Commit Graph

103 Commits

Author SHA1 Message Date
Renuka Manavalan
ba0ca01ee0 [build]: Makefile: Extend to build debug docker images for all stretch dockers (#2789)
Overall goal: Build debug images for every stretch docker.

An earlier PR (#2789) made the first cut, by transforming broadcom/orchagent to build target/docker-orhagent-dbg.gz.

Changes in this PR:

Made docker-orchagent build to be platform independent.
1.1) Created rules/docker_orchagent.mk
1.2) Removed platform//docker-orchagent-*.mk
1.3) Removed the corresponding entry from platform//rules.mk

Extended the debug docker image build to stretch based syncd dockers.
2.1) For now, only mellanox & barefoot are stretch based.
2.2) All the common variable definitions are put in one place platform/template/docker-syncd-base.mk
2.3) platform/[mellanox, bfn]/docker-syncd-[mlnx, bfn].mk are updated as detailed below.
2.3.1) Set platform code and include template base file
2.3.2) Add the dependencies & debug dependencies and any update over what base template offers.

Extended all stretch based non-platform dockers to build debug dockers too.
3.1) Affected are:
docker-database.mk,
docker-platform-monitor.mk,
docker-router-advertiser.mk,
docker-teamd.mk,
docker-telemetry.mk

Next: Build debug flavor of final images with regular dockers replaced with debug dockers where available.
2019-04-19 18:49:21 -07:00
Renuka Manavalan
c846fb9ead [build]: Updated Makefile infrastructure to build debug images. (#2753)
* Updated Makefile infrastructure to build debug images.
As a sample, platform/broadcom/docker-orchagent-brcm.mk is updated to add a docker-orchagent-brcm-dbg.gz target.

Now "BLDENV=stretch make target/docker-orchagent-brcm-dbg.gz" will build the debug image.

This debug image can be used in any linux box to inspect core file. If your module's external dependency can be suitably mocked, you my even manually run it inside.

"docker run -it --entrypoint=/bin/bash e47a8fb8ed38"

You may map the core file path to this docker run.

* Dropped the regular binary using DBG_PACKAGES and a small name change to help readability.

* Tweaked the changes to retain the existing behavior w.r.t INSTALL_DEBUG_TOOLS=y.

When this change ('building debug docker image transparently') is extended to all dockers, this flag would become redundant. Yet, there can be some test based use cases that rely on this flag.

Until after all the dockers gets their debug images by default and we switch all use cases of this flag to use the newly built debug images, we need to maintain the existing behavior.
2019-04-13 17:05:18 -07:00
lguohan
158531b48d
[build]: only build dockers needed by installers (#2771)
Signed-off-by: Guohan Lu <gulv@microsoft.com>
2019-04-11 19:28:41 -07:00
Ying Xie
9d6bac567b [build] force Linux to drop cache before calling kvm (#2717)
* [vm build] force Linux to drop cache before calling kvm

KVM need to allocate 2G memory for this build. The system memory might
be occupied by cache at the moment and doesn't have 2G chunk to give
out. Forcing Kernel to drop cache to boost the chance of getting 2G
memory.

Signed-off-by: Ying Xie <ying.xie@microsoft.com>

* [make] add option to enable/disable VS build memory preparation

Signed-off-by: Ying Xie <ying.xie@microsoft.com>
2019-03-29 15:25:17 -07:00
Stepan Blyshchak
c0caf0c372 [dockers] Build stretch dockers only once and only in stretch slave docker (#2678)
Signed-off-by: Stepan Blyschak <stepanb@mellanox.com>
2019-03-19 09:16:33 -07:00
lguohan
f682e7b131
[docker-radvd]: upgrade docker radvd to stretch based (#2524)
* [docker-radvd]: upgrade docker radvd to stretch based

* install jinja>=2.10

Signed-off-by: Guohan Lu <gulv@microsoft.com>

* install pip packages for testing sonic-utilities

Signed-off-by: Guohan Lu <gulv@microsoft.com>

* set storage driver to vfs

Signed-off-by: Guohan Lu <gulv@microsoft.com>
2019-02-06 21:28:07 -08:00
lguohan
f20665008c
[build]: put stretch debian packages under target/debs/stretch/ (#2519)
* [build]: put stretch debian packages under target/debs/stretch/

* in stretch build phase, all debian packages built in that stage are placed under target/debs/stretch directory.
* for python-based debian packages, since they are really the same for jessie and stretch, they are placed under target/python-debs directory.

