ref-manual, dev-manual: Applied review edits (read-only rootfs and package repo)
A couple sets of review comments from Paul applied here. 1. Added the "read-only-rootfs" item to the EXTRA_IMAGE_FEATURES variable description and a link to the appropriate section in the dev-manual. 2. Pulled the how-to-create a package repository section out of the section on how to customize an image with the IMAGE_FEATURES and EXTRA_IMAGE_FEATURES section and made it a stand-alone section in the "Tasks" chapter of the dev-manual. 3. Integrated the SSH server example into the main topic because we don't want an isolated sub-section within a main topic. 4. In the image features section of the ref-manual, I fixed the link with the "read-only-rootfs" feature to go to the now-isolated section on how to do that instead of going to the customizing an image using the IMAGE_FEATURES and EXTRA_IMAGE_FEATURES variables section. (From yocto-docs rev: 9c79b5f40d8dc6b37fbe636a2459f89b70bd8ea8) Signed-off-by: Scott Rifenbark <scott.m.rifenbark@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
parent
9a98f403bd
commit
6f6d0a59e3
|
@ -630,62 +630,30 @@
|
|||
the <link linkend='build-directory'>Build Directory</link>.
|
||||
</para>
|
||||
|
||||
<section id='choosing-the-ssh-servers'>
|
||||
<title>Choosing the SSH Server</title>
|
||||
<para>
|
||||
To illustrate how you can use these variables to modify your
|
||||
image, consider an example that selects the SSH server.
|
||||
The Yocto Project ships with two SSH servers you can use
|
||||
with your images: Dropbear and OpenSSH.
|
||||
Dropbear is a minimal SSH server appropriate for
|
||||
resource-constrained environments, while OpenSSH is a
|
||||
well-known standard SSH server implementation.
|
||||
By default, the <filename>core-image-sato</filename> image
|
||||
is configured to use Dropbear.
|
||||
The <filename>core-image-basic</filename> and
|
||||
<filename>core-image-lsb</filename> images both
|
||||
include OpenSSH.
|
||||
The <filename>core-image-minimal</filename> image does not
|
||||
contain an SSH server.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
The Yocto Project ships with two SSH servers you can use
|
||||
with your images: Dropbear and OpenSSH.
|
||||
Dropbear is a minimal SSH server appropriate for
|
||||
resource-constrained environments, while OpenSSH is a
|
||||
well-known standard SSH server implementation.
|
||||
By default, the <filename>core-image-sato</filename> image
|
||||
is configured to use Dropbear.
|
||||
The <filename>core-image-basic</filename> and
|
||||
<filename>core-image-lsb</filename> images both
|
||||
include OpenSSH.
|
||||
The <filename>core-image-minimal</filename> image does not
|
||||
contain an SSH server.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
You can customize your image and change these defaults.
|
||||
Edit <filename>IMAGE_FEATURES</filename> variable
|
||||
so that it configures the image you are working with to
|
||||
include <filename>ssh-server-dropbear</filename> or
|
||||
<filename>ssh-server-openssh</filename>.
|
||||
</para>
|
||||
</section>
|
||||
|
||||
<section id='creating-a-read-only-root-filesystem'>
|
||||
<title>Creating a Read-Only Root Filesystem</title>
|
||||
|
||||
<para>
|
||||
Another example of customizing your image could be setting
|
||||
up a read-only filesystem.
|
||||
Suppose, for security reasons, you need to disable the
|
||||
your target device's root filesystem's write permisions
|
||||
(i.e. you need a read-only root filesystem).
|
||||
Or, perhaps you are running the device's operating system
|
||||
from a read-only storage device.
|
||||
For either case, you can customize your image for
|
||||
that behavior.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
To create a read-only root filesystem, simply add the
|
||||
"read-only-rootfs" feature to your image.
|
||||
Using either of the following statements in your
|
||||
image recipe or from within the
|
||||
<filename>local.conf</filename> file found in the Build
|
||||
Directory causes the build system to create a
|
||||
read-only root filesystem:
|
||||
<literallayout class='monospaced'>
|
||||
IMAGE_FEATURES = "read-only-rootfs"
|
||||
EXTRA_IMAGE_FEATURES = "read-only-rootfs"
|
||||
</literallayout>
|
||||
</para>
|
||||
</section>
|
||||
<para>
|
||||
You can customize your image and change these defaults.
|
||||
Edit <filename>IMAGE_FEATURES</filename> variable
|
||||
so that it configures the image you are working with to
|
||||
include <filename>ssh-server-dropbear</filename> or
|
||||
<filename>ssh-server-openssh</filename>.
