rauc: add recipe

Signed-off-by: Jan Luebbe <jluebbe@debian.org>

[hfreyther: Do not use AUTOREV. Merged all follow-up commits]
neels/inmarsat
Jan Luebbe 8 years ago committed by Holger Hans Peter Freyther
parent 28ce8b07da
commit 50a86a5528
  1. 184
      recipes-extra/rauc/files/dev-ca.pem
  2. 12
      recipes-extra/rauc/files/rauc-done.service
  3. 1
      recipes-extra/rauc/files/rauc-ubi.rules
  4. 12
      recipes-extra/rauc/files/rauc.service
  5. 27
      recipes-extra/rauc/files/sysmobts-v2/system.conf
  6. 27
      recipes-extra/rauc/files/sysmocom-idu/system.conf
  7. 27
      recipes-extra/rauc/files/sysmocom-odu/system.conf
  8. 18
      recipes-extra/rauc/rauc-native.bb
  9. 62
      recipes-extra/rauc/rauc.bb

@ -0,0 +1,184 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: O=Test Org, CN=Test Org Provisioning CA Development
Validity
Not Before: Jan 1 00:00:00 1970 GMT
Not After : Dec 31 23:59:59 9999 GMT
Subject: O=Test Org, CN=Test Org Provisioning CA Development
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:be:69:34:3b:c6:5b:45:31:c9:2c:e2:cc:70:17:
c8:c4:94:a5:3a:70:64:d5:55:4d:73:d4:97:74:de:
59:ef:f5:ef:8a:f8:24:e8:ab:62:30:d6:f0:4f:8c:
6f:7f:dc:e8:2d:61:67:ac:4f:f3:e2:10:86:bd:31:
57:8e:5a:4d:e6:f6:7c:98:27:e8:84:77:56:d0:2c:
fc:e4:9d:12:87:a4:64:38:82:cc:ff:e2:f6:ee:f3:
1b:36:cd:3c:c3:49:80:43:40:03:c8:6c:a6:b0:92:
a3:a8:74:e5:92:6c:cb:a1:3b:04:a3:b3:37:a8:05:
c6:5a:ae:af:02:74:ea:a9:35:7c:66:11:17:b8:b2:
9f:e4:dd:5d:5e:84:72:6c:f6:69:94:29:64:1d:0d:
e3:b6:f5:57:9d:88:6f:be:15:cf:99:63:1b:15:60:
4d:0d:d6:f8:fe:6c:1f:0c:08:71:38:ff:53:11:ae:
ad:4f:12:c8:00:87:3f:9e:5b:26:6a:14:9d:a0:39:
1d:7a:a0:9b:ea:7c:6d:1b:db:45:26:73:50:e2:8f:
fe:c0:40:b1:10:d6:a0:28:c4:c9:8c:f3:2e:ea:eb:
59:82:27:e6:97:d8:12:12:b2:dd:15:81:b3:ac:53:
dc:ae:3c:ca:41:1a:2f:ca:7f:58:e9:90:4f:97:2a:
4b:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:DA:30:7F:54:40:3B:C0:8D:D3:50:F9:21:A4:3D:BA:01:EB:41:2B
X509v3 Authority Key Identifier:
keyid:2B:DA:30:7F:54:40:3B:C0:8D:D3:50:F9:21:A4:3D:BA:01:EB:41:2B
DirName:/O=Test Org/CN=Test Org Provisioning CA Development
serial:01
X509v3 Basic Constraints:
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
2c:9b:21:f9:69:4b:61:69:96:ec:48:f5:d3:60:24:6c:99:4f:
