| Submitter | Kumar Gala |
|---|---|
| Date | July 28, 2011, 1:10 p.m. |
| Message ID | <1311858624-3686-1-git-send-email-galak@kernel.crashing.org> |
| Download | mbox | patch |
| Permalink | /patch/8803/ |
| State | New, archived |
| Headers | show |
Comments
On 07/28/2011 06:10 AM, Kumar Gala wrote: > If a SOCKS5 gateway is needed for a proxy access like git it might also > require authentication to the proxy via a password and username. Adding > SOCKS5_USER & SOCKS5_PASSWD to BB_ENV_EXTRAWHITE allow for automation > of the authentication request to occur when something like a git fetch > is going through the proxy. > > Signed-off-by: Kumar Gala <galak@kernel.crashing.org> We also need to make sure these variables do NOT make it into the sstate signature, which I think means one more change somewhere else (but I don't recall where off-hand).
On Jul 28, 2011, at 10:09 AM, Tom Rini wrote: > On 07/28/2011 06:10 AM, Kumar Gala wrote: >> If a SOCKS5 gateway is needed for a proxy access like git it might also >> require authentication to the proxy via a password and username. Adding >> SOCKS5_USER & SOCKS5_PASSWD to BB_ENV_EXTRAWHITE allow for automation >> of the authentication request to occur when something like a git fetch >> is going through the proxy. >> >> Signed-off-by: Kumar Gala <galak@kernel.crashing.org> > > We also need to make sure these variables do NOT make it into the sstate > signature, which I think means one more change somewhere else (but I > don't recall where off-hand). Yeah, I didn't find anything obvious while grepping. - k
On Thursday 28 July 2011 16:40:34 Kumar Gala wrote: > On Jul 28, 2011, at 10:09 AM, Tom Rini wrote: > > On 07/28/2011 06:10 AM, Kumar Gala wrote: > >> If a SOCKS5 gateway is needed for a proxy access like git it might also > >> require authentication to the proxy via a password and username. Adding > >> SOCKS5_USER & SOCKS5_PASSWD to BB_ENV_EXTRAWHITE allow for automation > >> of the authentication request to occur when something like a git fetch > >> is going through the proxy. > >> > >> Signed-off-by: Kumar Gala <galak@kernel.crashing.org> > > > > We also need to make sure these variables do NOT make it into the sstate > > signature, which I think means one more change somewhere else (but I > > don't recall where off-hand). > > Yeah, I didn't find anything obvious while grepping. I think what you're looking for is BB_HASHBASE_WHITELIST; however IIRC it's only really necessary if another variable refers to SOCKS5_*, or it is used in some bit of python/shell script; otherwise it shouldn't appear in the variable dependencies and thus won't make it's way into the sstate signature. Cheers, Paul
On Jul 28, 2011, at 8:10 AM, Kumar Gala wrote: > If a SOCKS5 gateway is needed for a proxy access like git it might also > require authentication to the proxy via a password and username. Adding > SOCKS5_USER & SOCKS5_PASSWD to BB_ENV_EXTRAWHITE allow for automation > of the authentication request to occur when something like a git fetch > is going through the proxy. > > Signed-off-by: Kumar Gala <galak@kernel.crashing.org> > --- > * Fixes issue with a git fetch request failing to get pass a firewall > > scripts/oe-buildenv-internal | 2 +- > 1 files changed, 1 insertions(+), 1 deletions(-) > > diff --git a/scripts/oe-buildenv-internal b/scripts/oe-buildenv-internal > index c13fc40..b223292 100755 > --- a/scripts/oe-buildenv-internal > +++ b/scripts/oe-buildenv-internal > @@ -55,4 +55,4 @@ unset BITBAKEDIR > export BUILDDIR > export PATH > > -export BB_ENV_EXTRAWHITE="MACHINE DISTRO TCMODE TCLIBC http_proxy ftp_proxy https_proxy all_proxy ALL_PROXY no_proxy SSH_AGENT_PID SSH_AUTH_SOCK BB_SRCREV_POLICY SDKMACHINE BB_NUMBER_THREADS PARALLEL_MAKE GIT_PROXY_COMMAND" > +export BB_ENV_EXTRAWHITE="MACHINE DISTRO TCMODE TCLIBC http_proxy ftp_proxy https_proxy all_proxy ALL_PROXY no_proxy SSH_AGENT_PID SSH_AUTH_SOCK BB_SRCREV_POLICY SDKMACHINE BB_NUMBER_THREADS PARALLEL_MAKE GIT_PROXY_COMMAND SOCKS5_PASSWD SOCSK5_USER" > -- > 1.7.3.4 Ping on this patch - k
