configs/orangepi_zero_defconfig: use python 3.x

Orange Pi Zero defconfig has been updated to use U-Boot 2020.04 by commit 9e2bfccf4d (configs/orangepi_zero: bump kernel and uboot versions). Since then it requires Python 3.x on the host. Fixes: https://gitlab.com/buildroot.org/buildroot/-/jobs/593313572 Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com> Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
support/run-test: add test for systemd using dbus-broker
2026-01-08 02:09:48 +03:00 · 2020-06-15 11:29:12 +02:00 · 2020-06-15 11:09:56 +02:00 · 2020-06-15 11:09:56 +02:00 · 2020-06-15 11:06:28 +02:00
11 changed files with 315 additions and 1 deletions
--- a/1
+++ b/1
@@ -1885,6 +1885,7 @@ F:	package/tpm-tools/
 F:	package/trousers/

 N:	Norbert Lange <nolange79@gmail.com>
+F:	package/dbus-broker/
 F:	package/tcf-agent/

 N:	Nylon Chen <nylon7@andestech.com>
--- a/configs/orangepi_zero_defconfig
+++ b/configs/orangepi_zero_defconfig
@@ -24,6 +24,7 @@ BR2_TARGET_UBOOT_CUSTOM_VERSION=y
 BR2_TARGET_UBOOT_CUSTOM_VERSION_VALUE="2020.04"
 BR2_TARGET_UBOOT_BOARD_DEFCONFIG="orangepi_zero"
 BR2_TARGET_UBOOT_NEEDS_DTC=y
+BR2_TARGET_UBOOT_NEEDS_PYTHON3=y
 BR2_TARGET_UBOOT_NEEDS_PYLIBFDT=y
 BR2_TARGET_UBOOT_FORMAT_CUSTOM=y
 BR2_TARGET_UBOOT_FORMAT_CUSTOM_NAME="u-boot-sunxi-with-spl.bin"
--- a/package/Config.in
+++ b/package/Config.in
@@ -432,6 +432,7 @@ endmenu
 	source "package/dahdi-linux/Config.in"
 	source "package/dahdi-tools/Config.in"
 	source "package/dbus/Config.in"
+	source "package/dbus-broker/Config.in"
 	source "package/dbus-cpp/Config.in"
 	source "package/dbus-glib/Config.in"
 	source "package/dbus-python/Config.in"
--- a/package/dbus-broker/Config.in
+++ b/package/dbus-broker/Config.in
@@ -0,0 +1,22 @@
+config BR2_PACKAGE_DBUS_BROKER
+	bool "dbus-broker"
+	depends on BR2_USE_MMU
+	depends on BR2_TOOLCHAIN_HAS_THREADS
+	depends on BR2_PACKAGE_SYSTEMD
+	select BR2_PACKAGE_EXPAT
+	help
+	  Linux D-Bus Message Broker.
+
+	  The dbus-broker project is an implementation of a message bus
+	  as defined by the D-Bus specification. Its aim is to provide
+	  high performance and reliability, while keeping compatibility
+	  to the D-Bus reference implementation.
+
+	  It is exclusively written for Linux systems, and makes use of
+	  many modern features provided by recent linux kernel releases.
