* Git and pseudo
[not found] ` <1b153bce-a66a-45ee-a5c6-963ea6fb1c82.0d2bd5fa-15cc-4b27-b94e-83614f9e5b38.65eda1d8-3d07-4fbe-a1d1-669c533cd0a5@emailsignatures365.codetwo.com>
@ 2022-04-25 7:40 ` Mike Looijmans
2022-04-25 12:51 ` [OE-core] " Richard Purdie
0 siblings, 1 reply; 9+ messages in thread
From: Mike Looijmans @ 2022-04-25 7:40 UTC (permalink / raw)
To: openembedded-core
Recently GIT got updated with a security fix:
https://github.blog/2022-04-12-git-security-vulnerability-announced/
The problem is that this causes all "git" tasks that run within pseudo
(most noticably, image recipes) to fail. In many repositories, we use:
git rev-parse --verify HEAD > /etc/revision
Or something similar to that. After the GIT update, this now fails with
an error like:
'''
fatal: unsafe repository ('/home/mike/repository/path' is owned by
someone else)
To add an exception for this directory, call:
git config --global --add safe.directory /home/mike/repository/path
'''
Apart from doing as it says, or even "git config --global --add
safe.directory '*'" anyone have a better idea, especially one that
prevents the system thinking I'm someone else (root in the case of pseudo).
--
Mike Looijmans
Met vriendelijke groet / kind regards,
Mike Looijmans
System Expert
TOPIC Embedded Products B.V.
Materiaalweg 4, 5681 RJ Best
The Netherlands
T: +31 (0) 499 33 69 69
E: mike.looijmans@topicproducts.com
W: www.topic.nl
Please consider the environment before printing this e-mail
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [OE-core] Git and pseudo
2022-04-25 7:40 ` Git and pseudo Mike Looijmans
@ 2022-04-25 12:51 ` Richard Purdie
2022-04-26 9:08 ` Mike Looijmans
0 siblings, 1 reply; 9+ messages in thread
From: Richard Purdie @ 2022-04-25 12:51 UTC (permalink / raw)
To: Mike Looijmans, openembedded-core
On Mon, 2022-04-25 at 09:40 +0200, Mike Looijmans wrote:
> Recently GIT got updated with a security fix:
>
> https://github.blog/2022-04-12-git-security-vulnerability-announced/
>
>
> The problem is that this causes all "git" tasks that run within pseudo
> (most noticably, image recipes) to fail. In many repositories, we use:
> git rev-parse --verify HEAD > /etc/revision
>
> Or something similar to that. After the GIT update, this now fails with
> an error like:
>
> '''
> fatal: unsafe repository ('/home/mike/repository/path' is owned by
> someone else)
> To add an exception for this directory, call:
>
> git config --global --add safe.directory /home/mike/repository/path
> '''
>
> Apart from doing as it says, or even "git config --global --add
> safe.directory '*'" anyone have a better idea, especially one that
> prevents the system thinking I'm someone else (root in the case of pseudo).
https://git.yoctoproject.org/poky/commit/?id=21559199516a31c7635c5f2d874eaa4a92fff0e5
However this isn't quite enough as some things encode the path to git into build
files so the PATH change at do_install isn't enough. igt-gpu-tools via meson in
OE-Core is an example.
Cheers,
Richard
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [OE-core] Git and pseudo
2022-04-25 12:51 ` [OE-core] " Richard Purdie
@ 2022-04-26 9:08 ` Mike Looijmans
2022-04-27 6:47 ` Stefano Babic
0 siblings, 1 reply; 9+ messages in thread
From: Mike Looijmans @ 2022-04-26 9:08 UTC (permalink / raw)
To: Richard Purdie, openembedded-core
Met vriendelijke groet / kind regards,
Mike Looijmans
System Expert
TOPIC Embedded Products B.V.