Signed-off-by: Guohan Lu <gulv@microsoft.com>
2019-02-04 22:06:37 -08:00
stepanblyschak
c998dc81d2 [slave.mk] Fix DEB_BUILD_OPTIONS passing (#2473)
Signed-off-by: Stepan Blyschak <stepanb@mellanox.com>
2019-01-23 18:49:44 -08:00
Nikos
7056b49af7 Routing application split config support (#2286)
* Routing application split config support

Signed-off-by: nikos <ntriantafillis@gmail.com>

* Routing application split config support
Routing application split config support

Signed-off-by: nikos <Nikos Triantafillis>
2018-11-26 18:19:12 -08:00
lguohan
64a2b1ce99
[vs]: build sonic vs kvm image (#2269)
Signed-off-by: Guohan Lu <gulv@microsoft.com>
2018-11-20 22:32:40 -08:00
Qi Luo
465ebbafff
Build patched redis-dump-load (#2277)
* Build patched redis-dump-load
* Fix build
* Add build rule
2018-11-20 19:27:56 -08:00
lguohan
8de5aadea6
[fix]: various minor fixes (#2246)
Signed-off-by: Guohan Lu <gulv@microsoft.com>
2018-11-10 13:39:30 -08:00
Wataru Ishida
4db98b46e4 [build]: add build option to use native docker instead of dind for build (#2215)
using native docker is faster than dind dockerd with vfs storage driver

https://github.com/Azure/sonic-buildimage/pull/2016

https://github.com/Azure/draft/issues/181

Signed-off-by: Wataru Ishida <ishida@nel-america.com>
2018-11-01 18:00:00 -07:00
Jipan Yang
c64f105a3e [build]: Add missing timestamp and build_number in docker meta label tag value (#2194)
* Add missing timestamp in docker meta label tag value

Signed-off-by: Jipan Yang <jipan.yang@alibaba-inc.com>

* add BUILD_NUMBER as well

Signed-off-by: Guohan Lu <gulv@microsoft.com>
2018-10-29 12:06:57 -07:00
Joe LeVeque
1e1add90f9
Remove Arista-specific service ACL solution; All platforms now use caclmgrd (#2202) 2018-10-29 10:25:18 -07:00
lguohan
9078377028
[build]: install debug symbols packages when INSTALL_DEBUG_TOOLS=y (#2175)
[build]: install debug symbols packages when INSTALL_DEBUG_TOOLS=y
2018-10-21 17:20:27 -07:00
lguohan
a401ee7fa8
[build]: do not override ENABLE_SYNCD_RPC in rules/config (#2151)
Signed-off-by: Guohan Lu <gulv@microsoft.com>
2018-10-15 13:49:35 -07:00
lguohan
0a8e0c1238
[build]: generate build timestamp at the beginning and use it for the… (#2118)
* [build]: generate build timestamp at the beginning and use it for the rest of build

Signed-off-by: Guohan Lu <gulv@microsoft.com>
2018-10-04 21:20:01 -07:00
Jipan Yang
0e85986088 Add Tag info to docker label meta data (#2058)
* Add Tag info to docker label meta data

Signed-off-by: Jipan Yang <jipan.yang@alibaba-inc.com>

* Move DIRTY_SUFFIX to sonic_get_version()

Signed-off-by: Jipan Yang <jipan.yang@alibaba-inc.com>
2018-09-21 10:44:28 -07:00
lguohan
be9f3ad7c1
[build]: use vfs storage driver to build dockers (#2016)
seen issues to build dockers using aufs in ubuntu 18.04

Immedidate dockers are exported to docker file and then
imported into sonic image. Thus, whether using vfs or aufs
as the storage driver does not matter for the immediate build.

