helps. Say people use "cp" to fill ${D} or
> > "echo" to fill ${D}/bin/  
> 
> I'm open for better suggestions.

The suggestion is to do that in the one recipe that you need it for,
and not touch the general case.

Henning

> Jan
> 

Re: [PATCH 1/7] dpkg-raw: Respect file permissions defined by recipe

[Jan Kiszka]

On 07.01.19 15:19, Henning Schild wrote:
> Am Mon, 7 Jan 2019 14:28:47 +0100
> schrieb Jan Kiszka <jan.kiszka@siemens.com>:
> 
>> On 07.01.19 14:20, Henning Schild wrote:
>>> Am Wed, 2 Jan 2019 12:34:11 +0100
>>> schrieb Jan Kiszka <jan.kiszka@siemens.com>:
>>>    
>>>> From: Jan Kiszka <jan.kiszka@siemens.com>
>>>>
>>>> dh_fixperms overwrites the permissions do_install defined
>>>> carefully. Skip this step to avoid that.
>>>>
>>>> Fixes: f301ccb2b5b1 ("meta/dpkg-raw: build raw packages like all
>>>> others") CC: Henning Schild <henning.schild@siemens.com>
>>>> Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
>>>> ---
>>>>    meta/classes/dpkg-raw.bbclass | 4 +++-
>>>>    1 file changed, 3 insertions(+), 1 deletion(-)
>>>>
>>>> diff --git a/meta/classes/dpkg-raw.bbclass
>>>> b/meta/classes/dpkg-raw.bbclass index 8d11433..10fb1b9 100644
>>>> --- a/meta/classes/dpkg-raw.bbclass
>>>> +++ b/meta/classes/dpkg-raw.bbclass
>>>> @@ -56,9 +56,11 @@ EOF
>>>>    deb_create_rules() {
>>>>    	cat << EOF > ${S}/debian/rules
>>>>    #!/usr/bin/make -f
>>>> +
>>>> +override_dh_fixperms:
>>>> +
>>>>    %:
>>>>    	dh \$@
>>>> -
>>>
>>> I think it is not a good idea to do that in general. While you might
>>> have found an example where dh_fixperms caused problems, there are
>>> probably many where it helps. Say people use "cp" to fill ${D} or
>>> "echo" to fill ${D}/bin/
>>
>> I'm open for better suggestions.
> 
> The suggestion is to do that in the one recipe that you need it for,
> and not touch the general case.

...except for causing that regression: Keep in mind that we used to respect 
permissions defined by the user before the switch to packaging via Debian!

Jan

-- 
Siemens AG, Corporate Technology, CT RDA IOT SES-DE
Corporate Competence Center Embedded Linux

Re: [PATCH 1/7] dpkg-raw: Respect file permissions defined by recipe

[Jan Kiszka]

On 07.01.19 15:20, Jan Kiszka wrote:
> On 07.01.19 15:19, Henning Schild wrote:
>> Am Mon, 7 Jan 2019 14:28:47 +0100
>> schrieb Jan Kiszka <jan.kiszka@siemens.com>:
>>
>>> On 07.01.19 14:20, Henning Schild wrote:
>>>> Am Wed, 2 Jan 2019 12:34:11 +0100
>>>> schrieb Jan Kiszka <jan.kiszka@siemens.com>:
>>>>> From: Jan Kiszka <jan.kiszka@siemens.com>
>>>>>
>>>>> dh_fixperms overwrites the permissions do_install defined
>>>>> carefully. Skip this step to avoid that.
>>>>>
>>>>> Fixes: f301ccb2b5b1 ("meta/dpkg-raw: build raw packages like all
>>>>> others") CC: Henning Schild <henning.schild@siemens.com>
>>>>> Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
>>>>> ---
>>>>>    meta/classes/dpkg-raw.bbclass | 4 +++-
>>>>>    1 file changed, 3 insertions(+), 1 deletion(-)
>>>>>
>>>>> diff --git a/meta/classes/dpkg-raw.bbclass
>>>>> b/meta/classes/dpkg-raw.bbclass index 8d11433..10fb1b9 100644
>>>>> --- a/meta/classes/dpkg-raw.bbclass
>>>>> +++ b/meta/classes/dpkg-raw.bbclass
>>>>> @@ -56,9 +56,11 @@ EOF
>>>>>    deb_create_rules() {
>>>>>        cat << EOF > ${S}/debian/rules
>>>>>    #!/usr/bin/make -f
>>>>> +
>>>>> +override_dh_fixperms:
>>>>> +
>>>>>    %:
>>>>>        dh \$@
>>>>> -
>>>>
>>>> I think it is not a good idea to do that in general. While you might
>>>> have found an example where dh_fixperms caused problems, there are
>>>> probably many where it helps. Say people use "cp" to fill ${D} or
>>>> "echo" to fill ${D}/bin/
>>>
>>> I'm open for better suggestions.
>>
>> The suggestion is to do that in the one recipe that you need it for,
>> and not touch the general case.
> 
> ...except for causing that regression: Keep in mind that we used to respect 
> permissions defined by the user before the switch to packaging via Debian!

