Clemens Lang | 13 Jan 13:50 2015
Picon

OpenSSL Exception

Hi everyone,

opkg is currently licensed under GPL-2.0 but links against OpenSSL in
some configurations, such as --enable-openssl or --enable-ssl-curl. In
case you're not aware of the potential problems this might cause, [1]
has a pretty good overview.

This might especially become a problem when "that component itself
accompanies the executable", which the GPL cites as a condition in which
the special exception to link against system files does not apply.
Debian considers this to be the case when the program and the library
are shipped as part of the same operating system, and some (most?)
people who ship yocto-based distributions with libopkg would probably
agree.

I know this may be a long shot, but would it be possible to add an
OpenSSL exception such as the one proposed in [1] to opkg's license?

[1] https://people.gnome.org/~markmc/openssl-and-the-gpl.html

Thank you for your time,
Clemens
--

-- 
BMW Car IT GmbH
Clemens Lang
Development Specialist
Lise-Meitner-Stra├če 14
89081 Ulm

Mail: clemens.lang@...
(Continue reading)

opkg | 13 Jan 07:50 2015

Issue 157 in opkg: Use-after-free on 'opkg install a/foo.ipk b/foo.ipk'

Status: New
Owner: ----
Labels: Type-Defect Priority-Medium

New issue 157 by cronos...@...: Use-after-free on 'opkg
install  
a/foo.ipk b/foo.ipk'
https://code.google.com/p/opkg/issues/detail?id=157

Version: opkg 0.1.8 (openwrt)

I accidentally had a package by the same name in two different directories,  
and when openwrt was preparing the rootfs (opkg --offline-root --add-dest  
root:/ ...), it started giving very strange errors:

Unknown package ' <at> '.
Installing hd-idle (1.04-1) to root...
Configuring hd-idle.
Collected errors:
  * opkg_install_cmd: Cannot install package  <at> .

Turns out it's a user-after-free when 'opkg install' two packages of the  
same name:

$ ls -l $(cat pkgs.txt)
-rw-r--r-- 1 catalinp catalinp 5,183 Jan  9 01:46  
/home/catalinp/src/openwrt/bin/ar71xx/packages/oldpackages/hd-idle_1.04-1_ar71xx.ipk
-rw-r--r-- 1 catalinp catalinp 5,255 Jan  9 03:05  
/home/catalinp/src/openwrt/bin/ar71xx/packages/packages/hd-idle_1.04-1_ar71xx.ipk

(Continue reading)

Ben Franciszkiewicz | 10 Jan 21:24 2015
Picon

pip

Hello I have a problem with installation pip for python

Have tried with:
opkg download get-pip.py

the result is:

Collected errors:
 * Cannot find package get-pip.py.
Check the spelling or perhaps run 'opkg update'


according to: 
https://pip.pypa.io/en/latest/installing.html 

I've saved this:
https://bootstrap.pypa.io/get-pip.py 
as: get-pip.py 

And I get this result: 

root [ ~/python/pip/pip ]# python get-pip.py 
Traceback (most recent call last): 
File "get-pip.py", line 19892, in <module> 
main() 
File "get-pip.py", line 152, in main 
bootstrap(tmpdir=tmpdir) 
File "get-pip.py", line 82, in bootstrap 
import pip 
zipimport.ZipImportError: can't decompress data; zlib not available
 

here: 
http://stackoverflow.com/questions/3905615/zlib-module-missing 

is a comment: 
"You forgot to install zlib1g-dev before building Python" 

Unforetunatly I don't know where I can download zlib1g-dev
also I don't know if I can install it now, when the python is already installed.

Python v 2.7.7 

Can I somehow add another repo to have pip, python etc there?

How can I install pip?

--
You received this message because you are subscribed to the Google Groups "opkg-devel" group.
To unsubscribe from this group and stop receiving emails from it, send an email to opkg-devel+unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org.
For more options, visit https://groups.google.com/d/optout.
opkg | 5 Jan 00:42 2015

Re: Issue 124 in opkg: Upgrade of a package do not upgrade the depends


Comment #49 on issue 124 by KirG...@...: Upgrade of a package do
not  
upgrade the depends
https://code.google.com/p/opkg/issues/detail?id=124

OK, I created a simple test for  
http://code.google.com/p/opkg/issues/detail?id=124#c37.
In my scenario I use meta package that has ~50 dependencies on other  
packages with exact (=) version binding to ease the upgrade process and to  
be sure that everything is installed.
"c" package represents meta package in attached test. Currently test fails.
I use "master" branch (rev 7e2942).