On 08/03/2011 10:00 AM, Kumar Gala wrote: > > On Jul 28, 2011, at 8:10 AM, Kumar Gala wrote: > >> If a SOCKS5 gateway is needed for a proxy access like git it might also >> require authentication to the proxy via a password and username. Adding >> SOCKS5_USER& SOCKS5_PASSWD to BB_ENV_EXTRAWHITE allow for automation >> of the authentication request to occur when something like a git fetch >> is going through the proxy. >> >> Signed-off-by: Kumar Gala<galak@kernel.crashing.org> >> --- >> * Fixes issue with a git fetch request failing to get pass a firewall >> >> scripts/oe-buildenv-internal | 2 +- >> 1 files changed, 1 insertions(+), 1 deletions(-) >> >> diff --git a/scripts/oe-buildenv-internal b/scripts/oe-buildenv-internal >> index c13fc40..b223292 100755 >> --- a/scripts/oe-buildenv-internal >> +++ b/scripts/oe-buildenv-internal >> @@ -55,4 +55,4 @@ unset BITBAKEDIR >> export BUILDDIR >> export PATH >> >> -export BB_ENV_EXTRAWHITE="MACHINE DISTRO TCMODE TCLIBC http_proxy ftp_proxy https_proxy all_proxy ALL_PROXY no_proxy SSH_AGENT_PID SSH_AUTH_SOCK BB_SRCREV_POLICY SDKMACHINE BB_NUMBER_THREADS PARALLEL_MAKE GIT_PROXY_COMMAND" >> +export BB_ENV_EXTRAWHITE="MACHINE DISTRO TCMODE TCLIBC http_proxy ftp_proxy https_proxy all_proxy ALL_PROXY no_proxy SSH_AGENT_PID SSH_AUTH_SOCK BB_SRCREV_POLICY SDKMACHINE BB_NUMBER_THREADS PARALLEL_MAKE GIT_PROXY_COMMAND SOCKS5_PASSWD SOCSK5_USER" >> -- >> 1.7.3.4 > > Ping on this patch > Kumar, I think you were asked to modify this patch so that the additinal SOCKS5_* do not get into sstate, Paul Eggleton provided the BB_HASHSPACE_WHITELIST info. Please update this patch Thanks Sau! > - k > _______________________________________________ > Openembedded-core mailing list > Openembedded-core@lists.openembedded.org > http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-core >
On Aug 3, 2011, at 12:30 PM, Saul Wold wrote: > On 08/03/2011 10:00 AM, Kumar Gala wrote: >> >> On Jul 28, 2011, at 8:10 AM, Kumar Gala wrote: >> >>> If a SOCKS5 gateway is needed for a proxy access like git it might also >>> require authentication to the proxy via a password and username. Adding >>> SOCKS5_USER& SOCKS5_PASSWD to BB_ENV_EXTRAWHITE allow for automation >>> of the authentication request to occur when something like a git fetch >>> is going through the proxy. >>> >>> Signed-off-by: Kumar Gala<galak@kernel.crashing.org> >>> --- >>> * Fixes issue with a git fetch request failing to get pass a firewall >>> >>> scripts/oe-buildenv-internal | 2 +- >>> 1 files changed, 1 insertions(+), 1 deletions(-) >>> >>> diff --git a/scripts/oe-buildenv-internal b/scripts/oe-buildenv-internal >>> index c13fc40..b223292 100755 >>> --- a/scripts/oe-buildenv-internal >>> +++ b/scripts/oe-buildenv-internal >>> @@ -55,4 +55,4 @@ unset BITBAKEDIR >>> export BUILDDIR >>> export PATH >>> >>> -export BB_ENV_EXTRAWHITE="MACHINE DISTRO TCMODE TCLIBC http_proxy ftp_proxy https_proxy all_proxy ALL_PROXY no_proxy SSH_AGENT_PID SSH_AUTH_SOCK BB_SRCREV_POLICY SDKMACHINE BB_NUMBER_THREADS PARALLEL_MAKE GIT_PROXY_COMMAND" >>> +export BB_ENV_EXTRAWHITE="MACHINE DISTRO TCMODE TCLIBC http_proxy ftp_proxy https_proxy all_proxy ALL_PROXY no_proxy SSH_AGENT_PID SSH_AUTH_SOCK BB_SRCREV_POLICY SDKMACHINE BB_NUMBER_THREADS PARALLEL_MAKE GIT_PROXY_COMMAND SOCKS5_PASSWD SOCSK5_USER" >>> -- >>> 1.7.3.4 >> >> Ping on this patch >> > Kumar, > > I think you were asked to modify this patch so that the additinal SOCKS5_* do not get into sstate, Paul Eggleton provided the BB_HASHSPACE_WHITELIST info. > > Please update this patch > > Thanks > Sau! From the thread it sounded as if that was NOT needed. As nothing refers to SOCKS5_* we didn't need to add it. Much like how it doesn't have SSH_AGENT_PID or SSH_AUTH_SOCK in it. - k
