change keepalived default config to
/var/ipfire/keepalived/keepalived.conf so keepalived WebUI
could read/write the configuration file. also add
/var/ipfire/keepalived directory
Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
keepalived: create /var/ipfire/keepalived
- Updated lfs file to core program type
- Moved rootfile from packages to common
- Older suricata versions required elfutils only for building but suricata-7.0.2 fails to
start if elfutils is not present due to libelf.so.1 being missing.
- The requirement for elfutils is not mentioned at all in the changelog.
Fixes: Bug#13516
Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
For details see:
https://midnight-commander.org/wiki/NEWS-4.8.31
"Major changes since 4.8.30
Core
Minimal version of GLib is 2.32.0.
VFS
fish: drop support of native FISH server and protocol. Rename VFS to shell (#4232)
extfs;
uc1541 extfs: update up to 3.6 version (#4511)
s3+: port to Python3 (#4324)
Support for LZO/LZOP compression format (#4509)
...
Skins: add color for non-printable characters in editor (#4433)
Fixes
FTBFS on FreeBSD with ext2fs attribute support (#4493)
Broken stickchars (-a) mode (#4498)
Wrong timestamp after resuming of file copy operation (#4499)
Editor: wrong deletion of marked column (#3761)
Diff viewer: segfault when display of line numbers is enabled (#4500)
Tar VFS: broken handling of hard links (#4494)
Sftp VFS: failure establishing SSH session due hashed host names in ~/.ssh/known_hosts (#4506)
Shell VFS: incorrect file names with cyrillic or diacritic symbols (#4507)
mc.ext.ini: incorrect description of of how multiple sections and keys with same names are processed (#4497)
mc.ext.ini: unescaped backslash \ is treated as invalid escape sequence in glib-2.77.3 and glib-2.79 (#4502)
mc.ext.ini: file "Makefile.zip" is handled as Makefile not as zip-arhive (#4419)"
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from version 0.22.0 to 0.23.1
- Update of rootfile
- Changelog
0.23.0
Headline features
Add type hints. (#543)
Features
When exiting a nursery block, the parent task always waits for child tasks
to exit. This wait cannot be cancelled. However, previously, if you tried
to cancel it, it would inject a Cancelled exception, even though it wasn’t
cancelled. Most users probably never noticed either way, but injecting a
Cancelled here is not really useful, and in some rare cases caused
confusion or problems, so Trio no longer does that. (#1457)
If called from a thread spawned by trio.to_thread.run_sync,
trio.from_thread.run and trio.from_thread.run_sync now reuse the task and
cancellation status of the host task; this means that context variables and
cancel scopes naturally propagate ‘through’ threads spawned by Trio. You
can also use trio.from_thread.check_cancelled to efficiently check for
cancellation without reentering the Trio thread. (#2392)
trio.lowlevel.start_guest_run() now does a bit more setup of the guest run
before it returns to its caller, so that the caller can immediately make
calls to trio.current_time(), trio.lowlevel.spawn_system_task(),
trio.lowlevel.current_trio_token(), etc. (#2696)
Bugfixes
When a starting function raises before calling trio.TaskStatus.started(),
trio.Nursery.start() will no longer wrap the exception in an undocumented
ExceptionGroup. Previously, trio.Nursery.start() would incorrectly raise an
ExceptionGroup containing it when using trio.run(...,
strict_exception_groups=True). (#2611)
Deprecations and removals
To better reflect the underlying thread handling semantics, the keyword
argument for trio.to_thread.run_sync that was previously called cancellable
is now named abandon_on_cancel. It still does the same thing – allow the
thread to be abandoned if the call to trio.to_thread.run_sync is
cancelled – but since we now have other ways to propagate a cancellation
without abandoning the thread, “cancellable” has become somewhat of a
misnomer. The old cancellable name is now deprecated. (#2841)
Deprecated support for math.inf for the backlog argument in
open_tcp_listeners, making its docstring correct in the fact that only
TypeError is raised if invalid arguments are passed. (#2842)
Removals without deprecations
Drop support for Python3.7 and PyPy3.7/3.8. (#2668)
Removed special MultiError traceback handling for IPython. As of version
8.15 ExceptionGroup is handled natively. (#2702)
Miscellaneous internal changes
Trio now indicates its presence to sniffio using the sniffio.thread_local
interface that is preferred since sniffio v1.3.0. This should be less
likely than the previous approach to cause sniffio.current_async_library()
to return incorrect results due to unintended inheritance of contextvars.
(#2700)
On windows, if SIO_BASE_HANDLE failed and SIO_BSP_HANDLE_POLL didn’t return
a different socket, runtime error will now raise from the OSError that
indicated the issue so that in the event it does happen it might help with
debugging. (#2807)
0.22.2
Bugfixes
Fix PermissionError when importing trio due to trying to access pthread.
(#2688)
0.22.1
Breaking changes
Timeout functions now raise ValueError if passed math.nan. This includes
trio.sleep, trio.sleep_until, trio.move_on_at, trio.move_on_after,
trio.fail_at and trio.fail_after. (#2493)
Features
Added support for naming threads created with trio.to_thread.run_sync,
requires pthreads so is only available on POSIX platforms with glibc
installed. (#1148)
trio.socket.socket now prints the address it tried to connect to upon
failure. (#1810)
Bugfixes
Fixed a crash that can occur when running Trio within an embedded Python
interpreter, by handling the TypeError that is raised when trying to
(re-)install a C signal handler. (#2333)
Fix sniffio.current_async_library() when Trio tasks are spawned from a
non-Trio context (such as when using trio-asyncio). Previously, a regular
Trio task would inherit the non-Trio library name, and spawning a system
task would cause the non-Trio caller to start thinking it was Trio. (#2462)
Issued a new release as in the git tag for 0.22.0, trio.__version__ is
incorrectly set to 0.21.0+dev. (#2485)
Improved documentation
Documented that Nursery.start_soon does not guarantee task ordering. (#970)
Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from version 3.2.2 to 3.3.0
- Update of rootfile
- Changelog
3.3.0
Note: This is the first pyfuse3 release compatible with Cython 3.0.0 release.