Also I have some comments on  
http://code.google.com/p/opkg/issues/detail?id=124#c3.
Package managers such as "apt" or "yum" upgrade all packages that have any  
dependencies on each other to satisfy them. I think that this is a right  
way, specially on embedded platforms with sometimes unattended installation  
of packages. So "blocking" mechanism is not a good idea.

Attachments:
	21_upgrade_depends.py  1.3 KB

--

-- 
You received this message because this project is configured to send all  
issue notifications to this address.
You may adjust your notification preferences at:
https://code.google.com/hosting/settings

Ankur Tank | 31 Dec 12:54 2014

Insllating encrypted packages throught Opkg

Hi,


We are using Beaglebone black based custom board, with Embedded Linux

We have package manager “opkg” in our board.

 

For firmware upgrade we want to keep encrypted package.

When we do “opkg install” it will download software from the repository(as mentioned in /etc/opkg.conf) and install the package.

 

As I understand opkg understands .gz and deb package format,

Now if we have to keep encrypted package in repository is that possible ?

Does opkg recognize any kind of encryption and decryption ?

 

Any suggestions ?

 

Thank you,

 

Regards,

Ankur

 

L&T Technology Services Ltd

www.LntTechservices.com

This Email may contain confidential or privileged information for the intended recipient (s). If you are not the intended recipient, please do not use or disseminate the information, notify the sender and delete it from your system.

--
You received this message because you are subscribed to the Google Groups "opkg-devel" group.
To unsubscribe from this group and stop receiving emails from it, send an email to opkg-devel+unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org.
For more options, visit https://groups.google.com/d/optout.

Christian Beier | 29 Dec 16:10 2014
Picon

[PR] opkg-make-index: generate the Packages.stamps file in package dir, not cwd.

The following changes since commit 53274f087565fd45d8452c5367997ba6a682a37a:

  update-alternatives: avoid double slash problem (2014-11-24 11:41:57 +0000)

are available in the git repository at:

  https://github.com/bk138/opkg-utils.git 

for you to fetch changes up to 7fdcbd1674eed5677869511f14ddcb2bf3eddaf0:

  opkg-make-index: generate the Packages.stamps file in package dir, not cwd.
  (2014-12-29 13:10:08 +0100)

----------------------------------------------------------------
Christian Beier (1):
      opkg-make-index: generate the Packages.stamps file in package dir, not
cwd.

 opkg-make-index | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/opkg-make-index b/opkg-make-index
index 2fdf95c..33b7e48 100755
--- a/opkg-make-index
+++ b/opkg-make-index
 <at>  <at>  -37,7 +37,6  <at>  <at>  def to_locale(filename, locale):
 old_filename = None
 packages_filename = None
 filelist_filename = None
-stamplist_filename = "Packages.stamps"
 opt_s = 0
 opt_m = 0
 (opts, remaining_args) = getopt.getopt(sys.argv[1:], "hl:p:vsmr:L:")
 <at>  <at>  -65,6 +64,8  <at>  <at>  if ( not remaining_args ):

 pkg_dir=remaining_args[0]

+stamplist_filename = pkg_dir + "/" + "Packages.stamps"
+
 packages = opkg.Packages()

 old_pkg_hash = {}

opkg | 26 Dec 14:24 2014

Issue 156 in opkg: conflicts+replaces+provides causes untracked files

Status: New
Owner: ----
Labels: Type-Defect Priority-Medium

New issue 156 by alexeytech: conflicts+replaces+provides causes untracked  
files
https://code.google.com/p/opkg/issues/detail?id=156

What steps will reproduce the problem?
1.Create package A that have files /x1 /x2
   install it.
2.Create package B that have files /x2 /x3
   Replaces:  A
   Provides:  A
   Conflicts: A
install it

What do you see? What is the expected output?
A is removed, B is installed as expected, BUT
opkg files B shows only file /x3 and /x2 stays in filesystem untracked

I expect that package B must own file /x2.

What version of the product are you using? On what operating system?
opkg v0.2.4
it maybe important that I use opkg in offline root mode

--

-- 
You received this message because this project is configured to send all  
issue notifications to this address.
You may adjust your notification preferences at:
https://code.google.com/hosting/settings

Paul Barker | 23 Dec 18:43 2014
Picon

opkg-0.3.0-rc2 Release Candidate

Hi all,

I'd like to announce the release of opkg-0.3.0-rc2 as of 2014-12-23. This solves
the silly omissions I made when packaging -rc1.

