X-Git-Url: https://gerrit.o-ran-sc.org/r/gitweb?a=blobdiff_plain;f=meta-stx%2Frecipes-core%2Fstx-config-files%2Fconfig-files_1.0.0.bb;h=82d1092c67c50e75063fa7debdbd7d0cda7cbabf;hb=refs%2Fchanges%2F35%2F5035%2F1;hp=da6e6239820774a9f666cb429a1d9fe90f2bc947;hpb=ab95f3acbe79fad1cc71ddecfe94ca71fb048bb0;p=pti%2Frtp.git diff --git a/meta-stx/recipes-core/stx-config-files/config-files_1.0.0.bb b/meta-stx/recipes-core/stx-config-files/config-files_1.0.0.bb index da6e623..82d1092 100644 --- a/meta-stx/recipes-core/stx-config-files/config-files_1.0.0.bb +++ b/meta-stx/recipes-core/stx-config-files/config-files_1.0.0.bb @@ -49,9 +49,10 @@ SRC_URI = " \ file://util-linux-pam-postlogin.patch \ file://syslog-ng-config-parse-err.patch \ file://syslog-ng-config-systemd-service.patch \ - file://syslog-ng-conf-fix-the-source.patch \ file://syslog-ng-conf-replace-match-with-message.patch \ file://lighttpd-init-script-chroot.patch \ + file://nfsserver-remvoe-the-f-option-for-rpc.mountd.patch \ + file://nfsserver.service-add-dependency-on-rpcbind.service.patch \ " do_configure () { @@ -69,7 +70,6 @@ do_install () { tar -c $f -f - | tar -C ${D}/${datadir}/starlingx/config-files -xf -; done find ${D}/${datadir}/starlingx/config-files -name centos -exec rm -rf {} + - rm -rf ${D}/${datadir}/starlingx/config-files/centos-release-config chown -R root:root ${D}/${datadir}/starlingx/config-files/ # For io-scheduler-config @@ -80,6 +80,7 @@ do_install () { PACKAGES ?= "" PACKAGES += "audit-config" +PACKAGES += "centos-release-config" PACKAGES += "dhclient-config" PACKAGES += "dnsmasq-config" PACKAGES += "docker-config" @@ -111,6 +112,7 @@ PACKAGES += "util-linux-config" FILES_${PN} = "" FILES_audit-config = "${datadir}/starlingx/config-files/audit-config/" +FILES_centos-release-config = "${datadir}/starlingx/config-files/centos-release-config/" FILES_dhclient-config = "${datadir}/starlingx/config-files/dhcp-config/" FILES_dnsmasq-config = "${datadir}/starlingx/config-files/dnsmasq-config/" FILES_docker-config = "${datadir}/starlingx/config-files/docker-config/" @@ -146,7 +148,7 @@ RDEPENDS_audit-config += " \ audit-python \ " RDEPENDS_dhclient-config += "dhcp-client" -RDEPENDS_dnsmasq-config += "" +RDEPENDS_dnsmasq-config += "dnsmasq" RDEPENDS_docker-config += "docker-ce logrotate " RDEPENDS_initscripts-config += "initscripts" RDEPENDS_filesystem-scripts += "" @@ -250,6 +252,13 @@ pkg_postinst_ontarget_audit-config() { chmod 640 ${sysconfdir}/audisp/plugins.d/syslog.conf } +pkg_postinst_centos-release-config() { + sed 's/@PLATFORM_RELEASE@/${ORAN_REL}/' $D${datadir}/starlingx/config-files/centos-release-config/files/issue >> $D${sysconfdir}/issue + sed 's/@PLATFORM_RELEASE@/${ORAN_REL}/' $D${datadir}/starlingx/config-files/centos-release-config/files/issue.net >> $D${sysconfdir}/issue.net + chmod 644 $D${sysconfdir}/issue + chmod 644 $D${sysconfdir}/issue.net +} + pkg_postinst_ontarget_dhclient-config() { SRCPATH=${datadir}/starlingx/config-files/dhcp-config/files install -m 0755 -p ${SRCPATH}/dhclient-enter-hooks ${sysconfdir}/dhcp/dhclient-enter-hooks @@ -432,36 +441,39 @@ pkg_postinst_ontarget_net-snmp-config() { } -pkg_postinst_ontarget_nfs-utils-config() { +pkg_postinst_nfs-utils-config() { # %description # package customized configuration and service files of nfs-utils to system folder. - SRCPATH=${datadir}/starlingx/config-files/nfs-utils-config/files + SRCPATH=$D${datadir}/starlingx/config-files/nfs-utils-config/files - install -m 755 -p -D ${SRCPATH}/nfscommon ${sysconfdir}/init.d - install -m 644 -p -D ${SRCPATH}/nfscommon.service ${systemd_system_unitdir}/ - install -m 755 -p -D ${SRCPATH}/nfsserver ${sysconfdir}/init.d - install -m 644 -p -D ${SRCPATH}/nfsserver.service ${systemd_system_unitdir} - install -m 644 -p -D ${SRCPATH}/nfsmount.conf ${datadir}/starlingx/stx.nfsmount.conf + install -m 755 -p -D ${SRCPATH}/nfscommon $D${sysconfdir}/init.d + install -m 644 -p -D ${SRCPATH}/nfscommon.service $D${systemd_system_unitdir}/ + install -m 755 -p -D ${SRCPATH}/nfsserver $D${sysconfdir}/init.d + install -m 644 -p -D ${SRCPATH}/nfsserver.service $D${systemd_system_unitdir} + install -m 644 -p -D ${SRCPATH}/nfsmount.conf $D${datadir}/starlingx/stx.nfsmount.conf - cp -f ${datadir}/starlingx/stx.nfsmount.conf ${sysconfdir}/nfsmount.conf - chmod 644 ${sysconfdir}/nfsmount.conf + cp -f $D${datadir}/starlingx/stx.nfsmount.conf $D${sysconfdir}/nfsmount.conf + chmod 644 $D${sysconfdir}/nfsmount.conf - # STX - disable these service files as rpc-statd is started by nfscommon - /bin/systemctl disable rpc-statd.service - /bin/systemctl disable rpc-statd-notify.service - /bin/systemctl disable nfs-lock.service - /bin/systemctl disable nfslock.service - - /bin/systemctl enable nfscommon.service >/dev/null 2>&1 || : - /bin/systemctl enable nfsserver.service >/dev/null 2>&1 || : + # enable nfs services by default + OPTS="" + if [ -n "$D" ]; then + OPTS="--root=$D" + fi + if [ -z "$D" ]; then + systemctl daemon-reload + fi - # For now skiping the preun rule - #/bin/systemctl disable nfscommon.service >/dev/null 2>&1 || : - #/bin/systemctl disable nfsserver.service >/dev/null 2>&1 || : + systemctl $OPTS enable nfscommon.service + systemctl $OPTS enable nfsserver.service + if [ -z "$D" ]; then + systemctl --no-block restart nfscommon.service + systemctl --no-block restart nfsserver.service + fi } pkg_postinst_ontarget_ntp-config() { @@ -499,27 +511,43 @@ pkg_postinst_ontarget_openldap-config() { chmod 644 ${systemd_system_unitdir}/slapd } -pkg_postinst_ontarget_openssh-config() { +pkg_postinst_openssh-config() { # %description # package StarlingX configuration files of openssh to system folder. - SRCPATH=${datadir}/starlingx/config-files/openssh-config/files + SRCPATH=$D${datadir}/starlingx/config-files/openssh-config/files - install -m 644 ${SRCPATH}/sshd.service ${sysconfdir}/systemd/system/sshd.service - install -m 644 ${SRCPATH}/ssh_config ${datadir}/starlingx/ssh_config - install -m 600 ${SRCPATH}/sshd_config ${datadir}/starlingx/sshd_config + install -m 644 ${SRCPATH}/sshd.service $D${sysconfdir}/systemd/system/sshd.service + install -m 644 ${SRCPATH}/ssh_config $D${datadir}/starlingx/ssh_config + install -m 600 ${SRCPATH}/sshd_config $D${datadir}/starlingx/sshd_config # remove the unsupported and deprecated options sed -i -e 's/^\(GSSAPIAuthentication.*\)/#\1/' \ -e 's/^\(GSSAPICleanupCredentials.*\)/#\1/' \ -e 's/^\(UsePrivilegeSeparation.*\)/#\1/' \ - ${datadir}/starlingx/sshd_config + $D${datadir}/starlingx/sshd_config - sed -i -e 's/\(GSSAPIAuthentication yes\)/#\1/' ${datadir}/starlingx/ssh_config + sed -i -e 's/\(GSSAPIAuthentication yes\)/#\1/' $D${datadir}/starlingx/ssh_config - cp -f ${datadir}/starlingx/ssh_config ${sysconfdir}/ssh/ssh_config - cp -f ${datadir}/starlingx/sshd_config ${sysconfdir}/ssh/sshd_config + cp -f $D${datadir}/starlingx/ssh_config $D${sysconfdir}/ssh/ssh_config + cp -f $D${datadir}/starlingx/sshd_config $D${sysconfdir}/ssh/sshd_config + + # enable sshd service by default + OPTS="" + if [ -n "$D" ]; then + OPTS="--root=$D" + fi + if [ -z "$D" ]; then + systemctl daemon-reload + fi + + systemctl $OPTS enable sshd.service + + if [ -z "$D" ]; then + systemctl --no-block restart sshd.service + fi + } pkg_postinst_ontarget_openvswitch-config() { @@ -552,6 +580,9 @@ pkg_postinst_ontarget_pam-config() { cp -f ${datadir}/starlingx/stx.system-auth ${sysconfdir}/pam.d/system-auth cp -f ${datadir}/starlingx/sshd.pam ${sysconfdir}/pam.d/sshd + + sed -i -e '/password .*pam_ldap.so/,/session .*revoke/ s/^$/password required pam_deny.so\n/g' \ + ${sysconfdir}/pam.d/system-auth } pkg_postinst_ontarget_rabbitmq-server-config() { @@ -663,15 +694,6 @@ pkg_postinst_syslog-ng-config() { if [ -z "$D" ]; then systemctl --no-block restart syslog-ng.service fi - -# TODO -#preun: -# %systemd_preun syslog-ng.service -#postun: -# ldconfig -# %systemd_postun_with_restart syslog-ng.service -# systemctl daemon-reload 2>&1 || : -# systemctl try-restart } pkg_postinst_ontarget_systemd-config() {