On Wed, 2011-08-03 at 14:41 -0500, Kumar Gala wrote: > On Aug 3, 2011, at 12:30 PM, Saul Wold wrote: > > > On 08/03/2011 10:00 AM, Kumar Gala wrote: > >> > >> On Jul 28, 2011, at 8:10 AM, Kumar Gala wrote: > >> > >>> If a SOCKS5 gateway is needed for a proxy access like git it might also > >>> require authentication to the proxy via a password and username. Adding > >>> SOCKS5_USER& SOCKS5_PASSWD to BB_ENV_EXTRAWHITE allow for automation > >>> of the authentication request to occur when something like a git fetch > >>> is going through the proxy. > >>> > >>> Signed-off-by: Kumar Gala<galak@kernel.crashing.org> > >>> --- > >>> * Fixes issue with a git fetch request failing to get pass a firewall > >>> > >>> scripts/oe-buildenv-internal | 2 +- > >>> 1 files changed, 1 insertions(+), 1 deletions(-) > >>> > >>> diff --git a/scripts/oe-buildenv-internal b/scripts/oe-buildenv-internal > >>> index c13fc40..b223292 100755 > >>> --- a/scripts/oe-buildenv-internal > >>> +++ b/scripts/oe-buildenv-internal > >>> @@ -55,4 +55,4 @@ unset BITBAKEDIR > >>> export BUILDDIR > >>> export PATH > >>> > >>> -export BB_ENV_EXTRAWHITE="MACHINE DISTRO TCMODE TCLIBC http_proxy ftp_proxy https_proxy all_proxy ALL_PROXY no_proxy SSH_AGENT_PID SSH_AUTH_SOCK BB_SRCREV_POLICY SDKMACHINE BB_NUMBER_THREADS PARALLEL_MAKE GIT_PROXY_COMMAND" > >>> +export BB_ENV_EXTRAWHITE="MACHINE DISTRO TCMODE TCLIBC http_proxy ftp_proxy https_proxy all_proxy ALL_PROXY no_proxy SSH_AGENT_PID SSH_AUTH_SOCK BB_SRCREV_POLICY SDKMACHINE BB_NUMBER_THREADS PARALLEL_MAKE GIT_PROXY_COMMAND SOCKS5_PASSWD SOCSK5_USER" > >>> -- > >>> 1.7.3.4 > >> > >> Ping on this patch > >> > > Kumar, > > > > I think you were asked to modify this patch so that the additinal > SOCKS5_* do not get into sstate, Paul Eggleton provided the > BB_HASHSPACE_WHITELIST info. > > > > Please update this patch > > > > Thanks > > Sau! > > From the thread it sounded as if that was NOT needed. As nothing > refers to SOCKS5_* we didn't need to add it. Much like how it doesn't > have SSH_AGENT_PID or SSH_AUTH_SOCK in it. It would be good is someone could confirm it but its in the environment so it likely is needed. Cheers, Richard
On Aug 3, 2011, at 5:34 PM, Richard Purdie wrote: > On Wed, 2011-08-03 at 14:41 -0500, Kumar Gala wrote: >> On Aug 3, 2011, at 12:30 PM, Saul Wold wrote: >> >>> On 08/03/2011 10:00 AM, Kumar Gala wrote: >>>> >>>> On Jul 28, 2011, at 8:10 AM, Kumar Gala wrote: >>>> >>>>> If a SOCKS5 gateway is needed for a proxy access like git it might also >>>>> require authentication to the proxy via a password and username. Adding >>>>> SOCKS5_USER& SOCKS5_PASSWD to BB_ENV_EXTRAWHITE allow for automation >>>>> of the authentication request to occur when something like a git fetch >>>>> is going through the proxy. >>>>> >>>>> Signed-off-by: Kumar Gala<galak@kernel.crashing.org> >>>>> --- >>>>> * Fixes issue with a git fetch request failing to get pass a firewall >>>>> >>>>> scripts/oe-buildenv-internal | 2 +- >>>>> 1 files changed, 1 insertions(+), 1 deletions(-) >>>>> >>>>> diff --git a/scripts/oe-buildenv-internal b/scripts/oe-buildenv-internal >>>>> index c13fc40..b223292 100755 >>>>> --- a/scripts/oe-buildenv-internal >>>>> +++ b/scripts/oe-buildenv-internal >>>>> @@ -55,4 +55,4 @@ unset BITBAKEDIR >>>>> export BUILDDIR >>>>> export PATH >>>>> >>>>> -export BB_ENV_EXTRAWHITE="MACHINE DISTRO TCMODE TCLIBC http_proxy ftp_proxy https_proxy all_proxy ALL_PROXY no_proxy SSH_AGENT_PID SSH_AUTH_SOCK BB_SRCREV_POLICY SDKMACHINE BB_NUMBER_THREADS PARALLEL_MAKE GIT_PROXY_COMMAND" >>>>> +export BB_ENV_EXTRAWHITE="MACHINE DISTRO TCMODE TCLIBC http_proxy ftp_proxy https_proxy all_proxy ALL_PROXY no_proxy SSH_AGENT_PID SSH_AUTH_SOCK BB_SRCREV_POLICY SDKMACHINE BB_NUMBER_THREADS PARALLEL_MAKE GIT_PROXY_COMMAND SOCKS5_PASSWD SOCSK5_USER" >>>>> -- >>>>> 1.7.3.4 >>>> >>>> Ping on this patch >>>> >>> Kumar, >>> >>> I think you were asked to modify this patch so that the additinal >> SOCKS5_* do not get into sstate, Paul Eggleton provided the >> BB_HASHSPACE_WHITELIST info. >>> >>> Please update this patch >>> >>> Thanks >>> Sau! >> >> From the thread it sounded as if that was NOT needed. As nothing >> refers to SOCKS5_* we didn't need to add it. Much like how it doesn't >> have SSH_AGENT_PID or SSH_AUTH_SOCK in it. > > It would be good is someone could confirm it but its in the environment > so it likely is needed. Not sure I follow. Confirm what? - k