Signed-off-by: Guohan Lu <gulv@microsoft.com>
2018-09-05 15:28:32 -07:00
Joe LeVeque
98082d56a0 [baseimage]: Download picocom version 3.1-2 from stretch-backports; No longer build from source (#1946) 2018-08-17 17:38:20 -07:00
lguohan
c059d9982a
[baseimage]: install picocom 3.1 in base image (#1943)
* [baseimage]: install picocom 3.1 in base image

Signed-off-by: Guohan Lu <gulv@microsoft.com>

* add picocom to stretch build

Signed-off-by: Guohan Lu <gulv@microsoft.com>

* fix slave.mk bug

Signed-off-by: Guohan Lu <gulv@microsoft.com>
2018-08-17 09:06:05 -07:00
Guohan Lu
66ffca2832 [kernel]: set default option to build kernel
Signed-off-by: Guohan Lu <gulv@microsoft.com>
2018-08-11 23:46:13 +00:00
Guohan Lu
0edb3802b0 [build]: add stretch target to build in stretch docker 2018-08-11 09:09:03 +00:00
Guohan Lu
2449fafae0 [kernel]: update kernel submodule and remove standalone igb driver 2018-08-11 09:07:59 +00:00
Guohan Lu
ff1f508f33 [baseimage]: use debian 4.9.0-3 kernel 2018-08-11 09:07:59 +00:00
Rodny Molina
c3c8f7fd7f Fix for bash's memory-leak (#1879)
* Fix for bash's memory-leak

Memory leak is observed during the execution of scripts that make use of bash-arrays. In scenarios where the offending script is executed on a regular basis (e.g. fancontrol), the leaking process may end up consuming most of the system resources.

In this PR i'm replacing bash in all the contexts where it executes (both host and dockers). The official patch for this issue is here: https://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-040

* Fixing minor issue during code-merge

Signed-off-by: Rodny Molina <rmolina@linkedin.com>
2018-07-27 17:46:33 -07:00
Ying Xie
3c33737d58
[make] introducing new build option KERNEL_PROCURE_METHOD (#1837)
* [make] introducing new build option KERNEL_BUILD_METHOD

- Kernel could be built from source files with method 'build'
- Kernel could be downloaded from Azure storage with method 'download'

Signed-off-by: Ying Xie <ying.xie@microsoft.com>

* Replace BUILD with PROCURE

* fix typo
2018-07-25 08:14:18 -07:00
Sagar Balani
93905d3d82 [barefoot]: Support for platforms based on Barefoot Networks' device (#1796)
* Initial commit

* Add Ingrasys S9180-32X platform dirver.

Signed-off-by: Wade He <chihen.he@gmail.com>

* Add bfn.service for init barefoot.

Signed-off-by: Wade He <chihen.he@gmail.com>

* [Barefoot Beta] Add some functions and fixed some bugs.

1. Update sensors.conf.
2. Fixed IO expander init.
3. Fixed PSU EEPROM.
4. Fixed MB EEPROM.
5. Add fancontrol and fan init.
6. Add SYS LED control (sys, fan, fan tray).
7. 2.5V compute and setup max and min.
8. Fixed typo MB eeprom delete address.
9. Remove coretemp to BMC.
10. Add active CPLD.
11. Modify SFP+ GPIO slave address.
12. Modify tmp75 Near Port 32 slave address.

Signed-off-by: Wade He <chihen.he@gmail.com>

* Add bfn script in /etc/init.d/

Signed-off-by: Wade He <chihen.he@gmail.com>

* Add bfn service in debian

Signed-off-by: Wade He <chihen.he@gmail.com>

* Fixed CPLD switch LED behavior.

Signed-off-by: Wade He <chihen.he@gmail.com>

* [Barefoot Beta] Fixed sensors and hwmon order.
1. Fixed ignore sensors Vbat.
2. Reorg hwmon order.

Signed-off-by: Wade He <chihen.he@gmail.com>

* Fixed PSU1 and PSU2 EEPROM order.

Signed-off-by: Wade He <chihen.he@gmail.com>

* initial barefoot checkin october 2017

* update refpoint

* update refpoints

* update refpoints to bf-master

* update refpoint

* update refpoint to tested version

* change to platform from asic

* update refpoint for swss

* revert core creation setting

* update refpoints

* add telnet for debug shell

* update refpoints 11/17/17

* missed change in file on previous merge

* [CPLD] Fixed blink LED issue.