89:30:f2:ec:33:53:79:c3:29:6b:ea:fd:8e:d9:27:f6:eb:3d:
71:cd:13:4f:e6:40:07:7a:71:e9:f7:23:96:38:65:a0:a9:91:
83:75:bc:57:d9:ad:d2:1f:57:79:0e:32:34:37:f1:e4:38:eb:
5a:b4:ae:60:8d:40:44:ba:0b:e1:22:4e:fa:f0:3d:29:5d:66:
0f:df:cd:16:9c:6c:02:b4:a5:02:43:b3:45:8e:70:cd:d3:a3:
43:ff:92:ff:52:d0:c4:5d:d8:d3:6b:25:a1:07:ea:7f:5b:87:
5e:02:89:d0:98:76:fb:8b:7d:3b:a9:b4:c9:da:31:78:85:e6:
3d:0f:1b:73:b2:47:65:d0:3f:18:da:54:2a:62:3f:42:f7:f7:
c2:b9:53:2d:97:c7:9c:04:92:c8:d6:dc:c6:2e:db:6b:e8:26:
3a:b2:12:b4:b9:ba:74:54:ef:26:a2:6c:2f:1a:e5:72:73:5a:
a3:3a:96:bc:08:fc:a6:da:7d:18:f6:48:c9:a9:bd:a9:00:69:
1a:29:c3:b2:3f:3d:8f:e8:16:19:1c:92:f5:8d:b0:73:b5:04:
cc:23:b2:cd:74:79:9a:e7:58:5c:d8:72:e8:51:1b:5f:7d:31:
71:23:16:b7
-----BEGIN CERTIFICATE-----
MIIDoDCCAoigAwIBAgIBATANBgkqhkiG9w0BAQsFADBCMREwDwYDVQQKDAhUZXN0
IE9yZzEtMCsGA1UEAwwkVGVzdCBPcmcgUHJvdmlzaW9uaW5nIENBIERldmVsb3Bt
ZW50MCIYDzE5NzAwMTAxMDAwMDAwWhgPOTk5OTEyMzEyMzU5NTlaMEIxETAPBgNV
BAoMCFRlc3QgT3JnMS0wKwYDVQQDDCRUZXN0IE9yZyBQcm92aXNpb25pbmcgQ0Eg
RGV2ZWxvcG1lbnQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+aTQ7
xltFMcks4sxwF8jElKU6cGTVVU1z1Jd03lnv9e+K+CToq2Iw1vBPjG9/3OgtYWes
T/PiEIa9MVeOWk3m9nyYJ+iEd1bQLPzknRKHpGQ4gsz/4vbu8xs2zTzDSYBDQAPI
bKawkqOodOWSbMuhOwSjszeoBcZarq8CdOqpNXxmERe4sp/k3V1ehHJs9mmUKWQd
DeO29VediG++Fc+ZYxsVYE0N1vj+bB8MCHE4/1MRrq1PEsgAhz+eWyZqFJ2gOR16
oJvqfG0b20Umc1Dij/7AQLEQ1qAoxMmM8y7q61mCJ+aX2BISst0VgbOsU9yuPMpB
Gi/Kf1jpkE+XKktJAgMBAAGjgZwwgZkwHQYDVR0OBBYEFCvaMH9UQDvAjdNQ+SGk
PboB60ErMGoGA1UdIwRjMGGAFCvaMH9UQDvAjdNQ+SGkPboB60EroUakRDBCMREw
DwYDVQQKDAhUZXN0IE9yZzEtMCsGA1UEAwwkVGVzdCBPcmcgUHJvdmlzaW9uaW5n
IENBIERldmVsb3BtZW50ggEBMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQAD
ggEBACybIflpS2FpluxI9dNgJGyZT4kw8uwzU3nDKWvq/Y7ZJ/brPXHNE0/mQAd6
cen3I5Y4ZaCpkYN1vFfZrdIfV3kOMjQ38eQ461q0rmCNQES6C+EiTvrwPSldZg/f
zRacbAK0pQJDs0WOcM3To0P/kv9S0MRd2NNrJaEH6n9bh14CidCYdvuLfTuptMna
MXiF5j0PG3OyR2XQPxjaVCpiP0L398K5Uy2Xx5wEksjW3MYu22voJjqyErS5unRU
7yaibC8a5XJzWqM6lrwI/KbafRj2SMmpvakAaRopw7I/PY/oFhkckvWNsHO1BMwj
ss10eZrnWFzYcuhRG199MXEjFrc=
-----END CERTIFICATE-----
-----BEGIN X509 CRL-----
MIIBnjCBhzANBgkqhkiG9w0BAQsFADBCMREwDwYDVQQKDAhUZXN0IE9yZzEtMCsG
A1UEAwwkVGVzdCBPcmcgUHJvdmlzaW9uaW5nIENBIERldmVsb3BtZW50Fw0xNTA0
MjgwOTIyMDNaFw0yOTAxMDQwOTIyMDNaMBQwEgIBAxcNMTUwNDI4MDkyMjAzWjAN