Cython 0.29.x is also still supported.
Cythonized with latest Cython 3.0.0.
Drop Python 3.6 and 3.7 support and testing, #71.
CI: also test python 3.12. test on cython 0.29 and cython 3.0.
Tell Cython that callbacks may raise exceptions, #80.
Fix lookup in examples/hello.py, similar to #16.
Misc. CI, testing, build and sphinx related fixes.
3.2.3
cythonize with latest Cython 0.29.34 (brings Python 3.12 support)
add a minimal pyproject.toml, require setuptools
tests: fix integer overflow on 32-bit arches, fixes#47
test: Use shutil.which() instead of external which(1) program
setup.py: catch more generic OSError when searching Cython, fixes#63
setup.py: require Cython >= 0.29
fix basedir computation in setup.py (fix pip install -e .)
use sphinx < 6.0 due to compatibility issues with more recent versions
Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from version 23.0 to 23.2
- Update of rootfile
- Changelog
23.2
Document calendar-based versioning scheme (#716)
Enforce that the entire marker string is parsed (#687)
Requirement parsing no longer automatically validates the URL (#120)
Canonicalize names for requirements comparison (#644)
Introduce metadata.Metadata (along with metadata.ExceptionGroup and
metadata.InvalidMetadata; #570)
Introduce the validate keyword parameter to utils.normalize_name() (#570)
Introduce utils.is_normalized_name() (#570)
Make utils.parse_sdist_filename() and utils.parse_wheel_filename() raise
InvalidSdistFilename and InvalidWheelFilename, respectively, when the
version component of the name is invalid
23.1
Parse raw metadata (#671)
Import underlying parser functions as an underscored variable (#663)
Improve error for local version label with unsupported operators (#675)
Add dedicated error for specifiers with incorrect .* suffix
Replace spaces in platform names with underscores (#620)
Relax typing of _key on _BaseVersion (#669)
Handle prefix match with zeros at end of prefix correctly (#674)
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Updated from version 1.1.0 to 1.2.0
- Update of rootfile
- Changelog
1.2.0
Added special monkeypatching if Apport has overridden sys.excepthook so it
will format exception groups correctly (PR by John Litborn)
Added a backport of contextlib.suppress() from Python 3.12.1 which also
handles suppressing exceptions inside exception groups
Fixed bare raise in a handler reraising the original naked exception rather
than an exception group which is what is raised when you do a raise in an
except* handler
1.1.3
catch() now raises a TypeError if passed an async exception handler instead
of just giving a RuntimeWarning about the coroutine never being awaited.
(#66, PR by John Litborn)
Fixed plain raise statement in an exception handler callback to work like a
raise in an except* block
Fixed new exception group not being chained to the original exception when
raising an exception group from exceptions raised in handler callbacks
Fixed type annotations of the derive(), subgroup() and split() methods to
match the ones in typeshed
1.1.2
Changed handling of exceptions in exception group handler callbacks to not
wrap a single exception in an exception group, as per CPython issue 103590
1.1.1
Worked around CPython issue #98778, urllib.error.HTTPError(..., fp=None)
raises KeyError on unknown attribute access, on affected Python versions.
(PR by Zac Hatfield-Dodds)
Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from version 22.1.0 to 23.2.0
- Update of rootfile
- setup.py is no longer available so build to use pyproject.toml was used.
- A new series of build dependencies are also now required for python3-attrs
- Changelog
23.2.0
Changes
The type annotation for attrs.resolve_types() is now correct. #1141
Type stubs now use typing.dataclass_transform to decorate dataclass-like
decorators, instead of the non-standard __dataclass_transform__ special
form, which is only supported by Pyright. #1158
Fixed serialization of namedtuple fields using attrs.asdict/astuple() with
retain_collection_types=True. #1165
attrs.AttrsInstance is now a typing.Protocol in both type hints and code.
This allows you to subclass it along with another Protocol. #1172
If attrs detects that __attrs_pre_init__ accepts more than just self, it
will call it with the same arguments as __init__ was called. This allows
you to, for example, pass arguments to super().__init__(). #1187
Slotted classes now transform functools.cached_property decorated methods to
support equivalent semantics. #1200
Added class_body argument to attrs.make_class() to provide additional
attributes for newly created classes. It is, for example, now possible to
attach methods. #1203
23.1.0
Backwards-incompatible Changes
Python 3.6 has been dropped and packaging switched to static package data
using Hatch. #993
Deprecations
The support for zope-interface via the attrs.validators.provides validator
is now deprecated and will be removed in, or after, April 2024.
The presence of a C-based package in our developement dependencies has
caused headaches and we’re not under the impression it’s used a lot.
Let us know if you’re using it and we might publish it as a separate
package. #1120
Changes
attrs.filters.exclude() and attrs.filters.include() now support the passing
of attribute names as strings. #1068
attrs.has() and attrs.fields() now handle generic classes correctly. #1079
Fix frozen exception classes when raised within e.g.
contextlib.contextmanager, which mutates their __traceback__ attributes. #1081
@frozen now works with type checkers that implement PEP-681 (ex. pyright).
#1084
Restored ability to unpickle instances pickled before 22.2.0. #1085
attrs.asdict()’s and attrs.astuple()’s type stubs now accept the
attrs.AttrsInstance protocol. #1090
Fix slots class cellvar updating closure in CPython 3.8+ even when
__code__ introspection is unavailable. #1092
attrs.resolve_types() can now pass include_extras to typing.get_type_hints()
on Python 3.9+, and does so by default. #1099
Added instructions for pull request workflow to CONTRIBUTING.md. #1105
Added type parameter to attrs.field() function for use with attrs.make_class().
Please note that type checkers ignore type metadata passed into
make_class(), but it can be useful if you’re wrapping attrs. #1107
It is now possible for attrs.evolve() (and attr.evolve()) to change fields
named inst if the instance is passed as a positional argument.