Materiaalweg 4, 5681 RJ Best
The Netherlands
T: +31 (0) 499 33 69 69
E: mike.looijmans@topicproducts.com
W: www.topic.nl
Please consider the environment before printing this e-mail
On 25-04-2022 14:51, Richard Purdie wrote:
> On Mon, 2022-04-25 at 09:40 +0200, Mike Looijmans wrote:
>> Recently GIT got updated with a security fix:
>>
>> https://github.blog/2022-04-12-git-security-vulnerability-announced/
>>
>>
>> The problem is that this causes all "git" tasks that run within pseudo
>> (most noticably, image recipes) to fail. In many repositories, we use:
>> git rev-parse --verify HEAD > /etc/revision
>>
>> Or something similar to that. After the GIT update, this now fails with
>> an error like:
>>
>> '''
>> fatal: unsafe repository ('/home/mike/repository/path' is owned by
>> someone else)
>> To add an exception for this directory, call:
>>
>> git config --global --add safe.directory /home/mike/repository/path
>> '''
>>
>> Apart from doing as it says, or even "git config --global --add
>> safe.directory '*'" anyone have a better idea, especially one that
>> prevents the system thinking I'm someone else (root in the case of pseudo).
> https://git.yoctoproject.org/poky/commit/?id=21559199516a31c7635c5f2d874eaa4a92fff0e5
>
> However this isn't quite enough as some things encode the path to git into build
> files so the PATH change at do_install isn't enough. igt-gpu-tools via meson in
> OE-Core is an example.
>
> Cheers,
>
> Richard
>
Nice, also for general usefulness.
For our particular case, I came up with this (works in old OE versions
as well), just inserting a task since both do_image and do_rootfs run
under fakeroot:
# We require access to the git repository here, so we must run outside
fakeroot
do_swumetadata() {
# Hardware revision for SWUpdate
echo "${SWU_BOARD_HWREVISION}" > ${IMAGE_ROOTFS}${sysconfdir}/hwrevision
v=`git rev-parse --verify HEAD`
echo $v > ${IMAGE_ROOTFS}${sysconfdir}/swrevision
echo $v > ${DEPLOY_DIR_IMAGE}/${IMAGE_BASENAME}.swrevision
}
addtask do_swumetadata before do_image after do_rootfs
--
Mike Looijmans
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [OE-core] Git and pseudo
2022-04-26 9:08 ` Mike Looijmans
@ 2022-04-27 6:47 ` Stefano Babic
2022-04-27 10:22 ` Richard Purdie
0 siblings, 1 reply; 9+ messages in thread
From: Stefano Babic @ 2022-04-27 6:47 UTC (permalink / raw)
To: Mike Looijmans, Richard Purdie, openembedded-core
Hi Mike, Richard,
On 26.04.22 11:08, Mike Looijmans wrote:
>
> Met vriendelijke groet / kind regards,
>
> Mike Looijmans
> System Expert
>
>
> TOPIC Embedded Products B.V.
> Materiaalweg 4, 5681 RJ Best
> The Netherlands
>
> T: +31 (0) 499 33 69 69
> E: mike.looijmans@topicproducts.com
> W: www.topic.nl
>
> Please consider the environment before printing this e-mail
> On 25-04-2022 14:51, Richard Purdie wrote:
>> On Mon, 2022-04-25 at 09:40 +0200, Mike Looijmans wrote:
>>> Recently GIT got updated with a security fix:
>>>
>>> https://github.blog/2022-04-12-git-security-vulnerability-announced/
>>>
>>>
>>> The problem is that this causes all "git" tasks that run within pseudo
>>> (most noticably, image recipes) to fail. In many repositories, we use:
>>> git rev-parse --verify HEAD > /etc/revision
>>>
>>> Or something similar to that. After the GIT update, this now fails with
>>> an error like:
>>>
>>> '''
>>> fatal: unsafe repository ('/home/mike/repository/path' is owned by
>>> someone else)
>>> To add an exception for this directory, call:
>>>
>>> git config --global --add safe.directory
>>> /home/mike/repository/path
>>> '''
>>>
>>> Apart from doing as it says, or even "git config --global --add
>>> safe.directory '*'" anyone have a better idea, especially one that
>>> prevents the system thinking I'm someone else (root in the case of
>>> pseudo).
