webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-28 19:53:24 +02:00
Code Issues Packages Projects Releases Wiki Activity
22,331 Commits 2 Branches 1 Tag
61e6011d4e9dae65bf526bd72d6ba472f2b4aeb3
Commit Graph

370 Commits

Author SHA1 Message Date
Michael Tremer
76f429d5d8 licenses: Remove the braindead GPL acception stage 
The GPL is not an EULA and so there is no value in having users
accept it.

The UI is very broken and so I believe it is best to drop this entirely.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2024-08-06 16:48:27 +02:00
Arne Fitzenreiter
55f2a39cea util-linux: ship /usr/bin/unshare 
the updated biuldscripts need unshare to build IPFire on IPFire systems.

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2024-07-23 17:27:42 +02:00
Michael Tremer
1e2401a148 ruby: Add rootfile for all architectures 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2024-07-04 16:13:42 +00:00
Adolf Belka
f34350d3c1 util-linux: Update to version 2.40.1 
- Update from version 2.39.3 to 2.40.1
- Update of rootfile
- liblastlog2 is enabled by default and requires sqlite3. Added --disable-liblastlog2
   to configure
- Changelog
    2.40.1
	README.licensing/flock:
	   - Add MIT license mention  [Richard Purdie]
	agetty:
	   - Don't override TERM passed by the user  [Daan De Meyer]
	   - fix resource leak  [Karel Zak]
	   - make reload code more robust  [Karel Zak]
	all_syscalls:
	   - don't hardcode AWK invocation  [Thomas Weißschuh]
	   - don't warn during cleanup  [Thomas Weißschuh]
	   - fail if any step fails  [Thomas Weißschuh]
	   - use sed to extract defines from headers  [Thomas Weißschuh]
	autotools:
	   - distribute pam_lastlog2/meson.build  [Thomas Weißschuh]
	bcachefs:
	   - Remove BCACHEFS_SB_MAX_SIZE & check  [Tony Asleson]
	build-sys:
	   - release++ (v2.40.1-rc1)  [Karel Zak]
	cal:
	   - use unsigned int to follow union with unsigned int  [Karel Zak]
	docs:
	   - add COPYING.MIT  [Karel Zak]
	   - fix GPL name typo  [Karel Zak]
	   - update AUTHORS file  [Karel Zak]
	   - update v2.40.1-ReleaseNotes  [Karel Zak]
	findmnt:
	   - always zero-terminate SOURCES data  [Thomas Weißschuh]
	   - revise the code for -I and -D option  [Masatake YAMATO]
	fsck.minix:
	   - fix possible overrun  [Karel Zak]
	getopt:
	   - remove free-before-exit  [Karel Zak]
	hwclock:
	   - free temporary variable before return  [Karel Zak]
	   - initialize parser variables  [Karel Zak]
	lastlog2:
	   - begin descriptions of options with a lowercase letter  [Benno Schulenberg]
	lib/pager:
	libblkid:
	   - Fix segfault when blkid.conf doesn't exist  [Karel Zak]
	   - topology/ioctl  correctly handle kernel types  [Thomas Weißschuh]
	   - topology/ioctl  simplify ioctl handling  [Thomas Weißschuh]
	libfdisk:
	   - add initializer to geometry  [Karel Zak]
	libmount:
	   - Fix access check for utab in context  [Karel Zak]
	   - fix comment typo for mnt_fs_get_comment()  [Tianjia Zhang]
	   - fix possible memory leak  [Karel Zak]
	   - fix umount --read-only  [Karel Zak]
	libsmartcols:
	   - fix column reduction  [Karel Zak]
	   - reset wrap after calculation  [Karel Zak]
	libuuid:
	   - (man) fix function declarations  [CismonX]
	losetup:
	   - losetup.8 Clarify --direct-io  [Colin Walters]
	lsblk:
	   - simplify SOURCES code  [Karel Zak]
	lsclocks:
	   - fix FD leak  [Karel Zak]
	lsfd:
	   - (man) fix license name  [Jakub Wilk]
	   - add LSFD_DEBUG env var for debugging  [Masatake YAMATO]
	lslocks:
	   - don't abort gathering per-process information even if opening a /proc/[0-9]* fails  [Masatake YAMATO]
	   - remove a unused local variable  [Masatake YAMATO]
	lsns:
	   - fix netns use  [Karel Zak]
	   - report with warnx if a namespace related ioctl fails with ENOSYS  [Masatake YAMATO]
	   - tolerate lsns_ioctl(fd, NS_GET_{PARENT,USERNS}) failing with ENOSYS  [Masatake YAMATO]
	meson:
	   - Add build-blkdiscard option  [Jordan Williams]
	   - Add build-blkpr option  [Jordan Williams]
	   - Add build-blkzone option  [Jordan Williams]
	   - Add build-blockdev option  [Jordan Williams]
	   - Add build-chcpu option  [Jordan Williams]
	   - Add build-dmesg option  [Jordan Williams]
	   - Add build-enosys option  [Jordan Williams]
	   - Add build-fadvise option  [Jordan Williams]