+
+	  https://github.com/bus1/dbus-broker/wiki
+
+comment "dbusbroker needs systemd and a toolchain w/ threads"
+	depends on BR2_USE_MMU
+	depends on !BR2_TOOLCHAIN_HAS_THREADS || !BR2_PACKAGE_SYSTEMD
--- a/package/dbus-broker/dbus-broker.hash
+++ b/package/dbus-broker/dbus-broker.hash
@@ -0,0 +1,3 @@
+# Locally calculated
+sha256  95adfde56bce898c3b69eee0524732365e802348dd8189a35d5d00c30990dc81  dbus-broker-23.tar.xz
+sha256  3cda3630283eda0eab825abe5ac84d191248c6b3fe1c232a118124959b96c6a4  LICENSE
--- a/package/dbus-broker/dbus-broker.mk
+++ b/package/dbus-broker/dbus-broker.mk
@@ -0,0 +1,68 @@
+################################################################################
+#
+# dbus-broker
+#
+################################################################################
+
+DBUS_BROKER_VERSION = 23
+DBUS_BROKER_SOURCE = dbus-broker-$(DBUS_BROKER_VERSION).tar.xz
+DBUS_BROKER_SITE = https://github.com/bus1/dbus-broker/releases/download/v$(DBUS_BROKER_VERSION)
+
+# For the third-party code, the licensing legla-info is inconsistent between
+# the AUTHORS and README, so keep both
+DBUS_BROKER_LICENSE = \
+	Apache-2.0, \
+	Apache-2.0 and/or LGPL-2.1+ (c-dvar, c-ini, c-list, c-rbtree, c-shquote, c-stdaux, c-utf8)
+DBUS_BROKER_LICENSE_FILES = \
+	LICENSE \
+	subprojects/c-dvar/AUTHORS subprojects/c-dvar/README.md \
+	subprojects/c-ini/AUTHORS subprojects/c-ini/README.md \
+	subprojects/c-list/AUTHORS subprojects/c-list/README.md \
+	subprojects/c-rbtree/AUTHORS subprojects/c-rbtree/README.md \
+	subprojects/c-shquote/AUTHORS subprojects/c-shquote/README.md \
+	subprojects/c-stdaux/AUTHORS subprojects/c-stdaux/README.md \
+	subprojects/c-utf8/AUTHORS subprojects/c-utf8/README.md
+
+DBUS_BROKER_DEPENDENCIES = expat systemd
+DBUS_BROKER_CONF_OPTS = -Dlauncher=true
+
+ifeq ($(BR2_TOOLCHAIN_HEADERS_AT_LEAST_4_17),y)
+DBUS_BROKER_CONF_OPTS += -Dlinux-4-17=true
+else
+DBUS_BROKER_CONF_OPTS += -Dlinux-4-17=false
+endif
+
+ifeq ($(BR2_PACKAGE_AUDIT),y)
+DBUS_BROKER_DEPENDENCIES += audit
+DBUS_BROKER_CONF_OPTS += -Daudit=true
+else
+DBUS_BROKER_CONF_OPTS += -Daudit=false
+endif
+
+ifeq ($(BR2_PACKAGE_LIBSELINUX),y)
+DBUS_BROKER_DEPENDENCIES += libselinux
+DBUS_BROKER_CONF_OPTS += -Dselinux=true
+else
+DBUS_BROKER_CONF_OPTS += -Dselinux=false
+endif
+
+# Do not install units for system bus daemon socket if original dbus present
+# Do not install config and service files if original dbus present
+# Note: BR2_COREUTILS_HOST_DEPENDENCY to be able to use ln --relative
+ifeq ($(BR2_PACKAGE_DBUS),)
+DBUS_BROKER_DEPENDENCIES += $(BR2_COREUTILS_HOST_DEPENDENCY)
+
+define DBUS_BROKER_INSTALL_INIT_SYSTEMD
+	$(INSTALL) -D -m644 $(DBUS_BROKER_PKGDIR)/session.conf \
+		$(TARGET_DIR)/usr/share/dbus-1/session.conf
+	$(INSTALL) -D -m644 $(DBUS_BROKER_PKGDIR)/system.conf \
+		$(TARGET_DIR)/usr/share/dbus-1/system.conf
+	$(INSTALL) -D -m644 $(DBUS_BROKER_PKGDIR)/dbus.socket \
+		$(TARGET_DIR)/usr/lib/systemd/system/dbus.socket
+	$(HOST_MAKE_ENV) ln -sf --relative \
+		$(TARGET_DIR)/usr/lib/systemd/system/dbus.socket \
+		$(TARGET_DIR)/usr/lib/systemd/system/sockets.target.wants/dbus.socket
+endef
+endif # !BR2_PACKAGE_DBUS
+
+$(eval $(meson-package))
--- a/package/dbus-broker/dbus.socket
+++ b/package/dbus-broker/dbus.socket
@@ -0,0 +1,5 @@
+[Unit]
+Description=D-Bus System Message Bus Socket
+
+[Socket]
+ListenStream=/run/dbus/system_bus_socket
--- a/package/dbus-broker/session.conf
+++ b/package/dbus-broker/session.conf
@@ -0,0 +1,65 @@
+<!-- This configuration file controls the per-user-login-session message bus.
