Enable systemd service in Yocto - embedded-linux

I am trying to enable a systemd service automatically after successful boot of my STM32MP1 based Avnger96 board. I am using Yocto Project as build system with Ubuntu 20.04. My image recipe to enable systemd service is example-systemd.bb:
.
.
inherit systemd
SRC_URI = "file://example.sh \
file://example.service \
"
S = "${WORKDIR}"
SYSTEMD_AUTO_ENABLE_${PN} = "enable"
SYSTEMD_PACKAGES = "${PN}"
SYSTEMD_SERVICE_${PN} = "example.service"
do_install_append() {
install -d 644 ${D}${sysconfdir}/init.d
install -m 0755 ${WORKDIR}/example.sh ${D}${sysconfdir}/init.d
install -d ${D}${systemd_system_unitdir}
install -m 0644 ${WORKDIR}/example.service ${D}${systemd_system_unitdir}
}
FILES_${PN} += "${sysconfdir}/init.d"
FILES_${PN} += "${systemd_system_unitdir}/example.service"
REQUIRED_DISTRO_FEATURES= " systemd"
And included in my main image in local.conf with IMAGE_INSTALL_append = " example-systemd"
After building the image, bitbake -e (YOUR_IMAGE) | grep ^DISTRO_FEATURES= shows systemd.
But in my rootfs I can't find systemd/system directory with above service file. And also when I run systemctl status example I get the error -sh: systemctl: command not found.
Update
After including DISTRO_FEATURES_append= " systemd" in the example-service.bb, in the rootfs etc/systemd/system/multi-user.target.wants/ is created and it contains example.service file. But doing cat example.service results in cat: example.service: No such file or directory. Is this expected?
Can anyone please let me know how to run this service with systemd and how to check if service is installed and executed from linux user space?
And also I have one more doubt: Can both Systemd and Sysvinit exist together and some services are run by systemd and others by sysvinit?
Your help will be much appreciated.
Thanks in advance.
P.S: Please let me know if any info is missing here

Your project might still use systemv or something else as init manager instead of systemd.
You can enable systemd by adding these lines to your local.conf:
DISTRO_FEATURES_append = " systemd"
DISTRO_FEATURES_BACKFILL_CONSIDERED += "sysvinit"
VIRTUAL-RUNTIME_init_manager = "systemd"
VIRTUAL-RUNTIME_initscripts = "systemd-compat-units"

DISTRO_FEATURES_append = " systemd"

Related

How to build a working TPM2 image for Raspberry Pi with Yocto?