Passing the instance using the inst keyword argument is now deprecated and
will be removed in, or after, April 2024. #1117
attrs.validators.optional() now also accepts a tuple of validators
(in addition to lists of validators). #1122
22.2.0
Backwards-incompatible Changes
Python 3.5 is not supported anymore. #988
Deprecations
Python 3.6 is now deprecated and support will be removed in the next
release. #1017
Changes
attrs.field() now supports an alias option for explicit __init__ argument
names.
Get __init__ signatures matching any taste, peculiar or plain! The PEP 681
compatible alias option can be use to override private attribute name
mangling, or add other arbitrary field argument name overrides. #950
attrs.NOTHING is now an enum value, making it possible to use with e.g.
typing.Literal. #983
Added missing re-import of attr.AttrsInstance to the attrs namespace. #987
Fix slight performance regression in classes with custom __setattr__ and
speedup even more. #991
Class-creation performance improvements by switching performance-sensitive
templating operations to f-strings.
You can expect an improvement of about 5% – even for very simple classes. #995
attrs.has() is now a TypeGuard for AttrsInstance. That means that type
checkers know a class is an instance of an attrs class if you check it
using attrs.has() (or attr.has()) first. #997
Made attrs.AttrsInstance stub available at runtime and fixed type errors
related to the usage of attrs.AttrsInstance in Pyright. #999
On Python 3.10 and later, call abc.update_abstractmethods() on dict classes
after creation. This improves the detection of abstractness. #1001
attrs’s pickling methods now use dicts instead of tuples. That is safer and
more robust across different versions of a class. #1009
Added attrs.validators.not_(wrapped_validator) to logically invert
wrapped_validator by accepting only values where wrapped_validator rejects
the value with a ValueError or TypeError (by default, exception types
configurable). #1010
The type stubs for attrs.cmp_using() now have default values. #1027
To conform with PEP 681, attr.s() and attrs.define() now accept unsafe_hash
in addition to hash. #1065
Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from version 1.2.3 to 1.2.7
- Update of rootfile
- Patch set put together to also update the dependency packages where they have been
updated.
- Changelog
1.2.7
Fixes:
- docs: CVE-2023-36811 upgrade steps: consider checkpoint archives, #7802
- check/compact: fix spurious reappearance of orphan chunks since borg
1.2, #6687 -
this consists of 2 fixes:
- for existing chunks: check --repair: recreate shadow index, #6687
- for newly created chunks: update shadow index when doing a
double-put, #5661
- LockRoster.modify: no KeyError if element was already gone, #7937
- create --X-from-command: run subcommands with a clean environment, #7916
- list --sort-by: support "archive" as alias of "name", #7873
- fix rc and msg if arg parsing throws an exception, #7885
Other changes:
- support and test on Python 3.12
- include unistd.h in _chunker.c (fix for Python 3.13)
- allow msgpack 1.0.6 and 1.0.7
- TAM issues: show tracebacks, improve borg check logging, #7797
- replace "datetime.utcfromtimestamp" with custom helper to avoid
deprecation warnings when using Python 3.12
- vagrant:
- use generic/debian9 box, fixes#7579
- add VM with debian bookworm / test on OpenSSL 3.0.x.
- docs:
- not only attack/unsafe, can also be a fs issue, #7853
- point to CVE-2023-36811 upgrade steps from borg 1.1 to 1.2 upgrade
steps, #7899
- upgrade steps needed for all kinds of repos (including "none"
encryption mode), #7813
- upgrade steps: talk about consequences of borg check, #7816
- upgrade steps: remove period that could be interpreted as part of
the command
- automated-local.rst: use GPT UUID for consistent udev rule
- create disk/partition sector backup by disk serial number, #7934
- update macOS hint about full disk access
- clarify borg prune -a option description, #7871
- readthedocs: also build offline docs (HTMLzip), #7835
- frontends: add "check.rebuild_refcounts" message
1.2.6
Fixes:
- The upgrade procedure docs as published with borg 1.2.5 did not work,
if the repository had archives resulting from a borg rename or borg
recreate operation.
The updated docs now use BORG_WORKAROUNDS=ignore_invalid_archive_tam
at some places to avoid that issue, #7791.
See: fix pre-1.2.5 archives spoofing vulnerability (CVE-2023-36811),
details and necessary upgrade procedure described above.
Other changes:
- updated 1.2.5 changelog entry: 1.2.5 already has the fix for
rename/recreate.
- remove cython restrictions. recommended is to build with
cython 0.29.latest, because borg 1.2.x uses this since years and it
is very stable. You can also try to build with cython 3.0.x, there is
a good chance that it works. As a 3rd option, we also bundle the
`*.c` files cython outputs in the release pypi package, so you can
also just use these and not need cython at all.
1.2.5
Fixes:
- Security: fix pre-1.2.5 archives spoofing vulnerability (CVE-2023-36811),
see details and necessary upgrade procedure described above.
- rename/recreate: correctly update resulting archive's TAM, see #7791
- create: do not try to read parent dir of recursion root, #7746
- extract: fix false warning about pattern never matching, #4110
- diff: remove surrogates before output, #7535
- compact: clear empty directories at end of compact process, #6823
- create --files-cache=size: fix crash, #7658
- keyfiles: improve key sanity check, #7561
- only warn about "invalid" chunker params, #7590
- ProgressIndicatorPercent: fix space computation for wide chars, #3027
- improve argparse validator error messages
New features:
- mount: make up volname if not given (macOS), #7690.
macFUSE supports a volname mount option to give what finder displays on
the desktop / in the directory view. if the user did not specify it,
we make something up, because otherwise it would be "macFUSE Volume 0
(Python)" and hide the mountpoint directory name.
