This is another fragment of rngd - the gift that keeps giving.
The udev rules file contains a lot of stuff for a prototype which never
went into production. So, that can be dropped.
It would have been left with one rule that starts rngd whenever a HWRNG
is being found. That is however no longer needed as rngd is being
started in the init process. We no longer need to initialize it as early
as possible to seed the kernel's PRNG.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
mount -f does nothing and also the sync calls should do nothing
on a already ro mounted filesystem.
fixes: #13195
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This change will make sure that dehydrated will continue if (re-)issuing
one or more certificate fails.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
Since the update is not built on the day when people install it, we will
ship an outdated database. For updates, where the firewall is being
reloaded or rebooted, we will have an old database in place until the
next database update job runs.
Secondly, the data is 33 MiB in size, which is useless data shipped as
every system will already have a database that is very likely to be more
recent.
In this update, we are not shipping the location database again, but I
wanted to add this change so it does not get lost next time.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
This changes the old "diff" algorithm that we needed to have before
Unbound was able to reload its own configuration.
Now, it can do this even without dropping the cache. This should
hopefully perform much better and be more reliable than the old way.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Acked-by: Peter Müller <peter.mueller@ipfire.org>
- changes `interface` to `pcap_interface` in pmacct.conf file.
- thank you to @iptom for finding and reporting the issue and
to many others for pitching in and helping debug!
Signed-off-by: Jon Murphy <jon.murphy@ipfire.org>
Originally announced for Core Update 176, this step was postponed until
Core Update 177 due to my fault of having shipped all necessary
dependencies for OpenSSL 3.x in Core Update 175 properly.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
- Removal of lfs file
- Removal of rootfile
- Removal of backup includes file
- Removal of three patches
- Removal of paks files
- Adjustment of make.sh to remove squidclamav
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
- Update from version 20230404 to 20230625
- Update of rootfile carried out based on Peter Mueller's description from last
linux-firmware update.
- It would be good to have it checked that my results are in line with what they should be.
- Changelog
For changes see the commits in the git repo
https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/log/
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
There are no functional changes in these files, but they are however
linked against OpenSSL 1.1.1 and need to be re-shipped before we remove
the legacy library.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This reverts commit aa8a659ab7.
This cannot be done, yet, because an updated system still has hundreds
of files using the old libraries. Those will have to be re-shipped first
before we actually remove OpenSSL 1.1.1.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Changelog is too long to include it here, please refer to the ChangeLog
file in the sourcecode tarball.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
