I realize a yocto image for a raspberry pi 3. I want to install selinux on the image with the Meta-selinux. The compilation works, but selinux remains disabled even if it is in enforcing or permissive mode in the / etc / selinux / config file. I also tried adding "selinux = 1 security = selinux" in the cmdline.txt file of the bootloader, but selinux is still disabled.
Here is what I added in my local.conf:
RPI_USE_U_BOOT = "1"
ENABLE_UART = "1"
INHERIT += "rm_work"
DISTRO_FEATURES_append = " acl xattr pam selinux"
PREFERRED_PROVIDER_virtual/refpolicy = "refpolicy-mls"
IMAGE_INSTALL_append = " packagegroup-core-selinux"
Here is what I added in my bblayers.conf:
BBLAYERS ?= " \
/home/.../poky/meta \
/home/.../meta-poky \
/home/.../meta-yocto-bsp \
/home/.../meta-openembedded/meta-oe \
/home/.../meta-openembedded/meta-networking \
/home/.../meta-openembedded/meta-multimedia \
/home/.../meta-openembedded/meta-python \
/home/.../meta-selinux \
/home/.../meta-raspberrypi \
"
Thank you for your help.
Related
here is my bbappend file.
LICENSE = "MIT"
IMAGE_LINGUAS = " "
# User preferences
inherit extrausers
# Change root password (note the capital -P)
EXTRA_USERS_PARAMS = "\
usermod -P toor root; \
useradd -P michael -G sudo michael; \
useradd -P nfi -G sudo nfi; \
"
# uncomment the line %sudo ALL=(ALL) ALL in /etc/sudoers
modify_sudoers() {
sed 's/# %sudo/%sudo/' < ${IMAGE_ROOTFS}${sysconfdir}/sudoers > ${IMAGE_ROOTFS}${sysconfdir}/sudoers.tmp
mv ${IMAGE_ROOTFS}${sysconfdir}/sudoers.tmp ${IMAGE_ROOTFS}${sysconfdir}/ROOTFS
}
sudoers_POSTPROCESS_COMMAND_append = " modify_sudoers;"
IMAGE_INSTALL = "base-files \
base-passwd \
busybox \
mtd-utils \
mtd-utils-ubifs \
libconfig \
swupdate \
swupdate-www \
${#bb.utils.contains('SWUPDATE_INIT', 'tiny', 'virtual/initscripts-swupdate', 'initscripts systemd', d)} \
util-linux-sfdisk \
mmc-utils \
e2fsprogs-resize2fs \
lua \
debugconfigs \
"
IMAGE_FSTYPES = "ext4.gz.u-boot ext4 cpio.gz.u-boot"
PACKAGE_EXCLUDE += " jailhouse kernel-module-jailhouse libncursesw5 libpanelw5 libpython3 python3* perl* apt dpkg "
SRC_URI += "file://set-ttymxc0-permissions.sh"
do_install() {
install -d ${D}${sysconfdir}/init.d
install -m 0755 ${WORKDIR}/set-ttymxc0-permissions.sh ${D}${sysconfdir}/init.d/
}
addtask install after do_build
I am using SWUpdate. I can build their kernel and run it on my device. However I cannot login as root or any user I have created. It seems this could be related to user permissions in the getty serial terminal ttymxc0. So I am attempting to add a script to init.d. The script contains
#!/bin/sh
# Set permissions on ttymxc0
chmod 660 /dev/ttymxc0
chown root:tty /dev/ttymxc0
The bitbake file I am appending to is swupdate-image.bb. This file does not do much. It does not have a do_install section. So I am attempting to add one. However it is never run. Can anyone speculate as to why?
You actually noticed that the file swupdate-image.bb require an other file swupdate-image.inc.
You should pay attention to this line:
${#bb.utils.contains('SWUPDATE_INIT', 'tiny', 'virtual/initscripts-swupdate', 'initscripts systemd', d)} \
${#bb.utils.contains() is a (Python) function. Basically it will check the SWUPDATE_INIT variable, if there is a match with tiny then it will return virtual/initscripts-swupdate to IMAGE_INSTALL. Else, it will return initscripts systemd to IMAGE_INSTALL.
So you should only set your variable SWUPDATE_INIT= "tiny" in a .bbappend file.
Adding this should install rcS.swupdate in your final image according to initscripts-swupdate recipe:
https://github.com/sbabic/meta-swupdate/blob/master/recipes-core/initscripts-swupdate/initscripts-swupdate-usb.bb
N.B: I have noticed that you added resize2fs. If you want to add this binary make sure that the right kernel flag is set ! You will more likely need to create a .bbappend file and add the following :
EXTRA_OECONF_append_class-target = " --enable-resizer"
In the Transformer's library framework, by HuggingFace only the evaluation step metrics are outputted to a file named eval_resuls_{dataset}.txt in the "output_dir" when running run_glue.py. In the eval_resuls file, there are the metrics associated with the dataset. e.g., accuracy for MNLI and the evaluation loss.