- BORG_WORKAROUNDS=authenticated_no_key to extract from authenticated repos
without key, #7700
Other changes:
- add `utcnow()` helper function to avoid deprecated `datetime.utcnow()`
- stay on latest Cython 0.29 (0.29.36) for borg 1.2.x (do not use
Cython 3.0 yet)
- docs:
- move upgrade notes to own section, see #7546
- mount -olocal: how to show mount in finder's sidebar, #5321
- list: fix --pattern examples, #7611
- improve patterns help
- incl./excl. options, path-from-stdin exclusiveness
- obfuscation docs: markup fix, note about MAX_DATA_SIZE
- --one-file-system: add macOS apfs notes, #4876
- improve --one-file-system help string, #5618
- rewrite borg check docs
- improve the docs for --keep-within, #7687
- fix borg init command in environment.rst.inc
- 1.1.x upgrade notes: more precise borg upgrade instructions, #3396
-tests:
- fix repo reopen
- avoid long ids in pytest output
- check buzhash chunksize distribution, see #7586
1.2.4
New features:
- import-tar: add --ignore-zeros to process concatenated tars, #7432.
- debug id-hash: computes file/chunk content id-hash, #7406
- diff: --content-only does not show mode/ctime/mtime changes, #7248
- diff: JSON strings in diff output are now sorted alphabetically
Bug fixes:
- xattrs: fix namespace processing on FreeBSD, #6997
- diff: fix path related bug seen when addressing deferred items.
- debug get-obj/put-obj: always give chunkid as cli param, see #7290
(this is an incompatible change, see also borg debug id-hash)
- extract: fix mtime when ResourceFork xattr is set (macOS specific), #7234
- recreate: without --chunker-params, do not re-chunk, #7337
- recreate: when --target is given, do not detect "nothing to do".
use case: borg recreate -a src --target dst can be used to make a copy
of an archive inside the same repository, #7254.
- set .hardlink_master for ALL hardlinkable items, #7175
- locking: fix host, pid, tid order.
tid (thread id) must be parsed as hex from lock file name.
- update development.lock.txt, including a setuptools security fix, #7227
Other changes:
- requirements: allow msgpack 1.0.5 also
- upgrade Cython to 0.29.33
- hashindex minor fixes, refactor, tweaks, tests
- use os.replace not os.rename
- remove BORG_LIBB2_PREFIX (not used any more)
- docs:
- BORG_KEY_FILE: clarify docs, #7444
- update FAQ about locale/unicode issues, #6999
- improve mount options rendering, #7359
- make timestamps in manual pages reproducible
- installation: update Fedora in distribution list, #7357
- tests:
- fix test_size_on_disk_accurate for large st_blksize, #7250
- add same_ts_ns function and use it for relaxed timestamp comparisons
- "auto" compressor tests: don't assume a specific size,
do not assume zlib is better than lz4, #7363
- add test for extracted directory mtime
- vagrant:
- upgrade local freebsd 12.1 box -> generic/freebsd13 box (13.1)
- use pythons > 3.8 which work on freebsd 13.1
- pyenv: also install python 3.11.1 for testing
- pyenv: use python 3.10.1, 3.10.0 build is broken on freebsd
Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
myMPD is written in C and has a nice WebGUI to play
local music and also a WebRadio browser.
This is to replace the removec client175.
After install it can reached via
https://IP_OF_THE_IPFIRE:8800
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from version 8.5.2 to 9.1
- Update of rootfile
- Build dependencies of frr now include protobuf-c. protobuf-c requires protobuf.
protobuf requires abseil-cpp.
- Build dependency of libyang will have a minimum version requirement of 2.1.128 coming
out of an issue. Minimum version for frr-9.1 is 2.1.80 but excluding 2.1.111 due to
API issues. Based on the near future requirement being 2.1.128 will move to current
latest version of 2.1.148
- This patch set includes the above build dependencies
- Changelog
9.1
FRR 9.1 brings a long list of enhancements and fixes with 941 commits from 73
developers.
OSPFv2 HMAC-SHA Cryptographic Authentication
Specify that HMAC cryptographic authentication must be used on a
specific interface using a key chain.
BGP MAC-VRF Site-Of-Origin support
In some EVPN deployments, it is useful to associate a logical VTEP’s
Layer 2 domain (MAC-VRF) with a Site-of-Origin “site” identifier. This
provides a BGP topology-independent means of marking and
import-filtering EVPN routes originating from a particular L2 domain.
One situation where this is valuable is when deploying EVPN using
anycast VTEPs, i.e. Active/Active MLAG, as it can be used to avoid
ownership conflicts between the two control planes (EVPN vs MLAG).
BGP Dynamic capability support
Added support for Graceful-Restart, Long-lived Graceful-Restart,
Software-version, and Role BGP capabilities to be adjusted dynamically
using BGP dynamic capability.
Dynamic BGP capability allows the dynamic update of capabilities over an
established BGP session. This capability would facilitate
non-disruptive capability changes by BGP speakers.
IS-IS SRv6 uSID support (RFC 9352)
The Segment Routing (SR) architecture allows a flexible definition of
the end-to-end path by encoding it as a sequence of topological
elements called "segments". It can be implemented over the MPLS or the
IPv6 data plane. This feature enables extensions in IS-IS to support
Segment Routing over the IPv6 data plane (SRv6) as per RFC 9352.
Next-hop resolution via the default route
Changed the default for a traditional profile to be enabled. The
datacenter profile is left as disabled.
Add support for VLAN, ECN, DSCP mangling/filtering
PBR maps are a way to specify a set of rules that are applied to packets
received on individual interfaces. If a received packet matches a rule,
the rule’s next-hop-group or next-hop is used to forward it; any other
actions specified in the rule are also applied to the packet.
With this change, we added more commands for PBR maps, like matching
src-ip, dst-ip, src-port, dst-port, vlan, dscp, ecn, and more.
libyang 2.1.80 related breaking changes
prefix-list matching in route-maps is fundamentally broken with
libyang 2.1.111. If you have this version, please downgrade to the most
stable version 2.1.80.