	   - Add build-fsfreeze option  [Jordan Williams]
	   - Add build-ipcmk option  [Jordan Williams]
	   - Add build-ldattach option  [Jordan Williams]
	   - Add build-lsclocks option  [Jordan Williams]
	   - Add build-lsfd option and make rt dependency optional  [Jordan Williams]
	   - Add build-rtcwake option  [Jordan Williams]
	   - Add build-script option  [Jordan Williams]
	   - Add build-scriptlive option  [Jordan Williams]
	   - Add build-setarch option  [Jordan Williams]
	   - Add have_pty variable to check if pty is available  [Jordan Williams]
	   - Add missing check for build-ipcrm option  [Jordan Williams]
	   - Define _DARWIN_C_SOURCE on macOS as is done in Autotools  [Jordan Williams]
	   - Don't define HAVE_ENVIRON_DECL when environ is unavailable  [Jordan Williams]
	   - Fix build by default and install behavior for build-pipesz option  [Jordan Williams]
	   - Fix false positive detection of mempcpy on macOS  [Jordan Williams]
	   - Only build libmount when required  [Jordan Williams]
	   - Only pick up the rt library once  [Jordan Williams]
	   - Only require the crypt library when necessary  [Jordan Williams]
	   - Only use the --version-script linker flag where it is supported  [Jordan Williams]
	   - Remove libblkid dependency on libmount  [Jordan Williams]
	   - Remove lingering mq_libs variable  [Jordan Williams]
	   - Require pty for the su and runuser executables  [Jordan Williams]
	   - Require the seminfo type for ipcmk, ipcrm, and ipcs  [Jordan Williams]
	   - Use has_type instead of sizeof to detect cpu_set_t type  [Jordan Williams]
	   - Use libblkid as a dependency  [Jordan Williams]
	   - Use libmount as a dependency  [Jordan Williams]
	   - respect c_args/CFLAGS when generating syscalls  [Karel Zak]
	pam_lastlog2:
	   - link against liblastlog  [Thomas Weißschuh]
	po:
	   - merge changes  [Karel Zak]
	   - update cs.po (from translationproject.org)  [Petr Písař]
	   - update fr.po (from translationproject.org)  [Frédéric Marchal]
	   - update hr.po (from translationproject.org)  [Božidar Putanec]
	   - update ja.po (from translationproject.org)  [Takeshi Hamasaki]
	   - update ko.po (from translationproject.org)  [Seong-ho Cho]
	   - update pl.po (from translationproject.org)  [Jakub Bogusz]
	   - update ro.po (from translationproject.org)  [Remus-Gabriel Chelu]
	   - update uk.po (from translationproject.org)  [Yuri Chornoivan]
	po-man:
	   - merge changes  [Karel Zak]
	   - update de.po (from translationproject.org)  [Mario Blättermann]
	   - update ko.po (from translationproject.org)  [Seong-ho Cho]
	   - update ro.po (from translationproject.org)  [Remus-Gabriel Chelu]
	strutils.h:
	   - Include strings.h header for strncasecmp function  [Jordan Williams]
	tests:
	   - (lsfd  mkfds-multiplexing) skip if /proc/$pid/syscall is broken  [Masatake YAMATO]
	   - (lsns  ioctl_ns) add more debug print  [Masatake YAMATO]
	   - (lsns  ioctl_ns) record stdout/stderr for debugging the case  [Masatake YAMATO]
	   - (test_mkfds  sockdiag) verify the recieved message to detect whether the socket is usable or not  [Masatake YAMATO]
	textual:
	   - fix some typos and inconsistencies in usage and error messages  [Benno Schulenberg]
	wall:
	   - check sysconf() returnvalue  [Karel Zak]
	   - fix possible memory leak  [Karel Zak]
	   - make sure unsigned variable not underflow  [Karel Zak]
	xalloc.h:
	   - Include stdio.h header for vasprintf function  [Jordan Williams]
    2.40
	The log is quite large. Details can be seen by viewing the v.2.40-ReleaseNotes file
	 in the Documentation/releases directory tree in the source tarball.

Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2024-06-27 07:59:39 +02:00
Michael Tremer
c375bcf8cd vectorscan: Don't build for riscv64 
This architecture does not seem to be support and since we don't support
this as a primary architecture just yet, we will build without this
package.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2024-06-04 15:02:43 +02:00
Adolf Belka
ee5b84beab hyperscan: Remove from IPFire. 
- hyperscan will move from BSD licence to a proprietary paid for licence from version 5.5
   onwards.
- hyperscan will be replaced by vectorscan, a fork of hyperscan.

Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2024-05-25 11:02:23 +02:00
Michael Tremer
16b3aad651 gcc: Update to 13.3.0 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2024-05-24 07:14:44 +02:00
Arne Fitzenreiter
1330e280de kernel: update x86_64 rootfile 
now the correct file

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2024-05-08 13:28:38 +02:00
Arne Fitzenreiter
2eda35a51e kernel: update to 6.6.30 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2024-05-06 19:59:11 +02:00
Adolf Belka
e792c3b945 initscripts: Removal of references to sslh 
- sslh is listed in the initscripts lfs and rootfiles.
- Removal of these references with the bremoval of sslh

Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2024-04-19 06:06:47 +00:00
Arne Fitzenreiter
a8e7c5ff86 kernel: update to 6.6.28 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2024-04-17 19:39:14 +02:00
Arne Fitzenreiter
24f2ab15c6 kernel: rootfile update 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2024-04-16 06:50:49 +02:00
Arne Fitzenreiter
31a8214d16 kernel: update to 6.6.26 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2024-04-11 12:55:25 +02:00
Arne Fitzenreiter
2fc167d93b kernel: update to 6.6.24 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2024-04-04 23:33:01 +02:00
Stefan Schantl
a6d5b71f2c grub-btrfs: New package 
This kind of grub addon will extend the grub boot menu by a additional
submenu where a BTRFS snapshot can be selected to directly use as root
volume and boot into it.

The grub-btrfsd daemon is using inotify(tools) to watch the snapshot directory for
new or deleted snapshots and calls grub-mkconfig to adjust the snapshot grub submenu

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2024-03-26 07:36:17 +00:00
Arne Fitzenreiter
28796e09e5 kernel: update to 6.6.22 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2024-03-21 19:10:10 +01:00
Arne Fitzenreiter
81986d40a9 kernel: build cpupower 
cpupower replace the function of cpufrequtils which is not updated since years.

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2024-03-20 17:49:27 +01:00
Adolf Belka
fab2e0abd4 intel-microcode: Update to version 20240312 
- Update from version 20231114 to 20240312
- Update of rootfile
- For the changelog details see the releasenote.md file in the source tarball.

Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2024-03-14 09:33:03 +00:00
Michael Tremer
f4b059a771 glibc: Update to 2.39 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2024-02-10 11:50:54 +00:00
Michael Tremer
e56ca17e9b binutils: Update to 2.42 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2024-02-10 11:48:19 +00:00
Peter Müller
bca096b453 linux: Forbid legacy TIOCSTI usage 
To quote from the kernel documentation:

> Historically the kernel has allowed TIOCSTI, which will push
> characters into a controlling TTY. This continues to be used
> as a malicious privilege escalation mechanism, and provides no
> meaningful real-world utility any more. Its use is considered
> a dangerous legacy operation, and can be disabled on most
> systems.
>
> Say Y here only if you have confirmed that your system's
> userspace depends on this functionality to continue operating
> normally.
>
> Processes which run with CAP_SYS_ADMIN, such as BRLTTY, can
> use TIOCSTI even when this is set to N.
>
> This functionality can be changed at runtime with the
> dev.tty.legacy_tiocsti sysctl. This configuration option sets
> the default value of the sysctl.

This patch therefore proposes to no longer allow legacy TIOCSTI usage
in IPFire, given its security implications and the apparent lack of
legitimate usage.

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2024-01-16 15:46:37 +00:00
Michael Tremer
f2d7d4ec16 collectd: Restart is required after reconnect 
The "ping" plugin does not re-resolve the gateway IP address after
pinging it for the first time. For most people this won't be a big
problem, but if the default gateway changes, the latency graph won't
work any more.

In order to do re-resolve "gateway", the only way is to restart
collectd.

Fixes: #13522
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Acked-by: Peter Müller <peter.mueller@ipfire.org>
 2024-01-14 16:04:03 +00:00
Arne Fitzenreiter
ed5e80eb62 grub: update to 2.12 (final release version) 
this should fix problems on systems installed on xfs

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2024-01-10 07:22:59 +01:00
Arne Fitzenreiter
d303f7c154 kernel: update to 6.6.10 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2024-01-07 16:08:31 +01:00
Arne Fitzenreiter
95f9d9350d kernel: update to 6.6.2 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2023-12-05 17:15:48 +00:00
Arne Fitzenreiter
3273f4796a grub: update to 2.12-rc1 
this is the first version that support booting linux kernel on
riscv. The release of the final version was delayed again and again
so i have bootstrapped the rc1 from the git and fixed the path in 25_bli.

