Use new, daemon-less sysrepo for YANG management
Updating all dependencies so that we're using the new sysrepo. The easiest way
there was via bringing in the new buildroot as well, which meant:
- new RAUC, hence no patch needed anymore,
- newer systemd, hence an updated patch,
- New spdlog and fmt, which means that the version we ship in
submodules/dependencies no longer works. Fix that by just relying on
systemwide spdlog.
- uboot-tools needed a patch because there's no /var/lock,
- OpenSSH was previously started autmagically, now we're explicitly
adding that to the list of packages (I really like SSH, don't you?).
New sysrepo means that there's no `sysrepod` anymore, which required
changing a bunch of other units so that they are not marked as
`PartOf=sysrepod.service` anymore. Also, the command-line options for
`sysrepocfg` and `sysrepoctl` changed.
I had to patch buildroot so that it doesn't create SSH keys for the
NETCONF server at build time, and that all required modules are actually
installed. It turns out that new sysrepo doesn't really install
anything, and the fun only starts with Netopeer2. Their install scripts
a wee bit picky, but hey, we have bash, we can make it work.
On the other hand, installation of *our* YANG modules is a bit hairy.
There's just too much parallel activities going on, and therefore I have
no idea how robust our callout to `sysrepoctl --apply` really is. As a
cherry on top, `sysrepocfg` is particularly inconsistent when it comes
to how the **** one is supposed to provision the initial config, etc
etc. In the end, I ended up with a big hammer.
Installation of all non-netopeer2 YANG modules now happens from just a
single script, the previous way was very fragile and failed quite often
-- probably because that "wonderful" new way of installing a module and
possibly enabling a feature and also importing some data which might or
might not be the required initial data, so *THAT* thing, depended on
whether there already was or was not another SW connection. Wonderful.
If only there was a oneliner for that, then we could have avoided all
this stupid boilerplate. Oh well.
On the other hand, the `cla-sysrepod` is now properly signalling its
"up-and-running" status to systemd, *and* this up-and-running state is
only reached once the configuration has been propagated to the optical
HW. As a result, the HW watchdog will recover from an upload of a broken
FW (or, alternatively, it will keep rebooting if the optical HW is
FUBAR -- pick your poison, sir).
Change-Id: I4b65a8fb345bfe7907a331d0de16294af1c36a78
diff --git a/board/czechlight/common/patches/uboot-tools/0001-fw_-env-do-not-rely-on-var-lock.patch b/board/czechlight/common/patches/uboot-tools/0001-fw_-env-do-not-rely-on-var-lock.patch
new file mode 100644
index 0000000..b9bddab
--- /dev/null
+++ b/board/czechlight/common/patches/uboot-tools/0001-fw_-env-do-not-rely-on-var-lock.patch
@@ -0,0 +1,61 @@
+From e09ad9a33840ed83b91dd3901492ecf99ab89076 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Jan=20Kundr=C3=A1t?= <jan.kundrat@cesnet.cz>
+Date: Wed, 21 Oct 2020 23:06:21 +0200
+Subject: [PATCH] fw_*env: do not rely on /var/lock
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+...because these are not available under the new Buildroot.
+
+Signed-off-by: Jan Kundrát <jan.kundrat@cesnet.cz>
+---
+ tools/env/README | 2 +-
+ tools/env/fw_env_main.c | 6 +++---
+ 2 files changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/tools/env/README b/tools/env/README
+index 709251383c..480a893202 100644
+--- a/tools/env/README
++++ b/tools/env/README
+@@ -59,5 +59,5 @@ this environment instance. On NAND this is used to limit the range
+ within which bad blocks are skipped, on NOR it is not used.
+
+ To prevent losing changes to the environment and to prevent confusing the MTD
+-drivers, a lock file at /var/lock/fw_printenv.lock is used to serialize access
++drivers, a lock file at /run/fw_printenv.lock is used to serialize access
+ to the environment.
+diff --git a/tools/env/fw_env_main.c b/tools/env/fw_env_main.c
+index 26ba6624cd..4c84b13cfc 100644
+--- a/tools/env/fw_env_main.c
++++ b/tools/env/fw_env_main.c
+@@ -72,7 +72,7 @@ void usage_printenv(void)
+ " -c, --config configuration file, default:" CONFIG_FILE "\n"
+ #endif
+ " -n, --noheader do not repeat variable name in output\n"
+- " -l, --lock lock node, default:/var/lock\n"
++ " -l, --lock lock node, default:/run\n"
+ "\n");
+ }
+
+@@ -87,7 +87,7 @@ void usage_env_set(void)
+ #ifdef CONFIG_FILE
+ " -c, --config configuration file, default:" CONFIG_FILE "\n"
+ #endif
+- " -l, --lock lock node, default:/var/lock\n"
++ " -l, --lock lock node, default:/run\n"
+ " -s, --script batch mode to minimize writes\n"
+ "\n"
+ "Examples:\n"
+@@ -205,7 +205,7 @@ int parse_setenv_args(int argc, char *argv[])
+
+ int main(int argc, char *argv[])
+ {
+- char *lockname = "/var/lock/" CMD_PRINTENV ".lock";
++ char *lockname = "/run/" CMD_PRINTENV ".lock";
+ int lockfd = -1;
+ int retval = EXIT_SUCCESS;
+ char *_cmdname;
+--
+2.28.0
+