[PATCH 0/8] systemd: allow building for nativesdk

[PATCH 0/8] systemd: allow building for nativesdk

[luca.boccassi]

From: Luca Boccassi <luca.boccassi@microsoft.com>

systemd-analyze in the next release will gain the ability to
run the 'security' and 'verify' verbs offline, on local units.
This is very useful at build time and/or in CI systems to detect
errors and issues before changes are deployed, as a static
analyzer tool.
This series enables building the systemd recipe for the nativesdk
targets, so that systemd-analyze can be included in the SDK and
called by users/build systems/CI systems.

Luca Boccassi (8):
  systemd: skip chown when building for nativesdk
  systemd: skip postinst in nativesdk builds
  systemd: remove /var in nativesdk builds
  volatile-binds: remove /var in nativesdk builds
  volatile-binds: add nativesdk
  kbd: add nativesdk
  os-release: add nativesdk
  systemd: add nativesdk

 meta/recipes-core/kbd/kbd_2.4.0.bb            |  2 +-
 meta/recipes-core/os-release/os-release.bb    |  2 ++
 meta/recipes-core/systemd/systemd-conf_1.0.bb |  2 ++
 .../systemd/systemd-serialgetty.bb            |  2 ++
 meta/recipes-core/systemd/systemd_249.5.bb    | 29 +++++++++++++++++--
 .../volatile-binds/volatile-binds.bb          |  7 +++++
 6 files changed, 41 insertions(+), 3 deletions(-)

-- 
2.30.2

[PATCH 1/8] systemd: skip chown when building for nativesdk

[luca.boccassi]

From: Luca Boccassi <luca.boccassi@microsoft.com>

The useradd class is a no-op in the nativesdk case, so chown will fail.
Skip them.

Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
---
 meta/recipes-core/systemd/systemd_249.5.bb | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/meta/recipes-core/systemd/systemd_249.5.bb b/meta/recipes-core/systemd/systemd_249.5.bb
index 8bdc0ca028..2f019a4b1f 100644
--- a/meta/recipes-core/systemd/systemd_249.5.bb
+++ b/meta/recipes-core/systemd/systemd_249.5.bb
@@ -275,7 +275,10 @@ do_install() {
 		# which is expected to be empty.
 		rm -rf ${D}${localstatedir}/log
 	else
-		chown root:systemd-journal ${D}${localstatedir}/log/journal
+		# The useradd class is a no-op in the nativesdk case, so chown will fail
+		if [ "${PN}" != "nativesdk-systemd" ]; then
+			chown root:systemd-journal ${D}${localstatedir}/log/journal
+		fi
 
 		# journal-remote creates this at start
 		rm -rf ${D}${localstatedir}/log/journal/remote
@@ -319,7 +322,10 @@ do_install() {
 	if ${@bb.utils.contains('PACKAGECONFIG', 'polkit', 'true', 'false', d)}; then
 		if [ -d ${D}${datadir}/polkit-1/rules.d ]; then
 			chmod 700 ${D}${datadir}/polkit-1/rules.d
-			chown polkitd:root ${D}${datadir}/polkit-1/rules.d
+			# The useradd class is a no-op in the nativesdk case, so chown will fail
+			if [ "${PN}" != "nativesdk-systemd" ]; then
+				chown polkitd:root ${D}${datadir}/polkit-1/rules.d
+			fi
 		fi
 	fi
 
-- 
2.30.2

[PATCH 2/8] systemd: skip postinst in nativesdk builds

[luca.boccassi]

From: Luca Boccassi <luca.boccassi@microsoft.com>

They will fail, as there's nowhere to run them

Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
---
 meta/recipes-core/systemd/systemd_249.5.bb | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/meta/recipes-core/systemd/systemd_249.5.bb b/meta/recipes-core/systemd/systemd_249.5.bb
index 2f019a4b1f..38a2f5d474 100644
--- a/meta/recipes-core/systemd/systemd_249.5.bb
+++ b/meta/recipes-core/systemd/systemd_249.5.bb
@@ -773,12 +773,18 @@ ALTERNATIVE_LINK_NAME[runlevel] = "${base_sbindir}/runlevel"
 ALTERNATIVE_PRIORITY[runlevel] ?= "300"
 
 pkg_postinst:${PN}:libc-glibc () {
+	if [ "${PN}" = "nativesdk-systemd" ]; then
+		exit 0
+	fi
 	sed -e '/^hosts:/s/\s*\<myhostname\>//' \
 		-e 's/\(^hosts:.*\)\(\<files\>\)\(.*\)\(\<dns\>\)\(.*\)/\1\2 myhostname \3\4\5/' \
 		-i $D${sysconfdir}/nsswitch.conf
 }
 
 pkg_prerm:${PN}:libc-glibc () {
+	if [ "${PN}" = "nativesdk-systemd" ]; then
+		exit 0
+	fi
 	sed -e '/^hosts:/s/\s*\<myhostname\>//' \
 		-e '/^hosts:/s/\s*myhostname//' \
 		-i $D${sysconfdir}/nsswitch.conf
@@ -786,6 +792,9 @@ pkg_prerm:${PN}:libc-glibc () {
 
 PACKAGE_WRITE_DEPS += "qemu-native"
 pkg_postinst:udev-hwdb () {
+	if [ "${PN}" = "nativesdk-systemd" ]; then
+		exit 0
+	fi
 	if test -n "$D"; then
 		$INTERCEPT_DIR/postinst_intercept update_udev_hwdb ${PKG} mlprefix=${MLPREFIX} binprefix=${MLPREFIX} rootlibexecdir="${rootlibexecdir}" PREFERRED_PROVIDER_udev="${PREFERRED_PROVIDER_udev}"
 	else
@@ -794,5 +803,8 @@ pkg_postinst:udev-hwdb () {
 }
 
 pkg_prerm:udev-hwdb () {
+	if [ "${PN}" = "nativesdk-systemd" ]; then
+		exit 0
+	fi
 	rm -f $D${sysconfdir}/udev/hwdb.bin
 }
-- 
2.30.2

[PATCH 3/8] systemd: remove /var in nativesdk builds

[luca.boccassi]

From: Luca Boccassi <luca.boccassi@microsoft.com>

Nothing picks it up, so it fails QA checks

Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
---
 meta/recipes-core/systemd/systemd_249.5.bb | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/meta/recipes-core/systemd/systemd_249.5.bb b/meta/recipes-core/systemd/systemd_249.5.bb
index 38a2f5d474..016058cd7f 100644
--- a/meta/recipes-core/systemd/systemd_249.5.bb
+++ b/meta/recipes-core/systemd/systemd_249.5.bb
@@ -772,6 +772,11 @@ ALTERNATIVE_TARGET[runlevel] = "${base_bindir}/systemctl"
 ALTERNATIVE_LINK_NAME[runlevel] = "${base_sbindir}/runlevel"
 ALTERNATIVE_PRIORITY[runlevel] ?= "300"
 
+# Nothing picks up /var in the nativesdk case
+do_install_append_class-nativesdk () {
+	rm -rf ${D}/var
+}
+
 pkg_postinst:${PN}:libc-glibc () {
 	if [ "${PN}" = "nativesdk-systemd" ]; then
 		exit 0
-- 
2.30.2

[PATCH 4/8] volatile-binds: remove /var in nativesdk builds

[luca.boccassi]

From: Luca Boccassi <luca.boccassi@microsoft.com>

Nothing picks it up, so it fails QA checks

Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
---
 meta/recipes-core/volatile-binds/volatile-binds.bb | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/meta/recipes-core/volatile-binds/volatile-binds.bb b/meta/recipes-core/volatile-binds/volatile-binds.bb
index d5c5538cd7..66e28f4fc9 100644
--- a/meta/recipes-core/volatile-binds/volatile-binds.bb
+++ b/meta/recipes-core/volatile-binds/volatile-binds.bb
@@ -79,3 +79,8 @@ do_install () {
     ln -s /dev/null ${D}${sysconfdir}/tmpfiles.d/home.conf
 }
 do_install[dirs] = "${WORKDIR}"
+
+# Nothing picks up /var in the nativesdk case
+do_install_append_class-nativesdk () {
+    rm -rf ${D}/var
+}
-- 
2.30.2

[PATCH 5/8] volatile-binds: add nativesdk

[luca.boccassi]

From: Luca Boccassi <luca.boccassi@microsoft.com>

Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
---
 meta/recipes-core/volatile-binds/volatile-binds.bb | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/meta/recipes-core/volatile-binds/volatile-binds.bb b/meta/recipes-core/volatile-binds/volatile-binds.bb
index 66e28f4fc9..0f27353031 100644
--- a/meta/recipes-core/volatile-binds/volatile-binds.bb
+++ b/meta/recipes-core/volatile-binds/volatile-binds.bb
@@ -84,3 +84,5 @@ do_install[dirs] = "${WORKDIR}"
 do_install_append_class-nativesdk () {
     rm -rf ${D}/var
 }
+
+BBCLASSEXTEND = "nativesdk"
-- 
2.30.2

[PATCH 6/8] kbd: add nativesdk

[luca.boccassi]

From: Luca Boccassi <luca.boccassi@microsoft.com>

Required to build systemd tools

Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
---
 meta/recipes-core/kbd/kbd_2.4.0.bb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/recipes-core/kbd/kbd_2.4.0.bb b/meta/recipes-core/kbd/kbd_2.4.0.bb
index 7cb45eff77..7efc7af312 100644
--- a/meta/recipes-core/kbd/kbd_2.4.0.bb
+++ b/meta/recipes-core/kbd/kbd_2.4.0.bb
@@ -43,4 +43,4 @@ ALTERNATIVE:${PN} = "chvt deallocvt fgconsole openvt showkey \
                      ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'vlock','', d)}"
 ALTERNATIVE_PRIORITY = "100"
 
-BBCLASSEXTEND = "native"
+BBCLASSEXTEND = "native nativesdk"
-- 
2.30.2

[PATCH 7/8] os-release: add nativesdk

[luca.boccassi]

From: Luca Boccassi <luca.boccassi@microsoft.com>

Required to build systemd tools

Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
---
 meta/recipes-core/os-release/os-release.bb | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/meta/recipes-core/os-release/os-release.bb b/meta/recipes-core/os-release/os-release.bb
index 8847fe30c3..2f2aa66c46 100644
--- a/meta/recipes-core/os-release/os-release.bb
+++ b/meta/recipes-core/os-release/os-release.bb
@@ -51,3 +51,5 @@ do_install () {
 }
 
 FILES:${PN} += "${nonarch_libdir}/os-release"
+
+BBCLASSEXTEND = "nativesdk"
-- 
2.30.2

[PATCH 8/8] systemd: add nativesdk

[luca.boccassi]