|
||||
</para>
|
||||
</section>
|
||||
|
||||
<section id='usingpoky-extend-customimage-localconf'>
|
||||
|
@ -3447,6 +3415,44 @@
|
|||
</para>
|
||||
</section>
|
||||
|
||||
<section id='creating-a-read-only-root-filesystem'>
|
||||
<title>Creating a Read-Only Root Filesystem</title>
|
||||
|
||||
<para>
|
||||
Suppose, for security reasons, you need to disable the
|
||||
your target device's root filesystem's write permisions
|
||||
(i.e. you need a read-only root filesystem).
|
||||
Or, perhaps you are running the device's operating system
|
||||
from a read-only storage device.
|
||||
For either case, you can customize your image for
|
||||
that behavior.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
To create a read-only root filesystem, simply add the
|
||||
"read-only-rootfs" feature to your image.
|
||||
Using either of the following statements in your
|
||||
image recipe or from within the
|
||||
<filename>local.conf</filename> file found in the Build
|
||||
Directory causes the build system to create a
|
||||
read-only root filesystem:
|
||||
<literallayout class='monospaced'>
|
||||
IMAGE_FEATURES = "read-only-rootfs"
|
||||
EXTRA_IMAGE_FEATURES = "read-only-rootfs"
|
||||
</literallayout>
|
||||
</para>
|
||||
|
||||
<para>
|
||||
For more information on how to use these variables, see the
|
||||
"<link linkend='usingpoky-extend-customimage-imagefeatures'>Customizing Images Using Custom <filename>IMAGE_FEATURES</filename> and <filename>EXTRA_IMAGE_FEATURES</filename></link>"
|
||||
section.
|
||||
For information on the variables, see
|
||||
<ulink url='&YOCTO_DOCS_REF_URL;#var-IMAGE_FEATURES'><filename>IMAGE_FEATURES</filename></ulink>
|
||||
and <ulink url='&YOCTO_DOCS_REF_URL;#var-EXTRA_IMAGE_FEATURES'><filename>EXTRA_IMAGE_FEATURES</filename></ulink>.
|
||||
</para>
|
||||
</section>
|
||||
|
||||
|
||||
<section id="platdev-gdb-remotedebug">
|
||||
<title>Debugging With the GNU Project Debugger (GDB) Remotely</title>
|
||||
|
||||
|
|
|
@ -187,7 +187,7 @@
|
|||
<listitem><para><emphasis>read-only-fsroot:</emphasis> Creates
|
||||
an image whose root filesystem is read-only.
|
||||
See the
|
||||
"<ulink url='&YOCTO_DOCS_DEV_URL;#usingpoky-extend-customimage-imagefeatures'>Customizing Images Using Custom <filename>IMAGE_FEATURES</filename> and <filename>EXTRA_IMAGE_FEATURES</filename></ulink>"
|
||||
"<ulink url='&YOCTO_DOCS_DEV_URL;#creating-a-read-only-root-filesystem'>Creating a Read-Only Root Filesystem</ulink>"
|
||||
section in the Yocto Project Development Manual for more
|
||||
information.</para></listitem>
|
||||
<listitem><para><emphasis>splash:</emphasis> Enables showing a splash screen during boot.
|
||||
|
|
|
@ -967,12 +967,21 @@ Core layer for images cannot be removed
|
|||
including symbol information for debugging and
|
||||
profiling.
|
||||
|
||||
"debug-tweaks" - Makes an image suitable for development.
|
||||
For example, ssh root access has a blank
|
||||
password. You should remove this feature
|
||||
before you produce a production image.
|
||||
|
||||
"dev-pkgs" - Adds -dev packages for all installed packages.
|
||||
This is useful if you want to develop against
|
||||
the libraries in the image.
|
||||
|
||||
"tools-sdk" - Adds development tools such as gcc, make,
|
||||
pkgconfig and so forth.
|
||||
"read-only-rootfs" - Creates an image whose root
|
||||
filesystem is read-only. See the
|
||||
"<ulink url='&YOCTO_DOCS_DEV_URL;#creating-a-read-only-root-filesystem'>Creating a Read-Only Root Filesystem</ulink>"
|
||||
section in the Yocto Project
|
||||
Development Manual for more
|
||||
information
|
||||
|
||||
"tools-debug" - Adds debugging tools such as gdb and
|
||||
strace.
|
||||
|
@ -980,14 +989,13 @@ Core layer for images cannot be removed
|
|||
"tools-profile" - Adds profiling tools such as oprofile,
|
||||
exmap, lttng and valgrind (x86 only).
|
||||
|
||||
"tools-sdk" - Adds development tools such as gcc, make,
|
||||
pkgconfig and so forth.
|
||||
|
||||
"tools-testapps" - Adds useful testing tools such as
|
||||
ts_print, aplay, arecord and so
|
||||
forth.
|
||||
|
||||
"debug-tweaks" - Makes an image suitable for development.
|
||||
For example, ssh root access has a blank
|
||||
password. You should remove this feature
|
||||
before you produce a production image.
|
||||
</literallayout>
|
||||
</para>
|
||||
|
||||
|
|
Loading…
Reference in New Issue