On 08/03/2011 07:56 PM, Kumar Gala wrote: > > On Aug 3, 2011, at 5:34 PM, Richard Purdie wrote: > >> On Wed, 2011-08-03 at 14:41 -0500, Kumar Gala wrote: >>> On Aug 3, 2011, at 12:30 PM, Saul Wold wrote: >>> >>>> On 08/03/2011 10:00 AM, Kumar Gala wrote: >>>>> >>>>> On Jul 28, 2011, at 8:10 AM, Kumar Gala wrote: >>>>> >>>>>> If a SOCKS5 gateway is needed for a proxy access like git it might also >>>>>> require authentication to the proxy via a password and username. Adding >>>>>> SOCKS5_USER& SOCKS5_PASSWD to BB_ENV_EXTRAWHITE allow for automation >>>>>> of the authentication request to occur when something like a git fetch >>>>>> is going through the proxy. >>>>>> >>>>>> Signed-off-by: Kumar Gala<galak@kernel.crashing.org> >>>>>> --- >>>>>> * Fixes issue with a git fetch request failing to get pass a firewall >>>>>> >>>>>> scripts/oe-buildenv-internal | 2 +- >>>>>> 1 files changed, 1 insertions(+), 1 deletions(-) >>>>>> >>>>>> diff --git a/scripts/oe-buildenv-internal b/scripts/oe-buildenv-internal >>>>>> index c13fc40..b223292 100755 >>>>>> --- a/scripts/oe-buildenv-internal >>>>>> +++ b/scripts/oe-buildenv-internal >>>>>> @@ -55,4 +55,4 @@ unset BITBAKEDIR >>>>>> export BUILDDIR >>>>>> export PATH >>>>>> >>>>>> -export BB_ENV_EXTRAWHITE="MACHINE DISTRO TCMODE TCLIBC http_proxy ftp_proxy https_proxy all_proxy ALL_PROXY no_proxy SSH_AGENT_PID SSH_AUTH_SOCK BB_SRCREV_POLICY SDKMACHINE BB_NUMBER_THREADS PARALLEL_MAKE GIT_PROXY_COMMAND" >>>>>> +export BB_ENV_EXTRAWHITE="MACHINE DISTRO TCMODE TCLIBC http_proxy ftp_proxy https_proxy all_proxy ALL_PROXY no_proxy SSH_AGENT_PID SSH_AUTH_SOCK BB_SRCREV_POLICY SDKMACHINE BB_NUMBER_THREADS PARALLEL_MAKE GIT_PROXY_COMMAND SOCKS5_PASSWD SOCSK5_USER" >>>>>> -- >>>>>> 1.7.3.4 >>>>> >>>>> Ping on this patch >>>>> >>>> Kumar, >>>> >>>> I think you were asked to modify this patch so that the additinal >>> SOCKS5_* do not get into sstate, Paul Eggleton provided the >>> BB_HASHSPACE_WHITELIST info. >>>> >>>> Please update this patch >>>> >>>> Thanks >>>> Sau! >>> >>> From the thread it sounded as if that was NOT needed. As nothing >>> refers to SOCKS5_* we didn't need to add it. Much like how it doesn't >>> have SSH_AGENT_PID or SSH_AUTH_SOCK in it. >> >> It would be good is someone could confirm it but its in the environment >> so it likely is needed. > > Not sure I follow. Confirm what? > Kumar, I think Richard wants you to confirm that the SSH_* and SOCKS5_* information is not stored in the shared state hash. Sau! > - k > _______________________________________________ > Openembedded-core mailing list > Openembedded-core@lists.openembedded.org > http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-core >
On Aug 3, 2011, at 10:54 PM, Saul Wold wrote: > On 08/03/2011 07:56 PM, Kumar Gala wrote: >> >> On Aug 3, 2011, at 5:34 PM, Richard Purdie wrote: >> >>> On Wed, 2011-08-03 at 14:41 -0500, Kumar Gala wrote: >>>> On Aug 3, 2011, at 12:30 PM, Saul Wold wrote: >>>> >>>>> On 08/03/2011 10:00 AM, Kumar Gala wrote: >>>>>> >>>>>> On Jul 28, 2011, at 8:10 AM, Kumar Gala wrote: >>>>>> >>>>>>> If a SOCKS5 gateway is needed for a proxy access like git it might also >>>>>>> require authentication to the proxy via a password and username. Adding >>>>>>> SOCKS5_USER& SOCKS5_PASSWD to BB_ENV_EXTRAWHITE allow for automation >>>>>>> of the authentication request to occur when something like a git fetch >>>>>>> is going