+     Add a session-local.conf and edit that rather than changing this
+     file directly. -->
+
+<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-Bus Bus Configuration 1.0//EN"
+ "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
+<busconfig>
+  <!-- Our well-known bus type, don't change this -->
+  <type>session</type>
+
+  <!-- If we fork, keep the user's original umask to avoid affecting
+       the behavior of child processes. -->
+  <keep_umask/>
+
+  <standard_session_servicedirs />
+
+  <policy context="default">
+    <!-- Allow everything to be sent -->
+    <allow send_destination="*" eavesdrop="true"/>
+    <!-- Allow everything to be received -->
+    <allow eavesdrop="true"/>
+    <!-- Allow anyone to own anything -->
+    <allow own="*"/>
+  </policy>
+
+  <!-- Config files are placed here that among other things,
+       further restrict the above policy for specific services. -->
+  <includedir>session.d</includedir>
+
+  <includedir>/etc/dbus-1/session.d</includedir>
+
+  <!-- This is included last so local configuration can override what's
+       in this standard file -->
+  <include ignore_missing="yes">/etc/dbus-1/session-local.conf</include>
+
+  <include if_selinux_enabled="yes" selinux_root_relative="yes">contexts/dbus_contexts</include>
+
+  <!-- For the session bus, override the default relatively-low limits
+       with essentially infinite limits, since the bus is just running
+       as the user anyway, using up bus resources is not something we need
+       to worry about. In some cases, we do set the limits lower than
+       "all available memory" if exceeding the limit is almost certainly a bug,
+       having the bus enforce a limit is nicer than a huge memory leak. But the
+       intent is that these limits should never be hit. -->
+
+  <!-- the memory limits are 1G instead of say 4G because they can't exceed 32-bit signed int max -->
+  <limit name="max_incoming_bytes">1000000000</limit>
+  <limit name="max_incoming_unix_fds">250000000</limit>
+  <limit name="max_outgoing_bytes">1000000000</limit>
+  <limit name="max_outgoing_unix_fds">250000000</limit>
+  <limit name="max_message_size">1000000000</limit>
+  <!-- We do not override max_message_unix_fds here since the in-kernel
+       limit is also relatively low -->
+  <limit name="service_start_timeout">120000</limit>
+  <limit name="auth_timeout">240000</limit>
+  <limit name="pending_fd_timeout">150000</limit>
+  <limit name="max_completed_connections">100000</limit>
+  <limit name="max_incomplete_connections">10000</limit>
+  <limit name="max_connections_per_user">100000</limit>
+  <limit name="max_pending_service_starts">10000</limit>
+  <limit name="max_names_per_connection">50000</limit>
+  <limit name="max_match_rules_per_connection">50000</limit>
+  <limit name="max_replies_per_connection">50000</limit>
+
+</busconfig>
--- a/package/dbus-broker/system.conf
+++ b/package/dbus-broker/system.conf
@@ -0,0 +1,120 @@
+<!-- This configuration file controls the systemwide message bus.