More details CESNET/libyang#2090
Other significant changes
Zebra support for route replace semantics in FPM link
New command for BGP neighbor x addpath-tx-best-selected link
New command for BGP mpls bgp l3vpn-multi-domain-switching link
A couple more new BGP route-map commands:
set as-path exclude all link
set as-path exclude as-path-access-list link
set extended-comm-list delete link
set as-path replace <any|ASN> [<ASN>] link
set as-path replace as-path-access-list WORD [<ASN>] link
match community-list X any UPDATE
Deprecations
Deprecate pre-standard outbound route filtering capability
Deprecate pre-standard route refresh capability
Drop deprecated capability
A complete log of changes can be found by browsing the commit history of the
FRR 9.1 tag
9.0.2
Fixed CVE-2023-47235
More details: https://frrouting.org/security/cve-2023-47235
Bug Fixes
bgpd
Fix aggregate-address summary-only suppressed export to EVPN
Allow using attribute number 255 for path attr discard/withdraw cmds
Check mandatory attributes more carefully for the UPDATE message
Do not suppress conditional advertisement updates if triggered
Fix Extended community memory leak
Fix the no set as-path prepend command
Fix heap-use-after-free for bgp_best_selection()
Fix crash in SNMP BGP4V2-MIB bgpv2PeerErrorsTable()
Fix clear bgp ipv6 unicast ... command
Flush attributes only if we don't have to announce a conditional route
(avoid use-after-free)
Free memory for SRv6 functions and locator chunks
Handle MP_UNREACH_NLRI malformed packets with session reset
Ignore handling NLRIs if we received the MP_UNREACH_NLRI attribute
Initialise timebuf arrays to zeros for dampening reuse timer
Initialise buffer in bgp_notify_admin_message() before using it
LTTng add EVPN route trace events
Make sure dampening is enabled for the specified AFI/SAFI
Use proper AFI when dumping information for dampening stuff
Treat the AS4-PATH attribute as withdrawn if malformed
Treat PMSI tunnel attribute as withdrawn if malformed
Treat EOR as withdrawn to avoid unwanted handling of malformed attrs
eigrpd
Use the correct memory pool on interface deletion
mgmtd
Change mgmtd_vty_port to 2623
Fix crash on show mgmtd datastore-contents
ospf6d
Fix setting of the forwarding address in as-external LSAs
Set loopback interface cost to 0
ospfd
Fixing infinite loop when listing OSPF interfaces
pathd
Add no msd command
Add no pcep command
pbrd
Fix show pbr map detail json command
Free memory in pbr_map_delete()
pim6d
Fix valgrind issues
pimd
Fix missing pimreg interface
tools
Fix the frr-reload interface description command
Fix the frr-reload route-map description command
Make --quiet actually suppress output
vtysh
Fix entering configuration node in file-lock mode
Fix configure terminal argument descriptions
Fix working in file-lock mode
Fix show route map json output
zebra
Add encap type when building packet for FPM
Display ptmStatus order in interface JSON
Fix connected route deletion when multiple entry exists
Fix FPM multipath encap addition
Fix link update for veth interfaces
Fix zebra crash when replacing nhe during shutdown
Prevent null pointer dereference
9.0.1
Bug Fixes
bgpd
Add peers back to peer hash when peer_xfer_conn fails
Check the length of the rcv software version
Do not explicitly print maxttl value for ebgp-multihop vty output
Do not process nlris if the attribute length is zero
Don't read the first byte of orf header if we are ahead of stream
Evpn code was not properly unlocking rd_dest
Fix show bgp all rpki notfound
Make sure we have enough data to read two bytes when validating aigp
Use treat-as-withdraw for tunnel encapsulation attribute
zebra
Fix evpn nexthop config order
lib
Allow unsetting walltime-warning and cpu-warning
ospfd
Prevent use after free( and crash of ospf ) when no router ospf
pimd
Prevent crash when receiving register message when the rp() is unknown
When receiving a packet be more careful with length in pim_pim_packet
vtysh
Print uniq lines when parsing no service ...
8.5.4
Fixed CVE-2023-47235
More details: https://frrouting.org/security/cve-2023-47235
Bug Fixes
bgpd
Check mandatory attributes more carefully for the UPDATE message
Do not suppress conditional advertisement updates if triggered
Fix crash in SNMP BGP4V2-MIB bgpv2PeerErrorsTable()
Handle MP_UNREACH_NLRI malformed packets with session reset
Ignore handling NLRIs if we received the MP_UNREACH_NLRI attribute
Initialise timebuf arrays to zeros for dampening reuse timer
Initialise buffer in bgp_notify_admin_message() before using it
Make sure dampening is enabled for the specified AFI/SAFI
Use proper AFI when dumping information for dampening stuff
Treat EOR as withdrawn to avoid unwanted handling of malformed attrs
eigrpd
Use the correct memory pool on interface deletion
vtysh
Fix show route map JSON output
ospfd
Fix infinite loop when listing OSPF interfaces
pbrd
Fix show pbr map detail json output
zebra
Add encap type when building packet for FPM
Display ptmStatus order in interface JSON
Fix connected route deletion when multiple entry exists
Fix FPM multipath encap addition
Fix link update for veth interfaces
Fix zebra crash when replacing nhe during shutdown
Prevent null pointer dereference
8.5.3
Bug Fixes
bgpd
Add peers back to peer hash when peer_xfer_conn fails
Do not explicitly print maxttl value for ebgp-multihop vty output
Do not process nlris if the attribute length is zero
Do not try to redistribute routes if we are shutting down
Don't read the first byte of orf header if we are ahead of stream
Evpn code was not properly unlocking rd_dest
Fix show bgp all rpki notfound
Fix session reset issue caused by malformed core attributes
Free bgp vpn policy
Free previously dup'ed aspath attribute for aggregate routes
Free temporary memory after using argv_concat()
Intern attributes before putting into rib-out
Make sure we have enough data to read two bytes when validating aigp
Prevent use after free
Rfapi memleak fixes, clean ce tables at exit
Unlock dest if we return earlier for aggregate install
Use treat-as-withdraw for tunnel encapsulation attribute
zebra
Fix evpn nexthop config order
Abstract dplane_ctx_route_init to init route without copying
Fix crash when dplane_fpm_nl fails to process received routes
Further handle route replace semantics
Fix command ipv6 nht xxx
lib
Allow unsetting walltime-warning and cpu-warning
Skip route-map optimization if !af_inet(6)
Use max_bitlen instead of magic number
ospf6d
Fix crash because neighbor structure was freed
Stop crash in ospf6_write
ospfd
Check for nulls in vty code
Prevent use after free( and crash of ospf ) when no router ospf
pbrd
Fix crash with match command
pimd
Prevent crash when receiving register message when the rp() is unknown
When receiving a packet be more careful with length in pim_pim_packet
ripd, ripngd
Revert "Cleanup memory allocations on shutdown"
tools
Add what frr thinks as the fib routes for support_bundle
vtysh
Print uniq lines when parsing no service ...