To make my issue more concrete: Consider you want to package secrets this way. 
Then it would be rather ugly to even temporary have them group or even work 
readable during packaging and installation - in case you suggestion should be to 
adjust the permissions in a postinst.

Jan

-- 
Siemens AG, Corporate Technology, CT RDA IOT SES-DE
Corporate Competence Center Embedded Linux

Re: [PATCH 1/7] dpkg-raw: Respect file permissions defined by recipe

[Henning Schild]

Am Mon, 7 Jan 2019 15:26:16 +0100
schrieb Jan Kiszka <jan.kiszka@siemens.com>:

> On 07.01.19 15:20, Jan Kiszka wrote:
> > On 07.01.19 15:19, Henning Schild wrote:  
> >> Am Mon, 7 Jan 2019 14:28:47 +0100
> >> schrieb Jan Kiszka <jan.kiszka@siemens.com>:
> >>  
> >>> On 07.01.19 14:20, Henning Schild wrote:  
> >>>> Am Wed, 2 Jan 2019 12:34:11 +0100
> >>>> schrieb Jan Kiszka <jan.kiszka@siemens.com>:  
> >>>>> From: Jan Kiszka <jan.kiszka@siemens.com>
> >>>>>
> >>>>> dh_fixperms overwrites the permissions do_install defined
> >>>>> carefully. Skip this step to avoid that.
> >>>>>
> >>>>> Fixes: f301ccb2b5b1 ("meta/dpkg-raw: build raw packages like all
> >>>>> others") CC: Henning Schild <henning.schild@siemens.com>
> >>>>> Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
> >>>>> ---
> >>>>>    meta/classes/dpkg-raw.bbclass | 4 +++-
> >>>>>    1 file changed, 3 insertions(+), 1 deletion(-)
> >>>>>
> >>>>> diff --git a/meta/classes/dpkg-raw.bbclass
> >>>>> b/meta/classes/dpkg-raw.bbclass index 8d11433..10fb1b9 100644
> >>>>> --- a/meta/classes/dpkg-raw.bbclass
> >>>>> +++ b/meta/classes/dpkg-raw.bbclass
> >>>>> @@ -56,9 +56,11 @@ EOF
> >>>>>    deb_create_rules() {
> >>>>>        cat << EOF > ${S}/debian/rules
> >>>>>    #!/usr/bin/make -f
> >>>>> +
> >>>>> +override_dh_fixperms:
> >>>>> +
> >>>>>    %:
> >>>>>        dh \$@
> >>>>> -  
> >>>>
> >>>> I think it is not a good idea to do that in general. While you
> >>>> might have found an example where dh_fixperms caused problems,
> >>>> there are probably many where it helps. Say people use "cp" to
> >>>> fill ${D} or "echo" to fill ${D}/bin/  
> >>>
> >>> I'm open for better suggestions.  
> >>
> >> The suggestion is to do that in the one recipe that you need it
> >> for, and not touch the general case.  
> > 
> > ...except for causing that regression: Keep in mind that we used to
> > respect permissions defined by the user before the switch to
> > packaging via Debian!  