From: Luca Boccassi <luca.boccassi@microsoft.com>

Allows using tools like systemd-analyze at build time and in
CI systems

Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
---
 meta/recipes-core/systemd/systemd-conf_1.0.bb    | 2 ++
 meta/recipes-core/systemd/systemd-serialgetty.bb | 2 ++
 meta/recipes-core/systemd/systemd_249.5.bb       | 2 ++
 3 files changed, 6 insertions(+)

diff --git a/meta/recipes-core/systemd/systemd-conf_1.0.bb b/meta/recipes-core/systemd/systemd-conf_1.0.bb
index 61ce7939d3..84de4d17cf 100644
--- a/meta/recipes-core/systemd/systemd-conf_1.0.bb
+++ b/meta/recipes-core/systemd/systemd-conf_1.0.bb
@@ -41,3 +41,5 @@ FILES:${PN} = "\
     ${systemd_unitdir}/system.conf.d/ \
     ${systemd_unitdir}/network/ \
 "
+
+BBCLASSEXTEND = "nativesdk"
diff --git a/meta/recipes-core/systemd/systemd-serialgetty.bb b/meta/recipes-core/systemd/systemd-serialgetty.bb
index 7ca951cdbd..f877e6ad18 100644
--- a/meta/recipes-core/systemd/systemd-serialgetty.bb
+++ b/meta/recipes-core/systemd/systemd-serialgetty.bb
@@ -50,3 +50,5 @@ FILES:${PN} = "${systemd_system_unitdir}/*.service ${sysconfdir}"
 PACKAGE_ARCH = "${MACHINE_ARCH}"
 
 ALLOW_EMPTY:${PN} = "1"
+
+BBCLASSEXTEND = "nativesdk"
diff --git a/meta/recipes-core/systemd/systemd_249.5.bb b/meta/recipes-core/systemd/systemd_249.5.bb
index 016058cd7f..8f5c737152 100644
--- a/meta/recipes-core/systemd/systemd_249.5.bb
+++ b/meta/recipes-core/systemd/systemd_249.5.bb
@@ -772,6 +772,8 @@ ALTERNATIVE_TARGET[runlevel] = "${base_bindir}/systemctl"
 ALTERNATIVE_LINK_NAME[runlevel] = "${base_sbindir}/runlevel"
 ALTERNATIVE_PRIORITY[runlevel] ?= "300"
 
+BBCLASSEXTEND = "nativesdk"
+
 # Nothing picks up /var in the nativesdk case
 do_install_append_class-nativesdk () {
 	rm -rf ${D}/var
-- 
2.30.2

Re: [OE-core] [PATCH 0/8] systemd: allow building for nativesdk

[Alexander Kanavin]

[-- Attachment #1: Type: text/plain, Size: 1984 bytes --]

Shouldn't this be enabled in regular yocto builds first, e.g. allow
systemd-native and then add the needed checks to systemd.bbclass? Maybe
nativesdk support isn't then needed at all?

Alex

On Wed, 17 Nov 2021 at 13:32, Luca Bocassi <luca.boccassi@gmail.com> wrote:

> From: Luca Boccassi <luca.boccassi@microsoft.com>
>
> systemd-analyze in the next release will gain the ability to
> run the 'security' and 'verify' verbs offline, on local units.
> This is very useful at build time and/or in CI systems to detect
> errors and issues before changes are deployed, as a static
> analyzer tool.
> This series enables building the systemd recipe for the nativesdk
> targets, so that systemd-analyze can be included in the SDK and
> called by users/build systems/CI systems.
>
> Luca Boccassi (8):
>   systemd: skip chown when building for nativesdk
>   systemd: skip postinst in nativesdk builds
>   systemd: remove /var in nativesdk builds
>   volatile-binds: remove /var in nativesdk builds
>   volatile-binds: add nativesdk
>   kbd: add nativesdk
>   os-release: add nativesdk
>   systemd: add nativesdk
>
>  meta/recipes-core/kbd/kbd_2.4.0.bb            |  2 +-
>  meta/recipes-core/os-release/os-release.bb    |  2 ++
>  meta/recipes-core/systemd/systemd-conf_1.0.bb |  2 ++
>  .../systemd/systemd-serialgetty.bb            |  2 ++
>  meta/recipes-core/systemd/systemd_249.5.bb    | 29 +++++++++++++++++--
>  .../volatile-binds/volatile-binds.bb          |  7 +++++
>  6 files changed, 41 insertions(+), 3 deletions(-)
>
> --
> 2.30.2
>
>
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> View/Reply Online (#158384):
> https://lists.openembedded.org/g/openembedded-core/message/158384
> Mute This Topic: https://lists.openembedded.org/mt/87118013/1686489
> Group Owner: openembedded-core+owner@lists.openembedded.org
> Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [
> alex.kanavin@gmail.com]
> -=-=-=-=-=-=-=-=-=-=-=-
>
>

[-- Attachment #2: Type: text/html, Size: 3460 bytes --]

Re: [OE-core] [PATCH 0/8] systemd: allow building for nativesdk

[Luca Boccassi]

[-- Attachment #1: Type: text/plain, Size: 1947 bytes --]

On Wed, 2021-11-17 at 13:53 +0100, Alexander Kanavin wrote:
> Shouldn't this be enabled in regular yocto builds first, e.g. allow
> systemd-native and then add the needed checks to systemd.bbclass?
> Maybe nativesdk support isn't then needed at all?
> 
> Alex

I'm not sure I follow, that would break the build? These changes are
necessary to make it work. I am including the package in the local sdk
configuration, without these patches it does not build.

> On Wed, 17 Nov 2021 at 13:32, Luca Bocassi <luca.boccassi@gmail.com>
> wrote:
> > From: Luca Boccassi <luca.boccassi@microsoft.com>
> > 
> > systemd-analyze in the next release will gain the ability to
> > run the 'security' and 'verify' verbs offline, on local units.
> > This is very useful at build time and/or in CI systems to detect
> > errors and issues before changes are deployed, as a static
> > analyzer tool.
> > This series enables building the systemd recipe for the nativesdk
> > targets, so that systemd-analyze can be included in the SDK and
> > called by users/build systems/CI systems.
> > 
> > Luca Boccassi (8):
> >   systemd: skip chown when building for nativesdk
> >   systemd: skip postinst in nativesdk builds
> >   systemd: remove /var in nativesdk builds
> >   volatile-binds: remove /var in nativesdk builds
> >   volatile-binds: add nativesdk
> >   kbd: add nativesdk
> >   os-release: add nativesdk
> >   systemd: add nativesdk
> > 
> >  meta/recipes-core/kbd/kbd_2.4.0.bb            |  2 +-
> >  meta/recipes-core/os-release/os-release.bb    |  2 ++
> >  meta/recipes-core/systemd/systemd-conf_1.0.bb |  2 ++
> >  .../systemd/systemd-serialgetty.bb            |  2 ++
> >  meta/recipes-core/systemd/systemd_249.5.bb    | 29
> > +++++++++++++++++--
> >  .../volatile-binds/volatile-binds.bb          |  7 +++++
> >  6 files changed, 41 insertions(+), 3 deletions(-)
> > 


[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

Re: [OE-core] [PATCH 0/8] systemd: allow building for nativesdk

[Alexander Kanavin]

[-- Attachment #1: Type: text/plain, Size: 2295 bytes --]

On Wed, 17 Nov 2021 at 15:59, Luca Boccassi <luca.boccassi@gmail.com> wrote:

> On Wed, 2021-11-17 at 13:53 +0100, Alexander Kanavin wrote:
> > Shouldn't this be enabled in regular yocto builds first, e.g. allow
> > systemd-native and then add the needed checks to systemd.bbclass?
> > Maybe nativesdk support isn't then needed at all?
> >
> > Alex
>
> I'm not sure I follow, that would break the build? These changes are
> necessary to make it work. I am including the package in the local sdk
> configuration, without these patches it does not build.
>

What I'm trying to say is running those systemd analyzers should be enabled
in regular yocto builds first before it's enabled in SDKs. It's not a good
idea to have a feature that is available in SDKs but not available in
direct use of bitbake to build recipes.

Alex



>
> > On Wed, 17 Nov 2021 at 13:32, Luca Bocassi <luca.boccassi@gmail.com>
> > wrote:
> > > From: Luca Boccassi <luca.boccassi@microsoft.com>
> > >
> > > systemd-analyze in the next release will gain the ability to
> > > run the 'security' and 'verify' verbs offline, on local units.
> > > This is very useful at build time and/or in CI systems to detect
> > > errors and issues before changes are deployed, as a static
> > > analyzer tool.
> > > This series enables building the systemd recipe for the nativesdk
> > > targets, so that systemd-analyze can be included in the SDK and
> > > called by users/build systems/CI systems.
> > >
> > > Luca Boccassi (8):
> > >   systemd: skip chown when building for nativesdk
> > >   systemd: skip postinst in nativesdk builds
> > >   systemd: remove /var in nativesdk builds
> > >   volatile-binds: remove /var in nativesdk builds
> > >   volatile-binds: add nativesdk
> > >   kbd: add nativesdk
> > >   os-release: add nativesdk
> > >   systemd: add nativesdk
> > >
> > >  meta/recipes-core/kbd/kbd_2.4.0.bb            |  2 +-
> > >  meta/recipes-core/os-release/os-release.bb    |  2 ++
> > >  meta/recipes-core/systemd/systemd-conf_1.0.bb |  2 ++
> > >  .../systemd/systemd-serialgetty.bb            |  2 ++
> > >  meta/recipes-core/systemd/systemd_249.5.bb    | 29
> > > +++++++++++++++++--
> > >  .../volatile-binds/volatile-binds.bb          |  7 +++++
> > >  6 files changed, 41 insertions(+), 3 deletions(-)
> > >
>
>

[-- Attachment #2: Type: text/html, Size: 3801 bytes --]

Re: [OE-core] [PATCH 0/8] systemd: allow building for nativesdk

[Luca Boccassi]

[-- Attachment #1: Type: text/plain, Size: 2776 bytes --]

On Wed, 2021-11-17 at 16:07 +0100, Alexander Kanavin wrote:
> 
> 
> On Wed, 17 Nov 2021 at 15:59, Luca Boccassi <luca.boccassi@gmail.com>
> wrote:
> > On Wed, 2021-11-17 at 13:53 +0100, Alexander Kanavin wrote:
> > > Shouldn't this be enabled in regular yocto builds first, e.g.
> > allow
> > > systemd-native and then add the needed checks to systemd.bbclass?
> > > Maybe nativesdk support isn't then needed at all?
> > > 
> > > Alex
> > 
> > I'm not sure I follow, that would break the build? These changes
> > are
> > necessary to make it work. I am including the package in the local
> > sdk
> > configuration, without these patches it does not build.
> > 
> 
> 
> What I'm trying to say is running those systemd analyzers should be
> enabled in regular yocto builds first before it's enabled in SDKs.
> It's not a good idea to have a feature that is available in SDKs but
> not available in direct use of bitbake to build recipes.
> 
> Alex

But it is already available? And it has been for a long time:

https://git.openembedded.org/openembedded-core/tree/meta/recipes-core/systemd/systemd_249.5.bb#n411