This release will soon be available from the new download location with hosting
provided by The Yocto Project:

    http://downloads.yoctoproject.org/releases/opkg/opkg-0.3.0-rc2.tar.gz

It is mirrored at and available immediately from:

    http://www.paulbarker.me.uk/dist/opkg/opkg-0.3.0-rc2.tar.gz

GPG signatures are available in the file "opkg-0.3.0-rc2.tar.gz.asc", hosted at
both download locations.

opkg-0.3.0-rc2 Release Notes
============================

- Ensure `libopkg/xfuncs.h`, `tests/` and `scripts/` are included in the release
  archive!

--

-- 
Paul Barker

Email: paul@...
http://www.paulbarker.me.uk

Paul Barker | 22 Dec 01:47 2014
Picon

opkg-0.3.0-rc1 Release Candidate

Hi all,

I'd like to announce the release of opkg-0.3.0-rc1 as of 2014-12-22. This is the
first 'proper' release candidate for v0.3.0 and needs lots of testing!

This release will soon be available from the new download location with hosting
provided by The Yocto Project:

    http://downloads.yoctoproject.org/releases/opkg/opkg-0.3.0-rc1.tar.gz

It is mirrored at and available immediately from:

    http://www.paulbarker.me.uk/dist/opkg/opkg-0.3.0-rc1.tar.gz

GPG signatures are available in the file "opkg-0.3.0-rc1.tar.gz.asc", hosted at both
download locations.

Go forth and test!

Release Notes
=============

As no release notes were produced for v0.3.0-rc0, a description of the changes
in v0.3.0-rc0 is included here.

opkg-0.3.0-rc1
--------------

- Reformat all C code so that it is easier to read (issue 119).

- Fix a few minor logic bugs.

- Tidy up `autogen.sh` and ensure it runs correctly with old versions of
  `aclocal` and non-bash shells.

- Rearrange test scripts into logical categories.

- Fix segfault when reinstalling a package with `force_reinstall` set (issue
  153).

opkg-0.3.0-rc0
--------------

Dependency changes:

- opkg now depends on libarchive.

opkg:

- Rename `opkg-cl` to `opkg`.

- Add config option `autoremove` equivalent to `--autoremove` command line
  flag.

- Add config option `overwrite_no_owner` allowing un-owned files to be
  overwritten during package install (issue 99).

- Add config options `connect_timeout_ms`, `transfer_timeout_ms` and
  `follow_location` for use with CURL.

- Add command line option `--volatile-cache`.

- Add config option `no_install_recommends` and command line option
  `--no-install-recommends` to prevent the installation of packages listed as
  Recommends.

- Add command line option `--add-exclude` to add packages to an exclusion list.

- Add config option `ignore_maintainer` to silently ignore changes to files
  listed as Conffiles during a package upgrade (issue 128, part 2).

- Add config option `lock_file`. This option replaces the configure script
  argument `--with-opkglockfile`, allowing the lock file path to be specified at
  run-time.

- Add config options `info_dir` and `status_file`. Together with the config
  option `lists_dir` which existed previously, these options replace the
  configure script argument `--with-opkglibdir`, allowing the paths to the the
  data files and directories to be specified at run-time and with better
  granularity.

- Add config option `signature_type` allowing the signature verification backend
  to be selected at runtime. Both openssl and gpg support may not coexist within
  a single build of opkg.

- Add config option `check_pkg_signature` which allows individual package files
  to be signed and verified.

- Add config option `cache_local_files` to copy local files into the cache when
  downloading. If this option is not set, any URL with a `file://` is symlinked
  into the cache rather than downloaded (issue 139).

- Drop support for the old `lists_dir` config option syntax. The new syntax
  introduced in v0.2.3 must now be used.

- Add support for passing package filename arguments to `opkg info` (issue 125).

- Add support for implicit and explicit FTP-over-SSL when using the curl
  download backend.

- Add support for a https proxy using the curl download backend.

- Add support for http basic authentication when using the CURL download
  backend.

- Add support for ASCII-armored gpg signatures.

- Change the default cache directory to `/var/cache` (issue 131).

- Improve package and package feed verification.

- Improve download caching.

- Improve heuristics to determine whether an argument is a package name, remote
  URI or local path.

- Improve detection and handling of package conflicts.

- Improve handling of package flags (such as hold) and status.

- Improve proxy authentication when using the curl download backend.

- Allow interrupted downloads to be resumed when curl is enabled (issue 115).

- Only upgrade installed packages during `opkg upgrade` (issue 127).

- Correctly handle pacakges which list a virtual package in Provides, Replaces
  and Conflicts (issue 89).