True, but there is a changelog section that even tells users how to
disable certain dhs for their recipes.

> To make my issue more concrete: Consider you want to package secrets
> this way. Then it would be rather ugly to even temporary have them
> group or even work readable during packaging and installation - in
> case you suggestion should be to adjust the permissions in a postinst.

Having secrets in your repo and build process would be ugly as well,
many spots where they could leak. So i do not think that is a good
example.
And i am not talking about a postinst, but a rules file that does
exactly what yours does. See what example-raw does for dh_usrlocal, if
you bring your rules you do not get the defaults.
Looking at the man-page i see a lot of "removes permission", where
documentation seems to be the only exception. Again secret does not
seem to be a good example. (except you place it in usr/share/doc ;) )

What exactly is your motivation for the change?

Henning

> Jan
> 

Re: [PATCH 1/7] dpkg-raw: Respect file permissions defined by recipe

[Jan Kiszka]

On 07.01.19 17:28, Henning Schild wrote:
> Am Mon, 7 Jan 2019 15:26:16 +0100
> schrieb Jan Kiszka <jan.kiszka@siemens.com>:
> 
>> On 07.01.19 15:20, Jan Kiszka wrote:
>>> On 07.01.19 15:19, Henning Schild wrote:
>>>> Am Mon, 7 Jan 2019 14:28:47 +0100
>>>> schrieb Jan Kiszka <jan.kiszka@siemens.com>:
>>>>   
>>>>> On 07.01.19 14:20, Henning Schild wrote:
>>>>>> Am Wed, 2 Jan 2019 12:34:11 +0100
>>>>>> schrieb Jan Kiszka <jan.kiszka@siemens.com>:
>>>>>>> From: Jan Kiszka <jan.kiszka@siemens.com>
>>>>>>>
>>>>>>> dh_fixperms overwrites the permissions do_install defined
>>>>>>> carefully. Skip this step to avoid that.
>>>>>>>
>>>>>>> Fixes: f301ccb2b5b1 ("meta/dpkg-raw: build raw packages like all
>>>>>>> others") CC: Henning Schild <henning.schild@siemens.com>
>>>>>>> Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
>>>>>>> ---
>>>>>>>     meta/classes/dpkg-raw.bbclass | 4 +++-
>>>>>>>     1 file changed, 3 insertions(+), 1 deletion(-)
>>>>>>>
>>>>>>> diff --git a/meta/classes/dpkg-raw.bbclass
>>>>>>> b/meta/classes/dpkg-raw.bbclass index 8d11433..10fb1b9 100644
>>>>>>> --- a/meta/classes/dpkg-raw.bbclass
>>>>>>> +++ b/meta/classes/dpkg-raw.bbclass
>>>>>>> @@ -56,9 +56,11 @@ EOF
>>>>>>>     deb_create_rules() {
>>>>>>>         cat << EOF > ${S}/debian/rules
>>>>>>>     #!/usr/bin/make -f
>>>>>>> +
>>>>>>> +override_dh_fixperms:
>>>>>>> +
>>>>>>>     %:
>>>>>>>         dh \$@
>>>>>>> -
>>>>>>
>>>>>> I think it is not a good idea to do that in general. While you
>>>>>> might have found an example where dh_fixperms caused problems,
>>>>>> there are probably many where it helps. Say people use "cp" to
>>>>>> fill ${D} or "echo" to fill ${D}/bin/
>>>>>
>>>>> I'm open for better suggestions.
>>>>
>>>> The suggestion is to do that in the one recipe that you need it
>>>> for, and not touch the general case.
>>>
>>> ...except for causing that regression: Keep in mind that we used to
>>> respect permissions defined by the user before the switch to
>>> packaging via Debian!
> 
> True, but there is a changelog section that even tells users how to
> disable certain dhs for their recipes.
> 
>> To make my issue more concrete: Consider you want to package secrets
>> this way. Then it would be rather ugly to even temporary have them
>> group or even work readable during packaging and installation - in
>> case you suggestion should be to adjust the permissions in a postinst.
> 
> Having secrets in your repo and build process would be ugly as well,
> many spots where they could leak. So i do not think that is a good
> example.
> And i am not talking about a postinst, but a rules file that does
> exactly what yours does. See what example-raw does for dh_usrlocal, if
> you bring your rules you do not get the defaults.
> Looking at the man-page i see a lot of "removes permission", where
> documentation seems to be the only exception. Again secret does not
> seem to be a good example. (except you place it in usr/share/doc ;) )
> 
> What exactly is your motivation for the change?

