From patchwork Tue Nov 5 19:48:54 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ross Burton X-Patchwork-Id: 51963 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 537C2D36119 for ; Tue, 5 Nov 2024 19:49:08 +0000 (UTC) Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by mx.groups.io with SMTP id smtpd.web11.29423.1730836143731408218 for ; Tue, 05 Nov 2024 11:49:03 -0800 Authentication-Results: mx.groups.io; dkim=none (message not signed); spf=pass (domain: arm.com, ip: 217.140.110.172, mailfrom: ross.burton@arm.com) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 0C5CA1063 for ; Tue, 5 Nov 2024 11:49:33 -0800 (PST) Received: from cesw-amp-gbt-1s-m12830-04.oss.cambridge.arm.com (usa-sjc-imap-foss1.foss.arm.com [10.121.207.14]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id C13073F528 for ; Tue, 5 Nov 2024 11:49:02 -0800 (PST) From: Ross Burton To: openembedded-core@lists.openembedded.org Subject: [PATCH 1/4] selftest/container: fix IMAGE_FEATURES assignment Date: Tue, 5 Nov 2024 19:48:54 +0000 Message-Id: <20241105194857.3351281-1-ross.burton@arm.com> X-Mailer: git-send-email 2.34.1 MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 05 Nov 2024 19:49:08 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/206748 Assigning IMAGE_FEATURES="" in local.conf doesn't actually do anything useful, as bitbake.conf has IMAGE_FEATURES += EXTRA_IMAGE_FEATURES after the include of local.conf. In this test case, this results in IMAGE_FEATURES still using EXTRA_IMAGE_FEATURES, so the image contains the files installed by the post-install-logging feature. As the intention here is that container-test-image is as minimal as possible, move the IMAGE_FEATURES assignment into the image itself so it actually works, and update the expected file list to remove the post-install-logging files. Signed-off-by: Ross Burton --- .../recipes-test/container-image/container-test-image.bb | 1 + meta/lib/oeqa/selftest/cases/containerimage.py | 3 --- 2 files changed, 1 insertion(+), 3 deletions(-) diff --git a/meta-selftest/recipes-test/container-image/container-test-image.bb b/meta-selftest/recipes-test/container-image/container-test-image.bb index d5f939c6e98..26b6409d1d6 100644 --- a/meta-selftest/recipes-test/container-image/container-test-image.bb +++ b/meta-selftest/recipes-test/container-image/container-test-image.bb @@ -4,5 +4,6 @@ LICENSE = "MIT" IMAGE_FSTYPES = "container" IMAGE_LINGUAS = "" +IMAGE_FEATURES = "" inherit core-image diff --git a/meta/lib/oeqa/selftest/cases/containerimage.py b/meta/lib/oeqa/selftest/cases/containerimage.py index 23c0a1408a3..d1ac305a845 100644 --- a/meta/lib/oeqa/selftest/cases/containerimage.py +++ b/meta/lib/oeqa/selftest/cases/containerimage.py @@ -42,7 +42,6 @@ class ContainerImageTests(OESelftestTestCase): self.write_config("""PREFERRED_PROVIDER_virtual/kernel = "linux-dummy" IMAGE_FSTYPES = "container" PACKAGE_CLASSES = "package_ipk" -IMAGE_FEATURES = "" IMAGE_BUILDINFO_FILE = "" INIT_MANAGER = "sysvinit" IMAGE_INSTALL:remove = "ssh-pregen-hostkeys" @@ -55,8 +54,6 @@ IMAGE_INSTALL:remove = "ssh-pregen-hostkeys" expected_files = [ './', '.{bindir}/theapp', - '.{sysconfdir}/default/', - '.{sysconfdir}/default/postinst', '.{sysconfdir}/ld.so.cache', '.{sysconfdir}/timestamp', '.{sysconfdir}/version', From patchwork Tue Nov 5 19:48:55 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ross Burton X-Patchwork-Id: 51964 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 50513D36121 for ; Tue, 5 Nov 2024 19:49:08 +0000 (UTC) Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by mx.groups.io with SMTP id smtpd.web10.29594.1730836144223539711 for ; Tue, 05 Nov 2024 11:49:04 -0800 Authentication-Results: mx.groups.io; dkim=none (message not signed); spf=pass (domain: arm.com, ip: 217.140.110.172, mailfrom: ross.burton@arm.com) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id BF65411FB for ; Tue, 5 Nov 2024 11:49:33 -0800 (PST) Received: from cesw-amp-gbt-1s-m12830-04.oss.cambridge.arm.com (usa-sjc-imap-foss1.foss.arm.com [10.121.207.14]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id 812553F528 for ; Tue, 5 Nov 2024 11:49:03 -0800 (PST) From: Ross Burton To: openembedded-core@lists.openembedded.org Subject: [PATCH 2/4] images/*-sdk: remove debug-tweaks from IMAGE_FEATURES Date: Tue, 5 Nov 2024 19:48:55 +0000 Message-Id: <20241105194857.3351281-2-ross.burton@arm.