Can a parameter be passed to run_glue.py to generate a training_results_{dataset}.txt file that tracks the training loss? Or would I have to build the functionality myself?
My file named run_python_script_glue.bash:
GLUE_DIR=../../huggingface/GLUE_SMALL/
TASK_NAME=MNLI
ID=OT
python3 run_glue.py \
--local_rank -1 \
--seed 42 \
--model_type albert \
--model_name_or_path albert-base-v2 \
--task_name $TASK_NAME \
--do_train \
--do_eval \
--data_dir $GLUE_DIR/$TASK_NAME \
--max_seq_length 128 \
--per_gpu_train_batch_size 8 \
--per_gpu_eval_batch_size 8 \
--gradient_accumulation_steps 2\
--learning_rate 3e-5 \
--max_steps -1 \
--warmup_steps 1000\
--doc_stride 128 \
--num_train_epochs 3.0 \
--save_steps 9999\
--output_dir ./results/GLUE_SMALL/$TASK_NAME/ALBERT/$ID/ \
--do_lower_case \
--overwrite_output_dir \
--label_noise 0.2\
--att_kl 0.01\
--att_se_hid_size 16\
--att_se_nonlinear relu\
--att_type soft_attention \
--adver_type ot \
--rho 0.5 \
--model_type whai \
--prior_gamma 2.70 \
--three_initial 0.0
In the trainer.py file in the transformer library, the training loss variable during the training step is called tr_loss.
tr_loss = self._training_step(model, inputs, optimizer, global_step)
loss_scalar = (tr_loss - logging_loss) / self.args.logging_steps
logs["loss"] = loss_scalar
logging_loss = tr_loss
In the code, the training loss is first scaled by the logging steps and later passed to a logs dictionary. The logs['loss'] is later printed to the terminal but not to a file. Is there a way to upgrade this to include an update to a txt file?
Background:
Syntax highlighting for perl files is extremely slow at times for large files (1k+ lines).
I profiled using:
:syntime on
"*** Do some slow actions ***
:syntime report
There were many slowly performaning regions, like: perlStatementProc
I significantly improved performance by removing some of the slowly performing syntax regions (there are more):
:syntax clear perlStatementProc
Now I want to use this vimrc with these improvements on a different machine which may not have a specific region defined.
I am seeing this ERROR when opening Vim:
E28: No such highlight group name: perlStatementProc
How can I check if the syntax region name perlStatementProc exists?
I found out about hlexists and implemented this solution in my vimrc:
" Remove some syntax highlighting from large perl files.
function! RemovePerlSyntax()
if line('$') > 1000
let perl_syntaxes = [
\ "perlStatementProc",
\ "perlMatch",
\ "perlStatementPword",
\ "perlQR",
\ "perlQW",
\ "perlQQ",
\ "perlQ",
\ "perlStatementIndirObjWrap",
\ "perlVarPlain",
\ "perlVarPlain",
\ "perlOperator",
\ "perlStatementFiledesc",
\ "perlStatementScalar",
\ "perlStatementInclude",
\ "perlStatementNumeric",
\ "perlStatementSocket",
\ "perlFloat",
\ "perlFormat",
\ "perlStatementMisc",
\ "perlStatementFiles",
\ "perlStatementList",
\ "perlStatementIPC",
\ "perlStatementNetwork",
\ "perlStatementTime",
\ "perlStatementIOfunc",
\ "perlStatementFlow",
\ "perlStatementControl",
\ "perlHereDoc",
\ "perlHereDocStart",
\ "perlVarPlain2",
\ "perlVarBlock",
\ "perlVarBlock2",
\ "perlDATA",
\ "perlControl",
\ "perlStatementHash",
\ "perlStatementVector",
\ "perlIndentedHereDoc",
\ "perlLabel",
\ "perlConditional",
\ "perlRepeat",
\ "perlNumber",
\ "perlStatementRegexp",
\ ]
for perl_syntax in perl_syntaxes
" NEW - Was missing this check before.
if hlexists( perl_syntax )
exec "syntax clear " . perl_syntax
endif
endfor
let b:remove_perl_syntax = 1
else
let b:remove_perl_syntax = 0
endif
endfunction
augroup remove_perl_syntax
autocmd!
autocmd BufNewFile,BufRead,BufReadPost,FileType perl call RemovePerlSyntax()
augroup END
I've been trying to generate minimal extensible sdk using Yocto 2.5 Sumo. I've cloned only the poky and meta-openembedded repositories. In local.conf I've set the SDK type to minimal and set SDK_INCLUDE_PKGDATA. During the last task (do_populate_sdk_ext) bitbake throws that locked-sigs-pkgdata.inc is not found in this directory
tmp/work/genericx86_64-poky-linux/core-image-minimal/1.0-r0/recipe-sysroot/world-pkgdata/
Find shows that this file is avaible here
./tmp/work/genericx86_64-poky-linux/meta-world-pkgdata/1.0-r0/image/world-pkgdata/locked-sigs-pkgdata.inc
./tmp/work/genericx86_64-poky-linux/meta-world-pkgdata/1.0-r0/recipe-sysroot/world-pkgdata/locked-sigs-pkgdata.inc
When I copy this file from on of above directories eSDK is correctly generated. I believe that this should be done automatically by one of recipe for poky/meta-openembedded. Probably I miss some config, but I'am unable to correctly identify the source of this problem.