> > 
> > > On Wed, 17 Nov 2021 at 13:32, Luca Bocassi
> > <luca.boccassi@gmail.com>
> > > wrote:
> > > > From: Luca Boccassi <luca.boccassi@microsoft.com>
> > > > 
> > > > systemd-analyze in the next release will gain the ability to
> > > > run the 'security' and 'verify' verbs offline, on local units.
> > > > This is very useful at build time and/or in CI systems to
> > detect
> > > > errors and issues before changes are deployed, as a static
> > > > analyzer tool.
> > > > This series enables building the systemd recipe for the
> > nativesdk
> > > > targets, so that systemd-analyze can be included in the SDK and
> > > > called by users/build systems/CI systems.
> > > > 
> > > > Luca Boccassi (8):
> > > >   systemd: skip chown when building for nativesdk
> > > >   systemd: skip postinst in nativesdk builds
> > > >   systemd: remove /var in nativesdk builds
> > > >   volatile-binds: remove /var in nativesdk builds
> > > >   volatile-binds: add nativesdk
> > > >   kbd: add nativesdk
> > > >   os-release: add nativesdk
> > > >   systemd: add nativesdk
> > > > 
> > > >  meta/recipes-core/kbd/kbd_2.4.0.bb            |  2 +-
> > > >  meta/recipes-core/os-release/os-release.bb    |  2 ++
> > > >  meta/recipes-core/systemd/systemd-conf_1.0.bb |  2 ++
> > > >  .../systemd/systemd-serialgetty.bb            |  2 ++
> > > >  meta/recipes-core/systemd/systemd_249.5.bb    | 29
> > > > +++++++++++++++++--
> > > >  .../volatile-binds/volatile-binds.bb          |  7 +++++
> > > >  6 files changed, 41 insertions(+), 3 deletions(-)
> > > > 
> > 


[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

Re: [OE-core] [PATCH 0/8] systemd: allow building for nativesdk

[Alexander Kanavin]

[-- Attachment #1: Type: text/plain, Size: 651 bytes --]

On Wed, 17 Nov 2021 at 17:11, Luca Boccassi <luca.boccassi@gmail.com> wrote:

> > What I'm trying to say is running those systemd analyzers should be
> > enabled in regular yocto builds first before it's enabled in SDKs.
> > It's not a good idea to have a feature that is available in SDKs but
> > not available in direct use of bitbake to build recipes.
> >
> > Alex
>
> But it is already available? And it has been for a long time:
>
>
> https://git.openembedded.org/openembedded-core/tree/meta/recipes-core/systemd/systemd_249.5.bb#n411


This is packaging the tool for the target images; what I propose is that
it's built and used natively.

Alex

[-- Attachment #2: Type: text/html, Size: 1269 bytes --]

Re: [OE-core] [PATCH 5/8] volatile-binds: add nativesdk

[Richard Purdie]

On Wed, 2021-11-17 at 12:31 +0000, Luca Bocassi wrote:
> From: Luca Boccassi <luca.boccassi@microsoft.com>
> 
> Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
> ---
>  meta/recipes-core/volatile-binds/volatile-binds.bb | 2 ++
>  1 file changed, 2 insertions(+)
> 
> diff --git a/meta/recipes-core/volatile-binds/volatile-binds.bb b/meta/recipes-core/volatile-binds/volatile-binds.bb
> index 66e28f4fc9..0f27353031 100644
> --- a/meta/recipes-core/volatile-binds/volatile-binds.bb
> +++ b/meta/recipes-core/volatile-binds/volatile-binds.bb
> @@ -84,3 +84,5 @@ do_install[dirs] = "${WORKDIR}"
>  do_install_append_class-nativesdk () {
>      rm -rf ${D}/var
>  }
> +
> +BBCLASSEXTEND = "nativesdk"

Is there any useful component left in volatile-binds in the SDK case? I don't
think we should be extending this as the recipe makes no sense. Rather nativesdk
variants probably shouldn't be depending upon it?

Cheers,

Richard

Re: [OE-core] [PATCH 0/8] systemd: allow building for nativesdk

[Luca Boccassi]

[-- Attachment #1: Type: text/plain, Size: 938 bytes --]

On Wed, 2021-11-17 at 17:44 +0100, Alexander Kanavin wrote:
> On Wed, 17 Nov 2021 at 17:11, Luca Boccassi <luca.boccassi@gmail.com>
> wrote:
> > > What I'm trying to say is running those systemd analyzers should
> > be
> > > enabled in regular yocto builds first before it's enabled in
> > SDKs.
> > > It's not a good idea to have a feature that is available in SDKs
> > but
> > > not available in direct use of bitbake to build recipes.
> > > 
> > > Alex
> > 
> > But it is already available? And it has been for a long time:
> > 
> > https://git.openembedded.org/openembedded-core/tree/meta/recipes-core/systemd/systemd_249.5.bb#n411
> 
> This is packaging the tool for the target images; what I propose is
> that it's built and used natively.

Which is what this patchset does? Again you can't build these recipes
to run locally without these changes, that's the entire point

-- 
Kind regards,
Luca Boccassi

[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

Re: [OE-core] [PATCH 5/8] volatile-binds: add nativesdk

[Luca Boccassi]

[-- Attachment #1: Type: text/plain, Size: 1217 bytes --]

On Wed, 2021-11-17 at 17:40 +0000, Richard Purdie wrote:
> On Wed, 2021-11-17 at 12:31 +0000, Luca Bocassi wrote:
> > From: Luca Boccassi <luca.boccassi@microsoft.com>
> > 
> > Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
> > ---
> >  meta/recipes-core/volatile-binds/volatile-binds.bb | 2 ++
> >  1 file changed, 2 insertions(+)
> > 
> > diff --git a/meta/recipes-core/volatile-binds/volatile-binds.bb b/meta/recipes-core/volatile-binds/volatile-binds.bb
> > index 66e28f4fc9..0f27353031 100644
> > --- a/meta/recipes-core/volatile-binds/volatile-binds.bb
> > +++ b/meta/recipes-core/volatile-binds/volatile-binds.bb
> > @@ -84,3 +84,5 @@ do_install[dirs] = "${WORKDIR}"
> >  do_install_append_class-nativesdk () {
> >      rm -rf ${D}/var
> >  }
> > +
> > +BBCLASSEXTEND = "nativesdk"
> 
> Is there any useful component left in volatile-binds in the SDK case? I don't
> think we should be extending this as the recipe makes no sense. Rather nativesdk
> variants probably shouldn't be depending upon it?

It's pulled in automatically. I don't know enough about yocto to be
able to tell whether it's intentional and needed or not.

-- 
Kind regards,
Luca Boccassi

[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

Re: [OE-core] [PATCH 6/8] kbd: add nativesdk

[Richard Purdie]

On Wed, 2021-11-17 at 12:31 +0000, Luca Bocassi wrote:
> From: Luca Boccassi <luca.boccassi@microsoft.com>
> 
> Required to build systemd tools

If systemd needs these to build, wouldn't it be depending on kbd-native?

Or are you saying that systemd-tools needs something in here at runtime?

I don't mind extending the recipe if we really need it but that isn't what the
commit message says so at the very least that needs to be clearer.

Cheers,

Richard

Re: [OE-core] [PATCH 0/8] systemd: allow building for nativesdk

[Alexander Kanavin]

[-- Attachment #1: Type: text/plain, Size: 703 bytes --]

On Wed, 17 Nov 2021 at 18:41, Luca Boccassi <luca.boccassi@gmail.com> wrote:

> > This is packaging the tool for the target images; what I propose is
> > that it's built and used natively.
>
> Which is what this patchset does? Again you can't build these recipes
> to run locally without these changes, that's the entire point
>

This patchset allows systemd binaries to be used in SDKs; what I would like
to see is that those binaries are built and used directly in yocto builds.
E.g. systemd recipe gains BBCLASSEXTEND = "native", systemd.bbclass gets
DEPENDS = "systemd-native" and then uses the native systemd binaries in the
same way you want to use them in your private SDK-based pipelines.

Alex

[-- Attachment #2: Type: text/html, Size: 1171 bytes --]

Re: [OE-core] [PATCH 6/8] kbd: add nativesdk

[Luca Boccassi]

[-- Attachment #1: Type: text/plain, Size: 811 bytes --]

On Wed, 2021-11-17 at 17:43 +0000, Richard Purdie wrote:
> On Wed, 2021-11-17 at 12:31 +0000, Luca Bocassi wrote:
> > From: Luca Boccassi <luca.boccassi@microsoft.com>
> > 
> > Required to build systemd tools
> 
> If systemd needs these to build, wouldn't it be depending on kbd-native?
> 
> Or are you saying that systemd-tools needs something in here at runtime?
> 
> I don't mind extending the recipe if we really need it but that isn't what the
> commit message says so at the very least that needs to be clearer.
> 
> Cheers,
> 
> Richard
> 

It's probably indirect, I guess (dependency of a dependency)? This
series was the bare minimum required to get the recipe to build. The
build failed with "nothing provides nativesdk-foobar" without these.

-- 
Kind regards,
Luca Boccassi

[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

Re: [OE-core] [PATCH 0/8] systemd: allow building for nativesdk

[Luca Boccassi]

[-- Attachment #1: Type: text/plain, Size: 1095 bytes --]

On Wed, 2021-11-17 at 18:49 +0100, Alexander Kanavin wrote:
> On Wed, 17 Nov 2021 at 18:41, Luca Boccassi <luca.boccassi@gmail.com>
> wrote:
> > > This is packaging the tool for the target images; what I propose
> > is
> > > that it's built and used natively.
> > 
> > Which is what this patchset does? Again you can't build these
> > recipes
> > to run locally without these changes, that's the entire point
> 
> This patchset allows systemd binaries to be used in SDKs; what I
> would like to see is that those binaries are built and used directly
> in yocto builds. E.g. systemd recipe gains BBCLASSEXTEND = "native",
> systemd.bbclass gets DEPENDS = "systemd-native" and then uses the
> native systemd binaries in the same way you want to use them in your
> private SDK-based pipelines. 

Sounds good to me, feel free to go ahead and send patches to do that.
It's unrelated to this series and to my requirements, and I have no use
for it, so I will not be spending any time chasing down various rabbit
holes to make it work, sorry.

-- 
Kind regards,
Luca Boccassi

[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

RE: [OE-core] [PATCH 1/8] systemd: skip chown when building for nativesdk

[Peter Kjellerstedt]

> -----Original Message-----
> From: openembedded-core@lists.openembedded.org <openembedded-core@lists.openembedded.org> On Behalf Of Luca Bocassi
> Sent: den 17 november 2021 13:32
> To: openembedded-core@lists.openembedded.org
> Cc: paul.eggleton@microsoft.com
> Subject: [OE-core] [PATCH 1/8] systemd: skip chown when building for nativesdk
> 
> From: Luca Boccassi <luca.boccassi@microsoft.com>
> 
> The useradd class is a no-op in the nativesdk case, so chown will fail.
> Skip them.
> 
> Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
> ---
>  meta/recipes-core/systemd/systemd_249.5.bb | 10 ++++++++--
>  1 file changed, 8 insertions(+), 2 deletions(-)
> 
> diff --git a/meta/recipes-core/systemd/systemd_249.5.bb b/meta/recipes-core/systemd/systemd_249.5.bb
> index 8bdc0ca028..2f019a4b1f 100644
> --- a/meta/recipes-core/systemd/systemd_249.5.bb
> +++ b/meta/recipes-core/systemd/systemd_249.5.bb
> @@ -275,7 +275,10 @@ do_install() {
>  		# which is expected to be empty.
>  		rm -rf ${D}${localstatedir}/log
>  	else
> -		chown root:systemd-journal ${D}${localstatedir}/log/journal
> +		# The useradd class is a no-op in the nativesdk case, so chown will fail
> +		if [ "${PN}" != "nativesdk-systemd" ]; then

If you change that if statement here and below to:

		if [ "${PN}" = "${BPN}" ]; then

then it will apply just as well if anyone introduces systemd-native.