Allow to ship files that are not world-readable by defaults. That's a pretty 
common pattern, e.g. to add pre-generated keys, certificates, wifi passwords etc.

So I don't think it is a good idea that dpkg-raw now breaks this use case, 
sometimes silently(!), and forces users to overload their rules files. I'm not 
even sure that it makes sense for Debian to add these permissions to during the 
fixperms phase, but I didn't dig into that details.

Jan

-- 
Siemens AG, Corporate Technology, CT RDA IOT SES-DE
Corporate Competence Center Embedded Linux

Re: [PATCH 1/7] dpkg-raw: Respect file permissions defined by recipe

[Henning Schild]

Am Mon, 7 Jan 2019 17:54:26 +0100
schrieb Jan Kiszka <jan.kiszka@siemens.com>:

> On 07.01.19 17:28, Henning Schild wrote:
> > Am Mon, 7 Jan 2019 15:26:16 +0100
> > schrieb Jan Kiszka <jan.kiszka@siemens.com>:
> >   
> >> On 07.01.19 15:20, Jan Kiszka wrote:  
> >>> On 07.01.19 15:19, Henning Schild wrote:  
> >>>> Am Mon, 7 Jan 2019 14:28:47 +0100
> >>>> schrieb Jan Kiszka <jan.kiszka@siemens.com>:
> >>>>     
> >>>>> On 07.01.19 14:20, Henning Schild wrote:  
> >>>>>> Am Wed, 2 Jan 2019 12:34:11 +0100
> >>>>>> schrieb Jan Kiszka <jan.kiszka@siemens.com>:  
> >>>>>>> From: Jan Kiszka <jan.kiszka@siemens.com>
> >>>>>>>
> >>>>>>> dh_fixperms overwrites the permissions do_install defined
> >>>>>>> carefully. Skip this step to avoid that.
> >>>>>>>
> >>>>>>> Fixes: f301ccb2b5b1 ("meta/dpkg-raw: build raw packages like
> >>>>>>> all others") CC: Henning Schild <henning.schild@siemens.com>
> >>>>>>> Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
> >>>>>>> ---
> >>>>>>>     meta/classes/dpkg-raw.bbclass | 4 +++-
> >>>>>>>     1 file changed, 3 insertions(+), 1 deletion(-)
> >>>>>>>
> >>>>>>> diff --git a/meta/classes/dpkg-raw.bbclass
> >>>>>>> b/meta/classes/dpkg-raw.bbclass index 8d11433..10fb1b9 100644
> >>>>>>> --- a/meta/classes/dpkg-raw.bbclass
> >>>>>>> +++ b/meta/classes/dpkg-raw.bbclass
> >>>>>>> @@ -56,9 +56,11 @@ EOF
> >>>>>>>     deb_create_rules() {
> >>>>>>>         cat << EOF > ${S}/debian/rules
> >>>>>>>     #!/usr/bin/make -f
> >>>>>>> +
> >>>>>>> +override_dh_fixperms:
> >>>>>>> +
> >>>>>>>     %:
> >>>>>>>         dh \$@
> >>>>>>> -  
> >>>>>>
> >>>>>> I think it is not a good idea to do that in general. While you
> >>>>>> might have found an example where dh_fixperms caused problems,
> >>>>>> there are probably many where it helps. Say people use "cp" to
> >>>>>> fill ${D} or "echo" to fill ${D}/bin/  
> >>>>>
> >>>>> I'm open for better suggestions.  
> >>>>
> >>>> The suggestion is to do that in the one recipe that you need it
> >>>> for, and not touch the general case.  
> >>>
> >>> ...except for causing that regression: Keep in mind that we used
> >>> to respect permissions defined by the user before the switch to
> >>> packaging via Debian!  
> > 
> > True, but there is a changelog section that even tells users how to
> > disable certain dhs for their recipes.
> >   
> >> To make my issue more concrete: Consider you want to package
> >> secrets this way. Then it would be rather ugly to even temporary
> >> have them group or even work readable during packaging and
> >> installation - in case you suggestion should be to adjust the
> >> permissions in a postinst.  
> > 
> > Having secrets in your repo and build process would be ugly as well,
> > many spots where they could leak. So i do not think that is a good
> > example.
> > And i am not talking about a postinst, but a rules file that does
> > exactly what yours does. See what example-raw does for dh_usrlocal,
> > if you bring your rules you do not get the defaults.
> > Looking at the man-page i see a lot of "removes permission", where
> > documentation seems to be the only exception. Again secret does not
> > seem to be a good example. (except you place it in
> > usr/share/doc ;) )
> > 
> > What exactly is your motivation for the change?  
> 
> Allow to ship files that are not world-readable by defaults. That's a
> pretty common pattern, e.g. to add pre-generated keys, certificates,
> wifi passwords etc.