>> https://git.yoctoproject.org/poky/commit/?id=21559199516a31c7635c5f2d874eaa4a92fff0e5
>>
>>
>> However this isn't quite enough as some things encode the path to git
>> into build
>> files so the PATH change at do_install isn't enough. igt-gpu-tools via
>> meson in
>> OE-Core is an example.
>>
>> Cheers,
>>
>> Richard
>>
> Nice, also for general usefulness.
>
>
> For our particular case, I came up with this (works in old OE versions
> as well), just inserting a task since both do_image and do_rootfs run
> under fakeroot:
>
> # We require access to the git repository here, so we must run outside
> fakeroot
> do_swumetadata() {
> # Hardware revision for SWUpdate
> echo "${SWU_BOARD_HWREVISION}" >
> ${IMAGE_ROOTFS}${sysconfdir}/hwrevision
> v=`git rev-parse --verify HEAD`
> echo $v > ${IMAGE_ROOTFS}${sysconfdir}/swrevision
> echo $v > ${DEPLOY_DIR_IMAGE}/${IMAGE_BASENAME}.swrevision
> }
> addtask do_swumetadata before do_image after do_rootfs
>
It looks like we have several breakages. I found yesterday that
buildinfo (image-buildinfo) does not work anymore.
meta-filesystems = <unknown>:<unknown>
meta-networking = <unknown>:<unknown>
meta-oe = <unknown>:<unknown>
meta-perl = <unknown>:<unknown>
meta-python = <unknown>:<unknown>
meta-swupdate = <unknown>:<unknown>
meta = <unknown>:<unknown>
meta-poky = <unknown>:<unknown>
meta-yocto-bsp = <unknown>:<unknown>
And the reason is exactly this security update to git, and
base_get_metadata_git_revision / base_get_metadata_git_branch do not
work anymore (in this context, of course). So should we create
/etc/build in a task before do_rootfs ?
Bad is also that this affects older versions (dunfell for example),
because it depends on an external package (git) to OE.
Best regards,
Stefano
--
=====================================================================
DENX Software Engineering GmbH, Managing Director: Wolfgang Denk
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
Phone: +49-8142-66989-53 Fax: +49-8142-66989-80 Email: sbabic@denx.de
=====================================================================
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [OE-core] Git and pseudo
2022-04-27 6:47 ` Stefano Babic
@ 2022-04-27 10:22 ` Richard Purdie
2022-04-27 10:37 ` Jose Quaresma
2022-04-27 10:48 ` Stefano Babic
0 siblings, 2 replies; 9+ messages in thread
From: Richard Purdie @ 2022-04-27 10:22 UTC (permalink / raw)
To: Stefano Babic, Mike Looijmans, openembedded-core; +Cc: Steve Sakoman
On Wed, 2022-04-27 at 08:47 +0200, Stefano Babic wrote:
> Hi Mike, Richard,
>
> On 26.04.22 11:08, Mike Looijmans wrote:
> >
> > Met vriendelijke groet / kind regards,
> >
> > Mike Looijmans
> > System Expert
> >
> >
> > TOPIC Embedded Products B.V.
> > Materiaalweg 4, 5681 RJ Best
> > The Netherlands
> >
> > T: +31 (0) 499 33 69 69
> > E: mike.looijmans@topicproducts.com
> > W: www.topic.nl
> >
> > Please consider the environment before printing this e-mail
> > On 25-04-2022 14:51, Richard Purdie wrote:
> > > On Mon, 2022-04-25 at 09:40 +0200, Mike Looijmans wrote:
> > > > Recently GIT got updated with a security fix:
> > > >
> > > > https://github.blog/2022-04-12-git-security-vulnerability-announced/
> > > >
> > > >
> > > > The problem is that this causes all "git" tasks that run within pseudo
> > > > (most noticably, image recipes) to fail. In many repositories, we use:
> > > > git rev-parse --verify HEAD > /etc/revision
> > > >
> > > > Or something similar to that. After the GIT update, this now fails with
> > > > an error like:
> > > >
> > > > '''
> > > > fatal: unsafe repository ('/home/mike/repository/path' is owned by
> > > > someone else)
> > > > To add an exception for this directory, call:
> > > >
> > > > git config --global --add safe.directory
> > > > /home/mike/repository/path
> > > > '''
> > > >
> > > > Apart from doing as it says, or even "git config --global --add
> > > > safe.directory '*'" anyone have a better idea, especially one that
> > > > prevents the system thinking I'm someone else (root in the case of
> > > > pseudo).