> +			chown root:systemd-journal ${D}${localstatedir}/log/journal
> +		fi
> 
>  		# journal-remote creates this at start
>  		rm -rf ${D}${localstatedir}/log/journal/remote
> @@ -319,7 +322,10 @@ do_install() {
>  	if ${@bb.utils.contains('PACKAGECONFIG', 'polkit', 'true', 'false', d)}; then
>  		if [ -d ${D}${datadir}/polkit-1/rules.d ]; then
>  			chmod 700 ${D}${datadir}/polkit-1/rules.d
> -			chown polkitd:root ${D}${datadir}/polkit-1/rules.d
> +			# The useradd class is a no-op in the nativesdk case, so chown will fail
> +			if [ "${PN}" != "nativesdk-systemd" ]; then
> +				chown polkitd:root ${D}${datadir}/polkit-1/rules.d
> +			fi
>  		fi
>  	fi
> 
> --
> 2.30.2

//Peter

Re: [OE-core] [PATCH 1/8] systemd: skip chown when building for nativesdk

[Luca Boccassi]

[-- Attachment #1: Type: text/plain, Size: 1699 bytes --]

On Wed, 2021-11-17 at 18:14 +0000, Peter Kjellerstedt wrote:
> > -----Original Message-----
> > From: openembedded-core@lists.openembedded.org
> > <openembedded-core@lists.openembedded.org> On Behalf Of Luca
> > Bocassi
> > Sent: den 17 november 2021 13:32
> > To: openembedded-core@lists.openembedded.org
> > Cc: paul.eggleton@microsoft.com
> > Subject: [OE-core] [PATCH 1/8] systemd: skip chown when building
> > for nativesdk
> > 
> > From: Luca Boccassi <luca.boccassi@microsoft.com>
> > 
> > The useradd class is a no-op in the nativesdk case, so chown will
> > fail.
> > Skip them.
> > 
> > Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
> > ---
> >  meta/recipes-core/systemd/systemd_249.5.bb | 10 ++++++++--
> >  1 file changed, 8 insertions(+), 2 deletions(-)
> > 
> > diff --git a/meta/recipes-core/systemd/systemd_249.5.bb
> > b/meta/recipes-core/systemd/systemd_249.5.bb
> > index 8bdc0ca028..2f019a4b1f 100644
> > --- a/meta/recipes-core/systemd/systemd_249.5.bb
> > +++ b/meta/recipes-core/systemd/systemd_249.5.bb
> > @@ -275,7 +275,10 @@ do_install() {
> >  		# which is expected to be empty.
> >  		rm -rf ${D}${localstatedir}/log
> >  	else
> > -		chown root:systemd-journal
> > ${D}${localstatedir}/log/journal
> > +		# The useradd class is a no-op in the nativesdk
> > case, so chown will fail
> > +		if [ "${PN}" != "nativesdk-systemd" ]; then
> 
> If you change that if statement here and below to:
> 
> 		if [ "${PN}" = "${BPN}" ]; then
> 
> then it will apply just as well if anyone introduces systemd-native.

Thanks, will test that and send a v2 tomorrow if it is all green.

-- 
Kind regards,
Luca Boccassi

[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

Re: [OE-core] [PATCH 0/8] systemd: allow building for nativesdk

[Alexander Kanavin]

[-- Attachment #1: Type: text/plain, Size: 1103 bytes --]

On Wed, 17 Nov 2021 at 19:05, Luca Boccassi <luca.boccassi@gmail.com> wrote:

> > This patchset allows systemd binaries to be used in SDKs; what I
> > would like to see is that those binaries are built and used directly
> > in yocto builds. E.g. systemd recipe gains BBCLASSEXTEND = "native",
> > systemd.bbclass gets DEPENDS = "systemd-native" and then uses the
> > native systemd binaries in the same way you want to use them in your
> > private SDK-based pipelines.
>
> Sounds good to me, feel free to go ahead and send patches to do that.
> It's unrelated to this series and to my requirements, and I have no use
> for it, so I will not be spending any time chasing down various rabbit
> holes to make it work, sorry.
>

Please consider the needs of the project and the community too. From that
perspective I do think any QA enhancement must be available to users of
bitbake before it's available to users of SDK (and even then, without any
regression testing upstream, and only if they set up special SDK plumbing
in private CI pipelines). Doing otherwise sets a bad precedent in my
opinion.

Alex

[-- Attachment #2: Type: text/html, Size: 1542 bytes --]

Re: [OE-core] [PATCH 0/8] systemd: allow building for nativesdk

[ChenQi]

[-- Attachment #1: Type: text/plain, Size: 2183 bytes --]

Hi Luca,

If the real useful part is only about systemd-analyze in case of 
nativesdk/native, I'd suggest adding systemd-analyze-native or 
nativesdk-systemd-analyze instead of extending the current systemd recipe.
This is because systemd has a whole bunch of dependencies which 
basically make no sense in case of native/nativesdk. Looking at the 
src/analyze/meson.build file, I guess it could be built independently.

Regards,
Qi

On 11/17/21 8:31 PM, Luca Bocassi wrote:
> From: Luca Boccassi <luca.boccassi@microsoft.com>
>
> systemd-analyze in the next release will gain the ability to
> run the 'security' and 'verify' verbs offline, on local units.
> This is very useful at build time and/or in CI systems to detect
> errors and issues before changes are deployed, as a static
> analyzer tool.
> This series enables building the systemd recipe for the nativesdk
> targets, so that systemd-analyze can be included in the SDK and
> called by users/build systems/CI systems.
>
> Luca Boccassi (8):
>    systemd: skip chown when building for nativesdk
>    systemd: skip postinst in nativesdk builds
>    systemd: remove /var in nativesdk builds
>    volatile-binds: remove /var in nativesdk builds
>    volatile-binds: add nativesdk
>    kbd: add nativesdk
>    os-release: add nativesdk
>    systemd: add nativesdk
>
>   meta/recipes-core/kbd/kbd_2.4.0.bb            |  2 +-
>   meta/recipes-core/os-release/os-release.bb    |  2 ++
>   meta/recipes-core/systemd/systemd-conf_1.0.bb |  2 ++
>   .../systemd/systemd-serialgetty.bb            |  2 ++
>   meta/recipes-core/systemd/systemd_249.5.bb    | 29 +++++++++++++++++--
>   .../volatile-binds/volatile-binds.bb          |  7 +++++
>   6 files changed, 41 insertions(+), 3 deletions(-)
>
>
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> View/Reply Online (#158384): https://lists.openembedded.org/g/openembedded-core/message/158384
> Mute This Topic: https://lists.openembedded.org/mt/87118013/3618072
> Group Owner: openembedded-core+owner@lists.openembedded.org
> Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [Qi.Chen@windriver.com]
> -=-=-=-=-=-=-=-=-=-=-=-
>


[-- Attachment #2: Type: text/html, Size: 3508 bytes --]

Re: [OE-core] [PATCH 0/8] systemd: allow building for nativesdk

[Luca Boccassi]

[-- Attachment #1: Type: text/plain, Size: 2440 bytes --]

On Fri, 2021-11-19 at 09:43 +0800, ChenQi wrote:
> Hi Luca,
> 
> If the real useful part is only about systemd-analyze in case of
> nativesdk/native, I'd suggest adding systemd-analyze-native or
> nativesdk-systemd-analyze instead of extending the current systemd
> recipe.
> This is because systemd has a whole bunch of dependencies which
> basically make no sense in case of native/nativesdk. Looking at the
> src/analyze/meson.build file, I guess it could be built
> independently.
> 
> Regards,
> Qi

Hi,

Building individual binaries like that is not supported, so it cannot
work.

> On 11/17/21 8:31 PM, Luca Bocassi wrote:
> From: Luca Boccassi <luca.boccassi@microsoft.com>
> 
> systemd-analyze in the next release will gain the ability to
> run the 'security' and 'verify' verbs offline, on local units.
> This is very useful at build time and/or in CI systems to detect
> errors and issues before changes are deployed, as a static
> analyzer tool.
> This series enables building the systemd recipe for the nativesdk
> targets, so that systemd-analyze can be included in the SDK and
> called by users/build systems/CI systems.
> 
> Luca Boccassi (8):
>   systemd: skip chown when building for nativesdk
>   systemd: skip postinst in nativesdk builds
>   systemd: remove /var in nativesdk builds
>   volatile-binds: remove /var in nativesdk builds
>   volatile-binds: add nativesdk
>   kbd: add nativesdk
>   os-release: add nativesdk
>   systemd: add nativesdk
> 
>  meta/recipes-core/kbd/kbd_2.4.0.bb            |  2 +-
>  meta/recipes-core/os-release/os-release.bb    |  2 ++
>  meta/recipes-core/systemd/systemd-conf_1.0.bb |  2 ++
>  .../systemd/systemd-serialgetty.bb            |  2 ++
>  meta/recipes-core/systemd/systemd_249.5.bb    | 29
> +++++++++++++++++--
>  .../volatile-binds/volatile-binds.bb          |  7 +++++
>  6 files changed, 41 insertions(+), 3 deletions(-)
> 
>  
>  
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> View/Reply Online (#158384): 
> https://lists.openembedded.org/g/openembedded-core/message/158384
> Mute This Topic: https://lists.openembedded.org/mt/87118013/3618072
> Group Owner: openembedded-core+owner@lists.openembedded.org
> Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
> [Qi.Chen@windriver.com]
> -=-=-=-=-=-=-=-=-=-=-=-
> 
> 
>  


[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

[PATCH v2 1/7] systemd: skip chown when building for nativesdk

[luca.boccassi]

From: Luca Boccassi <luca.boccassi@microsoft.com>

The useradd class is a no-op in the nativesdk case, so chown will fail.
Skip them.

Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
---
v2: use "${PN}" = "${BPN}" as suggested by reviewers

 meta/recipes-core/systemd/systemd_249.5.bb | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/meta/recipes-core/systemd/systemd_249.5.bb b/meta/recipes-core/systemd/systemd_249.5.bb
index 8bdc0ca028..2df2de0cf3 100644
--- a/meta/recipes-core/systemd/systemd_249.5.bb
+++ b/meta/recipes-core/systemd/systemd_249.5.bb
@@ -275,7 +275,10 @@ do_install() {
 		# which is expected to be empty.
 		rm -rf ${D}${localstatedir}/log
 	else
-		chown root:systemd-journal ${D}${localstatedir}/log/journal
+		# The useradd class is a no-op in the nativesdk case, so chown will fail
+		if [ "${PN}" = "${BPN}" ]; then
+			chown root:systemd-journal ${D}${localstatedir}/log/journal
+		fi
 
 		# journal-remote creates this at start
 		rm -rf ${D}${localstatedir}/log/journal/remote
@@ -319,7 +322,10 @@ do_install() {
 	if ${@bb.utils.contains('PACKAGECONFIG', 'polkit', 'true', 'false', d)}; then
 		if [ -d ${D}${datadir}/polkit-1/rules.d ]; then
 			chmod 700 ${D}${datadir}/polkit-1/rules.d
-			chown polkitd:root ${D}${datadir}/polkit-1/rules.d
+			# The useradd class is a no-op in the nativesdk case, so chown will fail
+			if [ "${PN}" = "${BPN}" ]; then
+				chown polkitd:root ${D}${datadir}/polkit-1/rules.d
+			fi
 		fi
 	fi
 
-- 
2.30.2

[PATCH v2 2/7] systemd: skip postinst in nativesdk builds

[luca.boccassi]

From: Luca Boccassi <luca.boccassi@microsoft.com>

They will fail, as there's nowhere to run them

Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
---
v2: use "${PN}" = "${BPN}" as suggested by reviewers

 meta/recipes-core/systemd/systemd_249.5.bb | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/meta/recipes-core/systemd/systemd_249.5.bb b/meta/recipes-core/systemd/systemd_249.5.bb
index 2df2de0cf3..ec9c350297 100644
--- a/meta/recipes-core/systemd/systemd_249.5.bb
+++ b/meta/recipes-core/systemd/systemd_249.5.bb
@@ -773,12 +773,18 @@ ALTERNATIVE_LINK_NAME[runlevel] = "${base_sbindir}/runlevel"
 ALTERNATIVE_PRIORITY[runlevel] ?= "300"
 
 pkg_postinst:${PN}:libc-glibc () {
+	if [ "${PN}" != "${BPN}" ]; then
+		exit 0
+	fi
 	sed -e '/^hosts:/s/\s*\<myhostname\>//' \
 		-e 's/\(^hosts:.*\)\(\<files\>\)\(.*\)\(\<dns\>\)\(.*\)/\1\2 myhostname \3\4\5/' \
 		-i $D${sysconfdir}/nsswitch.conf
 }
 
 pkg_prerm:${PN}:libc-glibc () {
+	if [ "${PN}" != "${BPN}" ]; then
+		exit 0
+	fi
 	sed -e '/^hosts:/s/\s*\<myhostname\>//' \
 		-e '/^hosts:/s/\s*myhostname//' \
 		-i $D${sysconfdir}/nsswitch.conf
@@ -786,6 +792,9 @@ pkg_prerm:${PN}:libc-glibc () {
 
 PACKAGE_WRITE_DEPS += "qemu-native"
 pkg_postinst:udev-hwdb () {
+	if [ "${PN}" != "${BPN}" ]; then
+		exit 0
+	fi
 	if test -n "$D"; then
 		$INTERCEPT_DIR/postinst_intercept update_udev_hwdb ${PKG} mlprefix=${MLPREFIX} binprefix=${MLPREFIX} rootlibexecdir="${rootlibexecdir}" PREFERRED_PROVIDER_udev="${PREFERRED_PROVIDER_udev}"
 	else
@@ -794,5 +803,8 @@ pkg_postinst:udev-hwdb () {
 }
 
 pkg_prerm:udev-hwdb () {
+	if [ "${PN}" != "${BPN}" ]; then
+		exit 0
+	fi
 	rm -f $D${sysconfdir}/udev/hwdb.bin
 }
-- 
2.30.2

[PATCH v2 3/7] systemd: remove /var in nativesdk builds

[luca.boccassi]

From: Luca Boccassi <luca.boccassi@microsoft.com>

Nothing picks it up, so it fails QA checks

Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
---
 meta/recipes-core/systemd/systemd_249.5.bb | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/meta/recipes-core/systemd/systemd_249.5.bb b/meta/recipes-core/systemd/systemd_249.5.bb
index ec9c350297..9993036aac 100644
--- a/meta/recipes-core/systemd/systemd_249.5.bb
+++ b/meta/recipes-core/systemd/systemd_249.5.bb
@@ -772,6 +772,11 @@ ALTERNATIVE_TARGET[runlevel] = "${base_bindir}/systemctl"
 ALTERNATIVE_LINK_NAME[runlevel] = "${base_sbindir}/runlevel"
 ALTERNATIVE_PRIORITY[runlevel] ?= "300"
 
+# Nothing picks up /var in the nativesdk case
+do_install_append_class-nativesdk () {
+	rm -rf ${D}/var
+}
+
 pkg_postinst:${PN}:libc-glibc () {
 	if [ "${PN}" != "${BPN}" ]; then
 		exit 0
-- 
2.30.2

[PATCH v2 4/7] systemd: remove volatile-binds RDEPENDS for nativesdk

[luca.boccassi]

From: Luca Boccassi <luca.boccassi@microsoft.com>

Not needed for SDK binaries

Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
---
v2: remove dependency instead of adding nativesdk to volatile-binds

 meta/recipes-core/systemd/systemd_249.5.bb | 1 +
 1 file changed, 1 insertion(+)

diff --git a/meta/recipes-core/systemd/systemd_249.5.bb b/meta/recipes-core/systemd/systemd_249.5.bb
index 9993036aac..2928a85c93 100644
--- a/meta/recipes-core/systemd/systemd_249.5.bb
+++ b/meta/recipes-core/systemd/systemd_249.5.bb
@@ -644,6 +644,7 @@ FILES:${PN}-dev += "${base_libdir}/security/*.la ${datadir}/dbus-1/interfaces/ $
 RDEPENDS:${PN} += "kmod dbus util-linux-mount util-linux-umount udev (= ${EXTENDPKGV}) systemd-udev-rules util-linux-agetty util-linux-fsck"
 RDEPENDS:${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'serial-getty-generator', '', 'systemd-serialgetty', d)}"
 RDEPENDS:${PN} += "volatile-binds"
+RDEPENDS_${PN}_remove_class-nativesdk = "volatile-binds"
 
 RRECOMMENDS:${PN} += "systemd-extra-utils \
                       udev-hwdb \
-- 
2.30.2

[PATCH v2 5/7] kbd: add nativesdk

[luca.boccassi]

From: Luca Boccassi <luca.boccassi@microsoft.com>

Required to build systemd tools

Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
---
 meta/recipes-core/kbd/kbd_2.4.0.bb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/recipes-core/kbd/kbd_2.4.0.bb b/meta/recipes-core/kbd/kbd_2.4.0.bb
index 7cb45eff77..7efc7af312 100644
--- a/meta/recipes-core/kbd/kbd_2.4.0.bb
+++ b/meta/recipes-core/kbd/kbd_2.4.0.bb
@@ -43,4 +43,4 @@ ALTERNATIVE:${PN} = "chvt deallocvt fgconsole openvt showkey \
                      ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'vlock','', d)}"
 ALTERNATIVE_PRIORITY = "100"
 
-BBCLASSEXTEND = "native"
+BBCLASSEXTEND = "native nativesdk"
-- 
2.30.2

[PATCH v2 6/7] os-release: add nativesdk

[luca.boccassi]

From: Luca Boccassi <luca.boccassi@microsoft.com>

Required to build systemd tools

Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
---
 meta/recipes-core/os-release/os-release.bb | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/meta/recipes-core/os-release/os-release.bb b/meta/recipes-core/os-release/os-release.bb
index 8847fe30c3..2f2aa66c46 100644
--- a/meta/recipes-core/os-release/os-release.bb
+++ b/meta/recipes-core/os-release/os-release.bb
@@ -51,3 +51,5 @@ do_install () {
 }
 
 FILES:${PN} += "${nonarch_libdir}/os-release"
+
+BBCLASSEXTEND = "nativesdk"
-- 
2.30.2

[PATCH v2 7/7] systemd: add nativesdk

[luca.boccassi]

From: Luca Boccassi <luca.boccassi@microsoft.com>

Allows using tools like systemd-analyze at build time and in
CI systems

Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
---
 meta/recipes-core/systemd/systemd-conf_1.0.bb    | 2 ++
 meta/recipes-core/systemd/systemd-serialgetty.bb | 2 ++
 meta/recipes-core/systemd/systemd_249.5.bb       | 2 ++
 3 files changed, 6 insertions(+)

diff --git a/meta/recipes-core/systemd/systemd-conf_1.0.bb b/meta/recipes-core/systemd/systemd-conf_1.0.bb
index 61ce7939d3..84de4d17cf 100644
--- a/meta/recipes-core/systemd/systemd-conf_1.0.bb
+++ b/meta/recipes-core/systemd/systemd-conf_1.0.bb
@@ -41,3 +41,5 @@ FILES:${PN} = "\
     ${systemd_unitdir}/system.conf.d/ \
     ${systemd_unitdir}/network/ \
 "
+
+BBCLASSEXTEND = "nativesdk"
diff --git a/meta/recipes-core/systemd/systemd-serialgetty.bb b/meta/recipes-core/systemd/systemd-serialgetty.bb
index 7ca951cdbd..f877e6ad18 100644
--- a/meta/recipes-core/systemd/systemd-serialgetty.bb
+++ b/meta/recipes-core/systemd/systemd-serialgetty.bb
@@ -50,3 +50,5 @@ FILES:${PN} = "${systemd_system_unitdir}/*.service ${sysconfdir}"
 PACKAGE_ARCH = "${MACHINE_ARCH}"
 
 ALLOW_EMPTY:${PN} = "1"
+
+BBCLASSEXTEND = "nativesdk"
diff --git a/meta/recipes-core/systemd/systemd_249.5.bb b/meta/recipes-core/systemd/systemd_249.5.bb
index 2928a85c93..445a50b1e3 100644
--- a/meta/recipes-core/systemd/systemd_249.5.bb
+++ b/meta/recipes-core/systemd/systemd_249.5.bb
@@ -773,6 +773,8 @@ ALTERNATIVE_TARGET[runlevel] = "${base_bindir}/systemctl"
 ALTERNATIVE_LINK_NAME[runlevel] = "${base_sbindir}/runlevel"
 ALTERNATIVE_PRIORITY[runlevel] ?= "300"
 
+BBCLASSEXTEND = "nativesdk"
+
 # Nothing picks up /var in the nativesdk case
 do_install_append_class-nativesdk () {
 	rm -rf ${D}/var
-- 
2.30.2

Re: [OE-core] [PATCH 1/8] systemd: skip chown when building for nativesdk

[Luca Boccassi]

[-- Attachment #1: Type: text/plain, Size: 1882 bytes --]

On Wed, 2021-11-17 at 18:32 +0000, Luca Boccassi wrote:
> On Wed, 2021-11-17 at 18:14 +0000, Peter Kjellerstedt wrote:
> > > -----Original Message-----
> > > From: openembedded-core@lists.openembedded.org
> > > <openembedded-core@lists.openembedded.org> On Behalf Of Luca
> > > Bocassi
> > > Sent: den 17 november 2021 13:32
> > > To: openembedded-core@lists.openembedded.org
> > > Cc: paul.eggleton@microsoft.com
> > > Subject: [OE-core] [PATCH 1/8] systemd: skip chown when building
> > > for nativesdk
> > > 
> > > From: Luca Boccassi <luca.boccassi@microsoft.com>
> > > 
> > > The useradd class is a no-op in the nativesdk case, so chown will
> > > fail.
> > > Skip them.
> > > 
> > > Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
> > > ---
> > >  meta/recipes-core/systemd/systemd_249.5.bb | 10 ++++++++--
> > >  1 file changed, 8 insertions(+), 2 deletions(-)
> > > 
> > > diff --git a/meta/recipes-core/systemd/systemd_249.5.bb
> > > b/meta/recipes-core/systemd/systemd_249.5.bb
> > > index 8bdc0ca028..2f019a4b1f 100644
> > > --- a/meta/recipes-core/systemd/systemd_249.5.bb
> > > +++ b/meta/recipes-core/systemd/systemd_249.5.bb
> > > @@ -275,7 +275,10 @@ do_install() {
> > >  		# which is expected to be empty.
> > >  		rm -rf ${D}${localstatedir}/log
> > >  	else
> > > -		chown root:systemd-journal
> > > ${D}${localstatedir}/log/journal
> > > +		# The useradd class is a no-op in the nativesdk
> > > case, so chown will fail
> > > +		if [ "${PN}" != "nativesdk-systemd" ]; then
> > 
> > If you change that if statement here and below to:
> > 
> > 		if [ "${PN}" = "${BPN}" ]; then
> > 
> > then it will apply just as well if anyone introduces systemd-native.
> 
> Thanks, will test that and send a v2 tomorrow if it is all green.