I think i got that but i am not sure how they would become world
readable, not from the man-page nor from the code. Except you got the
location "wrong". So a full path example with the permissions before
and after is what i was asking for.

Henning

> So I don't think it is a good idea that dpkg-raw now breaks this use
> case, sometimes silently(!), and forces users to overload their rules
> files. I'm not even sure that it makes sense for Debian to add these
> permissions to during the fixperms phase, but I didn't dig into that
> details.
> 
> Jan
> 

Re: [PATCH 1/7] dpkg-raw: Respect file permissions defined by recipe

[Jan Kiszka]

On 07.01.19 18:51, Henning Schild wrote:
> Am Mon, 7 Jan 2019 17:54:26 +0100
> schrieb Jan Kiszka <jan.kiszka@siemens.com>:
> 
>> On 07.01.19 17:28, Henning Schild wrote:
>>> Am Mon, 7 Jan 2019 15:26:16 +0100
>>> schrieb Jan Kiszka <jan.kiszka@siemens.com>:
>>>    
>>>> On 07.01.19 15:20, Jan Kiszka wrote:
>>>>> On 07.01.19 15:19, Henning Schild wrote:
>>>>>> Am Mon, 7 Jan 2019 14:28:47 +0100
>>>>>> schrieb Jan Kiszka <jan.kiszka@siemens.com>:
>>>>>>      
>>>>>>> On 07.01.19 14:20, Henning Schild wrote:
>>>>>>>> Am Wed, 2 Jan 2019 12:34:11 +0100
>>>>>>>> schrieb Jan Kiszka <jan.kiszka@siemens.com>:
>>>>>>>>> From: Jan Kiszka <jan.kiszka@siemens.com>
>>>>>>>>>
>>>>>>>>> dh_fixperms overwrites the permissions do_install defined
>>>>>>>>> carefully. Skip this step to avoid that.
>>>>>>>>>
>>>>>>>>> Fixes: f301ccb2b5b1 ("meta/dpkg-raw: build raw packages like
>>>>>>>>> all others") CC: Henning Schild <henning.schild@siemens.com>
>>>>>>>>> Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
>>>>>>>>> ---
>>>>>>>>>      meta/classes/dpkg-raw.bbclass | 4 +++-
>>>>>>>>>      1 file changed, 3 insertions(+), 1 deletion(-)
>>>>>>>>>
>>>>>>>>> diff --git a/meta/classes/dpkg-raw.bbclass
>>>>>>>>> b/meta/classes/dpkg-raw.bbclass index 8d11433..10fb1b9 100644
>>>>>>>>> --- a/meta/classes/dpkg-raw.bbclass
>>>>>>>>> +++ b/meta/classes/dpkg-raw.bbclass
>>>>>>>>> @@ -56,9 +56,11 @@ EOF
>>>>>>>>>      deb_create_rules() {
>>>>>>>>>          cat << EOF > ${S}/debian/rules
>>>>>>>>>      #!/usr/bin/make -f
>>>>>>>>> +
>>>>>>>>> +override_dh_fixperms:
>>>>>>>>> +
>>>>>>>>>      %:
>>>>>>>>>          dh \$@
>>>>>>>>> -
>>>>>>>>
>>>>>>>> I think it is not a good idea to do that in general. While you
>>>>>>>> might have found an example where dh_fixperms caused problems,
>>>>>>>> there are probably many where it helps. Say people use "cp" to
>>>>>>>> fill ${D} or "echo" to fill ${D}/bin/
>>>>>>>
>>>>>>> I'm open for better suggestions.
>>>>>>
>>>>>> The suggestion is to do that in the one recipe that you need it
>>>>>> for, and not touch the general case.
>>>>>
>>>>> ...except for causing that regression: Keep in mind that we used
>>>>> to respect permissions defined by the user before the switch to
>>>>> packaging via Debian!