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
 2023-11-24 12:53:51 +00:00
Adolf Belka
166b3cf228 intel-microcode: Update to version 20231114 
- Update from version 20230808 to 20231114
- Update of rootfile
- Changelog details can be found in the releasenote.md file from the source tarball

Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
 2023-11-24 12:36:35 +00:00
Peter Müller
4d14892646 linux: Update x86_64 rootfile 
My fault to provide this ahead of time, again. :-/

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
 2023-10-30 06:44:50 +00:00
Michael Tremer
7b9a3bb2d1 Merge branch 'master' into next 2023-10-09 08:12:40 +00:00
Arne Fitzenreiter
729fe58b12 boost: update x86_64 rootfile 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2023-10-09 08:12:13 +00:00
Arne Fitzenreiter
14bd32221e kernel: update to 6.1.52 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2023-09-28 09:29:23 +00:00
Adolf Belka
f97508f4e1 boost: Update to version 1_83_0 
- Update from 1_81_0 to 1_83_0
- Update of rootfile for x86_64
- Changelog is a bit long to include here so providing links to the pages with changes
    1_82_0
	https://www.boost.org/users/history/version_1_82_0.html
    1_83_0
	https://www.boost.org/users/history/version_1_83_0.html

Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2023-09-12 16:10:14 +00:00
Michael Tremer
7093206b96 initscripts: Update rootfiles after dropped client175 initscript 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2023-09-05 15:15:53 +00:00
Michael Tremer
3bca8ae11f glibc: Update to 2.38 
This update builds glibc with FORTIFY_SOURCE and disables building nscd
which has been unused in IPFire.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2023-08-17 14:07:44 +00:00
Michael Tremer
e8bdca4d52 gcc: Update to 13.2.0 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2023-08-17 14:07:43 +00:00
Michael Tremer
fc0f09a833 binutils: Update to 2.41 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2023-08-17 14:07:43 +00:00
Arne Fitzenreiter
162a068448 kernel: update to 6.1.45 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2023-08-11 23:25:37 +02:00
Arne Fitzenreiter
20ad6285d6 intel-microcode: update to 20230808 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2023-08-11 16:51:42 +02:00
Arne Fitzenreiter
f6615f3025 kernel: fix rootfile 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2023-07-21 09:34:09 +00:00
Peter Müller
c084d8f970 linux: Enable Indirect Branch Tracking by default 
This became upstream default (see
https://www.phoronix.com/news/Linux-IBT-By-Default-Tip for IT news media
coverage), and given its security-relevance, we should adopt this
setting as well.

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
 2023-07-13 14:20:32 +00:00
Arne Fitzenreiter
1a44c7a638 kernel: update to 6.1.37 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
 2023-07-09 14:57:38 +00:00
Adolf Belka
230c81622a util-linux: Update to version 2.39.1 
- Update from version 2.38.1 to 2.39.1
- Update of rootfile made for x86_64 but not for aarch64 or riscv64
- Changelog can only be reviewed by looking at the commits in the git repo
   https://github.com/util-linux/util-linux/commits/master

Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
 2023-07-01 19:19:12 +00:00
Adolf Belka
51e29a797e go: Update to version 1.20.4 
- Update from version 1.15.4 to 1.20.4
- Update of x86_64 rootfile
   aarch64 rootfile needs to be created on a aarch64 build system
- Changelog is very large. For details see https://go.dev/doc/devel/release
   50 mentions of security fixes in the changes from 1.15.4 to 1.20.4

Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
 2023-06-25 13:49:34 +00:00
Michael Tremer
df1a3f56cb gcc: Update to 13.1.0 
This patch does not include the rootfile for riscv64 because GCC FTBFS.
Bug #13156 has been opened to address this.

But since we don't officially support IPFire riscv64, yet, this should
not delay this going into next.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
 2023-06-24 06:34:18 +00:00
Adolf Belka
6f22b0ac4d intel-microcode: Update to version 20230613 
- Updated from version 20230214 to 20230512-rev2 where the source tarball is named version
   20230613
- Update of rootfile
- Changelog details for versions 20230512 and 20230512-rev2 can be found at
   https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases

Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2023-06-16 09:20:06 +00:00
Arne Fitzenreiter
25aa552258 kernel: update to 6.1.30 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2023-05-30 09:21:34 +00:00
Peter Müller
e8a73cfe94 initscripts: Remove re-added lvmetad initscript from rootfiles 
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
 2023-05-18 09:46:41 +00:00
Jonatan Schlag
3a96d482f6 initscripts: Sort rootfiles 
This simply sorts the rootfiles. Everything should be sorted :-).

Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
 2023-05-18 09:43:23 +00:00
Arne Fitzenreiter
6a005bd9aa kernel: update to 6.1.28 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2023-05-16 18:53:01 +00:00
Peter Müller
ccd793b360 linux: Update rootfiles 
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
 2023-05-12 18:29:27 +00:00