This works, thanks, applied in v2.

-- 
Kind regards,
Luca Boccassi

[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

Re: [OE-core] [PATCH 5/8] volatile-binds: add nativesdk

[Luca Boccassi]

[-- Attachment #1: Type: text/plain, Size: 1428 bytes --]

On Wed, 2021-11-17 at 17:42 +0000, Luca Boccassi wrote:
> On Wed, 2021-11-17 at 17:40 +0000, Richard Purdie wrote:
> > On Wed, 2021-11-17 at 12:31 +0000, Luca Bocassi wrote:
> > > From: Luca Boccassi <luca.boccassi@microsoft.com>
> > > 
> > > Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
> > > ---
> > >  meta/recipes-core/volatile-binds/volatile-binds.bb | 2 ++
> > >  1 file changed, 2 insertions(+)
> > > 
> > > diff --git a/meta/recipes-core/volatile-binds/volatile-binds.bb b/meta/recipes-core/volatile-binds/volatile-binds.bb
> > > index 66e28f4fc9..0f27353031 100644
> > > --- a/meta/recipes-core/volatile-binds/volatile-binds.bb
> > > +++ b/meta/recipes-core/volatile-binds/volatile-binds.bb
> > > @@ -84,3 +84,5 @@ do_install[dirs] = "${WORKDIR}"
> > >  do_install_append_class-nativesdk () {
> > >      rm -rf ${D}/var
> > >  }
> > > +
> > > +BBCLASSEXTEND = "nativesdk"
> > 
> > Is there any useful component left in volatile-binds in the SDK case? I don't
> > think we should be extending this as the recipe makes no sense. Rather nativesdk
> > variants probably shouldn't be depending upon it?
> 
> It's pulled in automatically. I don't know enough about yocto to be
> able to tell whether it's intentional and needed or not.

Looks like it's working without, so changed in v2 to remove the
dependency for nativesdk instead.

-- 
Kind regards,
Luca Boccassi

[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

Re: [OE-core] [PATCH v2 7/7] systemd: add nativesdk

[Alexander Kanavin]

[-- Attachment #1: Type: text/plain, Size: 2519 bytes --]

Once again, I do not want this accepted in oe-core, not until there's
equivalent native functionality.

Alex

On Fri, 19 Nov 2021 at 12:35, Luca Bocassi <luca.boccassi@gmail.com> wrote:

> From: Luca Boccassi <luca.boccassi@microsoft.com>
>
> Allows using tools like systemd-analyze at build time and in
> CI systems
>
> Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
> ---
>  meta/recipes-core/systemd/systemd-conf_1.0.bb    | 2 ++
>  meta/recipes-core/systemd/systemd-serialgetty.bb | 2 ++
>  meta/recipes-core/systemd/systemd_249.5.bb       | 2 ++
>  3 files changed, 6 insertions(+)
>
> diff --git a/meta/recipes-core/systemd/systemd-conf_1.0.bb
> b/meta/recipes-core/systemd/systemd-conf_1.0.bb
> index 61ce7939d3..84de4d17cf 100644
> --- a/meta/recipes-core/systemd/systemd-conf_1.0.bb
> +++ b/meta/recipes-core/systemd/systemd-conf_1.0.bb
> @@ -41,3 +41,5 @@ FILES:${PN} = "\
>      ${systemd_unitdir}/system.conf.d/ \
>      ${systemd_unitdir}/network/ \
>  "
> +
> +BBCLASSEXTEND = "nativesdk"
> diff --git a/meta/recipes-core/systemd/systemd-serialgetty.bb
> b/meta/recipes-core/systemd/systemd-serialgetty.bb
> index 7ca951cdbd..f877e6ad18 100644
> --- a/meta/recipes-core/systemd/systemd-serialgetty.bb
> +++ b/meta/recipes-core/systemd/systemd-serialgetty.bb
> @@ -50,3 +50,5 @@ FILES:${PN} = "${systemd_system_unitdir}/*.service
> ${sysconfdir}"
>  PACKAGE_ARCH = "${MACHINE_ARCH}"
>
>  ALLOW_EMPTY:${PN} = "1"
> +
> +BBCLASSEXTEND = "nativesdk"
> diff --git a/meta/recipes-core/systemd/systemd_249.5.bb
> b/meta/recipes-core/systemd/systemd_249.5.bb
> index 2928a85c93..445a50b1e3 100644
> --- a/meta/recipes-core/systemd/systemd_249.5.bb
> +++ b/meta/recipes-core/systemd/systemd_249.5.bb
> @@ -773,6 +773,8 @@ ALTERNATIVE_TARGET[runlevel] =
> "${base_bindir}/systemctl"
>  ALTERNATIVE_LINK_NAME[runlevel] = "${base_sbindir}/runlevel"
>  ALTERNATIVE_PRIORITY[runlevel] ?= "300"
>
> +BBCLASSEXTEND = "nativesdk"
> +
>  # Nothing picks up /var in the nativesdk case
>  do_install_append_class-nativesdk () {
>         rm -rf ${D}/var
> --
> 2.30.2
>
>
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> View/Reply Online (#158513):
> https://lists.openembedded.org/g/openembedded-core/message/158513
> Mute This Topic: https://lists.openembedded.org/mt/87165499/1686489
> Group Owner: openembedded-core+owner@lists.openembedded.org
> Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [
> alex.kanavin@gmail.com]
> -=-=-=-=-=-=-=-=-=-=-=-
>
>

[-- Attachment #2: Type: text/html, Size: 4848 bytes --]

Re: [OE-core] [PATCH v2 7/7] systemd: add nativesdk

[Luca Boccassi]

[-- Attachment #1: Type: text/plain, Size: 2583 bytes --]

On Fri, 2021-11-19 at 12:39 +0100, Alexander Kanavin wrote:
> Once again, I do not want this accepted in oe-core, not until there's
> equivalent native functionality.
> 
> Alex

As already mentioned, that's completely unrelated, and I do not have
the time nor the interest to invest weeks of my time working on that.
But arbitrarily rejecting patches is your prerogative of course, so
I'll just keep these changes out-of-tree then.

> On Fri, 19 Nov 2021 at 12:35, Luca Bocassi <luca.boccassi@gmail.com>
> wrote:
> > From: Luca Boccassi <luca.boccassi@microsoft.com>
> > 
> > Allows using tools like systemd-analyze at build time and in
> > CI systems
> > 
> > Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
> > ---
> >  meta/recipes-core/systemd/systemd-conf_1.0.bb    | 2 ++
> >  meta/recipes-core/systemd/systemd-serialgetty.bb | 2 ++
> >  meta/recipes-core/systemd/systemd_249.5.bb       | 2 ++
> >  3 files changed, 6 insertions(+)
> > 
> > diff --git a/meta/recipes-core/systemd/systemd-conf_1.0.bb
> > b/meta/recipes-core/systemd/systemd-conf_1.0.bb
> > index 61ce7939d3..84de4d17cf 100644
> > --- a/meta/recipes-core/systemd/systemd-conf_1.0.bb
> > +++ b/meta/recipes-core/systemd/systemd-conf_1.0.bb
> > @@ -41,3 +41,5 @@ FILES:${PN} = "\
> >      ${systemd_unitdir}/system.conf.d/ \
> >      ${systemd_unitdir}/network/ \
> >  "
> > +
> > +BBCLASSEXTEND = "nativesdk"
> > diff --git a/meta/recipes-core/systemd/systemd-serialgetty.bb
> > b/meta/recipes-core/systemd/systemd-serialgetty.bb
> > index 7ca951cdbd..f877e6ad18 100644
> > --- a/meta/recipes-core/systemd/systemd-serialgetty.bb
> > +++ b/meta/recipes-core/systemd/systemd-serialgetty.bb
> > @@ -50,3 +50,5 @@ FILES:${PN} =
> > "${systemd_system_unitdir}/*.service ${sysconfdir}"
> >  PACKAGE_ARCH = "${MACHINE_ARCH}"
> > 
> >  ALLOW_EMPTY:${PN} = "1"
> > +
> > +BBCLASSEXTEND = "nativesdk"
> > diff --git a/meta/recipes-core/systemd/systemd_249.5.bb
> > b/meta/recipes-core/systemd/systemd_249.5.bb
> > index 2928a85c93..445a50b1e3 100644
> > --- a/meta/recipes-core/systemd/systemd_249.5.bb
> > +++ b/meta/recipes-core/systemd/systemd_249.5.bb
> > @@ -773,6 +773,8 @@ ALTERNATIVE_TARGET[runlevel] =
> > "${base_bindir}/systemctl"
> >  ALTERNATIVE_LINK_NAME[runlevel] = "${base_sbindir}/runlevel"
> >  ALTERNATIVE_PRIORITY[runlevel] ?= "300"
> > 
> > +BBCLASSEXTEND = "nativesdk"
> > +
> >  # Nothing picks up /var in the nativesdk case
> >  do_install_append_class-nativesdk () {
> >         rm -rf ${D}/var


[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

Re: [OE-core] [PATCH 0/8] systemd: allow building for nativesdk

[ChenQi]

On 11/19/21 7:26 PM, Luca Boccassi wrote:
> On Fri, 2021-11-19 at 09:43 +0800, ChenQi wrote:
>> Hi Luca,
>>
>> If the real useful part is only about systemd-analyze in case of
>> nativesdk/native, I'd suggest adding systemd-analyze-native or
>> nativesdk-systemd-analyze instead of extending the current systemd
>> recipe.
>> This is because systemd has a whole bunch of dependencies which
>> basically make no sense in case of native/nativesdk. Looking at the
>> src/analyze/meson.build file, I guess it could be built
>> independently.
>>
>> Regards,
>> Qi
> Hi,
>
> Building individual binaries like that is not supported, so it cannot
> work.


Thanks for your clarification.