> > > https://git.yoctoproject.org/poky/commit/?id=21559199516a31c7635c5f2d874eaa4a92fff0e5
> > >
> > >
> > > However this isn't quite enough as some things encode the path to git
> > > into build
> > > files so the PATH change at do_install isn't enough. igt-gpu-tools via
> > > meson in
> > > OE-Core is an example.
> > >
> > > Cheers,
> > >
> > > Richard
> > >
> > Nice, also for general usefulness.
> >
> >
> > For our particular case, I came up with this (works in old OE versions
> > as well), just inserting a task since both do_image and do_rootfs run
> > under fakeroot:
> >
> > # We require access to the git repository here, so we must run outside
> > fakeroot
> > do_swumetadata() {
> > # Hardware revision for SWUpdate
> > echo "${SWU_BOARD_HWREVISION}" >
> > ${IMAGE_ROOTFS}${sysconfdir}/hwrevision
> > v=`git rev-parse --verify HEAD`
> > echo $v > ${IMAGE_ROOTFS}${sysconfdir}/swrevision
> > echo $v > ${DEPLOY_DIR_IMAGE}/${IMAGE_BASENAME}.swrevision
> > }
> > addtask do_swumetadata before do_image after do_rootfs
> >
>
> It looks like we have several breakages. I found yesterday that
> buildinfo (image-buildinfo) does not work anymore.
>
> meta-filesystems = <unknown>:<unknown>
>
> meta-networking = <unknown>:<unknown>
>
> meta-oe = <unknown>:<unknown>
>
> meta-perl = <unknown>:<unknown>
>
> meta-python = <unknown>:<unknown>
>
> meta-swupdate = <unknown>:<unknown>
>
> meta = <unknown>:<unknown>
>
> meta-poky = <unknown>:<unknown>
>
> meta-yocto-bsp = <unknown>:<unknown>
>
>
>
> And the reason is exactly this security update to git, and
> base_get_metadata_git_revision / base_get_metadata_git_branch do not
> work anymore (in this context, of course). So should we create
> /etc/build in a task before do_rootfs ?
>
> Bad is also that this affects older versions (dunfell for example),
> because it depends on an external package (git) to OE.
https://git.yoctoproject.org/poky/commit/?id=5bca57859b280f73b23247aac7dec6b05f48fde8
is now the preferred fix and we will likely be backporting this to kirkstone,
honister and dunfell.
Cheers,
Richard
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [OE-core] Git and pseudo
2022-04-27 10:22 ` Richard Purdie
@ 2022-04-27 10:37 ` Jose Quaresma
2022-04-27 10:56 ` Richard Purdie
2022-04-27 10:48 ` Stefano Babic
1 sibling, 1 reply; 9+ messages in thread
From: Jose Quaresma @ 2022-04-27 10:37 UTC (permalink / raw)
To: Richard Purdie; +Cc: Stefano Babic, Mike Looijmans, OE-core, Steve Sakoman
[-- Attachment #1: Type: text/plain, Size: 5130 bytes --]
Hi,
Richard Purdie <richard.purdie@linuxfoundation.org> escreveu no dia quarta,
27/04/2022 à(s) 11:22:
> On Wed, 2022-04-27 at 08:47 +0200, Stefano Babic wrote:
> > Hi Mike, Richard,
> >
> > On 26.04.22 11:08, Mike Looijmans wrote:
> > >
> > > Met vriendelijke groet / kind regards,
> > >
> > > Mike Looijmans
> > > System Expert
> > >
> > >
> > > TOPIC Embedded Products B.V.