>>>
>>> True, but there is a changelog section that even tells users how to
>>> disable certain dhs for their recipes.
>>>    
>>>> To make my issue more concrete: Consider you want to package
>>>> secrets this way. Then it would be rather ugly to even temporary
>>>> have them group or even work readable during packaging and
>>>> installation - in case you suggestion should be to adjust the
>>>> permissions in a postinst.
>>>
>>> Having secrets in your repo and build process would be ugly as well,
>>> many spots where they could leak. So i do not think that is a good
>>> example.
>>> And i am not talking about a postinst, but a rules file that does
>>> exactly what yours does. See what example-raw does for dh_usrlocal,
>>> if you bring your rules you do not get the defaults.
>>> Looking at the man-page i see a lot of "removes permission", where
>>> documentation seems to be the only exception. Again secret does not
>>> seem to be a good example. (except you place it in
>>> usr/share/doc ;) )
>>>
>>> What exactly is your motivation for the change?
>>
>> Allow to ship files that are not world-readable by defaults. That's a
>> pretty common pattern, e.g. to add pre-generated keys, certificates,
>> wifi passwords etc.
> 
> I think i got that but i am not sure how they would become world
> readable, not from the man-page nor from the code. Except you got the
> location "wrong". So a full path example with the permissions before
> and after is what i was asking for.
> 

I started the patch for packages that populate {/home/$USER,/root}/.ssh, but I'm 
sure you can reproduce that with any file targeting /etc as well - e.g. one that 
exploits [1]. I'm now deploying wifi keys via such an unversioned local.inc.

Jan

[1] 
https://github.com/siemens/jailhouse-images/commit/ad96bb52835fb4b2723733b49b6dca3fc19e81de

-- 
Siemens AG, Corporate Technology, CT RDA IOT SES-DE
Corporate Competence Center Embedded Linux

Re: [PATCH 1/7] dpkg-raw: Respect file permissions defined by recipe

[Baurzhan Ismagulov]

On Mon, Jan 07, 2019 at 02:28:47PM +0100, Jan Kiszka wrote:
> > > dh_fixperms overwrites the permissions do_install defined carefully.
> > > Skip this step to avoid that.
...
> > > --- a/meta/classes/dpkg-raw.bbclass
> > > +++ b/meta/classes/dpkg-raw.bbclass
> > > @@ -56,9 +56,11 @@ EOF
> > >   deb_create_rules() {
> > >   	cat << EOF > ${S}/debian/rules
> > >   #!/usr/bin/make -f
> > > +
> > > +override_dh_fixperms:
> > > +
> > >   %:
> > >   	dh \$@
> > > -
> > 
> > I think it is not a good idea to do that in general. While you might
> > have found an example where dh_fixperms caused problems, there are
> > probably many where it helps. Say people use "cp" to fill ${D} or
> > "echo" to fill ${D}/bin/
> 
> I'm open for better suggestions.

dh_fixperms -X from a variable / file?

override_dh_fixperms in a conditional makefile include, if exists?