Regards,

Qi


>> On 11/17/21 8:31 PM, Luca Bocassi wrote:
>> From: Luca Boccassi <luca.boccassi@microsoft.com>
>>
>> systemd-analyze in the next release will gain the ability to
>> run the 'security' and 'verify' verbs offline, on local units.
>> This is very useful at build time and/or in CI systems to detect
>> errors and issues before changes are deployed, as a static
>> analyzer tool.
>> This series enables building the systemd recipe for the nativesdk
>> targets, so that systemd-analyze can be included in the SDK and
>> called by users/build systems/CI systems.
>>
>> Luca Boccassi (8):
>>    systemd: skip chown when building for nativesdk
>>    systemd: skip postinst in nativesdk builds
>>    systemd: remove /var in nativesdk builds
>>    volatile-binds: remove /var in nativesdk builds
>>    volatile-binds: add nativesdk
>>    kbd: add nativesdk
>>    os-release: add nativesdk
>>    systemd: add nativesdk
>>
>>   meta/recipes-core/kbd/kbd_2.4.0.bb            |  2 +-
>>   meta/recipes-core/os-release/os-release.bb    |  2 ++
>>   meta/recipes-core/systemd/systemd-conf_1.0.bb |  2 ++
>>   .../systemd/systemd-serialgetty.bb            |  2 ++
>>   meta/recipes-core/systemd/systemd_249.5.bb    | 29
>> +++++++++++++++++--
>>   .../volatile-binds/volatile-binds.bb          |  7 +++++
>>   6 files changed, 41 insertions(+), 3 deletions(-)
>>
>>   
>>   
>> -=-=-=-=-=-=-=-=-=-=-=-
>> Links: You receive all messages sent to this group.
>> View/Reply Online (#158384):
>> https://lists.openembedded.org/g/openembedded-core/message/158384
>> Mute This Topic: https://lists.openembedded.org/mt/87118013/3618072
>> Group Owner: openembedded-core+owner@lists.openembedded.org
>> Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
>> [Qi.Chen@windriver.com]
>> -=-=-=-=-=-=-=-=-=-=-=-
>>
>>
>>   

Re: [OE-core] [PATCH v2 4/7] systemd: remove volatile-binds RDEPENDS for nativesdk

[Richard Purdie]

On Fri, 2021-11-19 at 11:34 +0000, Luca Bocassi wrote:
> From: Luca Boccassi <luca.boccassi@microsoft.com>
> 
> Not needed for SDK binaries
> 
> Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
> ---
> v2: remove dependency instead of adding nativesdk to volatile-binds
> 
>  meta/recipes-core/systemd/systemd_249.5.bb | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/meta/recipes-core/systemd/systemd_249.5.bb b/meta/recipes-core/systemd/systemd_249.5.bb
> index 9993036aac..2928a85c93 100644
> --- a/meta/recipes-core/systemd/systemd_249.5.bb
> +++ b/meta/recipes-core/systemd/systemd_249.5.bb
> @@ -644,6 +644,7 @@ FILES:${PN}-dev += "${base_libdir}/security/*.la ${datadir}/dbus-1/interfaces/ $
>  RDEPENDS:${PN} += "kmod dbus util-linux-mount util-linux-umount udev (= ${EXTENDPKGV}) systemd-udev-rules util-linux-agetty util-linux-fsck"
>  RDEPENDS:${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'serial-getty-generator', '', 'systemd-serialgetty', d)}"
>  RDEPENDS:${PN} += "volatile-binds"
> +RDEPENDS_${PN}_remove_class-nativesdk = "volatile-binds"
>  
>  RRECOMMENDS:${PN} += "systemd-extra-utils \
>                        udev-hwdb \

This patch raises a few questions like how this is being tested?

The override syntax changed so the avoid would never have worked with master.

Also, I have a strong preference for not using remove operators in OE-Core, you
can usually rearrange things so that it isn't necessary. The reason for that is
that it is very hard to override these operations. I know we do have some but
minimising them is good.

Cheers,

Richard

Re: [OE-core] [PATCH v2 1/7] systemd: skip chown when building for nativesdk

[Richard Purdie]

On Fri, 2021-11-19 at 11:34 +0000, Luca Bocassi wrote:
> From: Luca Boccassi <luca.boccassi@microsoft.com>
> 
> The useradd class is a no-op in the nativesdk case, so chown will fail.
> Skip them.
> 
> Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
> ---
> v2: use "${PN}" = "${BPN}" as suggested by reviewers

I think that was bad advice since this would break multilib variants of the
systemd recipe and I'd much prefer this was conditional on nativesdk.

>  meta/recipes-core/systemd/systemd_249.5.bb | 10 ++++++++--
>  1 file changed, 8 insertions(+), 2 deletions(-)
> 
> diff --git a/meta/recipes-core/systemd/systemd_249.5.bb b/meta/recipes-core/systemd/systemd_249.5.bb
> index 8bdc0ca028..2df2de0cf3 100644
> --- a/meta/recipes-core/systemd/systemd_249.5.bb
> +++ b/meta/recipes-core/systemd/systemd_249.5.bb
> @@ -275,7 +275,10 @@ do_install() {
>  		# which is expected to be empty.
>  		rm -rf ${D}${localstatedir}/log
>  	else
> -		chown root:systemd-journal ${D}${localstatedir}/log/journal
> +		# The useradd class is a no-op in the nativesdk case, so chown will fail
> +		if [ "${PN}" = "${BPN}" ]; then
> +			chown root:systemd-journal ${D}${localstatedir}/log/journal
> +		fi
>  
>  		# journal-remote creates this at start
>  		rm -rf ${D}${localstatedir}/log/journal/remote


I'm guessing this is only failing on systems that don't have a systemd-jounral
group as it built ok for me?

The better way to fix this is probably to replicate what we have for native,
i.e. the entry in the class:

native.bbclass:PATH:prepend = "${COREBASE}/scripts/native-intercept:"

which puts a chown and chgrp into PATH which doesn't do anything. We could do
something similar for nativesdk and it would avoid the need for these if
statements and solve the problem generically.

I am also a bit concerned about some of the other "creeping" dependencies so I
experimented a little with master to see how much it could be cut down. I could
get working builds with the lines below:

"""
PACKAGECONFIG:remove:class-native = "vconsole xkbcommon sysvinit"
PACKAGECONFIG:append:class-native = " serial-getty-generator"
RDEPENDS:${PN}:remove:class-native = "volatile-binds"
RRECOMMENDS:${PN}:remove:class-native = "os-release systemd-conf"
RRECOMMENDS:${PN}-vconsole-setup:class-native = ""

PACKAGECONFIG:remove:class-nativesdk = "vconsole xkbcommon sysvinit"
PACKAGECONFIG:append:class-nativesdk = " serial-getty-generator"
RDEPENDS:${PN}:remove:class-nativesdk = "volatile-binds"
RRECOMMENDS:${PN}:remove:class-nativesdk = "os-release systemd-conf"
RRECOMMENDS:${PN}-vconsole-setup:class-nativesdk = ""

# Nothing picks up /var in the nativesdk case
do_install:append:class-nativesdk () {
       rm -rf ${D}/var
}

BBCLASSEXTEND = "native nativesdk"
"""

which removes the need to change os-release, kbd, systemd-conf and systemd-
getty. To merge, we'd want to restructure this to alter the variable
construction so we can avoid the use of the remove operator but it is an easy
way to test and evaluate the extent of changes needed.

The above also nearly has native builds working as well. To get that to build I
had to patch meson.build:

Index: git/meson.build
===================================================================
--- git.orig/meson.buildIndex: git/meson.build
===================================================================
--- git.orig/meson.build
+++ git/meson.build
@@ -745,7 +745,7 @@ conf.set('CONTAINER_UID_BASE_MAX', conta
 nobody_user = get_option('nobody-user')
 nobody_group = get_option('nobody-group')
 
-if not meson.is_cross_build()
+if false and not meson.is_cross_build()
         getent_result = run_command('getent', 'passwd', '65534')
         if getent_result.returncode() == 0
                 name = getent_result.stdout().split(':')[0]

since we want to use the "cross" codepath there regardless. That lets everything
build but I did then see errors due to absolute path symlinks which would likely
be fixable.

I did this mainly as I wanted to understand how much of systemd is being build
and packaged since many of these packages will not make sense in a SDK or a
native build. I think the final piece of patch which we'd need to be able to
merge something like this is to trim down what is being packaged up to the
pieces which are actually useful in the native or nativesdk cases.

Cheers,

Richard

Re: [OE-core] [PATCH v2 1/7] systemd: skip chown when building for nativesdk

[Konrad Weihmann]

I have sort of a general question regarding this patch series.

Last time I checked (and yeah it's been a while back) systemd-analyze 
wasn't self-containing, meaning it would have to have a running systemd 
process and at least a running dbus iirc.

Is that still the case?
If yes, how should that work here?
Do we want to spawn a systemd per workspace/SDK?
What about the weird setting that systemd somehow requires us to assign 
PID 1 to it?
What about systems that have already a systemd instance running - and 
what about the systems that don't?

And if not (and all of sudden systemd project finally decided to 
recognize the cross-compile use case), does this only apply to 
systemd-analyze?

I would be happy if you could shed some light on these questions. Thx

On 19.11.21 12:34, Luca Bocassi wrote:
> From: Luca Boccassi <luca.boccassi@microsoft.com>
> 
> The useradd class is a no-op in the nativesdk case, so chown will fail.
> Skip them.
> 
> Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
> ---
> v2: use "${PN}" = "${BPN}" as suggested by reviewers
> 
>   meta/recipes-core/systemd/systemd_249.5.bb | 10 ++++++++--
>   1 file changed, 8 insertions(+), 2 deletions(-)
> 
> diff --git a/meta/recipes-core/systemd/systemd_249.5.bb b/meta/recipes-core/systemd/systemd_249.5.bb
> index 8bdc0ca028..2df2de0cf3 100644
> --- a/meta/recipes-core/systemd/systemd_249.5.bb
> +++ b/meta/recipes-core/systemd/systemd_249.5.bb
> @@ -275,7 +275,10 @@ do_install() {
>   		# which is expected to be empty.
>   		rm -rf ${D}${localstatedir}/log
>   	else
> -		chown root:systemd-journal ${D}${localstatedir}/log/journal
> +		# The useradd class is a no-op in the nativesdk case, so chown will fail
> +		if [ "${PN}" = "${BPN}" ]; then
> +			chown root:systemd-journal ${D}${localstatedir}/log/journal
> +		fi
>   
>   		# journal-remote creates this at start
>   		rm -rf ${D}${localstatedir}/log/journal/remote
> @@ -319,7 +322,10 @@ do_install() {
>   	if ${@bb.utils.contains('PACKAGECONFIG', 'polkit', 'true', 'false', d)}; then
>   		if [ -d ${D}${datadir}/polkit-1/rules.d ]; then
>   			chmod 700 ${D}${datadir}/polkit-1/rules.d
> -			chown polkitd:root ${D}${datadir}/polkit-1/rules.d
> +			# The useradd class is a no-op in the nativesdk case, so chown will fail
> +			if [ "${PN}" = "${BPN}" ]; then
> +				chown polkitd:root ${D}${datadir}/polkit-1/rules.d
> +			fi
>   		fi
>   	fi
>   
> 
> 
> 
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> View/Reply Online (#158507): https://lists.openembedded.org/g/openembedded-core/message/158507
> Mute This Topic: https://lists.openembedded.org/mt/87165491/3647476
> Group Owner: openembedded-core+owner@lists.openembedded.org
> Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [kweihmann@outlook.com]
> -=-=-=-=-=-=-=-=-=-=-=-
> 

Re: [OE-core] [PATCH v2 1/7] systemd: skip chown when building for nativesdk

[Alexander Kanavin]

[-- Attachment #1: Type: text/plain, Size: 3564 bytes --]

Indeed; in the absence of tests that exercise this functionality - either
SDK tests, or direct bitbake tests - it's hard to say if
this is an experiment that may not be sustainable long term, or something
systemd upstream is actually committed to.