I want to build a Linux System with Yocto for the Raspberry Pi with enabled IMA & TPM2.0 support. Therefore I want to compile the kernel with IMA/EVM and TPM Configs and Recipes.
The IMA support should be enabled through the layer meta-secure-core/meta-integrity and adding DISTRO_FEATURE "ima", aswell as IMAGE_INSTALL_append "packagegroup-ima" for the tools. The TPM2 support should be enabled through the meta-security/meta-tpm layer and by adding MACHINE_FEATURES "tpm2" and installing "packagegroup-security-tpm2" via IMAGE_INSTALL_append.
Furthermore, if I understand it correctly, I need systemd as the init_manager.
Yocto Version (Thud/2.6.3). I tried Warrior but ran into build errors. This creates a 4.14.X Linux Kernel.
bblayers.conf:
BBLAYERS ?= " \
/<working-dir>/poky/meta \
/<working-dir>/poky/meta-poky \
/<working-dir>/poky/meta-yocto-bsp \
/<working-dir>/meta-openembedded/meta-oe \
/<working-dir>/meta-openembedded/meta-python \
/<working-dir>/meta-openembedded/meta-networking \
/<working-dir>/meta-openembedded/meta-perl \
/<working-dir>/meta-security \
/<working-dir>/meta-security/meta-tpm \
/<working-dir>/meta-secure-core/meta-integrity \
/<working-dir>/meta-raspberrypi \
"
local.conf:
MACHINE = "raspberrypi3"
...
DISTRO_FEATURES_append += "systemd ima"
VIRTUAL-RUNTIME_init_manager = "systemd"
MACHINE_FEATURES += "tpm2"
IMAGE_INSTALL_append += "packagegroup-security-tpm2 packagegroup-ima"
ENABLE_SPI_BUS = "1"
RPI_EXTRA_CONFIG = "\n \
dtoverlay=tpm-slb9670 \n"
Builds:
/<working-dir>/build/$ bitbake core-image-minimal
I expected the following entries in /proc/config.gz
For TPM:
CONFIG_HW_RANDOM_TPM=y
CONFIG_TCG_TPM=y
CONFIG_TCG_TIS_CORE=y
CONFIG_TCG_TIS=y
CONFIG_TCG_CRB=y
CONFIG_SECURITYFS=y
For IMA:
CONFIG_IMA=y
# CONFIG_IMA_KEXEC is not set
# CONFIG_IMA_LSM_RULES is not set
CONFIG_IMA_WRITE_POLICY=y
CONFIG_IMA_READ_POLICY=y
CONFIG_IMA_MEASURE_PCR_IDX=10
# CONFIG_IMA_TEMPLATE is not set
# CONFIG_IMA_NG_TEMPLATE=y is not set
CONFIG_IMA_SIG_TEMPLATE=y
CONFIG_IMA_DEFAULT_TEMPLATE="ima-sig"
# CONFIG_IMA_DEFAULT_HASH_SHA1 is not set
CONFIG_IMA_DEFAULT_HASH_SHA256=y
# CONFIG_IMA_DEFAULT_HASH_SHA512 is not set
# CONFIG_IMA_DEFAULT_HASH_WP512 is not set
CONFIG_IMA_DEFAULT_HASH="sha256"
CONFIG_IMA_APPRAISE=y
CONFIG_IMA_LOAD_X509=y
CONFIG_IMA_APPRAISE_BOOTPARAM=y
CONFIG_IMA_TRUSTED_KEYRING=y
CONFIG_IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY=y
CONFIG_IMA_BLACKLIST_KEYRING=y
CONFIG_IMA_X509_PATH="/etc/keys/x509_ima.der"
# CONFIG_IMA_APPRAISE_SIGNED_INIT is not set
However, searching on the built Linux on the Raspberry Pi for those settings none were enabled.
# modprobe configs
# cat /proc/config.gz | gunzip > running.conf
# cat running.conf | grep IMA
When I previously built for qemu, I didnt have those issues and I was able to confirm that my settings were enabled in the kernel. Only the tools like evmctl were installed.
Also, my settings for /boot/config.txt of the Raspi didnt seem to have an effect. In fact, there was no /boot/config.txt for me to open at all.
Ultimately, the TPM2 abrmd didnt start during boot (error msg) and I obviously couldnt access the TPM at /dev/tpm* via SPI.
What did I do wrong? I'm new to Yocto and System Building/Linux Kernel in general.
Incase it's related to the Kernel Version, I tried to build for 4.19 but got build errors. I also messed around with the meta-rpi layer from jumpnowtek but it didnt fix my problem. There is also a meta-intel-iot-security/meta-integrity layer but its not maintained.
you missed to modify the DTS.
I create a guide and a github project to insert TPM on Raspberry. Please see the following:
https://github.com/simonetolotti/meta-raspberrypi-web/tree/tpm

How to enable systemd support

I have built a system with Yocto 2.4.2 supporting systemd.
But there are some issues seemed to be missed in my configurations leading to failure of kernel starting. Any one can help ?
DISTRO_FEATURES_append = " systemd"
VIRTUAL-RUNTIME_init_manager = "systemd"
systemd and cgroup should be enabled together
systemd manager (local.conf)
DISTRO_FEATURES_append = " systemd"
VIRTUAL-RUNTIME_init_manager = "systemd"
For systemd handler (defconfig)
CONFIG_FHANDLE=y #for systemd
cgroups is required by systemd (defconfig)
CONFIG_CGROUPS=y
CONFIG_CGROUP_FREEZER=y
CONFIG_CGROUP_PIDS=y
CONFIG_CGROUP_DEVICE=y
CONFIG_CPUSETS=y
CONFIG_PROC_PID_CPUSET=y
CONFIG_CGROUP_CPUACCT=y
CONFIG_PAGE_COUNTER=y
CONFIG_MEMCG=y
CONFIG_CGROUP_SCHED=y
CONFIG_NAMESPACES=y
CONFIG_OVERLAY_FS=y
I had to enable cgroups in defconfig :)