BgkqhkiG9w0BAQsFAAOCAQEAnI/DhvDwXafxvwHm2FOdIgJUNHSIEcHHeseh6B3d
MDNqy9TmxVrIf6ncIhORKtMRReoOqzFeizvJYDK6vkXPSAk6zBktnlJpzgNUJnJI
pLfsBdOqq/TXYByqP0/eK/NIztoE61cG0qIxMABtWyb8RCcEXyswdfaCmIq5g+OK
UfeNo94d118QIKXAUIXQwWQ/m+wE6na94JFTyVWCquASTP4aghYFt4l86GtZ4q/Y
UYkBW8vCgO9yEuWQ+Fq/1rJKAdZMezspRu/8f6AkRbXTGpFAQsdEp+MwBmr0bhd2
SIcQxJfZb6uEGzqCaM+FVpAT8yYzcpjbEhPzyfn6lTQqYw==
-----END X509 CRL-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: O=Test Org, CN=Test Org Provisioning CA Release
Validity
Not Before: Jan 1 00:00:00 1970 GMT
Not After : Dec 31 23:59:59 9999 GMT
Subject: O=Test Org, CN=Test Org Provisioning CA Release
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:bc:9d:cb:7a:c6:e1:07:23:b6:6c:d0:8f:86:5e:
6c:b4:00:49:65:38:f1:aa:46:0d:68:0c:8b:95:89:
32:af:bd:1c:52:11:42:9e:8e:0d:aa:36:65:f5:53:
f9:5d:3d:22:a2:f9:49:3f:ee:8d:dd:cf:2a:31:43:
ae:e4:0b:b2:c8:e0:a3:bc:9b:24:e4:de:c0:8c:9f:
5f:d6:3f:dd:7b:b9:e4:bb:f8:42:fb:88:12:ae:51:
2b:c9:e9:c6:5d:87:99:cb:ed:84:61:5f:f8:5e:0e:
6e:7f:33:a8:eb:33:37:bb:d2:76:f4:0e:8d:4e:c4:
4a:ae:94:bf:e9:23:65:e8:29:bf:81:26:21:17:78:
61:ed:78:42:3d:3a:1a:d3:c9:6c:44:29:84:a9:3f:
6e:6a:f7:e2:b8:52:ec:83:07:51:fb:20:0d:89:15:
45:71:61:c9:dc:0a:da:ff:a5:80:3e:7b:ba:d0:5a:
b0:c6:92:f7:84:f4:8b:75:15:a0:c7:c3:79:ae:21:
e8:95:12:8b:3b:6e:02:8d:04:14:40:c1:cc:ed:fe:
98:ec:30:62:10:32:4a:fd:02:e9:da:3f:3b:5a:19:
7b:3c:88:22:f3:c2:c2:3a:e2:0f:bf:b2:29:64:98:
55:aa:21:e8:64:f0:50:0a:75:13:b0:b7:f5:f4:4a:
53:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:41:C9:7B:30:19:92:43:B5:8B:AA:F2:3D:DC:E1:B4:CD:23:67:23
X509v3 Authority Key Identifier:
keyid:BF:41:C9:7B:30:19:92:43:B5:8B:AA:F2:3D:DC:E1:B4:CD:23:67:23
DirName:/O=Test Org/CN=Test Org Provisioning CA Release
serial:01
X509v3 Basic Constraints:
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
19:2c:41:18:51:59:cd:b3:5d:60:b0:ff:75:d0:69:89:c3:2b:
93:22:c7:b5:b9:e1:d4:ed:3b:7d:26:50:6e:fa:21:42:83:34:
ce:0c:47:69:83:bc:ef:f6:0a:11:6e:ca:0d:76:2e:70:ad:3d:
04:f7:73:59:48:e6:0d:45:55:b3:29:6a:a0:fb:09:93:b6:4c:
7b:a4:4c:aa:d0:6e:10:c0:5c:6c:3c:b3:52:4f:13:b5:db:24:
70:ab:85:ef:30:ff:25:d9:fd:7a:da:f2:51:2b:52:d6:9f:60:
d9:65:18:f6:3e:30:57:5c:63:1c:a7:3a:a2:cd:b4:d8:c1:ed:
f2:37:46:cf:1a:4c:a6:b1:9d:40:53:5d:ad:22:7a:7c:eb:bf:
58:71:a1:3e:c3:2d:09:d1:b9:cf:32:7b:d0:52:38:d1:bc:aa:
99:2d:c5:3e:85:4a:7c:bd:7f:c9:0c:52:e6:1d:12:69:7d:78:
61:1e:79:e8:eb:b4:5b:4c:c7:7b:b0:66:0d:a7:c4:da:75:5e:
98:90:95:f7:c9:4e:5a:0d:24:42:3a:92:80:7a:75:90:9e:42:
9d:ab:96:a1:4d:19:2e:26:5c:a2:32:d6:18:f5:69:e3:89:56:
88:25:4e:0a:ac:44:91:5d:e5:a9:11:93:e0:93:b0:59:41:ae:
86:5b:38:b3
-----BEGIN CERTIFICATE-----
MIIDlDCCAnygAwIBAgIBATANBgkqhkiG9w0BAQsFADA+MREwDwYDVQQKDAhUZXN0
IE9yZzEpMCcGA1UEAwwgVGVzdCBPcmcgUHJvdmlzaW9uaW5nIENBIFJlbGVhc2Uw
IhgPMTk3MDAxMDEwMDAwMDBaGA85OTk5MTIzMTIzNTk1OVowPjERMA8GA1UECgwI
VGVzdCBPcmcxKTAnBgNVBAMMIFRlc3QgT3JnIFByb3Zpc2lvbmluZyBDQSBSZWxl
YXNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJ3LesbhByO2bNCP
hl5stABJZTjxqkYNaAyLlYkyr70cUhFCno4NqjZl9VP5XT0iovlJP+6N3c8qMUOu
5AuyyOCjvJsk5N7AjJ9f1j/de7nku/hC+4gSrlEryenGXYeZy+2EYV/4Xg5ufzOo
6zM3u9J29A6NTsRKrpS/6SNl6Cm/gSYhF3hh7XhCPToa08lsRCmEqT9uavfiuFLs
gwdR+yANiRVFcWHJ3Ara/6WAPnu60FqwxpL3hPSLdRWgx8N5riHolRKLO24CjQQU
QMHM7f6Y7DBiEDJK/QLp2j87Whl7PIgi88LCOuIPv7IpZJhVqiHoZPBQCnUTsLf1
9EpTywIDAQABo4GYMIGVMB0GA1UdDgQWBBS/Qcl7MBmSQ7WLqvI93OG0zSNnIzBm
BgNVHSMEXzBdgBS/Qcl7MBmSQ7WLqvI93OG0zSNnI6FCpEAwPjERMA8GA1UECgwI
VGVzdCBPcmcxKTAnBgNVBAMMIFRlc3QgT3JnIFByb3Zpc2lvbmluZyBDQSBSZWxl
YXNlggEBMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBABksQRhRWc2z
XWCw/3XQaYnDK5Mix7W54dTtO30mUG76IUKDNM4MR2mDvO/2ChFuyg12LnCtPQT3
c1lI5g1FVbMpaqD7CZO2THukTKrQbhDAXGw8s1JPE7XbJHCrhe8w/yXZ/Xra8lEr
UtafYNllGPY+MFdcYxynOqLNtNjB7fI3Rs8aTKaxnUBTXa0ienzrv1hxoT7DLQnR
uc8ye9BSONG8qpktxT6FSny9f8kMUuYdEml9eGEeeejrtFtMx3uwZg2nxNp1XpiQ
lffJTloNJEI6koB6dZCeQp2rlqFNGS4mXKIy1hj1aeOJVoglTgqsRJFd5akRk+CT
sFlBroZbOLM=
-----END CERTIFICATE-----
-----BEGIN X509 CRL-----
MIIBgzBtMA0GCSqGSIb3DQEBCwUAMD4xETAPBgNVBAoMCFRlc3QgT3JnMSkwJwYD
VQQDDCBUZXN0IE9yZyBQcm92aXNpb25pbmcgQ0EgUmVsZWFzZRcNMTUwNDI4MDky
MjAzWhcNMjkwMTA0MDkyMjAzWjANBgkqhkiG9w0BAQsFAAOCAQEAqDda6fQJqO0T
KctQiO1dxiqBXrGwzoW1o+p66hIZGo3+Detc3Cm9KJuB7Z5BCkUvNELTwNAOwdhO
Nlflr5s4CobcRHr2PLdhbFmqkNsAlxWM9q65GcbDTpYmy49j5Kx7N1MOSNZhyyzl
Aomj0JNK6QIWxzqikm1YBIoh1o5m18ZOWJMC9QAV+cOoFMuoNXr1BXPcE2OuWeUU
H+XTJQyq4c0VmvJpvK1QOjEBw5TfRGAW5Yy0aRpne/fLygJwxy9Yl96NeehKvLKY
3WVshVQbEEZoXS3PSO3b3lTTUOCXqCFdwzztvKV8HP+rRx+VLhx9WsCrm3DGXCtN
nTyvlYybJw==
-----END X509 CRL-----