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from version 4.0.4 to 4.0.5
- Update of rootfile
- Changelog
4.0.5
Highlights
Fixed 4.0.0 bug where the IP address field in UDP announces were not encoded
in network byte order. [BEP-15]. (#6132)
Fixed a bug that incorrectly escaped JSON strings in some locales.
(#6005, #6133)
Fixed 4.0.4 decreased download speeds for people who set a low upload
bandwidth limit. (#6134)
All Platforms
Fixed bug that prevented editing trackers on magnet links. (#5957)
Fixed HTTP tracker announces and scrapes sometimes failing after adding a
torrent file by HTTPS URL. (#5969)
In RPC responses, change the default sort order of torrents to match
Transmission 3.00. (#5604)
Fixed tr_sys_path_copy() behavior on some Synology Devices. (#5974)
macOS Client
Support Sonoma when building from sources. (#6016, #6051)
Fixed early truncation of long group names in groups list. (#6104)
Qt Client
Fix: only append .added suffix to watchdir files. (#5705)
GTK Client
Fixed crash when opening torrent file from "Recently used" section in
GTK 4. (#6131, #6142)
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from version 8.10.0 to 10.0.0
- Update of rootfile
- Changelog is too large to include here. Details can be found in the NEWS.rst file in the
source tarball
CVE-2023-3750 was fixed in version 9.6.0
Fix race condition in storage driver leading to a crash
In **libvirt-8.3** a bug was introduced which in rare cases could cause
``libvirtd`` or ``virtstoraged`` to crash if multiple clients attempted to
look up a storage volume by key, path or target path, while other clients
attempted to access something from the same storage pool.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from version 2.3.4 to 2.4.1
- Update of rootfile
- Changelog
2.4.1 (2023-07-20)
No change information available anywhere that I could find
2.4.0 (2023-01-18)
No change information available anywhere that I could find
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from version 10.0.0 to 10.2.1
- Update of rootfile
- Changelog is a bit too large to include here. Details can be found in ChangeLog.md file
in source tarball.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from version 2.2.0 to 2.3.0
- Update of rootfile
2.3.0
- Changes:
* Rename PLIST_UINT to PLIST_INT and add plist_new_int() and plist_get_int_val()
* Add support for JSON format
* Add support for OpenStep format
* Introduce error codes and format constants
* Add return value to import/export functions to allow returning error codes
* Add new plist_sort function
* Add several human-readable output-only formats
* Add new plist_write_to_string/_stream/_file functions
* Add new plist_print function
* Add new plist_read_from_file function
* Add new plist_mem_free() function
* Add a few C++ methods
* Add C++ interface test
* Add PLIST_NULL type
* Some code housekeeping (mostly clang-tidy)
- Breaking:
* plist_from_memory() gets additional parameter
- Bugfixes:
* Fix multiple bugs in all of the parsers
* Fix handling of PLIST_UID nodes
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
- Update from version 2.5.4 to 2.5.5
- Update of rootfile
- Changelog
2.5.5 - December 1, 2023
* Update the syscall table for Linux v6.7-rc3
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
- With the 7.1 version of texinfo function names have changed which caused ffmpeg to fail
to build. There were some unofficial patches to fix ffmpeg to work with the new texinfo
but the simplest solution was to stop the docs being built in the configure command.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
- Update from version 2.8 to 2.9
- Update of rootfile
- Changelog
This file (NEWS) lists the most important changes to
the previous released version. For a full list of changes
please refer to the ChangeLog file.
New for version 2.9:
- Change Hardware Flow Control Default to No.
- Timestamping mode is now saved and restored.
- Split "Screen and Keyboard" menu into two menus.
- Update to gettext-0.21.
- Change return values of --help and --version to success.
- Support higher baud rates on MacOS
- Save character send delay to config file
- Save newline send delay to config file
- Update translations: Romanian, German, French, Norwegian/Bookmal, Polish,
Serbian, Swedish
- New translation: Georgian, Korean
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
- Update from version 2.28.3 to 2.28.5
- Update of rootfile
- Changelog
2.28.5
This is a stable bugfix release, with the following changes:
Added support for the HP HyperX Clutch Gladiate controller
Fixed a crash if a controller is disconnected while SDL is opening it
Fixed a crash on Linux if XInput2 isn't available at runtime
2.28.4
This is a stable bugfix release, with the following changes:
Enable clipping for zero sized rectangles in the SDL renderer
Notify X11 clipboard managers when the clipboard changes
Fixed sensor timestamps for third-party PS5 controllers
Added detection for Logitech and Simagic racing wheels
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
- Update from 2.8.0 to 2.8.1
- Update of rootfile
- Disable creating docs i9n configure statement
- Changelog is too large to include here (~500 lines). For more details read the NEWS.adoc
file in thye source tarball.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
- Update from version 0.189 to 0.190
- Update of rootfile
- Changelog
0.190
CONTRIBUTING: Switch from real name policy to known identity policy.
Updated ChangeLog policy (no more separate ChangeLog files).
There is a SECURITY bug policy now.
The default branch is now 'main'.
libelf: Add RELR support.
libdw: Recognize .debug_[ct]u_index sections
readelf: Support readelf -Ds, --use-dynamic --symbol.