+     Add a system-local.conf and edit that rather than changing this
+     file directly. -->
+
+<!-- Note that there are any number of ways you can hose yourself
+     security-wise by screwing up this file; in particular, you
+     probably don't want to listen on any more addresses, add any more
+     auth mechanisms, run as a different user, etc. -->
+
+<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-Bus Bus Configuration 1.0//EN"
+ "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
+<busconfig>
+
+  <!-- Our well-known bus type, do not change this -->
+  <type>system</type>
+
+  <!-- Fork into daemon mode -->
+  <fork/>
+
+  <!-- We use system service launching using a helper -->
+  <standard_system_servicedirs/>
+
+  <!-- Enable logging to syslog -->
+  <syslog/>
+
+  <policy context="default">
+    <!-- All users can connect to system bus -->
+    <allow user="*"/>
+
+    <!-- Holes must be punched in service configuration files for
+         name ownership and sending method calls -->
+    <deny own="*"/>
+    <deny send_type="method_call"/>
+
+    <!-- Signals and reply messages (method returns, errors) are allowed
+         by default -->
+    <allow send_type="signal"/>
+    <allow send_requested_reply="true" send_type="method_return"/>
+    <allow send_requested_reply="true" send_type="error"/>
+
+    <!-- All messages may be received by default -->
+    <allow receive_type="method_call"/>
+    <allow receive_type="method_return"/>
+    <allow receive_type="error"/>
+    <allow receive_type="signal"/>
+
+    <!-- Allow anyone to talk to the message bus -->
+    <allow send_destination="org.freedesktop.DBus"
+           send_interface="org.freedesktop.DBus" />
+    <allow send_destination="org.freedesktop.DBus"
+           send_interface="org.freedesktop.DBus.Introspectable"/>
+    <allow send_destination="org.freedesktop.DBus"
+           send_interface="org.freedesktop.DBus.Properties"/>
+    <!-- But disallow some specific bus services -->
+    <deny send_destination="org.freedesktop.DBus"
+          send_interface="org.freedesktop.DBus"
+          send_member="UpdateActivationEnvironment"/>
+    <deny send_destination="org.freedesktop.DBus"
+          send_interface="org.freedesktop.DBus.Debug.Stats"/>
+    <deny send_destination="org.freedesktop.DBus"
+          send_interface="org.freedesktop.systemd1.Activator"/>
+  </policy>
+
+  <!-- Only systemd, which runs as root, may report activation failures. -->
+  <policy user="root">
+    <allow send_destination="org.freedesktop.DBus"
+           send_interface="org.freedesktop.systemd1.Activator"/>
+  </policy>
+
+  <!-- root may monitor the system bus. -->
+  <policy user="root">
+    <allow send_destination="org.freedesktop.DBus"
+           send_interface="org.freedesktop.DBus.Monitoring"/>
+  </policy>
+
+  <!-- If the Stats interface was enabled at compile-time, root may use it.
+       Copy this into system.local.conf or system.d/*.conf if you want to
+       enable other privileged users to view statistics and debug info -->
+  <policy user="root">
+    <allow send_destination="org.freedesktop.DBus"
+           send_interface="org.freedesktop.DBus.Debug.Stats"/>
+  </policy>
+
+
+  <!-- The defaults for these limits are hard-coded in dbus-daemon.
+       Some clarifications:
+       Times are in milliseconds (ms); 1000ms = 1 second
+       133169152 bytes = 127 MiB
+       33554432 bytes = 32 MiB
+       150000ms = 2.5 minutes -->
+  <!-- <limit name="max_incoming_bytes">133169152</limit> -->
+  <!-- <limit name="max_incoming_unix_fds">64</limit> -->
+  <!-- <limit name="max_outgoing_bytes">133169152</limit> -->
+  <!-- <limit name="max_outgoing_unix_fds">64</limit> -->
+  <!-- <limit name="max_message_size">33554432</limit> -->
+  <!-- <limit name="max_message_unix_fds">16</limit> -->
+  <!-- <limit name="service_start_timeout">25000</limit> -->
+  <!-- <limit name="auth_timeout">5000</limit> -->
+  <!-- <limit name="pending_fd_timeout">150000</limit> -->
+  <!-- <limit name="max_completed_connections">2048</limit> -->