@ -0,0 +1,12 @@
[Unit]
Description=Rauc Boot Success Marker
After=multi-user.target
[Service]
Type=oneshot
RemainAfterExit=yes
ExecStart=@BINDIR@/rauc status mark-good
[Install]
WantedBy=multi-user.target

@ -0,0 +1 @@
SUBSYSTEM=="ubi", KERNEL=="ubi*_*", SYMLINK+="$parent_%s{name}"

@ -0,0 +1,12 @@
[Unit]
Description=Rauc Update Service
[Service]
Type=dbus
BusName=de.pengutronix.rauc
#User=root
ExecStart=@BINDIR@/rauc service
[Install]
WantedBy=multi-user.target

@ -0,0 +1,27 @@
[system]
compatible=sysmobts-v2
bootloader=barebox
mountprefix=/mnt/rauc
[keyring]
path=ca.pem
[slot.rescue.0]
device=/dev/ubi0_rescue
type=ubifs
bootname=rescue
readonly=true
[slot.rootfs.0]
device=/dev/ubi0_system0
type=ubifs
bootname=system0
[slot.rootfs.1]
device=/dev/ubi0_system1
type=ubifs
bootname=system1
[slot.data.0]
device=/dev/ubi0_data
type=ubifs

@ -0,0 +1,27 @@
[system]
compatible=sysmocom-idu
bootloader=grub
mountprefix=/mnt/rauc
[keyring]
path=ca.pem
[slot.rescue.0]
device=/dev/sda1
type=ext4
bootname=R
readonly=true
[slot.rootfs.0]
device=/dev/sda2
type=ext4
bootname=A
[slot.rootfs.1]
device=/dev/sda3
type=ext4
bootname=B
[slot.data.0]
device=/dev/sda4
type=ext4