Alex

On Mon, 22 Nov 2021 at 14:57, Konrad Weihmann <kweihmann@outlook.com> wrote:

> I have sort of a general question regarding this patch series.
>
> Last time I checked (and yeah it's been a while back) systemd-analyze
> wasn't self-containing, meaning it would have to have a running systemd
> process and at least a running dbus iirc.
>
> Is that still the case?
> If yes, how should that work here?
> Do we want to spawn a systemd per workspace/SDK?
> What about the weird setting that systemd somehow requires us to assign
> PID 1 to it?
> What about systems that have already a systemd instance running - and
> what about the systems that don't?
>
> And if not (and all of sudden systemd project finally decided to
> recognize the cross-compile use case), does this only apply to
> systemd-analyze?
>
> I would be happy if you could shed some light on these questions. Thx
>
> On 19.11.21 12:34, Luca Bocassi wrote:
> > From: Luca Boccassi <luca.boccassi@microsoft.com>
> >
> > The useradd class is a no-op in the nativesdk case, so chown will fail.
> > Skip them.
> >
> > Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
> > ---
> > v2: use "${PN}" = "${BPN}" as suggested by reviewers
> >
> >   meta/recipes-core/systemd/systemd_249.5.bb | 10 ++++++++--
> >   1 file changed, 8 insertions(+), 2 deletions(-)
> >
> > diff --git a/meta/recipes-core/systemd/systemd_249.5.bb
> b/meta/recipes-core/systemd/systemd_249.5.bb
> > index 8bdc0ca028..2df2de0cf3 100644
> > --- a/meta/recipes-core/systemd/systemd_249.5.bb
> > +++ b/meta/recipes-core/systemd/systemd_249.5.bb
> > @@ -275,7 +275,10 @@ do_install() {
> >               # which is expected to be empty.
> >               rm -rf ${D}${localstatedir}/log
> >       else
> > -             chown root:systemd-journal ${D}${localstatedir}/log/journal
> > +             # The useradd class is a no-op in the nativesdk case, so
> chown will fail
> > +             if [ "${PN}" = "${BPN}" ]; then
> > +                     chown root:systemd-journal
> ${D}${localstatedir}/log/journal
> > +             fi
> >
> >               # journal-remote creates this at start
> >               rm -rf ${D}${localstatedir}/log/journal/remote
> > @@ -319,7 +322,10 @@ do_install() {
> >       if ${@bb.utils.contains('PACKAGECONFIG', 'polkit', 'true',
> 'false', d)}; then
> >               if [ -d ${D}${datadir}/polkit-1/rules.d ]; then
> >                       chmod 700 ${D}${datadir}/polkit-1/rules.d
> > -                     chown polkitd:root ${D}${datadir}/polkit-1/rules.d
> > +                     # The useradd class is a no-op in the nativesdk
> case, so chown will fail
> > +                     if [ "${PN}" = "${BPN}" ]; then
> > +                             chown polkitd:root
> ${D}${datadir}/polkit-1/rules.d
> > +                     fi
> >               fi
> >       fi
> >
> >
> >
> >
> >
> >
>
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> View/Reply Online (#158569):
> https://lists.openembedded.org/g/openembedded-core/message/158569
> Mute This Topic: https://lists.openembedded.org/mt/87165491/1686489
> Group Owner: openembedded-core+owner@lists.openembedded.org
> Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [
> alex.kanavin@gmail.com]
> -=-=-=-=-=-=-=-=-=-=-=-
>
>

[-- Attachment #2: Type: text/html, Size: 5507 bytes --]

Re: [OE-core] [PATCH v2 1/7] systemd: skip chown when building for nativesdk

[Luca Boccassi]

[-- Attachment #1: Type: text/plain, Size: 663 bytes --]

On Mon, 2021-11-22 at 14:57 +0100, Konrad Weihmann wrote:
> I have sort of a general question regarding this patch series.
> 
> Last time I checked (and yeah it's been a while back) systemd-analyze
> wasn't self-containing, meaning it would have to have a running
> systemd 
> process and at least a running dbus iirc.
> 
> Is that still the case?

That was the case only for some verbs - 'verify' does not need a
running instance. From v250 (next release) it will also be able to
operate on images/root directories.
The 'security' verb did need a running instance, but there's a new --
offline switch in v250.

-- 
Kind regards,
Luca Boccassi

[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 488 bytes --]

Re: [OE-core] [PATCH v2 4/7] systemd: remove volatile-binds RDEPENDS for nativesdk

[Luca Boccassi]

[-- Attachment #1: Type: text/plain, Size: 2054 bytes --]

On Mon, 2021-11-22 at 11:56 +0000, Richard Purdie wrote:
> On Fri, 2021-11-19 at 11:34 +0000, Luca Bocassi wrote:
> > From: Luca Boccassi <luca.boccassi@microsoft.com>
> > 
> > Not needed for SDK binaries
> > 
> > Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
> > ---
> > v2: remove dependency instead of adding nativesdk to volatile-binds
> > 
> >  meta/recipes-core/systemd/systemd_249.5.bb | 1 +
> >  1 file changed, 1 insertion(+)
> > 
> > diff --git a/meta/recipes-core/systemd/systemd_249.5.bb
> > b/meta/recipes-core/systemd/systemd_249.5.bb
> > index 9993036aac..2928a85c93 100644
> > --- a/meta/recipes-core/systemd/systemd_249.5.bb
> > +++ b/meta/recipes-core/systemd/systemd_249.5.bb
> > @@ -644,6 +644,7 @@ FILES:${PN}-dev +=
> > "${base_libdir}/security/*.la ${datadir}/dbus-1/interfaces/ $
> >  RDEPENDS:${PN} += "kmod dbus util-linux-mount util-linux-umount
> > udev (= ${EXTENDPKGV}) systemd-udev-rules util-linux-agetty util-
> > linux-fsck"
> >  RDEPENDS:${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'serial-
> > getty-generator', '', 'systemd-serialgetty', d)}"
> >  RDEPENDS:${PN} += "volatile-binds"
> > +RDEPENDS_${PN}_remove_class-nativesdk = "volatile-binds"
> >  
> >  RRECOMMENDS:${PN} += "systemd-extra-utils \
> >                        udev-hwdb \
> 
> This patch raises a few questions like how this is being tested?
> 
> The override syntax changed so the avoid would never have worked with
> master.
> 
> Also, I have a strong preference for not using remove operators in
> OE-Core, you
> can usually rearrange things so that it isn't necessary. The reason
> for that is
> that it is very hard to override these operations. I know we do have
> some but
> minimising them is good.
> 
> Cheers,
> 
> Richard

It was tested in a downstream dunfell branch, since that's what our
build system supports. I was not aware there had been a backward
incompatible syntax change, thanks for the hint.

-- 
Kind regards,
Luca Boccassi

[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 488 bytes --]

Re: [OE-core] [PATCH v2 1/7] systemd: skip chown when building for nativesdk

[Konrad Weihmann]

On 22.11.21 23:47, Luca Boccassi wrote:
> On Mon, 2021-11-22 at 14:57 +0100, Konrad Weihmann wrote:
>> I have sort of a general question regarding this patch series.
>>
>> Last time I checked (and yeah it's been a while back) systemd-analyze
>> wasn't self-containing, meaning it would have to have a running
>> systemd
>> process and at least a running dbus iirc.
>>
>> Is that still the case?
> 
> That was the case only for some verbs - 'verify' does not need a
> running instance. From v250 (next release) it will also be able to
> operate on images/root directories.
> The 'security' verb did need a running instance, but there's a new --
> offline switch in v250.
> 

Thanks for the background information.
I kind of agree with the voices raised in the discussion so far.

As the feature will be available only in a yet to be released version, I 
would propose to

- wait for the release of systemd 2.50
- build a native variant of the tools first
- package only what is really suitable for "offline" use
- add a nativesdk variant later on

And I think there should be some demo patch to use maybe the analyze 
part in insane bbclass or so, so we could first of all see the actual 
benefit of it and even more important can easily track down future 
regressions.

BTW you said you tested this primary on dunfell, what kind of makes me 
think how these pieces fit together, as dunfell (likely) will never get 
the support for the tools mentioned

Re: [OE-core] [PATCH v2 1/7] systemd: skip chown when building for nativesdk

[Luca Boccassi]

[-- Attachment #1: Type: text/plain, Size: 2462 bytes --]

On Wed, 2021-11-24 at 09:09 +0100, Konrad Weihmann wrote:
> 
> On 22.11.21 23:47, Luca Boccassi wrote:
> > On Mon, 2021-11-22 at 14:57 +0100, Konrad Weihmann wrote:
> > > I have sort of a general question regarding this patch series.
> > > 
> > > Last time I checked (and yeah it's been a while back) systemd-analyze
> > > wasn't self-containing, meaning it would have to have a running
> > > systemd
> > > process and at least a running dbus iirc.
> > > 
> > > Is that still the case?
> > 
> > That was the case only for some verbs - 'verify' does not need a
> > running instance. From v250 (next release) it will also be able to
> > operate on images/root directories.
> > The 'security' verb did need a running instance, but there's a new --
> > offline switch in v250.
> > 
> 
> Thanks for the background information.
> I kind of agree with the voices raised in the discussion so far.
> 
> As the feature will be available only in a yet to be released version, I 
> would propose to
> 
> - wait for the release of systemd 2.50
> - build a native variant of the tools first
> - package only what is really suitable for "offline" use
> - add a nativesdk variant later on
> 
> And I think there should be some demo patch to use maybe the analyze 
> part in insane bbclass or so, so we could first of all see the actual 
> benefit of it and even more important can easily track down future 
> regressions.

As mentioned earlier, I have no use for 'native' variants and whatever
an 'insane bbclass' is, so I will not be spending several weeks to make
these things work, sorry. I've got no issue at all if you don't want to
take this series, it's absolutely fine, all of these changes can be
done via bbappend anyway. My experience of working with yocto software
is so horribly painful and time-consuming that I'm not going to spend
one minute more on it than I have to.

> BTW you said you tested this primary on dunfell, what kind of makes me 
> think how these pieces fit together, as dunfell (likely) will never get 
> the support for the tools mentioned

It's tested _only_ on dunfell. We forwarded the systemd recipe to v247
on top of it, and then additional patches including the ones for this
functionality are backported. It's very easy to backport them, if you
are curious you can see the whole tree here:
https://github.com/bluca/systemd/commits/dunfell-msft-247

-- 
Kind regards,
Luca Boccassi

[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 833 bytes --]