cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Scholar
Scholar
3,789 Views
Registered: ‎06-10-2008

Where does dropbear come from in petalinux 2017.2?

Jump to solution

Hello all,

 

What is wrong with petalinux-config for rootfs? I can clearly see that dropbear is not selected but it is installed on my target nonetheless. Where is this coming from? It makes me wonder what else is broken.

 

Maarten

0 Kudos
1 Solution

Accepted Solutions
Highlighted
Moderator
Moderator
4,858 Views
Registered: ‎10-06-2016

Re: Where does dropbear come from in petalinux 2017.2?

Jump to solution

Hi @vanmierlo

 

I don't take your comments as personal so not worries about that :) It's clear that the petalinux-config -c rootfs is still bit confusing since the tool has been ported to Yocto, but I definitivelly this is not a obsolete feature at all. I do agree that some of the tools, specially those that are used in baseline recipes has a confusing behaviour, so definitivelly we need to figure out a better way to work with them, so I will provide the internal feedback regarding those points.

 

Regarding the network settings and the usage of static IP, there is a post where this issue where pointed and solved using a user recipe, please take a look to check if it is usefull for you ;)

 

Regards


Ibai
Don’t forget to reply, kudo, and accept as solution.

View solution in original post

17 Replies
Highlighted
Scholar
Scholar
3,782 Views
Registered: ‎06-10-2008

Re: Where does dropbear come from in petalinux 2017.2?

Jump to solution

And similar: where did bash come from? It is disabled in the rootfs configuration as well. Should we no longer use petalinux-config -c rootfs? Is it deprecated? The documentation (UG1144 for 2017.2) doesn't say so and it mentions nothing else either.

 

These kind of issues seem to have started with petalinux 2016.4 but half a year later I would expect some improvement.

0 Kudos
Highlighted
Scholar
Scholar
3,767 Views
Registered: ‎06-10-2008

Re: Where does dropbear come from in petalinux 2017.2?

Jump to solution

And how do I get rid of hwclock? Once again, it is disabled in the rootfs configuration, but magic-o-magic it is there anyway.

0 Kudos
Highlighted
Scholar
Scholar
3,712 Views
Registered: ‎06-10-2008

Re: Where does dropbear come from in petalinux 2017.2?

Jump to solution

And how am I supposed to get rid of the DHCP client udhcpc ?

0 Kudos
Highlighted
Moderator
Moderator
3,704 Views
Registered: ‎10-06-2016

Re: Where does dropbear come from in petalinux 2017.2?

Jump to solution

Hi @vanmierlo

 

You are right that this kind of "behavior" started with 2016.4 Petalinux release, and there is a good reason for that, it was when Petalinux started to be based on Yocto.

 

The rootfs configuration menu is used by petalinux to add software packages to your distribution, but some base packages are managed by IMAGE_FEATURES variables in yocto to set as a baseline. So that means that to disable those packages you need to modify your petalinuxbsp.conf file to add the following statement:

 

IMAGE_FEATURES_remove = "ssh-server-dropbear" (use the corresponding package name)

 

Regards,

Ibai


Ibai
Don’t forget to reply, kudo, and accept as solution.
Highlighted
Scholar
Scholar
3,697 Views
Registered: ‎06-10-2008

Re: Where does dropbear come from in petalinux 2017.2?

Jump to solution

@ibaie

 

Thank you for the first meaningful response in a long time from a Xilinx employee in the embedded forum. I was getting the impression that the petalinux developers are not following this forum and are thereby unreachable.

 

But why is this not documented? And why are all these programs still present in the rootfs config if that is not where one should enable/disable them?

0 Kudos
Highlighted
Scholar
Scholar
3,694 Views
Registered: ‎06-10-2008

Re: Where does dropbear come from in petalinux 2017.2?

Jump to solution

Where do I need to look to find the "corresponding package name"?

 

And does the string require extra leading spaces?

0 Kudos
Highlighted
Moderator
Moderator
3,690 Views
Registered: ‎10-06-2016

Re: Where does dropbear come from in petalinux 2017.2?

Jump to solution

Hi @vanmierlo

 

I do agree with you that this is not documented properly and It may confuse customers, we constantly try to improve the documentation so I will point this particular topic for future releases.

 

The IMAGE_FEATURES property is inherit to yocto, and as pointed in the past is the way to set a baseline for a specific image build. The rootfs configuration menu by petalinux is the way used to add packages to this baseline, but there is no way to remove baseline packages as it is supposed that those ones "should" be there always.