- Ensure that the lock file can be created by creating the parent directory if
  it does not already exist (issue 110).

- Issue a NOTICE message not an ERROR message if files listed as Conffiles have
  been changed by the user prior to a package upgrade but the `force_maintainer`
  option has not been set (issue 128, part 1).

- Call prerm and postrm scripts on package upgrade (issue 104).

opkg-key:

- Only install `opkg-key` when gpg support is enabled.

- Add `opkg-key reset` command to remove all trusted keys.

- Add `opkg-key populate` command to populated the list of trusted keys using
  the contents of `/usr/share/opkg/keyrings`.

- Improve usage output of `opkg-key`.

update-alternatives:

- `update-alternatives` has been moved out of opkg and into opkg-utils.

Developer visible:

- Add functions `opkg_conf_get_option` and `opkg_conf_set_option`, direct
  access to `options` array is no longer allowed.

- Add documentation in `developer-doc` directory.

- Add `scripts/checkpatch.pl`, adapted from the Linux kernel. This script may be
  used to check that patches match the expected coding style and are free from
  some common mistakes.

- Remove confusing `from_upgrade` argument from `opkg_remove_pkg`.

- Drop the configure script arguments `--with-opkglockfile`, `--with-opkglibdir`
  and `--with-opkgtcdir`.

- Drop unnecessary source files under 'tests'.

- Deprecate the libopkg API defined in 'libopkg/opkg.c'. The configure script
  argument `--enable-libopkg-api` must be given to build this API.

- Improve testsuite with more tests, `make check` now runs the testsuite and
  exits non-zero if any test fails.

- Improve `autogen.sh` script for developers & maintainers, no longer runs
  configure directly. `./autogen.sh --clean` now removes all generated files
  without requiring configure to have been ran.

- Rename `conf` -> `opkg_config` to prevent global symbol clashes (issue 92).

- Allow pkg-config to be used to find the gpg-error library.

- Use libarchive to extract packages instead of hand-rolled tar, ar and gzip
  handling (adds dependency on libarchive).

- Remove libbb!

- Lots of code refactoring and minor improvements.

--

-- 
Paul Barker

Email: paul@...
http://www.paulbarker.me.uk

Jeffrey Sheen | 21 Dec 01:45 2014

openvpn-openssl package: found bug in OpenWrt BB ar71xx distribution

Hi all,

I am struggling to find the maintainer of the `openvpn-openssl' package for OpenWrt BB (ar71xx).

There is a bug in the `/etc/init.d/openvpn' script:


I have tried using the `opkg info openvpn-openssl' command, but the `Maintainer' parameter is not listed.

Do you know how I could track down the maintainer, so that the bug can be fixed?

Merry Christmas!

Cheers,

Jeff.

--
You received this message because you are subscribed to the Google Groups "opkg-devel" group.
To unsubscribe from this group and stop receiving emails from it, send an email to opkg-devel+unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org.
For more options, visit https://groups.google.com/d/optout.
opkg | 14 Dec 22:44 2014

Issue 155 in opkg: 'Conflicts' depends on installation order

Status: New
Owner: ----
Labels: Type-Defect Priority-Medium

New issue 155 by gabrb...@...: 'Conflicts' depends on
installation  
order
https://code.google.com/p/opkg/issues/detail?id=155

What steps will reproduce the problem?
1. Create package a.ipk with "Conflicts: b"
2. Create package b.ipk with no "Conflicts"
3. Using opkg 0.2.2 (Yocto/dizzy), install both:

    # opkg-cl install a.ipk
    # opkg-cl install b.ipk

What is the expected output? What do you see instead?

EXPECTED RESULTS:

    # opkg-cl install a.ipk
    Installing a (1.0-r0) on root.
    # opkg-cl install b.ipk
    Installing b (1.0-r0) on root.
    Collected errors:
     * check_conflicts_for: The following packages conflict with b:
     * check_conflicts_for: 	a *
     * opkg_install_cmd: Cannot install package b.

ACTUAL RESULTS:

    # opkg-cl install a.ipk
    Installing a (1.0-r0) on root.
    # opkg-cl install b.ipk
    Installing b (1.0-r0) on root.

What version of the product are you using? On what operating system?

opkg 0.2.2
Yocto 1.7 (dizzy), opkg 1:0.2.2-r0

Please provide any additional information below.

If you reverse the package install order, it works as expected.

--

-- 
You received this message because this project is configured to send all  
issue notifications to this address.
You may adjust your notification preferences at:
https://code.google.com/hosting/settings


Gmane