through the proxy. >>>>>>> >>>>>>> Signed-off-by: Kumar Gala<galak@kernel.crashing.org> >>>>>>> --- >>>>>>> * Fixes issue with a git fetch request failing to get pass a firewall >>>>>>> >>>>>>> scripts/oe-buildenv-internal | 2 +- >>>>>>> 1 files changed, 1 insertions(+), 1 deletions(-) >>>>>>> >>>>>>> diff --git a/scripts/oe-buildenv-internal b/scripts/oe-buildenv-internal >>>>>>> index c13fc40..b223292 100755 >>>>>>> --- a/scripts/oe-buildenv-internal >>>>>>> +++ b/scripts/oe-buildenv-internal >>>>>>> @@ -55,4 +55,4 @@ unset BITBAKEDIR >>>>>>> export BUILDDIR >>>>>>> export PATH >>>>>>> >>>>>>> -export BB_ENV_EXTRAWHITE="MACHINE DISTRO TCMODE TCLIBC http_proxy ftp_proxy https_proxy all_proxy ALL_PROXY no_proxy SSH_AGENT_PID SSH_AUTH_SOCK BB_SRCREV_POLICY SDKMACHINE BB_NUMBER_THREADS PARALLEL_MAKE GIT_PROXY_COMMAND" >>>>>>> +export BB_ENV_EXTRAWHITE="MACHINE DISTRO TCMODE TCLIBC http_proxy ftp_proxy https_proxy all_proxy ALL_PROXY no_proxy SSH_AGENT_PID SSH_AUTH_SOCK BB_SRCREV_POLICY SDKMACHINE BB_NUMBER_THREADS PARALLEL_MAKE GIT_PROXY_COMMAND SOCKS5_PASSWD SOCSK5_USER" >>>>>>> -- >>>>>>> 1.7.3.4 >>>>>> >>>>>> Ping on this patch >>>>>> >>>>> Kumar, >>>>> >>>>> I think you were asked to modify this patch so that the additinal >>>> SOCKS5_* do not get into sstate, Paul Eggleton provided the >>>> BB_HASHSPACE_WHITELIST info. >>>>> >>>>> Please update this patch >>>>> >>>>> Thanks >>>>> Sau! >>>> >>>> From the thread it sounded as if that was NOT needed. As nothing >>>> refers to SOCKS5_* we didn't need to add it. Much like how it doesn't >>>> have SSH_AGENT_PID or SSH_AUTH_SOCK in it. >>> >>> It would be good is someone could confirm it but its in the environment >>> so it likely is needed. >> >> Not sure I follow. Confirm what? >> > Kumar, > > I think Richard wants you to confirm that the SSH_* and SOCKS5_* information is not stored in the shared state hash. How? - k
>>>>>>> On Jul 28, 2011, at 8:10 AM, Kumar Gala wrote: >>>>>>> >>>>>>>> If a SOCKS5 gateway is needed for a proxy access like git it might also >>>>>>>> require authentication to the proxy via a password and username. Adding >>>>>>>> SOCKS5_USER& SOCKS5_PASSWD to BB_ENV_EXTRAWHITE allow for automation >>>>>>>> of the authentication request to occur when something like a git fetch >>>>>>>> is going through the proxy. >>>>>>>> >>>>>>>> Signed-off-by: Kumar Gala<galak@kernel.crashing.org> >>>>>>>> --- >>>>>>>> * Fixes issue with a git fetch request failing to get pass a firewall >>>>>>>> >>>>>>>> scripts/oe-buildenv-internal | 2 +- >>>>>>>> 1 files changed, 1 insertions(+), 1 deletions(-) >>>>>>>> >>>>>>>> diff --git a/scripts/oe-buildenv-internal b/scripts/oe-buildenv-internal >>>>>>>> index c13fc40..b223292 100755 >>>>>>>> --- a/scripts/oe-buildenv-internal >>>>>>>> +++ b/scripts/oe-buildenv-internal >>>>>>>> @@ -55,4 +55,4 @@ unset BITBAKEDIR >>>>>>>> export BUILDDIR >>>>>>>> export PATH >>>>>>>> >>>>>>>> -export BB_ENV_EXTRAWHITE="MACHINE DISTRO TCMODE TCLIBC http_proxy ftp_proxy https_proxy all_proxy ALL_PROXY no_proxy SSH_AGENT_PID SSH_AUTH_SOCK BB_SRCREV_POLICY SDKMACHINE BB_NUMBER_THREADS PARALLEL_MAKE GIT_PROXY_COMMAND" >>>>>>>> +export BB_ENV_EXTRAWHITE="MACHINE DISTRO TCMODE TCLIBC http_proxy ftp_proxy https_proxy all_proxy ALL_PROXY no_proxy SSH_AGENT_PID SSH_AUTH_SOCK BB_SRCREV_POLICY SDKMACHINE BB_NUMBER_THREADS PARALLEL_MAKE GIT_PROXY_COMMAND SOCKS5_PASSWD SOCSK5_USER" >>>>>>>> -- >>>>>>>> 1.7.3.4 >>>>>>> >>>>>>> Ping on this patch >>>>>>> >>>>>> Kumar, >>>>>> >>>>>> I think you were asked to modify this patch so that the additinal >>>>> SOCKS5_* do not get into sstate, Paul Eggleton provided the >>>>> BB_HASHSPACE_WHITELIST info. >>>>>> >>>>>> Please update this patch >>>>>> >>>>>> Thanks >>>>>> Sau! >>>>> >>>>> From the thread it sounded as if that was NOT needed. As nothing >>>>> refers to SOCKS5_* we didn't need to add it. Much like how it doesn't >>>>> have SSH_AGENT_PID or SSH_AUTH_SOCK in it. >>>> >>>> It would be good is someone could confirm it but its in the environment >>>> so it likely is needed. >>> >>> Not sure I follow. Confirm what? >>> >> Kumar, >> >> I think Richard wants you to confirm that the SSH_* and SOCKS5_* information is not stored in the shared state hash. > > How? Still looking for directions on how to verify this. - k