> > > Materiaalweg 4, 5681 RJ Best
> > > The Netherlands
> > >
> > > T: +31 (0) 499 33 69 69
> > > E: mike.looijmans@topicproducts.com
> > > W: www.topic.nl
> > >
> > > Please consider the environment before printing this e-mail
> > > On 25-04-2022 14:51, Richard Purdie wrote:
> > > > On Mon, 2022-04-25 at 09:40 +0200, Mike Looijmans wrote:
> > > > > Recently GIT got updated with a security fix:
> > > > >
> > > > >
> https://github.blog/2022-04-12-git-security-vulnerability-announced/
> > > > >
> > > > >
> > > > > The problem is that this causes all "git" tasks that run within
> pseudo
> > > > > (most noticably, image recipes) to fail. In many repositories, we
> use:
> > > > > git rev-parse --verify HEAD > /etc/revision
> > > > >
> > > > > Or something similar to that. After the GIT update, this now fails
> with
> > > > > an error like:
> > > > >
> > > > > '''
> > > > > fatal: unsafe repository ('/home/mike/repository/path' is owned by
> > > > > someone else)
> > > > > To add an exception for this directory, call:
> > > > >
> > > > > git config --global --add safe.directory
> > > > > /home/mike/repository/path
> > > > > '''
> > > > >
> > > > > Apart from doing as it says, or even "git config --global --add
> > > > > safe.directory '*'" anyone have a better idea, especially one that
> > > > > prevents the system thinking I'm someone else (root in the case of
> > > > > pseudo).
> > > >
> https://git.yoctoproject.org/poky/commit/?id=21559199516a31c7635c5f2d874eaa4a92fff0e5
> > > >
> > > >
> > > > However this isn't quite enough as some things encode the path to
> git
> > > > into build
> > > > files so the PATH change at do_install isn't enough. igt-gpu-tools
> via
> > > > meson in
> > > > OE-Core is an example.
> > > >
> > > > Cheers,
> > > >
> > > > Richard
> > > >
> > > Nice, also for general usefulness.
> > >
> > >
> > > For our particular case, I came up with this (works in old OE versions
> > > as well), just inserting a task since both do_image and do_rootfs run
> > > under fakeroot:
> > >
> > > # We require access to the git repository here, so we must run
> outside
> > > fakeroot
> > > do_swumetadata() {
> > > # Hardware revision for SWUpdate
> > > echo "${SWU_BOARD_HWREVISION}" >
> > > ${IMAGE_ROOTFS}${sysconfdir}/hwrevision
> > > v=`git rev-parse --verify HEAD`
> > > echo $v > ${IMAGE_ROOTFS}${sysconfdir}/swrevision
> > > echo $v > ${DEPLOY_DIR_IMAGE}/${IMAGE_BASENAME}.swrevision
> > > }
> > > addtask do_swumetadata before do_image after do_rootfs
> > >
> >
> > It looks like we have several breakages. I found yesterday that
> > buildinfo (image-buildinfo) does not work anymore.
> >
> > meta-filesystems = <unknown>:<unknown>
> >
> > meta-networking = <unknown>:<unknown>
> >
> > meta-oe = <unknown>:<unknown>
> >
> > meta-perl = <unknown>:<unknown>
> >
> > meta-python = <unknown>:<unknown>
> >
> > meta-swupdate = <unknown>:<unknown>
> >
> > meta = <unknown>:<unknown>
> >
> > meta-poky = <unknown>:<unknown>
> >
> > meta-yocto-bsp = <unknown>:<unknown>
> >
> >
> >
> > And the reason is exactly this security update to git, and
> > base_get_metadata_git_revision / base_get_metadata_git_branch do not
> > work anymore (in this context, of course). So should we create
> > /etc/build in a task before do_rootfs ?
> >
> > Bad is also that this affects older versions (dunfell for example),
> > because it depends on an external package (git) to OE.