+  <!-- <limit name="max_incomplete_connections">64</limit> -->
+  <!-- <limit name="max_connections_per_user">256</limit> -->
+  <!-- <limit name="max_pending_service_starts">512</limit> -->
+  <!-- <limit name="max_names_per_connection">512</limit> -->
+  <!-- <limit name="max_match_rules_per_connection">512</limit> -->
+  <!-- <limit name="max_replies_per_connection">128</limit> -->
+
+  <!-- Config files are placed here that among other things, punch
+       holes in the above policy for specific services. -->
+  <includedir>system.d</includedir>
+
+  <includedir>/etc/dbus-1/system.d</includedir>
+
+  <!-- This is included last so local configuration can override what's
+       in this standard file -->
+  <include ignore_missing="yes">/etc/dbus-1/system-local.conf</include>
+
+  <include if_selinux_enabled="yes" selinux_root_relative="yes">contexts/dbus_contexts</include>
+
+</busconfig>
--- a/package/systemd/Config.in
+++ b/package/systemd/Config.in
@@ -25,7 +25,7 @@ menuconfig BR2_PACKAGE_SYSTEMD
 	depends on BR2_TOOLCHAIN_GCC_AT_LEAST_5
 	depends on BR2_HOST_GCC_AT_LEAST_5 # host-systemd
 	select BR2_PACKAGE_HAS_UDEV
-	select BR2_PACKAGE_DBUS # runtime dependency only
+	select BR2_PACKAGE_DBUS if !BR2_PACKAGE_DBUS_BROKER # runtime
 	select BR2_PACKAGE_LIBCAP
 	select BR2_PACKAGE_UTIL_LINUX
 	select BR2_PACKAGE_UTIL_LINUX_LIBBLKID
--- a/support/testing/tests/init/test_systemd.py
+++ b/support/testing/tests/init/test_systemd.py
@@ -86,6 +86,20 @@ class TestInitSystemSystemdRoIfupdown(InitSystemSystemdBase):
        self.check_network("eth0")


+class TestInitSystemSystemdRoIfupdownDbusbroker(TestInitSystemSystemdRoIfupdown):
+    config = TestInitSystemSystemdRoIfupdown.config + \
+        """
+        BR2_PACKAGE_DBUS_BROKER=y
+        """
+
+
+class TestInitSystemSystemdRoIfupdownDbusbrokerDbus(TestInitSystemSystemdRoIfupdownDbusbroker):
+    config = TestInitSystemSystemdRoIfupdownDbusbroker.config + \
+        """
+        BR2_PACKAGE_DBUS=y
+        """
+
+
 class TestInitSystemSystemdRwIfupdown(InitSystemSystemdBase):
    config = InitSystemSystemdBase.config + \
        """
@@ -101,6 +115,20 @@ class TestInitSystemSystemdRwIfupdown(InitSystemSystemdBase):
        self.check_network("eth0")


+class TestInitSystemSystemdRwIfupdownDbusbroker(TestInitSystemSystemdRwIfupdown):
+    config = TestInitSystemSystemdRwIfupdown.config + \
+        """
+        BR2_PACKAGE_DBUS_BROKER=y
+        """
+
+
+class TestInitSystemSystemdRwIfupdownDbusbrokerDbus(TestInitSystemSystemdRwIfupdownDbusbroker):
+    config = TestInitSystemSystemdRwIfupdownDbusbroker.config + \
+        """
+        BR2_PACKAGE_DBUS=y
+        """
+
+
 class TestInitSystemSystemdRoFull(InitSystemSystemdBase):
    config = InitSystemSystemdBase.config + \
        """
Author	SHA1	Message	Date
Sergey Matyukevich	5e7a06f1e4	configs/orangepi_zero_defconfig: use python 3.x Orange Pi Zero defconfig has been updated to use U-Boot 2020.04 by commit `9e2bfccf4d` (configs/orangepi_zero: bump kernel and uboot versions). Since then it requires Python 3.x on the host. Fixes: https://gitlab.com/buildroot.org/buildroot/-/jobs/593313572 Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com> Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>	2020-06-15 11:29:12 +02:00
Yann E. MORIN	8c9c1a969f	support/run-test: add test for systemd using dbus-broker Add four new tests for systemd (rw and ro in each case): - use dbus-broker instead of the original dbus - use the original dbus, with dbus-broker installed The first two extend the existing TestInitSystemSystemdRoIfupdown test, by just enabling dbus-broker; the second ones extend this further, by explicitly enabling the original dbus. Presence of the original dbus and dbus-broker on the same system is valid: the original dbus is used as the system bus daemon, while dbus-broker is used for (some of) the session bus(es). We do not test the session bus for now, but the new test ensures the system bus daemon is not impacted by the presence of dbus-broker. Note: the 'full' test-case enables all systemd options, and some of them do pull the original dbus package, so we can't use that to test the integration of dbus-broker; instead, we extend the ifupdown case, which does not enable the original dbus. Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr> Cc: Norbert Lange <nolange79@gmail.com>	2020-06-15 11:09:56 +02:00