* Fixed blink LED mask set error.

Signed-off-by: Wade He <chihen.he@gmail.com>

* Update bf_kdrv.c for 6.0.2.39

* Update bf kernel driver

* Add bf_fun kernel module.

* Update bf_tun for fixed build error

* merge with Azure master (12/12/17)

* update swss refpoint

* update refpoint of swss

* library dependency for stack unroll

* update refpoint to bf-master

* [DHCP relay]: Fix circuit ID and remote ID bugs (#1248)

* [DHCP relay]: Fix circuit ID and remote ID bugs

* Set circuit_id_len after setting circuit_id_len to ip->name

* [Platform] Add Psuutil and update sensors.conf for S9100-32X, S8810-32Q and S9200-64X (#1272)

* Add I2C CPLD kernel module for psuutil.
 * Support psuutil script.
 * Add voltage min and max threshold.
 * Update sensors.conf for tmp75.

Signed-off-by: Wade He <chihen.he@gmail.com>

* Allow multi platform support - infra (more changes to follow)

* update relative path to include platform for clarity

* [Platform] Add Ingrasys S9130-32X and S9230-64X with Nephos Switch ASIC for "branch 201712" (#1274)

- What I did
Add switch ASIC vendor: Nephos
Add Nephos platforms: Ingrasys S9130-32X, Ingrasys S9230-64X

- How I did it
Add platform/nephos files
Add platform/nephos/sonic-platform-modules-ingrasys submodule
Add device/ingrasys/x86_64-ingrasys_s9130_32x-r0 files
Add device/ingrasys/x86_64-ingrasys_s9230_64x-r0 files
Add SONiC to support Nephos platform
Update Head of submodule src/sonic-sairedis to "3b817bb"

- How to verify it
To build SONiC installer image and docker images, run the following commands:

make configure PLATFORM=nephos
make target/sonic-nephos.bin
Check system and network feature is worked as well

- Description for the changelog
Add switch ASIC vendor and platforms for Nephos

- A picture of a cute animal (not mandatory but encouraged)

Signed-off-by: Sam Yang <yang.kaiyu@gmail.com>

* change source of files to github (from dropbox), update sairedis refpoint

* update refpoint of sairedis

* [centec] support CENTEC SAI 1.0 on 201712 branch and update e582-48x6q board   (#1269)

* [marvel]: Marvell's updates for SONiC.201712 & SAI v1.0 (#1287)

* update sairedis (fast-boot refpoint)

* fix syncd rpc make files

* update refpoint to handle Makefile change (no functional change)

* [Marvell]: Add support for SLM5401-54x device (#1307)

* Marvell's updates for SONiC.201712 & SAI v1.0
* [Platform] Add Marvell's SLM5401-54x for branch 201712

* [Broadcom]: Update Boradcom SAI package to 3.0.3.3-3 (#1312) (#1321)

- update Arista 7050-QX32S config.bcm file
- update Accton th-as771*-32x100G.config.bcm files

* update refpoint for Makefile chnage in sairedis

* update refpoint - sairedis

* update sairedis to older refpoint till we debug clean build

* export asic platform for build

* update refpoint for makefiles

* [PLATFORM] Centec update E582 driver fan/epprom/sensor (#1332)

* Upload wnc-osw1800

* Modify for Barefoot suggest

* Revert bfn-platform.mk

* Update bfn-platform-wnc.mk

Update parameter name

* Update parameter name

* initial support for WNC platform

* change switch name to "switch"

* Delete bf modules for rel_7_0

* Add Ingrasys S9180 platform

Signed-off-by: Wade He <chihen.he@gmail.com>

* Modify bfnsdk for Ingrasys S9180 platform

Signed-off-by: Wade He <chihen.he@gmail.com>

* Resolved the conflict.

* Resolved the conflict.

* Update submodule path and url.

* Delete unused file.

* Update PSU GPIO and EEPROM for psuutil.