Install bash on Alpine/Docker using qemu for ARM host

I am trying to create, at buildtime on an x86 host, a docker container
, for runtime on an ARM host. To do this you need to use qemu for cross compilation. I also want to use alpine linux since the image size is so small.
However I am encountering an unusual error that only happens at build time - a problem
installing bash.
My understanding is when running apk -U add bash, apk updates the package list
from the repositories and then installs the latest version of the package requested.
In then runs post-install scripts. It seems these post install scripts fail.
However, when I built the image without bash and then ran interactively the container
on the ARM host, and did apk fix && apk -U add bash it did the trick. Doing this
command at build time fails however.
How can I add bash at buildtime?
Dockerfile
FROM armhf/alpine:3.5
ENV CONSUL_PREFIX __CONSUL_PREFIX__
ENV CONSUL_SECRET_PREFIX __CONSUL_SECRET_PREFIX__
ENV QEMU_EXECVE 1
COPY deploy/qemu/qemu-arm-static /usr/bin/
RUN ["qemu-arm-static","/sbin/apk","fix"]
RUN ["qemu-arm-static","/sbin/apk","add","-U","bash"]
RUN ["qemu-arm-static","/sbin/apk","-U","add", \
"postgresql-client",\
"curl","vim",\
"tzdata","bc"]
RUN ["qemu-arm-static","/bin/cp","usr/share/zoneinfo/America/Los_Angeles","/etc/localtime"]
RUN ["qemu-arm-static","/bin/echo","America/Los_Angeles",">","/etc/timezone"]
RUN ["qemu-arm-static","/bin/rm","-rf","/var/cache/apk/*"]
RUN ["qemu-arm-static","/bin/sh"]
COPY deploy /usr/local/deploy
COPY deploy/default/bashrc /root/.bashrc
COPY deploy/default/vimrc /root/.vimrc
COPY src /src
Build log / Error
#C02NN3NBG3QT:dev-resources $ ./publish-image
+ : router-logs
+ : quay.io
+ : quay.io/skilbjo/router-logs
+ : skilbjo#github.com
++ echo router-logs
++ tr - _
+ : router_logs/config
++ echo router-logs
++ tr - _
+ : router_logs/secrets
+ cat ../deploy/default/Dockerfile
+ sed 's;__CONSUL_PREFIX__;router_logs/config;'
+ sed 's;__CONSUL_SECRET_PREFIX__;router_logs/secrets;'
+ IMAGE_TAG=dev
+ cd ..
++ git rev-parse HEAD
+ echo 0a865e3918d584b4377fad9afe9ba28a1dbe5968
+ docker build --rm -t quay.io/skilbjo/router-logs:dev .
Sending build context to Docker daemon 8.713 MB
Step 1 : FROM armhf/alpine:3.5
---> 3ddfeafc01f0
Step 2 : ENV CONSUL_PREFIX router_logs/config
---> Using cache
---> e2aae782f6d8
Step 3 : ENV CONSUL_SECRET_PREFIX router_logs/secrets
---> Using cache
---> 71c863da2558
Step 4 : ENV QEMU_EXECVE 1
---> Using cache
---> a7e80415d0d4
Step 5 : COPY deploy/qemu/qemu-arm-static /usr/bin/
---> Using cache
---> 265df9b6575f
Step 6 : RUN qemu-arm-static /sbin/apk fix
---> Using cache
---> def74ac67891
Step 7 : RUN qemu-arm-static /sbin/apk add -U bash
---> Running in 6f62d2ecd6b3
fetch http://dl-cdn.alpinelinux.org/alpine/v3.5/main/armhf/APKINDEX.tar.gz
fetch http://dl-cdn.alpinelinux.org/alpine/v3.5/community/armhf/APKINDEX.tar.gz
(1/5) Installing ncurses-terminfo-base (6.0-r7)
(2/5) Installing ncurses-terminfo (6.0-r7)
(3/5) Installing ncurses-libs (6.0-r7)
(4/5) Installing readline (6.3.008-r4)
(5/5) Installing bash (4.3.46-r5)
Executing bash-4.3.46-r5.post-install
ERROR: bash-4.3.46-r5.post-install: script exited with error 1
Executing busybox-1.25.1-r0.trigger
ERROR: busybox-1.25.1-r0.trigger: script exited with error 1
1 errors; 7 MiB in 16 packages
The command 'qemu-arm-static /sbin/apk add -U bash' returned a non-zero code: 1
Project repo is here: https://github.com/skilbjo/router-logs
I had a similar error using Buildx's multiarch option. It was fixed thanks to the following commands:
docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
docker buildx rm builder
docker buildx create --name builder --driver docker-container --use
docker buildx inspect --bootstrap
Thanks to this answer right here.
It turns out FROM armhf/alpine:3.5 is not good and FROM resin/armhf-alpine:3.5 will do the trick! I'd love to be able to see the commants from scratch that resulted in the armhf image being borked, but for now, this works!