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20241105194857.3351281-1-ross.burton@arm.com> References: <20241105194857.3351281-1-ross.burton@arm.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 05 Nov 2024 19:49:08 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/206749 There's no need for the SDK images to explicitly list debug-tweaks, this is typically added via EXTRA_IMAGE_FEATURES when needed. Signed-off-by: Ross Burton --- meta/recipes-graphics/images/core-image-weston-sdk.bb | 2 +- meta/recipes-rt/images/core-image-rt-sdk.bb | 2 +- meta/recipes-sato/images/core-image-sato-sdk.bb | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/meta/recipes-graphics/images/core-image-weston-sdk.bb b/meta/recipes-graphics/images/core-image-weston-sdk.bb index 09e87b5b65c..888ebdc6e2b 100644 --- a/meta/recipes-graphics/images/core-image-weston-sdk.bb +++ b/meta/recipes-graphics/images/core-image-weston-sdk.bb @@ -6,7 +6,7 @@ form a standalone SDK." HOMEPAGE = "https://www.yoctoproject.org/" IMAGE_FEATURES += "dev-pkgs tools-sdk \ - tools-debug eclipse-debug tools-profile tools-testapps debug-tweaks ssh-server-openssh" + tools-debug eclipse-debug tools-profile tools-testapps ssh-server-openssh" IMAGE_INSTALL += "kernel-devsrc" diff --git a/meta/recipes-rt/images/core-image-rt-sdk.bb b/meta/recipes-rt/images/core-image-rt-sdk.bb index 624b7d9430c..fbe617cadf9 100644 --- a/meta/recipes-rt/images/core-image-rt-sdk.bb +++ b/meta/recipes-rt/images/core-image-rt-sdk.bb @@ -13,7 +13,7 @@ tools for real-time use. It includes the full meta-toolchain, development \ headers and libraries to form a standalone SDK." DEPENDS += "linux-yocto-rt" -IMAGE_FEATURES += "dev-pkgs tools-sdk tools-debug eclipse-debug tools-profile tools-testapps debug-tweaks" +IMAGE_FEATURES += "dev-pkgs tools-sdk tools-debug eclipse-debug tools-profile tools-testapps" IMAGE_INSTALL += "rt-tests hwlatdetect kernel-dev" diff --git a/meta/recipes-sato/images/core-image-sato-sdk.bb b/meta/recipes-sato/images/core-image-sato-sdk.bb index afab473b52c..b5315a19a00 100644 --- a/meta/recipes-sato/images/core-image-sato-sdk.bb +++ b/meta/recipes-sato/images/core-image-sato-sdk.bb @@ -6,7 +6,7 @@ form a standalone SDK." HOMEPAGE = "https://www.yoctoproject.org/" IMAGE_FEATURES += "dev-pkgs tools-sdk \ - tools-debug eclipse-debug tools-profile tools-testapps debug-tweaks ssh-server-openssh" + tools-debug eclipse-debug tools-profile tools-testapps ssh-server-openssh" IMAGE_INSTALL += "kernel-devsrc" From patchwork Tue Nov 5 19:48:56 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ross Burton X-Patchwork-Id: 51966 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 51F18D36122 for ; Tue, 5 Nov 2024 19:49:08 +0000 (UTC) Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by mx.groups.io with SMTP id smtpd.web10.29595.1730836145025019458 for ; Tue, 05 Nov 2024 11:49:05 -0800 Authentication-Results: mx.groups.io; dkim=none (message not signed); spf=pass (domain: arm.com, ip: 217.140.110.172, mailfrom: ross.burton@arm.com) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 88CEE1063 for ; Tue, 5 Nov 2024 11:49:34 -0800 (PST) Received: from cesw-amp-gbt-1s-m12830-04.oss.cambridge.arm.com (usa-sjc-imap-foss1.foss.arm.com [10.121.207.14]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id 4144D3F528 for ; Tue, 5 Nov 2024 11:49:04 -0800 (PST) From: Ross Burton To: openembedded-core@lists.openembedded.org Subject: [PATCH 3/4] oe-selftest-image: use explicit IMAGE_FEATURES instead of debug-tweaks Date: Tue, 5 Nov 2024 19:48:56 +0000 Message-Id: <20241105194857.3351281-3-ross.burton@arm.