That said, I think the right way would be to create proper source packages
downstream.

FWIW, meta-eid has a PoC for dh_making a package from bitbake, but one could
start with manually debianized packages first.

With kind regards,
Baurzhan.

Re: [PATCH 1/7] dpkg-raw: Respect file permissions defined by recipe

[Jan Kiszka]

On 09.01.19 23:37, Baurzhan Ismagulov wrote:
> On Mon, Jan 07, 2019 at 02:28:47PM +0100, Jan Kiszka wrote:
>>>> dh_fixperms overwrites the permissions do_install defined carefully.
>>>> Skip this step to avoid that.
> ...
>>>> --- a/meta/classes/dpkg-raw.bbclass
>>>> +++ b/meta/classes/dpkg-raw.bbclass
>>>> @@ -56,9 +56,11 @@ EOF
>>>>    deb_create_rules() {
>>>>    	cat << EOF > ${S}/debian/rules
>>>>    #!/usr/bin/make -f
>>>> +
>>>> +override_dh_fixperms:
>>>> +
>>>>    %:
>>>>    	dh \$@
>>>> -
>>>
>>> I think it is not a good idea to do that in general. While you might
>>> have found an example where dh_fixperms caused problems, there are
>>> probably many where it helps. Say people use "cp" to fill ${D} or
>>> "echo" to fill ${D}/bin/
>>
>> I'm open for better suggestions.
> 
> dh_fixperms -X from a variable / file?
> 
> override_dh_fixperms in a conditional makefile include, if exists?

Something like this?

diff --git a/meta/classes/dpkg-raw.bbclass b/meta/classes/dpkg-raw.bbclass
index 10fb1b9..fa584ee 100644
--- a/meta/classes/dpkg-raw.bbclass
+++ b/meta/classes/dpkg-raw.bbclass
@@ -53,11 +53,14 @@ Description: ${DESCRIPTION}
 EOF
 }
 
+FIXPERM_EXCLUSIONS = "${@' '.join(['-X ' + x for x in d.getVar('PRESERVE_PERMS', False).split()])}"
+
 deb_create_rules() {
 	cat << EOF > ${S}/debian/rules
 #!/usr/bin/make -f
 
 override_dh_fixperms:
+	dh_fixperms ${EXCLUSIONS}
 
 %:
 	dh \$@


Then the user would have to specify the files to be excluded with full
paths:

PRESERVE_PERMS = "/root/.ssh"
PRESERVE_PERMS += "/etc/network/interfaces.d/wifi"

> 
> That said, I think the right way would be to create proper source packages
> downstream.

Cannot follow that idea yet: What would be the interface?

> 
> FWIW, meta-eid has a PoC for dh_making a package from bitbake, but one could
> start with manually debianized packages first.
> 
> With kind regards,
> Baurzhan.
> 

Jan

-- 
Siemens AG, Corporate Technology, CT RDA IOT SES-DE
Corporate Competence Center Embedded Linux

Re: [PATCH 1/7] dpkg-raw: Respect file permissions defined by recipe

[Jan Kiszka]

