- Previously this patch was reverted due to Grub not being able to boot with it.
This was fixed in Grub-2.12
- Confirmed on my vm testbed that a CU186 install with this e2fsprogs version was able
to complete the install when the reboot button at the end of the first install stage
was completed.
- Update from version 1.46.5 to 1.47.0
- Update of rootfile not required
- Changelog
E2fsprogs 1.47.0 (February 5, 2023)
Updates/Fixes since v1.46.6:
UI and Features
Add support for the orphan_file feature, which speeds up workloads that
are deleting or truncating a large number files in parallel. This
compat feature was first supported in the v5.15 Linux kernel.
The mke2fs program (via the mke2fs.conf file) now enables the
metadata_csum_seed and orphan_file features by default. The
metadata_csum_seed feature is an incompat feature which is first
supported in the Linux kernel starting in the 4.4 kernel and e2fsprogs
1.43.
Mke2fs now supports the extended option "assume_storage_prezeroed" which
causes mke2fs to skip zeroing the journal and inode tables and to mark
the inode tables as zeroed.
Add support to tune2fs and e2label to set the label and UUID for a
mounted file system using a ioctl, which is more reliable than modifying
the superblock via writing to the block device. The kernel support for
setting the label landed in v5.17, while the support for adding the UUID
landed in v6.0. If the ioctls are not supported, tune2fs and e2label
will fall back old strategy of directly modifying the superblock.
Allow tune2fs to disable the casefold feature after scanning all of the
directories do not have the Casefold flag set.
Fixes
Fix a potential unbalanced mutex unlock when there is a short read while
using the bounce buffer when using direct I/O.
Performance, Internal Implementation, Development Support etc.
Fix various Coverity and compiler warnings.
Add the new function ext2fs_xattrs_read_inode() which takes an in-memory
inode to avoid needing to reread an inode that was already read into
memory.
Teach debugfs logdump command the -n option which forces printing a
specified number of transactions, even when a block missing a magic
number would have stopped the logdump. (This is for debugging
journalling problems.)
E2fsprogs 1.46.6 (February 1, 2023)
Updates/Fixes since v1.46.5:
UI and Features
Debugfs's ncheck command now allows the inode number to be surrounded by
angle brackets, to be consistent with other debugfs commands.
Debugfs no longer prints a scary message when debugfs -c (which enables
"catastrophic mode") is used. This was intended to allow debugfs to
operate on very badly corrupted file systems, but it is now sometimes
used to suppress reading the block and inode bitmaps when they are not
needed.
Resize2fs will round down the requested new file system size to the
nearest cluster boundary when resizing bigalloc file systems.
Improve error messages issued by badblocks.
Fuse2fs now supports an offset=<bytes> option which allows operating on
a file system image which is located starting at the specified offset
from the beginning of the image.
Fixes
Pre-v6.2 Linux kernels had long-standing bug in how the extended
attribute hash was calculated when there were non-ASCII characters in
the xattr name, when the hash would be different depending on whether
the C 'char' type was signed or unsigned. To address this bug, starting
with e2fsprogs 1.46.6+ and Linux 6.2+, we will accept either the signed
or unsigned hash variant, but only set the unsigned hash variant. Since
extended attribute names are in practice composed of ASCII characters,
other than various tests (such as generic/454), most users will
hopefully not notice this change.
Avoid triggering udev in dumpe2fs and "resize2fs -P" for file systems
with MMP enabled by opening the device read-only when reading the MMP
block.
Fix MMP handling so it can notice when another writer has modify the MMP
block out from under it when stopping a MMP sessions.
Fix tune2fs so it will detect another device stealing the MMP sessions
while rewriting metadata checksums.
E2fsck will now check to make sure the journal inode does not have the
encrypt flag set.
Fix a deadlock bug in e2fsck's error handler when there are errors
trying to write to the file system.
Fix a bug where e2fsck could fail when specifying an undo file and an
explicit superblock number.
Fix e2image so it won't potentially loop forever for certain invalid
file systems.
Fix resize2fs to honor the E2FSPROGS_FAKE_TIME environment variable.
This allows embedded system builders who use resize2fs as part of their
image build process to create reproducible images.
Fix tune2fs to avoid a crash if the journal replay fails and to make
sure its exit status is non-zero if there is some failure.
Fix tune2fs, fuse2fs, and debugsfs to update j_tail_sequence when
replaying the journal.
