bpfire

mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-27 11:13:24 +02:00

Author	SHA1	Message	Date
Michael Tremer	f43f28738a	make.sh: Fix checking if we have a fake environment Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2024-07-22 15:21:19 +00:00
Michael Tremer	03c51a4e67	Config: Drop toolchain URL Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2024-07-22 15:21:19 +00:00
Michael Tremer	9773290176	make.sh: Refactor uploading sources Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2024-07-22 15:21:18 +00:00
Michael Tremer	2581760148	make.sh: Make the disk space check optional There is little value in running this when entering a shell... Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2024-07-22 15:21:18 +00:00
Michael Tremer	372f80882a	make.sh: Mount the log directory for the correct architecture Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2024-07-22 15:21:18 +00:00
Michael Tremer	3db20d6fba	make.sh: Refactor compression the toolchain Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2024-07-22 15:21:18 +00:00
Michael Tremer	74371ed5b6	make.sh: Create a custom log function Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2024-07-22 15:21:18 +00:00
Michael Tremer	711a047b66	make.sh: Use path variables for cleanup Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2024-07-22 15:21:18 +00:00
Michael Tremer	baf15b60f7	make.sh: Refactor downloading the toolchain Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2024-07-22 15:21:18 +00:00
Michael Tremer	3277e38460	.gitignore: Ignore architecture directories Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2024-07-22 15:21:18 +00:00
Michael Tremer	2b81545bc5	make.sh: Forward the architecture to the namespace Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2024-07-22 15:21:18 +00:00
Michael Tremer	cf4652d603	make.sh: Refactor the toolchain extraction Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2024-07-22 15:21:18 +00:00
Michael Tremer	38b4f088a2	make.sh: Build in a separate directory for each architecture This allows running multiple builds in the same working directory. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2024-07-22 15:21:18 +00:00
Michael Tremer	79ea5921bc	make.sh: Use LOG_DIR for logs Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2024-07-22 15:21:18 +00:00
Michael Tremer	b39d6d9a89	make.sh: Check free space in the base directory This makes more sense if we want to support building multiple architectures and if we consider cache and ccache, too. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2024-07-22 15:21:18 +00:00
Michael Tremer	27b8db2421	make.sh: Create all bind-mounts as read-only where possible This way, the build environment can no longer modify any source any more. This was not a huge integrity problem before as Git would have shown differences, but it might cause damage to the build system which need to manually be recovered. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2024-07-22 15:21:18 +00:00
Michael Tremer	daa17f2e24	make.sh: Create /dev and /sys in the build environment Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2024-07-22 15:21:17 +00:00
Michael Tremer	1801c2419d	perl-Device-SerialPort: Use /dev/null as test port The build failed with the new minimal /dev it is looking for some TTY devices which are no longer present. This patch fixes the build. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2024-07-22 15:21:17 +00:00
Michael Tremer	b2e0324ebc	make.sh: Create /proc in the chroot environment before mounting it Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2024-07-22 15:21:17 +00:00
Michael Tremer	9948d3d9ac	make.sh: Move PS1 to the header Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2024-07-22 15:21:17 +00:00
Michael Tremer	5c865ab9d8	make.sh: Remove TARGET_ARCH compatibility Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2024-07-22 15:21:17 +00:00
Michael Tremer	a0aefbd53f	make.sh: Remove option to make /usr/src a ramdisk I am not sure this is helping in any way these days that we have SSDs everywhere... Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2024-07-22 15:21:17 +00:00
Michael Tremer	bcf9d74b59	make.sh: Remove docker stuff This is basically unused for years. I even forgot we had this. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2024-07-22 15:21:17 +00:00
Michael Tremer	49714ec428	make.sh: Tidy up LOGFILE Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2024-07-22 15:21:17 +00:00
Michael Tremer	510dd732ea	make.sh: Refactor determining BASEDIR Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2024-07-22 15:21:17 +00:00
Michael Tremer	8eeaf1ab7e	make.sh: Group variables and initialization together Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2024-07-22 15:21:17 +00:00