Here is my bblayers.conf:
POKY_BBLAYERS_CONF_VERSION = "2"
BBPATH = "${TOPDIR}"
BBFILES ?= ""
BBLAYERS ?= " \
/work/build/yocto/poky/meta \
/work/build/yocto/poky/meta-poky \
/work/build/yocto/poky/meta-yocto-bsp \
/work/build/yocto/meta-openembedded/meta-oe \
/work/build/yocto/meta-openembedded/meta-python \
/work/build/yocto/meta-openembedded/meta-multimedia \
/work/build/yocto/meta-openembedded/meta-perl \
/work/build/yocto/meta-openembedded/meta-gnome \
/work/build/yocto/meta-openembedded/meta-filesystems \
/work/build/yocto/meta-openembedded/meta-initramfs \
/work/build/yocto/meta-openembedded/meta-networking \
/work/build/yocto/openembedded-core/meta \
"
And my local.conf:
MACHINE = "genericx86-64"
BUILD_ARCH ?= "x86_64"
SDKMACHINE ?= "x86_64"
SDK_UPDATE_URL ?= "http://my-url/sdk-updater"
SDK_EXT_TYPE = "minimal"
SDK_INCLUDE_TOOLCHAIN = "0"
SDK_INCLUDE_PKGDATA = "1"
SSTATE_MIRRORS_append = " file://.* http://my-url/sstate/PATH \n"
DISTRO ?= "poky"
PACKAGE_CLASSES ?= "package_ipk"
LICENSE_FLAGS_WHITELIST = "commercial"
CONF_VERSION = "1"
I've tested
core-image-full-cmdline
and
core-image-minimal-dev
on both I've the same problem.
Thanks for any help and clues how to resolve this issue.
I've installed Yocto 1.6 and run the bitbake to set up the toolchain, following the tutorial written by Daiane Angolini. While I see most of the boost libraries under $SDKTARGETSYSROOT/usr/lib, there seems to be no libboost_log.a nor libboost_log_setup.a. I believe these were introduced with Boost 1.55, and that Yocto 1.6 has moved to Boost 1.55. Shouldn't they be there, or have I done something wrong?
My .../fsl-community-bsp/build/conf/local.conf:
BB_NUMBER_THREADS ?= "${#oe.utils.cpu_count()}"
PARALLEL_MAKE ?= "-j ${#oe.utils.cpu_count()}"
MACHINE ??= 'imx6qsabresd'
DISTRO ?= 'poky'
PACKAGE_CLASSES ?= "package_rpm"
EXTRA_IMAGE_FEATURES = "debug-tweaks tools-sdk"
USER_CLASSES ?= "buildstats image-mklibs image-prelink"
PATCHRESOLVE = "noop"
BB_DISKMON_DIRS = "\
STOPTASKS,${TMPDIR},1G,100K \
STOPTASKS,${DL_DIR},1G,100K \
STOPTASKS,${SSTATE_DIR},1G,100K \
ABORT,${TMPDIR},100M,1K \
ABORT,${DL_DIR},100M,1K \
ABORT,${SSTATE_DIR},100M,1K"
PACKAGECONFIG_pn-qemu-native = "sdl"
PACKAGECONFIG_pn-nativesdk-qemu = "sdl"
ASSUME_PROVIDED += "libsdl-native"
CONF_VERSION = "1"
BB_NUMBER_THREADS = '1'
PARALLEL_MAKE = '-j 1'
DL_DIR ?= "${BSPDIR}/downloads/"
ACCEPT_FSL_EULA = ""
CORE_IMAGE_EXTRA_INSTALL += "boost"
The right way is to extend the existing recipe. In fact, you normally never change a 3rd-party recipe directly. This means, you are creating your own "recipes-support/boost/" folder which includes a file called "boost_%.bbappend".
'%' means that the boost version is not of interest. 'bbappend' means that you extend the existing boost-recipe. This file contains only one line:
BOOST_LIBS += " log"
In order to add log library you should edit boost recipe file.
In this example you should edit boost.inc.
To add log, atomic and loace libraries, replace
BOOST_LIBS = "\
date_time \
filesystem \
graph \
iostreams \
program_options \
regex \
serialization \
signals \
system \
test \
thread \
"
with
BOOST_LIBS = "\
date_time \
filesystem \
graph \
iostreams \
program_options \
regex \
serialization \
signals \
system \
test \
thread \
log \
atomic \
locale
"