Add additional bullet-proofing for very badly corrupted file systems.
Try avoid UBSAN warnings, null pointer derferences, and other memory
bugs. (Addresses CVE-2022-1304)
Don't fail when the source directory for mke2fs -d doesn't support
extended attributese.
Check for and handle malloc() failures when computing the log filename
in e2fsck and in the libss library.
Fix tune2fs and e2fsck to accept pathames which include '=' characters.
Previously arguments to tune2fs and e2fsck which included '=' characters
are presumed to be blkid specifiers such as UUID=xxx or LABEL=yyy. If a
specifier is both a valid pathname name and blkid tag name specifier,
priority is given to a blkid resolved pathname.
Improve tune2fs's error messages.
Fix a bug in tune2fs which could cause it to crash if device goes
off-line just as it being opened.
Fix the fsck driver so if it is interrupted while running fsck -N it
doesn't end up kllling all processes on the system.
Fix a crash in badblocks when the user specifies an overly large
number of blocks tested at a time in read/write or nondestructive
mode.
Update and clarify's chattr's man page and usage message. Fix spelling
typo's in a variety of different man pages and comments.
Performance, Internal Implementation, Development Support etc.
Update to autoconf 2.71.
Update flags used to create shared library on Darwin/MacOS.
Speed up e2fsck's clonning of multiply-claimed blocks so it is
substantially faster on very large file systems.
Add tests/fuzz directory with fuzzers from oss-fuzz.
Add a Github Actions configuration file so that Github will run CI tests
on Linux, Windows and MacOS on a push to the e2fsprogs github repo.
Make the mtab parsing in ext2fs_check_mount_point() more careful so it
won't get confused when a block device shows up in the mnt_name field
for a virtual file system.
Fix the libss's Makefile to create the man page directory before trying
to install its man page.
Fix various Coverity and compiler warnings.
Make tests more portable on various different OS's and system
configurations (e.g., with SELinux enabled, MacOS, and Windows)
Use mallinfo2() instead of mallinfo() where avilable, since mallinfo()
is deprecated on newer glibc versions.
E2fsck will no longer do a full scan of disconnected directory when
trying to print the parent directory, which is pointless and can slow
down e2fsck if there are a large number of disconnected directories.
Debugfs will now print the extended attribute's e_hash field.
Fix the setup-schroot script to work on non-Linux platforms.
Fix ext2fs_compare_generic_bmap() so it correctly compares all of the
bits in the bitmap, and so that it works correctly when comparing a
bitarray bitmap with a rbtree-based bitmap. (Fortunately, none of the
programs in e2fsprogs uses bitmap comparison functions.)
Fix memory leaks on error paths.
Add support for the configure option --enable-largefile so that
e2fsprogs can utilize largefile support for the MUSL C library.
Add an note that the dict library code has been modified, as required by
the Kazlib license.
Synchronized changes from Android's AOSP e2fsprogs tree.
Updated config.guess and config.sub with newer versions from the FSF.
Add Friulian translation.
Update Chinese, Czech, Dutch, French, German, Malay, Polish, Serbian,
Spanish, Swedish, and Ukrainian translations.
Fixes: bug#13073
Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
- Update from version 20240312 to 20240514
- Update of rootfile not required.
- For the changelog details see the releasenote.md file in the source tarball.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
- Update from version 11.0.6 to 13.0.4
- Update of rootfile
- Version 13.x has now been released for 12 months so updating the File Daemon to 13.x
should be good.
- Version 11.x was released 40 months ago.
- Changelog
The changes are all related to the Director and the Storage Daemon. The changelog states
that older file daemons "should" be compatible with 13.x DIR & SD. This change ensures
IPfire "is" compatible with the 13.x DIR & SD.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
This is a small bugfix release.
Changelog:
Fix: Output enabled state is bool type
Fix: Add missing sort parameters to home icon for search
Fix: Set default stream port if stream uri is defined
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
- Update from version 2023d to 2024a
- Update of rootfile not required
- Changelog
2024a
Briefly:
Kazakhstan unifies on UTC+5 beginning 2024-03-01.
Palestine springs forward a week later after Ramadan.
zic no longer pretends to support indefinite-past DST.
localtime no longer mishandles Ciudad Juárez in 2422.