Pulseaudio build issue in yocto

I am using Raspberry Pi 3 model B. I am facing build issue while building bitbake pulseaudio. Please find my configuration details:
Yocto : Jethro branch
pulseaudio.inc RDEPENDS_pulseaudio-server +=
"alsa-plugins-pulseaudio-conf"
we are using alsa-plugins_1.0.29.bb
bitbake pulseaudio
ERROR: Nothing RPROVIDES 'alsa-plugins-pulseaudio-conf' (but /home/guest/openembedded-core/meta/recipes-multimedia/pulseaudio/pulseaudio_6.0.bb RDEPENDS on or otherwise requires it)
NOTE: Runtime target 'alsa-plugins-pulseaudio-conf' is unbuildable, removing...
Missing or unbuildable dependency chain was: ['alsa-plugins-pulseaudio-conf']
ERROR: Required build target 'pulseaudio' has no buildable providers.
Missing or unbuildable dependency chain was: ['pulseaudio', 'alsa-plugins-pulseaudio-conf']
Based on the recipe the package alsa-plugins-pulseaudio-conf is generated if "pulseaudio" is in the alsa-plugins PACKAGECONFIG. By default that happens if your DISTRO_FEATURES includes "pulseaudio".
So check your DISTRO_FEATURES, ensure "pulseaudio" is in there (and make sure you don't modify the alsa-plugins PACKAGECONFIG in a bad way).
To see what your DISTRO_FEATURES contains:
bitbake -e pulseaudio |grep "^DISTRO_FEATURES="
To add pulseaudio if it's not there right now (you can do this in local or distro config):
DISTRO_FEATURES_append = " pulseaudio "
The whitespace preceding the feature name is required.
To check what PACKAGECONFIG is getting used for alsa-plugins (this should contain "pulseaudio"):
bitbake -e alsa-plugins|grep "^PACKAGECONFIG="

Not able to make tipc module

I am not able to build tipc module when executed Makefile using make command in the path /tipc-1.7.7-bundle/net/tipc. The errors comes as target not found. I extracted the tipc 1.7 package in root directory. My operating system is CentOs 6.3. The Makefile contents are
#
# Makefile for the Linux TIPC layer
#
obj-$(CONFIG_TIPC) := tipc.o
tipc-y += tipc_addr.o tipc_bcast.o tipc_bearer.o tipc_cfgsrv.o \
tipc_core.o tipc_handler.o tipc_link.o tipc_discover.o tipc_msg.o \
tipc_name_distr.o tipc_topsrv.o tipc_name_table.o tipc_net.o \
tipc_netlink.o tipc_node.o tipc_port.o tipc_ref.o \
tipc_socket.o tipc_user_reg.o tipc_dbg.o tipc_eth_media.o
# End of file
Please help, i am newbie to linux.

Resources