 

You can check the packages present in the petalinux image checking the yocto enviroment variables, or using the following petalinux command: petalinux-build –c “-e petalinux-user-image” | grep ^IMAGE_FEATURES (under the hood calling to yocto with -e for petalinux-user-image and then getting the IMAGE_FEATURES).

 

PD: We are trying increase the effort on the Xilinx forums so hopefully you will see more activity here.

 

Regards,

Ibai


Ibai
Don’t forget to reply, kudo, and accept as solution.
0 Kudos
Highlighted
Scholar
Scholar
3,680 Views
Registered: ‎06-10-2008

Re: Where does dropbear come from in petalinux 2017.2?

Jump to solution

The only IMAGE_FEATURE I can find with that command is "ssh-server-dropbear". So I still don't know how to get rid of hwclock and udhcpc nor how to replace bash with busybox sh.

0 Kudos
Highlighted
Moderator
Moderator
3,670 Views
Registered: ‎10-06-2016

Re: Where does dropbear come from in petalinux 2017.2?

Jump to solution

Hi @vanmierlo

 

Probably someone with more knowledge on Yocto can provide us more details on how does it work, but let see if my quick research with the ZC702 Petalinux BSP can be useful :)

 

Using the previous command (remove the grep pipeline) you can check all the variables used by bitbake to build your petalinux image (petalinux-user-image). So taking a look to the generated output, you can see how the base-utils and hwclock packages used are busybox and busybox-hwclock by default.

 

Capture 2.JPG

 

Capture.JPG

 

If I'm not wrong as far as you did not specify any other package to be used as base-utils or hwclock, the default providers are used in your image. Also as busybox can be compiled with a built-in udhcpd daemon (CONFIG_UDCHPD), probably that is generating you a image with udhcpd.


Ibai
Don’t forget to reply, kudo, and accept as solution.
0 Kudos
Highlighted
Scholar
Scholar
2,858 Views
Registered: ‎06-10-2008

Re: Where does dropbear come from in petalinux 2017.2?

Jump to solution

I agree that we need information from someone with more knowledge about Yocto, or more specific the yocto implementation in petalinux.

 

And I do not mind the few symbolic links to busybox for udhcpc and hwclock in /sbin/. What bothers me is that they automatically start up. On older versions of petalinux this was as simple as deselecting them in the menu. When not installed they can't be run.

0 Kudos
Highlighted
Moderator
Moderator
2,839 Views
Registered: ‎10-06-2016

Re: Where does dropbear come from in petalinux 2017.2?

Jump to solution

Hi @vanmierlo

 

After a quick testing I have been able to disable the dhcpc daemon from a Petalinux image with a small custom recipe. As pointed in the previous post, busybox is used by default by Yocto engine as a baseline and the original recipe from Yocto builds busybox with DHCPC enabled.

 

<petalinux-install-dir>/components/yocto/source/aarch64/layers/core/meta/recipes-core/busybox/busybox/defconfig

CONFIG_UDHCPD=y

So what I did is create a new bbappend for busybox recipe and modify the defconfig to not include this feature. So I created the following file: <petalinux-project>/project-spec/meta-user/recipes-core/busybox/busybox_%.bbappend

do_configure_append() {
   sed -i.bak "/CONFIG_UDHCPC=y/c\# CONFIG_UDHCPC is not set" .config
}


Once generated the image for ZC702 I checked the boot log to see if udhcpc has been launched in the boot process, and as you can see no dhcp clients where found.

INIT: Entering runlevel: 5
Configuring network interfaces... ifup: no dhcp clients found
ifup: don't have all variables for eth0/inet

Petalinux is build on top of Yocto and add features to it in order to integrate the Xilinx flow into on it. However it does not mean that all the features available for Yocto can be configured using petalinux features (menuconfigs), and you need make use of recipes/layers in order to achieve all the functionalities. As an example this particular issue where the default Yocto recipe for busybox uses UDHCPC which does not belong to Xilinx at all.

 

Regards,

Ibai

Regards


Ibai
Don’t forget to reply, kudo, and accept as solution.
0 Kudos
Highlighted
Scholar
Scholar
2,833 Views
Registered: ‎06-10-2008

Re: Where does dropbear come from in petalinux 2017.2?

Jump to solution

Hello @ibaie

 

I understand that busybox was built with DHCPC enabled. And I do not dispute that this is now built by yocto recipes. But this whole yocto build process is dropped on the current petalinux users without any introduction or documentation. And on top of that the old way of configuring the rootfs contents through petalinux-config -c rootfs is still there including busybox, but deselected by default. This is highly confusing. If busybox is not meant to be installed from the menuconfigs then remove it there. And that goes for a lot more of the options in the menuconfigs.