* Add psuutil in S9180-32X

Signed-off-by: Wade He <chihen.he@gmail.com>

* update refpoint

* update refpoint

* change contact email, update refpoint

* cleanup and update kernel modules

* updates based on review

* update refpoint

* update refpoint

* fix typo in config script to check for platforms

* remove stale file

* resolve conflicts

* cleanup diffs with Azure repo and update SDK debs

* update refpoints to Azure

* address review comments

* revert refpoint of swss-common

* porting the build fix from master

* porting build fix from master

* Minor Fix

* Minor fix

* Temp to sde deb packages url

* Update sonic - sairedis,swss & swss-common refpoints

* Update git modules url path to bfn repo

* updated paths for swss, swss-common & sairedis

* Update refpoint for sonic-swss to local bfn repo

* Update URL for downloading sde debian packages

* porting fix links of debian git server from master

* porting fix links of debian git server from master

* [Ingrasys] Add platform support for S9280-64X with Barefoot ASIC

* Update ref points for swss, swss-common and sairedis repos

* Add sonic platform scripts for bfn montara/maverick

* Call sh scripts instead of calling py scripts

* Address upstream PR Comments (#10)

* Update bf-master with azure/master
* Undo changes to some files

* Revert "Address upstream PR Comments (#10)"

This reverts commit a7fddb83ca.

* Address upstream comments (#11)

* Remove all non bfn specific changes from upstream PR

* Revert "Address upstream comments (#11)"

This reverts commit 559132103e.

* Undo non bfn changes

* Little more cleanup

* Add back code removed in merge

* export CONFIGURED_PLATFORM

* Update sairedis and swss refpoints

* Address Upstream PR comment

* change deb pkg dependency from 3.16.0-4-amd64 to 3.16.0-5-amd64

* Set default tx queue len for usb0 interface to 64

* Update sairedis refpoint

* Update swss ref point

* Add bfn buffer cfg files for montara/maverick as per new design

* Update buffer cfg templates for bfn montara

* add non zero size to buffer profile
* add macro to generate port lists

* Update buffer cfg templates for bfn mavericks

* add non zero size for buffer profiles
* add port generation macro

* Add missing psmisc package

* BGP docker seems to be missing killall utility being used by fast-reboot script. This is causing non graceful termination of BGP sessions.
Adding psmisc to resolve this issue.

* Update swss ref point

* Update swss ref point

* Update sairedis refpoint

* Update sairedis refpoint

* Update sairedis refpoint

* Update sairedis refpoint

* Update refpoint for sairedis and swss

* sairedis to azure master
* swss to latest bfn bf-master

* Update gitmodules

Update url for sairedis to azure master

* Correct typo in bfn platform script

* Update swss and sairedis ref points

* Update swss ref point

* Address Review comments

* Update swws path in gitmodules to azure master
* update swss refpoint
* update base docker j2 file -remove psmisc package (could be a concern, would cause fast reboot to not work correctly will fix in another PR)

* Fix sairedis refpoint broken in by previous merge

* Remove psmisc from docker base image

* This will break fast reboot as killall is required for killing bgp process and initiating graceful termination of BGP session.
Will fix this in a seperate PR. Need this for SONIC upstreaming

* Address upstream comments

* Remove bmc interface from interface jinja template and sample output interfaces file
* Add bmc interface at boot time to network interfaces for bfn bmc based platforms

* Remove autogen ingrasys debian files

* Revert "Remove autogen ingrasys debian files"

* Buffer and qos config template fix for bfn platforms (#21)

SWI-1509 Buffer and qos config template fix for bfn platforms

* Fix qos config files for montara & mavericks (#22)

* Reference only ppg 3,4 in qos files as no profiles are attached to 0,1 in buffer configs

* Fix vs test (#23)
2018-07-24 10:23:12 -07:00
Andriy Moroz
dadc17d9e6 [Mellanox] Use MAC from EEPROM for PortChannels and VLAN Interfaces (#1793)
* Use MAC from EEPROM for PortChannels