Yann E. MORIN	b9ae129ad1	package/systemd: do not force dbus if dbus-broker is available dbus-broker fits the bill as a message bus daemon, so only enable the original dbus if dbus-broker is not enabled. Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr> Cc: Norbert Lange <nolange79@gmail.com>	2020-06-15 11:09:56 +02:00
Norbert Lange	5772dc3cfb	package/dbusbroker: new package dbus-broker is an alternate implementation of a dbus dameon. It can be used as a drop-in replacement for the system bus daemon, as well as the session bus daemon. dbus-broker is (basically, and as far as we're concerned in Buildroot) split in two components: - the actual message bus daemon, that relays messages across clients - a launcher, which is responsible for setting various aspects of the bus, like setting the policy et al. and opening the socket(s) the message bus daemon will have to listen on... The launcher can only be used in a systemd setup (it makes heavy use of systemd facilities), while the message bus is generic. However, the message bus daemon is useless without a launcher. There does not exist a non-systemd launcher, which makes dbus-broker actually a systemd-only package; this can be revisited when/if a non-systemd launcher appears. There are two cases: 1. original dbus disabled Here, we install the config files and systemd socket activation units; dbus-broker provides the system and sessions bus daemons. 2. original dbus enabled In this case, we do not install the config files and systemd socket activation units: they all are provided by the original dbus. In this situation, the default system and sessions message bus are the original dbus; dbus-broker is not enabled. However, users may opt-in to use dbus-broker in a few ways: - at build-time: provide drop-in units in an overlay; - at build-time: call systemctl enable/disable from a post-build script; - at runtime (on a RW filesystem): by calling systemctl enable/disable Note that, contrary to the original dbus, we do not define a user to run the system bus as non-root; this is handled by systemd. As for the licensing terms: they are pretty trivial for dbus-broker itself, but it makes use of third-party code that it inherits as git submodules (that are bundeld in the release archive). Thus the licensing is a bit convoluted... The third-party codes claim to be licensed as "Apache-2.0 and LGP-2.1+" in their AUTHORS files, but at the same time claim "Apache-2.0 OR LGPL-2.1-or-later" in their README files. The individual source files (that are used) do not seem to have any licensing header to clarify the situation. Signed-off-by: Norbert Lange <nolange79@gmail.com> [yann.morin.1998@free.fr: - don't select systemd; depend on it instead - only install config files and systemd units wihtout original dbus - fix licensing info - entirely reword and extend the commit log ] Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr> --- Changes v3 -> v4 (Yann, respiining after review by Norbert): - drop the non-systemd case - drop the launcher option - reinstate BR2_COREUTILS_HOST_DEPENDENCY and ln --relative Changes v2 -> v3 (Norbert, respinning after Yann): - add an own config entry for dbus-broker-launch enabled by default if systemd init is used - undo BR2_COREUTILS_HOST_DEPENDENCY - undo adding dbus user - never used by this package - add condtional audit dependency - cleanup conditional logic a bit Changes v1 -> v2 (Yann): - make launcher conditional - don't select systemd; don't depend on it either - don't install systemd units without systemd - only install config files and systemd units wihtout original dbus - rename hooks with meaningful names - fix licensing info - entirely reword and extend the commit log	2020-06-15 11:06:28 +02:00