Age | Commit message (Collapse) | Author |
|
This patch adds escaping for special characters in file names
for the tar commands used to install files into target file system.
Particularly it fixes installation of nodejs libs having '#'
and '@' in file names.
Signed-off-by: Dmitry Rozhkov <dmitry.rozhkov@linux.intel.com>
|
|
swupd upstream expects its host OS, i.e. Clear Linux, to be stateless and
thus by default ignores configuration file changes in the manifests.
Add a configure option to swupd-client to not ignore these files, matching
a similar change in swupd-server to ensure config files are included in
the manifests.
Do not enable this option by default in our recipe as we have several files
in /etc which are generated/modified on first-boot and will cause a
swupd verify to fail.
[YOCTO #9199]
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
The patch makes the function deduplicate_files_from_manifest()
return correct value always.
Signed-off-by: Dmitry Rozhkov <dmitry.rozhkov@linux.intel.com>
|
|
The layer's users are supposed to create their own update
repos. Not setting --url may lead to downloading updates
from the default repo which is http://downloads.clearlinux.com/update
Signed-off-by: Dmitry Rozhkov <dmitry.rozhkov@linux.intel.com>
|
|
Errors are now printed including the "staging" filename (and without
segfaulting, which was already fixed by the previous patch), and
download performance is a lot better on Ostro OS where IMA is active
and affects the performance of the close() syscall.
The download performance patch was also ported to current swupd
master, see https://github.com/clearlinux/swupd-client/pull/42. It
does not get included here because there is a chance to get it
via an upstream update, whereas that is unlikely for 2.87.
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
|
|
In many error situations a fake file struct is passed to
the logger. The filename field of the struct needs to be
checked for NULL before printing it to a log to avoid
dereference of a NULL-pointer.
Signed-off-by: Dmitry Rozhkov <dmitry.rozhkov@linux.intel.com>
|
|
Switch 3.3.0 recipe to using bsdtar, align DEPENDS, RDEPENDS and
EXTRA_OECONF settings.
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
This patch adds bsdtar support to swupd-client and swupd-server
and enables it.
The reason why it's done this way is that:
- bsdtar works better with IMA (opens files only once and then
updates content and xattrs together);
- swupd remains fully functional, including xattrs support,
even when a distro disables GPLv3 licensed code.
Signed-off-by: Dmitry Rozhkov <dmitry.rozhkov@linux.intel.com>
|
|
This initial layer version provides an initial set of metadata to enable
integration of the swupd (https://clearlinux.org/features/software-update)
software updater into an image.
Approach:
An image that inherits the swupd-image bbclass will automatically have
bundle 'chroots' created which contain the filesystem contents of the
specified bundles, with the contents of the inheriting image forming the
default os-core bundle.
The mechanism to achieve this is that several virtual image recipes are
created using the swupdbundle class, one for each defined bundle plus a
'mega' image recipe. The 'mega' image contains the base image plus the
contents of all of the bundles, whilst bundle images contain only the
base image plus the contents of a single bundle.
We build the mega image first, then the base image (the one which
inherits this class) and finally all of the bundle images. Each
non-mega image has a manifest generated that lists the file contents
of the image.
We took the approach of building images, rather than populating the
chroot-like bundle directories with a package manager, because various
layers and recipes make changes to the rootfs contents outside of the
package manager, particularly with IMAGE_POSTPROCESS_COMMAND, etc.
Once the images and their manifests have been created each bundle image
manifest is compared to the base image manifest in order to generate a list
of files in the bundle image which don't exist in the base image.
Files in this list are then preserved in the bundle directory for
processing by swupd-server in order to generate update artefacts.
Finally the binaries from swupd-server are called on the bundle directories
to generate the artefacts for consumption by a swupd client.
How to:
* inherit the swupd-image class in your core OS image. swupd-based OS's use
bundles, the primary one of which, os-core, is defined as the contents of
this image.
* Assign a list of names for bundles you wish to generate to the
SWUPD_BUNDLES variable i.e.
SWUPD_BUNDLES = "feature_one feature_two"
* Assign a list of packages for which their content should be included in a
bundle to a varflag of BUNDLE_CONTENTS which matches the bundle name i.e.
BUNDLE_CONTENTS[feature_one] = "package_one package_three package_six"
* Ensure the OS_VERSION variable is assigned an integer value and increased
before each image build which should generate swupd update artefacts.
This variable must echo the same version number as is used to set the
VERSION_ID field of os-release as swupd-client will use it to check for
updates.
* Publish the contents of
${DEPLOY_DIR}/swupd/${MACHINE}/${IMAGE_BASENAME}/www on a server for
consumption by swupd-client
* Use swupd client sub-commands with the -u argument pointing to the
contents published above
Known issues:
* shared pseudo database: the bundle chroot-like directories are generated
per-recipe and processed by a task of the inheriting recipe. In order for
the files generated outside of the base recipe to have correct
permissions when processed by swupd-server we need to share a pseudo
database across the recipes.
This database is currently never cleaned up, which is likely to cause
headaches due to the way pseudo operates on inodes that could be reused
outside of pseudo's influence. We have yet to determine an appropriate
time to perform housekeeping on this database (we essentially need the
database to be removed when DEPLOY_DIR_SWUPD is removed).
* oe-swupd-helpers: this recipe provides stub implementations only of some
swupd-client helpers. Anyone wishing to utilise swupd in a deployed image
will need to at least override kernel_updater.sh and
systemdboot_updater.sh.
* hard-coded paths: swupd assumes Clear Linux as a host OS and hard-codes
several paths to directories, programs and configuration files on Clear.
* builds a lot of images: due to the approach taken there are n+2 images
built, where n is the number of bundles defined in SWUPD_BUNDLES.
* creates a lot of duplicate files: due to the way swupd works by
processing chroot-like bundle directories on each os release we
potentially end up carrying a lot of duplicate files in DEPLOY_DIR_SWUPD.
We intend to look at using the hardlink program to replace duplicate
files in that directory with hard links in order to save disk space.
* requires far more testing: there are a lot of combinations of bundle
contents, rootfs modification commands (IMAGE_POSTPROCESS_COMMAND,
IMAGE_PREPROCESS_COMMAND, etc) that can affect the inputs to swupd and
our testing has likely missed areas of issue.
* OS_VERSION: introduces a new variable for the OS version number when we
already have a DISTRO_VERSION variable. This was done because swupd makes
various assumptions about the version number which aren't necessarily
true for traditional DISTRO_VERSION values in OE et al.
Co-authored-by: Mariano Lopez <mariano.lopez@linux.intel.com>
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|