Support .gdb_index version 9
scrlines: New tool that compiles a list of source files associated
with a specified dwarf/elf file.
debuginfod: Schema change (reindexing required, sorry!) for a 60%
compression in filename representation, which was a large
part of the sqlite index; also, more deliberate sqlite
-wal management during scanning using the
--scan-checkpoint option.
backends: Various LoongArch updates.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
- Update from version 10.01.2 to 10.02.1
- Update of rootfile
- Changelog - these are highlights. For more details the git commits have to be used.
10.02.1
release fixes CVE-2023-43115.
CVE-2023-43115 affects all Ghostscript/GhostPDL versions prior to 10.02.0.
CVE-2023-43115 is a remote code execution risk, so we recommend upgrading to
version 10.02.0 as a matter of urgency
10.02.0
release fixes CVE-2023-43115.
CVE-2023-43115 affects all Ghostscript/GhostPDL versions prior to 10.02.0.
CVE-2023-43115 is a remote code execution risk, so we recommend upgrading to
version 10.02.0 as a matter of urgency
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
For details see:
https://blog.clamav.net/2023/10/clamav-121-113-104-010311-patch.html
Excerpt:
"ClamAV 1.2.1 is a patch release with the following fixes:
Eliminate security warning about unused "atty" dependency.
Upgrade the bundled UnRAR library (libclamunrar) to version 6.2.12.
Build system: Fix link error with Clang/LLVM/LLD version 17. Patch courtesy of Yasuhiro Kimura.
Fix alert-exceeds-max feature for files > 2GB and < max-filesize."
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Reviewed-by: Adolf Belka <adolf.belka@ipfire.org>
- Update from version 1.14.6 to 1.14.10
- Update of rootfile
- Changelog
dbus 1.14.10 (2023-09-01)
Bug fixes:
• Avoid a dbus-daemon crash if re-creating a connection's policy fails.
If it isn't possible to re-create its policy (for example if it belongs
to a user account that has been deleted or if the Name Service Switch is
broken, on a system not supporting SO_PEERGROUPS), we now log a warning,
continue to use its current policy, and continue to reload other
connections' policies. (dbus#343; Peter Benie, Simon McVittie)
• If getting the groups from a user ID fails, report the error correctly,
instead of logging "(null)" (dbus#343, Simon McVittie)
• Return the primary group ID in GetConnectionCredentials()' UnixGroupIDs
field for processes with a valid-but-empty supplementary group list
(dbus!422, cptpcrd)
dbus 1.14.8 (2023-06-06)
Denial-of-service fixes:
• Fix an assertion failure in dbus-daemon when a privileged Monitoring
connection (dbus-monitor, busctl monitor, gdbus monitor or similar)
is active, and a message from the bus driver cannot be delivered to a
client connection due to <deny> rules or outgoing message quota. This
is a denial of service if triggered maliciously by a local attacker.
(dbus#457; hongjinghao, Simon McVittie)
Other fixes:
• Fix compilation on compilers not supporting __FUNCTION__
(dbus!404, Barnabás Pőcze)
• Fix some memory leaks on out-of-memory conditions
(dbus!403, Barnabás Pőcze)
• Documentation:
· Fix syntax of a code sample in dbus-api-design
(dbus!396; Yen-Chin, Lee)
Tests and CI enhancements:
• Fix CI pipelines after freedesktop/freedesktop#540
(dbus!405, dbus#456; Simon McVittie)
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
For details see:
v4.19.1. => https://www.samba.org/samba/history/samba-4.19.1.html
"
==============================
Release Notes for Samba 4.19.1
October 10, 2023
==============================
This is a security release in order to address the following defects:
o CVE-2023-3961: Unsanitized pipe names allow SMB clients to connect as root to
existing unix domain sockets on the file system.
https://www.samba.org/samba/security/CVE-2023-3961.html
o CVE-2023-4091: SMB client can truncate files to 0 bytes by opening files with
OVERWRITE disposition when using the acl_xattr Samba VFS
module with the smb.conf setting
"acl_xattr:ignore system acls = yes"
https://www.samba.org/samba/security/CVE-2023-4091.html
o CVE-2023-4154: An RODC and a user with the GET_CHANGES right can view all
attributes, including secrets and passwords. Additionally,
the access check fails open on error conditions.
https://www.samba.org/samba/security/CVE-2023-4154.html
o CVE-2023-42669: Calls to the rpcecho server on the AD DC can request that the
server block for a user-defined amount of time, denying
service.
https://www.samba.org/samba/security/CVE-2023-42669.html
o CVE-2023-42670: Samba can be made to start multiple incompatible RPC
listeners, disrupting service on the AD DC.
https://www.samba.org/samba/security/CVE-2023-42670.html"
v4.19.2 => https://www.samba.org/samba/history/samba-4.19.2.html
"Changes since 4.19.1
--------------------
o Jeremy Allison <jra@samba.org>
* BUG 15423: Use-after-free in aio_del_req_from_fsp during smbd shutdown
after failed IPC FSCTL_PIPE_TRANSCEIVE.
* BUG 15426: clidfs.c do_connect() missing a "return" after a cli_shutdown()
call.
o Ralph Boehme <slow@samba.org>
* BUG 15463: macOS mdfind returns only 50 results.
o Volker Lendecke <vl@samba.org>
* BUG 15481: GETREALFILENAME_CACHE can modify incoming new filename with
previous cache entry value.
o Stefan Metzmacher <metze@samba.org>
* BUG 15464: libnss_winbind causes memory corruption since samba-4.18,
impacts sendmail, zabbix, potentially more.
o Martin Schwenke <mschwenke@ddn.com>
* BUG 15479: ctdbd: setproctitle not initialized messages flooding logs.
o Joseph Sutton <josephsutton@catalyst.net.nz>
* BUG 15491: CVE-2023-5568 Heap buffer overflow with freshness tokens in the
Heimdal KDC in Samba 4.19
* BUG 15477: The heimdal KDC doesn't detect s4u2self correctly when fast is
in use."