On Aug 5, 2011, at 11:52 AM, Kumar Gala wrote: >>>>>>>> On Jul 28, 2011, at 8:10 AM, Kumar Gala wrote: >>>>>>>> >>>>>>>>> If a SOCKS5 gateway is needed for a proxy access like git it might also >>>>>>>>> require authentication to the proxy via a password and username. Adding >>>>>>>>> SOCKS5_USER& SOCKS5_PASSWD to BB_ENV_EXTRAWHITE allow for automation >>>>>>>>> of the authentication request to occur when something like a git fetch >>>>>>>>> is going through the proxy. >>>>>>>>> >>>>>>>>> Signed-off-by: Kumar Gala<galak@kernel.crashing.org> >>>>>>>>> --- >>>>>>>>> * Fixes issue with a git fetch request failing to get pass a firewall >>>>>>>>> >>>>>>>>> scripts/oe-buildenv-internal | 2 +- >>>>>>>>> 1 files changed, 1 insertions(+), 1 deletions(-) >>>>>>>>> >>>>>>>>> diff --git a/scripts/oe-buildenv-internal b/scripts/oe-buildenv-internal >>>>>>>>> index c13fc40..b223292 100755 >>>>>>>>> --- a/scripts/oe-buildenv-internal >>>>>>>>> +++ b/scripts/oe-buildenv-internal >>>>>>>>> @@ -55,4 +55,4 @@ unset BITBAKEDIR >>>>>>>>> export BUILDDIR >>>>>>>>> export PATH >>>>>>>>> >>>>>>>>> -export BB_ENV_EXTRAWHITE="MACHINE DISTRO TCMODE TCLIBC http_proxy ftp_proxy https_proxy all_proxy ALL_PROXY no_proxy SSH_AGENT_PID SSH_AUTH_SOCK BB_SRCREV_POLICY SDKMACHINE BB_NUMBER_THREADS PARALLEL_MAKE GIT_PROXY_COMMAND" >>>>>>>>> +export BB_ENV_EXTRAWHITE="MACHINE DISTRO TCMODE TCLIBC http_proxy ftp_proxy https_proxy all_proxy ALL_PROXY no_proxy SSH_AGENT_PID SSH_AUTH_SOCK BB_SRCREV_POLICY SDKMACHINE BB_NUMBER_THREADS PARALLEL_MAKE GIT_PROXY_COMMAND SOCKS5_PASSWD SOCSK5_USER" >>>>>>>>> -- >>>>>>>>> 1.7.3.4 >>>>>>>> >>>>>>>> Ping on this patch >>>>>>>> >>>>>>> Kumar, >>>>>>> >>>>>>> I think you were asked to modify this patch so that the additinal >>>>>> SOCKS5_* do not get into sstate, Paul Eggleton provided the >>>>>> BB_HASHSPACE_WHITELIST info. >>>>>>> >>>>>>> Please update this patch >>>>>>> >>>>>>> Thanks >>>>>>> Sau! >>>>>> >>>>>> From the thread it sounded as if that was NOT needed. As nothing >>>>>> refers to SOCKS5_* we didn't need to add it. Much like how it doesn't >>>>>> have SSH_AGENT_PID or SSH_AUTH_SOCK in it. >>>>> >>>>> It would be good is someone could confirm it but its in the environment >>>>> so it likely is needed. >>>> >>>> Not sure I follow. Confirm what? >>>> >>> Kumar, >>> >>> I think Richard wants you to confirm that the SSH_* and SOCKS5_* information is not stored in the shared state hash. >> >> How? > > Still looking for directions on how to verify this. ping - k
On Jul 28, 2011, at 8:10 AM, Kumar Gala wrote: > If a SOCKS5 gateway is needed for a proxy access like git it might also > require authentication to the proxy via a password and username. Adding > SOCKS5_USER & SOCKS5_PASSWD to BB_ENV_EXTRAWHITE allow for automation > of the authentication request to occur when something like a git fetch > is going through the proxy. > > Signed-off-by: Kumar Gala <galak@kernel.crashing.org> > --- > * Fixes issue with a git fetch request failing to get pass a firewall > > scripts/oe-buildenv-internal | 2 +- > 1 files changed, 1 insertions(+), 1 deletions(-) > > diff --git a/scripts/oe-buildenv-internal b/scripts/oe-buildenv-internal > index c13fc40..b223292 100755 > --- a/scripts/oe-buildenv-internal > +++ b/scripts/oe-buildenv-internal > @@ -55,4 +55,4 @@ unset BITBAKEDIR > export BUILDDIR > export PATH > > -export BB_ENV_EXTRAWHITE="MACHINE DISTRO TCMODE TCLIBC http_proxy ftp_proxy https_proxy all_proxy ALL_PROXY no_proxy SSH_AGENT_PID SSH_AUTH_SOCK BB_SRCREV_POLICY