Changes to future timestamps
Kazakhstan unifies on UTC+5. This affects Asia/Almaty and
Asia/Qostanay which together represent the eastern portion of the
country that will transition from UTC+6 on 2024-03-01 at 00:00 to
join the western portion. (Thanks to Zhanbolat Raimbekov.)
Palestine springs forward a week later than previously predicted
in 2024 and 2025. (Thanks to Heba Hamad.) Change spring-forward
predictions to the second Saturday after Ramadan, not the first;
this also affects other predictions starting in 2039.
Changes to past timestamps
Asia/Ho_Chi_Minh's 1955-07-01 transition occurred at 01:00
not 00:00. (Thanks to Đoàn Trần Công Danh.)
From 1947 through 1949, Toronto's transitions occurred at 02:00
not 00:00. (Thanks to Chris Walton.)
In 1911 Miquelon adopted standard time on June 15, not May 15.
Changes to code
The FROM and TO columns of Rule lines can no longer be "minimum"
or an abbreviation of "minimum", because TZif files do not support
DST rules that extend into the indefinite past - although these
rules were supported when TZif files had only 32-bit data, this
stopped working when 64-bit TZif files were introduced in 1995.
This should not be a problem for realistic data, since DST was
first used in the 20th century. As a transition aid, FROM columns
like "minimum" are now diagnosed and then treated as if they were
the year 1900; this should suffice for TZif files on old systems
with only 32-bit time_t, and it is more compatible with bugs in
2023c-and-earlier localtime.c. (Problem reported by Yoshito
Umaoka.)
localtime and related functions no longer mishandle some
timestamps that occur about 400 years after a switch to a time
zone with a DST schedule. In 2023d data this problem was visible
for some timestamps in November 2422, November 2822, etc. in
America/Ciudad_Juarez. (Problem reported by Gilmore Davidson.)
strftime %s now uses tm_gmtoff if available. (Problem and draft
patch reported by Dag-Erling Smørgrav.)
Changes to build procedure
The leap-seconds.list file is now copied from the IERS instead of
from its downstream counterpart at NIST, as the IERS version is
now in the public domain too and tends to be more up-to-date.
(Thanks to Martin Burnicki for liaisoning with the IERS.)
Changes to documentation
The strftime man page documents which struct tm members affect
which conversion specs, and that tzset is called. (Problems
reported by Robert Elz and Steve Summit.)
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
- Update from version 3450200 to 3450300
- Update of rootfile not required
- Changelog
3450300
Fix a long-standing bug (going back to version 3.24.0) that might (rarely) cause
the "old.*" values of an UPDATE trigger to be incorrect if that trigger fires in
response to an UPSERT. Forum post 284955a3cd454a15.
Fix a bug in sum() that could cause it to return NULL when it should return
Infinity. Forum post 23b8688ef4.
Other trifling corrections and compiler warning fixes that have come up since the
previous patch release. See the timeline for details.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Changelog according to the tarball's NEWS file:
- Improvements
- Use any hash algo known by kernel/openssl instead of keep needing
to update the mapping
- Teach kmod to load modprobe.d/depmod.d configuration from ${prefix}/lib
and allow it to be overriden during build with --with-distconfdir=DIR
- Make kernel modules directory configurable. This allows distro to
make kmod use only files from /usr regardless of having a compat
symlink in place.
- Install kmod.pc containing the features selected at build time.
- Install all tools and symlinks by default. Previously kmod relied on
distro packaging to set up the symlinks in place like modprobe,
depmod, lsmod, etc. Now those symlinks are created by kmod itself
and they are always placed in $bindir.
- Bug Fixes
- Fix warnings due to -Walloc-size
- Others
- Drop python bindings. Those were not update in ages and not compatible
with latest python releases.
- Cleanup test infra, dropping what was not used anymore
- Drop experimental tools `kmod insert` / `kmod remove`. Building those
was protected by a configure option never set by distros. They also
didn't gain enough traction to replace the older interfaces via
modprobe/insmod/rmmod.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Reviewed-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Full changelog according to https://gitlab.torproject.org/tpo/core/tor/-/raw/tor-0.4.8.11/ChangeLog:
Changes in version 0.4.8.11 - 2024-04-10
This is a minor release mostly to upgrade the fallbackdir list. Worth noting
also that directory authority running this version will now automatically
reject relays running the end of life 0.4.7.x version.
o Minor feature (authority):
- Reject 0.4.7.x series at the authority level. Closes ticket 40896.