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Reviewed-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Looking through some of the changelog and some mail list communications it looks like
qemu decided they did noty want to maintain their own bundled version of libslirp when
the majority of OS's had their own version now in place. Ubuntu 18.04 did not have
libslirp but qemu stopped supporting that version from qemu-7.1
- So it looks like all OS's have a standard libslirp available now and qemu have taken
the decision to no longer have their own version but to use the system version. That
was always possible to do if use of the system version was explicitly defined but
the default was to use the bundled version.
- No evidence that libslirp is deprecated.
- The last version of libslirp was released a year ago but it looks like every month or
so there are a couple of commits merged. The last was a month ago.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from version 8.0.3 to 8.1.1
- In CU179 the update of qemu caused at least one user to have a problem starting his
qemu system as the qemu bundled slirp library used for the net user backend was removed
in version 7.2. Unfortunately no user tested qemu in the CU179 Testing phase, or if they
did they are not using the net user backend.
- This patch adds the --enable-slirp option to configure and installs libslirp in a
separate patch.
- I can't test if this now works as I don't use qemu anywhere.
- Changelog is too large to include here.
8.1
https://wiki.qemu.org/ChangeLog/8.1
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from version 2.28.1 to 2.28.3
- Update of rootfile
- Changelog
2.28.3
This is a stable bugfix release, with the following changes:
Added a gamepad mapping for the G-Shark GS-GP702
Fixed touchpad events for the Razer Wolverine V2 Pro in PS5 mode
Fixed getting key events from TV remotes on Android
Updated to Android minSdkVersion 19 and targetSdkVersion 34 to meet Google
Play Store requirements
2.28.2
This is a stable bugfix release, with the following changes:
Fixed occasionally failing to open the clipboard on Windows
Fixed crash at shutdown when using the D3D11 renderer
Fixed setting the viewport when using the D3D12 renderer
Fixed crash using SDL event functions before initializing SDL on Windows
Fixed Xbox controller trigger motion events on Windows
Fixed Xbox controller rumble in the background on Windows
Added the hint SDL_HINT_JOYSTICK_WGI to control whether to use
Windows.Gaming.Input for controllers
Fixed 8BitDo gamepad mapping when in XInput mode on Linux
Fixed controller lockup initializing some unofficial PS4 replica controllers
Fixed video initialization on headless Linux systems using VNC
Fixed large mouse jump when changing relative mouse mode on macOS
Fixed hardware keyboard text input on iPadOS
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from version 2.18.5 to 2.19.0
- Update of rootfile for x86_64
- Changelog is too large to include here
4.19.0
See the WHATSNEW.txt file in the soiurce tarball
4.18.6
* BUG 15420: reply_sesssetup_and_X() can dereference uninitialized tmp
pointer.
* BUG 15430: Missing return in reply_exit_done().
* BUG 15289: post-exec password redaction for samba-tool is more reliable for
fully random passwords as it no longer uses regular expressions
containing the password value itself.
* BUG 9959: Windows client join fails if a second container CN=System exists
somewhere.
* BUG 15342: Spotlight sometimes returns no results on latest macOS.
* BUG 15417: Renaming results in NT_STATUS_SHARING_VIOLATION if previously
attempted to remove the destination.
* BUG 15427: Spotlight results return wrong date in result list.
* BUG 15414: "net offlinejoin provision" does not work as non-root user.
* BUG 15400: rpcserver no longer accepts double backslash in dfs pathname.
* BUG 15433: cm_prepare_connection() calls close(fd) for the second time.
* BUG 15346: 2-3min delays at reconnect with smb2_validate_sequence_number:
bad message_id 2.
* BUG 15441: samba-tool ntacl get segfault if aio_pthread appended.
* BUG 15446: DCERPC_PKT_CO_CANCEL and DCERPC_PKT_ORPHANED can't be parsed.
* BUG 15390: Python tarfile extraction needs change to avoid a warning
(CVE-2007-4559 mitigation).
* BUG 15435: Regression DFS not working with widelinks = true.
* BUG 9959: Windows client join fails if a second container CN=System exists
somewhere.
* BUG 15441: samba-tool ntacl get segfault if aio_pthread appended.
* BUG 15449: mdssvc: Do an early talloc_free() in _mdssvc_open().
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from version 9.6.7 to 11.0.6
- Update of rootfile
- Ran find-dependencies for the sobump. All libraries are only linked into bacula
- All of the versions from 9.6.7 to 11.0.6 and up to 13.0.3 have no bug fixes relatred to
the bacula-fd daemon. With bacula-fd running on a separate machine to the bacula-dir and
bacula-sd daemons, older versions of bacula-fd will work with no bug issues with a newer
bacula-dir and bacula-sd.
- If we put a very new version of bacula-fd on IPFire then it will not work with older
versions of bacula-dir and bacula-sd.
- A new feature in the bacula 11 series is that communication between daemons will
automatically use TLS if OpenSSL is installed on the machines running bacula.
Therefore having a bacula 11 based bacula-fd on IPFire will automatically, with no user
configuration required, use TLS for communication to the IPFire bacula-fd from the other
bacula daemons on other machines.
- This has been shown to automatically work between the bacula-fd daemons on my laptop and
desktop machines and the bacula-dir/bacula-sd on my server machine.
Currently communication between mu bacula-dir/bacuila-sd daemons and the IPFire bacula-fd
daemon communication is still unencrypted.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- In the services WUI page any addon that has a WUI menu page defined, such as Samba,
Guardian etc, has the addon name shown in underlined red which is a link to the addon
cgi page. This works for the other addons as the addon cgi name is the same as the
addon name. I have identified that this is not the case for apcupsd, because the cgi
page is called upsstats.cgi
- This patch adjusts the cgi name to allow apcupsd to also be shown in underlined red.
- The lfs file copies the upsstats.cgi file to one named apcupsd.cgi
- The apcupsd menu file has the cgi name changed from upsstats.cgi to apcupsd.cgi
- The rootfile is updated to also include the apcupsd.cgi file with the others.
- Tested in my vm testbed by making the above changes in the code and the apcupsd addon
was then shown in underlined red, which acted as a link to the apcupsd status WUI page.
Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