Signed-off-by: Andriy Moroz <c_andriym@mellanox.com>

* Use MAC from EEPROM in DEVICE_METADATA

Will affect MAC for VLAN interfaces

Signed-off-by: Andriy Moroz <c_andriym@mellanox.com>

* Get MAC via decode-syseeprom

Signed-off-by: Andriy Moroz <c_andriym@mellanox.com>

* hw-management is now a service

Signed-off-by: Andriy Moroz <c_andriym@mellanox.com>

* Add error handling for MAC fetch process

Signed-off-by: Andriy Moroz <c_andriym@mellanox.com>
2018-07-23 15:51:03 -07:00
Joe LeVeque
f04f0704f7
Build python-click Debian package from version 6.7-4 source to fix CLI autocomplete/suggest (#1824) 2018-06-29 09:59:46 -07:00
Qi Luo
7ba08e5bf6
Prefix docker container name to syslog syslogtag (program name) (#1810) 2018-06-25 10:48:42 -07:00
Rodny Molina
b5f153b3ae Introducing 'debugging' and 'profiling' options in sonic build-infra (#1782) 2018-06-19 15:59:12 -07:00
Serhey Popovych
8d88455509 [baseimage]: Improve password hashing for default user account (#1748)
* [slave.mk]: Fix displaying username and password in build summary

We display contents of DEFAULT_USERNAME and DEFAULT_PASSWORD, while
image can be build with USERNAME and/or PASSWORD given on make(1)
command line. For example:

  $ make USERNAME=adm PASSWORD=mypass target/sonic-broadcom.bin

Fix by displaying USERNAME and PASSWORD variables in build summary.

Signed-off-by: Sergey Popovich <sergey.popovich@ordnance.co>

* [baseimage]: Improve default user account handling

There are couple of issues with current implementation of default
user account management in baseimage:

  1) It uses DES to encrypt accounts password. Furthermore this
     effectively limits password length to 8 symbols, even if more
     provided with PASSWORD or DEFAULT_PASSWORD from rules/config.

  2) Salt value for password is same on all builds even with different
     password increasing attack surface.

  3) During the build process password passed as command line parameter
     either as plain text (if given to make(1) as "make PASSWORD=...")
     or DES encrypted (if given to build_debian.sh) can be seen by
     non-build users using /proc/<pid>/cmdline file that has group and
     world readable permissions.

Both 1) and 2) come from:

  perl -e 'print crypt("$(PASSWORD)", "salt"),"\n"')"

that by defalt uses DES if salt does not have format $<id>$<salt>$,
where <id> is hashing function id. See crypt(3) for more details on
valid <id> values.

To address issues above we propose following changes:

  1) Do not create password by hands (e.g. using perl snippet above):
     put this job to chpasswd(8) which is aware about system wide
     password hashing policy specified in /etc/login.defs with
     ENCRYPT_METHOD (by default it is SHA512 for Debian 8).

  2) Now chpasswd(8) will take care about proper salt value.

  3) This has two steps:

    3.1) For compatibility reasons accept USERNAME and PASSWORD as
         make(1) parameters, but warn user that this is unsafe.

    3.2) Use process environment to pass USERNAME and PASSWORD variables
         from Makefile to build_debian.sh as more secure alternative to
         passing via command line parameters: /proc/<pid>/environ
         readable only by user running process or privileged users like
         root.

Before change:
--------------

  hash1
  -----
  # u='admin'
  # p="$(LANG=C perl -e 'print crypt("YourPaSs", "salt"),"\n"')"
                                      ^^^^^^^^
                                      8 symbols
  # echo "$u:$p" | chpasswd -e

  # getent shadow admin
  admin:sazQDkwgZPfSk:17680:0:99999:7:::
        ^^^^^^^^^^^^^
        Note the hash (DES encrypted password)

  hash2
  -----
  # u='admin'
  # p="$(LANG=C perl -e 'print crypt("YourPaSsWoRd", "salt"),"\n"')"
                                      ^^^^^^^^^^^^
                                      12 symbols
  # echo "$u:$p" | chpasswd -e

  # getent shadow admin
  admin:sazQDkwgZPfSk:17680:0:99999:7:::
        ^^^^^^^^^^^^^
        Hash is the same as for "YourPaSs"