On 10.01.19 02:19, [ext] Jan Kiszka wrote:
> On 09.01.19 23:37, Baurzhan Ismagulov wrote:
>> On Mon, Jan 07, 2019 at 02:28:47PM +0100, Jan Kiszka wrote:
>>>>> dh_fixperms overwrites the permissions do_install defined carefully.
>>>>> Skip this step to avoid that.
>> ...
>>>>> --- a/meta/classes/dpkg-raw.bbclass
>>>>> +++ b/meta/classes/dpkg-raw.bbclass
>>>>> @@ -56,9 +56,11 @@ EOF
>>>>>     deb_create_rules() {
>>>>>     	cat << EOF > ${S}/debian/rules
>>>>>     #!/usr/bin/make -f
>>>>> +
>>>>> +override_dh_fixperms:
>>>>> +
>>>>>     %:
>>>>>     	dh \$@
>>>>> -
>>>>
>>>> I think it is not a good idea to do that in general. While you might
>>>> have found an example where dh_fixperms caused problems, there are
>>>> probably many where it helps. Say people use "cp" to fill ${D} or
>>>> "echo" to fill ${D}/bin/
>>>
>>> I'm open for better suggestions.
>>
>> dh_fixperms -X from a variable / file?
>>
>> override_dh_fixperms in a conditional makefile include, if exists?
> 
> Something like this?
> 
> diff --git a/meta/classes/dpkg-raw.bbclass b/meta/classes/dpkg-raw.bbclass
> index 10fb1b9..fa584ee 100644
> --- a/meta/classes/dpkg-raw.bbclass
> +++ b/meta/classes/dpkg-raw.bbclass
> @@ -53,11 +53,14 @@ Description: ${DESCRIPTION}
>   EOF
>   }
>   
> +FIXPERM_EXCLUSIONS = "${@' '.join(['-X ' + x for x in d.getVar('PRESERVE_PERMS', False).split()])}"
> +
>   deb_create_rules() {
>   	cat << EOF > ${S}/debian/rules
>   #!/usr/bin/make -f
>   
>   override_dh_fixperms:
> +	dh_fixperms ${EXCLUSIONS}
>   
>   %:
>   	dh \$@
> 
> 
> Then the user would have to specify the files to be excluded with full
> paths:
> 
> PRESERVE_PERMS = "/root/.ssh"
> PRESERVE_PERMS += "/etc/network/interfaces.d/wifi"
> 
>>
>> That said, I think the right way would be to create proper source packages
>> downstream.
> 
> Cannot follow that idea yet: What would be the interface?
> 
>>
>> FWIW, meta-eid has a PoC for dh_making a package from bitbake, but one could
>> start with manually debianized packages first.
>>
>> With kind regards,
>> Baurzhan.
>>
> 
> Jan
> 

Ping.

Jan

-- 
Siemens AG, Corporate Technology, CT RDA IOT SES-DE
Corporate Competence Center Embedded Linux

Re: [PATCH 1/7] dpkg-raw: Respect file permissions defined by recipe

[Baurzhan Ismagulov]

On Thu, Jan 10, 2019 at 09:19:50AM +0800, Jan Kiszka wrote:
> +FIXPERM_EXCLUSIONS = "${@' '.join(['-X ' + x for x in d.getVar('PRESERVE_PERMS', False).split()])}"
> +
>  deb_create_rules() {
>  	cat << EOF > ${S}/debian/rules
>  #!/usr/bin/make -f
>  
>  override_dh_fixperms:
> +	dh_fixperms ${EXCLUSIONS}

Yes, this is what I meant.


> > That said, I think the right way would be to create proper source packages
> > downstream.
> 
> Cannot follow that idea yet: What would be the interface?

In that case, interface wouldn't be needed, since every downstream package
would have its own debian/rules with desired dh_ helper command lines.


With kind regards,
Baurzhan.

Re: [PATCH 1/7] dpkg-raw: Respect file permissions defined by recipe

[Jan Kiszka]

On 15.01.19 11:10, Baurzhan Ismagulov wrote:
> On Thu, Jan 10, 2019 at 09:19:50AM +0800, Jan Kiszka wrote:
>> +FIXPERM_EXCLUSIONS = "${@' '.join(['-X ' + x for x in d.getVar('PRESERVE_PERMS', False).split()])}"
>> +
>>   deb_create_rules() {
>>   	cat << EOF > ${S}/debian/rules
>>   #!/usr/bin/make -f
>>   
>>   override_dh_fixperms:
>> +	dh_fixperms ${EXCLUSIONS}
> 
> Yes, this is what I meant.
> 

OK, then I will submit a corresponding v2 of this patch, also updating the 
changelog as this is an API change.

Jan

-- 
Siemens AG, Corporate Technology, CT RDA IOT SES-DE
Corporate Competence Center Embedded Linux