SDKMACHINE BB_NUMBER_THREADS PARALLEL_MAKE GIT_PROXY_COMMAND" > +export BB_ENV_EXTRAWHITE="MACHINE DISTRO TCMODE TCLIBC http_proxy ftp_proxy https_proxy all_proxy ALL_PROXY no_proxy SSH_AGENT_PID SSH_AUTH_SOCK BB_SRCREV_POLICY SDKMACHINE BB_NUMBER_THREADS PARALLEL_MAKE GIT_PROXY_COMMAND SOCKS5_PASSWD SOCSK5_USER" > -- > 1.7.3.4 Richard, I'm able reproduce this, with out my patch I get prompted for a socks password, w/it having SOCKS5_PASSWD set in my environment the git clone is able to succeed. So from our discussion a while back on IRC: Aug 11 10:54:20 <RP__> galak: Well, it will but it will only place it in the internal data store Aug 11 10:54:42 <RP__> galak: there isn't anything to say "also export this from the data store into the environment that bitbake uses" From the way I read bitbake/lib/bb/utils.py: def approved_variables(): """ Determine and return the list of whitelisted variables which are approved to remain in the environment. """ ... [ this will add SOCKS5_PASSWD to the 'approved' list ] and def filter_environment(good_vars): [ will not skip unsetting it from the environment since its in the 'approved' list ] That seems to explain how this ends up working. So question is what else needs to be done to get this accepted ? - k
On Aug 31, 2011, at 12:06 AM, Kumar Gala wrote: > > On Jul 28, 2011, at 8:10 AM, Kumar Gala wrote: > >> If a SOCKS5 gateway is needed for a proxy access like git it might also >> require authentication to the proxy via a password and username. Adding >> SOCKS5_USER & SOCKS5_PASSWD to BB_ENV_EXTRAWHITE allow for automation >> of the authentication request to occur when something like a git fetch >> is going through the proxy. >> >> Signed-off-by: Kumar Gala <galak@kernel.crashing.org> >> --- >> * Fixes issue with a git fetch request failing to get pass a firewall >> >> scripts/oe-buildenv-internal | 2 +- >> 1 files changed, 1 insertions(+), 1 deletions(-) >> >> diff --git a/scripts/oe-buildenv-internal b/scripts/oe-buildenv-internal >> index c13fc40..b223292 100755 >> --- a/scripts/oe-buildenv-internal >> +++ b/scripts/oe-buildenv-internal >> @@ -55,4 +55,4 @@ unset BITBAKEDIR >> export BUILDDIR >> export PATH >> >> -export BB_ENV_EXTRAWHITE="MACHINE DISTRO TCMODE TCLIBC http_proxy ftp_proxy https_proxy all_proxy ALL_PROXY no_proxy SSH_AGENT_PID SSH_AUTH_SOCK BB_SRCREV_POLICY SDKMACHINE BB_NUMBER_THREADS PARALLEL_MAKE GIT_PROXY_COMMAND" >> +export BB_ENV_EXTRAWHITE="MACHINE DISTRO TCMODE TCLIBC http_proxy ftp_proxy https_proxy all_proxy ALL_PROXY no_proxy SSH_AGENT_PID SSH_AUTH_SOCK BB_SRCREV_POLICY SDKMACHINE BB_NUMBER_THREADS PARALLEL_MAKE GIT_PROXY_COMMAND SOCKS5_PASSWD SOCSK5_USER" >> -- >> 1.7.3.4 > > Richard, > > I'm able reproduce this, with out my patch I get prompted for a socks password, w/it having SOCKS5_PASSWD set in my environment the git clone is able to succeed. > > So from our discussion a while back on IRC: > > Aug 11 10:54:20 <RP__> galak: Well, it will but it will only place it in the internal data store > Aug 11 10:54:42 <RP__> galak: there isn't anything to say "also export this from the data store into the environment that bitbake uses" > >> From the way I read bitbake/lib/bb/utils.py: > > def approved_variables(): > """ > Determine and return the list of whitelisted variables which are approved > to remain in the environment. > """ > ... > > [ this will add SOCKS5_PASSWD to the 'approved' list ] > > and > > def filter_environment(good_vars): > > [ will not skip unsetting it from the environment since its in the 'approved' list ] > > That seems to explain how this ends up working. > > So question is what else needs to be done to get this accepted ? ping - k