After change:
-------------

  hash1
  -----
  # echo "admin:YourPaSs" | chpasswd
  # getent shadow admin
  admin:$6$1Nho1jHC$T8YwK58FYToXMFuetQta7/XouAAN2q1IzWC3bdIg86woAs6WuTg\
           ^^^^^^^^
           Note salt here
  ksLO3oyQInax/wNVq.N4de6dyWZDsCAvsZ1:17681:0:99999:7:::

  hash2
  -----
  # echo "admin:YourPaSs" | chpasswd
  # getent shadow admin
  admin:$6$yKU5g7BO$kdT02Z1wHXhr1VCniKkZbLaMPZXK0WSSVGhSLGrNhsrsVxCJ.D9\
           ^^^^^^^^
           Here salt completely different from case above
  plFpd8ksGNpw/Vb92hvgYyCL2i5cfI8QEY/:17681:0:99999:7:::

Since salt is different hashes for same password different too.

  hash1
  -----
  # LANG=C perl -e 'print crypt("YourPaSs", "\$6\$salt\$"),"\n"'
                                             ^^^^^
                                             We want SHA512 hash
  $6$salt$qkwPvXqUeGpexO1vatnIQFAreOTXs6rnDX.OI.Sz2rcy51JrO8dFc9aGv82bB\
  yd2ELrIMJ.FQLNjgSD0nNha7/

  hash2
  -----
  # LANG=C perl -e 'print crypt("YourPaSsWoRd", "\$6\$salt\$"),"\n"'
  $6$salt$1JVndGzyy/dj7PaXo6hNcttlQoZe23ob8GWYWxVGEiGOlh6sofbaIvwl6Ho7N\
  kYDI8zwRumRwga/A29nHm4mZ1

Now with same "salt" and $<id>$, and same 8 symbol prefix in password, but
different password length we have different hashes.

Signed-off-by: Sergey Popovich <sergey.popovich@ordnance.co>
2018-06-09 11:29:16 -07:00
Joe LeVeque
e900369fa3
[slave.mk] Define SPACE variable differently such that the line doesn't end in whitespace (#1676) 2018-05-10 18:52:38 -07:00
Jipan Yang
f0690b246b [build]: Fix the problem of ENABLE_SYSTEM_TELEMETRY not taking effect in rules/config (#1615)
Signed-off-by: Jipan Yang <jipan.yang@alibaba-inc.com>
2018-04-18 00:31:12 -07:00
Jipan Yang
f74de8914b [telemetry]: SONiC system telemetry Support (#1526)
* SONiC system telemetry Support

Signed-off-by: Jipan Yang <jipan.yang@alibaba-inc.com>

* Update package name from telemetry to sonic-telemetry

Signed-off-by: Jipan Yang <jipan.yang@alibaba-inc.com>
2018-03-27 13:39:04 -07:00
sihuihan88
7639cc1b53 [pfcwd]: add flag to enable pfc wd on start (#1429) 2018-03-05 23:55:37 -08:00
Joe LeVeque
dc7abaf569 [slave.mk] Apply patches to dockers before building, if any exist (#1395) 2018-02-15 17:48:49 -08:00
byu343
ecf5c8d311 ssh and snmp allow list (#1363)
- Service ACL framework for Arista platforms
2018-02-08 17:43:52 -08:00
Marian Pritsak
43554c8b1a [slave.mk]: Clear deb_dist directory (#1344)
Python packages, having their version changed, will fail to build
because deb_dist directory contains both build directories for old and
new version, and (for some uncleaer reason) debian utilities don't know
which one to choose.

Signed-off-by: marian-pritsak <marianp@mellanox.com>
2018-01-29 08:14:01 -08:00
Joe LeVeque
134707f822
Move platform-specific hardware plugin base packages to sonic-platform-common submodule (#1301) 2018-01-17 17:11:31 -08:00
pavel-shirshov
47aba6f76d
[libsaithrift-dev]: Enable building libsaithrift-dev and pythonthrift libraries (#1296)
* Fix build of libsaithrift for broadcom

* Restore libsaithrift-dev building

* Comment out libsaithrift library on cavium and marvell. Both of them have old SAI drivers

* Revert back unintentional acton changes

* Don't run the package checks when building sairedis package
2018-01-11 20:32:14 -08:00
lguohan
15d433d975
[build]: allow to use http(s) proxy in the build (#1265)
* allow to use http(s) proxy in the build