 

I'll take this even further. Whether the system has a dynamic or a static IP address is a setting in the main petalinux-config. But that setting is ignored by the build system as well.

 

I have the feeling that the correct solution should be to adapt /etc/notwork/interfaces in the rootfs. But I have been unable to find how to replace that file through a proper recipe.

 

It seems as if Xilinx expects its users to be acquainted with yocto already.

And it also seems as if Xilinx expects all users to use DHCP on their embedded platform under all circumstances.

 

I know I'm complaining a lot and I don't even think you are personally involved in writing the petalinux + yocto tools. So please do not take this personal, it's definitely not. I highly appreciate your help. But since you are a Xilinx employee, please pass this on to the right development group within the organization.

 

Thanks,

Maarten

0 Kudos
Highlighted
Moderator
Moderator
4,859 Views
Registered: ‎10-06-2016

Re: Where does dropbear come from in petalinux 2017.2?

Jump to solution

Hi @vanmierlo

 

I don't take your comments as personal so not worries about that :) It's clear that the petalinux-config -c rootfs is still bit confusing since the tool has been ported to Yocto, but I definitivelly this is not a obsolete feature at all. I do agree that some of the tools, specially those that are used in baseline recipes has a confusing behaviour, so definitivelly we need to figure out a better way to work with them, so I will provide the internal feedback regarding those points.

 

Regarding the network settings and the usage of static IP, there is a post where this issue where pointed and solved using a user recipe, please take a look to check if it is usefull for you ;)

 

Regards


Ibai
Don’t forget to reply, kudo, and accept as solution.

View solution in original post

Highlighted
Explorer
Explorer
1,941 Views
Registered: ‎12-20-2017

Re: Where does dropbear come from in petalinux 2017.2?

Jump to solution
@ibaie, I agree with @vanmierlo, this is one of the most helpful things I've seen from xilinx. I've always wished there was more transparency as to what yocto features are hidden by petalinux. Thank you for revealing the -c "-e petalinux-user-image" trick.
Unfortunately, when I add "IMAGE_FEATURES_remove = "ssh-server-dropbear" " to project-spec/meta-user/conf/petalinuxbsp.conf, I still get dropbear installed. Looking at the output of the -e petalinux-user-image suggests that maybe the order is not correct... dropbear is being built and installed before petalinuxbsp.conf is being processed (I'm nowhere near an expert on yocto or understanding this file).
0 Kudos
Highlighted
Explorer
Explorer
1,936 Views
Registered: ‎12-20-2017

Re: Where does dropbear come from in petalinux 2017.2?

Jump to solution
I even tried modifying ./components/yocto/source/aarch64/layers/meta-petalinux/recipes-core/images/petalinux-image-common.inc from my petalinux SDK installation directory in order to remove SSH products from some variables there:

COMMON_FEATURES = " \
ssh-server-dropbear \ <-- remove this
hwcodecs \
"

and

COMMON_INSTALL = " \
openssh-sftp-server \ <-- remove this
tcf-agent \
mtd-utils \
bridge-utils \
canutils \
pciutils \
kernel-modules \
"

This is not preferable because this is touching the installation directory. I'm open to suggestions as to other ways to prevent SSH from starting up (I'm ok with installing it).

However, this still did not work, for some unknown reason.

Is there any way I can debug what is going on under the hood?

0 Kudos
Highlighted
Visitor
Visitor
1,922 Views
Registered: ‎03-29-2018

Re: Where does dropbear come from in petalinux 2017.2?

Jump to solution
MACHINE_FEATURES_remove = "rtc"

BUSYBOX_FEATURES_remove = "busybox-udhcpc"

try adding these in petalinuxbsp.conf

0 Kudos
Highlighted
Visitor
Visitor
1,919 Views
Registered: ‎03-29-2018

Re: Where does dropbear come from in petalinux 2017.2?

Jump to solution

also i've added a .bbappend for busybox with contents:

SRC_URI_remove = " file://inetd.conf \
                   file://petalinux.cfg \
                   file://ftp.cfg \
                   file://ftpd.cfg \
                   file://hexdump.cfg \
                   file://httpd.cfg \
                   file://inetd.cfg \
                   file://nc.cfg \
                   file://telnetd.cfg \
                   file://tftpd.cfg \
		   file://lspci.cfg \
		   file://lsusb.cfg \
		   file://mdev.cfg \
		   file://mount-cifs.cfg \
		   file://ps-extras.cfg \
		   file://getopt.cfg \
                 "

This prevents petalinux config-fragments from overruling your changes that you've made via petalinux-config -c busybox. In my experience yocto config-fragments are of lower priority than those you add in meta-user and thus should not cause problems...

0 Kudos