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20241105194857.3351281-1-ross.burton@arm.com> References: <20241105194857.3351281-1-ross.burton@arm.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 05 Nov 2024 19:49:08 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/206750 debug-tweaks is vague and doesn't give any indication that the root user can login over SSH without a password. This behaviour is incredibly dangerous if used unwittingly, so discourage it by using the underlying features explicitly to spell out exactly what is being done. Signed-off-by: Ross Burton --- meta-selftest/recipes-test/images/oe-selftest-image.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-selftest/recipes-test/images/oe-selftest-image.bb b/meta-selftest/recipes-test/images/oe-selftest-image.bb index 317a0712aaf..0eb40572094 100644 --- a/meta-selftest/recipes-test/images/oe-selftest-image.bb +++ b/meta-selftest/recipes-test/images/oe-selftest-image.bb @@ -2,7 +2,7 @@ SUMMARY = "An image used during oe-selftest tests" # libudev is needed for deploy mdadm via devtool IMAGE_INSTALL = "packagegroup-core-boot packagegroup-core-ssh-dropbear libudev" -IMAGE_FEATURES = "debug-tweaks" +IMAGE_FEATURES = "allow-empty-password empty-root-password allow-root-login" IMAGE_LINGUAS = " " From patchwork Tue Nov 5 19:48:57 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ross Burton X-Patchwork-Id: 51965 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6F0A3D36124 for ; Tue, 5 Nov 2024 19:49:08 +0000 (UTC) Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by mx.groups.io with SMTP id smtpd.web11.29424.1730836145987724411 for ; Tue, 05 Nov 2024 11:49:06 -0800 Authentication-Results: mx.groups.io; dkim=none (message not signed); spf=pass (domain: arm.com, ip: 217.140.110.172, mailfrom: ross.burton@arm.com) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 48DAA1063 for ; Tue, 5 Nov 2024 11:49:35 -0800 (PST) Received: from cesw-amp-gbt-1s-m12830-04.oss.cambridge.arm.com (usa-sjc-imap-foss1.foss.arm.com [10.121.207.14]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id 0A9753F528 for ; Tue, 5 Nov 2024 11:49:04 -0800 (PST) From: Ross Burton To: openembedded-core@lists.openembedded.org Subject: [PATCH 4/4] local.conf.sample: use explicit IMAGE_FEATURES instead of debug-tweaks Date: Tue, 5 Nov 2024 19:48:57 +0000 Message-Id: <20241105194857.3351281-4-ross.burton@arm.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20241105194857.3351281-1-ross.burton@arm.com> References: <20241105194857.3351281-1-ross.burton@arm.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 05 Nov 2024 19:49:08 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/206751 debug-tweaks is vague and doesn't give any indication that the root user can login over SSH without a password. This behaviour is incredibly dangerous if used unwittingly, so discourage it by using the underlying features explicitly to spell out exactly what is being done. This is not the complete set of features that debug-tweaks enables, but I don't think we need to enable serial-autologin-root or post-install-logging by default. Signed-off-by: Ross Burton --- meta-poky/conf/templates/default/local.conf.sample | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/meta-poky/conf/templates/default/local.conf.sample b/meta-poky/conf/templates/default/local.conf.sample index 72d35662940..cfa77106ab3 100644 --- a/meta-poky/conf/templates/default/local.conf.sample +++ b/meta-poky/conf/templates/default/local.conf.sample @@ -145,8 +145,8 @@ DISTRO ?= "poky" # There are other application targets that can be used here too, see # meta/classes-recipe/image.bbclass and # meta/classes-recipe/core-image.bbclass for more details. -# We default to enabling the debugging tweaks. -EXTRA_IMAGE_FEATURES ?= "debug-tweaks" +# We default to allowing root login without a password for convenience. +EXTRA_IMAGE_FEATURES ?= "allow-empty-password empty-root-password allow-root-login" # # Additional image features