Michael Tremer	814360a348	make.sh: Set the CCACHE_DIR with the ccache to use Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2024-07-22 15:21:17 +00:00
Michael Tremer	b0c45169f2	make.sh: Refactor the root user check Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2024-07-22 15:21:17 +00:00
Michael Tremer	86565d7f7a	make.sh: Tidy up the environment creation function NFC Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2024-07-22 15:21:17 +00:00
Michael Tremer	f8b5e93d94	make.sh: Refactor the space check Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2024-07-22 15:21:17 +00:00
Michael Tremer	37081a7a1d	make.sh: No longer export LFS as it is not being used Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2024-07-22 15:21:16 +00:00
Michael Tremer	4fd413a1a8	make.sh: Replace LFS with BUILD_DIR This is probably a more specific name for this. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2024-07-22 15:21:16 +00:00
Michael Tremer	3a5d7b880b	make.sh: Always mount a separate /tmp Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2024-07-22 15:21:16 +00:00
Michael Tremer	d4e9fc7fc5	make.sh: Make BUILD_DIR a mountpoint Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2024-07-22 15:21:16 +00:00
Michael Tremer	e940d23cf8	make.sh: Create a new, minimal /dev in the build environment Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2024-07-22 15:21:16 +00:00
Michael Tremer	4c92e5d852	make.sh: Don't bind-mount the host's /proc Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2024-07-22 15:21:16 +00:00
Michael Tremer	6a644a5d30	make.sh: Create the second mount namespace as slave Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2024-07-22 15:21:16 +00:00
Michael Tremer	738704d76c	make.sh: Don't create a new IPC namespace If we do this, we no longer can interrupt the build process on the console. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2024-07-22 15:21:16 +00:00
Michael Tremer	98ce3c7688	make.sh: Create lots more namespaces when we enter the chroot This allows us to protect the host system a little bit more from the host system by decoupling all namespaces. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2024-07-22 15:21:16 +00:00
Michael Tremer	99ce7cd2ce	make.sh: Ensure that we enter the chroot only in our own NS Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2024-07-22 15:21:16 +00:00
Michael Tremer	d630cfec5b	make.sh: Remove the fragile cleanup code Since we now mount everything in a new namespace, there is no need to clean up ourselves. This will be done when the last process leaves the namespace. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2024-07-22 15:21:16 +00:00
Michael Tremer	6dcd193170	make.sh: Launch build and shell commands in a new mount namespace Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2024-07-22 15:21:16 +00:00
Michael Tremer	3517868827	make.sh: Remove superfluous image check Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2024-07-22 15:21:16 +00:00
Arne Fitzenreiter	6f83ae4c95	core187: exclude squid access.log from update Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2024-07-18 09:12:15 +02:00
Arne Fitzenreiter	97067db786	Revert "squid: Comment out access.log in rootfile" the file was created to be shipped with permissions so it is needed in the rootfile. This reverts commit `516d541c29`.	2024-07-18 09:07:08 +02:00
Michael Tremer	5b58a16967	make.sh: Update contributors Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2024-07-10 14:29:36 +00:00
Michael Tremer	0fee0acf86	make.sh: Run "make.sh lang" Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2024-07-10 14:29:21 +00:00
Michael Tremer	bf8abf549e	samba: Fix rootfiles The CGI script, the misc-progs helper and the menu entry were removed. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2024-07-10 14:28:48 +00:00
Adolf Belka	516d541c29	squid: Comment out access.log in rootfile - Everytime an update has been done on squid the access.log file has been replaced with an empty file, losing whatever messages have been in the log. - This has been the case since squid was implemented in IPFire. - Update of rootfile to comment out var/log/squid/access.log Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2024-07-08 15:32:58 +00:00
Matthias Fischer	a96514a265	apache: Update to 2.4.61 For details see: https://dlcdn.apache.org/httpd/CHANGES_2.4.61 "Changes with Apache 2.4.61 *) SECURITY: CVE-2024-39884: Apache HTTP Server: source code disclosure with handlers configured via AddType (cve.mitre.org) A regression in the core of Apache HTTP Server 2.4.60 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example, PHP scripts may be served instead of interpreted. Users are recommended to upgrade to version 2.4.61, which fixes this issue." Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2024-07-08 15:31:17 +00:00

... 2 3 4 5 6 ...

22174 Commits