To enable this, use following command
http_proxy=[your_proxy] https_proxy=[your_proxy] make
2017-12-23 23:34:15 -08:00
kaiyu22
63de341dd6 [Platform] Add Ingrasys S9130-32X and S9230-64X with Nephos Switch ASIC (#1245)
* Add switch ASIC vendor and platforms for Nephos

- What I did
Add switch ASIC vendor: Nephos
Add Nephos platforms: Ingrasys S9130-32X, Ingrasys S9230-64X

- How I did it
Add platform/nephos files
Add platform/nephos/sonic-platform-modules-ingrasys submodule
Add device/ingrasys/x86_64-ingrasys_s9130_32x-r0 files
Add device/ingrasys/x86_64-ingrasys_s9230_64x-r0 files
Add SONiC to support Nephos platform

- How to verify it
To build SONiC installer image and docker images, run the following commands:
make configure PLATFORM=nephos
make target/sonic-nephos.bin
Check system and network feature is worked as well

- Description for the changelog
Add switch ASIC vendor and platforms for Nephos

- A picture of a cute animal (not mandatory but encouraged)

Signed-off-by: Sam Yang <yang.kaiyu@gmail.com>

* Advance sonic-sairedis submodule to include #271 (Add Nephos ASIC)
2017-12-22 10:04:29 -08:00
Ying Xie
eadd74fb84
[build] allow user to override the default number of build jobs (#1255)
User could issue SONIC_BUILD_JOBS=<num> to set number of concurrent
build job(s) to run.

With this commit, the default setting is still left at 1.
2017-12-20 15:25:30 -08:00
Qi Luo
4b2225bca5 [docker-snmpd]: asyncsnmp depends on sonic-utilities so it is possible to import sonic_psu (#1212)
* asyncsnmp depends on sonic-utilities so it is possible to import sonic_psu

Signed-off-by: Qi Luo <qiluo-msft@users.noreply.github.com>

* Ignore sonic_utilities test during build
2017-12-07 13:08:23 -08:00
Liuqu
8383b1f256 [TACACS+]: Add support for TACACS+ Authentication (#1019)
* [TACACS+]: Add support for TACACS+ Authentication

* pam_tacplus - A TACACS+ protocol client library and PAM module to
  supports core TACACS+ functions for AAA.
* nss_tacplus - A NSS plugin for TACACS+ to extend function getpwnam,
  make the TACACS+ authenticated user which is not found in local
  could login successfully.

* Add make rules for pam_tacplus and install script
* Add a patch for pam_tacplus to disable pam-auth-update pam-tacplus
  by default
* Add a patch for pam_tacplus to inlucde and build nss_tacplus

  Signed-off-by: chenchen.qcc@alibaba-inc.com

* [TACACS+]: Add nss-tacplus as a separate src repo

* Separate nss-tacplus from pam-tacplus, modify tacacs.mk and
  makefile, add a patch to adapt to the new user map profile.
* Use the lastest stable version for pam-tacplus, add a dependent
  package in sonic-salve, add two patches to fix build error.
* Add scripts to disable tacplus by default.
* Remove hostcfgd service file

  Signed-off-by: Chenchen Qi <chenchen.qcc@alibaba-inc.com>

* [TACACS+]: Fix nss-tacplus filter some valid TACACS+ username

* The NAME_REGEX for username check in plugin nss-tacplus is
  the ANSI version "^[0-9a-zA-Z_-\ ]*$", but the regular expression
  in /etc/adduser.conf is not defined as ANSI version. To avoid
  nss-tacplus filter some valid TACACS+ username, remove username
  check.

  Signed-off-by: Chenchen Qi <chenchen.qcc@alibaba-inc.com>
2017-12-07 03:36:17 -08:00
lguohan
414e43bb74
[build]: start docker service if not already started (#1203)
docker start fails when docker service is already started
2017-12-01 19:24:55 -08:00
lguohan
f4e37a66f9 add INSTALLS, LAZY_INSTALLS, DEPENDS targets to image build (#1159)
1. _INSTALLS defines the packages to be installed in the image
at the build time.
2. _LAZY_INSTALLS defines the packages to be installed in the image
at the first run time
3. _DEPENDS defines the packages to at the build dependency of
the image
2017-11-16 12:27:03 -08:00