>
>
>
> https://git.yoctoproject.org/poky/commit/?id=5bca57859b280f73b23247aac7dec6b05f48fde8
The change that introduces the intercept script [1] Is partially reversed
with [2]
With this approach using the environment we don't need the intercept script
anymore or I am missing something?
[1]
https://git.yoctoproject.org/poky/commit/?id=21559199516a31c7635c5f2d874eaa4a92fff0e5
[2]
https://git.yoctoproject.org/poky/commit/?id=5546a868b52400ed1487b2ac7149f3a9e7293bd2
Jose
>
> is now the preferred fix and we will likely be backporting this to
> kirkstone,
> honister and dunfell.
>
> Cheers,
>
> Richard
>
>
>
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> View/Reply Online (#164911):
> https://lists.openembedded.org/g/openembedded-core/message/164911
> Mute This Topic: https://lists.openembedded.org/mt/90680045/5052612
> Group Owner: openembedded-core+owner@lists.openembedded.org
> Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [
> quaresma.jose@gmail.com]
> -=-=-=-=-=-=-=-=-=-=-=-
>
>
--
Best regards,
José Quaresma
[-- Attachment #2: Type: text/html, Size: 8260 bytes --]
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [OE-core] Git and pseudo
2022-04-27 10:22 ` Richard Purdie
2022-04-27 10:37 ` Jose Quaresma
@ 2022-04-27 10:48 ` Stefano Babic
1 sibling, 0 replies; 9+ messages in thread
From: Stefano Babic @ 2022-04-27 10:48 UTC (permalink / raw)
To: Richard Purdie, Stefano Babic, Mike Looijmans, openembedded-core
Cc: Steve Sakoman
On 27.04.22 12:22, Richard Purdie wrote:
> On Wed, 2022-04-27 at 08:47 +0200, Stefano Babic wrote:
>> Hi Mike, Richard,
>>
>> On 26.04.22 11:08, Mike Looijmans wrote:
>>>
>>> Met vriendelijke groet / kind regards,
>>>
>>> Mike Looijmans
>>> System Expert
>>>
>>>
>>> TOPIC Embedded Products B.V.
>>> Materiaalweg 4, 5681 RJ Best
>>> The Netherlands
>>>
>>> T: +31 (0) 499 33 69 69
>>> E: mike.looijmans@topicproducts.com
>>> W: www.topic.nl
>>>
>>> Please consider the environment before printing this e-mail
>>> On 25-04-2022 14:51, Richard Purdie wrote:
>>>> On Mon, 2022-04-25 at 09:40 +0200, Mike Looijmans wrote:
>>>>> Recently GIT got updated with a security fix:
>>>>>
>>>>> https://github.blog/2022-04-12-git-security-vulnerability-announced/
>>>>>
>>>>>
>>>>> The problem is that this causes all "git" tasks that run within pseudo
>>>>> (most noticably, image recipes) to fail. In many repositories, we use:
>>>>> git rev-parse --verify HEAD > /etc/revision
>>>>>
>>>>> Or something similar to that. After the GIT update, this now fails with
>>>>> an error like:
>>>>>
>>>>> '''
>>>>> fatal: unsafe repository ('/home/mike/repository/path' is owned by
>>>>> someone else)
>>>>> To add an exception for this directory, call:
>>>>>
>>>>> git config --global --add safe.directory
>>>>> /home/mike/repository/path
>>>>> '''
>>>>>
>>>>> Apart from doing as it says, or even "git config --global --add
>>>>> safe.directory '*'" anyone have a better idea, especially one that
>>>>> prevents the system thinking I'm someone else (root in the case of
>>>>> pseudo).
>>>> https://git.yoctoproject.org/poky/commit/?id=21559199516a31c7635c5f2d874eaa4a92fff0e5
>>>>
>>>>
>>>> However this isn't quite enough as some things encode the path to git
>>>> into build
>>>> files so the PATH change at do_install isn't enough. igt-gpu-tools via
>>>> meson in
>>>> OE-Core is an example.
