ccp based trng of the apu2 produce none random data.
Aes accleration is also not used because IPFire prefere
AES-NI if this is supported.
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
this id's are blacklisted in new cdc_ether module
because the r8152 module should used but the
3.14 module not know this id's.
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
This update fixes some smaller issues on various dynamic DNS
providers and adds support for DuckDNS as new provider.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Changes the libvirt user to nobody and the group to kvm this is a bit
safer as to use root for both.
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
As a normal user, it is not possible to use qemu with KVM. This is bad
because it is better when it is possible to start the machine with a
less privileged user. To achieve this a group KVM is created and the
access to /dev/kvm is allowed for this group. So every user in this
group can use qemu with KVM.
This change is also useful for libvirt because the VMs can be started
with user nobody and group kvm.
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
The if statement in line 89 and 99 are useless with the -e
conditional expression because it returns true if the path ist a
regular file or a directory.
So "/etc/init.d/ " returns true and "/etc/init.d/avahi" return also true,
but the statement should return only true if we have a regular file.
So -f if the right conditional expression, and we only try to execute
the init script if the path "/etc/init.d/${1}" points to a regular file.
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
It is possible to communicate per ssh via a socket with libvirt. It is
not a good idea to do this as root, so the remote user is now
libvirt-remote. Only this user or users in the group libvirt-remote can
communicate with the socket.
The user libvirt-remote is created without a password. The users have to
set a password for this user after installation.
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Excerpt from annoncement:
"This version fixes a security vulnerability (CVE-2016-4971) present in
all old versions of wget. The vulnerability was discovered by Dawid
Golunski which were reported to us by Beyond Security's SecuriTeam.
On a server redirect from HTTP to a FTP resource, wget would trust the
HTTP server and uses the name in the redirected URL as the destination
filename.
This behaviour was changed and now it works similarly as a redirect from
HTTP to another HTTP resource so the original name is used as
the destination file. To keep the previous behaviour the user must
provide --trust-server-names."
Best,
Mat-backfromholidays-thias
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
The swap.state file may be broken and so we delete this here and
let squid rebuild the cache at the next start.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This patch updates the ncurses to 6.0. The old 5.9 are renamed to ncurses-compat.
The compat makes the old libs maintainable and the compat rootfile is cleaned up.
The 6.0 is build after 5.9 and all IPFire componentes will build with 6.0
In version 6 only the wide-character libraries are build. The are usable
in both multibyte and traditional 8-bit locales while normal libraries work
properly only in 8-bit locales. The toolchain is only bild with 6.0.
Signed-off-by: Marcel Lorenz <marcel.lorenz@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