@ -0,0 +1,27 @@
[system]
compatible=sysmocom-odu
bootloader=barebox
mountprefix=/mnt/rauc
[keyring]
path=ca.pem
[slot.rescue.0]
device=/dev/ubi0_rescue
type=ubifs
bootname=rescue
readonly=true
[slot.rootfs.0]
device=/dev/ubi0_system0
type=ubifs
bootname=system0
[slot.rootfs.1]
device=/dev/ubi0_system1
type=ubifs
bootname=system1
[slot.data.0]
device=/dev/ubi0_data
type=ubifs

@ -0,0 +1,18 @@
require rauc.bb
DEPENDS = "squashfs-tools-native curl-native openssl-native glib-2.0-native"
inherit native deploy
do_deploy[sstate-outputdirs] = "${DEPLOY_DIR_TOOLS}"
do_deploy() {
install -d ${DEPLOY_DIR_TOOLS}
install -m 0755 rauc ${DEPLOY_DIR_TOOLS}/rauc-${PV}
rm -f ${DEPLOY_DIR_TOOLS}/rauc
ln -sf ./rauc-${PV} ${DEPLOY_DIR_TOOLS}/rauc
# allow override from local.conf?
install -m 600 test/openssl-ca/dev/autobuilder-1.cert.pem ${DEPLOY_DIR_TOOLS}/rauc.cert.pem
install -m 600 test/openssl-ca/dev//private/autobuilder-1.pem ${DEPLOY_DIR_TOOLS}/rauc.priv.pem
}
addtask deploy before do_package after do_install

@ -0,0 +1,62 @@
DESCRIPTION = "rauc update controller"
LICENSE = "GPLv2"
LIC_FILES_CHKSUM = "file://COPYING;md5=4fbd65380cdd255951079008b364516c"
PR = "r4"
SRC_URI = "git://github.com/jluebbe/rauc.git;protocol=https \
file://dev-ca.pem \
file://system.conf \
file://rauc.service \
file://rauc-done.service \
file://rauc-ubi.rules \
file://system.conf "
PV = "0+git${SRCPV}"
S = "${WORKDIR}/git"
SRCREV = "7904e2e9d17fe0319bc46912e3531cf1b5ed4533"
DEPENDS = "curl openssl glib-2.0"
RDEPENDS_${PN} += "dbus"
FILES_${PN} += "/mnt/rauc"
FILES_${PN} += "${base_libdir}/udev/rules.d/*.rules"
inherit autotools pkgconfig gettext systemd
do_install_append () {
# Create rauc config dir
mkdir -p ${D}${sysconfdir}/rauc
# Create rauc default mountpoint
mkdir -p ${D}/mnt/rauc
# If a system.conf is provided in files, install it
if [ -f ${WORKDIR}/system.conf ]; then
install -m 644 ${WORKDIR}/system.conf ${D}${sysconfdir}/rauc/system.conf
fi
if [ -f ${WORKDIR}/dev-ca.pem ]; then
mkdir -p ${D}${sysconfdir}/rauc
install -m 644 ${WORKDIR}/dev-ca.pem ${D}${sysconfdir}/rauc/ca.pem
fi
# D-bus service
install -d ${D}${sysconfdir}/dbus-1/system.d
install -m 0644 ${S}/data/de.pengutronix.rauc.conf ${D}${sysconfdir}/dbus-1/system.d/
# Systemd service
install -d ${D}${systemd_unitdir}/system
install -m 0644 ${WORKDIR}/rauc.service ${D}${systemd_unitdir}/system/
install -m 0644 ${WORKDIR}/rauc-done.service ${D}${systemd_unitdir}/system/
sed -i -e 's!@BINDIR@!${bindir}!g' ${D}${systemd_unitdir}/system/*.service
# udev rules
install -d ${D}${base_libdir}/udev/rules.d
install -m 0644 ${WORKDIR}/rauc-ubi.rules ${D}${base_libdir}/udev/rules.d/85-rauc-ubi.rules
}
SYSTEMD_PACKAGES = "${PN}"
SYSTEMD_SERVICE_${PN} = "rauc.service rauc-done.service"
SYSTEMD_AUTO_ENABLE_${PN} = "enable"
Loading…
Cancel
Save