>>>>
>>>> Cheers,
>>>>
>>>> Richard
>>>>
>>> Nice, also for general usefulness.
>>>
>>>
>>> For our particular case, I came up with this (works in old OE versions
>>> as well), just inserting a task since both do_image and do_rootfs run
>>> under fakeroot:
>>>
>>> # We require access to the git repository here, so we must run outside
>>> fakeroot
>>> do_swumetadata() {
>>> # Hardware revision for SWUpdate
>>> echo "${SWU_BOARD_HWREVISION}" >
>>> ${IMAGE_ROOTFS}${sysconfdir}/hwrevision
>>> v=`git rev-parse --verify HEAD`
>>> echo $v > ${IMAGE_ROOTFS}${sysconfdir}/swrevision
>>> echo $v > ${DEPLOY_DIR_IMAGE}/${IMAGE_BASENAME}.swrevision
>>> }
>>> addtask do_swumetadata before do_image after do_rootfs
>>>
>>
>> It looks like we have several breakages. I found yesterday that
>> buildinfo (image-buildinfo) does not work anymore.
>>
>> meta-filesystems = <unknown>:<unknown>
>>
>> meta-networking = <unknown>:<unknown>
>>
>> meta-oe = <unknown>:<unknown>
>>
>> meta-perl = <unknown>:<unknown>
>>
>> meta-python = <unknown>:<unknown>
>>
>> meta-swupdate = <unknown>:<unknown>
>>
>> meta = <unknown>:<unknown>
>>
>> meta-poky = <unknown>:<unknown>
>>
>> meta-yocto-bsp = <unknown>:<unknown>
>>
>>
>>
>> And the reason is exactly this security update to git, and
>> base_get_metadata_git_revision / base_get_metadata_git_branch do not
>> work anymore (in this context, of course). So should we create
>> /etc/build in a task before do_rootfs ?
>>
>> Bad is also that this affects older versions (dunfell for example),
>> because it depends on an external package (git) to OE.
>
>
> https://git.yoctoproject.org/poky/commit/?id=5bca57859b280f73b23247aac7dec6b05f48fde8
>
Ok, understood, thanks !
> is now the preferred fix and we will likely be backporting this to kirkstone,
> honister and dunfell.
Thanks !
Stefano
>
> Cheers,
>
> Richard
>
>
>
>
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> View/Reply Online (#164911): https://lists.openembedded.org/g/openembedded-core/message/164911
> Mute This Topic: https://lists.openembedded.org/mt/90680045/3618551
> Group Owner: openembedded-core+owner@lists.openembedded.org
> Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [sbabic@denx.de]
> -=-=-=-=-=-=-=-=-=-=-=-
>
--
=====================================================================
DENX Software Engineering GmbH, Managing Director: Wolfgang Denk
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
Phone: +49-8142-66989-53 Fax: +49-8142-66989-80 Email: sbabic@denx.de
=====================================================================
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [OE-core] Git and pseudo
2022-04-27 10:37 ` Jose Quaresma
@ 2022-04-27 10:56 ` Richard Purdie
2022-04-28 8:24 ` Jose Quaresma
0 siblings, 1 reply; 9+ messages in thread
From: Richard Purdie @ 2022-04-27 10:56 UTC (permalink / raw)
To: Jose Quaresma; +Cc: Stefano Babic, Mike Looijmans, OE-core, Steve Sakoman
On Wed, 2022-04-27 at 11:37 +0100, Jose Quaresma wrote:
> Hi,
>
> Richard Purdie <richard.purdie@linuxfoundation.org> escreveu no dia quarta,
> 27/04/2022 à(s) 11:22:
> > On Wed, 2022-04-27 at 08:47 +0200, Stefano Babic wrote:
> >
> >
> >
> > https://git.yoctoproject.org/poky/commit/?id=5bca57859b280f73b23247aac7dec6b05f48fde8
> >
>
>
> The change that introduces the intercept script [1] Is partially reversed with
> [2]
> With this approach using the environment we don't need the intercept script
> anymore or I am missing something?