o Minor feature (dirauth, tor26):
- New IP address and keys.
o Minor feature (directory authority):
- Allow BandwidthFiles "node_id" KeyValue without the dollar sign at
the start of the hexdigit, in order to easier database queries
combining Tor documents in which the relays fingerprint does not
include it. Fixes bug 40891; bugfix on 0.4.7 (all supported
versions of Tor).
o Minor features (fallbackdir):
- Regenerate fallback directories generated on April 10, 2024.
o Minor features (geoip data):
- Update the geoip files to match the IPFire Location Database, as
retrieved on 2024/04/10.
o Minor bugfixes (directory authorities):
- Add a warning when publishing a vote or signatures to another
directory authority fails. Fixes bug 40910; bugfix
on 0.2.0.3-alpha.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
- As discussed in the Dev conf call on 2024-Jan-08
- The 1.x version of Icinga has been EOL since 2018
- The 2.x version would require a complete new configuration approach as the settings
and options are completely different to 1.x and so would be a start from scratch.
- removal of icinga from make.sh file
- removal of lfs file
- removal of rootfile
- removal of configuration file
- removal of backup includes file
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Acked-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
- sslh is listed in the initscripts lfs and rootfiles.
- Removal of these references with the bremoval of sslh
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
- As discussed in the Dev conf call on 2024-Apr-08
- sslh has not been functioning since last update ion Sep 2021. Configuration syntax
was radically changed somewhere in the update from 1.7a(2013) to 1.22c in Sep 2021
- removal of sslh from make file
- removal of lfs file
- removal of rootfile
- removal of paks files
- removal of initscript
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
For details see:
https://downloads.isc.org/isc/bind9/9.16.49/doc/arm/html/notes.html#notes-for-bind-9-16-49
"Bug Fixes
A regression in cache-cleaning code enabled memory use to grow
significantly more quickly than before, until the configured
max-cache-size limit was reached. This has been fixed. [GL #4596]
Using rndc flush inadvertently caused cache cleaning to become
less effective. This could ultimately lead to the configured
max-cache-size limit being exceeded and has now been fixed. [GL #4621]
The logic for cleaning up expired cached DNS records was tweaked to be
more aggressive. This change helps with enforcing max-cache-ttl and
max-ncache-ttl in a timely manner. [GL #4591]
It was possible to trigger a use-after-free assertion when the overmem
cache cleaning was initiated. This has been fixed. [GL #4595]"
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
- I checked out doing a fresh install of CU184 and found that although the
LOGDROPHOSTILEIN and LOGDROPHOSTILEOUT entries were selected as "on" the values were not
in the /var/ipfire/optionsfw/settings file.
- After some investigfation I realised that when I created the LOGDROPHOSTILE split into
incoming and outgoing I had not added them into the configroot lfs file.
- This patch adds the two entries and this was tested out with a fresh install and
confirmed to update the settings file.
Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
the kernel doesn't allow to read the frequency of a offline virtual core
if smt is disabled so now no error is reported in this case and NaN submited to the
database.
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
grub-btrfs try to reconfigure grub in the buildsystem and print always the bugtracker url on every error even when its not a bug
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
As very simple XS based perl binding for libarchive
to get header data and extract files.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This is only a build dependency for perl-Arhive-Peek-Libarchive and
will not be installed on a system
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This is only a build dependency for perl-Config-AutoConf and
will not be installed on a system
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This is a precautionary step to avoid that we have any issues to face
because of a downgrade as new symbols have been added to liblzma 5.6.0.
Furthermore, this should avoid shipping any traces of any other
potential malware in XZ that has been added in 5.6.0 or after.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- xz version 5.6.0 and 5.6.1 discovered to have been backdoored by what looks to have
been one of the xz devs.
- IPFire looks not to be affected by the problem as we don't patch openssh to be linked
with liblzma
- However due to question marks about what else might be in these 5.6.x versions it is
better to revert back to a version that did not have the build-to-host.m4 file with the
code that modifies the build if it meets certain criteria.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This kind of grub addon will extend the grub boot menu by a additional
submenu where a BTRFS snapshot can be selected to directly use as root
volume and boot into it.
The grub-btrfsd daemon is using inotify(tools) to watch the snapshot directory for
new or deleted snapshots and calls grub-mkconfig to adjust the snapshot grub submenu
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