On Wed, 2011-08-31 at 00:06 -0500, Kumar Gala wrote: > On Jul 28, 2011, at 8:10 AM, Kumar Gala wrote: > > > If a SOCKS5 gateway is needed for a proxy access like git it might also > > require authentication to the proxy via a password and username. Adding > > SOCKS5_USER & SOCKS5_PASSWD to BB_ENV_EXTRAWHITE allow for automation > > of the authentication request to occur when something like a git fetch > > is going through the proxy. > > > > Signed-off-by: Kumar Gala <galak@kernel.crashing.org> > > --- > > * Fixes issue with a git fetch request failing to get pass a firewall > > > > scripts/oe-buildenv-internal | 2 +- > > 1 files changed, 1 insertions(+), 1 deletions(-) > > > > diff --git a/scripts/oe-buildenv-internal b/scripts/oe-buildenv-internal > > index c13fc40..b223292 100755 > > --- a/scripts/oe-buildenv-internal > > +++ b/scripts/oe-buildenv-internal > > @@ -55,4 +55,4 @@ unset BITBAKEDIR > > export BUILDDIR > > export PATH > > > > -export BB_ENV_EXTRAWHITE="MACHINE DISTRO TCMODE TCLIBC http_proxy ftp_proxy https_proxy all_proxy ALL_PROXY no_proxy SSH_AGENT_PID SSH_AUTH_SOCK BB_SRCREV_POLICY SDKMACHINE BB_NUMBER_THREADS PARALLEL_MAKE GIT_PROXY_COMMAND" > > +export BB_ENV_EXTRAWHITE="MACHINE DISTRO TCMODE TCLIBC http_proxy ftp_proxy https_proxy all_proxy ALL_PROXY no_proxy SSH_AGENT_PID SSH_AUTH_SOCK BB_SRCREV_POLICY SDKMACHINE BB_NUMBER_THREADS PARALLEL_MAKE GIT_PROXY_COMMAND SOCKS5_PASSWD SOCSK5_USER" > > -- > > 1.7.3.4 > > Richard, > > I'm able reproduce this, with out my patch I get prompted for a socks password, w/it having SOCKS5_PASSWD set in my environment the git clone is able to succeed. > > So from our discussion a while back on IRC: > > Aug 11 10:54:20 <RP__> galak: Well, it will but it will only place it in the internal data store > Aug 11 10:54:42 <RP__> galak: there isn't anything to say "also export this from the data store into the environment that bitbake uses" > > From the way I read bitbake/lib/bb/utils.py: > > def approved_variables(): > """ > Determine and return the list of whitelisted variables which are approved > to remain in the environment. > """ > ... > > [ this will add SOCKS5_PASSWD to the 'approved' list ] > > and > > def filter_environment(good_vars): > > [ will not skip unsetting it from the environment since its in the 'approved' list ] > > That seems to explain how this ends up working. > > So question is what else needs to be done to get this accepted ? To put this simply, this patch shouldn't work. The fact that it does worried me and there is a bitbake bug. You can do something like this: BB_ENV_EXTRAWHITE="$BB_ENV_EXTRAWHITE FOO" FOO=1 bitbake quilt-native -c devshell and see FOO=1 in the shell. It should only do that if the metadata also does "export FOO" which it does not. So, no, this patch isn't right and we'll need to actually export the variables once I fix the above bug. Cheers, Richard
Patch
diff --git a/scripts/oe-buildenv-internal b/scripts/oe-buildenv-internal index c13fc40..b223292 100755 --- a/scripts/oe-buildenv-internal +++ b/scripts/oe-buildenv-internal @@ -55,4 +55,4 @@ unset BITBAKEDIR export BUILDDIR export PATH -export BB_ENV_EXTRAWHITE="MACHINE DISTRO TCMODE TCLIBC http_proxy ftp_proxy https_proxy all_proxy ALL_PROXY no_proxy SSH_AGENT_PID SSH_AUTH_SOCK BB_SRCREV_POLICY SDKMACHINE BB_NUMBER_THREADS PARALLEL_MAKE GIT_PROXY_COMMAND" +export BB_ENV_EXTRAWHITE="MACHINE DISTRO TCMODE TCLIBC http_proxy ftp_proxy https_proxy all_proxy ALL_PROXY no_proxy SSH_AGENT_PID SSH_AUTH_SOCK BB_SRCREV_POLICY SDKMACHINE BB_NUMBER_THREADS PARALLEL_MAKE GIT_PROXY_COMMAND SOCKS5_PASSWD SOCSK5_USER"
If a SOCKS5 gateway is needed for a proxy access like git it might also require authentication to the proxy via a password and username. Adding SOCKS5_USER & SOCKS5_PASSWD to BB_ENV_EXTRAWHITE allow for automation of the authentication request to occur when something like a git fetch is going through the proxy. Signed-off-by: Kumar Gala <galak@kernel.crashing.org> --- * Fixes issue with a git fetch request failing to get pass a firewall scripts/oe-buildenv-internal | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-)