>
> [1]
> https://git.yoctoproject.org/poky/commit/?id=21559199516a31c7635c5f2d874eaa4a92fff0e5
> [2]
> https://git.yoctoproject.org/poky/commit/?id=5546a868b52400ed1487b2ac7149f3a9e7293bd2
The devshell experience is better with the intercept as it means things like the
user's HOMEDIR is used for their gitconfig for things like user and email when
writing commits. I've therefore chosen to leave that in master. We may or may
not backport those pieces, I don't have any strong preference.
The other commit from Ross solves the major issue we care about build wide
outside devshell.
Cheers,
Richard
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [OE-core] Git and pseudo
2022-04-27 10:56 ` Richard Purdie
@ 2022-04-28 8:24 ` Jose Quaresma
0 siblings, 0 replies; 9+ messages in thread
From: Jose Quaresma @ 2022-04-28 8:24 UTC (permalink / raw)
To: Richard Purdie; +Cc: Stefano Babic, Mike Looijmans, OE-core, Steve Sakoman
[-- Attachment #1: Type: text/plain, Size: 1570 bytes --]
Hi,
Richard Purdie <richard.purdie@linuxfoundation.org> escreveu no dia quarta,
27/04/2022 à(s) 11:56:
> On Wed, 2022-04-27 at 11:37 +0100, Jose Quaresma wrote:
> > Hi,
> >
> > Richard Purdie <richard.purdie@linuxfoundation.org> escreveu no dia
> quarta,
> > 27/04/2022 à(s) 11:22:
> > > On Wed, 2022-04-27 at 08:47 +0200, Stefano Babic wrote:
> > >
> > >
> > >
> > >
> https://git.yoctoproject.org/poky/commit/?id=5bca57859b280f73b23247aac7dec6b05f48fde8
> > >
> >
> >
> > The change that introduces the intercept script [1] Is
> partially reversed with
> > [2]
> > With this approach using the environment we don't need the intercept
> script
> > anymore or I am missing something?
> >
> > [1]
> >
> https://git.yoctoproject.org/poky/commit/?id=21559199516a31c7635c5f2d874eaa4a92fff0e5
> > [2]
> >
> https://git.yoctoproject.org/poky/commit/?id=5546a868b52400ed1487b2ac7149f3a9e7293bd2
>
> The devshell experience is better with the intercept as it means things
> like the
> user's HOMEDIR is used for their gitconfig for things like user and email
> when
> writing commits. I've therefore chosen to leave that in master. We may or
> may
> not backport those pieces, I don't have any strong preference.
>
I agree that the intercept will improve the devshell user experience
and it was this part that was escaping me.
Thanks
Jose
> The other commit from Ross solves the major issue we care about build wide
> outside devshell.
>
> Cheers,
>
> Richard
>
>
>
>
--
Best regards,
José Quaresma
[-- Attachment #2: Type: text/html, Size: 2835 bytes --]
^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2022-04-28 8:24 UTC | newest]
Thread overview: 9+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
[not found] <1b153bce-a66a-45ee-a5c6-963ea6fb1c82.949ef384-8293-46b8-903f-40a477c056ae.6812ddf4-d065-4e4e-ad42-c48d1bca155d@emailsignatures365.codetwo.com>
[not found] ` <1b153bce-a66a-45ee-a5c6-963ea6fb1c82.0d2bd5fa-15cc-4b27-b94e-83614f9e5b38.65eda1d8-3d07-4fbe-a1d1-669c533cd0a5@emailsignatures365.codetwo.com>
2022-04-25 7:40 ` Git and pseudo Mike Looijmans
2022-04-25 12:51 ` [OE-core] " Richard Purdie
2022-04-26 9:08 ` Mike Looijmans
2022-04-27 6:47 ` Stefano Babic
2022-04-27 10:22 ` Richard Purdie
2022-04-27 10:37 ` Jose Quaresma
2022-04-27 10:56 ` Richard Purdie
2022-04-28 8:24 ` Jose Quaresma
2022-04-27 10:48 ` Stefano Babic
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.