Any previously failed runs or outside tools may adjust the remote
control register leaving the MST controller in a poor state.
If remote control enablement fails, try to disable and then re-enable
before aborting.
As seen by recent testing this is not working every time.
Since e6cda81f we're now building GUIDs that represent all the possibilities
for shared parts so it's not important to set dock type.
Since the Redfish service may use a self-signed certificate without
specifying the hostname, we could have the problem to verify such
certificate. A new option, CACheck, is introduced so that the user can
decide whether to ignore the CA verification or not.
Signed-off-by: Gary Lin <glin@suse.com>
This commit adds redfish.conf to configure the IP and username/password
in case those are not available in SMBIOS and the EFI variables.
Since we can configure the IP in the conf file, the environment
variable, FWUPD_REDFISH_URI, is removed.
Signed-off-by: Gary Lin <glin@suse.com>
Although SoupAuthManager can create a proper SoupAuth from the
WWW-Authenticate header, some redfish implementations didn't provide
such header, and we would get a 401 response in the end.
In DSP0266, it mentions that "HTTP BASIC authentication as defined by
RFC7235 shall be supported", so it shall be safe to use Basic Auth
by default.
Signed-off-by: Gary Lin <glin@suse.com>
DeviceClass in Oem/Hpe indicates the type of device in the HPE machine.
In case SoftwareId is absent, we can use DeviceClass instead.
Signed-off-by: Gary Lin <glin@suse.com>
Although "Updateable" is defined in SoftwareInventory schema since
redfish v1.0.0, some machines(*) didn't support the field.
"SoftwareId" is defined in SoftwareInventory schema since v1.1.0, so
it probably isn't supported by every redfish machines.
(*) Try "/redfish/v1/UpdateService/FirmwareInventory/1/" with HPE DL380
Gen 10 in https://ilorestfulapiexplorer.ext.hpe.com/
Signed-off-by: Gary Lin <glin@suse.com>
In the Members array of FirmwareInventory or SoftwareInventory, each
element of the array only contains the URI to the member. For example:
"Members":
[
{
"@odata.id": "/redfish/v1/UpdateService/FirmwareInventory/1/"
},
{
"@odata.id": "/redfish/v1/UpdateService/FirmwareInventory/2/"
},
{
"@odata.id": "/redfish/v1/UpdateService/FirmwareInventory/3/"
}
]
We have to get the real member object through the given URI.
If the dock information is available then show that in the device name
and restrict the GUIDs created.
If it's not available, then just create GUIDs for all known docks
Previously if missing secure boot binaries, or invalid ESP was created the
plugin would just not load.
Now instead populate UpdateError and remove the updateble flag, but still show
the device in fwupdmgr and fwupdtool.
Per https://github.com/projectatomic/bubblewrap/issues/200
the paths need to be built differently to be able to accomodate
an unmerged /usr that Debian has.
Use ro bind mounts rather than symlinks to be compatible to both
Fedora's approach and Debian's approach
(Hopefully without breaking the Ubuntu packaging!)
When building, also generate a fwupdate-$ARCH-signed-template package
which contains metadata needed by the Debian signing service. This
will end up being turned into a new source package including a signed
version of the fwupdate binary.
Update the existing debian packaging files for fwupdate to do this,
and also add the core of the template in the debian/signing-template
directory. Also add a couple of helper scripts to drive things, and
update our README.Debian.
